CompTIA Security+ (SY0-401) Compliance and Operational Security

Pluralsight

Course Summary

CompTIA Security+ (2014 Objectives): Domain 2- Compliance and Operational Security.

+
Course Description

This course prepares students for the compliance and operational security section of the CompTIA Security+ (SY0-401) exam. This course deals with security issues such as compliance, risk mitigation, basic forensic procedures and environmental controls used to increase reliability, resiliency, and maintain business continuity. The importance of mitigating risk and calculating the likelihood and expected losses of various risks is covered, along with dealing with 3rd party integration, SLAs, and maintaining operations through business continuity best practices. Environmental controls including HVAC, hot and cold aisles, high availability, and fault tolerant best practices are also discussed. Confidentiality, Integrity and Availability (CIA) best practices are also covered to ensure data is secure, verified, and accessible.

Course Description

This course prepares students for the compliance and operational security section of the CompTIA Security+ (SY0-401) exam. This course deals with security issues such as compliance, risk mitigation, basic forensic procedures and environmental controls used to increase reliability, resiliency, and maintain business continuity. The importance of mitigating risk and calculating the likelihood and expected losses of various risks is covered, along with dealing with 3rd party integration, SLAs, and maintaining operations through business continuity best practices. Environmental controls including HVAC, hot and cold aisles, high availability, and fault tolerant best practices are also discussed. Confidentiality, Integrity and Availability (CIA) best practices are also covered to ensure data is secure, verified, and accessible.

+
Course Syllabus

Risk and Related Concepts
- 1h 0m

—Module Overview 3m 40s
—The Security Cycle 2m 59s
—Control Types 9m 34s
—Incident Response 5m 52s
—False Positives, False Negatives, and Security Policies 9m 47s
—Risk Calculation 8m 43s
—MTTF, MTTR, and MTBF 3m 23s
—Threat Vectors, Vulnerabilities, and Managing Risk 6m 5s
—Risk Avoidance and Risks Associated With Cloud Computing 4m 30s
—RPO and RTO 6m 9s

Risks Associated With 3rd Party Integration
- 21m 37s

—Course Overview and Onboarding Process 3m 15s
—3rd Party Integration 2m 8s
—Off-Boarding Process 0m 58s
—Social Media Networks and Applications 1m 37s
—SLA 1m 46s
—BPA 0m 36s
—MOU and ISA 2m 22s
—Privacy Considerations and Data Ownership 3m 40s
—Data Backups 1m 2s
—Security Policies and Procedures 1m 44s
—Review Agreements and Verify Compliance 2m 23s

Risk Mitigation Strategies
- 23m 50s

—Module Overview 1m 10s
—Change Management 8m 8s
—Incident Management 2m 27s
—User Rights and Permissions Review 3m 44s
—Perform Routine Audits 1m 9s
—Preventing Data Loss or Theft 1m 51s
—Attack Vectors 1m 39s
—Enforce Technology Controls 2m 39s
—Module Review 0m 59s

Implementing Basic Forensic Procedures
- 46m 18s

—Module Overview 1m 42s
—What Is Computer Forensics? 2m 39s
—Order of Volatility 5m 21s
—First Responder Best Practices 5m 32s
—Capture a System Image 4m 5s
—Network Traffic and Logs 4m 10s
—Capture Video 1m 4s
—Record Time Offset 2m 44s
—Take Hashes 4m 36s
—Screenshots 1m 10s
—Witnesses 2m 5s
—Track Man Hours and Expense 2m 39s
—Chain of Custody 2m 53s
—Big Data Analysis 3m 39s
—Module Review 1m 51s

Incident Response Concepts
- 41m 49s

—Module Overview 2m 13s
—Incident Preparation 8m 2s
—Incident Identification 2m 38s
—Incident Response 1m 57s
—Incident Notification and Escalation 4m 52s
—Incident Mitigation and Isolation 3m 9s
—Lessons Learned 1m 34s
—Incident Reporting 3m 31s
—Recovery and Reconstitution Procedures 1m 24s
—First Responder 1m 54s
—Incident Isolation 3m 7s
—Data Breach 3m 58s
—Damage and Loss Control 2m 13s
—Module Review 1m 10s

