Aspire Journeys
422 Data Analyst Intermediate KSAT Journey
- 42 Courses | 45h 39m 56s
The 422 Data Analyst journey examines data from multiple disparate sources with the goal of providing security and privacy insight. Designs and implements custom algorithms, workflow processes, and layouts for complex, enterprise-scale data sets used for modeling, data mining, and research purposes.
422 Data Analyst Intermediate
This track examines data from multiple disparate sources with the goal of providing security and privacy insight. Designs and implements custom algorithms, workflow processes, and layouts for complex, enterprise-scale data sets used for modeling, data mining, and research purposes.
- 42 Courses | 45h 39m 56s
COURSES INCLUDED
CompTIA Cybersecurity Analyst+: Network Security Concepts
Cybersecurity policies often require detailed network configuration changes and additions. Technicians must be proficient with the configuration and management of various TCP/IP protocols. In this course, I will start by discussing the Open Systems Interconnection (OSI) model, network switching, and network access control. Next, I'll discuss the TCP/IP protocol suite as well as IPv4 and IPv6 addressing. I will then discuss network routing, dynamic host configuration protocol (DHCP), domain name system (DNS) and Wi-Fi authentication methods. Lastly, I will cover virtual private networks (VPNs), IP Security (IPsec) and network time synchronization. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
14 videos |
1h 29m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Cloud Computing & Cybersecurity
Cloud computing is an integral part of IT solutions for individuals and organizations. A knowledge of how cloud computing services are deployed and managed is a requirement for securing cloud-based resources. In this course, I will start by discussing cloud computing deployment models, such as public and private clouds, followed by discussing various cloud computing service models. Next, I will cover a variety of cloud computing security solutions, and I will deploy Linux and Windows cloud-based virtual machines. I will then deploy a web application in the cloud, cover the Cloud Controls Matrix (CCM) security controls, and work with Microsoft Azure managed identities. Lastly, I will discuss and configure a content delivery network (CDN). This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
12 videos |
1h 10m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Data Security Standards
To remain compliant with relevant data privacy laws and regulations, organizations must have a way of identifying sensitive data and implementing security controls to protect that data. In this course, explore how physical security is related to digital data security, examples of personally identifiable information (PII), and how data loss prevention (DLP) solutions can prevent data exfiltration. Next, learn about common data privacy regulations and standards, including GDPR, HIPAA, and PCI DSS. Finally, discover how to use Amazon Macie and File Server Resource Manager to discover and classify sensitive information and learn about the importance of service level objectives (SLOs) and service level agreements (SLAs). This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
11 videos |
1h 3m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Threat Intelligence Information
Cybersecurity analysts and security tools can reference a variety of threat intelligence sources to keep up to date with the latest threats and mitigations. These can be used to help keep organization security policies as effective as possible. In this course, examine different threat intelligence sources, the common vulnerabilities and exposures (CVEs) website, and the MITRE ATT&CK knowledge base. Next, discover how the OWASP Top 10 can help harden vulnerable web applications, how advanced persistent threats (APTs) are executed, and common ISO/IEC standards. Finally, learn how to analyze CIS benchmark documents, the Common Vulnerability Scoring System (CVSS), common organization security policy structures, and how organizational culture relates to IT security. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
12 videos |
1h 9m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Vulnerability & Penetration Testing
Vulnerability scanning identifies host and network vulnerabilities and must be an ongoing task. Penetration testing is an active security method by which there is an attempt to exploit discovered vulnerabilities. In this course, you will discover how to plan for, schedule, and execute vulnerability assessments, identify common vulnerability scanning tools, and conduct an nmap scan. Next, you will use Nessus and Zenmap to execute security scans and text web app security using the OWASP Zed Attack Proxy (ZAP) tool. Then you will explore penetration testing and the Metasploit framework and use the Burp Suite tool as an HTTP intermediary proxy. Finally, you will learn how to manage Azure policy, investigate potential indicators of compromise, and examine how IT security relates to industrial control systems. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
14 videos |
1h 21m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Security & Network Monitoring
SIEM solutions serve as centralized data ingestion and analysis engines that seek out potential security issues. Security incident response can be partially or fully automated using SOAR solutions. In this course, discover the benefits of security information and event management (SIEM) and security orchestration, automation, and response (SOAR) security incident monitoring and response solutions. Next, explore threat positives and negatives, followed by deploying the Splunk SIEM on Linux. Finally, learn how to configure a Splunk universal forwarder and use various tools to capture and analyze network traffic. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
12 videos |
1h
Assessment
Badge
CRISC 2023: Data Privacy
Data privacy is a foremost concern for most organizations. Compliance with laws and regulations feeds into risk management. In this course, you will discover the characteristics of Personally Identifiable Information (PII) and techniques to prevent sensitive data leakage. Then you will explore data loss prevention (DLP) and learn how to implement DLP using Microsoft Purview. Next, you will examine various data privacy and security standards including International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) standards, General Data Protection Regulation (GDPR), the Federal Risk and Authorization Management Program (FedRAMP) and the Health Insurance Portability and Accountability Act (HIPAA). Finally, you will focus on the Payment Card Industry Data Security Standard (PCI DSS), Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and China's Personal Information Protection Law (PIPL). This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.
