CompTIA Sec+ SY0-401, Part 4 of 8: Operational Security [Deprecated/Replaced]
with expert Ryan Hendricks
Watch trailer
![CompTIA Sec+ SY0-401, Part 4 of 8: Operational Security [Deprecated/Replaced] Trailer](http://dl.learnnowonline.com/content/images/thumbnails/esc4.png)
Course at a glance
Included in these subscriptions:
- Dev & IT Pro Video
- Dev & IT Pro Power Pack
| Release date | 1/15/2016 | |
| Level | Intermediate | |
| Runtime | 1h 20m | |
| Closed captioning | Included | |
| Transcript | Included | |
| eBooks / courseware | N/A | |
| Hands-on labs | N/A | |
| Sample code | N/A | |
| Exams | Included |
Course description
In this course we will discuss security incidents and how to properly manage them. Adding to our understanding of incident response we will cover evidence gathering in depth by focusing on forensics to support an investigation. We will then cover dealings with third parties including different agreements and arrangements and the security issues to keep in mind with those. Finishing the course is the topic of security awareness and training which can either make or break the organization's security stance. This course will cover the CompTIA Security+ objectives 2.2, 2.4, 2.5, and 2.6.
Prerequisites
This course assumes that the user has working knowledge of networks and networking. Ideally, the user should have their CompTIA Network+ certification, but can be replaced with networking experience.
Learning Paths
This course will help you prepare for the following certification and exam:
CompTIA Security+ Certification
SY0-401: CompTIA Security+
Meet the expert
Ryan Hendricks is an experienced instructor who teaches networking and security courses to IT professionals throughout the nation. He currently has the CompTIA Certified Technical Trainer (CTT+ Classroom) and the Cisco Certified Academy Instructor (CCAI) credentials. He holds certifications from (ISC)2, EC-Council, CompTIA, and Cisco. When not on the podium instructing, he delves into IT books, always looking to learn more and keep up with the latest security topics.
Course outline
Operation Security
Incident Response (17:56)
- Introduction (00:21)
- Preparation (01:03)
- Incident Identification (00:44)
- First Responder (01:00)
- Escalation and Notification (00:37)
- CIRT (01:16)
- Mitigation Steps (00:32)
- Incident Isolation (00:33)
- Collecting Evidence (00:41)
- Recovery Procedures (04:11)
- Lessons Learned (00:48)
- Data Breach (00:51)
- Damage and Loss Control (01:07)
- Reporting (03:42)
- Summary (00:23)
Incident Forensics (15:50)
- Introduction (00:18)
- Digital Forensics (00:35)
- Identifying (00:36)
- Order of Volatility (00:58)
- Order of Volitility, Cont. (03:01)
- Capture System Image (02:01)
- Take Hashes (01:19)
- Network Traffic and Logs (00:52)
- Record Time Offsets (01:07)
- Capture Video (00:40)
- Screenshots (00:40)
- Witnesses (00:49)
- Track Man Hours and Expense (00:47)
- Chain of Custody (01:33)
- Summary (00:26)
Third Parties (13:13)
- Introduction (00:20)
- On-Boarding/Off Boarding (01:19)
- Interoperability Agreements (00:53)
- Service Level Agreement (01:33)
- Business Partner Agreement (01:02)
- Memorandum of Understanding (02:34)
- Unauthorized Data Sharing (00:52)
- Data Ownership (01:06)
- Data Backups (01:37)
- Agreement Compliance (01:28)
- Summary (00:26)
Incident Training (33:32)
- Introduction (00:27)
- Security Policy Training (01:18)
- Awareness (00:51)
- Education (01:10)
- Training (02:55)
- Personally Identifiable Info (01:14)
- Classification System (01:44)
- Data Labeling (01:48)
- Data Handling (01:36)
- Data Disposal (01:22)
- Compliance (01:05)
- User Habits (03:14)
- Password Behaviors (01:28)
- Password Example (02:59)
- Password Example, Cont. (02:07)
- Clean Desk (01:10)
- Tailgating and Piggybacking (01:26)
- Personally Owned Devices (00:51)
- New Threats and Trends (00:47)
- Social Networking (00:57)
- Peer to Peer Applications (01:26)
- Statistics (01:07)
- Summary (00:19)