Introducing The Advanced Email Security
Email security is a huge concern for many people, as it should be. Email security has been a hot topic for years, and it’s not going away anytime soon for obvious reasons. Email is the number one threat vector for hackers and fraudsters to distribute malicious phishing messages, Business Email Compromise (BEC) and ransomware.
It is very important for organisations to set up their email facilities in a way that will make it difficult for phishing attacks and malware distribution, as the average user does not have the knowledge or tools required to identify and stop these activities.
This training is about helping your organisation to stop email abuse and remove the burden of email security from the users. Email security can seem like a daunting task, but it is important to protect your email accounts from hackers and other online threats. There are many different ways to secure email for your organisation, so start by learning about the different options available.
The Advanced Email Security training is the perfect place to start. In this course, we’ll teach you everything you need to know about email security, from the basics of how to set up basic security to using advanced email authentication protocols and certificates for maximum security against phishing-related attacks.
By the end of this course, you will be able to:
- Understand the importance of email security
- Explain the different ways that you can protect your email account
- Understand how to set up your email account for maximum security
- Implement various email security measures in your own company
- Evaluate the email security requirements
- Apply advanced email security for your organization
Module 1: Introduction to Email Security
- Email Security Basics
- IMAP and POP3 security
- SMTP Security Settings
- Introduction to Email Security
- Business Email Compromise (BEC)
- Scam Emails
Email The #1 Threat Vectors
- Spear phishing
- Whaling attacks
- Credential harvesting
- Account takeovers
Reducing the User Email Footprint
- Developing organisation email policy
- Using Email Alias
Advanced Email Security
- Email Providers and Settings
- SMTP Settings
- POP/IMAP/SMTP Authentication
- Transport Layer Security (TLS)
- Configuring STARTTLS for Inbound and Outbound Email Servers
- TLS Reporting TLS-RPT
- Mail Transfer Agent (MTA) Strict Transport Security (STS) (MTA-STS)
- Secure Email Gateway (SEG)
- DNS-based Authentication of Named Entities (DANE)
Module 2: Email Authentication Protocols
- Securing email system using the Domain Name System (DNS)?
- Using a Secure Email Service Provider
- Implementing an Email Security Policy
Sender Policy Framework (SPF)
- Introduction to SPF
- SPF DNS Record
- SPF Tags
- Setting up SPF
Domainkey Identified Mail (DKIM)
- Introduction to DKIM
- Generate DKIM Keys
- DKIM With Third-Party Mail Providers and Marketing Systems
- DKIM With the Organization’s Mail Server or Gateway
- DKIM DNS Record
- DKIM Verification
- DKIM Alignment
Module 3: Advanced email security
Domain-based Message Authentication, Reporting & Conformance (DMARC)
- Protecting Your Email with DMARC
- DMARC Myth vs Fact
- How DMARC Works
- What Happens to Emails with DMARC?
- DMARC Policy
- DMARC Reports
- Aggregate Reports (RUA tag)
- Forensic/Failure Reports (RUF tag)
- External Destination Verification
- Email Security with DMARC Checklist
- Email Encryption
- Digital Signature
- Secure email with SSL Certificate
- Secure/Multipurpose internet Mail Extensions (S/MINE)
Brand Indicators for Message Identification (BIMI)
- What is BIMI?
- How does BIMI work?
- WHy is BIMI important
- How to configure BIMI
Labs will be used throughout this course. You will have the opportunity to put what you’ve learned into practice through a series of hands-on labs.
This course assumes that you have a basic understanding of security operations and some understanding of email systems, TLS, and DNS, basic networking and security concepts.
What You Will Receive:
- Printed courseware
- Electronic reading materials
- Access to the course lab exercises
- Access to a Domain name registered domain
- Additional book on related topics
Some of the labs will be performed in the cloud and others on your local laptops. As such, you need to have admin access to your system and be able to access the internet.
Therefore, your system should meet the following requirements:
- A modern laptop with full Admin access
- Unrestricted Internet
- An OpenSSH client installed
- A PDF reader
Who Should Attend?
This course is perfect for anyone who wants to learn about email security, or for those who want to brush up on their knowledge. Whether you’re an IT manager, system administrator, or just a regular user, this course will give you the skills and knowledge you need to protect your email from online threats.
The following roles can also benefit from the course:
- Network security professionals
- System administrators
- Email administrations
- Security analysts
- Security consultants
- Security Managers