O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CompTIA Advanced Security Practitioner (CAS-002)

Video Description

CompTIA Advanced Security Practitioner (CAS-002) is the course that teaches the students on securing complex enterprise environments. In this course, the students will expand their knowledge of IT security and learn about the more advanced tools and techniques to keep any organization safe and secure. The CompTIA Advanced Security Practitioner (CAS-002) course will enable the students to meet the growing demands of today’s IT environment. The course helps the students to develop their skills and perform their jobs as an advanced security professional in their organizations. The course is designed for IT security professionals who want to acquire the technical knowledge and skills needed to conceptualize, engineer, integrate, and implement secure solutions across complex enterprise environments.

Table of Contents

  1. Course Introduction
    1. Introduction 00:00:10
    2. Course Introduction 00:01:50
    3. Instructor Introduction 00:01:45
  2. The Enterprise Security Architecture
    1. The Enterprise Security Architecture 00:00:18
    2. Topic A: The Basics of Enterprise Security 00:00:59
    3. The Enterprise 00:03:09
    4. Enterprise Security 00:04:12
    5. Business Goals and Security 00:01:59
    6. Common Enterprise Security Principles 00:10:24
    7. Enterprise Threat Intelligence 00:02:28
    8. What to Protect? 00:06:55
    9. Defense in Depth 00:09:30
    10. Common Components of an Enterprise Security Solutions 00:02:36
    11. Policies, Standards, and Procedures 00:01:04
    12. Enterprise Policy Types 00:14:30
    13. Topic B: The Enterprise Structure 00:00:31
    14. Organizational Structures 00:02:02
    15. The Management Team 00:00:21
    16. Network Administrator 00:02:14
    17. The DBA 00:03:42
    18. Programmers 00:01:30
    19. Stakeholders 00:01:18
    20. Finance 00:01:47
    21. Human Resources 00:03:03
    22. Physical Security and Facilities Roles 00:01:59
    23. Discipline Collaboration 00:02:56
    24. Topic C: Enterprise Security Requirements 00:00:14
    25. Legal Compliance 00:01:36
    26. PII 00:01:08
    27. Privacy Requirements 00:04:39
    28. Organizational Security Requirements 00:01:06
    29. Section 01 Review 00:00:50
  3. The Enterprise Security Technology
    1. Common Enterprise Security Components 00:00:35
    2. Topic A: Common Network Security Components and Technologies 00:11:45
    3. VoIP Integration 00:05:18
    4. IPv6 Migration and Integration 00:08:06
    5. VLAN Integration 00:04:31
    6. DNS Security Techniques 00:06:32
    7. Secure Directory Services 00:02:54
    8. NIDS 00:02:48
    9. NIPS 00:01:45
    10. The NIPS Process 00:04:39
    11. ESB 00:01:21
    12. The ESB Process 00:01:17
    13. DAM 00:02:54
    14. Topic B: Communications and Collaboration Security 00:00:57
    15. UC Security 00:02:53
    16. UC Attacks 00:02:47
    17. UC Components 00:01:14
    18. Traffic Prioritization (QoS) 00:06:15
    19. Security Solutions for Data Flow 00:06:15
    20. VoIP Security 00:00:47
    21. The VoIP Implementation Process 00:02:41
    22. VoIP Implementation Considerations 00:01:08
    23. Remote Access Security 00:02:25
    24. VPN Solutions 00:01:44
    25. External Communications Security 00:01:38
    26. Collaboration Platform Security Issues 00:01:57
    27. Demo - Least Privilege 00:04:12
