What you will learn
This learning path begins with necessary networking and infrastructure concepts, allowing you to apply those concepts to the design, preparation and installation of your platform. As you progress through the nine courses, you will build defense-in-depth skills that allow you to design or improve your platform defenses, and implement and maintain a monitoring strategy that fits your business needs.
Syllabus
Introduction to the Web
Course — 01:57:34
K0061, K0221, K0395, K0470, K0471, K0491, K0565
Get an introduction to the web, how it works and the basic protocols required to use it.
Infrastructure Components
Course — 02:17:46
K0113, K0202, K0324, K0452, K0488, K0516, K0561, K0565, S0084
This serves as an introduction to some of the most common infrastructure components and how are they used for providing web server services.
Preparation – Design Considerations
Course — 01:09:11
K0011, K0057, K0170, K0180, K0286, K0322, K0333, K0491, K0516, K0560, S0152
Learn the basic considerations and implementation of diverse controls for web server platform design.
Preparation – Hardening
Course — 02:18:34
K0167, K0205, K0406, S0121
Learn what hardening is and identify the different components that require hardening.
Logs
Course — 01:42:41
K0132, K0412, S0120
Explore some of the common log formats and how to customize the web server configuration.
Command Line
Course — 02:18:36
K0129, K0318, S0019, S0267
Learn the purpose of some of the basic command-line tools and how to use them.
Web Application Firewalls
Course — 01:58:29
K0049, K0202, K0487, K0561, K0624, S0170
Learn about the different types of WAF configurations, as well as the OWASP CRS and its capabilities.
Monitoring
Course — 02:39:48
K0054, K0180, S0136, S0155
In this course, you’ll explore the different elements involved in planning the monitoring of a web server, as well as what to look for on the logs and alarms.
Active Defense
Course — 00:52:11
K0005, K0006, K0013, K0135
Understand how to deploy active defense mechanisms that would allow the web server to prevent or delay attacks.
Web Server Protection Skill Assessment
Assessment — 53 questions — 00:26:30

Meet the author
Manuel Leos Rivas earned a bachelor’s degree in Business Administration and Computer Systems Engineering at the Universidad Autónoma de Nuevo Leon in Mexico and a Master of Science in Information Security Engineering with focus on Incident Response at the SANS Technology Institute. He holds over 50 cybersecurity-related certifications from GIAC, CompTIA, isc2, and AWS, among others.
Manuel has worked in cybersecurity for over 20 years in four different countries. He started his career in IT/Information security in 2000 as Network and Firewall Administrator in Mexico. Later in 2007, he switched to information security as Security Analyst and compliance coordinator.
In 2011, he started working for Gemalto (now Thales DIS). Gemalto relocated Manuel to France as Solution Security Expert and a few years later to Canada to work as Cloud Security Engineer for Gemalto. At Gemalto, Manuel managed ModSecurity Web Applications Firewalls protecting over a thousand websites and applications. He implemented hardening and multiple SIEMs in highly secured environments for large multinational companies in diverse sectors like banking and mobile network operators.
Since 2016, Manuel has committed part of his time to improving the OWASP ModSecurity Core Rule Set as one of the OWASP CRS developers and contributed numerous improvements to the project.
AWS Canada hired Manuel in 2019 as Cloud Security Architect to provide professional services to Public Sector companies, including government, education, health, insurance, and power utilities.
In 2021 Manuel relocated to the United States of America to work for Backblaze as Cloud Security Architect.
The details
Learning path insights

How to claim CPEs
Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.
Associated NICE Work Roles
All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.
- All-Source Analyst
- Mission Assessment Specialist
- Exploitation Analyst
No software. No set up. Unlimited access.
Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every lnfosec Skills subscription so your team can skill up however they learn best.

Plans & pricing
-
Infosec Skills Personal
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
-
Infosec Skills Teams
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments
You're in good company
We use Infosec Skills to provide continuous training to our technicians and to prepare them for various certifications. Infosec Skills allows us to create personalized training programs that focus on each of our technicians’ particular roles and see their progress as they take courses. We also, recommend it to clients to make their IT support teams better.
Caleb Yankus
This has been utilized to bridge the skills gap across our cyber team and to aid them as they prepare for their various certifications. It also has provided a nice learning foundation for our various cyber team members to utilize as we continue to find ways for cross-utilization with operations while minimizing the downtime needed to ensure everyone’s knowledge is the same.
Daniel Simpson
We use Infosec Skills to provide base level knowledge for employees. We also use the services to provide in depth learning for employees as they encounter new technologies. If an employee is is assigned to a new project, we can rely on Infosec Skills to provide a rapid concentrated learning environment. This rapid concentrated learning positions our employees for success.
Infosec Skills Teams client