Cybersecurity: Expert

https://www.skillsoft.com/channel/cybersecurity-234e0060-e259-11e6-93f3-0242c0a80605?expertiselevel=3335906 https://www.skillsoft.com/channel/cybersecurity-234e0060-e259-11e6-93f3-0242c0a80605?expertiselevel=3335907 https://www.skillsoft.com/channel/cybersecurity-234e0060-e259-11e6-93f3-0242c0a80605?expertiselevel=69351940
  • 43 Courses | 43h 58m 55s
  • 7 Books | 59h 11m
  • Includes Lab
  • 1 Audiobook | 7h 59m 59s
  • 42 Courses | 42h 17m 40s
  • 8 Books | 54h 8m
  • Includes Lab
  • 1 Audiobook | 7h 59m 59s
  • 14 Courses | 16h 27m 29s
  • 3 Books | 37h 5m
Likes 633 Likes 633
 
Security is of paramount importance to network and system administrators. Explore, in-depth, aspects of cyber security

GETTING STARTED

CompTIA Cybersecurity Analyst+: Network Concepts

  • Playable
    1. 
    The OSI Model
    5m 19s
    NOW PLAYING
  • Playable
    2. 
    Network Hardware
    8m 45s
    UP NEXT

GETTING STARTED

Cybersecurity and Networking Fundamentals

  • Playable
    1. 
    Course Overview
    2m 33s
    NOW PLAYING
  • Playable
    2. 
    Security Essentials
    32s
    UP NEXT

GETTING STARTED

CompTIA CASP+: Assessing & Managing Risk

  • Playable
    1. 
    Course Overview
    1m 34s
    NOW PLAYING
  • Playable
    2. 
    Risk Management
    6m 41s
    UP NEXT

