Aspire Journeys
441 Network Operations Specialist Intermediate KSAT Journey
- 45 Courses | 49h 19m 29s
Plans, implements, and operates network services / systems, to include hardware and virtual environments
441 Network Operations Specialist Intermediate
Plans, implements, and operates network services / systems, to include hardware and virtual environments
- 45 Courses | 49h 19m 29s
COURSES INCLUDED
Agile Organizations: Cloud for Agile Software Development
The cloud has various deployment and service models that can be combined with Agile software development methodologies to help your organization design and create your very own cloud strategy based on your organization's needs. In this course, you'll learn about Agile software development, cloud management, cloud identity and access management, the cloud physical infrastructure, the cloud logical infrastructure, and cloud privacy. Next, you'll examine the available cloud deployment models such as public, private, hybrid, community, and virtual public clouds, as well as multi-cloud and multitenancy environments. You'll then move on to explore cloud service models such as Infrastructure as a Service, Platform as a Service, and Software as a Service. Finally, you'll learn about advanced topics such the Internet of Things.
14 videos |
1h 18m
Assessment
Badge
CLCOR: Understanding Voice & Video Codecs
In order to provide sufficient bandwidth for incoming and outgoing calls, a collaboration engineer is required to know how the human voice gets converted into an Internet Protocol (IP) signal. In this course, you'll explore voice and video codecs in a Voice over Internet Protocol (VoIP) network and examine bandwidth management. You'll begin by identifying the process of encoding and decoding voice using codecs, different levels of compressions applied on IP signals, and how these IP signals get transmitted over an IP network. You'll also outline how to determine bandwidth requirements for specific codecs. Finally, you'll investigate bandwidth calculation and management techniques and demonstrate call admission control (CAC) configuration using Cisco Unified Communication Manager (UCM). This course is a part of a collection of courses that will prepare you for the 350-801: Implementing and Operating Cisco Collaboration Core Technologies (CLCOR) certification exam.
9 videos |
42m
Assessment
Badge
Microsoft Azure Fundamentals: Cloud Computing
The popularity of cloud computing has exploded in recent years. Organizations can streamline IT service efficiency with the use of cloud services in Microsoft Azure. In this course, explore five standard cloud computing characteristics: on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. Discover cloud deployment models like public, hybrid, and community, and look at cloud service models including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Examine core Azure items, such as data centers, regions, and availability zones. Finally, focus on using Azure Arc to manage on-premises and multi-cloud environments. This course can be used to prepare for exam AZ-900, Microsoft Azure Fundamentals.
11 videos |
1h
Assessment
Badge
Microsoft Azure Security Technologies: VPNs
In this course, used in preparation for the AZ-500 Microsoft Azure Security Technologies certification exam, you will discover how VPNs provide an encrypted tunnel over the Internet from clients or on-premises networks to the Azure cloud. Explore how to configure a point-to-site or site-to-site VPN and how to connect a Windows 10 device to an Azure VPN. You will begin the 7-video course by receiving an overview of how VPNs allow secure connections to Azure. Next, you will explore how to use PowerShell to generate public key infrastructure (PKI) certificates. To take advantage of Azure VPN connectivity, you need to establish a virtual network gateway in the Azure cloud, which is a configuration that represents a VPN appliance in the Azure cloud. You will do this in order to configure both a point-to-site and site-to-site VPN. In the final tutorial, learners will discover how to connect a Windows 10 device to an Azure VPN.
