Course

Securing individual systems

Every organization is in danger of having their systems compromised, but by understanding different kinds of threats and attacks the risks can be managed. Gain an entry-level understanding of essential hardware, firmware and operating system security concepts.

    Syllabus

  • Malware Video — 00:13:42
    • Malicious software is referred to as malware and includes various types including ransomware, fileless viruses, worms, keyloggers, and trojan horses. Infected computers that periodically contact command and control servers are called bots or zombies.

  • Weak configurations Video — 00:11:36
    • A lack of secure configurations for networks, devices, and hosts results in an increased attack surface. Default settings, especially credentials, should not be used. Deprecated security protocols such as WEP and SSL should also be avoided.

  • Common attacks Video — 00:09:04
    • Staying up-to-date with the latest types of security attacks is form of attack mitigation. Keeping systems hardened helps protect against zero-day attacks. Software develops must adhere to secure coding practices to ensure deployed code does not contain s

  • Driver and overflow attacks Video — 00:07:54
    • Malicious actors can trick victims into installing malicious code such as driver shims. Software programming flaws related to memory allocation can result in security threats. Secure coding, patching, and user awareness go a long way in mitigating these t

  • Password attacks Video — 00:08:04
    • Username and password authentication remains common, as do related dictionary and brute-force attacks. Account lockout threshold can mitigate password attacks other than password spraying attacks.

  • Bots and botnets Video — 00:06:13
    • Distributed Denial of Service (DDoS) attacks use collections of infected bots, or zombies in a botnet, to flood victims hosts or networks. Bots periodically contact a malicious-user controlled command and control server.

  • Disk RAID levels Video — 00:10:19
    • Data availability, including through disk redundancy, is an aspect of IT security. There are various RAID levels that organize physical disks together to provide performance and/or fault tolerant benefits.

  • Securing hardware Video — 00:11:03
    • All IT solutions, in the end, run on hardware somewhere. Restricting physical access to IT hardware such as through locked server rooms and encryption of data at rest provide a layer of security.

  • Securing endpoints Video — 00:09:02
    • In the enterprise, endpoint detection and response solutions report to a centralized SIEM solution when abnormal activity, including malware, is detected on hosts and devices. Intrusion detection and prevention systems (IDS/IPS) are the engine for this ty

  • Exam question review Video — 00:02:19
    • Monitoring the network for intrusions is paramount to ensure a timely mitigation. This episode presents a monitoring scenario that requires the view to identify which type of attack took place.

  • Linux software RAID lab Video — 00:07:31
    • RAID configurations can enhance the performance and availability of stored data, depending on the level of RAID used. In this demo, software RAID level 1 (disk mirroring) is configured in Linux.

  • Ask me anything Video — 00:01:44
    • Securing hosts properly should involve both a proactive and a reactive approach. This episode discusses what can be done about zero-day attacks.

  • Security+ – AAA Lab — 00:30:00
    • CompTIA Security+ establishes the core knowledge required of any cybersecurity role and provides a jumping point to intermediate-level cybersecurity jobs. Security+ Lab incorporates best practices in hands-on trouble-shooting to ensure security professionals have practical security problem-solving skills. This Lab aids the CompTIA Security+ training set by providing several challenges specially crafted to convey the concept of Authentication Management and Access Control Schemes clearly and comprehensively.“AAA is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.”

Meet the author

Mike Meyers, affectionately called the “Alpha Geek,” is the industry’s leading authority on CompTIA certifications. He is the president and co-founder of Total Seminars, LLC, a provider of PC and network repair seminars, books, videos and courseware for thousands of organizations throughout the world. Mike has been involved in the computer and network repair industry since 1987 as a technician, instructor, author, consultant and speaker. He has sold over a million IT and certification books, including the best-selling CompTIA A+ Certification All-in-One Exam Guide and CompTIA Network+ Certification All-in-One Exam Guide. He has personally taught thousands of students, including U.S. senators, U.S. Supreme Court Justices, members of the United Nation, every branch of the U.S. Armed Forces, many branches of the Department of Justice, hundreds of corporate clients and academic students at every level.

You're in good company

CY

We use Infosec Skills to provide continuous training to our technicians and to prepare them for various certifications. Infosec Skills allows us to create personalized training programs that focus on each of our technicians’ particular roles and see their progress as they take courses. We also, recommend it to clients to make their IT support teams better.

Caleb Yankus

DS

This has been utilized to bridge the skills gap across our cyber team and to aid them as they prepare for their various certifications. It also has provided a nice learning foundation for our various cyber team members to utilize as we continue to find ways for cross-utilization with operations while minimizing the downtime needed to ensure everyone’s knowledge is the same.

Daniel Simpson

IS

We use Infosec Skills to provide base level knowledge for employees. We also use the services to provide in depth learning for employees as they encounter new technologies. If an employee is is assigned to a new project, we can rely on Infosec Skills to provide a rapid concentrated learning environment. This rapid concentrated learning positions our employees for success.

Infosec Skills Teams client

Plans & pricing

  • Infosec Skills Personal

    $299 / year

    • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Custom certification practice exams (e.g., CISSP, Security+)
    • Skill assessments
    • Infosec peer community support
  • Infosec Skills Teams

    $799 per license / year

    • Team administration and reporting
    • Dedicated client success manager
    • Single sign-on (SSO)
      Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
    • Integrations via API
      Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
    • 190+ role-guided learning paths and assessments (e.g., Incident Response)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Create and assign custom learning paths
    • Custom certification practice exams (e.g., CISSP, CISA)
    • Optional upgrade: Guarantee team certification with live boot camps

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Award-winning training that you can trust

Comprehensive Cybersecurity Training - Infosec Skills
Cybersecurity Education and Training Gold Award - Infosec IQ
Top Rated Award - Infosec Skills
2021 G2 Summer - Leader - Tech Skills Dev, Online Course, eLearning Content
Top 20 Company - Online Learning Library