CS0-002 - CompTIA Cybersecurity Analyst+: Attack Types
CS0-002 - CompTIA Cybersecurity Analyst+: Attack Types
- discover the key concepts covered in this course
- recognize how information gathering is the first step in hacking
- use the Metasploit Framework to generate e-mail lists
- list common Wi-Fi network vulnerabilities and mitigation strategies
- describe common Wi-Fi attack techniques
- use Kali Linux Wi-Fi tools
- harden a Wi-Fi router
- recognize how injection attacks can lead to sensitive data disclosure
- recall how overflow attacks work
- list different types of cross-site scripting attacks
- use the BeEF tool to hack a web browser
- describe how the use of insecure XML components can lead to web application compromise
- list common web application vulnerabilities
- use the OWASP ZAP tool to test web application security
- use the slowhttptest command to run a DoS attack against an HTTP web site
- describe ARP poisoning attacks
- use Kali Linux to execute an ARP poisoning MiTM attack
- recognize how malicious users use a variety of password attacks to compromise user accounts
- use the hydra tool to brute force a Windows RDP connection
- use John the Ripper to crack user passwords
- summarize the key concepts covered in this course
Helping protect your company's valuable assets against malicious attacks by outsiders requires a seasoned understanding of modern-day cyber threats. This 21-video course prepares learners to thwart reconnaissance and surveillance attacks by hackers and ward off Wi-Fi vulnerabilities, by using the proper tools. First, examine the wide variety of possible modes of attack—from injection, overflow, and cross-site scripting to XML (extensible markup language), DoS, address resolution protocol (ARP) poisoning, and password compromises. Then develop valuable skills in counteracting web browser compromises and agility in the use of Kali Linux Wi-Fi tools. Learn OWASP’s (Open Web Application Security Project) Top 10 vulnerabilities and ESAPI (Enterprise Security application programming interface) tools for each one, such as ZAP (Zed Attack Proxy), to test web application security. While you’re learning, pause to meet the aptly-named John the Ripper, a free tool for cracking passwords on 15 platforms! The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.
CS0-002 - CompTIA Cybersecurity Analyst+: Business Continuity
CS0-002 - CompTIA Cybersecurity Analyst+: Business Continuity
- discover the key concepts covered in this course
- recall how structured risk management frameworks work
- recognize the relevance of a risk register
- apply various risk treatments to risks
- allow business continuity during unexpected disruptions
- define which types of solutions provide IT system and data high availability
- describe how cybersecurity insurance is a form of risk transference
- describe common characteristics of a business continuity plan, BIA, and related insurance options
- proactively design a plan that outlines the response to disruptions
- benefit from lessons learned during incident response
- enable Microsoft Azure storage account replication
- register a Windows Server with Microsoft Azure for backup
- recognize how backups provide availability through recovery
- create a MySQL database read replica in a secondary geographical region
- summarize the key concepts covered in this course
In today’s complex, stressful world, there is no substitute for risk management. By identifying and prioritizing risks, organizations focus resources where they are most needed with up-front planning. In this 15-video course, learners examine structured risk management frameworks, the importance of a risk register, and various risk treatments. Explore disaster recovery strategies, solutions that provide high availability, and cybersecurity insurance as a form of risk transference, before learning characteristics of a business continuity plan and business impact analysis (BIA). Proactively design an incident response plan and post-incident activities. Watch demonstrations of enabling Microsoft Azure storage account replication, how to register a Windows Server with Azure for backup, and how backups provide availability through recovery. Then learn to create a MySQL database read replica in a secondary geographical region. See why reviewing incident responses is the critical step in avoiding future incidents, or handling them better the next time. Post-incident activities include cloud storage replication, backing up to the cloud, system and data recovery, and database replicas. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.