    28. Common Mobile Devices 00:01:12
    29. Enterprise Security Methods for Mobile Devices 00:02:02
    30. Topic C: Cryptographic Tools and Techniques 00:00:50
    31. Cryptography in the Enterprise 00:01:17
    32. Considerations for Cryptography in the Enterprise 00:03:05
    33. Demo - File Encryption 00:02:36
    34. Cryptographic Methods and Design 00:04:04
    35. Basic Approaches to Encryption 00:14:42
    36. Transport Encryption Methods 00:04:22
    37. Security Implications for Encryption 00:02:07
    38. Digital Signature Techniques 00:02:59
    39. Advanced PKI Components 00:07:54
    40. Code Signing 00:02:17
    41. Attestation 00:00:17
    42. Entropy 00:02:07
    43. PRNG 00:01:14
    44. PFS 00:03:51
    45. Confusion and Diffusion 00:01:44
    46. Topic D: Advanced Authentication 00:00:23
    47. Advanced Authentication Within the Enterprise 00:01:43
    48. Certificate -Based Authentication 00:00:50
    49. SAML 00:04:11
    50. SPML 00:01:34
    51. XACML 00:01:38
    52. SOAP 00:02:24
    53. WSS 00:01:11
    54. Section 02 Review 00:00:37
  4. Enterprise Resource Technology
    1. Enterprise Resource Technology 00:00:23
    2. Topic A: Enterprise Storage Security Issues 00:01:04
    3. Common Enterprise Storage Technologies 00:06:07
    4. NAS Security Implications 00:01:06
    5. SAN Security Implications 00:00:55
    6. vSAN Security Implications 00:01:08
    7. Virtual Storage 00:02:36
    8. Security Implications of Virtual Storage 00:05:36
    9. Cloud Storage 00:01:51
    10. Security Implications of Cloud Storage 00:04:21
    11. Data Warehousing 00:01:55
    12. Security Implications of Data Warehousing 00:01:58
    13. Data Archiving 00:02:06
    14. Security Implications of Data Archiving 00:02:54
    15. iSCSI Security Implications 00:03:31
    16. iSCSI 00:04:32
    17. Security Implications of iSCSI 00:01:50
    18. FCoE Security Implications 00:01:35
    19. FCoE 00:01:01
    20. Security Implications of FCoE 00:00:37
    21. vSAN 00:02:10
    22. Security Implications of vSAN 00:00:50
    23. LUN 00:01:57
    24. LUN Masking in the Security Architecture 00:02:05
    25. Redundancy 00:01:59
    26. Dynamic Disk Pools 00:01:35
    27. LUN Masking and Mapping 00:03:35
    28. HBA Allocations 00:01:11
    29. Multipath 00:01:06
    30. Offsite and Multisite Replication 00:02:57
    31. Additional Storage Security Implications 00:05:05
    32. Snapshots 00:02:03
    33. Deduplication 00:03:18
    34. Guidelines for Ensuring Secure Storage Management 00:01:35
    35. Topic B: Distributed, Shared, and Virtualized Computing 00:00:34
    36. Why Virtualization? 00:03:58
    37. Advantages of Virtualization 00:02:03
    38. VLANs 00:01:11
    39. VMs 00:04:53
    40. VDI 00:03:57
    41. Terminal Services 00:01:00
    42. Virtualization Vulnerabilities 00:03:29
    43. Vulnerabilities of Hosting VMs for Multiple Companies 00:02:33
    44. Virtual Environment Security Methods 00:02:07
    45. Topic C: Cloud Computing and Security 00:00:15
    46. Cloud Computing 00:00:34
    47. Cloud Computing Service Models 00:02:54
    48. Cloud Storage Considerations 00:01:16
    49. Security Vulnerabilities of Cloud Computing 00:01:50
    50. Secure Use of Cloud Computing Within the Enterprise 00:02:18
    51. Section 03 Review 00:00:47
  5. Security Design and Solutions
    1. Security Design and Solutions 00:00:19
    2. Topic A: Network Security Design 00:00:58
