Aspire Journeys
611 Authorizing Official KSAT Intermediate NCWF Journey
- 62 Courses | 68h 11m 7s
Senior official or executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation (CNSSI 4009).
611 Authorizing Official
Senior official or executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation (CNSSI 4009).
- 62 Courses | 68h 11m 7s
COURSES INCLUDED
Pen Testing for Software Development: The Penetration Testing Process
Penetration testing can identify both known and unknown vulnerabilities and help avoid security breaches. In this course, you'll learn the importance of penetration testing, what system hardening is, and the requirements of penetration testing. You'll then examine the differences between penetration testing and vulnerability assessments, as well as the various types, stages, and methods of penetration testing. Next, you'll learn about white box, black box, and gray box penetration testing, and the differences in penetration testing methodologies. You'll see the available tools for performing penetration testing, as well as the types of outputs resulting from penetration testing. Lastly, you'll learn about penetration testing best practices and how to perform a penetration test.
16 videos |
1h 26m
Assessment
Badge
AWS SysOps Associate 2022: Key & Certificate Management
Using cryptographic solutions helps prevent data tampering and exposure of sensitive data to unauthorized parties, ensuring data confidentiality and integrity. AWS supports the creation and management of encryption keys and digital security certificates. In this course, discover how cryptography can provide data integrity and confidentiality. Then examine the public key infrastructure (PKI) hierarchy and how certificates can be used to secure AWS services. Next, work with AWS Key Management Service (AWS KMS) to manage encryption keys and AWS Certificate Manager to create a private certificate authority (CA) and issue PKI certificates. Finally, practice renewing certificates, enabling HTTPS, and encrypting an Elastic Block Store (EBS) volume. This course can be used to prepare for exam SOA-C02, AWS Certified SysOps Administrator - Associate.
13 videos |
1h 6m
Assessment
Badge
CCSP 2022: Legal Requirements, Privacy Issues, & Risk Management in the Cloud
Cloud computing presents a number of unique risks and issues since it routinely crosses many geographic and political boundaries, and international legislation, regulations, and privacy requirements can conflict with one another. In this course, examine the legal and privacy issues that a Certified Cloud Security Professional can expect to face. Begin by investigating conflicting international laws, eDiscovery, and Cloud Security Alliance (CSA) guidance. Then, focus on personal privacy issues related to protected health information (PHI), personally identifiable information (PII), and privacy impact assessments (PIAs), and compare privacy requirements including ISO/IEC 27018, Generally Accepted Privacy Principles (GAPP), and General Data Protection Regulation (GDPR). Finally, explore risk management by assessing risk management programs and studying regulatory transparency requirements, including breach notification, Sarbanes-Oxley (SOX), and GDPR. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
10 videos |
25m
Assessment
Badge
CompTIA Cloud+: Data Security & Compliance Controls
There may be several ramifications for failing to secure your organization's data in the cloud environment. This could also mean failing to comply with regulatory compliances. In this course, you will learn how mandatory access controls are used to secure cloud services. First, you will learn encryption, hashing algorithms, digital signatures, the access security broker and file integrity monitoring can be used to ensure data security and regulatory compliance. Next, you will learn how data classification, network and access control can be used to secure data. Next, you will learn about data security laws and regulations and the legal requirements for securely storing data. Finally, you will learn about data loss prevention and the components of records management systems including versioning, retention, destruction and write once/read many. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 17m
Assessment
Badge
CompTIA Cloud+: Cloud Troubleshooting Methodologies
Being able to troubleshoot cloud and network issues is important when trying to resolve failures or operational difficulties. In this course, you'll learn to use troubleshooting methodologies to resolve common cloud issues. First, you'll examine how to resolve cloud related issues using the troubleshooting methodology. Next, you'll explore how to resolve network security group misconfigurations issues and network connectivity issues. You'll then move on to learn about resolving network routing and firewall connectivity issues. You'll learn about the tools that you can use to troubleshoot and resolve network issues. Finally, you'll learn resource utilization, application performance, and load balancing performance tuning. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.
12 videos |
1h 22m
Assessment
Badge
Microsoft Azure DevOps Solutions: Health & Failure Management
With the right data you can predict the future! In this course you will learn how to design a failure prediction strategy. First, find out how the load on a system that will lead to failure can be anticipated. Then you will see how predictive maintenance can be used as a preemptive remedy. Finally, you'll focus on health checks that can be used to validate the health of the application and its dependencies so that remediation times can be minimized as much as possible. This course is one of a collection that prepares learners for the Designing and Implementing Microsoft DevOps Solutions (AZ-400) exam.
13 videos |
1h 15m
Assessment
Badge
Google Professional Cloud Architect: Designing for Google Cloud Compliance
Compliance is a significant concern for many organizations, and many have historically failed to protect data adequately. In this course you will explore how governance has come to protect data, such as health records, through legislation like HIPAA and COPPA. Then, discover how commercial interests have helped bolster financial stability by setting standards of protecting data via certifications like Personally Identifiable Information (PII) and Payment Card Industry Data Security Standard (PCI DSS) that allow customers and businesses to trust you. In addition, there are specific industry certifications that may need to be met depending on the function of the business you run, rather than the data you keep. You will also focus on the need to maintain careful auditing standards for the integrity of any legal disputes that might arise. Finally, you will focus on use cases that you can expect to encounter in an exam environment. This course is one of a collection that prepares learners for the Google Professional Cloud Architect exam.
12 videos |
59m
Assessment
Badge
Cloud Future: Adapting Cloud Innovation
The impact of future trends allow you to recognize how to build cloud-based applications and architectures that can adopt and adapt to emerging trends, technologies, and processes. In this course, you'll explore future trends in cloud computing and emerging technologies that can help with analyzing their impact on existing cloud operations and practices. You'll learn about solutioning strategies and resource types that can help with adopting emerging technologies and trending features in existing CloudOps architectures. Next, you'll examine cloud application design considerations and the inside-out and outside-in development strategies that can help with adopting and adapting to any futuristic upgrades. You'll learn about how to handle states at the service level, system architecture design considerations, and the use of Adapter pattern to build architectures that adopt and adapt to futuristic innovations. You'll examine the Minimum Valuable Increment design approach, the Manifesto for Future Generation Cloud Computing, and the manifesto areas that are relevant for aligning with the future research directions.
14 videos |
1h
Assessment
Badge
CRISC 2023: Data Privacy
Data privacy is a foremost concern for most organizations. Compliance with laws and regulations feeds into risk management. In this course, you will discover the characteristics of Personally Identifiable Information (PII) and techniques to prevent sensitive data leakage. Then you will explore data loss prevention (DLP) and learn how to implement DLP using Microsoft Purview. Next, you will examine various data privacy and security standards including International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) standards, General Data Protection Regulation (GDPR), the Federal Risk and Authorization Management Program (FedRAMP) and the Health Insurance Portability and Accountability Act (HIPAA). Finally, you will focus on the Payment Card Industry Data Security Standard (PCI DSS), Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and China's Personal Information Protection Law (PIPL). This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.
12 videos |
1h 7m
Assessment
Badge
CRISC 2023: IT Baselines
Organizations must consider compliance with applicable laws and regulations through the management of security controls. IT systems and on-premises and cloud data can be secured, and compliance achieved using a variety of methods. In this course, explore various cloud provider compliance program details and how to use AWS conformance packs to track configuration compliance in the AWS cloud. Next, discover how security baselines are created and establish a performance baseline on the Windows Server platform and Azure Cloud. Finally, learn how to configure Azure Blueprints for a repeatable and compliant cloud environment and use Azure Policy to check resource configuration compliance. This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.
9 videos |
49m
Assessment
Badge
CRISC 2023: Authentication
Hardening authentication processes makes it more difficult for attackers to compromise accounts. Managing users and groups allows for access to required resources. In this course, you will explore authentication methods, including passwordless login. Then, you will learn how to manage Linux users and groups using the command line and how to enable Secure Shell (SSH) public key authentication. Next, you will manage Windows and cloud users and groups and examine dynamic membership cloud-based groups. Finally, you will configure multi-factor authentication (MFA) for users and explore identity federation. This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.
11 videos |
59m
Assessment
Badge
CRISC 2023: Authorization
Strong authorization settings limit permissions to resources for authenticated entities. Cybersecurity analysts must be aware of how to not only configure resource permissions, but also how to evaluate existing permissions to ensure adherence to the principle of least privilege. In this course, you will discover how authorization is related to, but differs from, authentication. Then, you will explore access control models, such as role-based access control (RBAC) and attribute-based access control (ABAC). Next, you will find out how to manage Linux and Windows file system permissions using the command lines. Finally, you will learn how to configure Windows dynamic access control, work with privileged access management in Linux using sudo, and manage RBAC permissions in the Microsoft Azure cloud. This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.
10 videos |
53m
Assessment
Badge
CRISC 2023: Cryptography
Confidentiality, integrity, and availability are core pillars of IT security governance. Cybersecurity analysts can harden IT environments using various encryption and hashing techniques. In this course, examine how the CIA triad relates to IT security and how cryptography protects sensitive data. Next, discover how to configure Encrypting File System (EFS) file encryption and Microsoft BitLocker encryption, and use a customer-managed key to enable encryption for an Azure storage account. Then learn how to hash files in Linux and Windows. Finally, find out about hardware security modules (HSMs) and the Trusted Platform Module (TPM), how Transport Layer Security (TLS) supersedes the Secure Sockets Layer (SSL), and how to enable HTTPS. This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.
14 videos |
1h 18m
Assessment
Badge
CRISC 2023: Network Security
Organizations should secure resource access while remaining compliant with relevant laws and regulations. One way to do this is to ensure proper network security controls are in place and reviewed regularly. In this course, learn about the OSI model layers, their relevance to network security controls, and the security aspects of network switching and network access control. Next, explore DHCP and DNS security issues, Wi-Fi authentication methods, and how to harden a DHCP and DNS deployment on Windows Server. Finally, discover the importance of honeypots and honeynets, how to implement a honeypot, how to analyze captured network traffic, and the purpose of an interconnection security agreement. This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.
15 videos |
1h 29m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Network Security Concepts
Cybersecurity policies often require detailed network configuration changes and additions. Technicians must be proficient with the configuration and management of various TCP/IP protocols. In this course, I will start by discussing the Open Systems Interconnection (OSI) model, network switching, and network access control. Next, I'll discuss the TCP/IP protocol suite as well as IPv4 and IPv6 addressing. I will then discuss network routing, dynamic host configuration protocol (DHCP), domain name system (DNS) and Wi-Fi authentication methods. Lastly, I will cover virtual private networks (VPNs), IP Security (IPsec) and network time synchronization. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
14 videos |
1h 29m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Managing Network Settings
Modern IT solutions communicate over various types of networks. Cybersecurity analysts must be able to configure and secure the ways that devices communicate over these networks. In this course, I will begin by creating on-premises and cloud-based virtual networks, followed by managing IP addressing on Linux, Windows, and in the cloud. Next, I will manage routing table entries in the cloud and implement domain name system (DNS) and Dynamic Host Configuration Protocol (DHCP) security. Lastly, I will harden a Wi-Fi router and configure IPsec in Windows. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
11 videos |
59m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Cloud Computing & Cybersecurity
Cloud computing is an integral part of IT solutions for individuals and organizations. A knowledge of how cloud computing services are deployed and managed is a requirement for securing cloud-based resources. In this course, I will start by discussing cloud computing deployment models, such as public and private clouds, followed by discussing various cloud computing service models. Next, I will cover a variety of cloud computing security solutions, and I will deploy Linux and Windows cloud-based virtual machines. I will then deploy a web application in the cloud, cover the Cloud Controls Matrix (CCM) security controls, and work with Microsoft Azure managed identities. Lastly, I will discuss and configure a content delivery network (CDN). This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
12 videos |
1h 10m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Data Security Standards
To remain compliant with relevant data privacy laws and regulations, organizations must have a way of identifying sensitive data and implementing security controls to protect that data. In this course, explore how physical security is related to digital data security, examples of personally identifiable information (PII), and how data loss prevention (DLP) solutions can prevent data exfiltration. Next, learn about common data privacy regulations and standards, including GDPR, HIPAA, and PCI DSS. Finally, discover how to use Amazon Macie and File Server Resource Manager to discover and classify sensitive information and learn about the importance of service level objectives (SLOs) and service level agreements (SLAs). This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
11 videos |
1h 3m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Threat Intelligence Information
Cybersecurity analysts and security tools can reference a variety of threat intelligence sources to keep up to date with the latest threats and mitigations. These can be used to help keep organization security policies as effective as possible. In this course, examine different threat intelligence sources, the common vulnerabilities and exposures (CVEs) website, and the MITRE ATT&CK knowledge base. Next, discover how the OWASP Top 10 can help harden vulnerable web applications, how advanced persistent threats (APTs) are executed, and common ISO/IEC standards. Finally, learn how to analyze CIS benchmark documents, the Common Vulnerability Scoring System (CVSS), common organization security policy structures, and how organizational culture relates to IT security. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
12 videos |
1h 9m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Authentication
Hardening authentication processes makes it more difficult for attackers to compromise accounts. Managing users and groups allows for access to required resources. In this course, you will explore authentication methods, including passwordless login. Then you will learn how to manage Linux users and groups using the command line and how to enable Secure Shell (SSH) public key authentication. Next, you will install and configure a Lightweight Directory Access Protocol (LDAP) server and client, manage Windows and cloud users and groups, and examine dynamic membership cloud-based groups. Finally, you will configure multi-factor authentication (MFA) for AWS users, manage Windows password policies, and discover identity federation. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.
13 videos |
1h 19m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Authorization
Strong authorization settings limit permissions to resources for authenticated entities. Cybersecurity analysts must be aware of how to not only configure resource permissions, but also how to evaluate existing permissions to ensure adherence to the principle of least privilege. In this course, you will discover how authorization is related to, but differs from, authentication. Then you will explore access control models, such as role-based access control (RBAC) and attribute-based access control (ABAC). Next, you will find out how to manage Linux and Windows file system permissions using the command lines. Finally, you will learn how to configure Windows dynamic access control, work with privileged access management in Linux using sudo, and manage RBAC permissions in the Microsoft Azure cloud. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
9 videos |
52m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Cryptography
Confidentiality, integrity, and availability are core pillars of IT security governance. Cybersecurity analysts can harden IT environments using various encryption and hashing techniques. In this course, examine how the CIA triad relates to IT security and how cryptography protects sensitive data. Next, discover how to configure EFS file encryption and Microsoft BitLocker encryption, and use a customer-managed key to enable encryption for an Azure storage account. Finally, learn how to hash files in Linux and Windows, about hardware security modules (HSMs), and how TLS supersedes SSL. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
12 videos |
1h 5m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Firewalls & Intrusion Detection
Firewall solutions control which types of network traffic are allowed into, through, or to leave a host or network. Cybersecurity analysts must know which type of firewall is needed for a given requirement as well as the placement of the firewall solution on the network. In this course, you will begin with a comparison of firewall types such as packet filtering, next-generation, and web application firewalls and learn how to determine their placement on the network. Then you will configure Windows Defender and Linux firewall settings. Next, you will configure Azure network security group firewall rules and explore the role played by forward and reverse proxy servers. Finally, you will install the Squid proxy server on Linux, find out how intrusion detection and prevention systems can address security concerns, and install and configure the Snort IDS. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
10 videos |
56m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Vulnerability & Penetration Testing
Vulnerability scanning identifies host and network vulnerabilities and must be an ongoing task. Penetration testing is an active security method by which there is an attempt to exploit discovered vulnerabilities. In this course, you will discover how to plan for, schedule, and execute vulnerability assessments, identify common vulnerability scanning tools, and conduct an nmap scan. Next, you will use Nessus and Zenmap to execute security scans and text web app security using the OWASP Zed Attack Proxy (ZAP) tool. Then you will explore penetration testing and the Metasploit framework and use the Burp Suite tool as an HTTP intermediary proxy. Finally, you will learn how to manage Azure policy, investigate potential indicators of compromise, and examine how IT security relates to industrial control systems. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
14 videos |
1h 21m
Assessment
Badge
CompTIA Cybersecurity Analyst+: Secure Coding & Digital Forensics
Security must be included in all phases of IT system and software development designs. Continuous integration and continuous delivery/deployment (CI/CD) integrates development and ongoing management of IT solutions. Cybersecurity analysts must understand IT governance and digital forensics concepts. Begin this course by examining the role of security in the software development life cycle (SDLC). Then you will explore CI/CD and learn how Git is used for file version control. Next, you will discover how the Control Objectives for Information and Related Technologies (COBIT) framework applies to IT governance and you will investigate digital forensics. Finally, you will configure legal hold settings for a cloud storage account and list common digital forensics hardware and software solutions. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.
10 videos |
55m
Assessment
Badge
CompTIA Network+: Well-known Ports & Protocols
In terms of computer networks, protocols are used to provide a required set of rules that enable computers to exchange information. Well-known Internet protocols include Transmission Control Protocol/Internet Protocol, User Datagram Protocol/Internet Protocol, File Transfer Protocol, and Hypertext Transfer Protocol. Ports, by comparison, are used to identify a type of network or specific process. Port numbers, ranging from 0 to 65535, are typically divided into three categories - well-known ports, dynamic ports, and registered ports. In this course, you'll learn about the most commonly-known ports in use on a computer network today. These include File Transfer Protocol, Simple Mail Transfer Protocol, Domain Name System, and Hypertext Transfer Protocol. You'll examine how HTTP uses the reserved port 80 and enables computers to send and receive Web client-based communication and messages from a Web server, including web site pages and data. Next, you'll explore other key ports including, port 25, reserved for Simple Mail Transfer Protocol and how SMTP allows e-mail clients and services to send out e-mails. You'll learn how port 100, reserved for Post Office Protocol v3 and port 143, reserved for Internet Message Access Protocol, allow for e-mail clients to retrieve e-mail messages from a mail server over a TCP/IP connection. Lastly, you'll learn about Secure Sockets Layer and how it can be incorporated into POP3 and IMAP implementations to enable more secure encrypted e-mail communications
23 videos |
2h 39m
Assessment
Badge
CompTIA Network+: Network Troubleshooting Methodologies & Tools
If an incident or outage occurs, network administrators must be able to respond effectively and resolve network problems in a timely fashion. In this course, you'll learn about best practices for identifying a problem, establishing a theory of probable cause, testing theories, formulating a plan of action to resolve a problem, implementing a solution, or escalating the issue. You'll explore how to verify full system functionality and document findings, actions, outcomes, and lessons learned. You'll examine how to troubleshoot common cable connectivity issues and explore network specifications and limitations, cable considerations, and common issues such as attenuation, interference, bad ports, and duplexing issues. Lastly, you'll learn about common cable connectivity tools including cable crimpers, punchdown tools, tone generators, loopback adapters, and cable testers. This course is one of a collection of courses that prepares learners for the N10-008: CompTIA Network+ certification exam.
20 videos |
1h 59m
Assessment
Badge
CompTIA Server+: Network Communications
Learning the various aspects of network communications hardware and software is vital to anyone working in a server environment. Use this theory and practice-based course to get a grip on configuring virtual networks and virtual network interface cards (NICs). Explore how network communications hardware and software map to the OSI model. Identify different types of communication networks such as LAN and VLAN. Then, learn how network switching and network routing work. Moving on, practice deploying a hypervisor virtual network. Next, practice configuring IP routing in the cloud and virtual network peering. Then, identify various types of NICs and cables. And finally, practice configuring on-premises and cloud-based virtual machine NICs. Upon completion, you'll be able to identify various network models and configure virtual networks and virtual NICs. You'll also be a step closer to being prepared for the CompTIA Server+ SK0-005 certification exam.
12 videos |
1h 12m
Assessment
Badge
CompTIA Server+: Network Firewalls
In cybersecurity, firewalls control what type of traffic is allowed into or out of a server or network. There are a variety of firewall types designed for specific use-cases and these solutions can come in the form of a dedicated hardware or software appliance, or could be software running within a general purpose operating system. Discover common network and wireless security threats and mitigations, and how packet filtering firewalls work. Learn to configure a Windows and Linux firewall and work with cloud-based packet filtering in AWS and Microsoft Azure. Finally, discover how proxy servers and network address translation (NAT) work in securing the network. Upon completion, you'll be able to select and implement the appropriate firewall solution on-premises and in the cloud. This course is part of a collection that prepares you for the CompTIA Server+ SK0-005 certification exam.
14 videos |
1h 32m
Assessment
Badge
CompTIA Server+: Data Privacy & Protection
Data privacy has become engrained in laws and regulations all over the world. Server technicians must take the appropriate steps to secure sensitive data in alignment with applicable laws and regulations. Discover items that constitute personally identifiable information (PII) and protected health information (PHI) and identify common data security standards such as GDPR, HIPPAA, and PCI DSS. Differentiate between various types of malware and discover how the art of deception is practiced through social engineering. Next, examine data loss prevention (DLP) and implement data discovery and classification on-premises and in the cloud. Lastly, examine key storage media destruction techniques. Upon course completion, you'll be able secure data in alignment with applicable laws and regulations. You'll also be more prepared for the CompTIA Server+ SK0-005 certification exam.
11 videos |
1h 3m
Assessment
Badge
CompTIA Server+: Server Troubleshooting
The importance of ongoing server management for server technicians cannot be overstated. At the least, it helps them avoid being overwhelmed by troubleshooting hardware problems in a crisis. With this course, gain confidence in server troubleshooting. Explore the steps in the CompTIA troubleshooting process. Then, work with the Windows, Linux, and cloud services logs, followed by implementing centralized Windows and Linux logging hosts. Moving on, examine common hardware and software problems encountered in server environments. Next, work with the common Windows and Linux network troubleshooting commands. And finally, learn how to monitor the performance of Windows and Linux servers. Upon completion, you'll be able to identify the common server hardware and software problems and troubleshoot them. You can also use this course to prepare for the CompTIA Server+ SK0-005 certification exam.
15 videos |
1h 41m
Assessment
Badge
Forensic Analysis: Cybercrime Investigations
Cybercrime investigators are typically responsible for collecting, processing, analyzing, and interpreting digital evidence related to network vulnerabilities, criminal activity, and counterintelligence initiatives. In this course, you'll explore the basics of network packet capturing, a process used to intercept and log traffic occurring over a network. You'll also examine the purpose and features of some standard tools and techniques to preserve and analyze a computer system's most volatile data. You'll then learn to use some of these tools and techniques to achieve various digital forensic analysis goals. Next, you'll recognize computer forensic best practices, including locating evidence in the Windows Registry. Finally, you'll learn how to differentiate between the purpose and features of the various tools available for conducting hard disk forensic analysis.
17 videos |
1h 37m
Assessment
Badge
Defensive CyberOps: Defensive Cyberspace Operations
A well-planned and properly executed DCO mission will enable the cyber warrior to repel attacks and rapidly prepare for offensive action. In this course, you'll learn the principles of Defensive Cyber Operations, including measures and responses. You'll explore cybersecurity and cyberspace operations in DCO. Next, you'll look at DCO analytics, missions, and operating domains. You'll explore the role of the mission owner and network owner in DCO, as well as planning considerations. Finally, you'll learn about cyberspace threats that may occur during the course of maneuver operations and common security and system tools used in DCO.
