Learn your way! Get started

CompTIA Sec+ SY0-401, Part 4 of 8: Operational Security [Deprecated/Replaced]

with expert Ryan Hendricks


Watch trailer


Course at a glance

Included in these subscriptions:

  • Dev & IT Pro Video
  • Dev & IT Pro Power Pack

Release date 1/15/2016
Level Intermediate
Runtime 1h 20m
Closed captioning Included
Transcript Included
eBooks / courseware N/A
Hands-on labs N/A
Sample code N/A
Exams Included


Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More



Course description

In this course we will discuss security incidents and how to properly manage them. Adding to our understanding of incident response we will cover evidence gathering in depth by focusing on forensics to support an investigation. We will then cover dealings with third parties including different agreements and arrangements and the security issues to keep in mind with those. Finishing the course is the topic of security awareness and training which can either make or break the organization's security stance. This course will cover the CompTIA Security+ objectives 2.2, 2.4, 2.5, and 2.6.

Prerequisites

This course assumes that the user has working knowledge of networks and networking. Ideally, the user should have their CompTIA Network+ certification, but can be replaced with networking experience.

Learning Paths

This course will help you prepare for the following certification and exam:
CompTIA Security+ Certification
SY0-401: CompTIA Security+

Meet the expert

Ryan Hendricks is an experienced instructor who teaches networking and security courses to IT professionals throughout the nation. He currently has the CompTIA Certified Technical Trainer (CTT+ Classroom) and the Cisco Certified Academy Instructor (CCAI) credentials. He holds certifications from (ISC)2, EC-Council, CompTIA, and Cisco. When not on the podium instructing, he delves into IT books, always looking to learn more and keep up with the latest security topics.

Course outline



Operation Security

Incident Response (17:56)
  • Introduction (00:21)
  • Preparation (01:03)
  • Incident Identification (00:44)
  • First Responder (01:00)
  • Escalation and Notification (00:37)
  • CIRT (01:16)
  • Mitigation Steps (00:32)
  • Incident Isolation (00:33)
  • Collecting Evidence (00:41)
  • Recovery Procedures (04:11)
  • Lessons Learned (00:48)
  • Data Breach (00:51)
  • Damage and Loss Control (01:07)
  • Reporting (03:42)
  • Summary (00:23)
Incident Forensics (15:50)
  • Introduction (00:18)
  • Digital Forensics (00:35)
  • Identifying (00:36)
  • Order of Volatility (00:58)
  • Order of Volitility, Cont. (03:01)
  • Capture System Image (02:01)
  • Take Hashes (01:19)
  • Network Traffic and Logs (00:52)
  • Record Time Offsets (01:07)
  • Capture Video (00:40)
  • Screenshots (00:40)
  • Witnesses (00:49)
  • Track Man Hours and Expense (00:47)
  • Chain of Custody (01:33)
  • Summary (00:26)
Third Parties (13:13)
  • Introduction (00:20)
  • On-Boarding/Off Boarding (01:19)
  • Interoperability Agreements (00:53)
  • Service Level Agreement (01:33)
  • Business Partner Agreement (01:02)
  • Memorandum of Understanding (02:34)
  • Unauthorized Data Sharing (00:52)
  • Data Ownership (01:06)
  • Data Backups (01:37)
  • Agreement Compliance (01:28)
  • Summary (00:26)
Incident Training (33:32)
  • Introduction (00:27)
  • Security Policy Training (01:18)
  • Awareness (00:51)
  • Education (01:10)
  • Training (02:55)
  • Personally Identifiable Info (01:14)
  • Classification System (01:44)
  • Data Labeling (01:48)
  • Data Handling (01:36)
  • Data Disposal (01:22)
  • Compliance (01:05)
  • User Habits (03:14)
  • Password Behaviors (01:28)
  • Password Example (02:59)
  • Password Example, Cont. (02:07)
  • Clean Desk (01:10)
  • Tailgating and Piggybacking (01:26)
  • Personally Owned Devices (00:51)
  • New Threats and Trends (00:47)
  • Social Networking (00:57)
  • Peer to Peer Applications (01:26)
  • Statistics (01:07)
  • Summary (00:19)