COURSES INCLUDED

CompTIA Cybersecurity Analyst+: Network Concepts
Existing IT system implementations must be understood before security controls can be recommended. Explore network concepts, including the OSI model, IPv4/IPv6, network ports, wired and wireless, and common tools.
12 videos | 1h 22m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Cloud & Virtualization
Cloud computing provides on-demand ubiquitous access to computing resources, such as storage, software, networks, and databases. Explore cloud computing concepts, cloud services, virtualization, and cloud security.
4 videos | 23m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Network Reconnaissance & Security Policies
Gathering information regarding network vulnerabilities is a critical step in thwarting potential exploits. Explore network reconnaissance and security policies, including logging, traffic intercepts, and hacking techniques.
12 videos | 1h 8m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Threat Management Incident Planning & Response
Assets must be identified before they can be protected and proactive planning ensures better incident response. Explore threat management incident planning and response concepts, from threat classification to lessons learned.
18 videos | 1h 28m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Threat Management Documentation
Well documented plans and procedures are vital to business continuity if a risk threatens operation or possible litigation. Explore threat management documentation procedures, such as incident response plans, chain of custody, and SLAs.
10 videos | 42m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Threat Mitigation
Threat mitigation aims to eliminate or reduce risk of potential negative impact on IT systems. Explore the SDLC, penetration testing, and how to mitigate threats.
12 videos | 1h 3m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Security Frameworks & Security Controls
Applying security best practices to IT system creation and deployment can go a long way in reducing the attack surface. Explore the security frameworks on which security control countermeasure are based.
16 videos | 57m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Protecting Network Resources
Authentication controls who gets access to resources. Stronger authentication means greater control over resource access. Discover network protection techniques, including cryptography, biometrics, hashing, and authentication.
15 videos | 1h 3m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Identifying & Reducing Vulnerabilities
To reduce or eliminate attacks, you need to be able to identify potential weaknesses in your system. Discover how to conduct vulnerability scans and mitigate risks in order to protect IT assets.
13 videos | 1h 9m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Firewalls, IDS, & IPS
Intrusion detection and prevention can be used to increase security at both the host and network levels. Discover security mitigation techniques, including firewalls, and intrusion detection and prevention.
12 videos | 53m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Malware & Digital Forensics
Malware, short for malicious software, is software intended to gain access to, damage, or disable computer systems. Explore various types of malware, mitigation techniques, and how to use digital forensic tools to combat threats.
15 videos | 1h 9m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Exploits & Security Practices
Exploits take form not only as technical entities, but also as employee workplace violations. Explore common exploits, including spoofing, packet forgery, and rootkits, and discover best practices for prevention.
14 videos | 1h 1m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Monitoring Tools & Analytics
IT systems can be exploited from both external and internal sources. Discover how to monitor and analyze various types of systems for auditing and security purposes.
12 videos | 1h 7m has Assessment available Badge
Session & Risk Management
A structured approach to security allows for the efficient management of security controls. In this 13-video course, you will explore assets, threats, vulnerabilities, risk management, user security and session management, data confidentiality, and encryption. Key concepts covered in this course include how to identify, assess, and prioritize risks; how to implement security controls to mitigate risk; and learning about account management actions that secure the environment. Next, learn how to use Group Policy to implement user account hardening and configure the appropriate password security settings for those accounts in accordance with organizational security policies; learn how HTTP session management can affect security; and observe how to harden web browsers and servers to use TLS (transport layer security). Then learn how centralized mobile device control can secure the environment; learn encryption techniques used to protect data; and observe how to configure a virtual private network (VPN) to protect data in motion. Finally, learn how to configure and implement file encryption to protect data at rest; and how to configure encryption and session management settings.
13 videos | 1h 8m has Assessment available Badge
Auditing & Incident Response
This 12-video course explores selective auditing, which provides valuable insights to activity on a network, and incident response plans, which are proactive measures used to deal with negative events. Key concepts covered here include best practices related to IT security auditing and their benefits, including assurance that IT systems, business processes, and data are protected properly and that privileges are not being abused; and how to use Group Policy to enable file system auditing. Continue by observing how to scan hosts for security weaknesses from Windows and how to scan hosts for security weaknesses from Linux; and learning the importance of securing mobile devices. Next, you will learn how to centrally apply security settings to mobile devices; how to configure Amazon Web Services to use multifactor authentication; and examine how security is applied to applications from design to use. Learn how to use file hashing to detect modifications; how to specify actions used when dealing with security incidents; and learn to view a packet capture to identify suspicious activity centrally apply security settings.
13 videos | 1h 8m has Assessment available Badge
Cyber Security Audits
In this 14-video course, learners will explore cybersecurity auditing concepts and the NIST Cybersecurity Framework, how they can improve infrastructure security, and how to perform cybersecurity assessments. Examine web application auditing and approaches for securing web applications. Key concepts covered here include cybersecurity auditing concepts and how they are used to improve infrastructure security; steps used in performing cybersecurity assessments; and how to examine audit review, analysis, and reporting. Next, learn how to use the Wireshark network security auditing tool; how to use the Nmap perimeter security tool; how to perform web application auditing and secure web application and websites; and how to monitor and audit Windows by using audit policies and Event Viewer. Then learn how to monitor the Linux system by reviewing system logs; learn how to use Tiger security audit and intrusion detection tool; and examine guidelines and standards for defining cybersecurity audit strategies. Finally, learn about available security audit tools and their features and benefits; and learn to use Nessus audit tool to run Nessus security system scans.
14 videos | 1h 39m has Assessment available Badge
Ethics & Privacy: Digital Forensics
This 12-video course examines the concept of ethics as it relates to digital forensics, including reasonable expectation of privacy, legal authorization, and the primary function of attorney-client privilege and confidentiality. The legalities surrounding digital forensics investigative techniques and standards for analyzing digital evidence are also covered. Begin with a look at the definition of what is considered a reasonable expectation of privacy. You will then learn to differentiate between legal authorization forms such as consent forms and warrants. Next, explore the primary function of attorney-client privilege and confidentiality, and recognize the legalities surrounding digital forensics investigative techniques. Delve into the need for ethics in digital forensics, and the best practices for ethics and forensics. Discover steps for regulating ethical behavior; recognize possible conflicts of interest and how to avoid them; and examine the importance of ongoing training for both investigators and management on the importance of ethics. The final tutorial in this course looks at different standards for analyzing digital evidence.
12 videos | 34m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Threat Intelligence
Your organization's security posture is critical to its success-and security technicians must be aware of known and emerging security threats from a variety of sources. Learners begin this 14-video course by exploring various ways for security technicians to keep up-to-date and ahead of the curve. Examine various security intelligence sources and how to use the MITRE corporation's invaluable, trademarked ATT&CK knowledge base. Learners next discuss threat intelligence collection, threat classification for prioritization, and different sources and motivations of IT threats. Not sure what the bug bounty program is? Confused by false positives-mislabeled security alerts-and how to handle them? This course gives you the information you need. Become familiar with the Common Vulnerability Scoring System (CVSS), which provides a way to allocate or assign a score to a vulnerability: the higher the score, the bigger the threat. Then go on to examine the National Vulnerability Database (NVD). The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.
14 videos | 48m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Business Continuity
In today's complex, stressful world, there is no substitute for risk management. By identifying and prioritizing risks, organizations focus resources where they are most needed with up-front planning. In this 15-video course, learners examine structured risk management frameworks, the importance of a risk register, and various risk treatments. Explore disaster recovery strategies, solutions that provide high availability, and cybersecurity insurance as a form of risk transference, before learning characteristics of a business continuity plan and business impact analysis (BIA). Proactively design an incident response plan and post-incident activities. Watch demonstrations of enabling Microsoft Azure storage account replication, how to register a Windows Server with Azure for backup, and how backups provide availability through recovery. Then learn to create a MySQL database read replica in a secondary geographical region. See why reviewing incident responses is the critical step in avoiding future incidents, or handling them better the next time. Post-incident activities include cloud storage replication, backing up to the cloud, system and data recovery, and database replicas. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.
15 videos | 1h has Assessment available Badge
CompTIA Cybersecurity Analyst+: Attack Types
Helping protect your company's valuable assets against malicious attacks by outsiders requires a seasoned understanding of modern-day cyber threats. This 21-video course prepares learners to thwart reconnaissance and surveillance attacks by hackers and ward off Wi-Fi vulnerabilities, by using the proper tools. First, examine the wide variety of possible modes of attack-from injection, overflow, and cross-site scripting to XML (extensible markup language), DoS, address resolution protocol (ARP) poisoning, and password compromises. Then develop valuable skills in counteracting web browser compromises and agility in the use of Kali Linux Wi-Fi tools. Learn OWASP's (Open Web Application Security Project) Top 10 vulnerabilities and ESAPI (Enterprise Security application programming interface) tools for each one, such as ZAP (Zed Attack Proxy), to test web application security. While you're learning, pause to meet the aptly-named John the Ripper, a free tool for cracking passwords on 15 platforms! The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.
21 videos | 1h 51m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Malware Threats
Perhaps nothing is more frustrating for the average computer user-or his IT security staffer-than being tricked into divulging sensitive information by a social engineering practitioner. Hackers are malicious and ingenious-using malware, bots, ransomware, viruses, and plain garden-variety scams-but there are sensible ways to reduce the risk. This 13-video course offers you invaluable information on hackers' methods and ways to mitigate their devious schemes-whether by e-mail phishing messages, malware, or bots, a favorite tool of black-market operators. Next, learners explore the danger of ransomware and how to mitigate this threat; how malware and botnets have become black-market commodities; and why botnets are proliferating under cybercriminals' user control. Then watch a demonstration of how to configure a reverse shell and use the Malzilla tool to explore malicious web pages. The course concludes by exploring a GUI (graphical user interface) malware dashboard and showing how to configure malware settings on an endpoint device. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.
13 videos | 52m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Encryption & Hashing
Cryptographers far from enemy lines have long helped win shooting wars by cracking enemy codes-and in the new world of cyber warfare, cryptography has become the first line of defense for hundreds of millions of civilians worldwide. In this 21-video course, you will learn just how cryptography and encryption protect sensitive data, both in transit and at rest. Learners are given important information about public key infrastructure (PKI) hierarchy and lifecycles; protection in UFS (Ultra Flash Storage) and Bitlocker; and on Linux and cloud storage. Learn about the hashing process, including how to generate file hashes for Linux and Windows. Then learn about using SSL (secure sockets layer) and TLS (Transport Layer Security) to secure network traffic, cloud certificate authority (CA) deployment, and certificate issuance. Next, learn how to configure custom encryption keys for cloud storage and how to configure a Microsoft IIS web site with a PKI certificate. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.
21 videos | 1h 17m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Hardware & Security
Securing hardware includes applying firmware updates and configuring devices on isolated networks. In this course, you'll learn about mobile device security, IoT security, and vulnerable device lists. You'll explore physical security and the security risks presented by drones and vehicles. You'll move on to examine how SCADA is used for industrial device networks, how to recognize BIOS and UEFI security settings, how self encrypting drives can protect data at rest, and how hardware security modules are used for encryption offloading and cryptographic secret storage. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
11 videos | 39m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Cloud Computing