14 videos |
42m
Assessment
Badge
Enterprise Architecture: Architectural Principles & Patterns
In this 18-video course, learners can explore software architecture concepts, including the view model, consumer-driven contracts, architectural patterns, and architectural styles and solution patterns used to manage common machine learning issues. Begin by examining software architecture and the benefits it provides, and then the principles that should be followed when designing architecture for applications. You will discover the 4+1 view model and associated views, and learn to recognize software architectures, and the principles of developing enterprise architecture. Recall architectural principles for business, data, and technology, and the fundamental principles guiding service-oriented architecture (SOA) and use of the SOA maturity model. Next, explore serverless architecture; Backend-as-a-Service; the features of evolutionary architecture; and learn to recognize benefits of documenting architecture. Examine the structure of a software project team; the concept and characteristics of consumer-driven contracts; the dimensions of architecture that should be coupled to provide maximize benefit with minimal overheads and costs; and activities and tasks that software architects perform. Finally, take a look at architectural patterns and styles that can be adopted to eliminate common problems.
18 videos |
1h 34m
Assessment
Badge
Enterprise Architecture: Design Architecture for Machine Learning Applications
Explore software architectures used to model machine learning (ML) applications in production, as well as the building blocks of ML reference architecture, in this 11-video course. Examine the pitfalls and building approaches for evolutionary architectures, Fitness function categories, architectural planning guidelines for ML projects, and how to set up complete ML solutions. Learners will begin by studying the basic architecture required to execute ML in enterprises, and will also take a look at software architecture and its features that can be used to model ML apps in production. Next, learn how to set up model ML apps; examine ML reference architecture and the associated building blocks; and view the approaches for building evolvable architectures and migration. Recognize the critical pitfalls of evolutionary architecture and antipatterns of technical architecture and change. Finally, observe how to set up complete ML solutions and explore the Fitness function and its associated categories. Conclude the course with an exercise on architectural planning guidelines for ML projects, with a focus on model refinement, testing, and evaluating production readiness.
11 videos |
59m
Assessment
Badge
Authentication & Encryption: Best Practices
In this 14-video course, explore the authentication, authorization, and encryption options that a security architect will need on a day-to-day basis. The focus will be on two fronts-from a network security standpoint including cloud services, and internal solutions in an Agile and DevOps environment. Begin with a look at authentication, authorization, and encryption factors and how they fit together, then look at methods of authentication and best practices. This leads into methods of authorization and access control; the use of encryption methods and best practices in implementing encryption; and key symmetry-differentiating between public and private keys and their ciphers. Examine methods of keeping login and authentication credentials secure; view system authentication and authorization through user account administration in Linux, and handle security policy trade-offs in situations where solutions might not align with policy. Discover Secure Shell (SSH) configuration, and implementing and securing remote access to a system using SSH; create secure certificates and keys using OpenSSL; verify software package authenticity by using OpenSSL, and file encryption and file decryption with OpenSSL.
14 videos |
56m
Assessment
Badge
Digital Forensic Techniques & Investigative Approaches
In this 14-video course, learners can explore digital forensics best practices and techniques and how they relate to investigations, data integrity, proper evidence handling, and legal privacy considerations. To begin, study an overview of digital forensics, and different types of forensics including computer, mobile, network, vehicle, and the Internet of Things (IoT). Learn how to differentiate between criminal, civil, and intellectual property investigations, and examine a typical methodology or investigative approach, including preservation, collection, examination, analysis, and presentation in court. Explore procedures to properly establish and maintain chain of custody; recognize best practices and considerations when working with digital evidence, and examine the roles of forensic laboratories and hardware and software tools. Learn how to recognize legal considerations, including search warrants and privacy considerations; delve into challenges of working with cloud computing environments; and recognize how viruses and other malware work. Learn the importance of ethical decision making related to digital forensic work, and approaches and techniques used when working with live or volatile data. The exercise involves applying digital forensic best practices.
14 videos |
57m
Assessment
Badge
Ethics & Privacy: Digital Forensics
This 12-video course examines the concept of ethics as it relates to digital forensics, including reasonable expectation of privacy, legal authorization, and the primary function of attorney-client privilege and confidentiality. The legalities surrounding digital forensics investigative techniques and standards for analyzing digital evidence are also covered. Begin with a look at the definition of what is considered a reasonable expectation of privacy. You will then learn to differentiate between legal authorization forms such as consent forms and warrants. Next, explore the primary function of attorney-client privilege and confidentiality, and recognize the legalities surrounding digital forensics investigative techniques. Delve into the need for ethics in digital forensics, and the best practices for ethics and forensics. Discover steps for regulating ethical behavior; recognize possible conflicts of interest and how to avoid them; and examine the importance of ongoing training for both investigators and management on the importance of ethics. The final tutorial in this course looks at different standards for analyzing digital evidence.
12 videos |
34m
Assessment
Badge
Security Program Regulatory Integration
In this 12-video course, learners will discover the importance of integrating regulations with organizational security policies. Explore security standards such as General Data Protection Regulation (GDPR); Health Insurance Portability and Accountability (HIPAA); and Federal Information Security Management Act (FISMA), as well as the International Organization for Standardization (ISO), and National Institute of Standard and Technology (NIST). To begin, determine how to establish the importance of building regulatory compliance into a company's IT security program. You will then examine Personally Identifiable Information (PII), and Protected Health Information (PHI). This leads into the subject of Payment Card Industry Data Security Standard (PCI DSS), and what it entails. You will learn how HIPAA protects medical information; how GDPR protects European Union citizen data, and how the Gramm-Leach-Bliley Act (GLBA), applies to financial institutions. You will also identify how FISMA strives to protect sensitive US Government information, and recognize both NIST and ISO security standards. To conclude the course, you will discover how the Sarbanes-Oxley Act (SOX), requires organizational financial transparency.
12 videos |
38m
Assessment
Badge
Risk Analysis: Security Risk Management
In this 14-video course, learners can explore security risk management concepts and discover how to assess, categorize, monitor, and respond to organizational risks. Examine key terms such as threats, vulnerabilities, impacts, and risks, and the steps involved in the National Institute of Standard and Technology (NIST), risk management framework (RMF). Begin by learning how risk relates to information systems, and look at the concepts of managing risks, differentiating between threats, vulnerabilities, impacts, and risks. Examine the first step of the NIST RMF, categorizing risk, and then the second RMF step, selecting security controls. Next, observe the third step, implementing security controls; the fourth step, assessing security control effectiveness; the fifth step, examining risk, and output of security controls assessment to determine whether or not the risk is acceptable; and the last step, monitoring controls. Recognize benefits of a control-focused risk management approach; the benefits of an event-focused risk management approach; and risk communication. Finally, explore risk response and remediation, and differentiating between different risk responses such as accepting, avoiding, mitigating, sharing, or transferring risk.
