GIAC Security Essentials (GSEC)

Video description

11+ Hours of Video Instruction

GIAC Security Essentials (GSEC) Complete Video Course will provide the learner with everything they need to know for exam success, including all required key security concepts and terminologies, and effective techniques to detect and prevent all known attacks.

The GIAC Security Essentials (GSEC) Complete Video Course has been designed to provide the learner with complete exam objective coverage in order to prepare you for exam success! Security is considered one of the top IT fields for this new decade and beyond, and the GSEC exam is an important credential to achieve in order to continue your career advancement in IT security. This course has been organized to align with the objectives of the exam by the presenter, Michael J. Shannon, who is an expert in IT and security, with more than 30 years of experience. Michael has organized the course into 6 Modules:
Module 1: Network Security Essentials Module 2: Defense in Depth and Attacks Module 3: Threat Management Module 4: Cryptography, Risk Management, and Response Module 5: Windows Security Essentials Module 6: Linux Security Essentials
The course walks you through hands-on demonstrations of security concepts, as well as in-depth explanations and case studies of various security components, including threat & risk management, cryptography, and understanding how to navigate threats in both Windows and Linux operating systems. Michael also provides insight into the tools and utilities available for combatting security threats in each OS in order to prepare you for everything the exam can throw at you to ensure exam success.

About the Instructor

Michael J. Shannon began his IT career when he transitioned from recording studio engineer to network technician for a major telecommunications company in the early 1990s. He soon began to focus on security, and was one of the first 10 people to attain the HIPAA Certified Security Specialist. Throughout his 30 years in IT, he has worked as an employee, contractor, and consultant for several companies including Platinum Technologies, Fujitsu, IBM, State Farm, and MindSharp, among others. Mr. Shannon has authored several books, training manuals, published articles, and CBT modules over the years as well. He has attained the CISSP, CCNP Security, ITIL 4 Managing Professional, OpenFAIR, GSEC, and Security+ certifications in the security field. His hobbies are playing guitar, songwriting, trading cybercurrencies, and playing golf.

Skill Level
  • Beginner/Intermediate

Learn How To
  • Manage Network Security including Device, Web Communication, and Wireless Network Security
  • Prepare for malicious attacks by implementing active defense strategies
  • Assess threats through vulnerability scanning and managing penetration testing to ensure systems are prepared for attacks.
  • Apply cryptography and risk management strategies
  • Handle incident response and contingency plans
  • Work with tools and utilities Microsoft provides for security
  • Work with services and utilities Linux provides for security
  • Prepare for the GSEC exam with hours of repeatable hands-on demonstrations
  • Prepare for implementing, monitoring, and maintaining enterprise security in the real-world

Who Should Take This Course
The target audience for this course is anyone who wants to achieve the GIAC Security Essentials (GSEC) certification or learners who simply want to get a foundation in implementing real-world, cutting-edge security solutions on a path to more advanced security administration and engineering skills.
Course Requirements
Knowledge of information security fundamentals found in the GISF entry-level GIAC security certification or CompTIA Security+ is recommended but not required.
Lesson Descriptions
Module 1, “Network Security Essentials,” starts with TCP/IP Essentials. The lesson then moves on to critical security controls, access controls, and password management. This lesson also explores network security devices and device security; web communication security based on the Center for Internet Security (CIS), and wireless network security.
Module 2, "Defense in Depth and Attacks,” looks at malicious code and exploit mitigation, along with defense in depth and defensible network architecture. Lastly, this lesson covers active defense and implementing endpoint security.
Module 3,“Threat Management," discusses log management and SIEM. It then gets into vulnerability scanning, penetration testing, virtualization, and lastly, Cloud Security.
Module 4, “Cryptography, Risk Management, and Response,” evaluates cryptography concepts and algorithms, which will then be applied with security policies and procedures. Next, this lesson will cover IT risk management, as well as incident handling and response. Lastly, this lesson will cover several aspects of contingency planning.
Module 5, “Windows Security Essentials,” is a hands-on demonstration of Windows security infrastructure; Windows access controls and security policy enforcement; Network services; Azure cloud computing; and Windows Automation, Auditing, and Forensics.
Module 6,“Linux Security Essentials,” will also be hands-on demonstrations, but this lesson will cover all things Linux: Linux Security Structure, Permissions and Access, Linux server Hardening and Securing, Monitoring and Attack Detection, and Linux security utilities.
About Pearson Video Training
Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Sams, and Que. Topics include IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more. Learn more about Pearson Video training at

