671 System Testing and Evaluation Specialist

The Open Systems Interconnection, or OSI, model is used to describe how computer systems communicate with each other. Frequently used for troubleshooting network problems, the seven layers of the OSI model are concepts with which all networking professionals should be familiar In this course, you'll learn about each layer of the OSI model. You'll outline how human-readable information, such as emails and chat messages, are transferred over a network, as well as the path this information takes along the OSI model. You'll also examine data encapsulation and decapsulation within the context of the OSI model. You'll outline characteristics for Ethernet headers, IP headers, and TCP/UDP headers, and learn to differentiate between synchronization (SYN) and acknowledgement (ACK) flags. Lastly, you'll recognize the primary differences between maximum transmission unit, or MTU, and maximum segment size, or MSS, and how these concepts relate to data being transmitted over a network.

Network topologies represent how computers are interconnected to form a network. There are five main network topology types - mesh, star, bus, ring, and hybrid - and each offers unique advantages and disadvantages that technicians need to be aware of. In this course, you'll explore the five topologies in detail and learn when to implement each. You'll learn about computer networks such as local area networks, metropolitan area networks, and wide area networks. Next, you explore other computer network types including peer-to-peer, client/server, wireless local area network, personal area network, and campus area network. You'll examine Multiprotocol Label Switching and how it can be used as an efficient alternative to traditional Internet Protocol routing. Lastly, you'll learn about common service related entry points, virtual networking concepts, and the common network provider links such as satellite, digital subscriber line, cable, leased line, and metro-optical

Networking cables and connectors are network hardware components that allow devices to connect and communicate with each other. Different types of network cables exist, each offering different standards, limitations, and speeds. In addition to connecting devices, network cables and connectors are essential for transferring data and information between computers, routers, switches, and storage area networks. In this course, you'll examine common network cabling implementations such as copper and fiber. You'll discover how to differentiate between the different cable types, including twisted pair, coaxial, and twinaxial. You'll also explore the many different connector and transceiver types and learn common cable management responsibilities including working with patch panels and punchdown blocks. Finally, you'll learn how to differentiate between 10BASE-T, 100BASE-TX, 1000BASE-T, 10GBASE-T, and 40GBASE-T copper Ethernet standards, as well as the 100BASE-FX, 100BASE-SX, 1000BASE-SX, 1000BASE-LX, 10GBASE-SR, and 10GBASE-LR fiber Ethernet standards. This course is one of a collection of courses that prepares learners for the N10-008: CompTIA Network+ certification exam

Computers and devices each require a unique identifier, known as an IP address, in order to participate on an IP network. Using a subnet mask, the IP address is divided into a network portion and a host portion. This practice is called subnetting and it allows for an IP network to be logically subdivided or segmented. In this course, you'll learn the fundamentals of public and private IP addresses and how to use Network Address Translation and Port Address Translation to translate addresses. Next, you'll examine the differences between IPv4 and IPv6 addressing, as well as various types of addresses including unicast, multicast, and anycast. You'll learn the basics of base-2 conversions and binary values and examine classes A, B, C, D, and E, which respectively allow you to portion a network into various different sizes. Finally, you'll learn about supernetting, a more advanced form of subnetting, as well as IPv6 concepts, subinterfaces, and virtual IP addresses

In terms of computer networks, protocols are used to provide a required set of rules that enable computers to exchange information. Well-known Internet protocols include Transmission Control Protocol/Internet Protocol, User Datagram Protocol/Internet Protocol, File Transfer Protocol, and Hypertext Transfer Protocol. Ports, by comparison, are used to identify a type of network or specific process. Port numbers, ranging from 0 to 65535, are typically divided into three categories - well-known ports, dynamic ports, and registered ports. In this course, you'll learn about the most commonly-known ports in use on a computer network today. These include File Transfer Protocol, Simple Mail Transfer Protocol, Domain Name System, and Hypertext Transfer Protocol. You'll examine how HTTP uses the reserved port 80 and enables computers to send and receive Web client-based communication and messages from a Web server, including web site pages and data. Next, you'll explore other key ports including, port 25, reserved for Simple Mail Transfer Protocol and how SMTP allows e-mail clients and services to send out e-mails. You'll learn how port 100, reserved for Post Office Protocol v3 and port 143, reserved for Internet Message Access Protocol, allow for e-mail clients to retrieve e-mail messages from a mail server over a TCP/IP connection. Lastly, you'll learn about Secure Sockets Layer and how it can be incorporated into POP3 and IMAP implementations to enable more secure encrypted e-mail communications

