Information Security Operations: CISSP 2021 Expert

https://www.skillsoft.com/channel/information-security-operations-31e1d7f0-e259-11e6-93f3-0242c0a80605?tech=1993834&expertiselevel=1993832 https://www.skillsoft.com/channel/information-security-operations-31e1d7f0-e259-11e6-93f3-0242c0a80605?tech=1993837&expertiselevel=1993832 https://www.skillsoft.com/channel/information-security-operations-31e1d7f0-e259-11e6-93f3-0242c0a80605?tech=5617364&expertiselevel=1993832 https://www.skillsoft.com/channel/information-security-operations-31e1d7f0-e259-11e6-93f3-0242c0a80605?tech=1993833&expertiselevel=1993835 https://www.skillsoft.com/channel/information-security-operations-31e1d7f0-e259-11e6-93f3-0242c0a80605?tech=1993836&expertiselevel=1993835
  • 9 Courses | 9h 44m 33s
  • 5 Books | 36h 17m
  • 15 Courses | 15h 27m 11s
  • 7 Books | 65h 30m
  • 18 Courses | 11h 48m 47s
  • 14 Courses | 13h 15s
  • 8 Books | 72h 39m
  • Includes Lab
  • 18 Courses | 13h 8m 22s
  • 1 Book | 5h 21m
Likes 187 Likes 187
 
Information security is of paramount importance to individuals and organizations. Explore the fascinating world of data and systems protection.

GETTING STARTED

Access Controls

  • Playable
    1. 
    Authentication Overview
    2m 43s
    NOW PLAYING
  • Playable
    2. 
    Single/Multifactor Authentication
    2m 25s
    UP NEXT

GETTING STARTED

System Security Certified Practitioner (SSCP 2018): Network Fundamentals

  • Playable
    1. 
    Course Overview
    1m 29s
    NOW PLAYING
  • Playable
    2. 
    Packet Switching Networks
    4m 2s
    UP NEXT

GETTING STARTED

SSCP 2021: Basic Security Concepts

  • Playable
    1. 
    Course Overview
    1m 54s
    NOW PLAYING
  • Playable
    2. 
    (ISC)² and Organizational Codes of Ethics
    2m 5s
    UP NEXT

GETTING STARTED

(ISC)² & Security Fundamentals

  • Playable
    1. 
    The (ISC)² Organization
    1m 29s
    NOW PLAYING
  • Playable
    2. 
    The (ISC)² Code of Professional Ethics
    2m 18s
    UP NEXT

GETTING STARTED

CISSP 2021: (ISC)2 & the CISSP Exam

  • Playable
    1. 
    Course Overview
    1m 44s
    NOW PLAYING
  • Playable
    2. 
    (ISC)2 Code of Professional Ethics
    2m 23s
    UP NEXT

COURSES INCLUDED

Access Controls
Access controls determine the level of access that a security principal has to a network and its resources. Explore authentication mechanisms, trust architectures, the identity management life cycle, and specific access controls.
18 videos | 1h 4m has Assessment available Badge
Security Operations
Enterprise computer systems require a solid understanding of security practices. Explore codes of ethics, confidentiality, integrity, and availability, privacy, accountability, and non-repudiation, and security best practices.
16 videos | 53m has Assessment available Badge
Security Administration
IT asset management is a critical element of IT security administration approach. Explore hardware, software, and data asset management best practices, compliance, change management, security awareness and training in the enterprise.
14 videos | 56m has Assessment available Badge
SSCP: Risk Management
Identifying, evaluating, and prioritizing threats are critical for proper IT systems security. Explore risk assessment, treatment, and assessment; best practices for monitoring systems; and security analytics, metrics, and trends.
15 videos | 55m has Assessment available Badge
Incident Response & Recovery
Despite your best efforts, security incidents will happen. Explore incident handling best practices, including discovery, escalation, reporting, and response; countermeasures and continuity practices; and forensic investigation.
15 videos | 59m has Assessment available Badge
SSCP: Cryptography
Enterprise assets, including data, must be protected at all times. Explore cryptography best practices, including hashing, salting, encryption, digital signatures, regulatory requirements, PKI, and Web of Trust.
16 videos | 1h 3m has Assessment available Badge
Network & Communications Security
Enterprise networks and telecommunications come with unique security challenges. Explore network security best practices for OSI and TCP/IP models, common communication network attacks and countermeasures, and network access control.
20 videos | 1h 43m has Assessment available Badge
Systems & Application Security
Malicious attacks on systems and applications are an everyday problem. Discover how to identify and analyze malicious activity, including malicious code and countermeasures, and best practices for endpoint device security.
20 videos | 1h 39m has Assessment available Badge
Configuring Cloud Security
Systems and applications running in the cloud are subject to malicious attacks. Explore best practices for cloud security, including operation and service models, virtualization, legal and privacy concerns, data storage, and outsourcing.
6 videos | 29m has Assessment available Badge
SHOW MORE
FREE ACCESS