Table of contents

  1. Introduction
    1. GIAC Security Essentials (GSEC): Introduction
  2. Module 1: Network Security Essentials
    1. Module introduction
  3. Lesson 1: TCP/IP Essentials
    1. Learning objectives
    2. 1.1 Network Protocols and Reference Models
    3. 1.2 IPv4 vs. IPv6 and ICMP vs. ICMPv6
    4. 1.3 Layer 4 Protocols
    5. 1.4 Setting up a Lab Environment
    6. 1.5 Using tcpdump and Wireshark
  4. Lesson 2: Critical Controls
    1. Learning objectives
    2. 2.1 CIA Triad and Parkerian Hexad
    3. 2.2 Categories and Types of Controls
    4. 2.3 Understanding the Enterprise Architecture
    5. 2.4 Introduction to Threat Enumeration
  5. Lesson 3: Access Control Password Management
    1. Learning objectives
    2. 3.1 Access Control Concepts
    3. 3.2 Password Management
    4. 3.3 Introduction to Password Cracking
  6. Lesson 4: Network Security Devices and Device Security
    1. Learning objectives
    2. 4.1 Network Topologies and Zones
    3. 4.2 Overview of Network Devices and Hardening
    4. 4.3 Survey of Security Devices and Wireshark
    5. 4.4 Configuring Firewalls at Amazon Web Services
    6. 4.5 Exploring a Palo Alto Networks Next-Generation Firewall
    7. 4.6 Examining a Classic IPS Sensor Device
  7. Lesson 5: Web Communication Security
    1. Learning objectives
    2. 5.1 Introducing the Center for Internet Security (CIS)
    3. 5.2 Overview of CIS Controls
    4. 5.3 Samples and Case Studies
  8. Lesson 6: Wireless Network Security
    1. Learning objectives
    2. 6.1 The Evolution of IEEE 802.11 Security
    3. 6.2 WPA3 Security
    4. 6.3 PAN, NFC, and 5G Concepts
    5. 6.4 The Internet of Things (IoT)
  9. Module 2: Defense in Depth and Attacks
    1. Module introduction
  10. Lesson 7: Malicious Code Exploit Mitigation
    1. Learning objectives
    2. 7.1 Common Attack Types
    3. 7.2 CryptoMalware
    4. 7.3 Defensive Strategies
  11. Lesson 8: Defense in Depth and Defensible Network Architecture
    1. Learning objectives
    2. 8.1 Defense in Depth Overview and Strategies
    3. 8.2 Core Security Strategies
    4. 8.3 Defensible Network Architectures
  12. Lesson 9: Active Defense
    1. Learning objectives
    2. 9.1 Overview of Active Defense
    3. 9.2 Active Defense Techniques
    4. 9.3 Active Defense Tools
  13. Lesson 10: Endpoint Security
    1. Learning objectives
    2. 10.1 Overview of Endpoint Security
    3. 10.2 Host-based Intrusion Detection
    4. 10.3 Host-based Intrusion Prevention
    5. 10.4 Next-generation Endpoint Security Solutions
  14. Module 3: Threat Management
    1. Module introduction
  15. Lesson 11: Log Management SIEM
    1. Learning objectives
    2. 11.1 Overview of Logging
    3. 11.2 Logging System Setup and Configuration
    4. 11.3 Logging Analysis Fundamentals
    5. 11.4 Core SIEM Activities
  16. Lesson 12: Vulnerability Scanning and Penetration Testing
    1. Learning objectives
    2. 12.1 Overview of Vulnerability Management
    3. 12.2 Network Scanning
    4. 12.3 Using Xenmap and Yersinia
    5. 12.4 Penetration Testing
  17. Lesson 13: Virtualization and Cloud Security
    1. Learning objectives
    2. 13.1 Overview of Virtualization and VM Security
    3. 13.2 Cloud Models and Value Proposition
    4. 13.3 Common Attacks Against Cloud Services
    5. 13.4 Introduction to Microsoft Azure IAM
  18. Module 4: Cryptography, Risk Management, and Response
    1. Module introduction
  19. Lesson 14: Cryptography Concepts and Algorithms
