Aspire Journeys
511 Cyber Defense Analyst
- 119 Courses | 123h 27m 42s
- 2 Labs | 40h 45m
- Includes Test Prep
Cyber Defense Analyst uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
Basic: CEH
This track covers Certified Ethical Hacker content.
- 43 Courses | 47h 59m 46s
Intermediate: Cloud+
This track contains Cloud+ content.
- 20 Courses | 25h 11m 12s
- 1 Lab | 28h 45m
Advanced: CySA+
This track contains CySA+ content.
- 22 Courses | 23h 53m 37s
- 1 Lab | 12h
Advanced: CBROPS
This track contains Cisco Certified CyberOps Associate content.
- 14 Courses | 13h 54m 59s
COURSES INCLUDED
CEH v12: Cybersecurity Concepts, Attacks, and Information Warfare
Building a strong foundation of knowledge is crucial to becoming an effective cybersecurity professional. In this course, you'll build that foundational knowledge by exploring the five core elements of cybersecurity. You'll examine how classifying what motivates an attacker to attack a network or system can go a long way into figuring out how to best protect systems and networks. Next, you'll explore the many types of attacks that threat actors use to gain access to systems and sensitive data. Finally, you'll learn about information warfare, including its categories and strategies. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
5 videos |
1h 35m
Assessment
Badge
CEH v12: Cyber Kill Chain, TTPs, Behaviors, and Threat Hunting
If you know how most threat actors and groups attack their targets, you'll be better equipped to defend against those attacks. In this course, you'll explore the seven phases of the Cyber Kill Chain, which aims to guide defenders in their understanding of commonly used attack strategies. Next, you'll learn how tactics, techniques, and procedures can help you better understand the threats your organization faces. You'll move on to examine behavioral patterns typical with today's threat actors and advanced persistent threats. The average time it takes to detect a breach is around 200 days, which is why threat hunting has become a standard security practice. To complete this course, you'll explore threat hunting and its usefulness, as well as the concept of indicators of compromise (IoC). This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
4 videos |
1h 17m
Assessment
Badge
CEH v12: Risk Management, Cyber Threat Intelligence, and Threat Modeling
At the end of the day, cybersecurity is all about understanding risk. In this course, you'll learn about how risk pertains to cybersecurity, risk levels, and how to use a risk matrix to visualize risk. You'll also examine the concept, practice, and phases of risk management, which can help you minimize the negative effects of risk. Next, you'll explore how using Cyber Threat Intelligence is a more proactive approach towards your cybersecurity defenses and the four types of CTI. Finally, you'll learn about using threat modeling to stop threats before they become security incidents and the five steps common to the threat modeling process. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
53m
Assessment
Badge
CEH v12: Incident Management, ML, AI, and Regulations
A very important job that a cybersecurity professional will need to be familiar with is that of incident management. In this course, you'll explore incident management and what it's designed to accomplish. Next, you'll examine the nine steps of the incident handling and response process to help familiarize yourself with the actions and expectations you may need to take to properly deal with a security incident. You'll learn about effective tools for protecting against advanced threats, as well as the role artificial intelligence and machine learning play in the current cybersecurity battlefield. Finally, you'll examine standards, regulations, and laws that govern how computer systems must be secured and maintained. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
1h 9m
Assessment
Badge
CEH v12: Hacking Methodology, MITRE ATT&CK Framework, and Diamond Model
Being an ethical hacker means, in some ways, that you'll need to assume the identity of a unscrupulous hacker. In this course, you'll learn what it means to be a hacker, the common hacker classes, and the five phases of hacking. As an ethical hacker, you may encounter those that don't understand what that means and how a person can use seemingly dangerous skills towards an ethical purpose. You'll examine the MITRE ATT&CK framework designed to help organizations improve defenses by understanding the attacker's methods and creating effective mitigation strategies to counter them. You'll also explore the Diamond Model of intrusion analysis which is a framework used to analyze the various components of a cyber attack. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
1h 5m
Assessment
Badge
CEH v12: Footprinting, Google Dorks, Search Engines, and Subdomains
Knowledge is power and in the ethical hacking game, the more you know about your target, the more likely you are to find a weakness in their security. In this course, you'll explore the practice of footprinting and the different types of information you can gather in this initial stage of attack. Next, you'll examine Google Dorks and some of the useful advanced search features of the Google search engine. You'll learn how to use the Shodan, Censys, and Thingful search engines to find IoT and other Internet-connected hosts and services in order to see the larger attack surface of a target. Finally, you'll explore subdomains and how they can lead to compromise if not properly managed, as well as some tools that can help you enumerate a target's subdomains. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
4 videos |
1h 22m
Assessment
Badge
CEH v12: Recon Tools and Tactics
Having knowledge of a target's physical location can be useful for social engineering and physical security assessments. In this course, you'll explore tools and tactics used to learn a target's geographical location. Next, you'll examine how conducting Open Source Intelligence on social media sites can yield sensitive information through direct investigation or social engineering. You'll move on to learn how to utilize job posts and job boards to search out useful target info like what technologies are being used, names of legitimate users, and areas that may be weak due to lack of staffing. Finally, you'll explore the large portion of the Internet that consists of the dark and deep webs and how these mostly unseen resources can be used to discover potentially sensitive info about a target. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
4 videos |
1h 6m
Assessment
Badge
CEH v12: Footprinting and Social Engineering Recon and Countermeasures
If you're engaged in a security assessment, mapping your target's public network presence is a critical step in that process. In this course, you'll learn how to discover the public network information associated with your target using WHOIS and DNS services. Next, you'll explore a few commonly used footprinting tools that will help you with not only the exam, but in real life as well. You'll move on to examine how you can use social engineering techniques like shoulder surfing and dumpster diving to obtain useful or sensitive information about your target's organization. Finally, you'll learn about some security controls that could be recommended to a client to help them better protect against an attacker's footprinting and recon efforts. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
4 videos |
1h
Assessment
Badge
CEH v12: Network Scanning, TCP, Host Discovery, and Port/Service Scanning
An ethical hacker can be most effective when employing the right tools for the job. In this course, you'll learn about networking scanning types and the various flags used in TCP communication. Next, you'll explore commonly used network scanning tools used by many of today's security professionals. You'll then move on to learn about tools that can be used for host discovery, common methods of implementation, and even some countermeasures for prevention purposes. Finally, you'll examine the differences between port and service scans, their use cases, and common port/service associations. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
4 videos |
1h 21m
Assessment
Badge
CEH v12: Nmap TCP Scans
When scanning a target with nmap for open ports and/or services, there are several common types of scans. In this course, you'll explore TCP Connect scans, how to issue a TCP Connect scan with nmap, and pros and cons of using this type of scan. You'll also look at Stealth and TCP scans, how to issue them with nmap, and their pros and cons. Next, you'll examine how good network security professionals employ firewalls to protect their assets and how this can hinder network-based recon activities. Finally, you'll learn about using nmap's ACK scan for the purposes of mapping possible firewall rules enumerating port states. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
4 videos |
1h 22m
Assessment
Badge
CEH v12: Nmap IDLE IPID, UDP, and SCTP Scans
Staying off of the radar of your target's security team is a common goal for many ethical hackers when performing security assessments. In this course, you'll learn to use the map IDLE IPID scan to take advantage of other network hosts to obfuscate scan origins from detection systems and logs. You'll explore using nmap to discover what is utilizing UDP to help you add to your list of possible inroads of a target system. You'll also examine how SCTP works and how to work with nmap to use it for scanning purposes. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
50m
Assessment
Badge
CEH v12: Scan Optimization, OS Identification, and IDS/Firewall Evasion
Running nmap scans can sometimes take a lot of time. In this course, you'll explore a few options and techniques for decreasing the amount of time you wait for nmap to complete its scans. Knowing what operating system your target is running sets the stage for how you'll conduct the subsequent steps of your hacking methodology, so you'll also examine common tools and techniques for discovering a target's host OS. Finally, you'll learn about tactics and tools that can be used to help you evade common network security controls such as firewalls and intrusion detection systems (IDS). This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
55m
Assessment
Badge
CEH v12: NetBIOS, SMB, SNMP, and LDAP Enumeration
To be a successful ethical hacker, you need to be good at gathering information. In this course, you'll explore the concept of enumeration, including what it is, how it's done, and the importance of the details gathered during this process. Next, you'll learn how to enumerate a target's useful or sensitive information using both Server Message Block (SMB) and NetBIOS. You'll move on to learn how you can use Simple Network Management Protocol (SNMP) to access information about target systems. Finally, you'll explore the details of the Lightweight Directory Access Protocol (LDAP) protocol and some tools that use LDAP to help you enumerate your targets. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
59m
Assessment
Badge
CEH v12: NTP, NFS, SMTP, and FTP Enumeration
