Aspire Journeys

Penetration Tester to SecOps Engineer

  • 30 Courses | 26h 37m 40s
  • 4 Labs | 32h
Rating 5.0 of 1 users Rating 5.0 of 1 users (1)
The primary goal of SecOps is to reduce process inefficiencies of traditional enterprise security and operations teams by making them share accountability, processes, tools, and information, which leads to improved security and operational performance. Explore the different stages required to go from a Penetration Tester to a SecOps Engineer.

Track 1: Penetration Tester

In this Skillsoft Aspire track of the Penetration Tester to SecOps Engineer journey, the focus will be on Penetration Testing fundamentals, security measures, end-user behavior, physical and Wi-Fi pen testing, and advanced pen testing techniques.

  • 8 Courses | 9h 10m 39s
  • 1 Lab | 8h

Track 2: Incident Response Leader

In this Skillsoft Aspire track of the Penetration Tester to SecOps Engineer journey, the focus will be on incident response, preemptive troubleshooting, securing network appliances, monitoring systems configuration, patch management, and regulation conformance.

  • 8 Courses | 8h 46m 39s
  • 1 Lab | 8h

Track 3: Ethical Hacker

In this Skillsoft Aspire track of the Penetration Tester to SecOps Engineer journey, the focus will be on Ethical Hacking.

  • 8 Courses | 4h 45m 7s
  • 1 Lab | 8h

Track 4: SecOps Engineer

In this Skillsoft Aspire track of the Penetration Tester to SecOps Engineer journey, the focus will be on SecOps Engineering.

