Security Core Concepts: Security+ intermediate
Security:
Expertise:
- 2 Courses | 2h 23m 8s
- 4 Books | 36h 40m
- 19 Courses | 18h 37m 1s
- 2 Books | 14h 36m
- 11 Courses | 3h 55m
- 1 Book | 5h 25m
- Includes Lab
- 12 Courses | 7h 17m 5s
- 3 Books | 27h 5m
- Includes Lab
- 7 Courses | 3h 21m 27s
- 4 Courses | 3h 43m 37s
- 4 Books | 36h 40m
- 2 Courses | 2h 6m 37s
- 1 Course | 24m
- 9 Books | 70h 50m
- Includes Lab
- 54 Courses | 57h 46m 29s
Security is a primary concern for network administrators. Discover the basics of security, from methods, tools, and technologies.
GETTING STARTED
Cybersecurity Awareness and Threat Vectors
-
2m 10s
-
1m 22s
GETTING STARTED
Security Vulnerabilities: Managing Threats & Vulnerabilities
-
1m 22s
-
4m 5s
GETTING STARTED
Microsoft Security: Compliance Concepts & Methodologies
-
55s
-
8m 55s
GETTING STARTED
Anomaly Detection: Aspects of Anomaly Detection
-
2m 2s
-
11m 4s
GETTING STARTED
CompTIA Security+: Security Goals & Controls
-
30s
-
4m 57s
COURSES INCLUDED
Fundamental Security Concepts
Online user accounts are one of easiest entry points for savvy hackers. Explore fundamental security concepts of authenticity, integrity, and confidentiality, and the role they play in establishing effective user account policies.
15 videos |
1h 21m
Assessment
Badge
Understanding Attacks & Prevention Practices
Online user accounts are one of easiest entry points for savvy hackers. Discover why and how most common user account breaches happen, as well as general security practices to help protect against potential intrusions via user accounts.
10 videos |
1h 1m
Assessment
Badge
COURSES INCLUDED
Cybersecurity Awareness and Threat Vectors
Cybersecurity is often defined as the protection of computer systems and networks from unauthorized or unwanted information disclosure, theft or damage. In this course, explore the potential impacts of a personal or business security breach, and discover the fundamentals of the confidentiality, integrity, and availability triad. Explore how baselining can be used to better understand an IT environment and learn to differentiate between natural, malicious human, chemical, and non-malicious threats. Explore security concerns as they relate to internal and external human activity, and discover how to identify drivers for security controls. Explore common functions and purposes of security controls and discover the importance of testing corrective controls in place. Lastly, explore how to differentiate between quantitative and qualitative risk analysis, as well as between data in motion and data at rest. This course was originally created by Global Knowledge (GK).
20 videos |
42m
Assessment
Badge
Network Discovery Tools and Techniques
Network discovery is the process of identifying or mapping internal networks and computer resources in an organization. Conveniently, network discovery tools can be used to automate the scanning process and discover all the devices on a specific network. In this course, you'll learn about the OSI and TCP/IP models, and how they are used to facilitate communication between entities on a network. Explore how security controls behave at different layers of the OSI and TCP/IP models. Explore common network devices and learn how they can be compromised physically or administratively. Discover how to differentiate between discovery, footprinting, and scanning tools, and explore categories of discovery tools including auditing, vulnerability scanning, and SNMP. Explore Nmap, Zenmap, and SuperScan network discovery tools, and learn when to use protocol analyzer tools such as Wireshark. Lastly, discover the benefits of periodically referencing the Common Vulnerabilities and Exposures database. This course was originally created by Global Knowledge (GK).
21 videos |
1h 1m
Assessment
Badge
Systems Hardening
Security hardening is the process of securing systems and networks by reducing the surface of vulnerability. In this course, you'll learn the types of systems that can be hardened as well as how security baselines can be used to define normal conditions on a network. Explore how Group Policy can be used to apply computer settings to numerous systems at once, and discover the benefits of performing ongoing security patching. Explore steps used to harden systems by role including: client, server, database, web server, FTP, DNS, DHCP, network, and mobile devices. Lastly, learn how to differentiate between free and commercial hardening tools, recognize steps to properly implement authentication, authorization, and accounting, and implement physical security to contribute to overall security stability. This course was originally created by Global Knowledge (GK).
24 videos |
1h 4m
Assessment
Badge
Getting Started with Security Architecture
Security architecture can be defined as the specifications, processes, and standard operating procedures (SOPs) required to protect an organization's IT infrastructure. In order to improve network security and mitigate risks, a series of network devices can be used to control access to networks and resources. In this course, explore how security architectures can be used to enforce security at the network layer. Explore basic switching and routing devices, and discover core functions of a network intrusion detection systems (NIDS) and host-based intrusion detection systems (HIDS). Explore the characteristics and categories of firewall devices, and learn about networks, intranets, and demilitarized zones. Discover the benefits of network segmentation and learn how to segment networks. Lastly, discover how Network Address Translation (NAT) is used to map addresses, and explore how Network Access Control (NAC) can be used to verify compliance using security policies. This course was originally created by Global Knowledge (GK).
19 videos |
1h 11m
Assessment
Badge
Securing Information using Cryptography
Cryptography is a process used to keep information secret and safe by transforming it into an unrecognizable form that unwanted and unintended recipients cannot understand. In this course, you'll explore how cryptography can be used for confidentiality and integrity. Discover when to use symmetric and asymmetric encryption and discover the advantages and disadvantages of both. Explore practical use cases for cryptography and explore how hashing can be used to ensure data integrity. Discover how digital signatures can provide message integrity, authenticity, and non-repudiation and learn how to implement digital signatures. Discover how to differentiate between rights and permissions and explore access control methods such as discretionary access control, mandatory access control, and role-based access control. Lastly, explore how steganography can be used to hide secret information in or on another object, and how digital rights management (DRM) tools can be used to control access to protected data. This course was originally created by Global Knowledge (GK).
25 videos |
1h 20m
Assessment
Badge
Public Key Infrastructure and Certificate Distribution
Public-key infrastructure (PKI) is the framework of encryption and cybersecurity used to safely distribute, verify and revoke certificates in an organization and manage public-key encryption. In this course, you will learn the fundamentals of PKI and explore considerations when implementing trust structures through technology and public key-based digital certificates. Explore PKI components including certification authorities, certificates, revocation lists, registration authorities, entities and certificate templates, and discover how certificate authorities (CA) are used to issue certificates to entities and manage trust relationships. Discover how to differentiate between root and subordinate CAs as well as internal and external PKIs, and explore public key certificates and how they can represent the digital identity of the subject. Lastly, explore common certificate acquisition methods including web, auto-enrollment, MMCs, and native consoles, and explore use cases for common access cards (CAC). This course was originally created by Global Knowledge (GK).
17 videos |
53m
Assessment
Badge
Identity Management, Directory Services, and Federation
Identity management is a framework used to ensure appropriate access controls are in place to grant authenticated users access to enterprise assets. In this course, you will learn about the key fundamentals of identity management, including privilege administration, access control, and system scalability. Explore identification, authentication, authorization, accountability (IAAA) services and discover how personally identifiable information (PII) can be used to identify a subject. Explore the three main types of authentication factors: something you know, something you have, and something you are, and discover how to choose appropriate and accurate biometric criteria. You'll also learn about directory services and how they can be used to organize network resources. Explore password cracking techniques and tools, and discover when to use same sign-on and single sign-on authentication schemes. Lastly, explore how federation can be used to link together different authentication systems. This course was originally created by Global Knowledge (GK).
27 videos |
1h 19m
Assessment
Badge
Network Hardening, Network Segmentation, and Secure Connections
Network hardening can help identify potential vulnerabilities, secure systems, and reduce the risk of unauthorized access. In this course, you'll learn how to secure administrative and remote access connections. You'll discover key features of the Simple Network Management Protocol (SNMP) and explore the various types of firewalls and logical locations to place them on a network. Discover how to control and manage traffic using rules on routers and firewalls, and explore how firewall management can contribute to overall network hardening. Discover how to limit internal and external physical access to resources. Explore best practices for managing telecom and wiring closets as well as considerations for establishing secure access. Lastly, explore the importance of hardening wireless access points and recognize how to harden network elements including firewalls, routers, and access points. This course was originally created by Global Knowledge (GK).
27 videos |
1h
Assessment
Badge
Fundamentals of Malware Analysis and Remediation
Malware is any software with the intention to wreak destruction or gain access to sensitive information. Malware is often used as a blanket term for common computer worms, viruses, and trojans. In this course, you'll learn how to protect systems from malware by implementing and managing anti-malware software. Explore different malware infection methods and learn how to differentiate between different types of malware. Explore how viruses can attach themselves to system applications and learn about common virus threats. Discover how to differentiate between worms, trojans, rootkits, and bots, and explore how spyware and adware spyware can be embedded into applications that look free and interesting to use. Lastly, explore how ransomware works and discover countermeasures to protect against threats including user awareness programs, scanning systems, and monitoring network activity. This course was originally created by Global Knowledge (GK).
23 videos |
56m
Assessment
Badge
Social Engineering Threats and Prevention
Social engineering is a form of attack that is accomplished using malicious activities through human interactions. In a common social engineering attack, humans are tricked into making security mistakes or giving away sensitive information. In this course, you'll explore the goals of social engineering including gaining access to sensitive data, physical locations, and systems. Discover vulnerabilities that make social engineering possible, explore common targets, and learn about indirect and direct social engineering attacks. Explore how searching a person or business's trash can produce information that can be used to carry out an attack, and discover the importance of staying up to date with the latest social engineering stats and trends. Explore the importance of cyber awareness and reporting workplace abnormalities, and discover the various social media site types including social networks, video sharing, blogging, and photo sharing. Lastly, explore factors that drive people to post compromising material on social media. This course was originally created by Global Knowledge (GK).
27 videos |
1h 2m
Assessment
Badge
Software Engineering, Security and Vulnerabilities
The principles of software engineering include designing, developing, implementing, and maintaining a software solution. One crucial aspect of software security is to determine if software is safe to release to an organization or public. In this course, you'll explore the Software Development Life Cycle (SDLC) and learn about maturity levels used to define agility and effectiveness of a development solution. Discover how security guidelines can help improve the quality and security of a software development, and explore the importance of staying current with the types and trends of software threats and exploits. Continue to learn about software vulnerabilities while exploring common attacks including buffer overflows, database injection, cross-site scripting, and directory traversal attacks. Lastly, explore how misconfiguration of servers increases the likelihood of attacks, and discover how permissions are used to secure directories used by applications. This course was originally created by Global Knowledge (GK).
15 videos |
57m
Assessment
Badge
Environment Monitoring, Retention, and Data Logging
Logging is used to record events that occur within an organization's systems and networks. Oftentimes, logging information can help with the identification and isolation of any intruder or malware. In this course, explore acceptable use policies (AUP) and how they apply to employee monitoring. Discover how monitoring as a service can benefit an organization, and explore devices that can be monitored on a network including routers, switches, laptops, and wireless access points. Explore how retention policies can identify how long different types of data are maintained and discover when to implement a centralized enterprise logging service. Lastly, explore how keystroke loggers can capture and track what is typed on a keyboard and learn the importance of protecting log information. This course was originally created by Global Knowledge (GK).
23 videos |
52m
Assessment
Badge
Physical Security, Safety Procedures, and Access Control
Physical security measures can help organizations protect personnel, hardware, software, and data from physical actions and events that could result in unauthorized or unwanted disclosure or theft of property. In this course, you'll learn how defense-in-depth solutions can provide multiple layers of security as well as the various types of physical security controls. Explore the importance of surge protectors, uninterrupted power supplies (UPS), and power generators, and discover how device security concerns should encompass all company-owned equipment. Discover why non-disclosure agreements (NDA) should be used in locations where proprietary information may be accessible to employees, vendors, or visitors, and explore how background checks should be an essential part of security management. Lastly, explore the importance of ensuring the correct level of security access levels. This course was originally created by Global Knowledge (GK).
18 videos |
47m
Assessment
Badge
Incident Response, Backup and Recovery Strategies, and Documentation
It is imperative that organizations outline instructions to help IT staff identify, respond, and recover from network security incidents. By doing so, organizations can quickly recover from cybercrime events potentially resulting in data loss and service outages. In this course, you'll explore common disaster types, including natural disasters and malicious human actions that threaten organizations. Discover business continuity and disaster recovery planning goals, resources, and concepts. Discover how operational recovery planning can help ensure businesses resume day to day operations in a timely manner, as well as the importance of planning for user recovery. You'll also learn about backup technologies and strategies, and discover the importance of proper documentation. Lastly, explore how to prepare for incident responses and learn about reporting incidents and legal considerations. This course was originally created by Global Knowledge (GK).
41 videos |
1h 34m
Assessment
Badge
Legal Considerations and Cybercrime Investigations
Cybercrime laws apply to incidents in which a crime was directed at a computer, or crimes committed using a computer. In this course, you'll explore aspects of service-level agreements (SLA) and privacy-level agreements (PLA), and discover considerations when dealing with international regulatory compliance. You'll also learn how cybercrime intersects with different legal fields including intellectual property, privacy laws, jurisdiction, criminal, and civil, and explore methods in which to investigate cybercrime activity. Explore key considerations when dealing with criminal, civil law, and administrative laws, and learn to differentiate between civil, common, statutory, and religious legal systems. Lastly, explore tools used to perform a cybercrime investigation, and discover cybercrime investigative best practices, including how to notify management and protect the crime scene. This course was originally created by Global Knowledge (GK).
22 videos |
55m
Assessment
Badge
Trends in Cybersecurity
Cybersecurity is the practice of protecting systems, networks, and programs from cyber threats and exploits. Therefore, organizations are required to allocate a growing number of resources to protect their data from unwanted and unauthorized data breaches and disclosures. In this course, you'll explore the possible constraints that may prevent an organization from having an ideal IT security solution including budget, regulations, design limitations, and political issues. Discover driving forces in cybersecurity including money, mobile devices, education, and new technologies, and explore the risks associated with portable electronic devices (PED) such as geolocations. Explore how supervisory control and data acquisition (SCADA) systems can be used to monitor important infrastructure including electric grids, water supplies, and pipelines, and discover how most people now use the Internet daily to send email, shop, and watch TV. Lastly, discover how cybersecurity and IT standards continue to evolve and how no one standard is foolproof or future proof. This course was originally created by Global Knowledge (GK).
18 videos |
45m
Assessment
Badge
An Executive's Guide to Security: Understanding Security Threats
Companies that do not understand threats facing their information are at risk of costly data breaches. In this 13-video course, learners can explore common security threats, types of network attacks, and the human element of security threats. Key concepts covered here include what an attack surface is, and how it must be understood to protect corporate information; and what network hardening is and how it relates to protection of corporate information. Next, learners will examine network demilitarized zones and how they protect corporate information; observe differences between threats, vulnerabilities, and risks in corporate environments; and study top kinds of security threats facing organizations today. Continue by learning the role that physical security plays in protecting corporate data; how social engineering is conducted and how it is mitigated through corporate policy; and the importance of corporate security policies, and why they should be strictly adhered to. Finally, explore the importance of password policies and why they should be adhered to; and learn reasons why IT administrators need to protect an organization by refusing to bend rules.
13 videos |
44m
Assessment
Badge
An Executive's Guide to Security: Protecting Your Information
This 13-video course explores data protection for businesses, including devices, social media, and good governance through security principles, policies, and programs. You will examine several types of security threats, the different types of network attacks, the role physical security plays in the protection of corporate data, and the human element of security threats. Next, learners examine the attack surface, including the total combined nodes, users, devices, and any entry points of software, a network, and a business environment. You will examine threats, vulnerabilities, and risks, and learn the importance of network hardening. This course uses real-world examples of several top security threats to businesses today, including malware, social engineering, unpatched software, BYOD (bring your own device), and IoT (Internet of things). You will examine clickjacking and URL spoofing. Finally, this course discusses the legal and financial ramifications of a major security breach, the importance of having a security policy, training personnel, password protection, and managing a company's security.
13 videos |
45m
Assessment
Badge
Defensive CyberOps: Defensive Cyberspace Operations
A well-planned and properly executed DCO mission will enable the cyber warrior to repel attacks and rapidly prepare for offensive action. In this course, you'll learn the principles of Defensive Cyber Operations, including measures and responses. You'll explore cybersecurity and cyberspace operations in DCO. Next, you'll look at DCO analytics, missions, and operating domains. You'll explore the role of the mission owner and network owner in DCO, as well as planning considerations. Finally, you'll learn about cyberspace threats that may occur during the course of maneuver operations and common security and system tools used in DCO.