Having the correct time helps to ensure systems operate properly, especially if you have configured things like time-based access. In this course, you'll explore the Network Time Protocol (NTP), including attributes and enumeration tools. You'll also examine the Network File System (NFS) and how it can be taken advantage of when implemented incorrectly. Finally, you'll learn about the Simple Mail Transfer Protocol (SMTP) and File Transfer Protocol (FTP), including what details can be enumerated from target systems using both of these protocols. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
54m
Assessment
Badge
CEH v12: Vulnerability Assessment, Management, and Classification
One of the main job duties of many ethical hackers is performing vulnerability assessments. In this course, you'll explore the basic concepts of vulnerability assessments, as well as tools and resources commonly used when performing one. You'll examine the vulnerability management life cycle and its common activities. Finally, you'll learn about the various vulnerability types you may discover during an assessment. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
1h 8m
Assessment
Badge
CEH v12: Vulnerability Assessment Types, Models, Tools, and Reports
Performing a vulnerability assessment allows you to locate potential weaknesses in systems, networks, and channels of communication. This is a vital step in defending systems against attacks. In this course, you'll learn about the different types of vulnerability assessments. You'll move on to explore various vulnerability assessment models and tools. Finally, you examine important information that should be included in your vulnerability assessment reports. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
1h 6m
Assessment
Badge
CEH v12: Windows Authentication
When it comes to ethical hacking, repeatable successful tactics and processes, as well as secure authentication, are the name of the game. In this course, you'll learn about Windows authentication methods and the process behind them. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
1 video |
24m
Assessment
Badge
CEH v12: Passwords Attacks, Extraction, and Cracking
Passwords are a part of many of today's authentication systems and are therefore prone to attack. In this course, you'll investigate common attack methods and tools used to defeat passwords. You'll examine how hackers are able to obtain and decrypt a user's password, including tools and techniques used to procure encrypted passwords and cracking tools used to uncover the original password data. Finally, you'll learn about common password cracking enhancement techniques aimed to decrease the amount of time and increase the success rate when attempting to crack passwords. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
59m
Assessment
Badge
CEH v12: Buffer Overflows, Privilege Escalation, and System Access
Buffer overflows can be one of the more mysterious and difficult techniques to understand and employ, but when successful they can be highly useful when gaining access to target systems. In this course, you'll explore the basic concepts behind buffer overflows, as well as some useful protections against them and how to develop and deploy them in a test environment. Next, you'll examine common privilege escalation techniques, for both Windows and Linux operating systems, that can help you obtain full administrative access. Once you've fully compromised a host, you're going to want to hang on to that access for a long as possible. Finally, you'll learn about tools and techniques that will help you maintain access over a compromised target system. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
1h
Assessment
Badge
CEH v12: Steganography and Avoiding Detection
Exfiltration of sensitive data is a common goal of many hacks. In this course, you'll explore how hackers are able to avoid detection when exfiltrating data by using steganography techniques and tools. On average it takes roughly nine months before a breach is detected. You'll also examine common tactics attackers use to cover their tracks and avoid detection by administrators. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
2 videos |
46m
Assessment
Badge
CEH v12: AD Enumeration, Mimikatz, and Pivoting Techniques
Enumerating the Active Directory (AD) during a pentest is important to identify vulnerabilities and attack vectors that may be used to gain unauthorized access to the network. In this course, you will learn about enumeration tools that can help to identify misconfigurations or policy violations that may put the organization at risk. You'll explore how the mimikatz tool is used to extract sensitive information - such as authentication credentials - from a computer system's memory to test its security. Next, explore how pivoting is used to gain access to other systems within a network and learn about tools and techniques used for pivoting by ethical hackers. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
1h 14m
Assessment
Badge
CEH v12: Malware, Threats, Trojans, and Viruses
Malware is a common threat used to attack, compromise, and even destroy computer systems. In this course, you'll learn about common malware types and components so you can properly defend against malicious software. Then, you'll move on to explore advanced persistent threats (APTs), which are becoming more and more of a danger due to their sophisticated malware. You'll examine the malicious software version of the Trojan Horse, as well as the different types of Trojans, deployment methods, construction, and techniques for evading antivirus detection. Finally, you'll learn about viruses and worms, including concepts, types, and characteristics. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
4 videos |
1h 23m
Assessment
Badge
CEH v12: Fileless Malware, Malware Analysis, and Countermeasures
The most common way for antivirus programs to detect a malware infection is by checking files against a database of known malicious objects. In this course, you'll learn about fileless malware, which avoids detection by not writing any files with known malicious content. Next, you'll explore malware analysis techniques that allow you to configure stronger defenses. You'll also examine sheep dipping and how to build a test environment. There are many security controls to protect against malware infections, so you'll complete this course by learning about countermeasures like logging, antivirus, and backups. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
1h 11m
Assessment
Badge
CEH v12: Sniffing and Poisoning
Networks are constantly sending data to deliver messages and keep network services working, but those data packets may contain sensitive information like passwords. In this course, you'll examine how an attacker can gain access to sensitive data through packet sniffing. You'll learn how attackers can manipulate Dynamic Host Configuration Protocol (DHCP), which can allow them to then intercept target host communications. Next, you'll explore how attackers can manipulate Address Resolution Protocol (ARP) by taking advantage of the default functions of ARP. You'll move on to examine how attackers trick users into sharing personal information through domain name system (DNS) poisoning. Finally, you'll learn about common security controls that allow networks to communicate, while still adding layers of scrutiny, control, and obfuscation. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
5 videos |
1h 24m
Assessment
Badge
CEH v12: Social Engineering, Insider Threats, and Identity Theft
Often times, the most insecure point in a network is not the network hosts, but the end user that works with it. In this course, you'll explore the concepts and tactics of social engineering attacks, where the end user becomes the vulnerable system. The most dangerous attack can come from inside your network. You'll also examine insider threats, including why they're effective, their organization impacts, and why they're difficult to detect and defend against. Identity theft is one of the most common and lucrative avenues of attack. To complete this course, you'll learn the basic concepts, motives, and goals behind identity theft attacks. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
1h 11m
Assessment
Badge
CEH v12: DoS, DDoS, Volumetric, and Protocol Attacks
Denial-of-service (DoS) attacks can be very disruptive to an organization both monetarily and reputationally. In this course, you'll explore denial-of-service and distributed denial-of-service (DDoS) attacks, as well as common DoS techniques and categories and common tools used to perform them. Next, you'll examine volumetric DoS attacks, which are one of the more common types deployed by attackers. These include UDP flood, Ping of Death, Smurf, and Pulse Wave. Finally, you'll learn about protocol-based DoS attacks, including SYN floods, ACK floods, and fragmentation attacks. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
57m
Assessment
Badge
CEH v12: App Layer Attacks, Botnets, and DoS Countermeasures
The application layer is another prime target for denial-of-service (DoS) attacks. In this course, you'll explore common application layer DoS attacks like SlowLoris, the Reddit Hug of Death, and UDP app-layer attacks. With botnet traffic making up about 25% of all Internet traffic, they are a real cause for concern. You'll also learn about bots and botnets, including their purpose and common ways they are proliferated. Since DoS attacks can cause so much havoc, you need to do all you can to defend against them. Finally, you'll explore commonly deployed DoS and distributed denial-of-service (DDoS) defensive countermeasures, tools, and strategies. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
58m
Assessment
Badge
CEH v12: Hijacking Concepts and Countermeasures
Sessions are like a verified conversation between trusted systems, which makes session hijacking a common form of attack. In this course, you'll learn about session hijacking, including how it's accomplished and the different types. Session hijacking attacks can be performed at the network level, so you'll also explore common network-based session hijacking attacks such as UDP, TCP, and RST hijacking. Next, you'll move on to examine common application level session hijacking attacks such as man-in-the-middle, man-in-the-browser, cross-site scripting, and cross-site request forgery. Finally, you'll learn about common session hijacking security controls and countermeasures, as well as best practices like using encrypted protocols and secure session handling techniques. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
4 videos |
1h 22m
Assessment
Badge
CEH v12: Intrusion Detection and Prevention, Firewalls, and Honeypots
Intrusion detection and prevention systems are security controls that provide alerts and protection for many organizations today. In this course, you'll explore their function, commonly deployed IDS/IPS solutions, and techniques for evading detection by these systems. Next, you'll examine firewalls, their role as a security countermeasure, and techniques commonly used to bypass them. If you know how an attacker is likely to attack, you can build better defenses to protect your organization. Finally, you'll learn how honeypots can be used to determine the attacks a production network is most likely to face from threats. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
1h 11m
Assessment
Badge
CEH v12: Web Server Hacking, Attacks, and Attack Methodologies