With a range from 0 to 65535 split across three groups (those reserved for TCP/IP applications, registered ports, and dynamic ports), differentiating port numbers can be confusing. In this course, you'll learn how to identify and use the most common registered ports You'll examine port 1433, reserved for Structured Query Language (SQL) Server and when to use SQLnet port 1521, Remote Desktop Protocol (RDP) port 3306, and port 5060/5061, reserved for the Session Initiation Protocol (SIP). You'll then outline how IP protocols are used to facilitate Internet Protocol (IP) communication, such as Transmission Control Protocol (TCP), User Datagram Protocol (UDP), Internet Control Message Protocol (ICMP), and Gateway Routing Encapsulation (GRE). Lastly, you'll examine connectionless and connection-oriented services, two data transmission services used to establish and terminate connections, exploring how they behave at the network and transport layers of the OSI model.

All computers and network devices require an IP address to be able to connect to the Internet or other IP devices on an organizational network. In this course, you'll learn about the fundamentals of both DHCP and DNS and how DHCP can help automate the configuration of devices on an IP network. You'll explore start of authority records as well as the various DNS record types used to handle requests and translate domain names into IP addresses. You'll then review key characteristics of both the Network Time Protocol and IP Address Management. Next, you'll examine basic corporate and data center architectures, and common architectures such as three-tiered, spine and leaf. You'll learn key characteristics of software-defined networking and explore the storage area network and common connections types that include fiber channel, fiber channel over Ethernet, Internet small computer, and Systems Interface. Lastly, you'll learn about colocations and the benefits and solutions these data centers can offer. This course is one of a collection of courses that prepares learners for the N10-008: CompTIA Network+ certification exam

Cloud networking is a type of Internet-based network solution that makes resources available to network users via a central, third-party platform that is typically hosted online. In this course, you'll learn about cloud deployment and service models, and explore how to select the appropriate solution depending on your organizational needs. In addition to SaaS, IaaS, and PaaS, you'll explore the benefits of using the desktop as a service software technology. You'll also learn about the relationship between local and cloud resources, as well as relevant security implications and considerations. You'll also examine how multitenancy allows multiple customers of the same cloud vendor to use the same computing resources. Finally, you will explore the effects of elasticity on cloud computing, with a focus on one of the main features of cloud computing, the ability to increase or decrease (scale) the size or power of a cloud solution. This course is one of a collection of courses that prepares learners for the N10-008: CompTIA Network+ certification exam.

Networking devices are instrumental to the delivery of data over a network. In this course, you'll learn about comparing and contrasting various networking devices to determine when and where to use them on a network. You'll also explore common networking devices such as hubs, switches, and routers in addition to network appliances used for more specialized tasks such as the Intrusion prevention system, intrusion detection system, proxy servers, and supervisory control and data acquisition systems. You'll also examine different routing technologies, including dynamic routing concepts and protocols. And you'll explore how to recognize the key differences between the Routing Information Protocol and Open Shortest Path First routing protocols, and recognize how to differentiate between link state, distance vector, and hybrid routing protocols. Lastly, you'll learn about bandwidth management concepts including traffic shaping and quality of service. This course is one of a collection of courses that prepares learners for the N10-008: CompTIA Network+ certification exam

Ethernet switching enables devices such as computers and printers to communicate seamlessly with each other on the same network. In this course, you'll learn about key switching features. You'll also explore different port configurations, how Address Resolution Protocol works, and examine key features of the Neighbor Discovery Protocol. You'll also explore how to install and configure the appropriate wireless technologies and standards and learn how to differentiate between 802.11 standards, and recognize when to implement 2.4 GHz and 5 GHz wireless frequencies. You'll also learn when to deploy a service set identifier as well as basic service sets, the extended service set, independent basic service set (Ad-hoc) and roaming. Lastly, you'll learn about wireless encryption standards, cellular technologies, and multiple-input multiple-output, and multi-user MIMO. This course is one of a collection of courses that prepares learners for the N10-008: CompTIA Network+ certification exam.

