Oreilly - CompTIA Security+ (SY0-401) Complete Video Course
by Michael J. Shannon | Publisher: Pearson IT Certification | Release Date: May 2014 | ISBN: 9780133888706
10+ Hours of Video InstructionOverviewCompTIA Security+ (SY0-401) Complete Video Courseis an engaging self-paced video training solution that provides learners with over 10 hours of personal, visual instruction from an expert trainer who has over a decade of practical teaching experience. Through the use of topic-focused instructional videos you will gain an in-depth understanding of the CompTIA Security+ SY0-401 exam as well as a deeper understanding of security so you master the key foundational principles for securing a network and managing risk. Included with the product are dynamic and interactive hands-on exercises and quizzes so you can test your knowledge while you study. The course also includes a practice exam which is based on the updated Security + exam.DescriptionCompTIA Security+ (SY0-401) Complete Video Coursecontains over 10 hours of training with content divided into 6 parts with 32 video lessons. The videos consist of live trainer discussions, screencasts, animations, and live demos. The video lessons in this course review each exam objective so you can use this course as a complete study tool for taking the CompTIA Security+ SY0-401 exam. Instruction throughout offers detailed explanations, demos, tips, and more.Major sections are as follows:Part 1: Understanding Network SecurityLesson 1: Understanding Enterprise Security ConceptsLesson 2: Identifying Infrastructure DevicesLesson 3: Understanding Security Devices and SystemsLesson 4: Explaining Network Design ComponentsLesson 5: Exploring Secure Network AdministrationLesson 6: Wireless Networking SecurityLesson 7: Part 1 SummaryPart 2: Understanding Threats and VulnerabilitiesLesson 8: Recognizing Malware TypesLesson 9: Exploring Prevalent Attack MethodsLesson 10: Understanding Threat ManagementLesson 11: Deploying Threat Discovery ToolsLesson 12: Part 2 SummaryPart 3: Understanding Compliance and Operational SecurityLesson 13: Understanding Risk Related ConceptsLesson 14: Examining the Importance for Security AwarenessLesson 15: Exploring Incident Response and ForensicsLesson 16: Implementing Physical Security and Environmental ControlsLesson 17: Part 3 SummaryPart 4: Understanding Application, Data, and Host SecurityLesson 18: Examining Application Attack TypesLesson 19: Explaining Application Security Controls and TechniquesLesson 20: Summarizing Mobile Security ConceptsLesson 21: Establishing Host SecurityLesson 22: Understanding Data Security ControlsLesson 23: Part 4 SummaryPart 5: Understanding Access Control and Identity ManagementLesson 24: Understanding AAA ServicesLesson 25: Comparing Authentication ServicesLesson 26: Securing Account ManagementLesson 27: Part 5 SummaryPart 6: Understanding CryptographyLesson 28: Exploring Cryptographic ConceptsLesson 29: Understanding Choices in Algorithms and MethodsLesson 30: Exploring Protocols for Secure TransportLesson 31: Understanding PKILesson 32: Part 6 SummaryAbout the InstructorMichael J Shannonbegan his IT career when he transitioned from recording studio engineer to network engineer for a major telecommunications company in the early 1990's. He began to focus on security and was one of the first 10 people to attain the HIPAA Certified Security Specialist. He has worked as an employee, contractor, and consultant for several companies including Platinum Technologies, Fujitsu, IBM, State Farm, and MindSharp among others. He has attained the CCSI, CCNP Security, CISSP, ITIL Intermediate SO and RCV, and Security+ certifications in the security field. He is presently a senior technical instructor for Skillsoft Corp.Skill LevelBeginning to intermediateWho Should Take This CoursePrimary audience—CompTIA