LiveLessons
2 total works
11+ Hours of Video Instruction
GIAC Security Essentials (GSEC) Complete Video Course will provide the learner with everything they need to know for exam success, including all required key security concepts and terminologies, and effective techniques to detect and prevent all known attacks.
Overview The GIAC Security Essentials (GSEC) Complete Video Course has been designed to provide the learner with complete exam objective coverage in order to prepare you for exam success! Security is considered one of the top IT fields for this new decade and beyond, and the GSEC exam is an important credential to achieve in order to continue your career advancement in IT security. This course has been organized to align with the objectives of the exam by the presenter, Michael J. Shannon, who is an expert in IT and security, with more than 30 years of experience. Michael has organized the course into 6 Modules:
Module 1: Network Security Essentials Module 2: Defense in Depth and Attacks Module 3: Threat Management Module 4: Cryptography, Risk Management, and Response Module 5: Windows Security Essentials Module 6: Linux Security Essentials
The course walks you through hands-on demonstrations of security concepts, as well as in-depth explanations and case studies of various security components, including threat & risk management, cryptography, and understanding how to navigate threats in both Windows and Linux operating systems. Michael also provides insight into the tools and utilities available for combatting security threats in each OS in order to prepare you for everything the exam can throw at you to ensure exam success.
Skill Level
Learn How To
Who Should Take This Course
The target audience for this course is anyone who wants to achieve the GIAC Security Essentials (GSEC) certification or learners who simply want to get a foundation in implementing real-world, cutting-edge security solutions on a path to more advanced security administration and engineering skills.
Course Requirements
Knowledge of information security fundamentals found in the GISF entry-level GIAC security certification or CompTIA Security+ is recommended but not required.
Lesson Descriptions
Module 1, “Network Security Essentials,” starts with TCP/IP Essentials. The lesson then moves on to critical security controls, access controls, and password management. This lesson also explores network security devices and device security; web communication security based on the Center for Internet Security (CIS), and wireless network security.
Module 2, "Defense in Depth and Attacks,” looks at malicious code and exploit mitigation, along with defense in depth and defensible network architecture. Lastly, this lesson covers active defense and implementing endpoint security.
Module 3,“Threat Management," discusses log management and SIEM. It then gets into vulnerability scanning, penetration testing, virtualization, and lastly, Cloud Security.
Module 4, “Cryptography, Risk Management, and Response,” evaluates cryptography concepts and algorithms, which will then be applied with security policies and procedures. Next, this lesson will cover IT risk management, as well as incident handling and response. Lastly, this lesson will cover several aspects of contingency planning.
Module 5, “Windows Security Essentials,” is a hands-on demonstration of Windows security infrastructure; Windows access controls and security policy enforcement; Network services; Azure cloud computing; and Windows Automation, Auditing, and Forensics.
Module 6,“Linux Security Essentials,” will also be hands-on demonstrations, but this lesson will cover all things Linux: Linux Security Structure, Permissions and Access, Linux server Hardening and Securing, Monitoring and Attack Detection, and Linux security utilities.
About Pearson Video Training
Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Sams, and Que. Topics include IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more. Learn more about Pearson Video training at http://www.informit.com/video.
GIAC Security Essentials (GSEC) Complete Video Course will provide the learner with everything they need to know for exam success, including all required key security concepts and terminologies, and effective techniques to detect and prevent all known attacks.
Overview The GIAC Security Essentials (GSEC) Complete Video Course has been designed to provide the learner with complete exam objective coverage in order to prepare you for exam success! Security is considered one of the top IT fields for this new decade and beyond, and the GSEC exam is an important credential to achieve in order to continue your career advancement in IT security. This course has been organized to align with the objectives of the exam by the presenter, Michael J. Shannon, who is an expert in IT and security, with more than 30 years of experience. Michael has organized the course into 6 Modules:
Module 1: Network Security Essentials Module 2: Defense in Depth and Attacks Module 3: Threat Management Module 4: Cryptography, Risk Management, and Response Module 5: Windows Security Essentials Module 6: Linux Security Essentials
The course walks you through hands-on demonstrations of security concepts, as well as in-depth explanations and case studies of various security components, including threat & risk management, cryptography, and understanding how to navigate threats in both Windows and Linux operating systems. Michael also provides insight into the tools and utilities available for combatting security threats in each OS in order to prepare you for everything the exam can throw at you to ensure exam success.
