901 Executive Cyber Leadership Basic KSAT Journey

The cloud has various deployment and service models that can be combined with Agile software development methodologies to help your organization design and create your very own cloud strategy based on your organization's needs. In this course, you'll learn about Agile software development, cloud management, cloud identity and access management, the cloud physical infrastructure, the cloud logical infrastructure, and cloud privacy. Next, you'll examine the available cloud deployment models such as public, private, hybrid, community, and virtual public clouds, as well as multi-cloud and multitenancy environments. You'll then move on to explore cloud service models such as Infrastructure as a Service, Platform as a Service, and Software as a Service. Finally, you'll learn about advanced topics such the Internet of Things.

Computer data is created at a rate that we can barely comprehend. Much of that information is immensely useful and readily available to anyone, but there is a large contingent of information that is and should remain confidential. In this course, you will explore the CIA triad, beginning with the principle of least privilege and concerns surrounding confidentiality, integrity, and availability. Then you will learn about methods for protecting information, including antivirus and antimalware software, firewalls, password security, and safe browsing. Finally, you will discover the importance of patching and updates, best practices for device security, and removing unwanted software. This course helps prepare learners for the CompTIA IT Fundamentals (ITF+) certification exam, FC0-U61.

Cloud computing allows users to store and access data and programs over the internet instead of a local hard drive. In this course, explore cloud computing concepts such as cloud model types, resource sharing, measure service, and virtual desktops. Discover the features of Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (PaaS); and learn how to differentiate between public, private, hybrid, and community cloud infrastructures. Discover key differences between internal and external shared resources and explore rapid elasticity, a feature that allows for scalable provisioning. Finally, examine the considerations and benefits of using a measured service or a metered service and investigate the types of virtual desktops and their purposes. This course will prepare learners for the CompTIA A+ Core 1 (220-1101) certification.

Ticketing systems are a great way to collect user and device information, descriptions of problems, and problem resolutions. This course will explore ticketing and asset management systems and how these systems capture information about events and resources. Explore document types such as acceptable use policies, compliance, and network topology diagrams. Discover components of a typical standard operating procedure, including procedures for custom installation of software packages. Next, consider the importance of knowledge base articles and explore best practices for documenting business processes, including rollback plans, sandbox testing, and responsible staff members. Lastly, explore considerations when explaining basic change management best practices. This course is part of a series that will help you prepare for the CompTIA A+ Core 2 (220-1102) certification exam.

It is of high importance that organizations operate upon a solid foundation of security principles, concepts, and risk management. It is impossible to reduce security risk until core security and risk management principles are defined. In this course, explore the elements of the confidentiality, integrity, and availability (CIA) triad, along with the essentials of authentication and using non-repudiation services. Next, examine what risk is and the terminology surrounding risk management, threats, and vulnerability. Finally, learn about risk assessment, identification, and treatment and compare qualitative and quantitative risk analysis. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

Security governance is a huge part of overall corporate or organizational governance. The security practitioner must be aware of various governance elements, regulations, laws, standards, policies, and procedures. Begin this course by exploring the elements of governance, including mission charter, leadership, and corporate guidance. Then investigate various laws and regulations like General Data Protection Regulation (GDPR) and HIPAA, standards issued by the International Organization for Standardization and International Electrotechnical Commission (ISO/IEC), and the National Institute of Standards and Technology (NIST), and common policies and standard operating procedures. Next, examine the International Information System Security Certification Consortium (ISC2) code of ethics. Finally, discover security control categories and types. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

Many organizations nowadays have become aware of the need for business continuity planning, also known as continuity of operations. The main objective of a business continuity plan (BCP) is for an organization to maintain organizational operations while recovering from a major interruption. In this course, explore the importance and goals of business continuity and continuity of operations, as well as the components of a business continuity plan. Next, learn about business impact analysis (BIA), backup and restore policies, and disaster recovery plans. Finally, investigate the various tests and drills that incident response and business continuity plans should be subjected to. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

Although new security practitioners can come from development, database, or other backgrounds, the majority of security professionals come from a networking background. It is virtually impossible to separate networking knowledge from security expertise. Begin this course by exploring network types, network devices, and device addressing mechanisms. Then you will discover the Open Systems Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) reference models, logical ports, and the TCP handshake. Next, you will focus on transport layer security (TLS) and IP security (IPsec). Finally, you will examine virtual LANs (VLANs) and Wi-Fi fundamentals. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

