CompTIA Security+, Part 4 of 8: Operational Security

Course description

In this course we will discuss security incidents and how to properly manage them. Adding to our understanding of incident response we will cover evidence gathering in depth by focusing on forensics to support an investigation. We will then cover dealings with third parties including different agreements and arrangements and the security issues to keep in mind with those. Finishing the course is the topic of security awareness and training which can either make or break the organization's security stance. This course will cover the CompTIA Security+ objectives 2.2, 2.4, 2.5, and 2.6.

Each LearnNowOnline training course is made up of Modules (typically an hour in length). Within each module there are Topics (typically 15-30 minutes each) and Subtopics (typically 2-5 minutes each). There is a Post Exam for each Module that must be passed with a score of 70% or higher to successfully and fully complete the course.

Prerequisites

This course assumes that the user has working knowledge of networks and networking. Ideally, the user should have their CompTIA Network+ certification, but can be replaced with networking experience.

Meet the expert

Ryan Hendricks

Ryan Hendricks is an experienced instructor who teaches networking and security courses to IT professionals throughout the nation. He currently has the CompTIA Certified Technical Trainer (CTT+ Classroom) and the Cisco Certified Academy Instructor (CCAI) credentials. He holds certifications from (ISC)2, EC-Council, CompTIA, and Cisco. When not on the podium instructing, he delves into IT books, always looking to learn more and keep up with the latest security topics.

Video Runtime

80 Minutes

Time to complete

100 Minutes

Course Outline

Operation Security

Incident Response (17:56)

• Introduction (00:21)
• Preparation (01:03)
• Incident Identification (00:44)
• First Responder (01:00)
• Escalation and Notification (00:37)
• CIRT (01:16)
• Mitigation Steps (00:32)
• Incident Isolation (00:33)
• Collecting Evidence (00:41)
• Recovery Procedures (04:11)
• Lessons Learned (00:48)
• Data Breach (00:51)
• Damage and Loss Control (01:07)
• Reporting (03:42)
• Summary (00:23)

Incident Forensics (15:50)

• Introduction (00:18)
• Digital Forensics (00:35)
• Identifying (00:36)
• Order of Volatility (00:58)
• Order of Volitility, Cont. (03:01)
• Capture System Image (02:01)
• Take Hashes (01:19)
• Network Traffic and Logs (00:52)
• Record Time Offsets (01:07)
• Capture Video (00:40)
• Screenshots (00:40)
• Witnesses (00:49)
• Track Man Hours and Expense (00:47)
• Chain of Custody (01:33)
• Summary (00:26)

Third Parties (13:13)

• Introduction (00:20)
• On-Boarding/Off Boarding (01:19)
• Interoperability Agreements (00:53)
• Service Level Agreement (01:33)
• Business Partner Agreement (01:02)
• Memorandum of Understanding (02:34)
• Unauthorized Data Sharing (00:52)
• Data Ownership (01:06)
• Data Backups (01:37)
• Agreement Compliance (01:28)
• Summary (00:26)

Incident Training (33:32)

• Introduction (00:27)
• Security Policy Training (01:18)
• Awareness (00:51)
• Education (01:10)
• Training (02:55)
• Personally Identifiable Info (01:14)
• Classification System (01:44)
• Data Labeling (01:48)
• Data Handling (01:36)
• Data Disposal (01:22)
• Compliance (01:05)
• User Habits (03:14)
• Password Behaviors (01:28)
• Password Example (02:59)
• Password Example, Cont. (02:07)
• Clean Desk (01:10)
• Tailgating and Piggybacking (01:26)
• Personally Owned Devices (00:51)
• New Threats and Trends (00:47)
• Social Networking (00:57)
• Peer to Peer Applications (01:26)
• Statistics (01:07)
• Summary (00:19)