Cybersecurity 101: Auditing & Incident Response

Cybersecurity 101: Auditing & Incident Response

• Course Overview
• list best practices related to IT security auditing
• use Group Policy to enable file system auditing
• scan hosts for security weaknesses from Windows
• scan hosts for security weaknesses from Linux
• describe the importance of securing mobile devices
• centrally apply security settings to mobile devices
• configure Amazon Web Services to use multifactor authentication
• recognize how security is applied to applications from design to use
• use file hashing to detect modifications
• specify actions used when dealing with security incidents
• view a packet capture to identify suspicious activity
• centrally apply security settings

Explore selective auditing, which provides valuable insights to activity on a network, and also Incident response plans, which are proactive measures used to deal with negative events.

Cybersecurity 101: Session & Risk Management

Cybersecurity 101: Session & Risk Management

• Course Overview
• recognize digital assets that have value to the organization along with related threats
• identify and prioritize risks
• implement security controls to mitigate risk
• describe account management actions that secure the environment
• use Group Policy to implement user account hardening
• recognize how HTTP session management can affect security
• harden web browsers and servers to use TLS
• explain how centralized mobile device control can secure the environment
• recognize encryption techniques use to protect data
• configure a VPN to protect data in motion
• configure file encryption to protect data at rest
• configure encryption and session management settings

A structured approach to security allows for the efficient management of security controls. Explore assets, threats, and vulnerabilities, risk management, user and session management, data confidentiality, and encryption.

Final Exam: Security Analyst

Final Exam: Security Analyst

• classify the various types of honeypots that can be used
• classify the various types of security protocols
• compare governance and management
• compare pen testing and vulnerability assessments
• compare the types of risk responses that an organization may adapt
• compare the various types of honeypots that can be used
• compare VMs and containers
• compare VMs and containers characteristics
• configure a VPN to protect data
• configure a VPN to protect data in motion
• configure file encryption to protect data at rest
• define an Advanced Persistent Threat and its purpose
• define continuous security monitoring and list its benefits
• define the risk assessment processes that can help you protect your assets
• define the secure DevOps lifecycle
• describe best practices for working with and handling corporate information while traveling
• describe honeypot uses
• describe how employee training, awareness, and advocacy should be implemented and how it plays a crucial role in the protection of an organization's information
• describes the benefits of Continuous Security
• describe subnetting and its advantages
• describe the characteristics of APTs as well as their goals and objectives
• describe the elements used in designing goals of a security topology
• describe the importance of securing mobile devices
• describe the motives behind an APT and the probable targets
• describe the process of rolling out a security governance program
• describe the role physical security plays in the protection of corporate data
• describe the target selection for pen testing
• describe the various types of DNS attacks and their mitigations
• describe types of security topologies
• discover the key concepts covered in this course
• discuss network demilitarized zones and how they help protect corporate information
• discuss the problems presented by organizational and personal e-mail, and best practices for working with e-mail, including how to protect yourself from spam
• distinguish between governance and management
• distinguish between pen testing and vulnerability assessments
• identify the key point for creating an effective checklist for NAC Security
• identify the phases of the secure DevOps lifecycle
• identify the risks introduced by BYOD and IoT along with their preventive measures
• identify the security risks introduced by BYOD and IoT
• identify the security risks introduced by BYOD and IoT along with their preventive measures
• identify the threat actors
• identify the types of weak protocols and their replacements
• identify the various roles and responsibilities of senior management in governance
• identify the various types of security protocols
• identify the various types of tools used in pen testing
• list best practices related to IT security auditing
• list the NAC authentication methods
• list the steps of the APT lifecycle
• list the threats, vulnerabilities, and mitigation techniques in a network security
• recognize how HTTP session management can affect security
• recognize the deployment strategies of a honeypot
• scan hosts for security weaknesses from Linux
• specify how honeypots are placed in a network
• specify how social engineering is conducted and how it can be mitigated through corporate policy
• specify the importance of implementing organizational security programs and why companies that don't have them put themselves at risk
• specify the proper ways to handle sensitive company information, including the differences between working with online data and physical media
• specify the top kinds of security threats facing organizations today
• specify what network hardening is and how it relates to the protection of corporate information
• use Group Policy to enable file system auditing
• use Group Policy to implement user account hardening
• view a packet capture to identify suspicious activity

Final Exam: Security Analyst will test your knowledge and application of the topics presented throughout the Security Analyst track of the Skillsoft Aspire Security Analyst to Security Architect Journey.