The goal of network operations is typically to monitor, manage, and respond to network-related incidents to ensure a network's overall availability and performance is not compromised. In this course, you'll learn about statistics and sensors available to ensure network availability. You'll explore the Simple Network Management Protocol and how it works, and examine using network device logs. You'll also learn about interface statistics, errors, and alerts, as well as environmental factors and sensors that relate to temperature, humidity, electrical, and flooding. You'll then learn about organizational documents and policies, and learn how to plan for incident response, disaster recovery, and business continuity. Lastly, you'll explore hardening and security policy planning strategies, and common documentation every organization should maintain. This course is one of a collection of courses that prepares learners for the N10-008: CompTIA Network+ certification exam.

Disaster recovery and high availability are areas of security planning that involve tools, policies, and procedures that ensure the availability and recovery of critical services and infrastructure in the event of a human-induced or natural disaster. In this course, you'll explore high availability and disaster recovery concepts such as load balancing, multipathing, and network interface card teaming. You'll learn about facilities and infrastructure support concepts including uninterruptible power supply, power distribution units, generators, HVAC, and fire suppression. Lastly, you'll explore redundancy and high availability concepts including cold, warm, and hot sites, as well as network device backup and restore states and configurations. This course is one of a collection of courses that prepares learners for the N10-008: CompTIA Network+ certification exam.

Network security encompasses best practices and policies that are put in place to help monitor and prevent malicious attacks against both internal and external threats. In this course, you'll learn about the confidentiality, integrity, and availability triad and other common security concepts. You'll explore well-known threats, both internal and external, as well as common vulnerabilities and newly discovered software vulnerabilities. Next, you'll examine authentication methods and how to perform security assessments. You'll also examine common attacks, with a focus on technology-based attacks, and learn to differentiate between denial of service, distributed denial of service and Botnet/command and control attacks. You'll further explore how to prevent and remove ransomware and malware. Lastly, you'll learn about human and environmental attacks, such as social engineering, and how to differentiate between different social engineering attacks. This course is one of a collection of courses that prepares learners for the N10-008: CompTIA Network+ certification exam.

Network security is the practice of protecting and preventing unwelcome access attempts to computer networks. In this course, you'll learn about network hardening techniques and best practices. You'll learn to secure networks and about wireless authentication and authorization features You'll examine remote access methods and security considerations, VPN solutions, and the benefits of using virtual network computing and virtual desktop solutions. You'll learn about remote authentication and authorization considerations and how to implement out-of-band management.

If an incident or outage occurs, network administrators must be able to respond effectively and resolve network problems in a timely fashion. In this course, you'll learn about best practices for identifying a problem, establishing a theory of probable cause, testing theories, formulating a plan of action to resolve a problem, implementing a solution, or escalating the issue. You'll explore how to verify full system functionality and document findings, actions, outcomes, and lessons learned. You'll examine how to troubleshoot common cable connectivity issues and explore network specifications and limitations, cable considerations, and common issues such as attenuation, interference, bad ports, and duplexing issues. Lastly, you'll learn about common cable connectivity tools including cable crimpers, punchdown tools, tone generators, loopback adapters, and cable testers. This course is one of a collection of courses that prepares learners for the N10-008: CompTIA Network+ certification exam.

Troubleshooting network connectivity is a complex responsibility that can require various approaches and techniques in order to resolve issues. In this course, you'll learn about using the appropriate network troubleshooting software tools and commands. You'll explore software tools such as Wi-Fi analyzers and port scanners and learn about traditional command line tools and network platform commands. You'll also examine how to troubleshoot common wireless connectivity issues including issues relating to specifications and limitations. Next, you'll learn about common considerations and issues pertaining to wireless connectivity. You'll explore general network troubleshooting best practices as they relate to wired networks. Finally, you'll examine considerations such as routing tables, VLAN assignment, and other common issues. This course is one of a collection of courses that prepares learners for the N10-008: CompTIA Network+ certification exam

Every long journey, including the path to Security+ certification, begins with a few steps and some fundamental practices. Security goals and controls are an important starting point for building your security skills. You will begin this course by familiarizing yourself with the four primary security goals of confidentiality, integrity, availability, and non-repudiation. You will then explore the concepts of authentication, authorization, and accounting (AAA) and how they relate to people, systems, and models. Finally, you will delve into security control categories and types. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