COURSES INCLUDED

System Security Certified Practitioner (SSCP 2018): Network Fundamentals
This 14-video course helps prepare for the Systems Security Certified Practitioner (SSCP) certification exam by exploring network concepts, including packet switching, the OSI (open systems interconnect) and TCP/IP (transmission control protocol/Internet protocol) models, network topologies, network infrastructure devices, and wireless router configuration. You will learn the differences between circuit switching and packet switching. You will examine the seven-layer OSI model that is used to describe communications hardware and software, including Layer 3 switch, and the Layer 7 firewall appliance. Continue by examining the TCP/IP model, a conceptual 4-layer model, and the TCP/IP protocol suite. This course then examines types of network interface cards, cable types, including coaxial and twisted pair copper, and connector types. Watch demonstrations of how to configure a wireless router, and how to configure NLB (network load balancing). You will learn to use a physical device or virtual appliance network load balancer, on-premises or in the cloud. Finally, this course shows learners how to configure a network load balancer by using AWS (Amazon Web Services).
14 videos | 1h 3m has Assessment available Badge
System Security Certified Practitioner (SSCP 2018): Security Concepts
Learners can explore the ISC squared (International Information System Security Certification Consortium) and its Code of Ethics when performing security work in this course, which prepares for the Systems Security Certified Practitioner (SSCP) certification exam. In its 14 videos, you will examine the four canons of Ethics: 1) to protect society and infrastructure; 2) to act honorably, honestly, justly, responsibly, and legally; 3) to provide diligent and competent service to principals; and 4) to advance and protect the profession. Examine the CIA (confidentiality, integrity, and availability) triad for security controls; then examine restricting access or protecting data through encryption. You will learn how to provide data assurances, and how to use MS Windows Power Shell and Linux to generate file hashes, and digital signatures. Learners will explore availability, and the importance to assuring business processes can run uninterrupted. Next, explore how accountability and data access can be used to track users, devices, or software. Finally, you will learn how to enable file system auditing.
14 videos | 1h 2m has Assessment available Badge
System Security Certified Practitioner (SSCP 2018): Risk Management
This 12-video course explores risk management when engaging in business activities supported by IT solutions. Prepare for the Systems Security Certified Practitioner (SSCP) certification exam as you examine risk classification, and learn how to identify digital assets and threats, including natural disasters such as floods, fires, or storms; manmade disasters, arson, terrorism; and identity theft. This course demonstrates threat modeling, and the process to use to identify and prioritize threats. You will examine how to optimize resources, and to focus on reducing risks, and explore counter measures in relation to prioritized threats. Next, explore BIA (business impact analysis), and its importance to business continuity. You will learn how a BIA can be incorporated into a DRP (disaster recovery plan) to facilitate recovery of a failed system. Learners will examine the use of a risk registry with the likelihood of the risk occurrence, the business impact should it occur, and a severity rating. You will learn about risk avoidance and mitigation. Finally, you will explore cost efficiencies for risk mitigation.
12 videos | 45m has Assessment available Badge
System Security Certified Practitioner (SSCP 2018): Cryptography Primer
Continue preparing for the Systems Security Certified Practitioner (SSCP) certification exam with this 14-video course, which explores how cryptography can be used to provide confidentiality and integrity for data at rest, and data in transit. You will learn how to acquire a PKI (public key infrastructure), and how to generate a random key to feed into an encryption algorithm. Next, you will examine data hashing and salting. Examine how symmetric and asymmetric encryption provides data confidentiality, and about ECC (elliptic curve cryptography), an asymmetric, cryptographic algorithm. Learners will then explore secure network protocols, including SSL (secure sockets layer), to provide cryptographic functions such as encryption, message authentication, and integrity. This course demonstrates the use of cryptanalysis to identify security flaws, and how to enable IPsec (Internet security protocol) to secure network traffic, and have it applied to all TCP/IP (transmission control protocol/Internet protocol) network traffic. Finally, you will explore how the Telnet and SSH (secure shell) protocols are used for remote administration of things like Linux, Unix, Windows computers.
14 videos | 50m has Assessment available Badge
System Security Certified Practitioner (SSCP 2018): Public Key Infrastructure
This 13-video course explores the PKI (public key infrastructure) certificate, its lifecycle, and how to use it to secure IT solutions, while preparing learners for the Systems Security Certified Practitioner (SSCP) certification exam. You will learn about the numerous CAs (certificate authorities), a hierarchy of digital security certificates, where unique public and private key pairs are issued for each certificate. Learners will explore public and private CAs, including the Microsoft Active Directory Certificate Services, then examine the PKI hierarchy, where certificates are issued and managed by a certificate authority. This course demonstrates how to set up a private certificate authority within your own organization. You will learn to use Linux to create a PKI Certificate Authority, and about the tools available in Linux. This course examines how the CAs digitally sign issued certificates using its private key, and how the signature is used to establish trust. Finally, you will learn several ways to store a PKI certificate, for example, on a smart card, or in a file.
13 videos | 1h 1m has Assessment available Badge
System Security Certified Practitioner (SSCP 2018): Identity Management
Learners can explore identity management, also known as IAM (identity and access management), in this 14-video course helping prepare for the Systems Security Certified Practitioner (SSCP) certification exam. You will learn how to configure identities to have strong authentication for users and devices, such as smart phones. Next, examine single-factor authentication, in which one category is used to authenticate, such as a username and a password. You will examine multifactor authentication where there is a username and a password, and having an additional private key. Learners continue by examining how to use an identity federation, and SSO (single sign-on) a centralized trusted set of logon credentials. This course demonstrates the multiple phases of the IAM lifecycle, including account request, how accounts are provisioned, how the user access is enforced and reported, and how it is de-provisioned. You will learn the concepts and terminology, including IDP (identity provider) and RP (resource provider), and how to use MS Active Directory for authentication. Finally, learners will examine Amazon Web Services CLI (command-line interface) authentication.
14 videos | 1h 1m has Assessment available Badge
System Security Certified Practitioner (SSCP 2018): Controlling Resource Access
This 14-video course explores common methods and uses real-world examples for providing resource access after authentication. Prepare for the Systems Security Certified Practitioner (SSCP) certification exam by examining defense in depth, a security term for multiple layers of security. You will learn about Discretionary Access Control, where the resource owner sets the permissions. You will learn how to use the Windows command line to manage a Windows file system access control list, and you will examine MAC (mandatory access control). You will learn to modify the default file system access control permissions on a Linux host using umask. You will examine RBAC (role-based access control). You will learn to use Microsoft PowerShell to assign permissions to a Windows group. You will learn to assign permissions to a group in Linux, and how to modify the default file system access control permissions on a Linux host by using umask. You will learn to configure Attribute-based Access Control in Windows, and object-level access control. Finally, learners will examine NAC (network access control).
14 videos | 1h 5m has Assessment available Badge
System Security Certified Practitioner (SSCP 2018): Security Controls
This course is an exploration and comparison of several categories of security controls ranging from deterrent controls to technical controls, in preparation for the Systems Security Certified Practitioner (SSCP) certification exam. In 14 videos, learners will examine security control safeguards to reduce risks and mitigate threats, including threat detection and threat avoidance. This course uses several examples of security controls, including user awareness and training, deterrent controls, detective controls to confirm vulnerabilities or active threats, and preventative controls to restrict threats, or limit their impact. Learn to install and configure the Microsoft NPS (Network Policy Services) to implement network access control. Next, examine how physical security controls to limit access to IT systems. You will learn why and how to disable SSL version 3, both on the client web browser side as well as on the web server side. You will then learn about administrative controls to guide actions that are taken by personnel within the organization. Learners observe how to use the Microsoft Active Directory to deploy security control settings.