7 videos |
26m
Assessment
Badge
CCSP 2022: Legal Requirements, Privacy Issues, & Risk Management in the Cloud
Cloud computing presents a number of unique risks and issues since it routinely crosses many geographic and political boundaries, and international legislation, regulations, and privacy requirements can conflict with one another. In this course, examine the legal and privacy issues that a Certified Cloud Security Professional can expect to face. Begin by investigating conflicting international laws, eDiscovery, and Cloud Security Alliance (CSA) guidance. Then, focus on personal privacy issues related to protected health information (PHI), personally identifiable information (PII), and privacy impact assessments (PIAs), and compare privacy requirements including ISO/IEC 27018, Generally Accepted Privacy Principles (GAPP), and General Data Protection Regulation (GDPR). Finally, explore risk management by assessing risk management programs and studying regulatory transparency requirements, including breach notification, Sarbanes-Oxley (SOX), and GDPR. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
10 videos |
25m
Assessment
Badge
CompTIA Cloud+: Cloud Architecture & Models
The cloud has various deployment and service models that can help your organization design and create your very own cloud strategy based on needs. First, you'll learn about the available cloud deployment models such as public, private, hybrid, community, and virtual public clouds, as well as multi-cloud and multitenancy environments. Next, you'll examine cloud service models such as Infrastructure as a Service, Platform as a Service, and Software as a Service. Finally, you'll learn about advanced topics such as the Internet of Things, serverless computing, machine learning, artificial intelligence, and the shared responsibility model. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 10m
Assessment
Badge
Google Professional Cloud Architect: Designing for Google Cloud Compliance
Compliance is a significant concern for many organizations, and many have historically failed to protect data adequately. In this course you will explore how governance has come to protect data, such as health records, through legislation like HIPAA and COPPA. Then, discover how commercial interests have helped bolster financial stability by setting standards of protecting data via certifications like Personally Identifiable Information (PII) and Payment Card Industry Data Security Standard (PCI DSS) that allow customers and businesses to trust you. In addition, there are specific industry certifications that may need to be met depending on the function of the business you run, rather than the data you keep. You will also focus on the need to maintain careful auditing standards for the integrity of any legal disputes that might arise. Finally, you will focus on use cases that you can expect to encounter in an exam environment. This course is one of a collection that prepares learners for the Google Professional Cloud Architect exam.
12 videos |
59m
Assessment
Badge
Microsoft Azure Security Technologies: Securing Network Access with VPNs
Linking an on-premises network to the Microsoft Azure cloud can be achieved in a variety of ways including virtual private networks (VPNs) and ExpressRoute circuits. In this course, you will review various types of VPNs and generate VPN public key infrastructure (PKI) certificates using PowerShell. Next, you will configure a site-to-site VPN and learn when to use virtual wide are network (WAN) and ExpressRoute dedicated circuits. Lastly, you will work with service endpoints, private links, and point-to-site VPNs. This course can be used to prepare for exam AZ-500, Microsoft Azure Security Technologies.
10 videos |
51m
Assessment
Badge
Defining Cloud Computing for Decision-makers: Cloud Computing Principles
The cloud has various deployment and service models that can help an organization design their very own cloud strategy based on their needs. In this course, you'll learn about components of cloud computing including storage, compute, data management, monitoring, code management, and process and deployment management. Investigate cloud deployment models (public, private, hybrid, and community) and serverless architectures such as Backend as a Service (BaaS) and Function as a Service (FaaS). Explore cloud service models such as Infrastructure as a Service, Platform as a Service, and Software as a Service and discover common use cases for each. Finally, learn about cloud deployment architectures and security considerations including lack of control, data breaches, and compliance. After course completion, you'll be able to recognize cloud deployment and service models and key cloud security considerations.
15 videos |
1h 40m
Assessment
Badge
CRISC 2023: Data Privacy
Data privacy is a foremost concern for most organizations. Compliance with laws and regulations feeds into risk management. In this course, you will discover the characteristics of Personally Identifiable Information (PII) and techniques to prevent sensitive data leakage. Then you will explore data loss prevention (DLP) and learn how to implement DLP using Microsoft Purview. Next, you will examine various data privacy and security standards including International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) standards, General Data Protection Regulation (GDPR), the Federal Risk and Authorization Management Program (FedRAMP) and the Health Insurance Portability and Accountability Act (HIPAA). Finally, you will focus on the Payment Card Industry Data Security Standard (PCI DSS), Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and China's Personal Information Protection Law (PIPL). This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.