14 videos |
42m
Assessment
Badge
SHOW MORE
FREE ACCESS
COURSES INCLUDED
Security Vulnerabilities: Managing Threats & Vulnerabilities
This 14-video course helps learners explore the threat categories in the STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege) model for identifying computer security threats, including spoofing, tampering, repudiation, information disclosure, denial of service (DoS), and escalation of privilege. Key concepts covered in this course include categories of security vulnerabilities using the STRIDE model; how to recognize authenticity and identity spoofing threats; and how to validate integrity and tampering threats. Next, you will learn about authentication threats and non-repudiation, when used in security, for example, when a charge cannot be challenged; learn information threats such as privacy breaches or data leaks; and learn the threat of DoS attacks, a resource disruption attack when a user tries to connect. Learners continue by exploring the privilege escalation threat model; learning to recognize examples of security misconfiguration threats; and observing methods of brute force attacks and key sizes. Finally, learn to perform a local network scan and a targeted remote scan by using Nmap; and learn to perform a DoS vulnerability diagnostic test on a host.
14 videos |
52m
Assessment
Badge
Intrusion Detection: Best Practices
Intrusion detection systems (IDS) allow you to monitor traffic and send alerts when abnormal activities have been detected. In this 14-video course, you will explore concepts of traffic analysis and IDS, including network forensic analysis, sniffing and sensors, signal and noise, and brute force analysis. To begin, you will examine approaches to network security through traffic analysis, then take a look at tools and techniques used by IDS. Learners will also explore the network forensic approach to computer networks; learn how to describe types of application controls that can be used for traffic analysis; placement and use of sniffing and IDS sensors; and examine concepts of signal and noise when it comes to network traffic analysis. You will learn how to perform IDS with Snort with a sample ruleset; configure Bro to detect common attack patterns; use Wireshark to inspect network packets; and perform nmap scans with methods to evade IDS detection. In the final tutorials, you will perform brute force analysis with nmap, and a mock denial of service (DoS) attack with nmap.
14 videos |
45m
Assessment
Badge
Intrusion Prevention: Best Practices
Intrusion prevention helps one to detect and stop various attacks that other security components may miss. In this 13-video course, learners explore objectives and tools of intrusion prevention, including kernal attack prevention, vulnerability discovery, remediation strategies, scan detection, and evasion techniques. Begin by examining approaches to intrusion prevention systems (IPS), and how it differs from intrusion detection systems (IDS). Then take a look at options and deployment strategies for IPS; discover the advantages and disadvantages of various approaches to IPS, and view the role of IPS in preventing kernal attacks. Explore the methods used to discover vulnerabilities, and the remediation strategies related to intrusions. Next, learn how to block an attacker after too many failed login attempts; how to describe methods used in IPS to evade intrusions; and how to use tools, including netstat, to scan for potential intrusions on a local system. In the final two tutorials in this course, you will scan a system for potential malware infections using nmap, and use Suricata to implement a packet diversion for intrusion prevention.
13 videos |
49m
Assessment
Badge
Digital Forensic Techniques & Investigative Approaches
In this 14-video course, learners can explore digital forensics best practices and techniques and how they relate to investigations, data integrity, proper evidence handling, and legal privacy considerations. To begin, study an overview of digital forensics, and different types of forensics including computer, mobile, network, vehicle, and the Internet of Things (IoT). Learn how to differentiate between criminal, civil, and intellectual property investigations, and examine a typical methodology or investigative approach, including preservation, collection, examination, analysis, and presentation in court. Explore procedures to properly establish and maintain chain of custody; recognize best practices and considerations when working with digital evidence, and examine the roles of forensic laboratories and hardware and software tools. Learn how to recognize legal considerations, including search warrants and privacy considerations; delve into challenges of working with cloud computing environments; and recognize how viruses and other malware work. Learn the importance of ethical decision making related to digital forensic work, and approaches and techniques used when working with live or volatile data. The exercise involves applying digital forensic best practices.
14 videos |
57m
Assessment
Badge
Information Security: APT Defenses
In this 13-video course, discover key Advanced Persistent Threat (APT), concepts such as defense and best practices. Explore common APT attacks and mitigation techniques that can be used, APT tools, and how to create effective APT checklists. You will begin with an introduction to APT and its purpose, then look at the steps of the APT lifecycle. Learners will examine motives behind an APT and probable targets, and learn to identify APT defense best practices. Next, you will explore methods that can be used to strengthen APT defenses, and then recall the method(s) to deal with APTs. You will then take a look at the Equation aka APT group and its involvement in various cyber crimes. Another tutorial examines the key tools that are used when conducting an APT. Define risk assessment processes that can help you protect your assets. In the final tutorial in this course, you will be asked to identify key points for creating an effective checklist to address APT attacks.
13 videos |
1h 24m
Assessment
Badge
Information Security: NACs & Gateways
Learners will discover key features of network access control (NAC), the importance of NAC in a network, various NAC elements, authentication, and its implementation, in this 12-video course. Explore the risks and challenges associated with BYOD-which means "bring your own device"-and IoT, which is Internet of Things. You will begin the course by examining the security risks introduced by BYOD and IoT, along with their preventive measures. You will then explore the major challenges with BYOD in an organization. The next tutorial defines NAC and the importance it has in a network. This leads into examining the NAC architecture; the different features of NAC; and the impact of an improperly configured NAC. You will learn about the various NAC elements; recall the best practices of implementing NAC, and identify the key points for creating an effective checklist for NAC security. In the final tutorial, learners will be asked to list the NAC authentication methods.
12 videos |
37m
Assessment
Badge
Information Security: Subnetting & DNS for Security Architects
In this 11-video course, learners will discover key concepts related to subnetting, virtual machines (VMs), container, and DNS (domain name system) security. Examine tips and tricks used in subnetting and subnetting advantages. Explore classless inter-domain routing (CIDR), notation, deployment and security considerations for VMs and containers, and types of DNS attacks and mitigation strategies. You will begin the course by taking a look at the importance of subnetting, how it relates to security, and its advantages and disadvantages. Then move on to defining the CIDR notation. You will examine the subnetting cheat sheet, and learn various subnetting tips and tricks; compare VMs and containers, and examine the deployment considerations for VMs and containers. Next, learners will observe the best practices for deploying VMs, and the best practices for VM and container security. In the final two tutorials of this course, you will discover the various types of DNS attacks and their mitigations, and the various types of subnetting attacks and mitigations.
11 videos |
1h 5m
Assessment
Badge
Information Security: Securing Networking Protocols
Learners can explore the key concept of the common protocols in use, and discover the security issues of the transmission control protocol/Internet protocol (TCP/IP) model and security protocols, in this 10-video course. You will begin by taking a look at the common protocols used in a network, the ports they use, and the type they are and what they do. Next, you will examine some of the security issues of the TCP/IP model at the layer level, of which it has four: application, transport, Internet, and data link. You will also explore the threats, vulnerabilities, and mitigation techniques in network security; identify the types of weak protocols and their replacements; and classify the various types of security protocols. Then learners will continue by examining various ways to use security protocols in different situations; the importance of implementing security protocols. In the final tutorial, learners will explore the security-first mindset and its necessity.
10 videos |
56m
Assessment
Badge
Information Security: Hardened Security Topologies
In this 8-video course, learners will discover the key concepts of different security topologies and the key role they play in network security. Begin with an introduction to security topologies, which define the network design based on security requirements. You will then explore the design goals for security topology, the elements used to ensure that the information is secure, which means that you need the concepts of confidentiality, integrity, and availability (CIA), of information in a proper way, and it needs to be secured. You also need to practice accountability along with CIA concepts. Next, you will examine advantages and disadvantages of different security topologies, which are the Intranet, the Internet, and various other topologies. You will take a look at the impact of integrating cloud topologies, and also delve into the various layers of security in cloud computing. The final tutorial in this course explores the different methods used to harden the components of security topologies.
8 videos |
42m
Assessment
Badge
Information Security: Continual Infrastructure Testing
Discover DevOps practices such as continuous security and security monitoring, the benefits of using DevOps, and best practices of DevOps security in this 11-video course. Explore the secure DevOps lifecycle and learn about security risks and the various tools used for DevOps testing. Key concepts covered in this course include continuous security practices and the need for continuous security in a DevOps environment; the benefits of using DevOps including improved quality, saving money, and saving time by not having to integrate code at the later stage; and the components of DevOps and their impact on the infrastructure security. Next, learners will examine the best practices of DevOps security and learn the secure DevOps lifecycle; and learn security risks that come with DevOps and tools that can help aid with continuous security infrastructure testing. Finally, learn the security risks of DevOps; and the various tools used for DevOps testing, as in each stage of DevOps certain types of tools will be used.
11 videos |
43m
Assessment
Badge
Information Security: Security Governance
In this 9-video course, learners will discover the importance of implementing security governance in an organization. Explore differences between security governance and security management, types of governance frameworks, and the roles of senior management. Also covered are ensuring good IT security governance, risks and opportunities, security governance programs, and governance framework structure. Key concepts covered in this course include how to distinguish between security governance and security management; learning about different types of IT governance frameworks including ISO 27001, PCI DSS, HIPAA (Health Insurance Portability and Accountability Act), ITIL, and COBIT; and learning the various roles and responsibilities of senior management in governance; learn the measures used to ensure good IT security governance including creating governance within an organization, delivering governance through the right stakeholders. Next, observe how to review governance on a periodic basis; learn the risks and opportunities in security governance and making sure the security policies are up to date; and examine the process of rolling out a security governance program. Finally, you will examine the structure of a governance framework.
9 videos |
1h 14m
Assessment
Badge
Information Security: Honeypots
Explore various honeypot concepts, such as the types of honeypots, roles and uses of a honeypot, and how honeypot data analysis is used. In this 12-video course, you will examine strengths and weaknesses of a honeypot and how it is placed in networks. Key concepts covered in this course include the honeypot system itself, configured to detect, deflect, or counteract any unauthorized attempt to gain access to information; learning the various types of honeypots that can be used focusing on low and high interaction level types; and learning about the role played by honeypots in overall network security. Next, you will examine learn honeypot uses and disadvantages; learn the deployment strategies of a honeypot; and learn the various open-source and commercial honeypot products available on the market. Finally, learners will observe how honeypots are placed in a network; how to install and configure a honeypot by using KFSensor honeypot software; and explore how honeypot data analysis is captured through automated software or through a manual method.
12 videos |
35m
Assessment
Badge
Information Security: Pen Testing
Explore the key penetration (pen) testing concepts such as vulnerability assessment, types of pen testing, and threat actors, in this 14-video course. Discover why pen testing is needed and investigate tools used for pen testing. Key concepts covered in this course include pen testing, a set of tasks that are performed by ethical hackers against an organization, but in a legal way; steps performed during the pen testing process; and reasons why an organization needs to perform pen testing and distinguish between pen testing and vulnerability assessments. Next, you will compare the different types of pen testing and learn the weaknesses of pen testing; learn the various types of tools used in pen testing and the target selection for pen testing; and learn the types of assets in an organization; compare the types of risk responses that an organization may adapt. Finally, learners observe how to use the Metasploit framework in Kali Linux; and how to create an exploit by using MSFvenom.
14 videos |
1h 34m
Assessment
Badge
Security for Engineering Leaders: Defining Security
Security can be defined in many ways and broken down into numerous types. Data security involves defining the necessary policies and procedures that ensure data is cared for and protected. Through this course, learn about data security attributes and parameters and examine data security from a variety of perspectives. Discover the definition of security and its types, including data security. Next, study the theory and functionality of DevSecOps, as well as risk identification, assessment, and management. Finally, examine the use of data security frameworks, including popular frameworks such as COBIT, NIST, and FISMA. After course completion, you'll be able to outline security terms, expressions, and frameworks.
12 videos |
40m
Assessment
Badge
Security for Engineering Leaders: Data Security for Engineering Projects
Understanding the who, where, and what is important for good outcomes when it comes to data security. Through this course, explore a breakdown of data security challenges and best practices, and how to use your knowledge of them like tools in a toolbox. Discover data security challenges that occur with teams, data, and projects, examine data security in the cloud and in data centers, learn about project data sets, and explore team expertise levels and other elements of a team before, during, and after a project. After course completion, you'll be able to apply a better understanding of data security challenges and best practices for teams and projects.
18 videos |
1h 6m
Assessment
Badge
Security for Engineering Leaders: Data Security Use Cases
Data security involves more than understanding the skills and techniques necessary to keep information safe. Once you have identified policies and procedures and considered security challenges and best practices, what are your next steps? Through this course, consider the best means to implement, sustain, and enforce good data security practices across your teams and projects. How does the experience level of a particular team affect data security considerations? Define use cases for inexperienced, mixed experience, and highly experienced project teams. Identify the components that make up each type of team, and learn to recognize best practices for each type of team as they relate to data security. After course completion, you'll be able to consider the specifics of each team when identifying the best ways to apply data security to their work.
11 videos |
50m
Assessment
Badge
Authentication & Encryption: Best Practices
In this 14-video course, explore the authentication, authorization, and encryption options that a security architect will need on a day-to-day basis. The focus will be on two fronts-from a network security standpoint including cloud services, and internal solutions in an Agile and DevOps environment. Begin with a look at authentication, authorization, and encryption factors and how they fit together, then look at methods of authentication and best practices. This leads into methods of authorization and access control; the use of encryption methods and best practices in implementing encryption; and key symmetry-differentiating between public and private keys and their ciphers. Examine methods of keeping login and authentication credentials secure; view system authentication and authorization through user account administration in Linux, and handle security policy trade-offs in situations where solutions might not align with policy. Discover Secure Shell (SSH) configuration, and implementing and securing remote access to a system using SSH; create secure certificates and keys using OpenSSL; verify software package authenticity by using OpenSSL, and file encryption and file decryption with OpenSSL.
14 videos |
56m
Assessment
Badge
Security Architect: Ethical Hacking Best Practices
To become a well-rounded ethical hacker, one must have good ethics, love a challenge, and be persistent. In addition, you must have a strong technical background and be familiar with common tools, strategies, and techniques used in a variety of ethical hacking situations. In this 14-video course, learners can explore best practices related to ethical hacking and incident handling, legal considerations, and proactive hacking practices and strategies. Begin with an overview of the importance of ethical hacking in today's world and different types of ethical hacking, and different types of real-world hackers, such as white, black, and grey hat. View benefits of ethical hacking, and rules of engagement prior to performing an ethical hacking exercise. Delve into vulnerability and penetration testing and the common ethical hacking tools. Conduct a network scan by using Nmap; learn about incident handling, and recognize the importance of using templates or checklists prior to and during a penetration test. Finally, recognize best practices when testing uncovers exploits or vulnerabilities, and legal considerations when performing an ethical hacking exercise.
14 videos |
46m
Assessment
Badge
Security Rules: Rules of Engagement
Prior to performing any penetration testing, it is important to outline the Rules of Engagement (RoE) with the client. Begin this 14-video course with a general overview of the RoE, how it relates to business, and the potential consequences of not having the RoE in place. Look at benefits of having an easy reference checklist prepared when defining RoE. Learn how to determine the appropriate scope of engagement; examine client (IT staff) considerations; and view common risks and limitations, such as impact on systems. Explore the logistics and considerations such as testing tools, personnel, and test schedules. Delve into incident handling and best practices; testing and best practices, and also best practices in information handling. Examine elements that should be included in final reports, such as action taken, problems, and findings. Look at liabilities, warranty, limitation of a liability, and indemnification considerations to include when outlining the intent of testing activities. Finally, learn how to ensure proper authorization has been granted to commence any testing.
14 videos |
47m
Assessment
Badge
Malware Removal: Identifying Malware Types & Classification Approaches
Knowing how to respond to malware incidents is a critical skill for security professionals, and the first step to achieving malware response skills is understanding the types of malware you will face in the field. In this course, you'll explore different types of malware such as worms, Trojan viruses, botnets, ransomware, and rootkits. You'll then round out your knowledge by identifying the different methods used to classify a virus and determine its potential impact.
8 videos |
26m
Assessment
Badge
Malware Removal: Analyzing an Infected System
Familiarization with the different types of malware analysis and the tools used to analyze malware is a critical skill for IT security professionals. In this course, you'll explore the characteristics of malware and the impact the malware has on the infected system. You'll learn how to identify different malware analysis techniques, such as static and dynamic malware analysis, to discover activities performed by malware. You'll also examine some of the tools used to perform both static and dynamic malware analysis and how to use a disassembler to view malware code.
13 videos |
1h 44m
Assessment
Badge
Malware Removal: Remediating an Infected System
Understanding what tools to use to recover a system after it is infected with malware is a critical skill. In this course, you'll explore the symptoms of virus infected systems and best practices for malware removal. You'll learn about different remediation approaches for different types of malware. You'll also look at some of the tools used to remove and recover systems after they have been infected such as the Windows Malicious Software Removal Tool, the Windows repair options, and how to restore a system image backup.
12 videos |
49m
Assessment
Badge
Malware Removal: Reporting Findings & Preventing Future Infections
Knowing how to respond to a malware incident and who to report the malware incident to is critical to a timely response. In this course, you'll learn key steps for responding to malware incidents, as well as how to identify key persons to report the malware incident to and steps to take to help prevent future malware incidents.
