The capacity to perform risk management is crucial for anyone hoping to defend their networks and resources. This course will teach you about risk policy, assessment, analysis, and mitigation of your networks.
With so many threats and vulnerabilities in today's infrastructures, creating an impregnable framework is nearly impossible. Therefore, it is every IT security professionals' responsibility to make important decisions and take action to best safeguard data and assets. In this course, Assessing and Mitigating Security Risks, you will gain an understanding of risk management and how it can enable thoughtful and focused defense strategies. First, you will learn about the landscape, what risk assessment is, and how it can be conducted successfully. Next, you will learn about mitigation and controls. Finally, you will delve into tools and resources that can help your company get a jump start on protecting your network. When you are finished with this course, you will have the knowledge necessary to respond to incidents and mitigate those security threats.
Dale Meredith received his Certified Ethical Hacker and Certified EC-Counsel Instructor certifications back in 2006, as well as being a Microsoft Certified Trainer since 1998 (yes we had computers back then). Dale takes great pride in helping students comprehend and simplify complex IT concepts.
Course Overview Hey everyone. My name is Dale Meredith, and welcome to my course on Assessing and Mitigating Security Risks. Now I personally have been a Microsoft trainer since 1999 and a cybersecurity expert since about oh, 2000, teaching both corporate IT personnel for global companies, as well as colleges, government departments, and even military personnel. And hey, if you're looking for certification, guess what I did for you? I made it so this course could actually help you start you down your path towards several different certifications, including CEH, GCIH, CSA+, ECIH, and CISSP. Now some of the major topics that we'll talk about in this course will include understanding the landscape; things are changing for us in the cybersecurity world, or actually, devices are changing on us all the time that we have to support. We'll talk about risk assessments, as well as risk controls. In fact, by the end of the course, you should have a good understanding of what is expected of a cybersecurity professional when it comes to responding to incidences and mitigating those threats. Now before you guys jump in, you need to be sure that you're kind of familiar with some of the basic network items out there, like devices, protocols, operating systems. But more importantly, I'm hoping you've got a good commonsense thought process that you can then implement. Now after you're done with this course, you should be comfortable enough to dive into some of the other security courses that we offer around those certifications. Now, if you're willing to put up with my really bad puns and my Batman addiction, I hope you'll come and join me in this journey as we learn about the foundation of security, with this, the Assessing and Mitigating Security Resources course, here at Pluralsight.
Mitigation and Controls Okay, so when it comes to mitigation and controls, now, this story is about control. My control. Control of what I say, control of what I do. And this time I'm going to do it my way. Anybody else start singing that song with me? Little Miss. Jackson, if you would. So I know that I've been joking around about this, but it's kind of serious. But you need to understand that controls is basically where everything is coming from. There are a plethora, yes, I got another chance to use my favorite word, plethora, there's a plethora of controls out there just because of our network infrastructures. And, I don't want to overwhelm you with this awesome list, because there's a lot to know about when it comes to controls. You see all those, did you get all of them, and read them, got them? Okay, good, we're done with the module. No. Let me back up so you can see the previous list here. We go through and try to cover as much as the technology that we can in making sure that we have controls in place for each one of these, and you could probably even think of even more. I'm going to go ahead one slide, just so you can see these all over again on the second slide, or second page here, there is just a ton of them. The purpose here is to make sure that we have a good understanding of what's expected at each of these levels. Now I'm not going to break these down, each one of these being a single clip. I'm going to combine several of them together, because otherwise I could inundate you with just a ton of clips. So, I'm going to go for a couple of minutes talking about each one of these; I'm going to break it up and just kind of see how far we get with each one.