Having a web presence is almost a necessity in today's business age, but web applications can be very complicated and difficult to build securely. This includes the web server that runs the app. In this course, you'll explore the web server, its function, common components that can lead to vulnerabilities, and security controls to help mitigate those possible vulnerabilities. Next, you'll examine common web server attacks such as directory traversal, HTTP response splitting, and Server-side Request Forgery (SSRF). Finally, you'll learn how following an established attack methodology will increase your likelihood of success when attacking a web server, and examine a common web server attack methodology and tools and techniques used at each step. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
1h 7m
Assessment
Badge
CEH v12: Web Application Attacks and Vulnerabilities
Web applications are typically the face of most organizations today. It's how customers interact with an organization's services, which makes for an inviting target for attackers. In this course, you'll examine the details of web applications, including their commonly used technologies, associated risks, and defenses. Next, you'll explore the OWASP Top 10 Web Application Attacks document, one of the best resources for understanding web application security vulnerabilities, and learn how to use common attacks as ethical hackers and protect against them as defenders. Finally, you'll learn about unvalidated redirects and forwards and how they can be used to access protected data. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
1h 8m
Assessment
Badge
CEH v12: Web App Hacking Methodology, CSRF Attacks, and Input Filter Evasion
Common attack vectors such as cross-site scripting are becoming more difficult to exploit due to the implementation of defenses. The key to success when security testing a web application is making sure you have an effective plan. In this course, you'll explore the common web app hacking methodology, as described by EC-Council. Next, you'll learn how the tools you have at your disposal will be crucial to your success when testing the security of any web application. You'll examine how CSRF attacks work, how to recognize them, and how to evade input filters to gain cross-site scripting (XSS) execution. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
1h 8m
Assessment
Badge
CEH v12: IDOR Attacks, File Inclusion Attacks, Web APIs, and Webhooks
Direct Object Reference and Local and Remote File Inclusion attacks can prove very harmful to web applications. In this course, you'll examine how these attacks work and how to recognize them. First, you'll learn about Insecure Direct Object Reference (IDOR) attacks, including how to find and exploit them. Next, you'll learn about Local File Inclusion (LFI) and Remote File Inclusion (RFI) attacks, including how they work and how they can be leveraged to gain access to a remote system. Many of today's web applications utilize an application programming interface (API) to facilitate interaction between clients and services. To wrap up this course, you'll learn about attributes of APIs, how they compare with webhooks, and common vulnerabilities and security countermeasures associated with both APIs and webhooks. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
52m
Assessment
Badge
CEH v12: SQL Injection Concepts and Attacks
Many web applications store data in a back-end database and the data is then retrieved as the end user requests it from the front end. This process can allow for end-user injection of SQL queries, revealing sensitive data to the unauthorized attacker. In this course, you'll learn about SQL injection, including attack types, tools, security controls, and defense evasion techniques. Next, you'll explore error-based SQLi and how to test for and exploit this common SQLi vulnerability. SQL injections can be used to gain access to sensitive information or even allow access into a remote system, but they aren't always easily executed. To complete this course, you'll learn about blind-based SQLi methods and how to use them to access sensitive information on a remote system. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
1h 9m
Assessment
Badge
CEH v12: SQL Injection and SQLMap
SQL injection (SQLi) is typically used to access sensitive information from a target's database, but under the right circumstances, it can be used to access the remote file system or even allow for remote system shell access. In this course, you'll learn the SQLi techniques used to read and write to files on the target system, as well as gain interactive shell access. Manual SQL injection testing is a necessary skill, but often time to test is limited and it's useful to have a tool like SQLMap. You'll finish this course by learning how to use SQLMap to automate the process of testing SQL injections. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
2 videos |
46m
Assessment
Badge
CEH v12: Wireless Concepts, Threats, and Hacking Tools
Wireless technologies abound in today's networks, making them a prime target for attack. In this course, you'll explore the features of Wi-Fi, common standards, authentication types, antennas, and encryption schemes. Next, you'll examine common threats against wireless technologies that you need to be aware of to be an effective security professional, including authentication attacks, evil twins, rogue access point (rogue AP), and denial-of-service (DoS). To complete this course, you'll learn about commonly used wireless hacking tools, including those used for discovery, mapping, traffic analysis, and wireless attacks. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
1h 6m
Assessment
Badge
CEH v12: Wireless Hacking and Countermeasures
There are a few common attack vectors when targeting Wi-Fi networks that you should be aware of. In this course, you'll learn how to perform wireless hacking attacks such as Media Access Control (MAC) spoofing, deauthentication, and WPA/2 encryption cracking. Defending wireless networks can be a daunting task if you're unaware of effective security countermeasures. To complete this course, you'll explore common security controls that will get you on the right track to keeping your wireless network safe. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
2 videos |
49m
Assessment
Badge
CEH v12: Mobile Hacking, OS Security, and Device Management
Mobile devices are one of the core components of today's network environments, so it's vital to know how and where they are possibly vulnerable. In this course, you'll explore the attack surface related to mobile devices and the Top 10 Mobile Risks as defined by OWASP, in terms of both attacking and defending these critical pieces of infrastructure. Next, you'll examine common vulnerabilities and attack tools for both Android and iOS, as well as defensive measures you can take to secure them. One of the main reasons that attackers are successful against mobile devices is due to the difficulty in managing them. To complete this course, you'll learn about the need for mobile device management software, how to deploy it, and how it helps secure things in a BYOD world. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
4 videos |
1h 30m
Assessment
Badge
CEH v12: IoT Threats, Vulnerabilities, Attack Tools, and Countermeasures
Internet of Things (IoT) devices make our lives convenient and that makes them more prevalent every day. In this course, you'll learn about IoT and its main components, as well as IoT architecture, deployment areas, protocols, communication models, and security challenges. The best way to effectively attack IoT devices is to be familiar with the common threats and vulnerabilities, so next you'll explore these areas. Finally, you'll examine common attacks and hacking tools that you can use to gain access to IoT devices, as well as defensive countermeasures you can employ to protect against those attacks and tools. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
1h
Assessment
Badge
CEH v12: Operational Technology Concepts, Attack Tools, and Countermeasures
To be effective at both defending and attacking operational technology (OT) systems, you must first be aware of the basic components and concepts that OT systems are made of. In this course, you'll explore OT systems and their base components, as well as systems such as industrial control system (ICS), Supervisory Control and Data Acquisition (SCADA), programmable logic controllers, and Intelligent Electronic Devices (IED). You'll also learn about the common security challenges facing OT systems. Finally, you'll examine common OT-related attacks, tools, and defensive countermeasures. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
2 videos |
53m
Assessment
Badge
CEH v12: Cloud Computing, Containers, Hacking, and Security Controls
Many of today's systems are becoming cloud-based at a rapid pace. In this course, you'll explore different cloud services, deployment models, responsibility areas, and architectures relevant to your CEH exam. Another rapidly adopted technology in today's networks is containers, making knowledge of them a necessary skill. You'll examine containers, technologies like Docker, and orchestration, as well as common security challenges. Next, you'll learn why cloud services have been prone to security issues and breaches and examine common security vulnerabilities and assessment tools. Finally, you'll learn about common security controls for cloud environments that can help you protect cloud accounts, storage, containers, and orchestration. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
4 videos |
1h 29m
Assessment
Badge
CEH v12: Cryptography, Algorithms, Implementations, and Tools
Encryption is one of the best security controls available for defending computer networks and data, and cryptography plays a vital role in this process. In this course, you'll explore cryptography, including its purpose, types, and common ciphers, to help you better understand the strengths and weaknesses of common crypto-systems. Next, you'll examine the common algorithms and implementations used by various crypto-systems, including symmetric and asymmetric algorithms, hashing functions, and digital signatures. Encryption is highly effective for protecting sensitive data, but how do you encrypt something? To complete this course, you'll learn about tools that can help you secure sensitive data on servers, desktops, e-mail, and mobile. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
1h 6m
Assessment
Badge
CEH v12: PKI, Cryptanalysis, and Attack Countermeasures
In today's day and age, data must be encrypted for secure communication with third parties. But how is this accomplished? In this course, you'll examine public key infrastructure (PKI) as an encryption solution. You'll also explore PKI components, processes, and how it compares with self-signed certificates. As long as there has been encrypted data, there have been attempts to break those encryptions. You'll next learn about cryptanalysis methods and attacks used to reveal hidden messages. Finally, you'll explore how to deploy the right encryption in the right way by learning about best practices and strategies for keeping your data safe. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v12 (312-50) exam.
