Aspire Journeys
431 Knowledge Manager KSAT Intermediate NCWF Journey
- 37 Courses | 40h 45m 2s
Knowledge Managers are responsible for the management and administration of processes and tools that enable the organization to identify, document, and access intellectual capital and information content
431 Knowledge Manager
Knowledge Managers are responsible for the management and administration of processes and tools that enable the organization to identify, document, and access intellectual capital and information content.
- 37 Courses | 40h 45m 2s
COURSES INCLUDED
Fundamentals of AI & ML: Advanced Data Science Methods
In data science, many statistical and analytical techniques can be used to pull meaningful insights from data. Some advanced data science methods rely on other foundational data science methods, such as text mining. In this course, you will learn about advanced data science methods and their use cases. Begin this course with an exploration of advanced machine learning (ML) methods, such as text mining and graph analysis, and their uses. Next, you will discover the anomaly and novelty detection processes. You will examine association rule mining and neural networks, including their use cases across industries. Then you will focus on common challenges during artificial intelligence (AI) and ML model training, the trade-offs between model complexity and interpretability, and the role of natural language processing (NLP) in text analysis. Finally, you will investigate the potential of computer vision techniques and applications of reinforcement learning.
14 videos |
1h 9m
Assessment
Badge
PMI PDU
Evaluating Current and Future AI Technologies and Frameworks
Solid knowledge of the AI technology landscape is fundamental in choosing the right tools to use as an AI Architect. In this course, you'll explore the current and future AI technology landscape, comparing the advantages and disadvantages of common AI platforms and frameworks. You'll move on to examine AI libraries and pre-trained models, distinguishing their advantages and disadvantages. You'll then classify AI datasets and see a list of dataset topics. Finally, You'll learn how to make informed decisions about which AI technology is best suited to your projects.
13 videos |
39m
Assessment
Badge
CCSP 2022: Legal Requirements, Privacy Issues, & Risk Management in the Cloud
Cloud computing presents a number of unique risks and issues since it routinely crosses many geographic and political boundaries, and international legislation, regulations, and privacy requirements can conflict with one another. In this course, examine the legal and privacy issues that a Certified Cloud Security Professional can expect to face. Begin by investigating conflicting international laws, eDiscovery, and Cloud Security Alliance (CSA) guidance. Then, focus on personal privacy issues related to protected health information (PHI), personally identifiable information (PII), and privacy impact assessments (PIAs), and compare privacy requirements including ISO/IEC 27018, Generally Accepted Privacy Principles (GAPP), and General Data Protection Regulation (GDPR). Finally, explore risk management by assessing risk management programs and studying regulatory transparency requirements, including breach notification, Sarbanes-Oxley (SOX), and GDPR. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
10 videos |
25m
Assessment
Badge
CompTIA Cloud Essentials+: Cloud Governance & Securing Data
Cloud consumers look for cloud services that follow regulations and core principles for maintaining data security and confidentiality. In this course, you'll investigate the cloud computing policy, which protects sensitive personal and confidential business data. You'll examine standard operating features, resource management, and security implementation checklist items and best practices for cloud computing. You'll then practice implementing policy-based access control for cloud computing. Moving on, you'll outline how to implement data sovereignty. You'll explore the international cloud computing standards, integrated vulnerability assessment solutions, and data security and privacy implementation in cloud computing. Finally, you'll outline how to implement and secure data and ensure availability in the cloud. You'll study the layers of security that can be implemented in the cloud, the cloud identity logs that help track events impacting cloud environments, and the OWASP Top 10 data-level authorization methods used to secure resources.
18 videos |
1h 41m
Assessment
Badge
Microsoft Azure DevOps Solutions: Repositories & Tools
At the heart of cloud, source control management is a repository to hold application code, and to track changes to a source code repository, a source code management tool is used. In this course, learn how to secure, organize, and manage the life cycle of data in a source code repository. Next, discover how to integrate your source control management system with the bigger picture of DevOps pipelines, identity management, GitOps, and ChatOps. Finally, practice integrating GitHub Codespaces into your repository workflows. This course is one of a collection that prepares learners for the Designing and Implementing Microsoft DevOps Solutions (AZ-400) exam.