14 videos |
38m
Assessment
Badge
Mitigating Security Risks: Cyber Security Risks
Effective cybersecurity risk management requires intricate knowledge of day-to-day IT security risks, network vulnerabilities, and cyber attacks. In this course, you'll detail several cybersecurity breaches and how best to prevent each one. You'll start with a general overview of what comprises security risks before categorizing different types into information, cloud, and data-related risks. Next, you'll explore cybercrime methods, the motivations behind them, and the security gaps that invite them in. You'll then use real-life examples to detail some commonplace cyberattacks and crimes. Moving on, you'll investigate what's meant by malware and outline best practices to manage worms, viruses, logic bombs, trojans, and rootkits. You'll also learn how to safeguard against malware, spyware, ransomware, adware, phishing, zero-day vulnerabilities, DoS, and backdoor attacks. By the end of the course, you'll be able to outline guidelines and best practices for securing against the most prevalent types of cybercrimes.
13 videos |
1h 16m
Assessment
Badge
Mitigating Security Risks: Information, Cloud, & Data Security Risk Considerations
To keep your organization's data secure, you need to know why your data is at risk and how to protect it using established principles and standards. In this course, you'll explore commonly used techniques to compromise data and how international best practices can help protect against these breaches. You'll start by examining three fundamental information security principles, which define information security policy and help identify risks. You'll then outline data breach methods and identify the targets of these threats. Next, you'll investigate what's meant by 'the human factor' and why it's key to any attack. You'll then study how technologies to secure data and information work under the hood. Moving on, you'll outline primary worldwide information security regulations and governance frameworks. Lastly, you'll examine why the ISO 27017 cloud security principles need to be considered when formulating a cloud security risk management plan.
11 videos |
55m
Assessment
Badge
Cloud Security Management: Legal & Compliance
It is important to understand the different cloud compliance procedures that should be followed by service providers and data owners. It's also vital to be familiar with the various cloud-specific legal compliance guidelines. In this course, you'll learn about international legislation conflicts, cloud-specific risks, legal controls, e-Discovery processes, and requirements for forensic analysis.
9 videos |
47m
Assessment
Badge
Ethical Hacker: Risk Assessment
Ethical hacking is about testing the risk level of an organization. In order to perform effective, professional ethical hacking, a knowledge of risk is essential. In this 10-video course, you will discover how to use the Common Vulnerability Scoring System (CVSS) and how to apply risk management concepts and evaluate risk in accordance with common standards. Key concepts covered in this course include learning to calculate risk levels in a quantitative manner, the preliminary step done in any risk assessment; learning to identify and implement specific responses to risk assess security vulnerabilities by using CVSS; and utilizing the CIA triangle (confidentiality, integrity. and availability) and the McCumber cube to assess risks and threats. Next, learn to apply risk management standards according to NIST 800-37; evaluate security in accordance with ISO/IEC 18045; and learn the COBIT 5 standard, a widely-known standard and way of modeling risk and security. Finally, learn to use Damage, Reproducibility, Exploitability, Affected Users, Discoverability (DREAD), Process for Attack Simulation and Threat Analysis (PASTA), and other risk models.
10 videos |
46m
Assessment
Badge
Ethical Hacker: Secure Technology & Applications
Security devices and software are the technical aspect of security. An ethical hacker must be familiar with security technology in order to effectively conduct tests of the target organization's network. In this 10-video course, you will explore firewall types and usage, SIEM systems, intrusion detection systems and intrusion prevention systems (IDS/IPS), antivirus strategies, Windows Firewall, and how to implement Snort. Key concepts covered in this course include security devices and software concepts, and how they relate to ethical hacking; learning to correctly deploy firewall solutions, their relevance to ethical hacking, and different types and usage; and learning the role of SIEM (security information and event management) and how to deploy SIEM systems. Next, learners observe how to utilize IDS/IPS and its relationship to ethical hacking; learn antivirus concepts and implement an AV strategy; configure the firewall in Windows 10 and Windows Server 2019; and learn to configure Windows Defender. Conclude by learning how to implement basic Snort network IDS, a tool that can be used for simple packet capture or for IDS.
10 videos |
40m
Assessment
Badge
PenTesting for Physical Security
This 14-video course explores physical penetration testing, and how to test a business's infrastructure, including IT assets, its data, people, and physical security to locate any exploitable vulnerabilities. In this course, you will learn why lockpicking is essential in cybersecurity, and you will examine different types of locks and lockpick tools. This course demonstrates several types of penetrations, including EM (electromagnetic security vulnerabilities), dumpster diving, and tailgating, and how to protect against these attacks. You will learn about penetration testing types, including network services, web and client applications, Cloud penetration, penetration testing of wireless networks, and social engineering. Learners will explore several penetration tools, including Kali Linux, which comes with tool such as Nmap, Wireshark, and John the Ripper; the Aircrack suite; OpenVas, and several others. You will learn about web app security testing methodologies. Learners will observe the elements of a successful report, and how to document penetration testing results. Finally, this course demonstrates practicing testing skills by using Grier Demo website.
