O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CompTIA Security+ (SY0-501)

Video Description

The CompTIA Security+ covers the latest SY0-501 version of the CompTIA Security+ certification exam. The course enables the students to gain the basic knowledge needed to plan, implement, and maintain information security in a vendor-neutral format. The course includes topics such as risk management, host and network security, authentication and access control systems, cryptography, and organizational security. The course contents are based on the CompTIA Security+ (SY0-501) certification exam and completely covers all the exam topics through theoretical and scenario-based learning examples. The CompTIA Security+ is the premier vendor-neutral security certification. This preparatory course for the CompTIA Security+ certification exam assures that the students completely learn and understand the exam topics of the latest SY0-501 exam version. The students will be able to demonstrate their knowledge of security concepts, tools, and procedures. It also confirms their ability to react to security incidents, and validates their skills in anticipating security risks and guarding against them.

Table of Contents

  1. Course Introduction
    1. Course Introduction 00:01:55
    2. Courseware Information 00:00:15
    3. Instructor Introduction 00:01:34
  2. Chapter 01 - Identifying Security Fundamentals
    1. Identifying Security Fundamentals 00:01:11
    2. Topic A: Identify Information Security Concepts 00:00:54
    3. Information Security 00:01:19
    4. Goals of Information Security 00:01:56
    5. Risk 00:03:09
    6. Vulnerabilities 00:02:07
    7. Threats 00:00:59
    8. Attacks 00:01:17
    9. Controls 00:01:32
    10. Types of Controls 00:01:28
    11. The Security Management Process 00:01:46
    12. Demo - Identifying Information Security Basics 00:02:42
    13. Topic B: Identify Basic Security Controls 00:00:37
    14. The CIA Triad 00:00:29
    15. The CIA Triad (cont.) 00:05:09
    16. Non-repudiation 00:00:44
    17. Identification 00:01:06
    18. Authentication 00:00:47
    19. Authentication Factors 00:04:01
    20. Authorization 00:00:59
    21. Access Control 00:00:47
    22. Accounting and Auditing 00:01:02
    23. Principle of Least Privilege 00:01:59
    24. Privilege Management 00:03:02
    25. Demo - Identifying Basic Security Controls 00:01:59
    26. Topic C: Identify Basic Authentication and Authorization Concepts 00:00:50
    27. Passwords 00:02:05
    28. Tokens 00:01:28
    29. Biometrics 00:01:54
    30. Geolocation 00:01:26
    31. Keystroke Authentication 00:01:18
    32. Multi-factor Authentication 00:01:36
    33. Mutual Authentication 00:00:37
    34. Demo - Identifying Basic Authentication and Authorization Concepts 00:02:32
    35. Topic D: Identify Basic Cryptography Concepts 00:00:37
    36. Cryptography 00:01:34
    37. Encryption and Decryption 00:01:57
    38. Encryption and Decryption (cont.) 00:00:54
    39. Encryption and Security Goals 00:01:35
    40. Ciphers 00:01:21
    41. A Key 00:02:12
    42. Symmetric Encryption 00:00:55
    43. Asymmetric Encryption 00:01:46
    44. Asymmetric Encryption ( cont.) 00:01:56
    45. Hashing 00:01:55
    46. Steganography 00:01:46
    47. Demo - Identifying Basic Cryptography Concepts 00:04:43
    48. Chapter 01 Review 00:00:56
  3. Chapter 02 - Analyzing Risk
    1. Analyzing Risk 00:01:06
    2. Topic A: Analyze Organizational Risk 00:00:38
    3. Risk Management 00:01:10
    4. Components of Risk Analysis 00:02:17
    5. Phases of Risk Analysis 00:02:41
    6. Categories of Threat Types 00:01:39
    7. Risk Analysis Methods 00:01:37
    8. Risk Calculation 00:03:10
    9. Risk Response Techniques 00:02:08
    10. Risk Mitigation and Control Types 00:02:20
    11. Change Management 00:02:01
    12. Change Management (cont.) 00:01:16
    13. Guidelines for Analyzing Risk 00:01:16
    14. Demo - Analyzing Risks to the Organization 00:03:03
    15. Topic B: Analyze the Business Impact of Risk 00:00:42
    16. BIA 00:01:14
    17. Impact Scenarios 00:01:18
    18. Impact Scenarios (cont.1) 00:00:41
    19. Impact Scenarios (cont.2) 00:01:44
    20. Privacy Assessments 00:02:07
    21. Critical Systems and Functions 00:01:05
    22. Maximum Tolerable Downtime 00:00:55
    23. Recovery Point Objective 00:01:01
    24. Recovery Time Objective 00:00:39
    25. Mean Time to Failure 00:00:34
    26. Mean Time to Repair 00:00:40
    27. Mean Time Between Failures 00:01:04
    28. Guidelines for Performing a Business Impact Analysis 00:00:56
    29. Demo - Performing a Business Impact Analysis 00:03:49
    30. Chapter 02 Review 00:00:51
  4. Chapter 03 - Identifying Security Threats
    1. Identifying Security Threats 00:01:44
    2. Topic A: Identify Types of Attackers 00:00:29
    3. Hackers and Attackers 00:02:42
    4. Hackers and Attackers (cont.) 00:02:01
    5. Threat Actors 00:02:12
    6. Threat actors (cont.) 00:00:21
    7. Threat Actor Attributes 00:02:35
    8. Threat Actor Attributes (cont.) 00:01:19
    9. Open-Source Intelligence 00:01:35
    10. Demo - Identifying Types of Attackers 00:02:47
    11. Topic B: Identify Social Engineering Attacks 00:01:27
    12. Social Engineering 00:01:47
    13. Social Engineering (cont.) 00:01:57
    14. Effectiveness 00:05:49
    15. Impersonation 00:01:48
    16. Phishing and Related Attacks 00:04:12
    17. Phishing and Related Attacks (cont.) 00:02:41
    18. Hoaxes 00:01:14
    19. Physical Exploits 00:01:58
    20. Watering Hole Attacks 00:00:58
    21. Demo - Identifying Social Engineering Attacks 00:02:09
    22. Topic C: Identify Malware 00:00:30
    23. Malicious Code 00:00:53
    24. Malicious Code (cont.) 00:01:07
    25. Viruses 00:01:58
    26. Worms 00:00:59
    27. Adware 00:00:43
    28. Spyware 00:01:09
    29. Trojan Horses 00:01:03
    30. Keyloggers 00:01:23
    31. Remote Access Trojans 00:00:38
    32. Logic Bombs 00:01:21
    33. Botnets 00:02:29
    34. Botnets (cont.) 00:00:19
    35. Ransomware 00:03:19
    36. Ransomware (cont.) 00:00:56
    37. Advance Persistent Threats 00:01:05
    38. Demo - Identifying Types of Malware 00:02:45
    39. Topic D: Identify Software-Based Threats 00:00:38
    40. Software Attacks 00:00:46
    41. Password Attacks 00:00:52
    42. Types of Password Attacks 00:02:20
    43. Types of Password Attacks (cont.) 00:02:14
    44. Cryptographic Attacks 00:00:49
    45. Types of Cryptographic Attacks 00:02:37
    46. Types of Cryptographic Attacks (cont.) 00:01:21
    47. Backdoor Attacks 00:01:15
    48. Backdoor Attacks (cont.) 00:00:18
    49. Application Attacks 00:01:08
    50. Application Attacks (cont.) 00:00:29
    51. Types of Application Attacks 00:04:29
    52. Driver Manipulation 00:01:24
    53. Privilege Escalation 00:01:21
    54. Privilege Escalation (cont.) 00:00:21
    55. Demo - Identifying Password Attacks 00:07:52
    56. Topic E: Identify Network-Based Threats 00:01:05
    57. TCP/IP Basics 00:03:07
    58. TCP/IP (cont.) 00:03:50
    59. Spoofing Attacks 00:00:53
    60. IP and MAC Address Spoofing 00:01:11
    61. IP and MAC Address Spoofing (cont.) 00:00:47
    62. ARP Poisoning 00:02:33
    63. DNS Poisoning 00:01:57
    64. Port Scanning Attacks 00:02:10
    65. Port Scanning Attacks (cont.) 00:00:14
    66. Scan Types 00:01:13
    67. Scan Types (cont.) 00:00:54
    68. Eavesdropping Attacks 00:01:21
    69. Man-in-the-Middle Attacks 00:00:44
    70. Man-in-the-Middle Attacks (cont.) 00:00:38
    71. Man-in-the-Browser Attacks 00:01:00
    72. Replay Attacks 00:00:37
    73. Replay Attacks (cont.) 00:00:34
    74. DoS Attacks 00:01:40
    75. DDoS Attacks 00:01:23
    76. Hijacking Attacks 00:01:25
    77. Hijacking Attacks (cont.) 00:01:30
    78. Amplification Attacks 00:00:35
    79. Amplification Attacks (cont.) 00:01:57
    80. Pass the Hash Attacks 00:01:09
    81. Demo - Identifying Threats to DNS 00:04:01
    82. Demo - Identifying Port Scanning Threats 00:07:27
    83. Topic F: Identify Wireless Threats 00:00:41
    84. Rogue Access Points 00:00:51
    85. Evil Twins 00:01:04
    86. Jamming 00:00:36
    87. Bluejacking 00:01:27
    88. Bluesnarfing 00:00:58
    89. Near Field Communication Attacks 00:01:03
    90. RFID System Attacks 00:00:58
    91. War Driving, War Walking, and War Chalking 00:01:12
    92. Packet Sniffing 00:00:45
    93. IV Attacks 00:01:16
    94. Wireless Replay Attacks 00:00:23
    95. WEP and WPA Attacks 00:02:39
    96. WPS Attacks 00:01:04
    97. Wireless Disassociation 00:00:58
    98. Demo - Identifying Wireless Threats 00:03:03
    99. Topic G: Identify Physical Threats 00:00:56
    100. Physical Threats and Vulnerabilities 00:00:50
    101. Hardware Attacks 00:00:45
    102. Environmental Threats and Vulnerabilities 00:02:02
    103. Environmental Threats and Vulnerabilities (cont.) 00:01:07
    104. Demo - Identifying Physical Threats 00:01:58
    105. Chapter 03 Review 00:01:17
  5. Chapter 04 - Conducting Security Assessments
    1. Conducting Security Assessments 00:00:53
    2. Topic A: Identify Vulnerabilities 00:00:27
    3. Host Vulnerabilities 00:03:18
    4. Software Vulnerabilities 00:04:04
    5. Encryption Vulnerabilities 00:02:00
    6. Network Architecture Vulnerabilities 00:02:05
    7. Account Vulnerabilities 00:01:23
    8. Operations Vulnerabilities 00:03:06
    9. Demo - Identifying Vulnerabilities 00:02:58
    10. Topic B: Assess Vulnerabilities 00:00:25
    11. Security Assessment 00:01:56
    12. Security Assessment Techniques 00:02:44
    13. Vulnerability Assessment Tools 00:03:17
    14. Types of Vulnerability Scans 00:01:45
    15. False Positives 00:02:25
    16. Guidelines for Assessing Vulnerabilities 00:02:27
    17. Demo - Capturing Network Data with Wireshark 00:08:26
    18. Demo - Scanning for General Vulnerabilities 00:05:21
    19. Topic C: Implement Penetration Testing 00:00:29
    20. Penetration Testing 00:01:07
    21. Penetration Testing Techniques 00:03:05
    22. Box Testing Methods 00:01:29
    23. Penetration Testing Tools 00:00:59
