Aspire Journeys
422 Data Analyst Intermediate NCWF KSAT Journey
- 77 Courses | 86h 34m 26s
The 422 Data Analyst journey examines data from multiple disparate sources with the goal of providing security and privacy insight. Designs and implements custom algorithms, workflow processes, and layouts for complex, enterprise-scale data sets used for modeling, data mining, and research purposes.
422 Data Analyst Intermediate
This track examines data from multiple disparate sources with the goal of providing security and privacy insight. Designs and implements custom algorithms, workflow processes, and layouts for complex, enterprise-scale data sets used for modeling, data mining, and research purposes.
- 77 Courses | 86h 34m 26s
COURSES INCLUDED
RADD Knowledge Area: Part 2
The Business Analysis Body of Knowledge (BABOK) helps the business analyst to follow a globally recognized standard of practice when analyzing the business. This course explores the competencies fundamental to business analytics and analysis, including behavioral characteristics, business knowledge, and the tools and technology knowledge necessary for effective business analysis work.
10 videos |
32m
Assessment
Badge
The Solution Evaluation Knowledge Area
Standards of analytics practice in the Business Analysis Body of Knowledge (BABOK) help guide the business analyst in tasks and requirements for analyzing the business. In this course, you'll learn about the business analysis solution evaluation knowledge area and its necessary analytics. You'll cover the characteristics of Agile, business intelligence, information technology, business architecture, and business process management perspectives.
10 videos |
41m
Assessment
Badge
Six Sigma Probability and Statistical Distributions
By determining the probability that a certain event, or multiple events, will occur during your business process improvement project, you'll have a better chance of planning an effective process design. You also need to understand the characteristics of various statistical distributions, and their suitability for different types of data. This course covers different Lean Six Sigma tools and techniques for calculating probability in process improvement initiatives, including independent events, mutually exclusive events, multiplication rules, permutations, and combinations. You'll also explore different types of distribution such as normal, Poisson, binominal, chi square, student's T, and F distributions, and how they can be applied in Lean projects to ensure process control. This course is aligned with ASQ's 2015 Six Sigma Green Belt Body of Knowledge.
16 videos |
58m
Assessment
Badge
Six Sigma Statistics and Graphical Presentation
Basic graphs and tables can be used to summarize and assess business process improvement data in a meaningful way. Lean and Lean Six Sigma practitioners use descriptive statistics to tabulate and graphically represent sample data through a number of types of graphical presentation. Using analytical statistics, practitioners can then make decisions regarding process improvement, process control, and process design. This course will introduce the fundamentals of statistics, including statistical tools for describing, presenting, and analyzing data. It is aligned with ASQ's 2015 Six Sigma Green Belt Body of Knowledge.
13 videos |
40m
Assessment
Badge
Classifying and Collecting Data
This course covers business process improvement and data - specifically, how to collect it and classify it. Both of these are critical skills for process improvement. With this data, you can use Lean, Six Sigma, and Lean Six Sigma concepts and practices to measure and improve each stage of your process. This course introduces process control and the basic types of data, such as qualitative and quantitative data, as well as measurement scales. You will learn the elements of a data collection plan, and how to use data collection tools, such as surveys and checklists, to improve process design. This course is aligned to the ASQ Body of Knowledge, and is designed to assist Yellow Belt candidates toward achieving their certification.
14 videos |
1h 8m
Assessment
Badge
Fundamentals of AI & ML: Advanced Data Science Methods
In data science, many statistical and analytical techniques can be used to pull meaningful insights from data. Some advanced data science methods rely on other foundational data science methods, such as text mining. In this course, you will learn about advanced data science methods and their use cases. Begin this course with an exploration of advanced machine learning (ML) methods, such as text mining and graph analysis, and their uses. Next, you will discover the anomaly and novelty detection processes. You will examine association rule mining and neural networks, including their use cases across industries. Then you will focus on common challenges during artificial intelligence (AI) and ML model training, the trade-offs between model complexity and interpretability, and the role of natural language processing (NLP) in text analysis. Finally, you will investigate the potential of computer vision techniques and applications of reinforcement learning.
14 videos |
1h 9m
Assessment
Badge
PMI PDU
Fundamentals of AI & ML: Introduction to Artificial Intelligence
Artificial intelligence (AI) provides cutting-edge tools to help organizations predict behaviors, identify key patterns, and drive decision-making in a world that is increasingly made up of data. In this course, you will explore the full definition of AI, how it works, and when it can be used, focusing on informative use cases. You will identify the types of data, as well as the tools and technologies AI uses to operate. Next, you will discover a framework for using the AI life cycle and data science process. Then you will examine how data science, machine learning (ML), and AI are relevant in the modern business landscape. Finally, you will investigate the key differences between AI and traditional programming approaches, the benefits and challenges associated with integrating AI and ML into business approaches, and the potential impact of AI on job roles and workforce dynamics. Upon completion of this course, you'll be familiar with common concepts and use cases of artificial intelligence (AI) and be able to outline strategies for each part of the AI life cycle.
15 videos |
1h 4m
Assessment
Badge
PMI PDU
Visualizing Data for Impact: Introduction to Data Visualization
Using data visualizations effectively and correctly is a part of building a data-driven culture in your team. Data visualization creates accessible, understandable, and effective graphic representations of data to help teams understand the patterns and trends in their data and make data-driven decisions. In this course, you will learn about the fundamentals of data visualization, why it is important, and how data visualizations can be useful to your team. You will also explore different types of data visualizations, their use cases, and how to interpret them. Finally, you will discover how to select appropriate tools and visualizations. Upon completion of this course, you'll be able to define the fundamental concepts, types, and uses of data visualization.
8 videos |
26m
Assessment
Badge
API Design: API Development
As a developer, we are always looking to add value through extensibility and reusability in our code. Creating a modern API is a means of achieving that goal. In this course, you'll learn about developing APIs, potential security risks, how to deal with these risks, and how to design reusable API code. Next, you'll examine the different methods and programming languages used for consuming REST API web services. Finally, you'll explore SOAP APIs, along with constraints and best practices to consider when creating them.
14 videos |
51m
Assessment
Badge
API Development: Web API Technologies
RESTful APIs allow today's massively distributed systems to communicate and run efficiently, which is made possible by using API standards, standard query syntax, consistency around everyday API operations, and conventional means of deployment. In this course, you'll explore API response standards for returning data from API methods calls. Next, you'll learn how to implement standard responses and use XML response serialization, basic Web API operations, and the OData V4 query syntax. Next, you'll learn how to perform web API conditional operations, implement route names using nouns and verbs effectively, and use functions, actions, and custom actions. Finally, you'll learn how to deploy an API and web application projects to a local server and the cloud, respectively.
12 videos |
1h 35m
Assessment
Badge
API Development: Tools
APIs are an essential component when developing software applications, and the industry offers many different types of APIs and API development tools. In this course, you‘ll learn how to work with a number of these API development tools to create and manage web servers, databases, and software development platforms, and to use for containerization. You'll begin by downloading and installing the Node.js web server, the Apache Tomcat web server, and the Windows IIS web server. You'll then download and install the MySQL database server and the MongoDB database server. Next, you'll download and install Visual Studio, Visual Code, Eclipse, and IntelliJ IDEA, all for web and API development. Lastly, you'll download and install the Docker Desktop virtualization environment.