13 videos |
1h 18m
Assessment
Badge
Microsoft Azure DevOps Solutions: Communication & Collaboration
Do you want the good news or the bad news? You want both, of course! In this course, learn how to create communication tools such as dashboards, user analytics, and Azure Boards to facilitate communication and collaboration and populate communication channels. Next, discover how to generate and assess process documentation to ensure that old and new employees have the necessary accurate information. Finally, explore how to automatically tie monitoring tools with communication platforms so that the flow of information is another continuous process. This course is one of a collection that prepares learners for the Designing and Implementing Microsoft DevOps Solutions (AZ-400) exam.
14 videos |
1h 27m
Assessment
Badge
Google Professional Cloud Architect: Designing for Google Cloud Compliance
Compliance is a significant concern for many organizations, and many have historically failed to protect data adequately. In this course you will explore how governance has come to protect data, such as health records, through legislation like HIPAA and COPPA. Then, discover how commercial interests have helped bolster financial stability by setting standards of protecting data via certifications like Personally Identifiable Information (PII) and Payment Card Industry Data Security Standard (PCI DSS) that allow customers and businesses to trust you. In addition, there are specific industry certifications that may need to be met depending on the function of the business you run, rather than the data you keep. You will also focus on the need to maintain careful auditing standards for the integrity of any legal disputes that might arise. Finally, you will focus on use cases that you can expect to encounter in an exam environment. This course is one of a collection that prepares learners for the Google Professional Cloud Architect exam.
12 videos |
59m
Assessment
Badge
CRISC 2023: Data Privacy
Data privacy is a foremost concern for most organizations. Compliance with laws and regulations feeds into risk management. In this course, you will discover the characteristics of Personally Identifiable Information (PII) and techniques to prevent sensitive data leakage. Then you will explore data loss prevention (DLP) and learn how to implement DLP using Microsoft Purview. Next, you will examine various data privacy and security standards including International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) standards, General Data Protection Regulation (GDPR), the Federal Risk and Authorization Management Program (FedRAMP) and the Health Insurance Portability and Accountability Act (HIPAA). Finally, you will focus on the Payment Card Industry Data Security Standard (PCI DSS), Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and China's Personal Information Protection Law (PIPL). This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.
12 videos |
1h 7m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Network Security Concepts
Cybersecurity policies often require detailed network configuration changes and additions. Technicians must be proficient with the configuration and management of various TCP/IP protocols. In this course, I will start by discussing the Open Systems Interconnection (OSI) model, network switching, and network access control. Next, I'll discuss the TCP/IP protocol suite as well as IPv4 and IPv6 addressing. I will then discuss network routing, dynamic host configuration protocol (DHCP), domain name system (DNS) and Wi-Fi authentication methods. Lastly, I will cover virtual private networks (VPNs), IP Security (IPsec) and network time synchronization. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
14 videos |
1h 29m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Managing Network Settings
Modern IT solutions communicate over various types of networks. Cybersecurity analysts must be able to configure and secure the ways that devices communicate over these networks. In this course, I will begin by creating on-premises and cloud-based virtual networks, followed by managing IP addressing on Linux, Windows, and in the cloud. Next, I will manage routing table entries in the cloud and implement domain name system (DNS) and Dynamic Host Configuration Protocol (DHCP) security. Lastly, I will harden a Wi-Fi router and configure IPsec in Windows. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
11 videos |
59m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Cloud Computing & Cybersecurity
Cloud computing is an integral part of IT solutions for individuals and organizations. A knowledge of how cloud computing services are deployed and managed is a requirement for securing cloud-based resources. In this course, I will start by discussing cloud computing deployment models, such as public and private clouds, followed by discussing various cloud computing service models. Next, I will cover a variety of cloud computing security solutions, and I will deploy Linux and Windows cloud-based virtual machines. I will then deploy a web application in the cloud, cover the Cloud Controls Matrix (CCM) security controls, and work with Microsoft Azure managed identities. Lastly, I will discuss and configure a content delivery network (CDN). This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
12 videos |
1h 10m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Data Security Standards