    24. Guidelines for Implementing Penetration Testing 00:01:00
    25. Demo - Implementing Penetration Testing 00:04:51
    26. Chapter 04 Review 00:00:55
  6. Chapter 05 - Implementing Host and Software Security
    1. Implementing Host and Software Security 00:01:05
    2. Topic A: Implement Host Security 00:00:23
    3. Hardening 00:01:58
    4. Operating System Security 00:01:42
    5. Operating System Hardening Techniques 00:01:34
    6. Trusted Computing Base 00:01:37
    7. Hardware and Firmware Security 00:02:01
    8. Hardware and Firmware Security (cont.) 00:01:19
    9. Security Baselines 00:00:57
    10. Software Updates 00:02:44
    11. Application Blacklisting and Whitelisting 00:01:32
    12. Logging 00:01:08
    13. Auditing 00:01:58
    14. Anti-malware Software 00:01:50
    15. Types of Anti-malware Software 00:02:42
    16. Hardware Peripheral Security 00:03:30
    17. Embedded Systems 00:01:30
    18. Security Implications for Embedded Systems 00:02:04
    19. Security Implications for Embedded System (cont.) 00:02:10
    20. Guidelines for Securing Hosts 00:01:48
    21. Demo - Implementing Auditing 00:04:42
    22. Demo - Hardening a Server 00:06:02
    23. Topic B: Implement Cloud and Virtualization Security 00:00:28
    24. Virtualization 00:02:50
    25. Hypervisors 00:01:35
    26. Hypervisors (cont.) 00:01:42
    27. Virtual Desktop Infrastructure 00:00:56
    28. Virtualization Security 00:02:42
    29. Cloud Computing 00:02:46
    30. Cloud Deployment Models 00:03:57
    31. Cloud Service Types 00:03:42
    32. Guidelines for Securing Virtualized and Cloud-Based Resources 00:01:23
    33. Demo - Securing Virtual Machine Networking 00:02:14
    34. Topic C: Implement Mobile Device Security 00:00:38
    35. Mobile Device Connection Methods 00:02:15
    36. Mobile Device Connection Methods (cont.) 00:01:53
    37. Mobile Device Management 00:00:43
    38. Mobile Device Security Controls 00:02:43
    39. Mobile Device Security Controls (cont.) 00:02:18
    40. Mobile Device Monitoring and Enforcement 00:03:08
    41. Mobile Device Monitoring and Enforcement (cont.) 00:02:44
    42. Mobile Deployment Models 00:03:10
    43. BYOD Security Controls 00:02:46
    44. Guidelines for Implementing Mobile Device Security 00:01:40
    45. Demo - Implementing Mobile Device Security 00:02:11
    46. Topic D: Incorporate Security in the Software Development Lifecycle 00:00:33
    47. Software Development Lifecycle 00:00:56
    48. Software Development Models 00:02:49
    49. DevOps 00:01:36
    50. Versioning 00:01:16
    51. Secure Coding Techniques 00:03:01
    52. Secure Coding Techniques (cont.) 00:01:42
    53. Code Testing Methods 00:01:36
    54. Guidelines for Incorporating Security in the Software Development Lifecycle 00:00:58
    55. Demo - Performing Static Code Analysis 00:04:30
    56. Chapter 05 Review 00:00:35
  7. Chapter 06 - Implementing Network Security
    1. Mobile Device Monitoring and Enforcement 00:00:47
    2. Topic A: Configure Network Security Technologies 00:00:40
    3. Network Components 00:01:24
    4. Network Devices 00:00:29
    5. Routers 00:02:01
    6. Switches 00:02:43
    7. Proxies 00:02:29
    8. Firewalls 00:03:05
    9. Load Balancer 00:02:29
    10. Network Scanners and Analysis Tools 00:01:06
    11. Intrusion Detection Systems 00:00:45
    12. Network IDS 00:01:48
    13. Intrusion Prevention Systems 00:01:19
    14. Network IPS 00:00:48
    15. Types of Network Monitoring Systems 00:01:46
    16. Security Information and Event Management 00:01:08
    17. Data Loss/Leak Prevention 00:01:35
    18. Virtual Private Networks 00:01:14
    19. VPN Concentrators 00:01:07
    20. Security Gateways 00:01:16
    21. Unified Threat Management 00:01:19
    22. Guidelines for Configuring Network Security Technologies 00:01:57
    23. Demo - Configuring a Network IDS 00:07:53
    24. Topic B: Secure Network Design Elements 00:00:21
    25. Network Access Control 00:01:58
    26. Demilitarized Zones 00:00:59
    27. Network Isolation 00:01:46
    28. Network Isolation (cont.) 00:00:18
    29. Virtual Local Area Networks 00:01:12
    30. Virtual Local Area Networks (cont.) 00:00:29
    31. Network Security Device Placement 00:02:29
    32. Network Address Translation 00:01:09
    33. Software-Defined Networking 00:00:48
    34. Guidelines for Securing Network Design Elements 00:01:21
    35. Demo - Securing Network Design Elements 00:03:32
    36. Topic C: Implement Secure Networking Protocols and Services 00:00:27
    37. The Open Systems Interconnection Model 00:03:45
    38. OSI Model and Security 00:00:45
    39. Internet Protocol Suite 00:04:02
    40. Domain Name System 00:02:34
    41. Hypertext Transfer Protocol 00:00:56
    42. Secure Sockets Layer/Transport Layer Security 00:01:52
    43. Secure Sockets Layer/Transport Layer Security (cont.) 00:01:10
    44. HTTP Secure 00:00:29
    45. Secure Shell 00:00:59
    46. Simple Network Management Protocol 00:01:10
    47. Real-Time Transport Protocol 00:01:14
    48. Internet Control Message Protocol 00:01:24
    49. Internet Protocol Security 00:03:27
    50. Network Basic Input/Output System 00:01:06
    51. File Transfer Protocols 00:01:58
    52. Email Protocols 00:02:49
    53. Additional Networking Protocols and Services 00:01:36
    54. Ports and Port Ranges 00:01:37
    55. Demo - Installing an Internet Information Services Web Server with Basic Security 00:10:37
    56. Demo - Securing Network Traffic Using IPSec 00:06:00
    57. Topic D: Secure Wireless Traffic 00:00:18
    58. Wireless Networks 00:01:32
    59. Wireless Antenna Types 00:02:33
    60. 802.11 Protocols 00:03:04
    61. Wireless Cryptographic Protocols 00:02:17
    62. Wireless Authentication Protocols 00:02:34
    63. VPNs and Open Wireless 00:01:17
    64. Wireless Client Authentication Methods 00:01:47
    65. Wireless Access Point Security 00:02:05
    66. Captive Portals 00:00:42
    67. Site Surveys 00:00:52
    68. Guidelines for Securing Wireless Traffic 00:01:30
    69. Demo - Securing Wireless Traffic 00:06:13
    70. Chapter 06 Review 00:00:33
  8. Chapter 07 - Managing Identity and Access
    1. Managing Identity and Access 00:00:58
    2. Topic A: Implement Identity and Access Management 00:00:27
    3. Identity and Access Management 00:02:11
    4. Access Control Models 00:04:48
    5. Physical Access Control Devices 00:01:09
    6. Biometric Devices 00:03:26
    7. Certificate-Based Authentication 00:01:45
    8. File System and Database Access 00:02:11
    9. Guidelines for Implementing IAM 00:01:30
    10. Demo - Implementing DAC for a File Share 00:06:17
    11. Topic B: Configure Directory Services 00:00:20
    12. Directory Services 00:01:17
