Fundamentals of Cyber Resilience and Risk Management

This 13-video course explores data protection for businesses, including devices, social media, and good governance through security principles, policies, and programs. You will examine several types of security threats, the different types of network attacks, the role physical security plays in the protection of corporate data, and the human element of security threats. Next, learners examine the attack surface, including the total combined nodes, users, devices, and any entry points of software, a network, and a business environment. You will examine threats, vulnerabilities, and risks, and learn the importance of network hardening. This course uses real-world examples of several top security threats to businesses today, including malware, social engineering, unpatched software, BYOD (bring your own device), and IoT (Internet of things). You will examine clickjacking and URL spoofing. Finally, this course discusses the legal and financial ramifications of a major security breach, the importance of having a security policy, training personnel, password protection, and managing a company's security.

Security governance is a huge part of overall corporate or organizational governance. The security practitioner must be aware of various governance elements, regulations, laws, standards, policies, and procedures. Begin this course by exploring the elements of governance, including mission charter, leadership, and corporate guidance. Then investigate various laws and regulations like General Data Protection Regulation (GDPR) and HIPAA, standards issued by the International Organization for Standardization and International Electrotechnical Commission (ISO/IEC), and the National Institute of Standards and Technology (NIST), and common policies and standard operating procedures. Next, examine the International Information System Security Certification Consortium (ISC2) code of ethics. Finally, discover security control categories and types. This course prepares learners for the (ISC)2 Certified in Cybersecurity exam.

In order to protect your enterprise assets, you should be familiar with and know how to apply key cybersecurity resiliency concepts. In this course, you'll learn about redundancy concepts like geographic dispersal, RAID, and NIC teaming. You'll explore replication methods like storage area networking and virtual machines. You'll move on to examine various backup types, including full, incremental, differential, and snapshot. Next, you'll look at non-persistence and high availability concepts. Finally, you'll learn about the order of restoration and diversity concepts. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

In this 14-video course, learners can explore security risk management concepts and discover how to assess, categorize, monitor, and respond to organizational risks. Examine key terms such as threats, vulnerabilities, impacts, and risks, and the steps involved in the National Institute of Standard and Technology (NIST), risk management framework (RMF). Begin by learning how risk relates to information systems, and look at the concepts of managing risks, differentiating between threats, vulnerabilities, impacts, and risks. Examine the first step of the NIST RMF, categorizing risk, and then the second RMF step, selecting security controls. Next, observe the third step, implementing security controls; the fourth step, assessing security control effectiveness; the fifth step, examining risk, and output of security controls assessment to determine whether or not the risk is acceptable; and the last step, monitoring controls. Recognize benefits of a control-focused risk management approach; the benefits of an event-focused risk management approach; and risk communication. Finally, explore risk response and remediation, and differentiating between different risk responses such as accepting, avoiding, mitigating, sharing, or transferring risk.

At the end of the day, cybersecurity is all about understanding risk. In this course, you'll learn about how risk pertains to cybersecurity, risk levels, and how to use a risk matrix to visualize risk. You'll also examine the concept, practice, and phases of risk management, which can help you minimize the negative effects of risk. Next, you'll explore how using Cyber Threat Intelligence is a more proactive approach towards your cybersecurity defenses and the four types of CTI. Finally, you'll learn about using threat modeling to stop threats before they become security incidents and the five steps common to the threat modeling process. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v11 (312-50) exam.

Discover how organizational security policies specify details for hardening organizational assets including patching, data masking and digital rights management. This course also covers baselines, secure disposal and IPsec. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) Certification Exam CS0-002.

In this 14-video course, you will learn how to drive system configuration monitoring by using tools to keep systems secure and the importance of monitoring system configuration within an organization for incident response. Key concepts covered here include the configuration management (CM) process and how it can influence securing system configuration for incident response; tools and software to monitor systems and their advantages for incident response; and continuous monitoring in risk management, including the three-tier approach. Next, learn the process of minor, major, and unknown configuration changes; learn the importance of securing CM processes in the software development lifecycle (SDLC) for preventing security impacts; and observe methods for identifying common high probability items, such as identifying default or weak credentials. Continue by learning to implement a secure system CM program; and how to assess the monitoring process and perform security configuration evaluations. Finally, observe methods of monitoring releases and deliveries throughout SDLC; learn security controls for monitoring system configuration in a cyber framework; and learn how monitoring system configuration is important in today's enterprise SDLC.