3 videos |
51m
Assessment
Badge
COURSES INCLUDED
CompTIA Security+: Security Goals & Controls
Every long journey, including the path to Security+ certification, begins with a few steps and some fundamental practices. Security goals and controls are an important starting point for building your security skills. You will begin this course by familiarizing yourself with the four primary security goals of confidentiality, integrity, availability, and non-repudiation. You will then explore the concepts of authentication, authorization, and accounting (AAA) and how they relate to people, systems, and models. Finally, you will delve into security control categories and types. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
10 videos |
29m
Assessment
Badge
CompTIA Security+: Fundamental Security Concepts
The Security+ candidate must display competency in an assortment of core security concepts including the newer Zero Trust initiative and common physical security controls. In this course, the learner will explore gap analysis, Zero Trust control and data planes, deception technologies like honeynets, physical security controls, Change Management business processes and technical implications, and documentation and version control. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
11 videos |
33m
Assessment
Badge
CompTIA Security+: Practical Cryptography
Cryptography is at the heart of many security controls and countermeasures and as such, Security+ candidates must have a solid grasp of practical cryptography. In this course, you will discover symmetric and asymmetric cryptography and compare different encryption levels, including full disk and partition. Next, you will explore hashing, salting, hash-based message authentication codes (HMACs), and key exchange. Then you will examine digital signatures, certificates, and public key infrastructure (PKI), focusing on certificate authorities (CAs), certificate signing request (CSR) generation, and Online Certificate Status Protocol (OCSP). Finally, you will investigate cryptographic tools like Trusted Platform Module (TPM), hardware security module, and key management systems, and you will dive into blockchain technology. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
11 videos |
43m
Assessment
Badge
CompTIA Security+: Threat Actors & Vectors
One of the primary goals for an emerging security practitioner is to have a firm grasp of the present threatscape. The learner will build this vital knowledge base in this course. In this course, we will explore threat actor types, attributes, and motivations. Next, we will dive into the use of human vectors and social engineering as well as common attack surfaces. Then we will explore supply chain, application, and O/S and web-based vulnerabilities. Finally, we will cover hardware and virtualization vulnerabilities, cloud vulnerabilities, and mobile device vulnerabilities. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
12 videos |
34m
Assessment
Badge
CompTIA Security+: Survey of Malicious Activities
Malicious software, also known as malware, comes in a variety of attack vectors and characteristics. The ability to stay current with the different malware and variants is one of the biggest challenges for modern security professionals. Begin this course by exploring malware attacks like ransomware, trojan horses, and logic bombs. Then you will investigate physical and network attacks including brute force, denial-of-service, and credential replay attacks. Next, you will focus on application and cryptographic attacks, such as buffer overflow, privilege escalation, collision, and birthday attacks. Finally, you will take a look at password attacks and discover indicators of compromise, like concurrent session usage, blocked content, and impossible travel. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
9 videos |
35m
Assessment
Badge
CompTIA Security+: Mitigation Techniques
As a security professional, it is always better to be proactive with mitigation rather than purely reactive. Begin this course by exploring segmentation and isolation, access control mechanisms, and configuration and patch management. Next, you will investigate the principles of least privilege and separation of duties and find out how encryption technologies can shield private information from unauthorized users. Then you will examine the monitoring and visibility of access controls and learn the best practices for decommissioning and offboarding. Finally, you will focus on hardening techniques, including endpoint detection and response (EDR), host intrusion detection system (HIDS)/host intrusion prevention system (HIPS), disabling ports/protocols, default password changes, and removal of unnecessary software. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
10 videos |
29m
Assessment
Badge
CompTIA Security+: Architecture & Infrastructure Concepts
A physical structure that is built by engineers and architects needs solid design, construction, and ongoing maintenance. The same can be said for a networking and system environment. Begin this course by exploring fundamental security architectural considerations, including high availability, resilience, scalability, and responsiveness. Then, you will discover cloud computing, focusing on the cloud responsibility matrix, hybrid considerations, and third-party vendors. You will investigate Infrastructure as Code, compare serverless technologies, and learn about containers and microservices. Next, you will take a look at network infrastructure, centralized and decentralized design, and virtualization. Finally, you will examine industrial control systems (ICSs), Supervisory Control and Data Acquisition (SCADA) systems, and the Internet of Things. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
12 videos |
44m
Assessment
Badge
CompTIA Security+: Enterprise Infrastructure Security Principles
This course is a critical component of modern technical controls and countermeasures, as many of the technologies covered represent the daily technical activities of security practitioners, operators, and administrators. Begin by discovering various infrastructure security considerations like device placement, security zones, and failure modes. Then, you will compare network appliances and explore port security and firewalls. Next, you will examine virtual private networks (VPNs) and IP security (IPSec). Finally, you will investigate transport layer security (TLS), software-defined wide area networks (SD-WANs), and secure access service edge (SASE). This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
10 videos |
43m
Assessment
Badge
CompTIA Security+: Data Protection Concepts & Strategies
It is an understatement to declare that society is rapidly becoming a data-driven and service-oriented. Data protection and security is a key aspect of modern IT security management. In this course, we will begin by exploring data states, classification, types, and lifecycles. Then we will examine considerations for securing data including geographic and cultural restrictions, encryptions, and hashing. Finally, we will look at masking, obfuscation, and tokenization as well as segmentation and compartmentalization. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
10 videos |
26m
Assessment
Badge
CompTIA Security+: Resilience & Recovery
Restoration and recovery is a vital part of a comprehensive backup plan. As a well-known axiom regarding backup strategy states, "a backup policy without tested restoration and recovery is no backup at all." In this course, we will examine restoration and recovery concepts, beginning with load balancing, clustering, and backup strategies. Next, we will explore continuity of operations, multicloud, and disaster recovery sites. We will then focus on capacity planning and testing techniques. Finally, we will look at power considerations. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
9 videos |
44m
Assessment
Badge
CompTIA Security+: Computing Resources Security Techniques
Today's security professional must contend with more types of computing systems and operating systems than ever before due to mobility, embedded, smart, and Internet of Things (IoT) devices. In this course, you will explore secure baselines and hardening targets. Then you will learn about wireless device installation issues, mobile device solutions, and connection methods. Next, you will investigate wireless security settings, cryptographic protocols, and authentication protocols. Finally, you will discover application security techniques and asset management tasks, including assignment/accounting, monitoring/asset tracking, enumeration, and disposal/decommissioning. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
9 videos |
35m
Assessment
Badge
CompTIA Security+: Vulnerability Management
Vulnerability management is an ongoing process designed to proactively protect computer systems, networks, and applications from cyberattacks and data breaches and is an integral part of your overall security system. Begin this course by exploring threat feeds like open-source intelligence (OSINT), Common Vulnerability Scoring System (CVSS), and Common Vulnerability Enumeration (CVE) to help gather information about potential threats or adversaries. Then you will investigate application vulnerability assessments for assigning severity levels, vulnerability scanning to identify known and unknown weaknesses, and penetration testing to simulate real-world attacks. Finally, you will discover vulnerability response and learn how to validate and report on remediation processes. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
8 videos |
26m
Assessment
Badge
CompTIA Security+: Security Monitoring & Alerting
Congratulations. You have convinced your steering committee to give you a huge budget, new hires, and broader access to deploy a ton of security controls at the new regional branch office. However, within weeks you will be brought back to report on the effectiveness of the new expensive toys. This is why solid monitoring and alerting are critical for success. In this course, you will explore security monitoring and alerting, beginning with monitoring computing resources, visibility, and agent-based and agentless monitoring. Then you will focus on monitoring activities like log aggregation, alert response, and validation. Next, you will discover the importance and benefits of Security Content Automation Protocol (SCAP), security information and event management (SIEM), and security orchestration, automation, and response (SOAR) systems. Finally, you will investigate antivirus and data loss prevention (DLP) systems, Simple Network Management Protocol (SNMP) traps, and NetFlow records. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
10 videos |
31m
Assessment
Badge
CompTIA Security+: Enterprise Security Capabilities
This course is a vital exploration of many of the day-to-day operational controls that the security professional is often involved with. This is what is referred to as the "due care" aspect of the job or ongoing continual maintenance. In other words, these are core "blue team" responsibilities. Topics presented to the learner include firewalls, intrusion detection system (IDS)/intrusion prevention system (IPS), web filtering, operating system security, implementing secure protocols, DNS filtering, email security, DomainKeys Identified Mail (DKIM), Sender Policy Framework (SPF), gateways, File Integrity Monitoring (FIM), data loss prevention (DLP), network access control (NAC), endpoint detection and response (EDR), Extended Detection and Response (XDR), and user behavior analytics (UBA). This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
13 videos |
53m
Assessment
Badge
CompTIA Security+: Identity and Access Management
Hybrid and remote work are more common than ever, and employees need secure access to enterprise resources from wherever they are. This is where identity and access management (IAM) comes to the rescue. The organization's IT department needs to control what users can and can't access so that sensitive data and functions are restricted to only the people and resources that need to work with them. In this course, we will explore IAM tools beginning with provisioning and deprovisioning user accounts, and password concepts including password best practices, length, complexity, reuse, expiration, age, password managers, and passwordless solutions. Next, we will look at federation and single sign-on (SSO), Lightweight Directory Access Protocol (LDAP), Open Authorization (OAuth), Security Assertions Markup Language (SAML), interoperability, and attestation. We will then consider access control models including mandatory, discretionary, role-based, rule-based, attribute-based, time-of-day restrictions, and least privilege. Finally, we will explore multi-factor authentication (MFA), biometric authentication, and privileged access management tools (PAM). This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
9 videos |
42m
Assessment
Badge
CompTIA Security+: Automation, Orchestration, & Incident Response
Automation offers many advantages to information technology including higher production rates and increased productivity, more efficient use of resources, both physical and logical, better product/service quality, and improved security and safety. In this course, the learner will tackle concepts such as automation and scripting use cases, continuous integration and testing, application programming interfaces (APIs), the benefits of automation, automation considerations, the incident response process, training, testing, tabletop exercises, simulations, threat hunting, root cause analysis, digital forensics, and investigation data sources. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
10 videos |
48m
Assessment
Badge
CompTIA Security+: Effective Security Governance
According to Gartner: "Security governance is a process for overseeing the cybersecurity teams who are responsible for mitigating business risks. Security governance leaders make the decisions that allow risks to be prioritized so that security efforts are focused on business priorities rather than their own." In this course, you will further define security governance and types of governance structures. Then you will discover security governance roles and responsibilities, such as owners, stewards, and officers, and external governance considerations. Next, you will explore guidance, best practices, standards, and policies like the software development life cycle (SDLC) and change management. Finally, you will investigate security governance procedures, including playbooks, monitoring, and revision. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
9 videos |
46m
Assessment
Badge
CompTIA Security+: Risk Management
Security risk management is the ongoing process of identifying security risks and implementing plans to address them. Most security professionals should have a solid foundation in this important cross-disciplinary initiative. In this course, you will take a deep dive into security risk management, including risk identification and assessment. Then you will explore risk analysis concepts like qualitative and quantitative analysis and impact/magnitude. Next, you will discover risk treatment and handling strategies, including transfer, acceptance, and exemption. You will examine risk registers and ledgers, key risk indicators, risk owners, and risk thresholds. Finally, you will investigate risk reporting techniques and business impact analysis (BIA) to predict the consequences of a disruption to a business and collect information needed to develop recovery strategies. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
9 videos |
38m
Assessment
Badge
CompTIA Security+: Security Compliance & Third-Party Risk
Security compliance management is the collection of policies, procedures, and other internal controls that an enterprise leverages to meet its regulatory requirements for data privacy and protection. In this course, you will explore compliance monitoring topics like due diligence, attestation, and compliance automation, as well as internal and external compliance reporting. Then you investigate the consequences of non-compliance, including fines, sanctions, and reputational damage. Next, you will examine privacy considerations for keeping information involving people confidential. Finally, you will assess vendor assessment and selection techniques like supply chain analysis and rules of engagement, and you will discover various agreement types, such as non-disclosure agreements (NDAs), service-level agreements (SLAs), and statements of work (SOWs). This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
8 videos |
35m
Assessment
Badge
CompTIA Security+: Audits, Assessments, & Awareness
A security audit is a systematic and methodical examination of an organization's security infrastructure, policies, and procedures. The goal is to identify vulnerabilities, weaknesses, and potential threats to sensitive information assets, physical assets, and personnel. In this final course, the learner will be exposed to topics such as internal and external audit and attestation, penetration testing audits, user guidance and training, phishing campaigns, and security training monitoring and reporting. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
8 videos |
23m
Assessment
Badge
COURSES INCLUDED
CompTIA Cloud+: Cloud Architecture & Models
The cloud has various deployment and service models that can help your organization design and create your very own cloud strategy based on needs. First, you'll learn about the available cloud deployment models such as public, private, hybrid, community, and virtual public clouds, as well as multi-cloud and multitenancy environments. Next, you'll examine cloud service models such as Infrastructure as a Service, Platform as a Service, and Software as a Service. Finally, you'll learn about advanced topics such as the Internet of Things, serverless computing, machine learning, artificial intelligence, and the shared responsibility model. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 10m
Assessment
Badge
CompTIA Cloud+: Cloud Capacity Planning
Capacity planning is an important factor to consider when creating a Cloud Strategy. This course will describe the important factors to consider when performing capacity planning. First, you will learn about the technical and business factors to consider when performing capacity planning. Next, you will learn about using standard templates, licensing considerations, user density and system load. You then learn how to use captured metrics to perform trend analysis and how to do performance capacity planning. Finally, you'll learn how to create a cloud-based database and how cloud features can be scaled to meet capacity demands. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 8m
Assessment
Badge
CompTIA Cloud+ : Cloud High Availability & Scaling
High availability of cloud systems and resources is extremely important to ensure that a system is there when you need it. Cloud environments have many options and features to ensure that the goal of high availability is achieved. First, you will learn the concepts of affinity and anti-affinity and how it related to hypervisors. Next, you will learn about the benefits of oversubscription of compute, network and storage resources, using regions and zones, cloud applications, and using containers in the cloud environment. Next, you will learn how to configure network resources such as switches, routers, load balancers, and firewalls for high availability. Finally, you will learn about using cloud clusters, identifying single points of failure, and the benefits of using auto-scaling, horizontal scaling, vertical scaling and cloud bursting. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 13m
Assessment
Badge
CompTIA Cloud+: Cloud Solution Design
Developing new software systems can be costly and time consuming. Cloud-based solutions can help get your system online quickly and cost-effectively and help to meet all your business requirements. In this course, you'll learn how to analyze the cloud solution design in support of business requirements. First, you'll explore how to analyze the solution design while considering requirements for software, hardware, system integration, security, network, disaster recovery, budgeting, service level agreements, and compliance. Next, you'll learn about the benefits of using multiple environments for development, quality assurance, staging, and production. You'll also examine the advantages of performing blue-green deployments. Finally, you'll learn about software development testing techniques such as performance, regression, functional, usability, vulnerability, and penetration testing. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 13m
Assessment
Badge
CompTIA Cloud+: Cloud Identity & Access Management
Identity and access management is crucial to securing resources and ensuring the resources are used by the correct people. In this course, you'll learn about some of the security resources that are available for performing and enforcing identity and access management. First, you'll examine identity and access management, including user identification, authorization, and privileged access management. You'll learn how to use the Lightweight Directory Access Protocol to manage access to resources. Next, you'll explore how identity federation can be used to manage user identities and how certificate management can be performed using certificate authorities, registration authorities, certificate databases, certificate stores, and key archival servers. You'll then move on to learn about multi-factor authentication, single sign-on, Public Key Infrastructure, as well as secret and key management. Finally, you'll learn about the components that can be used to perform incident response preparation and incident response procedures such as evidence acquisition, chain of custody, and root cause analysis. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 13m
Assessment
Badge
CompTIA Cloud+: Cloud Network Security
Having a secure cloud environment is crucial for ensuring system and data integrity and security. Cloud environments have numerous methods for meeting these security needs. In this course, you'll learn how to secure a network in a cloud environment using network segmentation, network protocols, and network services. Next, you'll learn how to monitor the security of a network environment using log and event monitoring and how to harden the network environment. Then, you'll move on to examine the available network security tools that can be used to perform network penetration tests, such as vulnerability scanners and port scanners. You'll also explore how to use these security tools to perform vulnerability assessments. Finally, you'll learn about the purpose of a risk register and how to prioritize the deployment and installation of security patches. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
13 videos |
1h 21m
Assessment
Badge
CompTIA Cloud+: Cloud Security Controls
Ensuring the security of your operating systems and applications is a key component of keeping your cloud environment secure. There are several key steps that can be taken to ensure your cloud system is secure. In this course, you will learn about cloud security policies and managing cloud user permissions. Next, you will learn about anti-virus and anti-malware tools, firewalls, intrusion detection and intrusion prevention tools that can be used to detect and prevent cybersecurity attacks. Next, you will learn about hardening your cloud environment and using encryption to increase data security. Finally, you will learn about configuration management and how to monitor the system and event logs. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 9m
Assessment
Badge
CompTIA Cloud+: Data Security & Compliance Controls
There may be several ramifications for failing to secure your organization's data in the cloud environment. This could also mean failing to comply with regulatory compliances. In this course, you will learn how mandatory access controls are used to secure cloud services. First, you will learn encryption, hashing algorithms, digital signatures, the access security broker and file integrity monitoring can be used to ensure data security and regulatory compliance. Next, you will learn how data classification, network and access control can be used to secure data. Next, you will learn about data security laws and regulations and the legal requirements for securely storing data. Finally, you will learn about data loss prevention and the components of records management systems including versioning, retention, destruction and write once/read many. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 17m
Assessment
Badge
CompTIA Cloud+: Cloud Component Integration
