Fundamentals of Zero Trust Learning Path

Explore the concept of zero trust in cybersecurity.

9 hours, 57 minutes

Quick facts

About this learning path

  • courses

    100% online

  • Duration

    9 hours, 57 minutes

  • Assessment


About Fundamentals of Zero Trust

Zero trust changes how we architect and secure digital systems. It is still a relatively young but fast-maturing field. This learning path aims to give you the fundamentals of zero trust, focusing on the architecture itself. You can start your zero trust journey right here or learn to support your organization's zero trust program.



Introduction to Zero Trust

Course - 02:20:00

Explore zero trust, including how current traditional security architectures developed, zero trust's roots, core principles and tenets.
Zero trust threat reduction: a ransomware killer?

Course - 00:30:00

Learn how to reduce your enterprise's threat landscape by up to 95% and discover what the White House sees in zero trust for reducing threats to critical national infrastructure. In this course, we assess the threat vectors that zero trust can mitigate and see it in practice with a live demo of how ransomware can be immobilized by micro-segmentation.
Zero trust tenets and NIST high-level architecture

Course - 01:10:00

Learn how to understand zero trust architectures via the NIST High Level Design (an abstract conceptual model) as well as how the core principles of zero trust come to life in the tenets of zero trust. We also look at a more user-centric view of zero trust architectures, which often makes more sense to many. We also analyze the control and enforcement planes.
Zero trust enterprise architecture: what are you protecting?

Course - 00:55:00

Zero trust is a unique transformational opportunity for you to rebuild your security architecture. In this course, we will focus on the subjects and resources in your zero trust architecture: what you can protect with zero trust and what you should protect.
Zero trust architecture (ZTA) design patterns

Course - 01:16:00

There's one set of zero trust principles and tenets, but multiple different design patterns that implement them. We'll evaluate each design pattern in turn, analyzing the similarities and differences and critiquing each as we go. In this course, you'll learn how to discern the differences between different patterns and gain an appreciation for when each should be used.
Zero trust policy

Course - 00:42:00

Starting from no trust (zero trust!) and needing to extend some trust (the least possible!) in order for business to occur requires a component of the zero trust architecture to actually decide what to trust and what not to trust. And although the ZTA will ultimately make trust decisions itself at runtime, the zero trust architecture still requires some upfront configuration and guard rails of what types of connections to trust. This will vary by business environment, so we will concentrate on how to express that configuration in policy in this course.
Trust me... decision & trust algorithms

Course - 00:53:00

Dynamic trust requires decisions on what to allow. So the zero trust architecture actually needs to decide what to trust and what not to trust at runtime. Here, we will explain how those decisions can be made in a zero trust architecture and the data sources that you might need.
Threats to a zero trust architecture

Course - 01:23:00

Sure there are many attack vectors that a zero trust architecture can in theory prevent or mitigate; but there are also a host of threat vectors that remain, and some new ones. Let's take a look at them now: analyzing, evaluating and judging how critical they could be to the future security of your enterprise.
Migrating to a zero trust architecture (ZTA)

Course - 00:48:00

How do you start your zero trust roadmap? Here we learn how to start a zero trust architecture; how it can reside alongside your traditional security architecture for dual-running; and how to operationalize the ZTA. We also assess a frequently asked question: Can I remove my network-based firewall now that I have a zero trust architecture?

Meet the author

Patrick English

Enabling people to understand and build Zero Trust Architectures is Patrick’s passion as a Zero Trust Architect, Consultant, and Forrester certified ZTX Strategist. Patrick has worked in security architecture, design and operations for over a decade working with enterprises in Banking, Pharmaceuticals, High Tech and Government. He is also a CISSP professional! Check out Patrick's learning path "Fundamentals of Zero Trust" to jump start your Zero Trust journey.

The details

Learning path insights

How to claim CPEs

Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every Infosec Skills subscription so your team can skill up however they learn best.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo