541 Vulnerability Assessment Analyst Beginner KSAT Journey

Cloud computing refers to the delivery of various computing services over the Internet. It is quickly transforming IT operations and innovation for businesses and individuals alike. In this course, explore what cloud computing is, its importance, and cloud computing's history and characteristics. Next, examine how cloud computing transforms IT operations and reduces costs and how cloud computing supports digital transformation. Finally, learn about various cloud computing/deployment models and future trends in cloud computing, such as edge computing and AI integration. After course completion, you will be able to outline cloud computing's significance, characteristics, and impacts on IT operations.

This 14-video course explores benefits to an organization and the role of penetration testing to protect digital assets and networks. In this course, learners observe how to manage and analyze testing results. You will examine several testing methods, including black box, white box, and grey box testing. Next, you will learn about rules of engagement documents, which is executed prior to starting the penetrations testing. This document outlines rules around the test, and the importance of setting stopping points within a penetration test, and when to stop a penetration test. Explore test findings management, risk, risk tolerance, and how to align recommendations to an organization's needs and goals. You will learn about risk tolerance from a privacy and intellectual property perspective, and how to create good test reports for clients. You will learn to categorize your findings by using CVE (Common Vulnerabilities and Exposure) database, or the CVE details. Finally, you will learn how to communicate needed changes, and to emphasize the importance of further testing after recommendations are implemented.

Security governance is a huge part of overall corporate or organizational governance. The security practitioner must be aware of various governance elements, regulations, laws, standards, policies, and procedures. Begin this course by exploring the elements of governance, including mission charter, leadership, and corporate guidance. Then investigate various laws and regulations like General Data Protection Regulation (GDPR) and HIPAA, standards issued by the International Organization for Standardization and International Electrotechnical Commission (ISO/IEC), and the National Institute of Standards and Technology (NIST), and common policies and standard operating procedures. Next, examine the International Information System Security Certification Consortium (ISC2) code of ethics. Finally, discover security control categories and types. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

A security audit is a systematic and methodical examination of an organization's security infrastructure, policies, and procedures. The goal is to identify vulnerabilities, weaknesses, and potential threats to sensitive information assets, physical assets, and personnel. In this final course, the learner will be exposed to topics such as internal and external audit and attestation, penetration testing audits, user guidance and training, phishing campaigns, and security training monitoring and reporting. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

It is of high importance that organizations operate upon a solid foundation of security principles, concepts, and risk management. It is impossible to reduce security risk until core security and risk management principles are defined. In this course, explore the elements of the confidentiality, integrity, and availability (CIA) triad, along with the essentials of authentication and using non-repudiation services. Next, examine what risk is and the terminology surrounding risk management, threats, and vulnerability. Finally, learn about risk assessment, identification, and treatment and compare qualitative and quantitative risk analysis. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

This 14-video course explores penetration testing, and the role it plays in protecting a company's assets and networks from exploitation and attacks. In this course, users learn how penetration testing can expose security weaknesses. You will also learn about different types of penetration testing, and how to test for common penetration types, and you will examine the importance of penetration testing for an organization. This course demonstrates passive information gathering, or open- source gathering to search for available information about the organization. You will learn to use active information gathering to target the organization's systems, the employees, their networks to gain information. Next, explore several different types of exploits that can cause problems, including buffer overflow attacks, client side and website attacks, password attacks, and port forwarding exploits; and learn how to conduct a privilege escalation attack. Finally, you will examine how penetration testers and bad actors can gain access to a system by using network tunneling.

Highly effective security leaders recognize that they must prioritize and focus their efforts on managing critical security risks. Therefore, once a security risk is identified, it must be carefully evaluated. In this course, you'll identify the activities involved in a risk management process, the importance of risk strategies in the context of work environments, and essential decisions required for managing security risks effectively. Moving on, you'll investigate the components of a risk management plan and how to improve a risk management strategy by increasing risk tolerance and risk appetite. You'll also outline the importance of mitigation plans and discover how to create one in Microsoft Word. Lastly, you'll recognize the role of risk monitoring and control measures in risk management planning and the factors that shape an organization's approach to making decisions in handling risks.

Although new security practitioners can come from development, database, or other backgrounds, the majority of security professionals come from a networking background. It is virtually impossible to separate networking knowledge from security expertise. Begin this course by exploring network types, network devices, and device addressing mechanisms. Then you will discover the Open Systems Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) reference models, logical ports, and the TCP handshake. Next, you will focus on transport layer security (TLS) and IP security (IPsec). Finally, you will examine virtual LANs (VLANs) and Wi-Fi fundamentals. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

Internet Protocol (IP) addresses, which are assigned to network-equipped devices that are part of a Transmission Control Protocol (TCP)/IP-based network, allow computers and other resources to communicate with each other. Explore the basics of IP addressing and networking concepts such as Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP). Begin with an overview of DNS and its benefits. Then take a closer look at the DHCP, its features, and the concept of reservations. Next, discover the use of virtual private networks (VPNs) and look at virtual local area networks (VLANs). Finally, explore the various networking tools including crimpers, Wi-Fi analyzers, and loopback plugs. This course will prepare learners for the CompTIA A+ Core 1 (220-1101) certification exam.