Cloud environments provide many key components that can be incorporated into your cloud solution. In this course, you'll learn about the available cloud components. First, you'll learn about subscription services such as file, communication, e-mail, VoIP, messaging and collaboration, and the virtual desktop infrastructure, as well as directory and identity services. Next, you'll explore cloud service models such as IaaS, PaaS, and SaaS and how to provision and integrate compute, storage, and network resources for a cloud solution. Next, you'll examine how to integrate serverless applications, deploy and integrate virtual machines, and use OS and solution templates to provision and integrate resources into a cloud solution. Finally, you'll learn to integrate identity management and containers and perform autoscaling and post-deployment validation of cloud solutions. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 10m
Assessment
Badge
CompTIA Cloud+: Provisioning Cloud Storage
Storage in the cloud is a crucial component of any cloud-based solution. In this course, you'll learn about the types of cloud storage you can use in your solutions and their features. First, you'll explore how to provision and measure the performance of block, file, object, and flash storage. Next, you'll learn about the different types of RAID arrays and the purpose of user quotas. You'll then move on to examine the protocols used with cloud storage. You'll learn about the features of hyperconverged storage, hyperconverged infrastructures, and software-defined storage. Finally, you'll explore how to create and use an Azure container. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 23m
Assessment
Badge
CompTIA Cloud+: Cloud Network Deployments
Deploying cloud-based solutions efficiently and securely requires that the network be configured correctly. In this course, you'll learn about the network services that need to be considered when deploying cloud solutions. First, you'll explore the role of network services such as DHCP, DNS, CDN, IPAM, as well as VPNs. You'll learn about the features of virtual routing including dynamic and static routing. Next, you'll examine virtual network interface controllers and the features of network appliances such as load balancers, firewalls, and virtual private clouds. Finally, you'll learn about the features of virtual LANs, single root input/output virtualization, and software-defined networks. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 18m
Assessment
Badge
CompTIA Cloud+: Cloud Migrations
For a cloud-based solution to run efficiently and cost-effectively, the appropriate sizing of resources is essential. In this course, you'll learn to configure the correct compute sizing for a deployment, as well as how to perform cloud migrations. First, you'll explore the features of virtualization such as hypervisors and how to compute. Next, you'll learn about the features of and how to correctly size CPUs, vCPUs, and GPUs. You'll explore memory allocation and the features of a hyperconverged infrastructure. You'll then learn about cloud migrations such as storage migrations, database migrations, physical to virtual migrations, virtual to virtual migrations, and cloud-to-cloud migrations. Finally, you'll examine cloud migration implications for access control lists, firewalls, and vendor lock-in. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 7m
Assessment
Badge
CompTIA Cloud+: Cloud Logging, Monitoring, Alerting & Optimization
Logging and monitoring is essential to ensure that your cloud environment is running efficiently and securely. In this course, you will learn to configure logging, monitoring and alerting services in the cloud and optimize cloud environments. First, you will learn about the available cloud features for logging such as collectors, SNMP, syslog, audits, log types, access and authentication, and automation. Next, you will learn about the features of system monitoring such as baselines, thresholds, tagging, and performance monitoring, resource utilization, availability, and SLA-defined uptime. Next, you will learn about the features of alerting such as common messaging methods, maintenance mode and appropriate responses. Finally, you will learn how to optimize cloud resources including placement, computing, storage, networks, and device drivers and firmware. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h
Assessment
Badge
CompTIA Cloud+: Cloud Operations Management
Maintaining a stable cloud environment is important to ensure the health of the cloud system. In this course you will learn how to maintain efficient operation of a cloud environment. First, you will learn how to perform life cycle management, and perform change management. Next, you will learn about the configuration management database and why it is important. Next, you will learn about using dashboards and the impacts of process improvements, upgrade methods, and performance reporting. Lastly, you will learn about the options for performing patching and the types of backups and available backup objects, and to confirm the completion of backups. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 16m
Assessment
Badge
CompTIA Cloud+: Cloud Automation & Orchestration
In order for cloud environments to operate efficiently you need to use automation and orchestration to keep things running smoothly. In this course, you will learn about the components and features of cloud automation and orchestration. First, you will learn about the features of infrastructure as code, continuous integration and continuous deployment. Next, you will learn about version control and configuration management and how it relates to orchestration and automation. Next, you will learn about the features of containers, cloud automation activities, secure scripting and orchestration sequencing. Finally, you will learn about backup and restore policies as well as backup targets. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 8m
Assessment
Badge
CompTIA Cloud+: Cloud Disaster Recovery
Planning for disaster recovery is crucial to getting your cloud solution running and operational when a crisis occurs. In this course, you'll learn about how to plan for and the features of disaster recovery. First, you'll explore disaster recovery features such as failover, failback, backup restoration, and replication. Next, you'll examine the importance of network configuration, geographical data centers, restoration methods, and on-premise and cloud sites. Finally, you'll learn about the importance of the DR kit, playbook, network diagrams, RPOs, RTOs, SLAs, and corporate guidelines when planning for disaster recovery. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 26m
Assessment
Badge
CompTIA Cloud+: Cloud Troubleshooting Methodologies
Being able to troubleshoot cloud and network issues is important when trying to resolve failures or operational difficulties. In this course, you'll learn to use troubleshooting methodologies to resolve common cloud issues. First, you'll examine how to resolve cloud related issues using the troubleshooting methodology. Next, you'll explore how to resolve network security group misconfigurations issues and network connectivity issues. You'll then move on to learn about resolving network routing and firewall connectivity issues. You'll learn about the tools that you can use to troubleshoot and resolve network issues. Finally, you'll learn resource utilization, application performance, and load balancing performance tuning. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 22m
Assessment
Badge
CompTIA Cloud+: Troubleshooting Cloud Security Issues
Being able to troubleshoot security issues is essential to ensuring fully functional systems in the cloud. In this course, you'll examine some of the common causes of security issues. First, you'll learn to troubleshoot security issues due to missing or incomplete privileges, authentication or authorization issues, or network and directory security group issues. Next, you'll explore how to troubleshoot security issues due to expired, revoked, compromised, or misconfigured keys and certificates or due to misconfigured or misapplied policies. You'll then move on to learn how to troubleshoot and identify security concerns due to unencrypted data, data breaches, misclassification of data, lack of protocol encryption, and insecure ciphers. Finally, you'll also learn to troubleshoot and identify security concerns due to exposed endpoints, misconfigured security appliances, and unsupported protocols, as well as how to deal with internal or external attacks. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 12m
Assessment
Badge
CompTIA Cloud+: Troubleshooting Cloud Deployments
Being able to troubleshoot issues during the deployment process is essential to ensuring full functionality in the cloud. In this course, you'll examine some of the common causes of deployment issues. First, you'll learn about some of the causes of service outages and the need for a disaster recovery plan. You'll explore how to troubleshoot performance and degradation issues and how these issues can relate to capacity planning. Next, you'll learn how automation scripts can be the cause of deployment issues and how good scripts validate and perform rollbacks on failure. You'll then move on to examine how to troubleshoot issues with applications in containers, how to validate deployment templates, and how insufficient resource capacity can cause degradation and latency issues. Finally, you'll learn how to troubleshoot licensing and vendor-related issues. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 28m
Assessment
Badge
CompTIA Cloud+: Troubleshooting Automation and Orchestration Issues
Being able to troubleshoot issues during cloud automation and orchestration is important to ensuring smooth and efficient deployments in a cloud environment. In this course you will examine some of the causes of these issues. First, you'll explore automation and orchestration issues that occur due to user account or service account permission issues, change management process miscommunications, and DNS and server name changes. Next, you'll learn about automation and orchestration issues that occur due to IP address scheme changes, changed availability zones, third-party versioning issues, and tool incompatibility issues. Finally, you'll examine how to validate change management processes and that patches installed correctly. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 7m
Assessment
Badge
COURSES INCLUDED
CompTIA Cybersecurity Analyst+: Network Security Concepts
Cybersecurity policies often require detailed network configuration changes and additions. Technicians must be proficient with the configuration and management of various TCP/IP protocols. In this course, I will start by discussing the Open Systems Interconnection (OSI) model, network switching, and network access control. Next, I'll discuss the TCP/IP protocol suite as well as IPv4 and IPv6 addressing. I will then discuss network routing, dynamic host configuration protocol (DHCP), domain name system (DNS) and Wi-Fi authentication methods. Lastly, I will cover virtual private networks (VPNs), IP Security (IPsec) and network time synchronization. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
14 videos |
1h 29m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Managing Network Settings
Modern IT solutions communicate over various types of networks. Cybersecurity analysts must be able to configure and secure the ways that devices communicate over these networks. In this course, I will begin by creating on-premises and cloud-based virtual networks, followed by managing IP addressing on Linux, Windows, and in the cloud. Next, I will manage routing table entries in the cloud and implement domain name system (DNS) and Dynamic Host Configuration Protocol (DHCP) security. Lastly, I will harden a Wi-Fi router and configure IPsec in Windows. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
11 videos |
59m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Cloud Computing & Cybersecurity
Cloud computing is an integral part of IT solutions for individuals and organizations. A knowledge of how cloud computing services are deployed and managed is a requirement for securing cloud-based resources. In this course, I will start by discussing cloud computing deployment models, such as public and private clouds, followed by discussing various cloud computing service models. Next, I will cover a variety of cloud computing security solutions, and I will deploy Linux and Windows cloud-based virtual machines. I will then deploy a web application in the cloud, cover the Cloud Controls Matrix (CCM) security controls, and work with Microsoft Azure managed identities. Lastly, I will discuss and configure a content delivery network (CDN). This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