CS0-002 - CompTIA Cybersecurity Analyst+: Cloud Computing
CS0-002 - CompTIA Cybersecurity Analyst+: Cloud Computing
- discover the key concepts covered in this course
- recognize the characteristics of cloud computing
- determine when public cloud services should be used
- determine when private cloud services should be used
- determine when community cloud services should be used
- determine when hybrid cloud services should be used
- recognize how self-provisioned, metered elastic services delivered over a network are categorized
- provide examples of IaaS
- provide examples of PaaS
- provide examples of SaaS
- deploy cloud resources using a JSON template
- summarize the key concepts covered in this course
These days, it's almost all about the cloud—public, private, hybrid, and community varieties—but how much do you really know about these mysterious unseen dimensions? As more and more organizations use or migrate on-premises IT systems and data into cloud environments, understanding the trendy concept has become both necessary and increasingly complex. In this 12-video course, learners are exposed to the basics of this new cloud world, including the four most popular cloud service models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), and Infrastructure as Code. First, you will learn the five primary characteristics of every cloud—resource pooling, self-provisioning, rapid elasticity, metered usage, and broad access. Then examine each characteristic in more detail: learn how to determine when to use a public, private, community, or hybrid cloud; how cloud service models delivered over a network are categorized. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.
CS0-002 - CompTIA Cybersecurity Analyst+: Data Privacy
CS0-002 - CompTIA Cybersecurity Analyst+: Data Privacy
- discover the key concepts covered in this course
- recognize examples of personally identifiable information
- recognize examples of protected health information
- recognize how regulatory compliance often plays a role in crafting organizational security policies
- describe how HIPAA protects sensitive medical information
- describe how GDPR assures data privacy
- identify the purpose of PCI DSS for cardholder merchants
- configure data classification using Windows Server File Server Resource Manager
- configure cloud data classification using Amazon Web Services Macie
- determine when DLP solutions should be used for data privacy
- configure DLP policies with Microsoft Azure
- summarize the key concepts covered in this course
Data privacy regulations are at the forefront of protecting PII and PHI on-premises and in the cloud. In this course, you'll examine the meaning of common data privacy standards, including PII, PHI, HIPAA, GDPR, and PCI DSS. Then you'll move on to learn about server and cloud-based data classification and data loss prevention. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
CS0-002 - CompTIA Cybersecurity Analyst+: Digital Forensics
CS0-002 - CompTIA Cybersecurity Analyst+: Digital Forensics
- discover the key concepts covered in this course
- describe the purpose of digital forensics
- recognize the importance of proper evidence gathering and handling
- list common digital forensics hardware solutions
- list common digital forensics software solutions
- acquire a hard disk image using the Linux dd command
- enable legal hold for an Amazon Web Services S3 bucket
- restore deleted files in Linux
- restore deleted files on the Windows platform
- mount a Linux file system for examination
- summarize the key concepts covered in this course
Digital forensics focuses on the proper gathering and handling of digital evidence. In this course, you'll learn about forensic hardware, software, and the chain of custody. In addition, you explore how to enable legal hold for an AWS S3 bucket, restore deleted files in Linux and Windows, and mount a Linux file system for examination. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
CS0-002 - CompTIA Cybersecurity Analyst+: Encryption & Hashing
CS0-002 - CompTIA Cybersecurity Analyst+: Encryption & Hashing
- discover the key concepts covered in this course
- list the components of a PKI hierarchy
- define how cryptography protects sensitive data
- protect data at rest using EFS
- protect data at rest using BitLocker
- protect data at rest on a Linux system
- configure custom encryption keys for cloud storage
- recognize the importance of hashing for file systems and network communications
- generate file hashes on a Windows system
- generate file hashes on a Linux system
- download and verify a checksum for Kali Linux
- identify the steps in the PKI certificate lifecycle
- recognize how SSL and TLS are used to secure network traffic
- disable SSL on web clients and servers
- deploy a private CA using Amazon Web Services
- generate a server certificate from an Amazon Web Services private CA
- deploy a private CA using Microsoft Certificate Services
- configure a Microsoft Certificate Services template
- generate a server certificate from a private CA
- configure a Microsoft IIS web site with a PKI certificate
- summarize the key concepts covered in this course
Cryptographers far from enemy lines have long helped win shooting wars by cracking enemy codes—and in the new world of cyber warfare, cryptography has become the first line of defense for hundreds of millions of civilians worldwide. In this 21-video course, you will learn just how cryptography and encryption protect sensitive data, both in transit and at rest. Learners are given important information about public key infrastructure (PKI) hierarchy and lifecycles; protection in UFS (Ultra Flash Storage) and Bitlocker; and on Linux and cloud storage. Learn about the hashing process, including how to generate file hashes for Linux and Windows. Then learn about using SSL (secure sockets layer) and TLS (Transport Layer Security) to secure network traffic, cloud certificate authority (CA) deployment, and certificate issuance. Next, learn how to configure custom encryption keys for cloud storage and how to configure a Microsoft IIS web site with a PKI certificate. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.