These days, it's almost all about the cloud-public, private, hybrid, and community varieties-but how much do you really know about these mysterious unseen dimensions? As more and more organizations use or migrate on-premises IT systems and data into cloud environments, understanding the trendy concept has become both necessary and increasingly complex. In this 12-video course, learners are exposed to the basics of this new cloud world, including the four most popular cloud service models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), and Infrastructure as Code. First, you will learn the five primary characteristics of every cloud-resource pooling, self-provisioning, rapid elasticity, metered usage, and broad access. Then examine each characteristic in more detail: learn how to determine when to use a public, private, community, or hybrid cloud; how cloud service models delivered over a network are categorized. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.
12 videos | 36m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Threat Monitoring
In this course, you'll learn about centralized monitoring for on-premises and cloud solutions and how this results in the timely response to business disruptions and highlights indicators of compromise. You'll examine continuous monitoring, log types, cloud logging and auditing, centralized Linux logging, Windows event log filtering, and cloud alarms. You'll also learn about the OSI model, network traffic analysis, filtering captured network traffic, e-mail monitoring, honeypots, and SIEM. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
15 videos | 1h 9m has Assessment available Badge
CompTIA Cybersecurity Analyst+: User Account Security
Identity and access management encompasses the management of on-premises and cloud-based users, groups, and roles. In this course, you'll learn how to assign only the required permissions to IAM security principles. You'll explore topics such as role creation, deploying Simple Active Directory in AWS, joining a cloud VM to a cloud-based directory service, and multifactor authentication. You'll also learn about identity federation and Windows and Linux file system permissions. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
13 videos | 53m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Network Infrastructure Security
Managing network security involves planning the use of network devices, including cloud-based virtual network configurations. In this course, you'll learn about asset discovery and management, cloud resource tagging, network segmentation, and VPNs. You'll also examine cloud site-to-site VPN deployment, cloud networking, and cloud VPC deployment. Next, you'll learn about change management procedures, virtual desktop infrastructure, cloud VDI configuration and client connections, and firewalls. Lastly, explore network access control, RADIUS, and TACACS+. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
18 videos | 1h has Assessment available Badge
CompTIA Cybersecurity Analyst+: Software Development Security
Software developers must consider security at all phases of software development. In this course, you'll learn about software vulnerability testing and secure coding practices. You'll explore the software development life cycle, microservices and decoupling, application containerization, and common cloud developer services. In addition, you'll examine software and unit testing and reverse engineering for Android apps. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
11 videos | 46m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Data Privacy
Data privacy regulations are at the forefront of protecting PII and PHI on-premises and in the cloud. In this course, you'll examine the meaning of common data privacy standards, including PII, PHI, HIPAA, GDPR, and PCI DSS. Then you'll move on to learn about server and cloud-based data classification and data loss prevention. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
12 videos | 45m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Digital Forensics
Digital forensics focuses on the proper gathering and handling of digital evidence. In this course, you'll learn about forensic hardware, software, and the chain of custody. In addition, you explore how to enable legal hold for an AWS S3 bucket, restore deleted files in Linux and Windows, and mount a Linux file system for examination. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
11 videos | 35m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Network Scanning & Traffic Analysis
Discover how vulnerability scanning can detect weaknesses while pen testing exploits weaknesses. Explore these activities along with how intrusion detection and prevention help secure networks, hosts, apps and data for organizations. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) Certification Exam CS0-002.
13 videos | 1h has Assessment available Badge
CompTIA Cybersecurity Analyst+: IT Security Risk Mitigation
Discover how organizational security policies specify details for hardening organizational assets including patching, data masking and digital rights management. This course also covers baselines, secure disposal and IPsec. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) Certification Exam CS0-002.
16 videos | 1h 7m has Assessment available Badge
CompTIA Cybersecurity Analyst+: Intrusion Detection & Traffic Analysis
Discover how IT security analysts must recognized how malicious attacks take place. Explore how to analyze log results allows for the detection of security incidents. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) Certification Exam CS0-002.
20 videos | 1h has Assessment available Badge
Forensic Analysis: Cybercrime Investigations
Cybercrime investigators are typically responsible for collecting, processing, analyzing, and interpreting digital evidence related to network vulnerabilities, criminal activity, and counterintelligence initiatives. In this course, you'll explore the basics of network packet capturing, a process used to intercept and log traffic occurring over a network. You'll also examine the purpose and features of some standard tools and techniques to preserve and analyze a computer system's most volatile data. You'll then learn to use some of these tools and techniques to achieve various digital forensic analysis goals. Next, you'll recognize computer forensic best practices, including locating evidence in the Windows Registry. Finally, you'll learn how to differentiate between the purpose and features of the various tools available for conducting hard disk forensic analysis.
17 videos | 1h 37m has Assessment available Badge
Security Programming: Command Line Essentials
This 14-video course explores how to navigate a Linux command-line environment by showing learners how to use its most common tools, including text editing and processing, file monitoring and comparison, and package management. You will examine the common properties of the command line environment, including the bash shell, its properties, and the features of the PowerShell environment. This course next demonstrates how to perform text editing using commands such as nano; how to use the Linux EI library, Linux ED text editor; and text processing using commands such as sed awk, and cut. You will learn how to perform repeat actions, and the bash shell history, and perform process control tasks such as PS and kill. Then learn how to use the command line to schedule jobs, perform file and command monitoring, and perform file comparison using the diff command. Finally, this course demonstrates how to redirect the inputs and outputs of commands and files, and perform package management tasks by using the apt command.
14 videos | 56m has Assessment available Badge
Security Programming: Code Identification
Learners can explore code recognition of various programming languages used in security applications, and security exploits, including Python, C, C++, and SQL, in this 14-video course. You will examine common programming paradigms, and learn how to classify them based on their features. Then you will learn how to identify Bash and Python scripts. Next, learners will examine the similarities and differences of C# compared to the C and C++ languages, and regular expressions in typical regex engines. You will learn how to identify PowerShell scripts based on their features, and how to identify the elements of a SQL statement, and how to use SQLite, a tool to manage local databases in file form without servers. This course continues by examining common security vulnerabilities in code that can lead to exploits. You will learn how to identify the structure of common executable formats based on their binary signatures. Finally, this course demonstrates how to verify the integrity of a downloaded file based on its hash value.
14 videos | 1h 8m has Assessment available Badge
Security Programming: Scripting Essentials
This 14-video course explores the basic elements of Bash and Python scripting by examining differences between the elements of a scripting language and a full-fledged computer program. In this course, learners examine how to use and set variables, to use conditional statements in both Bash scripts and a Bash shell, and to use important built-in variables in Bash. You will learn how to use the for, while, and until loops in a bash script, and create custom functions in Bash scripts. Next, learners will examine Python scripting language. This course then demonstrates how to work with variables, and conditional statements in Python scripts. You will watch demonstrations of how to use the for and while loops statements in a Python script, and how to create custom functions in a Python script. You will learn how to import external modules, and how to read and write in a Python script. Finally, you will learn how to perform file operations and make URL requests in Python scripts.
14 videos | 1h has Assessment available Badge
Security Programming: System Essentials
In this 14-video course, learners will explore how Linux-based systems operate, communicate, and manage the underlying information they contain. Begin by examining management and monitoring tools available in Unix and Linux environments. Then learn to work with user accounts and domain names, and learn how to monitor user and system activity. You will learn how to securely connect to remote servers by using secure shell (SSH), and how to work with user accounts. This course examines elements of both an Internet Protocol routing table and a network interface, and demonstrates how to perform Domain Name System lookups. Learners will examine log files for monitoring critical events on a Linux system and use the PS command to retrieve process information. You will learn how to retrieve disk usage, partition information, and directory contents of a Linux system, and how to monitor both user and system activity on a Linux system. Finally, this course demonstrates how to configure time and date services and explore system configurations in the /etc folder of a Unix system.
14 videos | 56m has Assessment available Badge
Security Programming: Bash Scripting Essentials
Bash is the default shell language in most server computing environments in Linux. The ability to leverage Bash scripting abilities for system administration and automation of tasks, including security, makes it an essential tool to understand and use. In this course, you'll navigate the vital elements of the Bash scripting language and analyze the output of common commands and scripts. You'll learn how to use Bash variables, conditionals, and loops and apply timing to a Bash script. You'll also learn how to change and list directories using Bash scripts, as well as how to change the ownership and permissions on files and folders. Next, you'll create files and custom functions, use piped commands to chain Bash scripts together, and redirect outputs using a Bash script.
14 videos | 58m has Assessment available Badge
Security Programming: PowerShell Scripting Essentials
PowerShell is the command shell and scripting language in the Microsoft Windows operating system. The ability to leverage PowerShell scripting abilities for system administration and automation of tasks, including security, makes it an essential tool to understand and use. In this course, you'll navigate basic elements of the PowerShell scripting language and analyze the output of common commands. You'll learn how to use PowerShell cmdlets, get object properties, and filter inputs. You'll then learn how to use variables, conditionals, and loops in a PowerShell script. You'll also learn how to get interactive help, create custom functions, use piped commands to chain PowerShell scripts together, and set the execution policy using a PowerShell script.
11 videos | 46m has Assessment available Badge
Security Programming: Python Scripting Essentials
Python is ubiquitous in modern desktop, server, and cloud computing environments. The ability to identify when to use Python, along with a working knowledge of how to write and run a Python script, are beneficial skills in secure coding. In this course, you'll explore the essential elements of Python scripting and the standard scenarios in which this language is preferable. First, you'll identify different Python scripts based on their features. Next, you'll learn how to work with variables, containers including lists, dictionaries, and tuples, conditionals, loops, and functions in a Python script. You'll learn how to carry out module imports and file reading and writing using a PowerShell script. Finally, you'll learn how to use a Python script to make a web request.
11 videos | 44m has Assessment available Badge
Security Programming: C & C++ Programs
"C and C++ are two of the most widely-used compiled languages for infrastructure and performance-critical applications. Mistakes and careless use of these tools can often lead to system and application crashes and security breaches through remote code execution. In this course, you'll learn and construct the essential elements of C and C++ code and generate binary files suitable for Linux and Windows operating systems. You'll work with variables and arrays in C/C++, and learn how to use vectors and standard containers in C++. Next, you'll learn how to use C/C++ conditional statements and loops, as well as how to perform string manipulation in both C and C++. Lastly, you'll learn how to define and call C/C++ functions, and how to work with pointers in a C program."
13 videos | 57m has Assessment available Badge
Risk Analysis: Security Risk Management
In this 14-video course, learners can explore security risk management concepts and discover how to assess, categorize, monitor, and respond to organizational risks. Examine key terms such as threats, vulnerabilities, impacts, and risks, and the steps involved in the National Institute of Standard and Technology (NIST), risk management framework (RMF). Begin by learning how risk relates to information systems, and look at the concepts of managing risks, differentiating between threats, vulnerabilities, impacts, and risks. Examine the first step of the NIST RMF, categorizing risk, and then the second RMF step, selecting security controls. Next, observe the third step, implementing security controls; the fourth step, assessing security control effectiveness; the fifth step, examining risk, and output of security controls assessment to determine whether or not the risk is acceptable; and the last step, monitoring controls. Recognize benefits of a control-focused risk management approach; the benefits of an event-focused risk management approach; and risk communication. Finally, explore risk response and remediation, and differentiating between different risk responses such as accepting, avoiding, mitigating, sharing, or transferring risk.
14 videos | 38m has Assessment available Badge
SHOW MORE
FREE ACCESS

