Aspire Journeys
411 Technical Support Specialist Intermediate KSAT Journey
- 54 Courses | 51h 9m 6s
Provides technical support to customers who need assistance utilizing client level hardware and software in accordance with established or approved organizational process components. (i.e., Master Incident Management Plan, when applicable).
411 Technical Support Specialist Intermediate
This track contains intermediate content for the 411-DCWF: Technical Support Specialist Intermediate journey.
- 54 Courses | 51h 9m 6s
COURSES INCLUDED
AWS SysOps Associate: Network Connectivity
Individuals and entire office networks sometimes require secure remote access to AWS resources over the Internet. In this course, you'll begin by recognizing how virtual private networks (VPNs) provide secure remote access over the Internet. Next, you'll learn to configure client VPN endpoints for client-to-site VPN connectivity. You'll then learn to create site-to-site VPN connectivity using the GUI, CLI, and PowerShell. Then, you'll explore the use of a dedicated network link to AWS through Direct Connect. Lastly, you'll learn to configure AWS Direct Connect using the GUI. This course is one of a collection of courses that prepares learners for the AWS Certified SysOps Administrator - Associate (SOA-CO1) exam.
10 videos |
28m
Assessment
Badge
CCSP 2019: Implementing Data Discovery & Classification
Proper data governance begins with labeling data and applying security controls based on those labels. Explore information rights management (IRM) and challenges associated with data discovery, as well as the roles played by PKI (public key infrastructure) security certificates and virtual private networks (VPNs) in the cloud. This 6-video course prepares learners for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. Begin with IRM objectives such as data rights, provisioning, and access models. Examine data discovery approaches and techniques for structured and unstructured data, and challenges of data discovery in the cloud. Then examine data classification, enabled by using Microsoft Azure Information protection for sensitive data such as Protected Health Information (PHI) and Personally Identifiable Information (PII), and cardholder data. Recognize how PKI provides security for digital IT solutions; how to use PowerShell to create PKI certificates; and how to generate certificates in a Microsoft Azure Key Vault. Learn how VPNs are used for secure cloud resource access. Then configure a Microsoft Azure point-to-site VPN and a custom Microsoft Azure Key Vault key for storage account encryption.
12 videos |
42m
Assessment
Badge
CCSP 2019: Cloud Infrastructure
General categories of IT services in cloud computing include compute, storage, and networking. Explore how these services address business requirements, along with how graphical user interface (GUI) and command line tools are used to manage cloud resources. This course can be used in preparation for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. The key concepts in this course include: the physical aspect of a cloud platform and the related physical architecture; the networking and communication architecture of a cloud platform, including software-defined networking (SDN); how to deploy a Azure cloud virtual network; and how to understand the compute service as it applies to the cloud platform. In addition, learn how to deploy an Azure virtual machine (VM); to define storage and Storage as a Service (STaaS) within a cloud platform; and to deploy an Azure storage account. Finally, learn about cloud resources using the Azure portal; cloud resources using command line tools; and list requirements for logical design, including tenant partitioning and access control.