    3. Network Design Types and Techniques 00:00:45
    4. Network Design Considerations 00:04:49
    5. Data Network Types 00:04:16
    6. A Data Network Topology 00:01:17
    7. Data Network Topology Types 00:08:00
    8. A Network Diagram 00:02:48
    9. Data Network Media Types 00:02:13
    10. Network Transmission Methodologies 00:05:45
    11. Physical Security 00:03:14
    12. Building Layout 00:03:42
    13. Facilities Management 00:02:00
    14. Unified Threat Management 00:01:54
    15. NIDS 00:02:38
    16. NIPS 00:02:01
    17. Inline Network Encryptor 00:02:20
    18. Security Information and Event Management 00:02:33
    19. SIEM Capabilities 00:02:24
    20. Network-Attached HSM 00:02:28
    21. Application and Protocol Aware Technologies 00:06:49
    22. Virtual Networking and Security Components 00:03:33
    23. Device Placement 00:03:09
    24. Guidelines for Analyzing Network Security Components and Devices 00:01:45
    25. Guidelines for Analyzing Network Security Components and Devices (Cont.) 00:01:14
    26. Building Automation Systems 00:01:26
    27. Hardware Attacks 00:01:11
    28. Environmental Threats and Vulnerabilities 00:01:11
    29. Sensors 00:00:41
    30. Physical Access Control Systems 00:01:44
    31. Scientific and Industrial Equipment 00:00:39
    32. A/V Systems 00:00:35
    33. IP Video 00:00:46
    34. Network Attacks 00:04:59
    35. SCADA 00:01:39
    36. Secure Infrastructure Design 00:03:17
    37. Storage Integration Considerations 00:01:29
    38. Guidelines for Analyzing Network-Enabled Devices 00:01:29
    39. Remote Access 00:01:46
    40. IPv6 and Associated Transitional Technologies 00:08:16
    41. Network Authentication 00:04:11
    42. 802.1X 00:03:15
    43. Software-Defined Networking 00:03:14
    44. Cloud-Managed Networks 00:01:09
    45. Guidelines for Analyzing Advanced Network Design 00:02:56
    46. Network Baselining 00:01:17
    47. Configuration Lockdown 00:01:32
    48. Change Monitoring 00:02:19
    49. Availability Controls 00:02:43
    50. ACLs 00:01:34
    51. DMZ 00:01:13
    52. Separation of Critical Assets 00:00:40
    53. Data Flow Enforcement 00:03:23
    54. Network Device Configuration 00:02:43
    55. Network Access Control 00:01:17
    56. Critical Infrastructure and Industrial Control Systems 00:01:52
    57. Network Management and Monitoring Tools 00:00:33
    58. Guidelines for Configuring Controls for Network Security 00:02:16
    59. Topic B: Conduct a Security Assessment 00:00:32
    60. Malware Sandboxing 00:02:05
    61. Memory Dumping 00:00:37
    62. Runtime Debugging 00:00:59
    63. Vulnerability Assessment 00:07:41
    64. Penetration Testing 00:02:06
    65. Hacking Steps 00:06:29
    66. Penetration Testing Techniques 00:01:04
    67. Fingerprinting 00:03:37
    68. Types of Social Engineering 00:02:44
    69. Vulnerability Scanners 00:01:04
    70. Port Scanners 00:01:08
    71. Protocol Analyzers 00:01:04
    72. Network Enumerators 00:00:40
    73. Password Crackers 00:01:04
    74. Fuzzers 00:00:26
    75. HTTP Interceptors 00:01:57
    76. Exploitation Tools and Frameworks 00:00:48
    77. Passive Reconaissance and Intelligence Gathering Tools 00:00:49
    78. Code Review Methods 00:03:53
    79. A Social Engineering Test 00:05:09
    80. Security Assessment Tools 00:06:55
    81. How to Conduct a Security Assessment 00:02:32
    82. Topic C: Host Security 00:00:44
    83. Host-Based Security Controls 00:02:18