14 videos | 1h 8m has Assessment available Badge
System Security Certified Practitioner (SSCP 2018): Asset & Change Management
Explore asset and change management, and their relationship to security through discussion and demonstration, in this 14-video course, which examines classes of assets, including personnel, hardware, software, data, and trade secrets. Prepare for the Systems Security Certified Practitioner (SSCP) certification exam by learning how to inventory hardware assets; how hardware is configured; and learning about network entry points such as VPN concentrators, wireless access points, and ethernet switches. This course examines software assets, including off-the-shelf and customized software. Learners observe how to configure a hardware inventory using Microsoft SCCM (System Center Configuration Manager). You will learn about data classification, and techniques to help facilitate security on a larger scale. Next, learn how file classification works by using the Windows Server Operating System and the File Server Resource Manager role service. You will examine TPM (Trusted Platform Module), firmware that is embedded in a chip, and which can be used with MFA (multifactor authentication). You will explore MDM (mobile device management). Finally, this course demonstrates a structured approach to change management and adoption.
14 videos | 1h 14m has Assessment available Badge
System Security Certified Practitioner (SSCP 2018): Network Security
This 14-video course explores the key concepts for designing and implementing a secure network. Continue preparations for the Systems Security Certified Practitioner (SSCP) certification exam by exploring physical network design, including the location of the network, wired and wireless networks, and infrastructure devices. You will examine local network infrastructure device management, and logical network design, such as VLANs (virtual local area networks), virtual network switches, and software-defined networking. Next, learners observe how to enable HTTPS for a network printer. You will explore types of firewalls, the placement of firewall solutions, and ACLs (access control lists), and how to configure a firewall rule. Then learn how to configure cloud-based firewalls by using the AWS (Amazon Web Services) console, and to configure a firewall rule on a Linux host. You will learn to configure IDS (intrusion detection systems) and IPS (intrusion prevention systems), and placement of intrusion and prevention systems. Finally, this course discusses Bluetooth, NFC (near field communication), and how to configure Wi-Fi security settings on wireless router.
14 videos | 1h 7m has Assessment available Badge
System Security Certified Practitioner (SSCP 2018): Malware & Endpoint Security
This 14-video course explores how malware infections occur, and how to mitigate these threats. Learners prepare for the Systems Security Certified Practitioner (SSCP) certification exam by examining how to compare current activity to a baseline. You will examine spyware, which tracks your computing usage with or without your consent, and adware, to direct information to the user. Next, explore rootkits, which stem from replacing UNIX Operating System files in the past with malicious code, and hide their presence. You will examine types of rootkits, including the form of files replaced on the host, running processes in memory, web browser plug-ins, on a Windows platform, or a Windows registry entry. You will examine backdoors which create a hidden entry point for malicious users, and is part of a rootkit. You will explore worms, viruses, and social engineering security threats. This course demonstrates how to configure common Windows Defender settings, and how to use the SCCM (System Center Configuration Manager), and malware policies by using white lists, and locking down USB removable media. 
14 videos | 1h 3m has Assessment available Badge
System Security Certified Practitioner (SSCP 2018): Securing Environments
Learners can explore how to secure virtual and cloud environments in this 12-video course, which examines different types of virtualization technologies, including hypervisors, application virtualization, OS (operating system) virtualization, and desktop virtualization. Prepare for the Systems Security Certified Practitioner (SSCP) certification exam by examining hypervisors, a physical host that runs virtual machines, and appropriate software, and uses them to increase server density. You will learn about application virtualization, where the app files are not installed on the host machine, but run on the host machine. Next, you will examine OS virtualization where a virtual machine is assigned virtual hardware, such as virtual CPUs, virtual network adapters, and hard disks. You will learn how to install and configure a Microsoft Hyper-V Virtual Machine. Learn how to configure iSCSI (Internet Small Computer Systems Interface), and secure it by using CHAP (challenge handshake authentication protocol). Then learn to use AWS (Amazon Web Service) to secure data at rest in the cloud. Finally, you will examine laws and regulations to consider when using public cloud services.
12 videos | 1h 3m has Assessment available Badge
System Security Certified Practitioner (SSCP 2018): Security Assessments
This 15-video course prepares learners for the Systems Security Certified Practitioner (SSCP) certification exam by exploring security assessments, vulnerability scans, and penetration testing. First, you will examine the Nmap (network mapper) scanner to probe computer networks for host discovery, service, and operating system detection. You will learn how to use Nmap to conduct a network scan by using Windows. This course examines vulnerability scanning, and it demonstrates how to do penetration testing to identify and exploit host and network weaknesses. Learners will examine the importance of monitoring and analysis to identify security incidents. You will learn how to use a Windows performance monitor, and how to monitor resource usage in Linux. Continue by examining LANguard and end map assessments. This course then demonstrates how to view system logs to troubleshoot problems, and how to enhance the security of a network. You will learn how to configure log filtering in a Windows environment. Finally, learners will explore SCADA (Supervisory Control and Data Acquisition), and SIEM (for Security Information and Event Management).
15 videos | 1h 8m has Assessment available Badge
System Security Certified Practitioner (SSCP 2018): Digital Forensics
This course explores key aspects of digital forensics by looking at device usage while helping prepare learners for the Systems Security Certified Practitioner (SSCP) certification exam. In 13 videos, you will examine evidence gathering, chain of custody, data recovery, hard drive scrubbing, IP address tracking, and memory forensics. You will learn that a crucial aspect of digital forensics is the gathering of evidence in a lawful manner. Next, learners will examine how to determine when events occurred, when files were modified, when certain websites were accessed, and when messages were received. You will examine the chain of custody for preservation of evidence, and having a detailed account of gathering and handling evidence. This course demonstrates how to recover deleted data, and how to use a steganography tool to hide data in plain sight. You will examine memory forensics, a subset of digital forensics. This course then discusses the NIST (National Institute of Standards and Technologies) document publication 800-86. Finally, learn how to create a raw image of a hard disk drive.
13 videos | 52m has Assessment available Badge
System Security Certified Practitioner (SSCP 2018): Business Continuity
This 14-video course explores effective contingency planning and incidence response while preparing learners for the Systems Security Certified Practitioner (SSCP) certification exam. First, examine core elements of business continuity planning, data backup and restore, redundancy, how to use RAID (redundant array of independent disks), and incident response. This course then describes how to assess risk, the likelihood of events occurring against valued assets, and how to conduct a BIA (business impact analysis). Learners will explore a BCP (business continuity plan), assess assets, IT systems, data, and possible threats against those valued assets. This course continues by discussing alternate disaster recovery site types, including cold sites, warm sites, and hot sites. You will learn to use Windows Server 2016 to configure backup of data, restore data from a virtual machine, and understand the importance of backing up configurations of servers. You will learn to configure software RAID level 1 and RAID level 5 on a Windows host. Finally, learners will examine incident response lifecycles, and observe how to prepare the IRP (incident response plan).
14 videos | 58m has Assessment available Badge
SHOW MORE
FREE ACCESS