12 videos |
45m
Assessment
Badge
CCSP 2022: Legal Requirements, Privacy Issues, & Risk Management in the Cloud
Cloud computing presents a number of unique risks and issues since it routinely crosses many geographic and political boundaries, and international legislation, regulations, and privacy requirements can conflict with one another. In this course, examine the legal and privacy issues that a Certified Cloud Security Professional can expect to face. Begin by investigating conflicting international laws, eDiscovery, and Cloud Security Alliance (CSA) guidance. Then, focus on personal privacy issues related to protected health information (PHI), personally identifiable information (PII), and privacy impact assessments (PIAs), and compare privacy requirements including ISO/IEC 27018, Generally Accepted Privacy Principles (GAPP), and General Data Protection Regulation (GDPR). Finally, explore risk management by assessing risk management programs and studying regulatory transparency requirements, including breach notification, Sarbanes-Oxley (SOX), and GDPR. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
10 videos |
25m
Assessment
Badge
CCSP 2022: Operate & Maintain Physical & Logical Cloud Infrastructure
CCSP exam candidates will be expected to have a strong foundation in the continual operations and maintenance of the cloud data center. In this course, you will explore the physical and logical cloud infrastructure from an operations and maintenance perspective, including network security controls, operating system hardening, patch management, and Infrastructure-as-Code (IaC). Then, you will examine hypervisor cluster management, including clustered host and guest OS availability, virtual machine cluster performance, and capacity monitoring. Finally, you will take a look at backup and restore functions of hosts and guests. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
8 videos |
27m
Assessment
Badge
CISM 2020: Business Continuity
Information security managers must plan for inevitable business disruptions, knowing how best to minimize the impact of these disruptions on business processes and learn from them to prepare for future incidences. In this course, you'll explore techniques to reduce the chances of disruptions, plan for the inevitable, and learn from past occurrences. You'll start by examining personnel hiring and skills management and how this relates to IT governance. Next, you'll investigate the concept of high availability configurations before delving into data replication, load balancing, and data backups. You'll also practice some associated techniques. Lastly, you'll learn how to craft disaster recovery and incident response plans, along with post-incident reviews. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
13 videos |
1h 15m
Assessment
Badge
CISM 2020: Information Security & Business Process Alignment
Proper IT governance starts with aligning IT solutions with business processes. In this course, you'll explore how to identify the relationship between IT security and business objectives. You'll examine in detail how various regulations and security standards, such as HIPAA, GDPR, and PCI DSS, can influence an organization's IT security decisions, going through seven of such regulations one-by-one. Next, you'll examine the cloud services, Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) to determine how responsibility is divided between provider and consumer. Lastly, you'll investigate several public cloud providers' security accreditations. This course is part of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
14 videos |
1h 13m
Assessment
Badge
CISM 2020: IT Security Policies
IT security policies guide how IT services are deployed and managed in an organization. To achieve certification in information security management, you'll need to demonstrate a clear understanding of what policies exist and where and how to implement them. In this course, you'll explore various types of security policies, starting with those for securing change and patch management. You'll then investigate some network and host security hardening techniques. You'll move on to practice hardening Windows and Linux servers as well as a network printer and passwords. You'll then examine how to detect social engineering scams and deal with malware infections. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
14 videos |
1h 21m
Assessment
Badge
CISM 2020: Managing IT Risk
Using on-premises and cloud computing IT environments introduces an element of risk. In this course, you'll explore risk management concepts, including gap analysis and SWOT, as well as strategies to manage risk, such as applying risk treatments and creating a risk register. Additionally, you'll outline data governance and examine the responsibilities of specific data roles, including the data owner and data custodian. You'll then work with data classification using Amazon Macie and Microsoft FSRM. Moving on, you'll learn how to tag cloud resources and carry out cloud risk assessments. You'll explore how to determine if specific security controls are worth implementing to protect assets. Lastly, you'll investigate how to establish a security awareness program through the organization. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
14 videos |
1h 20m
Assessment
Badge
CISM 2022: Assessing Risk
Assessing risk is a crucial activity that enables organizations to evaluate risk exposure for business processes and assets. In this course, you will begin by exploring how to conduct vulnerability assessments and how the results can shed light on security control deficiencies. Next, you will learn how to perform a network vulnerability assessment and review the results, followed by scanning a web application for web app-specific vulnerabilities. You will discover how to conduct a gap analysis to determine the current security posture compared to a desired security posture. Then, you will explore the important aspects of when and how to run penetration tests. Lastly, you will see how to configure Microsoft Azure Policy assignments to determine cloud resource configuration compliance. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
8 videos |
45m
Assessment
Badge
CISM 2022: Cloud Computing & Coding