7 videos |
30m
Assessment
Badge
CyberOps Windows Hardening: Windows Server Hardening Best Practices
Windows servers are the heart of many corporate networks and may contain sensitive company data that, if leaked or stolen by an attacker, would be catastrophic. Protecting the Windows Server assets and preventing a security compromise is an important skill for IT security professionals to master. In this course, you'll learn how to help prevent security incidents by hardening the Windows Server and reducing the attack surface. You'll learn how to follow common security best practices to lock down a Windows system by hardening user accounts, passwords, services, the file system, and common network services, such as DNS and IIS.
16 videos |
1h 32m
Assessment
Badge
Windows Exploits and Forensics: Intelligence Gathering
As a security operations person, you'll need to employ various Windows exploitation techniques to attack vulnerable target software and services. This course covers the various intelligence gathering techniques used for conducting offensive security operations against a Windows-based network to identify possible vulnerabilities. You'll start by examining open source intelligence (OSINT) gathering techniques and sources before conducting your own OSINT investigation. Next, you'll explore the use of social media and other tools for finding targets for social engineering exercises. You'll then examine common Windows services and their ports and tools for conducting basic enumeration. Moving along, you'll practice network scanning for open ports, scanning a Windows-based system, and enumerating data. Lastly, you'll explore various tools used in the Kali hacking environment, the use of Metasploitable, and common locations to find Windows exploits.
13 videos |
1h 27m
Assessment
Badge
Windows Environments
As a security operations person, you'll need to tailor your methods to suit the operating system your working with. This course covers some of the core competencies required to conduct offensive security operations against a Windows environment. Throughout this course, you'll learn how to recognize the differences between various Windows versions. You'll examine the role of intrusion detection systems (IDS) and intrusion prevention systems (IPS) in a Windows environment. You'll then learn about the MITRE ATT&CK framework and how it relates to Windows intrusions and identify the different Windows logging mechanisms. Next, you'll practice using event logging, basic PowerShell commands, and the Windows Registry. You'll then explore how the Windows hashing algorithm works and practice cracking an NTLM hash value. Lastly, you'll investigate different data artifacts within Windows and outline how best to work with Active Directory and Kerberos.
16 videos |
1h 31m
Assessment
Badge
Windows Exploits and Forensics: SMB & PsExec
When carrying out security operations in a Windows environment, you need to know what kind of attacks, exploits, and vulnerabilities to look out for. This course covers two of the most common services used to attack a Windows-based network - SMB and PsExec - along with some popular attack methodologies. You'll start by examining SMB permissions and default settings. You'll then explore tools to enumerate SMB shares and data. Next, you'll investigate how to identify SMB vulnerabilities and recognize SMB attacks. You'll then conduct different SMB exploits, including brute force and denial of service attacks. You'll move on to outline how PsExec works and use it to execute remote commands. Finally, you'll practice exploiting PsExec using various tools, including the EternalBlue exploit.
15 videos |
1h 5m
Assessment
Badge
Windows Exploits and Forensics: FTP, RDP, & Other Services
To protect an operating system, you must first know how to exploit it. This course covers some of the standard Windows services that have known exploits available for them, which can be used in offensive security operations against a Windows environment. You'll start by enumerating data from a Windows-based FTP server before practicing methods used to attack FTP services. You'll then learn how to attack IIS-based systems. Next, you'll examine the RPD protocol and learn methods of attacking the Windows RDP service. Finally, you'll investigate how WMI works and learn to exploit WMI on a Windows-based machine. This course involves conducting brute force attacks, reverse shells, and using the BlueKeep security vulnerability.
14 videos |
1h 12m
Assessment
Badge
Windows Exploits and Forensics: Legacy Systems & Third Party Applications
When an organization uses systems that are no longer serviced and supported and therefore, do not receive security updates, they expose themselves to serious security attacks. To ensure a healthy network ecosystem, security operations personnel must be aware of the vulnerabilities these systems are exposed to. In this course, you'll explore how to conduct offensive security operations against legacy Windows-based systems. You'll learn to recognize older versions of Windows, identify common exploits for these older versions, and scan Server 2008 for vulnerabilities. You'll then learn how to enumerate Server 2008, exploit legacy systems, and gain a reverse shell on a legacy system. You'll then learn how to recognize common third-party applications and vulnerabilities and how to exploit them. Finally, you'll learn how to identify and avoid a honeypot.
12 videos |
57m
Assessment
Badge
Windows Exploits and Forensics: Post Exploitation
As a penetration tester, it's vital that you are familiar with advanced methods of conducting offensive security operations against Windows environments. In this course, you'll learn to recognize common post exploitation activities within a Windows environment and how to configure an advanced persistent threat. You'll start by learning how to escalate privileges, use a DLL injection attack, pivot between systems, and crack user credentials. You'll then examine how to use PowerView to enumerate information and use BloodHound to 'walk the dog' and gain domain admin privileges. Finally, you'll learn how to clean up post attack to cover your tracks, create an advanced persistent threat, and use a ransomware attack to lock a system.
14 videos |
1h 23m
Assessment
Badge
Business Continuity Planning Bootcamp: Session 1 Replay
This is a recorded Replay of the Business Continuity Planning Live session that ran on May 7th at 11 AM ET. In this session Lisa Furey discusses the key principles of business continuity planning, the professional practices within BCP, the global factors that impact business continuity practices-a "new normal", and business continuity needs within organizations.
1 video |
3h 2m
Badge
Business Continuity Planning Bootcamp: Session 2 Replay
This is a recorded Replay of the Business Continuity Planning Live session that ran on May 8th at 11 AM ET. In this session Lisa Furey discusses the necessary components in a solid business continuity plan and BCP principles in the small to medium sized business. She also covers obtaining quotations from licensed BCP professionals to create BCPs (for larger organizations), speaking to stakeholders on the need for business continuity planning within your organization, and the various certifications available in the disaster recovery industry.
1 video |
3h 2m
Badge
Security Risks: Key Risk Terms & Concepts
Familiarity with key terms and concepts associated with security risk enables security leaders to identify, evaluate, and prioritize security risks. In this course, you'll get familiar with the terminologies, activities, and concepts associated with a security risk management process. You'll start by discovering the interdependence between assets, vulnerabilities, threats, and risks. You'll then investigate how to assess risk probability, measure the impact created by it, and the difference between risk appetite and risk tolerance. Next, you'll examine the components, benefits, and stages of a risk management process. You'll also identify different methods of treating risk and the importance of implementing controls as a part of a risk-based approach. Lastly, you'll recognize the standards for risk management and the advantages of managing and assessing security risk.
16 videos |
1h 52m
Assessment
Badge
Security Risks: Performing Security Risk Identification
Effective security risk management often begins with proper security risk identification. In this course, you'll examine various components of the risk identification process and different techniques used to identify risk. You'll begin by distinguishing between threat and risk. You'll then get familiar with other terminologies and concepts associated with risk identification. Moving on, you'll recognize the significance of risk identification in recognizing assets and services that are risk-prone. You'll also investigate different methods used to identify risk and best practices for the risk identification process. Later in the course, you'll outline common security-related risks and their impact on different components of an organization. Finally, you'll examine the features of a security risk register, its role in risk management, and how to create one in Microsoft Excel.
9 videos |
57m
Assessment
Badge
Security Risks: Performing Security Risk Assessments
The categorization of security risks is essential for effectively assessing and managing risk. In this course, you'll explore the assessment, classification, and prioritization of security risks. You'll begin by outlining the concept of risk assessment and the advantages of different risk assessment techniques. You'll also investigate the features of security assessment methods, such as vulnerability assessment and penetration testing, and discover how to assess security vulnerability. Moving on, you'll recognize the significance of risk categorization and how to update a risk register in Microsoft Excel using a four-quadrant risk classification matrix. Finally, you'll identify the purpose and process of risk prioritization, and the role of a probability-impact matrix in determining risk levels. You'll then investigate how to use the matrix to prioritize risks on a security risk register.
13 videos |
1h 35m
Assessment
Badge
Security Risks: Planning for Security Risk Management
Highly effective security leaders recognize that they must prioritize and focus their efforts on managing critical security risks. Therefore, once a security risk is identified, it must be carefully evaluated. In this course, you'll identify the activities involved in a risk management process, the importance of risk strategies in the context of work environments, and essential decisions required for managing security risks effectively. Moving on, you'll investigate the components of a risk management plan and how to improve a risk management strategy by increasing risk tolerance and risk appetite. You'll also outline the importance of mitigation plans and discover how to create one in Microsoft Word. Lastly, you'll recognize the role of risk monitoring and control measures in risk management planning and the factors that shape an organization's approach to making decisions in handling risks.
12 videos |
1h 26m
Assessment
Badge
SHOW MORE
FREE ACCESS
COURSES INCLUDED
Understanding End-User Security
Implementing effective cybersecurity is crucial in today's digital world. The stakes are high, as the consequences of a security breach can be devastating for businesses. In this course, explore the importance of end-user security and the severe business impacts of breaches. Next, learn about traditional and emerging cyber threats such as phishing, malware, and ransomware, as well as viruses and malware, including their transmission and consequences. Finally, discover how to recognize and avoid phishing attacks and develop effective prevention and response strategies for ransomware. After completing this course, you will be able to enhance your organization's security posture and safeguard sensitive data against cyber threats.
7 videos |
29m
Assessment
Badge
Generative AI Capabilities and Potential Security Risks
Generative AI is transforming content creation and creativity by generating human-like content, changing industries, and redefining creativity. In this course, discover generative AI's capabilities, applications, and its diverse applications in business, healthcare, education, and the arts. Next, learn about the risks of AI-generated phishing attacks and AI's role in creating deepfakes, producing and disseminating misinformation, and the privacy risks associated with generative AI. Finally, examine how generative AI can enhance social engineering attacks and the use of large language models (LLMs) for threat analysis. Upon course completion, you will be able to identify and mitigate generative AI risks while responsibly leveraging generative AI's benefits across various sectors.
9 videos |
31m
Assessment
Badge
AI-Driven Endpoint Protection Tools
AI-driven endpoint protection refers to security solutions that integrate artificial intelligence (AI) and machine learning (ML) technologies to safeguard endpoint devices. AI-driven endpoint protection tools analyze vast amounts of data, identify patterns, and recognize anomalies that might signal a security threat. In this course, explore the impact of AI on endpoint security, including how it provides advanced threat detection and response capabilities. Next, learn about popular tools like CrowdStrike Falcon, Cylance, SentinelOne, and Microsoft Defender for Endpoint, as well as tool installation and configuration. Finally, learn how to leverage AI-powered features for optimal threat mitigation and how AI integration enhances antivirus and antimalware detection and response. After completion of this course, you will be able to outline essential concepts and tools in AI-driven endpoint protection.
8 videos |
28m
Assessment
Badge
Role of AI-Powered Firewalls vs. Firewalls for AI Applications
Artificial intelligence (AI) has had transformative impacts. Cutting-edge systems such as AI-powered firewalls utilize artificial intelligence and machine learning to transform network security. In this course, learn about AI-powered firewalls, their role in network security, and the advanced features of AI-powered firewalls that enhance threat detection and response capabilities. Next, examine the top vendors of AI-powered firewalls, the role of firewalls for AI applications in securing AI models, and the specialized features of firewalls designed for AI applications. Finally, discover the top vendors of firewalls for AI applications and compare the functionalities and benefits of AI-powered firewalls and firewalls for AI applications. After completing this course, you will have a comprehensive understanding of how these advanced firewalls can enhance your organization's cybersecurity posture.
9 videos |
33m
Assessment
Badge
AI-Enabled Web Security Tools
In today's digital landscape, enhancing web security with artificial intelligence (AI) is crucial for staying ahead of cyber threats. In this course, learn how to install and configure AI-enhanced web tools, implement security policies, and utilize advanced threat detection. Next, explore popular tools like Cisco Umbrella and Zscaler, their features, and their real-world AI applications in action. Finally, discover how to configure security policies and filters within an AI-enhanced web security tool and AI algorithms' role in threat detection and response. After completing this course, you will be able to enhance digital security against sophisticated threats.
7 videos |
24m
Assessment
Badge
Monitoring and Logging with AI-Supported Tools
Due to the constant emergence of new technologies, staying ahead of potential threats is critical in today's cybersecurity landscape. If advanced and proactive defenses are not implemented, this can lead to financial loss, reputational damage, legal issues, and erosion of customer trust. In this course, explore fundamental monitoring and logging concepts, their importance, and how they detect suspicious behavior and maintain compliance. Next, learn about traditional monitoring tools, their limitations, and AI-enhanced monitoring tools. Finally, discover the technical aspects of AI-powered monitoring, how AI algorithms process and analyze log data, and how to implement AI-supported monitoring tools in your organization. Upon completion of this course, you will be able to outline how AI-supported tools can revolutionize your cybersecurity practices.
9 videos |
41m
Assessment
Badge
Best Practices for End-User Security
In today's rapidly evolving digital landscape, safeguarding end-user security is more critical than ever, and organizations need to be equipped with the knowledge and tools necessary to protect themselves from current cyber threats. In this course, explore the importance of ongoing education and training, as well as AI-driven training programs. Next, learn how to select or design effective training programs tailored to your organization's needs and the concept of a multi-layered security approach. Finally, discover how to use best practices such as regular software updates, enabling multi-factor authentication (MFA), and using robust security solutions to protect against evolving threats. After completing this course, you will be able to implement best practices to enhance end-user security in your organization.
31m
Assessment
Badge
End-User Security: The End-User Perspective
Learners can examine end-user security concepts such as shared responsibilities and policies, physical controls, authentication, software, and best practices in this 12-video course. You will begin with a look at shared responsibility, which has expanded greatly because of the use of cloud computing; this means that the role of the end user, the customer or client, in shared responsibility for security is expanding at an accelerated rate. Next, you will move on to defining acceptable use policies (AUP). You will discover how to distinguish physical security controls; classify authentication technologies, and recognize the importance of hardware and software updates. Following on from this, you will explore security suites and endpoint protection; learn about browser best practices, and define the security fundamentals of e-mail. You will also delve into the security issues surrounding personal cloud storage services, and protecting data at rest, or data storage security. To conclude the course, complete an exercise on describing the concepts and technologies of end-user security.
12 videos |
53m
Assessment
Badge
End-User Security: The Security Administrator Perspective
In this 9-video course, learners will examine end-user security from the security administrator point-of-view including threatscape, security policies, training and awareness, Layer 2 security, 802.1x, MACsec, endpoint detection and response (EDR), advanced endpoint protection, and vendor solutions. Begin by taking a look at the present threatscape, while keeping in mind that it is constantly evolving, stealthy, and complex. You will examine written security policies, which every organization must have, and which apply to the entire organization. The policies must be well-written, comprehensive in scope, concise, easy to understand, and well organized. Next, you will explore training and awareness, which must be implemented for your end-users within the first few months of employment. You will compare access switch and wireless application protocol (WAP) security; describe 802.1x and MACsec; EDR protection, and next-generation EDR. In the closing exercise, you will be asked to list characteristics of next-generation EDR solutions, actions you can take with 802.1x port-based Network Access Control (PNAC), and the attributes of an effective security policy.
9 videos |
39m
Assessment
Badge
End-User Security: Securing End Users against Attackers
This 10-video course examines end-user security from the rogue attacker point of view, including motivations, Malware-as-a-Service (MaaS) phishing techniques, pharming, ransomware, data theft, cryptojacking, denial-of-service (DoS), and toolkits. One of the first things to do to be successful as a security technician or practitioner is to start to understand the mind of the attacker, so you will examine the possible motives for attacking user endpoints. You will then take a look at Malware-as-a-Service, which is available all over the world. You will explore the phishing techniques an attacker might take, as they are becoming stealthier, sending phishing e-mails over varied infrastructures. Delve into ransomware, this time from the attacker's perspective, and learn about data breaches and theft. You will also examine cryptojacking, what it is and explore some examples, and have a look at DoS and distributed-denial-of-service (DdoS) attacks using, for example, botnets. The final tutorial surveys common exploit kits such as Kali Linux and Metasploit. The concluding exercise entails listing common motives for attacking endpoints, common ransomware payloads, and exploit kits.
10 videos |
32m
Assessment
Badge
An Executive's Guide to Security: Understanding Security Threats
Companies that do not understand threats facing their information are at risk of costly data breaches. In this 13-video course, learners can explore common security threats, types of network attacks, and the human element of security threats. Key concepts covered here include what an attack surface is, and how it must be understood to protect corporate information; and what network hardening is and how it relates to protection of corporate information. Next, learners will examine network demilitarized zones and how they protect corporate information; observe differences between threats, vulnerabilities, and risks in corporate environments; and study top kinds of security threats facing organizations today. Continue by learning the role that physical security plays in protecting corporate data; how social engineering is conducted and how it is mitigated through corporate policy; and the importance of corporate security policies, and why they should be strictly adhered to. Finally, explore the importance of password policies and why they should be adhered to; and learn reasons why IT administrators need to protect an organization by refusing to bend rules.