12 videos |
1h 7m
Assessment
Badge
CompTIA Cloud+: Cloud Architecture & Models
The cloud has various deployment and service models that can help your organization design and create your very own cloud strategy based on needs. First, you'll learn about the available cloud deployment models such as public, private, hybrid, community, and virtual public clouds, as well as multi-cloud and multitenancy environments. Next, you'll examine cloud service models such as Infrastructure as a Service, Platform as a Service, and Software as a Service. Finally, you'll learn about advanced topics such as the Internet of Things, serverless computing, machine learning, artificial intelligence, and the shared responsibility model. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 10m
Assessment
Badge
CompTIA Data+: Database Concepts
Databases are used for creating and storing virtually any type of data. Data drives business in the twenty-first century, and IT professionals interested in mastering data analytics must understand the key concepts surrounding databases and their uses in almost every facet of business. In this course, you will discover database concepts, beginning with challenges associated with databases, self-driving databases, data warehouses, data marts, and data lakes and lakehouses. Then you will explore the concepts of Online Transactional Processing (OLTP) and Online Analytical Processing (OLAP). You will learn about database schemas and look closely at star and snowflake schemas, which are common in data warehouses. Finally, you will explore slowly changing dimensions that shape the methods analysts use to keep historical and current data. This course can be used to prepare for the DA0-001: CompTIA Data+ exam.
13 videos |
1h 14m
Assessment
Badge
CompTIA Data+: Understanding Data
Databases cannot perform at all without data - it is that simple. Data is the lifeblood of databases, and once a database is populated with data, the things a data analyst can do with it are truly remarkable. By harnessing the power of data, modern life has become more efficient in virtually every way. In this course, you will explore the basics of data, beginning with an introduction to data types, structured data, defined rows and columns, and key-value pairs. You will then proceed to explore unstructured data, undefined fields, machine data, and discrete and continuous data. Next, you will dig into categorical data, numerical data, text data, multimedia data. Finally, you will examine text files, HTML files, XML files, and JSON files. This course can be used to prepare for CompTIA Data+ (DA0-001) exam.
19 videos |
1h 59m
Assessment
Badge
CompTIA Data+: Data Visualization Reports
Data is meaningful only when information is extracted from it. That information can tell a story, and the best data analysts are magnificent storytellers. But no matter how accomplished a data analyst, a story can't be told compellingly without visualizing what the data says and a key part of a data analyst's role is in reporting on what the data is saying. In this course, you will explore data visualization reports, beginning with data visualization tools and best practices. Then you will focus on examples of data visualization translating requirements for reports, key report components, report best practices, corporate standardization, and style guides. Next, you will discover how to create a report and examine the differences between static and dynamic reports, ad-hoc and self-service reports, and recurring vs. tactical reports. Finally, you will learn how to implement various design and documentation elements in reports, including using charts and graphs to enhance your report. This course can be used to prepare for CompTIA Data+ (DA0-001) exam.
23 videos |
3h 1m
Assessment
Badge
Cloud Services: Cloud Computing Concepts
Explore fundamental cloud computing concepts such as cloud service models, hosting options, and security considerations, among other topics covered in this 14-video course. Begin by examining cloud benefits, components, and service models; the differences between cloud computing roles such as cloud service customer, cloud service architect, and cloud auditor, and learn the differences between on-premises and cloud implementations. This leads to an overview of the IaaS (Infrastructure as a Service) cloud service model; the SaaS (Software as a Service) cloud service model, and what needs to be considered when using the PaaS (Platform-as-a-Service) cloud service model. Next, take a look at benefits and potential pitfalls for private cloud implementation; advantages and disadvantages of using a public cloud; benefits of using a hybrid cloud solution, and benefits and potential pitfalls of using a community cloud. Learners will examine the potential risks and benefits of migrating to the cloud, and explore common cloud vulnerabilities such as negligence, cyber threats, and system vulnerabilities.
