Aspire Journeys

722 Information Systems Security Manager KSAT Beginner NCWF Journey

46 Courses | 52h 7m 28s

(1)

Responsible for the cybersecurity of a program, organization, system, or enclave.

722 Information Systems Security Manager KSAT Beginner

Responsible for the cybersecurity of a program, organization, system, or enclave.

46 Courses | 52h 7m 28s

COURSES INCLUDED

CompTIA IT Fundamentals: Basic IT Concepts

Computers are an integral part of our lives, both personally and professionally. In a few short decades, they have become so indispensable that understanding how they work and how to use them has become imperative. In this course, you will be introduced to basic information technology (IT) concepts, beginning with common numbering systems used by computers and the two international data standards. Then you will explore the character and numerical data types used in computer programming. Finally, you will learn about the basics of computer processing, inputs and outputs, the role of computer storage, and how it works. This course helps prepare learners for the CompTIA IT Fundamentals (ITF+) certification exam, FC0-U61.

15 videos | 1h 49m Assessment Badge

CompTIA IT Fundamentals: Internet, Storage, & Computer Systems

When computers first hit the scene, they were a marvel and a mystery to most individuals, but accessibility improvements over time allowed them to become moderately more useful. They then began to extraordinarily change the world with the advent of the Internet. In this course, discover the role and features of the Internet, storage, and computer systems, beginning with the various Internet connection technologies and computer storage types. Next, learn about the various types of computers and the features of mobile phones, tablet devices, and gaming systems. Finally, explore an overview of the Internet of Things (IoT) and the technological advances that enable IoT. This course helps prepare learners for the CompTIA IT Fundamentals (ITF+) certification exam, FC0-U61.

14 videos | 1h 29m Assessment Badge

CompTIA IT Fundamentals: Networking & Wireless Technologies

Computers are immensely useful tools that continue to change the world we live in. Arguably, they would be far less useful without the marvels that are computer networking and wireless technologies. In this course, explore concepts surrounding networking and wireless technologies, including the basics of networking and Internet protocols. Next, learn about the common protocols used every day for browsing the Internet and sending emails. Finally, examine networking devices, firewalls, and wireless technologies, as well as considerations for wireless quality and wireless best practices. This course helps prepare learners for the CompTIA IT Fundamentals (ITF+) certification exam, FC0-U61.

19 videos | 2h 42m Assessment Badge

CompTIA IT Fundamentals: Operating Systems

Computers need software to function, and that software has changed fundamentally since the very first computers were created. Nowadays, sophisticated operating systems (OSs) are used to perform everyday tasks. In this course, learn about computer operating systems, including the types and basic features of OSs and the application hardware interface. Next, explore Windows management, including managing applications, devices, users, and access control. Finally, investigate file systems, key OS features, task scheduling, and common methods for tweaking a Windows OS, including using command line interfaces (CLIs) to perform operations. This course helps prepare learners for the CompTIA IT Fundamentals (ITF+) certification exam, FC0-U61.

18 videos | 2h 24m Assessment Badge

CompTIA IT Fundamentals: Software Concepts

Computers are wonderful tools that require hardware to operate but need software and operating systems to truly sing. At one time, software was a rare commodity, but today we are faced with a wealth of choices for performing business or personal tasks. In this course, you will explore the basics of computer software concepts, beginning with various kinds of software (productivity, collaboration, and business) and application delivery methods. Then you will learn about architectural models, single-platform and cross-platform software, software licensing, and software installation best practices. Next, you will discover the ins and outs of web browsers, focusing on clearing caches, client-side and server-side scripting, and browser extensions. Finally, you will examine browser configuration and find out how to block popups and scripts. This course helps prepare learners for the CompTIA IT Fundamentals (ITF+) certification exam, FC0-U61.

18 videos | 1h 49m Assessment Badge

CompTIA IT Fundamentals: Software Development Concepts

Computer software is wonderful, but what makes it tick? Non-programmers might be interested to learn some of the basics of software development and how the magic is made. In this course, you will explore software development concepts, beginning with the basics of scripting, markup, programming, assembly, and query languages. Then you will delve into some of the tools used by programmers to map out program flow, including flowcharts, pseudocode, and sequence diagrams. Finally, you will discover common programming concepts, including branching and looping, variables and constants, arrays and vectors, functions, and object-oriented programming (OOP). This course helps prepare learners for the CompTIA IT Fundamentals (ITF+) certification exam, FC0-U61.

15 videos | 1h 11m Assessment Badge

CompTIA IT Fundamentals: CIA Triad

Computer data is created at a rate that we can barely comprehend. Much of that information is immensely useful and readily available to anyone, but there is a large contingent of information that is and should remain confidential. In this course, you will explore the CIA triad, beginning with the principle of least privilege and concerns surrounding confidentiality, integrity, and availability. Then you will learn about methods for protecting information, including antivirus and antimalware software, firewalls, password security, and safe browsing. Finally, you will discover the importance of patching and updates, best practices for device security, and removing unwanted software. This course helps prepare learners for the CompTIA IT Fundamentals (ITF+) certification exam, FC0-U61.

17 videos | 1h 43m Assessment Badge

CompTIA IT Fundamentals: Privacy & Encryption

In an information age, privacy and security are of paramount importance. We've seen numerous examples of the damage done when information is compromised. With this in mind, organizations spend vast resources to keep information safe and secure for good reason. In this course, you will learn about privacy and encryption, beginning with the basics of Internet and computing privacy. Then you'll explore software and network privacy considerations, security policies and procedures, regulations and considerations for handling information, and password best practices. Finally, you'll delve into encryption technologies and the importance of protecting data at rest and data in transit. This course helps prepare learners for the CompTIA IT Fundamentals (ITF+) certification exam, FC0-U61.

15 videos | 1h 28m Assessment Badge

CompTIA A+ Core 2: Information Management & Change Management Processes

Ticketing systems are a great way to collect user and device information, descriptions of problems, and problem resolutions. This course will explore ticketing and asset management systems and how these systems capture information about events and resources. Explore document types such as acceptable use policies, compliance, and network topology diagrams. Discover components of a typical standard operating procedure, including procedures for custom installation of software packages. Next, consider the importance of knowledge base articles and explore best practices for documenting business processes, including rollback plans, sandbox testing, and responsible staff members. Lastly, explore considerations when explaining basic change management best practices. This course is part of a series that will help you prepare for the CompTIA A+ Core 2 (220-1102) certification exam.

11 videos | 55m Assessment Badge

CompTIA A+ Core 2: Backup & Recovery Methods

Backing up data is the practice of copying data from a primary to a secondary location. Regular backups are essential when attempting to recover from a primary data failure. Backups should be performed regularly in both personal and business scenarios. In this course, explore disaster prevention techniques and recovery best practices. Discover how to differentiate between full, incremental, differential, and synthetic backups, and learn when to implement each method. Next, explore backup frequency timelines that can help ensure regular data backups. Discover how to differentiate between on-site and off-site backup rotation schemes, and lastly, explore backup rotation schemes including grandfather-father-son (GFS) and the 3-2-1 backup rule. This course is part of a series that will help you prepare for the CompTIA A+ Core 2 (220-1102) certification exam.

7 videos | 46m Assessment Badge

Windows Environments

As a security operations person, you'll need to tailor your methods to suit the operating system your working with. This course covers some of the core competencies required to conduct offensive security operations against a Windows environment. Throughout this course, you'll learn how to recognize the differences between various Windows versions. You'll examine the role of intrusion detection systems (IDS) and intrusion prevention systems (IPS) in a Windows environment. You'll then learn about the MITRE ATT&CK framework and how it relates to Windows intrusions and identify the different Windows logging mechanisms. Next, you'll practice using event logging, basic PowerShell commands, and the Windows Registry. You'll then explore how the Windows hashing algorithm works and practice cracking an NTLM hash value. Lastly, you'll investigate different data artifacts within Windows and outline how best to work with Active Directory and Kerberos.

