End-User Security: Securing End Users against Attackers
End-User Security: Securing End Users against Attackers
- discover the key concepts covered in this course
- describe attack motivation
- define malware-as-a-service
- compare phishing techniques
- describe ransomware
- describe data breaches and theft
- define cryptojacking
- describe DoS and DDoS attacks
- compare common exploit kits
- list common motives for attacking endpoints, common ransomware payloads, and exploit kits
Examine end-user security from the rogue attacker point-of-view including motivations, MaaS, phishing techniques, ransomware, data theft, cryptojacking, DoS, and toolkits.
End-User Security: The End-User Perspective
End-User Security: The End-User Perspective
- discover the key concepts covered in this course
- describe shared responsibility
- define acceptable use policies
- distinguish physical security controls
- classify authentication technologies
- recognize the importance of hardware and software updates
- describe security suites and endpoint protection
- recognize browser best practices
- define e-mail security basics
- describe cloud security issues
- protect data in storage
- describe concepts and technologies of end-user security
Examine end-user security concepts such as shared responsibilities and policies, physical controls, authentication, software, and best practices.
End-User Security: The Security Administrator Perspective
End-User Security: The Security Administrator Perspective
- discover the key concepts covered in this course
- recognize the present threatscape
- describe security policies
- define training and awareness
- compare access switch and WAP security
- describe 802.1x and MACsec
- describe Endpoint Detection and Response
- describe next-generation EDR
- list characteristics of next-generation EDR solutions, actions you can take with 802.1X PNAC, and attributes of an effective security policy
Examine end-user security from the security administrator point-of-view including threatscape, security policies, training and awareness, Layer 2 security, 802.1X, MACsec, EDR, advanced endpoint protection, and vendor solutions.
Final Exam: Forensics Analyst
Final Exam: Forensics Analyst
- classify authentication technologies
- compare audit review, analysis, and reporting
- compare available security audit tools and outline their features and benefits
- configure certificate properties
- deduce activity of encrypted web traffic
- define common hashing algorithms
- define common symmetric encryption algorithms
- define cryptojacking
- define e-mail security basics
- define the goals of information security
- define the purpose of a CRL and how it works
- define training and awareness
- define what is considered a reasonable expectation of privacy
- describe 802.1x and MACsec
- describe a certificate and the different types of certificates
- describe approaches and techniques used when working with live or volatile data, such as confirming if encryption is in use and acquiring system memory
- describe asymmetric encryption
- describe audit review, analysis, and reporting
- describe cryptography services and associate those services with the goals of information security
- describe data breaches and theft
- describe DoS and DDoS attacks
- describe forth step in the RMF, assessing security control effectiveness
- describe guidelines and standards for defining cyber security audit strategies
- describe how network forensics can be used to protect mission critical areas of business
- describe how SSL is used
- describe how SSL is used to secure web traffic
- describe how to monitor the Linux system by reviewing system logs
- describe how to perform web application auditing and secure web application and web sites
- describe next-generation EDR
- describe ransomware
- describe shared responsibility
- describe symmetric encryption
- describe the first step of the NIST risk management framework, categorizing risk
- describe the importance of a security management process and its common functions
- differentiate between criminal, civil, and intellectual property investigations
- differentiate between different risk responses such as accepting, avoiding, mitigating, sharing, or transferring risk
- differentiate between least frequency of occurrence and baselining
- differentiate between legal authorization forms such as consent forms and warrants
- differentiate between threats, vulnerabilities, impacts, and risks
- distinguish physical security controls
- identify beaconing activity
- list common software vulnerabilities such as buffer overflow and injection flaws
- list keys to presenting risk to shareholders, such as soliciting stakeholder input
- protect data in storage
- provide an overview of digital forensics
- provide an overview of microservices and APIs and highlight security concerns associated to each
- provide an overview of population analysis
- recognize best practices and considerations when working with digital evidence
- recognize concepts and applications of network behavior anomaly detection
- recognize different anomalies or outliers, such as configuration faults or a malicious presence
- recognize how viruses and other malware work
- recognize legalities surrounding digital forensics investigative techniques
- recognize limitations of traditional approaches to anomaly detection, such as chasing false positives
- recognize possible conflicts of interest and how to avoid them
- recognize steps and techniques to analyze risk
- recognize steps to properly test software to ensure it is secure
- recognize the benefits of an event focused risk management approach
- recognize the benefits of using auto-periodicity to aid in identifying anomalies
- recognize the different standards for analyzing digital evidence
- recognize the different types of forensics including computer, mobile, network, vehicle, and IoT
Final Exam: Forensics Analyst will test your knowledge and application of the topics presented throughout the Forensics Analyst track of the Skillsoft Aspire Security Analyst to Security Architect Journey.