Aspire Journeys

451 System Administrator KSAT Intermediate NCWF Journey

75 Courses | 80h 51m 17s

(1)

System Administrator are responsible for setting up and maintaining a system or specific components of a system (e.g. for example, installing, configuring, and updating hardware and software; establishing and managing user accounts; overseeing or conducting backup and recovery tasks; implementing operational and technical security controls; and adhering to organizational security policies and procedures).

451 System Administrator

75 Courses | 80h 51m 17s

COURSES INCLUDED

CLCOR: Understanding Voice & Video Codecs

In order to provide sufficient bandwidth for incoming and outgoing calls, a collaboration engineer is required to know how the human voice gets converted into an Internet Protocol (IP) signal. In this course, you'll explore voice and video codecs in a Voice over Internet Protocol (VoIP) network and examine bandwidth management. You'll begin by identifying the process of encoding and decoding voice using codecs, different levels of compressions applied on IP signals, and how these IP signals get transmitted over an IP network. You'll also outline how to determine bandwidth requirements for specific codecs. Finally, you'll investigate bandwidth calculation and management techniques and demonstrate call admission control (CAC) configuration using Cisco Unified Communication Manager (UCM). This course is a part of a collection of courses that will prepare you for the 350-801: Implementing and Operating Cisco Collaboration Core Technologies (CLCOR) certification exam.

9 videos | 42m Assessment Badge

CCSP 2022: Operate & Maintain Physical & Logical Cloud Infrastructure

CCSP exam candidates will be expected to have a strong foundation in the continual operations and maintenance of the cloud data center. In this course, you will explore the physical and logical cloud infrastructure from an operations and maintenance perspective, including network security controls, operating system hardening, patch management, and Infrastructure-as-Code (IaC). Then, you will examine hypervisor cluster management, including clustered host and guest OS availability, virtual machine cluster performance, and capacity monitoring. Finally, you will take a look at backup and restore functions of hosts and guests. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.

8 videos | 27m Assessment Badge

CCSP 2022: Operational Controls & Standards

An integral part of a Certified Cloud Security Professional's role is to implement operational controls and standards, like those from Information Technology Infrastructure Library (ITIL) and International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 20000-1. In this course, you will discover common governance processes. Begin by exploring configuration management and change management to ensure accurate information is available and maximize successful service changes. Then, focus on how to keep business functions maintained in the event of a disaster through continuity management. Learn how to protect your organization with a comprehensive information security management plan and how to set clear business-based targets for service performance with service level management strategies. Next, investigate the differences between incident and problem management, and release and deployment management. Finally, examine availability and capacity management to ensure that IT services meet the needs of customers and users. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.

10 videos | 31m Assessment Badge

CCSP 2022: Manage Security Operations

Most large cloud service providers manage their global resources with a regional security operations center (SOC). SOC activities include intelligent security control monitoring, log capture and analysis with SIEM and SOAR systems, incident management, and vulnerability assessments. Through this course, learn how to manage and control security operations. Examine third-party communication management and security operations centers. Next, learn about various intelligent security control monitoring solutions and log capture and analysis. Finally, explore the incident management and vulnerability assessment processes. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.

7 videos | 28m Assessment Badge

CCSP 2022: Legal Requirements, Privacy Issues, & Risk Management in the Cloud

Cloud computing presents a number of unique risks and issues since it routinely crosses many geographic and political boundaries, and international legislation, regulations, and privacy requirements can conflict with one another. In this course, examine the legal and privacy issues that a Certified Cloud Security Professional can expect to face. Begin by investigating conflicting international laws, eDiscovery, and Cloud Security Alliance (CSA) guidance. Then, focus on personal privacy issues related to protected health information (PHI), personally identifiable information (PII), and privacy impact assessments (PIAs), and compare privacy requirements including ISO/IEC 27018, Generally Accepted Privacy Principles (GAPP), and General Data Protection Regulation (GDPR). Finally, explore risk management by assessing risk management programs and studying regulatory transparency requirements, including breach notification, Sarbanes-Oxley (SOX), and GDPR. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.

10 videos | 25m Assessment Badge

CompTIA Cloud+: Cloud Troubleshooting Methodologies

Being able to troubleshoot cloud and network issues is important when trying to resolve failures or operational difficulties. In this course, you'll learn to use troubleshooting methodologies to resolve common cloud issues. First, you'll examine how to resolve cloud related issues using the troubleshooting methodology. Next, you'll explore how to resolve network security group misconfigurations issues and network connectivity issues. You'll then move on to learn about resolving network routing and firewall connectivity issues. You'll learn about the tools that you can use to troubleshoot and resolve network issues. Finally, you'll learn resource utilization, application performance, and load balancing performance tuning. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.

12 videos | 1h 22m Assessment Badge

Microsoft Azure DevOps Solutions: Health & Failure Management

With the right data you can predict the future! In this course you will learn how to design a failure prediction strategy. First, find out how the load on a system that will lead to failure can be anticipated. Then you will see how predictive maintenance can be used as a preemptive remedy. Finally, you'll focus on health checks that can be used to validate the health of the application and its dependencies so that remediation times can be minimized as much as possible. This course is one of a collection that prepares learners for the Designing and Implementing Microsoft DevOps Solutions (AZ-400) exam.

13 videos | 1h 15m Assessment Badge

Google Professional Cloud Architect: Designing for Google Cloud Compliance

Compliance is a significant concern for many organizations, and many have historically failed to protect data adequately. In this course you will explore how governance has come to protect data, such as health records, through legislation like HIPAA and COPPA. Then, discover how commercial interests have helped bolster financial stability by setting standards of protecting data via certifications like Personally Identifiable Information (PII) and Payment Card Industry Data Security Standard (PCI DSS) that allow customers and businesses to trust you. In addition, there are specific industry certifications that may need to be met depending on the function of the business you run, rather than the data you keep. You will also focus on the need to maintain careful auditing standards for the integrity of any legal disputes that might arise. Finally, you will focus on use cases that you can expect to encounter in an exam environment. This course is one of a collection that prepares learners for the Google Professional Cloud Architect exam.

12 videos | 59m Assessment Badge

Microsoft Azure Security Technologies: Securing Network Access with VPNs

Linking an on-premises network to the Microsoft Azure cloud can be achieved in a variety of ways including virtual private networks (VPNs) and ExpressRoute circuits. In this course, you will review various types of VPNs and generate VPN public key infrastructure (PKI) certificates using PowerShell. Next, you will configure a site-to-site VPN and learn when to use virtual wide are network (WAN) and ExpressRoute dedicated circuits. Lastly, you will work with service endpoints, private links, and point-to-site VPNs. This course can be used to prepare for exam AZ-500, Microsoft Azure Security Technologies.

10 videos | 51m Assessment Badge

CloudOps: Implementing SD-WAN to Optimize Environments

Implementing the right software-defined wide area network (SD-WAN) framework for the organization can help improve network management, decrease hardware costs, increase efficiency, and even enhance security. In this course, you'll explore the differences between traditional, software-defined networking, and a software-defined wide area network (SD-WAN). You'll learn about the advantages, working mechanisms, solution architecture, and primary components of SD-WAN. Next, you'll examine the topologies and deployment models that can be used to design SD-WAN overlays, along with prominent tools and applications that can be used to build, deploy, and maintain SD-WAN. You'll learn how to apply CloudOps in networks to simplify configuring, managing, and delivering the SD-WAN. You'll examine security challenges and best practices for secure deployment of SD-WAN and prominent Cisco SD-WAN architectures that can be implemented in AWS. You'll see approaches that can be used in an SD-WAN to transform complex legacy networks into easy-to-manage and scalable networks. Finally, you'll learn to configure AWS Transit Gateway, AWS-provided Cisco Cloud Services Router 1000V - BYOL, and VMware SD-WAN.