The Security+ candidate must display competency in an assortment of core security concepts including the newer Zero Trust initiative and common physical security controls. In this course, the learner will explore gap analysis, Zero Trust control and data planes, deception technologies like honeynets, physical security controls, Change Management business processes and technical implications, and documentation and version control. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

Cryptography is at the heart of many security controls and countermeasures and as such, Security+ candidates must have a solid grasp of practical cryptography. In this course, you will discover symmetric and asymmetric cryptography and compare different encryption levels, including full disk and partition. Next, you will explore hashing, salting, hash-based message authentication codes (HMACs), and key exchange. Then you will examine digital signatures, certificates, and public key infrastructure (PKI), focusing on certificate authorities (CAs), certificate signing request (CSR) generation, and Online Certificate Status Protocol (OCSP). Finally, you will investigate cryptographic tools like Trusted Platform Module (TPM), hardware security module, and key management systems, and you will dive into blockchain technology. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

One of the primary goals for an emerging security practitioner is to have a firm grasp of the present threatscape. The learner will build this vital knowledge base in this course. In this course, we will explore threat actor types, attributes, and motivations. Next, we will dive into the use of human vectors and social engineering as well as common attack surfaces. Then we will explore supply chain, application, and O/S and web-based vulnerabilities. Finally, we will cover hardware and virtualization vulnerabilities, cloud vulnerabilities, and mobile device vulnerabilities. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

Malicious software, also known as malware, comes in a variety of attack vectors and characteristics. The ability to stay current with the different malware and variants is one of the biggest challenges for modern security professionals. Begin this course by exploring malware attacks like ransomware, trojan horses, and logic bombs. Then you will investigate physical and network attacks including brute force, denial-of-service, and credential replay attacks. Next, you will focus on application and cryptographic attacks, such as buffer overflow, privilege escalation, collision, and birthday attacks. Finally, you will take a look at password attacks and discover indicators of compromise, like concurrent session usage, blocked content, and impossible travel. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

As a security professional, it is always better to be proactive with mitigation rather than purely reactive. Begin this course by exploring segmentation and isolation, access control mechanisms, and configuration and patch management. Next, you will investigate the principles of least privilege and separation of duties and find out how encryption technologies can shield private information from unauthorized users. Then you will examine the monitoring and visibility of access controls and learn the best practices for decommissioning and offboarding. Finally, you will focus on hardening techniques, including endpoint detection and response (EDR), host intrusion detection system (HIDS)/host intrusion prevention system (HIPS), disabling ports/protocols, default password changes, and removal of unnecessary software. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

A physical structure that is built by engineers and architects needs solid design, construction, and ongoing maintenance. The same can be said for a networking and system environment. Begin this course by exploring fundamental security architectural considerations, including high availability, resilience, scalability, and responsiveness. Then, you will discover cloud computing, focusing on the cloud responsibility matrix, hybrid considerations, and third-party vendors. You will investigate Infrastructure as Code, compare serverless technologies, and learn about containers and microservices. Next, you will take a look at network infrastructure, centralized and decentralized design, and virtualization. Finally, you will examine industrial control systems (ICSs), Supervisory Control and Data Acquisition (SCADA) systems, and the Internet of Things. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

This course is a critical component of modern technical controls and countermeasures, as many of the technologies covered represent the daily technical activities of security practitioners, operators, and administrators. Begin by discovering various infrastructure security considerations like device placement, security zones, and failure modes. Then, you will compare network appliances and explore port security and firewalls. Next, you will examine virtual private networks (VPNs) and IP security (IPSec). Finally, you will investigate transport layer security (TLS), software-defined wide area networks (SD-WANs), and secure access service edge (SASE). This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

It is an understatement to declare that society is rapidly becoming a data-driven and service-oriented. Data protection and security is a key aspect of modern IT security management. In this course, we will begin by exploring data states, classification, types, and lifecycles. Then we will examine considerations for securing data including geographic and cultural restrictions, encryptions, and hashing. Finally, we will look at masking, obfuscation, and tokenization as well as segmentation and compartmentalization. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

Restoration and recovery is a vital part of a comprehensive backup plan. As a well-known axiom regarding backup strategy states, "a backup policy without tested restoration and recovery is no backup at all." In this course, we will examine restoration and recovery concepts, beginning with load balancing, clustering, and backup strategies. Next, we will explore continuity of operations, multicloud, and disaster recovery sites. We will then focus on capacity planning and testing techniques. Finally, we will look at power considerations. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