The use of cloud services is a form of outsourcing of IT service which also introduces an element of risk. Software developers can use on-premises as well as cloud-based services to create, test, and deploy software solutions. In this course, you will explore cloud deployment models including public, private, hybrid, and community clouds. You will then cover cloud computing service models, such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS), including where the security responsibility lies in each model. Next, you will explore various cloud-based security controls addressing a wide variety of cloud computing security needs. You will discover how to deploy a repeatable compliant cloud-based sandbox environment using Microsoft Azure Blueprints. Next, explore how security must be included in each software development life cycle (SDLC) phase as opposed to post-implementation. Finally, discover the importance of secure coding practices and how security must integrate with software development, testing, deployment, and patching. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
9 videos |
49m
Assessment
Badge
CISM 2022: Data Privacy
Enterprises must comply with relevant laws and regulations related to data privacy. This requires recognizing applicable laws and regulations and implementing the appropriate security controls. In this course, you will explore examples of personally identifiable information (PII) and protected health information (PHI) and learn about data residency implications related to the physical storage location of sensitive data. Next, learn how to reduce the possibility of data exfiltration through data loss protection policies and how to discover and classify data using Amazon Macie and Microsoft Purview governance. Then you will learn to configure data classification on the Microsoft Windows server platform and tag cloud resources for classification purposes. Lastly, explore how to configure Microsoft Azure storage account encryption using a customer-managed key. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
10 videos |
56m
Assessment
Badge
CISM 2022: Incident Response
Incident response is initiated when a security incident is confirmed. Incident response plan participants must know their roles and plan details for effectively minimizing the impact of security incidents. In this course, you will explore the components that make up an incident response plan, including roles, escalation procedures, and communication plans. Next, focus on incident escalation where applicable, incident eradication according to planned procedures, and incident containment to prevent further incident damage. Then discover the importance of analyzing past incident responses in the spirit of constant improvement and the reduction of incident response times. Lastly, find out how incident detection and automated responses are possible in the cloud. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
8 videos |
41m
Assessment
Badge
CISM 2022: Information Security Governance
The best way to improve the enterprise security stance is to align IT security solutions with business objectives. In this course, you will consider how information security must align with business strategies. You will explore the business model for information security and review the importance of identifying and classifying assets critical to a business. Next, you will learn about supply chain security, personnel management, and the components of an information security program. You will discover the relationship between service-level agreements (SLAs) and organizational objectives and discuss the relevance of change and configuration management. Then, consider how to develop organizational security policies. Lastly, explore expense types, chain of custody, organizational culture, and how the Control Objectives for Information Technologies (COBIT) framework applies to IT governance. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
16 videos |
1h 40m
Assessment
Badge
CISM 2022: Managing Risk
Residual risk remains after security controls are put in place to mitigate the impact of threats. The organizational appetite for risk determines what level of residual risk is acceptable. In this course, you will explore how risk management improves business operations by minimizing the impact of realized threats. You will learn how to calculate the cost of mitigating risk compared to the value of the protected asset and determine the cost-benefit analysis and return on investment when implementing security controls. Next, discover the importance of risk assessments, especially where there are changes to some aspect of the business or a specific business process. You will then explore how various risk approaches, such as risk acceptance, avoidance, transfer, and reduction, apply to an organization's tolerance of residual risk. Lastly, discover how risk heat maps are an effective method for communicating various degrees of risk. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
9 videos |
49m
Assessment
Badge
CISM 2022: Security Standards
Global and local security standards, including laws and regulations, are an important input to determine how enterprises deploy and manage security controls. In this course, you will learn how the European Union's General Data Protection Regulation (GDPR) data privacy legislation applies to any organization world-wide handling private EU citizen data. Next, you will explore various International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) standards for proper data governance, followed by American data privacy and cloud security standards such as Health Insurance Portability and Accountability Act (HIPAA) and Federal Risk and Authorization Management Program (FedRamp). Discover how to secure cardholder data as related to Payment Card Industry Data Security Standard (PCI DSS) international security standards and review other data privacy legislation including Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and China's Personal Information Protection Law (PIPL). Lastly, explore the importance of securing cloud service usage in alignment with the Cloud Controls Matrix (CCM). This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
10 videos |
53m
Assessment
Badge
Cloud Security Administration: Infrastructure Planning
Cloud infrastructure consists of the physical location of the cloud data center. Depending on the data center location, there are different risks that are taken by the service provider and different methods used to tackle security issues. A secure cloud is created by using open source software and creating a technical support pool. Additionally, basic security concepts like protecting data in motion and in rest using encryption can be employed so that clients can only see their data. In this course, you'll learn about baselining cloud infrastructure, different components like hardware and software, and challenges faced in cloud environments.