    13. Directory Services (cont.) 00:00:45
    14. Lightweight Directory Access Protocol 00:01:48
    15. Secure LDAP 00:00:44
    16. Common Directory Services 00:02:18
    17. Demo - Backing Up Active Directory 00:08:15
    18. Topic C: Configure Access Services 00:00:25
    19. Remote Access Methods 00:01:19
    20. Tunneling 00:01:21
    21. Remote Access Protocols 00:02:10
    22. HMAC-Based One-Time Password 00:01:27
    23. Time-Based OTP 00:00:42
    24. Password Authentication Protocol 00:00:43
    25. Challenge-Handshake Authentication Protocol 00:02:34
    26. NT LAN Manager 00:01:20
    27. Authentication, Authorization, and Accounting 00:00:52
    28. Remote Authentication Dial-In User Service 00:00:56
    29. Remote Authentication Dial-In User Service (cont.) 00:01:00
    30. Terminal Access Controller Access-Control System 00:01:05
    31. Kerberos 00:01:20
    32. Kerberos (Cont.) 00:02:55
    33. Demo - Configuring a Remote Access Server 00:06:07
    34. Demo - Setting Up Remote Access Authentication 00:04:18
    35. Topic D: Manage Accounts 00:00:21
    36. Account Management 00:00:44
    37. Account Privileges 00:02:07
    38. Account Types 00:02:43
    39. Account Policy 00:01:56
    40. Password Policy 00:03:07
    41. Multiple Accounts 00:01:16
    42. Shared Accounts 00:01:43
    43. Account Management Security Controls 00:03:29
    44. Credential Management 00:01:06
    45. Group Policy 00:01:04
    46. Identity Federation 00:02:41
    47. Identity Federation Methods 00:02:08
    48. Guidelines for Managing Accounts 00:01:15
    49. Demo - Managing Accounts 00:05:14
    50. Chapter 07 Review 00:00:31
  9. Chapter 08 - Implementing Cryptography
    1. Implementing Crytography 00:00:53
    2. Topic A: Identify Advanced Cryptography Concepts 00:00:21
    3. Cryptography Elements 00:03:02
    4. Hashing Concepts 00:01:34
    5. Data States 00:01:52
    6. Key Exchange 00:01:31
    7. Key Exchange (cont.) 00:00:17
    8. Digital Signatures 00:00:50
    9. Digital Signatures (cont.) 00:00:40
    10. Cipher Suites 00:01:35
    11. Session Keys 00:01:16
    12. Key Stretching 00:00:44
    13. Special Considerations for Cryptography 00:02:20
    14. Demo - Identifying Advanced Cryptographic Concepts 00:02:56
    15. Topic B: Select Cryptographic Algorithms 00:00:15
    16. Types of Ciphers 00:01:43
    17. Types of Hashing Algorithms 00:01:36
    18. Types of Symmetric Encryption Algorithms 00:02:25
    19. Types of Asymmetric Encryption Techniques 00:02:10
    20. Types of Key Stretching Algorithms 00:00:54
    21. Substitution Ciphers 00:01:15
    22. Exclusive Or 00:01:25
    23. Cryptographic Modules 00:01:14
    24. Demo - Selecting Cryptographic Algorithms 00:02:23
    25. Topic C: Configure a Public Key Infrastructure 00:00:33
    26. Public Key Infrastructure 00:00:59
    27. PKI Components 00:02:54
    28. CA Hierarchies 00:02:40
    29. The Root CA 00:00:40
    30. Subordinate CAs 00:00:45
    31. Offline Root CAs 00:00:44
    32. Types of Certificates 00:02:24
    33. Types of Certificates (cont.) 00:02:42
    34. X.509 00:00:57
    35. Certificate File Formats 00:02:00
    36. CA Hierarchy Design Options 00:02:08
    37. Demo - Installing a CA 00:05:30
    38. Demo - Securing a Windows Server 2016 CA 00:07:39
    39. Topic D: Enroll Certificates 00:00:27
    40. The Certificate Enrollment Process 00:01:23