16 videos | 1h 14m Assessment Badge

CRISC 2023: Data Privacy

Data privacy is a foremost concern for most organizations. Compliance with laws and regulations feeds into risk management. In this course, you will discover the characteristics of Personally Identifiable Information (PII) and techniques to prevent sensitive data leakage. Then you will explore data loss prevention (DLP) and learn how to implement DLP using Microsoft Purview. Next, you will examine various data privacy and security standards including International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) standards, General Data Protection Regulation (GDPR), the Federal Risk and Authorization Management Program (FedRAMP) and the Health Insurance Portability and Accountability Act (HIPAA). Finally, you will focus on the Payment Card Industry Data Security Standard (PCI DSS), Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and China's Personal Information Protection Law (PIPL). This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.

12 videos | 1h 7m Assessment Badge

CRISC 2023: IT Baselines

Organizations must consider compliance with applicable laws and regulations through the management of security controls. IT systems and on-premises and cloud data can be secured, and compliance achieved using a variety of methods. In this course, explore various cloud provider compliance program details and how to use AWS conformance packs to track configuration compliance in the AWS cloud. Next, discover how security baselines are created and establish a performance baseline on the Windows Server platform and Azure Cloud. Finally, learn how to configure Azure Blueprints for a repeatable and compliant cloud environment and use Azure Policy to check resource configuration compliance. This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.

9 videos | 49m Assessment Badge

CRISC 2023: Authentication

Hardening authentication processes makes it more difficult for attackers to compromise accounts. Managing users and groups allows for access to required resources. In this course, you will explore authentication methods, including passwordless login. Then, you will learn how to manage Linux users and groups using the command line and how to enable Secure Shell (SSH) public key authentication. Next, you will manage Windows and cloud users and groups and examine dynamic membership cloud-based groups. Finally, you will configure multi-factor authentication (MFA) for users and explore identity federation. This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.

11 videos | 59m Assessment Badge

CRISC 2023: Authorization

Strong authorization settings limit permissions to resources for authenticated entities. Cybersecurity analysts must be aware of how to not only configure resource permissions, but also how to evaluate existing permissions to ensure adherence to the principle of least privilege. In this course, you will discover how authorization is related to, but differs from, authentication. Then, you will explore access control models, such as role-based access control (RBAC) and attribute-based access control (ABAC). Next, you will find out how to manage Linux and Windows file system permissions using the command lines. Finally, you will learn how to configure Windows dynamic access control, work with privileged access management in Linux using sudo, and manage RBAC permissions in the Microsoft Azure cloud. This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.

10 videos | 53m Assessment Badge

CRISC 2023: Cryptography

Confidentiality, integrity, and availability are core pillars of IT security governance. Cybersecurity analysts can harden IT environments using various encryption and hashing techniques. In this course, examine how the CIA triad relates to IT security and how cryptography protects sensitive data. Next, discover how to configure Encrypting File System (EFS) file encryption and Microsoft BitLocker encryption, and use a customer-managed key to enable encryption for an Azure storage account. Then learn how to hash files in Linux and Windows. Finally, find out about hardware security modules (HSMs) and the Trusted Platform Module (TPM), how Transport Layer Security (TLS) supersedes the Secure Sockets Layer (SSL), and how to enable HTTPS. This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.

14 videos | 1h 18m Assessment Badge

CRISC 2023: Network Security

Organizations should secure resource access while remaining compliant with relevant laws and regulations. One way to do this is to ensure proper network security controls are in place and reviewed regularly. In this course, learn about the OSI model layers, their relevance to network security controls, and the security aspects of network switching and network access control. Next, explore DHCP and DNS security issues, Wi-Fi authentication methods, and how to harden a DHCP and DNS deployment on Windows Server. Finally, discover the importance of honeypots and honeynets, how to implement a honeypot, how to analyze captured network traffic, and the purpose of an interconnection security agreement. This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.

15 videos | 1h 29m Assessment Badge

CompTIA Cybersecurity Analyst+: Network Security Concepts

Cybersecurity policies often require detailed network configuration changes and additions. Technicians must be proficient with the configuration and management of various TCP/IP protocols. In this course, I will start by discussing the Open Systems Interconnection (OSI) model, network switching, and network access control. Next, I'll discuss the TCP/IP protocol suite as well as IPv4 and IPv6 addressing. I will then discuss network routing, dynamic host configuration protocol (DHCP), domain name system (DNS) and Wi-Fi authentication methods. Lastly, I will cover virtual private networks (VPNs), IP Security (IPsec) and network time synchronization. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.

14 videos | 1h 29m Assessment Badge

CompTIA Cybersecurity Analyst+: Managing Network Settings

Modern IT solutions communicate over various types of networks. Cybersecurity analysts must be able to configure and secure the ways that devices communicate over these networks. In this course, I will begin by creating on-premises and cloud-based virtual networks, followed by managing IP addressing on Linux, Windows, and in the cloud. Next, I will manage routing table entries in the cloud and implement domain name system (DNS) and Dynamic Host Configuration Protocol (DHCP) security. Lastly, I will harden a Wi-Fi router and configure IPsec in Windows. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.

11 videos | 59m Assessment Badge

CompTIA Cybersecurity Analyst+: Virtualization & Container Security

Virtualization comes in a variety of forms, including operating system, application, and desktop virtualization. Cybersecurity analysts regularly manage and secure application containers and virtual machines on-premises and in the cloud. In this course, I will discuss the differences between operating systems, application, and desktop virtualization. I will then configure Microsoft Hyper-V. Next, I will cover application containerization concepts, install Docker on Linux, and manage application containers on Linux. Lastly, I will install Docker on Windows and manage application containers on Windows. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.

7 videos | 36m Assessment Badge

CompTIA Cybersecurity Analyst+: Data Security Standards

To remain compliant with relevant data privacy laws and regulations, organizations must have a way of identifying sensitive data and implementing security controls to protect that data. In this course, explore how physical security is related to digital data security, examples of personally identifiable information (PII), and how data loss prevention (DLP) solutions can prevent data exfiltration. Next, learn about common data privacy regulations and standards, including GDPR, HIPAA, and PCI DSS. Finally, discover how to use Amazon Macie and File Server Resource Manager to discover and classify sensitive information and learn about the importance of service level objectives (SLOs) and service level agreements (SLAs). This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.

11 videos | 1h 3m Assessment Badge

CompTIA Cybersecurity Analyst+: Threat Intelligence Information

Cybersecurity analysts and security tools can reference a variety of threat intelligence sources to keep up to date with the latest threats and mitigations. These can be used to help keep organization security policies as effective as possible. In this course, examine different threat intelligence sources, the common vulnerabilities and exposures (CVEs) website, and the MITRE ATT&CK knowledge base. Next, discover how the OWASP Top 10 can help harden vulnerable web applications, how advanced persistent threats (APTs) are executed, and common ISO/IEC standards. Finally, learn how to analyze CIS benchmark documents, the Common Vulnerability Scoring System (CVSS), common organization security policy structures, and how organizational culture relates to IT security. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.