13 videos |
55m
Assessment
Badge
Cloud Services: Cloud Computing Concepts
Explore fundamental cloud computing concepts such as cloud service models, hosting options, and security considerations, among other topics covered in this 14-video course. Begin by examining cloud benefits, components, and service models; the differences between cloud computing roles such as cloud service customer, cloud service architect, and cloud auditor, and learn the differences between on-premises and cloud implementations. This leads to an overview of the IaaS (Infrastructure as a Service) cloud service model; the SaaS (Software as a Service) cloud service model, and what needs to be considered when using the PaaS (Platform-as-a-Service) cloud service model. Next, take a look at benefits and potential pitfalls for private cloud implementation; advantages and disadvantages of using a public cloud; benefits of using a hybrid cloud solution, and benefits and potential pitfalls of using a community cloud. Learners will examine the potential risks and benefits of migrating to the cloud, and explore common cloud vulnerabilities such as negligence, cyber threats, and system vulnerabilities.
14 videos |
57m
Assessment
Badge
CompTIA CASP+: Industrial Computing Environments
Industrial control systems present a unique security risk when it comes to public services such as power, water, and other industrial processes. In this course, you'll learn how to recognize common industrial network protocols and terminology. Next, you'll learn how Supervisory Control and Data Acquisition relates to industrial control systems. You'll explore NIST ICS security control documentation. Lastly, you'll learn how to configure an S7 PLC emulator and use Metasploit to stop the device. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
8 videos |
39m
Assessment
Badge
CompTIA Cloud+: Cloud Architecture & Models
The cloud has various deployment and service models that can help your organization design and create your very own cloud strategy based on needs. First, you'll learn about the available cloud deployment models such as public, private, hybrid, community, and virtual public clouds, as well as multi-cloud and multitenancy environments. Next, you'll examine cloud service models such as Infrastructure as a Service, Platform as a Service, and Software as a Service. Finally, you'll learn about advanced topics such as the Internet of Things, serverless computing, machine learning, artificial intelligence, and the shared responsibility model. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 10m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Threat Intelligence
Your organization's security posture is critical to its success-and security technicians must be aware of known and emerging security threats from a variety of sources. Learners begin this 14-video course by exploring various ways for security technicians to keep up-to-date and ahead of the curve. Examine various security intelligence sources and how to use the MITRE corporation's invaluable, trademarked ATT&CK knowledge base. Learners next discuss threat intelligence collection, threat classification for prioritization, and different sources and motivations of IT threats. Not sure what the bug bounty program is? Confused by false positives-mislabeled security alerts-and how to handle them? This course gives you the information you need. Become familiar with the Common Vulnerability Scoring System (CVSS), which provides a way to allocate or assign a score to a vulnerability: the higher the score, the bigger the threat. Then go on to examine the National Vulnerability Database (NVD). The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.
14 videos |
48m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Attack Types
Helping protect your company's valuable assets against malicious attacks by outsiders requires a seasoned understanding of modern-day cyber threats. This 21-video course prepares learners to thwart reconnaissance and surveillance attacks by hackers and ward off Wi-Fi vulnerabilities, by using the proper tools. First, examine the wide variety of possible modes of attack-from injection, overflow, and cross-site scripting to XML (extensible markup language), DoS, address resolution protocol (ARP) poisoning, and password compromises. Then develop valuable skills in counteracting web browser compromises and agility in the use of Kali Linux Wi-Fi tools. Learn OWASP's (Open Web Application Security Project) Top 10 vulnerabilities and ESAPI (Enterprise Security application programming interface) tools for each one, such as ZAP (Zed Attack Proxy), to test web application security. While you're learning, pause to meet the aptly-named John the Ripper, a free tool for cracking passwords on 15 platforms! The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.
21 videos |
1h 51m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Malware Threats
Perhaps nothing is more frustrating for the average computer user-or his IT security staffer-than being tricked into divulging sensitive information by a social engineering practitioner. Hackers are malicious and ingenious-using malware, bots, ransomware, viruses, and plain garden-variety scams-but there are sensible ways to reduce the risk. This 13-video course offers you invaluable information on hackers' methods and ways to mitigate their devious schemes-whether by e-mail phishing messages, malware, or bots, a favorite tool of black-market operators. Next, learners explore the danger of ransomware and how to mitigate this threat; how malware and botnets have become black-market commodities; and why botnets are proliferating under cybercriminals' user control. Then watch a demonstration of how to configure a reverse shell and use the Malzilla tool to explore malicious web pages. The course concludes by exploring a GUI (graphical user interface) malware dashboard and showing how to configure malware settings on an endpoint device. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.
