422 Data Analyst Advanced KSAT Journey

You can create different types of reports using either SQL Server Data Tools Report Designer and Report Builder. Learn how to use these tools to create reports with different options, including images, charts, and column headers.

A key component IS auditing professionals evaluate is an organization's IS management activities. Discover key IS management elements, roles, responsibilities and risk factors, and information security control design best practices.

How the database is designed will greatly impact the analysis and reporting of the data it contains. Examine data warehouse design, including dimension and fact table design, for a BI solution.

Regardless of the guidance that one is following as a security professional, one common theme is that architects must be held to a high ethical standard based on their responsibility to manage risk to all assets. In this course, you will explore the International Information System Security Certification Consortium (ISC2) Code of Professional Ethics. Then you will discover organizational codes of ethics, which establish an integral aspect of a mission and model adopted by an organization. Finally, you will focus on the Five Pillars of information security - confidentiality, integrity, availability, authenticity, and non-repudiation. This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.

Security governance is the set of practices exercised by executive management to offer strategic direction, ensuring that objectives are achieved, determining that risks are managed properly, and verifying that the organizations' resources are used responsibly. Begin this course by discovering how to align security governance with organizational goals and objectives. Then you will explore organizational processes like acquisitions, divestitures, and governance committees, as well as organizational roles and responsibilities. You will investigate security control frameworks like including the International Organization for Standardization (ISO), the National Institute of Standards and Technology (NIST) and learn about due diligence, due care, cybercrimes, and data breaches. Next, you will examine licensing and intellectual property requirements, import and export controls, transborder data flow, and privacy-related issues. Finally, you will focus on contractual, legal, industry standards and regulatory requirements. This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.

Security risk management involves the continual process of identifying security risks and implementing strategy and tactics to mitigate them. It is a vital component of any organization's strategy to protect its assets, ensure regulatory compliance, maintain operational continuity, and safeguard its reputation. Begin this course by exploring threat and vulnerability identification, as well as risk analysis, assessment, and response. Next, you will discover control categories, types, and assessments. Then you will investigate continuous monitoring and measurement and risk management reporting. Finally, you will examine continuous improvement and risk frameworks as you gain the essential skills to protect and secure your organization's critical resources. This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.

For the CISSP exam, one must be able to understand a variety of security design principles and practices. The topics in this course cover the following Domain 3 objectives: research, implement, and manage engineering processes using secure design principles and understand the fundamental concepts of security models. Begin by exploring the importance of least privilege and defense in depth to create multi-layered security defenses and restrict access to sensitive information. You will then look at concepts of segregation of duties (SOD), keeping it simple and small, and privacy by default and design. Next, you will consider how the shared responsibility model is crucial for participants to grasp the roles and accountability in cloud and collaborative environments. You will also explore threat modeling techniques to identify, evaluate, and mitigate potential security threats. Finally, you will compare zero trust vs. trust, explore the secure access service edge (SASE) framework, and consider the fundamental concepts of security models such as Bell-LaPadula, Biba, Star, and Clark-Wilson. This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.

In this 14-video course, discover how identifying IT asset risks and applying appropriate data privacy standards helps keep sensitive data from unauthorized entities, while preparing for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered course include: how the CIA triad (confidentiality, integrity, and availability) enhances IT security; understanding examples of personally identifiable information (PII) and protected health information (PHI); how General Data Protection Regulation (GDPR) assures data privacy; and how to align data protection policies with GDPR. Then learn how Payment Card Industry Data Security Standard (PCI DSS) protects cardholder information; how to identify network devices with insufficient antimalware protection with the free Spiceworks tool; and how Hypertext Transfer Protocol Secure Health Insurance Portability and Accountability Act (HIPAA) protects sensitive medical information. Next, learn how Federal Risk and Authorization Management Program (FedRAMP) standards secure US Government information systems; how to determine the annualized loss expectancy (ALE) value with an online ALE calculator; and how to scan a network by using Network Mapper (Nmap) to determine which devices are present. Finally, map IT solutions to data privacy requirements.

Explore the variety of methods through which stored data can be secured and made highly available, despite realization of malware threats, as you prepare for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered in this 16-video course include: distinguishing between data and information how they are secured; how to define the relationship between big data and the value of data analytics; and listing methods of securing a storage area network (SAN). Next, learn to enable password authentication for Internet Small Computer Systems Interface (iSCSI) target access; to recognize common security options available with cloud storage; and to ensure that decommissioned storage media do not contain retrievable data artifacts. You will learn how to deploy Structured Query Language (SQL) Database in the Azure cloud; how to implement a database replication strategy; how to protect data with the Windows backup feature; and how to protect data by backing it up to the cloud. Finally, learn how to identify the various forms of social engineering and the related security risks, and how to implement controls that provide data availability.

Managing network security involves planning the use of network devices, including cloud-based virtual network configurations. In this course, you'll learn about asset discovery and management, cloud resource tagging, network segmentation, and VPNs. You'll also examine cloud site-to-site VPN deployment, cloud networking, and cloud VPC deployment. Next, you'll learn about change management procedures, virtual desktop infrastructure, cloud VDI configuration and client connections, and firewalls. Lastly, explore network access control, RADIUS, and TACACS+. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.