CompTIA Security+ (SY0-401) Compliance and Operational Security
CompTIA Security+ (2014 Objectives): Domain 2- Compliance and Operational Security.
What you'll learn
This course prepares students for the compliance and operational security section of the CompTIA Security+ (SY0-401) exam. This course deals with security issues such as compliance, risk mitigation, basic forensic procedures and environmental controls used to increase reliability, resiliency, and maintain business continuity. The importance of mitigating risk and calculating the likelihood and expected losses of various risks is covered, along with dealing with 3rd party integration, SLAs, and maintaining operations through business continuity best practices. Environmental controls including HVAC, hot and cold aisles, high availability, and fault tolerant best practices are also discussed. Confidentiality, Integrity and Availability (CIA) best practices are also covered to ensure data is secure, verified, and accessible.
Table of contents
- Module Overview 4m
- The Security Cycle 3m
- Control Types 10m
- Incident Response 6m
- False Positives, False Negatives, and Security Policies 10m
- Risk Calculation 9m
- MTTF, MTTR, and MTBF 3m
- Threat Vectors, Vulnerabilities, and Managing Risk 6m
- Risk Avoidance and Risks Associated With Cloud Computing 5m
- RPO and RTO 6m
- Course Overview and Onboarding Process 3m
- 3rd Party Integration 2m
- Off-Boarding Process 1m
- Social Media Networks and Applications 2m
- SLA 2m
- BPA 1m
- MOU and ISA 2m
- Privacy Considerations and Data Ownership 4m
- Data Backups 1m
- Security Policies and Procedures 2m
- Review Agreements and Verify Compliance 2m
- Module Overview 2m
- What Is Computer Forensics? 3m
- Order of Volatility 5m
- First Responder Best Practices 6m
- Capture a System Image 4m
- Network Traffic and Logs 4m
- Capture Video 1m
- Record Time Offset 3m
- Take Hashes 5m
- Screenshots 1m
- Witnesses 2m
- Track Man Hours and Expense 3m
- Chain of Custody 3m
- Big Data Analysis 4m
- Module Review 2m
- Module Overview 2m
- Incident Preparation 8m
- Incident Identification 3m
- Incident Response 2m
- Incident Notification and Escalation 5m
- Incident Mitigation and Isolation 3m
- Lessons Learned 2m
- Incident Reporting 4m
- Recovery and Reconstitution Procedures 1m
- First Responder 2m
- Incident Isolation 3m
- Data Breach 4m
- Damage and Loss Control 2m
- Module Review 1m
- Module Overview 1m
- Security Policy Training and Procedures 3m
- Validate Compliance and Security Posture 1m
- Role Based Training 1m
- Personally Identifiable Information 1m
- Information Classification 2m
- Data Labeling, Handling, and Disposal 2m
- Compliance 4m
- User Habits 7m
- New Threats, Security Trends, and Alerts 3m
- Use of Social Networking and P2P 3m
- Module Review 2m
- Module Overview 1m
- Environmental Factors 2m
- HVAC 2m
- Fire Suppression 3m
- EMI Shielding 3m
- Hot and Cold Aisles 3m
- Environmental Monitoring 2m
- Temperature and Humidity Controls 2m
- Physical Security, Locks, Mantraps, and Video Surveillance 4m
- Fencing 2m
- Proximity Readers and Access Lists 2m
- Proper Lighting and Signs 2m
- Barricades 1m
- Biometrics 1m
- Protected Distribution Systems 4m
- Alarms and Motion Detection 3m
- Control Types 4m
- Module Overview 1m
- Business Continuity Concepts 2m
- Business Impact Analysis 3m
- Identification of Critical Systems and Components 2m
- Removing Single Points of Failure 2m
- Business Continuity Planning and Testing 3m
- Risk Assessment and Continuity of Operations 3m
- Disaster Recovery Planning 4m
- IT Contingency Planning 3m
- Succession Planning 2m
- High Availability 4m
- Redundancy 5m
- Tabletop Exercises 3m
- Fault Tolerance 2m
- RAID 4m
- Clustering 2m
- Load Balancing 2m
- Servers 1m
- Backup Plans, Execution, and Frequency 4m
- Hot, Warm, and Cold Sites 4m