14 videos |
1h 7m
Assessment
Badge
CISM 2022: Information Security Governance
The best way to improve the enterprise security stance is to align IT security solutions with business objectives. In this course, you will consider how information security must align with business strategies. You will explore the business model for information security and review the importance of identifying and classifying assets critical to a business. Next, you will learn about supply chain security, personnel management, and the components of an information security program. You will discover the relationship between service-level agreements (SLAs) and organizational objectives and discuss the relevance of change and configuration management. Then, consider how to develop organizational security policies. Lastly, explore expense types, chain of custody, organizational culture, and how the Control Objectives for Information Technologies (COBIT) framework applies to IT governance. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
16 videos |
1h 40m
Assessment
Badge
CISM 2022: Security Standards
Global and local security standards, including laws and regulations, are an important input to determine how enterprises deploy and manage security controls. In this course, you will learn how the European Union's General Data Protection Regulation (GDPR) data privacy legislation applies to any organization world-wide handling private EU citizen data. Next, you will explore various International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) standards for proper data governance, followed by American data privacy and cloud security standards such as Health Insurance Portability and Accountability Act (HIPAA) and Federal Risk and Authorization Management Program (FedRamp). Discover how to secure cardholder data as related to Payment Card Industry Data Security Standard (PCI DSS) international security standards and review other data privacy legislation including Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and China's Personal Information Protection Law (PIPL). Lastly, explore the importance of securing cloud service usage in alignment with the Cloud Controls Matrix (CCM). This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
10 videos |
53m
Assessment
Badge
CISM 2022: Managing Risk
Residual risk remains after security controls are put in place to mitigate the impact of threats. The organizational appetite for risk determines what level of residual risk is acceptable. In this course, you will explore how risk management improves business operations by minimizing the impact of realized threats. You will learn how to calculate the cost of mitigating risk compared to the value of the protected asset and determine the cost-benefit analysis and return on investment when implementing security controls. Next, discover the importance of risk assessments, especially where there are changes to some aspect of the business or a specific business process. You will then explore how various risk approaches, such as risk acceptance, avoidance, transfer, and reduction, apply to an organization's tolerance of residual risk. Lastly, discover how risk heat maps are an effective method for communicating various degrees of risk. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
9 videos |
49m
Assessment
Badge
CISM 2022: Data Privacy
Enterprises must comply with relevant laws and regulations related to data privacy. This requires recognizing applicable laws and regulations and implementing the appropriate security controls. In this course, you will explore examples of personally identifiable information (PII) and protected health information (PHI) and learn about data residency implications related to the physical storage location of sensitive data. Next, learn how to reduce the possibility of data exfiltration through data loss protection policies and how to discover and classify data using Amazon Macie and Microsoft Purview governance. Then you will learn to configure data classification on the Microsoft Windows server platform and tag cloud resources for classification purposes. Lastly, explore how to configure Microsoft Azure storage account encryption using a customer-managed key. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
10 videos |
56m
Assessment
Badge
CISM 2022: Assessing Risk
Assessing risk is a crucial activity that enables organizations to evaluate risk exposure for business processes and assets. In this course, you will begin by exploring how to conduct vulnerability assessments and how the results can shed light on security control deficiencies. Next, you will learn how to perform a network vulnerability assessment and review the results, followed by scanning a web application for web app-specific vulnerabilities. You will discover how to conduct a gap analysis to determine the current security posture compared to a desired security posture. Then, you will explore the important aspects of when and how to run penetration tests. Lastly, you will see how to configure Microsoft Azure Policy assignments to determine cloud resource configuration compliance. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
8 videos |
45m
Assessment
Badge
CISM 2022: Implementing Access Control
Authorization allows limited access to resources only after successful authentication. Resources can include IT services such as applications, databases, files, and folders, among others. In this course, explore the role authorization plays in allowing resource access and the various access control models used to ensure least privilege. Next, learn how to configure ABAC through Microsoft Dynamic Access Control, create an Azure dynamic group in the cloud, and use RBAC to grant permissions to Azure cloud resources. Finally, discover how to manage permissions for Windows and Linux-based file systems, handle Windows NTFS file system auditing, and configure Microsoft Active Directory delegated administration. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
11 videos |
1h 2m
Assessment
Badge
CISM 2022: Common Network Security Threats
Some security controls are very specific to the threat that they address. Information security managers must be well versed in common network security threats in order to minimize the impact of realized threats on business processes. In this course, you will start by exploring various types of threat actors and their motivation for attacking networks. You will review industry standards related to categorizing threats, including common vulnerabilities and exposures (CVEs), the MITRE ATT&CK knowledge base, and the OWASP Top 10 web application security attacks. Next, you will learn how bug bounties are paid by companies to ensure the utmost in security for their products, which can influence customer choices. You will discover how various types of network attacks are executed including Wi-Fi attacks, SYN flood attacks, buffer overflow attacks, advanced persistent threats (APTs), and distributed denial-of-service (DDoS) attacks. Lastly, you will see how VPN anonymizer solutions and the Tor web browser can be used for anonymous network connectivity for legitimate as well as illegal purposes. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
13 videos |
1h 14m
Assessment
Badge
CISM 2022: Common Network Security Attacks
Security technicians can benefit significantly by executing network security attacks in a controlled environment. This allows for an in-depth periodic review of security control efficacy related to IT networks. In this course, you will discover how networks can be scanned by attackers seeking potentially vulnerable services using free tools such as Nmap. You will then explore how attackers can compromise a user web browser, how SQL injection attacks can reveal more information than intended by the app designer, and how to configure a reverse shell where the compromised station reaches out to the attacker station, often defeating standard firewall rule sets. Next, you will learn how to spoof network traffic and execute a distributed denial-of-service (DDoS) attack. Lastly, you will discover how to brute force a Windows remote desktop protocol (RDP) connection to gain access to a Windows host. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
9 videos |
49m
Assessment
Badge
CISM 2022: Data Protection with Cryptography
Cryptography provides solutions for ensuring data privacy and integrity. Various firmware and software solutions protect data in transit and data at rest. In this course, you will explore the CIA security triad and how it relates to the organization's security program. You will then review various cryptography solutions and discuss data integrity to assure that tampering has not occurred. Next, you will learn how Hardware Security Module (HSM) appliances and Trusted Platform Module (TPM) firmware provide cryptographic services. You will see how Transport Layer Security (TLS) supersedes the deprecated Secure Sockets Layer (SSL) network security protocol suite followed by discussing virtual private network (VPN) encrypted network tunnels, and the IP Security (IPsec) network security protocol suite. Lastly, you will explore the PKI hierarchy and how public key infrastructure (PKI) certificates are used for digital security throughout the certificate life cycle. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
12 videos |
1h 5m
Assessment
Badge
CISM 2022: Applied Cryptography
The periodic evaluation of the efficacy of cryptographic solutions is possible only with an understanding of how cryptography secures digital environments. In this course, you will explore data integrity by hashing files on the Linux and Windows platforms in an effort to detect unauthorized changes. You will configure a web application HTTPS binding to secure network communications to and from the web application. Then you will deploy a private certificate authority (CA), manage certificate templates, and deploy public key infrastructure (PKI) certificates. Next, you will configure a web application to require trusted client certificates. Finally, you will encrypt data at rest on Linux, on Windows with Encrypting File System (EFS), and Microsoft Bitlocker, and you will configure a cloud VPN connection and implement IPsec on Windows. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
14 videos |
1h 16m
Assessment
Badge
OWASP Top 10: Discovering & Exploiting Web App Vulnerabilities
There are almost two billion web sites in the world today. Many of these sites are not sufficiently protected against attacks. In this course, you'll begin by learning how to install a sample vulnerable web application. Next, you'll explore how to use reconnaissance methods, such as nmap scanning and web app scanning using OWASP ZAP, to discover HTTP hosts and vulnerable applications. You'll learn how to execute attacks including XSS, CSRF, file injection, and denial of service. You'll move on to examine how to capture user keystrokes using a hardware keylogger and capture cleartext HTTP transmissions. Lastly, you'll learn how to forge fake TCP/IP packets and then deploy and secure a cloud-hosted web application.