12 videos |
1h 7m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Network Security Concepts
Cybersecurity policies often require detailed network configuration changes and additions. Technicians must be proficient with the configuration and management of various TCP/IP protocols. In this course, I will start by discussing the Open Systems Interconnection (OSI) model, network switching, and network access control. Next, I'll discuss the TCP/IP protocol suite as well as IPv4 and IPv6 addressing. I will then discuss network routing, dynamic host configuration protocol (DHCP), domain name system (DNS) and Wi-Fi authentication methods. Lastly, I will cover virtual private networks (VPNs), IP Security (IPsec) and network time synchronization. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
14 videos |
1h 29m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Managing Network Settings
Modern IT solutions communicate over various types of networks. Cybersecurity analysts must be able to configure and secure the ways that devices communicate over these networks. In this course, I will begin by creating on-premises and cloud-based virtual networks, followed by managing IP addressing on Linux, Windows, and in the cloud. Next, I will manage routing table entries in the cloud and implement domain name system (DNS) and Dynamic Host Configuration Protocol (DHCP) security. Lastly, I will harden a Wi-Fi router and configure IPsec in Windows. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
11 videos |
59m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Cloud Computing & Cybersecurity
Cloud computing is an integral part of IT solutions for individuals and organizations. A knowledge of how cloud computing services are deployed and managed is a requirement for securing cloud-based resources. In this course, I will start by discussing cloud computing deployment models, such as public and private clouds, followed by discussing various cloud computing service models. Next, I will cover a variety of cloud computing security solutions, and I will deploy Linux and Windows cloud-based virtual machines. I will then deploy a web application in the cloud, cover the Cloud Controls Matrix (CCM) security controls, and work with Microsoft Azure managed identities. Lastly, I will discuss and configure a content delivery network (CDN). This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
12 videos |
1h 10m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Data Security Standards
To remain compliant with relevant data privacy laws and regulations, organizations must have a way of identifying sensitive data and implementing security controls to protect that data. In this course, explore how physical security is related to digital data security, examples of personally identifiable information (PII), and how data loss prevention (DLP) solutions can prevent data exfiltration. Next, learn about common data privacy regulations and standards, including GDPR, HIPAA, and PCI DSS. Finally, discover how to use Amazon Macie and File Server Resource Manager to discover and classify sensitive information and learn about the importance of service level objectives (SLOs) and service level agreements (SLAs). This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
11 videos |
1h 3m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Threat Intelligence Information
Cybersecurity analysts and security tools can reference a variety of threat intelligence sources to keep up to date with the latest threats and mitigations. These can be used to help keep organization security policies as effective as possible. In this course, examine different threat intelligence sources, the common vulnerabilities and exposures (CVEs) website, and the MITRE ATT&CK knowledge base. Next, discover how the OWASP Top 10 can help harden vulnerable web applications, how advanced persistent threats (APTs) are executed, and common ISO/IEC standards. Finally, learn how to analyze CIS benchmark documents, the Common Vulnerability Scoring System (CVSS), common organization security policy structures, and how organizational culture relates to IT security. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
12 videos |
1h 9m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Cryptography
Confidentiality, integrity, and availability are core pillars of IT security governance. Cybersecurity analysts can harden IT environments using various encryption and hashing techniques. In this course, examine how the CIA triad relates to IT security and how cryptography protects sensitive data. Next, discover how to configure EFS file encryption and Microsoft BitLocker encryption, and use a customer-managed key to enable encryption for an Azure storage account. Finally, learn how to hash files in Linux and Windows, about hardware security modules (HSMs), and how TLS supersedes SSL. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
12 videos |
1h 5m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Firewalls & Intrusion Detection
