Module 01 – SUPPORTING IT GOVERNANCE AND RISK MANAGEMENT

  1. Workbook (Pdf)
  2. Overview
  3. So You Want To Setup A Lab
  4. Begin At The Beginning – Confidentiality
  5. Begin At The Beginning – Integrity
  6. Begin At The Beginning – Availability
  7. Governance And Risk Management: Overview
  8. Governance And Risk Management: Risk Vocabulary
  9. Governance And Risk Management: Risk Management
  10. Governance And Risk Management: Risk Analysis
  11. Assess Risks: What Is A Security Framework
  12. Assess Risks: ESA Framework Assessment Process
  13. Assess Risks: System Specific Risk Analysis
  14. Assess Risks: Risk Determination
  15. Assess Risks: Guidelines For Assessing Risk
  16. Risk Mitigation: What Is A Aggregate CIA Score
  17. Risk Mitigation: What Are The CVSS And CVE
  18. Risk Mitigation: Risk Responses
  19. Risk Management Documentation: Best Practices
  20. Risk Management Documentation: BCP
  21. Risk Management Documentation: What Is A BIA
  22. Risk Management Documentation: Downtime
  23. Risk Management Documentation: Documents
  24. I.T. Governance And Risk Management – Key Points
  25. Review Quiz (Number of attempts allowed: Unlimited)

Module 03 – USING RESEARCH AND ANALYSIS TO SECURE THE ENTERPRISE

  1. Workbook (Pdf)
  2. Research And Analysis: Industry Trends
  3. Research And Analysis: Artificial Intelligence
  4. Research And Analysis: Requirements For Contracts
  5. Analyze Scenarios To Secure The Enterprise
  6. Using Research And Analysis – Key Points
  7. Review Quiz (Number of attempts allowed: Unlimited)

Module 05 – IMPLEMENTING CRYPTOGRAPHIC TECHNIQUES

  1. Workbook (Pdf)
  2. Encryption
  3. Hashing
  4. Digital Signatures
  5. Blockchain And Bitcoin
  6. Hands On: Configuring A Blockchain
  7. Public Key Infrastructure PKI – Design
  8. Public Key Infrastructure PKI – Concepts
  9. Cryptography Concepts
  10. Stream Vs. Block Ciphers
  11. Implement Cryptography
  12. Implementing Cryptographic Techniques – Key Points
  13. Review Quiz (Number of attempts allowed: Unlimited)

Module 07 – SECURITY CONTROLS FOR MOBILE DEVICES

  1. Workbook (Pdf)
  2. Mobile Deployment Models
  3. MDM Concepts And Vocabulary
  4. MDM Concepts And Vocabulary Part 2
  5. Storage
  6. Concepts And Vocabulary
  7. Concepts And Vocabulary Part 2
  8. Security Controls For Mobile Devices – Key Points
  9. Review Quiz (Number of attempts allowed: Unlimited)

Module 09 – IMPLEMENTING SECURITY IN THE SYSTEMS AND SOFTWARE DEVELOPMENT LIFECYCLE

  1. Workbook (Pdf)
  2. What Is The Systems Development Life Cycle SDLC
  3. Development Methodologies
  4. What Are The SDLC Phases
  5. Security Requirements Traceability Matrix SRTM
  6. Common Software Development Approaches
  7. Common Software Development Methods
  8. What About Validation And Acceptance Testing
  9. SDLC Review Questions
  10. Secure Vs Insecure Direct Object References
  11. Error Exception Handling Try…Catch Statements
  12. What Is Privilege Escalation
  13. Overflows And Canaries
  14. Memory Leaks
  15. Races And Exhaustion
  16. What Is SQL Injection
  17. What Is Session…
  18. What Is A Cross-Site Scripting XSS Attack
  19. Cross-Site Request Forgery XSRF/CSRF Attack
  20. What About Clickjacking And Cookie Hijacking
  21. What Is Security By…
  22. Input Validation Fuzzing Application Sandboxing
  23. WS-Security DAM And Software Assurance Tech
  24. Implementing Security In The SDLC – Key Points
  25. Review Quiz (Number of attempts allowed: Unlimited)

Module 11 – CONDUCTING SECURITY ASSESSMENTS

  1. Workbook (Pdf)
  2. Security Assessments: Types
  3. Security Assessments: Application Code Review
  4. Going Deeper: Vulnerability Scanning
  5. Going Deeper: Testing Software
  6. Software Testing Types
  7. Software Testing Types Part 2
  8. Logs, Memory And Debugging
  9. Social Engineering
  10. OSINT, Self-Assessments And Teaming
  11. Security Assessments – Review Questions
  12. Vulnerability Scanner (Nikto)
  13. Port Scanner (Zenmap)
  14. Protocol Analyzer (Wireshark)
  15. Network Enumerator (Zenmap)
  16. Password Cracker (John The Ripper)
  17. Using A Fuzzer In Kali Linux
  18. HTTP Interceptor (Burp Suite)
  19. Exploitation Framework (Social-Engineer Toolkit)
  20. Log Analysis In Kali (Grep And Cut)
  21. OpenSCAP
  22. Reverse Engineering (Strace)
  23. Conducting Security Assessments – Key Points
  24. Review Quiz (Number of attempts allowed: Unlimited)