    41. The Certificate Lifecycle 00:01:23
    42. Certificate Lifecycle Management 00:01:46
    43. The SSL/TLS Connection Process 00:01:02
    44. Demo - Enrolling Certificates 00:04:33
    45. Demo - Securing Network Traffic with Certificates 00:02:26
    46. Topic E: Back Up and Restore Certificates and Private Keys 00:00:29
    47. Private Key Protection Methods 00:01:13
    48. Key Escrow 00:02:20
    49. Private Key Restoration Methods 00:02:01
    50. Private Key Replacement 00:00:39
    51. Demo - Backing Up a Certificate and Private Key 00:03:29
    52. Demo - Restoring a Certificate and Private Key 00:01:16
    53. Topic F: Revoke Certificates 00:00:17
    54. Certificate Revocation 00:01:05
    55. Certificate Revocation List 00:01:41
    56. Certificate Revocation List (cont.) 00:00:22
    57. Online Certificate Status Protocol 00:01:38
    58. Demo - Revoking Certificates 00:02:37
    59. Chapter 08 Review 00:01:04
  10. Chapter 09 - Implementing Operational Security
    1. Implementing Operational Security 00:00:42
    2. Topic A: Evaluate Security Frameworks and Guidelines 00:00:21
    3. Security Frameworks 00:01:28
    4. Security Framework Examples 00:01:38
    5. Security Configuration Guides 00:01:37
    6. Compliance 00:01:30
    7. Layered Security 00:01:07
    8. Defense in Depth 00:00:47
    9. Demo - Evaluating Security Frameworks and Guidelines 00:02:53
    10. Topic B: Incorporate Documentation in Operational Security 00:00:20
    11. Security Policies 00:01:11
    12. Security Policies (cont.) 00:00:44
    13. Common Security Policy Types 00:02:58
    14. Personnel Management 00:00:51
    15. Separation of Duties 00:00:53
    16. Job Rotation 00:01:17
    17. Mandatory Vacation 00:00:55
    18. Additional Personnel Management Tasks 00:01:35
    19. Training and Awareness 00:02:02
    20. Business Agreements 00:01:43
    21. Guidelines for Incorporating Documentation in Operational Security 00:01:09
    22. Demo - Incorporating Documentation in Operational Security 00:03:48
    23. Topic C: Implement Security Strategies 00:00:27
    24. Security Automation 00:01:42
    25. Scalability 00:01:03
    26. Elasticity 00:01:17
    27. Redundancy 00:01:16
    28. Fault Tolerance 00:00:50
    29. Redundant Array of Independent Disks 00:01:34
    30. Non-persistence 00:01:28
    31. High Availability 00:01:08
    32. Deployment Environments 00:01:44
    33. Guidelines for Implementing Security Strategies 00:01:16
    34. Demo - Implementing Virtual Machine Snapshots 00:02:38
    35. Topic D: Manage Data Security Processes 00:00:24
    36. Data Security 00:00:54
    37. Data Security Vulnerabilities 00:00:52
    38. Data Storage Methods 00:01:14
    39. Data Encryption Methods 00:01:04
    40. Data Sensitivity 00:01:33
    41. Data Management Roles 00:01:29
    42. Data Retention 00:01:01
    43. Data Disposal 00:02:19
    44. Guidelines for Managing Data Security 00:00:54
    45. Demo - Destroying Data Securely 00:06:37
    46. Demo - Encrypting a Storage Device 00:03:49
    47. Topic E: Implement Physical Controls 00:00:26
    48. Physical Security Controls 00:01:20
    49. Physical Security Control Types 00:01:56
    50. Physical Security Controls Types (cont. Part 1) 00:01:38
    51. Physical Security Controls Types (cont. Part 2) 00:01:24
    52. Physical Security Controls Types (cont. Part 3) 00:00:47