    1. Learning objectives
    2. 14.1 Overview of Cryptology and Cryptosystems
    3. 14.2 Cryptographic Hashing
    4. 14.3 Symmetric Key Cryptography
    5. 14.4 Asymmetric Key Cryptography
  20. Lesson 15: Applied Cryptography
    1. Learning objectives
    2. 15.1 Digital Signatures
    3. 15.2 IPsec
    4. 15.3 SSL/TLS
    5. 15.4 Public Key Infrastructure
  21. Lesson 16: Security Policy
    1. Learning objectives
    2. 16.1 The Importance of Written Security Policies
    3. 16.2 Standards, Guidelines, and Procedures
    4. 16.3 Acceptable Use Policies
    5. 16.4 Survey of Sample Policies
  22. Lesson 17: IT Risk Management
    1. Learning objectives
    2. 17.1 Overview of Risk Management
    3. 17.2 Risk Management Best Practices
    4. 17.3 Threat Assessment, Analysis, and Reporting
  23. Lesson 18: Incident Handling and Response
    1. Learning objectives
    2. 18.1 Fundamentals of Incident Handling
    3. 18.2 Six Step Incident Response Process
    4. 18.3 Conducting a Forensic Investigation
  24. Lesson 19: Contingency Plans
    1. Learning objectives
    2. 19.1 Business Continuity Planning (BCP)
    3. 19.2 Business Impact Analysis (BIA)
    4. 19.3 Backups and Restoration
    5. 19.4 Disaster Recovery Planning (DRP)
  25. Module 5: Windows Security Essentials
    1. Module introduction
  26. Lesson 20: Windows Security Infrastructure
    1. Learning objectives
    2. 20.1 Operating Systems and Services
    3. 20.2 Windows Workgroups vs. Domains
    4. 20.3 Windows-as-a-Service
  27. Lesson 21: Windows Access Controls
    1. Learning objectives
    2. 21.1 NTFS and Shared Folder Permissions
    3. 21.2 Registry Keys and REGEDIT.EXE
    4. 21.3 Windows Privileges
    5. 21.4 Overview of BitLocker Drive Encryption
  28. Lesson 22: Enforcing Windows Security Policy
    1. Learning objectives
    2. 22.1 Security Templates and SCA Snap-in
    3. 22.2 Understanding Group Policy Objects
    4. 22.3 Administrative Users, AppLocker, and User Account Control
  29. Lesson 23: Windows Network Services and Cloud Computing
    1. Learning objectives
    2. 23.1 Azure and High Availability
    3. 23.2 Configuring Azure VM Attributes
    4. 23.3 Microsoft Azure Active Directory (MAAD)
  30. Lesson 24: Windows Automation, Auditing, and Forensics
    1. Learning objectives
    2. 24.1 Windows PowerShell
    3. 24.2 Administrative Tools and Utilities
    4. 24.3 Windows Auditing and Forensics
  31. Module 6: Linux Security Essentials
    1. Module introduction
  32. Lesson 25: Linux Security: Structure, Permissions and Access
    1. Learning objectives
    2. 25.1 Comparing Linux Operating Systems
    3. 25.2 Mobile Device Security
    4. 25.3 Linux Shells and Kernels
    5. 25.4 Linux Permissions
    6. 25.5 Linux User Accounts
  33. Lesson 26: Linux Services: Hardening and Securing
    1. Learning objectives
    2. 26.1 Starting Services at Boot Time
    3. 26.2 Configuration Management Tools
    4. 26.3 Linux Kernel Security
    5. 26.4 Linux System Enhancers
  34. Lesson 27: Linux: Monitoring and Attack Detection
    1. Learning objectives
    2. 27.1 Configuring and Monitoring Logs
    3. 27.2 Leveraging the Auditd tool
    4. 27.3 Linux Security Utilities
  35. Summary
    1. GIAC Security Essentials (GSEC): Summary

Product information

  • Title: GIAC Security Essentials (GSEC)
  • Author(s): Michael J. Shannon, Michael J. Shannon
  • Release date: September 2020
  • Publisher(s): Pearson
  • ISBN: 0136910513