COURSES INCLUDED

SSCP 2021: Basic Security Concepts
Most candidates for the (ISC)² Systems Security Certified Practitioner (SSCP) exam will have the required one year of paid job experience. So the basic security concepts are most likely a review for most learners. However, simply defining the technology is not enough. Candidates must be able to grasp how the following principles are implemented: (ISC)² Code of Ethics, confidentiality, integrity, availability, accountability, privacy, non-repudiation, least privilege, and segregation of duties (SoD). Take this course to explore how you would apply these principles to your own daily security operations. Upon completion, you'll have a solid knowledge of the topics covered in Domain 1: Security Operations and Administration of the (ISC)² SSCP 2021 CBK, preparing you to take the exam.
11 videos | 32m has Assessment available Badge
SSCP 2021: Security Controls
When an organization decides to mitigate risk as part of a handling strategy, they will, in essence, raise the difficulty or resistance to threat actors using various security controls. If your role involves upholding the operational security of your organization's most coveted assets, you must be familiar with the many types of controls available. Use this course to become familiar with security control categories and the controls that fall within them. Among others, explore administrative controls, like security policies and procedures; technical controls, like device hardening and application firewalls; and physical controls, like surveillance equipment and security personnel. When you're done, you'll be able to decide the security controls you should implement in your organization. This course covers topics from Domain 1: Security Operations and Administration of the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 CBK.
10 videos | 25m has Assessment available Badge
SSCP 2021: Asset & Change Management Lifecycles
As a security practitioner, assessing risk and applying controls is a fundamental part of the job description. However, doing so becomes pretty challenging if you don't know the value and priority of all physical and logical assets. Solid comprehension of the well-established lifecycles and architectures involved in both asset and change management will help you implement all your security initiatives smartly. In this course, examine the processes and best practices involved in each of the asset and change management lifecycle phases. When you've finished, you'll know the best way to implement each of these phases within the context of your own business. This course explores topics from Domain 1: Security Operations and Administration of the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 CBK.
10 videos | 46m has Assessment available Badge
SSCP 2021: Physical Security Operations
Although on the surface, choosing physical controls may seem common sense and subjective, there are likely options and considerations you're unaware of. Furthermore, SSCP exam candidates must have a broad knowledge of these controls to pass the exam. Use this course to explore, in detail, the many categories and types of physical security controls, including barriers, such as gate types; surveillance, such as camera types; types of locks and sensors; secure areas, such as Faraday cages; and environmental controls, such as air gaps. Upon course completion, you'll be able to customize your physical security methods to suit your organization. This course covers subtopic 1.8 from Domain 1: Security Operations and Administration of the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 CBK.
10 videos | 34m has Assessment available Badge
SSCP 2021: Understanding & Applying Cryptography
Although cryptography isn't covered until domain 5 of the SSCP CBK, potential exam candidates and security professionals will benefit from foundational knowledge of cryptosystems early in their training. Use this course to grasp the reasons and requirements for cryptography in safe-guarding information, including regulations and governance. Investigate cryptographic techniques, such as hashing and salting, symmetric and asymmetric encryption, and elliptic curve cryptography. Discover what's involves in digital signatures and certificates. Explore cryptographic attacks, cryptanalysis, and countermeasures. And delve into advanced cryptosystems, such as quantum computing and blockchain. Upon course completion, you'll be aware of the various traditional and modern cryptology techniques used to protect data and communications. This course will help you in the lead-up to taking the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
10 videos | 45m has Assessment available Badge
SSCP 2021: Secure Protocols & Public Key Infrastructure (PKI)
Early on in the development of TCP/IP and the application layer protocols and services, it was decided not no build native security but rather to add new secure mechanisms and protocols. The aim was to maintain internetworking and interoperability without adding too much overhead. Knowing how these protocols work and how you can implement them will change how you protect your organization's information. Use this course to get abreast of some of the most vital secure protocols and their implementation along with other core services, such as key management, web of trust (WOT), and Public Key Infrastructure (PKI). Upon course completion, you'll be able to detail how and why these protocols and services are used. This course will help you in the lead-up to taking the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
8 videos | 38m has Assessment available Badge
SSCP 2021: Authentication & Trust Architectures
As a security professional, you'll likely have been exposed to the concept of origin authentication. However, in today's modern environment of mobile devices, the Internet of Things, and embedded systems, more robust authentication, authorization, and identity management methods are imperative. Use this course to comprehend how single and multi-factor authentication, single sign-on (SSO), device authentication, and federated access work. Examine the use of trust relationships between domains and what's meant by Zero Trust. And distinguish between various internetwork connections such as the Internet, intranets, and extranets. Upon course completion, you'll be able to detail how and why these authentication mechanisms and trust architectures are used. You'll also be one step closer to being prepared to take the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
7 videos | 33m has Assessment available Badge
SSCP 2021: Identity Management & Access Control Models
Whether you manage one or thousands of digital identities, the expectation for regulatory compliance, top-level security, and speedy access control will be the same. The importance of access control is reinforced by Domain 2 of the SSCP exam, representing 15% of the overall subject matter. Among other topics, this domain covers the identity management lifecycle and access control models. Use this course to gain a clear comprehension of the various aspects of identity management, namely authorization, proofing, provisioning, de-provisioning, maintenance, and entitlement. Furthermore, explore several types of access control models, including role-based and rule-based, and investigate the Bell-LaPadula and Biba mandatory access confidentiality and integrity models. Upon course completion, you'll recognize the identity management and access control techniques needed in your organization. You'll also be further prepared to sit the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
10 videos | 40m has Assessment available Badge
SSCP 2021: Risk Management
If a threat agent exploits an IT asset's vulnerability, then the consequences for a business could be detrimental. In IT security terms, the likelihood of this happening and the potential impact if it did constitutes the concept of risk. Those responsible for the operational security of assets need to know how to reduce risk sufficiently. Use this course to learn the many ways to identify, assess, and manage risk related to IT infrastructure. Explore, in detail, various risk management techniques, such as risk visibility and reporting, threat modeling, and risk treatment. Examine legal and regulatory concerns when managing risk. And see how to implement organizational security awareness and training. Upon completion, you'll know how to bring risk magnitude down to a pre-defined acceptable level. You'll also be further prepared to sit the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
9 videos | 46m has Assessment available Badge
SSCP 2021: Security & Vulnerability Assessment