To remain compliant with relevant data privacy laws and regulations, organizations must have a way of identifying sensitive data and implementing security controls to protect that data. In this course, explore how physical security is related to digital data security, examples of personally identifiable information (PII), and how data loss prevention (DLP) solutions can prevent data exfiltration. Next, learn about common data privacy regulations and standards, including GDPR, HIPAA, and PCI DSS. Finally, discover how to use Amazon Macie and File Server Resource Manager to discover and classify sensitive information and learn about the importance of service level objectives (SLOs) and service level agreements (SLAs). This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
11 videos |
1h 3m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Threat Intelligence Information
Cybersecurity analysts and security tools can reference a variety of threat intelligence sources to keep up to date with the latest threats and mitigations. These can be used to help keep organization security policies as effective as possible. In this course, examine different threat intelligence sources, the common vulnerabilities and exposures (CVEs) website, and the MITRE ATT&CK knowledge base. Next, discover how the OWASP Top 10 can help harden vulnerable web applications, how advanced persistent threats (APTs) are executed, and common ISO/IEC standards. Finally, learn how to analyze CIS benchmark documents, the Common Vulnerability Scoring System (CVSS), common organization security policy structures, and how organizational culture relates to IT security. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
12 videos |
1h 9m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Vulnerability & Penetration Testing
Vulnerability scanning identifies host and network vulnerabilities and must be an ongoing task. Penetration testing is an active security method by which there is an attempt to exploit discovered vulnerabilities. In this course, you will discover how to plan for, schedule, and execute vulnerability assessments, identify common vulnerability scanning tools, and conduct an nmap scan. Next, you will use Nessus and Zenmap to execute security scans and text web app security using the OWASP Zed Attack Proxy (ZAP) tool. Then you will explore penetration testing and the Metasploit framework and use the Burp Suite tool as an HTTP intermediary proxy. Finally, you will learn how to manage Azure policy, investigate potential indicators of compromise, and examine how IT security relates to industrial control systems. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
14 videos |
1h 21m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Secure Coding & Digital Forensics
Security must be included in all phases of IT system and software development designs. Continuous integration and continuous delivery/deployment (CI/CD) integrates development and ongoing management of IT solutions. Cybersecurity analysts must understand IT governance and digital forensics concepts. Begin this course by examining the role of security in the software development life cycle (SDLC). Then you will explore CI/CD and learn how Git is used for file version control. Next, you will discover how the Control Objectives for Information and Related Technologies (COBIT) framework applies to IT governance and you will investigate digital forensics. Finally, you will configure legal hold settings for a cloud storage account and list common digital forensics hardware and software solutions. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
10 videos |
55m
Assessment
Badge
CompTIA Data+: Understanding Databases
Databases are the backbone of modern life, powering everything from online shopping to social media to memberships and countless other activities. They enable us to store, manage, and retrieve vast amounts of information quickly and efficiently. Understanding databases is the very first step in mastering data analytics. In this course, you will explore databases, beginning with the basic concepts of data analytics, databases, including relational and non-relational databases, and common roles in the field of data science. Then you will examine structured query language (SQL) including examples of SQL operations. Finally, you will investigate the purpose of databases in applications, database management systems (DBMS), how databases are implemented in everyday business environments, and common database tasks. This course can be used to prepare for CompTIA Data+ (DA0-001) exam.
15 videos |
1h 40m
Assessment
Badge
CompTIA Data+: Database Concepts
Databases are used for creating and storing virtually any type of data. Data drives business in the twenty-first century, and IT professionals interested in mastering data analytics must understand the key concepts surrounding databases and their uses in almost every facet of business. In this course, you will discover database concepts, beginning with challenges associated with databases, self-driving databases, data warehouses, data marts, and data lakes and lakehouses. Then you will explore the concepts of Online Transactional Processing (OLTP) and Online Analytical Processing (OLAP). You will learn about database schemas and look closely at star and snowflake schemas, which are common in data warehouses. Finally, you will explore slowly changing dimensions that shape the methods analysts use to keep historical and current data. This course can be used to prepare for the DA0-001: CompTIA Data+ exam.
