651 Enterprise Architect KSAT Advanced NCWF Journey

There are several cloud computing fundamental definitions, characteristics, and building block technologies each CCSP candidate should know. Learn about these and other core cloud computing concepts in this CCSP course. Explore the core fundamentals, core concepts, and technologies of cloud computing, such as cloud roles and responsibilities, broad network access, virtualization, and others. Next, study cloud computing's shared considerations and value propositions, including interoperability, agility, security, resiliency, performance, and more. Finally, examine the impact of cloud and related technologies like data science, artificial intelligence (AI), the Internet of Things (IoT), DevSecOps, and others. This is one of a collection of courses that fully prepares the learner for the (ISC)² Certified Cloud Security Professional (CCSP) 2022 exam.

IT management frameworks provide a structured approach to managing and auditing IT assets. Regulations and standards are put in place to ensure that organizations have guidelines to follow for how they deal with information systems. In this course, you will explore IT management frameworks, regulations, and standards, beginning with an overview of IT and data governance, and standards, policies, and procedures. Then you will learn about Control Objectives for Information and Related Technologies (COBIT), IT Infrastructure Library (ITIL), and International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) standards. Next, you will discover risk management and risk treatment. Finally, you will dig into IT maturity models, the Business Model for Information Security (BMIS), the Information Technology Assurance Framework (ITAF), and IT balanced scorecards. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).

Project governance, management, system development, and testing play key roles in information systems. In this course, you will begin by exploring project governance and management, project governance best practices, business cases, and feasibility studies. Then, you will dig into system development methodologies and control identification and design. Finally, you will learn about testing methodologies, beginning with an overview of software testing, unit testing, regression testing, acceptance testing, integration testing, performance testing, and fuzzing. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).

Systems planning, testing, integration, and delivery are key elements of ensuring the timely delivery of system changes or entirely novel solutions. In this course, you will explore the phases of the system development life cycle (SDLC) and IT project management. Next, you will examine continuous integration and delivery (CI/CD) and process improvement, including advantages and common methodologies. Then you will discover infrastructure deployment, system migration and data conversion, and cloud migration assessments. Finally, you will learn about the post-implementation review process and post-implementation activities and best practices. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).

Information is a primary asset of most organizations today. It has a real value and, if compromised, could have real implications for the enterprise. In this course, you will explore considerations for protecting information assets, beginning with cryptography, asymmetric and symmetric encryption, Windows Encrypting File System, and Windows BitLocker. Then, you will learn about file integrity, the public key infrastructure (PKI) hierarchy, the PKI certificate life cycle, and private certificate authorities (CAs). Finally, you will discover certificate templates, manual certificate issuance, securing network traffic, disabling SSLv3, enabling an HTTPS website, and client Secure Sockets Layer (SSL)/Transport Layer Security (TLS) certificates. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).

Even with several years of practical experience in the security field, knowledge and application of specific security concepts and principles may have eluded even the seasoned security professional. Use this course to brush up on some of the vital, core security principles, such as confidentiality, integrity, and non-repudiation. Be reminded of the critical role of security design in the ISO OSI 7-layer Reference Model and the 4-layer TCP/IP Reference Model. Upon completion of this course, you'll be fully attuned to the most fundamental aspects of security. Furthermore, you can use this course to prepare for the CISSP exam.

Security design principles are crucial while designing any security mechanism for a system. This course will help you gain a better understanding of how these principles help develop a secure system, which prevents security flaws and also blocks unwanted access to it. Get familiar with security concepts and principles such as defense in depth, least privilege, and zero trust and explore them further with the help of real-world applications and use cases. After completing this course, you'll be aware of the significance of methodologies for implementing separation of duties, secure defaults, secure failure, and privacy by design while avoiding over-complexity.

The written and published security policy is a critical aspect of security governance in all sizes and types of organizations. Use this course to gain a better understanding of security policy development and implementation. Delve into employment and personnel policies, third-party policies and agreements, as well as security awareness and training. Upon finishing this course, you'll have a foundational knowledge of security governance and will be able to prepare for the CISSP exam.

Cryptology is crucial to network security as it secures data, information, and communication. Take this course to build a strong foundation in cryptography and cryptanalysis - the two aspects of cryptology. This course will help you gain a better understanding of two objectives of the security architecture and engineering domain: selecting and determining cryptographic solutions and understanding methods of cryptanalytic attacks. These will support your exploration of controls and countermeasures to be implemented going forward in the security lifecycle. You'll be able to outline practical cryptographic solutions and cryptanalysis and prepare for the CISSP exam after completing this course.

Identity and access management (IAM) is crucial for businesses in order to identify and mitigate security violations, define user identity, and manage access privileges and authorization. Gain a better understanding of critical concepts, terms, and models needed to build a strong foundation in IAM using this course. Explore different areas of physical and logical control and learn more about security models like Biba and Bell-LaPadula. You will also delve deeper into authorization mechanisms, such as MAC, RBAC, DAC, and ABAC. You will have a better understanding of authentication and authorization fundamentals after completing this course. Further, you can also use this course to prepare for the CISSP exam.

If implemented properly, Identity Access Management mechanisms and protocols can greatly improve an enterprise's visibility and security. This course will help you delve deeper into the practical implementation of identity and access management controls and mechanisms. Explore the implementation of authentication systems like SAML, investigate the management of the identity and access provisioning lifecycle, and discover how the identification of people, devices, and services are managed. You'll also examine authentication and authorization protocols, provisioning and deprovisioning, and accounting, registration, and proofing of identity. After finishing this course, you'll have an understanding of how to effectively use and execute identity and access mechanisms within your organization. Moreover, you can also use this course to prepare for the CISSP exam.

A security professional needs to be acquainted with security architecture and engineering as they determine the design, implementation, monitoring, and securing of systems and networks of an organization. Use this course to explore the fundamentals of security architecture and engineering. Learn more about client-server, databases, and distributed systems, examine IoT, containers, serverless, and microservices, and explore embedded system security and constraints in detail. You'll also get familiar with TPM, HPC, and edge computing security. Upon completion of this course, you'll be able to assess and mitigate the vulnerabilities of modern security architectures, designs, and solutions, as well as understanding the capabilities of securing information systems. Further, you can also use this course to prepare for the CISSP exam.

For an organization to achieve continual improvement and attain a higher level of security maturity, a solid plan for security assessment and testing must be in place. Explore the fundamental aspects of security assessment and testing through this course. You will delve deeper into designing and validating assessment, test and audit strategies, and data collection. This course will also give you a deeper insight into performing security testing, analyzing the output, generating reports, and facilitating audits. After completing this course, you will possess the skills and knowledge to implement appropriate security assessment and testing measures within your organization. Further, you can also use this course to prepare for the CISSP 2021 exam.

Security has become an integral element of the software development lifecycle (SDLC). A security professional needs to be aware of software development methodologies and ecosystems to safeguard their business against data breaches and other security threats. Use this course to learn more about different aspects of software development lifecycles, such as development methodologies, maturity models, security controls, SOAR and SCM in application security, and application security testing. Having completed this course, you'll have a foundational understanding of the different elements of SDLC. Moreover, you can also use this course to prepare for the CISSP 2021 exam.