Skill Level
- Beginner/Intermediate
Learn How To
- Manage Network Security including Device, Web Communication, and Wireless Network Security
- Prepare for malicious attacks by implementing active defense strategies
- Assess threats through vulnerability scanning and managing penetration testing to ensure systems are prepared for attacks.
- Apply cryptography and risk management strategies
- Handle incident response and contingency plans
- Work with tools and utilities Microsoft provides for security
- Work with services and utilities Linux provides for security
- Prepare for the GSEC exam with hours of repeatable hands-on demonstrations
- Prepare for implementing, monitoring, and maintaining enterprise security in the real-world
Who Should Take This Course
The target audience for this course is anyone who wants to achieve the GIAC Security Essentials (GSEC) certification or learners who simply want to get a foundation in implementing real-world, cutting-edge security solutions on a path to more advanced security administration and engineering skills.
Course Requirements
Knowledge of information security fundamentals found in the GISF entry-level GIAC security certification or CompTIA Security+ is recommended but not required.
Lesson Descriptions
Module 1, “Network Security Essentials,” starts with TCP/IP Essentials. The lesson then moves on to critical security controls, access controls, and password management. This lesson also explores network security devices and device security; web communication security based on the Center for Internet Security (CIS), and wireless network security.
Module 2, "Defense in Depth and Attacks,” looks at malicious code and exploit mitigation, along with defense in depth and defensible network architecture. Lastly, this lesson covers active defense and implementing endpoint security.
Module 3,“Threat Management," discusses log management and SIEM. It then gets into vulnerability scanning, penetration testing, virtualization, and lastly, Cloud Security.
Module 4, “Cryptography, Risk Management, and Response,” evaluates cryptography concepts and algorithms, which will then be applied with security policies and procedures. Next, this lesson will cover IT risk management, as well as incident handling and response. Lastly, this lesson will cover several aspects of contingency planning.
Module 5, “Windows Security Essentials,” is a hands-on demonstration of Windows security infrastructure; Windows access controls and security policy enforcement; Network services; Azure cloud computing; and Windows Automation, Auditing, and Forensics.
Module 6,“Linux Security Essentials,” will also be hands-on demonstrations, but this lesson will cover all things Linux: Linux Security Structure, Permissions and Access, Linux server Hardening and Securing, Monitoring and Attack Detection, and Linux security utilities.
About Pearson Video Training
Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Sams, and Que. Topics include IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more. Learn more about Pearson Video training at http://www.informit.com/video.
13+ Hours of Video Instruction
Overview
CompTIA Security+ (SY0-401) Complete Video Course is an engaging self-paced video training solution that provides learners with over 13 hours of personal, visual instruction from an expert trainer who has over a decade of practical teaching experience. Through the use of topic-focused instructional videos you will gain an in-depth understanding of the CompTIA Security+ SY0-401 exam as well as a deeper understanding of security so you master the key foundational principles for securing a network and managing risk. Included with the product are dynamic and interactive hands-on exercises and quizzes so you can test your knowledge while you study. The course also includes a practice exam which is based on the updated Security + exam.
Description
CompTIA Security+ (SY0-401) Complete Video Course contains over 13 hours of training with content divided into 6 parts with 32 video lessons. The videos consist of live trainer discussions, screencasts, animations, and live demos. The video lessons in this course review each exam objective so you can use this course as a complete study tool for taking the CompTIA Security+ SY0-401 exam. Instruction throughout offers detailed explanations, demos, tips, and more.
This Complete Video Course also includes interactive hands-on exercises available on the course's streaming site to help you further study for the exam. Section quizzes, glossary quizzes, and a practice final exam are also presented through the course's interactive site so you have all the material needed to prepare for the exam.