Securing hardware includes applying firmware updates and configuring devices on isolated networks. In this course, you'll learn about mobile device security, IoT security, and vulnerable device lists. You'll explore physical security and the security risks presented by drones and vehicles. You'll move on to examine how SCADA is used for industrial device networks, how to recognize BIOS and UEFI security settings, how self encrypting drives can protect data at rest, and how hardware security modules are used for encryption offloading and cryptographic secret storage. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.

Discover how IT security analysts must recognized how malicious attacks take place. Explore how to analyze log results allows for the detection of security incidents. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) Certification Exam CS0-002.

Your organization's security posture is critical to its success-and security technicians must be aware of known and emerging security threats from a variety of sources. Learners begin this 14-video course by exploring various ways for security technicians to keep up-to-date and ahead of the curve. Examine various security intelligence sources and how to use the MITRE corporation's invaluable, trademarked ATT&CK knowledge base. Learners next discuss threat intelligence collection, threat classification for prioritization, and different sources and motivations of IT threats. Not sure what the bug bounty program is? Confused by false positives-mislabeled security alerts-and how to handle them? This course gives you the information you need. Become familiar with the Common Vulnerability Scoring System (CVSS), which provides a way to allocate or assign a score to a vulnerability: the higher the score, the bigger the threat. Then go on to examine the National Vulnerability Database (NVD). The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.

Cyber attribution analysis is used to track, identify, and incriminate perpetrators of cyber attacks or exploits and is a must-know offensive security operations technique. In this course, you'll learn about the fundamental concepts and critical concerns related to attribution. You'll start by examining the different attribution types and levels before exploring attribution indicators, techniques, best practices, tools, and challenges. Moving on, you'll gain insight into how to identify and interpret forensic artifacts gathered from various sources, manage evidence, and make attribution judgments and assessments. You'll then study geopolitics, the Intelligence Community, and legal considerations as they relate to cyber threats and attribution. Lastly, you'll look into how malware cyber threat reverse engineering, code sharing analysis, and network behavior analysis lead to attribution.

Perhaps nothing is more frustrating for the average computer user-or his IT security staffer-than being tricked into divulging sensitive information by a social engineering practitioner. Hackers are malicious and ingenious-using malware, bots, ransomware, viruses, and plain garden-variety scams-but there are sensible ways to reduce the risk. This 13-video course offers you invaluable information on hackers' methods and ways to mitigate their devious schemes-whether by e-mail phishing messages, malware, or bots, a favorite tool of black-market operators. Next, learners explore the danger of ransomware and how to mitigate this threat; how malware and botnets have become black-market commodities; and why botnets are proliferating under cybercriminals' user control. Then watch a demonstration of how to configure a reverse shell and use the Malzilla tool to explore malicious web pages. The course concludes by exploring a GUI (graphical user interface) malware dashboard and showing how to configure malware settings on an endpoint device. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.

As a security specialist, you need to be familiar with and apply a range of security concpets related to operating in an enterprise environment. In this course, you'll explore enterprise security factors like change and configuration management, as well as data sovereignty, protection, and loss prevention. You'll learn about hardware security modules, geographical considerations, cloud access security brokers. You'll move on to examine response and recovery controls, SSL/TLS inspection, and site resiliency. Finally, you'll learn about deception and disruption techniques using honeypots, honeyfiles, honeynets, fake telemetry, and DNS sinkholes. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

Web applications are ubiquitous in today's computing world, and many software development tools are available to help with secure web app creation. In this course, examine different software development tools and explore server-side and client-side code. Next, learn how to scan web apps for vulnerabilities using OWASP ZAP and Burp Suite, write secure code, and enable the Metasploitable intentionally vulnerable web app virtual machine. Finally, compare the different types of software testing methodologies, learn the difference between vulnerability scanning and penetration testing, and discover how web application firewalls (WAFs) protect web apps from common attacks. Upon completion, you'll be able to recognize the key components of secure web app creation and the purpose of the Open Web Application Security Project (OWASP).