16 videos | 1h 31m Assessment Badge

Certified in Cybersecurity (CC): Core Security Principles & Risk Management

It is of high importance that organizations operate upon a solid foundation of security principles, concepts, and risk management. It is impossible to reduce security risk until core security and risk management principles are defined. In this course, explore the elements of the confidentiality, integrity, and availability (CIA) triad, along with the essentials of authentication and using non-repudiation services. Next, examine what risk is and the terminology surrounding risk management, threats, and vulnerability. Finally, learn about risk assessment, identification, and treatment and compare qualitative and quantitative risk analysis. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

11 videos | 32m Assessment Badge

Certified in Cybersecurity (CC): Security Governance, Policies, & Controls

Security governance is a huge part of overall corporate or organizational governance. The security practitioner must be aware of various governance elements, regulations, laws, standards, policies, and procedures. Begin this course by exploring the elements of governance, including mission charter, leadership, and corporate guidance. Then investigate various laws and regulations like General Data Protection Regulation (GDPR) and HIPAA, standards issued by the International Organization for Standardization and International Electrotechnical Commission (ISO/IEC), and the National Institute of Standards and Technology (NIST), and common policies and standard operating procedures. Next, examine the International Information System Security Certification Consortium (ISC2) code of ethics. Finally, discover security control categories and types. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

10 videos | 25m Assessment Badge

Certified in Cybersecurity (CC): Incident Response

Practically anything that occurs in the enterprise can be called an event, but not all events are negative occurrences. It is the problematic events that are managed with the incident response practice. In this course, you will begin by exploring incident terminology and the goal of incident response. Next, discover the phases of the incident response lifecycle: Preparation, Detection and Analysis, Containment, and Post-incident Activities. Finally, you will explore additional incident response topics, including incident response teams, forensics, and problem management. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

10 videos | 28m Assessment Badge

Certified in Cybersecurity (CC): Business Continuity Planning

Many organizations nowadays have become aware of the need for business continuity planning, also known as continuity of operations. The main objective of a business continuity plan (BCP) is for an organization to maintain organizational operations while recovering from a major interruption. In this course, explore the importance and goals of business continuity and continuity of operations, as well as the components of a business continuity plan. Next, learn about business impact analysis (BIA), backup and restore policies, and disaster recovery plans. Finally, investigate the various tests and drills that incident response and business continuity plans should be subjected to. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

10 videos | 30m Assessment Badge

Certified in Cybersecurity (CC): Physical Access Controls

Many security practitioners learn about physical security by comparing it to protecting a medieval castle. Defense in Depth (DiD) relies on multiple layers of independent methods of security and must be used with either an outward-in or inward-out approach. Begin this course by exploring fundamental physical security concepts and mechanisms such as privileged access management (PAM) and segregation of duties (SoD). Then you will focus on badge systems, gate/facility entry, and environmental controls design. Next, you will examine biometric authentication, including crime prevention through environmental design (CPTED). Finally, you will learn about various monitoring systems like syslog, NetFlow, security information and event management (SIEM), and security orchestration, automation, and response (SOAR). This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

10 videos | 34m Assessment Badge

Certified in Cybersecurity (CC): Logical Access Controls

There is often a blurred line between physical and logical access control, as the systems typically function together. In this course, you will explore the logical aspect of Defense in Depth and security controls. Next, you will examine discretionary access control (DAC) and mandatory access control (MAC). Finally, you will define role-based access control (RBAC), rule-based access control (RuBAC), and attribute-based access control (ABAC) and learn about their differences. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

9 videos | 20m Assessment Badge

Certified in Cybersecurity (CC): Networking & Security Infrastructure

Although new security practitioners can come from development, database, or other backgrounds, the majority of security professionals come from a networking background. It is virtually impossible to separate networking knowledge from security expertise. Begin this course by exploring network types, network devices, and device addressing mechanisms. Then you will discover the Open Systems Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) reference models, logical ports, and the TCP handshake. Next, you will focus on transport layer security (TLS) and IP security (IPsec). Finally, you will examine virtual LANs (VLANs) and Wi-Fi fundamentals. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

12 videos | 45m Assessment Badge

Certified in Cybersecurity (CC): Present Threats & Network Security Controls

The constant emergence of new security threats, variants, vectors, and technologies is an ongoing challenge to keep up with. In this course, learn about threats, attacks, and threat prevention tools and methods, such as advanced persistent threats (APT) and intrusion detection and intrusion prevention systems. Next, investigate data center security, secure cloud computing, and elements of secure network design, including HVAC and environmental controls, zoning, and VLANs. Finally, explore Zero Trust security initiatives and micro-segmentation, such as network access control (NAC), software-defined networks, and IoT. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