14 videos |
1h 18m
Assessment
Badge
Secure Programmer: Vulnerabilities
Explore various software vulnerability topics in this 19-video, which opens with a look at specific security vulnerabilities and how to program counter techniques. Then learners receive three tutorials on the OWASP (Open Web Application Security Project) Top 10 vulnerabilities: SQL injection, broken authentication, and cross-site scripting; broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection; and cross-site request forgery, using components with known vulnerabilities, and under protected application programming interfaces (APIs). Examine use of threat models including STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation), PASTA (the Process for Attack Simulation and Threat Analysis), DREAD (Damage, Reproductibility, Exploitability, Affected Users, Discoverability), and SQUARE (Security Quality Requirements Engineering). Use CVE (common vulnerabilities and exposures) vulnerability scoring, and examine Java, Python, C#, and Javascript SQL secure coding examples. Implement Python secure coding to combat SQL vulnerability; C# to combat common code vulnerabilities, and Javascript to combat Cross Site Scripting attacks. Use Common Vulnerability Scoring System (CVSS), and finally, use OWASP Zap and Vega vulnerability scanners to test websites for common vulnerabilities.
19 videos |
1h 11m
Assessment
Badge
SSCP 2021: Understanding & Applying Cryptography
Although cryptography isn't covered until domain 5 of the SSCP CBK, potential exam candidates and security professionals will benefit from foundational knowledge of cryptosystems early in their training. Use this course to grasp the reasons and requirements for cryptography in safe-guarding information, including regulations and governance. Investigate cryptographic techniques, such as hashing and salting, symmetric and asymmetric encryption, and elliptic curve cryptography. Discover what's involves in digital signatures and certificates. Explore cryptographic attacks, cryptanalysis, and countermeasures. And delve into advanced cryptosystems, such as quantum computing and blockchain. Upon course completion, you'll be aware of the various traditional and modern cryptology techniques used to protect data and communications. This course will help you in the lead-up to taking the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
10 videos |
41m
Assessment
Badge
SSCP 2021: Authentication & Trust Architectures
As a security professional, you'll likely have been exposed to the concept of origin authentication. However, in today's modern environment of mobile devices, the Internet of Things, and embedded systems, more robust authentication, authorization, and identity management methods are imperative. Use this course to comprehend how single and multi-factor authentication, single sign-on (SSO), device authentication, and federated access work. Examine the use of trust relationships between domains and what's meant by Zero Trust. And distinguish between various internetwork connections such as the Internet, intranets, and extranets. Upon course completion, you'll be able to detail how and why these authentication mechanisms and trust architectures are used. You'll also be one step closer to being prepared to take the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
7 videos |
33m
Assessment
Badge
SSCP 2021: Fundamental Networking Concepts
Historically speaking, the vast majority of security practitioners, technicians, engineers, and architects come from the field of local and wide area networking. This factor, as well as the importance of protecting data-in-transit, makes networking a critical knowledge area. Use this course to get to grips with several networking concepts and methodologies. Learn to distinguish between the OSI and TCP/IP reference models. Explore network topologies, relationships, and media types. See what's meant by software-defined networking (SDN), Remote Authentication Dial-In User Service (RADIUS), and terminal access controller access-control system plus (TACACS+), among other terms. Examine commonly used ports and protocols. And look into remote access connectivity and virtual private networks (VPNs). Upon course completion, you'll be familiar with several fundamental networking concepts and network access control methodologies. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
9 videos |
50m
Assessment
Badge
SSCP 2021: Identity Management & Access Control Models
Whether you manage one or thousands of digital identities, the expectation for regulatory compliance, top-level security, and speedy access control will be the same. The importance of access control is reinforced by Domain 2 of the SSCP exam, representing 15% of the overall subject matter. Among other topics, this domain covers the identity management lifecycle and access control models. Use this course to gain a clear comprehension of the various aspects of identity management, namely authorization, proofing, provisioning, de-provisioning, maintenance, and entitlement. Furthermore, explore several types of access control models, including role-based and rule-based, and investigate the Bell-LaPadula and Biba mandatory access confidentiality and integrity models. Upon course completion, you'll recognize the identity management and access control techniques needed in your organization. You'll also be further prepared to sit the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
10 videos |
40m
Assessment
Badge
EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE TRACKS
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.YOU MIGHT ALSO LIKE
Rating 5.0 of 1 users
(1)
Rating 5.0 of 1 users
(1)