Security+ certification candidatesSecondary audience—Anyone in an information security role looking to gain a practical understanding of computer security. This includes administrators, technicians, and network engineers who are responsible for securing IT infrastructure, and additionally the personnel in management or sales roles that deal with information security topics. Government workers and contractors looking to work in security.Course Requirements2-3 years of experience in IT networking, network storage, or data center administrationTable of ContentsPart 1—Understanding Network SecurityLesson 1: Understanding Enterprise Security Concepts1.1 Introducing Security+1.2 Defining CIA, Control Types, and Control MethodsLesson 2: Identifying Infrastructure Devices2.1 Defining Switches, Routers, and Multilayer Switches2.2 Understanding Load Balancers, Proxies, and Gateways2.3 Identifying Clients and Servers2.4 Discovering Specialty and Emerging TechnologyLesson 3: Understanding Security Devices and Systems3.1 Using Firewalls3.2 Using IDS and IPS3.3 Using VPN Gateways and Concentrators3.4 Using Application Layer Inspection3.5 Using Unified Threat ManagementLesson 4: Explaining Network Design Components4.1 Defining Subnetting and Summarization4.2 Defining VLANs and PVLANs4.3 Defining NAT and PAT4.4 Defining Security Zones and DMZs4.5 Defining Defense in Depth4.6 Defining Telephony and Conferencing4.7 Defining Virtualization4.8 Defining Cloud Computing and Personal Cloud Services4.9 Defining NAC and Remote AccessLesson 5: Exploring Secure Network Administration5.1 Understanding Security Policies5.2 Common Protocols and Services5.3 Exploring Management Protocols and Services5.4 Examining Rule-Based vs. Role-Based5.5 Implementing Local and Centralized Management5.6 Exploring Layer 2 Security Administration5.7 Exploring Layer 3 Security AdministrationLesson 6: Wireless Networking Security6.1 Understanding Wireless Fundamentals6.2 Deploying Wireless Networks6.3 Surveying the Evolution of Wireless SecurityLesson 7: Part 1 Summary7.1 Part 1 SummaryPart 2—Understanding Threats and VulnerabilitiesLesson 8: Recognizing Malware Types8.1 Defining Threats and Vulnerabilities8.2 Recognizing Prevalent Malware Types8.3 Recognizing Polymorphic, Hybrid, and Emerging MalwareLesson 9: Exploring Prevalent Attack Methods9.1 Defining Spoofing and Man-in-the-middle9.2 Defining DoS, DDoS, Flooding, and Replaying9.3 Defining Spam, Spim, Phishing, Whaling, Pharming, and Vishing9.4 Defining Password Cracking and Poisoning9.5 Defining Specialty Web Attacks9.6 Defining Social Engineering Attacks9.7 Surveying Wireless AttacksLesson 10: Understanding Threat Management10.1 Examining Device Hardening10.2 Examining Monitoring and Logging10.3 Examining ReportingLesson 11: Deploying Threat Discovery Tools11.1 Understanding Assessment Concepts11.2 Surveying Assessment Tools and Vulnerability Scanning11.3 Explaining Penetration Testing11.4 Examining White, Gray and Black Box TestingLesson 12: Part 2 Summary12.1 Part 2 SummaryPart 3—Understanding Compliance and Operational SecurityLesson 13: Understanding Risk Related Concepts13.1 Examining Risk Reduction Principles13.2 Comparing Quantitative vs. Qualitative Analysis13.3 Calculating Risk13.4 Handling Risk13.5 Understanding Risks of 3rd Party Integration13.6 Mitigating Risk13.7 Recognizing Risk Management Best Practices13.8 Surveying Fault Tolerance13.9 Understanding Disaster Recovery ConceptsLesson 14: Examining the Importance for Security Awareness14.1 Recognizing the Need for Training14.2 Examining Information Classification14.3 Recognizing User HabitsLesson 15: Exploring Incident Response and Forensics15.1 Understanding the Need for an IRT15.2 Summarizing the Incident Response Process15.3 Recognizing Recovery and Reconstitution Procedures15.4 Describing Network Forensics15.5 