12 videos |
1h 10m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Virtualization & Container Security
Virtualization comes in a variety of forms, including operating system, application, and desktop virtualization. Cybersecurity analysts regularly manage and secure application containers and virtual machines on-premises and in the cloud. In this course, I will discuss the differences between operating systems, application, and desktop virtualization. I will then configure Microsoft Hyper-V. Next, I will cover application containerization concepts, install Docker on Linux, and manage application containers on Linux. Lastly, I will install Docker on Windows and manage application containers on Windows. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
7 videos |
36m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Data Security Standards
To remain compliant with relevant data privacy laws and regulations, organizations must have a way of identifying sensitive data and implementing security controls to protect that data. In this course, explore how physical security is related to digital data security, examples of personally identifiable information (PII), and how data loss prevention (DLP) solutions can prevent data exfiltration. Next, learn about common data privacy regulations and standards, including GDPR, HIPAA, and PCI DSS. Finally, discover how to use Amazon Macie and File Server Resource Manager to discover and classify sensitive information and learn about the importance of service level objectives (SLOs) and service level agreements (SLAs). This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
11 videos |
1h 3m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Threat Intelligence
Cybersecurity analysts and security tools can reference a variety of threat intelligence sources to keep up to date with the latest threats and mitigations. These can be used to help keep organization security policies as effective as possible. In this course, examine different threat intelligence sources, the common vulnerabilities and exposures (CVEs) website, and the MITRE ATT&CK knowledge base. Next, discover how the OWASP Top 10 can help harden vulnerable web applications, how advanced persistent threats (APTs) are executed, and common ISO/IEC standards. Finally, learn how to analyze CIS benchmark documents, the Common Vulnerability Scoring System (CVSS), common organization security policy structures, and how organizational culture relates to IT security. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
12 videos |
1h 9m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Managing Risk
Risk is inevitable when relying on IT systems to manage data. Cybersecurity analysts can apply a variety of techniques to manage risk to an acceptable level. In this course, explore how risk management can minimize the impact of IT security events and discuss the relevance of recurring risk assessments and the use of a risk register. You will then consider risk treatments such as risk avoidance and risk transfer. Next, discover how to calculate the annual loss expectancy (ALE) and how this compares to the cost of security controls. Explore security control types such as preventative and compensating controls. Finally, you will look at how configuration management relates to IT security, how to establish security baselines and replicate cloud storage, and how to back up data to the cloud. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
14 videos |
1h 19m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Business Continuity
Organizations must prepare in advance for the inevitable disruption of business operations. This means proactive planning to not only prevent disruptions but also manage them to reduce their negative impact. In this course, you'll begin by exploring common characteristics of a business continuity plan (BCP) and how to conduct a business impact analysis (BIA). You will then consider disaster recovery and incident response plans and focus on incident response activities such as escalation, eradication, and containment. Next, discover the importance of lessons learned from past incidents in order to make future incident response more effective. Lastly, you will explore the cyber-attack kill chain and the diamond model of intrusion analysis. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
12 videos |
1h 9m
Assessment
Badge
CompTIA Cybersecurity Analyst+: OS Process Management
Managing the running processes on Linux and Windows hosts not only improves performance but also impacts how secure those hosts are. Determining what an abnormal performance or activity is greatly facilitates comparisons to current activity to established baselines of normal performance and behavior. In this course, I will start by navigating through the Windows registry followed by exploring Linux hardware devices using the Linux command line. I will then use the Windows Device Manager tool to manage a hardware device. Next, I will create partitions and file systems on Linux and Windows hosts followed by covering how processes and daemons interact with the Linux OS. I will manage Linux and Windows processes and daemons, or services. Lastly, I will establish a normal performance baseline on a Windows Server using a data collector set. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
11 videos |
59m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Authentication
Hardening authentication processes makes it more difficult for attackers to compromise accounts. Managing users and groups allows for access to required resources. In this course, you will explore authentication methods, including passwordless login. Then you will learn how to manage Linux users and groups using the command line and how to enable Secure Shell (SSH) public key authentication. Next, you will install and configure a Lightweight Directory Access Protocol (LDAP) server and client, manage Windows and cloud users and groups, and examine dynamic membership cloud-based groups. Finally, you will configure multi-factor authentication (MFA) for AWS users, manage Windows password policies, and discover identity federation. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
13 videos |
1h 19m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Authorization
Strong authorization settings limit permissions to resources for authenticated entities. Cybersecurity analysts must be aware of how to not only configure resource permissions, but also how to evaluate existing permissions to ensure adherence to the principle of least privilege. In this course, you will discover how authorization is related to, but differs from, authentication. Then you will explore access control models, such as role-based access control (RBAC) and attribute-based access control (ABAC). Next, you will find out how to manage Linux and Windows file system permissions using the command lines. Finally, you will learn how to configure Windows dynamic access control, work with privileged access management in Linux using sudo, and manage RBAC permissions in the Microsoft Azure cloud. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
9 videos |
52m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Cryptography
Confidentiality, integrity, and availability are core pillars of IT security governance. Cybersecurity analysts can harden IT environments using various encryption and hashing techniques. In this course, examine how the CIA triad relates to IT security and how cryptography protects sensitive data. Next, discover how to configure EFS file encryption and Microsoft BitLocker encryption, and use a customer-managed key to enable encryption for an Azure storage account. Finally, learn how to hash files in Linux and Windows, about hardware security modules (HSMs), and how TLS supersedes SSL. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
12 videos |
1h 5m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Public Key Infrastructure
Public key infrastructure (PKI) certificates are used to secure IT environments in many different ways, such as through e-mail encryption and web server HTTPS bindings. Technicians must have an understanding of how PKI certificates are requested, issued, and used. In this course, I'll start by discussing the PKI hierarchy from certification authorities (CAs) down to issued certificates and explore the PKI certificate life cycle. Next, I will deploy a private CA on the Windows platform and demonstrate how to manage PKI certificate templates. Then, I will acquire PKI certificates and configure a web server HTTPS binding. Lastly, I will configure a website to allow access only from clients with trusted PKI certificates. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
9 videos |
49m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Firewalls & Intrusion Detection
Firewall solutions control which types of network traffic are allowed into, through, or to leave a host or network. Cybersecurity analysts must know which type of firewall is needed for a given requirement as well as the placement of the firewall solution on the network. In this course, you will begin with a comparison of firewall types such as packet filtering, next-generation, and web application firewalls and learn how to determine their placement on the network. Then you will configure Windows Defender and Linux firewall settings. Next, you will configure Azure network security group firewall rules and explore the role played by forward and reverse proxy servers. Finally, you will install the Squid proxy server on Linux, find out how intrusion detection and prevention systems can address security concerns, and install and configure the Snort IDS. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
10 videos |
56m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Hardening Techniques
Hardening refers to attack surface reduction in IT environments and can be applied to any type of device or software environment, including storage area networks (SANs). Firmware and software patches should be applied to ensure that potential security flaws in code have been addressed. In this course, I will begin by covering hardening techniques for a variety of IT environments, followed by using Microsoft Group Policy to configure security settings for Active Directory domain-joined computers. Next, I will discuss storage area networks and related security considerations. I will then remove the need for virtual machine (VM) public IP addresses by allowing remote access through Microsoft Azure Bastion. I will discuss the importance of applying hardware and software patches. Lastly, I will install and configure a Windows Server Update Services (WSUS) server and deploy updates to Microsoft Azure virtual machines. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
10 videos |
56m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Malware
Malicious actors are motivated and influenced by a variety of factors, and one of the most effective security mechanisms organizations can employ is user awareness and training on security threats. Cybersecurity analysts must be aware of various types of attacks and how scripting languages and tools are used to execute these attacks. In this course, learn about threat actor types and their motivations and how security baselines facilitate the identification of non-compliant devices. Next, explore examples of social engineering attacks and use the Social-Engineer Toolkit (SET) to execute such an attack. Finally, examine the characteristics of malware types, common scripting languages, and how to recognize potential indicators of malicious activity. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
15 videos |
1h 33m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Malicious Techniques & Procedures
Understanding the characteristics of various types of attacks goes a long way in helping cybersecurity analysts prevent and detect malicious activity. A knowledge of techniques and attacks such as buffer overflows and distributed denial-of-service (DDoS) attacks facilitates mitigation planning. In this course, I will begin by covering how SYN flood attacks from the 3-way Transmission Control Protocol (TCP) handshake. Next, I will detail various types of buffer overflow, cross-site scripting (XSS), and injection attacks. I will then execute a structured query language (SQL) injection attack followed by discussing potential extensible markup language (XML) vulnerabilities and DDoS attack mitigations. Moving on, I will run a denial-of-service (DoS), client web browser, and reverse shell attack. Lastly, I will spoof network traffic, crack Remote Desktop Protocol (RDP) passwords and discuss common Wi-Fi attacks. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