13 videos |
52m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Encryption & Hashing
Cryptographers far from enemy lines have long helped win shooting wars by cracking enemy codes-and in the new world of cyber warfare, cryptography has become the first line of defense for hundreds of millions of civilians worldwide. In this 21-video course, you will learn just how cryptography and encryption protect sensitive data, both in transit and at rest. Learners are given important information about public key infrastructure (PKI) hierarchy and lifecycles; protection in UFS (Ultra Flash Storage) and Bitlocker; and on Linux and cloud storage. Learn about the hashing process, including how to generate file hashes for Linux and Windows. Then learn about using SSL (secure sockets layer) and TLS (Transport Layer Security) to secure network traffic, cloud certificate authority (CA) deployment, and certificate issuance. Next, learn how to configure custom encryption keys for cloud storage and how to configure a Microsoft IIS web site with a PKI certificate. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.
21 videos |
1h 17m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Hardware & Security
Securing hardware includes applying firmware updates and configuring devices on isolated networks. In this course, you'll learn about mobile device security, IoT security, and vulnerable device lists. You'll explore physical security and the security risks presented by drones and vehicles. You'll move on to examine how SCADA is used for industrial device networks, how to recognize BIOS and UEFI security settings, how self encrypting drives can protect data at rest, and how hardware security modules are used for encryption offloading and cryptographic secret storage. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
11 videos |
39m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Cloud Computing
These days, it's almost all about the cloud-public, private, hybrid, and community varieties-but how much do you really know about these mysterious unseen dimensions? As more and more organizations use or migrate on-premises IT systems and data into cloud environments, understanding the trendy concept has become both necessary and increasingly complex. In this 12-video course, learners are exposed to the basics of this new cloud world, including the four most popular cloud service models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), and Infrastructure as Code. First, you will learn the five primary characteristics of every cloud-resource pooling, self-provisioning, rapid elasticity, metered usage, and broad access. Then examine each characteristic in more detail: learn how to determine when to use a public, private, community, or hybrid cloud; how cloud service models delivered over a network are categorized. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.
12 videos |
36m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Threat Monitoring
In this course, you'll learn about centralized monitoring for on-premises and cloud solutions and how this results in the timely response to business disruptions and highlights indicators of compromise. You'll examine continuous monitoring, log types, cloud logging and auditing, centralized Linux logging, Windows event log filtering, and cloud alarms. You'll also learn about the OSI model, network traffic analysis, filtering captured network traffic, e-mail monitoring, honeypots, and SIEM. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
15 videos |
1h 9m
Assessment
Badge
CompTIA Cybersecurity Analyst+: User Account Security
Identity and access management encompasses the management of on-premises and cloud-based users, groups, and roles. In this course, you'll learn how to assign only the required permissions to IAM security principles. You'll explore topics such as role creation, deploying Simple Active Directory in AWS, joining a cloud VM to a cloud-based directory service, and multifactor authentication. You'll also learn about identity federation and Windows and Linux file system permissions. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
13 videos |
53m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Network Infrastructure Security
Managing network security involves planning the use of network devices, including cloud-based virtual network configurations. In this course, you'll learn about asset discovery and management, cloud resource tagging, network segmentation, and VPNs. You'll also examine cloud site-to-site VPN deployment, cloud networking, and cloud VPC deployment. Next, you'll learn about change management procedures, virtual desktop infrastructure, cloud VDI configuration and client connections, and firewalls. Lastly, explore network access control, RADIUS, and TACACS+. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
18 videos |
1h
Assessment
Badge
CompTIA Cybersecurity Analyst+: Software Development Security
Software developers must consider security at all phases of software development. In this course, you'll learn about software vulnerability testing and secure coding practices. You'll explore the software development life cycle, microservices and decoupling, application containerization, and common cloud developer services. In addition, you'll examine software and unit testing and reverse engineering for Android apps. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
11 videos |
46m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Data Privacy
Data privacy regulations are at the forefront of protecting PII and PHI on-premises and in the cloud. In this course, you'll examine the meaning of common data privacy standards, including PII, PHI, HIPAA, GDPR, and PCI DSS. Then you'll move on to learn about server and cloud-based data classification and data loss prevention. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
12 videos |
45m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Digital Forensics
Digital forensics focuses on the proper gathering and handling of digital evidence. In this course, you'll learn about forensic hardware, software, and the chain of custody. In addition, you explore how to enable legal hold for an AWS S3 bucket, restore deleted files in Linux and Windows, and mount a Linux file system for examination. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
11 videos |
35m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Network Scanning & Traffic Analysis
Discover how vulnerability scanning can detect weaknesses while pen testing exploits weaknesses. Explore these activities along with how intrusion detection and prevention help secure networks, hosts, apps and data for organizations. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) Certification Exam CS0-002.