13 videos |
44m
Assessment
Badge
An Executive's Guide to Security: Protecting Your Information
This 13-video course explores data protection for businesses, including devices, social media, and good governance through security principles, policies, and programs. You will examine several types of security threats, the different types of network attacks, the role physical security plays in the protection of corporate data, and the human element of security threats. Next, learners examine the attack surface, including the total combined nodes, users, devices, and any entry points of software, a network, and a business environment. You will examine threats, vulnerabilities, and risks, and learn the importance of network hardening. This course uses real-world examples of several top security threats to businesses today, including malware, social engineering, unpatched software, BYOD (bring your own device), and IoT (Internet of things). You will examine clickjacking and URL spoofing. Finally, this course discusses the legal and financial ramifications of a major security breach, the importance of having a security policy, training personnel, password protection, and managing a company's security.
13 videos |
45m
Assessment
Badge
SHOW MORE
FREE ACCESS
COURSES INCLUDED
Microsoft Security: Compliance Concepts & Methodologies
The SC-900 Microsoft Security, Compliance, and Identity Fundamentals exam is for individuals who want to familiarize themselves with the basics of security, compliance, and identity across cloud-based and other Microsoft services. In this course, examine security and compliance concepts and methodologies, including the Zero Trust methodology, shared responsibility model, Cloud Adoption Framework, and defense in depth. Next, explore common threats, such as advanced persistent threats, phishing attacks, distributed denial of service (DDoS) botnets, remote access Trojans, ransomware, and viruses and worms. Finally, learn about encryption and hashing. This is one of a collection of courses that fully prepare the learner for the SC-900 Microsoft Security, Compliance, and Identity Fundamentals certification exam.
8 videos |
41m
Assessment
Badge
Microsoft Security: Basic Azure AD Identity Services & Types
This course will introduce the building blocks of fundamental identity concepts and several universal concepts of any modern identity platform. You will begin the course by exploring identity as the primary security perimeter, authentication, and authorization method. Next, you will look at identity providers and Active Directory. You will learn to identify federated services and common identity attacks. Finally, you will learn the basics of Azure Active Directory, Azure AD identity types, and hybrid/external identity types. This class is part of a collection of courses that prepare the learner for the SC-900 Microsoft Security, Compliance, and Identity Fundamentals certification exam.
9 videos |
31m
Assessment
Badge
Microsoft Security: Azure AD Authentication, Access, & Identity
The process of authenticating entities such as end users has evolved well beyond the simple username and password credential modality. As modern enterprises build towards zero-trust environments, the demand for more robust authentication and identity solutions are emerging. In this course, explore different authentication methods and capabilities such as self-service password reset, password protection, and multi-factor authentication schemes. Discover Azure AD Conditional Access and the benefits of Azure AD roles. Next, examine Azure AD Identity Governance, entitlement management, access reviews. Finally, take a look at the robust capabilities of Privileged Identity Management (PIM) and Azure AD Identity Protection. This is one of a collection of courses that fully prepare the learner for the SC-900 Microsoft Security, Compliance, and Identity Fundamentals certification exam.
9 videos |
25m
Assessment
Badge
Microsoft Security: Azure Security Capabilities & Management
A core security principle is the usage of mediated access to create a layer of abstraction between the management client and the server or service. In this course, discover Azure Bastion and various firewall proxies that function at layer two through seven of the ISO OSI reference model. You will compare Azure Network Security Groups (NSGs), Azure Firewall, and Web Application Firewall (WAF) services. Then, explore distributed denial of service (DDoS) protection, Azure data encryption, and Cloud Security Posture Management (CSPM). Next, you will focus on Microsoft Defender for Cloud and its three main solutions. Finally, learn the security baselines for Azure and the security capabilities of Microsoft Sentinel. This is one of a collection of courses that fully prepare the learner for the SC-900 Microsoft Security, Compliance, and Identity Fundamentals certification exam.
10 videos |
31m
Assessment
Badge
Microsoft Security: Microsoft 365 Security & Security Management
Microsoft Defender for Cloud provides security management and enhanced threat protection capabilities for cloud workloads residing across hybrid and multi-cloud configurations. In this course, you will explore Microsoft Defender for Identity, Office 365, Endpoint, and Cloud Apps. You will also dive into other technologies such as Microsoft 365 Defender portal, Microsoft Secure Score, security reports, dashboards, incident management, and endpoint security with Microsoft Intune. This is one of a collection of courses that fully prepare the learner for the SC-900 Microsoft Security, Compliance, and Identity Fundamentals certification exam.
10 videos |
24m
Assessment
Badge
Microsoft Security: Compliance, Information Protection, & Governance
In today's data-driven, service-oriented enterprise environment due diligence and due care must be taken by security professionals to enforce privacy initiatives and data loss prevention of intellectual property and personal data. This course will examine several related Microsoft security solutions. Explore Service Trust Portal, Microsoft's privacy principles, compliance center, and compliance manager. Discover use cases for data classification, sensitivity labels, content and activity explorer, and retention policies, labels, and records. Finally, explore tools for data loss prevention and use cases Azure Resource Locks, Azure Blueprints, and Azure Policy. This is one of a collection of courses that fully prepare the learner for the SC-900 Microsoft Security, Compliance, and Identity Fundamentals certification exam.
10 videos |
25m
Assessment
Badge
Microsoft Security: Microsoft 365 Insider Risk, eDiscovery, & Auditing
While enterprise users can access, create, control, and share data across a wide range of platforms and services, many organizations lack the means to balance mitigating enterprise-wide risks with managing compliance and privacy standards. Microsoft 365 offers a series of solutions to help organizations recognize, prioritize, and remediate security risks while addressing compliance and privacy requirements. In this course, learn the capabilities of Microsoft 365's compliance solutions. Next, explore the responsibilities of Microsoft 365 solutions such as insider risk management, eDiscovery, and auditing. Finally, examine Microsoft 365 communication compliance, information barriers (IB), privileged access management, and Customer Lockbox. This is one of a collection of courses that fully prepare the learner for the SC-900 Microsoft Security, Compliance, and Identity Fundamentals certification exam.
10 videos |
20m
Assessment
Badge
SHOW MORE
FREE ACCESS
COURSES INCLUDED
Authorization & Registration
Without the ability to gain entry, hackers are powerless. Explore key authentication concepts and best practices like identification, user authentication, the user logon process, and how to effectively manage user account credentials.
17 videos |
1h 21m
Assessment
Badge
Password Security Requirements
Without the ability to gain entry, hackers are powerless. Explore password security best practices, including establishing password strength, complexity, and age criteria.
7 videos |
37m
Assessment
Badge
Logon, Logoff & Password Policies
When a security breach happens, it puts your customers, assets, and entire reputation at risk. Explore user account security enhancements by establishing logon, logoff, and advanced password management protocols.
16 videos |
1h 10m
Assessment
Badge
Account Changes & Attack Mitigation
When a security breach happens, it puts your customers, assets, and entire reputation at risk. Explore safe and secure policies for advanced user account management as well as best practices for handling user account security breaches.
9 videos |
34m
Assessment
Badge
SHOW MORE
FREE ACCESS
COURSES INCLUDED
Anomaly Detection: Aspects of Anomaly Detection
Network anomalies are behaviors or activities that deviate from the norm. It is important that security professionals learn to monitor these anomalies in network traffic because the traffic could be malicious. In this 11-video course, you will explore roles that network and security professionals play in detecting and addressing anomalies. Begin by looking at different types of anomalies or outliers, such as configuration faults or a malicious presence; then take a look at benefits of anomaly detection, such as early response and planning for the unexpected. Learners will also examine the limitations of traditional approaches to anomaly detection, such as chasing false positives; learn how to differentiate between manual and automated detection techniques; and view the importance of building a profile of what is normal, such as user activity, before looking at multimodel attributes and how they relate to anomaly detection. Furthermore, you will explore differences between least frequency of occurrence and baselining; view the benefits of machine learning; and finally, learn how to recognize benefits of auto-periodicity to aid in identifying anomalies.
11 videos |
54m
Assessment
Badge
Anomaly Detection: Network Anomaly Detection
In this 14-video course, learners can explore best practices for anomaly detection for network forensics with topics such as network behavior anomaly detection (NBAD), frequency analysis, identifying beaconing activity, and recognizing signs of brute force attacks. Also discover protocol and population analysis, HTTPS and SSH (Secure Shell) attacks, as well as triage methods. Begin with a look at concepts and applications of NBAD, then discover how to implement frequency analysis. Learn how to identify beaconing activity, and how to recognize the signs of a brute force attack. Next, learners examine protocol analysis approaches and techniques, and learn about HTTPS attacks, deducing the activity of encrypted web traffic. Analyze SSH authentication behavior; take an overview of population analysis; explore techniques used to reveal hidden connections with behavioral analysis; and learn how to differentiate between different NBAD triage methods. In the final tutorials, discover methods and techniques for performing network anomaly analysis and the benefits of anomaly detection, and examine how network forensics can be used to protect mission critical areas of business.
14 videos |
1h 11m
Assessment
Badge
COURSES INCLUDED
CompTIA Security+: Security Goals & Controls
Every long journey, including the path to Security+ certification, begins with a few steps and some fundamental practices. Security goals and controls are an important starting point for building your security skills. You will begin this course by familiarizing yourself with the four primary security goals of confidentiality, integrity, availability, and non-repudiation. You will then explore the concepts of authentication, authorization, and accounting (AAA) and how they relate to people, systems, and models. Finally, you will delve into security control categories and types. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
10 videos |
29m
Assessment
Badge
CompTIA Security+: Fundamental Security Concepts
The Security+ candidate must display competency in an assortment of core security concepts including the newer Zero Trust initiative and common physical security controls. In this course, the learner will explore gap analysis, Zero Trust control and data planes, deception technologies like honeynets, physical security controls, Change Management business processes and technical implications, and documentation and version control. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
11 videos |
33m
Assessment
Badge
CompTIA Security+: Practical Cryptography
Cryptography is at the heart of many security controls and countermeasures and as such, Security+ candidates must have a solid grasp of practical cryptography. In this course, you will discover symmetric and asymmetric cryptography and compare different encryption levels, including full disk and partition. Next, you will explore hashing, salting, hash-based message authentication codes (HMACs), and key exchange. Then you will examine digital signatures, certificates, and public key infrastructure (PKI), focusing on certificate authorities (CAs), certificate signing request (CSR) generation, and Online Certificate Status Protocol (OCSP). Finally, you will investigate cryptographic tools like Trusted Platform Module (TPM), hardware security module, and key management systems, and you will dive into blockchain technology. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
11 videos |
43m
Assessment
Badge
CompTIA Security+: Threat Actors & Vectors
One of the primary goals for an emerging security practitioner is to have a firm grasp of the present threatscape. The learner will build this vital knowledge base in this course. In this course, we will explore threat actor types, attributes, and motivations. Next, we will dive into the use of human vectors and social engineering as well as common attack surfaces. Then we will explore supply chain, application, and O/S and web-based vulnerabilities. Finally, we will cover hardware and virtualization vulnerabilities, cloud vulnerabilities, and mobile device vulnerabilities. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
12 videos |
34m
Assessment
Badge
CompTIA Security+: Survey of Malicious Activities
Malicious software, also known as malware, comes in a variety of attack vectors and characteristics. The ability to stay current with the different malware and variants is one of the biggest challenges for modern security professionals. Begin this course by exploring malware attacks like ransomware, trojan horses, and logic bombs. Then you will investigate physical and network attacks including brute force, denial-of-service, and credential replay attacks. Next, you will focus on application and cryptographic attacks, such as buffer overflow, privilege escalation, collision, and birthday attacks. Finally, you will take a look at password attacks and discover indicators of compromise, like concurrent session usage, blocked content, and impossible travel. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
9 videos |
35m
Assessment
Badge
CompTIA Security+: Mitigation Techniques
As a security professional, it is always better to be proactive with mitigation rather than purely reactive. Begin this course by exploring segmentation and isolation, access control mechanisms, and configuration and patch management. Next, you will investigate the principles of least privilege and separation of duties and find out how encryption technologies can shield private information from unauthorized users. Then you will examine the monitoring and visibility of access controls and learn the best practices for decommissioning and offboarding. Finally, you will focus on hardening techniques, including endpoint detection and response (EDR), host intrusion detection system (HIDS)/host intrusion prevention system (HIPS), disabling ports/protocols, default password changes, and removal of unnecessary software. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
10 videos |
29m
Assessment
Badge
CompTIA Security+: Architecture & Infrastructure Concepts
A physical structure that is built by engineers and architects needs solid design, construction, and ongoing maintenance. The same can be said for a networking and system environment. Begin this course by exploring fundamental security architectural considerations, including high availability, resilience, scalability, and responsiveness. Then, you will discover cloud computing, focusing on the cloud responsibility matrix, hybrid considerations, and third-party vendors. You will investigate Infrastructure as Code, compare serverless technologies, and learn about containers and microservices. Next, you will take a look at network infrastructure, centralized and decentralized design, and virtualization. Finally, you will examine industrial control systems (ICSs), Supervisory Control and Data Acquisition (SCADA) systems, and the Internet of Things. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
12 videos |
44m
Assessment
Badge
CompTIA Security+: Enterprise Infrastructure Security Principles
This course is a critical component of modern technical controls and countermeasures, as many of the technologies covered represent the daily technical activities of security practitioners, operators, and administrators. Begin by discovering various infrastructure security considerations like device placement, security zones, and failure modes. Then, you will compare network appliances and explore port security and firewalls. Next, you will examine virtual private networks (VPNs) and IP security (IPSec). Finally, you will investigate transport layer security (TLS), software-defined wide area networks (SD-WANs), and secure access service edge (SASE). This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
10 videos |
43m
Assessment
Badge
CompTIA Security+: Data Protection Concepts & Strategies
It is an understatement to declare that society is rapidly becoming a data-driven and service-oriented. Data protection and security is a key aspect of modern IT security management. In this course, we will begin by exploring data states, classification, types, and lifecycles. Then we will examine considerations for securing data including geographic and cultural restrictions, encryptions, and hashing. Finally, we will look at masking, obfuscation, and tokenization as well as segmentation and compartmentalization. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
10 videos |
26m
Assessment
Badge
CompTIA Security+: Resilience & Recovery
Restoration and recovery is a vital part of a comprehensive backup plan. As a well-known axiom regarding backup strategy states, "a backup policy without tested restoration and recovery is no backup at all." In this course, we will examine restoration and recovery concepts, beginning with load balancing, clustering, and backup strategies. Next, we will explore continuity of operations, multicloud, and disaster recovery sites. We will then focus on capacity planning and testing techniques. Finally, we will look at power considerations. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
9 videos |
44m
Assessment
Badge
CompTIA Security+: Computing Resources Security Techniques
Today's security professional must contend with more types of computing systems and operating systems than ever before due to mobility, embedded, smart, and Internet of Things (IoT) devices. In this course, you will explore secure baselines and hardening targets. Then you will learn about wireless device installation issues, mobile device solutions, and connection methods. Next, you will investigate wireless security settings, cryptographic protocols, and authentication protocols. Finally, you will discover application security techniques and asset management tasks, including assignment/accounting, monitoring/asset tracking, enumeration, and disposal/decommissioning. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
9 videos |
35m
Assessment
Badge
CompTIA Security+: Vulnerability Management
Vulnerability management is an ongoing process designed to proactively protect computer systems, networks, and applications from cyberattacks and data breaches and is an integral part of your overall security system. Begin this course by exploring threat feeds like open-source intelligence (OSINT), Common Vulnerability Scoring System (CVSS), and Common Vulnerability Enumeration (CVE) to help gather information about potential threats or adversaries. Then you will investigate application vulnerability assessments for assigning severity levels, vulnerability scanning to identify known and unknown weaknesses, and penetration testing to simulate real-world attacks. Finally, you will discover vulnerability response and learn how to validate and report on remediation processes. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
8 videos |
26m
Assessment
Badge
CompTIA Security+: Security Monitoring & Alerting
Congratulations. You have convinced your steering committee to give you a huge budget, new hires, and broader access to deploy a ton of security controls at the new regional branch office. However, within weeks you will be brought back to report on the effectiveness of the new expensive toys. This is why solid monitoring and alerting are critical for success. In this course, you will explore security monitoring and alerting, beginning with monitoring computing resources, visibility, and agent-based and agentless monitoring. Then you will focus on monitoring activities like log aggregation, alert response, and validation. Next, you will discover the importance and benefits of Security Content Automation Protocol (SCAP), security information and event management (SIEM), and security orchestration, automation, and response (SOAR) systems. Finally, you will investigate antivirus and data loss prevention (DLP) systems, Simple Network Management Protocol (SNMP) traps, and NetFlow records. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
10 videos |
31m
Assessment
Badge
CompTIA Security+: Enterprise Security Capabilities
This course is a vital exploration of many of the day-to-day operational controls that the security professional is often involved with. This is what is referred to as the "due care" aspect of the job or ongoing continual maintenance. In other words, these are core "blue team" responsibilities. Topics presented to the learner include firewalls, intrusion detection system (IDS)/intrusion prevention system (IPS), web filtering, operating system security, implementing secure protocols, DNS filtering, email security, DomainKeys Identified Mail (DKIM), Sender Policy Framework (SPF), gateways, File Integrity Monitoring (FIM), data loss prevention (DLP), network access control (NAC), endpoint detection and response (EDR), Extended Detection and Response (XDR), and user behavior analytics (UBA). This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
13 videos |
53m
Assessment
Badge
CompTIA Security+: Social Engineering Techniques & Other Attack Types
Common attack types social engineers use target victims using a long list of examples such as phishing, smishing, vishing, pretexting, pharming, tailgaiting, and shoulder surfing. In this course, you'll learn about various social engineering techniques including types of phishing, hoaxes, and intelligence gathering. Then you'll move on to examine influence campaigns and the reasons for social engineering effectiveness. Next, you'll learn about malware attacks including password attacks, physical attacks, supply-chain, and cryptographic attacks. Finally, you'll explore adversarial AI, and cloud-based vs. on-premise attacks. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.