12 videos |
44m
Assessment
Badge
MySQL: Querying Data
Explore how MySQL continue to play an important role in complementing both data warehouses and programming language based frameworks, in this 10-video course. Learners will observe how MySQL tables can be queried by using classic SQL syntax and how common types of queries tie closely to common patterns in table design. Key concepts covered here include how to write queries to explore entity and relationship data, including foreign keys; how to translate entity-relationship models into actual database table schemas; and learning about correct data types and constraints for specific columns in a table schema. You will learn how to use relational and logical operators in WHERE clause of MySQL queries; how to use LIKE and IN operators, as well as pattern matching with wildcards in queries; and how to use subqueries to perform complex logical operations. Next, learn to implement referential integrity checks by using foreign key constraints. Finally, you will learn how to perform filtering operations on date columns; and how to use LIMIT and ORDER BY clauses in MySQL queries.
10 videos |
1h 1m
Assessment
Badge
API Management and DevOps
Learners will explore the concept of application programming interfaces (APIs) and their typical lifecycles, in this 15-video course. An API is essentially a software or application intermediary that enables and allows communication between two applications. First, examine the different types of APIs and how they are managed and implemented. Then learn about API management and why it is required in software development; the benefits of proper API management implementation; and the role API management plays in the successful implementation of DevOps practices. You will observe how to implement continuous integration/continuous deployment (CI/CD) pipelines for API management; discover API management best practices; provision and maximize API security; and view API management solution tools. Implement API management with Azure API management; implement API management with Apigee API management; and implement API management with AWS API Gateway. Conclude the course with a look at upcoming trends that are being adopted and tested for API management from the perspective of artificial intelligence and machine learning.
15 videos |
1h 23m
Assessment
Badge
Azure Data Fundamentals: Azure SQL Querying Techniques
Azure SQL is used for extracting and organizing data that is stored in a relational database. In this course, you'll learn how to recognize and apply data querying techniques using SQL, Data Definition Language, and Data Manipulation Language. You'll start by learning about Structured Query Language including its uses, features, and limitations. You'll examine how to work with the Data Definition Language and Data Manipulation Language. Next, you'll learn how to query Azure SQL Database using the Azure portal, SSMS, Data Studio, and the sqlcmd utility. Finally, you'll discover how to query relational data in PostgreSQL, MySQL, and MariaDB. This course is one in a series that prepares learners for the Microsoft Azure Data Fundamentals (DP-900) exam.
12 videos |
1h 6m
Assessment
Badge
CCSP 2022: Legal Requirements, Privacy Issues, & Risk Management in the Cloud
Cloud computing presents a number of unique risks and issues since it routinely crosses many geographic and political boundaries, and international legislation, regulations, and privacy requirements can conflict with one another. In this course, examine the legal and privacy issues that a Certified Cloud Security Professional can expect to face. Begin by investigating conflicting international laws, eDiscovery, and Cloud Security Alliance (CSA) guidance. Then, focus on personal privacy issues related to protected health information (PHI), personally identifiable information (PII), and privacy impact assessments (PIAs), and compare privacy requirements including ISO/IEC 27018, Generally Accepted Privacy Principles (GAPP), and General Data Protection Regulation (GDPR). Finally, explore risk management by assessing risk management programs and studying regulatory transparency requirements, including breach notification, Sarbanes-Oxley (SOX), and GDPR. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
10 videos |
25m
Assessment
Badge
CompTIA Cloud+: Cloud Identity & Access Management
Identity and access management is crucial to securing resources and ensuring the resources are used by the correct people. In this course, you'll learn about some of the security resources that are available for performing and enforcing identity and access management. First, you'll examine identity and access management, including user identification, authorization, and privileged access management. You'll learn how to use the Lightweight Directory Access Protocol to manage access to resources. Next, you'll explore how identity federation can be used to manage user identities and how certificate management can be performed using certificate authorities, registration authorities, certificate databases, certificate stores, and key archival servers. You'll then move on to learn about multi-factor authentication, single sign-on, Public Key Infrastructure, as well as secret and key management. Finally, you'll learn about the components that can be used to perform incident response preparation and incident response procedures such as evidence acquisition, chain of custody, and root cause analysis. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 13m
Assessment
Badge
CompTIA Cloud+: Cloud Logging, Monitoring, Alerting & Optimization
Logging and monitoring is essential to ensure that your cloud environment is running efficiently and securely. In this course, you will learn to configure logging, monitoring and alerting services in the cloud and optimize cloud environments. First, you will learn about the available cloud features for logging such as collectors, SNMP, syslog, audits, log types, access and authentication, and automation. Next, you will learn about the features of system monitoring such as baselines, thresholds, tagging, and performance monitoring, resource utilization, availability, and SLA-defined uptime. Next, you will learn about the features of alerting such as common messaging methods, maintenance mode and appropriate responses. Finally, you will learn how to optimize cloud resources including placement, computing, storage, networks, and device drivers and firmware. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h
Assessment
Badge
Microsoft Azure DevOps Solutions: Design Azure DevOps Logging
Without the tools to capture and query logged information it becomes difficult to make the best decisions in the process of looping through the development pipeline. In this course you'll learn why logging is a critical part of any DevOps instrumentation strategy. You'll learn how to design a strategy to aggregate, store, and query the logs associated with software delivery as well as integrating data from crash analytics. You'll see how to use Kusto queries to pull relevant information from Log Analytics. Finally, you'll see how to manage access control to ensure access to logs is controlled. This course is one of a collection that prepares learners for the Designing and Implementing Microsoft DevOps Solutions (AZ-400) exam.
9 videos |
46m
Assessment
Badge
CRISC 2023: IT Baselines
Organizations must consider compliance with applicable laws and regulations through the management of security controls. IT systems and on-premises and cloud data can be secured, and compliance achieved using a variety of methods. In this course, explore various cloud provider compliance program details and how to use AWS conformance packs to track configuration compliance in the AWS cloud. Next, discover how security baselines are created and establish a performance baseline on the Windows Server platform and Azure Cloud. Finally, learn how to configure Azure Blueprints for a repeatable and compliant cloud environment and use Azure Policy to check resource configuration compliance. This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.
9 videos |
49m
Assessment
Badge
CRISC 2023: Authentication
Hardening authentication processes makes it more difficult for attackers to compromise accounts. Managing users and groups allows for access to required resources. In this course, you will explore authentication methods, including passwordless login. Then, you will learn how to manage Linux users and groups using the command line and how to enable Secure Shell (SSH) public key authentication. Next, you will manage Windows and cloud users and groups and examine dynamic membership cloud-based groups. Finally, you will configure multi-factor authentication (MFA) for users and explore identity federation. This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.