  • 6 Courses | 3h 55m 15s
  • 1 Lab | 8h

COURSES INCLUDED

Penetration Testing Fundamentals
This 14-video course explores penetration testing, and the role it plays in protecting a company's assets and networks from exploitation and attacks. In this course, users learn how penetration testing can expose security weaknesses. You will also learn about different types of penetration testing, and how to test for common penetration types, and you will examine the importance of penetration testing for an organization. This course demonstrates passive information gathering, or open- source gathering to search for available information about the organization. You will learn to use active information gathering to target the organization's systems, the employees, their networks to gain information. Next, explore several different types of exploits that can cause problems, including buffer overflow attacks, client side and website attacks, password attacks, and port forwarding exploits; and learn how to conduct a privilege escalation attack. Finally, you will examine how penetration testers and bad actors can gain access to a system by using network tunneling.
14 videos | 1h 18m has Assessment available Badge
Pen Testing Awareness: Results Management
This 14-video course explores benefits to an organization and the role of penetration testing to protect digital assets and networks. In this course, learners observe how to manage and analyze testing results. You will examine several testing methods, including black box, white box, and grey box testing. Next, you will learn about rules of engagement documents, which is executed prior to starting the penetrations testing. This document outlines rules around the test, and the importance of setting stopping points within a penetration test, and when to stop a penetration test. Explore test findings management, risk, risk tolerance, and how to align recommendations to an organization's needs and goals. You will learn about risk tolerance from a privacy and intellectual property perspective, and how to create good test reports for clients. You will learn to categorize your findings by using CVE (Common Vulnerabilities and Exposure) database, or the CVE details. Finally, you will learn how to communicate needed changes, and to emphasize the importance of further testing after recommendations are implemented.
14 videos | 1h 27m has Assessment available Badge
Security Measures: Implementing Security Controls
Explore the use of security controls with the NIST Cybersecurity Framework in this 14-video course, which examines anatomy of security controls, from common to advanced and complex. You will discover how to test and monitor security controls, including the most basic quick-win controls for several control types. Key concepts covered here include security controls in relation to the overall NIST Cybersecurity Framework, and how security controls are relevant in SecOps; the major security control types and components of a security control; and defensive and quick-win controls for major control types. Next, learn how they are compromised, and steps for root cause analysis; learn the CIS critical security controls and how they are implemented; and observe how to assess security controls, including establishing security metrics for risk management framework and reporting. Learn how to investigate security controls when one fails and describe how to mitigate outcomes; learn processes of auditing security controls; and learn potential risk scenarios and how to mitigate and respond using security controls, including how to test controls to effectively respond.
14 videos | 1h 16m has Assessment available Badge
Pen Testing: End-user Behavior
Explore penetration testing, its limitations, and how end-user behavior affects this process in this 14-video course, which examines several types of penetration testing, the reliance on end-user behavior, and the challenges facing organizations. You will explore the role of human error in causing data breaches, user awareness, preventing attacks, and how to use end-user analytics. You will learn to use tools to perform user behavior analytics, and how to use test results to create and communicate reports. Next, learners will examine how to create a plan for organizations to check user behavior when a threat is received, and explore the need for cybersecurity training for employees. You will learn to use advanced analytics that focus on user activity instead of specific static threat indicators to detect anomalies or malicious behavior. You will explore social engineering attacks, how to perform a social engineering penetration test, and how to counter social engineering attacks. Finally, examine the role played by human behavior in penetration testing.
14 videos | 1h 47m has Assessment available Badge
PenTesting for Physical Security
This 14-video course explores physical penetration testing, and how to test a business's infrastructure, including IT assets, its data, people, and physical security to locate any exploitable vulnerabilities. In this course, you will learn why lockpicking is essential in cybersecurity, and you will examine different types of locks and lockpick tools. This course demonstrates several types of penetrations, including EM (electromagnetic security vulnerabilities), dumpster diving, and tailgating, and how to protect against these attacks. You will learn about penetration testing types, including network services, web and client applications, Cloud penetration, penetration testing of wireless networks, and social engineering. Learners will explore several penetration tools, including Kali Linux, which comes with tool such as Nmap, Wireshark, and John the Ripper; the Aircrack suite; OpenVas, and several others. You will learn about web app security testing methodologies. Learners will observe the elements of a successful report, and how to document penetration testing results. Finally, this course demonstrates practicing testing skills by using Grier Demo website.
14 videos | 1h 7m has Assessment available Badge
Wi-Fi Penetration Testing
Explore the business convenience of Wi-Fi access, how to recognize the vulnerabilities of wireless networks, and the importance of Wi-Fi penetration testing in this 12-video course, which examines the categories of threats that can compromise a Wi-Fi network. First, you will examine built-in sniffing capabilities used for penetration testing, and the process for performing a rough access point analysis. This course examines Wi-Fi hotspots, web security, and the vulnerabilities of WEP (wired equivalent privacy). This course demonstrates the process used to exploit a Wi-Fi client's vulnerabilities. You will learn how to use Powerfuzzer, an automated customizable web fuzzer, that is part of Kali Linux vulnerability analysis tools. You will learn how to perform a wireless DoS (denial of service) attack against a wireless network. You will examine bugs using the technique of Wi-Fi fuzzing, and how to exploit WPA with PSK secured Wi-Fi. Finally, you will examine the best practices for turning Wi-Fi penetration testing results into policy, security protocols, and user education programs.
12 videos | 51m has Assessment available Badge
Advanced Pen Testing Techniques
Explore advanced penetration testing tools and techniques used to find vulnerabilities, sniff network traffic, deal with cryptography, and crack passwords in this 14-video course. Learners will discover common techniques used to find weaknesses in both Linux and Windows-based systems. Key concepts covered here include finding vulnerability by using scanners and other techniques; how to capture and analyze network traffic with Wireshark; and learning about wireless security technologies, such as WEP, WPA/2/3, and their vulnerabilities. Continue by learning about cryptography and its four goals; learning to differentiate between symmetric and asymmetric cryptography; and learning how to choose a password cracking technique. Next, learn to differentiate between malware types and recognize the consequences of using targeted malware; learn to differentiate between scanning and enumeration; and learn the benefits of using Python to build scripts and deliver exploits. Then perform Linux privilege escalation with a penetration tester; perform Windows privilege escalation to exploit a Windows system by using the AlwaysInstallElevated technique; and use PowerShell to perform pen testing tasks such as reporting on all USB devices installed.
14 videos | 1h 22m has Assessment available Badge
Final Exam: Penetration Tester
Final Exam: Penetration Tester will test your knowledge and application of the topics presented throughout the Penetration Tester track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.
1 video | 32s has Assessment available Badge