13 videos |
1h 14m
Assessment
Badge
CompTIA Data+: Data Analytics Tools
Data that lives in a database is only part of the equation when considering data analytics. Data needs to be accessed and processed in order to be useful. The importance of data in the modern world can easily be observed by considering the sheer number of data analytics tools. Without these tools, data loses some of its usefulness. In this course, you will explore popular data analytics tools, beginning with Structured Query Language (SQL), and Python. Next, you will dig into data science styling recommendations in Python, data science reporting best practices, Microsoft Excel, and the R programming language. Then you will discover tools like RapidMiner, IBM Cognos, IBM SPSS Modeler, SPSS, SAS, Tableau, and Power BI. Finally, you will focus on the purposes and roles of tools such as Qlik, MicroStrategy, BusinessObjects, APEX, Amazon QuickSight, Stata, and Minitab. This course can be used to prepare for CompTIA Data+ (DA0-001) exam.
21 videos |
2h 13m
Assessment
Badge
Defensive CyberOps: Defensive Cyberspace Operations
A well-planned and properly executed DCO mission will enable the cyber warrior to repel attacks and rapidly prepare for offensive action. In this course, you'll learn the principles of Defensive Cyber Operations, including measures and responses. You'll explore cybersecurity and cyberspace operations in DCO. Next, you'll look at DCO analytics, missions, and operating domains. You'll explore the role of the mission owner and network owner in DCO, as well as planning considerations. Finally, you'll learn about cyberspace threats that may occur during the course of maneuver operations and common security and system tools used in DCO.
14 videos |
42m
Assessment
Badge
Data Mining and Decision Making: Data Mining for Answering Business Questions
The data mining process provides the opportunity for businesses to collect additional information and insights that are unavailable through other everyday operations of the company. Use this course to learn more about how utilizing data mining effectively may provide a competitive advantage and additional knowledge about the market and competitors. Start by examining the essential concepts in data exploration using summary statistics and visuals and discover different data mining techniques. This course will also help you develop an understanding of the complete data mining process - data gathering, cleaning, exploration, and mining. After completing this course, you'll be able to use data mining to answer in-depth questions about any business.
12 videos |
58m
Assessment
Badge
Data Access & Governance Policies: Data Classification, Encryption, & Monitoring
Explore how data classification determines which security measures apply to varying classes of data. This 12-video course classifies data into a couple of main categories, internal data and sensitive data. You will learn to classify data by using Microsoft FSRM (File Server Resource Manager), a role service in Windows Server that enables you to manage and classify data stored on file servers. Learners will explore different tools used to safeguard sensitive information, such as data encryption. You will learn how to enable Microsoft BitLocker, a full volume encryption feature included with Microsoft Windows, to encrypt data at rest. An important aspect of data access governance is securing data that is being transmitted over a network, and you will learn to configure a VPN (virtual private network) using Microsoft System Center Configuration Manager. You will learn to configure a Custom Filtered Log View using MS Windows Event Viewer to track user access to a database. Finally, you will learn to audit file access on an MS Windows Server 2016 host.
13 videos |
1h 18m
Assessment
Badge
Technology Landscape & Tools for Data Management
This Skillsoft Aspire course explores various tools you can utilize to get better data analytics for your organization. You will learn the important factors to consider when selecting tools, velocity, the rate of incoming data, volume, the storage capacity or medium, and the diversified nature of data in different formats. This course discusses the various tools available to provide the capability of implementing machine learning, deep learning, and to provide AI capabilities for better data analytics. The following tools are discussed: TensorFlow, Theano, Torch, Caffe, Microsoft cognitive tool, OpenAI, DMTK from Microsoft, Apache SINGA, FeatureFu, DL4J from Java, Neon, and Chainer. You will learn to use SCIKIT-learn, a machine learning library for Python, to implement machine learning, and how to use machine learning in data analytics. This course covers how to recognize the capabilities provided by Python and R in the data management cycle. Learners will explore Python; the libraries NumPy, SciPy, Pandas to manage data structures; and StatsModels. Finally, you will examine the capabilities of machine learning implementation in the cloud.
