804 IT Investment Portfolio Manager Intermediate KSAT Journey

Cloud consumers look for cloud services that follow regulations and core principles for maintaining data security and confidentiality. In this course, you'll investigate the cloud computing policy, which protects sensitive personal and confidential business data. You'll examine standard operating features, resource management, and security implementation checklist items and best practices for cloud computing. You'll then practice implementing policy-based access control for cloud computing. Moving on, you'll outline how to implement data sovereignty. You'll explore the international cloud computing standards, integrated vulnerability assessment solutions, and data security and privacy implementation in cloud computing. Finally, you'll outline how to implement and secure data and ensure availability in the cloud. You'll study the layers of security that can be implemented in the cloud, the cloud identity logs that help track events impacting cloud environments, and the OWASP Top 10 data-level authorization methods used to secure resources.

The cloud has various deployment and service models that can help your organization design and create your very own cloud strategy based on needs. First, you'll learn about the available cloud deployment models such as public, private, hybrid, community, and virtual public clouds, as well as multi-cloud and multitenancy environments. Next, you'll examine cloud service models such as Infrastructure as a Service, Platform as a Service, and Software as a Service. Finally, you'll learn about advanced topics such as the Internet of Things, serverless computing, machine learning, artificial intelligence, and the shared responsibility model. This course is one of a collection of courses that prepares learners for the CompTIA Cloud+ (CV0-003) certification.

Confidentiality, integrity, and availability are core pillars of IT security governance. Cybersecurity analysts can harden IT environments using various encryption and hashing techniques. In this course, examine how the CIA triad relates to IT security and how cryptography protects sensitive data. Next, discover how to configure Encrypting File System (EFS) file encryption and Microsoft BitLocker encryption, and use a customer-managed key to enable encryption for an Azure storage account. Then learn how to hash files in Linux and Windows. Finally, find out about hardware security modules (HSMs) and the Trusted Platform Module (TPM), how Transport Layer Security (TLS) supersedes the Secure Sockets Layer (SSL), and how to enable HTTPS. This course can be used to prepare for the ISACA(r) Certified in Risk and Information Systems Control (CRISC(r)) certification.

Cybersecurity policies often require detailed network configuration changes and additions. Technicians must be proficient with the configuration and management of various TCP/IP protocols. In this course, I will start by discussing the Open Systems Interconnection (OSI) model, network switching, and network access control. Next, I'll discuss the TCP/IP protocol suite as well as IPv4 and IPv6 addressing. I will then discuss network routing, dynamic host configuration protocol (DHCP), domain name system (DNS) and Wi-Fi authentication methods. Lastly, I will cover virtual private networks (VPNs), IP Security (IPsec) and network time synchronization. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.

Cloud computing is an integral part of IT solutions for individuals and organizations. A knowledge of how cloud computing services are deployed and managed is a requirement for securing cloud-based resources. In this course, I will start by discussing cloud computing deployment models, such as public and private clouds, followed by discussing various cloud computing service models. Next, I will cover a variety of cloud computing security solutions, and I will deploy Linux and Windows cloud-based virtual machines. I will then deploy a web application in the cloud, cover the Cloud Controls Matrix (CCM) security controls, and work with Microsoft Azure managed identities. Lastly, I will discuss and configure a content delivery network (CDN). This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.

To remain compliant with relevant data privacy laws and regulations, organizations must have a way of identifying sensitive data and implementing security controls to protect that data. In this course, explore how physical security is related to digital data security, examples of personally identifiable information (PII), and how data loss prevention (DLP) solutions can prevent data exfiltration. Next, learn about common data privacy regulations and standards, including GDPR, HIPAA, and PCI DSS. Finally, discover how to use Amazon Macie and File Server Resource Manager to discover and classify sensitive information and learn about the importance of service level objectives (SLOs) and service level agreements (SLAs). This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ (CySA+) exam.

Security must be included in all phases of IT system and software development designs. Continuous integration and continuous delivery/deployment (CI/CD) integrates development and ongoing management of IT solutions. Cybersecurity analysts must understand IT governance and digital forensics concepts. Begin this course by examining the role of security in the software development life cycle (SDLC). Then you will explore CI/CD and learn how Git is used for file version control. Next, you will discover how the Control Objectives for Information and Related Technologies (COBIT) framework applies to IT governance and you will investigate digital forensics. Finally, you will configure legal hold settings for a cloud storage account and list common digital forensics hardware and software solutions. This course can be used to prepare for the CS0-003: CompTIA Cybersecurity Analyst+ exam.

Platform as a Service (PaaS) and Software as a Service (SaaS) are two popular and valuable cloud service models. Both play a unique role in managing certain aspects of cloud computing. If you're an IT professional working in server environments, you need to know what these two cloud service models entail. Take this course to learn all about PaaS and SaaS solutions. Furthermore, practice deploying databases in the AWS and Microsoft Azure clouds. Configure a SaaS cloud solution. Use an automation template to deploy a PaaS solution. And use several strategies and tools to keep cloud computing costs to a minimum. Upon course completion, you'll be able to deploy PaaS and SaaS solutions and control cloud computing costs. This course also helps prepare you for the CompTIA Server+ SK0-005 certification exam.

Effective cybersecurity risk management requires intricate knowledge of day-to-day IT security risks, network vulnerabilities, and cyber attacks. In this course, you'll detail several cybersecurity breaches and how best to prevent each one. You'll start with a general overview of what comprises security risks before categorizing different types into information, cloud, and data-related risks. Next, you'll explore cybercrime methods, the motivations behind them, and the security gaps that invite them in. You'll then use real-life examples to detail some commonplace cyberattacks and crimes. Moving on, you'll investigate what's meant by malware and outline best practices to manage worms, viruses, logic bombs, trojans, and rootkits. You'll also learn how to safeguard against malware, spyware, ransomware, adware, phishing, zero-day vulnerabilities, DoS, and backdoor attacks. By the end of the course, you'll be able to outline guidelines and best practices for securing against the most prevalent types of cybercrimes.