Today's security professional must contend with more types of computing systems and operating systems than ever before due to mobility, embedded, smart, and Internet of Things (IoT) devices. In this course, you will explore secure baselines and hardening targets. Then you will learn about wireless device installation issues, mobile device solutions, and connection methods. Next, you will investigate wireless security settings, cryptographic protocols, and authentication protocols. Finally, you will discover application security techniques and asset management tasks, including assignment/accounting, monitoring/asset tracking, enumeration, and disposal/decommissioning. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

Vulnerability management is an ongoing process designed to proactively protect computer systems, networks, and applications from cyberattacks and data breaches and is an integral part of your overall security system. Begin this course by exploring threat feeds like open-source intelligence (OSINT), Common Vulnerability Scoring System (CVSS), and Common Vulnerability Enumeration (CVE) to help gather information about potential threats or adversaries. Then you will investigate application vulnerability assessments for assigning severity levels, vulnerability scanning to identify known and unknown weaknesses, and penetration testing to simulate real-world attacks. Finally, you will discover vulnerability response and learn how to validate and report on remediation processes. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

Congratulations. You have convinced your steering committee to give you a huge budget, new hires, and broader access to deploy a ton of security controls at the new regional branch office. However, within weeks you will be brought back to report on the effectiveness of the new expensive toys. This is why solid monitoring and alerting are critical for success. In this course, you will explore security monitoring and alerting, beginning with monitoring computing resources, visibility, and agent-based and agentless monitoring. Then you will focus on monitoring activities like log aggregation, alert response, and validation. Next, you will discover the importance and benefits of Security Content Automation Protocol (SCAP), security information and event management (SIEM), and security orchestration, automation, and response (SOAR) systems. Finally, you will investigate antivirus and data loss prevention (DLP) systems, Simple Network Management Protocol (SNMP) traps, and NetFlow records. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

This course is a vital exploration of many of the day-to-day operational controls that the security professional is often involved with. This is what is referred to as the "due care" aspect of the job or ongoing continual maintenance. In other words, these are core "blue team" responsibilities. Topics presented to the learner include firewalls, intrusion detection system (IDS)/intrusion prevention system (IPS), web filtering, operating system security, implementing secure protocols, DNS filtering, email security, DomainKeys Identified Mail (DKIM), Sender Policy Framework (SPF), gateways, File Integrity Monitoring (FIM), data loss prevention (DLP), network access control (NAC), endpoint detection and response (EDR), Extended Detection and Response (XDR), and user behavior analytics (UBA). This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

Hybrid and remote work are more common than ever, and employees need secure access to enterprise resources from wherever they are. This is where identity and access management (IAM) comes to the rescue. The organization's IT department needs to control what users can and can't access so that sensitive data and functions are restricted to only the people and resources that need to work with them. In this course, we will explore IAM tools beginning with provisioning and deprovisioning user accounts, and password concepts including password best practices, length, complexity, reuse, expiration, age, password managers, and passwordless solutions. Next, we will look at federation and single sign-on (SSO), Lightweight Directory Access Protocol (LDAP), Open Authorization (OAuth), Security Assertions Markup Language (SAML), interoperability, and attestation. We will then consider access control models including mandatory, discretionary, role-based, rule-based, attribute-based, time-of-day restrictions, and least privilege. Finally, we will explore multi-factor authentication (MFA), biometric authentication, and privileged access management tools (PAM). This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

Automation offers many advantages to information technology including higher production rates and increased productivity, more efficient use of resources, both physical and logical, better product/service quality, and improved security and safety. In this course, the learner will tackle concepts such as automation and scripting use cases, continuous integration and testing, application programming interfaces (APIs), the benefits of automation, automation considerations, the incident response process, training, testing, tabletop exercises, simulations, threat hunting, root cause analysis, digital forensics, and investigation data sources. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

According to Gartner: "Security governance is a process for overseeing the cybersecurity teams who are responsible for mitigating business risks. Security governance leaders make the decisions that allow risks to be prioritized so that security efforts are focused on business priorities rather than their own." In this course, you will further define security governance and types of governance structures. Then you will discover security governance roles and responsibilities, such as owners, stewards, and officers, and external governance considerations. Next, you will explore guidance, best practices, standards, and policies like the software development life cycle (SDLC) and change management. Finally, you will investigate security governance procedures, including playbooks, monitoring, and revision. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