15 videos |
1h 27m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Analyzing Malicious Activity
Malware mitigation techniques include the deployment, configuration, and ongoing management of virus and threat endpoint protection. Online tools such as VirusTotal can be used to upload suspicious files that might contain malware. Cybersecurity technicians must be able to determine the authenticity of email messages as well as create sandbox environments for testing configurations. In this course, you will begin by configuring Windows virus and threat protection and uploading a potentially infected file to VirusTotal. Next, you will determine when to use cloud-based and on-premises malware analysis solutions like Joe Sandbox and Cuckoo Sandbox. Then you will view email details in an effort to determine message authenticity and you will create a repeatable compliant environment using Azure Blueprints. Finally, you will learn how to work with user virtual private networks (VPNs) and the Tor web browser and find out how bug bounties offer rewards for the identification of flaws in hardware and software. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
9 videos |
43m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Vulnerability & Penetration Testing
Vulnerability scanning identifies host and network vulnerabilities and must be an ongoing task. Penetration testing is an active security method by which there is an attempt to exploit discovered vulnerabilities. In this course, you will discover how to plan for, schedule, and execute vulnerability assessments, identify common vulnerability scanning tools, and conduct an nmap scan. Next, you will use Nessus and Zenmap to execute security scans and text web app security using the OWASP Zed Attack Proxy (ZAP) tool. Then you will explore penetration testing and the Metasploit framework and use the Burp Suite tool as an HTTP intermediary proxy. Finally, you will learn how to manage Azure policy, investigate potential indicators of compromise, and examine how IT security relates to industrial control systems. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
14 videos |
1h 21m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Secure Coding & Digital Forensics
Security must be included in all phases of IT system and software development designs. Continuous integration and continuous delivery/deployment (CI/CD) integrates development and ongoing management of IT solutions. Cybersecurity analysts must understand IT governance and digital forensics concepts. Begin this course by examining the role of security in the software development life cycle (SDLC). Then you will explore CI/CD and learn how Git is used for file version control. Next, you will discover how the Control Objectives for Information and Related Technologies (COBIT) framework applies to IT governance and you will investigate digital forensics. Finally, you will configure legal hold settings for a cloud storage account and list common digital forensics hardware and software solutions. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
10 videos |
55m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Logging & Monitoring
Logging and monitoring are crucial aspects of IT security governance. The ability to configure and centrally monitor logs to detect anomalies can prevent security incidents or minimize their impact. In this course, learn how to view Linux log files, configure log rotation for log retention, and configure Linux log forwarding to a central logging host. Next, work with Windows Event Viewer logs and configure Windows log forwarding. Finally, discover how tracking malicious actor activity is possible using honeypots and honeynets and how to implement a honeypot. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
10 videos |
55m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Security & Network Monitoring
SIEM solutions serve as centralized data ingestion and analysis engines that seek out potential security issues. Security incident response can be partially or fully automated using SOAR solutions. In this course, discover the benefits of security information and event management (SIEM) and security orchestration, automation, and response (SOAR) security incident monitoring and response solutions. Next, explore threat positives and negatives, followed by deploying the Splunk SIEM on Linux. Finally, learn how to configure a Splunk universal forwarder and use various tools to capture and analyze network traffic. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
12 videos |
1h
Assessment
Badge
COURSES INCLUDED
CBROPS: The CIA Triad & Security Approaches
For those aspiring or current IT professionals pursuing a job role as an entry or associate-level cybersecurity analyst, or for those pursuing the Cisco Certified CyberOps Associate certification, this course will introduce you to cybersecurity operations in a security operation center. You'll review security concepts, policies, and procedures used by a CyberOps Associate working within a SOC. You'll learn about the CIA triad, a model of implementing security on networks. Next, you'll explore basic models for cybersecurity and various security approaches. Finally, you'll review security terminology you should be familiar with and common security practices and tools for the CyberOps Associate. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.
4 videos |
1h 8m
Assessment
Badge
CBROPS: Threat Actors, Security, & Risk Management
In this course, you'll learn about threat actor types and review related examples. You'll then explore commonly confused security concepts - risk, threat, vulnerability, and exploit. Finally, you'll examine risk management concepts, including risk scoring/weighting, risk reduction, and risk assessment. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.
3 videos |
56m
Assessment
Badge
CBROPS: CVSS, Deployments, Access Control, & Data Visibility
A SOC data analyst may depend on external data to help with understanding potential attacks against systems. In this course, you'll learn how the CVSS helps and what information it provides to a cybersecurity data analyst. You'll examine the implementation of security methods and how they fit into security design. You'll review how access control is implemented across an organization and some of the available access control models. Finally, it's important to know about network data visibility challenges, so you'll learn what they are and how to deal with them. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.
4 videos |
1h 17m
Assessment
Badge
CBROPS: Data Loss, Host Isolation, & Detection Methods
In this course, you'll learn to identify potential data loss indicators noted from a traffic profile. Then, you'll explore the 5-tuple approach for isolating a host. Finally, there are different detection methods that are used when securing networks dynamically. You'll review the similarities between them and how they operate to bring about usable results. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.
3 videos |
51m
Assessment
Badge
CBROPS: Attack Surfaces, Vulnerability, & Analysis Tools
There are many things in cybersecurity that sound similar but are not. In this course, you'll learn to distinguish the attack surface from vulnerability. You'll also learn the basics of the tcpdump and NetFlow tools. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operation
2 videos |
30m
Assessment
Badge
CBROPS: Firewall, Filtering, Visibility, & Control Data
A key part of your role as an SOC data analyst is knowing what tool will give you the type of data type you want to analyze. In this course, you'll learn about useful next-gen and stateful firewall data. You'll explore content filtering, as well as web and e-mail content filtering, and why they are useful. Next, you'll review application level visibility and control data. Finally, you'll learn how the use of different technology can cause unexpected data visibility challenges. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.
4 videos |
1h 2m
Assessment
Badge
CBROPS: Data & Attack Types
In this course, you'll learn about data types that provide valuable information for security monitoring. You'll explore different network attacks, including protocol-based, DoS, DDoS and MITM attacks. Finally, you'll also look at common web application attacks like SQL injection, command injection, and cross-site scripting. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.
3 videos |
52m
Assessment
Badge
CBROPS: Social Engineering, Evasion, Obfuscation, & Certificates
In this course, you'll examine multiple examples of social engineering attacks that you should be familiar with as an analyst. Attacks are not always easily identified, so you'll learn about the different evasion and obfuscation techniques. Finally, you'll learn about the different components of digital certificates and what these components do. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.
3 videos |
53m
Assessment
Badge
CBROPS: Host-based Analysis & the Role of Attribution
In this course, you'll learn about host-based attacks in their various forms. Next, you'll explore components of Windows 10 and Ubuntu that are useful in host-based analysis. Finally, you'll examine the concept of attribution and its importance when investigating an organizational security breach. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.
4 videos |
1h 9m
Assessment
Badge
CBROPS: Log Evidence, Disk Images, & Malware Analysis Output
In this course, you'll examine the importance of logs, as well as types of evidence that can be acquired from them. Next, you'll learn how critical disk images can be during an investigation and about the comparisons and analysis that can transpire in an investigation. Finally, you'll review some of the most important information that can be found in the out of malware analysis tools. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.
3 videos |
51m
Assessment
Badge
CBROPS: Security Events, Firewall Operations, & Traffic Analysis
In this course, you'll learn to categorize intrusion events according to the cyber kill chain and diamond intrusion models. Next, with so many tools available, you'll examine which ones should be used to identify different security events. You'll learn the differences between deep packet inspection, packet filtering, and stateful firewall operations. Finally, you'll review the differences between inline traffic interrogation, taps, and traffic monitoring. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.
4 videos |
1h 12m
Assessment
Badge
CBROPS: File Extraction, Event Artifacts, & Regular Expressions
In this course, you'll learn how to extract files from a TCP stream from a PCAP file using Wireshark. Next, you'll explore how to identify intrusion elements from a given pcap file using Wireshark. You'll learn how to interpret common artifacts from events for an alert using the Cisco FMC. Finally, you'll examine how to use basic regular expressions with grep and the Cisco CLI. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.
4 videos |
1h 6m
Assessment
Badge
CBROPS: Incident Response, Security Management, & Analysis
In this course, you'll review NIST800-86 to learn basic forensic techniques for incident response. You'll examine management concepts needed to be known and addressed in a security policy. Finally, you'll explore the relationship between metrics and scope analysis in a SOC. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.
3 videos |
54m
Assessment
Badge
CBROPS: Protected Data, Profiling, Forensics, & IRP
In this course, you'll learn how to identify protected data in a network, as well as how to identify elements in network and server profiling. You'll explore the use of NIST SP 800-61 to identify forensic elements and how to apply them to the incident handling process. Finally, you'll learn how NIST SP 800-61 guides incident handling and review the elements of an incident response plan. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.
4 videos |
1h 7m
Assessment
Badge
EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE TRACKS
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.