Firewall solutions control which types of network traffic are allowed into, through, or to leave a host or network. Cybersecurity analysts must know which type of firewall is needed for a given requirement as well as the placement of the firewall solution on the network. In this course, you will begin with a comparison of firewall types such as packet filtering, next-generation, and web application firewalls and learn how to determine their placement on the network. Then you will configure Windows Defender and Linux firewall settings. Next, you will configure Azure network security group firewall rules and explore the role played by forward and reverse proxy servers. Finally, you will install the Squid proxy server on Linux, find out how intrusion detection and prevention systems can address security concerns, and install and configure the Snort IDS. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
10 videos |
56m
Assessment
Badge
CompTIA Network+: The OSI Reference Model
The Open Systems Interconnection (OSI) model is used to describe how computer systems communicate with each other. The OSI model is split into seven abstract layers and is often used for troubleshooting network problems. In this course, learn about the purpose and features of the OSI model. Next, examine each OSI model layer, including the application, presentation, session, transport, network, data link, and physical layers. Finally, discover how human-readable information, such as emails and chat messages, are transferred over a network, as well as the path this information takes along the OSI model. This course is one of a collection that helps prepare learners for the CompTIA Network+ (N10-009) certification exam.
10 videos |
51m
Assessment
Badge
CompTIA Network+: Networking Appliances, Applications, & Functions
Networking devices are hardware components used to facilitate communication and interaction between devices on a computer network. In this course, you'll learn about various networking devices to determine when and where to use them on a network. Explore common devices such as switches and routers, in addition to network appliances used for more specialized tasks such as the intrusion prevention system (IPS), intrusion detection system (IDS), proxy servers, and network-attached and storage area networks. Lastly, discover common networking functions including quality of service (QoS), virtual private network (VPN), and time to live (TTL). This course is one of a collection that helps prepare learners for the CompTIA Network+ (N10-009) certification exam.
11 videos |
59m
Assessment
Badge
CompTIA Network+: Ports & Protocols
Understanding common networking protocols, ports, services, and traffic types is crucial for managing and securing networks. In this course, learn about the most commonly known protocols that are used today on computer networks, such as FTP, SMTP, DNS, HTTP/HTTPS, and more. Next, examine how HTTP enables computers to send and receive web-based communication messages and investigate other common key protocols and their ports. Finally, explore the Structured Query Language (SQL) programming language, common IP protocol types, and various traffic types. This course is one of a collection that helps prepare learners for the CompTIA Network+ (N10-009) certification exam.
21 videos |
2h 28m
Assessment
Badge
CompTIA Network+: Network Topologies, Architectures, & Types
Network architectures refer to the overall design and layout of a network, including how devices and components are organized and interconnected. In this course, explore wireless and wired networking standards, the features of key satellite and cellular technologies, and the differences between various types of wired transmission media. Next, compare Ethernet and fibre channel (FC) transceiver protocols and the differences between common network connector types. Finally, learn about common network topologies, architectures, and types, as well as use cases for a collapsed core architecture and network traffic flow. This course is one of a collection that helps prepare learners for the CompTIA Network+ (N10-009) certification exam.
15 videos |
1h 14m
Assessment
Badge
CompTIA Network+: Routing & Switching Technologies
Routing and switching are fundamental technologies within computer networking that enable data to be transmitted efficiently between devices. In this course, explore static and dynamic routing, network address translation (NAT) and port address translation (PAT), and how the first hop redundancy protocol (FHRP) is used to provide nearly uninterrupted network availability. Next, learn about the use cases and characteristics of virtual IP addressing, layer 3 subinterfaces, and Virtual Local Area Network (VLAN). Finally, examine considerations for configuring network interfaces, how the spanning tree protocol is used, and an overview of maximum transmission unit (MTU). This course is one of a collection that helps prepare learners for the CompTIA Network+ (N10-009) certification exam.
