Curriculum · Phase 3
Endpoint & Device Security
Managing, hardening, and proving trust for every device that touches your data
Endpoints are where compliance meets the physical world. This phase covers MDM (Intune, Jamf, Kandji, Workspace ONE), EDR/XDR and endpoint hardening against CIS Benchmarks, and the BYOD / conditional access / disk encryption controls that let auditors trust a device they will never physically see.
~3 hours
·
3 modules
·
120 points
Module 3.2
MDM Fundamentals
What mobile device management actually does, how the major platforms (Intune, Jamf, Kandji, Workspace ONE) compare, and how to translate a compliance requirement into enforced device policy.
48 min
0 / 3
Module 3.3
EDR/XDR + Endpoint Hardening
Detection and response on the endpoint — CrowdStrike, SentinelOne, and Defender compared — plus hardening macOS, Windows, and Linux against CIS Benchmarks and triaging the alerts that result.
50 min
0 / 3
Module 3.4
BYOD, Conditional Access & Disk Encryption
Where identity meets the device: BYOD vs corporate-owned trust models, device posture as an input to conditional access, and disk encryption (FileVault, BitLocker) with enforcement and key escrow auditors will ask for.
43 min
0 / 3