    84. Host-Based Firewalls 00:01:43
    85. Firewall Rules 00:02:26
    86. Demo - Firewalls 00:04:53
    87. TPM 00:02:18
    88. Trusted OS 00:01:03
    89. Endpoint Security 00:00:45
    90. Endpoint Security Software 00:02:24
    91. Guidelines for Selecting Host Hardware and Software 00:02:38
    92. Security and Group Policy Implementations 00:01:58
    93. Standard Operating Environment 00:00:59
    94. Command Shell Restrictions 00:00:53
    95. Patch Management 00:02:52
    96. Out-of-Band Communication 00:01:55
    97. Peripheral Restrictions 00:00:49
    98. Communications Protocols Used by Peripherals 00:00:48
    99. Full Disk Encryption 00:00:46
    100. Trusted OS (Cont.) 00:03:41
    101. Endpoint Security (Cont.) 00:02:28
    102. Anti-Malware Software 00:00:49
    103. Host Hardening 00:01:13
    104. Guidelines for Hardening Hosts 00:01:07
    105. Operating System Security 00:02:18
    106. Host Hardening Action Steps 00:02:15
    107. Asset Management 00:01:08
    108. HIDS 00:01:26
    109. HIPS 00:00:41
    110. Host Monitoring 00:01:53
    111. Virtualization Platforms 00:02:16
    112. Hypervisors 00:01:17
    113. Container-Based Virtualization 00:00:37
    114. VDI 00:02:25
    115. Security Implications of VDI 00:02:22
    116. Terminal Services 00:01:00
    117. Application Delivery Services 00:02:16
    118. vTPM 00:00:38
    119. VM Vulnerabilities 00:01:33
    120. Guidelines for Virtualizing Servers and Desktops 00:02:10
    121. Cloud Services 00:01:08
    122. Cloud Security Services 00:01:30
    123. Hash Matching 00:01:33
    124. Content Filtering 00:00:37
    125. Guidelines for Implementing Cloud Augmented Security Services 00:01:20
    126. BIOS 00:01:26
    127. UEFI 00:01:02
    128. Secure Boot 00:01:12
    129. Measured Launch 00:01:01
    130. IMA 00:00:27
    131. Section 04 Review 00:00:43
  6. Managing Risk in Projects
    1. Managing Risk in Projects 00:00:22
    2. Topic A: Create a Risk Management Plan 00:01:02
    3. Risk 00:00:33
    4. Risk Exposure 00:01:36
    5. Risk Analysis Methods 00:01:46
    6. Risks Facing an Enterprise 00:02:04
    7. Project Buffer 00:02:06
    8. Classification of Risks 00:02:40
    9. Business Risk vs. Insurable Risk 00:01:46
    10. Risk Tolerance 00:00:55
    11. Probability Scale 00:00:55
    12. Impact Scale 00:00:33
    13. RBS 00:00:16
    14. RBS (Cont.) 00:01:51
    15. Enterprise Security Architecture Frameworks 00:01:44
    16. ESA Framework Assessment Process 00:02:29
    17. New Products and Technologies 00:01:41
    18. New and Changing Business Models 00:01:56
    19. Partnership Model 00:02:01
    20. Outsourcing Model 00:01:07
    21. Cloud Model 00:00:33
    22. Mergers 00:01:46
    23. Demergers and Divestitures 00:01:25
    24. Integration of Diverse Industries 00:01:13
    25. Third-Party Providers 00:01:40
    26. Internal and External Influences 00:00:50
    27. De-perimeterization 00:01:00
    28. Risk Determinations 00:06:20
    29. Guidelines for Assessing Risk 00:01:32
    30. Classes of Information 00:02:31
    31. Classification of Information Types into CIA Levels 00:00:59
    32. Stakeholder Input for CIA Decisions 00:00:48
    33. Technical Controls 00:02:08
    34. Aggregate CIA Score 00:02:41
    35. Extreme Scenario Planning and Worst Case Scenarios 00:02:04
    36. System-Specific Risk Analysis 00:01:39
    37. Risk Response Techniques 00:01:57
    38. Risk Management Processes 00:02:21