11 videos |
59m
Assessment
Badge
CRISC 2023: Authorization
Strong authorization settings limit permissions to resources for authenticated entities. Cybersecurity analysts must be aware of how to not only configure resource permissions, but also how to evaluate existing permissions to ensure adherence to the principle of least privilege. In this course, you will discover how authorization is related to, but differs from, authentication. Then, you will explore access control models, such as role-based access control (RBAC) and attribute-based access control (ABAC). Next, you will find out how to manage Linux and Windows file system permissions using the command lines. Finally, you will learn how to configure Windows dynamic access control, work with privileged access management in Linux using sudo, and manage RBAC permissions in the Microsoft Azure cloud. This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.
10 videos |
53m
Assessment
Badge
CRISC 2023: Cryptography
Confidentiality, integrity, and availability are core pillars of IT security governance. Cybersecurity analysts can harden IT environments using various encryption and hashing techniques. In this course, examine how the CIA triad relates to IT security and how cryptography protects sensitive data. Next, discover how to configure Encrypting File System (EFS) file encryption and Microsoft BitLocker encryption, and use a customer-managed key to enable encryption for an Azure storage account. Then learn how to hash files in Linux and Windows. Finally, find out about hardware security modules (HSMs) and the Trusted Platform Module (TPM), how Transport Layer Security (TLS) supersedes the Secure Sockets Layer (SSL), and how to enable HTTPS. This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.
14 videos |
1h 18m
Assessment
Badge
CRISC 2023: Network Security
Organizations should secure resource access while remaining compliant with relevant laws and regulations. One way to do this is to ensure proper network security controls are in place and reviewed regularly. In this course, learn about the OSI model layers, their relevance to network security controls, and the security aspects of network switching and network access control. Next, explore DHCP and DNS security issues, Wi-Fi authentication methods, and how to harden a DHCP and DNS deployment on Windows Server. Finally, discover the importance of honeypots and honeynets, how to implement a honeypot, how to analyze captured network traffic, and the purpose of an interconnection security agreement. This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.
15 videos |
1h 29m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Network Security Concepts
Cybersecurity policies often require detailed network configuration changes and additions. Technicians must be proficient with the configuration and management of various TCP/IP protocols. In this course, I will start by discussing the Open Systems Interconnection (OSI) model, network switching, and network access control. Next, I'll discuss the TCP/IP protocol suite as well as IPv4 and IPv6 addressing. I will then discuss network routing, dynamic host configuration protocol (DHCP), domain name system (DNS) and Wi-Fi authentication methods. Lastly, I will cover virtual private networks (VPNs), IP Security (IPsec) and network time synchronization. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
14 videos |
1h 29m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Managing Network Settings
Modern IT solutions communicate over various types of networks. Cybersecurity analysts must be able to configure and secure the ways that devices communicate over these networks. In this course, I will begin by creating on-premises and cloud-based virtual networks, followed by managing IP addressing on Linux, Windows, and in the cloud. Next, I will manage routing table entries in the cloud and implement domain name system (DNS) and Dynamic Host Configuration Protocol (DHCP) security. Lastly, I will harden a Wi-Fi router and configure IPsec in Windows. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
11 videos |
59m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Data Security Standards
To remain compliant with relevant data privacy laws and regulations, organizations must have a way of identifying sensitive data and implementing security controls to protect that data. In this course, explore how physical security is related to digital data security, examples of personally identifiable information (PII), and how data loss prevention (DLP) solutions can prevent data exfiltration. Next, learn about common data privacy regulations and standards, including GDPR, HIPAA, and PCI DSS. Finally, discover how to use Amazon Macie and File Server Resource Manager to discover and classify sensitive information and learn about the importance of service level objectives (SLOs) and service level agreements (SLAs). This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
11 videos |
1h 3m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Threat Intelligence Information
Cybersecurity analysts and security tools can reference a variety of threat intelligence sources to keep up to date with the latest threats and mitigations. These can be used to help keep organization security policies as effective as possible. In this course, examine different threat intelligence sources, the common vulnerabilities and exposures (CVEs) website, and the MITRE ATT&CK knowledge base. Next, discover how the OWASP Top 10 can help harden vulnerable web applications, how advanced persistent threats (APTs) are executed, and common ISO/IEC standards. Finally, learn how to analyze CIS benchmark documents, the Common Vulnerability Scoring System (CVSS), common organization security policy structures, and how organizational culture relates to IT security. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
12 videos |
1h 9m
Assessment
Badge
CompTIA Cybersecurity Analyst+: OS Process Management
Managing the running processes on Linux and Windows hosts not only improves performance but also impacts how secure those hosts are. Determining what an abnormal performance or activity is greatly facilitates comparisons to current activity to established baselines of normal performance and behavior. In this course, I will start by navigating through the Windows registry followed by exploring Linux hardware devices using the Linux command line. I will then use the Windows Device Manager tool to manage a hardware device. Next, I will create partitions and file systems on Linux and Windows hosts followed by covering how processes and daemons interact with the Linux OS. I will manage Linux and Windows processes and daemons, or services. Lastly, I will establish a normal performance baseline on a Windows Server using a data collector set. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
11 videos |
59m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Authentication
Hardening authentication processes makes it more difficult for attackers to compromise accounts. Managing users and groups allows for access to required resources. In this course, you will explore authentication methods, including passwordless login. Then you will learn how to manage Linux users and groups using the command line and how to enable Secure Shell (SSH) public key authentication. Next, you will install and configure a Lightweight Directory Access Protocol (LDAP) server and client, manage Windows and cloud users and groups, and examine dynamic membership cloud-based groups. Finally, you will configure multi-factor authentication (MFA) for AWS users, manage Windows password policies, and discover identity federation. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
13 videos |
1h 19m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Authorization
Strong authorization settings limit permissions to resources for authenticated entities. Cybersecurity analysts must be aware of how to not only configure resource permissions, but also how to evaluate existing permissions to ensure adherence to the principle of least privilege. In this course, you will discover how authorization is related to, but differs from, authentication. Then you will explore access control models, such as role-based access control (RBAC) and attribute-based access control (ABAC). Next, you will find out how to manage Linux and Windows file system permissions using the command lines. Finally, you will learn how to configure Windows dynamic access control, work with privileged access management in Linux using sudo, and manage RBAC permissions in the Microsoft Azure cloud. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
9 videos |
52m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Cryptography
Confidentiality, integrity, and availability are core pillars of IT security governance. Cybersecurity analysts can harden IT environments using various encryption and hashing techniques. In this course, examine how the CIA triad relates to IT security and how cryptography protects sensitive data. Next, discover how to configure EFS file encryption and Microsoft BitLocker encryption, and use a customer-managed key to enable encryption for an Azure storage account. Finally, learn how to hash files in Linux and Windows, about hardware security modules (HSMs), and how TLS supersedes SSL. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
12 videos |
1h 5m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Secure Coding & Digital Forensics
Security must be included in all phases of IT system and software development designs. Continuous integration and continuous delivery/deployment (CI/CD) integrates development and ongoing management of IT solutions. Cybersecurity analysts must understand IT governance and digital forensics concepts. Begin this course by examining the role of security in the software development life cycle (SDLC). Then you will explore CI/CD and learn how Git is used for file version control. Next, you will discover how the Control Objectives for Information and Related Technologies (COBIT) framework applies to IT governance and you will investigate digital forensics. Finally, you will configure legal hold settings for a cloud storage account and list common digital forensics hardware and software solutions. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
10 videos |
55m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Logging & Monitoring
Logging and monitoring are crucial aspects of IT security governance. The ability to configure and centrally monitor logs to detect anomalies can prevent security incidents or minimize their impact. In this course, learn how to view Linux log files, configure log rotation for log retention, and configure Linux log forwarding to a central logging host. Next, work with Windows Event Viewer logs and configure Windows log forwarding. Finally, discover how tracking malicious actor activity is possible using honeypots and honeynets and how to implement a honeypot. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
10 videos |
55m
Assessment
Badge
CompTIA Data+: Understanding Databases
Databases are the backbone of modern life, powering everything from online shopping to social media to memberships and countless other activities. They enable us to store, manage, and retrieve vast amounts of information quickly and efficiently. Understanding databases is the very first step in mastering data analytics. In this course, you will explore databases, beginning with the basic concepts of data analytics, databases, including relational and non-relational databases, and common roles in the field of data science. Then you will examine structured query language (SQL) including examples of SQL operations. Finally, you will investigate the purpose of databases in applications, database management systems (DBMS), how databases are implemented in everyday business environments, and common database tasks. This course can be used to prepare for CompTIA Data+ (DA0-001) exam.