COURSES INCLUDED

Cybersecurity and Networking Fundamentals
The goal of cybersecurity is to protect systems, networks, data, and programs from digital attacks. As cyber-attacks continue to increase in frequency and sophistication, it is imperative that cybersecurity professionals learn how to quickly identify and mitigate vulnerabilities. In this course, you will learn common security terminology including threats, vulnerabilities, attacks, exploits, controls, and countermeasures. Discover the fundamentals of the confidentiality, integrity, and availability (CIA) triad, and explore the five elements of the AAA framework; identification, authentication, authorization, auditing, and accountability. You'll then explore risk considerations and management strategies, and discover how risks can be mitigated, accepted, transferred, and rejected. Lastly, explore core networking components and discover how information flow models are used to prevent unauthorized information flow in any direction. This course was originally created by Global Knowledge (GK).
13 videos | 42m has Assessment available Badge
Discovery and Attack Vectors
The discovery phase includes performing different types of reconnaissance on a target. To accomplish this, attackers can use a series of techniques, exploits, and tools. In this course, learn about common attack vectors such as malware, social engineering, and session hijacking. Discover how to collect legacy and archived web page content using discovery tools, and learn how to identify domains and IP addresses using the Netcraft website. Explore how to maximize command-line tools to discover shares and local network configurations, and learn the importance of checking to see if targets are using default passwords. You'll also discover how footprinting can be used to extract details of a website, how to disable NetBIOS, how to use kali to perform banner grabbing. Lastly, discover countermeasure techniques such as using generic domain names, hardening systems, and turning off unnecessary protocols and services. This course was originally created by Global Knowledge (GK).
10 videos | 45m has Assessment available Badge
Vulnerabilities, Systems Scanning and Exploitation
Vulnerabilities can be defined as a flaw or weakness that can be exploited. One method to identify vulnerabilities is to use a scanner to assess computers, networks, and applications for known weaknesses. By using a scanner, attackers can learn how to best exploit a target system. In this course, you will learn how port scanning works and recognize common ports with known protocols. Discover how to perform network discovery using Nmap, as well as how to perform vulnerability scanning using Nessus. Discover how to exploit a target system using Nessus and Metasploit, and explore how to take over a remote system. Lastly, you'll also explore vulnerability and system scanning countermeasures, and explore countermeasure techniques used to protect against system exploitation. This course was originally created by Global Knowledge (GK).
11 videos | 49m has Assessment available Badge
Malware Analysis
Malware is software that is designed to intentionally wreak destruction and gain access to sensitive information on a target system. In this course, you'll learn about the potential effects that malware can have on a system, as well as common malware types including cavity, stealth, polymorphic, metamorphic, and memory-resident viruses. You'll learn about backdoor exploits, and discover how they can be executed using FTP, HTTP, and password stealing. You'll then learn about the characteristics of worms, spyware, and adware, as well as common techniques and infection methods used by malware to exploit a system. Explore countermeasures used to prevent being infected by malware, and learn how to use security tools and solutions to prevent systems from being compromised. This course was originally created by Global Knowledge (GK).
10 videos | 48m has Assessment available Badge
Cybersecurity Awareness and Threat Vectors
Cybersecurity is often defined as the protection of computer systems and networks from unauthorized or unwanted information disclosure, theft or damage. In this course, explore the potential impacts of a personal or business security breach, and discover the fundamentals of the confidentiality, integrity, and availability triad. Explore how baselining can be used to better understand an IT environment and learn to differentiate between natural, malicious human, chemical, and non-malicious threats. Explore security concerns as they relate to internal and external human activity, and discover how to identify drivers for security controls. Explore common functions and purposes of security controls and discover the importance of testing corrective controls in place. Lastly, explore how to differentiate between quantitative and qualitative risk analysis, as well as between data in motion and data at rest. This course was originally created by Global Knowledge (GK).
20 videos | 42m has Assessment available Badge
Network Discovery Tools and Techniques
Network discovery is the process of identifying or mapping internal networks and computer resources in an organization. Conveniently, network discovery tools can be used to automate the scanning process and discover all the devices on a specific network. In this course, you'll learn about the OSI and TCP/IP models, and how they are used to facilitate communication between entities on a network. Explore how security controls behave at different layers of the OSI and TCP/IP models. Explore common network devices and learn how they can be compromised physically or administratively. Discover how to differentiate between discovery, footprinting, and scanning tools, and explore categories of discovery tools including auditing, vulnerability scanning, and SNMP. Explore Nmap, Zenmap, and SuperScan network discovery tools, and learn when to use protocol analyzer tools such as Wireshark. Lastly, discover the benefits of periodically referencing the Common Vulnerabilities and Exposures database. This course was originally created by Global Knowledge (GK).
21 videos | 1h 1m has Assessment available Badge
Systems Hardening
Security hardening is the process of securing systems and networks by reducing the surface of vulnerability. In this course, you'll learn the types of systems that can be hardened as well as how security baselines can be used to define normal conditions on a network. Explore how Group Policy can be used to apply computer settings to numerous systems at once, and discover the benefits of performing ongoing security patching. Explore steps used to harden systems by role including: client, server, database, web server, FTP, DNS, DHCP, network, and mobile devices. Lastly, learn how to differentiate between free and commercial hardening tools, recognize steps to properly implement authentication, authorization, and accounting, and implement physical security to contribute to overall security stability. This course was originally created by Global Knowledge (GK).
24 videos | 1h 4m has Assessment available Badge
Security Architecture
Security architecture can be defined as the specifications, processes, and standard operating procedures (SOPs) required to protect an organization's IT infrastructure. In order to improve network security and mitigate risks, a series of network devices can be used to control access to networks and resources. In this course, explore how security architectures can be used to enforce security at the network layer. Explore basic switching and routing devices, and discover core functions of a network intrusion detection systems (NIDS) and host-based intrusion detection systems (HIDS). Explore the characteristics and categories of firewall devices, and learn about networks, intranets, and demilitarized zones. Discover the benefits of network segmentation and learn how to segment networks. Lastly, discover how Network Address Translation (NAT) is used to map addresses, and explore how Network Access Control (NAC) can be used to verify compliance using security policies. This course was originally created by Global Knowledge (GK).
19 videos | 1h 11m has Assessment available Badge
Securing Information using Cryptography
Cryptography is a process used to keep information secret and safe by transforming it into an unrecognizable form that unwanted and unintended recipients cannot understand. In this course, you'll explore how cryptography can be used for confidentiality and integrity. Discover when to use symmetric and asymmetric encryption and discover the advantages and disadvantages of both. Explore practical use cases for cryptography and explore how hashing can be used to ensure data integrity. Discover how digital signatures can provide message integrity, authenticity, and non-repudiation and learn how to implement digital signatures. Discover how to differentiate between rights and permissions and explore access control methods such as discretionary access control, mandatory access control, and role-based access control. Lastly, explore how steganography can be used to hide secret information in or on another object, and how digital rights management (DRM) tools can be used to control access to protected data. This course was originally created by Global Knowledge (GK).
25 videos | 1h 20m has Assessment available Badge
Public Key Infrastructure and Certificate Distribution
Public-key infrastructure (PKI) is the framework of encryption and cybersecurity used to safely distribute, verify and revoke certificates in an organization and manage public-key encryption. In this course, you will learn the fundamentals of PKI and explore considerations when implementing trust structures through technology and public key-based digital certificates. Explore PKI components including certification authorities, certificates, revocation lists, registration authorities, entities and certificate templates, and discover how certificate authorities (CA) are used to issue certificates to entities and manage trust relationships. Discover how to differentiate between root and subordinate CAs as well as internal and external PKIs, and explore public key certificates and how they can represent the digital identity of the subject. Lastly, explore common certificate acquisition methods including web, auto-enrollment, MMCs, and native consoles, and explore use cases for common access cards (CAC). This course was originally created by Global Knowledge (GK).
17 videos | 53m has Assessment available Badge
Identity Management, Directory Services, and Federation
Identity management is a framework used to ensure appropriate access controls are in place to grant authenticated users access to enterprise assets. In this course, you will learn about the key fundamentals of identity management, including privilege administration, access control, and system scalability. Explore identification, authentication, authorization, accountability (IAAA) services and discover how personally identifiable information (PII) can be used to identify a subject. Explore the three main types of authentication factors: something you know, something you have, and something you are, and discover how to choose appropriate and accurate biometric criteria. You'll also learn about directory services and how they can be used to organize network resources. Explore password cracking techniques and tools, and discover when to use same sign-on and single sign-on authentication schemes. Lastly, explore how federation can be used to link together different authentication systems. This course was originally created by Global Knowledge (GK).
27 videos | 1h 19m has Assessment available Badge
Network Hardening, Network Segmentation, and Secure Connections
Network hardening can help identify potential vulnerabilities, secure systems, and reduce the risk of unauthorized access. In this course, you'll learn how to secure administrative and remote access connections. You'll discover key features of the Simple Network Management Protocol (SNMP) and explore the various types of firewalls and logical locations to place them on a network. Discover how to control and manage traffic using rules on routers and firewalls, and explore how firewall management can contribute to overall network hardening. Discover how to limit internal and external physical access to resources. Explore best practices for managing telecom and wiring closets as well as considerations for establishing secure access. Lastly, explore the importance of hardening wireless access points and recognize how to harden network elements including firewalls, routers, and access points. This course was originally created by Global Knowledge (GK).
27 videos | 1h has Assessment available Badge
Fundamentals of Malware Analysis and Remediation
