This is a self-paced lab that takes place in the Google Cloud console. This hands-on lab demonstrates how to build a Docker image and push it to Google Container Registry.

In this course, we will examine Vulnerable and Outdated Components, Identification and Authentication Failures, Software and Data Integrity Failures, Security Logging and Monitoring Failures, and Server-Side Request Forgery (SSRF). We’ll use demos, graphics and real-life examples to help you understand the details of each of these risks.

In this course, we will examine three very relevant security risks that were merged into larger topics in the OWASP Top Ten 2021 list. It’s still important to know the details of how these risks work. We will explore XML External Entities (XXE), Cross-Site Scripting (XSS) and Insecure Deserialization.

This course covers credential Access, discovery, lateral movement & collection.

Part 2 of the Privacy Fundamentals course will cover data assessments, documentation and privacy rights. We will also explore different training methods including competency based training.

Welcome to course 3 of 5 of this Specialization, Access Control Concepts. In Course 1, we introduced access control concepts. Now, we will take a more detailed look at the types of access control that every information security professional should be familiar with. We will discuss both physical and logical controls and how they are combined to strengthen the overall security of an organization. This is where we describe who gets access to what, why access is necessary, and how that access is managed. After completing this course, the participant will be able to:  Select access controls that are appropriate in a given scenario. - Relate access control concepts and processes to given scenarios. - Compare various physical access controls. - Describe logical access controls. - Practice the terminology of access controls and review concepts of access controls. Agenda Course Introduction Module 1: Key Concepts Module 2: Administrative Controls Module 3: Physical Controls Module 4:Logical Controls Module 5: Controls Review This training is for IT professionals, career changers, college students, recent college graduates, advanced high school students and recent high school graduates looking to start their path toward cybersecurity leadership by taking the Certified in Cybersecurity entry-level exam. There are no prerequisites to take the training or the exam. It is recommended that candidates have basic Information Technology (IT) knowledge. No work experience in cybersecurity or formal education diploma/degree is required.

The world runs on computers. Your watch, your TV, your car. You might be familiar on how to operate each of these. Your home computer you are even more familiar with operating it. But what does it take to really take computer systems to the next level? - The enterprise level. In this course we discuss what makes home computing systems different from enterprise computing systems. This course will also help you prepare and design your own home lab to explore enterprise operating systems. This course is for anyone who is exploring what it might take to have a job as a system administrator or for those who are already specialized in one area of system management and would like to move to another. This course may also be for those who are looking to understand how computer security plays an important role in system management. At the end of the course, you will also be able to illustrate how different enterprise technologies play role in computing at an enterprise level. You will also be able to discuss the three pillars of the CIA triad and how they apply to enterprise systems. While there is no technical and software component installs necessary for the completion of this course, supplemental how-to guides will be provided if you wish to follow along on the technical portion presented during the course.

Cyber-attacks, breaches, and incidents continue to grow. The sophistication and complexity of these attacks continue to evolve. More than ever organizations need to plan, prepare, and defend against a potential cyber incident. Security Operation Centers (SOCs) act as an organization's front-line defense against cyber incidents. SOC analyst accomplishes this by monitoring and responding to network and host anomalies, performing an in-depth analysis of suspicious events, and when necessary, aiding in forensic investigations. This course is designed to be a primer for anyone planning on taking the EC-Council CSA course. We will discuss the structure, organization, and general daily activities of SOC analysts. We will also look at several defensive tools including SEIMs, IDS, and IPS. We will talk about event monitoring and vulnerability management. Finally, we will talk about what to expect when an incident happens.

The Cyber Incident Response course will give students an understanding of how incidents are responded to at a high level, as well as allow them to build important technical skills through the hands-on labs and projects. This course starts with a high-level discussion of what happens at each phase of responding to an incident, followed by a technical deep dive into some of the more exciting parts of memory, network, and host analysis and forensics. This course is for anyone wishing to apply learned forensics and offensive knowledge such as ethical hacking to the incident response process.

This course gives you the background needed to understand basic network security. You will learn the about Local Area Networks, TCP/IP, the OSI Framework and routing basics. You will learn how networking affects security systems within an organization. You will learn the network components that guard an organization from cybersecurity attacks. In addition to networking, you will learn about database vulnerabilities and the tools/knowledge needed to research a database vulnerability for a variety of databases including SQL Injection, Oracle, Mongo and Couch. You will learn about various security breach types associated with databases and organizations that define standards and provide tools for cybersecurity professionals. This course is intended for anyone who wants to gain a basic understanding of Network Security/Database Vulnerabilities or as the fourth course in a series of courses to acquire the skills to work in the Cybersecurity field as a Jr Cybersecurity Analyst.