10 videos | 38m Assessment Badge

Certified in Cybersecurity (CC): Data Security & System Hardening

For many organizations, data is the most critical asset to be secured. Begin this course by exploring the data life cycle, or the different phases a piece of data goes through, from data creation to data destruction. You will focus on each of the six phases, including create, store, use, share, archive, and destroy. Then, you will learn how to log and monitor security events using modern enterprise and cloud-based solutions. Next, you will investigate encryption, hashing, and digital signing. Finally, you will discover system hardening practices like patch management. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

11 videos | 29m Assessment Badge

Certified in Cybersecurity (CC): Security Best Practices & Security Awareness

A mature and successful organization will follow guidance and best practices to better secure all resources. Stakeholders at every level must understand their roles and responsibilities for contributing to a secure environment. In this course, the learner will begin by exploring common security policies, including acceptable use policies (AUPs) and remote access policies. You will then review the processes of configuration and change management. Finally, you will explore security awareness programs and topics, and the security awareness training life cycle. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

8 videos | 24m Assessment Badge

CyberOps Windows Hardening: Windows Server Hardening Best Practices

Windows servers are the heart of many corporate networks and may contain sensitive company data that, if leaked or stolen by an attacker, would be catastrophic. Protecting the Windows Server assets and preventing a security compromise is an important skill for IT security professionals to master. In this course, you'll learn how to help prevent security incidents by hardening the Windows Server and reducing the attack surface. You'll learn how to follow common security best practices to lock down a Windows system by hardening user accounts, passwords, services, the file system, and common network services, such as DNS and IIS.

16 videos | 1h 32m Assessment Badge

CyberOps Windows Hardening: Windows Workstation Hardening Best Practices

If successful in exploiting your Windows workstations, hackers could move laterally across the network to compromise other assets like your servers and databases, which contain sensitive information. In this course, you'll learn how to protect your Windows workstations by following standard operating system hardening procedures to reduce the attack surface and help prevent a security compromise. You'll learn how to secure a workstation by implementing hardening procedures related to the BIOS/UEFI. You'll carry out user account and group membership security strategies. You'll practice reducing unneeded software, patching the system, configuring user rights, and setting up auditing. Additionally, you'll work with full disk encryption, antivirus methods, firewall software, and security templates. To carry out this work, you'll utilize BitLocker, AppLocker, and Windows Defender.

15 videos | 1h 29m Assessment Badge

Cryptography: Introduction to Cryptography Services

Learners will discover two core cryptography services, encryption and hashing, in this 14-video course. Examine the goals of information security, symmetric and asymmetric encryption, and using the Caesar cipher. Begin by taking a look at the goals of information security. Then explore cryptography services and how to associate those services with goals of information security, and receive an overview of encryption and encryption history. Next, watch a demonstration of how to use the CrypTool and the Caesar cipher. Following this, you will examine symmetric encryption, and define common symmetric encryption algorithms. Another demonstration covers CrypTool and symmetric encryption. Learners will be introduced to asymmetric encryption; learn how to define common asymmetric encryption algorithms; and explore the purpose of hashing, and define common hashing algorithms. The final tutorial demonstrates use of the CrypTool and hashing. The concluding exercise involves downloading and installing CrypTool v1, creating a text file, creating an MD5 and SHA1 hash of the file, changing the file and checking the hash value again, and encrypting text with Caesar cipher.

14 videos | 56m Assessment Badge

Intrusion Detection: Best Practices

Intrusion detection systems (IDS) allow you to monitor traffic and send alerts when abnormal activities have been detected. In this 14-video course, you will explore concepts of traffic analysis and IDS, including network forensic analysis, sniffing and sensors, signal and noise, and brute force analysis. To begin, you will examine approaches to network security through traffic analysis, then take a look at tools and techniques used by IDS. Learners will also explore the network forensic approach to computer networks; learn how to describe types of application controls that can be used for traffic analysis; placement and use of sniffing and IDS sensors; and examine concepts of signal and noise when it comes to network traffic analysis. You will learn how to perform IDS with Snort with a sample ruleset; configure Bro to detect common attack patterns; use Wireshark to inspect network packets; and perform nmap scans with methods to evade IDS detection. In the final tutorials, you will perform brute force analysis with nmap, and a mock denial of service (DoS) attack with nmap.

