Table of contents
Threats, Vulnerabilities, and Mitigations for CompTIA Security+ - Course Overview 1m 37s
Lock icon
Course Overview | 1m 37s
Common Threat Actors and Motivations 14m 18s
Lock icon
Introduction | 1m 4s
Lock icon
Types of Actors | 6m 56s
Lock icon
Threat Actor Attributes | 36s
Lock icon
Attack Vectors | 5m 42s
Common Threat Vectors and Attack Surfaces 27m 43s
Lock icon
Mobile Traffic, Current State, and Interesting Stats | 2m 41s
Lock icon
Message Based Threat Vectors | 2m 28s
Lock icon
Image Based and File Based Threat Vectors | 2m 18s
Lock icon
Voice Based Threat Vectors | 1m 46s
Lock icon
Additional Threat Vectors | 1m 18s
Lock icon
Vulnerable Software and Misconfigurations | 2m 8s
Lock icon
Shared Accounts and Improperly Configured Accounts | 2m 59s
Lock icon
Open Service Ports and Port Scanning Demo | 3m 20s
Lock icon
Supply Chain Attacks | 3m 19s
Lock icon
Social Engineering, Phishing and Vishing | 3m 38s
Lock icon
Watering Hole Attack | 35s
Lock icon
Type Squatting/URL Hijacking | 1m 13s
Types of Vulnerabilities 29m 20s
Lock icon
Module Intro and Memory/DLL Injection | 3m 50s
Lock icon
Buffer Overflow | 37s
Lock icon
Race Conditions | 2m 30s
Lock icon
Malicious Update and OS-based Update Vulnerabilities | 1m 34s
Lock icon
Cross Site Scripting (XSS) | 1m 56s
Lock icon
SQL Injection | 46s
Lock icon
SQL Injection Demo | 4m 15s
Lock icon
Hardware Vulnerabilities (Firmware, EOL, and Legacy Equipment) | 1m 59s
Lock icon
VM Escape and VM Sprawl Avoidance | 3m 57s
Lock icon
Cloud Vulnerabilities | 3m 15s
Lock icon
Mobile Device Vulnerabilities | 3m 5s
Lock icon
New Threats / Zero Day Vulnerabilities | 1m 36s
Indicators of Malicious Activity 42m 24s
Lock icon
Indicators of Compromise and Crypto-malware | 3m 23s
Lock icon
Trojans and RATs | 47s
Lock icon
Worms | 31s
Lock icon
Spyware | 1m 10s
Lock icon
Bloatware | 1m
Lock icon
Viruses | 58s
Lock icon
Botnets | 1m 8s
Lock icon
Keyloggers | 48s
Lock icon
Logic Bomb | 45s
Lock icon
Rootkits | 4m 47s
Lock icon
Brute Force Attacks | 1m 20s
Lock icon
RFID | 1m 53s
Lock icon
DDoS Attacks | 1m 3s
Lock icon
Amplification Attacks and DNS Poisoning | 1m 56s
Lock icon
Rogue Access Points, Evil Twins and Dissociation | 2m 1s
Lock icon
On-path Attack | 2m 36s
Lock icon
Malicious Code Execution | 1m 18s
Lock icon
Replay Attacks | 1m 21s
Lock icon
Privilege Escalation | 49s
Lock icon
Cross-Site Request Forgery (XSRF) | 2m 12s
Lock icon
Directory Traversal/Command Injection | 1m 36s
Lock icon
Downgrade Attack | 1m 6s
Lock icon
Collision Attack and Birthday Attack | 2m 38s
Lock icon
Password Spraying and IOC Considerations | 5m 18s
Mitigation Techniques Used to Secure the Enterprise 21m 44s
Lock icon
Segmentation, Physical, and Logical | 3m 41s
Lock icon
Virtualization | 1m 10s
Lock icon
Air Gaps | 52s
Lock icon
Access Control Lists (ACLs) and Least Privilege | 3m 32s
Lock icon
Patch Management | 1m 51s
Lock icon
Encryption | 1m 31s
Lock icon
Configuration Enforcement | 2m 17s
Lock icon
SOAR | 2m 45s
Lock icon
Endpoint Detection and Response (EDR) | 45s
Lock icon
Host-based Firewall | 49s
Lock icon
HIDS/HIPS | 2m 31s
Threats, Vulnerabilities, and Mitigations for CompTIA Security+ - Domain Summary 3m 41s
Lock icon
Domain Summary, Key Concepts, and Exam Success Essentials | 3m 41s
Exam Tips and Tricks for CompTIA Security+ - Course Overview 1m 48s
Lock icon