9 videos |
26m
Assessment
Badge
Project Management Tools: Understanding the Collaboration Tools
Collaboration tools continue to elevate in importance in relation to project management (PM). Project managers should have a clear understanding of each tool and be able to choose the best collaboration tool for the job. This 15-video course offers an overview of collaboration tools available for various situations and how to choose a suitable collaboration tool. Begin with a look at collaboration tools, including file-sharing tools, and why they are required for successful project management. Then learn about the special collaboration tool considerations for Agile teams, as well as for virtual teams. Learn to identify benefits and challenges of video conferencing tools; of instant and online messaging tools; of knowledge-sharing tools; of resource-sharing tools; and of project work management tools. Discover how to collaborate by using videoconferencing tools; using knowledge sharing tools; using instant messaging tools; using resource sharing tools; and using project work management tools. The concluding exercise involves identifying the correct collaboration tool to use for project management by team and type.
15 videos |
49m
Assessment
Badge
PMI PDU
Security Program Regulatory Integration
In this 12-video course, learners will discover the importance of integrating regulations with organizational security policies. Explore security standards such as General Data Protection Regulation (GDPR); Health Insurance Portability and Accountability (HIPAA); and Federal Information Security Management Act (FISMA), as well as the International Organization for Standardization (ISO), and National Institute of Standard and Technology (NIST). To begin, determine how to establish the importance of building regulatory compliance into a company's IT security program. You will then examine Personally Identifiable Information (PII), and Protected Health Information (PHI). This leads into the subject of Payment Card Industry Data Security Standard (PCI DSS), and what it entails. You will learn how HIPAA protects medical information; how GDPR protects European Union citizen data, and how the Gramm-Leach-Bliley Act (GLBA), applies to financial institutions. You will also identify how FISMA strives to protect sensitive US Government information, and recognize both NIST and ISO security standards. To conclude the course, you will discover how the Sarbanes-Oxley Act (SOX), requires organizational financial transparency.
12 videos |
38m
Assessment
Badge
Mitigating Security Risks: Cyber Security Risks
Effective cybersecurity risk management requires intricate knowledge of day-to-day IT security risks, network vulnerabilities, and cyber attacks. In this course, you'll detail several cybersecurity breaches and how best to prevent each one. You'll start with a general overview of what comprises security risks before categorizing different types into information, cloud, and data-related risks. Next, you'll explore cybercrime methods, the motivations behind them, and the security gaps that invite them in. You'll then use real-life examples to detail some commonplace cyberattacks and crimes. Moving on, you'll investigate what's meant by malware and outline best practices to manage worms, viruses, logic bombs, trojans, and rootkits. You'll also learn how to safeguard against malware, spyware, ransomware, adware, phishing, zero-day vulnerabilities, DoS, and backdoor attacks. By the end of the course, you'll be able to outline guidelines and best practices for securing against the most prevalent types of cybercrimes.
13 videos |
1h 16m
Assessment
Badge
Mitigating Security Risks: Information, Cloud, & Data Security Risk Considerations
To keep your organization's data secure, you need to know why your data is at risk and how to protect it using established principles and standards. In this course, you'll explore commonly used techniques to compromise data and how international best practices can help protect against these breaches. You'll start by examining three fundamental information security principles, which define information security policy and help identify risks. You'll then outline data breach methods and identify the targets of these threats. Next, you'll investigate what's meant by 'the human factor' and why it's key to any attack. You'll then study how technologies to secure data and information work under the hood. Moving on, you'll outline primary worldwide information security regulations and governance frameworks. Lastly, you'll examine why the ISO 27017 cloud security principles need to be considered when formulating a cloud security risk management plan.
11 videos |
55m
Assessment
Badge
Ethical Hacker: Risk Assessment
Ethical hacking is about testing the risk level of an organization. In order to perform effective, professional ethical hacking, a knowledge of risk is essential. In this 10-video course, you will discover how to use the Common Vulnerability Scoring System (CVSS) and how to apply risk management concepts and evaluate risk in accordance with common standards. Key concepts covered in this course include learning to calculate risk levels in a quantitative manner, the preliminary step done in any risk assessment; learning to identify and implement specific responses to risk assess security vulnerabilities by using CVSS; and utilizing the CIA triangle (confidentiality, integrity. and availability) and the McCumber cube to assess risks and threats. Next, learn to apply risk management standards according to NIST 800-37; evaluate security in accordance with ISO/IEC 18045; and learn the COBIT 5 standard, a widely-known standard and way of modeling risk and security. Finally, learn to use Damage, Reproducibility, Exploitability, Affected Users, Discoverability (DREAD), Process for Attack Simulation and Threat Analysis (PASTA), and other risk models.