15 videos |
1h 40m
Assessment
Badge
CompTIA Data+: Database Concepts
Databases are used for creating and storing virtually any type of data. Data drives business in the twenty-first century, and IT professionals interested in mastering data analytics must understand the key concepts surrounding databases and their uses in almost every facet of business. In this course, you will discover database concepts, beginning with challenges associated with databases, self-driving databases, data warehouses, data marts, and data lakes and lakehouses. Then you will explore the concepts of Online Transactional Processing (OLTP) and Online Analytical Processing (OLAP). You will learn about database schemas and look closely at star and snowflake schemas, which are common in data warehouses. Finally, you will explore slowly changing dimensions that shape the methods analysts use to keep historical and current data. This course can be used to prepare for the DA0-001: CompTIA Data+ exam.
13 videos |
1h 14m
Assessment
Badge
CompTIA Data+: Data Analytics Tools
Data that lives in a database is only part of the equation when considering data analytics. Data needs to be accessed and processed in order to be useful. The importance of data in the modern world can easily be observed by considering the sheer number of data analytics tools. Without these tools, data loses some of its usefulness. In this course, you will explore popular data analytics tools, beginning with Structured Query Language (SQL), and Python. Next, you will dig into data science styling recommendations in Python, data science reporting best practices, Microsoft Excel, and the R programming language. Then you will discover tools like RapidMiner, IBM Cognos, IBM SPSS Modeler, SPSS, SAS, Tableau, and Power BI. Finally, you will focus on the purposes and roles of tools such as Qlik, MicroStrategy, BusinessObjects, APEX, Amazon QuickSight, Stata, and Minitab. This course can be used to prepare for CompTIA Data+ (DA0-001) exam.
21 videos |
2h 13m
Assessment
Badge
CompTIA Data+: Descriptive Statistical Methods
Descriptive statistics are used to describe the characteristics of datasets. They are leveraged by data analysts to find answers or characteristics of data that aren't immediately or directly answered by analyzing the data alone. In other words, descriptive statistics are used to summarize characteristics of data that are not actually contained or explicitly described by the data. In this course, you will explore descriptive statistical methods, beginning with the purpose and role of descriptive statistics. Then you will dig into measures of central tendency, measures of dispersion, and frequency distribution. Finally, you'll examine percent change, percent difference, and confidence intervals. This course can be used to prepare for CompTIA Data+ (DA0-001) exam.
15 videos |
1h 21m
Assessment
Badge
CompTIA Data+: Inferential Statistical Methods
Unlike descriptive statistics, which describe characteristics of datasets, inferential statistics are used to make inferences or predictions about data. Information not readily evident by analyzing datasets can be gleaned by talented data analysts in order to form conclusions, and while it may sound like educated guessing, descriptive statistics are far more sophisticated than simply guessing. In this course, you will explore inferential statistical methods, identifying the purpose of inferential statistics and comparing them to descriptive statistics. Then you will investigate and perform inferential statistical methods such as t-tests, z-score, p-values, and chi-square. Finally, you will focus on hypothesis testing, simple linear regression, and correlation testing. This course can be used to prepare for CompTIA Data+ (DA0-001) exam.
18 videos |
1h 31m
Assessment
Badge
CompTIA Data+: Data Analysis Types & Techniques
Databases are places where information resides. What that information looks like is up to the creators of a database, but one thing is for certain: analyzing data is one of the main points of collecting and storing data. Analysis types and techniques are plentiful, and how a data analyst chooses to analyze data really depends on a number of factors. In this course, you will explore data analysis types and techniques, beginning with the data analysis process. Next, you will review and refine business questions and determine data needs and sources. Then you will discover scoping and gap analysis, analysis types, trend analysis, and performance analysis. Finally, you will examine exploratory data analysis and link analysis. This course can be used to prepare for CompTIA Data+ (DA0-001) exam.
11 videos |
1h 39m
Assessment
Badge
CompTIA Data+: Data Visualization Reports
Data is meaningful only when information is extracted from it. That information can tell a story, and the best data analysts are magnificent storytellers. But no matter how accomplished a data analyst, a story can't be told compellingly without visualizing what the data says and a key part of a data analyst's role is in reporting on what the data is saying. In this course, you will explore data visualization reports, beginning with data visualization tools and best practices. Then you will focus on examples of data visualization translating requirements for reports, key report components, report best practices, corporate standardization, and style guides. Next, you will discover how to create a report and examine the differences between static and dynamic reports, ad-hoc and self-service reports, and recurring vs. tactical reports. Finally, you will learn how to implement various design and documentation elements in reports, including using charts and graphs to enhance your report. This course can be used to prepare for CompTIA Data+ (DA0-001) exam.
23 videos |
3h 1m
Assessment
Badge
CompTIA Data+: Data Visualization Dashboards
Data visualization prepares data for presentation to make it easier for non-data analysts to understand what the data is saying. Often, non-data analysts can't see relationships in data without visual aids, but effective data presentation allows them to change parameters and understand and view the data in a similar manner to a data scientist. In this course, explore the purpose and key considerations for data visualization dashboards in data analytics, dashboard utilization best practices, and elements of dashboard development. Next, learn about dashboard delivery and how to create a dashboard. Finally, discover how to utilize saved searches, implement filters, optimize dashboards, and use access permissions. This course can be used to prepare for CompTIA Data+ (DA0-001) exam.