Security risk management is the ongoing process of identifying security risks and implementing plans to address them. Most security professionals should have a solid foundation in this important cross-disciplinary initiative. In this course, you will take a deep dive into security risk management, including risk identification and assessment. Then you will explore risk analysis concepts like qualitative and quantitative analysis and impact/magnitude. Next, you will discover risk treatment and handling strategies, including transfer, acceptance, and exemption. You will examine risk registers and ledgers, key risk indicators, risk owners, and risk thresholds. Finally, you will investigate risk reporting techniques and business impact analysis (BIA) to predict the consequences of a disruption to a business and collect information needed to develop recovery strategies. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

Security compliance management is the collection of policies, procedures, and other internal controls that an enterprise leverages to meet its regulatory requirements for data privacy and protection. In this course, you will explore compliance monitoring topics like due diligence, attestation, and compliance automation, as well as internal and external compliance reporting. Then you investigate the consequences of non-compliance, including fines, sanctions, and reputational damage. Next, you will examine privacy considerations for keeping information involving people confidential. Finally, you will assess vendor assessment and selection techniques like supply chain analysis and rules of engagement, and you will discover various agreement types, such as non-disclosure agreements (NDAs), service-level agreements (SLAs), and statements of work (SOWs). This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

A security audit is a systematic and methodical examination of an organization's security infrastructure, policies, and procedures. The goal is to identify vulnerabilities, weaknesses, and potential threats to sensitive information assets, physical assets, and personnel. In this final course, the learner will be exposed to topics such as internal and external audit and attestation, penetration testing audits, user guidance and training, phishing campaigns, and security training monitoring and reporting. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

Most candidates for the (ISC)² Systems Security Certified Practitioner (SSCP) exam will have the required one year of paid job experience. So the basic security concepts are most likely a review for most learners. However, simply defining the technology is not enough. Candidates must be able to grasp how the following principles are implemented: (ISC)² Code of Ethics, confidentiality, integrity, availability, accountability, privacy, non-repudiation, least privilege, and segregation of duties (SoD). Take this course to explore how you would apply these principles to your own daily security operations. Upon completion, you'll have a solid knowledge of the topics covered in Domain 1: Security Operations and Administration of the (ISC)² SSCP 2021 CBK, preparing you to take the exam.

When an organization decides to mitigate risk as part of a handling strategy, they will, in essence, raise the difficulty or resistance to threat actors using various security controls. If your role involves upholding the operational security of your organization's most coveted assets, you must be familiar with the many types of controls available. Use this course to become familiar with security control categories and the controls that fall within them. Among others, explore administrative controls, like security policies and procedures; technical controls, like device hardening and application firewalls; and physical controls, like surveillance equipment and security personnel. When you're done, you'll be able to decide the security controls you should implement in your organization. This course covers topics from Domain 1: Security Operations and Administration of the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 CBK.

As a security practitioner, assessing risk and applying controls is a fundamental part of the job description. However, doing so becomes pretty challenging if you don't know the value and priority of all physical and logical assets. Solid comprehension of the well-established lifecycles and architectures involved in both asset and change management will help you implement all your security initiatives smartly. In this course, examine the processes and best practices involved in each of the asset and change management lifecycle phases. When you've finished, you'll know the best way to implement each of these phases within the context of your own business. This course explores topics from Domain 1: Security Operations and Administration of the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 CBK.

Although on the surface, choosing physical controls may seem common sense and subjective, there are likely options and considerations you're unaware of. Furthermore, SSCP exam candidates must have a broad knowledge of these controls to pass the exam. Use this course to explore, in detail, the many categories and types of physical security controls, including barriers, such as gate types; surveillance, such as camera types; types of locks and sensors; secure areas, such as Faraday cages; and environmental controls, such as air gaps. Upon course completion, you'll be able to customize your physical security methods to suit your organization. This course covers subtopic 1.8 from Domain 1: Security Operations and Administration of the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 CBK.