Security Related Awareness and Training
- 30m 19s

—Module Overview 1m 19s
—Security Policy Training and Procedures 2m 50s
—Validate Compliance and Security Posture 1m 8s
—Role Based Training 1m 14s
—Personally Identifiable Information 1m 19s
—Information Classification 1m 59s
—Data Labeling, Handling, and Disposal 2m 24s
—Compliance 3m 45s
—User Habits 6m 42s
—New Threats, Security Trends, and Alerts 2m 49s
—Use of Social Networking and P2P 2m 58s
—Module Review 1m 47s

Physical and Environmental Controls
- 41m 44s

—Module Overview 1m 25s
—Environmental Factors 1m 44s
—HVAC 1m 56s
—Fire Suppression 3m 9s
—EMI Shielding 2m 48s
—Hot and Cold Aisles 2m 49s
—Environmental Monitoring 1m 57s
—Temperature and Humidity Controls 1m 43s
—Physical Security, Locks, Mantraps, and Video Surveillance 4m 4s
—Fencing 1m 33s
—Proximity Readers and Access Lists 2m 25s
—Proper Lighting and Signs 2m 29s
—Barricades 1m 13s
—Biometrics 1m 3s
—Protected Distribution Systems 4m 15s
—Alarms and Motion Detection 2m 39s
—Control Types 4m 23s

Risk Management Best Practices
- 52m 32s

—Module Overview 1m 15s
—Business Continuity Concepts 2m 14s
—Business Impact Analysis 3m 14s
—Identification of Critical Systems and Components 1m 36s
—Removing Single Points of Failure 1m 37s
—Business Continuity Planning and Testing 2m 46s
—Risk Assessment and Continuity of Operations 2m 35s
—Disaster Recovery Planning 3m 44s
—IT Contingency Planning 2m 48s
—Succession Planning 1m 34s
—High Availability 3m 40s
—Redundancy 4m 30s
—Tabletop Exercises 2m 33s
—Fault Tolerance 1m 45s
—RAID 4m 6s
—Clustering 1m 39s
—Load Balancing 1m 42s
—Servers 0m 50s
—Backup Plans, Execution, and Frequency 3m 53s
—Hot, Warm, and Cold Sites 4m 21s

Appropriate Controls to Meet Security Goals
- 29m 40s

—Module Overview 2m 34s
—Encryption 2m 58s
—Access Controls 0m 49s
—Steganography 6m 15s
—Digital Signatures 2m 32s
—Certificates 3m 6s
—Availability, Redundancy, Fault Tolerance, and Patching 3m 24s
—Safety 1m 47s
—Lighting 0m 56s
—Locks 0m 42s
—CCTV 0m 53s
—Escape Plans, Escape Routes, and Drills 1m 50s
—Testing Controls 1m 47s

Course Fee:

USD 29

Course Type:	Self-Study
Course Status:	Active
Workload:	1 - 4 hours / week

This course is listed under Development & Implementations , Networks & IT Infrastructure , Operating Systems , IT Security & Architecture , Quality Assurance & Testing , Server & Storage Management and IT Compliance & Audit Community

Attended this course? Write a Review

Course Fee:

USD 29

Course Type:	Self-Study
Course Status:	Active
Workload:	1 - 4 hours / week

IT Career Development Platform

CompTIA Security+ (SY0-401) Compliance and Operational Security

Pluralsight

Course Summary

Course Description

Course Description

Course Syllabus

Course Type:

Course Status:

Workload:

CompTIA

Testing

High Availability

Security policy

Redundant Array of Independent Disks (RAID)

Peer-to-Peer (P2P)

Load balancing

Industry Standard Architecture (ISA)

Impact Analysis

Encryption

Attended this course? Write a Review

Course Type:

Course Status:

Workload: