411 Technical Support Specialist Advanced KSAT Journey

Regardless of the guidance that one is following as a security professional, one common theme is that architects must be held to a high ethical standard based on their responsibility to manage risk to all assets. In this course, you will explore the International Information System Security Certification Consortium (ISC2) Code of Professional Ethics. Then you will discover organizational codes of ethics, which establish an integral aspect of a mission and model adopted by an organization. Finally, you will focus on the Five Pillars of information security - confidentiality, integrity, availability, authenticity, and non-repudiation. This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.

There are several cloud computing fundamental definitions, characteristics, and building block technologies each CCSP candidate should know. Learn about these and other core cloud computing concepts in this CCSP course. Explore the core fundamentals, core concepts, and technologies of cloud computing, such as cloud roles and responsibilities, broad network access, virtualization, and others. Next, study cloud computing's shared considerations and value propositions, including interoperability, agility, security, resiliency, performance, and more. Finally, examine the impact of cloud and related technologies like data science, artificial intelligence (AI), the Internet of Things (IoT), DevSecOps, and others. This is one of a collection of courses that fully prepares the learner for the (ISC)² Certified Cloud Security Professional (CCSP) 2022 exam.

In this 14-video course, discover how identifying IT asset risks and applying appropriate data privacy standards helps keep sensitive data from unauthorized entities, while preparing for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered course include: how the CIA triad (confidentiality, integrity, and availability) enhances IT security; understanding examples of personally identifiable information (PII) and protected health information (PHI); how General Data Protection Regulation (GDPR) assures data privacy; and how to align data protection policies with GDPR. Then learn how Payment Card Industry Data Security Standard (PCI DSS) protects cardholder information; how to identify network devices with insufficient antimalware protection with the free Spiceworks tool; and how Hypertext Transfer Protocol Secure Health Insurance Portability and Accountability Act (HIPAA) protects sensitive medical information. Next, learn how Federal Risk and Authorization Management Program (FedRAMP) standards secure US Government information systems; how to determine the annualized loss expectancy (ALE) value with an online ALE calculator; and how to scan a network by using Network Mapper (Nmap) to determine which devices are present. Finally, map IT solutions to data privacy requirements.

Efficient delivery of IT systems includes cost reduction and optimized system performance. In this 15-video course, discover how a structured approach for implementing changes and patches can reduce security incidents and downtime, in preparation for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered here include: how performance is related to service level agreements (SLAs), and differences between SLAs and operational level agreements; how to establish a baseline of normal performance and monitor performance metrics in Windows and Linux environments; and how to monitor performance metrics in a cloud computing environment. Next, learn how to configure cloud-based alerting; about enterprise change and configuration management procedures and terms such as content management system (CMS), configuration management database (CMDB), and configuration item (CI); and enterprise vulnerability management procedures. Learn how to configure which administrators can manage Group Policy Objects (GPOs); how to configure application deployment centrally with System Center Configuration Manager (SCCM); configure Windows patch deployment centrally with SCCM; how to configure Ubuntu Linux to check for updates; and how to tweak IT system performance and implement controlled changes centrally.

This course covers material necessary to take the ISACA CISA (Certified Information Systems Auditor) exam, and you will explore systems planning, testing, integration, and delivery to ensure timely delivery of system changes or entire new solutions for security planning. First, you will explore IT system planning, including the system development life cycle, and learn how technicians can evaluate IT solutions to align with business needs. You will examine how IT solutions will require a feasibility analysis to determine whether those solutions can be used or if a new IT solution must be built. You will see that testing and continuous delivery ensures and maintain the stability and security of the solution. This course covers QA (quality assurance) and why QA needs to be adapted for different organizations, based on compliance with laws and regulations relevant to their business. Finally, this course examines IT solution deployment, including continuous integration and delivery, infrastructure deployment, system migration and data conversion, and how to perform a cloud migration assessment.

Systems planning, testing, integration, and delivery are key elements of ensuring the timely delivery of system changes or entirely novel solutions. In this course, you will explore the phases of the system development life cycle (SDLC) and IT project management. Next, you will examine continuous integration and delivery (CI/CD) and process improvement, including advantages and common methodologies. Then you will discover infrastructure deployment, system migration and data conversion, and cloud migration assessments. Finally, you will learn about the post-implementation review process and post-implementation activities and best practices. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).

CISA 2022: Technology resources, service level management, monitoring, and quality management all play crucial roles in information systems management and represent key areas of focus for information system (IS) auditing. In this course, you will explore IT resources and monitoring, beginning with a review of common technology components, IT resource management, service-level management, and service-level agreements. Then you will learn about performance baselines, Windows and Linux performance monitoring, and cloud-based performance monitoring and alerts. Finally, you will discover key aspects of quality management, IT quality management frameworks, and quality management best practices. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).

Even with several years of practical experience in the security field, knowledge and application of specific security concepts and principles may have eluded even the seasoned security professional. Use this course to brush up on some of the vital, core security principles, such as confidentiality, integrity, and non-repudiation. Be reminded of the critical role of security design in the ISO OSI 7-layer Reference Model and the 4-layer TCP/IP Reference Model. Upon completion of this course, you'll be fully attuned to the most fundamental aspects of security. Furthermore, you can use this course to prepare for the CISSP exam.

A security professional must be familiar with risk management concepts to be able to apply them effectively. Use this course to explore the management of risks to tangible and intangible assets. Get familiar with the details of vulnerability and risk assessment, countermeasure selection and implementation, and risk frameworks. This course will also help you examine the monitoring, measuring, and reporting of risk and delve further into threat modeling and supply chain risk management (SCRM). You'll have an understanding of risk management fundamentals and how to apply them after completing this course. Moreover, you can also use this course to prepare for the CISSP exam.

Explore the domain areas concerning governance, compliance, and business continuity planning for the enterprise security practitioner and engineer. In this course, you will evaluate and apply security governance principles to various situations. You will learn how to determine contractual, legal, industry standard, and regulatory requirements. Then you will move on to review privacy principles, requirements, and legal/regulatory considerations. From there, you will see what is needed to develop, document, and implement security policies, standards, procedures, and guidelines, as well as business continuity and disaster recovery plans. Other topics include learning how to align security functions with business strategies and objectives; ensuring compliance with due care and due diligence; identifying and analyzing cybercrimes and data breaches; comparing import/export and transborder data controls. Finally, you will examine licensing, intellectual property, and privacy requirements.

Discover various methods for incident handling, disaster recovery, and business continuity, for enterprise. During this course, you will learn how to conduct detective and preventative measures, implement patch and vulnerability management, participate in change management processes, and setup a disaster recovery plan (DRP). You will observe how to test disaster recovery plans and identify elements of a business continuity plan (BCP). You will also examine physical security needs, such as confidentiality, integrity, and availability (CIA) requirements for an organization. From there you will observe how to assess environmental, man-made, supply system, and political threats, as well as their impacts; and consider protective measures for physical security, such as surveillance, lighting, tokens, biometrics, and Faraday cages. Finally, you will learn how to address personnel safety and security concerns.

It's important to ensure your IS implementation meets organizational objectives and strategic goals. Explore IS maintenance practices, system development activities, and application controls auditing.

It is vital that an organization's policies protect all information assets. Explore IS security best practices, including environmental and physical access controls.

A key component IS auditing professionals evaluate is an organization's IS management activities. Discover key IS management elements, roles, responsibilities and risk factors, and information security control design best practices.

An effective IS audit should include all aspects of an organization. Explore best practices for IS architecture, software, network infrastructure, and operations auditing activities.

Discover security principles and management tasks of continuous security operations and initiatives. Learn about protocol analyzers, network scanners, vulnerability scanners, and other continuous monitoring systems. Review egress monitors as well as security information and event management (SIEM) systems. Examine various types of intrusion detection and prevention methods, such as NIDS and NIPS. Walk through forensic investigative processes. Explore digital forensics tools, tactics, and procedures. Observe reporting and documentation techniques, as part of a post-incident response, including root cause analysis and an after-action report of lessons learned.

IS auditing demands that an organization's policies and procedures protect the confidentiality, integrity, and availability of information assets. Explore network infrastructure security, including LAN, client-server, and wireless security.

After device protection comes proper access to data, including protection of remote data. Discover how to design for remote access, including remote connectivity, remote authentication, and mobility options.