Security risks are everywhere, including with third-parties. In this video, you’ll learn about risks associated with vendors, the supply chain, business partners, and more. << Previous Video: Personnel Security Next: Managing Data >> If you are part of a company, then you’re certainly going to be working with some third party vendors. These could be …
Third-party Risk Management – SY0-601 CompTIA Security+ : 5.3 Read More »
There are many security policies required to protect employee data. In this video, you’ll learn about acceptable use policies, least privilege, background checks, user training, and more. << Previous Video: Secure Configurations Next: Third-party Risk Management >> Most organizations will have a documented set of rules called an Acceptable Use Policy, or an AUP. This …
Personnel Security – SY0-601 CompTIA Security+ : 5.3 Read More »
The default configuration of a system is rarely the most secure. In this video, you’ll learn about secure configurations for web servers, operating systems, application servers, and network infrastructure devices. << Previous Video: Security Frameworks Next: Personnel Security >> If you’ve installed a server, an operating system, or some other device, the default configuration is …
Security Configurations – SY0-601 CompTIA Security+ : 5.2 Read More »
The industry provides many options for determining best practices and frameworks for IT security. In this video, you’ll learn about the CIS CSC, NIST RMF, NIST CSF, ISO/IEC frameworks, SSAE SOC 2, and the CSA CCM. << Previous Video: Security Regulations and Standards Next: Secure Configurations >> If you’re just starting off in IT security, …
Security Frameworks – SY0-601 CompTIA Security+ : 5.2 Read More »
It’s important for security professionals to be aware of any compliance regulations. In this video, you’ll learn about GDPR and PCI DSS. << Previous Video: Security Controls Next: Security Frameworks >> Along with all the other tasks associated with an IT security professional, you will also be asked to follow certain compliance guidelines. These are …
Security Regulations and Standards – SY0-601 CompTIA Security+ : 5.2 Read More »
There are many different risks to manage using existing security controls. In this video, you’ll learn about managerial, operational, technical, preventive, detective, corrective, deterrent, compensating, and physical security controls. << Previous Video: Managing Evidence Next: Security Frameworks >> As IT security professionals, you will be asked to manage many different kinds of risks that you …
Security Controls – SY0-601 CompTIA Security+ : 5.1 Read More »
Once evidence has been collected, the data must be managed properly. In this video, you’ll learn about data integrity, preservation, e-discovery, data recovery, non-repudiation, and strategic intelligence. << Previous Video: On-Premises vs. Cloud Forensics Next: Security Controls >> When you’re collecting data for evidence, you want to be sure that nothing is going to change …
Managing Evidence – SY0-601 CompTIA Security+ : 4.5 Read More »
Performing forensics in the cloud provides additional challenges to the security professional. In this video, you’ll learn about right-to-audit clauses, regulatory issues, and data breach notification laws. << Previous Video: Forensics Data Acquisition Next: Managing Evidence >> Up to this point, we have been describing our digital forensics process with devices that would be in …
On-Premises vs. Cloud Forensics – SY0-601 CompTIA Security+ : 4.5 Read More »
Capturing digital data is a series of technical challenges. In this video, you’ll learn about capturing data from disk, RAM, swap files, operating systems, firmware, and other sources. << Previous Video: Digital Forensics Next: On-Premises vs. Cloud Forensics >> One challenge you have when collecting data from a system is that some of the data …
Forensics Data Acquisition – SY0-601 CompTIA Security+ : 4.5 Read More »
The gathering digital forensics is often a critically important process. In this video, you’ll learn about legal holds, video capture, admissibility, chain of custody, time offsets, and more. << Previous Video: Security Configurations Next: Forensics Data Acquisition >> Digital forensics describes the process of collecting and protecting information that is usually related to some type …
Digital Forensics – SY0-601 CompTIA Security+ : 4.5 Read More »
