—Course Overview
1m 44s
—Introduction
5m 24s
Fundamental Security Principles
- 35m 32s
—Introduction
2m 8s
—Security and Risk Management Fundamentals
3m 28s
—Balancing Business and Security
2m 7s
—The CIA Triad
9m 19s
—Accountability and Assurance
4m 40s
—Control Types
2m 42s
—Delaying, Preventing, or Detecting Attacks
4m 45s
—Due Care and Due Diligence
2m 10s
—Ethics
3m 6s
—Conclusion
1m 3s
Legal and Regulatory
- 13m 4s
—Introduction
1m 11s
—Legal Systems
1m 4s
—Criminal and Civil Law
3m 0s
—Administrative Law
2m 35s
—Important Laws
4m 39s
—Summary
0m 32s
—Introduction
0m 57s
—Computers Can Be Used for EVIL
1m 35s
—Some Hack Just Because They Can
2m 52s
—It's All About the Money
2m 40s
—Spies Are Real
2m 5s
—Payback and Government Hackers
3m 8s
—Theft, Vandalism, and Trespass
2m 17s
—Fraud, Spam, and Slander
2m 53s
—Conclusion
1m 43s
Intellectual Property
- 6m 3s
—Introduction
0m 47s
—Patents
2m 6s
—Trademarks and Trade Secrets
1m 26s
—Copyrights
1m 17s
—Summary
0m 26s
—Introduction
1m 24s
—Privacy Matters
4m 47s
—Privacy Law Examples
8m 57s
—Conclusion
0m 56s
—Introduction
0m 43s
—Reasons for Licensing
1m 59s
—License Types
0m 32s
—Open Versus Closed Source Licensing
2m 23s
—Commercial Versus Non-commercial Licensing
3m 20s
—End User License Agreements
0m 34s
—Free Software
1m 48s
—Demo and Trial Licenses
1m 17s
—Shareware
0m 54s
—Academic Software Licensing
0m 46s
—Summary
0m 41s
Trans-border Data Flow
- 8m 17s
—Introduction
1m 1s
—Trans-border Data Flow
4m 6s
—Import and Export Controls
2m 12s
—Summary
0m 56s
Security Awareness
- 15m 39s
—Introduction
1m 12s
—Develop a Culture of Security Awareness
4m 34s
—Types of Security Awareness
2m 1s
—Expected Impact of Training
2m 25s
—Awareness Validation
4m 27s
—Summary
0m 57s
Aligning Security to the Organization
- 16m 30s
—Introduction
1m 15s
—Governance
0m 57s
—Roles and Responsibilities
7m 11s
—Organizational Objectives
1m 33s
—Security Goals
2m 57s
—Security Mission
1m 37s
—Conclusion
0m 58s
Creating Policies, Procedures, Guidelines, and Baselines
- 19m 6s
—Introduction
0m 58s
—Security Frameworks Introduction
3m 46s
—Effective Policies and Procedures
3m 16s
—Policy Sections
2m 51s
—Procedures
3m 1s
—Guidelines
1m 17s
—Baselines
2m 29s
—Summary
1m 25s
Continuity Planning and Disaster Recovery
- 11m 4s
—Introduction
1m 9s
—Business Continuity Process
1m 15s
—Conducting a Business Impact Analysis
1m 0s
—Disaster Recovery Planning vs. Business Continuity Planning
1m 42s
—Testing Your Plans
1m 32s
—Disaster Events
0m 40s
—Recovering from Disaster
1m 6s
—Disaster Recovery Controls
2m 1s
—Conclusion
0m 34s
Threat Modeling
- 14m 10s
—Introduction
1m 8s
—Threat Modeling Overview
2m 9s
—Threat Modeling Focus
2m 26s
—Threat Model - Scoping
1m 27s
—Reviewing the Architecture
1m 16s
—Decomposing
0m 50s
—Threat Identification using STRIDE
2m 26s
—Defining and Documenting Countermeasures
0m 40s
—Prioritization
0m 42s
—Summary
1m 1s
Risk Assessment Concepts
- 16m 52s
—Introduction
1m 22s
—Threats
2m 6s
—Threat Source
1m 43s
—Vulnerabilities
1m 15s
—Risk
0m 27s
—Risk Assessments
1m 38s
—Risk Assessment Methodologies
1m 41s
—Real World Threats and Vulnerabilities
1m 32s
—Assessment Approach
0m 51s
—Analysis Approach
0m 58s
—Risk Acceptance and Assignment
1m 24s
—Common Calculations
1m 3s
—Conclusion
0m 47s
Countermeasure Selection Process
- 15m 8s
—Introduction
1m 37s
—What Is a Countermeasure?
1m 30s
—Control Variations
1m 23s
—Control Types
2m 34s
—Control Considerations
1m 50s
—Assessing Control Strength
1m 42s
—Countermeasure Assurance
0m 35s
—Example Countermeasures
2m 48s
—Conclusion
1m 4s
—Introduction
1m 43s
—Risk Management Framework
0m 46s
—Leveraging Frameworks
1m 8s
—NIST Risk Management Framework RMF
4m 43s
—FAIR
2m 23s
—OCTAVE Allegro
1m 25s
—Summary
0m 52s