Course Overview | 1m 48s
Exam Overview 9m 20s
Lock icon
Exam Overview | 9m 20s
Tips for Passing the Exam 8m 48s
Lock icon
Exam Tips | 8m 48s
Exam Tips and Tricks for CompTIA Security+ - Domain Summary 2m 23s
Lock icon
Exam Prep Domain Summary | 2m 23s
General Security Concepts for CompTIA Security+ - Course Overview 1m 56s
Lock icon
Course Overview | 1m 56s
Understanding Security Controls 11m 57s
Lock icon
Module Intro and Goals | 2m 41s
Lock icon
Threat Types | 2m 31s
Lock icon
Types of Access Controls and Examples | 6m 45s
Fundamental Security Concepts 20m 33s
Lock icon
Module Overview | 1m 4s
Lock icon
Confidentiality, Integrity, and Availability (CIA) | 2m 52s
Lock icon
Authentication, Authorization, and Accounting (AAA) | 1m 5s
Lock icon
Identification vs. Authentication vs. Authorization | 37s
Lock icon
Multifactor Authentication and Authentication Factors | 1m 36s
Lock icon
Gap Analysis | 1m 35s
Lock icon
Zero Trust | 5m 35s
Lock icon
Infrared, Microwave, and Ultrasonic Physical Controls | 1m 12s
Lock icon
Honeypots, Honeyfiles, and Honeynets | 4m 57s
Change Management Processes and Impacts 17m 41s
Lock icon
Module Intro and Business Processes Impacting Security Operations | 4m 55s
Lock icon
Approval Process | 59s
Lock icon
Additional Change Management Considerations | 2m 42s
Lock icon
Standard Operating Procedures | 2m 7s
Lock icon
Technical Implications | 3m 54s
Lock icon
Documentation and Version Control | 3m 4s
Using Appropriate Cryptographic Solutions 28m 48s
Lock icon
Public Key Infrastructure (PKI) | 3m 11s
Lock icon
Key Escrow | 52s
Lock icon
Encryption Levels | 1m 59s
Lock icon
Symmetric Encryption | 1m 40s
Lock icon
Asymmetric Encryption | 1m 47s
Lock icon
Key Exchange | 28s
Lock icon
Cipher Suites | 1m 12s
Lock icon
Tools (TPM, HSM, KMS, and Secure Enclave) | 1m 49s
Lock icon
Steganography | 50s
Lock icon
Tokenization | 1m 29s
Lock icon
Data Masking | 1m 14s
Lock icon
Hashing | 1m 29s
Lock icon
Salting | 47s
Lock icon
Digital Signatures | 1m 32s
Lock icon
Key Stretching | 2m 7s
Lock icon
Blockchain | 3m 13s
Lock icon
Certificate Authority and CSR | 3m 9s
General Security Concepts for CompTIA Security+ - Domain Summary 3m 40s
Lock icon
Domain Summary | 3m 40s
Security Architecture for CompTIA Security+ - Course Overview 2m 1s
Lock icon
Course Overview | 2m 1s
Security Implications of Different Architecture Models 39m 31s
Lock icon
Module Intro | 49s
Lock icon
Why Is This Important? | 1m 10s
Lock icon
Cloud Responsibility Matrix | 2m 23s
Lock icon
Types of Clouds | 49s
Lock icon
XaaS, PaaS, IaaS, and SaaS | 4m 48s
Lock icon
Infrastructure as Code and CI/CD | 2m 5s
Lock icon
Serverless Computing | 1m 8s
Lock icon
Microservices | 3m 43s
Lock icon
Software Defined Networking (SDN) | 1m 31s
Lock icon
On-prem vs. Off-prem | 1m 38s
Lock icon
Virtualization | 4m 44s
Lock icon
Internet of Things (IoT) | 1m 54s
Lock icon
SCADA and ICS systems | 6m 41s
Lock icon
Embedded Systems Overview | 2m 50s
Lock icon
Embedded System Platforms and RTOS | 3m 18s
Secure Principles to Secure Enterprise Infrastructure 34m 5s
Lock icon
Device Placement Considerations | 2m 24s
Lock icon
Security Zones | 2m 15s
Lock icon
VPN, Segmentation, and Firewalls | 43s
Lock icon
Failure Modes | 1m 14s
Lock icon
Active vs. Passive | 38s
Lock icon
In-line vs. Taps, Monitoring, and Port Mirroring | 3m 57s
Lock icon
Jump Servers and Proxies | 2m 10s