COURSES INCLUDED

Policy & Governance: Incident Response
Learners can explore the creation, adoption, and use of an IRP (Incident Response Plan) in this 14-video course, which examines the purpose and objectives of an IPR, and how it incorporates the objectives of an organization. You will learn how to draft an IRP, and examine the six stages of incident response: preparation, identification, containment, eradication, recovery, and lessons learned. Next, you will examine several tools that are available for incident response strategies, including Sleuth Kit, Metasploit, Websense, and FireEye Security Orchestrator. You will explore the different types of CSIRTs (Computer Security Incident Response Teams), team roles, their purpose, and the benefits of an outsourced team. This course demonstrates an incident team response with two hypothetical scenarios. You will learn about compliance and regulatory requirements, and will examine the international standard, ISO 27001. You will examine governance policy to direct and control IT security. Finally, you will learn to use governance polices to create incident response policies, and you will learn the elements and best practices for creating a plan.
14 videos | 1h 9m has Assessment available Badge
Planning Measures: Incident Response Planning
This 8-video course explores how to build an effective incident response plan, including creation of response policies, plans, procedures, and teams. In this course, you will examine the process to recover from security related incidents such as malware, data leakage, or stolen equipment. You will also review what to implement for security controls to prevent attacks against confidentiality, integrity, and availability of company assets. Learners observe how to create an incident response plan and the steps for creating incident response policies, plans, and procedures. You will learn the six phases necessary to build an incident response plan, and the job roles for each member of the team. You will examine who should be part of the CSIRT (computer security incident response team). Next, examine the different roles that make up a computer security incident response team, their purposes, and the elements of an incident response policy. Finally, this course uses a real-world case study to demonstrate how to implement the incident response plan.
8 videos | 33m has Assessment available Badge
Preemptive Troubleshooting: Concepts & Strategies
Explore preemptive troubleshooting for your organization's cyber security in this 14-video course, which examines available strategies, tools, best practices, and security policies to keep your system secure. First, you will examine how preemptive troubleshooting applies to security in SecOps and how it is different from intrusion detection systems and intrusion prevention systems. This course then demonstrates several scenarios that a SOC (security operations center) can use when troubleshooting network issues and system compromise. Learn best practices, including spotting weak passwords, hardware and software vulnerabilities, and security policies and procedures to keep systems secure. You will also learn how to use password policies, auditing, and how to prevent security compromises. This course demonstrates how threat hunters can help spot threats before they occur. Learners will study the policies and tools for troubleshooting hardware. Finally, you will learn how software and hardware update policies can aid in keeping system secure, and how preemptive resolution and training can help an organization to better secure its systems.
14 videos | 1h 24m has Assessment available Badge
Security Best Practices: Network Appliance Security
This course explores the best practices for securing network appliances, and the top network security risks in 14 videos examining best practices for IoT (Internet of things) security risks. You will learn the best practices for transitioning to the Cloud, and the three basic service models IaaS (infrastructure as a service), PaaS (platform as a service), and SaaS (software as a service). Learners will then examine the network perimeter, and security issues and strategies when moving to the Cloud, including how to address de-perimeterization and perimeter exploitation. You will learn about several security architecture models, including Zero Trust Architecture, intrusion kill chain, and the diamond model for intrusion analysis. You will examine the impact of software defined networking, and micro-segmentation to the network security. Learn about next-generation firewalls, network intrusion detection and prevention systems, and distributed denial of service attacks. Finally, you will learn the best practices of Zero Trust Architecture, and how to incorporate them.
14 videos | 1h 32m has Assessment available Badge
Monitoring & Securing System Configuration
In this 14-video course, you will learn how to drive system configuration monitoring by using tools to keep systems secure and the importance of monitoring system configuration within an organization for incident response. Key concepts covered here include the configuration management (CM) process and how it can influence securing system configuration for incident response; tools and software to monitor systems and their advantages for incident response; and continuous monitoring in risk management, including the three-tier approach. Next, learn the process of minor, major, and unknown configuration changes; learn the importance of securing CM processes in the software development lifecycle (SDLC) for preventing security impacts; and observe methods for identifying common high probability items, such as identifying default or weak credentials. Continue by learning to implement a secure system CM program; and how to assess the monitoring process and perform security configuration evaluations. Finally, observe methods of monitoring releases and deliveries throughout SDLC; learn security controls for monitoring system configuration in a cyber framework; and learn how monitoring system configuration is important in today's enterprise SDLC.
14 videos | 1h 16m has Assessment available Badge
Patch Management Strategies
This course explores benefits of employing a patch management strategy, and its importance to overall security. In this 14 videos, you will learn patch management concepts, and management methodologies including baselining, hardening, and backout plans. Learners will examine best practices, what to do when vendor-specific issues occur, and how to get issues patched before they become a threat. You will learn to analyze and assess patches before implementation, and how to use several tools and techniques to patch and harden systems. You will also learn how to implement patches, and how to automate the process. Next, examine testing and configuration management, and patch management, by using both open-source and commercial tools. You will learn to use the patch rollout process and policies for patch updates. You will learn how patch management can use the Agile software development process, which uses cross-functional teams to make the process more efficient; its goal is to deliver software on regular intervals. Finally, you will learn to create and implement a patch strategy in a serverless architecture.
14 videos | 1h 10m has Assessment available Badge
Regulation Conformance for Incidence Response
Explore regulations, policies, and industry practices that organizations should implement for incident responses in this 14-video course, which examines how to build a regulation conformance plan, and a voluntary adherence plan to a set of standards or regulations for an organization. In this course, learners will examine industry standards, including the NIST (National Institute of Standards and Technology) and CIS (Center for Internet Security) standards. You will learn how to build a conformance plan, and how to apply it in the workplace. This course next examines how to document incidents in compliance with regulations, and with the organization's conformance plan. You will learn how to do risk assessments, how to audit, and create logs, and examine several types of internal and external breaches, and how to use Agile, and conformance plans in DevSecOps. This course demonstrates techniques for reacting to conformity change. You will explore internal and legal implications when handling incidents. Finally, learners will study scenarios that demonstrate a conformance program and incident response.
14 videos | 1h 39m has Assessment available Badge
Final Exam: Incident Response Leader
Final Exam: Incident Response Leader will test your knowledge and application of the topics presented throughout the Incident Response Leader track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.
1 video | 32s has Assessment available Badge

COURSES INCLUDED

Ethical Hacker: Risk Assessment
Ethical hacking is about testing the risk level of an organization. In order to perform effective, professional ethical hacking, a knowledge of risk is essential. In this 10-video course, you will discover how to use the Common Vulnerability Scoring System (CVSS) and how to apply risk management concepts and evaluate risk in accordance with common standards. Key concepts covered in this course include learning to calculate risk levels in a quantitative manner, the preliminary step done in any risk assessment; learning to identify and implement specific responses to risk assess security vulnerabilities by using CVSS; and utilizing the CIA triangle (confidentiality, integrity. and availability) and the McCumber cube to assess risks and threats. Next, learn to apply risk management standards according to NIST 800-37; evaluate security in accordance with ISO/IEC 18045; and learn the COBIT 5 standard, a widely-known standard and way of modeling risk and security. Finally, learn to use Damage, Reproducibility, Exploitability, Affected Users, Discoverability (DREAD), Process for Attack Simulation and Threat Analysis (PASTA), and other risk models.
10 videos | 46m has Assessment available Badge
Ethical Hacker: Incident Response
Ethical hacking is a means to avoid incidents and to discover them before they are realized. Often, ethical hacking is part of the response to an incident, so an understanding of incident handling is important for the ethical hacker. In this 10-video course, you will explore the foundational concepts of incident response, including incident classification, recovery and remediation, and after-action review. Key concepts covered in this course include incident response concepts that can be applied, whether a situation is a cyber incident, an insider issue, a physical disaster, or other type; learning to properly classify and describe different types of incidents; and learning to create a response plan for physical incidents. Learners continue by observing how to create a response plan for cyber incidents; how to apply basic incident response forensics including evidence handling and basic techniques; and how to apply basic incident response forensics, including imaging a drive and basic legal standards. Finally, learn to conduct recovery and remediation activities; and conduct an after-action review of incident response.
10 videos | 38m has Assessment available Badge
Ethical Hacker: Security Standards
Ethical hacking is not just random hacking attempts; it is a systematic testing of the target's security. For that reason, an understanding of security standards and formal testing methodologies is critical. Key concepts covered in this 11-video course include security standards such as NIST 800-115, a security standard which is integrally interconnected with ethical hacking and testing; and NIST 800-53, a security standard that can help users to professionalize and improve an ethical hacking test. Next, learn how to properly apply filtering and data validation; how to apply the NSA-IAM to ethical hacking to plan, execute, and report on your ethical hacking project; and how to apply the PTES to ethical hacking to plan, execute, and report on your ethical hacking project. Then learn about PCI-DSS standards and how to integrate them into ethical hacking; learn how to implement ISO 27001; and learn to interpret and apply NIST 800-12. Finally, learners observe how to employ NIST 800-26 standards to manage IT security; and learn about NIST 800-14 security protocols.
11 videos | 39m has Assessment available Badge
Ethical Hacker: Secure Technology & Applications
Security devices and software are the technical aspect of security. An ethical hacker must be familiar with security technology in order to effectively conduct tests of the target organization's network. In this 10-video course, you will explore firewall types and usage, SIEM systems, intrusion detection systems and intrusion prevention systems (IDS/IPS), antivirus strategies, Windows Firewall, and how to implement Snort. Key concepts covered in this course include security devices and software concepts, and how they relate to ethical hacking; learning to correctly deploy firewall solutions, their relevance to ethical hacking, and different types and usage; and learning the role of SIEM (security information and event management) and how to deploy SIEM systems. Next, learners observe how to utilize IDS/IPS and its relationship to ethical hacking; learn antivirus concepts and implement an AV strategy; configure the firewall in Windows 10 and Windows Server 2019; and learn to configure Windows Defender. Conclude by learning how to implement basic Snort network IDS, a tool that can be used for simple packet capture or for IDS.