14 videos |
57m
Assessment
Badge
CompTIA Server+: Deploying Cloud PaaS & SaaS
Platform as a Service (PaaS) and Software as a Service (SaaS) are two popular and valuable cloud service models. Both play a unique role in managing certain aspects of cloud computing. If you're an IT professional working in server environments, you need to know what these two cloud service models entail. Take this course to learn all about PaaS and SaaS solutions. Furthermore, practice deploying databases in the AWS and Microsoft Azure clouds. Configure a SaaS cloud solution. Use an automation template to deploy a PaaS solution. And use several strategies and tools to keep cloud computing costs to a minimum. Upon course completion, you'll be able to deploy PaaS and SaaS solutions and control cloud computing costs. This course also helps prepare you for the CompTIA Server+ SK0-005 certification exam.
9 videos |
46m
Assessment
Badge
CompTIA Server+: Data Privacy & Protection
Data privacy has become engrained in laws and regulations all over the world. Server technicians must take the appropriate steps to secure sensitive data in alignment with applicable laws and regulations. Discover items that constitute personally identifiable information (PII) and protected health information (PHI) and identify common data security standards such as GDPR, HIPPAA, and PCI DSS. Differentiate between various types of malware and discover how the art of deception is practiced through social engineering. Next, examine data loss prevention (DLP) and implement data discovery and classification on-premises and in the cloud. Lastly, examine key storage media destruction techniques. Upon course completion, you'll be able secure data in alignment with applicable laws and regulations. You'll also be more prepared for the CompTIA Server+ SK0-005 certification exam.
11 videos |
1h 3m
Assessment
Badge
Artificial Intelligence: Basic AI Theory
Artificial intelligence (AI) is transforming the way businesses and governments are developing and using information. This course offers an overview of AI, its history, and its use in real-world situations; prior knowledge of machine learning, neural network, and probabilistic approaches is recommended. There are multiple definitions of AI, but the most common view is that it is software which enables a machine to think and act like a human, and to think and act rationally. Because AI differs from plain programing, the programming language used will depend on the application. In this series of videos, you will be introduced to multiple tools and techniques used in AI development. Also discussed are important issues in its application, such as the ethics and reliability of its use. You will set up a programing environment for developing AI applications and learn the best approaches to developing AI, as well as common mistakes. Gain the ability to communicate the value AI can bring to businesses today, along with multiple areas where AI is already being used.
14 videos |
1h 4m
Assessment
Badge
Visualizing Data for Impact: Data Storytelling
Data storytelling lets you set up and reveal key results quickly and in an organized fashion. It is a great way to make findings impactful and meaningful for an audience. Through this course, learn about data storytelling and how it can help elevate your data visualizations and create impactful narratives for an audience. Explore the theory and purpose behind data storytelling and how to contextualize and refine insight. Next, discover how to engage with an audience and put together an outline. Finally, learn how to plot data points to a storyboard and format a story for delivery. Upon completion, you'll be able to outline elements of data storytelling and apply them when presenting data.
8 videos |
28m
Assessment
Badge
Azure Data Fundamentals: Azure SQL Querying Techniques
Azure SQL is used for extracting and organizing data that is stored in a relational database. In this course, you'll learn how to recognize and apply data querying techniques using SQL, Data Definition Language, and Data Manipulation Language. You'll start by learning about Structured Query Language including its uses, features, and limitations. You'll examine how to work with the Data Definition Language and Data Manipulation Language. Next, you'll learn how to query Azure SQL Database using the Azure portal, SSMS, Data Studio, and the sqlcmd utility. Finally, you'll discover how to query relational data in PostgreSQL, MySQL, and MariaDB. This course is one in a series that prepares learners for the Microsoft Azure Data Fundamentals (DP-900) exam.