Malware is any software with the intention to wreak destruction or gain access to sensitive information. Malware is often used as a blanket term for common computer worms, viruses, and trojans. In this course, you'll learn how to protect systems from malware by implementing and managing anti-malware software. Explore different malware infection methods and learn how to differentiate between different types of malware. Explore how viruses can attach themselves to system applications and learn about common virus threats. Discover how to differentiate between worms, trojans, rootkits, and bots, and explore how spyware and adware spyware can be embedded into applications that look free and interesting to use. Lastly, explore how ransomware works and discover countermeasures to protect against threats including user awareness programs, scanning systems, and monitoring network activity. This course was originally created by Global Knowledge (GK).
23 videos | 56m has Assessment available Badge
Social Engineering Threats and Prevention
Social engineering is a form of attack that is accomplished using malicious activities through human interactions. In a common social engineering attack, humans are tricked into making security mistakes or giving away sensitive information. In this course, you'll explore the goals of social engineering including gaining access to sensitive data, physical locations, and systems. Discover vulnerabilities that make social engineering possible, explore common targets, and learn about indirect and direct social engineering attacks. Explore how searching a person or business's trash can produce information that can be used to carry out an attack, and discover the importance of staying up to date with the latest social engineering stats and trends. Explore the importance of cyber awareness and reporting workplace abnormalities, and discover the various social media site types including social networks, video sharing, blogging, and photo sharing. Lastly, explore factors that drive people to post compromising material on social media. This course was originally created by Global Knowledge (GK).
27 videos | 1h 2m has Assessment available Badge
Software Engineering, Security and Vulnerabilities
The principles of software engineering include designing, developing, implementing, and maintaining a software solution. One crucial aspect of software security is to determine if software is safe to release to an organization or public. In this course, you'll explore the Software Development Life Cycle (SDLC) and learn about maturity levels used to define agility and effectiveness of a development solution. Discover how security guidelines can help improve the quality and security of a software development, and explore the importance of staying current with the types and trends of software threats and exploits. Continue to learn about software vulnerabilities while exploring common attacks including buffer overflows, database injection, cross-site scripting, and directory traversal attacks. Lastly, explore how misconfiguration of servers increases the likelihood of attacks, and discover how permissions are used to secure directories used by applications. This course was originally created by Global Knowledge (GK).
15 videos | 57m has Assessment available Badge
Environment Monitoring, Retention, and Data Logging
Logging is used to record events that occur within an organization's systems and networks. Oftentimes, logging information can help with the identification and isolation of any intruder or malware. In this course, explore acceptable use policies (AUP) and how they apply to employee monitoring. Discover how monitoring as a service can benefit an organization, and explore devices that can be monitored on a network including routers, switches, laptops, and wireless access points. Explore how retention policies can identify how long different types of data are maintained and discover when to implement a centralized enterprise logging service. Lastly, explore how keystroke loggers can capture and track what is typed on a keyboard and learn the importance of protecting log information. This course was originally created by Global Knowledge (GK).
23 videos | 52m has Assessment available Badge
Physical Security, Safety Procedures, and Access Control
Physical security measures can help organizations protect personnel, hardware, software, and data from physical actions and events that could result in unauthorized or unwanted disclosure or theft of property. In this course, you'll learn how defense-in-depth solutions can provide multiple layers of security as well as the various types of physical security controls. Explore the importance of surge protectors, uninterrupted power supplies (UPS), and power generators, and discover how device security concerns should encompass all company-owned equipment. Discover why non-disclosure agreements (NDA) should be used in locations where proprietary information may be accessible to employees, vendors, or visitors, and explore how background checks should be an essential part of security management. Lastly, explore the importance of ensuring the correct level of security access levels. This course was originally created by Global Knowledge (GK).
18 videos | 47m has Assessment available Badge
Incident Response, Backup and Recovery Strategies, and Documentation
It is imperative that organizations outline instructions to help IT staff identify, respond, and recover from network security incidents. By doing so, organizations can quickly recover from cybercrime events potentially resulting in data loss and service outages. In this course, you'll explore common disaster types, including natural disasters and malicious human actions that threaten organizations. Discover business continuity and disaster recovery planning goals, resources, and concepts. Discover how operational recovery planning can help ensure businesses resume day to day operations in a timely manner, as well as the importance of planning for user recovery. You'll also learn about backup technologies and strategies, and discover the importance of proper documentation. Lastly, explore how to prepare for incident responses and learn about reporting incidents and legal considerations. This course was originally created by Global Knowledge (GK).
41 videos | 1h 34m has Assessment available Badge
Legal Considerations and Cybercrime Investigations
Cybercrime laws apply to incidents in which a crime was directed at a computer, or crimes committed using a computer. In this course, you'll explore aspects of service-level agreements (SLA) and privacy-level agreements (PLA), and discover considerations when dealing with international regulatory compliance. You'll also learn how cybercrime intersects with different legal fields including intellectual property, privacy laws, jurisdiction, criminal, and civil, and explore methods in which to investigate cybercrime activity. Explore key considerations when dealing with criminal, civil law, and administrative laws, and learn to differentiate between civil, common, statutory, and religious legal systems. Lastly, explore tools used to perform a cybercrime investigation, and discover cybercrime investigative best practices, including how to notify management and protect the crime scene. This course was originally created by Global Knowledge (GK).
22 videos | 55m has Assessment available Badge
Trends in Cybersecurity
Cybersecurity is the practice of protecting systems, networks, and programs from cyber threats and exploits. Therefore, organizations are required to allocate a growing number of resources to protect their data from unwanted and unauthorized data breaches and disclosures. In this course, you'll explore the possible constraints that may prevent an organization from having an ideal IT security solution including budget, regulations, design limitations, and political issues. Discover driving forces in cybersecurity including money, mobile devices, education, and new technologies, and explore the risks associated with portable electronic devices (PED) such as geolocations. Explore how supervisory control and data acquisition (SCADA) systems can be used to monitor important infrastructure including electric grids, water supplies, and pipelines, and discover how most people now use the Internet daily to send email, shop, and watch TV. Lastly, discover how cybersecurity and IT standards continue to evolve and how no one standard is foolproof or future proof. This course was originally created by Global Knowledge (GK).
18 videos | 45m has Assessment available Badge
Introduction to Cyber Operations
Cyber operations is evolving with the trend now focused on performing defensive and offensive security tasks to help assess the security posture of many government agencies and help prevent attacks. In this course, you'll explore the difference between Defensive Cyber Operations (DCO) and Offensive Cyber Operations (OCO), as well as the tasks performed by each. You'll also learn about the Cyber Operations Cycle and its phases, and the responsibilities of each role member of the offensive and defensive teams.
12 videos | 53m has Assessment available Badge
An Executive's Guide to Security: Understanding Security Threats
Companies that do not understand threats facing their information are at risk of costly data breaches. In this 13-video course, learners can explore common security threats, types of network attacks, and the human element of security threats. Key concepts covered here include what an attack surface is, and how it must be understood to protect corporate information; and what network hardening is and how it relates to protection of corporate information. Next, learners will examine network demilitarized zones and how they protect corporate information; observe differences between threats, vulnerabilities, and risks in corporate environments; and study top kinds of security threats facing organizations today. Continue by learning the role that physical security plays in protecting corporate data; how social engineering is conducted and how it is mitigated through corporate policy; and the importance of corporate security policies, and why they should be strictly adhered to. Finally, explore the importance of password policies and why they should be adhered to; and learn reasons why IT administrators need to protect an organization by refusing to bend rules.
13 videos | 44m has Assessment available Badge
Defining Cryptography
Cryptography, and understanding its limits and pitfalls, is essential to protecting data. Discover how cryptography can be used to protect and secure data, as well as the importance of data integrity and key generation.
16 videos | 54m has Assessment available Badge
Cryptographic Methods
Cryptography uses different methods to protect data. Explore different methods used to protect or transmit data securely, and some of the components that ensure data can be protected.
8 videos | 27m has Assessment available Badge
Modes of Operation & Algorithms
Cryptography is far more than just selecting an algorithm and calling the encrypt or decrypt method. Explore the modes of operation for encryption algorithms as well as when particular algorithms are best suited to the data being protected.
18 videos | 1h 1m has Assessment available Badge
Encryption Use & Analysis
Cryptography is far more than just selecting an algorithm and calling the encrypt or decrypt method. Explore secure communications using SSH, disk encryption, key strength considerations, cryptanalysis, and side-channel attacks.
8 videos | 33m has Assessment available Badge
Cryptography: Introduction to Cryptography Services
Learners will discover two core cryptography services, encryption and hashing, in this 14-video course. Examine the goals of information security, symmetric and asymmetric encryption, and using the Caesar cipher. Begin by taking a look at the goals of information security. Then explore cryptography services and how to associate those services with goals of information security, and receive an overview of encryption and encryption history. Next, watch a demonstration of how to use the CrypTool and the Caesar cipher. Following this, you will examine symmetric encryption, and define common symmetric encryption algorithms. Another demonstration covers CrypTool and symmetric encryption. Learners will be introduced to asymmetric encryption; learn how to define common asymmetric encryption algorithms; and explore the purpose of hashing, and define common hashing algorithms. The final tutorial demonstrates use of the CrypTool and hashing. The concluding exercise involves downloading and installing CrypTool v1, creating a text file, creating an MD5 and SHA1 hash of the file, changing the file and checking the hash value again, and encrypting text with Caesar cipher.
14 videos | 56m has Assessment available Badge
Cryptography: Introduction to PKI