Major sections are as follows:
Part 1: Understanding Network Security
Lesson 1: Understanding Enterprise Security Concepts
Lesson 2: Identifying Infrastructure Devices
Lesson 3: Understanding Security Devices and Systems
Lesson 4: Explaining Network Design Components
Lesson 5: Exploring Secure Network Administration
Lesson 6: Wireless Networking Security
Lesson 7: Part 1 Summary
Part 2: Understanding Threats and Vulnerabilities
Lesson 8: Recognizing Malware Types
Lesson 9: Exploring Prevalent Attack Methods
Lesson 10: Understanding Threat Management
Lesson 11: Deploying Threat Discovery Tools
Lesson 12: Part 2 Summary
Part 3: Understanding Compliance and Operational Security
Lesson 13: Understanding Risk Related Concepts
Lesson 14: Examining the Importance for Security Awareness
Lesson 15: Exploring Incident Response and Forensics
Lesson 16: Implementing Physical Security and Environmental Controls
Lesson 17: Part 3 Summary
Part 4: Understanding Application, Data, and Host Security
Lesson 18: Examining Application Attack Types
Lesson 19: Explaining Application Security Controls and Techniques
Lesson 20: Summarizing Mobile Security Concepts
Lesson 21: Establishing Host Security
Lesson 22: Understanding Data Security Controls
Lesson 23: Part 4 Summary
Part 5: Understanding Access Control and Identity Management
Lesson 24: Understanding AAA Services
Lesson 25: Comparing Authentication Services
Lesson 26: Securing Account Management
Lesson 27: Part 5 Summary
Part 6: Understanding Cryptography
Lesson 28: Exploring Cryptographic Concepts
Lesson 29: Understanding Choices in Algorithms and Methods
Lesson 30: Exploring Protocols for Secure Transport
Lesson 31: Understanding PKI
Lesson 32: Part 6 Summary
About the Instructor
Michael J Shannon began his IT career when he transitioned from recording studio engineer to network engineer for a major telecommunications company in the early 1990's. He began to focus on security and was one of the first 10 people to attain the HIPAA Certified Security Specialist. He has worked as an employee, contractor, and consultant for several companies including Platinum Technologies, Fujitsu, IBM, State Farm, and MindSharp among others. He has attained the CCSI, CCNP Security, CISSP, ITIL Intermediate SO and RCV, and Security+ certifications in the security field. He is presently a senior technical instructor for Skillsoft Corp.
Skill Level
Beginning to intermediate
Who Should Take This Course
Primary audience-CompTIA Security+ certification candidates
Secondary audience-Anyone in an information security role looking to gain a practical understanding of computer security. This includes administrators, technicians, and network engineers who are responsible for securing IT infrastructure, and additionally the personnel in management or sales roles that deal with information security topics. Government workers and contractors looking to work in security.
Course Requirements
2-3 years of experience in IT networking, network storage, or data center administration
Table of Contents
Part 1-Understanding Network Security
Lesson 1: Understanding Enterprise Security Concepts
1.1 Introducing Security+
1.2 Defining CIA, Control Types, and Control Methods
Lesson 2: Identifying Infrastructure Devices
2.1 Defining Switches, Routers, and Multilayer Switches
2.2 Understanding Load Balancers, Proxies, and Gateways
2.3 Identifying Clients and Servers
2.4 Discovering Specialty and Emerging Technology
Lesson 3: Understanding Security Devices and Systems
3.1 Using Firewalls
3.2 Using IDS and IPS
3.3 Using VPN Gateways and Concentrators
3.4 Using Application Layer Inspection
3.5 Using Unified Threat Management
Lesson 4: Explaining Network Design Components
4.1 Defining Subnetting and Summarization
4.2 Defining VLANs and PVLANs
4.3 Defining NAT and PAT
4.4 Defining Security Zones and DMZs
4.5 Defining Defense in Depth
4.6 Defining Telephony and Conferencing
4.7 Defining Virtualization
4.8 Defining Cloud Computing and Personal Cloud Services
4.9 Defining NAC and Remote Access
Lesson 5: Exploring Secure Network Administration
5.1 Understanding Security Policies
5.2 Common Protocols and Services
5.3 Exploring Management Protocols and Services
5.4 Examining Rule-Based vs. Role-Based
5.5 Implementing Local and Centralized Management
5.6 Exploring Layer 2 Security Administration
5.7 Exploring Layer 3 Security Administration
Lesson 6: Wireless Networking Security
6.1 Understanding Wireless Fundamentals
6.2 Deploying Wireless Networks
6.3 Surveying the Evolution of Wireless Security
Lesson 7: Part 1 Summary
7.1 Part 1 Summary
Part 2-Understanding Threats and Vulnerabilities
Lesson 8: Recognizing Malware Types
8.1 Defining Threats and Vulnerabilities
8.2 Recognizing Prevalent Malware Types
8.3 Recognizing Polymorphic, Hybrid, and Emerging Malware
Lesson 9: Exploring Prevalent Attack Methods
9.1 Defining Spoofing and Man-in-the-middle
9.2 Defining DoS, DDoS, Flooding, and Replaying
9.3 Defining Spam, Spim, Phishing, Whaling, Pharming, and Vishing
9.4 Defining Password Cracking and Poisoning
9.5 Defining Specialty Web Attacks
9.6 Defining Social Engineering Attacks
9.7 Surveying Wireless Attacks
Lesson 10: Understanding Threat Management
10.1 Examining Device Hardening
10.2 Examining Monitoring and Logging
10.3 Examining Reporting
Lesson 11: Deploying Threat Discovery Tools
11.1 Understanding Assessment Concepts
11.2 Surveying Assessment Tools and Vulnerability Scanning
11.3 Explaining Penetration Testing
11.4 Examining White, Gray and Black Box Testing
Lesson 12: Part 2 Summary
12.1 Part 2 Summary
Part 3-Understanding Compliance and Operational Security
Lesson 13: Understanding Risk Related Concepts
13.1 Examining Risk Reduction Principles
13.2 Comparing Quantitative vs. Qualitative Analysis
13.3 Calculating Risk
13.4 Handling Risk
13.5 Understanding Risks of 3rd Party Integration
13.6 Mitigating Risk
13.7 Recognizing Risk Management Best Practices
13.8 Surveying Fault Tolerance
13.9 Understanding Disaster Recovery Concepts
Lesson 14: Examining the Importance for Security Awareness
14.1 Recognizing the Need for Training
14.2 Examining Information Classification
14.3 Recognizing User Habits
Lesson 15: Exploring Incident Response and Forensics
15.1 Understanding the Need for an IRT
15.2 Summarizing the Incident Response Process
15.3 Recognizing Recovery and Reconstitution Procedures
15.4 Describing Network Forensics
15.5 Implementing Basic Forensic Procedures
Lesson 16: Implementing Physical Security and Environmental Controls
16.1 Recognizing Control Types
16.2 Survey of Physical Security Mechanisms
16.3 Environmental Controls
Lesson 17: Part 3 Summary
17.1 Part 3 Summary
Part 4-Understanding Application, Data, and Host Security
Lesson 18: Examining Application Attack Types
18.1 Defining the Primary Application Attacks
18.2 Defining Injection Attacks
18.3 Defining Other Common Application Attacks
Lesson 19: Explaining Application Security Controls and Techniques
19.1 Understanding Secure Coding Concepts
19.2 Mitigating Application Attacks
Lesson 20: Summarizing Mobile Security Concepts
20.1 Exploring Mobile Device Security Methods
20.2 Surveying Mobile Application Security
20.3 Understanding BYOD Issues and Concerns
Lesson 21: Establishing Host Security
21.1 Examining OS Hardening and Security Settings
21.2 Examining Host-Based Firewalls and IPS
21.3 Examining Endpoint Virtualization and Cloud Services
21.4 Examining Host Hardware Security
Lesson 22: Understanding Data Security Controls
22.1 Surveying Storage Types
22.2 Understanding Data Encryption
22.3 Applying Permissions, Access Controls, and Data Policies
22.4 Exploring Alternative Countermeasures
Lesson 23: Part 4 Summary
23.1 Part 4 Summary
Part 5-Understanding Access Control and Identity Management
Lesson 24: Understanding AAA Services
24.1 Defining Authentication Factors
24.2 Exploring Authentication/Identification Methods
24.3 Understanding Authorization
24.4 Examining Accounting
Lesson 25: Comparing AAA Services
25.1 Comparing RADIUS vs. TACACS+ vs. XTACACS
25.2 Examining LDAP, Kerberos, and SAML
Lesson 26: Securing Account Management
26.1 Exploring Common Challenges
26.2 Enforcing Account Policy
26.3 Examining User and Group Accounts
26.4 Striving for Continual Improvement
Lesson 27: Part 5 Summary
27.1 Part 5 Summary
Part 6-Understanding Cryptography
Lesson 28 Exploring Cryptographic Concepts
28.1 Explaining Cryptographic Mechanisms
28.2 Adding Non-Repudiation to CIA
28.3 Comparing Steganography and Covert and Overt Channels
Lesson 29 Understanding Choices in Algorithms and Methods
29.1 Examining Hashing Algorithms
29.2 Examining Symmetric Cryptography
29.3 Examining Asymmetric Cryptography
29.4 Examining The RC Family of Algorithms
29.5 Examining NTLM, NTLMv2, and OTP
Lesson 30 Exploring Protocols for Secure Transport
30.1 Understanding IPSEC
30.2 Understanding SSL/TLS
30.1 Understanding SSH
Lesson 31 Understanding PKI
31.1 Discovering Public Key Infrastructure
31.2 Explaining Certificate Authorities and Management
31.4 Exploring Digital Signatures
Lesson 32: Part 6 Summary
32.1 Part 6 Summary
About LiveLessons Video Training
LiveLessons Video Training series publishes hundreds of hands-on, expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. This professional and personal technology video series features world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, IBM Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include: IT Certification, Programming, Web Development, Mobile Development, Home and Office Technologies, Business and Management, and more. View all LiveLessons at http://www.pearsonitcertification.com/livelessons
Overview
CompTIA Security+ (SY0-401) Complete Video Course is an engaging self-paced video training solution that provides learners with over 13 hours of personal, visual instruction from an expert trainer who has over a decade of practical teaching experience. Through the use of topic-focused instructional videos you will gain an in-depth understanding of the CompTIA Security+ SY0-401 exam as well as a deeper understanding of security so you master the key foundational principles for securing a network and managing risk. Included with the product are dynamic and interactive hands-on exercises and quizzes so you can test your knowledge while you study. The course also includes a practice exam which is based on the updated Security + exam.
Description
CompTIA Security+ (SY0-401) Complete Video Course contains over 13 hours of training with content divided into 6 parts with 32 video lessons. The videos consist of live trainer discussions, screencasts, animations, and live demos. The video lessons in this course review each exam objective so you can use this course as a complete study tool for taking the CompTIA Security+ SY0-401 exam. Instruction throughout offers detailed explanations, demos, tips, and more.
This Complete Video Course also includes interactive hands-on exercises available on the course's streaming site to help you further study for the exam. Section quizzes, glossary quizzes, and a practice final exam are also presented through the course's interactive site so you have all the material needed to prepare for the exam.
Major sections are as follows:
Part 1: Understanding Network Security
Lesson 1: Understanding Enterprise Security Concepts
Lesson 2: Identifying Infrastructure Devices
Lesson 3: Understanding Security Devices and Systems
Lesson 4: Explaining Network Design Components
Lesson 5: Exploring Secure Network Administration
Lesson 6: Wireless Networking Security
Lesson 7: Part 1 Summary
Part 2: Understanding Threats and Vulnerabilities
Lesson 8: Recognizing Malware Types
Lesson 9: Exploring Prevalent Attack Methods
Lesson 10: Understanding Threat Management
Lesson 11: Deploying Threat Discovery Tools
Lesson 12: Part 2 Summary
Part 3: Understanding Compliance and Operational Security
Lesson 13: Understanding Risk Related Concepts
Lesson 14: Examining the Importance for Security Awareness
Lesson 15: Exploring Incident Response and Forensics
Lesson 16: Implementing Physical Security and Environmental Controls
Lesson 17: Part 3 Summary
Part 4: Understanding Application, Data, and Host Security
Lesson 18: Examining Application Attack Types
Lesson 19: Explaining Application Security Controls and Techniques
Lesson 20: Summarizing Mobile Security Concepts
Lesson 21: Establishing Host Security
Lesson 22: Understanding Data Security Controls
Lesson 23: Part 4 Summary
Part 5: Understanding Access Control and Identity Management
Lesson 24: Understanding AAA Services
Lesson 25: Comparing Authentication Services
Lesson 26: Securing Account Management
Lesson 27: Part 5 Summary
Part 6: Understanding Cryptography
Lesson 28: Exploring Cryptographic Concepts
Lesson 29: Understanding Choices in Algorithms and Methods
Lesson 30: Exploring Protocols for Secure Transport
Lesson 31: Understanding PKI
Lesson 32: Part 6 Summary
About the Instructor
Michael J Shannon began his IT career when he transitioned from recording studio engineer to network engineer for a major telecommunications company in the early 1990's. He began to focus on security and was one of the first 10 people to attain the HIPAA Certified Security Specialist. He has worked as an employee, contractor, and consultant for several companies including Platinum Technologies, Fujitsu, IBM, State Farm, and MindSharp among others. He has attained the CCSI, CCNP Security, CISSP, ITIL Intermediate SO and RCV, and Security+ certifications in the security field. He is presently a senior technical instructor for Skillsoft Corp.
Skill Level
Beginning to intermediate
Who Should Take This Course
Primary audience-CompTIA Security+ certification candidates
Secondary audience-Anyone in an information security role looking to gain a practical understanding of computer security. This includes administrators, technicians, and network engineers who are responsible for securing IT infrastructure, and additionally the personnel in management or sales roles that deal with information security topics. Government workers and contractors looking to work in security.
Course Requirements
2-3 years of experience in IT networking, network storage, or data center administration
Table of Contents
Part 1-Understanding Network Security
Lesson 1: Understanding Enterprise Security Concepts
1.1 Introducing Security+
1.2 Defining CIA, Control Types, and Control Methods
Lesson 2: Identifying Infrastructure Devices
2.1 Defining Switches, Routers, and Multilayer Switches
2.2 Understanding Load Balancers, Proxies, and Gateways
2.3 Identifying Clients and Servers
2.4 Discovering Specialty and Emerging Technology
Lesson 3: Understanding Security Devices and Systems
3.1 Using Firewalls
3.2 Using IDS and IPS
3.3 Using VPN Gateways and Concentrators
3.4 Using Application Layer Inspection
3.5 Using Unified Threat Management
Lesson 4: Explaining Network Design Components
4.1 Defining Subnetting and Summarization
4.2 Defining VLANs and PVLANs
4.3 Defining NAT and PAT
4.4 Defining Security Zones and DMZs
4.5 Defining Defense in Depth
4.6 Defining Telephony and Conferencing
4.7 Defining Virtualization
4.8 Defining Cloud Computing and Personal Cloud Services
4.9 Defining NAC and Remote Access
Lesson 5: Exploring Secure Network Administration
5.1 Understanding Security Policies
5.2 Common Protocols and Services
5.3 Exploring Management Protocols and Services
5.4 Examining Rule-Based vs. Role-Based
5.5 Implementing Local and Centralized Management
5.6 Exploring Layer 2 Security Administration
5.7 Exploring Layer 3 Security Administration
Lesson 6: Wireless Networking Security
6.1 Understanding Wireless Fundamentals
6.2 Deploying Wireless Networks
6.3 Surveying the Evolution of Wireless Security
Lesson 7: Part 1 Summary
7.1 Part 1 Summary
Part 2-Understanding Threats and Vulnerabilities
Lesson 8: Recognizing Malware Types
8.1 Defining Threats and Vulnerabilities
8.2 Recognizing Prevalent Malware Types
8.3 Recognizing Polymorphic, Hybrid, and Emerging Malware
Lesson 9: Exploring Prevalent Attack Methods
9.1 Defining Spoofing and Man-in-the-middle
9.2 Defining DoS, DDoS, Flooding, and Replaying
9.3 Defining Spam, Spim, Phishing, Whaling, Pharming, and Vishing
9.4 Defining Password Cracking and Poisoning
9.5 Defining Specialty Web Attacks
9.6 Defining Social Engineering Attacks
9.7 Surveying Wireless Attacks
Lesson 10: Understanding Threat Management
10.1 Examining Device Hardening
10.2 Examining Monitoring and Logging
10.3 Examining Reporting
Lesson 11: Deploying Threat Discovery Tools
11.1 Understanding Assessment Concepts
11.2 Surveying Assessment Tools and Vulnerability Scanning
11.3 Explaining Penetration Testing
11.4 Examining White, Gray and Black Box Testing
Lesson 12: Part 2 Summary
12.1 Part 2 Summary
Part 3-Understanding Compliance and Operational Security
Lesson 13: Understanding Risk Related Concepts
13.1 Examining Risk Reduction Principles
13.2 Comparing Quantitative vs. Qualitative Analysis
13.3 Calculating Risk
13.4 Handling Risk
13.5 Understanding Risks of 3rd Party Integration
13.6 Mitigating Risk
13.7 Recognizing Risk Management Best Practices
13.8 Surveying Fault Tolerance
13.9 Understanding Disaster Recovery Concepts