    53. Environmental Exposures 00:00:36
    54. Environmental Controls 00:01:20
    55. Environmental Controls (cont.) 00:01:14
    56. Environmental Monitoring 00:00:37
    57. Safety 00:00:46
    58. Guidelines for Implementing Physical Controls 00:00:54
    59. Demo - Implementing Physical Controls 00:01:41
    60. Chapter 09 Review 00:00:31
  11. Chapter 10 - Addressing Security Issues
    1. Addressing Security Issues 00:01:00
    2. Topic A: Troubleshoot Common Security Issues 00:00:24
    3. Access Control Issues 00:01:54
    4. Encryption Issues 00:01:21
    5. Data Exfiltration 00:01:08
    6. Anomalies in Event Logs 00:01:22
    7. Security Configuration Issues 00:02:12
    8. Baseline Deviations 00:01:14
    9. Software Issues 00:01:11
    10. Personnel Issues 00:01:54
    11. Asset Management Issues 00:01:07
    12. Demo - Identifying Event Log Anomalies 00:03:42
    13. Topic B: Respond to Security Incidents 00:00:15
    14. Incident Response 00:00:51
    15. Incident Preparation 00:01:01
    16. Incident Detection and Analysis 00:00:58
    17. Incident Containment 00:00:49
    18. Incident Eradication 00:00:32
    19. Incident Recovery 00:01:02
    20. Lessons Learned 00:00:44
    21. Incident Response Plans 00:01:31
    22. First Responders 00:00:31
    23. An Incident Report 00:00:43
    24. Guidelines for Responding to Security Incidents 00:00:33
    25. Demo - Responding to a Security Incident 00:02:40
    26. Topic C: Investigate Security Incidents 00:00:18
    27. Computer Forensics 00:00:42
    28. The Basic Forensic Process 00:01:35
    29. Preservation of Forensic Data 00:01:35
    30. Basic Forensic Response Procedures 00:01:29
    31. Basic Forensic Response Procedure (cont.) 00:01:03
    32. Order of Volatility 00:00:35
    33. Chain of Custody 00:00:25
    34. Guidelines for Investigating Security Incidents 00:00:53
    35. Demo - Implementing Forensic Procedures 00:05:39
    36. Chapter 10 Review 00:00:33
  12. Chapter 11 - Ensuring Business Continuity
    1. Ensuring Business Continuity 00:00:44
    2. Topic A: Select Business Continuity and Disaster Recovery Processes 00:00:23
    3. Business Continuity and Disaster Recovery 00:01:55
    4. The Disaster Recovery Process 00:01:50
    5. Recovery Team 00:00:41
    6. Order of Restoration 00:01:47
    7. Recovery Sites 00:01:13
    8. Secure Recovery 00:00:34
    9. Backup Types (Full) 00:00:44
    10. Backup Types (Differential vs. Incremental) 00:01:37
    11. Secure Backups 00:01:21
    12. Geographic Considerations 00:01:28
    13. Guidelines for Selecting Business Continuity and Disaster Recovery Processes 00:01:28
    14. Demo - Selecting Business Continuity and Disaster Recovery Processes 00:02:15
    15. Topic B: Develop a Business Continuity Plan 00:00:17
    16. Business Continuity Plans 00:01:16
    17. Business Continuity Plans (cont.) 00:00:17
    18. Disaster Recovery Plans 00:01:00
    19. Disaster Recovery Plans (cont.) 00:00:25
    20. IT Contingency Plans 00:00:51
    21. Succession Plans 00:00:24
    22. Failover 00:01:09
    23. Alternate Business Practices 00:00:42
    24. Testing Exercises 00:01:06
    25. After-Action Reports 00:01:06
    26. Guidelines for Developing a BCP 00:00:58
    27. Demo - Developing a BCP 00:01:58
    28. Chapter 11 Review 00:00:26
    29. Course Closure 00:02:25