14 videos | 45m Assessment Badge

Intrusion Prevention: Best Practices

Intrusion prevention helps one to detect and stop various attacks that other security components may miss. In this 13-video course, learners explore objectives and tools of intrusion prevention, including kernal attack prevention, vulnerability discovery, remediation strategies, scan detection, and evasion techniques. Begin by examining approaches to intrusion prevention systems (IPS), and how it differs from intrusion detection systems (IDS). Then take a look at options and deployment strategies for IPS; discover the advantages and disadvantages of various approaches to IPS, and view the role of IPS in preventing kernal attacks. Explore the methods used to discover vulnerabilities, and the remediation strategies related to intrusions. Next, learn how to block an attacker after too many failed login attempts; how to describe methods used in IPS to evade intrusions; and how to use tools, including netstat, to scan for potential intrusions on a local system. In the final two tutorials in this course, you will scan a system for potential malware infections using nmap, and use Suricata to implement a packet diversion for intrusion prevention.

13 videos | 49m Assessment Badge

Information Security for Leaders: An Introduction to InfoSec

Information security, often called InfoSec, consists of tools and processes used to protect data and sensitive information from threats and attacks. In this course, explore the history of information security and discover how to differentiate between cybersecurity and information security. Discover common myths and misconceptions about information security and learn about types of information security, such as infrastructure, cloud, application, and incident response. Next, you will explore security threats, including social media attacks, social engineering, malware, and misconfigurations, and common information security and data protection laws. Finally, you will investigate the responsibilities of a Chief Information Security Officer (CISO), including developing sound security practices, identifying security objectives, conducting awareness and training programs, and ensuring regulatory compliance. Upon completion, you'll be able to recognize the importance of information security and the key roles and responsibilities required to protect an organization

15 videos | 1h 18m Assessment Badge

Information Security for Leaders: Elements of InfoSec

Confidentiality, integrity, and availability, otherwise known as the CIA triad, is a common information security model used by organizations to design and implement their overall security policies and frameworks. In this course, you will learn the basics of confidentiality, integrity, and availability, and discover emerging challenges brought on by big data and the Internet of Things (IoT). Explore the stages of information security risk management (ISRM) and learn how to differentiate between various types of security controls. Discover techniques such as defense in depth, data classification, cryptography, access control, and governance, and the importance of having a sound incident response and management strategy in place. Lastly, learn about the role of investigations and forensics as well as the steps in a forensic investigation such as searching and seizing, acquisition, analysis, and reporting. After course completion, you'll be able to recognize common elements of information security.

15 videos | 1h 54m Assessment Badge

Managing Enterprise InfoSec Risks & Risk Tolerance

IT security risks can be defined as a combination of the consequences of an event and the associated likelihood of occurrence. They can be managed by an organization through asset-safeguarding strategies. Through this course, learn about managing enterprise information security (InfoSec) risk and risk tolerance. Explore the definition of risk, how it differs from threats and vulnerabilities, and the history of information security. Next, discover common threats to IT systems and data, how to identify and manage security risks, and the key differences between quantitative and qualitative risk analysis. Finally, learn about common risk assessment tools and the differences between penetration testing and vulnerability assessments. Upon completion, you'll be able to outline and manage IT security risks.

15 videos | 1h 44m Assessment Badge

InfoSec Crisis Management & Incident Response

Not only do IT security teams need to be ready to identify security incidents, but they also need to be able to respond to and manage the environment during a crisis. In this course, you'll explore the term 'crisis' and identify crisis management practices. Discover the key components of an organizational crisis readiness program, including planning, training, technology, tools, and continuous improvement. Next, investigate the roles and responsibilities of a crisis management team, examine measures to minimize disruptions, and determine how incident response planning can help organizations better respond to critical incidents. Then, investigate how to best identify incidents and learn how early detection of incidents can be crucial to containing threats. Lastly, explore the various steps of a typical incident response plan, focusing on identification, containment, investigation, eradication, recovery, and lessons learned. After completing this course, you will be able to recognize what constitutes a crisis and respond to and manage security incidents.