In this 12-video course, you will explore Public Key Infrastructure and its components, the basics of certificates and certificate authorities, using a Certificate Revocation List (CRL), and how secure web sites work with secure sockets layer (SSL). You will begin with an overview of Public Key Infrastructure and its components, and then take a look at certificates and the different types. This leads into a demonstration of configuring certificate properties. You will discover how to identify certificate authority types and hierarchies, and then watch how to install a certificate authority. Next, you will observe how digital signatures work, and explore how SSL is used to secure web traffic. Another demonstration on SSL shows how to enable a website. Next, you will learn the purpose of a CRL and how it works, and then watch a demonstration of CRLs in use-revoking a certificate and describing the effects of revocation. The final exercise involves installing a certificate authority and securing web traffic to an Internet Information Services (IIS) webserver by installing a certificate.
12 videos | 1h 6m has Assessment available Badge
CyberOps Windows Hardening: Windows Server Hardening Best Practices
Windows servers are the heart of many corporate networks and may contain sensitive company data that, if leaked or stolen by an attacker, would be catastrophic. Protecting the Windows Server assets and preventing a security compromise is an important skill for IT security professionals to master. In this course, you'll learn how to help prevent security incidents by hardening the Windows Server and reducing the attack surface. You'll learn how to follow common security best practices to lock down a Windows system by hardening user accounts, passwords, services, the file system, and common network services, such as DNS and IIS.
16 videos | 1h 32m has Assessment available Badge
CyberOps Windows Hardening: Windows Workstation Hardening Best Practices
If successful in exploiting your Windows workstations, hackers could move laterally across the network to compromise other assets like your servers and databases, which contain sensitive information. In this course, you'll learn how to protect your Windows workstations by following standard operating system hardening procedures to reduce the attack surface and help prevent a security compromise. You'll learn how to secure a workstation by implementing hardening procedures related to the BIOS/UEFI. You'll carry out user account and group membership security strategies. You'll practice reducing unneeded software, patching the system, configuring user rights, and setting up auditing. Additionally, you'll work with full disk encryption, antivirus methods, firewall software, and security templates. To carry out this work, you'll utilize BitLocker, AppLocker, and Windows Defender.
15 videos | 1h 29m has Assessment available Badge
Cybersecurity Awareness: Getting Started with Security Foundations
As organizations become more reliant on IT systems to store all kinds of information, facilitate communication among colleagues and customers, and track business-related statistics, information is becoming more precious and its security increasingly crucial and challenging In this course, you'll explore standard information security concepts and the security-related roles within an organization. You'll examine where various security-related responsibilities fall throughout the organization and the importance of solid strategic planning and decision-making when implementing proper information security. You will also investigate the concept of security governance and the activities involved. Finally, you'll delve into the relationship between an organization's overall business objectives and how information security can promote these.
12 videos | 1h 14m has Assessment available Badge
Cybersecurity Awareness: Information Security Fundamentals
With information security a key concern for organizations, it is important to understand the basic concepts of information security and the security concepts that fall within this topic, such as those within the world of cybersecurity. In this course, you'll recall information security fundamentals before examining the broad domains within it. You'll then delve into cybersecurity and explore the various approaches to it. In addition, you'll examine some practical cybersecurity concepts, such as the CIA triad and the security architecture principle. You'll then investigate the actions that expose us to security risks, the roles we play in maintaining or breaching security, and the various security controls that can be implemented to mitigate security-related risks
16 videos | 1h 54m has Assessment available Badge
Cybersecurity Awareness: Key Security Terms & Concepts
Everyone who connects to the Internet is vulnerable to security threats. Managers need to know the types of security threats their organizations are vulnerable to and their potential impact. In this course, you'll explore the key terms used in cybersecurity. You'll examine different types of threats, threat actors, and targets. You'll investigate advanced persistent threats (APTs), insider threats, and uncertainty in relation to cybersecurity, as well as the various types of malware and security threats
17 videos | 2h 20m has Assessment available Badge
Cybersecurity Awareness: Exposure to Security Risks
There are security issues everywhere. Managers must keep abreast of security risks and threats. In this course, you'll identify standard security risks and their origins. You'll also learn about more diverse types of security issues and the potential threats to an organization's security. You'll be given examples from daily life that expose us to security risks. To wrap up, you'll outline effective methods to reduce common security risks that render organizations vulnerable via different channels.
11 videos | 1h 38m has Assessment available Badge
Governance, Risk Management, and Compliance
In this course, you'll explore governance, risk management, and compliance - commonly known as GRC. You'll examine why it matters, what it is, and its increasing importance. You'll learn about who needs it and the role it plays for various parties. Next, you'll examine industry compliance, external authorities, non-compliance consequences, and reporting. You'll also learn about industry standards like PCI, laws and regulations, and compliance and company policy. Finally, you'll complete this course by learning about privacy compliance, including private data, how data architectures address privacy information, the Health Insurance Portability and Accountability Act, the Health Information Technology for Economic and Clinical Health act, the Gramm-Leach-Bliley Act, the General Data Protection Regulation, and privacy best practices.
13 videos | 1h 14m has Assessment available Badge
Risk Assessment and Management
Risk assessment allows you to identify and prioritize risk, while risk management allows you to analyze, mitigate, or accept risk. In this course, you'll explore risk assessment and management. You'll begin by examining the role Business Impact Analysis plays in risk management and what it accomplishes, before moving on to learn about various risk assessment and analysis approaches. Next, you'll explore the importance of risk mitigation and having a strategy for it, as well as how risk mitigation strategies fit into the risk management effort. You'll learn about the NIST SP 800-37 risk management framework and the steps involved, as well as the Risk Maturity Model and the associated five levels of risk management competency. Finally, you'll explore ongoing risk management, including what causes risk responses and acceptance to change, and the importance of patch management.
8 videos | 41m has Assessment available Badge
Governance and Corporate Culture
Corporate culture relates to the enterprise-wide attitudes towards security and risk. In this course, you'll learn about governance and corporate culture. First, you'll explore corporate security culture and associated concerns, before moving on to look at the concept of fear, uncertainty, and doubt and why it should be avoided. Next, you'll examine why enterprise-wide support is required, the differences between top-down and bottom-up, and various security roles. You'll learn about the importance of having an acceptable use policy, consequences of not having an appropriate policy in place, and having consequences for individuals who violate this policy. Finally, you'll examine methods of improving corporate culture and governance, like training, rewards and consequences, and hiring practices, and also learn about the importance of ongoing assessments.
5 videos | 21m has Assessment available Badge
Governance and Policy
Governance helps shape the current and future strategy of an organization and aligns IT solutions with corporate strategy. In this course, you'll learn about the role of governance and policy. First, you'll explore the purpose and importance of governance and how it relates to policy. You'll move on to examine Business Continuity Plans and the four steps involved in the process. You'll explore updating governance policies and also governance tools like Business Impact Analysis, Disaster Recovery Plan, public relations strategies, and RACI charts. Finally, you'll explore common characteristics of eGRC tools and examine specific tools like IBM OpenPages and RSA Archer.
4 videos | 47m has Assessment available Badge
Frameworks, Life Cycles, and Architecture
Organizations require people with the skills to make decisions to secure information systems based on best practices, standards, and industry recommendations. Security architects fill this need. In this course, you'll learn about common IT life cycles and life cycle management, including the system development and security life cycles. You'll explore the importance of frameworks, including enterprise architecture frameworks. You'll then examine various stakeholders and the roles they play in architecture development. Next, you'll learn about the need for and types of security policies. Finally, you'll explore aspects of secure network architecture design, including network segmentation and components, applying industry best practices, and team member roles and responsibilities.
12 videos | 41m has Assessment available Badge
Secure Application and Data Architecture Design
Security architects design and implement secure architectures and translate business processes and risk into policy and implementation rules. In this course, you'll explore designing secure application and data architectures. First, you'll examine the history of development, the role of the application architect, and application architecture goals. Next, you'll learn about disciplines related to application architecture, as well as Service-oriented Architecture and its standards. You'll move on to learn about modular framework development, authentication, patching, and vulnerability testing. Next, you'll examine data architecture, data classification, data privacy, and database security. Finally, you'll learn about encryption and big data, as well as data architecture analysis and influences.
20 videos | 52m has Assessment available Badge
Access Control and Security Architecture Design
In this course, you'll learn about designing a secure access control architecture and updating a security architecture. First, you'll explore identity and access management, including the IAAA process and related entities. You'll move on to examine access control policies and models. You'll learn about centralized access control, as well as distributed access control, federated identity management frameworks, and supporting protocols. You'll explore the importance of access reviews, as well as access control considerations with bring your own device and Internet of Things. Next, you'll examine the impact of change on a security architecture and steps involved in life cycle management. Finally, you'll complete this course by learning about architecture change considerations and the importance of a change management policy.
13 videos | 44m has Assessment available Badge
Security Architecture Documentation and Alternative Architectures
In this course, you'll learn about documentation requirements for a security architecture and alternate architectures. First, you'll explore the types of documentation required to guide an architecture. You'll examine input documentation, including business requirements and objectives, standards and best practices, and laws and regulations. Next, you'll learn about architecture documentation, including how and what to document. You'll examine output documentation as well, including policies, procedures, and guidelines. You'll learn about the Security Requirements Traceability Matrix, including required fields. Finally, you'll learn about virtualization and how to evaluate cloud and hybrid cloud solutions, focusing on factors like shared responsibility, encryption, and key management.
12 videos | 36m has Assessment available Badge
SHOW MORE
FREE ACCESS