Lock icon
Intrusion Detection Systems (NIDS and NIPS) | 4m 8s
Lock icon
Load Balancer | 3m 38s
Lock icon
Port Security and 802.1x Authentication | 4m 38s
Lock icon
Secure Communication/Access (VPN, TLS and SSL) | 5m 43s
Lock icon
Secure Access Service Edge | 2m 37s
Concepts and Strategies to Protect Data 12m 45s
Lock icon
Why Data Protection Strategies Are Important | 1m 29s
Lock icon
Data Types | 1m 49s
Lock icon
Data Classification | 1m 36s
Lock icon
Types of Data to Secure | 45s
Lock icon
Data Sovereignty | 49s
Lock icon
Geolocation Concerns | 2m 46s
Lock icon
Methods to Secure Data | 3m 31s
Resilience and Recovery in Security Architecture 27m 10s
Lock icon
Why This Is Important | 1m 47s
Lock icon
High Availability | 2m 4s
Lock icon
Multipathing | 1m 25s
Lock icon
Recovery Site Options | 3m 41s
Lock icon
Vendor, Technology, Crypto, and Controls Diversity | 2m 52s
Lock icon
Disaster Recovery Plan | 1m 8s
Lock icon
Business Continuity and Business Resumption Plan | 1m 14s
Lock icon
Incident Management Plan | 45s
Lock icon
Data Retention | 1m 17s
Lock icon
Testing Types (Walkthroughs, Communication, Simulations, Partial, and Full) | 3m 8s
Lock icon
Replication | 40s
Lock icon
On-prem vs. Cloud | 1m 23s
Lock icon
Backup Types (Full, Differential, and Incremental Backups) | 1m 53s
Lock icon
Online vs. Offline Backups | 55s
Lock icon
Distance Considerations | 53s
Lock icon
Non-persistance, Snapshots, and Live Boot Media | 55s
Lock icon
Power Resiliency (UPS, Generators, Dual-supply, and PDUs) | 1m 10s
Security Architecture for CompTIA Security+ - Domain Summary 3m 8s
Lock icon
Domain Summary | 3m 8s
Security Operations for CompTIA Security+ - Course Overview 1m 29s
Lock icon
Course Overview | 1m 29s
Applying Common Security Techniques to Computing Resources 29m 26s
Lock icon
Secure Baselines | 5m 18s
Lock icon
Hardening Targets | 2m 19s
Lock icon
Wireless Considerations (Site Surveys, Heat Maps, and WiFi Analyzers) | 3m 1s
Lock icon
Wireless Band Selection and Width | 1m 11s
Lock icon
Mobile Device Management | 2m 15s
Lock icon
BYOD Concerns | 2m 17s
Lock icon
Cellular Device Security | 3m 2s
Lock icon
WiFi Security | 1m 40s
Lock icon
WPA3 vs. WPA2 | 2m 19s
Lock icon
RADIUS | 2m 50s
Lock icon
Static Code Analysis and Sandboxing | 3m 14s
Security Implications of Proper Hardware, Software, and Data Asset Management 24m 56s
Lock icon
Module Intro and Why Is This Important? | 1m 54s
Lock icon
Acquisition/Procurement Process | 2m 31s
Lock icon
Assignment, Ownership, and Accounting | 1m 38s
Lock icon
Data Ownership and the Information Lifecycle | 1m 53s
Lock icon
Privacy Impacts and Data Classification | 5m 10s
Lock icon
Monitoring and Asset Tracking | 1m 39s
Lock icon
Data Disposal and Decommissioning | 6m 47s
Lock icon
Data Retention | 3m 24s
Activities Associated with Vulnerability Management 33m 39s
Lock icon
Module Intro and Important Key Takeaways | 1m 42s
Lock icon
Vulnerability Scanning | 1m 37s
Lock icon
Demo: Vulnerability Scanning | 2m 31s
Lock icon
Static and Dynamic Code Analysis | 2m 14s
Lock icon
Package Monitoring | 53s
Lock icon
Open Source Intelligence (OSINT) | 3m 11s
Lock icon
Surface, Deep and Dark Web, and the Onion Routing Network | 4m 18s
Lock icon
Penetration Testing | 1m 46s
Lock icon
Lateral Movement | 5m 9s
Lock icon
Bug Bounty | 1m 23s
Lock icon
False Positives and False Negatives | 2m 3s