12 videos | 1h 9m Assessment Badge

CompTIA Cybersecurity Analyst+: OS Process Management

Managing the running processes on Linux and Windows hosts not only improves performance but also impacts how secure those hosts are. Determining what an abnormal performance or activity is greatly facilitates comparisons to current activity to established baselines of normal performance and behavior. In this course, I will start by navigating through the Windows registry followed by exploring Linux hardware devices using the Linux command line. I will then use the Windows Device Manager tool to manage a hardware device. Next, I will create partitions and file systems on Linux and Windows hosts followed by covering how processes and daemons interact with the Linux OS. I will manage Linux and Windows processes and daemons, or services. Lastly, I will establish a normal performance baseline on a Windows Server using a data collector set. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.

11 videos | 59m Assessment Badge

CompTIA Cybersecurity Analyst+: Authentication

Hardening authentication processes makes it more difficult for attackers to compromise accounts. Managing users and groups allows for access to required resources. In this course, you will explore authentication methods, including passwordless login. Then you will learn how to manage Linux users and groups using the command line and how to enable Secure Shell (SSH) public key authentication. Next, you will install and configure a Lightweight Directory Access Protocol (LDAP) server and client, manage Windows and cloud users and groups, and examine dynamic membership cloud-based groups. Finally, you will configure multi-factor authentication (MFA) for AWS users, manage Windows password policies, and discover identity federation. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.

13 videos | 1h 19m Assessment Badge

CompTIA Cybersecurity Analyst+: Authorization

Strong authorization settings limit permissions to resources for authenticated entities. Cybersecurity analysts must be aware of how to not only configure resource permissions, but also how to evaluate existing permissions to ensure adherence to the principle of least privilege. In this course, you will discover how authorization is related to, but differs from, authentication. Then you will explore access control models, such as role-based access control (RBAC) and attribute-based access control (ABAC). Next, you will find out how to manage Linux and Windows file system permissions using the command lines. Finally, you will learn how to configure Windows dynamic access control, work with privileged access management in Linux using sudo, and manage RBAC permissions in the Microsoft Azure cloud. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.

9 videos | 52m Assessment Badge

CompTIA Cybersecurity Analyst+: Cryptography

Confidentiality, integrity, and availability are core pillars of IT security governance. Cybersecurity analysts can harden IT environments using various encryption and hashing techniques. In this course, examine how the CIA triad relates to IT security and how cryptography protects sensitive data. Next, discover how to configure EFS file encryption and Microsoft BitLocker encryption, and use a customer-managed key to enable encryption for an Azure storage account. Finally, learn how to hash files in Linux and Windows, about hardware security modules (HSMs), and how TLS supersedes SSL. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.

12 videos | 1h 5m Assessment Badge

CompTIA Cybersecurity Analyst+: Firewalls & Intrusion Detection

Firewall solutions control which types of network traffic are allowed into, through, or to leave a host or network. Cybersecurity analysts must know which type of firewall is needed for a given requirement as well as the placement of the firewall solution on the network. In this course, you will begin with a comparison of firewall types such as packet filtering, next-generation, and web application firewalls and learn how to determine their placement on the network. Then you will configure Windows Defender and Linux firewall settings. Next, you will configure Azure network security group firewall rules and explore the role played by forward and reverse proxy servers. Finally, you will install the Squid proxy server on Linux, find out how intrusion detection and prevention systems can address security concerns, and install and configure the Snort IDS. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.

10 videos | 56m Assessment Badge

CompTIA Cybersecurity Analyst+: Hardening Techniques

Hardening refers to attack surface reduction in IT environments and can be applied to any type of device or software environment, including storage area networks (SANs). Firmware and software patches should be applied to ensure that potential security flaws in code have been addressed. In this course, I will begin by covering hardening techniques for a variety of IT environments, followed by using Microsoft Group Policy to configure security settings for Active Directory domain-joined computers. Next, I will discuss storage area networks and related security considerations. I will then remove the need for virtual machine (VM) public IP addresses by allowing remote access through Microsoft Azure Bastion. I will discuss the importance of applying hardware and software patches. Lastly, I will install and configure a Windows Server Update Services (WSUS) server and deploy updates to Microsoft Azure virtual machines. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.

10 videos | 56m Assessment Badge

CompTIA Cybersecurity Analyst+: Secure Coding & Digital Forensics

Security must be included in all phases of IT system and software development designs. Continuous integration and continuous delivery/deployment (CI/CD) integrates development and ongoing management of IT solutions. Cybersecurity analysts must understand IT governance and digital forensics concepts. Begin this course by examining the role of security in the software development life cycle (SDLC). Then you will explore CI/CD and learn how Git is used for file version control. Next, you will discover how the Control Objectives for Information and Related Technologies (COBIT) framework applies to IT governance and you will investigate digital forensics. Finally, you will configure legal hold settings for a cloud storage account and list common digital forensics hardware and software solutions. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.

10 videos | 55m Assessment Badge

GNU & Unix Commands

One key utility in a Linux distribution is the command line shell. Discover how to use the command line shell to perform file and directory manipulation and edit file contents.

14 videos | 1h 1m Badge

CompTIA Network+: OSI Model Layers & Data Encapsulation

The Open Systems Interconnection, or OSI, model is used to describe how computer systems communicate with each other. Frequently used for troubleshooting network problems, the seven layers of the OSI model are concepts with which all networking professionals should be familiar In this course, you'll learn about each layer of the OSI model. You'll outline how human-readable information, such as emails and chat messages, are transferred over a network, as well as the path this information takes along the OSI model. You'll also examine data encapsulation and decapsulation within the context of the OSI model. You'll outline characteristics for Ethernet headers, IP headers, and TCP/UDP headers, and learn to differentiate between synchronization (SYN) and acknowledgement (ACK) flags. Lastly, you'll recognize the primary differences between maximum transmission unit, or MTU, and maximum segment size, or MSS, and how these concepts relate to data being transmitted over a network.