Implementing Basic Forensic ProceduresLesson 16: Implementing Physical Security and Environmental Controls16.1 Recognizing Control Types16.2 Survey of Physical Security Mechanisms16.3 Environmental ControlsLesson 17: Part 3 Summary17.1 Part 3 SummaryPart 4—Understanding Application, Data, and Host SecurityLesson 18: Examining Application Attack Types18.1 Defining the Primary Application Attacks18.2 Defining Injection Attacks18.3 Defining Other Common Application AttacksLesson 19: Explaining Application Security Controls and Techniques19.1 Understanding Secure Coding Concepts19.2 Mitigating Application AttacksLesson 20: Summarizing Mobile Security Concepts20.1 Exploring Mobile Device Security Methods20.2 Surveying Mobile Application Security20.3 Understanding BYOD Issues and ConcernsLesson 21: Establishing Host Security21.1 Examining OS Hardening and Security Settings21.2 Examining Host-Based Firewalls and IPS21.3 Examining Endpoint Virtualization and Cloud Services21.4 Examining Host Hardware SecurityLesson 22: Understanding Data Security Controls22.1 Surveying Storage Types22.2 Understanding Data Encryption22.3 Applying Permissions, Access Controls, and Data Policies22.4 Exploring Alternative CountermeasuresLesson 23: Part 4 Summary23.1 Part 4 SummaryPart 5—Understanding Access Control and Identity ManagementLesson 24: Understanding AAA Services24.1 Defining Authentication Factors24.2 Exploring Authentication/Identification Methods24.3 Understanding Authorization24.4 Examining AccountingLesson 25: Comparing AAA Services25.1 Comparing RADIUS vs. TACACS+ vs. XTACACS25.2 Examining LDAP, Kerberos, and SAMLLesson 26: Securing Account Management26.1 Exploring Common Challenges26.2 Enforcing Account Policy26.3 Examining User and Group Accounts26.4 Striving for Continual ImprovementLesson 27: Part 5 Summary27.1 Part 5 SummaryPart 6—Understanding CryptographyLesson 28 Exploring Cryptographic Concepts28.1 Explaining Cryptographic Mechanisms28.2 Adding Non-Repudiation to CIA28.3 Comparing Steganography and Covert and Overt ChannelsLesson 29 Understanding Choices in Algorithms and Methods29.1 Examining Hashing Algorithms29.2 Examining Symmetric Cryptography29.3 Examining Asymmetric Cryptography29.4 Examining The RC Family of Algorithms29.5 Examining NTLM, NTLMv2, and OTPLesson 30 Exploring Protocols for Secure Transport30.1 Understanding IPSEC30.2 Understanding SSL/TLS30.1 Understanding SSHLesson 31 Understanding PKI31.1 Discovering Public Key Infrastructure31.2 Explaining Certificate Authorities and Management31.4 Exploring Digital SignaturesLesson 32: Part 6 Summary32.1 Part 6 SummaryAbout LiveLessons Video TrainingLiveLessons Video Training series publishes hundreds of hands-on, expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. This professional and personal technology video series features world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, IBM Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include: IT Certification, Programming, Web Development, Mobile Development, Home and Office Technologies, Business and Management, and more. View all LiveLessons at http://www.pearsonitcertification.com/livelessons
- Introduction
- CompTIA Security+ (SY0-401) Complete Video Course: Introduction 00:04:42
- Part 1
- Understanding Network Security 00:00:39
- Lesson 1: Understanding Enterprise Security Concepts
- Learning objectives 00:00:26
- 1.1 Introducing Security+ 00:04:00
- 1.2 Defining CIA, Control Types, and Control Methods 00:18:05
- Lesson 2: Identifying Infrastructure Devices
- Learning objectives 00:00:35
- 2.1 Defining Switches, Routers, and Multilayer Switches 00:12:20
- 2.2 Understanding Load Balancers, Proxies, and Gateways 00:07:34
- 2.3 Identifying Clients and Servers 00:11:25
- 2.4 Discovering Specialty and Emerging Technologies 00:04:41