13 videos |
1h
Assessment
Badge
CompTIA Cybersecurity Analyst+: IT Security Risk Mitigation
Discover how organizational security policies specify details for hardening organizational assets including patching, data masking and digital rights management. This course also covers baselines, secure disposal and IPsec. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) Certification Exam CS0-002.
16 videos |
1h 7m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Intrusion Detection & Traffic Analysis
Discover how IT security analysts must recognized how malicious attacks take place. Explore how to analyze log results allows for the detection of security incidents. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) Certification Exam CS0-002.
20 videos |
1h
Assessment
Badge
CompTIA Security+: Security Policies, Regulations, Standards, & Frameworks
Whether you're an employee or contractor, this CompTIA Security+ SY0-601 course will have something you can use to improve the organizational security at your workplace. You'll start by examining security topics related to the hiring to release process, such as background checks and investigations, non-disclosure agreements, acceptable use policy, and onboarding and offboarding. You'll move on to explore further personnel policies, including job rotation, mandatory vacations, separation of duties, clean desk space, and social media usage. You'll then recognize some useful security awareness practices, such as phishing simulations, computer-based training, role-based training, and diversity training techniques. Finally, you'll identify various business agreements, account types, regulations, and governance, such as GDPR, PCI DSS, CIS, NIST, and ISO. This course is part of a series that prepares the learner for the CompTIA Security+ (SY0-601) exam.
10 videos |
45m
Assessment
Badge
CompTIA Server+: Data Privacy & Protection
Data privacy has become engrained in laws and regulations all over the world. Server technicians must take the appropriate steps to secure sensitive data in alignment with applicable laws and regulations. Discover items that constitute personally identifiable information (PII) and protected health information (PHI) and identify common data security standards such as GDPR, HIPPAA, and PCI DSS. Differentiate between various types of malware and discover how the art of deception is practiced through social engineering. Next, examine data loss prevention (DLP) and implement data discovery and classification on-premises and in the cloud. Lastly, examine key storage media destruction techniques. Upon course completion, you'll be able secure data in alignment with applicable laws and regulations. You'll also be more prepared for the CompTIA Server+ SK0-005 certification exam.
11 videos |
1h 3m
Assessment
Badge
CompTIA Server+: Deploying Cloud PaaS & SaaS
Platform as a Service (PaaS) and Software as a Service (SaaS) are two popular and valuable cloud service models. Both play a unique role in managing certain aspects of cloud computing. If you're an IT professional working in server environments, you need to know what these two cloud service models entail. Take this course to learn all about PaaS and SaaS solutions. Furthermore, practice deploying databases in the AWS and Microsoft Azure clouds. Configure a SaaS cloud solution. Use an automation template to deploy a PaaS solution. And use several strategies and tools to keep cloud computing costs to a minimum. Upon course completion, you'll be able to deploy PaaS and SaaS solutions and control cloud computing costs. This course also helps prepare you for the CompTIA Server+ SK0-005 certification exam.