16 videos |
1h 10m
Assessment
Badge
CompTIA Security+: Analyzing Application & Network Attacks
It is crucial that you be able to recognize various application and network attacks and be able to protect your infrastructure from them. In this course, you'll learn to analyze different application attacks such as privilege escalation, cross-site scripting, request forgery, injection, code, and APIs. You'll also look at other attacks like SSL stripping, pass the hash, and driver manipulation. Then, you'll move on to explore a variety of network attacks, including wireless, man-in-the-middle, Layer 2, DNS, DDoS, and malicious code or script execution. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.
15 videos |
55m
Assessment
Badge
CompTIA Security+: Threat Actors, Intelligence Sources, & Vulnerabilities
When guarding against threats and vulnerabilities, it is important to understand the various sources of threat and how to leverage intelligence sources to mitigate them. In this course, you'll learn about threat actors and threat vectors, attributes of threat actors and agents, threat intelligence sources such as OSINT and the dark web, and various research sources. Then, you'll move on to examine different types of vulnerabilities, including cloud-based and on-premises, zero-day, weak configurations, third-party risks, improper patch management, and legacy platforms. Finally, you'll examine various impacts such as data loss and data breach, as you prepare for the CompTIA Security+ SY0-601 certification exam.
13 videos |
50m
Assessment
Badge
CompTIA Security+: Security Assessment & Penetration Testing Techniques
It is important for security professionals to be aware of various security assessment and penetration testing techniques and methods. In this course, explore key assessment techniques like intelligence fusion, threat hunting, threat feeds, advisories and bulletins, vulnerability scans, and false positives/false negatives. You will also examine the fundamentals of penetration testing including black/blue/gray box methodologies, lateral movement , privilege escalation, persistence, and pivoting. Other topics include passive and active reconnaissance as well as the different exercise teams. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.
12 videos |
36m
Assessment
Badge
CompTIA Security+: Security Concepts in an Enterprise Environment
As a security specialist, you need to be familiar with and apply a range of security concpets related to operating in an enterprise environment. In this course, you'll explore enterprise security factors like change and configuration management, as well as data sovereignty, protection, and loss prevention. You'll learn about hardware security modules, geographical considerations, cloud access security brokers. You'll move on to examine response and recovery controls, SSL/TLS inspection, and site resiliency. Finally, you'll learn about deception and disruption techniques using honeypots, honeyfiles, honeynets, fake telemetry, and DNS sinkholes. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.
13 videos |
40m
Assessment
Badge
CompTIA Security+: Implementing Cybersecurity Resilience
In order to protect your enterprise assets, you should be familiar with and know how to apply key cybersecurity resiliency concepts. In this course, you'll learn about redundancy concepts like geographic dispersal, RAID, and NIC teaming. You'll explore replication methods like storage area networking and virtual machines. You'll move on to examine various backup types, including full, incremental, differential, and snapshot. Next, you'll look at non-persistence and high availability concepts. Finally, you'll learn about the order of restoration and diversity concepts. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.
9 videos |
32m
Assessment
Badge
CompTIA Security+: Virtualization, Cloud Computing, & Cloud Cybersecurity Solutions
In this course, you'll explore the basics of virtualization which is the foundation of modern data center cloud computing architecture. You will also learn about VM security, cloud computing types and models such as IaaS and hybrid clouds. You'll learn about managed security service providers (MSSPs), containerization fundamentals, serverless computing, and Infrastructure as Code. You'll also learn about cloud storage, network, and compute security solutions. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.
13 videos |
56m
Assessment
Badge
CompTIA Security+: Controls & Application Development, Deployment, & Automation
This CompTIA Security+ course covers some of the most important topics in the entire training series. First, the learner will discover the NIST control categories used by CompTIA along with the five critical control types. The remainder of this course deals with vital security concepts related to application development, deployment, and automation. Other core topics include various DevOps environments, secure coding techniques, OWASP, software diversity and automation. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.
11 videos |
31m
Assessment
Badge
CompTIA Security+: Authentication & Authorization Design Concepts
Authentication and authorization are very closely related but have specific roles to play in security. In this CompTIA Security+ SY0-601 course you will explore authentication, authorization, and accounting (AAA) services, directory services, federation and attestation, smart-card and biometrics, and multi-factor authentication. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.
11 videos |
45m
Assessment
Badge
CompTIA Security+: Implementing Identity and Account Management & AAA Solutions
Identity and access management (IAM) is used to protect your data by ensuring the right users have access to the right resources. This CompTIA Security+ SY0-601 course covers various identity controls including identity providers, attributes, certifications, tokens, and SSH keys. It also discusses the use of different account types and common account policies, and authentication management techniques such as password keys, password vaults, TPM, HSM, and knowledge-based authentication. Finally, you learn about protocols and services used for federation and single sign-on, and access control schemes like ABAC, DAC, RBAC, and MAC. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.
10 videos |
52m
Assessment
Badge
CompTIA Security+: Physical Security Controls
In this CompTIA Security+ SY0-601 course you will realize that real security begins with physical security. You will explore a wide array of physical security controls including bollards, barricades, and badges. You will discover the importance of controls like alarms, signage, cameras, motion recognition and detection. You will answer many questions about the security guards as well. Other important topics include locks, biometrics, lighting, fencing, fire suppression, sensors, motion detection, faraday cages, air gapping, and secure data destruction techniques. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.
10 videos |
36m
Assessment
Badge
CompTIA Security+: Basic Cryptography & Public Key Infrastructure
To prepare for the CompTIA Security+ SY0-601 certification exam, you will need to be able to identify and describe basic cryptography concepts and their application in everyday use. You'll also need to recognize common aspects of Public Key Infrastructure (PKI). In this CompTIA Security+ SY0-601 course, you'll compare symmetric and asymmetric cryptography, recognize the characteristics of a cryptographic key, and contrast block and stream cipher operations. You'll explore the purpose and features of cryptographic hashing, common key exchange mechanisms, and various next-generation concepts such as lightweight cryptography, quantum and post-quantum computing, and homomorphic encryption. You'll move on to identify the main aspects and core concepts associated with Public Key Infrastructure (PKI). Finally, you'll distinguish several types of certificates and review different certificate formats.
13 videos |
1h 13m
Assessment
Badge
CompTIA Security+: Implementing Secure Protocols & Application Security Solutions
In this CompTIA Security+ SY0-601 course, you'll explore a variety of core secure protocols. You'll examine Domain Name System Security Extension (DNSSEC), SSH, Secure/Multipurpose Internet Mail Exchanger (S/MIME), Secure Real-time Protocol (SRTP), LDAPS, File Transfer Protocol Secure (FTPS), Secured File Transfer Protocol (SFTP), Simple Network Management Protocol version 3 (SNMPv3), Hypertext Transfer Protocol over SSL/TLS (HTTPS), IPsec, Authentication Header (AH), and Encapsulated Security Payload (ESP) and its tunnel/transport modes. You'll move on to list several use cases for these concepts. You'll then describe endpoint protection, boot integrity mechanisms, database security mechanisms, and hardening targets. Finally, you'll identify several advanced application security techniques. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.
11 videos |
48m
Assessment
Badge
CompTIA Security+: Implementing Secure Network Designs
Networking has always been one of the primary paths to becoming a security expert. This CompTIA Security+ SY0-601 course involves recognizing how to implement secure networking environments and designs. In this course, you'll explore the concepts, techniques, and deployments involved in the following valuable network security technologies: load balancing, networking segmentation/zoning, and virtual private networks. Next, you'll examine several switch port security techniques, such as BPDU guard, DHCP snooping, and MAC filtering. You'll then recognize the various features of firewalls, such as ACLs and WAF, and compare network appliance solutions, such as port spanning, NAC, NIDS, and NIPS. Finally, you'll outline advanced network environment solutions, like route security, IPv6, and next-gen monitoring. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.
9 videos |
37m
Assessment
Badge
CompTIA Security+: Wireless, Mobile, & Embedded Device Security
This domain encompasses one of the most rapidly changing and evolving sets of technologies. It also represents one of the most significant changes from the previous Security+ exam. In this CompTIA Security+ SY0-601 course, you'll explore a broad range of communication solutions based on the fundamental aspects of wireless, mobile, and embedded system technology security. You'll learn about a variety of specialized systems and concepts, including wireless cryptographic and authentication protocols, wireless security methods and installation, mobile connection methods and receivers, device types and deployment models, MDM and MAM, mobility enforcement and monitoring, and various embedded and specialized systems. By gaining knowledge in these areas, you will be prepared for a career in the world's most cutting-edge industries. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.
14 videos |
54m
Assessment
Badge
CompTIA Security+: Organizational Security Assessment Tools & Mitigation Controls
To prepare for the CompTIA Security+ SY0-601 certification exam, you will need to identify and describe popular organizational security assessment tools and risk mitigation controls. You will likely come across these tools at some point in your career, so prior knowledge of how these work and what they're used for will be highly beneficial. In this CompTIA Security+ SY0-601 course, you'll explore the concept of network reconnaissance and discovery, and examine packet capture and replay, file manipulation, and forensic tools. You'll also identify shell and script environments, exploitation kits, and password crackers. You'll move on to recognize methods for reconfiguring endpoint security solutions and describe configuration changes for mitigation, the concepts of isolation, containment, and segmentation, and secure orchestration, automation, and response (SOAR) solutions. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.
12 videos |
43m
Assessment
Badge
CompTIA Security+: Incident Response, Digital Forensics, & Supporting Investigations
To best support a digital forensic investigation, incident response teams need to be aware of the various incident response plans and processes available to them. In this CompTIA Security+ SYO-601 course, you'll start by exploring various incident response exercises, such as tabletop sessions, walkthroughs, and simulations. Then, you'll outline three fundamental attack frameworks: MITRE, The Diamond Model of Intrusion Analysis, and the Cyber Kill Chain. Next, you'll examine different incident response plans types, including communication plans, disaster recovery plans, business continuity plans, and continuity of operation planning (COOP). You'll then identify key aspects of digital forensics, such as documentation/evidence, acquisition and integrity maintenance, preservation, e-discovery, data recovery, non-repudiation, and strategic intelligence and counterintelligence. Lastly, you'll outline how to utilize appropriate digital forensic data sources to support an investigation.
9 videos |
44m
Assessment
Badge
CompTIA Security+: Security Policies, Regulations, Standards, & Frameworks
Whether you're an employee or contractor, this CompTIA Security+ SY0-601 course will have something you can use to improve the organizational security at your workplace. You'll start by examining security topics related to the hiring to release process, such as background checks and investigations, non-disclosure agreements, acceptable use policy, and onboarding and offboarding. You'll move on to explore further personnel policies, including job rotation, mandatory vacations, separation of duties, clean desk space, and social media usage. You'll then recognize some useful security awareness practices, such as phishing simulations, computer-based training, role-based training, and diversity training techniques. Finally, you'll identify various business agreements, account types, regulations, and governance, such as GDPR, PCI DSS, CIS, NIST, and ISO. This course is part of a series that prepares the learner for the CompTIA Security+ (SY0-601) exam.
10 videos |
45m
Assessment
Badge
CompTIA Security+: Risk Management, Privacy, & Sensitive Data Security
In this CompTIA Security+ SY0-601 course, you'll explore some advanced security concepts and build on some you may already know. The main topics you'll examine are risk management, privacy issues, and sensitive data management. You'll start by recognizing the essential aspects and considerations of risk types, risk management strategies, risk analysis, and disasters. You'll then review the business impact analysis (BIA) aspect of business continuity planning. Moving on to sensitive data security, you'll identify privacy breach consequences, data classification types, and associated roles and responsibilities. You'll also outline privacy protection measures, such as notifications of privacy breaches, privacy-enhancing technologies, and advanced privacy concepts, like impact assessments and privacy notices. This course is part of a series that prepares you for the CompTIA Security+ (SY0-601) exam.
12 videos |
40m
Assessment
Badge
CompTIA Security+: Monitoring, Visibility, & Reporting
In this CompTIA Security+ SY0-601 course, you'll bring your existing security knowledge together to prepare the delivery of your work's output and results to executive management, C-suite, and other stakeholders. You'll start by exploring how to take advantage of Windows and Linux logging and monitoring. You'll then examine how to work with protocol analyzer output, cloud computing tools, and log aggregation and collection. Next, you'll identify some best practices and guidelines to use when working with visibility and reporting. Finally, you'll outline how to identify lessons learned and create after-action reports. This course is part of a series that prepares you for the CompTIA Security+ (SY0-601) exam.
9 videos |
28m
Assessment
Badge
SHOW MORE
FREE ACCESS
COURSES INCLUDED
Incident Tracking & Response
Explore incident tracking and response measures from the standpoint of a security architect. In 14 videos, learners will familiarize themselves with how to identify, categorize, track, and respond to incidents, as well as incident categories, integrating tracking into an organization, effective tracking, and tracking tools. Key concepts covered here include terms and definitions for communicating incident tracking; categories of incidents and how they need to be tracked; and learning who needs to have access to incident tracking information and how incident tracking can be integrated into an organization. Next, you will learn effective incident tracking practices and the tools used for incident tracking; examine approaches to setting incident response policies; and observe metrics used to measure the effectiveness of incident tracking. Learn the continuous monitoring approach to active incident tracking; learn the lifecycle of an attack and how it is tracked; and learn how to take a proactive approach to tracking incidents. Finally, learners will examine some of the cybersecurity regulations needed when it comes to tracking and responding to incidents.
14 videos |
44m
Assessment
Badge
Security Measures: Implementing Security Controls
Explore the use of security controls with the NIST Cybersecurity Framework in this 14-video course, which examines anatomy of security controls, from common to advanced and complex. You will discover how to test and monitor security controls, including the most basic quick-win controls for several control types. Key concepts covered here include security controls in relation to the overall NIST Cybersecurity Framework, and how security controls are relevant in SecOps; the major security control types and components of a security control; and defensive and quick-win controls for major control types. Next, learn how they are compromised, and steps for root cause analysis; learn the CIS critical security controls and how they are implemented; and observe how to assess security controls, including establishing security metrics for risk management framework and reporting. Learn how to investigate security controls when one fails and describe how to mitigate outcomes; learn processes of auditing security controls; and learn potential risk scenarios and how to mitigate and respond using security controls, including how to test controls to effectively respond.
14 videos |
1h 16m
Assessment
Badge
Security Topologies: Developing Secure Networks
Learners can explore secure network challenges and security measures used to configure common tools, in this 14-video course. Familiarize yourself with approaches to configuration with a security mindset and review common security threats and their mitigations. Begin by taking a look at the challenges of a secure-first network design, then describe a network design approach from a security mindset. Examine the challenges to DevOps and Agile mindsets in terms of security decisions, and the network security concerns for hybrid cloud models. Learn how to configure an NGINX HTTP service to prevent insecure file access and configure web application security settings in NGINX. View the dangers of file upload remote execution; use Secure Shell (SSH) as a secure proxy for web browsing from an insecure location, and configure a SSH client to use present server connection settings. Discover how to use local/etc/hosts to block unwanted connections; examine the threat of user account discovery and how it is carried out, and finally, learn how to use password security tools to enforce a strong password policy.
14 videos |
1h 1m
Assessment
Badge
Defensible Security
Explore defensible architecture and zero-trust models from the standpoint of a security architect. In this 14-video course, you will learn about tools used to address the challenges of network security and review common security models and standards for network security. Key concepts covered here include challenges and deficiencies of traditional security architectures; e standards that address the challenges of security architectures; and concepts and approaches to defensible architecture. Next, learners will examine some fundamentals for the zero-trust model for security; explore the security architecture needs for layers 1, 2, and 3; and delve into the principle of least privilege and how it pertains to security architecture. Learn about the security benefit of reproducible builds; learn how to configure a deny-first firewall using uncomplicated firewall (ufw); and learn how to configure a firewall to block all but a trust subnet. Finally, learners will observe how to configure a VPN service by using WireGuard; how to configure a secure VPN client to connect to a VPN server; and how to configure a firewall to block untrusted egress.
