Course

Securing Individual Systems

Every organization is in danger of having their systems compromised, but by understanding different kinds of threats and attacks the risks can be managed. Gain an entry-level understanding of essential hardware, firmware and operating system security concepts.
2 hours, 9 minutes 12 videos
Start a Free Trial

Syllabus

Ask me anything

Video - 00:02:00
Securing hosts properly should involve both a proactive and a reactive approach. This episode discusses what can be done about zero-day attacks.
Linux software RAID lab

Video - 00:08:00
RAID configurations can enhance the performance and availability of stored data, depending on the level of RAID used. In this demo, software RAID level 1 (disk mirroring) is configured in Linux.
Exam question review

Video - 00:02:00
Monitoring the network for intrusions is paramount to ensure a timely mitigation. This episode presents a monitoring scenario that requires the view to identify which type of attack took place.
Securing endpoints

Video - 00:09:00
In the enterprise, endpoint detection and response solutions report to a centralized SIEM solution when abnormal activity, including malware, is detected on hosts and devices. Intrusion detection and prevention systems (IDS/IPS) are the engine for this type of solution and can be configured with allow/deny lists.
Securing hardware

Video - 00:11:00
All IT solutions, in the end, run on hardware somewhere. Restricting physical access to IT hardware such as through locked server rooms and encryption of data at rest provide a layer of security.
Disk RAID levels

Video - 00:10:00
Data availability, including through disk redundancy, is an aspect of IT security. There are various RAID levels that organize physical disks together to provide performance and/or fault tolerant benefits.
Bots and botnets

Video - 00:06:00
Distributed Denial of Service (DDoS) attacks use collections of infected bots, or zombies in a botnet, to flood victims hosts or networks. Bots periodically contact a malicious-user controlled command and control server.
Password attacks

Video - 00:08:00
Username and password authentication remains common, as do related dictionary and brute-force attacks. Account lockout threshold can mitigate password attacks other than password spraying attacks.
Driver and overflow attacks

Video - 00:08:00
Malicious actors can trick victims into installing malicious code such as driver shims. Software programming flaws related to memory allocation can result in security threats. Secure coding, patching, and user awareness go a long way in mitigating these types of security issues.
Common attacks

Video - 00:09:00
Staying up-to-date with the latest types of security attacks is form of attack mitigation. Keeping systems hardened helps protect against zero-day attacks. Software develops must adhere to secure coding practices to ensure deployed code does not contain security flaws.
Weak configurations

Video - 00:12:00
A lack of secure configurations for networks, devices, and hosts results in an increased attack surface. Default settings, especially credentials, should not be used. Deprecated security protocols such as WEP and SSL should also be avoided.
Malware

Video - 00:14:00
Malicious software is referred to as malware and includes various types including ransomware, fileless viruses, worms, keyloggers, and trojan horses. Infected computers that periodically contact command and control servers are called bots or zombies.
Security+ - AAA

Lab - 00:30:00
CompTIA Security+ establishes the core knowledge required of any cybersecurity role and provides a jumping point to intermediate-level cybersecurity jobs. Security+ Lab incorporates best practices in hands-on trouble-shooting to ensure security professionals have practical security problem-solving skills. This Lab aids the CompTIA Security+ training set by providing several challenges specially crafted to convey the concept of Authentication Management and Access Control Schemes clearly and comprehensively.'AAA is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.'

Meet the author

Mike Meyers, affectionately called the "Alpha Geek," is the industry's leading authority on CompTIA certifications. He is the president and co-founder of Total Seminars, LLC, a provider of PC and network repair seminars, books, videos and courseware for thousands of organizations throughout the world. Mike has been involved in the computer and network repair industry since 1987 as a technician, instructor, author, consultant and speaker. He has sold over a million IT and certification books, including the best-selling CompTIA A+ Certification All-in-One Exam Guide and CompTIA Network+ Certification All-in-One Exam Guide. He has personally taught thousands of students, including U.S. senators, U.S. Supreme Court Justices, members of the United Nation, every branch of the U.S. Armed Forces, many branches of the Department of Justice, hundreds of corporate clients and academic students at every level.

Learn More

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments
Start a Free Trial

Plans & pricing

Infosec Skills Personal

$299 / year

Buy Now 7-Day Free Trial
  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

Book a Meeting
  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Award-winning training you can trust