9 videos |
46m
Assessment
Badge
CRISC 2023: Data Privacy
Data privacy is a foremost concern for most organizations. Compliance with laws and regulations feeds into risk management. In this course, you will discover the characteristics of Personally Identifiable Information (PII) and techniques to prevent sensitive data leakage. Then you will explore data loss prevention (DLP) and learn how to implement DLP using Microsoft Purview. Next, you will examine various data privacy and security standards including International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) standards, General Data Protection Regulation (GDPR), the Federal Risk and Authorization Management Program (FedRAMP) and the Health Insurance Portability and Accountability Act (HIPAA). Finally, you will focus on the Payment Card Industry Data Security Standard (PCI DSS), Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and China's Personal Information Protection Law (PIPL). This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.
12 videos |
1h 7m
Assessment
Badge
Ethical Hacker: Security Standards
Ethical hacking is not just random hacking attempts; it is a systematic testing of the target's security. For that reason, an understanding of security standards and formal testing methodologies is critical. Key concepts covered in this 11-video course include security standards such as NIST 800-115, a security standard which is integrally interconnected with ethical hacking and testing; and NIST 800-53, a security standard that can help users to professionalize and improve an ethical hacking test. Next, learn how to properly apply filtering and data validation; how to apply the NSA-IAM to ethical hacking to plan, execute, and report on your ethical hacking project; and how to apply the PTES to ethical hacking to plan, execute, and report on your ethical hacking project. Then learn about PCI-DSS standards and how to integrate them into ethical hacking; learn how to implement ISO 27001; and learn to interpret and apply NIST 800-12. Finally, learners observe how to employ NIST 800-26 standards to manage IT security; and learn about NIST 800-14 security protocols.
11 videos |
39m
Assessment
Badge
Google Professional Cloud Architect: Designing for Google Cloud Compliance
Compliance is a significant concern for many organizations, and many have historically failed to protect data adequately. In this course you will explore how governance has come to protect data, such as health records, through legislation like HIPAA and COPPA. Then, discover how commercial interests have helped bolster financial stability by setting standards of protecting data via certifications like Personally Identifiable Information (PII) and Payment Card Industry Data Security Standard (PCI DSS) that allow customers and businesses to trust you. In addition, there are specific industry certifications that may need to be met depending on the function of the business you run, rather than the data you keep. You will also focus on the need to maintain careful auditing standards for the integrity of any legal disputes that might arise. Finally, you will focus on use cases that you can expect to encounter in an exam environment. This course is one of a collection that prepares learners for the Google Professional Cloud Architect exam.
12 videos |
59m
Assessment
Badge
Incident Response & Recovery
Despite your best efforts, security incidents will happen. Explore incident handling best practices, including discovery, escalation, reporting, and response; countermeasures and continuity practices; and forensic investigation.
15 videos |
52m
Assessment
Badge
Information Security Incident Management Part I
Explore the fundamentals of security incident management, including methods for classifying incidents, roles, responsibilities, and training for incident response team members, and notification and escalation processes.
10 videos |
59m
Assessment
Badge
Information Security Incident Management Part II
Security incidents can have a huge cost factor on an organization. Examine incident logging, analyzing, and documenting, as well as techniques for responding to and recovering from information security incidents.
10 videos |
59m
Assessment
Badge
Information Security Program Development Part I
Create an effective information security program by examining the security technologies available, as well as techniques and best practices involved in meeting security regulations, standards, and guidelines.
9 videos |
52m
Assessment
Badge
Mitigating Security Risks: Cyber Security Risks
Effective cybersecurity risk management requires intricate knowledge of day-to-day IT security risks, network vulnerabilities, and cyber attacks. In this course, you'll detail several cybersecurity breaches and how best to prevent each one. You'll start with a general overview of what comprises security risks before categorizing different types into information, cloud, and data-related risks. Next, you'll explore cybercrime methods, the motivations behind them, and the security gaps that invite them in. You'll then use real-life examples to detail some commonplace cyberattacks and crimes. Moving on, you'll investigate what's meant by malware and outline best practices to manage worms, viruses, logic bombs, trojans, and rootkits. You'll also learn how to safeguard against malware, spyware, ransomware, adware, phishing, zero-day vulnerabilities, DoS, and backdoor attacks. By the end of the course, you'll be able to outline guidelines and best practices for securing against the most prevalent types of cybercrimes.