In networking, communications are facilitated using a number of communication protocols. In this course you'll explore the various protocols used for transmitting information including email protocols SMTP, POP3, and IMAP. Then you'll learn about instant messaging and the SIMPLE and XMPP protocols. You'll discover VoIP, SIP, RTP, H.323 and MGCP, and unified communications. There are several protocols used to facilitate communication on the Worldwide Web. So, you'll explore HTTP and URLs. Then you'll learn about SSL and TLS. Finally, you'll discover RDP and FTP. This course was originally created by Global Knowledge (GK).

Cryptographers far from enemy lines have long helped win shooting wars by cracking enemy codes-and in the new world of cyber warfare, cryptography has become the first line of defense for hundreds of millions of civilians worldwide. In this 21-video course, you will learn just how cryptography and encryption protect sensitive data, both in transit and at rest. Learners are given important information about public key infrastructure (PKI) hierarchy and lifecycles; protection in UFS (Ultra Flash Storage) and Bitlocker; and on Linux and cloud storage. Learn about the hashing process, including how to generate file hashes for Linux and Windows. Then learn about using SSL (secure sockets layer) and TLS (Transport Layer Security) to secure network traffic, cloud certificate authority (CA) deployment, and certificate issuance. Next, learn how to configure custom encryption keys for cloud storage and how to configure a Microsoft IIS web site with a PKI certificate. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.

Securing user and device logins, as well as access to IT resources, relates to authentication and authorization. In this course, you'll learn how to differentiate between authentication and authorization and also ow to enable 2FA and MFA user authentication. Next, you'll explore how to enable Wi-Fi RADIUS authentication, configure SELinux, and enable attribute-based control in Windows. Lastly, you'll examine how to use Group Policy to configure password policy settings, crack passwords using freely available tools like the Johnny tool, brute-force RDP using Hydra, and limit cloud admin access using role-based access control. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.

Knowing how to respond to malware incidents is a critical skill for security professionals, and the first step to achieving malware response skills is understanding the types of malware you will face in the field. In this course, you'll explore different types of malware such as worms, Trojan viruses, botnets, ransomware, and rootkits. You'll then round out your knowledge by identifying the different methods used to classify a virus and determine its potential impact.

Familiarization with the different types of malware analysis and the tools used to analyze malware is a critical skill for IT security professionals. In this course, you'll explore the characteristics of malware and the impact the malware has on the infected system. You'll learn how to identify different malware analysis techniques, such as static and dynamic malware analysis, to discover activities performed by malware. You'll also examine some of the tools used to perform both static and dynamic malware analysis and how to use a disassembler to view malware code.

Understanding what tools to use to recover a system after it is infected with malware is a critical skill. In this course, you'll explore the symptoms of virus infected systems and best practices for malware removal. You'll learn about different remediation approaches for different types of malware. You'll also look at some of the tools used to remove and recover systems after they have been infected such as the Windows Malicious Software Removal Tool, the Windows repair options, and how to restore a system image backup.

Knowing how to respond to a malware incident and who to report the malware incident to is critical to a timely response. In this course, you'll learn key steps for responding to malware incidents, as well as how to identify key persons to report the malware incident to and steps to take to help prevent future malware incidents.

This 14-video course examines continuous integration (CI), the purpose of CI, and why it is important for successful software development. Learners will begin with a look at the benefits of using CI and some of the best practices. Next, you will learn about common mistakes that companies make when trying to integrate and utilize CI, and how to avoid making those mistakes. Discover why CI crucial to developing high-quality software systems and increasing customer satisfaction, and understand how CI and automated testing are related and how to create effective automated tests. You will delve into the stages of the CI pipeline and the importance of each phase, and examine the CI pipeline and how to configure it to efficiently run automated tests. You will compare CI, continuous delivery, and continuous deployment and how they are related to each other, and view the features of common continuous integration tools. To conclude the course, you will work with CircleCI, GitHub, and Bamboo for continuous integration.