Professor Messer

The industry provides many options for determining best practices and frameworks for IT security. In this video, you’ll learn about the CIS CSC, NIST RMF, NIST CSF, ISO/IEC frameworks, SSAE SOC 2, and the CSA CCM. << Previous Video: Security Regulations and Standards Next: Secure Configurations >> If you’re just starting off in IT security, […]

It’s important for security professionals to be aware of any compliance regulations. In this video, you’ll learn about GDPR and PCI DSS. << Previous Video: Security Controls Next: Security Frameworks >> Along with all the other tasks associated with an IT security professional, you will also be asked to follow certain compliance guidelines. These are

There are many different risks to manage using existing security controls. In this video, you’ll learn about managerial, operational, technical, preventive, detective, corrective, deterrent, compensating, and physical security controls. << Previous Video: Managing Evidence Next: Security Frameworks >> As IT security professionals, you will be asked to manage many different kinds of risks that you

Once evidence has been collected, the data must be managed properly. In this video, you’ll learn about data integrity, preservation, e-discovery, data recovery, non-repudiation, and strategic intelligence. << Previous Video: On-Premises vs. Cloud Forensics Next: Security Controls >> When you’re collecting data for evidence, you want to be sure that nothing is going to change

Performing forensics in the cloud provides additional challenges to the security professional. In this video, you’ll learn about right-to-audit clauses, regulatory issues, and data breach notification laws. << Previous Video: Forensics Data Acquisition Next: Managing Evidence >> Up to this point, we have been describing our digital forensics process with devices that would be in

Capturing digital data is a series of technical challenges. In this video, you’ll learn about capturing data from disk, RAM, swap files, operating systems, firmware, and other sources. << Previous Video: Digital Forensics Next: On-Premises vs. Cloud Forensics >> One challenge you have when collecting data from a system is that some of the data

The gathering digital forensics is often a critically important process. In this video, you’ll learn about legal holds, video capture, admissibility, chain of custody, time offsets, and more. << Previous Video: Security Configurations Next: Forensics Data Acquisition >> Digital forensics describes the process of collecting and protecting information that is usually related to some type

A secure configuration can be designed to include many different features. In this video, you’ll learn about isolation, containment, segmentation, and SOAR. << Previous Video: Endpoint Security Configuration Next: Digital Forensics >> Our latest generation of firewalls allows us to allow or deny certain applications from traversing the network. This means the firewall might allow

Security administrators use a few different philosophies when configuring security policies on endpoints. In this video, you’ll learn about approval lists, block lists, quarantine areas, and the criteria used for application approval lists. << Previous Video: Log Management Next: Security Configurations >> When we refer to the endpoint, we’re talking about the devices that we

Security monitoring processes create extensive logs and data. In this video, you’ll learn about transferring, storing, and reporting on logs created from journalctl, metadata, NetFlow, IPFIX, sFlow, protocol analyzers, and more. << Previous Video: Log Files Next: Endpoint Security Configuration >> One of the standard methods for transferring log files from one device to a