Lock icon
CVE and CVSS | 4m 42s
Lock icon
Validation and Reporting Considerations | 2m 10s
Security Alerting and Monitoring Concepts and Tools 25m 37s
Lock icon
Module Intro and Important Takeaways | 2m 15s
Lock icon
Monitoring Computing Resources | 1m 1s
Lock icon
Gathering and Correlating Information | 1m 44s
Lock icon
Archiving Data | 1m 25s
Lock icon
Alert Response, Remediation, and Alert Tuning | 3m 33s
Lock icon
SCAP Components | 1m 57s
Lock icon
SIEM, Event Correlation, and Log Management | 2m 52s
Lock icon
Data Loss Prevention | 1m 24s
Lock icon
SNMP Traps | 2m 1s
Lock icon
NetFlow/sFlow/IPFIX | 7m 25s
Modify Enterprise Capabilities to Enhance Security 30m 35s
Lock icon
Module Intro and Key Takeaways | 2m 4s
Lock icon
Firewalls and Security Zones | 2m 14s
Lock icon
Demo: Securing Outbound Traffic with Azure Firewall | 4m 1s
Lock icon
IDS/IPS | 1m 1s
Lock icon
Web Filters and Centralized Proxies | 2m 46s
Lock icon
Operating System Security, GPOs, and SELinux | 2m 4s
Lock icon
Implementation of Secure Protocols | 4m 36s
Lock icon
DNS Resolution and DNS Filtering | 4m 40s
Lock icon
DMARC, SPIF, and DKIM | 3m 2s
Lock icon
File Integrity Monitoring | 58s
Lock icon
Network Access Control (NAC) | 1m 16s
Lock icon
Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) | 1m 53s
Implement and Maintain Identity and Access Management 23m 36s
Lock icon
Module Intro and Key Takeaways | 2m 32s
Lock icon
Provisioning and Deprovisioning Accounts | 1m 33s
Lock icon
Identity Proofing | 1m 10s
Lock icon
Active Directory | 1m 25s
Lock icon
IdP Example | 1m 34s
Lock icon
SAML | 1m 6s
Lock icon
OAuth and OpenID | 2m 2s
Lock icon
Attestation | 2m 4s
Lock icon
Access Controls (MAC, DAC, RBAC, and ABAC) | 3m 17s
Lock icon
Least Privilege | 53s
Lock icon
Biometric Factors and Multifactor Authentication | 2m 7s
Lock icon
Password Best Practices and Password Managers | 2m 22s
Lock icon
Privileged Access Management Tools | 1m 31s
Importance of Automation and Orchestration Related to Secure Operations 22m 15s
Lock icon
Module Intro and User Provisioning/De-Provisioning | 2m 39s
Lock icon
Resource Provisioning, Elasticity, and Scalability | 2m 13s
Lock icon
Guardrails | 46s
Lock icon
Security Groups and Automation | 2m 10s
Lock icon
Ticket Creation | 1m 21s
Lock icon
Continuous Integration and Testing | 5m 6s
Lock icon
API Gateway | 2m 30s
Lock icon
Benefits of Automation and Orchestration | 2m 41s
Lock icon
Other Considerations | 2m 49s
Appropriate Incident Response Activities 34m 53s
Lock icon
Module Intro, Key Takeaways, and Phases of Incident Response | 2m 2s
Lock icon
Preparation, Detection, Analysis, Containment, and Eradication | 5m 6s
Lock icon
Training and Exercise Types | 7m 19s
Lock icon
Root Cause Analysis (RCA) | 1m 51s
Lock icon
Threat Hunting | 3m 29s
Lock icon
Intelligence and Threat Intelligence Lifecycles | 3m 19s
Lock icon
Cyber Kill Chain | 1m 34s
Lock icon
Digital Forensics, Legal Hold, Chain of Custody, and Image Acquisition | 10m 13s
Use Data Sources to Support an Investigation 11m 38s
Lock icon
Module Intro and Why the Module Is Important | 1m 12s
Lock icon
Logs, Data Sources, and How They Aid in Investigations | 4m 26s
Lock icon
Investigation Scenarios | 6m
Security Operations for CompTIA Security+ - Domain Summary 3m 51s
Lock icon
Domain Summary | 3m 51s
Security Program Management and Oversight for CompTIA Security+ - Course Overview 1m 31s