14 videos |
45m
Assessment
Badge
Data Security Breach Notification Process
Explore the data breach response plan, the regulatory requirements for notifying stakeholders and clients of a data security breach, as well as other topics covered in this 14-video course. Begin with an overview of the security breach notification plan and why it is important to have one. Examine the best practices for creating a data privacy breach plan and notifying stakeholders. Then learn how to identify best practices for notifying stakeholders during a security breach incident. Examine common types of security data breaches and categories; discuss the Digital Privacy Act and breach response obligations, and General Data Protection Regulation (GDPR) breach guidelines and stakeholder response obligations. Explore the Health Insurance Portability and Accountability Act (HIPAA) breach guidelines, and Gramm-Leach-Bliley Act breach guidelines, and stakeholder response obligations for both. Identify individuals who need to be notified during HIPAA data breach violations, and recognize consequences of security breach notification noncompliance. Also learn about acceptable methods for notifying affected parties of a data security breach. The exercise involves security breach notification risks.
14 videos |
51m
Assessment
Badge
Security Incident Triage
Explore the importance of security incident triage in handling incidents in a timely and automated manner, in this 14-video course, which familiarizes learners with anomalies and activities that often require triage. Key concepts covered in this course include security triage fundamentals and the strategies to implement triage; tools used in security triage; and automation techniques and common tips and rules of thumb for security triage. Next, you will explore the importance of communication and stakeholder management in security triage; examine the approaches to detecting anomalies and handling them with security triage; and learn about common protocol anomalies that require triage. Continue by exploring the different levels of monitoring for incidents in security triage while looking at network monitoring of traffic, bandwidth, and the various protocols used; learn to analyze SSH activity and security events to look for; and learn how to analyze DNS activity, HTTPS activity, and system log activity. Finally, learn how to describe security events to look for in each activity.
14 videos |
51m
Assessment
Badge
Security Program Regulatory Integration
In this 12-video course, learners will discover the importance of integrating regulations with organizational security policies. Explore security standards such as General Data Protection Regulation (GDPR); Health Insurance Portability and Accountability (HIPAA); and Federal Information Security Management Act (FISMA), as well as the International Organization for Standardization (ISO), and National Institute of Standard and Technology (NIST). To begin, determine how to establish the importance of building regulatory compliance into a company's IT security program. You will then examine Personally Identifiable Information (PII), and Protected Health Information (PHI). This leads into the subject of Payment Card Industry Data Security Standard (PCI DSS), and what it entails. You will learn how HIPAA protects medical information; how GDPR protects European Union citizen data, and how the Gramm-Leach-Bliley Act (GLBA), applies to financial institutions. You will also identify how FISMA strives to protect sensitive US Government information, and recognize both NIST and ISO security standards. To conclude the course, you will discover how the Sarbanes-Oxley Act (SOX), requires organizational financial transparency.
12 videos |
38m
Assessment
Badge
Unified Security: Playbook Approach to Security
Discover the playbook approach to security, including the security architect's approach to decision making in the era of Agile development, in this 14-video course. Explore challenges, benefits, and considerations to implementing a playbook approach. Key concepts covered here include use of automation to improve consistency for security practices; various approaches to security through playbooks; and important elements needed in a security playbook. Next, learn about the transition to playbooks and services in the cloud; examine goals and measures for success in using security playbooks; and learn some of the challenges in implementing security playbooks. You will learn about the concepts and features implemented in typical playbook tools; how to install Ansible and remotely execute commands on a managed host; and how to execute a simple Ansible playbook. Continue by learning how to configure the iptables firewall by using an Ansible playbook; how to configure an intrusion prevention system (IPS) to protect a system with an Ansible playbook; and how to configure unattended upgrades with an Ansible playbook to keep a system up to date.
14 videos |
45m
Assessment
Badge
Preemptive Troubleshooting: Concepts & Strategies
Explore preemptive troubleshooting for your organization's cyber security in this 14-video course, which examines available strategies, tools, best practices, and security policies to keep your system secure. First, you will examine how preemptive troubleshooting applies to security in SecOps and how it is different from intrusion detection systems and intrusion prevention systems. This course then demonstrates several scenarios that a SOC (security operations center) can use when troubleshooting network issues and system compromise. Learn best practices, including spotting weak passwords, hardware and software vulnerabilities, and security policies and procedures to keep systems secure. You will also learn how to use password policies, auditing, and how to prevent security compromises. This course demonstrates how threat hunters can help spot threats before they occur. Learners will study the policies and tools for troubleshooting hardware. Finally, you will learn how software and hardware update policies can aid in keeping system secure, and how preemptive resolution and training can help an organization to better secure its systems.
14 videos |
1h 24m
Assessment
Badge
Intelligent Orchestration: Automating Security Incident Processing
This 14-video course helps learners discover the importance of automating the responses to security incidents. Examine how security information and event management (SIEM) and security orchestration automation and response (SOAR) are related, as well as how automation and orchestration differ. The role of playbooks and machine learning in security is also covered. Begin by taking a look at security solutions that align with business objectives, then plan how security can be implemented with DevOps. Examine the relevance of security baselines, compliance reports, and regulatory compliance. Learners can observe common security tools and techniques; explore the need for proactive security incident planning; and see how to identify security incident response processes that could be automated. Differentiate between automation and orchestration solutions in IT, and describe how SIEM allows for centralized security event monitoring. Recognize the need for automated security incident triage and response; plan automation of security triage, and recall how playbooks create workflows that enable automated security incident responses. Finally, you will discover how machine learning can be used to identify potential security incidents.
14 videos |
54m
Assessment
Badge
SecOps Engineer: System Infrastructure Security
This 13-video course explores SecOps (security and operations) engineering concepts. Learners will observe how security and operations are fused together, and learn to integrate system infrastructure security with normal business operations by applying engineering principles. Begin by learning the steps for infrastructure hardening of the operating system, including server workstations, routers, devices. You will examine server hardening, including how to turn off unneeded services, and remove unneeded software. Next, learn how to analyze and harden Windows 10, and to use security devices, and implement intrusion detection and prevention systems. You will examine the practical use of IDS (intrusion detection system) to detect activity that appears to be a possible intrusion, to log it, and to notify the administrator. You will then examine IPS (intrusion prevention system), which takes the additional step of shutting down the suspicious activity. Finally, you will explore firewall concepts, including stateless firewalls, how to use SPI (stateful packet inspection), and how to place them to improve your security network.
13 videos |
1h
Assessment
Badge
SecOps Engineer: Secure Coding
This 13-video course explores software protection by applying secure development and coding practices. Learners will examine secure coding key concepts, including early and frequent testing, and how to validate to ensure it is the proper kind of data, and the proper size, type, and format. First, the course demonstrates how to set up a simple filtering statement to improve software security. You will learn how to constrain user input, by implementing a drop-down box or radio buttons. You will also learn the top 10 rules established by CERT (Computer Emergency Response Team) for secure programming, and how to operationalize secure software deployments, as well as continuous secure delivery to quickly update changes and upgrades. Learners will explore verification, and secure validation software metrics to measure and improve software. You will learn to use C# code, evaluate both secure and unsecure parts, for the web and Windows code, and learn to secure code with Python. Finally, you will learn to secure code with Java.
13 videos |
51m
Assessment
Badge
SecOps Engineer: Security Engineering
Explore fundaments of cybersecurity and engineering in this 10-video course, which examines the fundamental concepts of the CIA (confidentiality, integrity, and availability) triangle, and views security operations, security planning, engineering, application security through these three concepts. First, learners will examine the more advanced version: the McCumber Cube. You will learn to integrate systems engineering into cybersecurity, and explore requirements engineering, and how to gather requirements. Next, learn how to analyze them, to apply security requirements engineering techniques, and to finalize project requirements. You will be introduced to SecML (Security Modeling Language) which takes SysML (System Modeling Language) used by systems engineers, and to modify portions of it to be specific to cybersecurity. You will examine how SecML can be used to create both offensive and defensive security mitigation controls. This course examines security metrics, and how to apply engineering failure analysis methods to cybersecurity. Finally, you will observe how to incorporate security requirements engineering into cybersecurity, and the relevance of regulatory requirements.
10 videos |
33m
Assessment
Badge
SecOps Engineer: Cloud & IoT security
This course explores basic concepts of the cloud and IoT (Internet of things), and examines common security threats, a somewhat new and neglected area of cybersecurity. In this 8 video course, you will examine the cloud concept of distributed storage, and how IoT uses the cloud. First, examine the basics of cloud architecture, and some of the variations. You will learn that a private cloud is an expensive solution, and examine the security advantages of using a private cloud, in which one organization has full control over cloud security, and does not share the cloud with data from other organizations. You will learn about the available public cloud services, including Amazon, Microsoft Azure, and the iCloud for Apple devices. There are two basic advantages to using a public cloud: the cost, and cloud vendors specialize in cloud administration and security. You will also examine concepts and practices for cloud security, for both the cloud and IoT, including least privileges, and the CIA triangle.
8 videos |
32m
Assessment
Badge
SecOps Engineer: Threat Mitigation
This course explores the general concepts of threat mitigation for SecOps (security and operations) engineers. In this 13 videos, learners will observe the three basic concepts for threat mitigation and threat intelligence: identification, prevention, and responses. This course examines acceptable risk levels. You will analyze malware classification, such as viruses, worms, logic bombs, and backdoor software. You will learn to mitigation malware, and threats to websites; and examine types of ransomware, including Cryptolocker, Cryptowall, WannaCry, and Bad Rabbit, as well as explore possible solutions. You will learn how DoS (denial of service) is conducted, and see examples of specific attacks; then examine cross-Site Scripting, parameter traversal, and cross-Site Request Forgery. You will learn to address insider threats, and how to mitigate social engineering, phishing, and insecure protocols. Learners will examine how to integrate analysis into mitigating these threats. Finally, this course explores cyberthreat intelligence, and suggests that you subscribe to the National Vulnerability Database, and its feeds.
13 videos |
56m
Assessment
Badge
Security Best Practices: Network Appliance Security
This course explores the best practices for securing network appliances, and the top network security risks in 14 videos examining best practices for IoT (Internet of things) security risks. You will learn the best practices for transitioning to the Cloud, and the three basic service models IaaS (infrastructure as a service), PaaS (platform as a service), and SaaS (software as a service). Learners will then examine the network perimeter, and security issues and strategies when moving to the Cloud, including how to address de-perimeterization and perimeter exploitation. You will learn about several security architecture models, including Zero Trust Architecture, intrusion kill chain, and the diamond model for intrusion analysis. You will examine the impact of software defined networking, and micro-segmentation to the network security. Learn about next-generation firewalls, network intrusion detection and prevention systems, and distributed denial of service attacks. Finally, you will learn the best practices of Zero Trust Architecture, and how to incorporate them.
14 videos |
1h 32m
Assessment
Badge
Policy & Governance: Incident Response
Learners can explore the creation, adoption, and use of an IRP (Incident Response Plan) in this 14-video course, which examines the purpose and objectives of an IPR, and how it incorporates the objectives of an organization. You will learn how to draft an IRP, and examine the six stages of incident response: preparation, identification, containment, eradication, recovery, and lessons learned. Next, you will examine several tools that are available for incident response strategies, including Sleuth Kit, Metasploit, Websense, and FireEye Security Orchestrator. You will explore the different types of CSIRTs (Computer Security Incident Response Teams), team roles, their purpose, and the benefits of an outsourced team. This course demonstrates an incident team response with two hypothetical scenarios. You will learn about compliance and regulatory requirements, and will examine the international standard, ISO 27001. You will examine governance policy to direct and control IT security. Finally, you will learn to use governance polices to create incident response policies, and you will learn the elements and best practices for creating a plan.
14 videos |
1h 9m
Assessment
Badge
Planning Measures: Incident Response Planning
This 8-video course explores how to build an effective incident response plan, including creation of response policies, plans, procedures, and teams. In this course, you will examine the process to recover from security related incidents such as malware, data leakage, or stolen equipment. You will also review what to implement for security controls to prevent attacks against confidentiality, integrity, and availability of company assets. Learners observe how to create an incident response plan and the steps for creating incident response policies, plans, and procedures. You will learn the six phases necessary to build an incident response plan, and the job roles for each member of the team. You will examine who should be part of the CSIRT (computer security incident response team). Next, examine the different roles that make up a computer security incident response team, their purposes, and the elements of an incident response policy. Finally, this course uses a real-world case study to demonstrate how to implement the incident response plan.
8 videos |
33m
Assessment
Badge
Regulation Conformance for Incidence Response
Explore regulations, policies, and industry practices that organizations should implement for incident responses in this 14-video course, which examines how to build a regulation conformance plan, and a voluntary adherence plan to a set of standards or regulations for an organization. In this course, learners will examine industry standards, including the NIST (National Institute of Standards and Technology) and CIS (Center for Internet Security) standards. You will learn how to build a conformance plan, and how to apply it in the workplace. This course next examines how to document incidents in compliance with regulations, and with the organization's conformance plan. You will learn how to do risk assessments, how to audit, and create logs, and examine several types of internal and external breaches, and how to use Agile, and conformance plans in DevSecOps. This course demonstrates techniques for reacting to conformity change. You will explore internal and legal implications when handling incidents. Finally, learners will study scenarios that demonstrate a conformance program and incident response.
14 videos |
1h 39m
Assessment
Badge
Patch Management Strategies
This course explores benefits of employing a patch management strategy, and its importance to overall security. In this 14 videos, you will learn patch management concepts, and management methodologies including baselining, hardening, and backout plans. Learners will examine best practices, what to do when vendor-specific issues occur, and how to get issues patched before they become a threat. You will learn to analyze and assess patches before implementation, and how to use several tools and techniques to patch and harden systems. You will also learn how to implement patches, and how to automate the process. Next, examine testing and configuration management, and patch management, by using both open-source and commercial tools. You will learn to use the patch rollout process and policies for patch updates. You will learn how patch management can use the Agile software development process, which uses cross-functional teams to make the process more efficient; its goal is to deliver software on regular intervals. Finally, you will learn to create and implement a patch strategy in a serverless architecture.
14 videos |
1h 10m
Assessment
Badge
Monitoring & Securing System Configuration
In this 14-video course, you will learn how to drive system configuration monitoring by using tools to keep systems secure and the importance of monitoring system configuration within an organization for incident response. Key concepts covered here include the configuration management (CM) process and how it can influence securing system configuration for incident response; tools and software to monitor systems and their advantages for incident response; and continuous monitoring in risk management, including the three-tier approach. Next, learn the process of minor, major, and unknown configuration changes; learn the importance of securing CM processes in the software development lifecycle (SDLC) for preventing security impacts; and observe methods for identifying common high probability items, such as identifying default or weak credentials. Continue by learning to implement a secure system CM program; and how to assess the monitoring process and perform security configuration evaluations. Finally, observe methods of monitoring releases and deliveries throughout SDLC; learn security controls for monitoring system configuration in a cyber framework; and learn how monitoring system configuration is important in today's enterprise SDLC.
14 videos |
1h 16m
Assessment
Badge
Threat Intelligence & Attribution Best Practices: Threat Intelligence Concepts
Identifying and interpreting threat intelligence is crucial to preventing and mitigating cyber attacks. In this course, you'll explore the various threat intelligence types and how they relate to an organization's threat landscape. You'll begin by examining the key characteristics and benefits of threat intelligence and how to use it before, during, and after an attack. You'll then name known cyber threat actors and common indicators of compromise. You'll characterize intelligence, data, and information, and the four categories of threat intelligence: strategic, tactical, operational, and technical. You'll outline the threat intelligence lifecycle and how machine learning and risk modeling relate to threat intelligence. Lastly, you'll recognize threat intelligence use cases and sources, and how to map the threat landscape and benefit from intrusion detection and analysis.
20 videos |
1h 38m
Assessment
Badge
Threat Intelligence & Attribution Best Practices: Attribution Analysis
Cyber attribution analysis is used to track, identify, and incriminate perpetrators of cyber attacks or exploits and is a must-know offensive security operations technique. In this course, you'll learn about the fundamental concepts and critical concerns related to attribution. You'll start by examining the different attribution types and levels before exploring attribution indicators, techniques, best practices, tools, and challenges. Moving on, you'll gain insight into how to identify and interpret forensic artifacts gathered from various sources, manage evidence, and make attribution judgments and assessments. You'll then study geopolitics, the Intelligence Community, and legal considerations as they relate to cyber threats and attribution. Lastly, you'll look into how malware cyber threat reverse engineering, code sharing analysis, and network behavior analysis lead to attribution.
20 videos |
1h 22m
Assessment
Badge
Mitigating Security Risks: Managing Network & Infrastructure Security Risks
To mitigate cyber, data, cloud, and information security risks, you need solid knowledge of the complete network security process, from network design to continuous monitoring and logging. In this course, you'll explore some vital network security concepts and standard techniques for mitigating security risks. You'll start by examining the potential vulnerabilities in a network and how these turn into threats. You'll then explore the decisions you need to make to secure the network infrastructure. Next, you'll investigate different network zones and tools used for monitoring, detection, and logging. You'll finish by outlining a secure network design's characteristics and the recommended guidelines and best practices for network security. On completion of this course, you'll be able to plan for network and infrastructure-related security risks using recommended tools, methods, and best practices.