Lesson 14: Examining the Importance for Security Awareness
14.1 Recognizing the Need for Training
14.2 Examining Information Classification
14.3 Recognizing User Habits
Lesson 15: Exploring Incident Response and Forensics
15.1 Understanding the Need for an IRT
15.2 Summarizing the Incident Response Process
15.3 Recognizing Recovery and Reconstitution Procedures
15.4 Describing Network Forensics
15.5 Implementing Basic Forensic Procedures
Lesson 16: Implementing Physical Security and Environmental Controls
16.1 Recognizing Control Types
16.2 Survey of Physical Security Mechanisms
16.3 Environmental Controls
Lesson 17: Part 3 Summary
17.1 Part 3 Summary
Part 4-Understanding Application, Data, and Host Security
Lesson 18: Examining Application Attack Types
18.1 Defining the Primary Application Attacks
18.2 Defining Injection Attacks
18.3 Defining Other Common Application Attacks
Lesson 19: Explaining Application Security Controls and Techniques
19.1 Understanding Secure Coding Concepts
19.2 Mitigating Application Attacks
Lesson 20: Summarizing Mobile Security Concepts
20.1 Exploring Mobile Device Security Methods
20.2 Surveying Mobile Application Security
20.3 Understanding BYOD Issues and Concerns
Lesson 21: Establishing Host Security
21.1 Examining OS Hardening and Security Settings
21.2 Examining Host-Based Firewalls and IPS
21.3 Examining Endpoint Virtualization and Cloud Services
21.4 Examining Host Hardware Security
Lesson 22: Understanding Data Security Controls
22.1 Surveying Storage Types
22.2 Understanding Data Encryption
22.3 Applying Permissions, Access Controls, and Data Policies
22.4 Exploring Alternative Countermeasures
Lesson 23: Part 4 Summary
23.1 Part 4 Summary
Part 5-Understanding Access Control and Identity Management
Lesson 24: Understanding AAA Services
24.1 Defining Authentication Factors
24.2 Exploring Authentication/Identification Methods
24.3 Understanding Authorization
24.4 Examining Accounting
Lesson 25: Comparing AAA Services
25.1 Comparing RADIUS vs. TACACS+ vs. XTACACS
25.2 Examining LDAP, Kerberos, and SAML
Lesson 26: Securing Account Management
26.1 Exploring Common Challenges
26.2 Enforcing Account Policy
26.3 Examining User and Group Accounts
26.4 Striving for Continual Improvement
Lesson 27: Part 5 Summary
27.1 Part 5 Summary
Part 6-Understanding Cryptography
Lesson 28 Exploring Cryptographic Concepts
28.1 Explaining Cryptographic Mechanisms
28.2 Adding Non-Repudiation to CIA
28.3 Comparing Steganography and Covert and Overt Channels
Lesson 29 Understanding Choices in Algorithms and Methods
29.1 Examining Hashing Algorithms
29.2 Examining Symmetric Cryptography
29.3 Examining Asymmetric Cryptography
29.4 Examining The RC Family of Algorithms
29.5 Examining NTLM, NTLMv2, and OTP
Lesson 30 Exploring Protocols for Secure Transport
30.1 Understanding IPSEC
30.2 Understanding SSL/TLS
30.1 Understanding SSH
Lesson 31 Understanding PKI
31.1 Discovering Public Key Infrastructure
31.2 Explaining Certificate Authorities and Management
31.4 Exploring Digital Signatures
Lesson 32: Part 6 Summary
32.1 Part 6 Summary
About LiveLessons Video Training
LiveLessons Video Training series publishes hundreds of hands-on, expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. This professional and personal technology video series features world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, IBM Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include: IT Certification, Programming, Web Development, Mobile Development, Home and Office Technologies, Business and Management, and more. View all LiveLessons at http://www.pearsonitcertification.com/livelessons