Once you've assessed an organization's risks, you need to implement continuous visibility and reporting to understand risk evolution. Furthermore, once you've established security policies and controls, you need to test and evaluate them to confirm their efficacy. To meet these goals, security practitioners need to know how to uncover vulnerabilities, identify events of interest, monitor logs, and analyze metrics. Use this course to learn security and vulnerability assessment techniques and methodologies. Explore security testing, risk review, and vulnerability management. Examine data logging and event aggregation. Learn how to implement monitoring and event data analysis. And see how to document and communicate findings. Upon completion, you'll be able to identify, monitor, and analyze security risks. You'll also be further prepared to sit the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
8 videos | 30m has Assessment available Badge
SSCP 2021: Incident Response & Forensics
Unprecedented events such as the Y2K bug and terrorist attacks, along with increasing cybercrime pervasiveness and sophistication, have meant that since the early 2000s, a security team's ability to recover from a disaster has moved from a bonus to non-negotiable. There are several phases to incident response, from preparation to forensic investigations and beyond. A competent security professional needs to know all of them. Use this course to learn what's involved in the incident response lifecycle phases of preparation, detection, analysis, escalation, containment, eradication, recovery, and lessons learned. As you advance, explore essential aspects of cyber forensic investigations, such as handling evidence and reporting. Upon completion, you'll know the multiple facets of incident response and cyber forensics. You'll also be further prepared to sit the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
9 videos | 36m has Assessment available Badge
SSCP 2021: Business Continuity Planning
When dealing with security, preparation is key. A variety of disasters could happen to most organizations at any moment, and the impact that could have on data and systems could be detrimental. There are many measures and processes to help recover from a disaster. Use this course to learn a handful of them. Explore the main elements of business continuity planning (BCP), also called continuity of operations (COOP). See what's involved in business impact analysis and disaster recovery planning. And examine various backup and restore methods. Upon course completion, you'll know several strategies to ensure a business continues to function after a disaster. This course's objectives line up with those in Domain 4: Incident Response and Recovery of the SSCP CBK and will help you prepare for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
7 videos | 36m has Assessment available Badge
SSCP 2021: Fundamental Networking Concepts
Historically speaking, the vast majority of security practitioners, technicians, engineers, and architects come from the field of local and wide area networking. This factor, as well as the importance of protecting data-in-transit, makes networking a critical knowledge area. Use this course to get to grips with several networking concepts and methodologies. Learn to distinguish between the OSI and TCP/IP reference models. Explore network topologies, relationships, and media types. See what's meant by software-defined networking (SDN), Remote Authentication Dial-In User Service (RADIUS), and terminal access controller access-control system plus (TACACS+), among other terms. Examine commonly used ports and protocols. And look into remote access connectivity and virtual private networks (VPNs). Upon course completion, you'll be familiar with several fundamental networking concepts and network access control methodologies. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
9 videos | 50m has Assessment available Badge
SSCP 2021: Network Attacks & Countermeasures
A critical aspect of risk and security management is having a clear picture of the present threatscape. This involves knowledge of threats actors, exploits, vulnerabilities, and malware along with countermeasures that include various technical, physical, and managerial controls. Take this course to learn to recognize several types of network attacks. Examine various methods for managing network security, from network device placement to configuring access control lists and using firewalls and proxies. Furthermore, learn how to secure network-based security devices as well as routers and switches. Then, delve into content delivery networking, cloud-based load balancers, and intrusion detection and prevention. Upon course completion, you'll know what's involved in both network attacks and countermeasures. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
10 videos | 1h 5m has Assessment available Badge
SSCP 2021: Secure Wireless Communication
Network and communications security is part of the SSCP Domain 6 objectives and includes the important topic of securing wireless communication. Use this course to learn about the key features of wireless networking technologies and the security vulnerabilities you need to consider. Examine key aspects about the operation of wireless technologies on the network including common wireless 802.11 standards and their distinguishing characteristics, and explore cellular, Wi-Fi, Bluetooth, and Near-Field Communication (NFC). Learn about the role of authentication and encryption protocols like WPA, WPA2, WPA3, and Extensible Authentication Protocol (EAP) as used on the network. Finally, learn how to secure various Internet of Things (IoT) devices including embedded devices and software-on-a-chip technology. Upon course completion, you'll know what's involved in securing wireless communication and devices. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
7 videos | 35m has Assessment available Badge
SSCP 2021: Malware & Countermeasures
To secure systems and applications appropriately, security practitioners must first recognize the various types of malicious code and activity. After this, they need to execute the best measures to counter these exploits. Use this theory-based course to recognize multiple types of exploits and malware and their most common countermeasures. Explore malware variants, such as rootkits, spyware, scareware, and ransomware. Examine countermeasures involving scanners, antimalware, and code signing. Then, study malicious activities, such as insider threats, data theft, zero-day exploits, and advanced persistent threats (APTs). And discover their various countermeasures, such as system hardening, patching, and data loss prevention (DLP). Lastly, investigate advanced mitigation techniques that involve behavioral and data analytics, machine learning, and artificial intelligence. Upon completion, you'll be able to identify and analyze malicious code and activity. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
7 videos | 36m has Assessment available Badge
SSCP 2021: Endpoint Protection & Mobile Device Management
The first decade of the 21st century saw an explosion in the use of various mobile devices and cloud service providers in the enterprise. With this came a new challenge for security professionals from which several techniques and tools were developed. Get to grips with the many terms and activities related to endpoint protection and mobile device management in this vocational course. Explore what's involved in host-based intrusion prevention systems (HIPS) and host-based intrusion detection systems (HIDS). Examine endpoint encryption, protection, detection, and response. And study mobile provisioning and mobile device and application management. Upon course completion, you'll be familiar with the best techniques for protecting various devices and systems. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
8 videos | 33m has Assessment available Badge
SSCP 2021: Secure Virtual & Cloud Environments
The security landscape changes in tandem with the evolution of technology. As virtualization and cloud computing have emerged, so have associated security tools, techniques, and regulations. Ensure your security knowledge is up-to-date with this advanced exam preparatory course. Learn about hypervisors, virtual appliances, and containers. Examine continuity and resilience, attacks and countermeasures, and legal and regulatory concerns. Explore what's involved in shared and data storage, deployment and service models, processing, and transmission. Delve into third-party/outsourcing requirements, data portability, data destruction, and auditing. And finally, investigate the cloud computing shared responsibility model. When you're done, you'll know how to secure technologies related to virtualization and cloud computing. You'll also be further prepared for the (ISC)² Systems Security Certified Practitioner (SSCP) 2021 exam.
8 videos | 41m has Assessment available Badge
SHOW MORE
FREE ACCESS

