Network Defense Essentials covers the fundamental concepts of information security and network defense. This introductory cybersecurity course is designed for today's entry-level information security or cybersecurity careers and is ideal for learners aspiring to pursue a career in cybersecurity. The course gives a holistic overview of the key components of Information Security such as Identification, Authentication and Authorization, Virtualization and Cloud Computing, Wireless Networks, Mobile and IoT Devices, and Data Security. The interactive labs component of this course ensures that learners receive the hands-on, practical experience required for a future in cybersecurity. NDE-certified learners have an assured means of formal recognition to add to their resumes and show off their expertise and skills to prospective employers. The purpose of the NDE certification is to recognize the competency and expertise of a professional in network defense and information security skills, thereby adding value to their workplace and employer.

This is a self-paced lab that takes place in the Google Cloud console. This hands-on lab demonstrates how to build a Docker image and push it to Google Container Registry.

In this course, we will examine three very relevant security risks that were merged into larger topics in the OWASP Top Ten 2021 list. It’s still important to know the details of how these risks work. We will explore XML External Entities (XXE), Cross-Site Scripting (XSS) and Insecure Deserialization.

This course covers credential Access, discovery, lateral movement & collection.

Welcome to course 3 of 5 of this Specialization, Access Control Concepts. In Course 1, we introduced access control concepts. Now, we will take a more detailed look at the types of access control that every information security professional should be familiar with. We will discuss both physical and logical controls and how they are combined to strengthen the overall security of an organization. This is where we describe who gets access to what, why access is necessary, and how that access is managed. After completing this course, the participant will be able to:  Select access controls that are appropriate in a given scenario. - Relate access control concepts and processes to given scenarios. - Compare various physical access controls. - Describe logical access controls. - Practice the terminology of access controls and review concepts of access controls. Agenda Course Introduction Module 1: Key Concepts Module 2: Administrative Controls Module 3: Physical Controls Module 4:Logical Controls Module 5: Controls Review This training is for IT professionals, career changers, college students, recent college graduates, advanced high school students and recent high school graduates looking to start their path toward cybersecurity leadership by taking the Certified in Cybersecurity entry-level exam. There are no prerequisites to take the training or the exam. It is recommended that candidates have basic Information Technology (IT) knowledge. No work experience in cybersecurity or formal education diploma/degree is required.

Part 2 of the Privacy Fundamentals course will cover data assessments, documentation and privacy rights. We will also explore different training methods including competency based training.

The world runs on computers. Your watch, your TV, your car. You might be familiar on how to operate each of these. Your home computer you are even more familiar with operating it. But what does it take to really take computer systems to the next level? - The enterprise level. In this course we discuss what makes home computing systems different from enterprise computing systems. This course will also help you prepare and design your own home lab to explore enterprise operating systems. This course is for anyone who is exploring what it might take to have a job as a system administrator or for those who are already specialized in one area of system management and would like to move to another. This course may also be for those who are looking to understand how computer security plays an important role in system management. At the end of the course, you will also be able to illustrate how different enterprise technologies play role in computing at an enterprise level. You will also be able to discuss the three pillars of the CIA triad and how they apply to enterprise systems. While there is no technical and software component installs necessary for the completion of this course, supplemental how-to guides will be provided if you wish to follow along on the technical portion presented during the course.

The Cyber Incident Response course will give students an understanding of how incidents are responded to at a high level, as well as allow them to build important technical skills through the hands-on labs and projects. This course starts with a high-level discussion of what happens at each phase of responding to an incident, followed by a technical deep dive into some of the more exciting parts of memory, network, and host analysis and forensics. This course is for anyone wishing to apply learned forensics and offensive knowledge such as ethical hacking to the incident response process.

This course will help you build a foundation of some of the fundamental concepts in secure programming. We will learn about the concepts of threat modeling and cryptography and you'll be able to start to create threat models, and think critically about the threat models created by other people. We'll learn the basics of applying cryptography, such as encryption and secure hashing. We'll learn how attackers can exploit application vulnerabilities through the improper handling user-controlled data. We'll gain a fundamental understanding of injection problems in web applications, including the three most common types of injection problems: SQL injection, cross-site scripting, and command injection. We'll also cover application authentication and session management where authentication is a major component of a secure web application and session management is the other side of the same coin, since the authenticated state of user requests need to be properly handled and run as one session. We'll learn about sensitive data exposure issues and how you can help protect your customer's data. We'll cover how to effectively store password-related information, and not to store the actual plaintext passwords. We'll participate in coding assignment that will help you to better understand the mechanisms for effectively storing password-related information. Along the way, we’ll discuss ways of watching out for and mitigating these issues and be able have some fun and exploit two different vulnerabilities in a web application that was designed to be vulnerable, called WebGoat.

This is a self-paced lab that takes place in the Google Cloud console. In this hands-on lab, you will learn the basics of Vault.