01 Overview of Security
-
001 Welcome (5:34)
-
002 CompTIA-Security-601-Study-Guide
-
002 CompTIA-Security-Study-Notes-501
-
003 Overview of Security (2:58)
-
004 CIA Triad (3:57)
-
005 AAA of Security (OBJ 2.4) (3:08)
-
006 Security Threats (OBJ 1.1 & 1.2) (2:59)
-
007 Mitigating Threats (OBJ 5.1) (2:49)
-
008 Hackers (OBJ 1.5) (4:56)
-
009 Threat Actors (1.5) (3:15)
-
010 __ Threat Intelligence and Sources (OBJ 1.5) (8:55)
-
011 __ Threat Hunting (OBJ 1.7) (6:54)
-
012 __ Attack Frameworks (OBJ 4.2) (11:13)
02 Malware
-
013 Malware (OBJ 1.2) (0:42)
-
014 Viruses (OBJ 1.2) (6:24)
-
015 Worms (OBJ 1.2) (2:12)
-
016 Trojans (OBJ 1.2) (2:51)
-
017 Demo_ Viruses and Trojans (OBJ 1.2) (6:19)
-
018 Ransomware (OBJ 1.2) (2:33)
-
019 Spyware (OBJ 1.2) (2:42)
-
020 Rootkits (OBJ 1.2 & 1.3) (3:32)
-
021 Spam (OBJ 1.1) (2:59)
-
022 Summary of Malware (2:05)
03 Malware Infections
-
024 Common Delivery Methods (OBJ 1.1 & 1.5) (4:29)
-
023 Malware Infections (4:15)
-
025 Demo_ Phishing (OBJ 1.1 & 5.3) (5:22)
-
026 Botnets and Zombies (OBJ 1.2 & 1.4) (3:33)
-
027 Active Interception and Privilege Escalation (OBJ 1.3 & 1.4) (2:31)
-
028 Demo_ Privilege Escalation (OBJ 1.3 & 1.8) (5:44)
-
029 Backdoors and Logic Bombs (OBJ 1.2) (3:51)
-
030 Symptoms of Infection (OBJ 1.2) (4:13)
-
031 Removing Malware (OBJ 4.2) (5:04)
-
032 Preventing Malware (OBJ 1.6 & 3.2) (5:59)
-
033 __ Malware Exploitation (OBJ 1.2 & 1.4) (7:39)
04 Security Applications and Devices
-
035 Software Firewalls (OBJ 3.2) (4:18)
-
034 Security Applications and Devices (0:35)
-
036 Demo_ Software Firewalls (OBJ 3.2) (6:47)
-
037 IDS (OBJ 3.2 & 3.3) (5:05)
-
038 Pop-up Blockers (OBJ 1.1, 3.3, 4.4) (3:12)
-
039 Data Loss Prevention (DLP) (OBJ 2.1, 3.2, 4.4) (3:46)
-
040 Securing the BIOS (OBJ 3.2) (3:59)
-
041 Securing Storage Devices (OBJ 2.1, 2.5, & 3.3) (3:29)
-
042 Disk Encryption (OBJ 2.1, 2.8 & 3.2) (4:54)
-
043 __ Endpoint Analysis (OBJ 3.1 & 3.3) (5:47)
05 Mobile Device Security
-
045 Securing Wireless Devices (OBJ 3.4 & 3.5) (1:33)
-
044 Mobile Device Security (OBJ 1.5) (1:17)
-
046 Mobile Malware (OBJ 1.1 & 3.5) (6:22)
-
047 SIM Cloning & ID Theft (OBJ 1.1, 2.4, & 2.6) (4:03)
-
048 Bluetooth Attacks (OBJ 1.4 & 3.4) (2:11)
-
049 Mobile Device Theft (OBJ 3.5) (3:13)
-
050 Security of Apps (OBJ 3.1 & 3.5) (5:09)
-
051 BYOD (OBJ 3.5) (4:59)
-
052 Hardening Mobile Devices (OBJ 3.5) (3:54)
06 Hardening
-
053 Hardening (OBJ 3.2) (1:50)
-
054 Unnecessary Applications (OBJ 1.6) (3:14)
-
055 Restricting Applications (OBJ 3.2 & 4.4) (2:59)
-
056 Demo_ Unnecessary Services (OBJ 3.2 & 3.3) (5:38)
-
057 Trusted Operating System (OBJ 3.2) (1:59)
-
058 Updates and Patches (OBJ 1.6 & 3.2) (3:29)
-