COURSES INCLUDED

(ISC)² & Security Fundamentals
What is (ISC)²? How does it help security? Find out from this course, which will introduce you to the (ISC)² organization, its Code of Professional Ethics, and its CISSP exam, which certifies competence in the eight domains of the (ISC)2® CISSP CBK®. Next, you will study the CIA triad, and consider how to identify, classify, and determine ownership of information and assets. You'll also learn about data privacy protection requirements, such as HIPAA and PCI-DSS, as well as data loss prevention (DLP) methods. Conclude by familiarizing yourself with appropriate asset retention practices and data security controls, as well as information-handling and asset-handling requirements.
11 videos | 44m has Assessment available Badge
Cryptographic Client-based Systems
Gain an advanced knowledge of cryptographic systems, life cycles, techniques, and methodologies. This course introduces you to cryptology and cryptographic systems. It then examines integrity and hashing in relation to cryptography, explores cryptographic methods and techniques, and discusses the nature of cryptanalytic attacks. You will then learn about the phases of the cryptographic life cycle, digital signatures, and the use and function of public key infrastructure (PKI). From there, you will go on to consider key management practices, such as key stretching, pinning, key escrow, and hardware security modules (HSM). Finally, as a review exercise, you will list three types of ciphers, three types of cryptographic hashing, and three different hashing algorithms.
10 videos | 1h has Assessment available Badge
Communication & Network Security
Discover how to implement secure architectures and controls for communication and network security. In this course, you will learn about secure design principles for networks, secure network components, OSI TCP/IP models, multilayer and converged protocols. Other topics covered include the following: signal transmission media, Network Admission Control (NAC) endpoint security, content-distribution networks, unified communications, wireless networking, remote access technology, and virtualized network security. As you conclude, there will be a review exercise, where you will list four security architecture principles, name three common security components of network switches, list three types of proxies, name four features of unified communications, and list five SIEM system features.
12 videos | 1h 20m has Assessment available Badge
Identity and Access Management (IAM)
Explore domain topics related to management, control, deployment, and accountability of various identity and access services in the enterprise, as well as the provisioning life cycle.In this course, you will learn about control physical and logical asset access, identification and authentication of entities, identity integration, authorization mechanism implementation, access control models, identity management implementation, access review and provisioning, and Federated Services. As a review exercise, you will list three examples each of Federated Services, military asset classification labels, and commercial asset classification labels.
9 videos | 1h 3m has Assessment available Badge
Site & Facility Security Controls
Explore the domain of physical security as it relates to the corporate facility and on-site locales. In this course, you will learn about wiring closets, intermediate distribution, security controls for server rooms and data centers, media storage facilities, and evidence storage techniques and practices. Other topics include restricted work area security, utilities and HVAC intrusion protection, environmental controls, and fire prevention, detection, and suppression techniques. As a review exercise, you will name three types of keyless locks, list for types of motion detectors, list three security best practices to store evidence, and list four security practices that the Kraken bitcoin exchange uses for administrative, technical, and physical controls.
9 videos | 37m has Assessment available Badge
CISSP: Security
Explore the domain areas concerning governance, compliance, and business continuity planning for the enterprise security practitioner and engineer. In this course, you will evaluate and apply security governance principles to various situations. You will learn how to determine contractual, legal, industry standard, and regulatory requirements. Then you will move on to review privacy principles, requirements, and legal/regulatory considerations. From there, you will see what is needed to develop, document, and implement security policies, standards, procedures, and guidelines, as well as business continuity and disaster recovery plans. Other topics include learning how to align security functions with business strategies and objectives; ensuring compliance with due care and due diligence; identifying and analyzing cybercrimes and data breaches; comparing import/export and transborder data controls. Finally, you will examine licensing, intellectual property, and privacy requirements.
13 videos | 1h 6m has Assessment available Badge
CISSP: Risk Management
What roles do humna resources and legal departments play in ensuring that an enterprise is run securely? During this course, you will explore the governance, compliance, and business continuity planning domains for the enterprise security practitioner and engineer. You will observe how these departments must work closely with the security policy steering committee to enforce personnel security policies and procedures. See how to apply risk assessment and analysis techniques; study how to respond to risks, including measurement and monitoring. Discover how to implement threat modeling concepts and methodologies. Learn to apply risk-based management concepts to the supply chain. Also learn to build and maintain security training programs. Finally, as a review exercise, you will examine various IT security controls.
7 videos | 45m has Assessment available Badge
Security Architecture and Engineering
Explore the world of security engineering, such as the engineering processes that use secure design principles. In this course, you will start by becoming familiar with security architecture and engineering practices. You will then compare various security models, such as the state machine, lattice, noninterference, information flow, Bell-LaPadula confidentiality, and Clark-Wilson integrity models. Next, you will learn how to select various technical controls based on a system's requirements. Other topics include: how to compare security capabilities of one system to another, and how to mitigate vulnerabilities in security architectures and designs. You will conclude the course with a review exercise on how to describe security engineering and design. In the exercise, you will list four principles of secure network design, name five common attributes of next generation firewalls, name four proxy types, and list three rules of the Bell-LaPadula model.
6 videos | 48m has Assessment available Badge
Vulnerability Assessment & Mitigation
Explore the domain of security assessment, design, and mitigation for web-based, mobile, and embedded systems. This course will start by examining common web-based attacks, such as SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), carjacking, clickjacking, and cookie exploits. Next, you will learn how to evaluate general strategies to mitigate vulnerability. The course then moves on to mitigation strategies fo rmobiles, such as containerization, sandboxes, wrappers, secure encrypted enclaves, TPM, and tokenization. You will then study enterprise mobility management methods, privacy concerns, and security issues. Other topics include how to assess vulnerabilities and common threats for embedded devices; and how to walk through methods to reduce embedded device vulnerability. Finally, as a review exercise, you will describe how to assess and mitigate systems vulnerabilities.
10 videos | 52m has Assessment available Badge
CISSP: Security Assessment & Testing
Find out what is involved with security assessment and testing. In this course, you will walk through steps you can take to support investigations. Examine resource provisioning and protection requirements, such as maintaining a chain of custody (CoC) to handle evidence. Learn key points about how to log and monitor operations, implement tests of security controls and processes, design and validate audit strategies, conduct security audits, and analyze test output. As a review exercise, you will describe how to effectively assess and test security.
8 videos | 54m has Assessment available Badge
CISSP: Security Operations
Explore the subject of security concerns and management tasks of continuous security operations and initiatives. During this course, you will review various operations security principles and see how to conduct or facilitate security audits. You will identify asset inventory measures and asset management controls. See how to manage configurations and changes and spot the differences between change management and configuration management. Compare features of privileged and service accounts. Finally, consider legal issues related to information security, such as service level agreements (SLAs), non-disclosure agreements (NDAs), and operational level agreements (NLAs).
9 videos | 40m has Assessment available Badge
Monitoring & Reporting
Discover security principles and management tasks of continuous security operations and initiatives. Learn about protocol analyzers, network scanners, vulnerability scanners, and other continuous monitoring systems. Review egress monitors as well as security information and event management (SIEM) systems. Examine various types of intrusion detection and prevention methods, such as NIDS and NIPS. Walk through forensic investigative processes. Explore digital forensics tools, tactics, and procedures. Observe reporting and documentation techniques, as part of a post-incident response, including root cause analysis and an after-action report of lessons learned.
9 videos | 55m has Assessment available Badge
Conducting Incident Management
Discover various methods for incident handling, disaster recovery, and business continuity, for enterprise. During this course, you will learn how to conduct detective and preventative measures, implement patch and vulnerability management, participate in change management processes, and setup a disaster recovery plan (DRP). You will observe how to test disaster recovery plans and identify elements of a business continuity plan (BCP). You will also examine physical security needs, such as confidentiality, integrity, and availability (CIA) requirements for an organization. From there you will observe how to assess environmental, man-made, supply system, and political threats, as well as their impacts; and consider protective measures for physical security, such as surveillance, lighting, tokens, biometrics, and Faraday cages. Finally, you will learn how to address personnel safety and security concerns.
12 videos | 1h 32m has Assessment available Badge
CISSP: Software Development Security
Explore the Software Development Life Cycle (SDLC), as well as how to secure and manage the software development and application development environments. You will begin by dentifying the main software development phases: requirements, acquisition (development), test and evaluation, and commissioning/decommissioning, and how security is integrated. Next, you will examine various development security controls for development; and apply secure coding techniques to meet standards and best practices. As a review exercise, you will list four development security controls, name six secure coding techniques, and name four software development methods.
8 videos | 36m has Assessment available Badge
SHOW MORE
FREE ACCESS