12 videos |
1h 11m
Assessment
Badge
CompTIA Data+: Data Governance
Data collection and how that data is used is highly regulated and for good reason. The world operates on the circulation of data, whether that's personally identifying information, health information, financial information, or even something as seemingly innocuous as someone's web browsing or purchasing habits. The regulations that exist are there to protect users, and in some cases, the people collecting the data. In this course, you will explore basic data governance concepts, beginning with access requirements, and role-based access control (RBAC). Then, you will delve into users and groups, data use, and the release process. Next, you will focus on data protection, data de-identification and masking, and storage environment requirements. Finally, you will learn about use requirements, entity relationship requirements, data classification, regulatory requirements, and data breach reporting. This course can be used to prepare for CompTIA Data+ (DA0-001) exam.
16 videos |
1h 45m
Assessment
Badge
Forensic Analysis: Cybercrime Investigations
Cybercrime investigators are typically responsible for collecting, processing, analyzing, and interpreting digital evidence related to network vulnerabilities, criminal activity, and counterintelligence initiatives. In this course, you'll explore the basics of network packet capturing, a process used to intercept and log traffic occurring over a network. You'll also examine the purpose and features of some standard tools and techniques to preserve and analyze a computer system's most volatile data. You'll then learn to use some of these tools and techniques to achieve various digital forensic analysis goals. Next, you'll recognize computer forensic best practices, including locating evidence in the Windows Registry. Finally, you'll learn how to differentiate between the purpose and features of the various tools available for conducting hard disk forensic analysis.
17 videos |
1h 37m
Assessment
Badge
Cypher Query Language: Advanced Operations with Cypher
This course explores a variety of Cypher queries that go beyond simple reads and writes. The course also involves identifying complex patterns and combinations of data in nodes and relationships. Begin with a deep dive into querying for patterns in relationships. Move on to the operation of finding the shortest paths between two nodes in a graph structure. Next, explore queries based on the properties of nodes or relationships, where you will look for elements matching a single criterion as well as multiple criteria defined using logical operations. Following that, explore some of the fundamental aggregation operations which can be performed on data using the Cypher language on both text and numeric data. Finally, discover how to order query results and limit their size using the LIMIT and SKIP clauses. Upon completion, you'll know how to apply graph-specific and generic database features to analyze a Neo4j database using the Cypher language.
9 videos |
1h 22m
Assessment
Badge
Predictive Analytics: Case Studies for Cybersecurity
Cybersecurity is the protection of user software from maliciously-intentioned agents and parties. Cyberattacks commonly focus on critical physical infrastructures like power plants, oil refineries, and gas pipelines. For geopolitical reasons, the cybersecurity of such installations is increasingly important. In this course, explore the use of classification models when modeling cyberattacks and the evaluation metrics for classification models. Next, examine a case study where machine learning and cybersecurity attempt to detect intrusions in a gas pipeline. Finally, investigate a case study where machine learning models are used to detect and cope with malware. Upon completion, you'll be able to identify the need for AI in cybersecurity and outline the appropriate use of evaluation metrics for classification models.
10 videos |
1h 23m
Assessment
Badge
Predictive Analytics: Identifying Network Attacks
In cybersecurity, it's important to determine whether a user interaction or action represents an attack, followed by discerning the specific attack type and signature. Machine learning (ML) models and managed ML solutions like Microsoft Azure Machine Learning can help with this. In this course, learn how to create an Azure Machine Learning workspace, read in data, and categorize all of the different types of attacks. Next, discover how to train a random forest classification model using the scikit-learn library and test it on the in-sample validation data. Finally, practice performing multiclass classification to identify the specific type of attack. Upon completion, you'll be able to detect intrusions using data, train and evaluate classification models, and perform multiclass classification.
18 videos |
2h 3m
Assessment
Badge
Modern Data Warehouses
In today's world, data warehouses have become necessary for making informed business decisions. The wide availability of data comes at an increased cost of storing it efficiently - a necessity for any business working with large amounts of data. Learn more about the key concepts, architecture, stages, use cases, and available solutions for data warehouses using this course. You will examine data warehousing solutions, architecture, and techniques, discover Amazon Redshift and Google BigQuery, and explore the concepts, such as batch, stream, and real-time analytics. This course will also help highlight the considerations for implementing a data warehouse for a business and the implementation steps and best practices required. After completing this course, you will have a foundational knowledge of implementing a data warehousing solution for your business.
12 videos |
1h 4m
Assessment
Badge
Data Mining and Decision Making: Data Mining for Answering Business Questions
The data mining process provides the opportunity for businesses to collect additional information and insights that are unavailable through other everyday operations of the company. Use this course to learn more about how utilizing data mining effectively may provide a competitive advantage and additional knowledge about the market and competitors. Start by examining the essential concepts in data exploration using summary statistics and visuals and discover different data mining techniques. This course will also help you develop an understanding of the complete data mining process - data gathering, cleaning, exploration, and mining. After completing this course, you'll be able to use data mining to answer in-depth questions about any business.
12 videos |
58m
Assessment
Badge
Version & Source Control: Working With Source Control Tools
While aspiring DevOps engineers may have a background in support, they often lack exposure to the standard tools used for specific development support tasks, such as source control. In this course, you'll identify the essential features and purposes of prominent source control tools and the technical support-related situations in which to avail of them. Specifically, you'll learn to install, set up, and work with Git, GitLab, Beanstalk, Apache Subversion, AWS CodeCommit, Azure DevOps Server, Concurrent Versions System, and IBM Rational Team Concert. You'll use these tools to share and manage code and repositories, collaborate and track work, and ship applications.
16 videos |
55m
Assessment
Badge
Technology Landscape & Tools for Data Management
This Skillsoft Aspire course explores various tools you can utilize to get better data analytics for your organization. You will learn the important factors to consider when selecting tools, velocity, the rate of incoming data, volume, the storage capacity or medium, and the diversified nature of data in different formats. This course discusses the various tools available to provide the capability of implementing machine learning, deep learning, and to provide AI capabilities for better data analytics. The following tools are discussed: TensorFlow, Theano, Torch, Caffe, Microsoft cognitive tool, OpenAI, DMTK from Microsoft, Apache SINGA, FeatureFu, DL4J from Java, Neon, and Chainer. You will learn to use SCIKIT-learn, a machine learning library for Python, to implement machine learning, and how to use machine learning in data analytics. This course covers how to recognize the capabilities provided by Python and R in the data management cycle. Learners will explore Python; the libraries NumPy, SciPy, Pandas to manage data structures; and StatsModels. Finally, you will examine the capabilities of machine learning implementation in the cloud.
9 videos |
26m
Assessment
Badge
Windows Server 2022: Scripting & Common Automation Tasks
PowerShell is a Microsoft cross-platform task automation tool that leverages a command line shell, configuration management framework, and scripting language to manage computer systems. In this course, you'll explore the key capabilities of PowerShell in Windows Server 2022 and discover both Microsoft and third-party platforms supported by PowerShell modules including Azure, Windows, Exchange, and SQL Server. You will also learn how PowerShell cmdlets can be used to run any command available on your system. Next, you will examine PowerShell scripting capabilities and how they can be used to automate the creation of new users in Windows Server 2022. Finally, you will discover how PowerShell can be used to configure and manage services, firewalls, storage, and network settings, and explore how to enable PowerShell remoting so it can be used to view event log information and manage services from remote servers.