15 videos | 1h 34m Assessment Badge

Information Security Practices: InfoSec Vendor Management

Everything comes with pros and cons, and outsourced information security is no exception. Leaders contemplating outsourcing information security products and services will need to trade potential time and money savings for other potential gaps. In this course, explore information security outsourcing, security vendor relationships, and major considerations and challenges associated with outsourcing information security. Next, discover common downsides to outsourcing security services, key steps to consider when choosing a security vendor, and explore vendor risk management. Finally, learn about vendor contracts and the importance of having sound contract language when dealing with security vendors. Upon completion, you'll be able to identify common InfoSec vendors and providers and best practices for outsourcing InfoSec products or services.

13 videos | 1h 24m Assessment Badge

Information Security Practices: Multi-year InfoSec Planning

There is no easy way to predict the future of information security. There are however strategies leaders can implement to better plan and prepare for future growth, security, and threats. In this course, examine potential information security threats, how complexity makes them challenging to predict and plan for, and the threats that ransomware, cybercrime, and the growing crime-as-a-service (CaaS) community pose. Next, discover how work shortages and voids created by skills gaps can cause major issues and the impact of recent global pandemics. Finally, explore operational technology, application container risks, and the evolving risks posed by artificial intelligence and machine learning. Upon completion, you'll be able to plan for the future as an InfoSec leader.

15 videos | 1h 17m Assessment Badge

Information Security: NACs & Gateways

Learners will discover key features of network access control (NAC), the importance of NAC in a network, various NAC elements, authentication, and its implementation, in this 12-video course. Explore the risks and challenges associated with BYOD-which means "bring your own device"-and IoT, which is Internet of Things. You will begin the course by examining the security risks introduced by BYOD and IoT, along with their preventive measures. You will then explore the major challenges with BYOD in an organization. The next tutorial defines NAC and the importance it has in a network. This leads into examining the NAC architecture; the different features of NAC; and the impact of an improperly configured NAC. You will learn about the various NAC elements; recall the best practices of implementing NAC, and identify the key points for creating an effective checklist for NAC security. In the final tutorial, learners will be asked to list the NAC authentication methods.

12 videos | 37m Assessment Badge

Information Security: Securing Networking Protocols

Learners can explore the key concept of the common protocols in use, and discover the security issues of the transmission control protocol/Internet protocol (TCP/IP) model and security protocols, in this 10-video course. You will begin by taking a look at the common protocols used in a network, the ports they use, and the type they are and what they do. Next, you will examine some of the security issues of the TCP/IP model at the layer level, of which it has four: application, transport, Internet, and data link. You will also explore the threats, vulnerabilities, and mitigation techniques in network security; identify the types of weak protocols and their replacements; and classify the various types of security protocols. Then learners will continue by examining various ways to use security protocols in different situations; the importance of implementing security protocols. In the final tutorial, learners will explore the security-first mindset and its necessity.

10 videos | 56m Assessment Badge

Information Security: Hardened Security Topologies

In this 8-video course, learners will discover the key concepts of different security topologies and the key role they play in network security. Begin with an introduction to security topologies, which define the network design based on security requirements. You will then explore the design goals for security topology, the elements used to ensure that the information is secure, which means that you need the concepts of confidentiality, integrity, and availability (CIA), of information in a proper way, and it needs to be secured. You also need to practice accountability along with CIA concepts. Next, you will examine advantages and disadvantages of different security topologies, which are the Intranet, the Internet, and various other topologies. You will take a look at the impact of integrating cloud topologies, and also delve into the various layers of security in cloud computing. The final tutorial in this course explores the different methods used to harden the components of security topologies.

8 videos | 42m Assessment Badge

Information Security: Pen Testing

Explore the key penetration (pen) testing concepts such as vulnerability assessment, types of pen testing, and threat actors, in this 14-video course. Discover why pen testing is needed and investigate tools used for pen testing. Key concepts covered in this course include pen testing, a set of tasks that are performed by ethical hackers against an organization, but in a legal way; steps performed during the pen testing process; and reasons why an organization needs to perform pen testing and distinguish between pen testing and vulnerability assessments. Next, you will compare the different types of pen testing and learn the weaknesses of pen testing; learn the various types of tools used in pen testing and the target selection for pen testing; and learn the types of assets in an organization; compare the types of risk responses that an organization may adapt. Finally, learners observe how to use the Metasploit framework in Kali Linux; and how to create an exploit by using MSFvenom.