    39. Continuous Monitoring and Improvement 00:00:25
    40. Risk Management 00:00:40
    41. The Risk Management Plan 00:00:58
    42. Components of a Risk Management Plan 00:00:42
    43. How to Create a Risk Management Plan 00:01:01
    44. IT Governance 00:00:50
    45. IT Governance A 00:00:45
    46. Guidelines for Mitigating Risk 00:01:27
    47. Policy Development 00:00:44
    48. Process and Procedure Development 00:00:34
    49. Best Practices to Incorporate in Security Policies and Procedures 00:02:52
    50. Legal Compliance and Advocacy 00:00:57
    51. General Privacy Principles 00:00:35
    52. Topic B: Identify Risks and Their Causes 00:00:25
    53. Triggers 00:00:47
    54. Information Gathering Techniques 00:01:02
    55. Documentation Reviews 00:01:31
    56. SWOT Analysis 00:00:35
    57. Risk Analysis 00:00:27
    58. Risk Register 00:01:28
    59. Components of a Risk Register 00:01:28
    60. Risk Categories 00:01:18
    61. How to Identify Risks and Their Causes 00:02:07
    62. Topic C: Analyze Risks 00:00:44
    63. Qualitative Risk Analysis 00:01:15
    64. Quantitative Risk Analysis 00:00:46
    65. Risk Probability and Impact Assessment 00:01:25
    66. The Probability and Impact Risk Rating Matrix 00:01:09
    67. The Ongoing Risk Assessment Process 00:00:43
    68. Project Risk Ranking 00:01:25
    69. Data Collection and Representation Techniques 00:00:51
    70. Basics of Probability 00:01:20
    71. Probability Distribution 00:00:36
    72. Quantitative Analysis Methods 00:01:07
    73. Qualitative Analysis Methods 00:01:04
    74. Risk Data Quality Assessment 00:01:50
    75. Risk Urgency Assessment 00:00:24
    76. Simulation 00:01:16
    77. Monte Carlo Analysis 00:01:52
    78. How to Analyze Risks 00:00:44
    79. How to Analyze Risks A 00:00:38
    80. Topic D: Develop a Risk Response Plan 00:00:22
    81. Negative Risks 00:00:22
    82. Negative Risk Strategies 00:00:42
    83. Positive Risks 00:00:45
    84. Positive Risk Strategies 00:00:50
    85. Contingency Plan 00:00:41
    86. The BCP 00:00:40
    87. DRP 00:00:20
    88. Contingency Reserve 00:00:16
    89. Risk-Related Contract Decisions 00:00:52
    90. How to Develop a Risk Response Plan A 00:00:43
    91. How to Develop a Risk Response Plan B 00:00:21
    92. Section 05 Review 00:00:44
  7. Integrating Advanced Authentication and Authorization Techniques
    1. Integrating Advanced Authentication and Authorization Techniques 00:00:30
    2. Topic A: Implement Authentication and Authorization Technologies 00:00:09
    3. Authentication 00:00:32
    4. Certificate-Based Authentication 00:02:20
    5. SSO 00:01:27
    6. Authorization 00:01:06
    7. OAuth 00:00:40
    8. The OAuth Process 00:00:36
    9. XACML 00:00:55
    10. SPML 00:00:30
    11. Trust Models 00:01:13
    12. RADIUS Configurations 00:03:27
    13. LDAP 00:01:26
    14. Active Directory 00:00:30
    15. Kerberos 00:02:12
    16. Guidelines for Implementing Authentication and Authorization 00:01:31
    17. Topic B: Implement Advanced Identity Management 00:00:27
    18. Attestation 00:01:20
    19. Identity Propagation 00:00:51
    20. Identity Federation 00:01:50
    21. Identity Federation Methods 00:00:49
    22. Guidelines for Implementing Advanced Identity Management 00:01:22
    23. Section 06 Review 00:00:58
  8. Implementing Cryptographic Techniques
    1. Implementing Cryptographic Techniques 00:00:17