059 Patch Management (OBJ 1.6 & 3.2) (3:52)
-
060 Group Policies (OBJ 2.1) (2:36)
-
061 Demo_ Group Policies (OBJ 3.2) (4:09)
-
062 File Systems and Hard Drives (OBJ 2.1 & 3.2) (3:21)
07 Suppy Chain Management
08 Virtualization
09 Application Security
10 Secure Software Development
-
078 Software Development (OBJ 2.1 & 2.3) (8:36)
-
079 SDLC Principles (OBJ 1.6, 2.3, 3.2, & 5.3) (6:25)
-
080 Testing Methods (OBJ 2.3 & 3.2) (7:02)
-
081 Software Vulnerabilities and Exploits (OBJ 1.2, 1.3, & 1.6) (3:47)
-
082 Buffer Overflows (OBJ 1.3) (6:18)
-
083 Demo_ Buffer Overflow Attack (OBJ 1.3) (6:28)
-
084 XSS and XSRF (OBJ 1.3) (3:10)
-
085 SQL Injection (OBJ 1.3) (6:28)
-
086 Demo_ SQL Injection (OBJ 1.2 & 1.3) (7:16)
-
087 __ XML Vulnerabilities (OBJ 1.3) (5:10)
-
088 __ Race Conditions (OBJ 1.3) (5:50)
-
089 __ Design Vulnerabilities (OBJ 1.3) (4:16)
11 Network Design
-
091 The OSI Model (OBJ 3.3 & 3.6) (6:03)
-
090 Network Security (0:47)
-
092 Switches (OBJ 1.4 & 2.7) (3:35)
-
093 Routers (OBJ 3.3) (2:30)
-
094 Network Zones (OBJ 3.3) (3:29)
-
095 __ Jumpbox (OBJ 3.5) (5:04)
-
096 Network Access Control (OBJ 3.3 & 4.4) (2:43)
-
097 VLANs (OBJ 3.3) (1:32)
-
098 Subnetting (OBJ 3.6) (1:53)
-
099 Network Address Translation (OBJ 3.3) (2:35)
-
100 Telephony (OBJ 3.1) (6:00)
12 Perimeter Security
-
101 Perimeter Security (0:49)
-
102 Firewalls (OBJ 3.3 & 4.4) (8:04)
-
103 Demo_ SOHO Firewall (OBJ 3.3 & 4.4) (4:07)
-
104 Proxy Servers (OBJ 3.3 & 4.4) (4:15)
-
105 Honeypots and Honeynets (OBJ 2.1) (1:25)
-
106 Data Loss Prevention (OBJ 2.1, 3.2, & 4.4) (1:38)
-
107 NIDS and NIPS (OBJ 3.3) (4:13)
-
108 Unified Threat Management (OBJ 3.2 & 3.3) (1:55)
13 Cloud Security
-
110 Cloud Types (OBJ 2.2 & 3.6) (2:54)
-
109 Cloud Computing (OBJ 1.5, 2.2, 3.5, & 3.6) (3:32)
-
111 As a Service (OBJ 2.2) (7:07)
-
112 Cloud Security (OBJ 2.5 & 3.6) (2:28)
-
113 Defending Servers (OBJ 1.7, 3.1, and 3.2) (4:35)
-
114 __ Cloud-based Infrastructure (OBJ 1.2, 1.6, 2.2, 2.4, 2.5, & 3.6) (7:22)
-
115 __ CASB (OBJ 2.1) (4:28)
-
116 __ API (OBJ 2.1) (6:09)
-
117 __ FAAS and Serverless (OBJ 2.2) (8:08)
-
118 __ Cloud Threats (OBJ 1.3, 1.6, 2.1, & 2.2) (8:11)
14 Automation
15 Network Attacks
-
125 Ports and Protocols (OBJ 3.1) (4:27)
-
124 Network Attacks (OBJ 1.4) (0:40)
-
126 Memorization of Ports (OBJ 3.1) (11:33)
-
127 Unnecessary Ports (OBJ 1.6 & 3.2) (3:24)
-
128 Denial of Service (OBJ 1.3 & 1.4) (7:59)
-
129 DDoS (OBJ 1.2, 1.3, & 1.4) (1:39)
-
130 Stopping a DDoS (OBJ 2.1 & 2.3) (2:29)
-
131 Spoofing (OBJ 1.4 & 3.3) (1:19)
-
132 Hijacking (OBJ 1.3 & 1.4) (3:47)
-
133 Replay Attack (OBJ 1.3) (1:29)
-
134 Demo_ Null Sessions (OBJ 1.6) (2:27)
-
135 Transitive Attacks (OBJ 2.4) (1:27)
-
136 DNS Attacks (OBJ 1.1, 1.4 & 3.1) (4:36)
-
137 ARP Poisoning (OBJ 1.4) (1:33)
16 Securing Networks
-
139 Securing Network Devices (OBJ 1.2, 1.6, 3.3, & 3.7) (6:45)
-
138 Securing Networks (OBJ 3.3) (0:52)
-
140 Securing Network Media (OBJ 2.7) (8:51)
-
141 Securing WiFi Devices (OBJ 1.4 & 3.4) (4:25)
-
142 Wireless Encryption (OBJ 1.6 & 3.4) (5:33)
-
143 Wireless Access Points (OBJ 1.4 & 3.4) (6:14)
-
144 Wireless Attacks (OBJ 1.2, 1.4 & 1.8) (4:18)
-
145 Demo_ Wireless Attack (OBJ 1.4) (7:42)
-
146 __ WPA3 (OBJ 3.4) (6:08)
-
147 Other Wireless Technologies (OBJ 1.4 & 3.5) (6:05)
17 Physical Security
18 Facilities Security
-
154 Fire Suppression (OBJ 2.7) (6:24)
-
153 Facilities Security (OBJ 2.7) (0:39)
-
155 HVAC (OBJ 2.5, 2.6, & 2.7)
-
156 Shielding (OBJ 2.7) (2:37)
-
157 Vehicular Vulnerabilities (OBJ 2.6 & 2.7) (6:53)
-
158 __ IoT Vulnerabilities (OBJ 2.6) (3:29)
-
159 __ Embedded System Vulnerabilities (OBJ 2.6) (6:52)
-
160 __ ICS and SCADA Vulnerabilities (OBJ 2.6) (8:19)
-
161 __ Mitigating Vulnerabilities (OBJ 2.6) (3:30)
-
162 __ Premise System Vulnerabilities (OBJ 1.2, 1.3, 1.7, & 2.6) (6:14)
19 Authentication
-
163 Authentication (OBJ 2.4, 3.5, & 3.8) (5:56)
-
164 Authentication Models (OBJ 2.4, 3.5, 3.8, & 3.9) (5:22)
-
165 802.1x (OBJ 3.4 & 3.8) (3:47)
-
166 LDAP and Kerberos (OBJ 3.1 & 3.8) (2:29)
-
167 Remote Desktop Services (OBJ 3.1) (1:54)
-
168 Remote Access Service (OBJ 3.1 & 3.8) (2:06)
-
169 VPN (OBJ 3.3) (3:05)
-
170 RADIUS vs TACACS+ (OBJ 3.8) (2:20)
-
171 Authentication Summary (OBJ 3.8) (2:06)
-
172 __ Authentication Attacks (OBJ 1.2) (7:12)
20 Access Control
-
173 Access Control (OBJ 3.8) (0:53)
-
174 Access Control Models (OBJ 3.8) (8:17)
-
175 Best Practices (OBJ 2.7, 3.8, & 5.3) (5:46)
-
176 Users and Groups (OBJ 3.7 & 3.8) (9:15)
-
177 Permissions (OBJ 3.8) (3:44)
-
178 Usernames and Passwords (OBJ 1.6 & 3.7) (2:39)
-
179 Demo_ Policies (OBJ 3.7) (4:37)
-
180 User Account Control (OBJ 3.7 & 3.8) (1:56)
21 Risk Assessments
22 Vulnerability Management
-
188 Penetration Testing (OBJ 1.8) (4:29)
-
187 Vulnerability Management (OBJ 1.7, 4.1, & 5.4) (7:53)
-
189 __ Training and Exercises (OBJ 1.8 & 4.2) (4:48)
-
190 OVAL (OBJ 1.7) (1:37)
-
191 Vulnerability Assessments (OBJ 1.7 & 4.1) (6:55)
-
192 Demo_ Nmap Scanning (OBJ 4.1) (8:53)
-
193 Demo_ Vulnerability Scanning (OBJ 1.7, 4.1, & 4.3) (9:36)
-
194 Password Analysis (OBJ 1.2) (5:57)
-
195 Demo_ Password Cracking (OBJ 4.1) (2:39)
23 Monitoring and Auditing
-
196 Monitoring Types (OBJ 3.3) (2:57)
-
197 Performance Baselining (OBJ 2.1) (4:38)
-
198 Protocol Analyzers (OBJ 3.3 & 4.1) (3:01)
-
199 SNMP (OBJ 3.1) (3:43)
-
200 Demo_ Analytical Tools (OBJ 4.1) (4:29)
