Your Career
Training Marketplace

Sign in SIGN UP FREE
Browse Catalog
Business Skills
All Your Business Training Needs In One Place.
- Choose a Category
- Business Essentials eLearning Library
  - Equip yourself with the skills you’ll need for your everyday business tasks. Everything from leadership and business concepts to IT, finance and more.
    Read More Register Now
    Instant Access
    From Anywhere
    
    Unlimited
    Viewing
    
    6-12 Months
    To Complete
- Request On-Site Training
  - With TrainUp’s On-Site Training Services, you get:
    Dedicated Private Event Representative Tenured & Award-Winning Instructor
    Customized Training Curriculum
    Affordable Cost Per Participant
    Flexible Scheduling
    …We bring the best to you!
    View More Info Request on-site training
- Corporate Discounts
  - TrainUp offers discounts to corporations buying content for multiple users. Please contact us to learn more.
    Contact Us (866) 540-9677
Finance
All Your Finance Training Needs In One Place.
- Choose a Category
- Business Essentials eLearning Library
  - Equip yourself with the skills you’ll need for your everyday business tasks. Everything from leadership and business concepts to IT, finance and more.
    Read More Register Now
    Instant Access
    From Anywhere
    
    Unlimited
    Viewing
    
    6-12 Months
    To Complete
- Request On-Site Training
  - With TrainUp’s On-Site Training Services, you get:
    Dedicated Private Event Representative Tenured & Award-Winning Instructor
    Customized Training Curriculum
    Affordable Cost Per Participant
    Flexible Scheduling
    …We bring the best to you!
    View More Info Request on-site training
- Corporate Discounts
  - TrainUp offers discounts to corporations buying content for multiple users. Please contact us to learn more.
    Contact Us (866) 540-9677
Health Care
All Your Health Care Training Needs In One Place.
- Choose a Category
- Business Essentials eLearning Library
  - Equip yourself with the skills you’ll need for your everyday business tasks. Everything from leadership and business concepts to IT, finance and more.
    Read More Register Now
    Instant Access
    From Anywhere
    
    Unlimited
    Viewing
    
    6-12 Months
    To Complete
- Request On-Site Training
  - With TrainUp’s On-Site Training Services, you get:
    Dedicated Private Event Representative Tenured & Award-Winning Instructor
    Customized Training Curriculum
    Affordable Cost Per Participant
    Flexible Scheduling
    …We bring the best to you!
    View More Info Request on-site training
- Corporate Discounts
  - TrainUp offers discounts to corporations buying content for multiple users. Please contact us to learn more.
    Contact Us (866) 540-9677
Human Resources
All Your Human Resources Training Needs In One Place.
- Choose a Category
- Business Essentials eLearning Library
  - Equip yourself with the skills you’ll need for your everyday business tasks. Everything from leadership and business concepts to IT, finance and more.
    Read More Register Now
    Instant Access
    From Anywhere
    
    Unlimited
    Viewing
    
    6-12 Months
    To Complete
- Request On-Site Training
  - With TrainUp’s On-Site Training Services, you get:
    Dedicated Private Event Representative Tenured & Award-Winning Instructor
    Customized Training Curriculum
    Affordable Cost Per Participant
    Flexible Scheduling
    …We bring the best to you!
    View More Info Request on-site training
- Corporate Discounts
  - TrainUp offers discounts to corporations buying content for multiple users. Please contact us to learn more.
    Contact Us (866) 540-9677
Industrial
All Your Industrial Training Needs In One Place.
- Choose a Category
- Business Essentials eLearning Library
  - Equip yourself with the skills you’ll need for your everyday business tasks. Everything from leadership and business concepts to IT, finance and more.
    Read More Register Now
    Instant Access
    From Anywhere
    
    Unlimited
    Viewing
    
    6-12 Months
    To Complete
- Request On-Site Training
  - With TrainUp’s On-Site Training Services, you get:
    Dedicated Private Event Representative Tenured & Award-Winning Instructor
    Customized Training Curriculum
    Affordable Cost Per Participant
    Flexible Scheduling
    …We bring the best to you!
    View More Info Request on-site training
- Corporate Discounts
  - TrainUp offers discounts to corporations buying content for multiple users. Please contact us to learn more.
    Contact Us (866) 540-9677
Information Technology
All Your IT Training Needs In One Place.
- Choose a Category
- Business Essentials eLearning Library
  - Equip yourself with the skills you’ll need for your everyday business tasks. Everything from leadership and business concepts to IT, finance and more.
    Read More Register Now
    Instant Access
    From Anywhere
    
    Unlimited
    Viewing
    
    6-12 Months
    To Complete
- Request On-Site Training
  - With TrainUp’s On-Site Training Services, you get:
    Dedicated Private Event Representative Tenured & Award-Winning Instructor
    Customized Training Curriculum
    Affordable Cost Per Participant
    Flexible Scheduling
    …We bring the best to you!
    View More Info Request on-site training
- Corporate Discounts
  - TrainUp offers discounts to corporations buying content for multiple users. Please contact us to learn more.
    Contact Us (866) 540-9677
Legal
All Your Legal Training Needs In One Place.
- Choose a Category
- Business Essentials eLearning Library
  - Equip yourself with the skills you’ll need for your everyday business tasks. Everything from leadership and business concepts to IT, finance and more.
    Read More Register Now
    Instant Access
    From Anywhere
    
    Unlimited
    Viewing
    
    6-12 Months
    To Complete
- Request On-Site Training
  - With TrainUp’s On-Site Training Services, you get:
    Dedicated Private Event Representative Tenured & Award-Winning Instructor
    Customized Training Curriculum
    Affordable Cost Per Participant
    Flexible Scheduling
    …We bring the best to you!
    View More Info Request on-site training
- Corporate Discounts
  - TrainUp offers discounts to corporations buying content for multiple users. Please contact us to learn more.
    Contact Us (866) 540-9677

Questions? Call Toll-Free: 1-866-540-9677

Business Skills
All Your Business Training Needs In One Place.
- Choose a Category
- Business Essentials eLearning Library
  - Equip yourself with the skills you’ll need for your everyday business tasks. Everything from leadership and business concepts to IT, finance and more.
    Read More Register Now
    Instant Access
    From Anywhere
    
    Unlimited
    Viewing
    
    6-12 Months
    To Complete
- Request On-Site Training
  - With TrainUp’s On-Site Training Services, you get:
    Dedicated Private Event Representative Tenured & Award-Winning Instructor
    Customized Training Curriculum
    Affordable Cost Per Participant
    Flexible Scheduling
    …We bring the best to you!
    View More Info Request on-site training
- Corporate Discounts
  - TrainUp offers discounts to corporations buying content for multiple users. Please contact us to learn more.
    Contact Us (866) 540-9677
Finance
All Your Finance Training Needs In One Place.
- Choose a Category
- Business Essentials eLearning Library
  - Equip yourself with the skills you’ll need for your everyday business tasks. Everything from leadership and business concepts to IT, finance and more.
    Read More Register Now
    Instant Access
    From Anywhere
    
    Unlimited
    Viewing
    
    6-12 Months
    To Complete
- Request On-Site Training
  - With TrainUp’s On-Site Training Services, you get:
    Dedicated Private Event Representative Tenured & Award-Winning Instructor
    Customized Training Curriculum
    Affordable Cost Per Participant
    Flexible Scheduling
    …We bring the best to you!
    View More Info Request on-site training
- Corporate Discounts
  - TrainUp offers discounts to corporations buying content for multiple users. Please contact us to learn more.
    Contact Us (866) 540-9677
Health Care
All Your Health Care Training Needs In One Place.
- Choose a Category
- Business Essentials eLearning Library
  - Equip yourself with the skills you’ll need for your everyday business tasks. Everything from leadership and business concepts to IT, finance and more.
    Read More Register Now
    Instant Access
    From Anywhere
    
    Unlimited
    Viewing
    
    6-12 Months
    To Complete
- Request On-Site Training
  - With TrainUp’s On-Site Training Services, you get:
    Dedicated Private Event Representative Tenured & Award-Winning Instructor
    Customized Training Curriculum
    Affordable Cost Per Participant
    Flexible Scheduling
    …We bring the best to you!
    View More Info Request on-site training
- Corporate Discounts
  - TrainUp offers discounts to corporations buying content for multiple users. Please contact us to learn more.
    Contact Us (866) 540-9677
Human Resources
All Your Human Resources Training Needs In One Place.
- Choose a Category
- Business Essentials eLearning Library
  - Equip yourself with the skills you’ll need for your everyday business tasks. Everything from leadership and business concepts to IT, finance and more.
    Read More Register Now
    Instant Access
    From Anywhere
    
    Unlimited
    Viewing
    
    6-12 Months
    To Complete
- Request On-Site Training
  - With TrainUp’s On-Site Training Services, you get:
    Dedicated Private Event Representative Tenured & Award-Winning Instructor
    Customized Training Curriculum
    Affordable Cost Per Participant
    Flexible Scheduling
    …We bring the best to you!
    View More Info Request on-site training
- Corporate Discounts
  - TrainUp offers discounts to corporations buying content for multiple users. Please contact us to learn more.
    Contact Us (866) 540-9677
Industrial
All Your Industrial Training Needs In One Place.
- Choose a Category
- Business Essentials eLearning Library
  - Equip yourself with the skills you’ll need for your everyday business tasks. Everything from leadership and business concepts to IT, finance and more.
    Read More Register Now
    Instant Access
    From Anywhere
    
    Unlimited
    Viewing
    
    6-12 Months
    To Complete
- Request On-Site Training
  - With TrainUp’s On-Site Training Services, you get:
    Dedicated Private Event Representative Tenured & Award-Winning Instructor
    Customized Training Curriculum
    Affordable Cost Per Participant
    Flexible Scheduling
    …We bring the best to you!
    View More Info Request on-site training
- Corporate Discounts
  - TrainUp offers discounts to corporations buying content for multiple users. Please contact us to learn more.
    Contact Us (866) 540-9677
Information Technology
All Your IT Training Needs In One Place.
- Choose a Category
- Business Essentials eLearning Library
  - Equip yourself with the skills you’ll need for your everyday business tasks. Everything from leadership and business concepts to IT, finance and more.
    Read More Register Now
    Instant Access
    From Anywhere
    
    Unlimited
    Viewing
    
    6-12 Months
    To Complete
- Request On-Site Training
  - With TrainUp’s On-Site Training Services, you get:
    Dedicated Private Event Representative Tenured & Award-Winning Instructor
    Customized Training Curriculum
    Affordable Cost Per Participant
    Flexible Scheduling
    …We bring the best to you!
    View More Info Request on-site training
- Corporate Discounts
  - TrainUp offers discounts to corporations buying content for multiple users. Please contact us to learn more.
    Contact Us (866) 540-9677
Legal
All Your Legal Training Needs In One Place.
- Choose a Category
- Business Essentials eLearning Library
  - Equip yourself with the skills you’ll need for your everyday business tasks. Everything from leadership and business concepts to IT, finance and more.
    Read More Register Now
    Instant Access
    From Anywhere
    
    Unlimited
    Viewing
    
    6-12 Months
    To Complete
- Request On-Site Training
  - With TrainUp’s On-Site Training Services, you get:
    Dedicated Private Event Representative Tenured & Award-Winning Instructor
    Customized Training Curriculum
    Affordable Cost Per Participant
    Flexible Scheduling
    …We bring the best to you!
    View More Info Request on-site training
- Corporate Discounts
  - TrainUp offers discounts to corporations buying content for multiple users. Please contact us to learn more.
    Contact Us (866) 540-9677

Course ID: 309759

Video Collection

Security Video Collection

When you register for training with TrainUp.com, you are also supporting local education. Find out how.

In-Person Group Onsite Info

This Video Collection Contains 2424 Videos. View All Titles.

Security Video Collection

This Security Video Collection e-learning and video micro-learning bundle contains 2424 videos to enhance your skills. Courses are instantly accessible after purchase, viewing is unlimited, and you get 6 month-access to the library.

What is eLearning?

eLearning is a topical piece of online training material that is available to learn at your convenience. It is typically delivered in the form of videos or an interactive presentation, conducted via electronic media, through the web. eLearning courses are accessible on demand through your My Training Portal. Learn it when you need it!

Contents

2424 Videos

COLLECTION PRICE

$649.00

View Courses

Looking for Group eLearning Options?

Instant Access
From Anywhere
Unlimited
Viewing
6-12 Months
To Complete

When you register for training with TrainUp.com, you are also supporting local education. Find out how.

Browse Videos Included In This Collection

Change Management

After watching this video; you will be able to recognize characteristics of change management.
Training and Awareness

After watching this video; you will be able to use training and awareness data for security assessment and testing.
Virtual Appliances

After watching this video; you will be able to describe characteristics of virtual appliances and their role in virtual environments.
Snapshots

Snapshots are an effective and viable backup option from an enterprise security perspective. In this video; Steven Crawford discusses the use of snapshots.
Flow Control

After watching this video; you will be able to distinguish between flow control methods.
Virtualized Networks

After watching this video; you will be able to describe the concept of virtualized networks.
Network Access Control

When preparing for the CompTIA CASP CAS-002 examination; you're expected to know about network security feature – Network Access Control (NAC) which measures the configuration of connecting clients against a health policy. It then only allows the connection if the client is healthy. In this video; Glen Clarke discusses the features of NAC and the health policy.
Transmission Media

After watching this video; you will be able to describe the security characteristic of different choices of network media.
Digital Signatures

After watching this video; you will be able to describe characteristics and best practices for applying digital signatures.
Separation of Duties

After watching this video; you will be able to recognize the characteristics of separation of duties.
Disaster Recovery and Business Continuity

After watching this video; you will be able to use disaster recovery and business continuity data for security assessment and testing.
Security Policy

After watching this video; you will be able to identify best practices for developing and implementing a documented security policy.
Copying and Moving Files

After watching this video; you will be able to distinguish NTFS permission behaviors when copying and moving files.
Share Permissions

After watching this video; you will be able to distinguish and apply share permissions.
Routing

After watching this video; you will be able to identify characteristics of routing.
Deployment Requirements

After watching this video; you will be able to identify characteristics of software deployment requirements.
Embedded Systems

After watching this video; you will be able to distinguish between control systems and firmware.
Hypervisor

After watching this video; you will be able to identify characteristics and role of hypervisors in virtual environments.
Phishing and Pharming

After watching this video; you will be able to distinguish between phishing and pharming.
Application Hardening

After watching this video; you will be able to describe measures to harden services for mobile applications.
Endpoint Security

After watching this video; you will be able to describe local on-device security for network end systems.
Interfaces

After watching this video; you will be able to identify characteristics of interfaces as a security capability within information systems.
Security Zones

When preparing for the CompTIA CASP CAS-002 examination; you're expected to know how security zones are used to secure network environments. In this video; Glen E. Clarke discusses security zones; how they operate to control communication between different zones; as well as separate critical assets to secure a network environment.
Apply Cryptographic Modes and Algorithms

After watching this video; you will be able to apply cryptographic modes and algorithms.
Applying Non-repudiation to Cryptography

After watching this video; you will be able to describe how cryptography can be used to prove; with high certainty; that an action or statement is associated with an entity.
Applying the DES/3DES Block Algorithm

After watching this video; you will be able to describe how the DES and 3DES algorithms work to encrypt and decrypt data.
Creating or Generating Keys

After watching this video; you will be able to describe the creating; or generating; of keys and how the key strength is critical to cryptographic ciphers.
Defining Cryptography Authentication

After watching this video; you will be able to define how cryptography can provide a means to authenticate an entity.
Defining the RSA Algorithm

After watching this video; you will be able to describe the RSA public key encryption and its operation.
Defining Why Cryptography is Difficult

After watching this video; you will be able to describe why cryptography is difficult to get right and how poor cryptography can give you a false sense of security.
Describing Counter (CTR)

After watching this video; you will be able to describe the Counter mode and how It can be used for parallelizing encryption and decryption.
Describing Cryptanalysis

After watching this video; you will be able to perform some basic cryptanalysis and describe methods to decrypt poorly encrypted data.
Describing Cryptographic Terminology

After watching this video; you will be able to use and identify basic cryptographic terminology.
Describing Digital Signatures

After watching this video; you will be able to describe a digital signature and how it can be used for authentication and nonrepudiation.
Describing Electronic Codebook (ECB)

After watching this video; you will be able to describe and identify data that has been encrypted using the ECB mode.
Describing Export Controls and Limits on Cryptography

After watching this video; you will be able to describe basic export controls and limits that can be imposed on cryptography used around the world .
Describing HMAC

After watching this video; you will be able to describe the Hash Message Authentication Code; or HMAC; and its use to authenticate and verify the integrity of a message.
Describing How Cryptography Provides Confidentiality

After watching this video; you will be able to describe how cryptography can keep data confidential within limits.
Describing Key Escrow

After watching this video; you will be able to identify the role and purpose of key escrow policies and procedures.
Describing Key Exchange

After watching this video; you will be able to describe how to cryptographically exchange keys securely.
Describing Key Management

After watching this video; you will be able to identify and describe basic key management policies and procedures.
Describing MD5; SHA1; and SHA3

After watching this video; you will be able to describe the deprecated MD5 and SHA1 algorithms and the newly chosen replacement; SHA3.
Describing Side-channel Attacks

After watching this video; you will be able to identify external methods that can be used to compromise; or bypass; a cryptographic system.
Describing Substitution Ciphers

After watching this video; you will be able to describe and use a substitution cipher and understand the weaknesses that can be exploited by an attacker against these ciphers.
Describing the Blowfish Block Algorithm

After watching this video; you will be able to describe the Blowfish block cipher algorithm and its properties.
Describing the ElGamal Algorithm

After watching this video; you will be able to describe the ElGamal cipher algorithm and its usage .
Describing the RC4 Streaming Algorithm

After watching this video; you will be able to describe the RC4 streaming cipher and its properties.
Distinguishing between Block and Key Sizes

After watching this video; you will be able to recognize the difference between blocks and key sizes as they apply to cipher algorithms.
Formatting the Output

After watching this video; you will be able to describe how to encode encrypted data for easier storage or transport.
Hiding Data Using Steganography

After watching this video; you will be able to describe the use of stenography in encryption products to hide the fact data is even encrypted.
Identify the Cryptographic Algorithm to Use

After watching this video; you will be able to identify the cryptographic algorithm to use.
Identifying Algorithm and Key Strengths

After watching this video; you will be able to identify the features and strengths of cryptographic algorithms and how to select an algorithm for a particular usage scenario.
Identifying and Using Entropy

After watching this video; you will be able to describe how entropy is used in generating random numbers and how that entropy is critical to the strength of a cryptographic key.
Identifying Historical Use of Cryptography

After watching this video; you will be able to recognize historical uses of cryptography and their relevance to cryptography today.
Identifying Secure Communications Over HTTPS

After watching this video; you will be able to identify web browser-based secure communications and the role of certificates and certificate authorities (CAs).
Identifying the Current State of Cryptography

After watching this video; you will be able to identify the different types of cryptography and how cryptographic algorithms can be verified and validated.
Introducing Cryptography

After watching this video; you will be able to describe and identify the reasons for having and using cryptography.
Recognizing the Need for Data Integrity

After watching this video; you will be able to describe why data integrity is an integral part of cryptography.
Using a One-time Pad

After watching this video; you will be able to describe how OPT; or one-time pad; cryptography can theoretically provide perfect secrecy but has some significant limitations.
Using Cipher Block Chaining (CBC)

After watching this video; you will be able to specify how Cipher Block Chaining uses an IV; or initialization vector; to make data appear random.
Using Cipher Feedback (CFB)

After watching this video; you will be able to describe the Cipher Feedback mode and how it builds on CBC and makes a block cipher into a stream cipher.
Using GPG with E-mail

After watching this video; you will be able to use GPG to encrypt and decrypt an e-mail message.
Using Nonces and the Initialization Vector

After watching this video; you will be able to describe the purpose of an initialization vector for a cipher algorithm and how nonces can be used to protect small datasets.
Using One-way Hashes

After watching this video; you will be able to describe the purpose of cryptographic hash functions and how they can be used in cryptography to provide data integrity.
Using Output Feedback (OFB)

After watching this video; you will be able to describe the Output Feedback mode and how it can use the same process for encryption and decryption.
Using Padding

After watching this video; you will be able to describe and perform padding operations to data for block ciphers.
Using Propagating Cipher Block Chaining (PCBC)

After watching this video; you will be able to describe how Propagating Cipher Block Chaining mode improved on CBC by causing small changes to each block encrypted.
Using SHA2

After watching this video; you will be able to apply and describe the operation of the SHA2 hashing algorithms.
Using Symmetric Algorithms

After watching this video; you will be able to describe and identify the features and use cases for symmetric-key cipher algorithms .
Using the AES Block Algorithm

After watching this video; you will be able to use a simple AES implementation to encrypt and decrypt data and compare the results to the NIST standard to confirm operation of the algorithm.
Working with Asymmetric Algorithms

After watching this video; you will be able to describe and identify the features and use cases for asymmetric-key cipher algorithms.
Working with Disk Encryption

After watching this video; you will be able to describe how disk encryption works and the threats it can help protect against.
Working with the Secure Shell (SSH)

After watching this video; you will be able to describe of use of SSL and TLS in security tools like the Secure Shell; or SSH.
Biometric Credentials

After watching this video; you will be able to identify characteristics of biometric credentials.
Collecting Attack Evidence

After watching this video; you will be able to identify best practices when collecting evidence and information after a successful attack .
Common Logon Attacks

After watching this video; you will be able to distinguish between the different common types of attacks on logon pages.
Confidentiality

Three concepts are central to IT security – confidentiality; integrity; and availability (CIA). In this video; Travis Welton discusses these principles; explains what’s meant by confidentiality and how it’s implemented; and outlines different confidentiality classifications.
Confirming Account Changes

After watching this video; you will be able to identify best practices for confirming user account changes with users.
CSRF

After watching this video; you will be able to identify characteristics of Cross-Site Request Forgery (CSRF).
Dealing with Compromised Systems

After watching this video; you will be able to identify best practices for dealing with compromised systems after a successful security attack.
Determining Appropriate User Account Policies

After watching this video; you will be able to identify appropriate user account security policies and practices.
Development Best Practices

After watching this video; you will be able to identify best practices during development to secure site logon.
Disabling Unused Accounts

After watching this video; you will be able to identify best practices for disabling unused user accounts.
Enabling Two-Step Verification

After watching this video; you will be able to describe purpose and best practices for implementing two-step verification in user account registration policies.
Enforcing Password History Policies

After watching this video; you will be able to describe benefits and best practices for enforcing password history policies.
Event Logging

After watching this video; you will be able to identify best practices for event logging as a method for identifying and preventing account security breaches.
Implementing Account Change Notifications

After watching this video; you will be able to identify best practices for implementing user account change notifications.
Implementing Verification Questions

After watching this video; you will be able to describe best practices for strengthening password reset with verification questions.
Importance of User Account Security

After watching this video; you will be able to identify the purpose and requirement for secure user account controls.
Integrity

After watching this video; you will be able to identify the role of integrity when applying cryptography.
Limiting Logon Attempts

After watching this video; you will be able to identify characteristics and best practices for limiting logon attempts as a restriction for user accounts.
Logon Fraud Detection and Prevention

After watching this video; you will be able to describe best practices for detecting and preventing logon fraud.
Managing Simultaneous Sessions

After watching this video; you will be able to identify best practices for managing multiple simultaneous sessions from the same user.
Naming Conventions

After watching this video; you will be able to identify characteristics and best practices of implementing appropriate naming convention restrictions for user accounts.
Network Protocols

After watching this video; you will be able to identify best-practice network protocols to protect against general security attacks.
Neutralizing Attacks

After watching this video; you will be able to describe best practices for neutralizing user account security attacks.
Overview of Password Reset

After watching this video; you will be able to identify characteristics and purpose of password reset.
Overview of the Logoff Feature

After watching this video; you will be able to identify purpose and characteristics of implementing logoff requirements.
Overview of the Logon Feature

After watching this video; you will be able to describe the characteristics and purpose of the logon feature.
Password Age Policies

After watching this video; you will be able to describe benefits and best practices for setting minimum and maximum password age requirements.
Password Complexity Requirements

After watching this video; you will be able to identify password length; width; and depth requirements that can enhance password security.
Password Credentials

After watching this video; you will be able to identify characteristics of password credentials.
Password Field Security

After watching this video; you will be able to identify best practices for password field security.
Password Hashing Best Practices

After watching this video; you will be able to identify best practices for hashing passwords for storage.
Password Hints

After watching this video; you will be able to identify benefits and challenges of using password hints and best practices.
Password Storage Best Practices

After watching this video; you will be able to describe best practices for password storage policies.
Password Strength Criteria

After watching this video; you will be able to describe best practice for setting minimum password strength criteria policies.
Password Strength Feedback

After watching this video; you will be able to describe techniques for providing feedback to users on password strength.
Password Verification for Changes

After watching this video; you will be able to describe best practices for using password verification during account change activities.
Patches and Updates

After watching this video; you will be able to identify best practices for patching and updating to prevent user account compromise.
Permissions Categories

After watching this video; you will be able to distinguish between the different access permissions categories available to assign to account users.
Preventing Username Enumeration

After watching this video; you will be able to describe best practices for preventing username enumeration as part of user account registration security.
Privilege Management

After watching this video; you will be able to distinguish between users; groups; and role structures for privileges.
Protecting against Password Hacking

After watching this video; you will be able to identify best practices for preventing password hack attempts.
Registration Basics

After watching this video; you will be able to describe characteristics and purpose of secure user account registration policies and practices.
Remote Logoff

After watching this video; you will be able to identify characteristics and best practices for remote logoff procedures.
Securing Account Access and Mitigating Risk

After watching this video; you will be able to identify appropriate logon; logoff and account change policies; and describe best practices for responding to account compromise.
Securing Logoff Against CSRF

After watching this video; you will be able to describe purpose and techniques for implementing CSRF protection on the logoff feature.
Securing User Account Registration

After watching this video; you will be able to identify appropriate user account registration and password best practices.
Security Attack Motives

After watching this video; you will be able to describe goals and motives for user account security attacks.
Security Attack Phases

After watching this video; you will be able to distinguish between the different phases of a security attack.
Session Expiry

After watching this video; you will be able to identify best practices and purpose of session expiry .
Setting Account Expiry Dates

After watching this video; you will be able to identify best practices for setting account expiry dates.
Setting Machine Restrictions

After watching this video; you will be able to identify best practices for setting machine restrictions on user accounts.
Setting Time Restrictions

After watching this video; you will be able to identify best practices for setting time restrictions on user accounts.
Ticket-based Hybrid Authentication

After watching this video; you will be able to identify characteristics of ticket-based hybrid authentication credentials.
Timed Password Reset

After watching this video; you will be able to identify best practices for implementing timed password resets.
User Authentication Components

After watching this video; you will be able to distinguish between the three user authentication components and how they interrelate.
User Logon Process

After watching this video; you will be able to identify the phases of the user logon process.
Username Best Practices

After watching this video; you will be able to describe best practices for secure usernames and user identifiers.
Username Enumeration

After watching this video; you will be able to identify characteristics of username enumeration.
Using CAPTCHA

After watching this video; you will be able to identify best practices and purpose of using CAPTCHA for user account registration and setup.
Using SSL for Logon Security

After watching this video; you will be able to use SSL to enhance logon security.
Vulnerability Scanning

After watching this video; you will be able to identify best practices for performing vulnerability scanning to prevent user account compromise.
Web Server Password Cracking

After watching this video; you will be able to distinguish between the different types of web server password cracking techniques.
Account Change Risks

After watching this video; you will be able to describe characteristics of account detail changes and how and why they carry risk of attack.
Account Protocols

After watching this video; you will be able to identify best-practice account protocols to protect against user account security attacks.
Account Verification

After watching this video; you will be able to identify best practices for account registration verification.
Asymmetric Key Credentials

After watching this video; you will be able to identify characteristics of asymmetric key credentials for authentication.
At-risk Account Attributes

After watching this video; you will be able to identify the specific account attributes that hackers target.
Authentication and Identification

After watching this video; you will be able to describe characteristics of the authentication and identification process and the relationship between them.
Authentication Credentials Overview

After watching this video; you will be able to identify characteristics and purpose of credentials.
Authentication Types

After watching this video; you will be able to distinguish between the different types of authentication.
Authenticity

After watching this video; you will be able to describe characteristics of the fundamental security concept of authenticity as it relates to securing user accounts.
Water Issues

After watching this video; you will be able to identify best practices for preventing and responding to water risks.
Big Data Challenges in the Cloud

IT security becomes a challenge when dealing with big data in the cloud. In this video; Carlos Moros explains what big data is; its benefits; and why it's a concern for security practitioners in a cloud environment.
Building Security Policies for Cloud Infrastructure

IT security requires users to build secure policies that keep pace with cloud computing and storage as well as bricks-and-mortar infrastructures. In this video; Carlos Moros discusses security considerations resulting from the shift from perimeter protection of a static data environment to a virtual environment in which data traverses administrative domains; including e-discovery; identity management; and operational domains.
Cloud Encryption and Key Management

IT security includes encryption which deals with confidentiality; key management; and loss of visibility over encrypted information assets. In this video; Carlos Moros uses different encryption models to ensure confidentiality; integrity; and authenticity of data in a Cloud environment.
Cloud Security Models and Standards

Cloud security models and standards play a vital role in IT security. In this video; Carlos Moros uses the process standards to explain their role in monitoring; auditing; interoperability; and securing your Cloud.
Cloud Visibility

Lack of cloud visibility hampers IT security strategies because so many security functions rely on visibility. In this video; Carlos Moros discusses reasons for restricted visibility and proven standards for defining a visibility strategy; such as the Cloud Trust Protocol; of which the central issues are defining what should be monitored and how; and compelling cloud providers to do so.
Data Security in the Cloud

IT security includes the security of high volumes of data that move swiftly in and out of the cloud. This causes data loss prevention to become a crucial concern. In this video; Carlos Moros discusses how multi-tenancy expands the attack surface; data sovereignty being at risk; and the role of a data loss prevention policy throughout the data life cycle.
Governance in the Cloud

In terms of IT Security; Governance is defined as a system by which IT infrastructures are managed and controlled. In this video; Carlos Moros explains how to keep control of IT assets in a Cloud Computing environment as well as the processes and procedures you can use to do so.
Guidelines to Protect Web Services

IT security applied to cloud services needs to focus on the latest trends in protecting web protocols to define access control into and out of the cloud. In this video; Carlos Moros describes common threats to cloud security and ways to combat them; such as web security gateways and Web 2.0 countermeasures; with special attention given to data loss prevention.
iPad – Find My iPad

With Find My iPad enabled; you'll be able to use the Find My iPhone app and your iCloud account; or another iOS device; to locate your iPad and protect its data. In this video; Josh Penzell demonstrates how to use the Find My iPhone app to locate; lock; or erase all the data from your iPad if it's lost or stolen.
iPad Privacy Features

The Privacy feature on the iPad allows you to control what applications have access to the private information stored on your iPad. In this video; Josh Penzell demonstrates how to configure the Location Services in the Privacy area and how to determine when an app wants access to specific data on your iPad.
iPad Restriction Feature

Restrictions on the iPad is a helpful feature that you can use to prevent access to specific content and applications on the device; allowing you to feel comfortable handing over your iPad to others. In this video; Josh Penzell highlights some of the Restrictions and parental control settings that you can use to lock down your iPad.
iPad Safari Security

The iPad Safari browser security settings allow you to keep your personal information safe; and gives you control over your online privacy. In this video; Josh Penzell demonstrates how to lock down Safari's security settings to prevent others from accessing and abusing your personal information while you're browsing the Internet.
iPad Wi-Fi Bluetooth Security

Without taking the necessary security precautions when employing Wi-Fi and Bluetooth on your iPad you can expose the device; and the data it contains; to potential security threats. In this video; Josh Penzell demonstrates how to disable wireless connections on the iPad when they're not in use.
iPhone – Find My iPhone

If your iPhone is lost or stolen; the Find My iPhone app will enable you to use the iCloud service or another iOS device to locate your iPhone and protect your data from being accessed. In this video; Josh Penzell demonstrates how to configure the Find My iPhone app and highlights the key features provided by the service.
iPhone Privacy Features

The Privacy feature on the iPhone allows you to control whether certain applications are allowed access to specific information on your device. In this video; Josh Penzell demonstrates how to configure the Location Services in the Privacy area; and how to determine when an app wants access to specific data on your iPhone.
iPhone Restriction Feature

The iPhone includes a helpful feature called Restrictions that you can use to prevent access to specific content and applications on the device so you feel more comfortable handing your iPhone over to others. In this video; Josh Penzell highlights some of the restrictions and parental control settings that you can use to lock down your iPhone.
iPhone Safari Security

The iPhone Safari browser security settings allow you to keep your personal information safe and control your online privacy. In this video; Josh Penzell demonstrates how to lock down Safari's security settings in order to prevent others from accessing and abusing your personal information while you're browsing.
iPhone Wi-Fi Bluetooth Security

Without taking the necessary security precautions when employing Wi-Fi and Bluetooth on your iPhone; you can expose the device; and the data it contains; to potential security threats. In this video; Josh Penzell highlights some of the best practises for limiting unscrupulous access to your iPhone through wireless connections.
Mobile and BYOD Security

The Bring Your Own Device (BYOD) trend challenges IT security strategies applied to the cloud. In this video; Carlos Moros discusses the lack of security controls on consumer devices that access the cloud. If registration; onboarding; and identity management aren't implemented; mobile devices can become bridges between mission-critical corporate information and the cloud.
SECaaS

IT security in a cloud environment can be seen in Security as a Service (SaaS); which can be provided by third-party providers. In this video; Carlos Moros discusses the merits of SaaS in cloud computing and what options are available to users; where key factors in deciding on an option are interoperability; portability; trust; and adherence to standards.
Securing the Cloud

Securing your Cloud is a relatively new IT security challenge. In this video; Carlos Moros uses the virtualization and multi-tenancy features to explain Cloud computing and its security challenges.
Threat Vectors in the Cloud

Cloud computing environments face both old and new IT security vulnerabilities and threats. In this video; Carlos Moros uses the Cloud Security Alliance report to identify and investigate potential security threats that are specific to the Cloud.
Virtualization for Security and Security for Virtualization

Virtualization is an IT security mechanism that creates the illusion of multi-tenancy and customer segregation. In this video; Carlos Moros use virtual machines to explain virtualization for security and security for virtualization.
What is Your Cloud Provider Doing to Protect Your Assets

Because cloud services cause loss of visibility over information assets; IT security practitioners must evaluate cloud providers in terms of business security and legal requirements. In this video; Carlos Moros suggests an approach developed by the European Network and Information Security Agency in 2011; which covers security and resiliency parameters for preparedness; service delivery; response and recovery; and legal compliance.
Intrusion Detection and Intrusion Prevention Systems

After watching this video; you will be able to distinguish between the two main types of IDS/IPS.
Packet Filtering Firewalls

After watching this video; you will be able to recognize characteristics of packet filtering firewalls.
Zones

With Microsoft Windows; it is vitally important to be aware of security fundamentals. Microsoft added the use of four security content zones to Internet Explorer to improve Internet security. In this video; Travis Welton demonstrates how to configure the four security content zones and further customize the security levels in Internet Explorer.
Application Wrapper Overview

After watching this video; you will be able to describe security functionality offered by app wrapper technologies for mobile devices.
Assessing Mobile Threats

After watching this video; you will be able to assess threats from OWASP top 10 and their impact on mobile systems.
Asymmetric Encryption Overview

After watching this video; you will be able to describe asymmetric encryption and its common uses.
Back-end Security Requirements

After watching this video; you will be able to describe requirements for back-end security for mobile applications.
Broken Cryptography

After watching this video; you will be able to describe how broken cryptography affects mobile device front-end and back-end systems.
Building a Demilitarized Zone

After watching this video; you will be able to describe the architecture of a demilitarized zone to protect mobile app services.
Business Impacts of Exploits

After watching this video; you will be able to describe the potential business impacts of mobile exploits.
BYOD Container Usage Scenarios

After watching this video; you will be able to describe usage scenarios for BYOD containers.
BYOD Containers

After watching this video; you will be able to describe BYOD containers for segregating data on BYOD devices.
Client-side Injection

After watching this video; you will be able to describe how client-side injection affects mobile device front-end systems.
Configuring BYOD Containers

After watching this video; you will be able to configure BYOD containers using Good Work.
Configuring Perfect Forward Secrecy

After watching this video; you will be able to configure perfect forward secrecy in Internet Information Services.
Configuring the Microsoft Intune Connector Role

After watching this video; you will be able to configure the Microsoft Intune connector role.
Configuring Unmanaged Android Devices

After watching this video; you will be able to configure security settings on-device for unmanaged Android devices.
Configuring Unmanaged iOS Devices

After watching this video; you will be able to configure security settings on-device for unmanaged iPhone and iPad iOS devices.
Configuring Unmanaged Windows Phone Devices