    2. Topic A: Describe Cryptographic Concepts 00:00:27
    3. Confidentiality 00:01:41
    4. Integrity 00:01:39
    5. Non-repudiation 00:01:46
    6. Entropy 00:01:12
    7. Confusion 00:00:58
    8. Diffusion 00:01:10
    9. Chain of Trust 00:02:33
    10. Root of Trust 00:00:46
    11. Steganography 00:02:42
    12. Advanced PKI Concepts 00:03:24
    13. Topic B: Choose Cryptographic Techniques 00:01:01
    14. Cryptographic Applications 00:04:02
    15. Cryptographic Methods 00:04:09
    16. Block Cipher Modes 00:01:36
    17. Cryptographic Design Considerations 00:02:10
    18. Data at Rest Encryption 00:00:53
    19. Transport Encryption Protocols 00:04:02
    20. Transport Encryption 00:00:55
    21. Hashing 00:03:07
    22. Hash Functions 00:01:06
    23. Key Stretching 00:00:39
    24. Digital Signatures 00:02:59
    25. Code Signing 00:01:16
    26. Pseudorandom Number Generation 00:00:43
    27. Perfect Forward Secrecy 00:01:36
    28. Guidelines for Choosing Cryptographic Techniques 00:00:57
    29. Topic C: Choose Cryptographic Implementations 00:00:34
    30. DRM 00:01:20
    31. Digital Watermarking 00:00:34
    32. SSL/TLS 00:00:49
    33. SSH 00:00:51
    34. PGP and GPG 00:00:53
    35. S/MIME 00:00:56
    36. Guidelines for Choosing Cryptographic Implementations 00:00:59
    37. Section 07 Review 00:00:43
  9. Integrating Hosts, Storage, Networks, and Applications in a Secure Enterprise Ar
    1. Integrating Hosts, Storage, Networks, and Applications in a Secure Enterprise Ar 00:00:42
    2. Topic A: Implement Security Standards in the Enterprise 00:00:21
    3. Standards 00:03:18
    4. Categories of Standards 00:01:15
    5. Interoperability Issues 00:01:37
    6. Data Flow Security 00:03:11
    7. Guidelines for Implementing Standards in the Enterprise 00:02:16
    8. Topic B: Select Technical Deployment Models 00:00:36
    9. Deployment Models 00:00:59
    10. Cloud and Virtualization and Hosting Options 00:00:54
    11. Elastic Cloud Computing 00:01:19
    12. Data Remnants in the Cloud 00:01:57
    13. Data Aggregation 00:02:34
    14. Data Isolation 00:03:55
    15. Resource Provisioning and De-provisioning 00:02:47
    16. Virtual Machine Vulnerabilities 00:02:08
    17. Virtual Environment Security 00:03:05
    18. Virtual Environment Security (Cont.) 00:01:54
    19. Network Segmentation 00:00:41
    20. Network Delegation 00:01:27
    21. Mergers and Acquisitions 00:01:40
    22. Guidelines for Selecting Technical Deployment Models 00:01:36
    23. Topic C: Secure the Design of the Enterprise Infrastructure 00:00:32
    24. Infrastructure Design Security 00:04:19
    25. Deployment Diagrams 00:02:24
    26. Storage Integration 00:01:04
    27. Guidelines for Securing the Design of the Enterprise Infrastructure 00:01:24
    28. Topic D: Secure Enterprise Application Integration Enablers 00:00:56
    29. Customer Relationship Management 00:01:49
    30. Enterprise Resource Planning 00:02:16
    31. Governance, Risk, and Compliance 00:01:53
    32. Enterprise Service Bus 00:02:32
    33. Service Oriented Architecture 00:01:23
    34. Directory Services 00:01:04
    35. Domain Name System 00:03:29
    36. Configuration Management Database 00:01:59
    37. Content Management System 00:01:48
    38. Guidelines for Securing Enterprise Application Integration Enablers 00:01:29
    39. Section 08 Review 00:00:36
  10. Security Research and Analysis
    1. Security Research and Analysis 00:00:38