13 videos |
1h 19m
Assessment
Badge
CompTIA Network+: Wireless Configurations & Physical Installations
Setting up and managing Wi-Fi routers, access points, and devices like smartphones, tablets, and laptops typically involves the configuration of wireless devices and technologies. This course equips you to recognize important factors of physical installations and to select and configure wireless devices and technologies. First, you'll explore the purpose and key features of Wi-Fi channels and recognize their respective regulatory impacts. Then, you'll learn when to implement 2.4 GHz, 5 GHz, 6GHz wireless frequencies and when to deploy service set identifiers (SSIDs) or extended service set identifiers (ESSIDs). Next, you'll discover different wireless network types including ad hoc, point-to-point, and infrastructure. Finally, you'll explore how to select and configure wireless devices and technologies for different scenarios. This course is one of a collection that helps prepare learners for the CompTIA Network+ (N10-009) certification exam.
14 videos |
1h 14m
Assessment
Badge
CompTIA Network+: Network Security Concepts & Solutions
Network security concepts encompass a range of practices, technologies, and policies designed to protect the integrity, confidentiality, and availability of data and resources within a computer network. In this course, explore logical security concepts, including encryption and identity and access management (IAM), as well as physical security controls. Next, learn about security deception technologies and common network security terminology, including confidentiality, integrity, and availability (CIA). Finally, examine network access control solutions, key management concepts, network security rules, and network security zones. This course is one of a collection that helps prepare learners for the CompTIA Network+ (N10-009) certification exam.
13 videos |
1h 8m
Assessment
Badge
CompTIA Network+: Troubleshooting Cabling, Interfaces, & Network Services
Troubleshooting network services requires a systematic approach and the capacity to identify and resolve issues, especially those related to network operations like connectivity problems, slow performance, or service outages. In this course, you'll explore how to troubleshoot common cabling, physical interface and network service issues. First, you'll learn how to distinguish between frequently encountered cabling issues. Then, you'll learn about common hardware issues related to Power over Ethernet (PoE) and transceivers as well as common switching issues as they relate to STP, VLAN assignment, and ACLs. You'll also troubleshoot regular network services issues. Finally, you'll study a range of frequently occurring issues that impact switches, route selection, address pools, default gateways, as well as IP addresses and subnet masks. This course is one of a collection that helps prepare learners for the CompTIA Network+ (N10-009) certification exam.
1h 13m
Assessment
Badge
CompTIA Network+: Troubleshooting Network Performance Issues
Troubleshooting network performance issues can be challenging, but utilizing a systematic approach can help you identify and resolve the problems effectively. In this course, explore factors related to network congestion issues, beginning with network bottlenecking and how it can impact performance and common bandwidth issues and how they can impact throughput capacity. Next, discover how to troubleshoot network latency, how network packet loss can impact performance, and common causes of network jitter. Finally, learn about common wireless performance issues such as interference, signal degradation, coverage, roaming misconfiguration, and client disassociation issues. This course is one of a collection that helps prepare learners for the CompTIA Network+ (N10-009) certification exam.
9 videos |
48m
Assessment
Badge
CompTIA Server+: Server Components
Server technicians are now responsible for both on-premises and cloud-based servers. There are many factors to consider when managing these environments. Learn how to plan for server component configuration and environmental conditions in this thorough course. Explore how servers solve business problems. Examine server firmware components, such as Basic Input Output System (BIOS) settings and its successor, Unified Extensible Firmware Interface (UEFI). Then, practice configuring BIOS settings. Next, examine server form factors that help determine the space needed in an equipment rack. Study the roles that CPU, RAM, buses, and interfaces play in a server environment. Plan server power draw and server room HVAC and fire suppression. And learn how to prevent static charge damage to sensitive electronic components. Upon completion, you'll be able to better plan for specific server environments and requirements. You'll also be more prepared for the CompTIA Server+ SK0-005 certification exam.