After watching this video; you will be able to configure security settings on-device for unmanaged Windows Phone devices.
Configuring Virtual Private Networks

After watching this video; you will be able to connect a mobile device to a VPN server.
Creating a Microsoft Intune Account

After watching this video; you will be able to create an account for Microsoft Intune.
Creating Certificates

After watching this video; you will be able to create a certificate in Visual Studio makecert.
Cryptography One-way Functions

After watching this video; you will be able to describe the theory of one-way cryptographic functions and hashes.
Cryptography Usage

After watching this video; you will be able to describe usage scenarios for cryptography.
Deploy Enterprise Profiles in Microsoft Intune

After watching this video; you will be able to deploy enterprise profiles in Microsoft Intune.
Device Authorization and Authentication Requirements

After watching this video; you will be able to describe requirements for secure device authorization and authentication.
Device Sensor; Jailbreak; & MDM System Requirements

After watching this video; you will be able to describe requirements for secure device sensors; jailbreaking; and mobile device management systems.
Digital Certificates Overview

After watching this video; you will be able to describe digital certificates and the process of issuing certificates in a CA system.
Digital Signing Overview

After watching this video; you will be able to describe digital signing.
Distribute Apps in Microsoft Intune

After watching this video; you will be able to distribute apps in Microsoft Intune.
Encrypting Cloud Data

After watching this video; you will be able to use Boxcryptor to encrypt and secure cloud data.
Enforcing Configurations in Microsoft Intune

After watching this video; you will be able to enforce configurations in Microsoft Intune.
Enrolling Devices in Microsoft Intune

After watching this video; you will be able to enroll devices in Microsoft Intune.
Enterprise Mobile Device Security Challenges

After watching this video; you will be able to describe network architecture challenges for securing enterprise mobile devices.
Enterprise Mobile Device Security Model Solution

After watching this video; you will be able to describe a solution for enterprise mobile device security challenges based on Microsoft's product portfolio.
Exchange ActiveSync Functionality

After watching this video; you will be able to describe Microsoft Exchange ActiveSync functionality for managing mobile devices.
Handling Certificates in Microsoft Intune

After watching this video; you will be able to handle certificates in Microsoft Intune.
Hashing Overview

After watching this video; you will be able to describe hashing and identify the main hashing algorithms.
Identifying Risks

After watching this video; you will be able to describe the process to determine risk in a mobile environment.
Improper Session Handling

After watching this video; you will be able to describe how improper session handling affects mobile device front-end systems.
Infrastructure Security Requirements

After watching this video; you will be able to describe infrastructure security requirements to support secure mobile apps.
Insecure Data Storage

After watching this video; you will be able to describe how insecure data storage affects mobile device front-end and back-end systems.
Insufficient Transport Layer Protection

After watching this video; you will be able to describe how insufficient transport layer protection affects mobile device front-end and back-end systems.
Key Distribution

After watching this video; you will be able to describe key distribution in cryptographic systems.
Lack of Binary Protections

After watching this video; you will be able to describe how lack of binary protections affects mobile device front-end systems.
Managing Devices with Exchange ActiveSync

After watching this video; you will be able to configure Office 365 Exchange ActiveSync to manage mobile devices.
Microsoft Azure Rights Management Overview

After watching this video; you will be able to describe Microsoft Azure Rights Management cloud-based rights management system.
Mitigating Code Vulnerabilities in Apps

After watching this video; you will be able to describe methods to mitigate code vulnerabilities in mobile apps.
Mitigating Malicious App Functionality

After watching this video; you will be able to describe methods to mitigate malicious functionality in mobile apps.
Mobile Device Management Systems

After watching this video; you will be able to describe the use of mobile device management systems to fully manage secure mobile devices.
Mobile Device Overview

After watching this video; you will be able to describe current mobile devices and form factors.
Mobile Device Ownership Models

After watching this video; you will be able to describe mobile device ownership models and how they relate to a coherent mobile threat mitigation strategy.
Navigating Microsoft Intune

After watching this video; you will be able to navigate the Microsoft Intune interface.
Overview of Security

After watching this video; you will be able to describe mobile security considerations.
Performing Digital Signing

After watching this video; you will be able to perform digital signing using OpenSSL.
Performing Encryption

After watching this video; you will be able to encrypt and decrypt a message using OpenSSL.
Performing Hashing

After watching this video; you will be able to perform hashing using Windows PowerShell.
Poor Authorization and Authentication

After watching this video; you will be able to describe how poor authorization and authentication affects mobile device front-end and back-end systems.
Preparing for iOS Mobile Device Enrollment

After watching this video; you will be able to prepare for iOS device enrollment in Microsoft System Center Configuration Manager.
Preparing for Windows Mobile Device Enrollment

After watching this video; you will be able to prepare for Windows Mobile device enrollment in Microsoft System Center Configuration Manager.
Protect Data in Microsoft Intune

After watching this video; you will be able to protect data in Microsoft Intune.
Protecting Content with Microsoft Azure RMS

After watching this video; you will be able to configure Microsoft Azure Rights Management System to protect confidential documents.
Protecting Data at Rest and in Transit

After watching this video; you will be able to describe measures to protect data in transit and at rest.
Protecting the Transport Layer

After watching this video; you will be able to describe measures to protect mobile apps at the transport layer.
Requirements for the Mobile Enterprise

After watching this video; you will be able to describe the requirements for establishing a Mobile Enterprise.
Reverse Proxy Features

After watching this video; you will be able to describe the use of a reverse proxy in protecting mobile app back-end services.
Rights Management Systems

After watching this video; you will be able to describe the use of rights management systems to secure document content.
Secure App Deployment

After watching this video; you will be able to describe requirements for securing mobile app deployment.
Secure Cloud Storage

After watching this video; you will be able to describe requirements for secure cloud storage.
Secure Device Connectivity and App Requirements

After watching this video; you will be able to describe requirements for secure device connectivity and apps.
Secure Device Data-handling Requirements

After watching this video; you will be able to describe requirements for secure device data handling.
Secure Device User Requirements

After watching this video; you will be able to describe requirements for users of secure devices.
Securing Directory Services and CA

After watching this video; you will be able to describe processes for securing directory services and certificate authorities used in mobile app back-end systems.
Securing E-mail Services

After watching this video; you will be able to describe the use of S/MIME to secure e-mail in the enterprise.
Security Decisions via Untrusted Inputs

After watching this video; you will be able to describe how security decisions via untrusted inputs affect mobile device back-end systems.
Sensitive Data Storage and Transport

After watching this video; you will be able to describe how mobile data is stored and transported.
Sensitive Mobile Assets

After watching this video; you will be able to describe sensitive mobile assets.
Sensitive Usage of Mobile Devices

After watching this video; you will be able to describe sensitive usage scenarios for mobile devices.
Short-lived Session Keys

After watching this video; you will be able to describe challenges with transport layer security; and how they can be solved with short-lived session keys and perfect forward secrecy.
Symmetric Encryption Overview

After watching this video; you will be able to describe symmetric encryption.
System Center Configuration Manager Overview

After watching this video; you will be able to describe Microsoft System Center Configuration Manager and Intune interoperability.
Targeting Devices in Microsoft Intune

After watching this video; you will be able to target devices in Microsoft Intune.
Technical Impacts of Exploits

After watching this video; you will be able to describe the potential technical impacts of mobile exploits.
The Mobile Security Landscape

After watching this video; you will be able to describe the current state of mobile device security.
Unintended Data Leakage

After watching this video; you will be able to describe how unintended data leakage affects mobile device front-end and back-end systems.
Unmanaged Company-owned Devices

After watching this video; you will be able to describe mitigation strategies for unmanaged company-owned devices.
Unmanaged Device User Policies

After watching this video; you will be able to describe appropriate user policies for risk mitigation with unmanaged devices.
Unmanaged Devices in a Small Organization

After watching this video; you will be able to describe mitigation strategies for unmanaged devices in a small organization.
Virtual Private Networking Overview

After watching this video; you will be able to describe virtual private networks for securing network connections.
Weak Server-side Controls

After watching this video; you will be able to list the OWASP top ten mobile risks; and describe how weak server-side controls affect mobile device back-end systems.
Configuring Intune

After watching this video; you will be able to create an account on Microsoft Intune; enroll devices; and deploy enterprise profiles.
Securing Back-end Systems

After watching this video; you will be able to describe threats to back-end systems; and strategies to mitigate them.
Mitigating Threat for BYOD and COD Devices

After watching this video; you will be able to describe mitigation strategies for BYOD and COD devices in the enterprise.
Account Management Data

After watching this video; you will be able to use account management data for security assessment and testing.
Addressing Embedded Device Vulnerabilities

After watching this video; you will be able to identify best practices for assessing and mitigating embedded device and cyber-physical system vulnerabilities.
Addressing Mobile System Vulnerabilities

After watching this video; you will be able to identify best practices for assessing and mitigating mobile system vulnerabilities.
Addressing Web-based Systems Vulnerabilities

After watching this video; you will be able to identify best practices for assessing and mitigating web-based systems vulnerabilities.
Aligning Security Function to the Organization

After watching this video; you will be able to align the security function to an organization's strategy; goals; mission; and objectives.
Analyzing Test Outputs

After watching this video; you will be able to identify best practices for analyzing security assessment and testing results.
API Security

After watching this video; you will be able to describe best practices for application programming interface security.
Applying Availability

After watching this video; you will be able to identify best practices when applying the concept of availability.
Applying Complete Mediation to Engineering Processes

After watching this video; you will be able to apply the secure design principle of complete mediation when implementing and managing engineering processes.
Applying Confidentiality

After watching this video; you will be able to identify best practices when applying the concept of confidentiality.
Applying Defense in Depth to Engineering Processes

After watching this video; you will be able to apply the secure design principle of defense in depth when implementing and managing engineering processes.
Applying Economy of Mechanism to Engineering Processes

After watching this video; you will be able to apply the secure design principle of economy of mechanism when implementing and managing engineering processes.
Applying Fail Safe to Engineering Processes

After watching this video; you will be able to apply the secure design principle of fail safe when implementing and managing engineering processes.
Applying Integrity

After watching this video; you will be able to identify best practices when applying the concept of integrity.
Applying Least Common Mechanism

After watching this video; you will be able to apply the secure design principle of least common mechanism when implementing and managing engineering processes.
Applying Least Design to Engineering Processes

After watching this video; you will be able to apply the secure design principle of least design when implementing and managing engineering processes.
Applying Least Privilege to Security Operations

After watching this video; you will be able to apply the concept of least privilege to security operations.
Applying Open Design to Engineering Processes

After watching this video; you will be able to apply the secure design principle of open design when implementing and managing engineering processes.
Applying Psychological Acceptability

After watching this video; you will be able to apply the secure design principle of psychological acceptability when implementing and managing engineering processes.
Applying Separation of Duties to Engineering Processes

After watching this video; you will be able to apply the secure design principle of separation of duties when implementing and managing engineering processes.
Applying Separation of Duties to Security Operations

After watching this video; you will be able to apply the concept of separation of duties and responsibilities to security operations.
Applying Weakest Link to Engineering Processes

After watching this video; you will be able to apply the secure design principle of weakest link when implementing and managing engineering processes.
Assessing and Mitigating Client-Based Vulnerabilities

After watching this video; you will be able to identify best practices for assessing client-based vulnerabilities in security architectures; design; and solution elements.
Assessing and Mitigating Server-Based Vulnerabilities

After watching this video; you will be able to identify best practices for assessing server-based vulnerabilities in security architectures; design; and solution elements.
Assessing Risk

After watching this video; you will be able to distinguish between qualitative; quantitative; and hybrid risk assessment strategies.
Assessing Risk Controls

After watching this video; you will be able to identify best practices for assessing risk controls.
Assessing Security through Change Logs and Audits

After watching this video; you will be able to use audits and change logs to assess the effectiveness of software security.
Assigning and Accepting Risk

After watching this video; you will be able to identify options for assigning and accepting risk.
Asymmetric Cryptography

After watching this video; you will be able to identify characteristics of asymmetric cryptography.
Auditor Role and Responsibilities

After watching this video; you will be able to identify the role of auditors in asset security.
Backup Storage Strategies

After watching this video; you will be able to distinguish between backup storage options.
Backup Verification Data

After watching this video; you will be able to use backup verification data for security assessment and testing.
Baselines

After watching this video; you will be able to use baselines to determine appropriate date security controls.
Business Classification Levels

After watching this video; you will be able to distinguish between the four common business classification levels.
Civil Investigation Requirements

After watching this video; you will be able to identify requirements for civil investigations.
Cloud Identity Services

After watching this video; you will be able to describe cloud identity services; and the functioning of identity as a service.
Code Repository Security

After watching this video; you will be able to describe best practices for code repository security.
Code Review and Testing

After watching this video; you will be able to distinguish between code review and testing types for security control testing.
Collection Limitations and Privacy Protection

After watching this video; you will be able to identify data collection best practices to ensure privacy protection.
Common Software Vulnerabilities

After watching this video; you will be able to list CWE and SAN top software vulnerabilities.
Communications Cryptography

After watching this video; you will be able to identify common cryptographic protocols used for communications.
Computer Crimes

After watching this video; you will be able to identify characteristics of computer crimes that pertain to information security.
Computer; Equipment; and Data Security

After watching this video; you will be able to identify best practices for computer and equipment room security.
Conducting an Audit

After watching this video; you will be able to describe the process for conducting an audit.
Confidentiality Security Models

After watching this video; you will be able to identify characteristics of confidentiality security models.
Configuration Management for Secure Coding

After watching this video; you will be able to use configuration management as a method for securing the coding environment.
Content-Distribution Networks

After watching this video; you will be able to describe content distribution networks and their security implications.
Contingency Planning

After watching this video; you will be able to describe characteristics of contingency planning.
Continuous Improvement

After watching this video; you will be able to specify the purpose and best practices of continuous improvement as a result of risk management activities.
Continuous Monitoring

After watching this video; you will be able to describe characteristics of continuous monitoring.
Continuous Security Monitoring

After watching this video; you will be able to define an Information Systems Continuous Monitoring strategy.
Control Frameworks

After watching this video; you will be able to apply security governance principles through the use of control frameworks.
Controlling Access to Computer Systems

After watching this video; you will be able to describe methods to control access to computer systems.
Controlling Access to Devices

After watching this video; you will be able to describe methods to control access to devices; including BYOD.
Controlling Access to Facilities

After watching this video; you will be able to describe methods to control physical access to buildings and facilities.
Controlling Access to Information

After watching this video; you will be able to describe methods to control access to information assets.
Converged Protocols

After watching this video; you will be able to describe protocol convergence and common protocols for converging voice and video on IP networks.
Credential Management and Federation

After watching this video; you will be able to describe credential management and federated authentication systems.
Crime Prevention through Environmental Design

After watching this video; you will be able to describe crime prevention through environmental design when assessing sites and facilities.
Criminal Investigation Requirements

After watching this video; you will be able to identify requirements for criminal investigations.
Critical Building Components

After watching this video; you will be able to identify the critical building components that should be physically located away from main entrances; vehicular circulation; parking; and maintenance areas.
Cryptanalytic Attack Methods

After watching this video; you will be able to distinguish between cryptanalytic attack methods.
Cryptographic Life Cycle

After watching this video; you will be able to recognize characteristics of the cryptographic life cycle.
Cryptographic Systems Vulnerabilities

After watching this video; you will be able to identify best practices for assessing and mitigating cryptographic systems vulnerabilities.
Data Breaches

After watching this video; you will be able to identify best practices for addressing data breaches that pertain to information security.
Data Classification Criteria

After watching this video; you will be able to distinguish between data classification categories.
Data Custodian Role and Responsibilities

After watching this video; you will be able to identify the role of data custodians in asset security.
Data Networks and Communications

After watching this video; you will be able to identify network types and describe data communication on a network.
Data Owner Role and Responsibilities

After watching this video; you will be able to identify the role of data owners in asset security.
Data Owners Role in Privacy Protection

After watching this video; you will be able to specify data owner best practices to ensure privacy protection.
Data Processors and Privacy Protection

After watching this video; you will be able to specify data processor best practices to ensure privacy protection.
Data Remnants and Privacy Protection

After watching this video; you will be able to specify data remanence best practices to ensure privacy protection.
Database Security Vulnerabilities

After watching this video; you will be able to identify best practices for assessing and mitigating database security vulnerabilities.
Delegated Identity

After watching this video; you will be able to describe delegated identity in the context of authentication systems.
Designing Assessment and Test Strategies

After watching this video; you will be able to identify best practices when designing assessment and test strategies.
Destruction of Sensitive Information

After watching this video; you will be able to establish best practices for destruction of sensitive information.
Determining and Diagramming Potential Attacks

After watching this video; you will be able to use threat trees to diagram potential attacks.
Determining IS Training and Education Requirements

After watching this video; you will be able to specify appropriate information system training; education and awareness levels for an organization.
Developing a Recovery Strategy

After watching this video; you will be able to identify best practices for developing a recovery strategy.
Development Lifecycle Change Management Security

After watching this video; you will be able to identify secure change management best practices during the software development lifecycle.
Digital Forensics

After watching this video; you will be able to identify characteristics of digital forensics and their role in security investigations.
Digital Rights Management

After watching this video; you will be able to identify best practices for managing digital rights.
Disaster Recovery Assessment

After watching this video; you will be able to identify best practices for ensuring appropriate event assessment during disaster recovery activities.
Disaster Recovery Communications

After watching this video; you will be able to identify best practices for ensuring adequate communications during disaster recovery activities.
Disaster Recovery Personnel

After watching this video; you will be able to identify best practices for ensuring adequate personnel practices during disaster recovery activities.
Disaster Recovery Response

After watching this video; you will be able to identify best practices for ensuring adequate response during disaster recovery activities.
Disaster Recovery Restoration

After watching this video; you will be able to identify best practices for ensuring restoration during disaster recovery activities.
Disaster Recovery Training and Awareness

After watching this video; you will be able to identify best practices for incorporating disaster recovery training and awareness in security operations.
Discretionary and Mandatory Access Controls

After watching this video; you will be able to identify discretionary and mandatory access controls.
Distributed Systems Vulnerabilities

After watching this video; you will be able to identify best practices for assessing and mitigating distributed systems vulnerabilities.
Due Care

After watching this video; you will be able to apply due care.
Due Diligence

After watching this video; you will be able to apply due diligence.
Duress Considerations

After watching this video; you will be able to describe challenges and best practices for incorporating duress considerations in security policies.
Egress Monitoring

After watching this video; you will be able to describe characteristics of egress monitoring.
Electronic Discovery Investigation Requirements

After watching this video; you will be able to identify requirements for e-Discovery investigations.
Elliptic Curve Cryptography

After watching this video; you will be able to identify characteristics of elliptic curve cryptography.
Employment Agreements and Policies

After watching this video; you will be able to identify best security practices for employment agreements and policies.
Employment Candidate Screening

After watching this video; you will be able to identify best security practices for screening employee candidates.
Employment Termination Processes

After watching this video; you will be able to identify best security practices for employment termination processes.
Evaluating Systems Security

After watching this video; you will be able to identify characteristics of systems security evaluation.
Evidence Collection and Handling

After watching this video; you will be able to describe best practices for evidence collection and handling.
Facility Security Considerations

After watching this video; you will be able to identify considerations when planning facility security for an organization.
Fire Issues

After watching this video; you will be able to identify best practices for preventing; detecting; and suppressing fires and fire-related security risks and damage.
Full-interruption Testing

After watching this video; you will be able to identify best practices for performing full-interruption testing of a recovery plan.
Government Classification Levels

After watching this video; you will be able to distinguish between the five typical government/military classification levels.
Hardware Asset Retention

After watching this video; you will be able to identify best practices to appropriately retain hardware assets.
Honeypots and Honeynets

After watching this video; you will be able to identify best practices for using honeypots and honeynets as a preventative measure.
Identifying Threats and Vulnerabilities

After watching this video; you will be able to identify security threats and vulnerabilities.
Identifying Threats Through Threat Modeling

After watching this video; you will be able to identify threats using threat modeling techniques.
Identity Access Lifecycle

After watching this video; you will be able to describe the identity access lifecycle.
Identity Access Regulatory Considerations

After watching this video; you will be able to describe regulatory considerations for identity and access control systems.
Identity and Access Management Best Practice

After watching this video; you will be able to identify best practice for identity and access management.
Identity Management Implementation

After watching this video; you will be able to identify implementations of identity management.
Identity Providers

After watching this video; you will be able to identify on-premises identity providers.
Identity Registration and Proofing

After watching this video; you will be able to describe systems for registering identity and assuring identity with a level of certainty.
Implementing a Classification Scheme

After watching this video; you will be able to identify the seven phases of implementing a classification scheme.
Implementing ISCM

After watching this video; you will be able to implement an Information Systems Continuous Monitoring strategy.
Implementing Risk Countermeasures and Controls

After watching this video; you will be able to implement risk countermeasures and controls.
Import/Export Controls

After watching this video; you will be able to identify characteristics of import and export controls that pertain to information security.
Incident Detection

After watching this video; you will be able to identify best practices for incident detection.
Incident Recovery

After watching this video; you will be able to identify best practices for incident recovery.
Incident Remediation and Lessons Learned

After watching this video; you will be able to identify best practices for incident remediation.
Incident Reporting

After watching this video; you will be able to identify best practices for incident reporting.
Incident Response and Mitigation

After watching this video; you will be able to identify best practices for incident response and mitigation.
Industrial Control Systems Vulnerabilities

After watching this video; you will be able to identify best practices for assessing and mitigating industrial control systems vulnerabilities.
Information Lifecycle and Security Operations

After watching this video; you will be able to describe the role of the information lifecycle in security operations.
Integrated Product Team

After watching this video; you will be able to describe the purpose and best practices of IPTs and their role in secure software development.
Integrity Security Models

After watching this video; you will be able to identify characteristics of integrity security models.
Interface Testing

After watching this video; you will be able to use interface testing as a security control testing technique.
Internal Audits

After watching this video; you will be able to identify best practices for performing internal audits.
Internal Security Controls

After watching this video; you will be able to identify appropriate internal security measures.
Intrusion Detection and Prevention Systems

After watching this video; you will be able to distinguish between different intrusion detection and prevention systems.
Investigation Reporting and Documenting

After watching this video; you will be able to describe best practices for reporting and documenting investigation activities.
Investigative Techniques

After watching this video; you will be able to distinguish between different investigative techniques.
IP Networks

After watching this video; you will be able to describe the IP protocol.
Job Rotation

After watching this video; you will be able to describe best practices for using job rotation in security operations.
Key Management Practices

After watching this video; you will be able to identify best practices for key management.
Key Performance and Risk Indicators

After watching this video; you will be able to use key performance and risk indicators data for security assessment and testing.
Large-Scale Parallel Data Systems Vulnerabilities

After watching this video; you will be able to identify best practices for assessing and mitigating large-scale parallel data systems vulnerabilities.
Legislative and Regulatory Compliance

After watching this video; you will be able to apply legislative and regulatory compliance requirements to information system security practices.
Leveraging Existing Components

After watching this video; you will be able to apply the secure design principle of leveraging existing components when implementing and managing engineering processes.
Licensing and Intellectual Property

After watching this video; you will be able to identify characteristics of licensing and intellectual property that pertain to information security.
Log Reviews

After watching this video; you will be able to use log reviews as part of security control testing.
Malicious Code Attacks

After watching this video; you will be able to describe the use of malicious code or malware in access control attacks.
Marking and Labeling Media

After watching this video; you will be able to establish best practices for marking and labeling media.
Maturity Models

After watching this video; you will be able to identify characteristics of capability maturity models and their role in software development lifecycle security.
Measuring and Monitoring Risk

After watching this video; you will be able to identify best practices for measuring and monitoring risk.
Media Asset Retention

After watching this video; you will be able to identify best practices to appropriately retain media assets.
Memory and Virtualization

After watching this video; you will be able to distinguish between memory protection and virtualization security capabilities within information systems.
Minimum Security Requirements

After watching this video; you will be able to identify best practices when establishing minimum security requirements for acquisition activities.
Misuse Case Testing

After watching this video; you will be able to use misuse case testing as a security control testing technique.
Mitigating Access Control Attacks

After watching this video; you will be able to describe mitigation strategies for access control attacks.
Monitoring and Privacy Policies

After watching this video; you will be able to identify best practices for incorporating monitoring and privacy considerations in security policies.
Monitoring Special Privileges

After watching this video; you will be able to describe best practices for monitoring special privileges in security operations.
Multilayer Protocols

After watching this video; you will be able to describe common protocols and their layer in the relevant models.
Multi-level Security Models

After watching this video; you will be able to identify characteristics of multi-level security models.
Multimedia Collaboration

After watching this video; you will be able to identify options for securing multimedia channels in the network.
Multiple Processing Sites

After watching this video; you will be able to identify characteristics of multiple processing sites.
Network Access Control Devices

After watching this video; you will be able to describe network access control and the components of a NAC system.
Network Models

After watching this video; you will be able to describe the TCP/IP and the OSI network models.
Network Security and Vulnerability Management

After watching this video; you will be able to describe network security management techniques.
Nonrepudiation

After watching this video; you will be able to identify the role of nonrepudiation when applying cryptography.
Operational Investigation Requirements

After watching this video; you will be able to identify requirements for operational investigations.
Organizational Code of Ethics

After watching this video; you will be able to identify best practices for compliance with organizational code of ethics.
Outsourcing Considerations

After watching this video; you will be able to identify best practices for ensuring risk considerations are applied when outsourcing hardware; software and services.
Overview of Change Management in Security Operations

After watching this video; you will be able to identify the role of change management in security operations.
Overview of Cryptography

After watching this video; you will be able to describe cryptography features and history.
Overview of Disaster Recovery

After watching this video; you will be able to identify the role of disaster recovery in security operations.
Overview of Patch and Vulnerability Management

After watching this video; you will be able to identify the role of patch and vulnerability management in security operations.
Parallel Testing

After watching this video; you will be able to identify best practices for performing a parallel test of a recovery plan.
Patch Installation and Deployment

After watching this video; you will be able to describe best practices for patch installation and deployment.
Patch Management Audit and Assessment

After watching this video; you will be able to describe best practices for auditing and assessing patch management activities.
Patch Management Consistency and Compliance

After watching this video; you will be able to describe best practices for ensuring patch management consistency and compliance.
Patch Prioritization and Scheduling

After watching this video; you will be able to describe best practices for patch prioritization and scheduling activities.
Patch Testing

After watching this video; you will be able to describe best practices for patch testing activities.
Penetration Testing

After watching this video; you will be able to use penetration testing as a method for conducting security control testing.
Performing Reduction Analysis

After watching this video; you will be able to identify best practices when performing a reduction analysis.
Perimeter Security Controls

After watching this video; you will be able to identify appropriate perimeter security controls.
Personnel Asset Retention

After watching this video; you will be able to identify best practices to appropriately retain personnel assets.
Personnel Security Compliance Policies

After watching this video; you will be able to identify best practices for establishing personnel security compliance policies.
Personnel Security Privacy Policies

After watching this video; you will be able to identify best practices for implementing personnel security policies.
Physical Protection Programs

After watching this video; you will be able to describe the role of physical protection programs in operational security.
Privacy Requirements Compliance

After watching this video; you will be able to apply privacy requirement compliance in information system security practices.
Provisioning Access

After watching this video; you will be able to describe the identity access lifecycle provisioning stage.
Recovery Plan Read-through

After watching this video; you will be able to identify best practices when performing a recovery plan read-through.
Recovery Plan Walkthrough

After watching this video; you will be able to identify best practices for performing recovery plan walkthroughs.
Recovery Site Strategies

After watching this video; you will be able to distinguish between recovery site options.
Regulatory Investigation Requirements

After watching this video; you will be able to identify requirements for regulatory investigations.
Remediating Threats Using Technologies

After watching this video; you will be able to distinguish between different technologies and processes that can be used to remediate threats.
Remote Access and Connections

After watching this video; you will be able to describe remote access options and security considerations for the network.
Remote Management and User Technologies

After watching this video; you will be able to identify remote management and users technologies used in network environments.
Reporting Test Outputs

After watching this video; you will be able to identify best practices for reporting security assessment and testing results.
Resource Security through Configuration Management

After watching this video; you will be able to identify best practices for using configuration management as a technique to secure resources.
Restricted and Work Area Security

After watching this video; you will be able to identify best practices for securing restricted work areas.
Reviewing IS Training Information for Relevancy

After watching this video; you will be able to identify best practices for conducting periodic reviews for content relevancy.
Revoking Access

After watching this video; you will be able to describe the identity access lifecycle revoking access stage.
Risk Control Types

After watching this video; you will be able to distinguish between preventive; detective; and corrective risk control types.
Rule-based Access Control

After watching this video; you will be able to describe the functioning of rule-based access control systems.
Sandboxing

After watching this video; you will be able to identify best practices for using sandboxing as a preventative measure.
Scoping and Tailoring

After watching this video; you will be able to use scoping and tailoring to determine appropriate security controls.
Securing Applications

After watching this video; you will be able to identify best practices for securing applications.
Securing Asset Inventory

After watching this video; you will be able to identify best practices for securing asset inventory.
Securing Cloud Assets

After watching this video; you will be able to describe best practices for securing cloud assets.
Securing Networks and Hardware

After watching this video; you will be able to describe security of networks and hardware network design security considerations.
Securing Physical Assets

After watching this video; you will be able to describe best practices for securing physical assets.
Securing Virtual Assets

After watching this video; you will be able to describe best practices for securing virtual assets.
Security and Patch Information Sources

After watching this video; you will be able to identify best practices for vetting information required for patch and vulnerability management activities.
Security Controls and Metrics

After watching this video; you will be able to define security controls and metrics as part of a risk management framework.
Security Impact Analysis

After watching this video; you will be able to describe the role of a security impact analysis in change management.
Security in Iterative Development Methodologies

After watching this video; you will be able to describe characteristics of iterative development methodologies and their role in software development security.
Security in Non-iterative Development Methodologies

After watching this video; you will be able to describe characteristics of non-iterative development methodologies and their role in software development security.
Security Information and Event Management

After watching this video; you will be able to describe characteristics of SIEM.
Security Investigations Overview

After watching this video; you will be able to identify characteristics of security investigations.
Security Procedures

After watching this video; you will be able to identify best practices for developing and implementing documented security procedures.
Security Professional Role and Responsibilities

After watching this video; you will be able to identify the role of security professionals in asset security.
Security Standards and Guidelines

After watching this video; you will be able to identify best practices for developing and implementing documented security standards and guidelines.
Security Threats

After watching this video; you will be able to identify categories of threats that organizations face.
Selecting Controls and Countermeasures

After watching this video; you will be able to identify best practices for selecting controls and countermeasures based on security evaluation models.
Selecting Countermeasures

After watching this video; you will be able to select risk countermeasures.
Senior Manager Role and Responsibilities

After watching this video; you will be able to identify the role of senior managers in asset security.
Service-level Agreements in Security Operations

After watching this video; you will be able to describe the role of service-level agreements in security operations.
Service-level Requirements

After watching this video; you will be able to use an SLA to define appropriate service-level requirements.
Site and Facility Planning Considerations

After watching this video; you will be able to identify site and facility design considerations.
Site and Facility Security Assessments

After watching this video; you will be able to identify elements of site and facility security assessments.
Social Engineering Attacks

After watching this video; you will be able to describe social engineering attacks related to access control.
Software Assurance Best Practices

After watching this video; you will be able to identify the general questions that should be answered as part of an effective software assurance policy.
Software Assurance Phases

After watching this video; you will be able to distinguish between the three major phases of SwA.
Software Development Lifecycle Operations Security

After watching this video; you will be able to identify secure operations and maintenance best practices during the software development lifecycle.
Software Environment Security

After watching this video; you will be able to distinguish between security controls and best practices for the software environment.
Software Security Acceptance Testing

After watching this video; you will be able to describe acceptance testing best practices when assessing the effectiveness of software security.
Software Security Risk Analysis and Mitigation

After watching this video; you will be able to describe risk analysis and mitigation best practices when assessing the effectiveness of software security.
Source-code Level Security Vulnerabilities

After watching this video; you will be able to identify source-code level security vulnerabilities and methods to mitigate risk from them.
Spoofing and Vulnerability Attacks

After watching this video; you will be able to describe spoofing and vulnerability attacks and identify mitigation strategies.
Standards Selection

After watching this video; you will be able to use standards selection to determine appropriate security controls.
Storing Media

After watching this video; you will be able to establish best practices for storing media.
Symmetric Cryptography

After watching this video; you will be able to identify characteristics of symmetric cryptography.
Synthetic Transactions

After watching this video; you will be able to use synthetic transactions as a security control testing technique.
System Resilience and Fault Tolerance Requirements

After watching this video; you will be able to identify best practices for ensuring system resilience and fault tolerance.
Systems Security Evaluation Models

After watching this video; you will be able to distinguish between security evaluation models.
Test Coverage Analysis

After watching this video; you will be able to perform test coverage analysis as part of security control testing.
The (ISC)² Code of Professional Ethics

After watching this video; you will be able to follow the (ISC)2 Code of Professional Ethics.
The Change Management Process

After watching this video; you will be able to distinguish between the different phases of a change management process.
The EMO Management Team

After watching this video; you will be able to identify the key responsibilities of the EMO management team.
The Project Scope and Plan

After watching this video; you will be able to develop and document a project scope and plan.
The Systems Development Life Cycle

After watching this video; you will be able to distinguish between the basic phases of the SDLC.
Third-Party Assessment and Monitoring

After watching this video; you will be able to recognize third-party assessment and monitoring techniques for risk mitigation.
Third-party Audits

After watching this video; you will be able to identify best practices for performing third-party audits.
Third-Party Security Services

After watching this video; you will be able to identify best practices for using third-party security services as a preventative measure.
Trans-border Data Flow

After watching this video; you will be able to identify characteristics of trans-border data flow issues that pertain to information security.
Travel Security Policies

After watching this video; you will be able to identify travel security best practices to incorporate in security policies.
Trusted Platform Module (TPM)

After watching this video; you will be able to identify characteristics of TPM as a security capability within information systems.
Unauthorized Physical Access Attacks

After watching this video; you will be able to describe unauthorized physical access attacks.
User Accountability and Session Management

After watching this video; you will be able to identify areas of accountability with respect to authentication; including session management tasks; such as locking workstations and setting screensaver timeouts.
User Role and Responsibilities

After watching this video; you will be able to identify the role of user in asset security.
Using Asset Management for Resource Protection

After watching this video; you will be able to use hardware and software asset management as a resource protection technique.
Using Firewalls as a Preventative Measure

After watching this video; you will be able to describe best practices for operating and maintaining firewalls as a preventative measure.
Using Media Management for Resource Protection

After watching this video; you will be able to use media management as a resource protection technique.
Using Organizational Processes

After watching this video; you will be able to use organizational processes as a method to apply security governance principles.
Using Security Roles and Responsibilities

After watching this video; you will be able to use security roles and responsibilities as a method to apply security governance principles.
Utilities and HVAC Considerations

After watching this video; you will be able to identify best practices for safely and securely integrating utilities and HVAC systems in the physical environment.
Validating Assessment and Test Strategies

After watching this video; you will be able to identify best practices when validating assessment and test strategies.
Valuating Assets

After watching this video; you will be able to specify the purpose of valuating assets.
Vendor; Consultant; and Contractor Controls

After watching this video; you will be able to identify best security control practices when partnering with vendors; consultants; and contractors.
Versioning and Baselining

After watching this video; you will be able to describe the role of versioning and baselining in change management.
Voice

After watching this video; you will be able to describe security options for voice channel in converged and non-converged networks.
Vulnerability Assessment

After watching this video; you will be able to perform a vulnerability assessment.
Vulnerability Management Systems

After watching this video; you will be able to select appropriate vulnerability management systems.
Whitelisting and Blacklisting

After watching this video; you will be able to identify best practices for using whitelisting and blacklisting as a preventative measure.
Wireless Networks

After watching this video; you will be able to describe wireless networking and the options for securing wireless networks.
Active Directory

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how the Active Directory trust model can be used to help create a secure network environment.
ActiveX

In this video; Dan LaChance discusses how ActiveX issues can affect network security in CompTIA CASP CAS-002.
Advanced Authentication

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how advanced authentication can help in creating a secure network environment.
Advanced Authorization

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how advanced authorization is used to help create a secure network environment.
Advanced Configuration of Network Devices

The CompTIA CASP CAS-002 exam covers common advanced security configuration settings; and security features provided by network devices. In this video; Glen Clarke provides discusses security features; such as transport security; trunk security; route protection; security features on switches and routers; and wireless access points and port forwarding.
Assessment; Sandboxing; and Debugging

In this video; Steven Crawford explains some testing methods that can be used to secure your network.
Asset Control & Data Ownership and Handling

In this video; Glen E. Clarke discusses how asset control; data ownership; and data handling contribute to incident response and recovery procedures.
Attestation and Identity Propagation

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how attestation and identity propagation can help in creating a secure network environment.
Auditing and Continuous Monitoring

It is critical that your security policy contains additional policies related to the level of monitoring and auditing that should occur within the organization. In this video; Glen E. Clarke discusses auditing and continuous monitoring policies.
Baselining of Networking and Security Components

When preparing for the CompTIA CASP CAS-002 examination; you will be expected to know the importance of baselining and monitoring a system; in order to ensure high availability and redundancy. In this video; Glen Clarke demonstrates baselining of networking and security components.
Benchmarks and Baselines

In this video; Steven Crawford explains how to use network traffic analysis to create benchmarks to monitor and improve network security.
Best Practices & New Technologies for Security Systems

In this video; Steven Crawford discusses policy-based; technology-based; and research-based best practices for securing systems.
BIOS and Unified Extensible Firmware Interface

In this video; Glen E. Clarke introduces the Unified Extensible Firmware Interface (UEFI).
Black Box; White Box; and Gray Box Testing

In this video; Steven Crawford discusses the different methods of penetration testing.
Building Automation; Physical; and Industrial Controls

The CompTIA CASP CAS-002 exam covers physical security features; such as Building Automation System (BAS); physical access controls; and industrial controls. These are key components of a highly secure environment. In this video; Glen Clarke discusses the features of these controls; and provides examples of how they may best be used to provide additional security measures.
Business Continuity Planning

In preparing for the CompTIA CASP CAS-002 certification; you need to perform business continuity planning; which consists of six phases. In this video; Glen E. Clarke demonstrates the need for business continuity planning and he explains the each of the phases that are involved in the recovery of a business after a disaster.
Chain of Custody

After watching this video; you will be able to describe characteristics and best practices of chain of custody during forensic investigation activities.
Chain of Trust and Root of Trust

Root of trust and chain of trust are important concepts in the world of modern network security. In this video; Steven Crawford discusses the modern network security concepts of chain of trust and root of trust.
Change Management; Operations; and Maintenance

In this video; Dan LaChance discusses how change management; operations; and maintenance are used to secure network environments in CompTIA CASP CAS-002.
CIA Aggregate Scores

In preparing for the CompTIA CASP CAS-002 exam; you need to understand how to analyze confidentiality; integrity; and availability (CIA) aggregate scores. CIA aggregate scores help identify the value and associated type of security controls to be placed on assets. In this video; Glen E. Clarke demonstrates how to interpret CIA aggregate scores for security purposes.
CIA Decisions; Requirements; and Policies

The CompTIA CASP CAS-002 exam covers how to execute risk management strategies and controls. Confidentiality; integrity; and availability (CIA) decisions; requirements and policies are a key aspect of this. CIA is the foundation of security and maintaining CIA is the ultimate goal of information security. In this video; Glen E. Clarke discusses CIA implementation and the controls to facilitate CIA.
Clickjacking

Click jacking occurs when an attacker overlays content over a valid webpage invoking completely different code. In this video; Dan la Chance discusses how click jacking can compromise network security in CompTIA CASP CAS-002.
Client-Side Attacks; Vulnerabilities; and Threats

In this video; Steven Crawford explains how complex network security solutions for data flow are used to secure network environments in CompTIA CASP CAS-002.
Client-Side Processing vs. Server-Side Processing

In this video; Dan LaChance discusses how client-side processing affects network security in comparison to server-side processing in CompTIA CASP CAS-002.
Cloud and Virtualization Considerations and Options

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how cloud and virtualized environments affect network security.
Cloud Managed Networks

In preparing for the CompTIA CASP CAS-002 exam; you need to know about cloud-managed networks and the benefits they have to offer. This includes low cost; high availability; scalability; and low maintenance. In this video; Glen Clarke discusses cloud managed networks and their advantages.
Code Signing and Digital Signatures

Cryptography is used to secure messages and hide information from those who would seek to steal it. It endorses unique concepts and techniques to manage security implications associated with enterprise storage. In this video; Steven Crawford defines code signing and digital signatures.
Collaboration and Guidance

In this video; Dan LaChance discusses how different business units must collaborate and use security guidance in CompTIA CASP CAS-002.
Collaboration Sites

In this video; Dan LaChance discusses the need for security when working with collaboration sites in CompTIA CASP CAS-002.
Command Shell Restrictions

A restricted shell is one in which certain commands that would otherwise be available are disabled. In this video; Glen E. Clarke explains how command shell restrictions are used to secure network environments in CompTIA CASP CAS-002.
Commissioning; Reuse; and Disposal

In this video; Dan LaChance discusses how commissioning; reuse; and disposal affect network security in CompTIA CASP CAS-002.
Complex Network Security Solutions for Data Flow

The CompTIA CASP CAS-002 exam covers complex network security solutions for data flow. This includes two common traffic analysis techniques – SSL Inspection and Network Flow Data. In this video; Glen Clarke discusses the SSL Inspection and Network Flow Data techniques.
Computer Emergency Response Team

In this video; Steven Crawford discusses the roles; responsibilities; and reporting requirements of Computer Emergency Response Teams (CERTs).
Conferencing and Messaging Solutions

In this video; Dan LaChance discusses how conferencing and messaging solutions are used to secure network environments in CompTIA CASP CAS-002.
Continuity of Operation Plan

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Glen E. Clarke discusses the importance of having a Continuity of Operation Plan in place in the event that security incidents occur.
Continuous Improvement and Monitoring

When preparing for the CompTIA CASP CAS-002 certification; you need to be able to monitor; manage; and improve IT systems within an organization. In this video; Glen E. Clarke discusses the continuous improvement and continuous monitoring of an IT system within an organization.
Conventions; Threat Actors; & Threat Intelligence

In this video; Steven Crawford considers how conventions; threats actors; and threat intelligence are used to create network security in CompTIA CASP CAS-002.
CRM; ERP; and GRC

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how Customer Relationship Management (CRM); Enterprise Resource Planning (ERP); and Governance; Risk Management; and Compliance (GRC) are used to aid in creating a secure network environment.
Cross-Site Request Forgery

In this video; Dan LaChance explains how cross-site request forgery can compromise network security in CompTIA CASP CAS-002.
Cross-Site Scripting

Cross-site scripting is a very common application-layer web attack. In this video; Dan LaChance explains how cross-site scripting can compromise network security in CompTIA CASP CAS-002.
Cryptographic Applications Implementations and Key Escrow

With Key Escrow when you encrypt something with a secret key; you will store or place another copy of that key in Escrow. In the event that you lose your secret key; the data can be encrypted with the key that you have escrowed somewhere else. In this video; Steven Crawford discusses the implementation of cryptographic applications and Key Escrow.
Data Aggregation and Isolation

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how data aggregation and isolation are used to aid in securing a network environment.
Data Loss Prevention and Patch Management

In preparing for the CompTIA CASP CAS-002 exam; you need to implement Data Loss Prevention (DLP) solutions and patch management. DLP solutions are designed to prevent users from sending sensitive data outside an organization. Patch management ensures that systems are kept updated. In this video; Glen E. Clarke discusses the features and uses of these processes.
Data Recovery and Reconstitution

In this video; Glen E. Clarke discusses data recovery and reconstitution in data breach situations.
Data Retention; Legal Holds; and Data Recovery

It is important from both a functional and a legal perspective that organizational communications be secured and preserved. In this video; Glen E. Clarke explains how data retention; legal holds; and data recovery are used to help secure a network environment.
Data Warehousing and Archiving

Data warehousing is used to make large amounts of data available to users within an organization. In this video; Steven Crawford discusses data warehousing and data archiving.
Database Activity Monitor

The CompTIA CASP CAS-002 certification includes knowledge of the security components in a network. These include intrusion detection systems; such as the Database Activity Monitor (DAM); which is designed to monitor database activity. In this video; Glen Clarke demonstrates database activity monitors.
Database and Network Administrators

In this video; Dan LaChance discusses the role of database and network administrators in network security implementations in CompTIA CASP CAS-002.
Dedicated Interfaces and Out-of-Band NICs

In this video; Glen E. Clarke discusses how dedicated interfaces and out-of-band NICs are used to secure network environments in CompTIA CASP CAS-002.
Deduplication and Dynamic Disk Pools

Tiered storage is the hierarchy of storage categories for storing different types of data in different storage. In this video; Steven Crawford discusses tiered storage.
Desktop Sharing; Remote Assistance; and Presence

In this video; Dan LaChance discusses how desktop sharing; remote assistance; and presence affect network security in CompTIA CASP CAS-002.
Detection and Collection

In this video; Glen E. Clarke discusses detection and collection with e-discovery.
Device Tracking Technologies

In this video; Dan LaChance discusses how device tracking technologies are used when securing a network environment in CompTIA CASP CAS-002.
DNS; CMDB; and CMS

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how Domain Name System (DNS); Configuration Management Database (CMDB); and Content Management System (CMS) are used to aid in creating a secure network environment.
DRM; Watermarking; and GPG

Digital Rights Management or DRM helps to control the illegal duplication of software and digital content. The use of watermarking involves embedding information in digital files in the form of a label. GPG enables you to sign your data transmissions. In this video; Steven Crawford discusses the cryptographic techniques of DRM; watermarking; and GPG.
Encryption Types

When preparing for the CompTIA CASP CAS-002 exam; you need to know about the different types of encryption methods available. In this video; Dan LeChance demonstrates Full Disk Encryption using BitLocker and how to encrypt individual files using the Encrypted File System (EFS).
Endpoint Security Software

The CompTIA CASP CAS-002 exam covers a range of security controls; including endpoint security software. Endpoint security software is software placed at endpoints of a communication channel to secure them; thereby increasing the security posture of the whole network. In this video; Glen E. Clarke discusses the use of endpoint security software and provides several examples.
End-User Cloud Storage and Business Integration

In this video; Steven Crawford discusses how end-user cloud storage and business integration can affect network security
Entropy; Diffusion; and Confusion

Cryptography is used to secure messages and hide information from those who would seek to steal it. It endorses unique concepts and techniques to manage security implications associated with enterprise storage. In this video; Steven Crawford defines Entropy; Diffusion; and Confusion.
Error & Exception Handling and Privilege Escalation

Proper error and exception handling routines are essential to organizational security. In this video; Dan LaChance explains how error and exception handling; along with privilege escalation; are issues that must be dealt with in network security in CompTIA CASP CAS-002.
ESB; SOA; and Directory Services

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how enterprise application integration enablers help to secure a network environment.
Existing Security Controls

In this video; Steven Crawford discusses the methods to evaluate existing security controls.
Exploitation Tools

In this video; Steven Crawford explains how exploitation tools can be used for penetration testing.
Extreme Planning and Worst Case Scenarios

The CompTIA CASP CAS-002 exam covers extreme planning and worst case scenarios in risk management planning. Considering worst case scenarios are essential for disaster planning and developing associated mitigation techniques. In this video; Glen E. Clarke discusses how extreme planning should be approached.
Facilities and Physical Security Managers

In this video; Dan LaChance discusses the role of facilities and physical security managers in network security implementations in CompTIA CASP CAS-002.
Federation

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how federation can help in creating a secure network environment.
Forensic Analysis of a Compromised System

In this video; Glen E. Clarke discusses forensic analysis of a compromised system.
Fuzzing and Fault Injection

Fuzzing is a very important part of the system development life cycle. In this video; Dan LaChance explains how fuzzing and fault injection are issues that must be dealt with in network security in CompTIA CASP CAS-002.
Hash Matching in Cloud Environments

In this video; Glen E. Clarke discusses the benefits of cloud-based hashing.
Host Based Firewalls and Log Monitoring

The CompTIA CASP CAS-002 exam covers how to select and troubleshoot security controls for hosts; including host-based firewalls and log monitoring. Host-based firewalls control communication to a specific system; while log monitoring systems collect and analyze data as well as notifying users of suspicious activity. In this video; Glen E. Clarke discusses how these can be used to improve security.
HTML5

In this video; Dan LaChance discusses how HTML5 issues can affect network security in CompTIA CASP CAS-002.
Human Resources and Emergency Response

In this video; Dan LaChance discusses the role of human resources and emergency response in network security implementations in CompTIA CASP CAS-002.
HVAC Controllers and Sensors

The CompTIA CASP CAS-002 certification covers the Heating; Ventilation and Air Conditioning (HVAC) system which is vital in preventing assets overheating. Proper temperature is key to maintaining the availability of information. In this video; Glen Clarke discusses the features of the HVAC system as well as how layout of server racks can influence temperature control.
IA; ISA; MOU; and SLA

In this video; Glen E. Clarke discusses the business documents that should be in place to support the security of your organization.
Impact of De-Perimeterization

The CompTIA CASP CAS-002 exam covers how constant changing network boundaries impact network security. In this video; Glen E. Clarke discusses network security considerations inherent to an environment where the network boundaries are constantly changing.
Implications of Cryptographic Methods and Design

Cryptography not only protects data being stolen or altered; it can also be used for user authentication. In this video; Steven Crawford explains the implications of cryptographic methods and design in CompTIA CASP CAS-002.
Incident Response and Forensic Tasks

In this video; Glen E. Clarke explains how to use user policies to create a secure network environment; specifically policies related to incident response and forensic tasks.
Industry-Accepted Application Security Frameworks

Application security frameworks alleviate the overhead associated with regular tasks performed in application security. In this video; Dan LaChance explains the benefits of accepted application security frameworks in CompTIA CASP CAS-002.
INE; SIEM; and HSM

When preparing for the CompTIA CASP CAS-002 exam; you need to know about security technologies that are used to create secure networks. In this video; Glen Clarke discusses the Inline Network Encryptor (INE) device; the Security Information and Event Management (SIEM) software; and the Hardware Security Modules (HSM) device.
Reconnaissance; Fingerprinting; and Social Engineering

In this video; Steven Crawford explains how penetration testing methods should be used to help secure network environments.
Strength vs. Performance vs. Feasibility to Implement vs. Interoperability

Cryptography is used to secure messages and hide information from those who would seek to steal it. It endorses unique concepts and techniques to manage security implications associated with enterprise storage. In this video; Steven Crawford defines strength vs. performance vs. feasibility to implement vs. interoperability.
System Specific Risk Analysis

When preparing for the CompTIA CASP CAS-002 certification; you need to understand system specific risk analysis. This involves identifying all assets; identifying the threats against those assets; prioritizing the threats; and finally developing mitigation plans for those threats. In this video; Glen E. Clarke demonstrates how to approach a system specific risk analysis.
System; Audit; and Review Logs

In this video; Glen E. Clarke discusses the importance of logging and auditing when performing incident response.
Telephony

In this video; Dan LaChance discusses how telephony must be secured in CompTIA CASP CAS-002.
Testing and Agile; Waterfall; and Spiral Methodologies

In this video; Dan LaChance discusses how testing and agile; waterfall; and spiral methodologies are used when securing a networked environment in CompTIA CASP CAS-002.
The CIA Triad and Non-Repudiation

Cryptography is used to secure messages and hide information from those who would seek to steal it. It endorses unique concepts and techniques to manage security implications associated with enterprise storage. In this video; Steven Crawford defines the CIA triad and non-repudiation.
The Virtual Desktop Infrastructure

In this video; Glen E. Clarke discusses the security challenges associated with Virtual Desktop Infrastructure.
Third Party Information Security

When preparing for the CompTIA CASP CAS-002 examination; you're expected to know about allowing third-party providers access to company data. In this video; Glen E. Clarke discusses security considerations when allowing third-party providers access to company data.
TPM; VTPM; and HSM

In this video; Glen E. Clarke explains how Hardware Security Modules and Trusted Platform Modules are used to secure network environments.
Training and Awareness and Employment Termination

The security policy should include specifications on how employees are hired and terminated and trained. In this video; Glen E. Clarke discusses training and awareness policies and employment policies.
Transport and Data at Rest Encryption

Cryptography is used to secure messages and hide information from those who would seek to steal it. It endorses unique concepts and techniques to manage security implications associated with enterprise storage. In this video; Steven Crawford defines how to use transport and data at rest encryption.
Transport Encryption

You can use transport encryption to ensure secure communication with remote systems. In this video; Glen E. Clarke discusses the concept of transport encryption and its advantages.
Trend Data and Cyber Defense

In this video; Steven Crawford explains how to use trend data analysis to anticipate the cyber defense aids you may need.
Trusted OS

In this video; Glen E. Clarke explains how and when a trusted OS configuration would be used to secure a networked environment in CompTIA CASP CAS-002.
Unified Threat Management

When preparing for the CompTIA CASP CAS-002 examination; you're expected to know about the security devices and technologies required for Unified Threat Management (UTM). In this video; Glen E. Clarke discusses the concept of UTM; its components; and how UTM can help to secure a network infrastructure.
Usability; Maintainability; Availability; and Recovery

In this video; Steven Crawford explains how the usability; maintainability; availability; and recoverability of security devices should be considered.
User Policies

In this video; Dan LeChance explains how to use user policies to create a secure network environment; specifically policies related to incident response and forensic tasks.
Virtual and Cloud Storage

In this video; Steven Crawford defines how virtual and cloud storage works in CompTIA CASP CAS-002.
VM Escape

In this video; Glen E. Clarke discusses virtual machine environment security requirements.
NAS; SAN; and vSAN

In CompTIA CASP CAS-002; you can use different storage devices like Network Attached Storage or NAS; Storage Area Network or SAN; and Virtual Storage Area Network or vSAN for various purposes. In this video; Steven Crawford discusses the NAS; SAN; and vSAN storage options.
Network Analysis Tools

In this video; Steven Crawford explains how network analysis tools are used to secure your environment.
Network Authentication Methods and 802.1x

The CompTIA CASP CAS-002 exam covers advanced levels of security. This includes network authentication and authentication protocols. In this video; Glen E. Clarke discusses the various methods of network authentication; such as passwords; PINs; and smartcards; and the types of authentication protocols which accompany these types.
Network Management and Monitoring Tools

The CompTIA CASP CAS-002 exam covers the use of network management and monitoring tools in securing network; as well as the types of activities you should monitor. In this video; Glen Clarke discusses the network management and monitoring tools.
Network Secure Segmentation and Delegation

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how network secure segmentation and delegation can affect network security.
Networking and Security Components

The CompTIA CASP CAS-002 exam covers how common security components can be used in conjunction to secure a network environment. In this video; Glen E. Clarke discusses how the security features of network switches; wireless controllers; routers; and proxy servers are used collectively to add to the security of an environment.
NIPS and NIDS

Network Intrusion Detection Systems; or NIDS; identify suspicious activities in a network or a system; Network Intrusion Prevention Systems; or NIPS; take corrective action to block that suspicious traffic. In this video; Glen E. Clarke discusses network security with NIPS and NIDS.
Object Tracking and Containment Technologies

In this video; Dan LaChance discusses how object tracking and containment technologies are used when securing a network environment in CompTIA CASP CAS-002.
OLA; NDA; and BPA

In this video; Glen E. Clarke discusses the three business documents that should be in place to support security in an organization.
Order of Volatility

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Glen E. Clarke describes how the Order of Volatility will allow you to recover from security incidents.
Over-the-Air Technologies

In this video; Dan LaChance discusses how over-the-air technologies can be secured in a network environment in CompTIA CASP CAS-002.
Passive Reconnaissance and Intelligence Gathering Tools

In this video; Steven Crawford explains how you can use passive intelligence gathering to make your system less vulnerable to attackers.
Performance; Latency; Scalability; and Capability

In this video; Steven Crawford explains how features of network security must meet the business needs of the enterprise.
Peripheral Restrictions

In this video; Dan LeChance explains how peripheral restrictions are used to secure network environments in CompTIA CASP CAS-002.
Policies; Processes; and Procedures for Change

In this video; Glen E. Clarke discusses the need to update policies and processes or procedures regularly.
Privacy Principles and PII

In this video; Glen E. Clarke discusses privacy principles and personally identifiable information.
Privilege Elevation and Data Remnants

In this video; Glen E. Clarke discusses privilege elevation and data remnants as challenges to network security.
Prototypes and Testing

In this video; Steven Crawford discusses how prototypes and testing are used to create network security in CompTIA CASP CAS-002.
Pseudo Number Generation and Perfect Forward Secrecy

Cryptography is used to secure messages and hide information from those who would seek to steal it. It endorses unique concepts and techniques to manage security implications associated with enterprise storage. In this video; Steven Crawford defines pseudo number generation and perfect forward secrecy.
RA; SOA; and BIA

In this video; Glen E. Clarke discusses the business documents that should be in place in an organization to support its security goals.
Race Conditions; Resource Exhaustion; and Geo-Tagging

In this video; Dan LaChance discusses how race conditions; resource exhaustion; and geo-tagging can affect network security in CompTIA CASP CAS-002.
RADIUS

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes the Remote Authentication Dial In User Service (RADIUS) trust model and how it can be used to help create a secure network environment.
Remote Desktop Protocol and Virtual Network Computing

Remote connection software allows you to access a system from the internet and remotely administer the computer. In this video; Glen E. Clarke discusses the use of Remote Desktop Protocol or RDP and Virtual Network Computing or VNC remote connections software.
Remote Desktop Services and App-V

In this video; Glen E. Clarke discusses security features that address challenges associated with two Windows remote technologies: Remote Desktop Services (RDS) and App-V.
Resources Provisioning and De-Provisioning

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how provisioning and de-provisioning of resources affect network security.
Response and Disclosure

When a data breach occurs; it is essential that the response be swift and efficient; and then the breach must be disclosed. In this video; Glen E. Clarke discusses response and disclosure in data breach situations.
Return on Investment and Total Cost of Ownership

The CompTIA CASP CAS-200 certification covers the use of metrics to assess organizational risk as part of assessing the advanced level security skills and knowledge of IT practitioners. In this video; Glen E. Clarke demonstrates how to use two metrics to analyze risk: Return on Investment (ROI) and Total Cost of Ownership (TCO).
Reverse Engineering Solutions

In this video; Steven Crawford explains how to deconstruct existing security solutions to improve enterprise security.
RFPs; RFQs; FRIs; and Agreements

Clear and precise documentation is crucial to secure application development. In this video; Steven Crawford; discusses the role RFPs; RFQs; FRIs; and agreements that play in network security in CompTIA CASP CAS-002.
Risk Appetite Strategies

In preparing for the CompTIA CASP CAS-200 certification; you need to perform a risk analysis and interpret the results successfully. In this video; Glen E. Clarke discusses how to handle potential risks to assets if risks have been identified within an organization.
Risk Management Processes

When preparing for the CompTIA CASP CAS-002 examination; you're expected to understand the internal and external influences that could impact the security of a business. In this video; Glen E. Clarke discusses some of the key internal and external influences that could affect an organization's security.
Sales Staff and Programmers

In this video; Dan LaChance discusses the role of sales staff and programmers in network security implementations in CompTIA CASP CAS-002.
Sandboxing and Content Filtering in Cloud Environments

In this video; Glen E. Clarke discusses some cloud-based security features.
SCADA and Industrial Control Systems

The CompTIA CASP CAS-002 certification covers the Supervisory Control and Data Acquisition (SCADA) system which is a system that communicates with other systems for monitoring purposes of remote equipment. SCADA is one type of Industrial Control System (ICS). In this video; Glen Clarke discusses the features of SCADA and where it's typically used.
Secure Boot and Measured Launch

In this video; Glen E. Clarke discusses ways of securing the boot environment.
Secure Coding Standards

In this video; Dan LaChance explains secure coding standards and how they can be used to increase network security in CompTIA CASP CAS-002.
Secure Data Flows to Meet Changing Business Needs

In this video; Dan LaChance explains how secure data flows can be used to meet changing business needs in CompTIA CASP CAS-002.
Secure Infrastructure Design

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how a secure infrastructure design is used when creating network security plans.
Secure Use of On-demand Cloud Computing

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes secure on-demand cloud computing.
Securing Virtual Environments

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes securing virtual environments.
Securing Virtualized Servers

In this video; Dan LeChance discusses securing virtualized servers in network environments in CompTIA CASP CAS-002.
Security Concerns of Integrating Diverse Industries

When preparing for the CompTIA CASP CAS-002; you need to interpret business and industry influences and understand associated security risks; such as the security concerns of integrating industries. As different industries have different functionalities and security focuses; when integrating it is essential to ensure rules and policies are merged. In this video; Glen E. Clarke discusses the security issues around this.
Security Group Policy Implementations

In this video; Glen E. Clarke reviews how security group policy implementations are used to secure network environments in CompTIA CASP CAS-002.
Security Requirements Traceability Matrix

In this video; Dan LaChance discusses how to use the Security Requirements Traceability Matrix in CompTIA CASP CAS-002.
Session Management and Input Validation

In this video; Dan LaChance discusses how session management and input validation can be used to ensure network security in CompTIA CASP CAS-002.
Software-Defined Network

The CompTIA CASP CAS-002 certification covers software-defined networking. You need to be familiar with the Control plane and the Data plane; and how these components communicate using the OpenFlow protocol. In this video; Glen Clarke discusses software-defined networking.
SQL Injection

SQL injection attacks can destroy databases. In this video; Dan LaChance explains how SQL injections compromise network security in CompTIA CASP CAS-002.
SSL; SSH; S/MIME

Secure Socket Layer; Secure Shell; and Secure MIME are important protocols in the world of Internet security. In this video; Steven Crawford discusses SSL; SSH; and S/MIME protocols.
Standard Operating Environment Configuration Baselines

In this video; Glen E. Clarke explains how Standard Operating Environment configuration baselines are used to secure network environments in CompTIA CASP CAS-002.
Standards

After watching this video; you will be able to distinguish between testing standards for software quality assurance.
Steganography

Cryptography is used to secure messages and hide information from those who would seek to steal it. It endorses unique concepts and techniques to manage security implications associated with enterprise storage. In this video; Steven Crawford defines steganography.
Storage Integration

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how storage integration can be used to aid in securing a network environment.
Storage of Sensitive Data

In this video; Dan LaChance explains the importance of proper storage of sensitive data in network environments in CompTIA CASP CAS-002.
Vulnerabilities Associated with Virtual Machines

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how the vulnerabilities associated with virtual machines (VMs) will affect network security.
Web and NextGen Firewalls

Preparing for the CompTIA CASP CAS-002 exam; you need to know about the application and protocol-aware technologies that are leveraged in networking environments. In this video; Glen Clarke discusses the Web Application Firewall (WAF); NextGen firewall; and Passive Vulnerability Scanner technologies.
Web Application Security Design Considerations

In this video; Dan LaChance discusses how web application security design is used to secure network environments in CompTIA CASP CAS-002.
Web Services Security

In this video; Dan LaChance discusses how web services security affects network security in CompTIA CASP CAS-002.
Wild Cards; OCSP; and CRL

In this video; Steven Crawford discusses wild cards; OCSP; and CRL in CompTIA CASP CAS-002.
Zero Day Mitigation and Emergent Threats

In this video; Steven Crawford; discusses how zero-day and emergent threats can affect network security
Information Classification

The CompTIA CASP CAS-002 certification assesses your ability to execute risk mitigation planning; strategies and control; including information classification. Information classification is used to place value on types of information so that appropriate protection mechanisms can be assigned. The two major types of classification are governmental and commercial. In this video; Glen E. Clarke discusses information classification techniques and their uses.
Insecure Direct Object References

In this video; Dan LaChance explains how insecure direct object references can compromise network security in CompTIA CASP CAS-002.
Integrity Measurement Architecture

In this video; Glen E. Clarke discusses how IMA contributes to securing network environments.
Internal and External Influences

When preparing for the CompTIA CASP CAS-002 examination; you're expected to understand the internal and external influences that could impact the security of a business. In this video; Glen E. Clarke discusses some of the key internal and external influences that could affect an organization's security.
Internal and External Violations

When security incidents occur; part of providing an appropriate level of analysis is considering the impact of internal and external violations on network security. In this video; Glen E. Clarke discusses how internal and external violations affect network security.
Interoperability Issues

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how interoperability issues affect network security.
IP Video and A/V Controls

When preparing for the CompTIA CASP CAS-002 examination; you're expected to know that networking environments may have IP video equipment and Audio/Visual (A/V) controls connected to them. In this video; Glen Clarke discusses the different types of video equipment available for connection to the network; and the features of each.
IPv6 and Associated Transitional Technologies

In preparation for the CompTIA CASP CAS-002 examination; you should understand the reasons for IPv6 replacing IPv4 and the functioning of IPv6. In this video; Glen Clarke uses discusses the reasons for the transition from IPv4 to IPv6 and highlights ways to make IPv6 addresses more efficient.
iSCSI and FCoE

Internet Small Computer System Interface or iSCSI is a networking standard that is used to connect remote data storage locations. In this video; Steven Crawford discusses iSCSI and Fiber Channel over Ethernet; or FCoE.
Issuance and Object Support

Cryptography is used to secure messages and hide information from those who would seek to steal it. It endorses unique concepts and techniques to manage security implications associated with enterprise storage. In this video; Steven Crawford defines issuance; key escrow; and object support.
IT Governance

When preparing for the CompTIA CASP CAS-002 certification; you need to apply IT governance as part of your advanced level security skills. In this video; Glen E. Clarke discusses the role of IT dovernance when securing information within an organization.
Java Applets

Although they have the ability to run cross platform; java applets have a number of security issues. In this video; Dan LaChance discusses how Java applet issues can affect network security in CompTIA CASP CAS-002.
JavaScript and State Management

In this video; Dan LaChance discusses how JavaScript and state management can affect network security in CompTIA CASP CAS-002.
Judgment Calls

In this video; Steven Crawford discusses how security professionals can improve their ability to make good judgment calls.
Key Stretching and Hashing

In this video; Steven Crawford discusses key stretching and hashing in CompTIA CASP CAS-002.
Legal Compliance and Advocacy

In this video; Glen E. Clarke discusses legal compliance when creating and managing security policies.
Lessons Learned and After-Action Reports

In this video; Steven Crawford discusses the value of after-action reports for enhancing enterprise security.
Lightweight Direct Access Protocol

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how the Lightweight Direct Access Protocol (LDAP) trust model can be used to help create a secure network environment.
Likelihood of Threat

In preparing for the CompTIA CASP CAS-002 exam; you need to understand how to perform a threat assessment. In this video; Glen E. Clarke discusses the process of identifying the likelihood of a threat on the assets of an organization.
Live VM Migration

In this video; Glen E. Clarke discusses the security challenges presented by live VM migration.
Logical and Physical Deployment Diagrams

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how logical and physical deployment diagrams are used to create secure network environments.
LUN Masking and HBA Allocation

RAID is a data storage concept that involves a group of disks working as one disk for fault tolerance and better performance. In this video; Steven Crawford explains how to use RAID striping and mirroring.
Magnitude of Impact

The CompTIA CASP CAS-002 exam covers an advanced level security skills and knowledge of IT practitioners. In this video; Glen E. Clarke discusses the process of identifying the magnitude of impact a threat can have on IT assets within an organization and explores the formulas that are used to perform a Quantitative Risk Analysis.
Management and Data Interfaces

In this video; Glen E. Clarke discusses the use of ACLs; VLANs; and authentication servers in providing additional security for network device management in CompTIA CASP CAS-002.
Management and Finance

In this video; Dan LaChance discusses the role of management and finance in network security implementations in CompTIA CASP CAS-002.
Memory Leaks & Buffer and Integer Overflows

In this video; Dan LaChance discusses how memory leaks; buffer overflows; and integer overflows can damage network security in CompTIA CASP CAS-002.
Mergers; Acquisitions; and Divestitures

The CompTIA Advanced Security Practitioner (CASP) certification designates IT professionals with advanced-level security skills and knowledge. In this video; Dan LaChance describes how mergers; acquisitions; and divestitures can affect network security.
Mesh Networks

The CompTIA CASP CAS-002 certification covers mesh networking and 80?.1x authentication. Mesh networking includes mush and partial-mesh networks. In this video; Glen Clarke discusses the characteristics of mesh networking and the function of 802.1x authentication for a supplicant accessing a network.
Metrics Collection and Analysis

In this video; Steven Crawford explains how to ensure the right security metrics are collected and analyzed.
Mitigation

In this video; Glen E. Clarke discusses mitigation techniques used for data breaches.
Multipath and Offsite or Multisite Replication

In this video; Steven Crawford discusses multipath and offsite or multisite replication in CompTIA CASP CAS-002.
Agile

After watching this video; you will be able to identify secure software concepts in the Agile methodology.
Anti-tampering Techniques

After watching this video; you will be able to list the steps for code signing.
Applicable Methods to Address Core Security Concepts

After watching this video; you will be able to distinguish between applicable methods to address core security concepts.
Attack Surface Evaluation

After watching this video; you will be able to measure and minimize attack surface.
Attack Surface Validation

After watching this video; you will be able to recognize characteristics of attack surface validation for software testing.
Authentication and Authorization Part 1

After watching this video; you will be able to recognize the characteristics of authentication and authorization.
Authentication and Authorization Part 2

After watching this video; you will be able to recognize the characteristics of authentication and authorization.
Authentication and Identity Management

After watching this video; you will be able to distinguish between characteristics of authentication and identity management.
Availability

One of the core concepts central to IT security is data availability. In this video; Travis Welton discusses what availability means; and outlines threats to data availability; including accidental and deliberate threats.
Backup; Recovery; and Archiving

After watching this video; you will be able to recognize characteristics of backup; recovery; and archiving.
Bootstrapping

After watching this video; you will be able to identify the role of bootstrapping in deployment activities.
Bug Tracking

After watching this video; you will be able to distinguish between bug tracking states.
Build Environment

After watching this video; you will be able to identify build-environment best practices.
Cloud Architectures

After watching this video; you will be able to recognize best practices for securing cloud architectures.
Code Analysis

After watching this video; you will be able to distinguish between static and dynamic code analysis.
Code Escrow and Data Exports

After watching this video; you will be able to identify the purpose of code escrow during supplier transitioning.
Code Reuse Plan Best Practice

After watching this video; you will be able to identify best practices for creating a practical reuse plan.
Complete Mediation

After watching this video; you will be able to recognize the characteristics of complete mediation.
Completion Criteria

After watching this video; you will be able to list the six generic criteria for judging the suitability of a product.
Concurrency

After watching this video; you will be able to recognize examples of using concurrency as a defensive coding practice.
Configuration Management Process

After watching this video; you will be able to distinguish between the six configuration management process activities.
Configuration Management Roles and Plan

After watching this video; you will be able to recognize characteristics of configuration management roles and plan.
Configuration Parameter Management

After watching this video; you will be able to recognize characteristics of configuration parameter management as a defensive coding practice.
Continuous Testing

After watching this video; you will be able to recognize characteristics of continuous testing.
Contracts

After watching this video; you will be able to identify contracts best practices during supplier transitioning.
Contractual Integrity Controls

After watching this video; you will be able to identify best practices for contractual integrity controls.
Control Identification and Prioritization

After watching this video; you will be able to identify characteristics of control identification and prioritization.
Corrective Action

After watching this video; you will be able to recognize options for addressing bugs.
Credential Management

After watching this video; you will be able to recognize characteristics of credential management.
Cryptographic Validation

After watching this video; you will be able to recognize characteristics of cryptographic validation.
Code Testing and Verification

After watching this video; you will be able to identify code testing and verification options for software development and testing.
Cryptology

After watching this video; you will be able to recognize examples of using cryptology as a defensive coding practice.
CWE

After watching this video; you will be able to locate and list the CWE list of software weaknesses.
Data Classification (Part 1)

After watching this video; you will be able to identify data state categories.
Data Classification (Part 2)

After watching this video; you will be able to identify data usage categories.
Data Lifecycle

After watching this video; you will be able to distinguish between generation; retention; and disposal.
Data Loss Prevention

After watching this video; you will be able to recognize characteristics of data loss prevention.
Data Ownership

After watching this video; you will be able to distinguish between the data owner and data custodian roles.
Database Security

After watching this video; you will be able to distinguish between database security techniques.
Declarative Security

After watching this video; you will be able to recognize characteristics of declarative security.
Deployment Environment

After watching this video; you will be able to identify the role of the deployment environment within functional requirements.
Design and Architecture Technical Review

After watching this video; you will be able to identify characteristics of design and architecture technical review.
Digital Rights Management (DRM)

After watching this video; you will be able to recognize types of REL in DRM.
Economy of Mechanism

After watching this video; you will be able to recognize the characteristics of economy of mechanism.
Environment

After watching this video; you will be able to identify environment best practices for ensuring secure software testing .
Exception Management

After watching this video; you will be able to recognize examples of using exception management as a defensive coding practice.
External Requirements

After watching this video; you will be able to identify typical external security requirements.
Fail-Safe

After watching this video; you will be able to recognize the characteristics of fail-safe.
Failure Testing

After watching this video; you will be able to recognize characteristics of testing for failure.
Fuzzing

After watching this video; you will be able to recognize characteristics of the fuzzing method.
Impact Assessment

After watching this video; you will be able to recognize characteristics of impact assessment.
Independent Testing

After watching this video; you will be able to recognize characteristics of independent testing.
Integrating with Existing Architectures

After watching this video; you will be able to recognize best security practices when integrating with existing architectures.
Intellectual Property

After watching this video; you will be able to identify best practices for preventing intellectual property theft.
Interconnectivity

After watching this video; you will be able to distinguish between interconnectivity activities best practices.
Internal Requirements

After watching this video; you will be able to identify typical internal security requirements.
Labeling

After watching this video; you will be able to distinguish between the different impact level definitions.
Least Common Mechanism

After watching this video; you will be able to recognize the characteristics of least common mechanism.
Least Privilege

After watching this video; you will be able to identify the characteristics of least privilege.
Legal

After watching this video; you will be able to distinguish between legal issues to keep in mind during the software lifecycle.
Legal Compliance

After watching this video; you will be able to recognize characteristics of legal compliance.
Logging and Auditing

After watching this video; you will be able to recognize examples of using logging and auditing as a defensive coding practice.
Managed Services Controls

After watching this video; you will be able to identify best secure control practices for managed services from a supplier.
Management Requirements

After watching this video; you will be able to identify characteristics of management requirements.
Memory Management

After watching this video; you will be able to recognize characteristics of memory management as a defensive coding practice.
Mobile Applications

After watching this video; you will be able to recognize best practices for securing mobile applications.
Monitoring and Incident Management

After watching this video; you will be able to identify monitoring and incident management best practices.
Non-Repudiation

After watching this video; you will be able to describe characteristics and best practices for applying non-repudiation.
Objects; Activities; and Actions

After watching this video; you will be able to distinguish between objects; activities; and actions.
Open Design

After watching this video; you will be able to recognize the characteristics of open design.
Operating Systems

After watching this video; you will be able to recognize characteristics of operating systems.
Operations Requirements

After watching this video; you will be able to identify characteristics of operations requirements.
Output Sanitization

After watching this video; you will be able to recognize examples of using output sanitization as a defensive coding practice.
OWASP Top 10

After watching this video; you will be able to locate and list the OWASP "Top 10".
Peer-based Code Review

After watching this video; you will be able to recognize characteristics of peer-based code reviews.
Penetration

After watching this video; you will be able to identify the four steps in the penetration process.
Pervasive and Ubiquitous Computing

After watching this video; you will be able to recognize best practices for securing pervasive and ubiquitous computing.
Post-release Plan

After watching this video; you will be able to identify characteristics of a post-release plan.
Pre-release Testing Process

After watching this video; you will be able to identify the characteristics of the pre-release testing process.
Privacy Considerations

After watching this video; you will be able to distinguish between different privacy considerations.
Problem Management

After watching this video; you will be able to recognize characteristics of problem management.
Product Deployment and Sustainment Controls

After watching this video; you will be able to recognize best practices when integrating product deployment and sustainment controls.
Programmatic Security

After watching this video; you will be able to recognize characteristics of programmatic security.
Programming Language Environment

After watching this video; you will be able to distinguish between compilers; interpreters and hybrid source codes.
Psychological Acceptability

After watching this video; you will be able to recognize the characteristics of psychological acceptability.
Publishing and Dissemination Controls

After watching this video; you will be able to distinguish between licenses; encryption; and authentication as publishing and dissemination controls.
Regression Testing

After watching this video; you will be able to recognize characteristics of regression testing.
Regulations and Compliance

After watching this video; you will be able to recognize characteristics of regulations and compliance.
Release Management

After watching this video; you will be able to recognize characteristics of release management activities.
Rich Internet Applications

After watching this video; you will be able to recognize best practices for securing rich Internet applications.
Risk Acceptance

After watching this video; you will be able to identify the characteristics of risk acceptance.
Risk Assessment for Code Reuse

After watching this video; you will be able to identify characteristics of risk assessment for code reuse.
Role and User Definitions

After watching this video; you will be able to identify characteristics of role and user definitions.
Safe APIs

After watching this video; you will be able to distinguish between safe and unsafe API coding practices.
Scanning

After watching this video; you will be able to recognize characteristics of scanning.
Security Design Principles

After watching this video; you will be able to recognize security design principle best practices.
Security Testing Controls

After watching this video; you will be able to list the eight steps to create a formal set of security testing controls.
Sequencing and Timing Requirements

After watching this video; you will be able to identify best practices for sequencing and timing.
Service-level Agreements

After watching this video; you will be able to distinguish between the two rules SLAs should provide.
Service-Oriented Architecture

After watching this video; you will be able to recognize best practices for securing service-oriented architecture.
Session Management

After watching this video; you will be able to recognize examples of using session management as a defensive coding practice.
Simulation Testing

After watching this video; you will be able to recognize characteristics of simulation testing.
Software Authenticity and Integrity

After watching this video; you will be able to identify software authenticity and integrity best practices during software delivery; operations and maintenance.
Software Disposal Execution

After watching this video; you will be able to identify key activities during software disposal execution.
Software Disposal Planning

After watching this video; you will be able to identify the components of an effective software disposal plan.
Software Requirements Verification and Validation

After watching this video; you will be able to identify software requirements verification and validation .
Source Code and Versioning

After watching this video; you will be able to identify source code and versioning best practices.
Supplier Prequalification

After watching this video; you will be able to identify best practices for supplier prequalification activities.
Supplier Sourcing Challenges

After watching this video; you will be able to distinguish between different security trade-offs in supplier sourcing.
System-of-Systems Integration

After watching this video; you will be able to identify characteristics of system-of-systems integration.
Technical Controls

After watching this video; you will be able to identify technical controls for software development and testing.
Test Data Lifecycle Management

After watching this video; you will be able to identify best practices in test data lifecycle management.
Testing Artifacts

After watching this video; you will be able to recognize characteristics of testing artifacts.
The Privacy Principle

After watching this video; you will be able to recognize the characteristics of privacy.
Threat Modeling and Documentation

After watching this video; you will be able to recognize threat modeling techniques and purpose of documentation.
Tokenizing

After watching this video; you will be able to recognize examples of tokenizing as a defensive coding practice.
Trusted Computing

After watching this video; you will be able to recognize characteristics of trusted computing.
Type Safety

After watching this video; you will be able to distinguish between examples of static and dynamic type safety enforcement.
Validation and Verification

After watching this video; you will be able to recognize characteristics of validation and verification.
Vendor Technical Integrity Controls

After watching this video; you will be able to identify best practices for vendor technical integrity controls.
Vulnerability Management; Tracking; and Resolution

After watching this video; you will be able to identify best practices for vulnerability management; tracking; and resolution activities.
Waterfall

After watching this video; you will be able to identify secure software concepts in the Waterfall methodology.
Weakest Link

After watching this video; you will be able to recognize the characteristics of weakest link.
Active Directory Permissions

After watching this video; you will be able to identify characteristics of Active Directory permissions.
Advantages and Disadvantages of Security Types

It is important to be aware of security fundamentals in Microsoft Windows environment. Wireless security is a key component in data protection. In this video; Travis Welton discusses the advantages and disadvantages of various types of wireless security.
Antispam

After watching this video; you will be able to identify characteristics of spam filtering.
Anti-virus for Client Protection

After watching this video; you will be able to identify characteristics of viruses.
Application-level Firewalls

After watching this video; you will be able to recognize characteristics of application-level firewalls.
Assigning Hosts to VLANS

After watching this video; you will be able to distinguish between ways to assign hosts to VLANS.
Auditing Best Practices

After watching this video; you will be able to recognize auditing best practices.
Authentication Methods

After watching this video; you will be able to distinguish between different authentication methods.
Browser Settings

With Microsoft Windows; it is vitally important to be aware of security fundamentals. When browsing the Internet; adequate data and user protection should be in place. In this video; Travis Welton demonstrates how to configure Internet security settings in Internet Explorer.
Buffer Overflow

After watching this video; you will be able to recognize characteristics of buffer overflow.
Certificate Properties and Services

After watching this video; you will be able to recognize certificate properties and services policy best practices.
Circuit-level Firewalls

After watching this video; you will be able to recognize characteristics of circuit-level firewalls.
Client versus Server Protection

After watching this video; you will be able to identify the advantages and disadvantages of both client and server protection.
Common Attack Methods

After watching this video; you will be able to recognize common password attack methods.
Common Network Attack Methods Part One

After watching this video; you will be able to distinguish between common attack methods.
Common Network Attack Methods Part Two

After watching this video; you will be able to identify characteristics of common attack methods.
Computer Security

Considerations for computer security relate to safeguarding data on an organization's actual desktop computers; servers; and laptops. The devices alone can be expensive regardless of the valuable data they may additionally contain. In this video; Travis Welton discusses how to secure physical computer systems.
Demilitarized Zones (DMZs)

After watching this video; you will be able to identify characteristics of DMZs.
Disable Log On Locally

It is important to be aware of security fundamentals for Microsoft Windows environment. Administrators can prevent a user or group from accessing a local machine by using the Deny log on locally settings. In this video; Travis Welton demonstrates how to prevent a specific user from logging on to a local machine.
Disabling Unsecure Authentication Protocols

After watching this video; you will be able to disable unsecure authentication protocols.
DNS Security Extensions (DNSSec)

After watching this video; you will be able to identify characteristics of DNSSec.
EFS

After watching this video; you will be able to identify characteristics of EFS.
Enabling and Securing Audit Information

After watching this video; you will be able to enable and secure audits and audit information.
Encrypting Offline Files and Folders

After watching this video; you will be able to encrypt offline files and folders.
Encryption Methods

After watching this video; you will be able to distinguish between different encryption methods.
File and Registry Permissions

After watching this video; you will be able to distinguish between the types of permissions that can be applied.
Group Permissions

After watching this video; you will be able to set multiple groups with different permissions.
Honeypots

After watching this video; you will be able to identify characteristics of honeypots.
Inheritance

After watching this video; you will be able to enable and disable inheritance.
Internet Protocol Security (IPSec) in Network Isolation

After watching this video; you will be able to identify characteristics of IPSec.
Keeping OS and Software Current

After watching this video; you will be able to use Windows Update/Windows Server Update Service.
Keeping Servers Updated

After watching this video; you will be able to recognize the benefits of ensuring OS and applications are kept current.
Keyloggers

With Microsoft Windows; it is vitally important to be aware of security. Keyloggers pose a threat because they are devices that capture keystroke input to procure sensitive information. In this video; Travis Welton demonstrates types of keyloggers and recommends measures to defend against them.
Keys

It is important to be aware of security fundamentals in the Microsoft Windows environment. Using authentication and encryption is the best approach to securing a wireless local area network (WLAN). In this video; Travis Welton discusses key-based security methods; namely: Wired Equivalent Privacy (WEP); Wi-Fi Protected Access (WPA); and WPA Version 2 (WPA2).
Lockout and Group Policies

After watching this video; you will be able to implement password policy settings.
MAC Filters

In Microsoft Windows; it is vitally important to be aware of security fundamentals. A media access control (MAC) address is the unique hardware address of a network card that allows access to a wireless local area network (WLAN) through filtering. In this video; Travis Welton discusses MAC address filtering for WLAN security.
Microsoft Baseline Security Analyzer (MBSA)

After watching this video; you will be able to use MBSA.
Mobility Device Security

Mobile device security poses the most challenges of all; as they can store a lot of data and are the least secure. In this video; Travis Welton discusses how to go about securing mobile devices.
NAP Requirements

After watching this video; you will be able to identify NAP requirements.
Network Access Protection (NAP) Purpose

After watching this video; you will be able to identify the purpose of NAP.
Network Address Translation (NAT)

After watching this video; you will be able to identify characteristics of NAT.
Network Sniffing

After watching this video; you will be able to identify characteristics of utility network sniffing.
NTFS vs. FAT

After watching this video; you will be able to distinguish between NTFS and FAT file systems permissions characteristics.
Ownership and Delegation

After watching this video; you will be able to set ownership and delegation permission settings.
Password Complexity; Length; and History Policies

After watching this video; you will be able to recognize password policy best practices.
Password Reset Procedures

After watching this video; you will be able to identify best practices when establishing password reset procedures.
Pointer (PTR) Records

After watching this video; you will be able to describe how PTR records function.
Protocol Spoofing

After watching this video; you will be able to identify characteristics of protocol spoofing.
RADIUS Authentication

After watching this video; you will be able to recognize characteristics of RADIUS authentication.
Read-Only Domain Controllers

After watching this video; you will be able to recognize characteristics and benefits of a read-only domain controller.
Removable Devices and Drives

In Microsoft Security Fundamentals; you may encounter removable devices and drives. These are very credible threats to a computer system. In this video; Travis Welton discusses how to secure removable devices and drives.
Secure Web Sites

Secure web browsing is initiated using Hypertext Transfer Protocol Secure (HTTPS) with Secure Sockets Layer (SSL) providing a 128-bit encryption. In this video; Travis Welton provides a definition of HTTPS with SSL for providing secure client/server communications through the Internet.
Securing Dynamic DNS Updates

After watching this video; you will be able to use secure dynamic DNS functionality.
Sender Policy Framework (SPF) Records

After watching this video; you will be able to describe how SPF records function.
Separation of Services

After watching this video; you will be able to identify separation of services best practices.
Server and Domain Isolation

After watching this video; you will be able to identify characteristics of server and domain isolation.
Server Hardening

After watching this video; you will be able to recognize importance of hardening the server.
Site Security

Site security is vital when keeping mobile or removable devices and phones safe against any potential threats. In this video; Travis Welton discusses physical site security.
Software Firewalls

After watching this video; you will be able to recognize characteristics of software firewalls.
Software Restriction Policies

After watching this video; you will be able to recognize benefits of software restriction policies.
Spoofing

After watching this video; you will be able to recognize characteristics of spoofing.
SSID

It is important to be aware of security fundamentals for the Microsoft Windows environment. A Service Set Identifier (SSID) is a name that identifies a specified wireless local area network (WLAN); allowing authorized users to connect to that WLAN. In this video; Travis Welton demonstrates SSID best practices.
Stateful Multilevel Firewalls

After watching this video; you will be able to recognize characteristics of stateful multilevel firewalls.
Stateful versus Stateless Inspection

After watching this video; you will be able to identify the most appropriate inspection type to use.
The Impact of Threat and Risk

Risk management is central to implementing effective IT security. In this video; Travis Welton discusses how to define risk; explains the purpose of a risk management plan; and describes the key steps involved in the risk management process.
Token Devices

After watching this video; you will be able to recognize characteristics of token devices.
Tunneling

After watching this video; you will be able to identify characteristics of tunneling.
Types of Auditing

After watching this video; you will be able to distinguish between the different auditing types.
Types of Inspection

After watching this video; you will be able to distinguish between stateful and stateless inspection.
Using Hardware versus Software Firewalls

After watching this video; you will be able to identify an appropriate firewall for network protection.
Using Run as administrator

After watching this video; you will be able to use "Run as" option to perform administrative tasks.
Utilizing User Account Control (UAC)

After watching this video; you will be able to enable and disable UAC.
Virtual LANs (VLANs)

After watching this video; you will be able to identify characteristics of VLANS.
Virtual Private Networks (VPNs)

After watching this video; you will be able to identify characteristics of VPNs.
VLAN Separate Management

After watching this video; you will be able to describe the concept of separate management of VLAN.
VPN and Encryption Algorithms

After watching this video; you will be able to identify characteristics and uses of VPN and encryption algorithms.
Worms; Trojans; and Spyware

After watching this video; you will be able to distinguish between characteristics of worms; trojans; and spyware.
SQL Server Injection Mitigation

After watching this video; you will be able to describe SQL Injection and how to mitigate against it.
(ISC)2 Code of Ethics

After watching this video; you will be able to identify characteristics of the (ISC)2 Code of Ethics and best practices for compliance.
Access Control and Monitoring

After watching this video; you will be able to distinguish between access control and monitoring techniques.
Access Control Standards and Protocols

After watching this video; you will be able to describe access control standards and protocols.
Administration and Validation

After watching this video; you will be able to describe administration and validation activities as part of operating and implementing cryptographic systems.
Application Vulnerabilities

After watching this video; you will be able to identify application vulnerabilities that apply to big data systems.
Application White Listing

After watching this video; you will be able to use application white-listing for endpoint device security.
Applying Hashing

After watching this video; you will be able to describe purpose and best practices for applying hashing.
Applying Salting

After watching this video; you will be able to describe purpose and best practices for applying salting.
Appropriate Use

After watching this video; you will be able to describe best practices for appropriate use of security protocols.
Architecture and Design Vulnerabilities

After watching this video; you will be able to identify architecture and design vulnerabilities that apply to big data systems.
Attribute-based Access Control

After watching this video; you will be able to describe best practices when implementing attribute-based access control.
Audit Findings

After watching this video; you will be able to identify how to use audit findings as part of the risk management process.
Authentication Overview

After watching this video; you will be able to identify characteristics of authentication and the role it plays in access control.
Cloud Security Outsourcing Requirements

After watching this video; you will be able to identify security requirements when outsourcing cloud services.
Cloud Virtualization

After watching this video; you will be able to describe characteristics of cloud virtualization.
Common Ports and Protocols

After watching this video; you will be able to describe commonly used ports and protocols and their role in network security.
Communicating Findings

After watching this video; you will be able to identify best practices for communicating and reporting monitoring analysis results.
Communications Network Attacks and Countermeasures

After watching this video; you will be able to describe common attacks and countermeasures for protecting telecommunications technologies.
Compensating Controls

After watching this video; you will be able to describe best practices for compensating security controls.
Configuration Management Plan Implementation

After watching this video; you will be able to identify activities in implementing a configuration management plan.
Continuity and Resilience

After watching this video; you will be able to describe continuity and resilience in secure virtual environments.
Converged Communications

After watching this video; you will be able to describe best practices and benefits of converged communications.
Corrective Controls

After watching this video; you will be able to describe best practices for corrective security controls.
Data Asset Management

After watching this video; you will be able to identify best practices for data asset management.
Data Sensitivity

After watching this video; you will be able to describe the purpose and role of data sensitivity in cryptography.
Data Storage and Transmission

After watching this video; you will be able to identify secure data storage and transmission options for cloud security.
Detective Controls

After watching this video; you will be able to describe best practices for detective security controls.
Determining Appropriate Access Controls

After watching this video; you will be able to identify appropriate access controls and best practices for implementation.
Deterrent Controls

After watching this video; you will be able to describe best practices for deterrent security controls.
Device Authentication

After watching this video; you will be able to identify best practices for implementing device authentication.
Discretionary Access Control

After watching this video; you will be able to describe best practices when implementing discretionary access control.
Emergency Response Plans and Procedures

After watching this video; you will be able to describe characteristics and best practices for supporting emergency response plans and procedures.
Endpoint Encryption

After watching this video; you will be able to use endpoint encryption for endpoint device security.
End-user Training

After watching this video; you will be able to identify end-user training best practices related to cryptography.
Entitlement

After watching this video; you will be able to describe entitlement activities during the identity management lifecycle.
Event Data Analysis

After watching this video; you will be able to describe characteristics and purpose of event data analysis activities.
Events of Interest

After watching this video; you will be able to describe characteristics of events of interest as part of continuous monitoring activities.
Evidence Handling

After watching this video; you will be able to identify best practices for evidence handling during forensic investigation activities.
Firewalls and Proxies

After watching this video; you will be able to identify best practices for using firewalls and proxies.
First Responder

After watching this video; you will be able to identify first responder best practices during forensic investigation activities.
Fundamental Key Management Concepts

After watching this video; you will be able to identify fundamental key management concepts of cryptographic systems.
Hardware Asset Management

After watching this video; you will be able to identify best practices for hardware asset management.
HIDS

After watching this video; you will be able to use HIDS for endpoint device security.
Identifying Malicious Activity

After watching this video; you will be able to distinguish between different types of malicious activity.
Implementation Variation

After watching this video; you will be able to compare differences in implementation methodologies.
Implementing Backup and Redundancy Options

After watching this video; you will be able to describe characteristics and best practices for implementing backup and redundancy options.
Implementing Countermeasures

After watching this video; you will be able to identify best practices when implementing countermeasures.
Implementing Cryptographic Systems

After watching this video; you will be able to identify best practices for implementing and operating cryptographic systems and controls.
Implementing Operational Security Controls

After watching this video; you will be able to identify appropriate best practices when implementing different types of operating security controls.
Implementing Secure Protocols

After watching this video; you will be able to identify best practices for implementing secure protocols.
Incident Discovery

After watching this video; you will be able to describe incident discovery activities.
Incident Escalation

After watching this video; you will be able to identify incident escalation activities.
Incident Response

After watching this video; you will be able to identify incident response best practices.
Interim Processing Strategies

After watching this video; you will be able to describe interim or alternate processing strategies as part of business continuity activities.
Interpreting Scanning and Testing Results

After watching this video; you will be able to describe how to interpret and report scanning and testing results.
Legal and Privacy Concerns

After watching this video; you will be able to identify the legal and privacy concerns associated with cloud security.
Lifecycle Asset Management

After watching this video; you will be able to identify best practices for lifecycle asset management.
Maintenance

After watching this video; you will be able to identify maintenance best practices during the identity management lifecycle.
Malicious Activity Countermeasures

After watching this video; you will be able to identify countermeasure for mitigating risk and damage from malicious activity.
Malicious Code

After watching this video; you will be able to describe characteristics of malicious code.
Malicious Code Countermeasures

After watching this video; you will be able to identify countermeasures for mitigating risk and damage from malicious code.
Managerial Controls

After watching this video; you will be able to describe how to use managerial controls to implement and assess compliance.
Mandatory Access Control

After watching this video; you will be able to describe best practices when implementing mandatory access control.
Monitoring and Analyzing Risk

After watching this video; you will be able to identify best practices for identifying; monitoring; and analyzing risk.
Network Access Attacks and Countermeasures

After watching this video; you will be able to describe common network access attacks and appropriate countermeasures.
Network Intrusion Detection and Prevention Systems

After watching this video; you will be able to identify best practices for using network intrusion detection and prevention systems.
Network Topographies and Relationships

After watching this video; you will be able to identify the different types of network topographies and their role in network security.
Non-discretionary Access Control

After watching this video; you will be able to describe best practices when implementing non-discretionary access control.
One-way Trust Relationships

After watching this video; you will be able to describe characteristics of one-way trust relationships in internetwork trust architectures.
Operation Models

After watching this video; you will be able to distinguish between cloud security operation models.
Operational Controls

After watching this video; you will be able to describe how to use operational controls to implement and assess compliance.
OSI and TCP/IP Models

After watching this video; you will be able to distinguish between OSI and TCP/IP models and their role in network security issues.
Participating in Physical Security Operations

After watching this video; you will be able to identify physical security operations activities.
Participating in Security Administration

After watching this video; you will be able to identify appropriate activities for participating in change management; security operations and security administration processes.
Participating in Security Awareness and Training

After watching this video; you will be able to identify security awareness and training activities.
Participating in Security Testing and Evaluation

After watching this video; you will be able to describe security testing and evaluation activities.
Patch Management

After watching this video; you will be able to describe activities for implementing and testing patches; fixes; and updates.
Plane Separation

After watching this video; you will be able to describe data plane and control plane separation for managing LAN-based security.
Preservation of Scene

After watching this video; you will be able to identify best practices for preservation of scene during forensic investigation activities.
Preventative Controls

After watching this video; you will be able to describe best practices for preventative security controls.
Proofing

After watching this video; you will be able to identify proofing best practices during the identity management lifecycle.
Provisioning

After watching this video; you will be able to describe provisioning activities as part of the identity management lifecycle.
Regulatory Requirements

After watching this video; you will be able to identify regulatory requirements for cryptography.
Remote Access Operation and Configuration

After watching this video; you will be able to describe best practices for remote access operation and configuration.
Reporting and Feedback Loops

After watching this video; you will be able to identify lessons learned activities.
Responding to Incidents

After watching this video; you will be able to identify best practices for handling incidents; supporting forensic investigations; and supporting business continuity activities.
Restoration Planning

After watching this video; you will be able to identify best practices for restoration planning as part of business continuity activities.
Risk Assessment

After watching this video; you will be able to identify risk assessment characteristics and options.
Risk Management Concepts

After watching this video; you will be able to describe characteristics of risk management concepts.
Risk Treatment

After watching this video; you will be able to describe options for risk treatment.
Risk Visibility and Reporting

After watching this video; you will be able to describe characteristics of risk visibility and reporting activities.
Routers and Switches

After watching this video; you will be able to identify best practices for using routers and switches securely on networks.
Secure Browsing

After watching this video; you will be able to identify secure browsing best practices for endpoint device security.
Secure Device Management

After watching this video; you will be able to identify best practices for secure device management.
Securing Networks and Communications

After watching this video; you will be able to identify best practices for securing networks; protecting telecommunications technologies; and implementing and operating secure wireless technologies.
Securing Systems and Applications

After watching this video; you will be able to describe best practices for implementing and operating systems and applications security.
Security Analytics; Metrics and Trends

After watching this video; you will be able to use security analytics metrics and trends for analyzing monitoring results.
Security Impact Assessment

After watching this video; you will be able to identify activities in performing a security impact assessment.
Segmentation

After watching this video; you will be able to use segmentation for managing LAN-based security.
Shared Storage

After watching this video; you will be able to describe best practices for shared storage in virtual environments.
Single Sign-on

After watching this video; you will be able to describe best practices for implementing single sign-on authentication.
Single/Multifactor Authentication

After watching this video; you will be able to describe best practices for implementing single/multifactor authentication.
Software Asset Management

After watching this video; you will be able to identify best practices for software asset management.
Software-defined Networking

After watching this video; you will be able to describe best practices for secure software-defined networking in virtual environments.
Source Systems

After watching this video; you will be able to describe characteristics and purpose of source systems used in continuous monitoring activities.
Symmetric and Asymmetric Encryption

After watching this video; you will be able to distinguish between symmetric and asymmetric encryption application.
System Architecture and Interoperability

After watching this video; you will be able to identify system architecture and interoperability of systems activities in change management processes.
Testing and Drills

After watching this video; you will be able to describe characteristics and best practices for testing and drills for supporting emergency response plans and procedures.
Transitive Trust

After watching this video; you will be able to identify characteristics of transitive trust in internetwork trust architectures.
Trusted Platform Module

After watching this video; you will be able to use trusted platform module for endpoint device security.
Two-way Trust Relationships

After watching this video; you will be able to describe characteristics of two-way trust relationships in internetwork trust architectures.
Understanding Accountability

After watching this video; you will be able to identify characteristics of the concept of accountability.
Understanding Availability

After watching this video; you will be able to identify characteristics of the concept of availability.
Understanding Confidentiality

After watching this video; you will be able to describe characteristics of the concept of confidentiality.
Understanding Integrity

After watching this video; you will be able to identify characteristics of the concept of integrity.
Understanding Least Privilege

After watching this video; you will be able to identify characteristics of the concept of least privilege.
Understanding Privacy

After watching this video; you will be able to identify characteristics of the concept of privacy.
Understanding Separation of Duties

After watching this video; you will be able to identify characteristics of the concept of separation of duties.
Virtual Environment Attacks and Countermeasures

After watching this video; you will be able to identify the most common attacks on virtual environments and countermeasures for mitigating risk and damage.
Visualization

After watching this video; you will be able to use visualization to analyze monitoring results.
Web of Trust

After watching this video; you will be able to describe characteristics of Web of Trust.
Wireless Security Devices

After watching this video; you will be able to describe characteristics of wireless security devices.
Wireless Technologies Attacks and Countermeasures

After watching this video; you will be able to identify common attacks methods and countermeasures for wireless technologies.
Wireless Transmission Security

After watching this video; you will be able to identify best practices for secure wireless transmission.
Exam Update Overview

After watching this video; you will be able to describe the high-level changes in ISC2 CISSP 2015 with respect to CISSP 2012.
New Testing Domains

After watching this video; you will be able to list the testing domains in ISC2 CISSP 2015.
New Testing Topics

After watching this video; you will be able to recognize the new testing topics for ISC2 CISSP 2015.
Previous Testing Domains

After watching this video; you will be able to list the testing domains in ISC2 CISSP 2012.
Accessing Application Databases

After watching this video; you will be able to retrieve and access an Android application database.
Analyzing Android Device Mount Points

After watching this video; you will be able to analyze Android File System mount points on a typical Android device; specifally root; /system; /cache; /data; /mnt/sdcard; and /mnt/secure/asec.
Analyzing Application Traffic and Data

After watching this video; you will be able to perform a penetration test using any pen test tool of choice to intercept and analyze non-browser application traffic.
Analyzing Network Traffic Using Wireshark

After watching this video; you will be able to analyze network traffic on an Android device using Wireshark.
Creating a Signing Key and Certificate

After watching this video; you will be able to create an Android application signing key and certificate in Android Studio.
Creating an Android Device Image

After watching this video; you will be able to create a system image for an Android device.
Declaring Application Permissions

After watching this video; you will be able to add a permission declaration for an Android appliaction in its Manifest permissions file.
Enabling the ProGuard Tool in Android SDK

After watching this video; you will be able to enable the ProGuard code obfuscation tool in Android SDK.
Enforcing Application Permissions

After watching this video; you will be able to locate and modify the Manifest permissions file on Android emulator to secure an Android application.
Enforcing Permissions

After watching this video; you will be able to describe how permissions are enforced at the kernel level; native daemon level; and the framework level in Android OS.
Examining Android Device Directory Structure

After watching this video; you will be able to examine Android device directory structure.
Examining Android File Systems

After watching this video; you will be able to examine Android file systems; specifically YAFFS; YAFFS2; ext2; ext3; ext4; and vfat.
Examining Network Activity with BusyBox

After watching this video; you will be able to carry out a penetration test on an Android device using BusyBox.
Exploring the /data/data Directory

After watching this video; you will be able to explore the contents of the /data/data directory; especially shared_prefs and lib directories.
Getting Familiar with Activity Lifecycles

After watching this video; you will be able to define an activity and describe activity stack and callback methods used to implement activity lifecycles.
Getting Familiar with Android Application Services

After watching this video; you will be able to describe how to start; bind; and create an application service; as well as how to declare a service in the Manifest.xml file.
Getting Familiar with Code Signing

After watching this video; you will be able to describe the process of application code signing.
Identifying Application-based Permissions

After watching this video; you will be able to identify application-based permissions; specifically Android Manifest Permissions.
Identifying Common Application Security Risks

After watching this video; you will be able to identify common mobile device security issues.
Installing Android Standalone SDK Tools

After watching this video; you will be able to download and install the Android stand-alone SDK tools package.
Installing the Android Studio IDE

After watching this video; you will be able to download and install the Android Studio IDE.
Intercepting Browser Application Traffic

After watching this video; you will be able to use Burp suite to intercept traffic for a browser application on a virtual Android device.
Leveraging Linux Security Services to Protect Data

After watching this video; you will be able to use Linux security services to protect Android application data.
Overview of Android Software Stack Layers

After watching this video; you will be able to describe Android software stack layers.
Overview of Application User Protection Levels

After watching this video; you will be able to define the user protection levels that can be assigned in a Manifest permissions file.
Overview of Storage Options for Application Data

After watching this video; you will be able to describe storage options for Android application data.
Packaging an Android Application

After watching this video; you will be able to securely package an Android application.
Penetration Testing Best Practices

After watching this video; you will be able to describe the Android app development best practices against which penetration tests should be carried out.
Scanning a Network Using Nmap

After watching this video; you will be able to carry out a network scan using Nmap.
Understanding the Android Environment

After watching this video; you will be able to describe the major components of the Android environment; specifically the Android SDK; Eclipse IDE and ADT tools (DDMS; adb).
Understanding Android Application Framework

After watching this video; you will be able to describe the Android application framework layer services; specifically the resource manager; activity manager; location manager; notification manager; package manager; views; and content providers.
Understanding Android Runtime Components

After watching this video; you will be able to describe Android runtime components; specifically the Dalvik VM and Core Libraries.
Understanding Permissions Assignment

After watching this video; you will be able to describe how permissions and process attributes are assigned in Android OS.
Understanding the Linux Kernel

After watching this video; you will be able to describe how the Linux kernel provides security on the Android platform; including Linux permissions enforcement.
Updating an Android Application

After watching this video; you will be able to securely update an Android application.
Using Code Signing to Protect Application from Malware

After watching this video; you will be able to use code signing to protect Android application code from malware attacks.
Using Untrusted Devices; Applications; and Networks

After watching this video; you will be able to describe considerations for using user-owned; untrusted devices as well as untrusted applications and networks.
Working with Device Administration Policies

After watching this video; you will be able to extract various kinds of data from Android devices; specifically SMS messages; contact information; and application database information.
Working with Root Access

After watching this video; you will be able to root an Android device so that it can be analyzed.
Working with Shared User IDs

After watching this video; you will be able to describe how permissions are granted and managed for applications with shared user IDs.
Working with Untrusted Systems and Content

After watching this video; you will be able to describe considerations for dealing with untrusted systems and content on an enterprise network.
Attacking User Passcodes

After watching this video; you will be able to describe how user passcodes may be attacked.
Carrying Out a Fuzz Test

After watching this video; you will be able to describe steps for carrying out a fuzz test.
Collecting and Verifying Signing Information

After watching this video; you will be able to describe how application signing information can be collected and verified.
Creating a Configuration Profile

After watching this video; you will be able to use Apple Configurator to create a new configuration profile.
Displaying iOS Signing Info and Entitlements

After watching this video; you will be able to use the Xcode codesign tool to obtain information on an iOS application's signing certificate authority and its granted entitlements.
Enforcing Signatures on Processes

After watching this video; you will be able to describe how signatures are enforced on application processes.
Enrolling Devices by Downloading Enrollment Profiles

After watching this video; you will be able to enroll a user device with the OS X Server mobile device management service by downloading and installing an enrollment profile.
Enrolling Devices using Profile Manager Web Portal

After watching this video; you will be able to enroll a user device with the OS X Server mobile device management service using the user's Profile Manager web portal.
Exploiting Bug Classes

After watching this video; you will be able to describe how to exploit use-after-free and double-free bugs.
Fuzzing MobileSafari

After watching this video; you will be able to carry out a fuzzing test on MobileSafari.
Getting Familiar with Application Signing

After watching this video; you will be able to use the Xcode codesign tool to show signing certificate authority information for an iOS application.
Getting Familiar with File Protection Classes

After watching this video; you will be able to describe file protection classes.
Getting Familiar with Keybags

After watching this video; you will be able to describe how file and keychain Data Protection classes are collected and managed in keybags.
Getting Familiar with Keychain Protection Classes

After watching this video; you will be able to describe keychain item protection classes.
Getting Familiar with the Data Protection API

After watching this video; you will be able to describe data protection API and class hierarchy.
Listing Application Entitlements

After watching this video; you will be able to use command line to list the entitlements for a signed application.
Overview of Apple Store Security

After watching this video; you will be able to describe how Apple protects the Apple Store.
Overview of Code Signing in iOS

After watching this video; you will be able to describe how code signing is used to enforce iOS security.
Overview of Fuzzing iOS Applications

After watching this video; you will be able to describe the basic idea behind fuzzing and how it is used to reveal security issues in iOS applications.
Overview of iOS Sandbox

After watching this video; you will be able to identify iOS Sandbox components and describe how they are related.
Overview of Return-Oriented Programming

After watching this video; you will be able to describe background on ROP and basics in ARM architecture.
Overview on iOS Network Security

After watching this video; you will be able to identify components of network security supported by iOS 8.
Preventing Changes on Signed Pages

After watching this video; you will be able to describe how to prevent signed code from being tampered with.
Protecting Processes and Code Segments

After watching this video; you will be able to describe privilege separation; address space layout randomization; and sandboxing.
Setting Up the OS X Server Profile Manager

After watching this video; you will be able to configure and run the Profile Manager service.
Understanding Dynamic Code Signing

After watching this video; you will be able to describe how to use just-in-time compiling to implement dynamic code signing.
Understanding How Sandboxing Impacts the App Store

After watching this video; you will be able to describe how applications are launched under a sandbox and how applications are restricted to their own container directories in the App Store.
Understanding iOS Attack Surface

After watching this video; you will be able to describe reduced attack surface and stripped-down iOS.
Understanding Possible Security Threats

After watching this video; you will be able to define malware; exploitation; and compare Mac OS threats versus iOS threats.
Understanding Provisioning

After watching this video; you will be able to describe the provisioning profile and how the provisioning file is validated.
Understanding Sandboxing and Runtime Security

After watching this video; you will be able to describe how runtime process security makes use of sandboxing to protect applications and their data on iOS 8 devices.
Understanding Sandboxing with Extensions

After watching this video; you will be able to describe how extensions are sandboxed to protect their files and memory space in iOS.
Understanding TCMalloc

After watching this video; you will be able to describe TCMalloc allocator as well as large and small object allocation and deallocation.
Understanding the ARM Systems Call Convention

After watching this video; you will be able to describe how system calls are invoked on ARM.
Understanding the iOS ARM Calling Convention

After watching this video; you will be able to describe the ARM calling convention on iOS.
Understanding the iOS System Allocator

After watching this video; you will be able to describe the concept of regions and how regions are allocated and deallocated.
Understanding the Mandatory Access Control Framework

After watching this video; you will be able to describe how Mandatory Code Signing is controlled by the Mandatory Access Control Framework; including AMFI hooks.
Updating and Removing Configuration Profiles

After watching this video; you will be able to use the Apple Configurator to update and remove configuration profiles.
Using Code Signing and Data Execution Prevention

After watching this video; you will be able to describe code signing; return-oriented programming (ROP); and data execution prevention.
Working with AirDrop Security

After watching this video; you will be able to describe iOS 8 support for AirDrop security.
Working with Bluetooth Connections

After watching this video; you will be able to describe Bluetooth connections and profiles supported by iOS 8.
Working with Mobile Configuration Profiles

After watching this video; you will be able to identify the contents of a configuration profile and how to identify configuration profile payload types.
Working with Profiles

After watching this video; you will be able to write and use a Bash shell script to crash test Safari on Mac OS X.
Working with Single Sign-on Authentication

After watching this video; you will be able to describe iOS 8 support for single sign-on authentication on enterprise networks.
Working with the Apple Configurator

After watching this video; you will be able to describe the general functionality of the Apple Configurator.
Working with Virtual Private Networks

After watching this video; you will be able to describe the VPN protocols and authentication methods supported by iOS 8.
Working with Wi-Fi Networks

After watching this video; you will be able to describe Wi-Fi standards and authentication methods supported by iOS 8.
Adding and Modifying Groups

After watching this video; you will be able to add and modify groups in Ubuntu using various command line tools.
Managing /etc/hosts for Web Development

After watching this video; you will be able to modify the /etc/hosts file to point a domain to a local web server.
.NET Web Authentication Types

After watching this video; you will be able to identify the authentication types in web-hosted .NET projects and configure them in IIS and in configuration files.
A1 Injection - How It Works

After watching this video; you will be able to identify what the A1 exploit relies on to work.
A1 Injection In Action

After watching this video; you will be able to describe how the A1 exploit works in practice.
A10 Unvalidated Redirects and Forwards - How It Works

After watching this video; you will be able to identify what the A10 exploit relies on to work.
A10 Unvalidated Redirects and Forwards In Action

After watching this video; you will be able to describe how the A10 exploit works in practice.
A2 Broken Authentication/Session - How It Works

After watching this video; you will be able to identify what the A2 exploit relies on to work.
A2 Broken Authentication/Session Management In Action

After watching this video; you will be able to describe how the A2 exploit works in practice.
A3 Cross Site Scripting In Action

After watching this video; you will be able to describe how the A3 exploit works in practice.
A3 Cross Site Scripting In Action - How It Works

After watching this video; you will be able to identify what the A3 exploit relies on to work.
A4 Insecure Direct Object References - How It Works

After watching this video; you will be able to identify what the A4 exploit relies on to work.
A4 Insecure Direct Object References In Action

After watching this video; you will be able to describe how the A4 exploit works in practice.
A5 Security Misconfiguration - How It Works

After watching this video; you will be able to identify what the A5 exploit relies on to work.
A5 Security Misconfiguration In Action

After watching this video; you will be able to describe how the A5 exploit works in practice.
A6 Sensitive Data Exposure - How It Works

After watching this video; you will be able to identify what the A6 exploit relies on to work.
A6 Sensitive Data Exposure In Action

After watching this video; you will be able to describe how the A6 exploit works in practice.
A7 Missing Function Level Access Control - How It Works

After watching this video; you will be able to identify what the A7 exploit relies on to work.
A7 Missing Function Level Access Control In Action

After watching this video; you will be able to describe how the A7 exploit works in practice.
A8 Cross Site Request Forgery - How It Works

After watching this video; you will be able to identify what the A8 exploit relies on to work.
A8 Cross Site Request Forgery In Action

After watching this video; you will be able to describe how the A8 exploit works in practice.
A9 Using Components with Known Exploits - How It Works

After watching this video; you will be able to identify what the A9 exploit relies on to work.
A9 Using Components with Known Exploits In Action

After watching this video; you will be able to describe how the A9 exploit works in practice.
Appropriate Password Management

After watching this video; you will be able to list appropriate approaches to capturing; storing; validating; and resetting user passwords.
ASP.NET & ASP.NET MVC Validation

After watching this video; you will be able to recognize how the built-in validation capabilities in ASP.NET and ASP.NET MVC protect against attacks.
Asymmetric Encryption in .NET

After watching this video; recognize how asymmetric encryption works in .NET.
Authenticating with External Logins in ASP.NET MVC

After watching this video; you will be able to allow your users to authenticate against external login providers like Microsoft; Twitter; Facebook and Google.
Authentication versus Authorization

After watching this video; you will be able to compare authentication and authorization.
Authorization in ASP.NET MVC Controllers

After watching this video; you will be able to implement authorization in ASP.NET MVC.
Authorization in WCF

After watching this video; you will be able to recognize where and how to implement authorization in WCF.
Authorization in Web API

After watching this video; you will be able to recognize where and how to implement authorization in ASP.NET Web API.
Command Injection Mitigation

After watching this video; you will be able to describe how to mitigate against command injection at the base .NET Framework level.
Config File Encryption

After watching this video; you will be able to recognize how to encrypt relevant sections of the .NET configuration files.
Content Spoofing Mitigation

After watching this video; you will be able to describe JavaScript behaviors that can lead to security breaches and how to mitigate against them.
CORS Preflight Scrutiny

After watching this video; you will be able to describe CORS Preflight requests and how to secure them in ASP.Net Web API.
Error Message Security

After watching this video; you will be able to recognize how error message handling can be exploited and how to deal with this.
HttpOnly Cookie Flag

After watching this video; you will be able to describe the HttpOnly Cookie Flag and how to apply it in ASP.NET and ASP.NET MVC.
Identify Top 10 Threats

After watching this video; you will be able to identify the OWASP Top 10 exploits in a real-world scenario.
Insecure Direct Object Reference Mitigation

After watching this video; you will be able to identify mitigations to Insecure Direct Object Reference at the database level.
Insecure Web.config Setting Mitigation

After watching this video; you will be able to recognize the impacts of various web.config file settings.
Introduction to the OWASP Project

After watching this video; you will be able to describe the history of the OWASP Project.
Introduction to the

After watching this video; you will be able to understand the OWASP Top 10 list and recognize its patterns in your own applications.
Microsoft Anti-cross Site Scripting Library

After watching this video; you will be able to use the Microsoft Anti-cross Site Scripting Library.
Mitigate Security

After watching this video; you will be able to identify mitigations for OWASP Top 10 violations in a given scenario.
NuGet Packages Security

After watching this video; you will be able to recognize how to handle security when using NuGet packages.
Output Encoding

After watching this video; you will be able to describe how to appropriately encode output into a page to avoid script injection; XSS; and other exploits.
Password Hashing

After watching this video; you will be able to describe password hashing and its application.
Password Policies

After watching this video; you will be able to implement password policies in ASP.NET and ASP.NET MVC.
Releasing Resources to Avoid Pool Exhaustion

After watching this video; you will be able to describe how inadequately releasing types can lead to denial of service.
Session State in ASP.NET MVC

After watching this video; you will be able to describe how session state works in ASP.NET and ASP.NET MVC.
SSL and Transport Security

After watching this video; you will be able to describe SSL/HTTPS security.
Symmetric Encryption in .NET

After watching this video; you will be able to describe when and how to use encryption in .NET.
Trusted versus SQL Authentication

After watching this video; you will be able to identify the SQL Server authentication models.
Web Parameter Tampering Mitigation

After watching this video; you will be able to describe how to mitigate web parameter tampering in ASP.NET MVC and JavaScript.
Understanding Non-repudiation

After watching this video; you will be able to identify characteristics of the concept of non-repudiation.
Business Impact Analysis

After watching this video; you will be able to conduct a business impact analysis.
Confidentiality

After watching this video; you will be able to describe characteristics of the fundamental security concept of confidentiality as it relates to securing user accounts.
Chain of Custody

In this video; Glen E. Clarke discusses the use of the chain of custody during incident response.
Defense in Depth

After watching this video; you will be able to recognize the characteristics of defense in depth.
Distributed Computing

After watching this video; you will be able to distinguish between the different architectural forms and supporting elements of secured distributed computing.
Principle of Least Privilege

The principle of least privilege is an important concept in IT security. In this video; Travis Welton discusses legislation that has led to an increased focus on the principle; explains the challenges involved in applying the principle; and outlines some of the methods for implementing it.
Authorization

After watching this video; you will be able to describe characteristics of authorization as part of the identify management lifecycle.
Anti-Malware

After watching this video; you will be able to identify best practices for using anti-malware as a preventative measure.
Access Control Lists

When preparing for the CompTIA CASP CAS-002 examination; you're expected to know about Access Control Lists (ACLs); which form a part of network security. An ACL can exist within a file system and network devices such as routers; switches; and wireless access points. In this video; Glen Clarke discusses ACLs and how they determine what traffic passes through a router.
Accounting

After watching this video; you will be able to identify the role of accounting in assuring security .
Attack Surface

Attackers can gain access to your system; network; or application through various methods. In this video; Travis Welton discusses various attack surfaces that need to be considered when dealing with system security.
AJAX

AJAX is a new way to use existing programming standards. In this video; Dan LaChance reviews how Ajax issues can affect network security in CompTIA CASP CAS-002.
Availability

After watching this video; you will be able to identify the characteristics of availability.
Public Key Infrastructure (PKI)

After watching this video; you will be able to identify characteristics of PKI.
Security Testing

After watching this video; you will be able to distinguish between white; gray; and black-box testing.
Leveraging Existing Components

After watching this video; you will be able to recognize the characteristics of leveraging existing components.
Virtual Private Networks

The CompTIA CASP CAS-200 certification covers how you apply advanced level security skills; including the implementation of various network types. In this video; Glen E. Clarke demonstrates how Virtual Private Networks (VPNs) are used to secure an environment.
Flash

In this video; Dan LaChance explains how Flash issues can affect network security in CompTIA CASP CAS-002.
Technical Controls

After watching this video; you will be able to describe how to use technical controls to implement and assess compliance.
Cryptography

After watching this video; you will be able to use cryptography for determining appropriate security controls.
Monitoring

After watching this video; you will be able to recognize characteristics of monitoring during operations and maintenance.
Penetration Testing

In this video; Steven Crawford explains how to use penetration testing to enhance network security.
Public Key Infrastructure (PKI)

After watching this video; you will be able to identify characteristics of PKI.
Malware

After watching this video; you will be able to distinguish between types of malware.
Multi-factor Authentication

After watching this video; you will be able to describe Multi-Factor Authentication and how it can be implemented in ASP.NET MVC.
Privacy

After watching this video; you will be able to identify characteristics of privacy issues that pertain to information security.
Risk Management

When preparing for the CompTIA CASP CAS-002 certification; you need to know about risk management. In this video; Glen E. Clarke discusses the risk management process; how to identify threats; and how to ensure improved asset protection.
Input Validation

After watching this video; you will be able to recognize examples of using input validation as a defensive coding practice.
Integrity

After watching this video; you will be able to describe characteristics of the fundamental security concept of integrity as it relates to securing user accounts.
Role-based Access Control

After watching this video; you will be able to describe the functioning of role-based access control systems.
Service Models

After watching this video; you will be able to distinguish between cloud security service models.
SOAP

In this video; Dan LaChance discusses how SOAP issues can affect network security in CompTIA CASP CAS-002.
Denial of Service Attacks

After watching this video; you will be able to describe distributed denial of service attacks and identify mitigation strategies.
Fault Tolerance

After watching this video; you will be able to identify characteristics of fault tolerance as a security capability within information systems.
Public Key Infrastructure

After watching this video; you will be able to describe how to use PKI as part of implementing and operating cryptographic systems.
Risk Assessment for Code Reuse

After watching this video; you will be able to recognize characteristics of risk assessment for code reuse.
Standards

After watching this video; you will be able to recognize characteristics of standards.
Authorization

After watching this video; you will be able to describe characteristics of authorization.
Confidentiality

After watching this video; you will be able to recognize the characteristics of confidentiality.
Functional Testing

After watching this video; you will be able to identify characteristics of functional testing.
Integrity

After watching this video; you will be able to identify the characteristics of integrity.
Logging

After watching this video; you will be able to describe logging activities as part of operating and maintaining monitoring systems.
Nonfunctional Testing

After watching this video; you will be able to distinguish between nonfunctional testing methods.
Non-Repudiation

After watching this video; you will be able to recognize the characteristics of non-repudiation.
Defense in Depth

After watching this video; you will be able to define the Defense in Depth principle.
Identity Management

Identity management as an IT security strategy in a cloud is more complex than within an enterprise environment; which has known protocols for authentication and authorization. In this video; Carlos Moros discusses principal and resource-centric identity management with rule-based access control. Proliferation of identities and credentials across cloud providers can be curtailed using an identity mediator or a federated approach.
Mobile Device Management

After watching this video; you will be able to use mobile device management for endpoint device security.
NFS and CIFS

NAS devices use standard file sharing protocols like network file system and common Internet file system in a file sharing environment. In this video; Steven Crawford explains NFS and CIFS.
Role-based Access Control

After watching this video; you will be able to describe best practices when implementing role-based access control.
Chain of Custody

After watching this video; you will be able to identify chain of custody best practices.
Intrusion Detection and Prevention

After watching this video; you will be able to describe intrusion detection and prevention best practices.
Logging

After watching this video; you will be able to recognize characteristics of logging.
Standards

In this video; Dan LaChance discusses how standards are used to secure a network environment in CompTIA CASP CAS-002.
Configuration

After watching this video; you will be able to recognize examples of using configuration as a defensive coding practice.
Data Types

After watching this video; you will be able to distinguish between structured and unstructured data.
Firewall Overview

After watching this video; you will be able to identify the purpose of firewalls.
Host-based Firewalls

After watching this video; you will be able to use host-based firewalls for endpoint device security.
Risk Frameworks

After watching this video; you will be able to identify appropriate risk frameworks.
Virtualization

After watching this video; you will be able to identify benefits of virtualization in secure software design.
Incident Management

After watching this video; you will be able to distinguish between the different activities of incident management.
Interfaces

After watching this video; you will be able to identify interfaces best practices.
Multifactor Authentication

After watching this video; you will be able to describe authentication factors and the use of multifactor authentication in authentication systems.
Reporting

After watching this video; you will be able to identify best practices for reporting risk management activities and findings.
Risk Management

After watching this video; you will be able to distinguish between the steps of the general risk management model.
Digital Signatures

After watching this video; you will be able to use digital signatures for sending and receiving data.
Organizational Code of Ethics

After watching this video; you will be able to support an organization's code of ethics.
Defense in Depth

After watching this video; you will be able to describe best practices for applying defense in depth in secure user account management.
Social Engineering

With the advancements in technology and services available online one must ensure to protect personal information. In this video; Travis Welton discusses social engineering as a security concern.
Error Handling

After watching this video; you will be able to recognize examples of using error handling as a defensive coding practice.
Integrity

One of the core concepts central to IT security is integrity. In this video; Travis Welton discusses what integrity means in relation to information security and outlines the ways that data integrity can be protected.
Multifactor Authentication

After watching this video; you will be able to recognize characteristics of authentication.
Sandboxing

After watching this video; you will be able to recognize characteristics of sandboxing as a defensive coding practice.
Cybersecurity Analyst+: Network Hardware

After watching this video, you will be able to identify when to use specific network hardware.
Cybersecurity Analyst+: IPv4

After watching this video, you will be able to understand IPv4 settings.
Cybersecurity Analyst+: IPv6

After watching this video, you will be able to understand IPv6 settings.
Cybersecurity Analyst+: The OSI Model

After watching this video, you will be able to map network hardware and software to the OSI model.
Cybersecurity Analyst+: Cloud Concepts

After watching this video, you will be able to explain the purpose of cloud computing.
Cybersecurity Analyst+: Cloud Service Models

After watching this video, you will be able to recognize the use of cloud service models.
Cybersecurity Analyst+: Network Services

After watching this video, you will be able to configure network services securely.
Cybersecurity Analyst+: Wired and Wireless Networks

After watching this video, you will be able to explain common wired and wireless network concepts.
Cybersecurity Analyst+: Use Common Wireless Tools

After watching this video, you will be able to scan for wireless networks and understand the returned results.
Cybersecurity Analyst+: Internal and External Networks

After watching this video, you will be able to determine placement of network devices.
Cybersecurity Analyst+: TCP and UDP

After watching this video, you will be able to understand transport protocols.
Cybersecurity Analyst+: Use Common Windows TCP/IP Utilities

After watching this video, you will be able to use Windows tools to use when configuring and troubleshooting TCP/IP.
Cybersecurity Analyst+: Use Common Linux TCP/IP Utilities

After watching this video, you will be able to use Linux tools to use when configuring and troubleshooting TCP/IP.
Cybersecurity Analyst+: Configure and Scan for Open Ports

After watching this video, you will be able to configure and scan for service ports.
Cybersecurity Analyst+: Create a physical memory dump

After watching this video, you will be able to create a memory dump.
Cybersecurity Analyst+: View deleted files on a hard disk

After watching this video, you will be able to retrieve and view deleted files.
Cybersecurity Analyst+: Prevent and investigate security problems

After watching this video, you will be able to prevent threat materialization and follow proper forensic procedures.
Cybersecurity Analyst+: Hiring and Background Checks

After watching this video, you will be able to recognize proper hiring practices.
Cybersecurity Analyst+: Digital Forensics and Data at Rest

After watching this video, you will be able to explain how forensic tools can be used against data stored on media.
Cybersecurity Analyst+: Common Digital Forensic Tools

After watching this video, you will be able to distinguish common forensics tools from one another.
Cybersecurity Analyst+: Mobile Device Forensics

After watching this video, you will be able to explain the sequence of steps that should be followed when conducting mobile device forensics.
Cybersecurity Analyst+: User Training and Awareness

After watching this video, you will be able to explain why user training and awareness is one of the most important security defenses.
Cybersecurity Analyst+: Digital Forensics Overview

After watching this video, you will be able to enter first topic objective here.
Cybersecurity Analyst+: Digital Forensics Hardware

After watching this video, you will be able to determine which forensic hardware is best suited for a specific situation.
Cybersecurity Analyst+: Digital Forensics Software

After watching this video, you will be able to determine which forensic software is best suited for a specific situation.
Cybersecurity Analyst+: Root Kits

After watching this video, you will be able to recognize root kits.
Cybersecurity Analyst+: Privilege Escalation

After watching this video, you will be able to explain the concept of privilege escalation.
Cybersecurity Analyst+: Common Exploit Tools

After watching this video, you will be able to distinguish the difference between common exploit tools.
Cybersecurity Analyst+: Exploring the Metasploit Suite of Tools

After watching this video, you will be able to use Metasploit tools to further understand the attacker toolset.
Cybersecurity Analyst+: Spoofing

After watching this video, you will be able to explain the concept of spoofing.
Cybersecurity Analyst+: Packet Forgery using Kali Linux

After watching this video, you will be able to craft forged packets using free tools.
Cybersecurity Analyst+: Impersonation

After watching this video, you will be able to recognize how impersonation can be used to gain unauthorized access.
Cybersecurity Analyst+: Cross-site Scripting

After watching this video, you will be able to recognize CSS attacks.
Cybersecurity Analyst+: User On-Boarding and Off-Boarding

After watching this video, you will be able to provision new user accounts in accordance with organizational security policies.
Cybersecurity Analyst+: Personnel Management Best Practices

After watching this video, you will be able to apply personnel management best practices.
Cybersecurity Analyst+: Threats, Vulnerabilities, and Exploits

After watching this video, you will be able to distinguish the difference between threats, vulnerabilities, and exploits.
Cybersecurity Analyst+: Configure a Packet Filtering Firewall

After watching this video, you will be able to configure a packet filtering firewall.
Cybersecurity Analyst+: Proxy Servers

After watching this video, you will be able to explain the purpose of a proxy server.
Cybersecurity Analyst+: Security Appliances

After watching this video, you will be able to explain the purpose of a security appliance.
Cybersecurity Analyst+: Web Application Firewall

After watching this video, you will be able to recognzie the unique capabilities of web applicaton firewalls.
Cybersecurity Analyst+: Packet Filtering Firewalls

After watching this video, you will be able to recognize how packet filters work.
Cybersecurity Analyst+: Worms

After watching this video, you will be able to identify worms.
Cybersecurity Analyst+: Spyware, Adware

After watching this video, you will be able to identity spyware and adware.
Cybersecurity Analyst+: Ransomware

After watching this video, you will be able to explain how ransomware works.
Cybersecurity Analyst+: Anti-malware

After watching this video, you will be able to mitigate malware using anti-malware solutions.
Cybersecurity Analyst+: Malware Overview

After watching this video, you will be able to identify different types of malware.
Cybersecurity Analyst+: Viruses

After watching this video, you will be able to identify viruses.
Cybersecurity Analyst+: Network Intrusion Prevention Systems

After watching this video, you will be able to recognize when to use NIPS.
Cybersecurity Analyst+: Intrusion Detection and Prevention Overview

After watching this video, you will be able to explain the importance of intrusion detection and prevention.
Cybersecurity Analyst+: Host Intrusion Detection Systems

After watching this video, you will be able to recognize when to use HIDS.
Cybersecurity Analyst+: Network Intrusion Detection Systems

After watching this video, you will be able to recognize when to use NIDS.
Cybersecurity Analyst+: Windows Event Log Forwarding

After watching this video, you will be able to configure Windows event log forwarding.
Cybersecurity Analyst+: SIEM

After watching this video, you will be able to identify where SIEM is used.
Cybersecurity Analyst+: SCADA and ICS

After watching this video, you will be able to identify where SCADA and ICS are used in different industries.
Cybersecurity Analyst+: Common Monitoring Tools

After watching this video, you will be able to distinguish the difference between common monitoring tools.
Cybersecurity Analyst+: Linux OS Monitoring Tools

After watching this video, you will be able to monitor the Linux OS.
Cybersecurity Analyst+: Windows OS Monitoring Tools

After watching this video, you will be able to monitor the Windows OS.
Cybersecurity Analyst+: Reasons for Monitoring

After watching this video, you will be able to recognize the importance of continuous monitoring of various systems.
Cybersecurity Analyst+: Exploring the Kali Linux Suite of Tools

After watching this video, you will be able to use Kali Linux tools to further understand the attacker toolset.
Cybersecurity Analyst+: Password Cracking

After watching this video, you will be able to crack passwords.
Cybersecurity Analyst+: Detailed Log Analysis

After watching this video, you will be able to identify events from specific types of logs.
Cybersecurity Analyst+: Understand exploits and monitoring

After watching this video, you will be able to describe the difference between vulnerabilities and exploits as well as use various reporting tools.
Cybersecurity Analyst+: Point-in-time Data Analysis

After watching this video, you will be able to analyze timestamped data from various sources.
Cybersecurity Analyst+: Data Correlation and Analytics

After watching this video, you will be able to identify trends in network usage.
Cybersecurity Analyst+: Monitoring Network Bandwidth

After watching this video, you will be able to view network utilization.
Cybersecurity Analyst+: Topology, Service Discovery, and OS Fingerprinting

After watching this video, you will be able to explain how to discover network devices.
Cybersecurity Analyst+: Reviewing Logs

After watching this video, you will be able to use logs to learn about the network environment.
Cybersecurity Analyst+: Packet Capturing

After watching this video, you will be able to use packet capturing tools for network traffic analysis.
Cybersecurity Analyst+: Capture FTP and HTTP Traffic

After watching this video, you will be able to capture and interpret FTP and HTTP traffic.
Cybersecurity Analyst+: Virtualization

After watching this video, you will be able to recognize the role of virtualization in cloud computing.
Cybersecurity Analyst+: Cloud Security Options

After watching this video, you will be able to identify cloud security options.
Cybersecurity Analyst+: Network Architecture and Reconnaissanse

After watching this video, you will be able to recognize various network configurations and perform network reconnaissance.
Cybersecurity Analyst+: Threat Overview

After watching this video, you will be able to identify assets and related threats.
Cybersecurity Analyst+: Threat Classification

After watching this video, you will be able to recognize known, unkown persitant and zero-day threats.
Cybersecurity Analyst+: Personally Identifiable Information

After watching this video, you will be able to identify what constitues PII.
Cybersecurity Analyst+: Data Ownership and Retention Policy

After watching this video, you will be able to identify details within data ownership and retention policies.
Cybersecurity Analyst+: Data Classification Policy

After watching this video, you will be able to identify details within data classification policies.
Cybersecurity Analyst+: Password Policy

After watching this video, you will be able to identify details within a password policy.
Cybersecurity Analyst+: Network Infrastructure Discovery

After watching this video, you will be able to discover network configurations.
Cybersecurity Analyst+: Email and DNS Harvesting

After watching this video, you will be able to explain harvesting techniques.
Cybersecurity Analyst+: Social Engineering and Phishing

After watching this video, you will be able to recognize social engineering techniques.
Cybersecurity Analyst+: Acceptable Use Policy

After watching this video, you will be able to identify details within acceptable use policies.
Cybersecurity Analyst+: Patching Overview

After watching this video, you will be able to recognize the importance of keeping hardware and software up to date.
Cybersecurity Analyst+: Use SCCM to Deploy Patches

After watching this video, you will be able to apply patches properly to secure network hosts.
Cybersecurity Analyst+: File System Permissions

After watching this video, you will be able to set the correct access to file systems while adhering to the principle of least privilege.
Cybersecurity Analyst+: Network Access Control

After watching this video, you will be able to recognize the purpose of controlling network access with NAC.
Cybersecurity Analyst+: SDLC Phases

After watching this video, you will be able to identify SDLC phases.
Cybersecurity Analyst+: Secure Coding

After watching this video, you will be able to apply secure coding practices.
Cybersecurity Analyst+: Security Testing

After watching this video, you will be able to properly test technology solutions for security.
Cybersecurity Analyst+: Host Hardening

After watching this video, you will be able to reduce the attack surface of a network host.
Cybersecurity Analyst+: Asset Inventory

After watching this video, you will be able to use existing inventory to drive decisions related to security.
Cybersecurity Analyst+: Identify and Respond to Threats

After watching this video, you will be able to recognize threat impact and design an incident response plan.
Cybersecurity Analyst+: Memorandum of Understanding

After watching this video, you will be able to explain the purpose of an MOU.
Cybersecurity Analyst+: ISO

After watching this video, you will be able to apply ISO security standards to harden your environment.
Cybersecurity Analyst+: TOGAF

After watching this video, you will be able to recognize how the TOGAF enterprise IT architecture can increase efficiency of security controls.
Cybersecurity Analyst+: SABSA

After watching this video, you will be able to recognize how to assess risk and apply effective security controls to mitigate that risk.
Cybersecurity Analyst+: Jump Box

After watching this video, you will be able to recognize the purpose of a jump box.
Cybersecurity Analyst+: IT Security Governance

After watching this video, you will be able to explain how proper IT governance results in secured IT resources.
Cybersecurity Analyst+: Regulatory Compliance

After watching this video, you will be able to recognize how regulatory compliance can influence security controls.
Cybersecurity Analyst+: NIST

After watching this video, you will be able to apply NIST's Cybersecurity Framework to your digital assets.
Cybersecurity Analyst+: VLANs

After watching this video, you will be able to recognize the purpose of network segregation using VLANs.
Cybersecurity Analyst+: Determining Resource Access

After watching this video, you will be able to identify various conditions that control access to resources.
Cybersecurity Analyst+: Honeypots

After watching this video, you will be able to recognize the purpose of intentionally creating vulnerable hosts to monitor malicious use.
Cybersecurity Analyst+: Incident Communication

After watching this video, you will be able to describe incident disclosure options.
Cybersecurity Analyst+: Host Symptoms and Response Actions

After watching this video, you will be able to analyze host symptoms to determine the best response.
Cybersecurity Analyst+: Network Symptoms and Response Actions

After watching this video, you will be able to analyze network symptoms to determine the best response.
Cybersecurity Analyst+: Application Symptoms and Response Actions

After watching this video, you will be able to analyze application symptoms to determine the best response.
Cybersecurity Analyst+: Prevent Data Storage on Unencrypted Media

After watching this video, you will be able to configure Group Policy to prevent data leakage.
Cybersecurity Analyst+: Scope of Impact

After watching this video, you will be able to determine the affect of negative incidents.
Cybersecurity Analyst+: Stakeholders

After watching this video, you will be able to identify stakeholders related to incident response.
Cybersecurity Analyst+: Role-based Responsibilities

After watching this video, you will be able to recognize incident response roles.
Cybersecurity Analyst+: Payment Card Information

After watching this video, you will be able to explain payment card data.
Cybersecurity Analyst+: Intellectual Property

After watching this video, you will be able to identify intellectual property.
Cybersecurity Analyst+: Data Loss Prevention

After watching this video, you will be able to control how valuable data is used.
Cybersecurity Analyst+: Chain of Custody Form

After watching this video, you will be able to protect the integrity of collected evidence.
Cybersecurity Analyst+: Change Control Processes

After watching this video, you will be able to implement changes to processes resulting from lessons learned.
Cybersecurity Analyst+: Types of Reports

After watching this video, you will be able to determine which type of report provides the best data for a specific situation.
Cybersecurity Analyst+: Service Level Agreement

After watching this video, you will be able to determine if SLA details are aligned with business needs.
Cybersecurity Analyst+: OEM Documentation

After watching this video, you will be able to identify how OEM documentation can be used to reverse engineer products.
Cybersecurity Analyst+: Network Documentation

After watching this video, you will be able to recognize the relevance of up-to-date network documentation.
Cybersecurity Analyst+: Incident Response Plan / Call List

After watching this video, you will be able to recognize the ongoing maintenance of incident response plans.
Cybersecurity Analyst+: Incident Documentation

After watching this video, you will be able to create proper incident forms.
Cybersecurity Analyst+: Lessons Learned

After watching this video, you will be able to identify positive learned outcomes resulting from incidents.
Cybersecurity Analyst+: Incident Containment

After watching this video, you will be able to contain negative incidents.
Cybersecurity Analyst+: Incident Eradication

After watching this video, you will be able to thoroughly remove data.
Cybersecurity Analyst+: Endpoint Vulnerabilities

After watching this video, you will be able to identify security weaknesses on endpoint devices.
Cybersecurity Analyst+: Network Vulnerabilities

After watching this video, you will be able to identify security weaknesses at the network level.
Cybersecurity Analyst+: Mobile Device Vulnerabilities

After watching this video, you will be able to identify security weaknesses on mobile devices.
Cybersecurity Analyst+: Vulnerability Scanning Overview

After watching this video, you will be able to recognize the overall process of scanning for vulnerabilities.
Cybersecurity Analyst+: RADIUS, TACACS+

After watching this video, you will be able to configure centralized authentication using RADIUS.
Cybersecurity Analyst+: User Provisioning and Deprovisioning

After watching this video, you will be able to describe what user provisioning entails.
Cybersecurity Analyst+: Identity Federation

After watching this video, you will be able to describe how identity federation differs from traditional authentication.
Cybersecurity Analyst+: Server Vulnerabilities

After watching this video, you will be able to identify security weaknesses in server OSs.
Cybersecurity Analyst+: Configure Multifactor Authentication for VPN Clients

After watching this video, you will be able to require VPN connections to use MFA.
Cybersecurity Analyst+: Authorization

After watching this video, you will be able to recognize how resource access gets authorized.
Cybersecurity Analyst+: Describe ways of reducing vulnerabilities

After watching this video, you will be able to reduce vulnerabilities that can be exploited.
Cybersecurity Analyst+: Firewalling Overview

After watching this video, you will be able to recognize the purpose of various firewall types.
Cybersecurity Analyst+: Firewall Rules

After watching this video, you will be able to recognize how firewall rules are created based on what type of traffic should or should not be allowed.
Cybersecurity Analyst+: Common Vulnerability Scanning Tools

After watching this video, you will be able to distinguish various vulnerability scanning tools from one another.
Cybersecurity Analyst+: Scan for Vulnerabilities using Microsoft Baseline Security Analyzer

After watching this video, you will be able to conduct a vulnerability scan using MBSA.
Cybersecurity Analyst+: Review Vulnerability Scan Results

After watching this video, you will be able to understand vulnerability scan results.
Cybersecurity Analyst+: Vulnerability Remediation

After watching this video, you will be able to put controls in place to mitigate threats.
Cybersecurity Analyst+: Vulnerability Scanning Settings

After watching this video, you will be able to configure appropriate vulnerability scanning settings.
Cybersecurity Analyst+: SCAP

After watching this video, you will be able to explain how the SCAP standard is used to measure vulnerability issues and compliance.
Cybersecurity Analyst+: Scan for Vulnerabilities using Nessus

After watching this video, you will be able to conduct a vulnerability scan using Nessus.
Cybersecurity Analyst+: Penetration Testing

After watching this video, you will be able to identify factors related to conducting penetration tests.
Cybersecurity Analyst+: Mitigations and Security Control types

After watching this video, you will be able to list categories of security controls and threat mitigations.
Cybersecurity Analyst+: Administrative Controls

After watching this video, you will be able to identify administrative security controls.
Cybersecurity Analyst+: Compensating Controls

After watching this video, you will be able to identify compensating security controls.
Cybersecurity Analyst+: Continuous Monitoring of Controls

After watching this video, you will be able to recognize the importance of continuous monitoring.
Cybersecurity Analyst+: Hardware Trust

After watching this video, you will be able to explain how firmware must be accredited before universal trust is established.
Cybersecurity Analyst+: ITIL

After watching this video, you will be able to recognize how to apply ITIL to increase the efficiency of IT service delivery.
Cybersecurity Analyst+: Physical Controls

After watching this video, you will be able to identify physical security controls.
Cybersecurity Analyst+: Logical Controls

After watching this video, you will be able to identify logical security controls.
Cybersecurity Analyst+: Configure Router ACL Rules

After watching this video, you will be able to configure router ACL rules to block ICMP traffic.
Cybersecurity Analyst+: Authentication

After watching this video, you will be able to recognize authentication methods used to prove one's identity.
Cybersecurity Analyst+: Use Windows EFS File Encryption

After watching this video, you will be able to encrypt files on a Windows system using EFS.
Cybersecurity Analyst+: Fingerprinting, Hashing

After watching this video, you will be able to explain how file integrity can be maintained.
Cybersecurity Analyst+: File Hashing in Linux

After watching this video, you will be able to enable file integrity using Linux.
Cybersecurity Analyst+: File Hashing in Windows

After watching this video, you will be able to enable file integrity using Windows.
Cybersecurity Analyst+: Symmetric Cryptography

After watching this video, you will be able to differentiate symmetric from asymmetric encryption.
Cybersecurity Analyst+: Asymmetric Cryptography

After watching this video, you will be able to differentiate asymmetric from symmetric encryption.
Cybersecurity Analyst+: Public Key Infrastructure

After watching this video, you will be able to identify the PKI hierarchy.
Cybersecurity Analyst+: Request a PKI Certificate from a Windows CA

After watching this video, you will be able to request a security certificate from a CA.
Cybersecurity Analyst+: Cryptography Primer

After watching this video, you will be able to recognize how crypto is used to secure data in the enterprise.
CompTIA CASP CS0-003: Governance, Risk, and Compliance Committee

After watching this video, you will be able to describe the importance of the governance, risk, and compliance committee.
CompTIA CASP CS0-003: Interact across Business Units

After watching this video, you will be able to interact professionally with various business units.
CompTIA CASP CS0-003: Providing Objective Guidance and Recommendations

After watching this video, you will be able to provide objective guidance and recommendations.
CompTIA CASP CS0-003: Establishing Effective Collaboration

After watching this video, you will be able to establish effective collaboration.
CompTIA CASP CS0-003: Public Key Infrastructure (PKI)

After watching this video, you will be able to implement key components of PKI.
CompTIA CASP CS0-003: Blockchain and Mobility

After watching this video, you will be able to describe blockchain and mobile cryptography.
CompTIA CASP CS0-003: SSH, S/MIME, and SSL/TLS

After watching this video, you will be able to implement SSH, S/MIME, and SSL/TLS.
CompTIA CASP CS0-003: Cryptographic Applications

After watching this video, you will be able to implement cryptographic applications.
CompTIA CASP CS0-003: Desktop and Application Sharing

After watching this video, you will be able to describe desktop and application sharing.
CompTIA CASP CS0-003: Remote Assistance

After watching this video, you will be able to describe remote assistance.
CompTIA CASP CS0-003: Describe Cryptographic Techniques

After watching this video, you will be able to select cryptographic techniques based on requirements.
CompTIA CASP CS0-003: Remote Access Resources and Services

After watching this video, you will be able to specify remote access resources and services.
CompTIA CASP CS0-003: Conferencing and Web Services

After watching this video, you will be able to specify conferencing and web services.
CompTIA CASP CS0-003: Video and Audio Services

After watching this video, you will be able to specify video and audio services.
CompTIA CASP CS0-003: Storage and Document Collaboration

After watching this video, you will be able to specify storage and document collaboration tools.
CompTIA CASP CS0-003: Social Media and Cloud Services

After watching this video, you will be able to specify social media and cloud services.
CompTIA CASP CS0-003: Describe Secure Collaboration

After watching this video, you will be able to describe secure collaboration.
CompTIA CASP CS0-003: IM and Presence

After watching this video, you will be able to specify IM and presence.
CompTIA CASP CS0-003: E-mail and Telephony

After watching this video, you will be able to specify e-mail and telephony.
CompTIA CASP CS0-003: Threats and Attacks

After watching this video, you will be able to avoid threats and attacks.
CompTIA CASP CS0-003: Zero-day Mitigation Controls

After watching this video, you will be able to describe the features and benefits of zero-day mitigation controls.
CompTIA CASP CS0-003: Best Practices for Ongoing Research

After watching this video, you will be able to recall best practices for ongoing research.
CompTIA CASP CS0-003: Researching New Technologies

After watching this video, you will be able to research new technologies, security systems, and services in order to stay up to date.
CompTIA CASP CS0-003: Researching Social Media and Integration

After watching this video, you will be able to recognize the important of researching social media and methods of integration.
CompTIA CASP CS0-003: Big Data, Machine Learning & Artificial Intelligence

After watching this video, you will be able to list the features and benefits of big data, machine-learning, and artificial intelligence.
CompTIA CASP CS0-003: Global Information Assurance (IA) Industry

After watching this video, you will be able to define the global IA industry and who is involved.
CompTIA CASP CS0-003: Systems DLC Requirements and Acquisition

After watching this video, you will be able to describe the system DLC requirements, acquisition, testing, and evaluation.
CompTIA CASP CS0-003: Systems DLC Operations, Monitoring, and Maintenance

After watching this video, you will be able to describe the system DLC operations, monitoring, and maintenance.
CompTIA CASP CS0-003: Global Information Assurance (IA) Community

After watching this video, you will be able to list typical groups included in the global IA community.
CompTIA CASP CS0-003: Determine Trends and Their Impact

After watching this video, you will be able to apply research methods to determine industry trends and their impact on the enterprise.
CompTIA CASP CS0-003: Software DLC NX/XN Bit, ASLR, and Code Quality

After watching this video, you will be able to define the software DLC NX/XN bit, ASLR, and code quality.
CompTIA CASP CS0-003: Software DLC Testing and DevOps

After watching this video, you will be able to define the software DLC testing and DevOps.
CompTIA CASP CS0-003: Systems DLC Configuration and Change Management

After watching this video, you will be able to describe the system DLC configuration and change management.
CompTIA CASP CS0-003: Software DLC Applications and Software Assurance

After watching this video, you will be able to define the software DLC applications and software assurance.
CompTIA CASP CS0-003: Security Requirements Traceability Matrix (SRTM)

After watching this video, you will be able to define the security requirements traceability matrix.
CompTIA CASP CS0-003: Testing and Validation in the Software DLC

After watching this video, you will be able to define testing and validation in the software DLC.
CompTIA CASP CS0-003: Agile, Waterfall, and Spiral Software Development

After watching this video, you will be able to define agile, waterfall, and spiral software development.
CompTIA CASP CS0-003: Describe Life Cycle Activities

After watching this video, you will be able to describe life cycle activities.
CompTIA CASP CS0-003: Interacting with Sales and HR Staff

After watching this video, you will be able to interact with Sales and HR stakeholders.
CompTIA CASP CS0-003: Adapting Adequate Solutions

After watching this video, you will be able to adapt adequate solutions.
CompTIA CASP CS0-003: Asset Management and Inventory Control

After watching this video, you will be able to describe asset management and inventory control.
CompTIA CASP CS0-003: Expressing Goals with DR Stakeholders

After watching this video, you will be able to express goals with disaster recovery stakeholders.
CompTIA CASP CS0-003: Interpreting Goals with Programmers and Admins

After watching this video, you will be able to interpret goals with programmers and administrators.
CompTIA CASP CS0-003: Communicating Security Requirements with the C-Suite

After watching this video, you will be able to communicate goals with stakeholders.
CompTIA CASP CS0-003: Cloud Augmented Security Services

After watching this video, you will be able to specify cloud augmented security services.
CompTIA CASP CS0-003: CASB and Sec-as-a-Service

After watching this video, you will be able to specify CASB and sec-as-a-service offerings.
CompTIA CASP CS0-003: Resource Provisioning and De-provisioning

After watching this video, you will be able to define resource provisioning and de-provisioning.
CompTIA CASP CS0-003: Describe Cloud and Virtualization

After watching this video, you will be able to describe enterprise cloud and virtualization technologies.
CompTIA CASP CS0-003: Host Comingling Vulnerabilities

After watching this video, you will be able to define host comingling vulnerabilities.
CompTIA CASP CS0-003: Data Security Considerations

After watching this video, you will be able to describe host comingling vulnerabilities.
CompTIA CASP CS0-003: Authorization

After watching this video, you will be able to identify the different types of advanced authorization.
CompTIA CASP CS0-003: Attestation, Proofing, and Propagation

After watching this video, you will be able to compare attestation, proofing, and propagation.
CompTIA CASP CS0-003: Advanced Authentication

After watching this video, you will be able to recognize the different components of advanced authentication.
CompTIA CASP CS0-003: Access Management

After watching this video, you will be able to specify various types of access management.
CompTIA CASP CS0-003: Shibboleth and WAYF Federation Services

After watching this video, you will be able to describe Shibboleth and WAYF and how they work.
CompTIA CASP CS0-003: Trust Models

After watching this video, you will be able to list the features of several types of trust models.
CompTIA CASP CS0-003: SAML and OpenID Federation

After watching this video, you will be able to list characteristics of SAML and OpenID federation.
CompTIA CASP CS0-003: Cryptographic Mechanisms

After watching this video, you will be able to implement cryptographic mechanisms.
CompTIA CASP CS0-003: Cryptographic Data Processing

After watching this video, you will be able to describe cryptographic data processing.
CompTIA CASP CS0-003: Integrate Advanced AAA Technologies

After watching this video, you will be able to integrate advanced AAA technologies.
CompTIA CASP CS0-003: Cryptographic Techniques

After watching this video, you will be able to implement cryptographic techniques.
CompTIA CASP CS0-003: Cryptographic Implementations

After watching this video, you will be able to recognize various types of cryptographic implementations.
CompTIA CASP CS0-003: Cryptographic Encryption - Steganography

After watching this video, you will be able to use the OpenPuff steganography tool.
CompTIA CASP CS0-003: Cryptographic Modules and Processors

After watching this video, you will be able to implement cryptographic modules and processors.
CISA: IT Asset Management

After watching this video, you will be able to identify characteristics and best practices for IT asset management.
CISA: Computer Hardware Components and Architectures

After watching this video, you will be able to distinguish between computer hardware components and architectures.
CISA: Hardware Maintenance and Monitoring

After watching this video, you will be able to identify characteristics and best practices for hardware maintenance and hardware monitoring.
CISA: Capacity Management

After watching this video, you will be able to identify characteristics and best practices for capacity management activities.
CISA: Incident and Problem Management and Support

After watching this video, you will be able to identify problem management and support/help desk best practices.
CISA: Change Management

After watching this video, you will be able to identify characteristics and best practices of change management, release management and quality assurance in IS operations.
CISA: IS Operations

After watching this video, you will be able to identify best practices for IS operations.
CISA: Auditing IS Development and Implementation

After watching this video, you will be able to identify best practices when auditing IS acquisitions, development, and implementation activities within an organization.
CISA: Domain 4 Overview

After watching this video, you will be able to recognize the task and knowledge statements of domain 4.
CISA: Management of IS Operations

After watching this video, you will be able to identify characteristics and best practices of IS operations management.
CISA: IT Service Management

After watching this video, you will be able to identify characteristics of IT service management frameworks, and best practices.
CISA: Infrastructure Auditing Best Practices

After watching this video, you will be able to identify best practices for auditing and reviewing enterprise architecture, hardware, operating system, database, and network infrastructure.
CISA: Operations Auditing Best Practices

After watching this video, you will be able to identify best practices for auditing and reviewing IS operations, scheduling, and problem management reporting.
CISA: Recovery Objectives, Strategies, and Alternatives

After watching this video, you will be able to identify best practices for disaster recovery point and time objectives, recovery strategies, and recovery alternatives.
CISA: Disaster Recovery Plan Development

After watching this video, you will be able to identify best practices for developing a disaster recovery plan, and organizing and assigning responsibilities within an organization.
CISA: IS Software Utility and Licensing

After watching this video, you will be able to identify characteristics of utility programs, source code management, end-user computing, and utility programs in IS architecture and software.
CISA: Network Architectures, Services, and Standards

After watching this video, you will be able to identify characteristics of enterprise network architectures, types of networks, and network services, standards, and protocols.
CISA: OSI Architecture and Application

After watching this video, you will be able to identify characteristics of OSI architecture and best practices for applying the OSI model in network architectures.
CISA: Operating Systems

After watching this video, you will be able to identify operating systems features and options.
CISA: Access Control and Data Communications Software

After watching this video, you will be able to identify characteristics of access control software and data communications software.
CISA: Data Management

After watching this video, you will be able to identify characteristics and best practices for data management.
CISA: Database Management System

After watching this video, you will be able to identify characteristics and best practices of a DBMS.
CISA: Processing Procedures and Controls

After watching this video, you will be able to identify characteristics of processing procedures and controls.
CISA: Output Controls and Control Assurance

After watching this video, you will be able to identify characteristics of output controls, and business process control assurance best practices.
CISA: Auditing Application Controls

After watching this video, you will be able to identify best practices for auditing application controls.
CISA: Auditing Systems Dev, Acquisition, and Maintenance

After watching this video, you will be able to identify best practices for auditing systems development, acquisition, and maintenance.
CISA: Input/Origination Controls

After watching this video, you will be able to identify characteristics of input/origination controls.
CISA: Internet Threats and Security

After watching this video, you will be able to distinguish between common internet threats.
CISA: Encryption

After watching this video, you will be able to identify cryptography and cryptanalysis.
CISA: Malware

After watching this video, you will be able to identify characteristics of malware and best practices for mitigating risk from them.
CISA: Voice-over IP

After watching this video, you will be able to identify characteristics and security issues of VoIP.
CISA: Logical Access Best Practices

After watching this video, you will be able to identify best practices for information security management and logical access.
CISA: LAN Security

After watching this video, you will be able to identify characteristics of LAN security including virtualization.
CISA: Client-server Security

After watching this video, you will be able to identify characteristics of client-server security.
CISA: Wireless Security Threats and Mitigation

After watching this video, you will be able to identify best practices for wireless security.
CISA: Authorization Issues

After watching this video, you will be able to distinguish between different authorization issues and challenges.
CISA: Handling Confidential Information

After watching this video, you will be able to identify best practices for storing, retrieving, transporting, and disposing confidential information.
CISA: Identification and Authentication

After watching this video, you will be able to identify best practices for identification and authentication activities.
CISA: Environmental Issues and Exposures

After watching this video, you will be able to identify environmental issues and exposures.
CISA: Environmental Exposure Controls

After watching this video, you will be able to distinguish between different controls for environmental exposures.
CISA: Auditing Environmental Controls

After watching this video, you will be able to identify best practices for auditing environmental controls.
CISA: Security Testing Techniques

After watching this video, you will be able to distinguish between different security testing techniques when auditing information security management frameworks.
CISA: Investigation Techniques

After watching this video, you will be able to identify investigation techniques and best practices when auditing information security management frameworks.
CISA: Auditing Remote Access Part 1

After watching this video, you will be able to identify characteristics and best practices for auditing remote access, auditing internet points of presence, and performing network penetration tests.
CISA: Auditing Remote Access Part 2

After watching this video, you will be able to identify characteristics and best practices for performing full network assessment reviews, and auditing network change development and authorization, and unauthorized changes activities.
CISA: Private Branch Exchange

After watching this video, you will be able to recognize characteristics of PBX.
CISA: Auditing IS Management Frameworks Best Practices

After watching this video, you will be able to identify best practices for auditing information security management frameworks.
CISA: Auditing Logical Access

After watching this video, you will be able to identify best practices for auditing logical access.
CISA: Classifying Information Assets

After watching this video, you will be able to identify characteristics and best practices of classifying information assets.
CISA: Fraud Risk Factors

After watching this video, you will be able to identify fraud risk factors in information security management.
CISA: Information Security Control Design

After watching this video, you will be able to identify characteristics of controls, control standards and frameworks, and control monitoring and effectiveness practices.
CISA: System Access Permission

After watching this video, you will be able to identify characteristics and best practices of system access permission activities.
CISA: Auditing IS Ops and Service Management

After watching this video, you will be able to identify best practices when auditing IS operations, maintenance, and service management activities within an organization.
CISA: Domain 5 Overview

After watching this video, you will be able to recognize the task and knowledge statements of domain 5.
CISA: IS Management Key Elements

After watching this video, you will be able to identify characteristics and key elements of information security management and information security management systems.
CISA: IS Management Roles and Responsibilities

After watching this video, you will be able to distinguish between the different information security roles and responsibilities.
CISA: Backup and Restoration

After watching this video, you will be able to identify backup and restoration options and best practices.
CISA: Disaster Recovery Testing Methods

After watching this video, you will be able to distinguish between disaster recovery testing methods, and identify best practices for testing disaster recovery plans and activities in an organization.
CISA: Invoking Disaster Recovery Plans

After watching this video, you will be able to identify best practices for invoking disaster recovery plans within an organization.
CISA: Logical Access Exposures

After watching this video, you will be able to identify logical access exposures.
CISA: IT Environment Familiarization

After watching this video, you will be able to identify best practices for enterprise IT environment familiarization.
CISA: Paths of Logical Access

After watching this video, you will be able to identify characteristics of paths of logical access and general points of entry.
CISA: Logical Access Control Software

After watching this video, you will be able to identify logical access control software.
CISA: Information Security and External Parties

After watching this video, you will be able to identify best practices for information security activities involving external parties.
CISA: HR Security and Third Parties

After watching this video, you will be able to identify best practices for human resources activities with third parties.
CISA: Computer Crime Issues and Exposures

After watching this video, you will be able to identify characteristics of computer crime issues and exposures, and best practices for avoiding negative impacts.
CISA: Security Incident Handling and Response

After watching this video, you will be able to identify best practices for security incident handling and response activities.
CISA: IS Management Critical Success Factors

After watching this video, you will be able to identify the critical success factors of information security management and awareness, training and education best practices.
CISA: Mandatory and Discretionary Access Controls

After watching this video, you will be able to recognize characteristics of mandatory and discretionary access controls.
CISA: Privacy Principles and the IS Auditor Role

After watching this video, you will be able to identify privacy principles, and the IS auditor's role.
CISA: DLP Risk, Limitations, and Considerations

After watching this video, you will be able to identify challenges and considerations for data leak prevention techniques and practices.
CISA: End-user Computing Security Risk and Controls

After watching this video, you will be able to identify end-user security risks and controls.
CISA: Instant Messaging

After watching this video, you will be able to identify instant messaging information security best practices.
CISA: Social Media

After watching this video, you will be able to identify social media information security best practices.
CISA: Cloud Computing

After watching this video, you will be able to identify cloud computing information security best practices.
CISA: Data Leak Prevention

After watching this video, you will be able to identify characteristics and best practices for data leak prevention.
CISA: Physical Access Exposures and Controls

After watching this video, you will be able to identify physical access issues and exposures, and controls for mitigating threats.
CISA: Auditing Physical Access

After watching this video, you will be able to identify best practices for auditing physical access.
CISA: Mobile Computing

After watching this video, you will be able to identify mobile computing information security best practices.
CISA: Peer-to-peer Computing

After watching this video, you will be able to identify peer-to-peer computing information security best practices.
CISA: Auditing Information Security Practices

After watching this video, you will be able to identify best practices for auditing information security management frameworks and mobile, social, and cloud asset protection.
CISA: Testing, Auditing, and Configuration Management

After watching this video, you will be able to identify characteristics and best practices for testing and auditing change programs, emergency changes, and configuration management.
CISA: System Development Tools and Productivity Aids

After watching this video, you will be able to identify characteristics and best practices for code generators, computer-aided software engineering, and fourth-generation languages.
CISA: Process Improvement Practices

After watching this video, you will be able to distinguish between BPR methods and techniques, ISO 9126, CMMI, and ISO/IEC 330XX series process improvement practices.
CISA: Development Methods Part 2

After watching this video, you will be able to distinguish between component-based, web-based application, software reengineering, and reverse engineering development methods.
CISA: Infrastructure Development Practices

After watching this video, you will be able to identify characteristics of physical architecture analysis, infrastructure implementation planning, and critical success factors in infrastructure development activities.
CISA: Acquisition Practices

After watching this video, you will be able to identify best practices for hardware acquisition, system software acquisition, and system software implementation activities.
CISA: Change Management Process and Documentation

After watching this video, you will be able to identify characteristics and best practices for the change management process and change management documentation.
CISA: Business Application Systems Part 1

After watching this video, you will be able to distinguish between e-commerce, electronic data interchange, email, point-of-sale, electronic banking, electronic finance, payment, and integrated manufacturing business application system characteristics.
CISA: Business Application Systems Part 2

After watching this video, you will be able to distinguish between electronic funds transfer, ATM, interactive voice response, purchase accounting, image processing, industrial control, AI and expert, business intelligence, decision support, customer relationship management, and supply chain management business application systems characteristics.
CISA: Development Methods Part 1

After watching this video, you will be able to distinguish between structured analysis, design and development techniques, Agile, Prototyping-evolutionary, rapid application, and object-oriented system development methods.
CISA: IS Audit and Assurance General Guidelines

After watching this video, you will be able to identify the IS audit and assurance general guidelines.
CISA: IS Audit and Assurance Performance Guidelines

After watching this video, you will be able to identify the IS audit and assurance performance guidelines.
CISA: IS Audit and Assurance Reporting Guidelines

After watching this video, you will be able to identify the IS audit and assurance reporting guidelines.
CISA: IS Audit and Assurance Tools and Techniques

After watching this video, you will be able to distinguish between the different categories of IS audit and assurance tools and techniques.
CISA: IS Audit and Assurance Performance Standards

After watching this video, you will be able to identify the IS audit and assurance performance standards.
CISA: IS Audit and Assurance Reporting Standards

After watching this video, you will be able to identify the IS audit and assurance reporting standards.
CISA: The Role of the Auditor in CSA

After watching this video, you will be able to describe the auditor's role in a CSA program.
CISA: The CSA Approach and Drivers

After watching this video, you will be able to identify characteristics of the CSA approach and its technology drivers.
CISA: Integrated Auditing

After watching this video, you will be able to identify best practices for integrating auditing activities in an organization.
CISA: Continuous Auditing

After watching this video, you will be able to identify best practices for continuous auditing activities in an organization.
CISA: Audit Documentation

After watching this video, you will be able to identify characteristics and best practices of audit documentation.
CISA: Closing Findings

After watching this video, you will be able to identify best practices for IS audit follow-up activities.
CISA: Objectives of CSA

After watching this video, you will be able to recognize the characteristics and objectives of CSA.
CISA: Benefits and Disadvantages of CSA

After watching this video, you will be able to identify the benefits and disadvantages of CSA.
CISA: Exit Interviews and Audit Reports

After watching this video, you will be able to describe characteristics and best practices for using exit interviews and audit reports to present IS audit findings.
CISA: Computer-assisted Audit Techniques

After watching this video, you will be able to distinguish between different computer-assisted audit techniques and tools.
CISA: Evaluating the Control Environment

After watching this video, you will be able to identify best practices for evaluating the control environment.
CISA: Enterprise Architecture

After watching this video, you will be able to describe the purpose and best practices of EA.
CISA: IS Strategic Planning

After watching this video, you will be able to recognize the role of IS strategic planning in IS audit activities.
CISA: IT Steering Committee

After watching this video, you will be able to identify role and responsibilities of an IT steering committee.
CISA: Maturity and Process Improvement Models

After watching this video, you will be able to distinguish between different maturity process improvement models.
CISA: Governance of Enterprise IT Best Practices

After watching this video, you will be able to identify GEIT characteristics and best practices.
CISA: IT Governing Committees

After watching this video, you will be able to recognize the purpose and responsibilities of IT governing committees.
CISA: IT Balanced Scorecard

After watching this video, you will be able to describe the purpose and characteristics of an IT balanced scorecard.
CISA: Information Security Governance

After watching this video, you will be able to identify IS governance best practices.
CISA: Domain 2 Overview

After watching this video, you will be able to recognize the task and knowledge statements of domain 2.
CISA: Corporate Governance

After watching this video, you will be able to identify characteristics of corporate governance.
CISA: Conducting an IS Audit

After watching this video, you will be able to identify best practices for managing risk, communicating results, and CSA during IS audit activities.
CISA: IS Specific Controls

After watching this video, you will be able to identify IS control procedures.
CISA: Planning and Managing IS Audits

After watching this video, you will be able to identify best practices when planning and managing IS audits.
CISA: Audit Objectives

After watching this video, you will be able to describe the objectives of an IS audit.
CISA: Audit Types

After watching this video, you will be able to distinguish between different types of audits.
CISA: IS Control Objectives

After watching this video, you will be able to identify IS different types of IS control objectives.
CISA: COBIT 5

After watching this video, you will be able to describe how the COBIT 5 framework is used as part of IS control.
CISA: General Controls

After watching this video, you will be able to identify general controls used for information systems.
CISA: Guidelines, Standards, and Tools Interrelationships

After watching this video, you will be able to identify best practices when applying ISACA guidelines, standards, and tools and techniques in relation to each other and external guidelines such as regulatory requirements.
CISA: ITAF

After watching this video, you will be able to recognize characteristics of the ITAF reference model.
CISA: Risk Analysis

After watching this video, you will be able to identify the steps of the risk management process.
CISA: Internal Controls

After watching this video, you will be able to distinguish between preventive, detective, and corrective controls.
CISA: Evidence

After watching this video, you will be able to identify best practices for evaluating and using evidence when conducting IS audits.
CISA: Interviewing and Observance

After watching this video, you will be able to identify best practices when interviewing and observing personnel in performance of their duties.
CISA: Sampling

After watching this video, you will be able to identify best practices for sampling as part of an IS audit.
CISA: Outsourcing IS Assurance and Security Services

After watching this video, you will be able to identify best practices when outsourcing IS assurance and security services for IS audit activities.
CISA: Risk Assessment and Treatment

After watching this video, you will be able to identify risk assessment and risk treatment best practices.
CISA: Audit Programs

After watching this video, you will be able to describe characteristics of audit programs.
CISA: Fraud Detection

After watching this video, you will be able to identify best practices for fraud detection when performing IS audits.
CISA: Compliance vs. Substantive Testing

After watching this video, you will be able to distinguish between compliance and substantive testing when conducting IS audits.
CISA: Audit Methodology

After watching this video, you will be able to identify characteristics of an audit methodology.
CISA: Risk-based Auditing

After watching this video, you will be able to identify best practices in a risk-based audit approach.
CISA: Audit Risk and Materiality

After watching this video, you will be able to recognize risk influences and best practices when auditing risk for materiality.
CISA: Evaluating Results and Interviewing Personnel

After watching this video, you will be able to identify best practices when evaluating prior test results and interviewing key personnel.
CISA: Development of Business Continuity Plans

After watching this video, you will be able to identify the factors and issues for consideration when developing business continuity plans.
CISA: Components of a Business Continuity Plan

After watching this video, you will be able to identify the components and best practices of a business continuity plan.
CISA: Plan Testing and Summary

After watching this video, you will be able to identify best practices for testing business continuity plans.
CISA: Reviewing the Business Continuity Plan

After watching this video, you will be able to identify the audit procedures to follow when reviewing business continuity plans.
CISA: Disasters and Other Disruptive Events

After watching this video, you will be able to identify best practices for auditing disaster and other disruptive events procedures.
CISA: Business Continuity Planning Process and Policy

After watching this video, you will be able to identify characteristics and best practices in business continuity planning process and policy activities.
CISA: Business Continuity Planning Incident Management

After watching this video, you will be able to distinguish between the different classifications of incident and best practices for incident management.
CISA: Business Impact Analysis

After watching this video, you will be able to identify characteristics and best practices of business impact analysis.
CISA: IT Business Continuity Planning

After watching this video, you will be able to identify characteristics and best practices of IT business continuity planning.
CISA: Project Management Practices Part 1

After watching this video, you will be able to identify characteristics of project initiation and planning.
CISA: Project Management Practices Part 2

After watching this video, you will be able to identify characteristics of project execution, controlling, and closure.
CISA: Business Application Development Part 1

After watching this video, you will be able to identify characteristics of the SDLC approach and phases, integrated resource management systems, and risk associated with software development.
CISA: Virtualization and Cloud Computing Environments

After watching this video, you will be able to identify characteristics, key risk areas, and typical controls of virtual and cloud environments.
CISA: Audit Structure, Implementation, and BCP

After watching this video, you will be able to identify best practices when auditing the IT organizational structure, implementation practices, and business continuity plans of an organization.
CISA: Domain 3 Overview

After watching this video, you will be able to recognize the task and knowledge statements of domain 3.
CISA: Benefits Realization

After watching this video, you will be able to identify the objectives, characteristics, and techniques of benefits realization through portfolio/program management and business case development and approval.
CISA: Project Management Structure

After watching this video, you will be able to identify characteristics of the project management structure.
CISA: Evaluating Offsite Storage and Security

After watching this video, you will be able to identify best practices when evaluating offsite storage and offsite facility security.
CISA: Reviewing Contracts and Insurance Coverage

After watching this video, you will be able to identify best practices for reviewing alternative processing contracts and insurance coverage.
CISA: Human Resources Management

After watching this video, you will be able to distinguish between different sourcing options for delivering and performing IT functions.
CISA: Sourcing Practices

After watching this video, you will be able to distinguish between different sourcing options for delivering and performing IT functions.
CISA: Organizational Change Management

After watching this video, you will be able to identify characteristics of organizational change management practices.
CISA: Procedures

After watching this video, you will be able to identify characteristics and role of procedures in the IS audit framework.
CISA: Developing a Risk Management Program

After watching this video, you will be able to identify characteristics of risk management and the steps for developing a risk management program.
CISA: The Risk Management Process

After watching this video, you will be able to distinguish between the steps of the risk management process; distinguish between qualitative, semiquantitative and quantitative analysis methods.
CISA: Value of IT

After watching this video, you will be able to recognize the financial and nonfinancial value of IT.
CISA: IT Portfolio Management

After watching this video, you will be able to identify characteristics of IT portfolio management.
CISA: Policies

After watching this video, you will be able to identify characteristics and role of policies in the IS audit framework.
CISA: Reviewing Documentation

After watching this video, you will be able to identify the documents that are reviewed as part of auditing IT governance structure and implementation.
CISA: Reviewing Contractual Commitments

After watching this video, you will be able to identify best practices when reviewing contractual commitments as part of auditing IT governance structure and implementation.
CISA: IT Roles and Responsibilities

After watching this video, you will be able to distinguish between the different IT roles and responsibilities.
CISA: Segregation of Duties within IT

After watching this video, you will be able to identify characteristics and best practices of segregation of duties within IT.
CISA: Segregation of Duties Controls

After watching this video, you will be able to identify characteristics and best practices of segregation of duties controls.
CISA: Financial Management Practices

After watching this video, you will be able to identify characteristics of financial management practices.
CISA: Information Security Management

After watching this video, you will be able to identify characteristics of information security management practices.
CISA: Performance Optimization

After watching this video, you will be able to identify characteristics and best practices of performance optimization.
CISA: Recognizing Risk Management Best Practices

After watching this video, you will be able to identify best practices for IT governance, IT risk management, and general IT management in an organization.
CISA: Types of Cryptosystems (part 1)

After watching this video, you will be able to identify common cryptosystems.
CISA: Types of Cryptosystems (part 2)

After watching this video, you will be able to identify common cryptosystems.
CompTIA CASP CAS-002: Cost Benefit Analysis

It's impossible to create secure plans without analyzing the costs. In this video, Steven Crawford discusses how cost benefit analysis is used when creating network security plans in CompTIA CASP CAS-002.
CompTIA CASP CAS-002: Security System Development Life Cycle

In this video, Dan LaChance discusses the importance of the Security System Development Life Cycle when developing network security in CompTIA CASP CAS-002.
CompTIA CASP CAS-002: New or Changing Models and Strategies

The CompTIA CASP CAS-002 exam requires you to have an understanding of the security risks associated with changes to your business model. In this video, Glen E. Clarke discusses the possible security risks presented by changes such as business partnerships, company mergers, and a shift toward cloud computing.
CompTIA CASP CAS-002: Enterprise Security Architecture Frameworks

The CompTIA CASP CAS-002 certification assesses your ability to understand and implement security architectures. In this video, Glen E. Clarke discusses the Enterprise Security Architecture, or ESA, frameworks that are available to organizations as well as the functions of ESA, and Sherwood Applied Business Security Architecture, or SABSA.
CISA: ISACA Code of Professional Ethics

After watching this video, you will be able to recognize the ISACA code of professional ethics.
CISA: IS Audit and Assurance General Standards

After watching this video, you will be able to identify the IS audit and assurance general standards.
CISA: Organization of the IS Audit Function

After watching this video, you will be able to describe characteristics of the IS audit function.
CISA: IS Audit Resource Management

After watching this video, you will be able to identify best practices in IS audit resource management.
CISA: IS Audit Planning

After watching this video, you will be able to identify best practices for planning audits.
CISA: Legal and Regulatory Impacts on IS Audit Planning

After watching this video, you will be able to identify the effects of laws and regulations on IS audit planning.
CISA: Domain 1 Overview

After watching this video, you will be able to recognize the task and knowledge statements of domain 1.
CompTIA CASP CS0-003: Type 1 vs. Type 2 Hypervisors

After watching this video, you will be able to compare the pros and cons of hypervisors.
CompTIA CASP CS0-003: Pros and Cons of Virtualization

After watching this video, you will be able to compare the pros and cons of virtualization.
CompTIA CASP CS0-003: Technical Deployment Models

After watching this video, you will be able to describe technical models for cloud and virtualization.
CompTIA CASP CS0-003: Cloud Service Models

After watching this video, you will be able to describe cloud service models.
CompTIA CASP CS0-003: CIA-based Decisions for the Organization

After watching this video, you will be able to describe confidentiality, integrity, and availability decisions.
CompTIA CASP CS0-003: Risk Determination

After watching this video, you will be able to determine risk.
CompTIA CASP CS0-003: Translating Risk into Business Terms

After watching this video, you will be able to translate risk into business terms.
CompTIA CASP CS0-003: Determining Minimum Required Security Controls

After watching this video, you will be able to determine minimum required security controls.
CompTIA CASP CS0-003: System-specific Worst-case Analysis

After watching this video, you will be able to define system-specific worst-case analysis.
CompTIA CASP CS0-003: Business Continuity Planning

After watching this video, you will be able to define business continuity planning.
CompTIA CASP CS0-003: IT Governance and Frameworks

After watching this video, you will be able to describe IT governance and frameworks.
CompTIA CASP CS0-003: Risk Treatment

After watching this video, you will be able to treating risk.
CompTIA CASP CS0-003: Risk Management Processes

After watching this video, you will be able to describe risk management processes.
CompTIA CASP CS0-003: Enterprise Resilience and Continual Improvement

After watching this video, you will be able to specify enterprise resilience and continual improvement.
CompTIA CASP CS0-003: Application Security Design Considerations

After watching this video, you will be able to describe application security design considerations.
CompTIA CASP CS0-003: Specific Application Attacks

After watching this video, you will be able to define specific application attacks.
CompTIA CASP CS0-003: Wearable Technology

After watching this video, you will be able to list types and characteristics of wearable technology.
CompTIA CASP CS0-003: Integrate Controls for Mobile Devices

After watching this video, you will be able to integrate controls for mobile devices.
CompTIA CASP CS0-003: Application Data Issues

After watching this video, you will be able to describe application data issues.
CompTIA CASP CS0-003: Sandboxing and Enclaves

After watching this video, you will be able to define sandboxing and enclaves.
CompTIA CASP CS0-003: Application Vulnerabilities and Issues

After watching this video, you will be able to describe application vulnerabilities and issues.
CompTIA CASP CS0-003: Additional Application Security Concerns

After watching this video, you will be able to define additional application security concerns.
CompTIA CASP CS0-003: Server-side Processing

After watching this video, you will be able to compare server-side processing to client-side processing.
CompTIA CASP CS0-003: OS and Firmware Vulnerabilities

After watching this video, you will be able to describe OS and firmware vulnerabilities.
CompTIA CASP CS0-003: Client-side Processing

After watching this video, you will be able to compare client-side processing to server-side processing.
CompTIA CASP CS0-003: Reconnaissance, Fingerprinting, & Social Engineering

After watching this video, you will be able to describe reconnaissance, fingerprinting, and social engineering.
CompTIA CASP CS0-003: Open-source Intelligence (OSINT)

After watching this video, you will be able to describe open-source intelligence.
CompTIA CASP CS0-003: Select Software Controls

After watching this video, you will be able to select software security controls.
CompTIA CASP CS0-003: Methods to Assess Security

After watching this video, you will be able to describe security assessment methods.
CompTIA CASP CS0-003: Penetration Testing and Assessment

After watching this video, you will be able to describe penetration testing and assessments.
CompTIA CASP CS0-003: Routing Tables, DNS Records, and Search Engines

After watching this video, you will be able to describe routing tables, DNS records, and search engines.
CompTIA CASP CS0-003: Security Assessment Types

After watching this video, you will be able to describe security assessment types.
CompTIA CASP CS0-003: Additional Security Assessment Tools

After watching this video, you will be able to define additional security assessment tools.
CompTIA CASP CS0-003: Types of Host Tools

After watching this video, you will be able to describe types of host tools.
CompTIA CASP CS0-003: Exercises and Audits

After watching this video, you will be able to define exercises and audits.
CompTIA CASP CS0-003: Scanners

After watching this video, you will be able to describe scanners.
CompTIA CASP CS0-003: E-discovery

After watching this video, you will be able to describe e-discovery.
CompTIA CASP CS0-003: Data Breach Detection, Collection, and Analytics

After watching this video, you will be able to specify data breach detection, collection, and analytics.
CompTIA CASP CS0-003: Physical Security Tools

After watching this video, you will be able to specify physical security tools.
CompTIA CASP CS0-003: Conduct a Security Assessment

After watching this video, you will be able to describe how to conduct security assessments.
CompTIA CASP CS0-003: Data Breach Isolation, Recovery, and Response

After watching this video, you will be able to specify data breach isolation, recovery, and response.
CompTIA CASP CS0-003: Facilitating Incident Detection and Response

After watching this video, you will be able to facilitate incident detection and response.
CompTIA CASP CS0-003: Incident and Emergency Response

After watching this video, you will be able to describe incident and emergency response.
CompTIA CASP CS0-003: Incident or Breach Severity

After watching this video, you will be able to specify incident or breach severity.
CompTIA CASP CS0-003: Post-incident Response

After watching this video, you will be able to describe post-incident response.
CompTIA CASP CS0-003: Disaster Recovery and Order of Volatility

After watching this video, you will be able to describe disaster recovery and order of volatility.
CompTIA CASP CS0-003: Incident Response Support Tools

After watching this video, you will be able to define incident response support tools.
CompTIA CASP CS0-003: Data Flow Security Standards

After watching this video, you will be able to describe data flow security standards.
CompTIA CASP CS0-003: Interoperability Issues

After watching this video, you will be able to define interoperability issues.
CompTIA CASP CS0-003: Describe Incident Response and Recovery

After watching this video, you will be able to describe incident response and recovery.
CompTIA CASP CS0-003: Adapting Data Flow Security

After watching this video, you will be able to adapt data flow security.
CompTIA CASP CS0-003: Resilience Issues

After watching this video, you will be able to specify resilience issues.
CompTIA CASP CS0-003: Data Security Considerations

After watching this video, you will be able to describe data security considerations.
CompTIA CASP CS0-003: Resource Provisioning and De-provisioning

After watching this video, you will be able to define resource provisioning and de-provisioning.
CompTIA CASP CS0-003: Security Issues with Application Integration

After watching this video, you will be able to describe security issues with application integration.
CompTIA CASP CS0-003: Describe Enterprise Integration

After watching this video, you will be able to describe enterprise integration.
CompTIA CASP CS0-003: Merger and Acquisition Design Considerations

After watching this video, you will be able to consider merger and acquisition design.
CompTIA CASP CS0-003: Logical Network Segmentation and Diagramming

After watching this video, you will be able to diagram and segment the logical network.
CompTIA CASP CS0-003: Describe Risk Mitigation Strategies

After watching this video, you will be able to describe risk mitigation strategies and controls.
CompTIA CASP CS0-003: Reviewing Control Effectiveness

After watching this video, you will be able to review control effectiveness.
CompTIA CASP CS0-003: Prototyping and Testing Multiple Solutions

After watching this video, you will be able to prototype and test multiple solutions.
CompTIA CASP CS0-003: Creating Benchmarks and Compare to Baselines

After watching this video, you will be able to create benchmarks and compare to baselines.
CompTIA CASP CS0-003: Reverse Engineering and Deconstruction

After watching this video, you will be able to reverse engineer and deconstruct.
CompTIA CASP CS0-003: Collecting and Analyzing Metrics

After watching this video, you will be able to collect and analyze metrics.
CompTIA CASP CS0-003: Analyzing Metrics for Business Needs (Part 2)

After watching this video, you will be able to analyze solution metrics for business needs.
CompTIA CASP CS0-003: Using Judgment to Solve Problems

After watching this video, you will be able to use judgment to solve problems.
CompTIA CASP CS0-003: Analyzing Cyber Defense Trends

After watching this video, you will be able to analyze cyber defense trends.
CompTIA CASP CS0-003: Analyzing Metrics for Business Needs (Part 1)

After watching this video, you will be able to analyze solution metrics for business needs.
CompTIA CASP CS0-003: Physical and Virtual Devices (Part 1)

After watching this video, you will be able to describe physical and virtual network and security devices including security switches, routers, and firewalls.
CompTIA CASP CS0-003: Physical and Virtual Devices (Part 2)

After watching this video, you will be able to describe physical and virtual network and security devices including WAPs, WLCs, NIDS, NIPS, and NAC.
CompTIA CASP CS0-003: Describe Metrics for Enterprise Security

After watching this video, you will be able to describe risk metrics for enterprise security.
CompTIA CASP CS0-003: Advanced Network Design (Part 2)

After watching this video, you will be able to design additional advanced networking.
CompTIA CASP CS0-003: Complex Solutions for Data Flow

After watching this video, you will be able to specify complex solutions for data flow.
CompTIA CASP CS0-003: Application and Protocol-aware Technologies

After watching this video, you will be able to define application and protocol-aware technologies.
CompTIA CASP CS0-003: Advanced Network Design (Part 1)

After watching this video, you will be able to design advanced networking.
CompTIA CASP CS0-003: Advanced Configuration of Devices (Part 1)

After watching this video, you will be able to define advanced device configuration.
CompTIA CASP CS0-003: Secure Configuration and SDN

After watching this video, you will be able to describe secure configuration and software-defined networking.
CompTIA CASP CS0-003: Network Management and Monitoring Tools

After watching this video, you will be able to compare network management and monitoring tools.
CompTIA CASP CS0-003: Describe Security Architectures

After watching this video, you will be able to describe network and security architectures.
CompTIA CASP CS0-003: Implementing Trusted OSs

After watching this video, you will be able to implement trusted operating systems.
CompTIA CASP CS0-003: Advanced Configuration of Devices (Part 2)

After watching this video, you will be able to define additional advanced device configuration.
CompTIA CASP CS0-003: Advanced Configuration of Devices (Part 3)

After watching this video, you will be able to describe advanced device configurations, port filtering with CEF, and IoT/IoE security.
CompTIA CASP CS0-003: Host-based IDS and IPS

After watching this video, you will be able to describe host-based IDS and IPS.
CompTIA CASP CS0-003: Hardening Hosts

After watching this video, you will be able to harden host systems.
CompTIA CASP CS0-003: Least Functionality

After watching this video, you will be able to define least functionality.
CompTIA CASP CS0-003: Endpoint Security Software

After watching this video, you will be able to describe endpoint security software.
CompTIA CASP CS0-003: Scripting and Replication

After watching this video, you will be able to define scripting and replication.
CompTIA CASP CS0-003: Hardening Wireless Host Peripherals

After watching this video, you will be able to harden wireless peripherals.
CompTIA CASP CS0-003: Securing Physical Host Peripherals

After watching this video, you will be able to secure physical host peripherals.
CompTIA CASP CS0-003: Describe Integrating Controls for Devices

After watching this video, you will be able to describe integrating controls for host devices.
CompTIA CASP CS0-003: Enterprise Mobility Management

After watching this video, you will be able to manage enterprise mobility.
CompTIA CASP CS0-003: Boot Loader Protections

After watching this video, you will be able to protect the boot loader programs.
CompTIA CASP CS0-003: Terminal Services and Application Delivery Services

After watching this video, you will be able to describe terminal services and application delivery services.
CompTIA CASP CS0-003: Mobility Security and Privacy Concerns

After watching this video, you will be able to describe mobility security and privacy concerns.
CompTIA CASP CS0-003: Rooting, Jailbreaking, and Sideloading

After watching this video, you will be able to describe rooting, jailbreaking, and sideloading.
CompTIA CASP CS0-003: Application, Content, and Data Management

After watching this video, you will be able to describe application, content, and data management.
CompTIA CASP CS0-003: Enterprise Mobility Issues

After watching this video, you will be able to describe mobility security and privacy issues.
CompTIA CASP CS0-003: Tokenization and TPM

After watching this video, you will be able to describe tokenization and TPM.
CompTIA CASP CS0-003: Tethering, Bluetooth, and Gestures

After watching this video, you will be able to describe tethering, Bluetooth, and gestures.
CompTIA CASP CS0-003: Mobility Biometrics

After watching this video, you will be able to describe mobility biometrics.
CompTIA CASP CS0-003: Risk Management of New Initiatives

After watching this video, you will be able to manage risks of new initiatives.
CompTIA CASP CS0-003: New or Changing Business Models and Strategies

After watching this video, you will be able to describe new or changing business models and strategies.
CompTIA CASP CS0-003: Business and Industry Policies (Part 2)

After watching this video, you will be able to recognize and apply business and industry policies.
CompTIA CASP CS0-003: Internal Influences

After watching this video, you will be able to describe process and policy lifecycle management.
CompTIA CASP CS0-003: Security Concerns of Integrating Diverse Industries

After watching this video, you will be able to define security concerns of diverse industries.
CompTIA CASP CS0-003: Business and Industry Policies (Part 1)

After watching this video, you will be able to recognize and apply business and industry policies.
CompTIA CASP CS0-003: Impacts of Deperimeterization (Part 2)

After watching this video, you will be able to describe security requirements for contracts.
CompTIA CASP CS0-003: Describe Industry Influences and Risks

After watching this video, you will be able to specify general principles for sensitive information.
CompTIA CASP CS0-003: External Influences

After watching this video, you will be able to partner with human resources, legal , and executives.
CompTIA CASP CS0-003: Impacts of Deperimeterization (Part 1)

After watching this video, you will be able to define common business documentation.
CompTIA CASP CS0-003: Process and Policy Life Cycle Management (Part 2)

After watching this video, you will be able to describe security and privacy policies.
CompTIA CASP CS0-003: Partnering with HR, Legal, and Executives

After watching this video, you will be able to describe confidentiality, integrity, and availability decisions.
CompTIA CASP CS0-003: Process and Policy Life Cycle Management (Part 1)

After watching this video, you will be able to develop standard policies and procedures.
CompTIA CASP CS0-003: Security Requirements for Contracts

After watching this video, you will be able to translate risk into business terms.
CompTIA CASP CS0-003: General Principles for Sensitive Information

After watching this video, you will be able to treating risk.
CompTIA CASP CS0-003: Common Business Documentation (Part 1)

After watching this video, you will be able to define system-specific worst-case analysis.
CompTIA CASP CS0-003: Common Business Documentation (Part 2)

After watching this video, you will be able to determine risk.
CompTIA CASP CS0-003: Security and Privacy Policies

After watching this video, you will be able to describe IT governance and frameworks.
CompTIA CASP CS0-003: Developing Standard Policies and Practices (part 1)

After watching this video, you will be able to describe the risk management processes.
CompTIA CASP CS0-003: Developing Standard Policies and Practices (part 2)

After watching this video, you will be able to define business continuity planning.
OWASP Top 10: A4 Apply Least Privilege

After watching this video, you will be able to demonstrate how to apply the least privilege principle.
OWASP Top 10: A9 Vulnerabilities

After watching this video, you will be able to review different types of vulnerabilities.
OWASP Top 10: A5 Monitoring

After watching this video, you will be able to demonstrate how to monitor for vulnerabilities.
OWASP Top 10: A3 - Reviewing XSS Attacks

After watching this video, you will be able to review an XSS attack.
OWASP Top 10: A7 - Analyzing Log Rotation Files

After watching this video, you will be able to analyze Linux log rotation files for a Linux web server.
OWASP Top 10: A6 - Analyzing Sensitive Network Traffic

After watching this video, you will be able to analyze sensitive network traffic in Linux.
OWASP Top 10: A6 - Sensitive Data Exposure Exploits

After watching this video, you will be able to review how sensitive data exposure can be exploited and what kind of access is needed to exploit it.
Security+: Apply Account Management Practices

After watching this video, you will be able to describe various account management best practices.
Security+: Auditing and Review

After watching this video, you will be able to describe auditing and review.
Security+: Account Maintenance

After watching this video, you will be able to define account maintenance.
Security+: Recertification

After watching this video, you will be able to describe recertification.
Security+: Password Best Practices

After watching this video, you will be able to recognize password best practices.
Security+: Service Accounts

After watching this video, you will be able to specify service accounts.
Security+: Privileged Accounts

After watching this video, you will be able to describe privileged accounts.
Security+: Shared, Guest, and Generic Accounts

After watching this video, you will be able to compare shared, guest, and generic accounts.
Security+: User Accounts

After watching this video, you will be able to define user accounts.
Security+: Onboarding and Offboarding

After watching this video, you will be able to compare onboarding and offboarding.
Security+: Least Privilege and Time-of-day Restrictions

After watching this video, you will be able to define least privilege and time-of-day restrictions.
Security+: Location-based Policies

After watching this video, you will be able to describe location-based policies.
Security+: Group-based Access Control and Group Policy

After watching this video, you will be able to recognize group-based access control and Group Policy.
Security+: Credential Management and Naming Conventions

After watching this video, you will be able to define credential management and naming conventions.
Security+: Facial Recognition

After watching this video, you will be able to describe facial recognition.
Security+: Voice Recognition

After watching this video, you will be able to use voice recognition.
Security+: Retinal and Iris Scanner

After watching this video, you will be able to work with a retinal and iris scanner.
Security+: Fingerprint Scanner

After watching this video, you will be able to use a fingerprint scanner.
Security+: Work with Access Controls and Biometrics

After watching this video, you will be able to compare access controls and biometrics.
Security+: Database Security

After watching this video, you will be able to define database security.
Security+: File System Security

After watching this video, you will be able to define file system security.
Security+: Certificate-based Authentication

After watching this video, you will be able to describe certificate-based authentication.
Security+: Tokens

After watching this video, you will be able to define tokens.
Security+: False Acceptance Rate and False Recognition Rate

After watching this video, you will be able to compare FAR, FRR, and CER.
Security+: Open Authorization (OAuth)

After watching this video, you will be able to define OAuth.
Security+: Rule-based Access Control

After watching this video, you will be able to describe rule-based access control.
Security+: Role-based Access Control

After watching this video, you will be able to describe role-based access control.
Security+: Attribute-based Access Control (ABAC)

After watching this video, you will be able to define ABAC.
Security+: Discretionary Access Control (DAC)

After watching this video, you will be able to define DAC.
Security+: Mandatory Access Control (MAC)

After watching this video, you will be able to define MAC.
Security+: Review Identity and Access Services

After watching this video, you will be able to describe identity concepts and various access services.
Security+: Shibboleth

After watching this video, you will be able to describe Shibboleth.
Risk Management: Exercise: Describing Controls for IT Security

After watching this video, you will be able to describe various IT security controls.
Risk Management: Security Awareness

After watching this video, you will be able to establish and maintain a security awareness and training program.
Monitoring & Reporting: Security Information and Event Management (SIEM)

After watching this video, you will be able to recognize SIEM systems.
Monitoring & Reporting: Egress Monitoring

After watching this video, you will be able to define egress monitoring.
Monitoring & Reporting: Continuous Monitoring

After watching this video, you will be able to describe continuous monitoring.
Monitoring & Reporting: Digital Forensics Tools, Tactics, and Procedures

After watching this video, you will be able to describe digital forensics tools, tactics, and procedures.
Monitoring & Reporting: Evidence Collection and Handling

After watching this video, you will be able to collect and handle evidence.
Monitoring & Reporting: Exercise: Describe Security Management of Operations

After watching this video, you will be able to describe security management of operations.
Monitoring & Reporting: Reporting and Documentation

After watching this video, you will be able to report and document thoroughly.
Monitoring & Reporting: Investigative Techniques

After watching this video, you will be able to compare investigative techniques.
Monitoring & Reporting: Intrusion Detection and Prevention

After watching this video, you will be able to describe IDS and IPS.
Security: Contractual, Legal, and Regulatory Requirements

determine contractual, legal, industry standard, and regulatory requirements
Security: Security Governance Principles

evaluate and apply security governance principles
Security: Legal and Regulatory Issues

recall legal and regulatory considerations
Security: Privacy Requirements

describe principles and requirements for privacy
Security: Scope, Plan, and BIA Development

develop and document scope, plan, and business impact analysis
Security: Policies, Standards, Procedures, and Guidelines

develop, document, and implement security policies, standards, procedures, and guidelines
Security: Security and Business Strategy Alignment

align security functions with business strategies and objectives
Security: Exercise: Describing Governance, Compliance, and BCP

describe aspects of governance, compliance, and business continuity planning
Security: Licensing, IP Requirements, and Privacy

describe licensing, intellectual property, and privacy requirements
Risk Management: Risk Assessment and Analysis

After watching this video, you will be able to apply risk assessment and analysis techniques.
Risk Management: Personnel Security Policies

After watching this video, you will be able to enforce personnel security policies and procedures.
Security: Due Care and Due Diligence

ensure compliance with due care and due diligence
Security: Security Control Frameworks

identify common security control frameworks
Security: Import/Export and Transborder Data Controls

compare import/export and transborder data controls
Security: Cybercrimes and Data Breaches

identify and analyze cybercrimes and data breaches
Risk Management: Risk Response, Measurement, and Monitoring

After watching this video, you will be able to respond to risks, including measurement and monitoring.
Risk Management: Risk-based Supply Chain Management

After watching this video, you will be able to apply risk-based management concepts to the supply chain.
Risk Management: Threat Modeling

After watching this video, you will be able to implement threat modeling concepts and methodologies.
Conducting Incident Management: Implementing Patch and Vulnerability Management

After watching this video, you will be able to implement patch and vulnerability management.
Conducting Incident Management: Operating Detective and Preventative Measures

After watching this video, you will be able to conduct detective and preventative measures.
Conducting Incident Management: Implementing Recovery Strategies

After watching this video, you will be able to implement recovery strategies.
Conducting Incident Management: Exploring Change Management Processes

After watching this video, you will be able to participate in change management processes.
Conducting Incident Management: Implementing Enterprise Physical Security

After watching this video, you will be able to describe enterprise physical security.
Conducting Incident Management: Implementing Perimeter Physical Security

After watching this video, you will be able to describe perimeter physical security.
Conducting Incident Management: Exercise: Describe Incident Management

After watching this video, you will be able to describe incident handling and management.
Conducting Incident Management: Personnel Safety and Security Concerns

After watching this video, you will be able to address personnel safety and security concerns.
Conducting Incident Management: Implementing Disaster Recovery (DR)

After watching this video, you will be able to implement disaster recovery processes.
Conducting Incident Management: Participating in Business Continuity Planning (BCP)

After watching this video, you will be able to describe business continuity planning.
Conducting Incident Management: Testing Disaster Recovery Plans

After watching this video, you will be able to test disaster recovery plans.
Software Development Security: Identifying Security Controls for Development

After watching this video, you will be able to identify security controls for development.
Software Development Security: Integrating Security in the SDLC

After watching this video, you will be able to integrate security in the SDLC.
Software Development Security: Assessing the Effectiveness of Software Security

After watching this video, you will be able to assess the effectiveness of software security.
Software Development Security: Identifying Software Development Phases

After watching this video, you will be able to identify software development phases.
Conducting Incident Management: Utilizing Additional Physical Controls

After watching this video, you will be able to utilize additional physical controls.
Software Development Security: Applying Secure Coding Standards

After watching this video, you will be able to apply secure coding techniques.
Software Development Security: Assessing the Security Impact of Acquired Software

After watching this video, you will be able to assess the security impact of acquired software.
Software Development Security: Exercise: Securing the Development Environment

After watching this video, you will be able to secure the development environment.
Software Development Security: Applying Secure Coding Best Practices

After watching this video, you will be able to describe secure coding best practices.
(ISC)² & Security Fundamentals: The (ISC)² Organization

After watching this video, you will be able to describe the (ISC)Â² organization.
(ISC)² & Security Fundamentals: The CISSP Exam

After watching this video, you will be able to recall the CISSP exam contents, format, and scoring.
(ISC)² & Security Fundamentals: The (ISC)² Code of Professional Ethics

After watching this video, you will be able to define the (ISC)Â² Code of Professional Ethics.
(ISC)² & Security Fundamentals: Identify and Classify Information and Assets

After watching this video, you will be able to recall how information and assets are identified and classified.
(ISC)² & Security Fundamentals: Confidentiality, Integrity, and Availability

After watching this video, you will be able to define the CIA triad.
(ISC)² & Security Fundamentals: Protect Privacy

After watching this video, you will be able to describe how to protect data privacy.
(ISC)² & Security Fundamentals: Determine Information and Asset Ownership

After watching this video, you will be able to determine ownership of information and assets.
(ISC)² & Security Fundamentals: Exercise: Describing (ISC)² CISSP Fundamentals

After watching this video, you will be able to explain and describe (ISC)Â² CISSP fundamentals.
(ISC)² & Security Fundamentals: Asset Retention

After watching this video, you will be able to ensure appropriate retention of assets.
(ISC)² & Security Fundamentals: Requirements for Information and Asset Handling

After watching this video, you will be able to establish information-handling and asset-handling requirements.
(ISC)² & Security Fundamentals: Data Security Controls

After watching this video, you will be able to determine appropriate data security controls.
OWASP Top 10: A9 - Shopping Cart Component Flaw

After watching this video, you will be able to purchase merchandise at an unauthorized discount.
OWASP Top 10: A1 - Execute a SQL Injection Attack

After watching this video, you will be able to inject SQL commands into a web form field.
OWASP Top 10: A5 - Configure a Web Application Firewall

After watching this video, you will be able to enable protection for a web app through a WAF.
OWASP Top 10: A2 - Exploit Password Reset Pages

After watching this video, you will be able to retrieve sensitive data through password reset pages.
OWASP Top 10: A6 - Demonstrating Sensitive Exposure Attacks

After watching this video, you will be able to provide examples of sensitive data exposure attacks.
OWASP Top 10: A7 - Scan for Web Servers

After watching this video, you will be able to use nmap to scan a network.
OWASP Top 10: A7 - Analyze HTTP Traffic Using WireShark

After watching this video, you will be able to describe the client/server HTTP exchange.
OWASP Top 10: A7 - Scan a Web App for Vulnerabilities

After watching this video, you will be able to use online web app scanners.
OWASP Top 10: A10 and A9 Security Risks

After watching this video, you will be able to describe what A10 and A9 are and how they affect web application security.
OWASP Top 10: A9 - Vulnerable Component Attacks

After watching this video, you will be able to provide examples of vulnerable component attacks.
OWASP Top 10: A9 - Vulnerable Component Impacts

After watching this video, you will be able to list the technical and business impacts of vulnerable components.
OWASP Top 10: A9 - Vulnerable Component Detection

After watching this video, you will be able to describe how easy it is to detect vulnerable components and how common they are.
OWASP Top 10: A4 - Use Forced Browsing to Access Data

After watching this video, you will be able to guess URLs and parameters to gain access to web pages and data.
OWASP Top 10: A9 - Vulnerable Component Exploits

After watching this video, you will be able to describe how vulnerable components can be exploited and what kind of access is needed to exploit them.
OWASP Top 10: A10 - Unprotected API Impacts

After watching this video, you will be able to list the technical and business impacts of underprotected APIs.
OWASP Top 10: A10 - Underprotected API Detection

After watching this video, you will be able to describe how easy it is to detect underprotected APIs and how common they are.
OWASP Top 10: A10 - Underprotected API Exploits

After watching this video, you will be able to describe how underprotected APIs can be exploited and what kind of access is needed to exploit it.
OWASP Top 10: A10 - Underprotected APIs

After watching this video, you will be able to define what an underprotected API is.
OWASP Top 10: How can A5 and A1 be exploited

After watching this video, you will be able to explain how A5 and A1 can be exploited by attackers.
OWASP Top 10: A1 - Injection Attacks

After watching this video, you will be able to provide examples of Injection attacks.
OWASP Top 10: A1 - Injection Impacts

After watching this video, you will be able to list the technical and business impacts of injection attacks.
OWASP Top 10: A1 - Injection Detection

After watching this video, you will be able to describe how easy it is to detect injection and how common it is.
OWASP Top 10: A9 - Using Components With Known Vulnerabilities

After watching this video, you will be able to specify what a vulnerable component is.
OWASP Top 10: A10 - Unprotected API Examples

After watching this video, you will be able to provide examples of underprotected API attacks.
OWASP Top 10: A4 Overview

After watching this video, you will be able to describe A4 in general terms.
OWASP Top 10: A5 Overview

After watching this video, you will be able to describe A5 in general terms.
OWASP Top 10: A6 Overview

After watching this video, you will be able to describe A6 in general terms.
OWASP Top 10: A7 Overview

After watching this video, you will be able to describe A7 in general terms.
OWASP Top 10: A8 Overview

After watching this video, you will be able to describe A8 in general terms.
OWASP Top 10: A9 Overview

After watching this video, you will be able to describe A9 in general terms.
OWASP Top 10: A10 Overview

After watching this video, you will be able to describe A10 in general terms.
OWASP Top 10: A2 - Session Management Attacks

After watching this video, you will be able to provide examples of Broken Authentication and Session Management attacks.
OWASP Top 10: A2 -Session Management Impacts

After watching this video, you will be able to the technical and business impacts of Broken Authentication and Session Management.
OWASP Top 10: A1 - Injection Exploits

After watching this video, you will be able to specify how injection can be exploited and what kind of access is needed to exploit it.
OWASP Top 10: A1 - Injection

After watching this video, you will be able to explain what Injection is.
OWASP Top 10: A5 - Security Misconfiguration Attacks

After watching this video, you will be able to provide examples of Security Misconfiguration attacks.
OWASP Top 10: A5 - Security Misconfiguration Impacts

After watching this video, you will be able to list the technical and business impacts of security misconfigurations.
OWASP Top 10: A5 - Security Misconfiguration Detection

After watching this video, you will be able to recognize how easy it is to detect security misconfigurations and how common they are.
OWASP Top 10: A5 - Security Misconfiguration Exploits

After watching this video, you will be able to specify how security misconfiguration can be exploited and what kind of access is needed to exploit it.
OWASP Top 10: A5 - Security Misconfigurations

After watching this video, you will be able to explain what Security Misconfigurations are.
OWASP Top 10: What Can An Attacker Do With A4 and A2

After watching this video, you will be able to what an attacker can access if they exploit A4 or A2.
OWASP Top 10: A2 - Session Management Vulnerability Detection

After watching this video, you will be able to how easy it is to detect Broken Authentication and Session Management and how common they are.
OWASP Top 10: A6 - Sensitive Data Exposure Attacks

After watching this video, you will be able to describe how various attacks can result in sensitive data exposure.
OWASP Top 10: A2 - Session Management Exploits

After watching this video, you will be able to how Broken Authentication and Session Management can be exploited and what kind of access is needed to exploit it.
OWASP Top 10: A2 - Broken Authentication and Session Management

After watching this video, you will be able to explain what Broken Authentication and Session Management is.
OWASP Top 10: A4 - Broken Access Control Attacks

After watching this video, you will be able to provide examples of Broken Access Control attacks.
OWASP Top 10: A4 - Broken Access Control Impacts

After watching this video, you will be able to the technical and business impacts of Broken Access Control.
OWASP Top 10: A4 - Broken Access Control Detection

After watching this video, you will be able to how easy it is to detect Broken Access Control and how common they are.
OWASP Top 10: A4 - Broken Access Control Exploits

After watching this video, you will be able to how Broken Access Control can be exploited and what kind of access is needed to exploit it.
OWASP Top 10: A4 - Broken Access Control

After watching this video, you will be able to explain what Broken Access Control is.
OWASP Top 10: Describe the Impact of A7 and A6

After watching this video, you will be able to describe the impact of these exploits on the business and technical sides.
OWASP Top 10: A6 - Sensitive Data Exposure Impacts

After watching this video, you will be able to list the technical and business impacts of sensitive data exposure.
OWASP Top 10: A6 - Sensitive Data Exposure Detection

After watching this video, you will be able to describe how easy it is to detect sensitive data exposure and how common it is.
OWASP Top 10: A6 - Sensitive Data Exposure Exploits Overview

After watching this video, you will be able to describe how sensitive data exposure can be exploited.
OWASP Top 10: A6 - Sensitive Data Exposure

After watching this video, you will be able to describe what sensitive data exposure is.
OWASP Top 10: A7 - Insufficient Attack Protection Attacks

After watching this video, you will be able to discuss attacks that take advantage of insufficient attack protection.
OWASP Top 10: A7 - Insufficient Attack Protection Impacts

After watching this video, you will be able to list the technical and business impacts of insufficient attack protection.
OWASP Top 10: A7 - Insufficient Attack Protection Detection

After watching this video, you will be able to detect insufficient attack protection and note how common it is.
OWASP Top 10: A7 - Insufficient Attack Protection Exploits

After watching this video, you will be able to exploit insufficient attack protection and what kind of access is needed to exploit it.
OWASP Top 10: A7 - Insufficient Attack Protection

After watching this video, you will be able to describe what insufficient attack protection is.
OWASP Top 10: Exploit CSRF and XSS

After watching this video, you will be able to describe how CSRF and XSS can be exploited by an attacker.
OWASP Top 10: A3 - XSS Attacks

After watching this video, you will be able to provide examples of XSS attacks.
OWASP Top 10: A3 - XSS Impacts

After watching this video, you will be able to list the technical and business impacts of XSS.
OWASP Top 10: A3 - XSS Detection

After watching this video, you will be able to detect XSS and how common it is.
OWASP Top 10: A3 - XSS Exploits

After watching this video, you will be able to exploit XSS and what kind of access is needed to exploit it.
OWASP Top 10: A3 - Cross-site Scripting (XSS)

After watching this video, you will be able to describe what Cross-site Scripting (XSS) is.
OWASP Top 10: A8 - CSRF Attacks

After watching this video, you will be able to provide examples of CSRF attacks.
OWASP Top 10: A8 - CSRF Impacts

After watching this video, you will be able to list technical and business impacts of CSRFs.
OWASP Top 10: A8 - CSRF Detection

After watching this video, you will be able to detect CSRF and how common they are.
OWASP Top 10: A8 - CSRF Exploits

After watching this video, you will be able to exploit CSRF and what kind of access is needed to exploit it.
OWASP Top 10: A8 - Cross-site Request Forgery (CSRF)

After watching this video, you will be able to explain what Cross-site Request Forgery (CSRF) is.
OWASP Top 10: List OWASP Top 10 Exploits

After watching this video, you will be able to describe all 10 exploits on the OWASP Top 10 list.
OWASP Top 10: A1 Overview

After watching this video, you will be able to describe A1 in general terms.
OWASP Top 10: A2 Overview

After watching this video, you will be able to describe A2 in general terms.
OWASP Top 10: A3 Overview

After watching this video, you will be able to describe A3 in general terms.
CISM: Aligning Security Programs with Business Functions

After watching this video, you will be able to align security programs with business functions.
CISM: Compliance Reporting Requirements and Processes

After watching this video, you will be able to specify compliance reporting requirements and processes.
CISM: Risk Management for Business and IT Processes

After watching this video, you will be able to define risk management for business and IT processes.
CISM: Information Security Gap Analysis Techniques

After watching this video, you will be able to describe information security gap analysis techniques.
CISM: Analyzing Information Security Controls and Methods

After watching this video, you will be able to analyze information security controls and methods.
CISM: Comparing Control Baselines and Standards

After watching this video, you will be able to compare control baselines and standards.
CISM: Risk Treatment and Response Methodologies

After watching this video, you will be able to apply risk treatment and response methodologies.
CISM: Realizing Risk Reporting Requirements

After watching this video, you will be able to realizing risk reporting requirements.
CISM: Prioritizing Risk Scenarios and Treatment

After watching this video, you will be able to prioritize risk scenarios and treatment.
CISM: Describe Information Risk Management

After watching this video, you will be able to describe information risk management.
CISM: Performing Cost-benefit Analysis for Risk Assessment

After watching this video, you will be able to perform cost benefit analysis for risk assessment.
CISM: Identifying Events Needing Risk Reassessment

After watching this video, you will be able to identify events needing risk reassessment.
CISM: Recognizing Information Security Threat Sources

After watching this video, you will be able to specify information security threat sources.
CISM: Legal, Regulatory, and Organizational Requirements

After watching this video, you will be able to know legal, regulatory, and organizational requirements.
CISM: Recognizing Information Asset Valuation Methods

After watching this video, you will be able to recognize information asset valuation methods.
CISM: Monitoring Internal and External Risk Factors

After watching this video, you will be able to monitor internal and external risk factors.
CISM: Evaluating Impacts of Events on Information Assets

After watching this video, you will be able to evaluate impacts of events on information assets.
CISM: Assigning Ownership of Information Assets and Risk

After watching this video, you will be able to assign ownership of assets and risk.
CISM: Risk Assessment and Analysis Methodologies

After watching this video, you will be able to know risk assessment and analysis methodologies.
CISM: Define Information Risk Management

After watching this video, you will be able to define information risk management.
CISM: Information Threats, Vulnerabilities and Exposures

After watching this video, you will be able to define information threats, vulnerabilities and exposures.
CISM: Monitoring Performance of InfoSec Responsibilities

After watching this video, you will be able to recognize processes to monitor performance of InfoSec responsibilities.
CISM: Security Responsibilities of Organizational Staff

After watching this video, you will be able to recognize information security responsibilities of staff across the organization.
CISM: Structures, Lines of Authority, and Escalation

After watching this video, you will be able to describe the types of organizational structures, lines of authority, and escalation points.
CISM: Responsibilities of the InfoSec Manager

After watching this video, you will be able to define the responsibilities of the InfoSec manager.
CISM: Senior Leadership and Stakeholder Communication

After watching this video, you will be able to specify the methods and considerations of senior leadership and stakeholder communication.
CISM: Commitment from Senior Leadership and Stakeholders

After watching this video, you will be able to obtain commitment from senior leadership and stakeholders by using key information.
CISM: The Information Asset Classification Model

After watching this video, you will be able to recognize information asset classification.
CISM: Define InfoSec Governance

After watching this video, you will be able to define InfoSec governance.
CISM: Working with Key Information Security Metrics

After watching this video, you will be able to work with key information security metrics.
CISM: Establishing Reporting and Communication Channels

After watching this video, you will be able to describe reporting and communication channels.
CISM: Define InfoSec Security Management

After watching this video, you will be able to define InfoSec security management.
CISM: KPIs and Metrics to Evaluate the Response Plan

After watching this video, you will be able to define KPIs and metrics to evaluate the response plan.
CISM: Regulatory, Legal and Organization Requirements

After watching this video, you will be able to specify regulatory, legal and organization requirements.
CISM: Techniques to Test the Incident Response Plan

After watching this video, you will be able to know techniques to test the incident response plan.
CISM: Identifying Impact of Changes to the Environment

After watching this video, you will be able to identify impact of changes to the environment.
CISM: Classifying Resources for Investigation of Incidents

After watching this video, you will be able to classify resources for investigation of incidents.
CISM: Detecting, Logging, Analyzing and Documenting Events

After watching this video, you will be able to detect, log, analyze and document events.
CISM: Quantifying Damages, Costs and Business Impacts

After watching this video, you will be able to quantify damages, costs and business impacts.
CISM: Post-incident Review Practices and Investigations

After watching this video, you will be able to define post-incident review practices and investigations.
CISM: Incident Reporting Requirements and Procedures

After watching this video, you will be able to describe incident reporting requirements and procedures.
CISM: Describe Security Incident Management

After watching this video, you will be able to describe security incident management.
CISM: Forensic Requirements for Handling Evidence

After watching this video, you will be able to classify forensic requirements for handling evidence.
CISM: Incident Response Training, Tools, and Equipment

After watching this video, you will be able to know IRT training, tools, and equipment.
CISM: Roles and Responsibilities in Security Incidents

After watching this video, you will be able to define roles and responsibilities in security Incidents.
CISM: Notification and Escalation Processes

After watching this video, you will be able to describe notification and escalation processes.
CISM: Defining Incident Containment Methods

After watching this video, you will be able to define incident containment methods.
CISM: Incident Classification and Categorization Methods

After watching this video, you will be able to specify methods for incident classification and categorization.
CISM: Mapping the BCP and DRP to the IRP

After watching this video, you will be able to map the BCP and DRP to the IRP.
CISM: Components of an Incident Response Plan

After watching this video, you will be able to define components of an incident response plan (IRP).
CISM: Incident Management Concepts and Practices

After watching this video, you will be able to describe incident management concepts.
CISM: Describe Program Development & Management

After watching this video, you will be able to describe program development and management.
CISM: Communicating Program Status to Key Stakeholders

After watching this video, you will be able to communicate program status to key stakeholders.
CISM: Testing the Effectiveness of Security Controls

After watching this video, you will be able to testing the effectiveness of security controls.
CISM: Implementing Operational Security Metrics

After watching this video, you will be able to implement operational security metrics.
CISM: Reviewing Third-party Contracts and Agreements

After watching this video, you will be able to review third-party contracts and agreements.
CISM: Contracts, Agreements, and Third-party Management

After watching this video, you will be able to define contracts, agreements, and third-parties.
CISM: Integrating Mandates into Organizational Processes

After watching this video, you will be able to integrate mandates into organizational processes.
CISM: Developing Security Awareness and Training Programs

After watching this video, you will be able to develop security awareness and training programs.
CISM: Define Program Development and Control

After watching this video, you will be able to describe program development and control.
CISM: Implementing Information Security Standards

After watching this video, you will be able to implement information security standards.
CISM: Regulations, Standards, Frameworks, and Practices

After watching this video, you will be able to describe regulations, standards, frameworks and practices.
CISM: Security Standards, Procedures, and Guidelines

After watching this video, you will be able to define security standards, procedures and guidelines.
CISM: Applying Information Security Controls and Resources

After watching this video, you will be able to apply information security controls and resources.
CISM: Designing and Implementing Security Controls

After watching this video, you will be able to design and implement security controls.
CISM: Survey of Current and Emerging Security Technologies

After watching this video, you will be able to know current and emerging security technologies.
CISM: Acquiring and Managing Resource Requirements

After watching this video, you will be able to acquire and manage resource requirements.
CISM: Skills Training for Information Security Personnel

After watching this video, you will be able to describe skills training for information security personnel.
Security+: Common Vulnerabilities

After watching this video, you will be able to identify different vulnerabilities.
Security+: Malware Threats

After watching this video, you will be able to identify different malware threats
CISM: Strategic Budgetary Planning and Reporting

After watching this video, you will be able to describe strategic budgetary planning and reporting.
CISM: Developing Business Cases

After watching this video, you will be able to recognize developing business cases.
CISM: Contributing Factors for InfoSec Development

After watching this video, you will be able to specify the contributing factors for InfoSec development.
CISM: Integrating into Corporate Governance

After watching this video, you will be able to work with integrating into corporate governance.
CISM: Governance Planning, Design, and Implementation

After watching this video, you will be able to define governance planning, design, and implementation.
CISM: Standards, Frameworks, and Best Practices

After watching this video, you will be able to recall standards, frameworks, and best practices.
CISM: Fundamental Concepts of Governance

After watching this video, you will be able to recognize concepts of governance.
CISM: Available InfoSec Governance Frameworks

After watching this video, you will be able to describe InfoSec governance frameworks.
CISM: Information Security Relationship to Key Factors

After watching this video, you will be able to compare InfoSec relationships to key factors.
CISM: Information Security Strategy Techniques

After watching this video, you will be able to identify InfoSec strategy techniques.
CISM: Impact of Internal and External Influences

After watching this video, you will be able to recognize the impact of internal and external influences.
CISM: Describe InfoSec Governance

After watching this video, you will be able to describe InfoSec governance.
CISA: Intrusion Detection and Intrusion Prevention

After watching this video, you will be able to Compare IDS and IPS.
CISA: Firewall Technologies

After watching this video, you will be able to distinguish between different firewall technologies.
CISA: Business Application Development Part 2

After watching this video, you will be able to identify characteristics of the SDLC approach and phases, integrated resource management systems, and risk associated with software development.
Security Trends: Mobile Devices and Malware

After watching this video, you will be able to describe how the prevalence of mobile devices has created a whole new platform for vulnerabilities.
Security Trends: Wearables and Vulnerabilities

After watching this video, you will be able to describe how wearables and other nontraditional platforms being connected can raise security concerns.
Security Trends: Smart Appliances and IoT devices

