Final Exam: Security Architect

Intermediate
  • 1 Video | 32s
  • Includes Assessment
  • Earns a Badge
Likes 7 Likes 7
Final Exam: Security Architect will test your knowledge and application of the topics presented throughout the Security Architect track of the Skillsoft Aspire Security Analyst to Security Architect Journey.

WHAT YOU WILL LEARN

  • recognize how to determine the appropriate scope of engagement
    identify the best practice for creating a data privacy breach plan and notifying stakeholders
    execute a simple Ansible playbook
    identify common types of security data breaches and how the notification process is different for each type
    identify security solutions that align with business objectives
    recognize how to respond to and manage incidents
    identify security solutions
    describe PII and PHI
    describe of the benefits of having a easy reference checklist or templates prepared when defining RoE
    describe best practices you should outline in the event that testing is successful or unsuccessful
    describe the transition to playbooks and services in the cloud
    list key logistical considerations such as testing tools, personnel, and test schedules
    describe how to ensure proper authority has been granted to commence any testing, such as obtaining signatures from key stakeholders
    discuss the Gramm Leach Bliley Act breach guidelines and stakeholder response obligations
    describe common risks and limitations you should outline such as impact on systems, and ensuring backups are available and the disaster recovery plan is intact
    describe the use of automation to improve consistency for security practices
    provide an overview of the importance of ethical hacking in today's world
    recognize the importance of using templates or checklists prior to and during a penetration test
    compare ethical hacking tools such as Nmap, Wireshark, Metasploit, and Kali Linux
    describe elements that should be included in a final report such as actions taken, problems, and findings
    describe the tools used in security triage
    list common ethical hacking tools such as Nmap, Wireshark, Metasploit, and Kali Linux
    describe common tips and rules of thumb for security triage
    plan security with DevOps in mind
    recognize best practices when testing uncovers exploits or vulnerabilities
    provide an overview of the benefits of having a easy reference checklist or templates prepared when defining RoE
    list different types of ethical hacking such as web application, system hacking, web server, wireless, and social engineering
    analyze system log activity and describe security events to look for
    describe the importance of communication and stakeholder management in security triage
    recall how GDPR protects European Union citizen data
  • describe the concepts of security triage and strategies to implement triage
    describe some of the challenges in implementing security playbooks
    discuss the Digital Privacy Act and breach response obligations and focus areas for the compliance plan
    describe various approaches to security through playbooks
    describe warranty, limitation of liability, and indemnification considerations to include when outlining the intent of testing activities, as well as and any liability concerns
    identify the relevance of security baselines, compliance reports, and regulatory compliance
    recall PCI security requirements
    describe common protocol anomalies that require triage
    describe how proactive ethical hacking can build better overall security through vulnerability assessments
    recall how GLBA applies to financial institutions
    list different types of real-world hackers such as white hat, black hat, and grey hat
    plan security can be implemented with DevOps
    describe the important elements needed in a security playbook
    analyze DNS activity and describe security events to look for
    describe automation techniques in security triage
    recognize ISO security standards
    identify the sections of the data breach response plan and why it is important to have one
    discuss the HIPAA breach guidelines and stakeholder response obligations
    configure an IPS to protect a system with an Ansible playbook
    install Ansible and remotely execute commands on a managed host
    describe how SIEM allows for centralized security event monitoring
    discuss the General Data Protection Regulation breach guidelines and stakeholder response obligations
    recognize the need for proactive security incident planning
    configure unattended upgrades with an Ansible playbook to keep a system up to date
    identify stakeholders that need to be notified during a security breach incident and best practices for notifying them
    recognize NIST security standards
    describe approaches to detecting anomalies and handling them with security triage
    compare the relevance of security baselines, compliance reports, and regulatory compliance
    recognize how HIPAA protects medical information
    plan how security can be implemented with DevOps

IN THIS COURSE

  • Playable
    1. 
    Security Architect
    33s
    UP NEXT

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.