11 videos |
1h 32m
Assessment
Badge
Mitigating Security Risks: Managing Physical Security Risks
Physical security is an important but potentially overlooked consideration when implementing network security. In this course, you'll explore what's meant by physical security, how you can implement physical security risk countermeasures, and what the motivations are for doing so. You'll start by defining physical security. You'll then investigate the critical decisions you must make when planning for physical security. Next, you'll delve into various types of physical security risks, such as tailgating, and the methods to handle these. Moving on, you'll outline the layers of security controls that can be added to increase physical security and recognize the challenges security personnel face in ensuring physical safety. Lastly, you'll study how the security principles examined in this course can be used in facility and site design, including internal and perimeter security controls.
11 videos |
56m
Assessment
Badge
Mitigating Security Risks: Cyber Security Risks
Effective cybersecurity risk management requires intricate knowledge of day-to-day IT security risks, network vulnerabilities, and cyber attacks. In this course, you'll detail several cybersecurity breaches and how best to prevent each one. You'll start with a general overview of what comprises security risks before categorizing different types into information, cloud, and data-related risks. Next, you'll explore cybercrime methods, the motivations behind them, and the security gaps that invite them in. You'll then use real-life examples to detail some commonplace cyberattacks and crimes. Moving on, you'll investigate what's meant by malware and outline best practices to manage worms, viruses, logic bombs, trojans, and rootkits. You'll also learn how to safeguard against malware, spyware, ransomware, adware, phishing, zero-day vulnerabilities, DoS, and backdoor attacks. By the end of the course, you'll be able to outline guidelines and best practices for securing against the most prevalent types of cybercrimes.
13 videos |
1h 16m
Assessment
Badge
Mitigating Security Risks: Managing Social Engineering Risks
Social engineering is a security attack method that takes advantage of the social aspect of human nature, which includes trust and interactivity. All members of an organization need to recognize how these subtle and manipulative techniques work and what they can do to avoid falling prey to them. In this course, you'll explore what's meant by social engineering, examining standard social engineering techniques, the basic principles of these kinds of attacks, their intended outcomes, who and what they target, and the risks they pose for your organization. Moving along, you'll investigate how social engineering is used to launch a cyberattack, study different types of spoofing attacks, and specify best practices to safeguard against social engineering. At the end of the course, you'll recognize the objectives of social engineering attacks, how they're carried out, and how to implement security measures to prevent them.
10 videos |
1h 12m
Assessment
Badge
Mitigating Security Risks: Information, Cloud, & Data Security Risk Considerations
To keep your organization's data secure, you need to know why your data is at risk and how to protect it using established principles and standards. In this course, you'll explore commonly used techniques to compromise data and how international best practices can help protect against these breaches. You'll start by examining three fundamental information security principles, which define information security policy and help identify risks. You'll then outline data breach methods and identify the targets of these threats. Next, you'll investigate what's meant by 'the human factor' and why it's key to any attack. You'll then study how technologies to secure data and information work under the hood. Moving on, you'll outline primary worldwide information security regulations and governance frameworks. Lastly, you'll examine why the ISO 27017 cloud security principles need to be considered when formulating a cloud security risk management plan.
11 videos |
55m
Assessment
Badge
Mitigating Security Risks: Managing Information, Cloud, & Data Security Risks
To lead security-related decisions in the right direction, those in specific job roles need to have a solid comprehension of the guidelines, measures, and best practices for effective security risk management. In this course, you'll learn how to manage various types of risks, including those related to information, cloud, and data. You'll explore key countermeasures to safeguard information and data both on-premises and in the cloud. You'll also examine best practices for cloud security, data management, access control, and backup. Additionally, you'll outline common security risk scenarios and the best ways to protect data and information, including from unintentional exposure. Lastly, you'll study how to use data science and AI to detect security threats.
17 videos |
1h 28m
Assessment
Badge
Mitigating Security Risks: Handling Natural Threats
Natural disasters pose serious security threats. Effective planning and management are required to minimize the damage and loss they could cause. In this course, you'll explore various types of natural threats, their impact on assets and data, and what you can do about them. You'll examine what the procedure is for preparing for natural disasters as well as dealing with the aftermath. You'll also learn how to do this with human-made disasters, such as terrorism. You'll finish the course by diving deeper into how to create an effective emergency action plan for natural disaster risk mitigation.
7 videos |
34m
Assessment
Badge
Mitigating Security Risks: Managing Risks from Internal Stakeholders
Effective risk management involves managing risks from external as well as internal sources. Because security risks can be introduced through internal stakeholder decisions, working with them to build awareness of the broad spectrum of security risks and their role in mitigating these is essential. In this course, you'll explore the internal stakeholder's role in the security landscape context. You'll then investigate how to effectively communicate with stakeholders regarding their role in preventing security risks from being introduced. You'll build on these concepts by examining best practices for continual stakeholder engagement using workplace example scenarios. You'll then outline various methods of effective security health reporting. At the end of this course, you'll be able to plan for effective stakeholder communication and engagement.
7 videos |
49m
Assessment
Badge
Mitigating Security Risks: Managing Security in a Hybrid Workplace
Hybrid workplaces are an attractive working style for many organizations. However, a functioning and secure hybrid workplace can take some strategic planning and management to achieve. By their nature, hybrid workplaces pose various security risks. Security leaders need to educate themselves and their employees on what these risks are and how best to avoid them. In this course, you'll explore what a hybrid workplace entails and the resulting security risks. You'll then outline tips and guidelines to secure a hybrid workplace. You'll also learn about the security risks of the 'work from home' (WFH) working methodology and guidelines for securing it. Upon completing this course, you'll be able to classify the security challenges of a hybrid workplace and WFM situation, outline how to communicate these risks to employees to aid in risk prevention, and recognize the critical decisions when planning for a secure hybrid workplace.
10 videos |
52m
Assessment
Badge
Mitigating Security Risks: Information Security Governance
Adequate risk management requires the policies, procedures, standards, and guidelines that encompass effective information security governance are in place. This course shows you how to incorporate security governance as part of a robust security strategy. Examine the many security governance elements. Outline how to design, implement, and continually evaluate your strategy based on best practices. Define how security governance relates to the CIA Triad and distinguish between security governance and security management. Furthermore, investigate IT governance frameworks and compare centralized, decentralized, and hybrid structures. After taking this course, you'll recognize what's needed to implement a sound and robust information security governance strategy at your organization.
20 videos |
1h 23m
Assessment
Badge
Mitigating Security Risks: Managing the Incidents
Security breach incidents need to be handled effectively to prevent further occurrences. An incident management process based on best practices greatly helps deal with and thoroughly learn from incidents. Use this course to recognize the steps involved in the incident management process, the dependencies this process has on other processes, and who's involved in incident management. Examine the use of incident handling forms and incident prevention measures. Furthermore, study the signs employees should look out for and escalate that indicate a security breach event is occurring. After completing this course, you'll recognize how to use the incident management process to identify, manage, and prevent security breach incidents.
13 videos |
1h 8m
Assessment
Badge
Mitigating Security Risks: Maintaining Business Continuity
Business continuity planning (BCP) ensures an organization functions smoothly during an unplanned incident or disaster. In this course, you'll explore what comprises BCP and how you can employ its methods before, during, and after a disaster. You'll learn about the importance of a business continuity plan and what's needed to create an effective one. You'll differentiate a business continuity plan from disaster recovery and emergency action plans. You'll then investigate some of the individual BCP steps in more detail, including the business impact analysis (BIA), risk management plan, and incident response plan phases. Moving on, you'll study what's involved in post-disaster recovery planning. Finally, you'll explore how to achieve business resiliency and excellence in the face of a disaster and during a pandemic, examining not only how to get back to normal but also how to exploit new opportunities and grow.
17 videos |
1h 36m
Assessment
Badge
Mitigating Security Risks: Maintaining a Secure Workplace
Securing a workplace is a collaborative effort and requires contribution from everyone, including employees at all levels. It's a leader's role to educate and encourage everyone to build a security mindset into their daily practices. In this course, you'll learn how to foster a secure workplace. You'll start by exploring what comprises a secure workplace before examining best practices for achieving this state. You'll then outline best practices for developing a security policy. Next, you'll study how to conduct security awareness training, cultivate an organization-wide security mindset, and encourage employees to take ownership of the security processes. Finally, you'll learn about the role of security certifications, specifically the Cyber Maturity Model certification. You'll recognize what it comprises and how it applies to a secure workplace.
9 videos |
50m
Assessment
Badge
Exploring SecOps Tools: Web Application Hardening via Burp Suite
Burp Suite is a common set of proxy-based tools used for penetration testing and security evaluation of web-based applications. It has become one of the industry-standard toolkits used by information security professionals. Explore the Burp Suite of tools and products and discover common Burp Suite solutions such as application security testing, DevSecOps, compliance, and penetration testing. Find out how Burp Suite can help integrate security into software development and investigate potential limitations and disadvantages of the suite. Learn the Burp Suite installation process and how to navigate the common features of the Burp Suite user interface. Lastly, explore how to perform API security testing and how to scan a website for vulnerabilities using Burp Suite. When you have finished this course, you will be able to confidently use Burp Suite for web application hardening.
10 videos |
1h 24m
Assessment
Badge
Exploring SecOps Tools: Network Scanning Using Nmap
The Network Mapper (Nmap) utility is a free, open-source network discovery and security auditing tool. Nmap is one of the industry's leading network scanning tools and is commonly used to discover hosts and services on a computer network. In this course, you'll explore the history of Nmap, its features and benefits, and the potential limitations and considerations of the Nmap tool. Discover how to download, install, and explore the Nmap utility user interface and how to perform Nmap TCP connect and Nmap stealth scans. Lastly, explore when to use Nmap to perform inverse scans, and discover situations that warrant using Nmap to perform an ACK scan.
10 videos |
57m
Assessment
Badge
Exploring SecOps Tools: Network Packet Manipulation Using Wireshark
The ability to conceptualize a network's structure, capabilities, and events is essential to protecting it. In this course, you'll explore the Wireshark network protocol analyzer and its concepts and capabilities, which can be used to identify and visualize your network components. Discover common scenarios in which to use Wireshark and potential limitations of the Wireshark utility. Explore how to download and install Wireshark and how to perform basic network traffic filtering. Finally, discover how to create a baseline for monitoring, firewall rules, and how to monitor traffic remotely using Wireshark.
10 videos |
59m
Assessment
Badge
Exploring SecOps Tools: Penetration Testing Using Metasploit Framework
Metasploit is an open-source penetration testing framework that can be used by security professionals and ethical hackers to verify vulnerabilities, manage security assessments, and improve security awareness. One of the primary capabilities of Metasploit is the ability to write, test, and execute exploit code. In this course, you'll explore the Metasploit framework, its features, and its capabilities. Discover the Metasploit module types, including exploit, auxiliary, post-exploitation, payload, and no operation payload (NOP) generator, and identify possible disadvantages and limitations of Metasploit. Explore how to download and install Metasploit and discover how to work with modules, exploits, and payloads. Lastly, explore how to execute common Metasploit commands and recognize key steps involved in attacking a system using Metasploit.
10 videos |
1h 7m
Assessment
Badge
Exploring SecOps Tools: Using the Aircrack-ng Suite of Tools
Aircrack-ng is a complete suite of tools commonly used to assess Wi-Fi network security and perform network security hardening. These tools focus primarily on monitoring, attacking, testing, and password cracking. All Aircrack-ng individual utilities are command-line based and allow for maximum scripting utilities. In this course, you will explore the Aircrack-ng suite of tools and discover the individual utilities found within. Compare Aircrack-ng to alternatives including Trackerjacker, Eaphammer, Wifiphisher, Wireshark, Airgeddon, and Acrylic Wi-Fi, and recognize considerations for installing drivers with Aircrack-ng. Discover how to download and install Aircrack-ng and explore how to navigate and execute common commands. Finally, discover how to use Aircrack-ng to crack WEP and WPA/WPA2 passwords and explore command options such as -a, -e, -b, -p, -q, -C, -I.
10 videos |
1h 1m
Assessment
Badge
Exploring SecOps Tools: Port Scanning with Netcat
The Netcat utility is a free and easy-to-use tool that is commonly used to monitor the flow of traffic between systems on a computer network. Netcat has various capabilities, including port scanning, port listening, transferring files, and backdoor enabling. With this course, learn how to use the Netcat utility. Explore the history of the Netcat utility and learn how to download and install the program. Next, work with common Netcat commands and options and examine Netcat features like SSL encryption, traffic redirection, and connection brokering. Finally, learn how to execute basic Netcat commands, perform port scanning, and use Netcat TCP server and client commands. Upon completion, you'll be able to use the Netcat utility to perform port scanning.
10 videos |
1h 3m
Assessment
Badge
Exploring SecOps Tools: Securing Passwords with hashcat
hashcat is a popular password cracking tool which is often used in ethical hacking exercises by penetration testers and sysadmins. It is, however, often also used for illicit purposes by cybercriminals and spies to compromise and breach vulnerabilities. Explore the many features and capabilities of the hashcat tool, and discover the purpose and vulnerabilities password hashes present. Explore the characteristics of the core hashcat attack modes that include dictionary attacks, combinator attacks, brute-force attacks, hybrid attacks, and association attacks. Explore how to download and install hashcat and discover techniques to crack passcodes. Lastly, explore requirements for building a capable password cracking systems and explore the required steps to successfully crack a WPA/WPA2 using hashcat. Upon completion, you'll be able to secure passwords using hashcat.
11 videos |
1h 8m
Assessment
Badge
Exploring SecOps Tools: SQL Injection Testing Using sqlmap
sqlmap is an open-source penetration testing tool used to help security professionals automate the detection and exploitation of SQL injection vulnerabilities in web applications. It fully supports a broad range of databases and six SQL injection techniques. Through this course, learn how sqlmap works with common databases and helps automate common SQL injection techniques. Explore common sqlmap use cases and how to access, download, and install sqlmap. Next, discover the program's dependencies, including its various Python libraries. Finally, learn how to use sqlmap and Burp for database enumeration and dumping and bypass admin logins using sqlmap and SQL injections techniques. Upon completion, you'll be able to use sqlmap for SQL injection testing.
10 videos |
48m
Assessment
Badge
Exploring SecOps Tools: Digital Forensic Collection with Autopsy
Autopsy is an open-source digital forensic platform that simplifies the deployment of many of the utilities and plugins found in The Sleuth Kit forensic toolkit. Autopsy provides an easy-to-use graphical interface for command line digital investigation analysis tools, and provides fast, thorough, and efficient hard drive investigation solutions. In this course, discover the Autopsy platform, including features like timeline analysis, keyword searching, email analysis, and registry analysis. Investigate Autopsy benefits, such as ease of use, extensibility, efficiency, and cost effectiveness. Then, download and install Autopsy to explore the general configuration options panel along with the video triage and law enforcement bundle add-on modules. Finally, create a new case, view case details and the data source summary, and practice the various ways to add a data source.
10 videos |
47m
Assessment
Badge
Exploring SecOps Tools: Using the Social-Engineer Toolkit
The Social-Engineer Toolkit (SET) is used by security professionals and penetration testers to perform advanced attacks and social engineering. The SET offers attack vectors that help carry out human-side penetration testing exercises. In this course, you'll explore the SET and its capabilities and features. You'll also explore SET attack vectors, including phishing, web, infectious media generator, payload and listeners, and mass mailer attacks. Discover where to access installation files and how to install the SET. Learn how to start using the SET by launching the spear phishing module. Finally, explore how to perform web-based attacks, a credential harvester attack, and a man-in-the-middle attack.
9 videos |
57m
Assessment
Badge
SecOps Tool Landscape: Intro to Security Tools (SecTools)
Organizations spend money on security controls to protect company assets, but how do they know those assets are protected from hackers? One way is to use the same tools that hackers use and perform security test known as penetration testing or ethical hacking. In this course, explore the purpose of security tools, including their history and the response to modern attacks. Take a look at open-source intelligence tools used to collect information from online sources. Next, investigate the purpose and importance of ethical hacking. Finally, examine the value of building a security toolbox, the different categories of tools, and how to obtain appropriate security tools.
13 videos |
1h 31m
Assessment
Badge
SecOps Tool Landscape: The Kali Linux Security Platform
The Kali Linux operating system comes with many pre-installed security tools. It is a popular choice among penetration testers and its tools can be used to assess the security of network devices and systems. In this course, learn the benefits of Kali Linux and how to download and install it. Next, explore the Kali Linux user interface and work with some of its tools. Finally, discover how to use common tools in Kali for various operations, such as Nmap for port scanning, Hydra for compromising a system, sqlmap for performing SQL injection attacks, and Ophcrack for cracking passwords. Upon completion, you'll be able to recognize the benefits of Kali Linux, download and install it, and use various Kali tools to execute testing tasks.
13 videos |
1h 22m
Assessment
Badge
SecOps Tools and 2021 Security Incidents: Microsoft Exchange Server Data Breach
Cybersecurity professionals are often tasked with studying breaches that have impacted other organizations to protect their assets. This knowledge helps them identify potential threats and understand how threat actors operate in a modern environment. In this course, explore the background of the Microsoft Exchange Server data breach, how it was discovered, and how Microsoft communicated about it. Review different tools that can be used to discover and exploit the vulnerability. Finally, explore how the cybersecurity community responded and how you can patch systems against such a breach. Upon completion of this course, you'll be able to describe the Microsoft Exchange Server data breach and how to detect it, as well as respond if you find a server that could be compromised by the same vulnerability.