COURSES INCLUDED

CISSP 2021: (ISC)2 & the CISSP Exam
In this introductory course of this CISSP training series, you will learn about the (ISC)2 code of professional ethics and organizational code of ethics that all CISSP candidates must attest to in order to be certified. These codes transcend the certification and should permeate every aspect of the life of a security practitioner, engineer, or architect. This course will also introduce the various characteristics of the 3-hour CAT and 6-hour linear CISSP examinations, including domain weightings. After completing this course, you'll have a foundational understanding of codes of ethics and aspects of the CISSP exam.
5 videos | 9m has Assessment available Badge
CISSP 2021: Fundamental Concepts & Principles
Even with several years of practical experience in the security field, knowledge and application of specific security concepts and principles may have eluded even the seasoned security professional. Use this course to brush up on some of the vital, core security principles, such as confidentiality, integrity, and non-repudiation. Be reminded of the critical role of security design in the ISO OSI 7-layer Reference Model and the 4-layer TCP/IP Reference Model. Upon completion of this course, you'll be fully attuned to the most fundamental aspects of security. Furthermore, you can use this course to prepare for the CISSP exam.
9 videos | 31m has Assessment available Badge
CISSP 2021: Secure Design Principles
Security design principles are crucial while designing any security mechanism for a system. This course will help you gain a better understanding of how these principles help develop a secure system, which prevents security flaws and also blocks unwanted access to it. Get familiar with security concepts and principles such as defense in depth, least privilege, and zero trust and explore them further with the help of real-world applications and use cases. After completing this course, you'll be aware of the significance of methodologies for implementing separation of duties, secure defaults, secure failure, and privacy by design while avoiding over-complexity.
11 videos | 44m has Assessment available Badge
CISSP 2021: Security Governance Principles
All security imitative begin at the top as an aspect of global corporate governance. The modern security architect must understand the role of security governance in the bigger picture as well as how it should align with the value proposition of the organization. This course will help you get familiar with the principles of security governance, aspects of compliance and industry standards, and the components of conducting investigations. After you are done with this course, you will be able to recognize and assess issues related to security governance, compliance, and regulations. Further, this course will help you prepare for the CISSP exam.
8 videos | 45m has Assessment available Badge
CISSP 2021: Security Policy
The written and published security policy is a critical aspect of security governance in all sizes and types of organizations. Use this course to gain a better understanding of security policy development and implementation. Delve into employment and personnel policies, third-party policies and agreements, as well as security awareness and training. Upon finishing this course, you'll have a foundational knowledge of security governance and will be able to prepare for the CISSP exam.
9 videos | 41m has Assessment available Badge
CISSP 2021: Asset Classification & Lifecycle
Before a security practitioner can even begin to implement security controls and countermeasures, they must have a good understanding of the types and valuation of organizational assets, both tangible and intangible. Data exists in various states and different locations, and it must be handled and treated according to pre-established policies. Explore methods for classifying, prioritizing, handling assets throughout the entire lifecycle to disposition using this course. Examine various aspects of the lifecycle: data and asset states and classification, information and asset handling requirements, data roles, and asset destruction and sanitation. After completing this course, you will have a knowledge of organizational assets and how to classify them. Further, you can also use this course to prepare for the CISSP exam.
9 videos | 45m has Assessment available Badge
CISSP 2021: Risk Management
A security professional must be familiar with risk management concepts to be able to apply them effectively. Use this course to explore the management of risks to tangible and intangible assets. Get familiar with the details of vulnerability and risk assessment, countermeasure selection and implementation, and risk frameworks. This course will also help you examine the monitoring, measuring, and reporting of risk and delve further into threat modeling and supply chain risk management (SCRM). You'll have an understanding of risk management fundamentals and how to apply them after completing this course. Moreover, you can also use this course to prepare for the CISSP exam.
12 videos | 1h 8m has Assessment available Badge
CISSP 2021: Practical Cryptography
Cryptology is crucial to network security as it secures data, information, and communication. Take this course to build a strong foundation in cryptography and cryptanalysis - the two aspects of cryptology. This course will help you gain a better understanding of two objectives of the security architecture and engineering domain: selecting and determining cryptographic solutions and understanding methods of cryptanalytic attacks. These will support your exploration of controls and countermeasures to be implemented going forward in the security lifecycle. You'll be able to outline practical cryptographic solutions and cryptanalysis and prepare for the CISSP exam after completing this course.
10 videos | 40m has Assessment available Badge
CISSP 2021: Identity and Access Management Principles
Identity and access management (IAM) is crucial for businesses in order to identify and mitigate security violations, define user identity, and manage access privileges and authorization. Gain a better understanding of critical concepts, terms, and models needed to build a strong foundation in IAM using this course. Explore different areas of physical and logical control and learn more about security models like Biba and Bell-LaPadula. You will also delve deeper into authorization mechanisms, such as MAC, RBAC, DAC, and ABAC. You will have a better understanding of authentication and authorization fundamentals after completing this course. Further, you can also use this course to prepare for the CISSP exam.
11 videos | 39m has Assessment available Badge
CISSP 2021: Deploying Identity & Access Management (IAM)
If implemented properly, Identity Access Management mechanisms and protocols can greatly improve an enterprise's visibility and security. This course will help you delve deeper into the practical implementation of identity and access management controls and mechanisms. Explore the implementation of authentication systems like SAML, investigate the management of the identity and access provisioning lifecycle, and discover how the identification of people, devices, and services are managed. You'll also examine authentication and authorization protocols, provisioning and deprovisioning, and accounting, registration, and proofing of identity. After finishing this course, you'll have an understanding of how to effectively use and execute identity and access mechanisms within your organization. Moreover, you can also use this course to prepare for the CISSP exam.
12 videos | 49m has Assessment available Badge
CISSP 2021: Architecture, Design, & Solutions Vulnerabilities
A security professional needs to be acquainted with security architecture and engineering as they determine the design, implementation, monitoring, and securing of systems and networks of an organization. Use this course to explore the fundamentals of security architecture and engineering. Learn more about client-server, databases, and distributed systems, examine IoT, containers, serverless, and microservices, and explore embedded system security and constraints in detail. You'll also get familiar with TPM, HPC, and edge computing security. Upon completion of this course, you'll be able to assess and mitigate the vulnerabilities of modern security architectures, designs, and solutions, as well as understanding the capabilities of securing information systems. Further, you can also use this course to prepare for the CISSP exam.
12 videos | 56m has Assessment available Badge
CISSP 2021: Site & Facility Security
In past iterations of the CISSP exam, physical security was a domain in itself. In the recent version of CISSP, this topic is found in the Security Architecture and Engineering domain. Use this course to explore security principles and for site and facility design and examine various site and facility security controls. Discover how to navigate the essentials of facility and site security, investigate common physical controls, and get familiar with the physical defense-in-depth approach. You'll also learn about the prevention, detection and, suppression of fire in greater detail. After completing this course, you'll be able to assess issues with the security design of a site or facility and implement appropriate controls to address them. Moreover, you can also use this course to prepare for the CISSP exam.
12 videos | 42m has Assessment available Badge
CISSP 2021: Communication & Network Security
Some CISSP domains have evolved further than the others over the past few years, and the communication and network security domain is a prime example. Explore cutting-edge technologies, such as converged protocols, micro-segmentation, 5G, and content distribution networks (CDN) using this course. Examine secure protocols, wireless and cellular networking, and secure communication channels. This course will also help you investigate the mechanisms involved in endpoint security. After completing this course, you'll be acquainted with the fundamentals of security concerns in network channels. You can also use this course to prepare for the CISSP exam.
10 videos | 1h 6m has Assessment available Badge
CISSP 2021: Security Operations
The security operations domain represents 13% of the CISSP exam and is one of the most important areas of practice for the security engineer and architect. Use this course to gain an in-depth theoretical comprehension of core security concepts, such as configuration, change, and patch management, logging and monitoring, vulnerability assessment and management, incident response, BCP, BIA, DRP, and forensic investigations. After completing this course, you'll be familiar with the processes, best practices, and tools to put these security concepts in place. If you're preparing for the CISSP exam, this course will help you.
10 videos | 1h 2m has Assessment available Badge
CISSP 2021: Business Continuity Planning
Business impact and continuity planning form part of the most crucial topics in security operations. They involve identifying risks, foreseeing potential threats and the impact on business operations if disasters occur, and planning accordingly to prevent and recover from these possible occurrences. Use this course to learn how to develop a business impact analysis plan. Examine what's involved in business continuity planning and continuity of operations processes. Explore various backup storage and recovery strategies. Also, learn how to conduct multiple types of tests on disaster recovery plans. Upon completion of this course, you'll be able to plan for recovery from various types of disasters and know how to document all processes before and after the fact correctly. Furthermore, you'll be a step closer to being prepared for the CISSP exam.
8 videos | 35m has Assessment available Badge
CISSP 2021: Security Assessment & Testing
For an organization to achieve continual improvement and attain a higher level of security maturity, a solid plan for security assessment and testing must be in place. Explore the fundamental aspects of security assessment and testing through this course. You will delve deeper into designing and validating assessment, test and audit strategies, and data collection. This course will also give you a deeper insight into performing security testing, analyzing the output, generating reports, and facilitating audits. After completing this course, you will possess the skills and knowledge to implement appropriate security assessment and testing measures within your organization. Further, you can also use this course to prepare for the CISSP 2021 exam.
6 videos | 31m has Assessment available Badge
CISSP 2021: Software Development Lifecycles & Ecosystems
Security has become an integral element of the software development lifecycle (SDLC). A security professional needs to be aware of software development methodologies and ecosystems to safeguard their business against data breaches and other security threats. Use this course to learn more about different aspects of software development lifecycles, such as development methodologies, maturity models, security controls, SOAR and SCM in application security, and application security testing. Having completed this course, you'll have a foundational understanding of the different elements of SDLC. Moreover, you can also use this course to prepare for the CISSP 2021 exam.
8 videos | 40m has Assessment available Badge
CISSP 2021: Software Development Security
Securing software development should be an area of focus for business owners and security professionals because it reduces business risk, protects the data stored in business applications, and ensures ongoing compliance with governing security laws and regulations. Use this course to gain a deeper understanding of software development security. Learn more about assessing built and acquired software security, cloud deployment types and their relationship to security, and software diversity. You'll also examine weaknesses in source code and APIs and secure coding techniques. Upon completion of this course, you'll have the skills and knowledge to implement secure practices while developing software. You'll also be a step closer in your preparation for the CISSP 2021 exam.
8 videos | 35m has Assessment available Badge
SHOW MORE
FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE COURSES