16 videos |
2h 13m
Assessment
Badge
Querying SQL Databases: Learning SQL Using Prompt Engineering
Structured query language (SQL) is a powerful query language designed for managing and manipulating relational databases. Its declarative nature allows users to interact with databases by specifying the desired result, leaving the system to determine the optimal method of execution. Begin this course with an introduction to SQL, including the features of SQL and how and where SQL is used. Then, you will install and operate MySQL, utilizing the assistance of generative artificial intelligence (AI) chatbots ChatGPT and Bard. You will work with the MySQL Workbench and learn to create tables, insert data into tables, and update and delete records in tables. Next, you will find out how to apply constraints on tables, use NOT NULL constraints to prohibit missing values, and use unique constraints, which ensure distinct values in columns. Finally, you will create and work with primary key constraints that are used to uniquely identify records in a table.
12 videos |
1h 47m
Assessment
Badge
Authentication & Encryption: Best Practices
In this 14-video course, explore the authentication, authorization, and encryption options that a security architect will need on a day-to-day basis. The focus will be on two fronts-from a network security standpoint including cloud services, and internal solutions in an Agile and DevOps environment. Begin with a look at authentication, authorization, and encryption factors and how they fit together, then look at methods of authentication and best practices. This leads into methods of authorization and access control; the use of encryption methods and best practices in implementing encryption; and key symmetry-differentiating between public and private keys and their ciphers. Examine methods of keeping login and authentication credentials secure; view system authentication and authorization through user account administration in Linux, and handle security policy trade-offs in situations where solutions might not align with policy. Discover Secure Shell (SSH) configuration, and implementing and securing remote access to a system using SSH; create secure certificates and keys using OpenSSL; verify software package authenticity by using OpenSSL, and file encryption and file decryption with OpenSSL.
14 videos |
56m
Assessment
Badge
Security Program Regulatory Integration
In this 12-video course, learners will discover the importance of integrating regulations with organizational security policies. Explore security standards such as General Data Protection Regulation (GDPR); Health Insurance Portability and Accountability (HIPAA); and Federal Information Security Management Act (FISMA), as well as the International Organization for Standardization (ISO), and National Institute of Standard and Technology (NIST). To begin, determine how to establish the importance of building regulatory compliance into a company's IT security program. You will then examine Personally Identifiable Information (PII), and Protected Health Information (PHI). This leads into the subject of Payment Card Industry Data Security Standard (PCI DSS), and what it entails. You will learn how HIPAA protects medical information; how GDPR protects European Union citizen data, and how the Gramm-Leach-Bliley Act (GLBA), applies to financial institutions. You will also identify how FISMA strives to protect sensitive US Government information, and recognize both NIST and ISO security standards. To conclude the course, you will discover how the Sarbanes-Oxley Act (SOX), requires organizational financial transparency.
12 videos |
38m
Assessment
Badge
Security Architect: Secure Coding Concepts
Explore secure coding from the standpoint of a security architect, including best practices for both security design and architecture implementation, and the level of influence needed by a security architect to influence secure coding practices, in this 14-video course. Key concepts covered in this course include principles that define a security architecture; examining the issues and steps involved in security design; and learning the process and potential security flaws in security architecture implementation. Next, you will learn about considerations for deploying and operating an application in secure environments; learn methods and tools that can be used to help secure software through automation and testing; and learn approaches to assessing the risk of an application. Continue by examining the lifecycle of vulnerabilities in software; common coding pitfalls that lead to security vulnerabilities; and industry standards and the application domains they apply to. Finally, you will learn security concerns when adopting new technologies, coding languages, and platforms; learn secure coding architecture when deploying cloud applications; and learn practical approaches to secure coding practices.
14 videos |
56m
Assessment
Badge
Mitigating Security Risks: Cyber Security Risks
Effective cybersecurity risk management requires intricate knowledge of day-to-day IT security risks, network vulnerabilities, and cyber attacks. In this course, you'll detail several cybersecurity breaches and how best to prevent each one. You'll start with a general overview of what comprises security risks before categorizing different types into information, cloud, and data-related risks. Next, you'll explore cybercrime methods, the motivations behind them, and the security gaps that invite them in. You'll then use real-life examples to detail some commonplace cyberattacks and crimes. Moving on, you'll investigate what's meant by malware and outline best practices to manage worms, viruses, logic bombs, trojans, and rootkits. You'll also learn how to safeguard against malware, spyware, ransomware, adware, phishing, zero-day vulnerabilities, DoS, and backdoor attacks. By the end of the course, you'll be able to outline guidelines and best practices for securing against the most prevalent types of cybercrimes.
13 videos |
1h 16m
Assessment
Badge
Mitigating Security Risks: Information, Cloud, & Data Security Risk Considerations
To keep your organization's data secure, you need to know why your data is at risk and how to protect it using established principles and standards. In this course, you'll explore commonly used techniques to compromise data and how international best practices can help protect against these breaches. You'll start by examining three fundamental information security principles, which define information security policy and help identify risks. You'll then outline data breach methods and identify the targets of these threats. Next, you'll investigate what's meant by 'the human factor' and why it's key to any attack. You'll then study how technologies to secure data and information work under the hood. Moving on, you'll outline primary worldwide information security regulations and governance frameworks. Lastly, you'll examine why the ISO 27017 cloud security principles need to be considered when formulating a cloud security risk management plan.
11 videos |
55m
Assessment
Badge
Cloud Security Administration: Infrastructure Planning
Cloud infrastructure consists of the physical location of the cloud data center. Depending on the data center location, there are different risks that are taken by the service provider and different methods used to tackle security issues. A secure cloud is created by using open source software and creating a technical support pool. Additionally, basic security concepts like protecting data in motion and in rest using encryption can be employed so that clients can only see their data. In this course, you'll learn about baselining cloud infrastructure, different components like hardware and software, and challenges faced in cloud environments.
13 videos |
55m
Assessment
Badge
Ethical Hacker: Account Creation
Because account management and access control are fundamental to security, it is vital to understand these technologies as an ethical hacker. In this 6-video course, learners can explore account creation concepts, standard access control models, attribute-based access control, and how to design account and access control. Key concepts covered in this course include learning about account creation, and why how an organization creates and manages accounts is fundamental to security; common attack methodologies; and how to test accounts in a network. Next, you will learn about three fundamental access models that are utilized by a wide range of systems and include mandatory access control (MAC), discretionary access control (DAC), and the most common one, role-based access control (RBAC). Then observe how to implement attributed-based access control (ABAC) and its advantages over standard access control; and learn to design your account and account management processes by selecting one of the three fundamental models to use for a test design for an organization.