- Lesson 3: Understanding Security Devices and Systems
- Learning objectives 00:00:30
- 3.1 Using Firewalls 00:08:23
- 3.2 Using IDS and IPS 00:08:29
- 3.3 Using VPN Gateways and Concentrators 00:04:20
- 3.4 Using Application Layer Inspection 00:05:38
- 3.5 Using Unified Threat Management 00:01:50
- Lesson 4: Explaining Network Design Components
- Learning objectives 00:00:43
- 4.1 Defining Subnetting and Summarization 00:10:24
- 4.2 Defining VLANs and PVLANs 00:07:28
- 4.3 Defining NAT and PAT 00:11:07
- 4.4 Defining Security Zones and DMZs 00:03:33
- 4.5 Defining Defense in Depth 00:03:32
- 4.6 Defining Telephony and Conferencing 00:05:25
- 4.7 Defining Virtualization 00:08:46
- 4.8 Defining Cloud Computing and Personal Cloud Services 00:04:12
- 4.9 Defining NAC and Remote Access 00:05:16
- Lesson 5: Exploring Secure Network Administration
- Learning objectives 00:00:32
- 5.1 Understanding Security Policies 00:09:13
- 5.2 Common Protocols and Services 00:05:26
- 5.3 Exploring Management Protocols and Services 00:11:14
- 5.4 Examining Rule-Based vs. Role-Based 00:13:39
- 5.5 Implementing Local and Centralized Management 00:03:47
- 5.6 Layer 2 and Layer 3 Device Hardening 00:04:14
- Lesson 6: Wireless Networking Security
- Learning objectives 00:00:23
- 6.1 Understanding Wireless Fundamentals 00:10:15
- 6.2 Deploying Wireless Networks 00:04:54
- 6.3 Surveying the Evolution of Wireless Security 00:10:23
- Lesson 7: Part 1 Summary
- 7.1 Part 1 Summary 00:02:02
- Part 2
- Understanding Threats and Vulnerabilities 00:00:30
- Lesson 8: Recognizing Malware Types
- Learning objectives 00:00:24
- 8.1 Defining Threats and Vulnerabilities 00:12:15
- 8.2 Recognizing Prevalent Malware Types 00:17:07
- 8.3 Recognizing Polymorphic, Hybrid, and Emerging Malware 00:05:55
- Lesson 9: Exploring Prevalent Attack Methods
- Learning objectives 00:00:37
- 9.1 Defining Spoofing and Man-in-the-Middle 00:07:40
- 9.2 Defining DoS, DDoS, Flooding, and Replaying 00:12:08
- 9.3 Defining Spam, Spim, Phishing, Whaling, Pharming, and Vishing 00:08:16
- 9.4 Defining Password Cracking and Poisoning 00:09:35
- 9.5 Defining Specialty Web Attacks 00:07:56
- 9.6 Defining Social Engineering Attacks 00:05:33
- 9.7 Surveying Wireless Attacks 00:12:14
- Lesson 10: Understanding Threat Management
- Learning objectives 00:00:26
- 10.1 Examining Device Hardening 00:10:44
- 10.2 Examining Monitoring and Logging 00:10:56
- 10.3 Examining Reporting 00:03:12
- Lesson 11: Deploying Threat Discovery Tools
- Learning objectives 00:00:29
- 11.1 Understanding Assessment Concepts 00:10:27
- 11.2 Surveying Assessment Tools and Vulnerability Scanning 00:12:05
- 11.3 Explaining Penetration Testing 00:06:49
- 11.4 Examining White, Black, and Gray Box Testing 00:03:49
- Lesson 12: Part 2 Summary
- Part 3
- Understanding Compliance and Operational Security 00:00:33
- Lesson 13: Understanding Risk Related Concepts
- Learning objectives 00:00:39
- 13.1 Examining Risk Reduction Principles 00:04:19
- 13.2 Comparing Quantitative vs. Qualitative Analysis 00:02:47
- 13.3 Calculating Risk 00:04:26
- 13.4 Handling Risk 00:06:17
- 13.5 Understanding Risks of 3rd Party Integration 00:05:53
- 13.6 Mitigating Risk 00:06:11
- 13.7 Recognizing Risk Management Best Practices 00:03:59
- 13.8 Surveying Fault Tolerance 00:05:07
- 13.9 Understanding Disaster Recovery Concepts 00:06:06
- Lesson 14: Examining the Importance for Security Awareness
- Learning objectives 00:00:28
- 14.1 Recognizing the Need for Training 00:04:15
- 14.2 Examining Information Classification 00:04:56
- 14.3 Recognizing User Habits 00:05:00
- Lesson 15: Exploring Incident Response and Forensics
- Learning objectives 00:00:30
- 15.1 Understanding the Need for an IRT 00:05:28
- 15.2 Summarizing the Incident Response Process 00:05:07
- 15.3 Recognizing Recovery and Reconstitution Procedures 00:03:31