    2. Topic A: Perform an Industry Trends and Impact Analysis 00:01:48
    3. Industry Best Practices 00:04:30
    4. Demo - Security Research 00:02:22
    5. Research Methods 00:02:19
    6. Technology Evolution 00:02:39
    7. New Technologies, Security Systems, and Services 00:02:50
    8. New Security Technology Types 00:03:38
    9. Global IA Industry and Community 00:02:47
    10. Security Requirements for Contracts 00:01:50
    11. Guidelines for Determining Industry Trends and Effects on the Enterprise 00:03:05
    12. Situational Awareness 00:00:42
    13. Situational Awareness Considerations 00:02:18
    14. Emerging Business Tools 00:02:00
    15. Social Media as an Emerging Business Tool 00:00:17
    16. Mobile Devices as Emerging Business Tools 00:00:34
    17. Emerging Security Issues 00:02:13
    18. The Global Impact Analysis Industry 00:01:55
    19. Security Requirements for Business Contracts 00:01:55
    20. How to Perform an Industry Trends Impact Analysis 00:00:54
    21. Topic B: Perform an Enterprise Security Analysis 00:01:31
    22. Benchmarking 00:01:44
    23. Network Traffic Analysis 00:02:19
    24. Types of Network Traffic Analysis 00:03:14
    25. Prototyping and Testing 00:01:06
    26. Cost -Benefit Analysis 00:02:54
    27. Security Analysis Strategies 00:01:31
    28. Security Solution Analysis 00:00:58
    29. Lessons Learned Review 00:00:21
    30. How to Perform an Enterprise Security Analysis 00:00:48
    31. Review Existing Security 00:01:42
    32. Reverse Engineering 00:01:38
    33. Solution Attributes 00:01:17
    34. After -Action Report 00:01:14
    35. Guidelines for Analyzing Scenarios to Secure the Enterprise 00:03:26
    36. Section 09 Review 00:00:24
  11. Disaster Recovery and Business Continuity
    1. Disaster Recovery and Business Continuity 00:00:08
    2. Topic A: BCP Fundamentals 00:00:52
    3. BCPs 00:01:23
    4. BCP Development Phases 00:01:51
    5. NIST Contingency Planning Steps 00:00:34
    6. NFPA Business Planning Framework 00:00:35
    7. Disruptive Events 00:00:52
    8. BIA 00:02:27
    9. BIA Organizational Goals 00:00:42
    10. BIA Process 00:01:13
    11. Critical Business Process 00:01:59
    12. Vulnerability Assessments 00:02:10
    13. MTD 00:02:30
    14. RPO 00:01:01
    15. RTO 00:01:40
    16. RPO/RTO Optimization 00:01:10
    17. Topic B: BCP Implementation 00:00:26
    18. Program Coordinators 00:00:43
    19. Advisory Committee -BCP Team 00:01:28
    20. BCP Team Responsibilities 00:00:42
    21. BCP Contents 00:00:42
    22. Business Plan Evaluations 00:00:53
    23. Business Plan Testing 00:03:03
    24. Business Plan Maintenance 00:00:53
    25. Business Continuity Process 00:01:18
    26. Topic C: DRP Fundamentals 00:00:17
    27. DRP 00:01:31
    28. Disaster Recovery Strategy 00:02:38
    29. Disaster Recovery Priority Levels 00:02:14
    30. Disaster Recovery Response Approaches 00:02:54
    31. Backup Strategies 00:01:04
    32. Data Restoration Strategies 00:03:44
    33. Alternate Sites 00:03:54
    34. Topic D: DRP Implementation 00:00:16
    35. Recovery Team 00:00:32
    36. Salvage Team 00:00:24
    37. Disaster Recovery Evaluation and Maintenance 00:00:54
    38. Disaster Recovery Testing 00:00:38
    39. Disaster Recovery Process 00:00:32
    40. Section 10 Review 00:00:13
  12. Responding to and Recovering from Incidents
    1. Responding to and Recovering from Incidents 00:00:23
