Aspire Journeys

611 Authorizing Official KSAT Beginner NCWF Journey

33 Courses | 41h 10m 10s

(1)

Senior official or executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation (CNSSI 4009).

611 Authorizing Official

33 Courses | 41h 10m 10s

COURSES INCLUDED

Cybersecurity Awareness: Information Security Fundamentals

With information security a key concern for organizations, it is important to understand the basic concepts of information security and the security concepts that fall within this topic, such as those within the world of cybersecurity. In this course, you'll recall information security fundamentals before examining the broad domains within it. You'll then delve into cybersecurity and explore the various approaches to it. In addition, you'll examine some practical cybersecurity concepts, such as the CIA triad and the security architecture principle. You'll then investigate the actions that expose us to security risks, the roles we play in maintaining or breaching security, and the various security controls that can be implemented to mitigate security-related risks

16 videos | 1h 54m Assessment Badge

Information Security Practices: Multi-year InfoSec Planning

There is no easy way to predict the future of information security. There are however strategies leaders can implement to better plan and prepare for future growth, security, and threats. In this course, examine potential information security threats, how complexity makes them challenging to predict and plan for, and the threats that ransomware, cybercrime, and the growing crime-as-a-service (CaaS) community pose. Next, discover how work shortages and voids created by skills gaps can cause major issues and the impact of recent global pandemics. Finally, explore operational technology, application container risks, and the evolving risks posed by artificial intelligence and machine learning. Upon completion, you'll be able to plan for the future as an InfoSec leader.

15 videos | 1h 17m Assessment Badge

CompTIA IT Fundamentals: Data, CPUs, & Troubleshooting

What goes on under the hood of computers is a marvel of human ingenuity that most people don't stop to consider, even though computers are never far away in our professional or private lives. In this course, you will explore the basics of data, CPUs, and troubleshooting, beginning with an overview of data and information as assets, intellectual property and digital products, and data-driven business decisions. Then you will discover processors, data storage measurements, and throughput measurements. Finally, you will focus on troubleshooting, including the methodology used for preventing, detecting, and remedying the problem. This course helps prepare learners for the CompTIA IT Fundamentals (ITF+) certification exam, FC0-U61.

18 videos | 1h 59m Assessment Badge

CompTIA IT Fundamentals: Internet, Storage, & Computer Systems

When computers first hit the scene, they were a marvel and a mystery to most individuals, but accessibility improvements over time allowed them to become moderately more useful. They then began to extraordinarily change the world with the advent of the Internet. In this course, discover the role and features of the Internet, storage, and computer systems, beginning with the various Internet connection technologies and computer storage types. Next, learn about the various types of computers and the features of mobile phones, tablet devices, and gaming systems. Finally, explore an overview of the Internet of Things (IoT) and the technological advances that enable IoT. This course helps prepare learners for the CompTIA IT Fundamentals (ITF+) certification exam, FC0-U61.

14 videos | 1h 29m Assessment Badge

CompTIA IT Fundamentals: Networking & Wireless Technologies

Computers are immensely useful tools that continue to change the world we live in. Arguably, they would be far less useful without the marvels that are computer networking and wireless technologies. In this course, explore concepts surrounding networking and wireless technologies, including the basics of networking and Internet protocols. Next, learn about the common protocols used every day for browsing the Internet and sending emails. Finally, examine networking devices, firewalls, and wireless technologies, as well as considerations for wireless quality and wireless best practices. This course helps prepare learners for the CompTIA IT Fundamentals (ITF+) certification exam, FC0-U61.

19 videos | 2h 42m Assessment Badge

CompTIA IT Fundamentals: CIA Triad

Computer data is created at a rate that we can barely comprehend. Much of that information is immensely useful and readily available to anyone, but there is a large contingent of information that is and should remain confidential. In this course, you will explore the CIA triad, beginning with the principle of least privilege and concerns surrounding confidentiality, integrity, and availability. Then you will learn about methods for protecting information, including antivirus and antimalware software, firewalls, password security, and safe browsing. Finally, you will discover the importance of patching and updates, best practices for device security, and removing unwanted software. This course helps prepare learners for the CompTIA IT Fundamentals (ITF+) certification exam, FC0-U61.