14 videos |
1h 25m
Assessment
Badge
CompTIA Server+: Deploying Cloud PaaS & SaaS
Platform as a Service (PaaS) and Software as a Service (SaaS) are two popular and valuable cloud service models. Both play a unique role in managing certain aspects of cloud computing. If you're an IT professional working in server environments, you need to know what these two cloud service models entail. Take this course to learn all about PaaS and SaaS solutions. Furthermore, practice deploying databases in the AWS and Microsoft Azure clouds. Configure a SaaS cloud solution. Use an automation template to deploy a PaaS solution. And use several strategies and tools to keep cloud computing costs to a minimum. Upon course completion, you'll be able to deploy PaaS and SaaS solutions and control cloud computing costs. This course also helps prepare you for the CompTIA Server+ SK0-005 certification exam.
9 videos |
46m
Assessment
Badge
CompTIA Server+: Network Communications
Learning the various aspects of network communications hardware and software is vital to anyone working in a server environment. Use this theory and practice-based course to get a grip on configuring virtual networks and virtual network interface cards (NICs). Explore how network communications hardware and software map to the OSI model. Identify different types of communication networks such as LAN and VLAN. Then, learn how network switching and network routing work. Moving on, practice deploying a hypervisor virtual network. Next, practice configuring IP routing in the cloud and virtual network peering. Then, identify various types of NICs and cables. And finally, practice configuring on-premises and cloud-based virtual machine NICs. Upon completion, you'll be able to identify various network models and configure virtual networks and virtual NICs. You'll also be a step closer to being prepared for the CompTIA Server+ SK0-005 certification exam.
12 videos |
1h 12m
Assessment
Badge
CompTIA Server+: Working with TCP/IP
TCP/IP has become the standard software-based network protocol suite used globally. Those working in a server environment need to have a robust understanding of the protocols and services of TCP/IP and their configuration. Learn all about these configurations in this course. Explore IPv4 addressing and IP subnetting and practice configuring IPv4 manually. Next, learn about DHCP and deploying a Windows DHCP server. Then, examine how TCP and UDP transport protocols differ. Moving on, practice configuring IPv6 addresses manually and also configuring IP addresses in the cloud. Explore DNS and practice the deployment of a Windows DNS server and the configuration of DNS zones in the cloud. And finally, explore NTP and its configurations. When you're done, you'll be well versed in the configurations of the different TCP/IP services. You'll also be further prepared to sit the CompTIA Server+ SK0-005 certification exam.
16 videos |
1h 38m
Assessment
Badge
CompTIA Server+: Network Firewalls
In cybersecurity, firewalls control what type of traffic is allowed into or out of a server or network. There are a variety of firewall types designed for specific use-cases and these solutions can come in the form of a dedicated hardware or software appliance, or could be software running within a general purpose operating system. Discover common network and wireless security threats and mitigations, and how packet filtering firewalls work. Learn to configure a Windows and Linux firewall and work with cloud-based packet filtering in AWS and Microsoft Azure. Finally, discover how proxy servers and network address translation (NAT) work in securing the network. Upon completion, you'll be able to select and implement the appropriate firewall solution on-premises and in the cloud. This course is part of a collection that prepares you for the CompTIA Server+ SK0-005 certification exam.
14 videos |
1h 32m
Assessment
Badge
CompTIA Server+: Data Privacy & Protection
Data privacy has become engrained in laws and regulations all over the world. Server technicians must take the appropriate steps to secure sensitive data in alignment with applicable laws and regulations. Discover items that constitute personally identifiable information (PII) and protected health information (PHI) and identify common data security standards such as GDPR, HIPPAA, and PCI DSS. Differentiate between various types of malware and discover how the art of deception is practiced through social engineering. Next, examine data loss prevention (DLP) and implement data discovery and classification on-premises and in the cloud. Lastly, examine key storage media destruction techniques. Upon course completion, you'll be able secure data in alignment with applicable laws and regulations. You'll also be more prepared for the CompTIA Server+ SK0-005 certification exam.