-
201 Auditing (OBJ 1.7) (1:57)
-
202 Demo_ Auditing Files (OBJ 1.7) (3:56)
-
203 Logging (OBJ 1.7, 4.3, & 4.5) (3:42)
-
204 Log Files (OBJ 4.3) (5:17)
-
205 SIEM (OBJ 1.7 & 4.3) (8:51)
-
206 __ Syslog (OBJ 1.7 & 4.3) (5:52)
-
207 __ SOAR (OBJ 1.7 & 4.4) (3:20)
24 Cryptography
-
209 Symmetric vs Asymmetric (OBJ 2.8) (6:14)
-
208 Cryptography (OBJ 2.1 & 2.8) (4:58)
-
210 Symmetric Algorithms (OBJ 2.8) (4:59)
-
211 Public Key Cryptography (OBJ 2.8) (3:12)
-
212 Asymmetric Algorithms (OBJ 2.8) (3:47)
-
213 Pretty Good Privacy (OBJ 2.8) (1:49)
-
214 Key Management (OBJ 2.8) (2:14)
-
215 One-Time Pad (OBJ 2.8) (4:21)
-
216 Demo_ Steganography (OBJ 2.8) (3:54)
-
217 __ Cryptography Considerations (OBJ 2.8) (12:26)
25 Hashing
26 Public Key Infrastructure
27 Security Protocols
28 Planning for the Worst
-
233 Planning for the Worst (OBJ 2.5 & 5.4) (2:13)
-
234 Redundant Power (OBJ 2.5) (3:10)
-
235 Backup Power (OBJ 2.5) (3:09)
-
236 Data Redundancy (OBJ 2.5) (4:42)
-
237 Demo_ RAIDs (OBJ 2.5) (3:38)
-
238 Network Redundancy (OBJ 2.5) (2:07)
-
239 Server Redundancy (OBJ 2.5 &3.3) (1:45)
-
240 Redundant Sites (OBJ 2.1) (2:23)
-
241 Data Backup (OBJ 2.5) (2:57)
-
242 Tape Rotation (OBJ 2.5) (3:55)
-
243 Disaster Recovery Plan (OBJ 2.1, 2.5, 4.2, & 5.4) (5:41)
-
244 __ Business Impact Analysis (OBJ 5.4) (15:47)
29 Social Engineering
-
246 Demo_ Pretexting (OBJ 1.1 & 5.3) (4:17)
-
245 Social Engineering (OBJ 1.1) (0:55)
-
247 Insider Threat (OBJ 1.5) (2:13)
-
248 Phishing (OBJ 1.1 & 5.3) (6:34)
-
249 __ Motivation Factors (OBJ 1.1) (7:14)
-
250 More Social Engineering (OBJ 1.1 & 1.2) (4:03)
-
251 __ Fraud and Scams (OBJ 1.1) (5:26)
-
252 __ Influence Campaigns (OBJ 1.1) (4:14)
-
253 User Education (OBJ 5.3) (4:47)
30 Policies and Procedures
-
255 Data Classifications (OBJ 5.3 & 5.5) (6:45)
-
254 Policies and Procedures (OBJ 5.2 & 5.3) (5:56)
-
256 __ Data Ownership (4:06)
-
257 PII and PHI (OBJ 5.2 & 5.5) (6:22)
-
258 __ Legal Requirements (OBJ 5.2 & 5.5) (5:45)
-
259 __ Privacy Technologies (OBJ 5.5) (6:29)
-
260 Security Policies (OBJ 5.3 & 5.5) (10:22)
-
261 User Education (OBJ 5.3) (4:05)
-
262 Vendor Relationships (OBJ 5.3) (7:55)
-
263 Disposal Policies (OBJ 2.7 & 4.1) (5:07)
-
264 IT Security Frameworks (OBJ 5.2) (3:21)
-
265 __ Key Frameworks (OBJ 5.2) (8:37)
31 Incident Response and Forensics
-
266 Incident Response Procedures (OBJ 4.2) (4:39)
-
267 __ Incident Response Planning (OBJ 4.2) (18:19)
-
268 __ Investigative Data (OBJ 4.3) (12:30)
-
269 __ Forensic Procedures (OBJ 4.5) (13:55)
-
270 Data Collection Procedures (OBJ 4.1 & 4.5) (7:59)
-
271 Demo_ Disk Imaging (OBJ 4.1) (6:59)
-
272 __ Security Tools (OBJ 4.1) (21:03)
32 Conclusion