The constant emergence of new security threats, variants, vectors, and technologies is an ongoing challenge to keep up with. In this course, learn about threats, attacks, and threat prevention tools and methods, such as advanced persistent threats (APT) and intrusion detection and intrusion prevention systems. Next, investigate data center security, secure cloud computing, and elements of secure network design, including HVAC and environmental controls, zoning, and VLANs. Finally, explore Zero Trust security initiatives and micro-segmentation, such as network access control (NAC), software-defined networks, and IoT. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

Cloud computing has revolutionized the way we build, deploy, and maintain applications. Due to this paradigm shift, many businesses now rent rather than own IT infrastructure. This new way of approaching infrastructure requirements has given way to multiple cloud computing models, such as Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS), and Function as a Service (FaaS). Knowing what your options are for cloud computing can help you choose the best models for your needs. Use this course to gain a solid foundational understanding of cloud computing. Compare various cloud service providers based on services, available tools, and pricing. Learn about real-life use cases for cloud computing and how businesses can benefit from this ever-evolving technological feat. When you've completed this course, your newfound knowledge of cloud computing will help you decide how it can help your business.

Information security, often called InfoSec, consists of tools and processes used to protect data and sensitive information from threats and attacks. In this course, explore the history of information security and discover how to differentiate between cybersecurity and information security. Discover common myths and misconceptions about information security and learn about types of information security, such as infrastructure, cloud, application, and incident response. Next, you will explore security threats, including social media attacks, social engineering, malware, and misconfigurations, and common information security and data protection laws. Finally, you will investigate the responsibilities of a Chief Information Security Officer (CISO), including developing sound security practices, identifying security objectives, conducting awareness and training programs, and ensuring regulatory compliance. Upon completion, you'll be able to recognize the importance of information security and the key roles and responsibilities required to protect an organization

Confidentiality, integrity, and availability, otherwise known as the CIA triad, is a common information security model used by organizations to design and implement their overall security policies and frameworks. In this course, you will learn the basics of confidentiality, integrity, and availability, and discover emerging challenges brought on by big data and the Internet of Things (IoT). Explore the stages of information security risk management (ISRM) and learn how to differentiate between various types of security controls. Discover techniques such as defense in depth, data classification, cryptography, access control, and governance, and the importance of having a sound incident response and management strategy in place. Lastly, learn about the role of investigations and forensics as well as the steps in a forensic investigation such as searching and seizing, acquisition, analysis, and reporting. After course completion, you'll be able to recognize common elements of information security.

IT security risks can be defined as a combination of the consequences of an event and the associated likelihood of occurrence. They can be managed by an organization through asset-safeguarding strategies. Through this course, learn about managing enterprise information security (InfoSec) risk and risk tolerance. Explore the definition of risk, how it differs from threats and vulnerabilities, and the history of information security. Next, discover common threats to IT systems and data, how to identify and manage security risks, and the key differences between quantitative and qualitative risk analysis. Finally, learn about common risk assessment tools and the differences between penetration testing and vulnerability assessments. Upon completion, you'll be able to outline and manage IT security risks.

Everything comes with pros and cons, and outsourced information security is no exception. Leaders contemplating outsourcing information security products and services will need to trade potential time and money savings for other potential gaps. In this course, explore information security outsourcing, security vendor relationships, and major considerations and challenges associated with outsourcing information security. Next, discover common downsides to outsourcing security services, key steps to consider when choosing a security vendor, and explore vendor risk management. Finally, learn about vendor contracts and the importance of having sound contract language when dealing with security vendors. Upon completion, you'll be able to identify common InfoSec vendors and providers and best practices for outsourcing InfoSec products or services.

There is no easy way to predict the future of information security. There are however strategies leaders can implement to better plan and prepare for future growth, security, and threats. In this course, examine potential information security threats, how complexity makes them challenging to predict and plan for, and the threats that ransomware, cybercrime, and the growing crime-as-a-service (CaaS) community pose. Next, discover how work shortages and voids created by skills gaps can cause major issues and the impact of recent global pandemics. Finally, explore operational technology, application container risks, and the evolving risks posed by artificial intelligence and machine learning. Upon completion, you'll be able to plan for the future as an InfoSec leader.