10 videos |
46m
Assessment
Badge
CISM 2022: Information Security Governance
The best way to improve the enterprise security stance is to align IT security solutions with business objectives. In this course, you will consider how information security must align with business strategies. You will explore the business model for information security and review the importance of identifying and classifying assets critical to a business. Next, you will learn about supply chain security, personnel management, and the components of an information security program. You will discover the relationship between service-level agreements (SLAs) and organizational objectives and discuss the relevance of change and configuration management. Then, consider how to develop organizational security policies. Lastly, explore expense types, chain of custody, organizational culture, and how the Control Objectives for Information Technologies (COBIT) framework applies to IT governance. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
16 videos |
1h 40m
Assessment
Badge
CISM 2022: Security Standards
Global and local security standards, including laws and regulations, are an important input to determine how enterprises deploy and manage security controls. In this course, you will learn how the European Union's General Data Protection Regulation (GDPR) data privacy legislation applies to any organization world-wide handling private EU citizen data. Next, you will explore various International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) standards for proper data governance, followed by American data privacy and cloud security standards such as Health Insurance Portability and Accountability Act (HIPAA) and Federal Risk and Authorization Management Program (FedRamp). Discover how to secure cardholder data as related to Payment Card Industry Data Security Standard (PCI DSS) international security standards and review other data privacy legislation including Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and China's Personal Information Protection Law (PIPL). Lastly, explore the importance of securing cloud service usage in alignment with the Cloud Controls Matrix (CCM). This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
10 videos |
53m
Assessment
Badge
CISM 2022: Managing Risk
Residual risk remains after security controls are put in place to mitigate the impact of threats. The organizational appetite for risk determines what level of residual risk is acceptable. In this course, you will explore how risk management improves business operations by minimizing the impact of realized threats. You will learn how to calculate the cost of mitigating risk compared to the value of the protected asset and determine the cost-benefit analysis and return on investment when implementing security controls. Next, discover the importance of risk assessments, especially where there are changes to some aspect of the business or a specific business process. You will then explore how various risk approaches, such as risk acceptance, avoidance, transfer, and reduction, apply to an organization's tolerance of residual risk. Lastly, discover how risk heat maps are an effective method for communicating various degrees of risk. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
9 videos |
49m
Assessment
Badge
CISM 2022: Data Privacy
Enterprises must comply with relevant laws and regulations related to data privacy. This requires recognizing applicable laws and regulations and implementing the appropriate security controls. In this course, you will explore examples of personally identifiable information (PII) and protected health information (PHI) and learn about data residency implications related to the physical storage location of sensitive data. Next, learn how to reduce the possibility of data exfiltration through data loss protection policies and how to discover and classify data using Amazon Macie and Microsoft Purview governance. Then you will learn to configure data classification on the Microsoft Windows server platform and tag cloud resources for classification purposes. Lastly, explore how to configure Microsoft Azure storage account encryption using a customer-managed key. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
10 videos |
56m
Assessment
Badge
CISM 2022: Assessing Risk
Assessing risk is a crucial activity that enables organizations to evaluate risk exposure for business processes and assets. In this course, you will begin by exploring how to conduct vulnerability assessments and how the results can shed light on security control deficiencies. Next, you will learn how to perform a network vulnerability assessment and review the results, followed by scanning a web application for web app-specific vulnerabilities. You will discover how to conduct a gap analysis to determine the current security posture compared to a desired security posture. Then, you will explore the important aspects of when and how to run penetration tests. Lastly, you will see how to configure Microsoft Azure Policy assignments to determine cloud resource configuration compliance. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
8 videos |
45m
Assessment
Badge
CISM 2022: Common Network Security Threats