11 videos |
1h 3m
Assessment
Badge
CISM 2022: Information Security Governance
The best way to improve the enterprise security stance is to align IT security solutions with business objectives. In this course, you will consider how information security must align with business strategies. You will explore the business model for information security and review the importance of identifying and classifying assets critical to a business. Next, you will learn about supply chain security, personnel management, and the components of an information security program. You will discover the relationship between service-level agreements (SLAs) and organizational objectives and discuss the relevance of change and configuration management. Then, consider how to develop organizational security policies. Lastly, explore expense types, chain of custody, organizational culture, and how the Control Objectives for Information Technologies (COBIT) framework applies to IT governance. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
16 videos |
1h 40m
Assessment
Badge
CISM 2022: Security Standards
Global and local security standards, including laws and regulations, are an important input to determine how enterprises deploy and manage security controls. In this course, you will learn how the European Union's General Data Protection Regulation (GDPR) data privacy legislation applies to any organization world-wide handling private EU citizen data. Next, you will explore various International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) standards for proper data governance, followed by American data privacy and cloud security standards such as Health Insurance Portability and Accountability Act (HIPAA) and Federal Risk and Authorization Management Program (FedRamp). Discover how to secure cardholder data as related to Payment Card Industry Data Security Standard (PCI DSS) international security standards and review other data privacy legislation including Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and China's Personal Information Protection Law (PIPL). Lastly, explore the importance of securing cloud service usage in alignment with the Cloud Controls Matrix (CCM). This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
10 videos |
53m
Assessment
Badge
CISM 2022: Managing Risk
Residual risk remains after security controls are put in place to mitigate the impact of threats. The organizational appetite for risk determines what level of residual risk is acceptable. In this course, you will explore how risk management improves business operations by minimizing the impact of realized threats. You will learn how to calculate the cost of mitigating risk compared to the value of the protected asset and determine the cost-benefit analysis and return on investment when implementing security controls. Next, discover the importance of risk assessments, especially where there are changes to some aspect of the business or a specific business process. You will then explore how various risk approaches, such as risk acceptance, avoidance, transfer, and reduction, apply to an organization's tolerance of residual risk. Lastly, discover how risk heat maps are an effective method for communicating various degrees of risk. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
9 videos |
49m
Assessment
Badge
CISM 2022: Assessing Risk
Assessing risk is a crucial activity that enables organizations to evaluate risk exposure for business processes and assets. In this course, you will begin by exploring how to conduct vulnerability assessments and how the results can shed light on security control deficiencies. Next, you will learn how to perform a network vulnerability assessment and review the results, followed by scanning a web application for web app-specific vulnerabilities. You will discover how to conduct a gap analysis to determine the current security posture compared to a desired security posture. Then, you will explore the important aspects of when and how to run penetration tests. Lastly, you will see how to configure Microsoft Azure Policy assignments to determine cloud resource configuration compliance. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
8 videos |
45m
Assessment
Badge
CISM 2022: Network Security
Organizations should secure resource access while remaining compliant with relevant laws and regulations. One of the many ways to do this is to ensure proper network security controls are in place and reviewed regularly. In this course, examine the OSI model layers and their relevance to network security controls, as well as the security aspects of network switching and network access control. Next, explore DHCP and DNS security issues and Wi-Fi authentication methods, and discover how to harden a DHCP and DNS deployment on Windows Server. Finally, learn the importance of using honeypots and honeynets, and how to implement a honeypot and analyze captured network traffic. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
11 videos |
1h 10m
Assessment
Badge
CISM 2022: Common Network Security Threats