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

BOOKS INCLUDED

Book

The InfoSec Handbook: An Introduction to Information Security
Allowing beginners to enter the field and understand the key concepts and ideas of Information Security, this guide offers a practical and simple view of the security practices while still offering somewhat technical and detailed information relating to security.
Book Duration 8h 45m Book Authors By Umesh Hodeghatta Rao, Umesha Nayak

Book

Information Security Management Handbook, Sixth Edition, Volume 6
Bringing together the knowledge, skills, techniques, and tools required of IT security professionals, this comprehensive reference facilitates the up-to-date understanding required to stay one step ahead of evolving threats, standards, and regulations.
Book Duration 9h 48m Book Authors By Harold F. Tipton, Micki Krause Nozaki (eds)

Book

The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice, Second Edition
Giving you the basic knowledge needed to understand the key concepts of confidentiality, integrity, and availability, this clear, non-technical book dives into practical applications of these ideas in the areas of operational, physical, network, application, and operating system security.
Book Duration 4h 30m Book Authors By Jason Andress

Book

The Information Systems Security Officer's Guide: Establishing and Managing a Cyber Security Program, Third Edition
Providing users with information on how to combat the ever-changing myriad of threats security professionals face, this accessible guide presents practical advice on establishing, managing, and evaluating a successful information protection program in a corporation or government agency.
Book Duration 6h 23m Book Authors By Gerald L. Kovacich

Book

Practical Information Security Management: A Complete Guide to Planning and Implementation
Covering a wealth of information that explains exactly how the industry works today, this book focuses on how you can set up an effective information security practice, hire the right people, and strike the best balance between security controls, costs, and risks.
Book Duration 6h 51m Book Authors By Tony Campbell
SHOW MORE
FREE ACCESS

BOOKS INCLUDED

Book

SSCP Systems Security Certified Practitioner All-in-One Exam Guide, Third Edition
Including exam tips, practice exam questions, and in-depth explanations. this authoritative guide enables you to take the exam with complete confidence or use the book as an ideal on-the-job reference.
Book Duration 12h 48m Book Authors By Darril Gibson

Book

The Official (ISC)2 Guide to the SSCP CBK, Fourth Edition
Offering step-by-step guidance through each of SSCP’s domains, including best practices and techniques, this book brings together a global, thorough perspective to not only prepare for the SSCP exam, but it also provides a reference that will serve you well into your career.
Book Duration 16h 25m Book Authors By Adam Gordon, Steven Hernandez

Book

The InfoSec Handbook: An Introduction to Information Security
Allowing beginners to enter the field and understand the key concepts and ideas of Information Security, this guide offers a practical and simple view of the security practices while still offering somewhat technical and detailed information relating to security.
Book Duration 8h 45m Book Authors By Umesh Hodeghatta Rao, Umesha Nayak

Book

Information Security Management Handbook, Sixth Edition, Volume 6
Bringing together the knowledge, skills, techniques, and tools required of IT security professionals, this comprehensive reference facilitates the up-to-date understanding required to stay one step ahead of evolving threats, standards, and regulations.
Book Duration 9h 48m Book Authors By Harold F. Tipton, Micki Krause Nozaki (eds)

Book

The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice, Second Edition
Giving you the basic knowledge needed to understand the key concepts of confidentiality, integrity, and availability, this clear, non-technical book dives into practical applications of these ideas in the areas of operational, physical, network, application, and operating system security.
Book Duration 4h 30m Book Authors By Jason Andress

Book

The Information Systems Security Officer's Guide: Establishing and Managing a Cyber Security Program, Third Edition
Providing users with information on how to combat the ever-changing myriad of threats security professionals face, this accessible guide presents practical advice on establishing, managing, and evaluating a successful information protection program in a corporation or government agency.
Book Duration 6h 23m Book Authors By Gerald L. Kovacich

Book

Practical Information Security Management: A Complete Guide to Planning and Implementation
Covering a wealth of information that explains exactly how the industry works today, this book focuses on how you can set up an effective information security practice, hire the right people, and strike the best balance between security controls, costs, and risks.
Book Duration 6h 51m Book Authors By Tony Campbell
SHOW MORE
FREE ACCESS

BOOKS INCLUDED

Book

CISSP All-in-One Exam Guide, Eighth Edition
Featuring learning objectives at the beginning of each chapter, exam tips, practice questions, and in-depth explanation, this completely up-to-date self-study system helps you pass the exam with ease and also serves as an essential on-the-job reference.
Book Duration 30h 39m Book Authors By Fernando Maymí, Shon Harris

Book

CISSP for Dummies, 6th Edition
If you’re a security professional seeking your CISSP certification, this expert guide is a perfect way to prepare for the exam.
Book Duration 9h 25m Book Authors By Lawrence C. Miller, Peter H. Gregory

Book

Eleventh Hour CISSP: Study Guide, Third Edition
Concisely covering the main objectives of the exam with key concepts highlighted, this thorough book is streamlined for maximum efficiency of study, making it ideal for professionals updating their certification or for those taking the test for the first time.
Book Duration 3h 43m Book Authors By Eric Conrad, Joshua Feldman, Seth Misenar

Book

CISSP Practice Exams, Fourth Edition
Fully updated and featuring new exam question formats, this in-depth self-study tool contains more than 1250 realistic practice exam questions and offers 100% coverage of the 2015 CISSP Common Body of Knowledge.
Book Duration 12h 48m Book Authors By Jonathan Ham, Shon Harris

Book

Practical Information Security Management: A Complete Guide to Planning and Implementation
Covering a wealth of information that explains exactly how the industry works today, this book focuses on how you can set up an effective information security practice, hire the right people, and strike the best balance between security controls, costs, and risks.
Book Duration 6h 51m Book Authors By Tony Campbell

Book

Information Security Policies, Procedures, and Standards: A Practitioner's Reference
Highlighting key terminology, policy development concepts and methods, and suggested document structures, this practical guide includes examples, checklists, sample policies and procedures, guidelines, and a synopsis of the applicable standards.
Book Duration 3h 18m Book Authors By Douglas J. Landoll

Book

The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice, Second Edition
Giving you the basic knowledge needed to understand the key concepts of confidentiality, integrity, and availability, this clear, non-technical book dives into practical applications of these ideas in the areas of operational, physical, network, application, and operating system security.
Book Duration 4h 30m Book Authors By Jason Andress

Book

Information Security: A Practical Guide
Covering everything from your first day at work as an information security professional to developing and implementing enterprise-wide information security processes, this book provides an overview of basic information security practices that will enable your security team to better engage with their peers to address the threats facing the organisation as a whole.
Book Duration 1h 25m Book Authors By Tom Mooney
SHOW MORE
FREE ACCESS

BOOKS INCLUDED

Book

70 Tips and Tricks for Mastering the CISSP Exam
Learn how to think and apply knowledge in a practical way. Tackling the CISSP exam is vastly different from simply understanding the subject matter.
Book Duration 5h 21m Book Authors By R. Sarma Danturthi