6 videos |
18m
Assessment
Badge
SecOps Engineer: Secure Coding
This 13-video course explores software protection by applying secure development and coding practices. Learners will examine secure coding key concepts, including early and frequent testing, and how to validate to ensure it is the proper kind of data, and the proper size, type, and format. First, the course demonstrates how to set up a simple filtering statement to improve software security. You will learn how to constrain user input, by implementing a drop-down box or radio buttons. You will also learn the top 10 rules established by CERT (Computer Emergency Response Team) for secure programming, and how to operationalize secure software deployments, as well as continuous secure delivery to quickly update changes and upgrades. Learners will explore verification, and secure validation software metrics to measure and improve software. You will learn to use C# code, evaluate both secure and unsecure parts, for the web and Windows code, and learn to secure code with Python. Finally, you will learn to secure code with Java.
13 videos |
51m
Assessment
Badge
CISM 2022: Security Standards
Global and local security standards, including laws and regulations, are an important input to determine how enterprises deploy and manage security controls. In this course, you will learn how the European Union's General Data Protection Regulation (GDPR) data privacy legislation applies to any organization world-wide handling private EU citizen data. Next, you will explore various International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) standards for proper data governance, followed by American data privacy and cloud security standards such as Health Insurance Portability and Accountability Act (HIPAA) and Federal Risk and Authorization Management Program (FedRamp). Discover how to secure cardholder data as related to Payment Card Industry Data Security Standard (PCI DSS) international security standards and review other data privacy legislation including Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and China's Personal Information Protection Law (PIPL). Lastly, explore the importance of securing cloud service usage in alignment with the Cloud Controls Matrix (CCM). This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
10 videos |
53m
Assessment
Badge
CISM 2022: Managing Risk
Residual risk remains after security controls are put in place to mitigate the impact of threats. The organizational appetite for risk determines what level of residual risk is acceptable. In this course, you will explore how risk management improves business operations by minimizing the impact of realized threats. You will learn how to calculate the cost of mitigating risk compared to the value of the protected asset and determine the cost-benefit analysis and return on investment when implementing security controls. Next, discover the importance of risk assessments, especially where there are changes to some aspect of the business or a specific business process. You will then explore how various risk approaches, such as risk acceptance, avoidance, transfer, and reduction, apply to an organization's tolerance of residual risk. Lastly, discover how risk heat maps are an effective method for communicating various degrees of risk. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
9 videos |
49m
Assessment
Badge
CISM 2022: Data Privacy
Enterprises must comply with relevant laws and regulations related to data privacy. This requires recognizing applicable laws and regulations and implementing the appropriate security controls. In this course, you will explore examples of personally identifiable information (PII) and protected health information (PHI) and learn about data residency implications related to the physical storage location of sensitive data. Next, learn how to reduce the possibility of data exfiltration through data loss protection policies and how to discover and classify data using Amazon Macie and Microsoft Purview governance. Then you will learn to configure data classification on the Microsoft Windows server platform and tag cloud resources for classification purposes. Lastly, explore how to configure Microsoft Azure storage account encryption using a customer-managed key. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
10 videos |
56m
Assessment
Badge
CISM 2022: Assessing Risk
Assessing risk is a crucial activity that enables organizations to evaluate risk exposure for business processes and assets. In this course, you will begin by exploring how to conduct vulnerability assessments and how the results can shed light on security control deficiencies. Next, you will learn how to perform a network vulnerability assessment and review the results, followed by scanning a web application for web app-specific vulnerabilities. You will discover how to conduct a gap analysis to determine the current security posture compared to a desired security posture. Then, you will explore the important aspects of when and how to run penetration tests. Lastly, you will see how to configure Microsoft Azure Policy assignments to determine cloud resource configuration compliance. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
8 videos |
45m
Assessment
Badge
CISM 2022: Implementing Access Control
Authorization allows limited access to resources only after successful authentication. Resources can include IT services such as applications, databases, files, and folders, among others. In this course, explore the role authorization plays in allowing resource access and the various access control models used to ensure least privilege. Next, learn how to configure ABAC through Microsoft Dynamic Access Control, create an Azure dynamic group in the cloud, and use RBAC to grant permissions to Azure cloud resources. Finally, discover how to manage permissions for Windows and Linux-based file systems, handle Windows NTFS file system auditing, and configure Microsoft Active Directory delegated administration. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
11 videos |
1h 2m
Assessment
Badge
CISM 2022: Common Network Security Threats
Some security controls are very specific to the threat that they address. Information security managers must be well versed in common network security threats in order to minimize the impact of realized threats on business processes. In this course, you will start by exploring various types of threat actors and their motivation for attacking networks. You will review industry standards related to categorizing threats, including common vulnerabilities and exposures (CVEs), the MITRE ATT&CK knowledge base, and the OWASP Top 10 web application security attacks. Next, you will learn how bug bounties are paid by companies to ensure the utmost in security for their products, which can influence customer choices. You will discover how various types of network attacks are executed including Wi-Fi attacks, SYN flood attacks, buffer overflow attacks, advanced persistent threats (APTs), and distributed denial-of-service (DDoS) attacks. Lastly, you will see how VPN anonymizer solutions and the Tor web browser can be used for anonymous network connectivity for legitimate as well as illegal purposes. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
13 videos |
1h 14m
Assessment
Badge
CISM 2022: Data Protection with Cryptography
Cryptography provides solutions for ensuring data privacy and integrity. Various firmware and software solutions protect data in transit and data at rest. In this course, you will explore the CIA security triad and how it relates to the organization's security program. You will then review various cryptography solutions and discuss data integrity to assure that tampering has not occurred. Next, you will learn how Hardware Security Module (HSM) appliances and Trusted Platform Module (TPM) firmware provide cryptographic services. You will see how Transport Layer Security (TLS) supersedes the deprecated Secure Sockets Layer (SSL) network security protocol suite followed by discussing virtual private network (VPN) encrypted network tunnels, and the IP Security (IPsec) network security protocol suite. Lastly, you will explore the PKI hierarchy and how public key infrastructure (PKI) certificates are used for digital security throughout the certificate life cycle. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
12 videos |
1h 5m
Assessment
Badge
CISM 2022: Secure Device & OS Management
IT departments must work in conjunction with higher-level management to determine when and how to securely use technological solutions that support the business strategy. In this course, begin by exploring how mobile device usage in a business environment can introduce risk and how that risk can be managed with centralized remote wipe capabilities. Then find out how Microsoft Intune can be used to centrally manage devices and how to securely wipe a disk partition. Learn how to harden Windows computers using Group Policy and disable the deprecated SSL network security protocol on Windows hosts. Next, investigate common digital forensics hardware and software solutions, as well as the storage area network (SAN) security and jump box solutions to manage hosts securely and remotely. Finally, discover how to manage Azure resources permissions using managed identities, examine device and OS hardening techniques, and investigate the importance of firmware and software patching. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
16 videos |
1h 38m
Assessment
Badge
CISM 2022: Security Monitoring
Because today's business computing environments can contain a dizzying array of device types, centralized data ingestion, and analysis, looking for anomalies is a critical part of defending against technological threats. In this course, you will begin by reviewing Microsoft Defender for Cloud security recommendations in the Microsoft Azure cloud and monitoring the performance of Windows hosts. Then you will review, search, and filter Windows Event Viewer logs, configure Windows log forwarding to a second Windows host, and monitor the performance of a Linux host. Next, you will view various Linux logs, enable Linux log forwarding using syslog-ng, review web server logs, and monitor the performance of cloud services. Finally, you will learn how to decipher threat positives and negatives, how security information and event management (SIEM) and security orchestration, automation, and response (SOAR) can detect and remediate security incidents, and how to configure the Microsoft Sentinel SIEM. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
15 videos |
1h 24m
Assessment
Badge
OWASP Top 10: A01:2021-Broken Access Control
Resource authorization occurs after successful authentication. Resources include objects such as files, folders, web apps, storage accounts, virtual machines, and more. In this course, learn about various resource access control models, including mandatory (MAC), discretionary (DAC), role-based (RBAC), and attribute-based access control (ABAC). Next, examine how broken access control attacks occur and how HTTP requests and responses interact with web applications. Discover how to set file system permissions in Windows and Linux, assign permissions to code, and digitally sign a PowerShell script. Finally, explore identity federation and how to execute and mitigate broken access control attacks. Upon completion, you'll be able to harden resource access to mitigate broken access control attacks.