CS0-002 - CompTIA Cybersecurity Analyst+: Hardware & Security
CS0-002 - CompTIA Cybersecurity Analyst+: Hardware & Security
- discover the key concepts covered in this course
- recognize how mobile device weaknesses should be addressed
- recognize how IoT device weaknesses should be addressed
- access and navigate the shodan.io web site
- list how to physically secure facilities and computing equipment
- describe how vehicles such as drones can present security risks
- recognize how SCADA is used for industrial device networks
- recognize BIOS and UEFI security settings
- recognize how SEDs provide protection for data at rest
- recognize how HSMs are used for encryption offloading and the storage of cryptographic secrets
- summarize the key concepts covered in this course
Securing hardware includes applying firmware updates and configuring devices on isolated networks. In this course, you'll learn about mobile device security, IoT security, and vulnerable device lists. You'll explore physical security and the security risks presented by drones and vehicles. You'll move on to examine how SCADA is used for industrial device networks, how to recognize BIOS and UEFI security settings, how self encrypting drives can protect data at rest, and how hardware security modules are used for encryption offloading and cryptographic secret storage. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
CS0-002 - CompTIA Cybersecurity Analyst+: Intrusion Detection & Traffic Analysis
CS0-002 - CompTIA Cybersecurity Analyst+: Intrusion Detection & Traffic Analysis
- discover the key concepts covered in this course
- identify suspicious log entries
- view a sample Burp Suite report
- scan a web app using nikto
- deploy Kali Linux as a cloud-based virtual machine
- install and configure the Snort IDS tool (mention sinkhole, antivirus heuristics)
- create a Snort IDS rule
- analyze an ICS traffic capture
- capture and analyze HTTP user authentication traffic
- playback a captured VoIP call
- upload a PCAP file for analysis
- enter a WPA password in WireShark to decrypt wireless traffic
- use hashing to detect file changes through steganography
- monitor, block, and configure notifications for devices on a Wi-Fi network using the eero app
- use third-party tool to encrypt sensitive files
- use aircrack-ng in Kali Linux to crack protected Wi-Fi networks
- use Kismet to detect Wi-Fi networks
- use Nessus to audit Amazon Web Services (AWS)
- use Nessus to scan LAN hosts for malware
- summarize the key concepts covered in this course
Discover how IT security analysts must recognized how malicious attacks take place. Explore how to analyze log results allows for the detection of security incidents. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) Certification Exam CS0-002.
CS0-002 - CompTIA Cybersecurity Analyst+: IT Security Risk Mitigation
CS0-002 - CompTIA Cybersecurity Analyst+: IT Security Risk Mitigation
- discover the key concepts covered in this course
- list challenges related to IT security threat remediation
- identify the importance of hardware and software patches
- discuss the various categories of security controls
- recognize the components of organizational security policies
- enable data masking in Microsoft Azure
- enable watermarks in Amazon Web Services with Elastic Transcoder
- recognize how baselines set a bar for normal expected activity
- discuss various types of IT security training exercises
- recall how automation can simplify and expedite security tasks
- delete a disk partition using a multiple pass disk wiping tool
- enable Microsoft Group Policy password lockout settings
- recognize how IPsec can be used to secure any type of IP traffic
- enable IPsec connection security rules using Microsoft Group Policy
- capture and analyze IPsec network traffic
- summarize the key concepts covered in this course
Discover how organizational security policies specify details for hardening organizational assets including patching, data masking and digital rights management. This course also covers baselines, secure disposal and IPsec. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) Certification Exam CS0-002.