10 videos | 40m has Assessment available Badge
Ethical Hacker: Account Creation
Because account management and access control are fundamental to security, it is vital to understand these technologies as an ethical hacker. In this 6-video course, learners can explore account creation concepts, standard access control models, attribute-based access control, and how to design account and access control. Key concepts covered in this course include learning about account creation, and why how an organization creates and manages accounts is fundamental to security; common attack methodologies; and how to test accounts in a network. Next, you will learn about three fundamental access models that are utilized by a wide range of systems and include mandatory access control (MAC), discretionary access control (DAC), and the most common one, role-based access control (RBAC). Then observe how to implement attributed-based access control (ABAC) and its advantages over standard access control; and learn to design your account and account management processes by selecting one of the three fundamental models to use for a test design for an organization.
6 videos | 18m has Assessment available Badge
Ethical Hacker: Scanning
One of the early stages in ethical hacking is reconnaissance of the target. In this 10-video course, you can explore various scanning tools and techniques used in ethical hacking, including Nmap, OWASP ZAP, Vega, Shodan, and specialized Google searches. Key concepts covered in this course include how to use Nmap, an open-source network scanner and one of the most widely-used scanning tools for scanning a target system or network; how to use OWASP ZAP, an open-source web application security scanner, to scan a target website; and how to use Vega, an open-source web security scanner and testing platform, to scan a target website. Next, learners observe how to use the Shodan search engine to gather information about vulnerabilities, its purpose and usage, and the role it plays in ethical hacking and penetration testing. Finally, learn how to use multiple informational websites to gain information about a target; and apply specialized advanced Google searches to find information for ethical hacking.
10 videos | 36m has Assessment
Ethical Hacker: Hacking Techniques
Ultimately, ethical hacking is about hacking, so the ethical hacker must have some hands-on hacking skills. Explore fundamental hacking techniques in this 14-video course: SQL injection, cross-site scripting (XSS), malware, using viruses, DoS attacks, steganography, using Metasploit, and Windows hacking. Key concepts covered here include how to use SQL injection and variations; how to execute basic SQL Injection; and learning how to recognize XSS, an attack on the user via the website, as opposed to attacks on the website via the user. Next, learners examine malware threats and learn how to recognize and describe types of malware; learn to implement an innocuous virus in penetration testing; and learn the types of DoS and associated countermeasures. Continue by learning how steganography works, a technique important to ethical hacking because it is a favorite technique to exfiltrate data from malicious insiders; and the basics of Metasploit, a penetration-testing software that finds security issues, verifies vulnerability mitigations, and manages security assessments. Finally, learn to execute basic Metasploit commands; and learn to use common Windows hacking techniques.
14 videos | 1h 3m has Assessment
Final Exam: Ethical Hacker
Final Exam: Ethical Hacker will test your knowledge and application of the topics presented throughout the Ethical Hacker track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.
1 video | 32s has Assessment available Badge