Although cryptography isn't covered until domain 5 of the SSCP CBK, potential exam candidates and security professionals will benefit from foundational knowledge of cryptosystems early in their training. Use this course to grasp the reasons and requirements for cryptography in safe-guarding information, including regulations and governance. Investigate cryptographic techniques, such as hashing and salting, symmetric and asymmetric encryption, and elliptic curve cryptography. Discover what's involves in digital signatures and certificates. Explore cryptographic attacks, cryptanalysis, and countermeasures. And delve into advanced cryptosystems, such as quantum computing and blockchain. Upon course completion, you'll be aware of the various traditional and modern cryptology techniques used to protect data and communications. This course will help you in the lead-up to taking the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

Early on in the development of TCP/IP and the application layer protocols and services, it was decided not no build native security but rather to add new secure mechanisms and protocols. The aim was to maintain internetworking and interoperability without adding too much overhead. Knowing how these protocols work and how you can implement them will change how you protect your organization's information. Use this course to get abreast of some of the most vital secure protocols and their implementation along with other core services, such as key management, web of trust (WOT), and Public Key Infrastructure (PKI). Upon course completion, you'll be able to detail how and why these protocols and services are used. This course will help you in the lead-up to taking the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

As a security professional, you'll likely have been exposed to the concept of origin authentication. However, in today's modern environment of mobile devices, the Internet of Things, and embedded systems, more robust authentication, authorization, and identity management methods are imperative. Use this course to comprehend how single and multi-factor authentication, single sign-on (SSO), device authentication, and federated access work. Examine the use of trust relationships between domains and what's meant by Zero Trust. And distinguish between various internetwork connections such as the Internet, intranets, and extranets. Upon course completion, you'll be able to detail how and why these authentication mechanisms and trust architectures are used. You'll also be one step closer to being prepared to take the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

Whether you manage one or thousands of digital identities, the expectation for regulatory compliance, top-level security, and speedy access control will be the same. The importance of access control is reinforced by Domain 2 of the SSCP exam, representing 15% of the overall subject matter. Among other topics, this domain covers the identity management lifecycle and access control models. Use this course to gain a clear comprehension of the various aspects of identity management, namely authorization, proofing, provisioning, de-provisioning, maintenance, and entitlement. Furthermore, explore several types of access control models, including role-based and rule-based, and investigate the Bell-LaPadula and Biba mandatory access confidentiality and integrity models. Upon course completion, you'll recognize the identity management and access control techniques needed in your organization. You'll also be further prepared to sit the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

If a threat agent exploits an IT asset's vulnerability, then the consequences for a business could be detrimental. In IT security terms, the likelihood of this happening and the potential impact if it did constitutes the concept of risk. Those responsible for the operational security of assets need to know how to reduce risk sufficiently. Use this course to learn the many ways to identify, assess, and manage risk related to IT infrastructure. Explore, in detail, various risk management techniques, such as risk visibility and reporting, threat modeling, and risk treatment. Examine legal and regulatory concerns when managing risk. And see how to implement organizational security awareness and training. Upon completion, you'll know how to bring risk magnitude down to a pre-defined acceptable level. You'll also be further prepared to sit the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

Once you've assessed an organization's risks, you need to implement continuous visibility and reporting to understand risk evolution. Furthermore, once you've established security policies and controls, you need to test and evaluate them to confirm their efficacy. To meet these goals, security practitioners need to know how to uncover vulnerabilities, identify events of interest, monitor logs, and analyze metrics. Use this course to learn security and vulnerability assessment techniques and methodologies. Explore security testing, risk review, and vulnerability management. Examine data logging and event aggregation. Learn how to implement monitoring and event data analysis. And see how to document and communicate findings. Upon completion, you'll be able to identify, monitor, and analyze security risks. You'll also be further prepared to sit the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

Unprecedented events such as the Y2K bug and terrorist attacks, along with increasing cybercrime pervasiveness and sophistication, have meant that since the early 2000s, a security team's ability to recover from a disaster has moved from a bonus to non-negotiable. There are several phases to incident response, from preparation to forensic investigations and beyond. A competent security professional needs to know all of them. Use this course to learn what's involved in the incident response lifecycle phases of preparation, detection, analysis, escalation, containment, eradication, recovery, and lessons learned. As you advance, explore essential aspects of cyber forensic investigations, such as handling evidence and reporting. Upon completion, you'll know the multiple facets of incident response and cyber forensics. You'll also be further prepared to sit the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