CS0-002 - CompTIA Cybersecurity Analyst+: Malware Threats
CS0-002 - CompTIA Cybersecurity Analyst+: Malware Threats
- discover the key concepts covered in this course
- recognize differences between malware types
- identify the various forms of social engineering and the related security risks
- view authentic e-mail phishing messages
- use the Social Engineering Toolkit to execute social engineering attacks
- recognize the danger of ransomware and how to mitigate this threat
- recognize how malware and resultant botnets have become a commodity for black markets
- describe the proliferation of botnets under malicious user control
- configure a reverse shell
- view an analysis for various scam web sites
- view a GUI malware dashboard
- configure malware settings on an endpoint device
- summarize the key concepts covered in this course
Perhaps nothing is more frustrating for the average computer user—or his IT security staffer—than being tricked into divulging sensitive information by a social engineering practitioner. Hackers are malicious and ingenious—using malware, bots, ransomware, viruses, and plain garden-variety scams—but there are sensible ways to reduce the risk. This 13-video course offers you invaluable information on hackers' methods and ways to mitigate their devious schemes—whether by e-mail phishing messages, malware, or bots, a favorite tool of black-market operators. Next, learners explore the danger of ransomware and how to mitigate this threat; how malware and botnets have become black-market commodities; and why botnets are proliferating under cybercriminals' user control. Then watch a demonstration of how to configure a reverse shell and use the Malzilla tool to explore malicious web pages. The course concludes by exploring a GUI (graphical user interface) malware dashboard and showing how to configure malware settings on an endpoint device. The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.
CS0-002 - CompTIA Cybersecurity Analyst+: Network Infrastructure Security
CS0-002 - CompTIA Cybersecurity Analyst+: Network Infrastructure Security
- discover the key concepts covered in this course
- identify similarities and differences when managing network security on-premises and in the cloud
- use the appropriate tools to identify and classify sensitive systems and data
- add metadata to cloud resources for organizational and billing purposes
- recognize methods whereby security is enhanced with network segmentation
- select a client-to-site or site-to-site VPN solution based on business needs
- link an on-premises network to the Amazon Web Services cloud
- design a cloud networking strategy
- deploy a virtual private cloud in Amazon Web Services
- identify how ITIL influences efficient service delivery, including change management implementation
- recognize the benefits of VDI
- configure an Amazon Workspaces VDI environment
- connect a client device to an Amazon Workspace VDI
- list how different types of firewalls protect digital assets
- configure a Windows host firewall
- configure an Amazon Web Services Network Security Group
- describe the role NAC plays in securing a network environment
- summarize the key concepts covered in this course
Managing network security involves planning the use of network devices, including cloud-based virtual network configurations. In this course, you'll learn about asset discovery and management, cloud resource tagging, network segmentation, and VPNs. You'll also examine cloud site-to-site VPN deployment, cloud networking, and cloud VPC deployment. Next, you'll learn about change management procedures, virtual desktop infrastructure, cloud VDI configuration and client connections, and firewalls. Lastly, explore network access control, RADIUS, and TACACS+. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
CS0-002 - CompTIA Cybersecurity Analyst+: Network Scanning & Traffic Analysis
CS0-002 - CompTIA Cybersecurity Analyst+: Network Scanning & Traffic Analysis
- discover the key concepts covered in this course
- recognize how vulnerability scanning identifies security weaknesses
- recognize how pen testing identifies and exploits security weaknesses
- recognize how Metasploit fits into penetration testing
- explore the metasploit framework
- download and install an exploitable VM
- use a variety of metasploit scanning and exploit techniques
- run an Nmap network scan
- compare baseline and current scans to identify changes
- run a Nessus vulnerability scan
- view vulnerability scan results
- use the hping tool to generate network SYN flood traffic
- summarize the key concepts covered in this course
Discover how vulnerability scanning can detect weaknesses while pen testing exploits weaknesses. Explore these activities along with how intrusion detection and prevention help secure networks, hosts, apps and data for organizations. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) Certification Exam CS0-002.