14 videos | 1h 21m Assessment Badge

CompTIA Network+: Network Types

Network topologies represent how computers are interconnected to form a network. There are five main network topology types - mesh, star, bus, ring, and hybrid - and each offers unique advantages and disadvantages that technicians need to be aware of. In this course, you'll explore the five topologies in detail and learn when to implement each. You'll learn about computer networks such as local area networks, metropolitan area networks, and wide area networks. Next, you explore other computer network types including peer-to-peer, client/server, wireless local area network, personal area network, and campus area network. You'll examine Multiprotocol Label Switching and how it can be used as an efficient alternative to traditional Internet Protocol routing. Lastly, you'll learn about common service related entry points, virtual networking concepts, and the common network provider links such as satellite, digital subscriber line, cable, leased line, and metro-optical

17 videos | 1h 51m Assessment Badge

CompTIA Network+: Well-known Ports & Protocols

In terms of computer networks, protocols are used to provide a required set of rules that enable computers to exchange information. Well-known Internet protocols include Transmission Control Protocol/Internet Protocol, User Datagram Protocol/Internet Protocol, File Transfer Protocol, and Hypertext Transfer Protocol. Ports, by comparison, are used to identify a type of network or specific process. Port numbers, ranging from 0 to 65535, are typically divided into three categories - well-known ports, dynamic ports, and registered ports. In this course, you'll learn about the most commonly-known ports in use on a computer network today. These include File Transfer Protocol, Simple Mail Transfer Protocol, Domain Name System, and Hypertext Transfer Protocol. You'll examine how HTTP uses the reserved port 80 and enables computers to send and receive Web client-based communication and messages from a Web server, including web site pages and data. Next, you'll explore other key ports including, port 25, reserved for Simple Mail Transfer Protocol and how SMTP allows e-mail clients and services to send out e-mails. You'll learn how port 100, reserved for Post Office Protocol v3 and port 143, reserved for Internet Message Access Protocol, allow for e-mail clients to retrieve e-mail messages from a mail server over a TCP/IP connection. Lastly, you'll learn about Secure Sockets Layer and how it can be incorporated into POP3 and IMAP implementations to enable more secure encrypted e-mail communications

23 videos | 2h 39m Assessment Badge

CompTIA Network+: Network Implementations

Networking devices are instrumental to the delivery of data over a network. In this course, you'll learn about comparing and contrasting various networking devices to determine when and where to use them on a network. You'll also explore common networking devices such as hubs, switches, and routers in addition to network appliances used for more specialized tasks such as the Intrusion prevention system, intrusion detection system, proxy servers, and supervisory control and data acquisition systems. You'll also examine different routing technologies, including dynamic routing concepts and protocols. And you'll explore how to recognize the key differences between the Routing Information Protocol and Open Shortest Path First routing protocols, and recognize how to differentiate between link state, distance vector, and hybrid routing protocols. Lastly, you'll learn about bandwidth management concepts including traffic shaping and quality of service. This course is one of a collection of courses that prepares learners for the N10-008: CompTIA Network+ certification exam

16 videos | 1h 55m Assessment Badge

CompTIA Network+: Ethernet Switching & Wireless Standards

Ethernet switching enables devices such as computers and printers to communicate seamlessly with each other on the same network. In this course, you'll learn about key switching features. You'll also explore different port configurations, how Address Resolution Protocol works, and examine key features of the Neighbor Discovery Protocol. You'll also explore how to install and configure the appropriate wireless technologies and standards and learn how to differentiate between 802.11 standards, and recognize when to implement 2.4 GHz and 5 GHz wireless frequencies. You'll also learn when to deploy a service set identifier as well as basic service sets, the extended service set, independent basic service set (Ad-hoc) and roaming. Lastly, you'll learn about wireless encryption standards, cellular technologies, and multiple-input multiple-output, and multi-user MIMO. This course is one of a collection of courses that prepares learners for the N10-008: CompTIA Network+ certification exam.

20 videos | 2h 10m Assessment Badge

CompTIA Network+: Network Troubleshooting Methodologies & Tools

If an incident or outage occurs, network administrators must be able to respond effectively and resolve network problems in a timely fashion. In this course, you'll learn about best practices for identifying a problem, establishing a theory of probable cause, testing theories, formulating a plan of action to resolve a problem, implementing a solution, or escalating the issue. You'll explore how to verify full system functionality and document findings, actions, outcomes, and lessons learned. You'll examine how to troubleshoot common cable connectivity issues and explore network specifications and limitations, cable considerations, and common issues such as attenuation, interference, bad ports, and duplexing issues. Lastly, you'll learn about common cable connectivity tools including cable crimpers, punchdown tools, tone generators, loopback adapters, and cable testers. This course is one of a collection of courses that prepares learners for the N10-008: CompTIA Network+ certification exam.

20 videos | 1h 59m Assessment Badge

Forensic Analysis: Cybercrime Investigations

Cybercrime investigators are typically responsible for collecting, processing, analyzing, and interpreting digital evidence related to network vulnerabilities, criminal activity, and counterintelligence initiatives. In this course, you'll explore the basics of network packet capturing, a process used to intercept and log traffic occurring over a network. You'll also examine the purpose and features of some standard tools and techniques to preserve and analyze a computer system's most volatile data. You'll then learn to use some of these tools and techniques to achieve various digital forensic analysis goals. Next, you'll recognize computer forensic best practices, including locating evidence in the Windows Registry. Finally, you'll learn how to differentiate between the purpose and features of the various tools available for conducting hard disk forensic analysis.

17 videos | 1h 37m Assessment Badge

Defensive CyberOps: Defensive Cyberspace Operations

A well-planned and properly executed DCO mission will enable the cyber warrior to repel attacks and rapidly prepare for offensive action. In this course, you'll learn the principles of Defensive Cyber Operations, including measures and responses. You'll explore cybersecurity and cyberspace operations in DCO. Next, you'll look at DCO analytics, missions, and operating domains. You'll explore the role of the mission owner and network owner in DCO, as well as planning considerations. Finally, you'll learn about cyberspace threats that may occur during the course of maneuver operations and common security and system tools used in DCO.

14 videos | 42m Assessment Badge

CloudOps Performance Tuning: Applying Performance Principles

When designing solutions, CloudOps practitioners need to mitigate typical performance issues. In this course, you'll explore some common performance problems and the systemic tuning approach to improving performance. You'll examine what comprises a performance engineering approach before outlining a practical performance tuning roadmap. Next, you'll identify post-deployment performance diagnostic techniques for large-scale software systems, essential steps when optimizing application performance, and functional and non-functional components and layers to consider when planning performance management. Moving on, you'll outline the steps involved in configuring performance testing and identify critical cloud computing KPIs and metrics. You'll investigate use cases that help identify gaps in hybrid and multi-cloud deployment architectures. You'll examine performance management challenges and recommended solution architecture for cloud-hosted services. Lastly, you'll outline how to measure private and hybrid cloud performance.

14 videos | 1h 13m Assessment Badge

CloudOps Performance Tuning: Tuning Cloud Performance for Deployment

Managing the performance of cloud-hosted services doesn't come without challenges. Luckily, there are tools to help you monitor, measure, and improve performance. You'll start this course by exploring common performance management challenges and solutions. You'll then examine parameters to track IT infrastructure and application performance, differentiate between performance and scalability, and identify key metrics to monitor virtualized environments. Next, you'll look in-depth at the purpose of various tools and services, such as the purpose of the five pillars of the AWS framework, how to improve infrastructure resources on Google Cloud Platform, and the role of IBM Cloud Application Performance Management in increasing cloud efficient. You'll also work with CloudWatch Agent, AWS Compute services, Amazon QuickSight, and Application Insight to increase performance efficiency and visibility and troubleshoot issues. Finally, you'll outline how to ensure applications are more scalable, resilient, and manageable in Azure.