Some security controls are very specific to the threat that they address. Information security managers must be well versed in common network security threats in order to minimize the impact of realized threats on business processes. In this course, you will start by exploring various types of threat actors and their motivation for attacking networks. You will review industry standards related to categorizing threats, including common vulnerabilities and exposures (CVEs), the MITRE ATT&CK knowledge base, and the OWASP Top 10 web application security attacks. Next, you will learn how bug bounties are paid by companies to ensure the utmost in security for their products, which can influence customer choices. You will discover how various types of network attacks are executed including Wi-Fi attacks, SYN flood attacks, buffer overflow attacks, advanced persistent threats (APTs), and distributed denial-of-service (DDoS) attacks. Lastly, you will see how VPN anonymizer solutions and the Tor web browser can be used for anonymous network connectivity for legitimate as well as illegal purposes. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
13 videos |
1h 14m
Assessment
Badge
CISM 2022: Common Network Security Attacks
Security technicians can benefit significantly by executing network security attacks in a controlled environment. This allows for an in-depth periodic review of security control efficacy related to IT networks. In this course, you will discover how networks can be scanned by attackers seeking potentially vulnerable services using free tools such as Nmap. You will then explore how attackers can compromise a user web browser, how SQL injection attacks can reveal more information than intended by the app designer, and how to configure a reverse shell where the compromised station reaches out to the attacker station, often defeating standard firewall rule sets. Next, you will learn how to spoof network traffic and execute a distributed denial-of-service (DDoS) attack. Lastly, you will discover how to brute force a Windows remote desktop protocol (RDP) connection to gain access to a Windows host. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
9 videos |
49m
Assessment
Badge
CISM 2022: Cloud Computing & Coding
The use of cloud services is a form of outsourcing of IT service which also introduces an element of risk. Software developers can use on-premises as well as cloud-based services to create, test, and deploy software solutions. In this course, you will explore cloud deployment models including public, private, hybrid, and community clouds. You will then cover cloud computing service models, such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS), including where the security responsibility lies in each model. Next, you will explore various cloud-based security controls addressing a wide variety of cloud computing security needs. You will discover how to deploy a repeatable compliant cloud-based sandbox environment using Microsoft Azure Blueprints. Next, explore how security must be included in each software development life cycle (SDLC) phase as opposed to post-implementation. Finally, discover the importance of secure coding practices and how security must integrate with software development, testing, deployment, and patching. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
9 videos |
49m
Assessment
Badge
CISM 2022: Data Protection with Cryptography
Cryptography provides solutions for ensuring data privacy and integrity. Various firmware and software solutions protect data in transit and data at rest. In this course, you will explore the CIA security triad and how it relates to the organization's security program. You will then review various cryptography solutions and discuss data integrity to assure that tampering has not occurred. Next, you will learn how Hardware Security Module (HSM) appliances and Trusted Platform Module (TPM) firmware provide cryptographic services. You will see how Transport Layer Security (TLS) supersedes the deprecated Secure Sockets Layer (SSL) network security protocol suite followed by discussing virtual private network (VPN) encrypted network tunnels, and the IP Security (IPsec) network security protocol suite. Lastly, you will explore the PKI hierarchy and how public key infrastructure (PKI) certificates are used for digital security throughout the certificate life cycle. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
12 videos |
1h 5m
Assessment
Badge
CISM 2022: Applied Cryptography
The periodic evaluation of the efficacy of cryptographic solutions is possible only with an understanding of how cryptography secures digital environments. In this course, you will explore data integrity by hashing files on the Linux and Windows platforms in an effort to detect unauthorized changes. You will configure a web application HTTPS binding to secure network communications to and from the web application. Then you will deploy a private certificate authority (CA), manage certificate templates, and deploy public key infrastructure (PKI) certificates. Next, you will configure a web application to require trusted client certificates. Finally, you will encrypt data at rest on Linux, on Windows with Encrypting File System (EFS), and Microsoft Bitlocker, and you will configure a cloud VPN connection and implement IPsec on Windows. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
14 videos |
1h 16m
Assessment
Badge
EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE TRACKS
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.
