CompTIA Security+ (SY0-401) Compliance and Operational Security

CompTIA Security+ (2014 Objectives): Domain 2- Compliance and Operational Security.
Course info
Rating
(96)
Level
Beginner
Updated
Jan 22, 2015
Duration
5h 48m
Table of contents
Risk and Related Concepts
Risks Associated With 3rd Party Integration
Risk Mitigation Strategies
Implementing Basic Forensic Procedures
Incident Response Concepts
Security Related Awareness and Training
Physical and Environmental Controls
Risk Management Best Practices
Appropriate Controls to Meet Security Goals
Description
Course info
Rating
(96)
Level
Beginner
Updated
Jan 22, 2015
Duration
5h 48m
Description

This course prepares students for the compliance and operational security section of the CompTIA Security+ (SY0-401) exam. This course deals with security issues such as compliance, risk mitigation, basic forensic procedures and environmental controls used to increase reliability, resiliency, and maintain business continuity. The importance of mitigating risk and calculating the likelihood and expected losses of various risks is covered, along with dealing with 3rd party integration, SLAs, and maintaining operations through business continuity best practices. Environmental controls including HVAC, hot and cold aisles, high availability, and fault tolerant best practices are also discussed. Confidentiality, Integrity and Availability (CIA) best practices are also covered to ensure data is secure, verified, and accessible.

About the author
About the author

Chris is a lifelong learner and professional information technologist, trainer and IT Manager. Married with 3 children, Chris is interested in martial arts, working out, spending time with family and friends and being creative whenever possible.

More from the author
More courses by Christopher Rees
Section Introduction Transcripts
Section Introduction Transcripts

Risk Mitigation Strategies
Hey, welcome back to Pluralsight. In this module, we're going to cover risk mitigation strategies. I'm your instructor, Christopher Rees. Let's go ahead and get started. Now in this module, we're going to cover change management, something not very many people are actually very excited about. (chuckles) Myself included. But it's something that's very important for every organization to make sure they do it properly and we'll discuss why. We'll talk about incident management, which kind of goes hand in hand with change management. It takes it one step further, so when thing actually do happen, what do we need to do? Make sure we have the proper controls and so forth in place. We'll talk about user rights and permissions and why we need to review them. We'll talk about performing routine audits, again, all dealing with making sure that we have as strong a security posture as possible, and also talk about enforcing policies and procedures to prevent data loss or theft. So, technology controls' along those same lines to make sure that we are ensuring that data loss, or data does not leak from our environment, either intentionally or unintentionally. DLP or data loss prevention is a very hot topic.

Implementing Basic Forensic Procedures
Hey, welcome back to Pluralsight. In this module, we'll be covering Implementing Basic Forensic Procedures. I'm your instructor, Christopher Rees. Let's go ahead and get started. Now in this module, we're going to be talking about digital investigations, or collecting digital evidence, for a forensic level investigation. Whether it's a crime, a hacking attempt, and so forth. So we'll be talking about such things as the Order of Volatility, the order in which we capture information and why it's important to do it in a very pre-described fashion, we talk about capturing a system image, network traffic and logs, we talk about capturing video, whether it's video of ourselves and what we're doing, or it's video of a surveillance nature, perhaps of the crime, or the perpetrator of that crime, we'll talk about recording time offset, again, why it's important. We'll talk about taking hashes, whether it's collecting a file, a folder, or an entire disk. We'll take a hash of that information to make sure that it is, in fact, the original and we can prove, whether it's in a court of law, or just as a matter of record, that it is an exact, untampered with copy. We'll talk about taking screenshots, and how that factors into our investigation, we'll talk about witnesses and the role that they play in developing evidence. And we also need to discuss tracking man hours and expense, because at the end of the day, we all need money to do our jobs. We need budgets and so forth. So these types of things, making sure we have a close accounting of what we put into an investigation and what that costs, allows us to forecast and budget accordingly. We'll talk about the chain of custody, again, crucial to an investigation, why that's super important. And then we'll talk about Big Data analysis, and how that is changing the face of how investigations are conducted.

Security Related Awareness and Training
Hey, welcome back to Pluralsight. I'm your instructor, Christopher Rees, and in this module, we're going to talk about security-related awareness and training. So let's go ahead and get started. Now, in this module, we're going to cover a few things dealing with security awareness including security policy training and procedures. We'll talk about role-based training, personally identifiable information, information classification, whether it be high, medium, or low, talk about confidential, private, public, and so forth, talk about data labeling, handling, and disposal. We'll talk about compliance with laws, best practices and standards. We'll talk about user habits such as password behaviors, we'll talk about data handling, clean desk policies, the prevention of tailgating, and also personally owned devices. And then we'll also talk about new threats and new security trends and alerts, such as new viruses that come down. As we know, there's many that come out daily it seems like. We'll talk about phishing attacks, and then zero-day exploits. We'll talk about the use of social networking and peer to peer or P2P and then we'll talk about following up and gathering training metrics to validate compliance and security posture, in other words, make sure people are actually understanding the training that they're getting. So let's go ahead and get started.

Physical and Environmental Controls
Hey, welcome back to Pluralsight. I'm Christopher Rees, your instructor, and in this module, we'll be covering physical and environmental controls. So, in this module, we have a lot to cover with basically three main categories, and that is environmental controls, physical controls, and then control types. All right, so let's take a look at the environmental controls first. And basically we're going to be covering such things as HVAC or heating, ventilation, and air conditioning, fire suppression, EMI shielding, hot and cold aisles, environmental monitoring, temperature and humidity controls. All right, so all basically ways that we can control the environment. We're going to talk about physical security, and there's a number of things here, so I'll just bring them all up at once, but basically things that will allow us or enable us to either control or deter or prevent some type of an attack or some type of action from occurring. Hardware locks, mantraps, surveillance, fencing, so on and so forth, okay? So, guards, barricades, biometrics, all things that we can do to physically either prevent or deter. And then, last, we have control types. So, again, we're going to kind of go through the main categories, and some of these things, as we go through them, we'll fit into these various control types. So, we have deterrent, preventive, detective, compensating, technical, and administrative. All right, so that's basically what we're going to cover throughout this module. All very important to understand as a security professional, where the different things fall into play when you're looking at your different ways of kind of curtailing or preventing an activity.

Risk Management Best Practices
Hey there, welcome back to Pluralsight. I'm your instructor, Christopher Rees. And in this module on Risk Management and Best Practices, we're going to cover a few things dealing with business continuity concepts and within that we're going to cover business impact analysis, what it is, why it's important. Talk about the identification of critical systems and components. Talk about removing single points of failure. Okay, that's a big one. Business continuity planning and testing. We'll talk about risk assessment, continuity of operations, disaster recovery, IT contingency planning, succession planning, high availability, redundancy, and tabletop exercises. So that's a lot of concepts within business continuity itself. Some of those things overlap and they can mean the same thing depending upon what components you're talking about but then we're going to also cover some things dealing with fault tolerance and that covers basically hardware, RAID, clustering, load balancing and the servers themselves, some fault tolerant components within the servers. And then we'll also cover disaster recovery concepts and that deals with backup plans and policies, backup execution in frequency, cold sites, hot sites, and warm sites. Okay, so all the things that we need to have in place to get our information back up and running quickly.