- 15.4 Describing Network Forensics 00:19:51
- Lesson 16: Implementing Physical Security and Environmental Controls
- Learning objectives 00:00:26
- 16.1 Recognizing Control Types 00:03:54
- 16.2 Survey of Physical Security Mechanisms 00:16:44
- 16.3 Environmental Controls 00:08:24
- Lesson 17: Part 3 Summary
- 17.1 Part 3 Summary 00:00:32
- Part 4
- Understanding Application, Data, and Host Security 00:00:37
- Lesson 18: Examining Application Attack Types
- Learning objectives 00:00:26
- 18.1 Defining the Primary Application Attacks 00:07:05
- 18.2 Defining Injection Attacks 00:06:05
- 18.3 Defining Other Common Application Attacks 00:06:38
- Lesson 19: Explaining Application Security Controls and Techniques
- Learning objectives 00:00:25
- 19.1 Understanding Secure Coding Concepts 00:04:21
- 19.2 Mitigating Application Attacks 00:09:59
- Lesson 20: Summarizing Mobile Security Concepts
- Learning objectives 00:00:25
- 20.1 Exploring Mobile Device Security Methods 00:10:13
- 20.2 Surveying Mobile Application Security 00:07:27
- 20.3 Understanding BYOD Issues and Concerns 00:05:27
- Lesson 21: Establishing Host Security
- Learning objectives 00:00:28
- 21.1 Examining OS Hardening and Security Settings 00:11:35
- 21.2 Examining Host-Based Firewalls and IPS 00:09:40
- 21.3 Examining Endpoint Virtualization and Cloud Services 00:10:09
- 21.4 Examining Host Hardware Security 00:06:47
- Lesson 22: Understanding Data Security Controls
- Learning objectives 00:00:28
- 22.1 Surveying Storage Types 00:04:40
- 22.2 Understanding Data Encryption 00:08:42
- 22.3 Applying Permissions, Access Controls, and Data Policies 00:08:49
- 22.4 Exploring Alternative Countermeasures 00:03:10
- Lesson 23: Part 4 Summary
- 22.1 Part 4 Summary 00:00:32
- Part 5
- Understanding Access Control and Identity Management 00:00:34
- Lesson 24: Understanding AAA Services
- Learning objectives 00:00:29
- 24.1 Defining Authentication Factors 00:07:33
- 24.2 Exploring Authentication/Identification Methods 00:13:18
- 24.3 Understanding Authorization 00:12:11
- 24.4 Examining Accounting 00:03:38
- Lesson 25: Comparing AAA Services
- Learning objectives 00:00:24
- 25.1 Comparing RADIUS vs. TACACS+ vs. XTACACS 00:09:20
- 25.2 Examining LDAP, Kerberos, and SAML 00:07:37
- Lesson 26: Securing Account Management
- Learning objectives 00:00:26
- 26.1 Exploring Common Challenges 00:03:43
- 26.2 Enforcing Account Policy 00:11:17
- 26.3 Striving for Continual Improvement 00:02:46
- Lesson 27: Part 5 Summary
- 27.1 Part 5 Summary 00:00:29
- Part 6
- Understanding Cryptography 00:00:30
- Lesson 28: Exploring Cryptographic Concepts
- Learning objectives 00:00:25
- 28.1 Explaining Cryptographic Mechanisms 00:08:57
- 28.2 Adding Non-Repudiation to CIA 00:02:36
- 28.3 Comparing Steganography and Covert and Overt Channels 00:04:04
- Lesson 29: Understanding Choices in Algorithms and Methods
- Learning objectives 00:00:33
- 29.1 Examining Hashing Algorithms 00:08:28
- 29.2 Examining Symmetric Cryptography 00:03:43
- 29.3 Examining Asymmetric Cryptography 00:05:19
- 29.4 Examining The RC Family of Algorithms 00:05:58
- 29.5 Examining NTLM, NTLMv2, and OTP 00:03:28
- Lesson 30: Exploring Protocols for Secure Transport
- Learning objectives 00:00:28
- 30.1 Understanding IPsec 00:12:46
- 30.2 Understanding SSL/TLS 00:04:52
- 30.3 Understanding SSH 00:04:09
- Lesson 31: Understanding PKI
- Learning objectives 00:00:26
- 31.1 Discovering Public Key Infrastructure 00:06:02
- 31.2 Explaining Certificate Authorities and Management 00:08:10
- 31.3 Exploring Digital Signatures 00:01:44
- Lesson 32: Part 6 Summary
- 32.1 Part 6 Summary 00:00:35
- Summary
- CompTIA Security+ (SY0-401) Complete Video Course: Summary 00:02:28
9780133888706.CompTIA.Security.SY0401.Complete.Video.Course.part1.OR.rar
9780133888706.CompTIA.Security.SY0401.Complete.Video.Course.part2.OR.rar