19 videos | 1h 54m Assessment Badge

CloudOps Performance Tuning: Managing Multi-cloud Performance

Managing the performance of cloud deployments extends to managing multi, hybrid, and multi/hybrid distributed cloud infrastructures. In this course, you'll explore the challenges, goals, and strategies for performance optimization in these environments. You'll start by identifying desired characteristics for successful and robust hybrid or multi-cloud designs. Next, you'll outline how to create a multi-cloud performance optimization strategy and monitor hybrid and multi-cloud distributed infrastructures. You'll then identify common multi-cloud performance challenges and associated solutions. Furthermore, you'll investigate prominent use cases of multi-cloud networking, recommended solutions to resolve multi-cloud network configuration issues, and the different non-functional tests available to determine a multi-cloud performance benchmark. You'll examine significant business and service continuity performance tuning tasks. Lastly, you'll outline how to tune multi-cloud integrator components to resolve connectivity issues between two participating clouds.

11 videos | 1h 4m Assessment Badge

Enterprise Architecture: Architectural Principles & Patterns

In this 18-video course, learners can explore software architecture concepts, including the view model, consumer-driven contracts, architectural patterns, and architectural styles and solution patterns used to manage common machine learning issues. Begin by examining software architecture and the benefits it provides, and then the principles that should be followed when designing architecture for applications. You will discover the 4+1 view model and associated views, and learn to recognize software architectures, and the principles of developing enterprise architecture. Recall architectural principles for business, data, and technology, and the fundamental principles guiding service-oriented architecture (SOA) and use of the SOA maturity model. Next, explore serverless architecture; Backend-as-a-Service; the features of evolutionary architecture; and learn to recognize benefits of documenting architecture. Examine the structure of a software project team; the concept and characteristics of consumer-driven contracts; the dimensions of architecture that should be coupled to provide maximize benefit with minimal overheads and costs; and activities and tasks that software architects perform. Finally, take a look at architectural patterns and styles that can be adopted to eliminate common problems.

18 videos | 1h 34m Assessment Badge

Enterprise Architecture: Design Architecture for Machine Learning Applications

Explore software architectures used to model machine learning (ML) applications in production, as well as the building blocks of ML reference architecture, in this 11-video course. Examine the pitfalls and building approaches for evolutionary architectures, Fitness function categories, architectural planning guidelines for ML projects, and how to set up complete ML solutions. Learners will begin by studying the basic architecture required to execute ML in enterprises, and will also take a look at software architecture and its features that can be used to model ML apps in production. Next, learn how to set up model ML apps; examine ML reference architecture and the associated building blocks; and view the approaches for building evolvable architectures and migration. Recognize the critical pitfalls of evolutionary architecture and antipatterns of technical architecture and change. Finally, observe how to set up complete ML solutions and explore the Fitness function and its associated categories. Conclude the course with an exercise on architectural planning guidelines for ML projects, with a focus on model refinement, testing, and evaluating production readiness.

11 videos | 59m Assessment Badge

Performance Engineering: Fixing Infrastructure Performance Issues

Infrastructure is the backbone of any network, so related performance issues can adversely affect an organization's ability to provide web services and apps to customers and employees. Infrastructure performance issues can also be costly. For these reasons, performance engineers should be hyper-focused on remediating performance at the source. Use this course to learn how you can fix infrastructure-related performance issues. Begin by understanding the role played by various network infrastructure elements, starting with servers, network backbone, and firewalls. Then, explore internet and browser performance, load balancers, and overall infrastructure monitoring. Next, learn about the server performance advisor tool and workload management performance. Finally, see how Little's Law can be used for better optimization of system queues. When you've completed this course, you'll be able to identify and resolve infrastructure performance problems within your organization.

12 videos | 1h 24m Assessment Badge

Performance Engineering: Potential Performance Issues in Software Development

Software system performance has a significant impact on a business. Whether this impact is positive or negative is up to those involved in software development. To ensure well-performing software, you first need to know how to define and measure software performance. Use this course to appreciate the effects of software performance on a business's success. Discover the routine tasks involved in software performance management. Then, delve into the various factors that affect application and database performance. Moving along, examine the metrics used to measure application and database performance. And see what defines scalability and how it differs from performance. When you're done, you'll be versed in the significance of software performance and the management techniques, factors, and metrics involved.

11 videos | 1h 36m Assessment Badge

Authentication & Encryption: Best Practices

In this 14-video course, explore the authentication, authorization, and encryption options that a security architect will need on a day-to-day basis. The focus will be on two fronts-from a network security standpoint including cloud services, and internal solutions in an Agile and DevOps environment. Begin with a look at authentication, authorization, and encryption factors and how they fit together, then look at methods of authentication and best practices. This leads into methods of authorization and access control; the use of encryption methods and best practices in implementing encryption; and key symmetry-differentiating between public and private keys and their ciphers. Examine methods of keeping login and authentication credentials secure; view system authentication and authorization through user account administration in Linux, and handle security policy trade-offs in situations where solutions might not align with policy. Discover Secure Shell (SSH) configuration, and implementing and securing remote access to a system using SSH; create secure certificates and keys using OpenSSL; verify software package authenticity by using OpenSSL, and file encryption and file decryption with OpenSSL.

14 videos | 56m Assessment Badge

Security Program Regulatory Integration

In this 12-video course, learners will discover the importance of integrating regulations with organizational security policies. Explore security standards such as General Data Protection Regulation (GDPR); Health Insurance Portability and Accountability (HIPAA); and Federal Information Security Management Act (FISMA), as well as the International Organization for Standardization (ISO), and National Institute of Standard and Technology (NIST). To begin, determine how to establish the importance of building regulatory compliance into a company's IT security program. You will then examine Personally Identifiable Information (PII), and Protected Health Information (PHI). This leads into the subject of Payment Card Industry Data Security Standard (PCI DSS), and what it entails. You will learn how HIPAA protects medical information; how GDPR protects European Union citizen data, and how the Gramm-Leach-Bliley Act (GLBA), applies to financial institutions. You will also identify how FISMA strives to protect sensitive US Government information, and recognize both NIST and ISO security standards. To conclude the course, you will discover how the Sarbanes-Oxley Act (SOX), requires organizational financial transparency.

12 videos | 38m Assessment Badge

Security Software Assessments

In this 13-video course, learners will discover techniques used to perform software security assessments and testing, including components of a security assessment, test strategy approaches, security control and software testing, and the security management process. Key concepts covered in this course include the major components of a security assessment and test strategies approaches; security control review methods including log and code reviews; and how to recognize security control testing mechanisms such as code testing. Next, learn the importance of a security management process and its common functions; learn steps to take to properly test software to ensure that it is secure; and learn methods to detect potential software vulnerabilities. Then learn common software vulnerabilities such as buffer overflow and injection flaws; learn how to avoid common software vulnerabilities by using secure coding techniques; and explore steps and techniques to analyze risk. Finally, learn about penetration testing and its purpose; and learn microservices, a mini-application that focuses on a specific task, and application programming interfaces (APIs) and highlight security concerns associated with each.

13 videos | 55m Assessment Badge

Mitigating Security Risks: Cyber Security Risks

Effective cybersecurity risk management requires intricate knowledge of day-to-day IT security risks, network vulnerabilities, and cyber attacks. In this course, you'll detail several cybersecurity breaches and how best to prevent each one. You'll start with a general overview of what comprises security risks before categorizing different types into information, cloud, and data-related risks. Next, you'll explore cybercrime methods, the motivations behind them, and the security gaps that invite them in. You'll then use real-life examples to detail some commonplace cyberattacks and crimes. Moving on, you'll investigate what's meant by malware and outline best practices to manage worms, viruses, logic bombs, trojans, and rootkits. You'll also learn how to safeguard against malware, spyware, ransomware, adware, phishing, zero-day vulnerabilities, DoS, and backdoor attacks. By the end of the course, you'll be able to outline guidelines and best practices for securing against the most prevalent types of cybercrimes.

