421 Database Administrator Advanced KSAT Journey

There are several cloud computing fundamental definitions, characteristics, and building block technologies each CCSP candidate should know. Learn about these and other core cloud computing concepts in this CCSP course. Explore the core fundamentals, core concepts, and technologies of cloud computing, such as cloud roles and responsibilities, broad network access, virtualization, and others. Next, study cloud computing's shared considerations and value propositions, including interoperability, agility, security, resiliency, performance, and more. Finally, examine the impact of cloud and related technologies like data science, artificial intelligence (AI), the Internet of Things (IoT), DevSecOps, and others. This is one of a collection of courses that fully prepares the learner for the (ISC)² Certified Cloud Security Professional (CCSP) 2022 exam.

IT management frameworks provide a structured approach to managing and auditing IT assets. Regulations and standards are put in place to ensure that organizations have guidelines to follow for how they deal with information systems. In this course, you will explore IT management frameworks, regulations, and standards, beginning with an overview of IT and data governance, and standards, policies, and procedures. Then you will learn about Control Objectives for Information and Related Technologies (COBIT), IT Infrastructure Library (ITIL), and International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) standards. Next, you will discover risk management and risk treatment. Finally, you will dig into IT maturity models, the Business Model for Information Security (BMIS), the Information Technology Assurance Framework (ITAF), and IT balanced scorecards. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).

CISA 2022: Technology resources, service level management, monitoring, and quality management all play crucial roles in information systems management and represent key areas of focus for information system (IS) auditing. In this course, you will explore IT resources and monitoring, beginning with a review of common technology components, IT resource management, service-level management, and service-level agreements. Then you will learn about performance baselines, Windows and Linux performance monitoring, and cloud-based performance monitoring and alerts. Finally, you will discover key aspects of quality management, IT quality management frameworks, and quality management best practices. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).

Systems planning, testing, integration, and delivery are key elements of ensuring the timely delivery of system changes or entirely novel solutions. In this course, you will explore the phases of the system development life cycle (SDLC) and IT project management. Next, you will examine continuous integration and delivery (CI/CD) and process improvement, including advantages and common methodologies. Then you will discover infrastructure deployment, system migration and data conversion, and cloud migration assessments. Finally, you will learn about the post-implementation review process and post-implementation activities and best practices. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).

Regardless of the guidance that one is following as a security professional, one common theme is that architects must be held to a high ethical standard based on their responsibility to manage risk to all assets. In this course, you will explore the International Information System Security Certification Consortium (ISC2) Code of Professional Ethics. Then you will discover organizational codes of ethics, which establish an integral aspect of a mission and model adopted by an organization. Finally, you will focus on the Five Pillars of information security - confidentiality, integrity, availability, authenticity, and non-repudiation. This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.

Security risk management involves the continual process of identifying security risks and implementing strategy and tactics to mitigate them. It is a vital component of any organization's strategy to protect its assets, ensure regulatory compliance, maintain operational continuity, and safeguard its reputation. Begin this course by exploring threat and vulnerability identification, as well as risk analysis, assessment, and response. Next, you will discover control categories, types, and assessments. Then you will investigate continuous monitoring and measurement and risk management reporting. Finally, you will examine continuous improvement and risk frameworks as you gain the essential skills to protect and secure your organization's critical resources. This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.

A security vulnerability is a weakness, flaw, or error found within a security element that has the potential to be leveraged by a threat agent in order to compromise a secure network, system, or application. The goal of this course is to prepare the CISSP candidate to assess and mitigate the vulnerabilities of security architectures, designs, and solution elements. In this course, you will begin by considering the potential vulnerabilities of various systems including client-based, server-based, database, cryptographic, industrial control (ICS), embedded, virtualized, cloud-based, and distributed systems and how you might mitigate these issues. Next, you will walk through ways to lessen vulnerabilities in Internet of Things (IoT) devices and discover how to assess and mitigate vulnerabilities in containerized systems and microservices including application programming interface (API) calls. You will also look at the potential weaknesses in serverless technologies, high-performance computing, and edge computing and how to alleviate these issues. Finally, you will explore the security capabilities of Information Systems like memory protection, Trusted Platform Module (TPM), and encryption/decryption.

According to Amazon Web Services (AWS), the Software Development Life Cycle (SDLC) is a cost-effective and time-efficient development team process used to design and build high-quality software. The goal of the SDLC is minimizing project risks through forward planning so software during production and beyond meets customer expectations. In this course, explore various development methodologies and maturity models and DevOps operations, maintenance, and change management concepts. Next, explore integrated product teams (IPTs), apply security controls in various scenarios, and work with integrated development environments (IDEs) and toolsets. Finally, learn how to apply security controls in CI/CD and code repositories, software configuration management (SCM) benefits, and application security testing techniques. This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.