Some security controls are very specific to the threat that they address. Information security managers must be well versed in common network security threats in order to minimize the impact of realized threats on business processes. In this course, you will start by exploring various types of threat actors and their motivation for attacking networks. You will review industry standards related to categorizing threats, including common vulnerabilities and exposures (CVEs), the MITRE ATT&CK knowledge base, and the OWASP Top 10 web application security attacks. Next, you will learn how bug bounties are paid by companies to ensure the utmost in security for their products, which can influence customer choices. You will discover how various types of network attacks are executed including Wi-Fi attacks, SYN flood attacks, buffer overflow attacks, advanced persistent threats (APTs), and distributed denial-of-service (DDoS) attacks. Lastly, you will see how VPN anonymizer solutions and the Tor web browser can be used for anonymous network connectivity for legitimate as well as illegal purposes. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
13 videos |
1h 14m
Assessment
Badge
CISM 2022: Cloud Computing & Coding
The use of cloud services is a form of outsourcing of IT service which also introduces an element of risk. Software developers can use on-premises as well as cloud-based services to create, test, and deploy software solutions. In this course, you will explore cloud deployment models including public, private, hybrid, and community clouds. You will then cover cloud computing service models, such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS), including where the security responsibility lies in each model. Next, you will explore various cloud-based security controls addressing a wide variety of cloud computing security needs. You will discover how to deploy a repeatable compliant cloud-based sandbox environment using Microsoft Azure Blueprints. Next, explore how security must be included in each software development life cycle (SDLC) phase as opposed to post-implementation. Finally, discover the importance of secure coding practices and how security must integrate with software development, testing, deployment, and patching. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
9 videos |
49m
Assessment
Badge
CISM 2022: Data Protection with Cryptography
Cryptography provides solutions for ensuring data privacy and integrity. Various firmware and software solutions protect data in transit and data at rest. In this course, you will explore the CIA security triad and how it relates to the organization's security program. You will then review various cryptography solutions and discuss data integrity to assure that tampering has not occurred. Next, you will learn how Hardware Security Module (HSM) appliances and Trusted Platform Module (TPM) firmware provide cryptographic services. You will see how Transport Layer Security (TLS) supersedes the deprecated Secure Sockets Layer (SSL) network security protocol suite followed by discussing virtual private network (VPN) encrypted network tunnels, and the IP Security (IPsec) network security protocol suite. Lastly, you will explore the PKI hierarchy and how public key infrastructure (PKI) certificates are used for digital security throughout the certificate life cycle. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
12 videos |
1h 5m
Assessment
Badge
CISM 2022: Secure Device & OS Management
IT departments must work in conjunction with higher-level management to determine when and how to securely use technological solutions that support the business strategy. In this course, begin by exploring how mobile device usage in a business environment can introduce risk and how that risk can be managed with centralized remote wipe capabilities. Then find out how Microsoft Intune can be used to centrally manage devices and how to securely wipe a disk partition. Learn how to harden Windows computers using Group Policy and disable the deprecated SSL network security protocol on Windows hosts. Next, investigate common digital forensics hardware and software solutions, as well as the storage area network (SAN) security and jump box solutions to manage hosts securely and remotely. Finally, discover how to manage Azure resources permissions using managed identities, examine device and OS hardening techniques, and investigate the importance of firmware and software patching. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
16 videos |
1h 38m
Assessment
Badge
SSCP 2021: Fundamental Networking Concepts
Historically speaking, the vast majority of security practitioners, technicians, engineers, and architects come from the field of local and wide area networking. This factor, as well as the importance of protecting data-in-transit, makes networking a critical knowledge area. Use this course to get to grips with several networking concepts and methodologies. Learn to distinguish between the OSI and TCP/IP reference models. Explore network topologies, relationships, and media types. See what's meant by software-defined networking (SDN), Remote Authentication Dial-In User Service (RADIUS), and terminal access controller access-control system plus (TACACS+), among other terms. Examine commonly used ports and protocols. And look into remote access connectivity and virtual private networks (VPNs). Upon course completion, you'll be familiar with several fundamental networking concepts and network access control methodologies. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
9 videos |
50m
Assessment
Badge
EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE TRACKS
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.YOU MIGHT ALSO LIKE
Rating 5.0 of 1 users
(1)
Rating 5.0 of 1 users
(1)