Cloud infrastructure consists of the physical location of the cloud data center. Depending on the data center location, there are different risks that are taken by the service provider and different methods used to tackle security issues. A secure cloud is created by using open source software and creating a technical support pool. Additionally, basic security concepts like protecting data in motion and in rest using encryption can be employed so that clients can only see their data. In this course, you'll learn about baselining cloud infrastructure, different components like hardware and software, and challenges faced in cloud environments.

"To manage, operate, and maintain the cloud environment, proper procedures have to be in place. In this course, you'll learn about design concepts and the various models that can be used for operational improvements. You'll then move to on learn about how to create a management plan, ITSM operation management, risk management, and stakeholder communication. "

The best way to improve the enterprise security stance is to align IT security solutions with business objectives. In this course, you will consider how information security must align with business strategies. You will explore the business model for information security and review the importance of identifying and classifying assets critical to a business. Next, you will learn about supply chain security, personnel management, and the components of an information security program. You will discover the relationship between service-level agreements (SLAs) and organizational objectives and discuss the relevance of change and configuration management. Then, consider how to develop organizational security policies. Lastly, explore expense types, chain of custody, organizational culture, and how the Control Objectives for Information Technologies (COBIT) framework applies to IT governance. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.

Global and local security standards, including laws and regulations, are an important input to determine how enterprises deploy and manage security controls. In this course, you will learn how the European Union's General Data Protection Regulation (GDPR) data privacy legislation applies to any organization world-wide handling private EU citizen data. Next, you will explore various International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) standards for proper data governance, followed by American data privacy and cloud security standards such as Health Insurance Portability and Accountability Act (HIPAA) and Federal Risk and Authorization Management Program (FedRamp). Discover how to secure cardholder data as related to Payment Card Industry Data Security Standard (PCI DSS) international security standards and review other data privacy legislation including Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and China's Personal Information Protection Law (PIPL). Lastly, explore the importance of securing cloud service usage in alignment with the Cloud Controls Matrix (CCM). This course can be used to prepare for the Certified Information Security Manager (CISM) exam.

Residual risk remains after security controls are put in place to mitigate the impact of threats. The organizational appetite for risk determines what level of residual risk is acceptable. In this course, you will explore how risk management improves business operations by minimizing the impact of realized threats. You will learn how to calculate the cost of mitigating risk compared to the value of the protected asset and determine the cost-benefit analysis and return on investment when implementing security controls. Next, discover the importance of risk assessments, especially where there are changes to some aspect of the business or a specific business process. You will then explore how various risk approaches, such as risk acceptance, avoidance, transfer, and reduction, apply to an organization's tolerance of residual risk. Lastly, discover how risk heat maps are an effective method for communicating various degrees of risk. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.

Assessing risk is a crucial activity that enables organizations to evaluate risk exposure for business processes and assets. In this course, you will begin by exploring how to conduct vulnerability assessments and how the results can shed light on security control deficiencies. Next, you will learn how to perform a network vulnerability assessment and review the results, followed by scanning a web application for web app-specific vulnerabilities. You will discover how to conduct a gap analysis to determine the current security posture compared to a desired security posture. Then, you will explore the important aspects of when and how to run penetration tests. Lastly, you will see how to configure Microsoft Azure Policy assignments to determine cloud resource configuration compliance. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.

The use of cloud services is a form of outsourcing of IT service which also introduces an element of risk. Software developers can use on-premises as well as cloud-based services to create, test, and deploy software solutions. In this course, you will explore cloud deployment models including public, private, hybrid, and community clouds. You will then cover cloud computing service models, such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS), including where the security responsibility lies in each model. Next, you will explore various cloud-based security controls addressing a wide variety of cloud computing security needs. You will discover how to deploy a repeatable compliant cloud-based sandbox environment using Microsoft Azure Blueprints. Next, explore how security must be included in each software development life cycle (SDLC) phase as opposed to post-implementation. Finally, discover the importance of secure coding practices and how security must integrate with software development, testing, deployment, and patching. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.

This 20-video course examines a variety of best practices for supply chain and software acquisitions. Begin by watching demonstrations of how to analyze security for a third-party software and how to verify secure transfers. Then learn the steps involved in securely interconnecting and sharing systems; how to implement code repository security; how to build environment security; and how to work with digitally-signed components. Next, explore such important topics as compliance auditing, vulnerability response and reporting, supplier sourcing challenges, contractual integrity controls, and vendor technical integrity controls. Learn the basics of how to verify pedigree and provenance. The course also covers topics such as managed services controls, service level agreements (SLAs), support structure, and software development lifecycle approaches, as well as how to secure information systems, security track records, and product deployment. Finally, you will review the configuration identification scheme, a crucial tool in configuration management. The course prepares learners for the (ISC)2 CSSLP: Certified Secure Software Lifecycle Professional certification exam.

Cloud services are rapidly changing the nature of how technology services are implemented, and migrating toward a cloud-based model can provide many benefits to an organization. In this course, you'll explore the various cloud computing deployment models to understand the flexibility, speed, and infrastructure benefits of moving to a cloud solution. You'll also discover the benefits of cloud services models such as Infrastructure as a Service, Platform as a Service, Software as a Service, as well as Identity as a Service and Network as a Service.