CS0-002 - CompTIA Cybersecurity Analyst+: Software Development Security
CS0-002 - CompTIA Cybersecurity Analyst+: Software Development Security
- discover the key concepts covered in this course
- identify the phases of the SDLC, including related methodologies such as capability maturity model
- recognize how security must be addressed during the entire IT life cycle
- identify how software developers create modular, independent, and reusable code
- recall the benefits of using containerized applications
- list common PaaS software developer service offerings
- recognize common secure coding practices
- recall how thorough software testing can result in more secure software solutions
- isolate larger IT solutions into smaller components for focused testing
- use the apktool to reverse engineer an Android application
- summarize the key concepts covered in this course
Software developers must consider security at all phases of software development. In this course, you'll learn about software vulnerability testing and secure coding practices. You'll explore the software development life cycle, microservices and decoupling, application containerization, and common cloud developer services. In addition, you'll examine software and unit testing and reverse engineering for Android apps. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
CS0-002 - CompTIA Cybersecurity Analyst+: Threat Intelligence
CS0-002 - CompTIA Cybersecurity Analyst+: Threat Intelligence
- discover the key concepts covered in this course
- identify security intelligence sources
- use the MITRE ATT&CK knowledge base
- collect and analyze threat intelligence data
- organize threats by type to facilitate prioritization
- recognize different sources and motivations for IT threats
- discuss the dark net
- install and use the Tor browser
- discuss true positives and negatives as well as false positives and negatives
- manage threat indicators
- identify and prioritize risk mitigation techniques
- explore CVSS severity levels
- identify commonalities shared amongst bug bounties
- summarize the key concepts covered in this course
Your organization's security posture is critical to its success—and security technicians must be aware of known and emerging security threats from a variety of sources. Learners begin this 14-video course by exploring various ways for security technicians to keep up-to-date and ahead of the curve. Examine various security intelligence sources and how to use the MITRE corporation's invaluable, trademarked ATT&CK knowledge base. Learners next discuss threat intelligence collection, threat classification for prioritization, and different sources and motivations of IT threats. Not sure what the bug bounty program is? Confused by false positives—mislabeled security alerts—and how to handle them? This course gives you the information you need. Become familiar with the Common Vulnerability Scoring System (CVSS), which provides a way to allocate or assign a score to a vulnerability: the higher the score, the bigger the threat. Then go on to examine the National Vulnerability Database (NVD). The course helps to prepare learners for CompTIA+ Cybersecurity Analyst+ (CySA+) CS0-002 certification exam.
CS0-002 - CompTIA Cybersecurity Analyst+: Threat Monitoring
CS0-002 - CompTIA Cybersecurity Analyst+: Threat Monitoring
- discover the key concepts covered in this course
- link continuous monitoring with quick security incident response times
- describe the relevance of common log types
- view cloud-based audit events
- send Linux log events to a centralized logging host
- filter Windows logs to show only relevant log entries
- configure a cloud-based alarm when a VM CPU usage threshold is exceeded
- list how the 7 layers of the OSI model relate to communications hardware and software
- describe common items to look out for when analyzing network traffic
- filter captured network traffic
- list common items to look out for when monitoring an e-mail ecosystem
- recognize where honeypots can be used to monitor malicious activity
- recognize how SIEM provides centralized security event monitoring and management
- recognize how to filter out noise to identify suspicious activity
- summarize the key concepts covered in this course
In this course, you'll learn about centralized monitoring for on-premises and cloud solutions and how this results in the timely response to business disruptions and highlights indicators of compromise. You'll examine continuous monitoring, log types, cloud logging and auditing, centralized Linux logging, Windows event log filtering, and cloud alarms. You'll also learn about the OSI model, network traffic analysis, filtering captured network traffic, e-mail monitoring, honeypots, and SIEM. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
CS0-002 - CompTIA Cybersecurity Analyst+: User Account Security
CS0-002 - CompTIA Cybersecurity Analyst+: User Account Security
- discover the key concepts covered in this course
- recognize the role of IAM in securing IT environments
- create cloud identities in Amazon Web Services
- configure user permissions in Amazon Web Services
- create an IAM role in Amazon Web Services
- deploy Simple Active Directory in Amazon Web Services
- join a cloud VM to a cloud-based directory service
- recognize how MFA enhances sign-in security
- enable IAM user MFA
- recognize the role of identity federation across organizations including SSO
- set permissions to a Windows NTFS file system
- set permissions to a Linux EXT4 file system
- summarize the key concepts covered in this course
Identity and access management encompasses the management of on-premises and cloud-based users, groups, and roles. In this course, you'll learn how to assign only the required permissions to IAM security principles. You'll explore topics such as role creation, deploying Simple Active Directory in AWS, joining a cloud VM to a cloud-based directory service, and multifactor authentication. You'll also learn about identity federation and Windows and Linux file system permissions. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam CS0-002.