14 videos | 1h 34m Assessment Badge

Software Testing Foundation 2018: Testing Techniques

In this 10-video course, you will explore part of chapter 4 from the ISTQB Software Testing Foundation Level 2018 certification exam syllabus, covering categories of test techniques, with a primary focus on experience-based test techniques. Start by learning how to identify the factors that influence which test technique to use. The purpose of a test technique is to help identify test conditions, test cases, and test data. Then learners will examine black-box, white-box, and experience-based test techniques and their characteristics. Explore what each of those experience-based testing techniques are, and identify their common characteristics, by focusing on error guessing, exploratory testing, and checklist-based testing and the benefits they provide when testing a software product. In the final tutorial of this course, look at exploratory testing, performing tests on software based on the tester's unique domain-based experience. To conclude the course, an exercise covers describing various testing techniques available in the experience-based testing category.

10 videos | 30m Assessment Badge

Software Testing Foundation 2018: Black-box & White-box Testing Techniques

Explore part of chapter 4 from the ISTQB Software Testing Foundation Level 2018 certification exam syllabus covering categories of test techniques, focusing on white-box and black-box testing techniques. One of these is equivalence partitioning, applied to derive appropriate test cases from requirements. In this 17-video course, learn to define test cases by applying equivalence partitioning. Examine boundary value analysis to develop appropriate test cases and define these by applying boundary value analysis, given a set of requirements. You will learn about decision-table testing to derive and define test cases from requirements and when to apply state transition testing, to derive appropriate test cases from requirements and define test cases by applying it. Identify the process involved in deriving test cases from a use case, and define test cases when given a specific use case and statement testing and coverage. Next, explore how to achieve statement coverage, identify decision testing and coverage, and achieve decision coverage in software source code. Then examine benefits of white-box testing. A final exercise deals with black-box and white-box testing techniques.

17 videos | 55m Assessment Badge

Systems Engineering: An Introduction

Systems engineering is a holistic approach to engineering that considers the system, including its components, interactions, and environment. It aims to ensure that the system meets the needs and expectations of its stakeholders while satisfying technical, performance, and safety requirements. In this course, you will be introduced to systems engineering, beginning with a discussion of its systems engineering principles, the systems engineering life cycle, the systems engineering process, the V-model, the iterative process model, and lean engineering. Then you will learn about process integration, systems engineering and complex systems, and how systems engineering compares to similar disciplines. Finally, you will explore system types and engineering product development.

17 videos | 1h 37m Assessment Badge

Systems Engineering: Principles & Design Process

Systems engineering aims to ensure that the system meets the needs and expectations of its stakeholders while satisfying technical, performance, and safety requirements. To accomplish that feat, it's important to understand systems engineering principles, planning, and process design. In this course, you'll learn about engineering systems, beginning with the importance of engineering, the systems engineer role, engineered system context, and the impact of systems engineering on project management. Then you'll dig into the benefits of systems engineering, how systems engineers solve complex problems, and systems engineering plans and planning. Finally, you'll explore the engineering design process, its key principles and advantages, solving engineering design process problems, and how to create an engineering design process project.

17 videos | 1h 36m Assessment Badge

Systems Engineering: System Architecture & Design

Systems engineering involves a structured and iterative process of defining, analyzing, designing, validating, and verifying the system. System architecture and design are key elements of that process and require a significant amount of understanding in order to complement how everything works together in the system engineering process. In this course, you will explore system architecture and design, beginning with system architecture and components, system requirements, and modeling and simulation. Then you will learn about considerations for system requirements, system modularity, and standardization. Next, you will examine stakeholders and stakeholder needs and requirements. Finally, you will explore the principles of system design, investigate metrics for evaluating system designs, and find out how to evaluate a system.