COURSES INCLUDED

CompTIA CASP+: Assessing & Managing Risk
Recognizing threats and managing risk are key to hardening an organization's security posture. In this course, you'll explore how to apply risk management frameworks to assess and mitigate risk, as well as how to identify threat actors and physical risks. Next, you'll learn how to mitigate risks related to human resources and social engineering techniques. You'll then move on to examine how to work with qualitative and quantitative risk analysis. Lastly, you'll learn about insider threats, supply chain dependencies, and sources of threat intelligence. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
15 videos | 1h 25m has Assessment available Badge
CompTIA CASP+: Virtualization Security
Securing today's enterprise computing environments means understanding how virtualization is used. Organizations must consider how to secure virtualization solutions used both on-premises in and the cloud. In this course, you'll learn to identify various types of virtualization solutions such as network virtualization, operating system virtualization, desktop, and app virtualization. You will then learn to distinguish the difference between type 1 and type 2 hypervisors. Next, you'll focus on virtualization security and how to deploy virtual machines on-premises. Lastly, you'll learn to work with application containers. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
12 videos | 1h has Assessment available Badge
CompTIA CASP+: Secure Cloud Computing
Cloud computing is widely used by individuals and enterprises to outsource IT solutions. In this course, you'll begin with learning how to identify cloud deployment and service models. Next, you'll review cloud service level agreements, cloud security solutions, and how to work with cloud VNets. Moving on, you'll learn how to configure cloud autoscaling to increase application availability. You'll also explore now to deploy a cloud-based firewall, configure firewall routing, and enable RDP through cloud firewalls. Lastly, you'll learn how to create a cloud key vault and enable cloud storage security. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
19 videos | 1h 50m has Assessment available Badge
CompTIA CASP+: Cryptography & PKI
Cryptography has long played a role in securing sensitive information. In this course, you'll begin with an overview of cryptography and how it can secure data at rest and data in motion. You'll then learn how to enable EFS and BitLocker to protect data at rest. You'll explore how to identify methods by which cryptography can protect data in transit and configure network security via IPsec. Finally, you'll examine how PKI uses certificates to secure IT systems through HTTPS, SSH remote management, and generating file system hashes. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
17 videos | 1h 51m has Assessment available Badge
CompTIA CASP+: Storage & Network Security
On-premises and cloud-based storage security solutions are very similar in nature. In this course, you'll learn how to determine which RAID disk solution best applies in a given situation, as well as how to secure various network storage solutions and DNS. Next, you'll learn to recognize when to apply firewalls to secure networks and how to configure various firewall solutions. Moving on, you'll explore how to configure a VPN and secure wired and wireless networks. Lastly, you'll examine how to manage servers through a jump box and how attackers enable reverse shells. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
16 videos | 1h 47m has Assessment available Badge
CompTIA CASP+: Authentication & Authorization
Securing user and device logins, as well as access to IT resources, relates to authentication and authorization. In this course, you'll learn how to differentiate between authentication and authorization and also ow to enable 2FA and MFA user authentication. Next, you'll explore how to enable Wi-Fi RADIUS authentication, configure SELinux, and enable attribute-based control in Windows. Lastly, you'll examine how to use Group Policy to configure password policy settings, crack passwords using freely available tools like the Johnny tool, brute-force RDP using Hydra, and limit cloud admin access using role-based access control. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
11 videos | 1h 1m has Assessment available Badge
CompTIA CASP+: IT Governance & Security Compliance
IT governance involves ensuring that business and regulatory compliance needs are met by IT solutions. In this course, you'll learn to identify common data privacy standards and regulations, as well as various types of business agreements. Next, you'll learn to classify personally identifiable information using various methods including Macie for data discovery and classification. You'll explore how to use Azure Information Protection to enable DLP and tag cloud resources to facilitate resource management. You'll then examine how to securely wipe a storage device and identify common organization security policies. Lastly, you'll learn how to identify data roles and configure cloud data retention. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
12 videos | 1h 7m has Assessment available Badge
CompTIA CASP+: Mobile & Embedded Devices
Mobile devices have become ubiquitous and as a result deserve the attention of cybersecurity specialists. In this course, you'll explore how mobile, embedded, drones, and IoT devices are used and their related security risks. Next, you'll learn how to search for vulnerable devices using the Shodan web site. Moving on, you'll explore how to secure remote network connectivity with a VPN and examine smartphone hardening techniques. Lastly, you'll learn how to register and manage an Android device using a Mobile Device Management solution. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
8 videos | 42m has Assessment available Badge
CompTIA CASP+: Industrial Computing Environments
Industrial control systems present a unique security risk when it comes to public services such as power, water, and other industrial processes. In this course, you'll learn how to recognize common industrial network protocols and terminology. Next, you'll learn how Supervisory Control and Data Acquisition relates to industrial control systems. You'll explore NIST ICS security control documentation. Lastly, you'll learn how to configure an S7 PLC emulator and use Metasploit to stop the device. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
8 videos | 39m has Assessment available Badge
CompTIA CASP+: Emerging Technologies & SecDevOps
Emerging technologies present unique security risks in that the technology is not yet mature. Software developers must adhere to secure development practices to minimize threat impacts. In this course, you'll learn how to identify security risks associated with emerging technologies such as machine learning, artificial intelligence, blockchain, quantum computing, and 3-D printing. You'll also learn to identify the top 10 web app threats and use the OWASP ZAP tool to identify web app vulnerabilities. Next, you'll explore how to securely develop and deploy software solutions. Lastly, you learn to distinguish between various testing techniques. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
8 videos | 43m has Assessment available Badge
CompTIA CASP+: Monitoring & Incident Response
Enterprise IT monitoring is crucial in detecting potential security incidents. In this course, you'll explore various monitoring methods for hosts, devices, and networks. Next, you'll learn to configure log forwarding and work with logs through PowerShell. Moving on, you'll learn to recognize when to use honeyfiles, honeypots, and honeynets, as well as SIEM and SOAR solutions. You'll then examine intrusion detection and prevention and how they are used to secure a network. Lastly, you'll explore the use of tools such as Snort, tcpdump, nmap, and Wireshark for analyzing networks and network traffic. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
15 videos | 1h 27m has Assessment available Badge
CompTIA CASP+: Vulnerabilities & Hardening
Cybersecurity specialists must be able to identify vulnerabilities and apply security controls to mitigate threats. In this course, you'll learn how to identify the steps attackers take to gain access to resources and examine physical security issues. Next, you'll learn how network segmentation can increase security, how attackers use zombies and botnets, and how common attacks take place. Moving on, you'll explore common hardening techniques, how to scan for vulnerabilities, and how to setup up a WSUS server. Lastly, you'll learn how to use the Metasploit framework and crack WPA2 Wi-Fi passphrases. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
13 videos | 1h has Assessment available Badge
CompTIA CASP+: Digital Forensics
Gathering digital evidence for use in a court of law is done using very specific techniques. In this course, you'll learn to recognize the process by which hardware and software digital forensic tools are used to acquire and analyze evidence. Next, you'll learn to work with file system hashing and forensic disk image acquisition including creating and hashing a Linux disk image. You'll also explore how to use FTK imager to acquire a forensic disk image. Lastly, you'll explore how to retrieve Android device information using the Android Debug Bridge and hide messages using steganography. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
8 videos | 39m has Assessment available Badge
CompTIA CASP+: Business Continuity
Business continuity measures ensure that business operations continue during disruptions. In this course, you'll learn how to identify common disaster recovery terms and techniques and plan how to respond to business disruptions. Next, you'll learn to identify how to use physical and logical redundancy, clustering and load balancing to increase system and application availability. Lastly, you'll explore cloud-based load balancing and backups including learning how to configure and deploy a Microsoft Azure Load Balancer as well as back up data using Microsoft Azure. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
7 videos | 35m has Assessment available Badge
SHOW MORE
FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE COURSES