13 videos | 1h 16m Assessment Badge

Cloud Security Administration: Infrastructure Planning

Cloud infrastructure consists of the physical location of the cloud data center. Depending on the data center location, there are different risks that are taken by the service provider and different methods used to tackle security issues. A secure cloud is created by using open source software and creating a technical support pool. Additionally, basic security concepts like protecting data in motion and in rest using encryption can be employed so that clients can only see their data. In this course, you'll learn about baselining cloud infrastructure, different components like hardware and software, and challenges faced in cloud environments.

13 videos | 55m Assessment Badge

Ethical Hacker: Secure Technology & Applications

Security devices and software are the technical aspect of security. An ethical hacker must be familiar with security technology in order to effectively conduct tests of the target organization's network. In this 10-video course, you will explore firewall types and usage, SIEM systems, intrusion detection systems and intrusion prevention systems (IDS/IPS), antivirus strategies, Windows Firewall, and how to implement Snort. Key concepts covered in this course include security devices and software concepts, and how they relate to ethical hacking; learning to correctly deploy firewall solutions, their relevance to ethical hacking, and different types and usage; and learning the role of SIEM (security information and event management) and how to deploy SIEM systems. Next, learners observe how to utilize IDS/IPS and its relationship to ethical hacking; learn antivirus concepts and implement an AV strategy; configure the firewall in Windows 10 and Windows Server 2019; and learn to configure Windows Defender. Conclude by learning how to implement basic Snort network IDS, a tool that can be used for simple packet capture or for IDS.

10 videos | 40m Assessment Badge

Ethical Hacker: Account Creation

Because account management and access control are fundamental to security, it is vital to understand these technologies as an ethical hacker. In this 6-video course, learners can explore account creation concepts, standard access control models, attribute-based access control, and how to design account and access control. Key concepts covered in this course include learning about account creation, and why how an organization creates and manages accounts is fundamental to security; common attack methodologies; and how to test accounts in a network. Next, you will learn about three fundamental access models that are utilized by a wide range of systems and include mandatory access control (MAC), discretionary access control (DAC), and the most common one, role-based access control (RBAC). Then observe how to implement attributed-based access control (ABAC) and its advantages over standard access control; and learn to design your account and account management processes by selecting one of the three fundamental models to use for a test design for an organization.

6 videos | 18m Assessment Badge

Planning Measures: Incident Response Planning

This 8-video course explores how to build an effective incident response plan, including creation of response policies, plans, procedures, and teams. In this course, you will examine the process to recover from security related incidents such as malware, data leakage, or stolen equipment. You will also review what to implement for security controls to prevent attacks against confidentiality, integrity, and availability of company assets. Learners observe how to create an incident response plan and the steps for creating incident response policies, plans, and procedures. You will learn the six phases necessary to build an incident response plan, and the job roles for each member of the team. You will examine who should be part of the CSIRT (computer security incident response team). Next, examine the different roles that make up a computer security incident response team, their purposes, and the elements of an incident response policy. Finally, this course uses a real-world case study to demonstrate how to implement the incident response plan.

8 videos | 33m Assessment Badge

Policy & Governance: Incident Response

Learners can explore the creation, adoption, and use of an IRP (Incident Response Plan) in this 14-video course, which examines the purpose and objectives of an IPR, and how it incorporates the objectives of an organization. You will learn how to draft an IRP, and examine the six stages of incident response: preparation, identification, containment, eradication, recovery, and lessons learned. Next, you will examine several tools that are available for incident response strategies, including Sleuth Kit, Metasploit, Websense, and FireEye Security Orchestrator. You will explore the different types of CSIRTs (Computer Security Incident Response Teams), team roles, their purpose, and the benefits of an outsourced team. This course demonstrates an incident team response with two hypothetical scenarios. You will learn about compliance and regulatory requirements, and will examine the international standard, ISO 27001. You will examine governance policy to direct and control IT security. Finally, you will learn to use governance polices to create incident response policies, and you will learn the elements and best practices for creating a plan.

14 videos | 1h 9m Assessment Badge

SecOps Engineer: System Infrastructure Security

This 13-video course explores SecOps (security and operations) engineering concepts. Learners will observe how security and operations are fused together, and learn to integrate system infrastructure security with normal business operations by applying engineering principles. Begin by learning the steps for infrastructure hardening of the operating system, including server workstations, routers, devices. You will examine server hardening, including how to turn off unneeded services, and remove unneeded software. Next, learn how to analyze and harden Windows 10, and to use security devices, and implement intrusion detection and prevention systems. You will examine the practical use of IDS (intrusion detection system) to detect activity that appears to be a possible intrusion, to log it, and to notify the administrator. You will then examine IPS (intrusion prevention system), which takes the additional step of shutting down the suspicious activity. Finally, you will explore firewall concepts, including stateless firewalls, how to use SPI (stateful packet inspection), and how to place them to improve your security network.

13 videos | 1h Assessment Badge

SecOps Engineer: Security Engineering

Explore fundaments of cybersecurity and engineering in this 10-video course, which examines the fundamental concepts of the CIA (confidentiality, integrity, and availability) triangle, and views security operations, security planning, engineering, application security through these three concepts. First, learners will examine the more advanced version: the McCumber Cube. You will learn to integrate systems engineering into cybersecurity, and explore requirements engineering, and how to gather requirements. Next, learn how to analyze them, to apply security requirements engineering techniques, and to finalize project requirements. You will be introduced to SecML (Security Modeling Language) which takes SysML (System Modeling Language) used by systems engineers, and to modify portions of it to be specific to cybersecurity. You will examine how SecML can be used to create both offensive and defensive security mitigation controls. This course examines security metrics, and how to apply engineering failure analysis methods to cybersecurity. Finally, you will observe how to incorporate security requirements engineering into cybersecurity, and the relevance of regulatory requirements.

10 videos | 33m Assessment Badge

CISM 2022: Information Security Governance

The best way to improve the enterprise security stance is to align IT security solutions with business objectives. In this course, you will consider how information security must align with business strategies. You will explore the business model for information security and review the importance of identifying and classifying assets critical to a business. Next, you will learn about supply chain security, personnel management, and the components of an information security program. You will discover the relationship between service-level agreements (SLAs) and organizational objectives and discuss the relevance of change and configuration management. Then, consider how to develop organizational security policies. Lastly, explore expense types, chain of custody, organizational culture, and how the Control Objectives for Information Technologies (COBIT) framework applies to IT governance. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.

16 videos | 1h 40m Assessment Badge

CISM 2022: Security Standards

Global and local security standards, including laws and regulations, are an important input to determine how enterprises deploy and manage security controls. In this course, you will learn how the European Union's General Data Protection Regulation (GDPR) data privacy legislation applies to any organization world-wide handling private EU citizen data. Next, you will explore various International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) standards for proper data governance, followed by American data privacy and cloud security standards such as Health Insurance Portability and Accountability Act (HIPAA) and Federal Risk and Authorization Management Program (FedRamp). Discover how to secure cardholder data as related to Payment Card Industry Data Security Standard (PCI DSS) international security standards and review other data privacy legislation including Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and China's Personal Information Protection Law (PIPL). Lastly, explore the importance of securing cloud service usage in alignment with the Cloud Controls Matrix (CCM). This course can be used to prepare for the Certified Information Security Manager (CISM) exam.