11 videos |
1h 13m
Assessment
Badge
SecOps Tools and 2021 Security Incidents: Facebook Data Breach
Cybersecurity professionals will often be tasked with studying breaches that have impacted other organizations to protect their own assets. This knowledge helps in identifying potential threats and understanding how threat actors operate in a modern environment. Begin this course by exploring the background of the Facebook data breach and how it was initially discovered. Then, explore how the data breach happened, and the method used to capture the data. Next, explore different tools that could be used to conduct a similar type of attack. Finally, examine the cybersecurity community's response to the breach and the fallout for Facebook from the event. On completing this course, you will have a better understanding of the Facebook data breach, how to conduct a similar attack, and how such a cybersecurity event can impact an organization.
11 videos |
54m
Assessment
Badge
SecOps Tools and 2021 Security Incidents: Colonial Pipeline
Cybersecurity professionals often will be tasked with studying breaches that have impacted other organizations to protect their own assets. This knowledge helps to identify potential threats and understand how threat actors are operating in a modern environment. Begin this course by exploring the background of the Colonial Pipeline breach and how it was discovered. Then, examine how the data breach happened, focusing on credential harvesting methods typically used to capture login data. Next, investigate the different tools that could be used to conduct a similar type of attack, including Maltego CE, theHarvester, the Social-Engineer Toolkit and Zphisher. Finally, take a look at the cybersecurity community response and cybersecurity implications resulting from the Colonial Pipeline incident. Once you have completed this course, you will be able to use tools to conduct an attack similar to the Colonial Pipeline breach and identify potential threats to other organizations.
14 videos |
1h 15m
Assessment
Badge
SecOps Tools and 2021 Security Incidents: JBS Ransomware Attack
Cybersecurity professionals often will be tasked with studying breaches that have impacted other organizations. This knowledge helps to identify potential threats and understand how threat actors are operating in a modern environment. Explore the background of the JBS ransomware attack and how it was discovered. Then, investigate how the breach happened and examine various vulnerability scanning and exfiltration tools that could be used to conduct this type of attack. Finally, take a look at the cybersecurity community response to the breach and the fallout for JBS Foods from the event. Once you have completed this course you should be familiar with the background of the JBS ransomware attack, how to use tools to conduct a similar type of attack, and how JBS Foods and the Government responded to the breach.
12 videos |
1h 1m
Assessment
Badge
SecOps Tools and 2021 Security Incidents: Kaseya Ransomware Attack
Supply chain attacks are particularly stealthy and have the potential to inflict considerable damage that can have lasting repercussions. Cybersecurity professionals need to proactively monitor traffic to stay ahead of these types of attacks and other potential threats. Begin this course by exploring the background of the Kaseya ransomware attack and how it was discovered. Then, examine what led to the breach and how the attack affected Kaseya's clientele of multiple managed service providers (MSPs) and as a result, many small businesses downstream. Investigate the various tools, like SQL injection, that could be used to conduct this type of attack. Finally, take a look at the cybersecurity community response to the breach and the fallout for Kaseya from the event. Once you have completed this course, you should understand the background of the Kaseya ransomware attack, how to use tools to conduct a similar type of attack, and how Kaseya and the government responded to the breach.
11 videos |
56m
Assessment
Badge
SecOps Tools and 2021 Security Incidents: Log4Shell Exploit
Cybersecurity professionals are often tasked with studying breaches that have impacted other organizations to protect their assets. This knowledge helps identify potential threats and understand how threat actors operate in a modern environment. In this course, we begin by exploring the background of the Log4Shell exploit and how it was discovered. We then explore how the exploit was disclosed and various tools that can be used to scan for the vulnerability. We even look at how to conduct the exploit ourselves. Finally, we discuss the patches and response to the exploit by the open-source community and the long-term political and cybersecurity fallout. Upon completion of this course, you'll be able to describe the tools used to detect and conduct a Log4Shell exploit.
12 videos |
1h 4m
Assessment
Badge
SHOW MORE
FREE ACCESS
EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE COURSES
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.BOOKS INCLUDED
Book
The Best Damn IT Security Management Book PeriodProviding specific guidelines and checklists, this guide has comprehensive coverage of all major IT and security management issues and is an indispensable addition to the serious security professional's toolkit.
18h 29m
By Susan Snedaker, et al.
Book
Social Engineering in IT Security: Tools, Tactics, and TechniquesWritten by a global expert on the topic, this book discusses the roots and rise of social engineering and presents a proven methodology for planning a test, performing reconnaissance, developing scenarios, implementing the test, and accurately reporting the results.
5h 55m
By Sharon Conheady
Book
Information Technology Security FundamentalsAssisting managers in understanding the role of IT Security in their enterprise, this book defines security from an organizational perspective, then builds upon that by discussing issues related to low-level technologies and higher level management issues like security policy.
2h 41m
By Bryan Hosack, Glen Sagers
Book
Network and System Security, Second EditionExploring practical solutions to a wide range of network and systems security issues, this comprehensive book is authored by leading experts in the field and addresses the immediate and long-term challenges in the authors' respective areas of expertise.
9h 35m
By John R. Vacca (ed)
SHOW MORE
FREE ACCESS
BOOKS INCLUDED
Book
Cybersecurity EssentialsCybersecurity jobs range from basic configuration to advanced systems analysis and defense assessment. This book provides the foundational information you need to understand the basics of the field, identify your place within it, and start down the security certification path.
9h 27m
By Charles J. Brooks, Christopher Grow, Donald Short, Philip Craig
Book
Personal Cybersecurity: How to Avoid and Recover from CybercrimeRevealing the most prevalent cyber threats against individual users on all kinds of computing devices, this book teaches you the defensive best practices and state-of-the-art tools available to you to repel each kind of threat.
5h 9m
By Marvin Waschke
BOOKS INCLUDED
Book
Security FundamentalsAn approachable discussion of core security concepts and topics, this book is your guide to developing a strong foundational understanding of Windows security, so you can take your IT career to the next level and feel confident going into the certification exam.
5h 25m
By Crystal Panek
BOOKS INCLUDED
Book
The Best Damn IT Security Management Book PeriodProviding specific guidelines and checklists, this guide has comprehensive coverage of all major IT and security management issues and is an indispensable addition to the serious security professional's toolkit.
18h 29m
By Susan Snedaker, et al.
Book
Social Engineering in IT Security: Tools, Tactics, and TechniquesWritten by a global expert on the topic, this book discusses the roots and rise of social engineering and presents a proven methodology for planning a test, performing reconnaissance, developing scenarios, implementing the test, and accurately reporting the results.
5h 55m
By Sharon Conheady
Book
Information Technology Security FundamentalsAssisting managers in understanding the role of IT Security in their enterprise, this book defines security from an organizational perspective, then builds upon that by discussing issues related to low-level technologies and higher level management issues like security policy.
2h 41m
By Bryan Hosack, Glen Sagers
BOOKS INCLUDED
Book
Network and System Security, Second EditionExploring practical solutions to a wide range of network and systems security issues, this comprehensive book is authored by leading experts in the field and addresses the immediate and long-term challenges in the authors' respective areas of expertise.
9h 35m
By John R. Vacca (ed)
Book
Information Technology Security FundamentalsAssisting managers in understanding the role of IT Security in their enterprise, this book defines security from an organizational perspective, then builds upon that by discussing issues related to low-level technologies and higher level management issues like security policy.
2h 41m
By Bryan Hosack, Glen Sagers
Book
The Best Damn IT Security Management Book PeriodProviding specific guidelines and checklists, this guide has comprehensive coverage of all major IT and security management issues and is an indispensable addition to the serious security professional's toolkit.
18h 29m
By Susan Snedaker, et al.
Book
Social Engineering in IT Security: Tools, Tactics, and TechniquesWritten by a global expert on the topic, this book discusses the roots and rise of social engineering and presents a proven methodology for planning a test, performing reconnaissance, developing scenarios, implementing the test, and accurately reporting the results.
5h 55m
By Sharon Conheady
SHOW MORE
FREE ACCESS
BOOKS INCLUDED
Book
Security FundamentalsAn approachable discussion of core security concepts and topics, this book is your guide to developing a strong foundational understanding of Windows security, so you can take your IT career to the next level and feel confident going into the certification exam.
5h 25m
By Crystal Panek
Book
Network and Data Security for Non-EngineersPresenting the tools, establishing persistent presence, and examining the use of sites as testbeds to determine successful variations of software that elude detection, this book explains network and data security by analyzing the Anthem breach step-by-step, and how hackers gain entry, place hidden software, download information, and hide the evidence of their entry.
4h 56m
By Frank M. Groom, Kevin Groom, Stephan S. Jones
Book
Cryptography and Network Security: A Practical ApproachNetwork security is a set of protocols that allows us to use the internet comfortably without worrying about security attacks, and the most common tool for providing network security is cryptography. This book provides a practical survey of the principles of cryptography and network security.
3h 55m
By K. Haribaskar
Book
Network Security: A Decision and Game-Theoretic ApproachCovering attack detection, malware response, algorithm and mechanism design, privacy, and risk management, this comprehensive work applies unique quantitative models derived from decision, control, and game theories to understanding diverse network security problems.
6h 9m
By Tamer Basar, Tansu Alpcan
Book
Network and System Security, Second EditionExploring practical solutions to a wide range of network and systems security issues, this comprehensive book is authored by leading experts in the field and addresses the immediate and long-term challenges in the authors' respective areas of expertise.
9h 35m
By John R. Vacca (ed)
Book
Guide to Computer Network Security, Second EditionIncluding both quickly-workable questions and more thought-provoking advanced exercises, this book exposes the various security risks and vulnerabilities of computer networks and networked devices, offering advice on developing improved algorithms and best practices for enhancing system security.
10h 32m
By Joseph Migga Kizza
Book
Network Security Bible, 2nd EditionAddressing new techniques, technology, and methods for securing an enterprise worldwide, this comprehensive guide examines new trends and best practices and includes cutting-edge topics such as integrated cybersecurity and sections on Security Landscape.
17h 49m
By Eric Cole
Book
CompTIA Security+ Deluxe Study Guide: Exam SY0-501, Fourth EditionFully updated to cover 100% of the latest exam, this book is packed with essential information on critical security concepts including architecture and design, attacks and vulnerabilities, identity and access management, cryptography and PKI, risk management, and more.
9h 48m
By Emmett Dulaney
Book
Information Technology Security FundamentalsAssisting managers in understanding the role of IT Security in their enterprise, this book defines security from an organizational perspective, then builds upon that by discussing issues related to low-level technologies and higher level management issues like security policy.
2h 41m
By Bryan Hosack, Glen Sagers
SHOW MORE
FREE ACCESS
SKILL BENCHMARKS INCLUDED
Security Threat Intelligence Competency (Intermediate Level)
Security Threat Intelligence Competency benchmark measures whether a learner has a working understanding of the security threat intelligence principles and practices with some exposure to, and limited experience with, security threat intelligence tools and development. A learner who scores high on this benchmark demonstrates professional competency in all of the areas of the security threat intelligence discipline.
19m
| 19 questions
Security Threat Intelligence Literacy (Beginner Level)
The Security Threat Intelligence Literacy benchmark measures whether a learner has had some exposure to security threat intelligence practices and processes. A learner who scores high on this benchmark demonstrates literacy in all areas of the security threat intelligence discipline. They are able to participate in security threat intelligence discussions and understand the advice of more advanced security threat intelligence practitioners.
24m
| 24 questions
Security Threat Intelligence Proficiency (Advanced Level)
The Security Threat Intelligence Proficiency benchmark measures whether a learner has an advanced understanding of the security threat intelligence principles and practices with additional experience with security threat intelligence tools and development. A learner who scores high on this benchmark demonstrates professional proficiency in all of the major areas of the security threat intelligence discipline, across a variety of different platforms and deployments. This learner works and act almost 100% independently of others, and is seen as a leader in the industry.
30m
| 31 questions
Security Threat Intelligence Awareness (Entry Level)
The Security Threat Intelligence Awareness benchmark measures whether a learner has had exposure to basic security threat intelligence organizational practices and theories. A learner who scores high on this benchmark demonstrates awareness in some areas of the security threat intelligence discipline.
12m
| 12 questions
Windows OS Exploits Competency (Intermediate Level)
The Windows Exploits Competency benchmark measures whether a learner has had some exposure and experience with Windows operation system technologies, practices, and a working experience and exposure to common OS exploits and techniques. A learner who scores high on this benchmark demonstrates professional competency in all of the major areas of Windows exploits analysis and tooling.
19m
| 19 questions
Windows OS Exploits Proficiency (Advanced Level)
The Windows OS Exploits Proficiency benchmark measures whether a learner has had extensive exposure in Windows operation system technologies, practices, and principles, and working experience and exposure to common OS exploits and techniques. A learner who scores high on this benchmark demonstrates professional proficiency in all of the major areas of Windows exploits analysis and tooling.
30m
| 30 questions
Security for Engineering Leaders Competency (Intermediate Level)
The Security for Engineering Leaders Competency (Intermediate Level) benchmark measures your ability to identify security terms, expressions, and frameworks. You will be evaluated on your understanding of data security challenges and best practices. A learner who scores high on this benchmark demonstrates that they have good exposure to data and information security.
15m
| 15 questions
Security for Engineering Leaders Proficiency (Advanced Level)
The Security for Engineering Leaders Proficiency (Advanced Level) benchmark measures your ability to identify data security team challenges, expectations, and components. You will be evaluated on your skills in using best practices for working with data security teams with various experience levels and identifying data security use cases. A learner who scores high on this benchmark demonstrates that they have good experience in leading data security teams.
15m
| 15 questions
SHOW MORE
FREE ACCESS
SKILL BENCHMARKS INCLUDED
Security Literacy (Beginner)
The Security Literacy benchmark will measure your ability to recognize key terms and concepts related to security in most organizations. You will be evaluated on your ability to identify terms associated with security risks, identify different types of attacks, and how employees can contribute to reducing security risk. A learner who scores high on this benchmark demonstrates that they have the skills to identify risks they may encounter from both inside and outside threats.
37m 30s
| 15 questions
SKILL BENCHMARKS INCLUDED
SecOps Mastery (Expert Level)
The SecOps Mastery benchmark measures whether a learner has mastery of the SecOps practice with extensive experience with SecOps tools, processes, and security thought leadership. A learner who scores high on this benchmark demonstrates professional mastery in all of the major areas of the SecOps discipline, across a variety of different platforms and deployments. This learner works and acts almost 100% independently of others and is seen as a leader in the industry.
27m
| 33 questions
Security Tools Awareness (Entry Level)
The Security Tools Awareness (Entry Level) benchmark measures your entry-level exposure to cybersecurity tools and processes. You will be evaluated on your knowledge of security tool categories, the basics of ethical hacking, common SecTools, the role of AI in DevOps, and details of the Facebook data breach and Log4Shell exploit. A learner who scores high on this benchmark demonstrates that they have an understanding of basic cybersecurity tools, platforms, and technologies and can participate in general discussions about security and security tools.
19m
| 15 questions
Security Tools Literacy (Beginner Level)
The Security Tools Literacy (Beginner Level) benchmark measures your exposure to cybersecurity tools and processes and light experience with cybersecurity technologies. You will be evaluated on your knowledge of the importance of ethical hacking, choosing the correct security tools for specific jobs, the benefits of working with AI, and why many modern security professionals use Kali Linux, Nmap, and Wireshark. Learners who score high on this benchmark demonstrate an understanding of cybersecurity tools, platforms, and technologies. They can participate in general discussions about security and security tools and possibly manage a team of security professionals.
25m
| 25 questions
Security Tools Competency (Intermediate Level)
The Security Tools Competency (Intermediate Level) benchmark measures your working knowledge and experience with cybersecurity tools, technologies, and processes. You will be evaluated on your skills in installing Kali Linux and launching its various tools, installing Nmap and using it to perform various scans, using sqlmap to perform a SQL injection attack, filtering network traffic using Wireshark, and more. A learner who scores high on this benchmark demonstrates an experienced, working understanding of cybersecurity tools, platforms, and technologies and can work somewhat independently on information security projects and incidents.
31m
| 31 questions
Security Tools Proficiency (Advanced Level)
The Security Tools Proficiency (Advanced Level) benchmark measures your advanced knowledge and working experience with cybersecurity tools, technologies, and processes. You will be evaluated on your skills in installing additional tools in Kali Linux, cracking passwords with Ophcrack, recognizing how AI is changing security operations, using Burp Suite to perform API security testing, creating firewall rules with Wireshark, and attacking systems using Metasploit. A learner who scores high on this benchmark demonstrates an experienced, working understanding of cybersecurity tools, platforms, and technologies and can work independently on information security projects and incidents with little to no supervision.
39m
| 39 questions
SHOW MORE
FREE ACCESS