13 videos |
1h 16m
Assessment
Badge
Network & Communications Security
Enterprise networks and telecommunications come with unique security challenges. Explore network security best practices for OSI and TCP/IP models, common communication network attacks and countermeasures, and network access control.
20 videos |
1h 34m
Assessment
Badge
OS Deployment Strategies: Deploying Modern Systems
Cloud services are rapidly changing the nature of how technology services are implemented, and migrating toward a cloud-based model can provide many benefits to an organization. In this course, you'll explore the various cloud computing deployment models to understand the flexibility, speed, and infrastructure benefits of moving to a cloud solution. You'll also discover the benefits of cloud services models such as Infrastructure as a Service, Platform as a Service, Software as a Service, as well as Identity as a Service and Network as a Service.
12 videos |
43m
Assessment
Badge
Policy & Governance: Incident Response
Learners can explore the creation, adoption, and use of an IRP (Incident Response Plan) in this 14-video course, which examines the purpose and objectives of an IPR, and how it incorporates the objectives of an organization. You will learn how to draft an IRP, and examine the six stages of incident response: preparation, identification, containment, eradication, recovery, and lessons learned. Next, you will examine several tools that are available for incident response strategies, including Sleuth Kit, Metasploit, Websense, and FireEye Security Orchestrator. You will explore the different types of CSIRTs (Computer Security Incident Response Teams), team roles, their purpose, and the benefits of an outsourced team. This course demonstrates an incident team response with two hypothetical scenarios. You will learn about compliance and regulatory requirements, and will examine the international standard, ISO 27001. You will examine governance policy to direct and control IT security. Finally, you will learn to use governance polices to create incident response policies, and you will learn the elements and best practices for creating a plan.
14 videos |
1h 9m
Assessment
Badge
Remote Access
A common task for a Linux administrator is being able to remotely administer and access a server. Let's look at the tools available and how to configure them to allow for remote administration.
7 videos |
33m
Badge
Security Operations
Enterprise computer systems require a solid understanding of security practices. Explore codes of ethics, confidentiality, integrity, and availability, privacy, accountability, and non-repudiation, and security best practices.
16 videos |
45m
Assessment
Badge
Security Program Regulatory Integration
In this 12-video course, learners will discover the importance of integrating regulations with organizational security policies. Explore security standards such as General Data Protection Regulation (GDPR); Health Insurance Portability and Accountability (HIPAA); and Federal Information Security Management Act (FISMA), as well as the International Organization for Standardization (ISO), and National Institute of Standard and Technology (NIST). To begin, determine how to establish the importance of building regulatory compliance into a company's IT security program. You will then examine Personally Identifiable Information (PII), and Protected Health Information (PHI). This leads into the subject of Payment Card Industry Data Security Standard (PCI DSS), and what it entails. You will learn how HIPAA protects medical information; how GDPR protects European Union citizen data, and how the Gramm-Leach-Bliley Act (GLBA), applies to financial institutions. You will also identify how FISMA strives to protect sensitive US Government information, and recognize both NIST and ISO security standards. To conclude the course, you will discover how the Sarbanes-Oxley Act (SOX), requires organizational financial transparency.
12 videos |
38m
Assessment
Badge
SSCP 2021: Fundamental Networking Concepts
Historically speaking, the vast majority of security practitioners, technicians, engineers, and architects come from the field of local and wide area networking. This factor, as well as the importance of protecting data-in-transit, makes networking a critical knowledge area. Use this course to get to grips with several networking concepts and methodologies. Learn to distinguish between the OSI and TCP/IP reference models. Explore network topologies, relationships, and media types. See what's meant by software-defined networking (SDN), Remote Authentication Dial-In User Service (RADIUS), and terminal access controller access-control system plus (TACACS+), among other terms. Examine commonly used ports and protocols. And look into remote access connectivity and virtual private networks (VPNs). Upon course completion, you'll be familiar with several fundamental networking concepts and network access control methodologies. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
9 videos |
50m
Assessment
Badge
EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE TRACKS
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.YOU MIGHT ALSO LIKE
Rating 5.0 of 1 users
(1)