Security risk management is the ongoing process of identifying security risks and implementing plans to address them. Most security professionals should have a solid foundation in this important cross-disciplinary initiative. In this course, you will take a deep dive into security risk management, including risk identification and assessment. Then you will explore risk analysis concepts like qualitative and quantitative analysis and impact/magnitude. Next, you will discover risk treatment and handling strategies, including transfer, acceptance, and exemption. You will examine risk registers and ledgers, key risk indicators, risk owners, and risk thresholds. Finally, you will investigate risk reporting techniques and business impact analysis (BIA) to predict the consequences of a disruption to a business and collect information needed to develop recovery strategies. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

This 14-video course helps learners explore the threat categories in the STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege) model for identifying computer security threats, including spoofing, tampering, repudiation, information disclosure, denial of service (DoS), and escalation of privilege. Key concepts covered in this course include categories of security vulnerabilities using the STRIDE model; how to recognize authenticity and identity spoofing threats; and how to validate integrity and tampering threats. Next, you will learn about authentication threats and non-repudiation, when used in security, for example, when a charge cannot be challenged; learn information threats such as privacy breaches or data leaks; and learn the threat of DoS attacks, a resource disruption attack when a user tries to connect. Learners continue by exploring the privilege escalation threat model; learning to recognize examples of security misconfiguration threats; and observing methods of brute force attacks and key sizes. Finally, learn to perform a local network scan and a targeted remote scan by using Nmap; and learn to perform a DoS vulnerability diagnostic test on a host.

The constant emergence of new security threats, variants, vectors, and technologies is an ongoing challenge to keep up with. In this course, learn about threats, attacks, and threat prevention tools and methods, such as advanced persistent threats (APT) and intrusion detection and intrusion prevention systems. Next, investigate data center security, secure cloud computing, and elements of secure network design, including HVAC and environmental controls, zoning, and VLANs. Finally, explore Zero Trust security initiatives and micro-segmentation, such as network access control (NAC), software-defined networks, and IoT. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

Practically anything that occurs in the enterprise can be called an event, but not all events are negative occurrences. It is the problematic events that are managed with the incident response practice. In this course, you will begin by exploring incident terminology and the goal of incident response. Next, discover the phases of the incident response lifecycle: Preparation, Detection and Analysis, Containment, and Post-incident Activities. Finally, you will explore additional incident response topics, including incident response teams, forensics, and problem management. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

One of the primary goals for an emerging security practitioner is to have a firm grasp of the present threatscape. The learner will build this vital knowledge base in this course. In this course, we will explore threat actor types, attributes, and motivations. Next, we will dive into the use of human vectors and social engineering as well as common attack surfaces. Then we will explore supply chain, application, and O/S and web-based vulnerabilities. Finally, we will cover hardware and virtualization vulnerabilities, cloud vulnerabilities, and mobile device vulnerabilities. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

Malicious software, also known as malware, comes in a variety of attack vectors and characteristics. The ability to stay current with the different malware and variants is one of the biggest challenges for modern security professionals. Begin this course by exploring malware attacks like ransomware, trojan horses, and logic bombs. Then you will investigate physical and network attacks including brute force, denial-of-service, and credential replay attacks. Next, you will focus on application and cryptographic attacks, such as buffer overflow, privilege escalation, collision, and birthday attacks. Finally, you will take a look at password attacks and discover indicators of compromise, like concurrent session usage, blocked content, and impossible travel. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

Penetration testing can identify both known and unknown vulnerabilities and help avoid security breaches. In this course, you'll learn the importance of penetration testing, what system hardening is, and the requirements of penetration testing. You'll then examine the differences between penetration testing and vulnerability assessments, as well as the various types, stages, and methods of penetration testing. Next, you'll learn about white box, black box, and gray box penetration testing, and the differences in penetration testing methodologies. You'll see the available tools for performing penetration testing, as well as the types of outputs resulting from penetration testing. Lastly, you'll learn about penetration testing best practices and how to perform a penetration test.

A penetration tester's toolkit should include a wide range of tools and may vary based on the penetration testing engagement requirements. In this course, you'll explore use cases of tools required during the different phases of a penetration test. You'll examine scanner tools such as Nikto, SQLmap, and WPScan, as well as credential testing tools and debuggers. You'll learn about open-source intelligence tools, as well as wireless and networking tools such as Wireshark. Next, you'll explore web application, social engineering, remote access tools, and other miscellaneous tools. Lastly, you'll learn about common steganography tools and cloud tools. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-002) certification exam.

Vulnerability management is an ongoing process designed to proactively protect computer systems, networks, and applications from cyberattacks and data breaches and is an integral part of your overall security system. Begin this course by exploring threat feeds like open-source intelligence (OSINT), Common Vulnerability Scoring System (CVSS), and Common Vulnerability Enumeration (CVE) to help gather information about potential threats or adversaries. Then you will investigate application vulnerability assessments for assigning severity levels, vulnerability scanning to identify known and unknown weaknesses, and penetration testing to simulate real-world attacks. Finally, you will discover vulnerability response and learn how to validate and report on remediation processes. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

Understanding the network connectivity options in modern operating systems is a vital skill you need as a technician. In this course, you will explore various GUI management tools that can be used when working in Windows. Learn to navigate and configure Control Panel settings and discover how to utilize networking commands in Windows and Linux, and management tools for macOS. Next, you will review how IP addressing, DNS, and DHCP works and observe how to configure Windows DNS and DHCP servers. Finally, learn how to manage various network settings, including those related to Windows Defender and Microsoft Active Directory. Upon completion of this course, you'll be able to use command-line management tools and manage network-related settings in Windows, Linux, and the macOS. This course will help you prepare for the CompTIA A+ Core 2 (220-1102) certification exam.