17 videos | 1h 43m Assessment Badge

CompTIA IT Fundamentals: Privacy & Encryption

In an information age, privacy and security are of paramount importance. We've seen numerous examples of the damage done when information is compromised. With this in mind, organizations spend vast resources to keep information safe and secure for good reason. In this course, you will learn about privacy and encryption, beginning with the basics of Internet and computing privacy. Then you'll explore software and network privacy considerations, security policies and procedures, regulations and considerations for handling information, and password best practices. Finally, you'll delve into encryption technologies and the importance of protecting data at rest and data in transit. This course helps prepare learners for the CompTIA IT Fundamentals (ITF+) certification exam, FC0-U61.

15 videos | 1h 28m Assessment Badge

Introduction to Cyber Operations

Cyber operations is evolving with the trend now focused on performing defensive and offensive security tasks to help assess the security posture of many government agencies and help prevent attacks. In this course, you'll explore the difference between Defensive Cyber Operations (DCO) and Offensive Cyber Operations (OCO), as well as the tasks performed by each. You'll also learn about the Cyber Operations Cycle and its phases, and the responsibilities of each role member of the offensive and defensive teams.

12 videos | 53m Assessment Badge

Intrusion Detection: Best Practices

Intrusion detection systems (IDS) allow you to monitor traffic and send alerts when abnormal activities have been detected. In this 14-video course, you will explore concepts of traffic analysis and IDS, including network forensic analysis, sniffing and sensors, signal and noise, and brute force analysis. To begin, you will examine approaches to network security through traffic analysis, then take a look at tools and techniques used by IDS. Learners will also explore the network forensic approach to computer networks; learn how to describe types of application controls that can be used for traffic analysis; placement and use of sniffing and IDS sensors; and examine concepts of signal and noise when it comes to network traffic analysis. You will learn how to perform IDS with Snort with a sample ruleset; configure Bro to detect common attack patterns; use Wireshark to inspect network packets; and perform nmap scans with methods to evade IDS detection. In the final tutorials, you will perform brute force analysis with nmap, and a mock denial of service (DoS) attack with nmap.

14 videos | 45m Assessment Badge

Information Security for Leaders: An Introduction to InfoSec

Information security, often called InfoSec, consists of tools and processes used to protect data and sensitive information from threats and attacks. In this course, explore the history of information security and discover how to differentiate between cybersecurity and information security. Discover common myths and misconceptions about information security and learn about types of information security, such as infrastructure, cloud, application, and incident response. Next, you will explore security threats, including social media attacks, social engineering, malware, and misconfigurations, and common information security and data protection laws. Finally, you will investigate the responsibilities of a Chief Information Security Officer (CISO), including developing sound security practices, identifying security objectives, conducting awareness and training programs, and ensuring regulatory compliance. Upon completion, you'll be able to recognize the importance of information security and the key roles and responsibilities required to protect an organization

15 videos | 1h 18m Assessment Badge

Information Security for Leaders: Elements of InfoSec

Confidentiality, integrity, and availability, otherwise known as the CIA triad, is a common information security model used by organizations to design and implement their overall security policies and frameworks. In this course, you will learn the basics of confidentiality, integrity, and availability, and discover emerging challenges brought on by big data and the Internet of Things (IoT). Explore the stages of information security risk management (ISRM) and learn how to differentiate between various types of security controls. Discover techniques such as defense in depth, data classification, cryptography, access control, and governance, and the importance of having a sound incident response and management strategy in place. Lastly, learn about the role of investigations and forensics as well as the steps in a forensic investigation such as searching and seizing, acquisition, analysis, and reporting. After course completion, you'll be able to recognize common elements of information security.

15 videos | 1h 54m Assessment Badge

Information Security for Leaders: Elements of an InfoSec Team

There are many elements to a successful InfoSec team, but its goal is always to protect the organization's electronic data and information technology systems. In this course, you will learn about the responsibilities of an IT security team and the many roles required for success. Explore the responsibilities of a chief information security officer and a chief information officer and discover the primary responsibilities of a network security engineer, which include ensuring hardware and software security and updating and patching resources. Next, you will differentiate between the roles of penetration tester, information owner, junior engineer, computer technician, forensic investigator, and digital forensic examiner. Then examine key stakeholder and decision-maker roles. Lastly, explore the role of DevSecOps and list ways it can have a positive impact on information security. Upon completion, you'll be able to recognize the elements of an InfoSec team.

14 videos | 1h 39m Assessment Badge

Managing Enterprise InfoSec Risks & Risk Tolerance

IT security risks can be defined as a combination of the consequences of an event and the associated likelihood of occurrence. They can be managed by an organization through asset-safeguarding strategies. Through this course, learn about managing enterprise information security (InfoSec) risk and risk tolerance. Explore the definition of risk, how it differs from threats and vulnerabilities, and the history of information security. Next, discover common threats to IT systems and data, how to identify and manage security risks, and the key differences between quantitative and qualitative risk analysis. Finally, learn about common risk assessment tools and the differences between penetration testing and vulnerability assessments. Upon completion, you'll be able to outline and manage IT security risks.