12 videos |
1h 13m
Assessment
Badge
OWASP Top 10: A02:2021-Cryptographic Failures
Data is one of the most valuable assets to an organization and must be protected in accordance with applicable laws, regulations, and security standards. In this course, learn about cryptographic failure attacks that compromise sensitive data and how to classify sensitive data. Next, examine how to hash files in Windows and Linux and encrypt files for Windows devices. Then, explore the public key infrastructure (PKI) hierarchy and learn how to use a certificate to secure a web application with HTTPS. Finally, learn how to configure IPsec, encrypt cloud storage, and mitigate sensitive data attacks. Upon completion, you'll be able to protect sensitive data with security controls and classify and encrypt data at rest.
14 videos |
1h 26m
Assessment
Badge
Secure Programmer: Security Concepts
This 6-video course guides learners to discover the basics of secure programming, including common security concepts, authentication and authorization, and shows how to avoid common programming errors that can undermine security, as well as how to incorporate validation and verification into programming. These are the core security concepts that you need to master to ensure that your programs are produced in a secure fashion. To begin, you will examine secure programmer security concepts, including confidentiality, integrity, and availability, known as the CIA triangle, least privileges, and separation of duties. The next tutorial covers secure programmer authentication and authorization, looking at general authentication models such as discretionary access controls (DACs), mandatory access control (MAC), rule-based access control (RBAC), and attribute-based access control (ABAC). Next, you will explore and learn how to avoid common programming errors that can undermine security. The final tutorial in this course looks at the process and techniques of secure programming verification and validation.
6 videos |
24m
Assessment
Badge
Secure Programmer: Encryption
In this 5-video course, learners discover the basics of cryptographic algorithms. You will receive a general overview of symmetric algorithms such as AES, Blowfish, and Serpent. You will also examine asymmetric algorithms such as RSA (Rivest, Sharmir, and Adelman), Diffie-Hellman, and elliptic-curve cryptography (ECC). More importantly, you will learn when to use which algorithm and what algorithms are better for specific purposes. You will then move on to integrity algorithms, including hashes like SHA (Secure Hash Algorithm 1), MD5 (Message Digest 5), and 6, RIPEMD (Ripe Message Digest), and HAVAL, as well as message authentication codes (MACs) and HMACs (keyed-hash message authentication codes). You will also examine the strengths and weaknesses of these different approaches. The goal is whether one can make intelligent choices about which algorithms to implement for which purpose; whether one's concerns are about confidentiality; if one needs to do key exchange; is message integrity an issue; are you storing passwords? These will each require different algorithms.
5 videos |
21m
Assessment
Badge
SSCP 2021: Authentication & Trust Architectures
As a security professional, you'll likely have been exposed to the concept of origin authentication. However, in today's modern environment of mobile devices, the Internet of Things, and embedded systems, more robust authentication, authorization, and identity management methods are imperative. Use this course to comprehend how single and multi-factor authentication, single sign-on (SSO), device authentication, and federated access work. Examine the use of trust relationships between domains and what's meant by Zero Trust. And distinguish between various internetwork connections such as the Internet, intranets, and extranets. Upon course completion, you'll be able to detail how and why these authentication mechanisms and trust architectures are used. You'll also be one step closer to being prepared to take the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
7 videos |
33m
Assessment
Badge
SSCP 2021: Fundamental Networking Concepts
Historically speaking, the vast majority of security practitioners, technicians, engineers, and architects come from the field of local and wide area networking. This factor, as well as the importance of protecting data-in-transit, makes networking a critical knowledge area. Use this course to get to grips with several networking concepts and methodologies. Learn to distinguish between the OSI and TCP/IP reference models. Explore network topologies, relationships, and media types. See what's meant by software-defined networking (SDN), Remote Authentication Dial-In User Service (RADIUS), and terminal access controller access-control system plus (TACACS+), among other terms. Examine commonly used ports and protocols. And look into remote access connectivity and virtual private networks (VPNs). Upon course completion, you'll be familiar with several fundamental networking concepts and network access control methodologies. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
9 videos |
50m
Assessment
Badge
System Security Certified Practitioner (SSCP 2018): Identity Management
Learners can explore identity management, also known as IAM (identity and access management), in this 14-video course helping prepare for the Systems Security Certified Practitioner (SSCP) certification exam. You will learn how to configure identities to have strong authentication for users and devices, such as smart phones. Next, examine single-factor authentication, in which one category is used to authenticate, such as a username and a password. You will examine multifactor authentication where there is a username and a password, and having an additional private key. Learners continue by examining how to use an identity federation, and SSO (single sign-on) a centralized trusted set of logon credentials. This course demonstrates the multiple phases of the IAM lifecycle, including account request, how accounts are provisioned, how the user access is enforced and reported, and how it is de-provisioned. You will learn the concepts and terminology, including IDP (identity provider) and RP (resource provider), and how to use MS Active Directory for authentication. Finally, learners will examine Amazon Web Services CLI (command-line interface) authentication.
14 videos |
55m
Assessment
Badge
SecOps Tools and 2021 Security Incidents: Log4Shell Exploit
Cybersecurity professionals are often tasked with studying breaches that have impacted other organizations to protect their assets. This knowledge helps identify potential threats and understand how threat actors operate in a modern environment. In this course, we begin by exploring the background of the Log4Shell exploit and how it was discovered. We then explore how the exploit was disclosed and various tools that can be used to scan for the vulnerability. We even look at how to conduct the exploit ourselves. Finally, we discuss the patches and response to the exploit by the open-source community and the long-term political and cybersecurity fallout. Upon completion of this course, you'll be able to describe the tools used to detect and conduct a Log4Shell exploit.
12 videos |
1h 4m
Assessment
Badge
EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE TRACKS
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.YOU MIGHT ALSO LIKE
Rating 5.0 of 1 users
(1)