Module 02 – LEVERAGING COLLABORATION TO SUPPORT SECURITY

  1. Workbook (Pdf)
  2. Collaboration: GRC And Controls
  3. Collaboration: What Is An SCA
  4. Collaboration: Solutions
  5. Leveraging Collaboration – Key Points
  6. Review Quiz (Number of attempts allowed: Unlimited)

Module 04 – INTEGRATING ADVANCED AUTHENTICATION AND AUTHORIZATION TECHNIQUES

  1. Workbook (Pdf)
  2. Authentication And Access Control
  3. Authentication Factors And Controls
  4. Authentication Types
  5. Centralized Remote Authentication Services
  6. Deep Dive: RADIUS
  7. Deep Dive: 802.1X
  8. What Is Authorization/OAuth2.0
  9. What Is XACML
  10. Trusts Models And Kerberos
  11. Trust Models And Kerberos Part 2
  12. Directory Services And LDAP
  13. Hands On: Establishing Peer Trusts
  14. Authentication And Authorization Review Questions
  15. Advanced Identity Concepts And Vocabulary
  16. Identity Federation Methods
  17. Advanced Identity Review Questions
  18. Authentication And Authorization: Key Points
  19. Review Quiz (Number of attempts allowed: Unlimited)

Module 06 – IMPLEMENTING SECURITY CONTROLS FOR HOSTS

  1. Workbook (Pdf)
  2. Host Concepts And Vocabulary
  3. Product Evaluation Models – TCSEC
  4. Product Evaluation Models – ITSEC
  5. Product Evaluation Models – Common Criteria
  6. What Is A Trusted OS
  7. Types Of Security Models
  8. Bell-LaPadula
  9. Biba
  10. Clark-Wilson And Others
  11. Access Control Concepts
  12. Role-Based Access Control (RBAC)
  13. Other Access Control Models
  14. Endpoint Security
  15. Host Review Questions
  16. Hardening Hosts Concepts And Vocabulary
  17. Peripherals
  18. Full Disk Encryption
  19. Hands-On: Hardening Windows Hosts, AppLocker
  20. Virtualization Concepts And Vocabulary
  21. Common VM Vulnerabilities
  22. Hands-On: Creating Securing VM Using Virtualbox
  23. Boot Loader Concepts And Vocabulary
  24. Hands-On: Protecting Boot Loaders
  25. Implementing Security Controls Hosts Key Points
  26. Review Quiz (Number of attempts allowed: Unlimited)

Module 08 – IMPLEMENTING NETWORK SECURITY

  1. Workbook (Pdf)
  2. IDSs Vs IPSs Casp
  3. What Is A SIEM System
  4. Network Security Concepts And Vocabulary
  5. Hands-On Deploy Network Security Platform OPNsense
  6. SoC, BASs, ICS And SCADA
  7. Network-Enabled Devices Review Questions
  8. Remote Access And IPv6
  9. Network Authentication
  10. Network Topologies And SDN
  11. Optimizing Resource Placement
  12. Advanced Network Design Review Questions
  13. Network Security Controls Concepts Vocabulary
  14. VLANS And Network Data Flow
  15. DPI And HTTPS Inspection
  16. Network Device Configurations
  17. NAC And Alerting
  18. Hands On: Implementing Network Monitoring Ntopng
  19. Implementing Network Security – Key Points
  20. Review Quiz (Number of attempts allowed: Unlimited)

Module 10 – INTEGRATING ASSETS IN A SECURE ENTERPRISE ARCHITECTURE

  1. Workbook (Pdf)
  2. Integrate Best Practices In Enterprise Security
  3. Technical Deployment Models: What Is A Model
  4. Technical Deployment Models: What Is Cloud
  5. Cloud Security Services In The Enterprise
  6. Secure Design: Vocabulary And Concepts
  7. Secure Design: Vocabulary And Concepts Part 2
  8. Secure Design: Review Questions
  9. Data Security: Owners, Processors And Sovereignty
  10. Data Security: Data Flow Security
  11. Data Security: Data Remanence
  12. Data Security: Provisioning And Deprovisioning
  13. Data Security: Review Questions
  14. Enterprise Applications: What Are They
  15. Enterprise Applications: Directory Svcs, DNS
  16. Enterprise Applications: Directory Svsc, DNS Pt.2
  17. Enterprise Applications: Hands On With DNS RRs
  18. DNSSEC, Zone Transfers And TSIGs
  19. DNSSEC, Zone Transfers And TSIG Part 2
  20. DNSSEC, Zone Transfers And TSIG Part 3
  21. Hands On With DNSSEC
  22. Enterprise Applications: Configuration Management
  23. Enterprise Applications: Review Questions
  24. Integrating Assets – Key Points
  25. Review Quiz (Number of attempts allowed: Unlimited)

Module 12 – RESPONDING TO AND RECOVERING FROM INCIDENTS

  1. Workbook (Pdf)
  2. Concepts And Vocabulary
  3. Incident Response Facilitators
  4. Incident Response Facilitators Part 2
  5. E-Discovery
  6. Incident Response Review Questions
  7. What Is COOP
  8. CSIRTs And Common Tools
  9. Evidence Collection And Handling
  10. Types Of Evidence
  11. Five Rules Of Evidence 5 B’s
  12. Principles Of Criminalistics
  13. Investigation Process
  14. Forensic Analysis Of Compromised Systems
  15. What Is The Order Of Volatility
  16. Conducting Forensic Analysis With Autopsy
  17. Responding To Incidents – Key Points
  18. Review Quiz (Number of attempts allowed: Unlimited)