15 videos | 1h 44m Assessment Badge

InfoSec Crisis Management & Incident Response

Not only do IT security teams need to be ready to identify security incidents, but they also need to be able to respond to and manage the environment during a crisis. In this course, you'll explore the term 'crisis' and identify crisis management practices. Discover the key components of an organizational crisis readiness program, including planning, training, technology, tools, and continuous improvement. Next, investigate the roles and responsibilities of a crisis management team, examine measures to minimize disruptions, and determine how incident response planning can help organizations better respond to critical incidents. Then, investigate how to best identify incidents and learn how early detection of incidents can be crucial to containing threats. Lastly, explore the various steps of a typical incident response plan, focusing on identification, containment, investigation, eradication, recovery, and lessons learned. After completing this course, you will be able to recognize what constitutes a crisis and respond to and manage security incidents.

15 videos | 1h 34m Assessment Badge

Information Security Practices: InfoSec Vendor Management

Everything comes with pros and cons, and outsourced information security is no exception. Leaders contemplating outsourcing information security products and services will need to trade potential time and money savings for other potential gaps. In this course, explore information security outsourcing, security vendor relationships, and major considerations and challenges associated with outsourcing information security. Next, discover common downsides to outsourcing security services, key steps to consider when choosing a security vendor, and explore vendor risk management. Finally, learn about vendor contracts and the importance of having sound contract language when dealing with security vendors. Upon completion, you'll be able to identify common InfoSec vendors and providers and best practices for outsourcing InfoSec products or services.

13 videos | 1h 24m Assessment Badge

Information Security: NACs & Gateways

Learners will discover key features of network access control (NAC), the importance of NAC in a network, various NAC elements, authentication, and its implementation, in this 12-video course. Explore the risks and challenges associated with BYOD-which means "bring your own device"-and IoT, which is Internet of Things. You will begin the course by examining the security risks introduced by BYOD and IoT, along with their preventive measures. You will then explore the major challenges with BYOD in an organization. The next tutorial defines NAC and the importance it has in a network. This leads into examining the NAC architecture; the different features of NAC; and the impact of an improperly configured NAC. You will learn about the various NAC elements; recall the best practices of implementing NAC, and identify the key points for creating an effective checklist for NAC security. In the final tutorial, learners will be asked to list the NAC authentication methods.

12 videos | 37m Assessment Badge

Information Security: Securing Networking Protocols

Learners can explore the key concept of the common protocols in use, and discover the security issues of the transmission control protocol/Internet protocol (TCP/IP) model and security protocols, in this 10-video course. You will begin by taking a look at the common protocols used in a network, the ports they use, and the type they are and what they do. Next, you will examine some of the security issues of the TCP/IP model at the layer level, of which it has four: application, transport, Internet, and data link. You will also explore the threats, vulnerabilities, and mitigation techniques in network security; identify the types of weak protocols and their replacements; and classify the various types of security protocols. Then learners will continue by examining various ways to use security protocols in different situations; the importance of implementing security protocols. In the final tutorial, learners will explore the security-first mindset and its necessity.

10 videos | 56m Assessment Badge

Information Security: Pen Testing

Explore the key penetration (pen) testing concepts such as vulnerability assessment, types of pen testing, and threat actors, in this 14-video course. Discover why pen testing is needed and investigate tools used for pen testing. Key concepts covered in this course include pen testing, a set of tasks that are performed by ethical hackers against an organization, but in a legal way; steps performed during the pen testing process; and reasons why an organization needs to perform pen testing and distinguish between pen testing and vulnerability assessments. Next, you will compare the different types of pen testing and learn the weaknesses of pen testing; learn the various types of tools used in pen testing and the target selection for pen testing; and learn the types of assets in an organization; compare the types of risk responses that an organization may adapt. Finally, learners observe how to use the Metasploit framework in Kali Linux; and how to create an exploit by using MSFvenom.

14 videos | 1h 34m Assessment Badge

Cybersecurity Awareness: Getting Started with Security Foundations

As organizations become more reliant on IT systems to store all kinds of information, facilitate communication among colleagues and customers, and track business-related statistics, information is becoming more precious and its security increasingly crucial and challenging In this course, you'll explore standard information security concepts and the security-related roles within an organization. You'll examine where various security-related responsibilities fall throughout the organization and the importance of solid strategic planning and decision-making when implementing proper information security. You will also investigate the concept of security governance and the activities involved. Finally, you'll delve into the relationship between an organization's overall business objectives and how information security can promote these.

12 videos | 1h 14m Assessment Badge

Cybersecurity Awareness: Key Security Terms & Concepts

Everyone who connects to the Internet is vulnerable to security threats. Managers need to know the types of security threats their organizations are vulnerable to and their potential impact. In this course, you'll explore the key terms used in cybersecurity. You'll examine different types of threats, threat actors, and targets. You'll investigate advanced persistent threats (APTs), insider threats, and uncertainty in relation to cybersecurity, as well as the various types of malware and security threats

17 videos | 2h 20m Assessment Badge

Cybersecurity Awareness: Exposure to Security Risks

There are security issues everywhere. Managers must keep abreast of security risks and threats. In this course, you'll identify standard security risks and their origins. You'll also learn about more diverse types of security issues and the potential threats to an organization's security. You'll be given examples from daily life that expose us to security risks. To wrap up, you'll outline effective methods to reduce common security risks that render organizations vulnerable via different channels.

11 videos | 1h 38m Assessment Badge

Cloud Security Administration: Regulatory Conformance

While importing data or running workloads on the cloud, it's important to ensure security and be aware of risks. In this course, you'll learn about various cloud regulatory certifications that help ensure that all cloud assets are safe and all procedures have been implemented to protect client data and intellectual rights. You'll also explore the e-Discover process, cloud auditing, service level agreements, and supply chain management.

11 videos | 1h 29m Assessment Badge

Pen Testing Awareness: Results Management

This 14-video course explores benefits to an organization and the role of penetration testing to protect digital assets and networks. In this course, learners observe how to manage and analyze testing results. You will examine several testing methods, including black box, white box, and grey box testing. Next, you will learn about rules of engagement documents, which is executed prior to starting the penetrations testing. This document outlines rules around the test, and the importance of setting stopping points within a penetration test, and when to stop a penetration test. Explore test findings management, risk, risk tolerance, and how to align recommendations to an organization's needs and goals. You will learn about risk tolerance from a privacy and intellectual property perspective, and how to create good test reports for clients. You will learn to categorize your findings by using CVE (Common Vulnerabilities and Exposure) database, or the CVE details. Finally, you will learn how to communicate needed changes, and to emphasize the importance of further testing after recommendations are implemented.

14 videos | 1h 27m Assessment Badge

Penetration Testing Fundamentals

This 14-video course explores penetration testing, and the role it plays in protecting a company's assets and networks from exploitation and attacks. In this course, users learn how penetration testing can expose security weaknesses. You will also learn about different types of penetration testing, and how to test for common penetration types, and you will examine the importance of penetration testing for an organization. This course demonstrates passive information gathering, or open- source gathering to search for available information about the organization. You will learn to use active information gathering to target the organization's systems, the employees, their networks to gain information. Next, explore several different types of exploits that can cause problems, including buffer overflow attacks, client side and website attacks, password attacks, and port forwarding exploits; and learn how to conduct a privilege escalation attack. Finally, you will examine how penetration testers and bad actors can gain access to a system by using network tunneling.

14 videos | 1h 18m Assessment Badge

Certified in Cybersecurity (CC): Core Security Principles & Risk Management

It is of high importance that organizations operate upon a solid foundation of security principles, concepts, and risk management. It is impossible to reduce security risk until core security and risk management principles are defined. In this course, explore the elements of the confidentiality, integrity, and availability (CIA) triad, along with the essentials of authentication and using non-repudiation services. Next, examine what risk is and the terminology surrounding risk management, threats, and vulnerability. Finally, learn about risk assessment, identification, and treatment and compare qualitative and quantitative risk analysis. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

11 videos | 32m Assessment Badge

Certified in Cybersecurity (CC): Security Governance, Policies, & Controls

Security governance is a huge part of overall corporate or organizational governance. The security practitioner must be aware of various governance elements, regulations, laws, standards, policies, and procedures. Begin this course by exploring the elements of governance, including mission charter, leadership, and corporate guidance. Then investigate various laws and regulations like General Data Protection Regulation (GDPR) and HIPAA, standards issued by the International Organization for Standardization and International Electrotechnical Commission (ISO/IEC), and the National Institute of Standards and Technology (NIST), and common policies and standard operating procedures. Next, examine the International Information System Security Certification Consortium (ISC2) code of ethics. Finally, discover security control categories and types. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

10 videos | 25m Assessment Badge

Certified in Cybersecurity (CC): Business Continuity Planning

Many organizations nowadays have become aware of the need for business continuity planning, also known as continuity of operations. The main objective of a business continuity plan (BCP) is for an organization to maintain organizational operations while recovering from a major interruption. In this course, explore the importance and goals of business continuity and continuity of operations, as well as the components of a business continuity plan. Next, learn about business impact analysis (BIA), backup and restore policies, and disaster recovery plans. Finally, investigate the various tests and drills that incident response and business continuity plans should be subjected to. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

10 videos | 30m Assessment Badge

Certified in Cybersecurity (CC): Physical Access Controls

Many security practitioners learn about physical security by comparing it to protecting a medieval castle. Defense in Depth (DiD) relies on multiple layers of independent methods of security and must be used with either an outward-in or inward-out approach. Begin this course by exploring fundamental physical security concepts and mechanisms such as privileged access management (PAM) and segregation of duties (SoD). Then you will focus on badge systems, gate/facility entry, and environmental controls design. Next, you will examine biometric authentication, including crime prevention through environmental design (CPTED). Finally, you will learn about various monitoring systems like syslog, NetFlow, security information and event management (SIEM), and security orchestration, automation, and response (SOAR). This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

10 videos | 34m Assessment Badge

Certified in Cybersecurity (CC): Logical Access Controls

There is often a blurred line between physical and logical access control, as the systems typically function together. In this course, you will explore the logical aspect of Defense in Depth and security controls. Next, you will examine discretionary access control (DAC) and mandatory access control (MAC). Finally, you will define role-based access control (RBAC), rule-based access control (RuBAC), and attribute-based access control (ABAC) and learn about their differences. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

9 videos | 20m Assessment Badge

Certified in Cybersecurity (CC): Networking & Security Infrastructure

Although new security practitioners can come from development, database, or other backgrounds, the majority of security professionals come from a networking background. It is virtually impossible to separate networking knowledge from security expertise. Begin this course by exploring network types, network devices, and device addressing mechanisms. Then you will discover the Open Systems Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) reference models, logical ports, and the TCP handshake. Next, you will focus on transport layer security (TLS) and IP security (IPsec). Finally, you will examine virtual LANs (VLANs) and Wi-Fi fundamentals. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

12 videos | 45m Assessment Badge

Certified in Cybersecurity (CC): Present Threats & Network Security Controls

The constant emergence of new security threats, variants, vectors, and technologies is an ongoing challenge to keep up with. In this course, learn about threats, attacks, and threat prevention tools and methods, such as advanced persistent threats (APT) and intrusion detection and intrusion prevention systems. Next, investigate data center security, secure cloud computing, and elements of secure network design, including HVAC and environmental controls, zoning, and VLANs. Finally, explore Zero Trust security initiatives and micro-segmentation, such as network access control (NAC), software-defined networks, and IoT. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

10 videos | 38m Assessment Badge

Certified in Cybersecurity (CC): Data Security & System Hardening

For many organizations, data is the most critical asset to be secured. Begin this course by exploring the data life cycle, or the different phases a piece of data goes through, from data creation to data destruction. You will focus on each of the six phases, including create, store, use, share, archive, and destroy. Then, you will learn how to log and monitor security events using modern enterprise and cloud-based solutions. Next, you will investigate encryption, hashing, and digital signing. Finally, you will discover system hardening practices like patch management. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

11 videos | 29m Assessment Badge

Certified in Cybersecurity (CC): Security Best Practices & Security Awareness

A mature and successful organization will follow guidance and best practices to better secure all resources. Stakeholders at every level must understand their roles and responsibilities for contributing to a secure environment. In this course, the learner will begin by exploring common security policies, including acceptable use policies (AUPs) and remote access policies. You will then review the processes of configuration and change management. Finally, you will explore security awareness programs and topics, and the security awareness training life cycle. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

8 videos | 24m Assessment Badge

FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE TRACKS

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

Journey 451 System Administrator KSAT Beginner NCWF Journey

(2)

Journey 611 Authorizing Official KSAT Intermediate NCWF Journey

(1)

Journey 652 Security Architect Advanced KSAT Journey

(1)

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills and Salary Report

ESG Impact Report

611 Authorizing Official KSAT Beginner NCWF Journey

611 Authorizing Official

COURSES INCLUDED

EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE TRACKS

YOU MIGHT ALSO LIKE