When dealing with security, preparation is key. A variety of disasters could happen to most organizations at any moment, and the impact that could have on data and systems could be detrimental. There are many measures and processes to help recover from a disaster. Use this course to learn a handful of them. Explore the main elements of business continuity planning (BCP), also called continuity of operations (COOP). See what's involved in business impact analysis and disaster recovery planning. And examine various backup and restore methods. Upon course completion, you'll know several strategies to ensure a business continues to function after a disaster. This course's objectives line up with those in Domain 4: Incident Response and Recovery of the SSCP CBK and will help you prepare for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

Historically speaking, the vast majority of security practitioners, technicians, engineers, and architects come from the field of local and wide area networking. This factor, as well as the importance of protecting data-in-transit, makes networking a critical knowledge area. Use this course to get to grips with several networking concepts and methodologies. Learn to distinguish between the OSI and TCP/IP reference models. Explore network topologies, relationships, and media types. See what's meant by software-defined networking (SDN), Remote Authentication Dial-In User Service (RADIUS), and terminal access controller access-control system plus (TACACS+), among other terms. Examine commonly used ports and protocols. And look into remote access connectivity and virtual private networks (VPNs). Upon course completion, you'll be familiar with several fundamental networking concepts and network access control methodologies. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

A critical aspect of risk and security management is having a clear picture of the present threatscape. This involves knowledge of threats actors, exploits, vulnerabilities, and malware along with countermeasures that include various technical, physical, and managerial controls. Take this course to learn to recognize several types of network attacks. Examine various methods for managing network security, from network device placement to configuring access control lists and using firewalls and proxies. Furthermore, learn how to secure network-based security devices as well as routers and switches. Then, delve into content delivery networking, cloud-based load balancers, and intrusion detection and prevention. Upon course completion, you'll know what's involved in both network attacks and countermeasures. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

Network and communications security is part of the SSCP Domain 6 objectives and includes the important topic of securing wireless communication. Use this course to learn about the key features of wireless networking technologies and the security vulnerabilities you need to consider. Examine key aspects about the operation of wireless technologies on the network including common wireless 802.11 standards and their distinguishing characteristics, and explore cellular, Wi-Fi, Bluetooth, and Near-Field Communication (NFC). Learn about the role of authentication and encryption protocols like WPA, WPA2, WPA3, and Extensible Authentication Protocol (EAP) as used on the network. Finally, learn how to secure various Internet of Things (IoT) devices including embedded devices and software-on-a-chip technology. Upon course completion, you'll know what's involved in securing wireless communication and devices. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

To secure systems and applications appropriately, security practitioners must first recognize the various types of malicious code and activity. After this, they need to execute the best measures to counter these exploits. Use this theory-based course to recognize multiple types of exploits and malware and their most common countermeasures. Explore malware variants, such as rootkits, spyware, scareware, and ransomware. Examine countermeasures involving scanners, antimalware, and code signing. Then, study malicious activities, such as insider threats, data theft, zero-day exploits, and advanced persistent threats (APTs). And discover their various countermeasures, such as system hardening, patching, and data loss prevention (DLP). Lastly, investigate advanced mitigation techniques that involve behavioral and data analytics, machine learning, and artificial intelligence. Upon completion, you'll be able to identify and analyze malicious code and activity. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

The first decade of the 21st century saw an explosion in the use of various mobile devices and cloud service providers in the enterprise. With this came a new challenge for security professionals from which several techniques and tools were developed. Get to grips with the many terms and activities related to endpoint protection and mobile device management in this vocational course. Explore what's involved in host-based intrusion prevention systems (HIPS) and host-based intrusion detection systems (HIDS). Examine endpoint encryption, protection, detection, and response. And study mobile provisioning and mobile device and application management. Upon course completion, you'll be familiar with the best techniques for protecting various devices and systems. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.

The security landscape changes in tandem with the evolution of technology. As virtualization and cloud computing have emerged, so have associated security tools, techniques, and regulations. Ensure your security knowledge is up-to-date with this advanced exam preparatory course. Learn about hypervisors, virtual appliances, and containers. Examine continuity and resilience, attacks and countermeasures, and legal and regulatory concerns. Explore what's involved in shared and data storage, deployment and service models, processing, and transmission. Delve into third-party/outsourcing requirements, data portability, data destruction, and auditing. And finally, investigate the cloud computing shared responsibility model. When you're done, you'll know how to secure technologies related to virtualization and cloud computing. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.