10 videos | 53m Assessment Badge

CISM 2022: Managing Risk

Residual risk remains after security controls are put in place to mitigate the impact of threats. The organizational appetite for risk determines what level of residual risk is acceptable. In this course, you will explore how risk management improves business operations by minimizing the impact of realized threats. You will learn how to calculate the cost of mitigating risk compared to the value of the protected asset and determine the cost-benefit analysis and return on investment when implementing security controls. Next, discover the importance of risk assessments, especially where there are changes to some aspect of the business or a specific business process. You will then explore how various risk approaches, such as risk acceptance, avoidance, transfer, and reduction, apply to an organization's tolerance of residual risk. Lastly, discover how risk heat maps are an effective method for communicating various degrees of risk. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.

9 videos | 49m Assessment Badge

CISM 2022: Data Privacy

Enterprises must comply with relevant laws and regulations related to data privacy. This requires recognizing applicable laws and regulations and implementing the appropriate security controls. In this course, you will explore examples of personally identifiable information (PII) and protected health information (PHI) and learn about data residency implications related to the physical storage location of sensitive data. Next, learn how to reduce the possibility of data exfiltration through data loss protection policies and how to discover and classify data using Amazon Macie and Microsoft Purview governance. Then you will learn to configure data classification on the Microsoft Windows server platform and tag cloud resources for classification purposes. Lastly, explore how to configure Microsoft Azure storage account encryption using a customer-managed key. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.

10 videos | 56m Assessment Badge

CISM 2022: Assessing Risk

Assessing risk is a crucial activity that enables organizations to evaluate risk exposure for business processes and assets. In this course, you will begin by exploring how to conduct vulnerability assessments and how the results can shed light on security control deficiencies. Next, you will learn how to perform a network vulnerability assessment and review the results, followed by scanning a web application for web app-specific vulnerabilities. You will discover how to conduct a gap analysis to determine the current security posture compared to a desired security posture. Then, you will explore the important aspects of when and how to run penetration tests. Lastly, you will see how to configure Microsoft Azure Policy assignments to determine cloud resource configuration compliance. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.

8 videos | 45m Assessment Badge

CISM 2022: Implementing Access Control

Authorization allows limited access to resources only after successful authentication. Resources can include IT services such as applications, databases, files, and folders, among others. In this course, explore the role authorization plays in allowing resource access and the various access control models used to ensure least privilege. Next, learn how to configure ABAC through Microsoft Dynamic Access Control, create an Azure dynamic group in the cloud, and use RBAC to grant permissions to Azure cloud resources. Finally, discover how to manage permissions for Windows and Linux-based file systems, handle Windows NTFS file system auditing, and configure Microsoft Active Directory delegated administration. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.

11 videos | 1h 2m Assessment Badge

CISM 2022: IT Service & Data Availability

Ensuring IT service and data high availability can reduce downtime and increase business productivity. The configurations put in place to achieve high availability align with standard business continuity requirements. In this course, you will discover the importance of high availability as it relates to business objectives. Begin by exploring load balancing as a method of optimizing application performance and availability. Next, you will learn how to deploy a cloud-based application load balancing solution. Examine various backup types such as differential and incremental, in order to adhere to the Recovery Point Objective (RPO). Then configure backup for Windows Server and for Microsoft Azure resources and find out how redundant array of inexpensive disks (RAID) levels apply to data availability and resiliency to disk failures. Finally, configure software RAID on the Windows and Linux platforms and enable availability in the cloud by enabling storage account and virtual machine replication. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.

13 videos | 1h 16m Assessment Badge

CISM 2022: Common Network Security Threats

Some security controls are very specific to the threat that they address. Information security managers must be well versed in common network security threats in order to minimize the impact of realized threats on business processes. In this course, you will start by exploring various types of threat actors and their motivation for attacking networks. You will review industry standards related to categorizing threats, including common vulnerabilities and exposures (CVEs), the MITRE ATT&CK knowledge base, and the OWASP Top 10 web application security attacks. Next, you will learn how bug bounties are paid by companies to ensure the utmost in security for their products, which can influence customer choices. You will discover how various types of network attacks are executed including Wi-Fi attacks, SYN flood attacks, buffer overflow attacks, advanced persistent threats (APTs), and distributed denial-of-service (DDoS) attacks. Lastly, you will see how VPN anonymizer solutions and the Tor web browser can be used for anonymous network connectivity for legitimate as well as illegal purposes. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.

13 videos | 1h 14m Assessment Badge

CISM 2022: Common Network Security Attacks

Security technicians can benefit significantly by executing network security attacks in a controlled environment. This allows for an in-depth periodic review of security control efficacy related to IT networks. In this course, you will discover how networks can be scanned by attackers seeking potentially vulnerable services using free tools such as Nmap. You will then explore how attackers can compromise a user web browser, how SQL injection attacks can reveal more information than intended by the app designer, and how to configure a reverse shell where the compromised station reaches out to the attacker station, often defeating standard firewall rule sets. Next, you will learn how to spoof network traffic and execute a distributed denial-of-service (DDoS) attack. Lastly, you will discover how to brute force a Windows remote desktop protocol (RDP) connection to gain access to a Windows host. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.

9 videos | 49m Assessment Badge

CISM 2022: Data Protection with Cryptography

Cryptography provides solutions for ensuring data privacy and integrity. Various firmware and software solutions protect data in transit and data at rest. In this course, you will explore the CIA security triad and how it relates to the organization's security program. You will then review various cryptography solutions and discuss data integrity to assure that tampering has not occurred. Next, you will learn how Hardware Security Module (HSM) appliances and Trusted Platform Module (TPM) firmware provide cryptographic services. You will see how Transport Layer Security (TLS) supersedes the deprecated Secure Sockets Layer (SSL) network security protocol suite followed by discussing virtual private network (VPN) encrypted network tunnels, and the IP Security (IPsec) network security protocol suite. Lastly, you will explore the PKI hierarchy and how public key infrastructure (PKI) certificates are used for digital security throughout the certificate life cycle. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.

12 videos | 1h 5m Assessment Badge

CISM 2022: Applied Cryptography

The periodic evaluation of the efficacy of cryptographic solutions is possible only with an understanding of how cryptography secures digital environments. In this course, you will explore data integrity by hashing files on the Linux and Windows platforms in an effort to detect unauthorized changes. You will configure a web application HTTPS binding to secure network communications to and from the web application. Then you will deploy a private certificate authority (CA), manage certificate templates, and deploy public key infrastructure (PKI) certificates. Next, you will configure a web application to require trusted client certificates. Finally, you will encrypt data at rest on Linux, on Windows with Encrypting File System (EFS), and Microsoft Bitlocker, and you will configure a cloud VPN connection and implement IPsec on Windows. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.