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

BOOKS INCLUDED

Book

Cyber Operations: Building, Defending, and Attacking Modern Computer Networks, Second Edition
Teaching you how to set up, defend, and attack computer networks, this book will show you how to configure your network from the ground up, beginning with developing your own private virtual test environment, then setting up your own DNS server and AD infrastructure.
book Duration 14h 51m book Authors By Mike O'Leary

Book

The Cyber Risk Handbook: Creating and Measuring Effective Cybersecurity Capabilities
Offering step-by-step instruction for building, measuring, and optimizing cybersecurity capabilities, this book provides authoritative guidance for real-world situations, and cross-functional solutions for enterprise-wide improvement.
book Duration 6h 46m book Authors By Domenic Antonucci

Book

Computer and Cyber Security: Principles, Algorithm, Applications, and Perspectives
Comprehensive in scope, this text covers applied and practical elements, theory, and the reasons for the design of applications and security techniques.
book Duration 14h 21m book Authors By Brij B. Gupta, Dharma P. Agrawal, Haoxiang Wang (eds)

Book

Cybersecurity Essentials
Cybersecurity jobs range from basic configuration to advanced systems analysis and defense assessment. This book provides the foundational information you need to understand the basics of the field, identify your place within it, and start down the security certification path.
book Duration 9h 27m book Authors By Charles J. Brooks, Christopher Grow, Donald Short, Philip Craig

Book

Cyber Security: A Practitioner's Guide
With an aim is to inform the reader about the realities of cyber security, this book covers the various types of cyber threats and explains what you can do to mitigate these risks and keep your data secure.
book Duration 4h 19m book Authors By David Sutton

Book

Advanced Penetration Testing: Hacking the World's Most Secure Networks
Featuring techniques not taught in any certification prep or covered by common defensive scanners, this book integrates social engineering, programming, and vulnerability exploits into a multidisciplinary approach for targeting and compromising high security environments.
book Duration 3h 59m book Authors By Wil Allsopp

Book

Network Science and Cybersecurity
Covering anomaly detection and algorithms for network security, this book introduces new research and development efforts for cybersecurity solutions and applications taking place within various U.S. Government Departments of Defense, industry and academic laboratories.
book Duration 5h 28m book Authors By Robinson E. Pino (ed)
SHOW MORE
FREE ACCESS

BOOKS INCLUDED

Book

Cybersecurity: A Self-Teaching Introduction
Written in an easy to understand, "self-teaching" format, this book is designed to provide the reader with the fundamental concepts of cybersecurity and cybercrime.
book Duration 3h 10m book Authors By C. P. Gupta, K. K. Goyal

Book

Cyber Operations: Building, Defending, and Attacking Modern Computer Networks, Second Edition
Teaching you how to set up, defend, and attack computer networks, this book will show you how to configure your network from the ground up, beginning with developing your own private virtual test environment, then setting up your own DNS server and AD infrastructure.
book Duration 14h 51m book Authors By Mike O'Leary

Book

Fundamental of Cyber Security
Using simple language, a crystal clear approach, and a straightforward presentation with examples and answered questions, this user-friendly book features the most current research findings in all aspects of information security.
book Duration 4h 18m book Authors By Aatif Jamshed, Mayank Bhushan, Rajkumar Singh Rathore

Book

The Cyber Risk Handbook: Creating and Measuring Effective Cybersecurity Capabilities
Offering step-by-step instruction for building, measuring, and optimizing cybersecurity capabilities, this book provides authoritative guidance for real-world situations, and cross-functional solutions for enterprise-wide improvement.
book Duration 6h 46m book Authors By Domenic Antonucci

Book

Cybersecurity Essentials
Cybersecurity jobs range from basic configuration to advanced systems analysis and defense assessment. This book provides the foundational information you need to understand the basics of the field, identify your place within it, and start down the security certification path.
book Duration 9h 27m book Authors By Charles J. Brooks, Christopher Grow, Donald Short, Philip Craig

Book

The Complete Guide to Cybersecurity Risks and Controls
Presenting the fundamental concepts of information and communication technology (ICT) governance and control, this book, shows you how to create a working, practical control structure that will ensure the ongoing, day-to-day trustworthiness of ICT systems and data.
book Duration 6h 24m book Authors By Anne Kohnke, Dan Shoemaker, Ken Sigler

Book

Cybersecurity Lexicon
Describing the threats and vulnerabilities of critical infrastructure to cybersecurity attack, this book provides definitions for cybersecurity technical terminology and hacker jargon related to automated control systems common to buildings, utilities, and industry.
book Duration 4h 45m book Authors By Luis Ayala

Book

Binary Code Fingerprinting for Cybersecurity: Application to Malicious Code Fingerprinting
This book addresses automated software fingerprinting in binary code, especially for cybersecurity applications.
book Duration 4h 27m book Authors By Aiman Hanna, Amr Youssef, Ashkan Rahimian, Djedjiga Mouheb, He Huang, Lina Nouh, Lingyu Wang, Mourad Debbabi, Paria Shirani, Saed Alrabaee
SHOW MORE
FREE ACCESS

BOOKS INCLUDED

Book

CompTIA CASP+ CAS-004 Exam Guide: A-Z of Advanced Cybersecurity Concepts, Mock Exams, Real-world Scenarios with Expert Tips
CompTIA CASP+ certification evaluates advanced technical security skills, such as security engineering and operations, enterprise-level risk assessments and IT governance, and the implementation of secure systems and network design and controls.
book Duration 8h 26m book Authors By Dr. Akashdeep Bhardwaj

Book

CASP+ CompTIA Advanced Security Practitioner Certification All-in-One Exam Guide, Second Edition (Exam CAS-003)
Designed to help you pass the exam with ease, this definitive volume provides complete coverage of every topic on the exam and also serves as an essential on-the-job reference.
book Duration 16h 27m book Authors By Dwayne Williams, Gregory White, Nicholas Lane, Wm. Arthur Conklin

Book

CompTIA CASP+ Advanced Security Practitioner Study Guide: Exam CAS-003, Third Edition
Covering 100 percent of the exam objectives, this hands-on guide provides expert walk-throughs of essential security concepts and processes to help you tackle this challenging exam with full confidence.
book Duration 12h 12m book Authors By Jeff T. Parker, Michael Gregg

AUDIOBOOKS INCLUDED

Audiobook

The Cyber Security Handbook: Prepare for, Respond to and Recover from Cyber Attacks with the It Governance Cyber Resilience Framework (CRF)
This audiobook is a comprehensive cyber security implementation manual which gives practical guidance on the individual activities.
audiobook Duration 7h 59m 59s audiobook Authors By Alan Calder

AUDIOBOOKS INCLUDED

Audiobook

The Cyber Security Handbook: Prepare for, Respond to and Recover from Cyber Attacks with the It Governance Cyber Resilience Framework (CRF)
This audiobook is a comprehensive cyber security implementation manual which gives practical guidance on the individual activities.
audiobook Duration 7h 59m 59s audiobook Authors By Alan Calder

SKILL BENCHMARKS INCLUDED

Security Analyst to Security Architect Competency
Security Analyst to Security Architect Competency benchmark will measure that a learner has working exposure and practice with security analyst principles. A learner who scores high on this benchmark demonstrates that they have competency in some areas of security analytics, can participate in IT security discussions, and can work independently under the guidance of more advanced security analyst practitioners.
23m    |   23 questions
Security Analyst to Security Architect Mastery
Security Analyst to Security Architect Mastery benchmark measures whether a learner has expert exposure and practice with security analyst principles. A learner who scores high on this benchmark demonstrates that they have an advanced understanding of every area of modern security practices and analytics, can lead and drive all IT security discussions, and can work independently with no oversight.
24m    |   24 questions
Security Analyst to Security Architect Proficiency
Security Analyst to Security Architect Proficiency benchmark measures whether a learner has extensive exposure and practice with security analyst principles. A learner who scores high on this benchmark demonstrates that they have an advanced understanding of all of the areas of security analytics, can participate in IT security discussions, and can work independently with little to no oversight.
23m    |   23 questions
Security Analyst to Security Architect Literacy
Security Analyst to Security Architect Literacy benchmark will measure if a learner has had some exposure and practice with security analyst principles. A learner who scores high on this benchmark demonstrates that they have literacy in some areas of security analytics, can participate in IT security discussions, and can understand the advice of more advanced security analyst practitioners.
22m    |   22 questions
SHOW MORE
FREE ACCESS

YOU MIGHT ALSO LIKE

CHANNEL Security Trends
Likes 50 Likes 50  
Likes 132 Likes 132