COURSES INCLUDED

SecOps Engineer: System Infrastructure Security
This 13-video course explores SecOps (security and operations) engineering concepts. Learners will observe how security and operations are fused together, and learn to integrate system infrastructure security with normal business operations by applying engineering principles. Begin by learning the steps for infrastructure hardening of the operating system, including server workstations, routers, devices. You will examine server hardening, including how to turn off unneeded services, and remove unneeded software. Next, learn how to analyze and harden Windows 10, and to use security devices, and implement intrusion detection and prevention systems. You will examine the practical use of IDS (intrusion detection system) to detect activity that appears to be a possible intrusion, to log it, and to notify the administrator. You will then examine IPS (intrusion prevention system), which takes the additional step of shutting down the suspicious activity. Finally, you will explore firewall concepts, including stateless firewalls, how to use SPI (stateful packet inspection), and how to place them to improve your security network.
13 videos | 1h has Assessment available Badge
SecOps Engineer: Secure Coding
This 13-video course explores software protection by applying secure development and coding practices. Learners will examine secure coding key concepts, including early and frequent testing, and how to validate to ensure it is the proper kind of data, and the proper size, type, and format. First, the course demonstrates how to set up a simple filtering statement to improve software security. You will learn how to constrain user input, by implementing a drop-down box or radio buttons. You will also learn the top 10 rules established by CERT (Computer Emergency Response Team) for secure programming, and how to operationalize secure software deployments, as well as continuous secure delivery to quickly update changes and upgrades. Learners will explore verification, and secure validation software metrics to measure and improve software. You will learn to use C# code, evaluate both secure and unsecure parts, for the web and Windows code, and learn to secure code with Python. Finally, you will learn to secure code with Java.
13 videos | 51m has Assessment available Badge
SecOps Engineer: Security Engineering
Explore fundaments of cybersecurity and engineering in this 10-video course, which examines the fundamental concepts of the CIA (confidentiality, integrity, and availability) triangle, and views security operations, security planning, engineering, application security through these three concepts. First, learners will examine the more advanced version: the McCumber Cube. You will learn to integrate systems engineering into cybersecurity, and explore requirements engineering, and how to gather requirements. Next, learn how to analyze them, to apply security requirements engineering techniques, and to finalize project requirements. You will be introduced to SecML (Security Modeling Language) which takes SysML (System Modeling Language) used by systems engineers, and to modify portions of it to be specific to cybersecurity. You will examine how SecML can be used to create both offensive and defensive security mitigation controls. This course examines security metrics, and how to apply engineering failure analysis methods to cybersecurity. Finally, you will observe how to incorporate security requirements engineering into cybersecurity, and the relevance of regulatory requirements.
10 videos | 33m has Assessment available Badge
SecOps Engineer: Cloud & IoT security
This course explores basic concepts of the cloud and IoT (Internet of things), and examines common security threats, a somewhat new and neglected area of cybersecurity. In this 8 video course, you will examine the cloud concept of distributed storage, and how IoT uses the cloud. First, examine the basics of cloud architecture, and some of the variations. You will learn that a private cloud is an expensive solution, and examine the security advantages of using a private cloud, in which one organization has full control over cloud security, and does not share the cloud with data from other organizations. You will learn about the available public cloud services, including Amazon, Microsoft Azure, and the iCloud for Apple devices. There are two basic advantages to using a public cloud: the cost, and cloud vendors specialize in cloud administration and security. You will also examine concepts and practices for cloud security, for both the cloud and IoT, including least privileges, and the CIA triangle.
8 videos | 32m has Assessment available Badge
SecOps Engineer: Threat Mitigation
This course explores the general concepts of threat mitigation for SecOps (security and operations) engineers. In this 13 videos, learners will observe the three basic concepts for threat mitigation and threat intelligence: identification, prevention, and responses. This course examines acceptable risk levels. You will analyze malware classification, such as viruses, worms, logic bombs, and backdoor software. You will learn to mitigation malware, and threats to websites; and examine types of ransomware, including Cryptolocker, Cryptowall, WannaCry, and Bad Rabbit, as well as explore possible solutions. You will learn how DoS (denial of service) is conducted, and see examples of specific attacks; then examine cross-Site Scripting, parameter traversal, and cross-Site Request Forgery. You will learn to address insider threats, and how to mitigate social engineering, phishing, and insecure protocols. Learners will examine how to integrate analysis into mitigating these threats. Finally, this course explores cyberthreat intelligence, and suggests that you subscribe to the National Vulnerability Database, and its feeds.
13 videos | 56m has Assessment available Badge
Final Exam: SecOps Engineer
Final Exam: SecOps Engineer will test your knowledge and application of the topics presented throughout the SecOps Engineer track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.
1 video | 32s has Assessment available Badge

EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE TRACKS

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Rating 4.9 of 13 users Rating 4.9 of 13 users (13)
Rating 4.4 of 27 users Rating 4.4 of 27 users (27)
Rating 5.0 of 3 users Rating 5.0 of 3 users (3)