12 videos |
1h 6m
Assessment
Badge
CCSP 2022: Legal Requirements, Privacy Issues, & Risk Management in the Cloud
Cloud computing presents a number of unique risks and issues since it routinely crosses many geographic and political boundaries, and international legislation, regulations, and privacy requirements can conflict with one another. In this course, examine the legal and privacy issues that a Certified Cloud Security Professional can expect to face. Begin by investigating conflicting international laws, eDiscovery, and Cloud Security Alliance (CSA) guidance. Then, focus on personal privacy issues related to protected health information (PHI), personally identifiable information (PII), and privacy impact assessments (PIAs), and compare privacy requirements including ISO/IEC 27018, Generally Accepted Privacy Principles (GAPP), and General Data Protection Regulation (GDPR). Finally, explore risk management by assessing risk management programs and studying regulatory transparency requirements, including breach notification, Sarbanes-Oxley (SOX), and GDPR. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
10 videos |
25m
Assessment
Badge
Dataproc Operations
Executing Dataproc implementations with big data can provide a variety of methods. Examine Dataproc implementations with Spark and Hadoop using the cloud shell and introduce BigQuery PySpark REPL package.
10 videos |
52m
Assessment
Badge
CompTIA CASP+: IT Governance & Security Compliance
IT governance involves ensuring that business and regulatory compliance needs are met by IT solutions. In this course, you'll learn to identify common data privacy standards and regulations, as well as various types of business agreements. Next, you'll learn to classify personally identifiable information using various methods including Macie for data discovery and classification. You'll explore how to use Azure Information Protection to enable DLP and tag cloud resources to facilitate resource management. You'll then examine how to securely wipe a storage device and identify common organization security policies. Lastly, you'll learn how to identify data roles and configure cloud data retention. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
12 videos |
1h 7m
Assessment
Badge
Data Warehousing with Azure: Architecture & Modeling Techniques
Explore the fundamentals of data warehousing and the essential architectures and components being implemented to manage data.
15 videos |
1h 17m
Assessment
Badge
Modern Data Warehouses
In today's world, data warehouses have become necessary for making informed business decisions. The wide availability of data comes at an increased cost of storing it efficiently - a necessity for any business working with large amounts of data. Learn more about the key concepts, architecture, stages, use cases, and available solutions for data warehouses using this course. You will examine data warehousing solutions, architecture, and techniques, discover Amazon Redshift and Google BigQuery, and explore the concepts, such as batch, stream, and real-time analytics. This course will also help highlight the considerations for implementing a data warehouse for a business and the implementation steps and best practices required. After completing this course, you will have a foundational knowledge of implementing a data warehousing solution for your business.
12 videos |
1h 4m
Assessment
Badge
Emerging Data Trends: AI TRiSM Unleashed
Modern organizations must embrace data governance methodologies to remain competitive and compliant; of late, artificial intelligence (AI) has become a must-have for organizations. AI TRiSM (trust, risk, and security management) is the key concept that ensures AI models are governed and trustworthy. In this course, you will explore the role of AI TRiSM in risk management. Then you will focus on the pillars of the AI TRiSM framework, advantages of AI TRiSM, and how AI can be leveraged for informed decision-making. Next, you will discover how organizations can take advantage of AI TRiSM and examine the fundamental factors that make AI TRiSM successful. Finally, you will delve into how to achieve success with AI TRiSM and implement an AI strategy in your organization.
11 videos |
58m
Assessment
Badge
Data Access & Governance Policies: Data Access Governance & IAM
This course explores how a DAG (Data Access Governance), a structured data access framework, can reduce the likelihood of data security breaches, and reduce the likelihood of future breaches. Risk and data safety compliance addresses how to identify threats against an organization's digital data assets. You will learn about legal compliance, industry regulations, and compliance with organizational security policies. You will learn how the IAM (identity and access management) relates to users, devices, or software components. Learners will then explore how a PoLP (Principle of Least Privilege) dictates to whom and what permission is given to users to access data. You will learn to create an IAM user and group within AWS (Amazon Web Services), and how to assign file system permissions to a Windows server in accordance with the principle of least privilege. Finally, you will examine how vulnerability assessments are used to identify security weaknesses, and different types of preventative security controls, for example, firewalls or malware scanning.