After watching this video, you will be able to specify how more and more everyday devices becoming Internet connected can have negative effects on security.
Security Trends: Outsourced IT

After watching this video, you will be able to specify how outsourcing IT can affect the overall security of a business.
Security Trends: BYOD And Business

After watching this video, you will be able to list the pros and cons that can arise from a BYOD environment in a workplace.
Security Trends: Securing Data in the Cloud

After watching this video, you will be able to describe why putting data in the cloud can be useful and some ways to secure it.
Security Trends: Data at Rest

After watching this video, you will be able to specify how insecure databases can lead to large data leaks.
Security Trends: Use BitLocker to Protect Data at Rest

After watching this video, you will be able to protect stored data with encryption.
Security Trends: TLS

After watching this video, you will be able to recognize why TLS is becoming more prevalent and why its use is recommended.
Security Trends: Enable Cloud Multi-factor Authentication

After watching this video, you will be able to secure cloud user accounts with MFA.
Security Trends: Multi-factor Authentication (MFA)

After watching this video, you will be able to identify why multi-factor authentication has come into common use and its benefits.
Security Trends: Encrypting Cloud Data

After watching this video, you will be able to enable encryption to protect cloud data at rest.
Security Trends: White Hat Hacking

After watching this video, you will be able to describe what white hat hackers are and how they can help ameliorate the security of a business or product.
Security Trends: Threat Identification

After watching this video, you will be able to list common sources of security breaches and how to protect against them.
Security Trends: Cyber Insurance

After watching this video, you will be able to recognize how organizations are beginning to protect themselves from IT attacks.
Security Trends: Single Sign-On and Identity Federation

After watching this video, you will be able to describe how Single Sign-On can be used to improve security.
Security Trends: Exploit Kits

After watching this video, you will be able to describe how exploit kits can be used to take advantage of vulnerabilities in operating systems and applications.
Security Trends: Phishing

After watching this video, you will be able to specify how phishing can affect the security of a business.
Security Trends: Social Engineering

After watching this video, you will be able to describe what social engineering is and why it can be so dangerous.
Security Trends: Web-based Applications

After watching this video, you will be able to describe how web-based applications have gained more popularity and what implications for data security they have.
Security Trends: Bug Bounties

After watching this video, you will be able to specify how bug bounties can help result in more exploits being found and fixed.
Security Trends: State Sponsored Hacking

After watching this video, you will be able to describe how the influence of governments in hacking incidents has become a large issue for IT security.
Security Trends: Ransomware

After watching this video, you will be able to define ransomware attacks and how they can affect sensitive data.
Security Trends: Web Application Firewalls (WAFs)

After watching this video, you will be able to describe how WAFs can protect web applications.
Security Trends: Data Loss Prevention (DLP)

After watching this video, you will be able to determine how DLP can secure digital assets.
Security Trends: List Hacker Tools and Methods

After watching this video, you will be able to dsecribe how malicious users use tools to exploit vulnerabilities.
Security Trends: Disaster Recovery

After watching this video, you will be able to list and define disaster recovery terms such as BCP, DRP, RTO, and RPO.
Security Trends: Identifying Social Engineering Attempts

After watching this video, you will be able to recognize deceptive e-mail messages.
Security+: Brute-force Tools

After watching this video, you will be able to demonstrate brute-force tools.
Security+: Additional Security Considerations

After watching this video, you will be able to describe the purpose of various security controls such as faraday cages, cable locks, screen filters, cameras, and sign-in and sign-out logs.
Security+: Environmental Controls

After watching this video, you will be able to define the importance of HVAC systems and fire suppression systems.
Security+: Authentication

After watching this video, you will be able to describe various authentication options.
Security+: Protected Systems

After watching this video, you will be able to define the concept of a protected system and air gaps.
Security+: Motion Detection

After watching this video, you will be able to describe various types of motion detection systems.
Security+: Alarms

After watching this video, you will be able to describe the importance of alarms and the difference between false alarms and true alarms.
Security+: Controlling Access

After watching this video, you will be able to identify the various methods that can be used to control or deter physical access.
Security+: Locks

After watching this video, you will be able to identify different types of locks and describe the importance of key management.
Security+: Secure Enclosures

After watching this video, you will be able to identify the benefits of using safes and secure cabinets.
Security+: Lighting

After watching this video, you will be able to identify the importance of lighting in relation to security.
Security+: Introduction to Physical Security

After watching this video, you will be able to describe the importance of physical security in relation to the success of your organization.
Security+: Defense in Depth

After watching this video, you will be able to describe the benefits of implementing a layered security approach and the importance of diversity and user training.
Security+: Recall Wireless Security Concepts

After watching this video, you will be able to to recall various wireless security topics and concepts.
Security+: Captive Portals

After watching this video, you will be able to describe and use a captive portal.
Security+: Secure Configuration Guidelines

After watching this video, you will be able to specify the reasoning behind following secure configuration guidelines.
Security+: Frameworks and Architectures

After watching this video, you will be able to identify the purpose of various frameworks and architectures.
Security+: Configuring a WPA2 PSK Wireless Network

After watching this video, you will be able to configure a WPA2 PSK wireless network.
Security+: Configuring a WPA Enterprise Wireless Network

After watching this video, you will be able to configure a WPA enterprise wireless network.
Security+: Wi-Fi Protected Setup

After watching this video, you will be able to describe and use Wi-Fi Protected Setup.
Security+: Configuring a WPA2 Enterprise Wireless Network

After watching this video, you will be able to configure a WPA2 enterprise wireless network.
Security+: Configuring an Open Wireless Network

After watching this video, you will be able to configure an open wireless network.
Security+: Wireless Encryption

After watching this video, you will be able to identify the common methods of encrypting communications on wireless networks.
Security+: Configuring a WPA PSK Wireless Network

After watching this video, you will be able to configure a WPA PSK wireless network
Security+: Types of Wireless Networks

After watching this video, you will be able to identify the differences between the three different types of wireless networks.
Security+: Introducing Wireless Security

After watching this video, you will be able to describe the importance of authentication and encryption for wireless networks.
Security+: Wireless Authentication

After watching this video, you will be able to distinguish between PSK and enterprise authentication for wireless networks.
Security+: WPA and WPA2

After watching this video, you will be able to choose the most appropriate wireless standard and mode to secure your wireless communications.
Security+: Unauthorized Software

After watching this video, you will be able to define unauthorized software.
Security+: Personnel Issues

After watching this video, you will be able to classify personnel issues.
Security+: License Compliance Violation

After watching this video, you will be able to recognize license compliance violation.
Security+: Baseline Deviation

After watching this video, you will be able to define baseline deviation.
Security+: Weak Security Configurations

After watching this video, you will be able to recognize weak security configurations.
Security+: Misconfigured Devices

After watching this video, you will be able to describe misconfigured devices.
Security+: Authentication Issues

After watching this video, you will be able to specify authentication issues.
Security+: Asset Management

After watching this video, you will be able to describe asset management.
Security+: Identity and Access Management Part 1

After watching this video, you will be able to compare identity and access management concepts.
Security+: Troubleshoot Security Issues

After watching this video, you will be able to specify various security troubleshooting issues.
Security+: Routing Protocol Authentication

After watching this video, you will be able to work with routing protocol authentication.
Security+: Secure MIME (S/MIME)

After watching this video, you will be able to describe S/MIME.
Security+: Unencrypted Credentials

After watching this video, you will be able to define unencrypted credentials.
Security+: Recognize Secure Versions of Protocols

After watching this video, you will be able to recognize various secure versions of common protocols.
Security+: Post Office/Internet Message Access Protocols

After watching this video, you will be able to describe Secure POP/IMAP.
Security+: Data Exfiltration

After watching this video, you will be able to describe data exfiltration.
Security+: Permission Issues

After watching this video, you will be able to specify permission issues.
Security+: Logs and Events Anomalies

After watching this video, you will be able to describe logs and events anomalies.
Security+: Certificate Issues

After watching this video, you will be able to specify certificate issues.
Security+: Access Violations

After watching this video, you will be able to define access violations.
Security+: Secure Sockets Layer/Transport Layer Security

After watching this video, you will be able to describe Secure Sockets Layer and Transport Layer Security (SSL/TLS).
Security+: Secure Shell (SSH)

After watching this video, you will be able to work with SSH.
Security+: Domain Naming System/Secure (DNSSEC)

After watching this video, you will be able to describe DNSSEC.
Security+: Hypertext Transfer Protocol/Secure (HTTPS)

After watching this video, you will be able to describe HTTPS.
Security+: Network Time Protocol (NTPv3)

After watching this video, you will be able to describe NTPv3.
Security+: Simple Network Management Protocol (SNMPv3)

After watching this video, you will be able to describe work with SNMPv3.
Security+: File Transfer Protocol/Secure (FTPS)

After watching this video, you will be able to describe FTPS.
Security+: Secure Real-time Transport Protocol (SRTP)

After watching this video, you will be able to describe SRTP.
Security+: Lightweight Directory Access Protocol/Secure (LDAPS)

After watching this video, you will be able to describe LDAPS.
Security+: Secure File Transfer Protocol (SFTP)

After watching this video, you will be able to describe SFTP.
Security+: X.509 Certificates

After watching this video, you will be able to recognize the X.509 certificate format and file extensions.
Security+: Recall PKI Concepts

After watching this video, you will be able to recall various PKI concepts.
Security+: Types of Certificates

After watching this video, you will be able to describe various types certificates and their uses.
Security+: Pinning

After watching this video, you will be able to identify the purpose and types of pinning.
Security+: Certificate Chaining

After watching this video, you will be able to describe the concept of certificate chaining.
Security+: Key Escrow

After watching this video, you will be able to describe the benefits of key escrow and when you might consider using it.
Security+: Expiration, Revocation, Suspension

After watching this video, you will be able to describe the benefits of certificate expiration, revocation, and suspension, and distinguish between a CRL and OCSP.
Security+: PKI Overview

After watching this video, you will be able to recall the purpose of a PKI and a trusted introducer.
Security+: Identify Features/Services of Cryptography

After watching this video, you will be able to identify various cryptographic features and services.
Security+: CA Trust Models

After watching this video, you will be able to recognize the various CA trust models that can be implemented, such as single CA, hierarchical, bridge, peer-to-peer, and mesh.
Security+: Public Key Infrastructure

After watching this video, you will be able to describe the benefits and uses of the public key infrastructure for an organization.
Security+: Additional Security Considerations

After watching this video, you will be able to identify additional security considerations such as steganography, obscurity, and weak algorithms.
Security+: Key Stretching

After watching this video, you will be able to describe the purpose of key stretching.
Security+: Hashing Functions

After watching this video, you will be able to identify various hashing functions.
Security+: Hashing

After watching this video, you will be able to describe hashing.
Security+: Authentication

After watching this video, you will be able to describe authentication.
Security+: Data Integrity

After watching this video, you will be able to describe data integrity.
Security+: Symmetric Algorithms

After watching this video, you will be able to identify various symmetric algorithms.
Security+: Introducing Symmetric Algorithms

After watching this video, you will be able to describe symmetric algorithms.
Security+: Asymmetric Algorithms

After watching this video, you will be able to identify various asymmetric algorithms.
Security+: Introducing Asymmetric Algorithms

After watching this video, you will be able to describe asymmetric algorithms.
Security+: Digital Signatures

After watching this video, you will be able to describe the purpose of digital signatures.
Security+: Encryption

After watching this video, you will be able to describe the purpose of encryption.
Security+: Properties of Secure Ciphers

After watching this video, you will be able to identify the properties of a secure cipher.
Security+: Ciphers

After watching this video, you will be able to identify the purpose of a cipher.
Security+: Stream Cipher

After watching this video, you will be able to describe the function of stream ciphers.
Security+: Block Cipher

After watching this video, you will be able to describe the function of block ciphers.
Security+: Introduction to Cryptography

After watching this video, you will be able to identify the role cryptography plays in maintaining CIA.
Security+: Key Exchange

After watching this video, you will be able to recognize the various ways to exchange cryptographic keys.
Security+: Keys

After watching this video, you will be able to describe the purpose of a cryptographic key.
Security+: TACACS+

After watching this video, you will be able to describe Terminal Access Controller Access Control System (TACACS+).
Security+: Remote Authentication Dial-in User Service (RADIUS)

After watching this video, you will be able to describe RADIUS.
Security+: Lightweight Directory Access Protocol (LDAP)

After watching this video, you will be able to define LDAP.
Security+: Kerberos

After watching this video, you will be able to recognize Kerberos.
Security+: Identity and Access Management Part 2

After watching this video, you will be able to compare and contrast identity and access management concepts.
Security+: Challenge Handshake Authentication Protocol (CHAP)

After watching this video, you will be able to compare PAP, CHAP, and MSCHAP.
Security+: NT LAN Manager (NTLM)

After watching this video, you will be able to define NTLM.
Security+: Security Assertion Markup Language (SAML)

After watching this video, you will be able to define SAML.
Security+: Secure Token

After watching this video, you will be able to describe secure token.
Security+: OpenID Connect

After watching this video, you will be able to specify OpenID Connect.
Security+: Push Notification Services

After watching this video, you will be able to describe push notification services.
Security+: Geofencing and Geolocation

After watching this video, you will be able to compare geofencing and geolocation.
Security+: Containerization and Storage Segmentation

After watching this video, you will be able to classify containerization and storage segmentation.
Security+: Biometrics and Context-aware Authentication

After watching this video, you will be able to define biometrics and context-aware authentication.
Security+: Remote Wipe

After watching this video, you will be able to describe remote wipe.
Security+: Application and Content Management

After watching this video, you will be able to define application and content management.
Security+: Passwords, Pins, and Screen Locks

After watching this video, you will be able to describe passwords, pins, and screen locks.
Security+: Work with Technology Output Analysis

After watching this video, you will be able to work with technology output analysis.
Security+: Web Application Firewall

After watching this video, you will be able to describe web application firewall.
Security+: Deployment Models

After watching this video, you will be able to compare deployment models.
Security+: Survey of Connection Methods

After watching this video, you will be able to specify connection methods.
Security+: Unified Threat Management (UTM)

After watching this video, you will be able to describe UTM.
Security+: Patch Management Tools

After watching this video, you will be able to compare patch management tools.
Security+: Data Execution Prevention (DEP)

After watching this video, you will be able to specify data execution prevention.
Security+: Data Loss Prevention (DLP)

After watching this video, you will be able to define DLP.
Security+: Removable Media Control

After watching this video, you will be able to define removable media control.
Security+: Application Whitelisting

After watching this video, you will be able to specify application whitelisting.
Security+: Antivirus

After watching this video, you will be able to describe antivirus.
Security+: Host Intrusion Prevention

After watching this video, you will be able to work with Host Intrusion Detection System (HIDS) and Host Intrusion Prevention System (HIPS).
Security+: Host-based Firewall

After watching this video, you will be able to describe a host-based firewall.
Security+: File Integrity Check

After watching this video, you will be able to define file integrity check.
Security+: Passive vs. Active

After watching this video, you will be able to compare passive vs. active.
Security+: Banner Grabbing

After watching this video, you will be able to define banner grabbing.
Security+: Use Security Assessment Tools

After watching this video, you will be able to work with security assessment using software tools.
Security+: Other Command Line Tools

After watching this video, you will be able to describe other command line tools.
Security+: Honeypots

After watching this video, you will be able to describe honeypots.
Security+: Steganography Tools

After watching this video, you will be able to define steganography tools.
Security+: Backup Utilities

After watching this video, you will be able to configure backup utilities.
Security+: Configuration Compliance Scanner

After watching this video, you will be able to define configuration compliance scanner.
Security+: Vulnerability Scanners

After watching this video, you will be able to describe vulnerability scanners.
Security+: Data Sanitization Tools

After watching this video, you will be able to compare data sanitization tools.
Security+: Exploitation Frameworks

After watching this video, you will be able to describe exploitation frameworks.
Security+: Network Scanners

After watching this video, you will be able to work with network scanners.
Security+: Password Crackers

After watching this video, you will be able to work with password crackers.
Security+: Wireless Scanners/Cracker

After watching this video, you will be able to specify wireless scanners/cracker.
Security+: Specialty Appliances

After watching this video, you will be able to recognize specialty appliances.
Security+: Encryption Gateways

After watching this video, you will be able to define encryption gateways.
Security+: Protocol Analyzers

After watching this video, you will be able to work with protocol analyzers.
Security+: Work with Organizational Components

After watching this video, you will be able to describe the various components that support organizational security.
Security+: NAC Gateways

After watching this video, you will be able to define NAC gateways.
Security+: DLP Systems

After watching this video, you will be able to describe DLP systems.
Security+: Media Gateways

After watching this video, you will be able to define media gateways.
Security+: Mail Gateways

After watching this video, you will be able to describe mail gateways.
Security+: Enforcement and Monitoring: Part 1

After watching this video, you will be able to describe enforcement and monitoring.
Security+: Full Device Encryption

After watching this video, you will be able to describe full device encryption.
Security+: Secure Mobile Devices

After watching this video, you will be able to describe ways to secure mobile devices.
Security+: Enforcement and Monitoring: Part 2

After watching this video, you will be able to describe enforcement and monitoring.
Security+: Online vs. Offline Attacks

After watching this video, you will be able to compare online vs. offline attacks.
Security+: Birthday, Known Plaintext, and Cipher Attacks

After watching this video, you will be able to describe birthday, known plaintext, and cipher attacks.
Security+: Downgrade Attacks

After watching this video, you will be able to describe downgrade attacks.
Security+: Collisions

After watching this video, you will be able to define collisions.
Security+: Brute-Force and Dictionary Attacks

After watching this video, you will be able to recognize brute-force and dictionary attacks.
Security+: Bluejacking and Bluesnarfing

After watching this video, you will be able to compare bluejacking and bluesnarfing.
Security+: Initialization Vector Weaknesses

After watching this video, you will be able to specify initialization vector weaknesses.
Security+: Replay Attacks

After watching this video, you will be able to recognize replay attacks.
Security+: Jamming

After watching this video, you will be able to describe jamming.
Security+: Evil Twins and Rogue Apps

After watching this video, you will be able to compare evil twins and rogue apps.
Security+: SIEM Systems

After watching this video, you will be able to define SIEM systems.
Security+: Wireless Access Points

After watching this video, you will be able to recognize wireless access points.
Security+: NIDS and NIPS

After watching this video, you will be able to compare NIDS and NIPS.
Security+: VPN Concentrators

After watching this video, you will be able to describe VPN concentrators.
Security+: Routers

After watching this video, you will be able to describe routers.
Security+: Bridges and Switches

After watching this video, you will be able to compare bridges and switches.
Security+: Improper Certificate and Key Management

After watching this video, you will be able to define improper certificate and key management.
Security+: New Threats and Zero Day Attacks

After watching this video, you will be able to recognize new threats and zero day attacks.
Security+: Firewalls

After watching this video, you will be able to define firewalls.
Security+: Identify the Impact of Vulnerabilities

After watching this video, you will be able to specify the impact of different types of vulnerabilities.
Security+: Proxies and Load Balancers

After watching this video, you will be able to compare proxies and load balancers.
Security+: Architecture and Design Weaknesses

After watching this video, you will be able to describe architecture and design weaknesses.
Security+: Improperly Configured Accounts

After watching this video, you will be able to work with improperly configured accounts.
Security+: Untrained Users

After watching this video, you will be able to specify untrained users.
Security+: Weak Cipher Suites and Implementations

After watching this video, you will be able to recognize weak cipher suites and implementations.
Security+: Vulnerable Business Processes

After watching this video, you will be able to recognize vulnerable business processes.
Security+: Improper Input and Error Handling

After watching this video, you will be able to specify improper input and error handling.
Security+: System Vulnerabilities

After watching this video, you will be able to recognize system vulnerabilities.
Security+: Resource Exhaustion

After watching this video, you will be able to describe resource exhaustion.
Security+: Misconfiguration

After watching this video, you will be able to define misconfiguration.
Security+: System Sprawl and Undocumented Assets

After watching this video, you will be able to describe system sprawl and undocumented assets.
Security+: Memory and Buffer Vulnerability

After watching this video, you will be able to define memory and buffer vulnerability.
Security+: Identifying Common Misconfigurations

After watching this video, you will be able to identify common misconfigurations.
Security+: Identifying Lack of Security Controls

After watching this video, you will be able to identify lack of security controls.
Security+: Credentialed vs. Noncredentialed

After watching this video, you will be able to compare credentialed vs. noncredentialed.
Security+: Intrusive vs. Nonintrusive

After watching this video, you will be able to compare intrusive vs. nonintrusive.
Security+: Pentesting vs. Vulnerability Scanning

After watching this video, you will be able to compare pentesting vs. vulnerability scanning.
Security+: Identifying Vulnerability

After watching this video, you will be able to identify vulnerability.
Security+: Passively Testing Security Controls

After watching this video, you will be able to passively test security controls.
Security+: Working with Pentesting and Scanning

After watching this video, you will be able to recognize penetration testing and vulnerability scanning methods.
Security+: False Positives

After watching this video, you will be able to describe false positives.
Security+: Race Conditions

After watching this video, you will be able to describe race conditions.
Security+: Define Cryptographic and Wireless Attacks

After watching this video, you will be able to recognize cryptographic and wireless attacks.
Security+: RFID and Near Field Communication (NFC)

After watching this video, you will be able to compare RFID and near field communication (NFC).
Security+: Pivot

After watching this video, you will be able to describe a pivot.
Security+: Active vs. Passive Reconnaissance

After watching this video, you will be able to compare active vs. passive reconnaissance.
Security+: Disassociation Attacks

After watching this video, you will be able to recognize disassociation attacks.
Security+: WPS Attacks

After watching this video, you will be able to define WPS attacks.
Security+: Persistence

After watching this video, you will be able to define persistence.
Security+: Initial Exploitation

After watching this video, you will be able to specify initial exploitation.
Security+: Black vs. Gray vs. White Box Testing

After watching this video, you will be able to compare black vs. gray vs. white box.
Security+: Escalation of Privilege

After watching this video, you will be able to recognize escalation of privilege.
Security+: Operating System Security Considerations

After watching this video, you will be able to recall key considerations of a secure operating system.
Security+: Secure Boot

After watching this video, you will be able to describe the benefits of secure system booting and how UEFI plays a role in it.
Security+: Hardware Root Of Trust

After watching this video, you will be able to describe how anchoring the trust of a system within hardware using TPM, SED, and HSM improves security.
Security+: Supply Chain

After watching this video, you will be able to identify when security needs to be considered in the supply chain.
Security+: EMI and EMP

After watching this video, you will be able to identify how systems may be protected from EMI and EMP.
Security+: RAID

After watching this video, you will be able to describe how RAID can provide resiliency.
Security+: High Availability

After watching this video, you will be able to define how high availability provides resiliency.
Security+: Virtualization, Cloud, and Resiliency

After watching this video, you will be able to recall various virtualization, cloud, and resiliency concepts.
Security+: Templates and Master Image

After watching this video, you will be able to describe how templates and master images provide resiliency.
Security+: Adjusting to Demands

After watching this video, you will be able to describe elasticity, scalability, and distributive allocation.
Security+: Additional Resiliency Considerations

After watching this video, you will be able to describe how non-persistence, snapshots, reverting to known states, rolling back configurations all provide resiliency.
Security+: Virtual Desktop Infrastructure

After watching this video, you will be able to define the purpose and benefit to using a VDI/VDE.
Security+: Cloud Storage and Models

After watching this video, you will be able to compare the different types of cloud offerings such as IaaS, PaaS, and SaaS.
Security+: Automation and Scripting

After watching this video, you will be able to describe how automation and scripting provide resiliency.
Security+: Additional Cloud Concepts

After watching this video, you will be able to describe the function of a cloud access security broker and security as a service.
Security+: Review Secure System Design and App Dev

After watching this video, you will be able to recall various concepts related to secure system design and application development.
Security+: Compiled vs. Runtime Code

After watching this video, you will be able to compare compiled code vs. runtime code.
Security+: VM Sprawl and Escape

After watching this video, you will be able to describe the issues related to VMs.
Security+: Hypervisors

After watching this video, you will be able to compare different types of hypervisors and the benefits of using application containers.
Security+: Code Quality and Testing

After watching this video, you will be able to define various methods for code quality and testing.
Security+: Secure Coding Techniques

After watching this video, you will be able to describe various techniques that are used for secure coding.
Security+: Additional Devices and Security Concerns

After watching this video, you will be able to describe the security concerns of multi-function devices, camera systems, medical devices, vehicles, and aircraft.
Security+: SoC and RTOS

After watching this video, you will be able to describe the security concerns of SoC and RTOS.
Security+: Secure DevOps

After watching this video, you will be able to describe the importance of security with DevOps.
Security+: Development Life Cycle Models

After watching this video, you will be able to compare waterfall and Agile development life cycle models.
Security+: Keyboards, Mice, Displays, and Other Devices

After watching this video, you will be able to describe the security concerns and considerations when using wireless keyboards and mice, displays, Wi-Fi enabled MicroSD cards, printers, usb storage, and digital cameras.
Security+: Trusted Operating System

After watching this video, you will be able to describe the concept of a trusted operating system.
Security+: SCADA, IoT, and HVAC

After watching this video, you will be able to describe the security concerns of SCADA, IoT, and HVAC.
Security+: Secure Development Concepts

After watching this video, you will be able to define secure development concepts.
Security+: Development Concepts

After watching this video, you will be able to define various development concepts.
Security+: Explore Security Controls

After watching this video, you will be able to recall the purpose of various security controls.
Security+: Secure Network Architecture Concepts

After watching this video, you will be able to recall the purpose of various secure network architecture concepts.
Security+: Tunneling and VPNs

After watching this video, you will be able to describe site-to-site and remote access vpns.
Security+: Segregation, Segmentation, and Isolation

After watching this video, you will be able to define how physical, logical, virtual, and air gap separation provide security.
Security+: Software Defined Network

After watching this video, you will be able to describe the security concerns surrounding the SDN.
Security+: Device and Technology Placement

After watching this video, you will be able to define where various devices and technologies should be placed for maximum security benefits.
Security+: Zones and Topologies

After watching this video, you will be able to describe the reasoning behind implementing different zones and topologies.
Security+: Dumpster Diving

After watching this video, you will be able to describe dumpster diving.
Security+: Tailgating and Piggybacking

After watching this video, you will be able to define shoulder surfing.
Security+: Watering Hole Attacks (Social Networks)

After watching this video, you will be able to describe watering hole attacks (social networks).
Security+: Phishing, Spear Phishing, and Whaling

After watching this video, you will be able to compare phishing, spear phishing, and whaling.
Security+: Tailgating and Piggybacking

After watching this video, you will be able to recognize tailgating and piggybacking.
Security+: Impersonation and Hoaxing

After watching this video, you will be able to define impersonation and hoaxing.
Security+: Compare Types of Malware

After watching this video, you will be able to describe and compare malware types.
Security+: Spyware

After watching this video, you will be able to classify spyware.
Security+: Keyloggers

After watching this video, you will be able to define keyloggers.
Security+: Polymorphic Packers

After watching this video, you will be able to describe polymorphic packers.
Security+: Stegomalware

After watching this video, you will be able to define stegomalware.
Security+: Backdoors

After watching this video, you will be able to define backdoors.
Security+: Bots and Botnets

After watching this video, you will be able to describe bots and botnets.
Security+: Logic Bombs

After watching this video, you will be able to define logic bombs.
Security+: Rootkits

After watching this video, you will be able to define rootkits.
Security+: Ransomware

After watching this video, you will be able to describe ransomware.
Security+: Remote Access Trojans (RATs)

After watching this video, you will be able to specify RATs.
Security+: Cryptomalware

After watching this video, you will be able to define cryptomalware.
Security+: Viruses

After watching this video, you will be able to describe viruses.
Security+: Define the Threat Landscape and Agents

After watching this video, you will be able to define and describe the threat landscape and agents.
Security+: Trojans

After watching this video, you will be able to describe Trojans.
Security+: Worms

After watching this video, you will be able to define worms.
Security+: Sophistication, Resources, and Funding of Threats

After watching this video, you will be able to define levels of sophistication, resources, and funding of threats.
Security+: Open-source Intelligence in Threats

After watching this video, you will be able to describe different open-source intelligence in threats.
Security+: Intent and Motivation of Threats

After watching this video, you will be able to recognize threat intent and motivation.
Security+: Insiders and Competitors

After watching this video, you will be able to describe insider and competitor threats.
Security+: Organized Crime, Nation States, and APTs

After watching this video, you will be able to compare organized crime, states, and APTs.
Security+: Structured vs. Unstructured Threats

After watching this video, you will be able to compare structured and unstructured threats.
Security+: Internal vs. External Threats

After watching this video, you will be able to compare internal and external threats.
Security+: Countermeasures and Mitigation

After watching this video, you will be able to define countermeasures and mitigation.
Security+: Threats and Threat Agents

After watching this video, you will be able to define threats, threat agents, exploits, and payloads.
Security+: Script Kiddies and Hacktivists

After watching this video, you will be able to describe script kiddies and hacktivists.
Security+: Indicators of Compromise (IOCs)

After watching this video, you will be able to describe IOCs.
Security+: Risks and Vulnerabilities

After watching this video, you will be able to describe risks and vulnerabilities.
Security+: Defining the Threat Landscape

After watching this video, you will be able to describe the threat landscape.
Security+: Pass the Hash Attacks

After watching this video, you will be able to define pass the hash attacks.
Security+: Replay Attacks

After watching this video, you will be able to describe replay attacks.
Security+: Review Application Attacks

After watching this video, you will be able to recognize application and service attacks.
Security+: Domain Hijacking

After watching this video, you will be able to recognize domain hijacking.
Security+: DNS Poisoning

After watching this video, you will be able to describe DNS poisoning.
Security+: Cross-site Scripting and Request Forgery

After watching this video, you will be able to compare cross-site scripting and request forgery.
Security+: Man-in-the-browser

After watching this video, you will be able to define man-in-the-browser.
Security+: Injection Attacks

After watching this video, you will be able to recognize injection attacks.
Security+: Reflection and Amplification

After watching this video, you will be able to compare reflection and amplification.
Security+: Privilege Escalation

After watching this video, you will be able to define privilege escalation.
Security+: Man-in-the-middle Attacks

After watching this video, you will be able to describe man-in-the-middle attacks.
Security+: DoS and DDoS Attacks

After watching this video, you will be able to recognize DoS and DDoS attacks.
Security+: Buffer Overflow Attacks

After watching this video, you will be able to describe buffer overflow attacks.
Security+: ARP Poisoning

After watching this video, you will be able to define ARP poisoning.
Security+: Define Social Engineering and Hijacking

After watching this video, you will be able to recognize and classify social engineering and hijacking attacks.
Security+: Refactoring

After watching this video, you will be able to describe refactoring.
Security+: Spoofing

After watching this video, you will be able to classify spoofing.
Security+: Zero Day Attacks

After watching this video, you will be able to describe zero day attacks.
Security+: Shimming

After watching this video, you will be able to define shimming.
Security+: Typosquatting

After watching this video, you will be able to recognize typosquatting.
Security+: URL Hijacking

After watching this video, you will be able to describe URL hijacking.
Security+: Reasons for Effectiveness

After watching this video, you will be able to specify reasons for effectiveness.
Security+: Vishing and Smishing

After watching this video, you will be able to compare vishing and smishing.
Security+: Session Hijacking

After watching this video, you will be able to describe session hijacking.
Security+: Clickjacking

After watching this video, you will be able to define clickjacking.
Security+: Forensic Investigation Procedures

After watching this video, you will be able to identify the steps required during a forensics investigation.
Security+: Forensic Investigation

After watching this video, you will be able to describe the purpose of forensic investigation.
Security+: Disaster Recovery

After watching this video, you will be able to define disaster recovery and the disaster recovery plan.
Security+: Intelligence Gathering

After watching this video, you will be able to compare strategic intelligence and strategic counterintelligence.
Security+: Building an Incident Response Plan

After watching this video, you will be able to describe the importance and components of an incident response plan.
Security+: Defining Incident Response

After watching this video, you will be able to define incident response and the incident response process.
Security+: Backups

After watching this video, you will be able to describe the different types of backups.
Security+: Recovery Sites

After watching this video, you will be able to describe the different types of recovery sites.
Security+: Security Controls

After watching this video, you will be able to identify different security controls.
Security+: Geographic Considerations

After watching this video, you will be able to recognize the geographic implications of disaster recovery.
Security+: Risks

After watching this video, you will be able to identify risks to an organization.
Security+: Risk Assessment

After watching this video, you will be able to describe risk assessment.
Security+: Risk Analysis

After watching this video, you will be able to define risk analysis.
Security+: Testing for Risks

After watching this video, you will be able to specify how to and who should be testing for risks.
Security+: Risk Management

After watching this video, you will be able to define risk management.
Security+: Recall BIA and Risk Management Concepts

After watching this video, you will be able to recall business impact assessment and risk management concepts.
Security+: Quantitative Risk Analysis

After watching this video, you will be able to describe quantitative risk analysis.
Security+: Qualitative Risk Analysis

After watching this video, you will be able to describe qualitative risk analysis.
Security+: Change Management

After watching this video, you will be able to define procedures for implementing change.
Security+: Risk Response

After watching this video, you will be able to define methods that can be used to respond to risk.
Security+: Acceptable Use Policy

After watching this video, you will be able to define the purpose of acceptable use policies.
Security+: Security Awareness Training

After watching this video, you will be able to describe the benefits of security awareness training.
Security+: Explore Policies, Plans, and Procedures

After watching this video, you will be able to recall the purpose of various policies, plans, and procedures.
Security+: Additional Security Policies

After watching this video, you will be able to describe the benefits of social media policies and personal e-mail policies.
Security+: Privacy Assessments

After watching this video, you will be able to describe privacy impact assessment and privacy threshold assessment.
Security+: Mean Time Between Failure and Mean Time to Repair

After watching this video, you will be able to define Mean Time Between Failure (MTBF) and Mean Time to Repair (MTR).
Security+: Business Continuity Plan (BCP)

After watching this video, you will be able to describe the purpose of a BCP.
Security+: Determining Recovery Team

After watching this video, you will be able to define concepts related to recovery time such as MTD, RTO, and RPO.
Security+: Business Impact Analysis (BIA)

After watching this video, you will be able to identify the general steps in a BIA.
Security+: Administrative Job Control

After watching this video, you will be able to describe the benefits of enforcing mandatory vacations, job rotation, separation of duties, and the principle of least privilege.
Security+: Agreements

After watching this video, you will be able to define various agreements such as BPA, SLA, ISA, and MOU.
Security+: Personnel Management

After watching this video, you will be able to describe the benefits of a clean desk policy, a background check policy, exit interviews, NDA, and onboarding.
Security+: Standard Operating Procedure

After watching this video, you will be able to describe the benefits of using standard operating procedures.
Security+: Recall Continuity and Privacy Concepts

After watching this video, you will be able to recall incident response, forensics, disaster recovery, and security concepts.
Security+: Data Retention

After watching this video, you will be able to describe the purpose of data retention.
Security+: Destruction and Sanitization

After watching this video, you will be able to describe media sanitization and data destruction.
Security+: Data Roles

After watching this video, you will be able to define various data roles.
Security+: Labeling and Handling

After watching this video, you will be able to describe the benefits of labeling and handling.

Join The 50,000+ Companies That Have Purchased Training from TrainUp.com

50K+ Companies Trained
Including 90% Of Fortune 500 Companies Have Purchased Training With TrainUp.com
300K+ Courses & Videos
Live Instructor-Led (Classroom & Virtual), Self-Paced E-learning & Custom OnSite Training Solutions From Leading Training Providers
800+ Expert Instructors
Industry-Leading Subject Matter Experts (SMEs).Tenured &
Award-Winning Instructor Network

Terms and Conditions

Please read these Terms and Conditions carefully before using Capital One Spring member exclusives (the “Service”) at TrainUp.com.

Your access to and use of the Service is conditioned upon your acceptance of and compliance with these Terms. These Terms apply to all Capital One Spring members who wish to access or use the Service and by accessing or using the Service you agree to be bound by these Terms.

This site uses cookies. We will never sell or rent your information. By signing up for a TrainUp.com account as a Capital One Spring member, you will receive emails in relationship to your content registration and monthly updates. You will only receive emails from TrainUp.com and never a third-party source.

By signing up for a free TrainUp.com account you will be asked to provide basic information about yourself and company, If you wish to purchase any product or service made available through the Service, you may be asked to supply certain additional information relevant to your purchase.

The Service may employ the use of third-party services to allow access to course contents. By submitting your information, you grant us the right to provide the information to these third parties as needed to support your use of the service.

You acknowledge and agree that TrainUp.com shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods or services available on or through any such third party web sites or services.

We may terminate or suspend your account and bar access to the service immediately, without prior notice or liability, under our sole discretion, for any reason whatsoever and without limitation, including but not limited to a breach of the Terms. If you wish to terminate your account, you may simply discontinue using the service.