    2. Topic A: Design Systems to Facilitate Incident Response 00:00:33
    3. Internal and External Violations 00:02:46
    4. Security Violations and System Design 00:05:01
    5. System, Audit, and Security Logs 00:01:57
    6. Guidelines for Designing Systems to Facilitate Incident Response 00:03:24
    7. Topic B: Conduct Incident and Emergency Responses 00:00:37
    8. E-Discovery 00:01:24
    9. E-Discovery Policy 00:01:35
    10. Data Breach 00:01:37
    11. Data Breach Response 00:01:10
    12. Chain of Custody 00:02:20
    13. Forensic Analysis of Compromised Systems 00:03:35
    14. COOP - Continuity of Operations 00:03:36
    15. Order of Volatility 00:02:19
    16. Guidelines for Conducting Incident and Emergency Responses 00:02:22
    17. Section 11 Review 00:00:24
  13. Legal Issues
    1. Legal Issues 00:00:09
    2. Topic A: Computer Crime Laws and Regulations 00:00:20
    3. Common Law 00:01:14
    4. Statutory Law 00:01:04
    5. Types of Statutory Offenses 00:01:21
    6. Administrative Law 00:00:44
    7. Intellectual Property Law 00:02:30
    8. Information Privacy Law 00:02:41
    9. Computer Crime Law 00:01:39
    10. Compliance 00:00:53
    11. Liability 00:01:19
    12. Internal and External Audits 00:01:38
    13. Governmental Oversight Resources 00:00:52
    14. Topic B: Computer Crime Incident Response 00:00:32
    15. Computer Crime 00:01:24
    16. The Computer Criminal Incident Response Process 00:04:02
    17. The Evidence Life Cycle 00:00:48
    18. Evidence Collection Techniques 00:00:44
    19. Evidence Types 00:02:22
    20. Chain of Evidence 00:02:04
    21. Rules of Evidence 00:01:22
    22. Surveillance Techniques 00:01:27
    23. Computer Forensics A 00:01:49
    24. Computer Forensics B 00:01:06
    25. Section 12 Review 00:00:18
  14. Judgment and Decision-Making
    1. Judgment and Decision-Making 00:00:16
    2. Topic A: Develop Critical Thinking Skills 00:00:24
    3. Intellectual Autonomy 00:01:37
    4. Humility 00:01:25
    5. Objectivity 00:01:23
    6. Focus on the Argument 00:00:38
    7. Clarity 00:01:09
    8. Defining Your Argument 00:00:57
    9. Intellectual Honesty 00:00:27
    10. Logical Fallacies 00:02:45
    11. Assessing Arguments Logically 00:01:09
    12. How to Employ Critical Thinking Skills 00:00:26
    13. Topic B: Determine the Root of a Problem 00:00:27
    14. Obstacles to Analysis 00:01:15
    15. Occam's Razor 00:00:41
    16. Techniques for Applying Occam's Razor 00:02:06
    17. Theme Analysis 00:00:23
    18. The Four Guidelines Technique 00:00:57
    19. How to Determine the Root of a Problem 00:00:24
    20. Topic C: Use Judgment to Make Sound Decisions 00:00:46
    21. Analyzing Problems 00:00:39
    22. Analytical vs. Creative Thinking 00:01:47
    23. Barriers to Creative Thinking 00:01:18
    24. Brainstorming 00:00:28
    25. Rules of Brainstorming 00:01:11
    26. Evaluating Brainstorming Ideas 00:01:05
    27. A Fishbone Diagram 00:01:11
    28. A Pareto Chart 00:01:39
    29. A Histogram 00:00:38
    30. A Cost-Benefit Analysis 00:01:30
    31. Phases in Cost-Benefit Analysis 00:01:28
    32. A Prioritization Matrix 00:01:06
    33. A Trade-Off Method 00:01:18
    34. A Decision Tree 00:00:21
    35. An Ease and Effect Matrix 00:00:55
    36. A PMI Analysis Table 00:01:06
    37. How to Use Judgment to Make Sound Decisions 00:00:19
    38. Section 13 Review 00:00:19
    39. Course Closure 00:02:09