18 videos | 1h 38m Assessment Badge

Systems Engineering: Systems Thinking

Systems Engineering requires effective communication and collaboration among various stakeholders, including customers, users, designers, developers, testers, and managers. Systems thinking is a way of understanding complexity and looking at systems in their entirety. In this course, you will begin with an introduction to systems thinking, its philosophy, and principles. Then you'll learn about the advantages of systems thinking, key systems thinking concepts, and common systems thinking tools. Finally, you'll look at systems thinking as it relates to systems engineering and how systems thinking can be applied to real-world problems.

9 videos | 44m Assessment Badge

Cloud Security Fundamentals: Architectural & Design Concepts

In this 9-video course, learners explore the fundamentals of cloud architecture and design, including three-tier design, shared responsibility, development lifecycles, risk management, and migration and deployment strategies. Begin by taking a look at a common three-tier design model, consisting of a web tier, an application tier, and a database tier model. You will also examine how to expand this into a four-tier model, for more granular visibility and security in the middle layers. The next tutorial concerns the importance of understanding the shared responsibility between your organization, your data center, your assets, your server farms, your development code, and your provider. Learners will then observe how to perform cost/benefit analysis for the cloud service provider (CSP). Also, you will explore common development lifecycles, and learn about the basics of risk management. Delve into common deployment and migration strategies, and the Cloud Security Alliance (CSA) cloud data lifecycle. In the final tutorial, learners will examine the basics of storage management lifecycles. The concluding exercise directs learners to describe cloud architecture concepts,

10 videos | 32m Assessment Badge

Cloud Security Fundamentals: Cloud Data Security

In this 10-video course, you will learn about securing cloud data-at-rest and data-in-transit by using various cryptographic mechanisms and security controls offered by the cloud service provider. To begin, you will take a look at cryptographic mechanisms, and then move on to common cryptography protocols. In the next tutorial, you will compare client-side encryption (CSE) and server-side encryption (SSE), and then examine file and database security. You will explore object storage security, examples of which would be Google Cloud Storage and Amazon's S3, before taking a look at using key management services from the cloud service provider. Observe how to define public key infrastructure (PKI), which is based on asymmetric key cryptosystems. In the final tutorial in this course, you will be examining hardware security modules, or HSM. A module is a device or a modular component or a piece of hardware that protects and manages digital keys, which can be session keys, private keys, part of a PKI. The concluding exercise entails describing cloud data security.

10 videos | 47m Assessment Badge

Cloud Security Administration: Hardened Cloud Security

An important concept in cloud security is system and OS hardening, which can aid in reducing software vulnerability and provide data confidentiality and privacy. Hardening protects against exploitation of weaknesses in software, which could be applications, operating systems, or firmware. Vulnerability assessments and using penetration testing to discover issues in code or software can be used to protect the software. In this course, you'll learn about hardening, why it's important to decrease or eliminate security vulnerabilities, and best practices for software and hardware protection.

10 videos | 45m Assessment Badge

Penetration Testing Fundamentals

This 14-video course explores penetration testing, and the role it plays in protecting a company's assets and networks from exploitation and attacks. In this course, users learn how penetration testing can expose security weaknesses. You will also learn about different types of penetration testing, and how to test for common penetration types, and you will examine the importance of penetration testing for an organization. This course demonstrates passive information gathering, or open- source gathering to search for available information about the organization. You will learn to use active information gathering to target the organization's systems, the employees, their networks to gain information. Next, explore several different types of exploits that can cause problems, including buffer overflow attacks, client side and website attacks, password attacks, and port forwarding exploits; and learn how to conduct a privilege escalation attack. Finally, you will examine how penetration testers and bad actors can gain access to a system by using network tunneling.

14 videos | 1h 18m Assessment Badge

FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE TRACKS

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

Journey 711 Cyber Instructional Curriculum Developer KSAT Beginner NCWF Journey

(1)

Journey 722 Information Systems Security Manager Basic KSAT Journey

(1)

Journey 712 Cyber Instructor KSAT Intermediate NCWF Journey

(1)

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills and Salary Report

ESG Impact Report

722 Information Systems Security Manager KSAT Beginner NCWF Journey

722 Information Systems Security Manager KSAT Beginner

COURSES INCLUDED

EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE TRACKS

YOU MIGHT ALSO LIKE