Lock icon
Course Overview | 1m 31s
Effective Elements of Security Governance 19m 37s
Lock icon
Module Intro, Key Takeaways, and General Guidelines | 2m 41s
Lock icon
Policies and Plans (AUP, Information Security, DR/BC, and Incident Response Plans) | 4m 20s
Lock icon
Software Development Lifecycle (SDLC) | 3m 44s
Lock icon
Standards | 1m 20s
Lock icon
Change Management | 1m 41s
Lock icon
Onboarding/Offboard, External Considerations, and Use Cases for Monitoring | 3m 1s
Lock icon
Types of Governance Structures | 1m 18s
Lock icon
Data Owner, Controller, Processor, and Steward/Custodian | 1m 32s
Risk Management Process 22m 56s
Lock icon
Module Intro and Key Takeaways | 2m 36s
Lock icon
Risk Identification and Risk Assessment | 2m 38s
Lock icon
Qualitative and Quantitative Analysis | 3m 30s
Lock icon
Risk Calculation and Loss Calculation (ALE, SLE, and ARO) | 2m 57s
Lock icon
Risk Register and Heat Maps | 1m 9s
Lock icon
Risk Awareness and Risk Management Conpcepts | 6m 1s
Lock icon
Risk Appetite (Expansionary, Conservative, and Neutral) | 1m 18s
Lock icon
Business Impact Analysis and Key Terminology | 2m 47s
Third-party Risk Assessment and Management 10m 54s
Lock icon
Module Intro and Key Takeaways | 2m 59s
Lock icon
Vendor Assessment and Selection | 1m 43s
Lock icon
Agreement Types (SLA, MOU, and MSA) | 2m 39s
Lock icon
Vendor Monitoring | 1m 2s
Lock icon
Questionnaires | 1m 2s
Lock icon
Rules of Engagement | 1m 29s
Effective Security Compliance 16m 52s
Lock icon
Module Intro and Key Takeaways | 1m 15s
Lock icon
Compliance Reporting and Consequences of Non-compliance | 2m 23s
Lock icon
Non-compliance: Real World Example | 1m 46s
Lock icon
Compliance Monitoring | 1m 12s
Lock icon
Privacy Compliance and Privacy Challenges | 1m 53s
Lock icon
Data Security and Compliance Challenges | 1m 14s
Lock icon
Regulatory Examples and GDPR | 1m 28s
Lock icon
GDPR Key Terminology and Data Processing Principles | 1m 57s
Lock icon
Grounds for Legal Processing | 2m 9s
Lock icon
Right to Be Forgotten | 1m 35s
Types and Purposes of Audits and Assessments 12m 35s
Lock icon
Module Intro and Key Takeaways | 2m 8s
Lock icon
Attestation | 1m 23s
Lock icon
Internal Audits and Assessments | 1m 26s
Lock icon
External Audits and Assessments | 1m 27s
Lock icon
Penetration Testing | 6m 11s
Implement Security Awareness Practices 19m 13s
Lock icon
Module Overview and Key Takeaways | 1m 39s
Lock icon
Phishing, Campaigns, and Recognizing a Phishing Attempt | 4m 3s
Lock icon
Responding to Reported Suspicious Emails | 3m 15s
Lock icon
Anomalous Behavior Recognition | 1m 25s
Lock icon
User Guidance and Training Topics | 3m 46s
Lock icon
Creating Culture and Awareness Training | 1m 21s
Lock icon
Devising the Plan, Skills Training, Delivery, and Execution | 3m 44s
Security Program Management and Oversight for CompTIA Security+ - Domain Summary 3m 35s
Lock icon
Domain Summary | 3m 35s
About the author
Christopher Rees
Chris is a lifelong learner and professional information technologist, trainer and IT Manager. Married with 3 children, Chris is interested in martial arts, working out, spending time with family and friends and being creative whenever possible.
More Courses by Christopher R.
Get access now
Sign up to get immediate access to this course plus thousands more you can watch anytime, anywhere
Cancel
Close button icon