13 videos |
58m
Assessment
Badge
Storytelling with Data: Introduction
In this 10-video course, learners can explore the concept of storytelling with data, including processes involved in storytelling and interpreting data contexts. You will explore prominent types of analysis, visualizations, and graphics tools useful for storytelling. Become familiar with various processes: storytelling with analysis, and its types; storytelling with visualization; and storytelling with scatter plots, line charts, heat maps, and bar charts. Popular software programs are also used: d3.js (Data-Drive Document), WebDataRocks, Birt, Google Charts, and Cytoscape. Users of storytelling include three types: strategists, who actually build strategy for story making; developers or designers, who often use videos, images, infographics to create experience architecture; and marketers or salespeople, who uses different modes including visual social networks, calendaring, messaging in visual form, digital signage, UGC or employee advocacy, story selling, live streaming, or data storytelling. A concluding exercise asks learners to recall elements of storytelling context; specify types of analysis used to facilitate storytelling with data; list prominent visualizations used to facilitate storytelling with data; and list prominent graphical tools useful for data exploration.
10 videos |
46m
Assessment
Badge
Storytelling with Data: Tableau & Power BI
To convey the true meaning of data most effectively, data scientists and data management professionals need to be able to harness the capabilities of different approaches of storytelling with data. This 14-video course explores how to select the most effective visuals for a storytelling project, how to eliminate clutter, and how to choose the best practices for story design. In addition, learners will see demonstrations of how to work with Tableau and Power BI bar charts to facilitate storytelling with data. Learn to select appropriate visuals for your data storytelling project; how to use slopegraphs; and learn important steps to take in cluttering and de-cluttering data. Explore the gestalt principle, as well as common problems of visual story design. In the concluding exercise, learners will load data by using Power BI from a CSV file; create a bar chart by using the data; and create a pie chart to show the whole-part relation in the data.
14 videos |
56m
Assessment
Badge
Data Warehousing & Business Intelligence Implementation
Data warehousing and business intelligence have become fundamental to maintaining business competitiveness. Examine what is involved in creating a SQL Server data warehouse, and how to create and deploy an SSIS package.
15 videos |
59m
Badge
Querying SQL Databases: Learning SQL Using Prompt Engineering
Structured query language (SQL) is a powerful query language designed for managing and manipulating relational databases. Its declarative nature allows users to interact with databases by specifying the desired result, leaving the system to determine the optimal method of execution. Begin this course with an introduction to SQL, including the features of SQL and how and where SQL is used. Then, you will install and operate MySQL, utilizing the assistance of generative artificial intelligence (AI) chatbots ChatGPT and Bard. You will work with the MySQL Workbench and learn to create tables, insert data into tables, and update and delete records in tables. Next, you will find out how to apply constraints on tables, use NOT NULL constraints to prohibit missing values, and use unique constraints, which ensure distinct values in columns. Finally, you will create and work with primary key constraints that are used to uniquely identify records in a table.
12 videos |
1h 47m
Assessment
Badge
Security Program Regulatory Integration
In this 12-video course, learners will discover the importance of integrating regulations with organizational security policies. Explore security standards such as General Data Protection Regulation (GDPR); Health Insurance Portability and Accountability (HIPAA); and Federal Information Security Management Act (FISMA), as well as the International Organization for Standardization (ISO), and National Institute of Standard and Technology (NIST). To begin, determine how to establish the importance of building regulatory compliance into a company's IT security program. You will then examine Personally Identifiable Information (PII), and Protected Health Information (PHI). This leads into the subject of Payment Card Industry Data Security Standard (PCI DSS), and what it entails. You will learn how HIPAA protects medical information; how GDPR protects European Union citizen data, and how the Gramm-Leach-Bliley Act (GLBA), applies to financial institutions. You will also identify how FISMA strives to protect sensitive US Government information, and recognize both NIST and ISO security standards. To conclude the course, you will discover how the Sarbanes-Oxley Act (SOX), requires organizational financial transparency.
12 videos |
38m
Assessment
Badge
Mitigating Security Risks: Cyber Security Risks
Effective cybersecurity risk management requires intricate knowledge of day-to-day IT security risks, network vulnerabilities, and cyber attacks. In this course, you'll detail several cybersecurity breaches and how best to prevent each one. You'll start with a general overview of what comprises security risks before categorizing different types into information, cloud, and data-related risks. Next, you'll explore cybercrime methods, the motivations behind them, and the security gaps that invite them in. You'll then use real-life examples to detail some commonplace cyberattacks and crimes. Moving on, you'll investigate what's meant by malware and outline best practices to manage worms, viruses, logic bombs, trojans, and rootkits. You'll also learn how to safeguard against malware, spyware, ransomware, adware, phishing, zero-day vulnerabilities, DoS, and backdoor attacks. By the end of the course, you'll be able to outline guidelines and best practices for securing against the most prevalent types of cybercrimes.
13 videos |
1h 16m
Assessment
Badge
CCSP 2019: Implementing Data Discovery & Classification
Proper data governance begins with labeling data and applying security controls based on those labels. Explore information rights management (IRM) and challenges associated with data discovery, as well as the roles played by PKI (public key infrastructure) security certificates and virtual private networks (VPNs) in the cloud. This 6-video course prepares learners for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. Begin with IRM objectives such as data rights, provisioning, and access models. Examine data discovery approaches and techniques for structured and unstructured data, and challenges of data discovery in the cloud. Then examine data classification, enabled by using Microsoft Azure Information protection for sensitive data such as Protected Health Information (PHI) and Personally Identifiable Information (PII), and cardholder data. Recognize how PKI provides security for digital IT solutions; how to use PowerShell to create PKI certificates; and how to generate certificates in a Microsoft Azure Key Vault. Learn how VPNs are used for secure cloud resource access. Then configure a Microsoft Azure point-to-site VPN and a custom Microsoft Azure Key Vault key for storage account encryption.
12 videos |
42m
Assessment
Badge
CISM 2022: Information Security Governance
The best way to improve the enterprise security stance is to align IT security solutions with business objectives. In this course, you will consider how information security must align with business strategies. You will explore the business model for information security and review the importance of identifying and classifying assets critical to a business. Next, you will learn about supply chain security, personnel management, and the components of an information security program. You will discover the relationship between service-level agreements (SLAs) and organizational objectives and discuss the relevance of change and configuration management. Then, consider how to develop organizational security policies. Lastly, explore expense types, chain of custody, organizational culture, and how the Control Objectives for Information Technologies (COBIT) framework applies to IT governance. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
16 videos |
1h 40m
Assessment
Badge
CISM 2022: Security Standards
Global and local security standards, including laws and regulations, are an important input to determine how enterprises deploy and manage security controls. In this course, you will learn how the European Union's General Data Protection Regulation (GDPR) data privacy legislation applies to any organization world-wide handling private EU citizen data. Next, you will explore various International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) standards for proper data governance, followed by American data privacy and cloud security standards such as Health Insurance Portability and Accountability Act (HIPAA) and Federal Risk and Authorization Management Program (FedRamp). Discover how to secure cardholder data as related to Payment Card Industry Data Security Standard (PCI DSS) international security standards and review other data privacy legislation including Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and China's Personal Information Protection Law (PIPL). Lastly, explore the importance of securing cloud service usage in alignment with the Cloud Controls Matrix (CCM). This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
10 videos |
53m
Assessment
Badge
CISM 2022: Managing Risk
Residual risk remains after security controls are put in place to mitigate the impact of threats. The organizational appetite for risk determines what level of residual risk is acceptable. In this course, you will explore how risk management improves business operations by minimizing the impact of realized threats. You will learn how to calculate the cost of mitigating risk compared to the value of the protected asset and determine the cost-benefit analysis and return on investment when implementing security controls. Next, discover the importance of risk assessments, especially where there are changes to some aspect of the business or a specific business process. You will then explore how various risk approaches, such as risk acceptance, avoidance, transfer, and reduction, apply to an organization's tolerance of residual risk. Lastly, discover how risk heat maps are an effective method for communicating various degrees of risk. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
9 videos |
49m
Assessment
Badge
CISM 2022: Data Privacy
Enterprises must comply with relevant laws and regulations related to data privacy. This requires recognizing applicable laws and regulations and implementing the appropriate security controls. In this course, you will explore examples of personally identifiable information (PII) and protected health information (PHI) and learn about data residency implications related to the physical storage location of sensitive data. Next, learn how to reduce the possibility of data exfiltration through data loss protection policies and how to discover and classify data using Amazon Macie and Microsoft Purview governance. Then you will learn to configure data classification on the Microsoft Windows server platform and tag cloud resources for classification purposes. Lastly, explore how to configure Microsoft Azure storage account encryption using a customer-managed key. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
10 videos |
56m
Assessment
Badge
CISM 2022: Assessing Risk
Assessing risk is a crucial activity that enables organizations to evaluate risk exposure for business processes and assets. In this course, you will begin by exploring how to conduct vulnerability assessments and how the results can shed light on security control deficiencies. Next, you will learn how to perform a network vulnerability assessment and review the results, followed by scanning a web application for web app-specific vulnerabilities. You will discover how to conduct a gap analysis to determine the current security posture compared to a desired security posture. Then, you will explore the important aspects of when and how to run penetration tests. Lastly, you will see how to configure Microsoft Azure Policy assignments to determine cloud resource configuration compliance. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
8 videos |
45m
Assessment
Badge
CISM 2022: Cloud Computing & Coding
The use of cloud services is a form of outsourcing of IT service which also introduces an element of risk. Software developers can use on-premises as well as cloud-based services to create, test, and deploy software solutions. In this course, you will explore cloud deployment models including public, private, hybrid, and community clouds. You will then cover cloud computing service models, such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS), including where the security responsibility lies in each model. Next, you will explore various cloud-based security controls addressing a wide variety of cloud computing security needs. You will discover how to deploy a repeatable compliant cloud-based sandbox environment using Microsoft Azure Blueprints. Next, explore how security must be included in each software development life cycle (SDLC) phase as opposed to post-implementation. Finally, discover the importance of secure coding practices and how security must integrate with software development, testing, deployment, and patching. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
9 videos |
49m
Assessment
Badge
CISM 2022: Data Protection with Cryptography
Cryptography provides solutions for ensuring data privacy and integrity. Various firmware and software solutions protect data in transit and data at rest. In this course, you will explore the CIA security triad and how it relates to the organization's security program. You will then review various cryptography solutions and discuss data integrity to assure that tampering has not occurred. Next, you will learn how Hardware Security Module (HSM) appliances and Trusted Platform Module (TPM) firmware provide cryptographic services. You will see how Transport Layer Security (TLS) supersedes the deprecated Secure Sockets Layer (SSL) network security protocol suite followed by discussing virtual private network (VPN) encrypted network tunnels, and the IP Security (IPsec) network security protocol suite. Lastly, you will explore the PKI hierarchy and how public key infrastructure (PKI) certificates are used for digital security throughout the certificate life cycle. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
12 videos |
1h 5m
Assessment
Badge
Prompt Engineering: Ethical Hacking & Generative AI Fusion
In our increasingly digital world, the convergence of ethical hacking and generative AI technologies has become a crucial frontier in cybersecurity. As technology advances, so do the methods employed by hackers, making it essential for ethical hackers, or white hat hackers, to stay one step ahead. This course introduces you to the exciting world of ethical hacking and generative AI technologies. You will gain insights into the evolving cybersecurity landscape, learn about the techniques used by both malicious and ethical hackers, and explore how generative AI can be leveraged for both offensive and defensive purposes. By the end of this course, you will be equipped with a solid foundation in ethical hacking and generative AI, enabling you to understand the complex dynamics between security and innovation in the digital age.
14 videos |
1h 19m
Assessment
Badge
Prompt Engineering: Generative AI for Reconnaissance
In today's rapidly evolving digital landscape, the convergence of ethical hacking and generative AI has emerged as a powerful force in countering cybersecurity threats. As malicious hackers adapt and exploit advanced technologies, the need for innovative defenses becomes paramount. This course explores the cutting-edge domain of generative artificial intelligence (AI) and reconnaissance techniques. In this course, you will explore reconnaissance techniques leveraging AI's potential and apply passive and active reconnaissance techniques. Next, you'll explore the challenges and solutions associated with reconnaissance and generative AI and consider the methods used to protect against it. Finally, you'll explore how ethical hackers can use the information obtained during reconnaissance.
12 videos |
52m
Assessment
Badge
OS Deployment Strategies: Deploying Modern Systems
Cloud services are rapidly changing the nature of how technology services are implemented, and migrating toward a cloud-based model can provide many benefits to an organization. In this course, you'll explore the various cloud computing deployment models to understand the flexibility, speed, and infrastructure benefits of moving to a cloud solution. You'll also discover the benefits of cloud services models such as Infrastructure as a Service, Platform as a Service, Software as a Service, as well as Identity as a Service and Network as a Service.
12 videos |
43m
Assessment
Badge
EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE TRACKS
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.YOU MIGHT ALSO LIKE
Rating 5.0 of 1 users
(1)