Security Architecture: A Strategic Approach by InfoSec
4h 56mIntermediate2025-06-11
Authors

Infosec Institute
Course details
In this course, learn to solve security problems by understanding the impact on the business and using a risk-driven approach to prioritize and mitigate security risks. Discover the necessary skills to develop business- and risk-driven security architectures. Understand the role that you, a security architect, must play in an organization.
Skills covered
Vulnerability ManagementCybersecurityOne-Off
Concepts
0. Introduction
- 01 - Introduction to security architecture
- 02 - The problem - A tactical approach to study
- 03 - What is security architecture
- 04 - The role of the security architect in an enterprise
- 05 - Security design principles
- 06 - Top 10 security design principles
1. Enterprise Architecture Frameworks
- 07 - Enterprise (security) architecture frameworks
- 08 - Overview of the TOGAF framework
- 09 - Overview of the Zachman framework
- 10 - Overview of the SABSA framework, part 1
- 11 - Overview of the SABSA framework, part 2
2. Security Architecture Development Process
- 12 - Introduction
- 13 - Business requirements definitions and gathering
- 14 - Data classification
- 15 - Threat modeling and risk assessment
- 16 - Security requirements definition
- 17 - Reference security architecture
- 18 - Residual risk identification
- 19 - Architectural issues and risks
3. Threat Modeling
- 20 - Threat modeling
- 21 - Threat modeling and security architecture
- 22 - Threat modeling methodologies
- 23 - STRIDE threat modeling methodology
- 24 - PASTA threat modeling methodology
- 25 - OCTAVE threat modeling methodology
- 26 - Trike threat modeling methodology
- 27 - Attack trees
4. Designing for Security
- 28 - Introduction to security design patterns
- 29 - Security design pattern example
- 30 - Introduction to reference security architectures
- 31 - Examples of reference security architectures
5. Case Study
- 32 - Developing a reference security architecture
- 33 - Understanding business requirements
- 34 - Data classification
- 35 - Threat modeling and information risk assessment, part 1
- 36 - Threat modeling and information risk assessment, part 2
- 37 - Defining security requirements
- 38 - Developing the reference security architecture
- 39 - Identifying residual risk
- 40 - Identifying architectural issues and risks
Conclusion
- 41 - Summary and conclusion
Related courses
- Certificate of Competence in Zero Trust (CCZT) Cert Prep
- LLM Security: How to Protect Your Generative AI Investments
- 5G Security in Depth: A Hands-On Approach to Securing RAN, Core, and Telco Cloud
- Planning a Small Business Cloud Strategy
- Salesforce Certified Data Cloud Consultant Cert Prep
- Cybersecurity Policy and Governance for Business Success
- Introduction to IT Architecture
- Google Cloud Professional Cloud Architect Cert Prep
Related learn paths
- Master Digital Transformation
- ServiceNow IT Leadership Professional Certificate
- Technical Literacy and Future Readiness for Senior Managers and Senior Leaders
- Understanding Generative AI for Tech Leaders
- Build an Enterprise Cloud Architecture
- Prepare for the ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Certification
- Prepare for the AWS Certified Cloud Practitioner (CLF-C01) Certification Exam
- Cybersecurity Fundamentals