14 videos | 1h 16m Assessment Badge

CISM 2022: Secure Device & OS Management

IT departments must work in conjunction with higher-level management to determine when and how to securely use technological solutions that support the business strategy. In this course, begin by exploring how mobile device usage in a business environment can introduce risk and how that risk can be managed with centralized remote wipe capabilities. Then find out how Microsoft Intune can be used to centrally manage devices and how to securely wipe a disk partition. Learn how to harden Windows computers using Group Policy and disable the deprecated SSL network security protocol on Windows hosts. Next, investigate common digital forensics hardware and software solutions, as well as the storage area network (SAN) security and jump box solutions to manage hosts securely and remotely. Finally, discover how to manage Azure resources permissions using managed identities, examine device and OS hardening techniques, and investigate the importance of firmware and software patching. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.

16 videos | 1h 38m Assessment Badge

OWASP Top 10: A01:2021-Broken Access Control

Resource authorization occurs after successful authentication. Resources include objects such as files, folders, web apps, storage accounts, virtual machines, and more. In this course, learn about various resource access control models, including mandatory (MAC), discretionary (DAC), role-based (RBAC), and attribute-based access control (ABAC). Next, examine how broken access control attacks occur and how HTTP requests and responses interact with web applications. Discover how to set file system permissions in Windows and Linux, assign permissions to code, and digitally sign a PowerShell script. Finally, explore identity federation and how to execute and mitigate broken access control attacks. Upon completion, you'll be able to harden resource access to mitigate broken access control attacks.

12 videos | 1h 13m Assessment Badge

SSCP 2021: Basic Security Concepts

Most candidates for the (ISC)² Systems Security Certified Practitioner (SSCP) exam will have the required one year of paid job experience. So the basic security concepts are most likely a review for most learners. However, simply defining the technology is not enough. Candidates must be able to grasp how the following principles are implemented: (ISC)² Code of Ethics, confidentiality, integrity, availability, accountability, privacy, non-repudiation, least privilege, and segregation of duties (SoD). Take this course to explore how you would apply these principles to your own daily security operations. Upon completion, you'll have a solid knowledge of the topics covered in Domain 1: Security Operations and Administration of the (ISC)² SSCP 2021 CBK, preparing you to take the exam.

11 videos | 28m Assessment Badge

SSCP 2021: Understanding & Applying Cryptography

Although cryptography isn't covered until domain 5 of the SSCP CBK, potential exam candidates and security professionals will benefit from foundational knowledge of cryptosystems early in their training. Use this course to grasp the reasons and requirements for cryptography in safe-guarding information, including regulations and governance. Investigate cryptographic techniques, such as hashing and salting, symmetric and asymmetric encryption, and elliptic curve cryptography. Discover what's involves in digital signatures and certificates. Explore cryptographic attacks, cryptanalysis, and countermeasures. And delve into advanced cryptosystems, such as quantum computing and blockchain. Upon course completion, you'll be aware of the various traditional and modern cryptology techniques used to protect data and communications. This course will help you in the lead-up to taking the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

10 videos | 41m Assessment Badge

SSCP 2021: Authentication & Trust Architectures

As a security professional, you'll likely have been exposed to the concept of origin authentication. However, in today's modern environment of mobile devices, the Internet of Things, and embedded systems, more robust authentication, authorization, and identity management methods are imperative. Use this course to comprehend how single and multi-factor authentication, single sign-on (SSO), device authentication, and federated access work. Examine the use of trust relationships between domains and what's meant by Zero Trust. And distinguish between various internetwork connections such as the Internet, intranets, and extranets. Upon course completion, you'll be able to detail how and why these authentication mechanisms and trust architectures are used. You'll also be one step closer to being prepared to take the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

7 videos | 33m Assessment Badge

SSCP 2021: Incident Response & Forensics

Unprecedented events such as the Y2K bug and terrorist attacks, along with increasing cybercrime pervasiveness and sophistication, have meant that since the early 2000s, a security team's ability to recover from a disaster has moved from a bonus to non-negotiable. There are several phases to incident response, from preparation to forensic investigations and beyond. A competent security professional needs to know all of them. Use this course to learn what's involved in the incident response lifecycle phases of preparation, detection, analysis, escalation, containment, eradication, recovery, and lessons learned. As you advance, explore essential aspects of cyber forensic investigations, such as handling evidence and reporting. Upon completion, you'll know the multiple facets of incident response and cyber forensics. You'll also be further prepared to sit the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

9 videos | 36m Assessment Badge

SSCP 2021: Fundamental Networking Concepts

Historically speaking, the vast majority of security practitioners, technicians, engineers, and architects come from the field of local and wide area networking. This factor, as well as the importance of protecting data-in-transit, makes networking a critical knowledge area. Use this course to get to grips with several networking concepts and methodologies. Learn to distinguish between the OSI and TCP/IP reference models. Explore network topologies, relationships, and media types. See what's meant by software-defined networking (SDN), Remote Authentication Dial-In User Service (RADIUS), and terminal access controller access-control system plus (TACACS+), among other terms. Examine commonly used ports and protocols. And look into remote access connectivity and virtual private networks (VPNs). Upon course completion, you'll be familiar with several fundamental networking concepts and network access control methodologies. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

9 videos | 50m Assessment Badge

SSCP 2021: Secure Wireless Communication

Network and communications security is part of the SSCP Domain 6 objectives and includes the important topic of securing wireless communication. Use this course to learn about the key features of wireless networking technologies and the security vulnerabilities you need to consider. Examine key aspects about the operation of wireless technologies on the network including common wireless 802.11 standards and their distinguishing characteristics, and explore cellular, Wi-Fi, Bluetooth, and Near-Field Communication (NFC). Learn about the role of authentication and encryption protocols like WPA, WPA2, WPA3, and Extensible Authentication Protocol (EAP) as used on the network. Finally, learn how to secure various Internet of Things (IoT) devices including embedded devices and software-on-a-chip technology. Upon course completion, you'll know what's involved in securing wireless communication and devices. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

7 videos | 35m Assessment Badge

System Security Certified Practitioner (SSCP 2018): Security Concepts

Learners can explore the ISC squared (International Information System Security Certification Consortium) and its Code of Ethics when performing security work in this course, which prepares for the Systems Security Certified Practitioner (SSCP) certification exam. In its 14 videos, you will examine the four canons of Ethics: 1) to protect society and infrastructure; 2) to act honorably, honestly, justly, responsibly, and legally; 3) to provide diligent and competent service to principals; and 4) to advance and protect the profession. Examine the CIA (confidentiality, integrity, and availability) triad for security controls; then examine restricting access or protecting data through encryption. You will learn how to provide data assurances, and how to use MS Windows Power Shell and Linux to generate file hashes, and digital signatures. Learners will explore availability, and the importance to assuring business processes can run uninterrupted. Next, explore how accountability and data access can be used to track users, devices, or software. Finally, you will learn how to enable file system auditing.

14 videos | 56m Assessment Badge

FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE TRACKS

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

Journey 441 Network Operations Specialist KSAT Intermediate NCWF Journey

(1)

Journey 651 Enterprise Architect Intermediate KSAT Journey

(1)

Journey 451 System Administrator KSAT Advanced NCWF Journey

(1)

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills and Salary Report

ESG Impact Report

451 System Administrator KSAT Intermediate NCWF Journey

451 System Administrator

COURSES INCLUDED

EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE TRACKS

YOU MIGHT ALSO LIKE