From the course: Complete Guide to Cybersecurity: A Practical Approach
Understanding security controls
From the course: Complete Guide to Cybersecurity: A Practical Approach
Understanding security controls
- [Instructor] Security controls nowadays pertain to the Physical, the Technical, and the Administrative mechanisms that will act as safeguards or countermeasures or mitigations for information systems to protect what we cover earlier, which is confidentiality, integrity, and availability of the systems, and of course information within your organization. So let's start with Physical controls. Those address the need of things like batch readers, security guards, different facilities, and you know, security measures in those facilities, whether they are locks or fences or very, very sophisticated methods of access, physical access, that means, right, whether it's the buildings, parking lots and so on. Now, some of the physical security mechanisms and solutions will require some technical controls. For example, the integration of a batch or token reader for somebody to access a building or the door release mechanisms, identity management systems and access control systems to allow a person to enter a building or exit a building for that matter. Now, technical controls are also called logical controls. There are security controls that computer systems and network basically directly implement, whether it's a firewall, an intrusion prevention system, a cloud-based system on where you may have monitoring capabilities and different cloud security solutions out there. And again, you know, whether it's in the cloud or on premise, you may be already familiar with some of those technical controls. And then the last one is Administrative controls. These are also called managerial controls. And these are directives. These are policies, these are guidelines and advisories aimed at the people within the organization and they provide a framework and standards for either human behavior and other activities. And they should cover the entire scope of the organization's activities and the interactions with external parties and stakeholders. For example, a business peer, a business partner, customers and so on.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
Module 1: Cybersecurity fundamentals introduction56s
-
Learning objectives48s
-
Understanding the security concepts of information assurance9m 4s
-
Understanding the risk management process12m 50s
-
Understanding security controls2m 37s
-
Understanding governance processes6m 36s
-
Building your cybersecurity lab4m 59s
-
-
-
(Locked)
Learning objectives30s
-
(Locked)
Understanding physical access controls4m 42s
-
(Locked)
Exploring the principle of least privilege3m 6s
-
(Locked)
Understanding the concept of segregation of duties2m 13s
-
(Locked)
Introducing discretionary access control (DAC)5m 7s
-
(Locked)
Understanding mandatory access control (MAC)6m 9s
-
(Locked)
Understanding role-based access control (RBAC)1m 38s
-
(Locked)
-
-
(Locked)
Learning objectives40s
-
(Locked)
Software defined networking security4m 14s
-
(Locked)
Understanding the threats against SDN solutions2m 21s
-
(Locked)
Introducing network programmability8m 25s
-
(Locked)
Introducing SD-WAN and modern architectures3m 21s
-
(Locked)
Surveying the OWASP Top 103m 40s
-
(Locked)
-
-
(Locked)
Learning objectives45s
-
(Locked)
Introducing cryptography and cryptanalysis2m 52s
-
(Locked)
Understanding encryption protocols9m 54s
-
(Locked)
Describing hashing algorithms2m 50s
-
(Locked)
Introducing public key infrastructure (PKI)1m 37s
-
(Locked)
Introducing certificate authorities (CAs) and certificate enrollment8m 11s
-
(Locked)
Surveying SSL and TLS implementations5m 54s
-
(Locked)
Surveying IPsec implementations and modern VPN implementations5m 42s
-
(Locked)
-
-
(Locked)
Module 2: Incident response, digital forensics, and threat hunting introduction39s
-
(Locked)
Learning objectives54s
-
(Locked)
Exploring how to get started in incident response6m 6s
-
(Locked)
Understanding the incident response process5m 46s
-
(Locked)
Defining playbooks and run book automation (RBA)10m 29s
-
(Locked)
Understanding cyber threat intelligence (CTI)10m 23s
-
(Locked)
Understanding data normalization3m 1s
-
(Locked)
Deconstructing universal data formats and 5-tuple correlation1m 19s
-
(Locked)
Understanding security monitoring fundamentals6m 32s
-
(Locked)
Surveying security monitoring tools13m 33s
-
(Locked)
-
-
(Locked)
Learning objectives40s
-
(Locked)
Introducing digital forensics9m 10s
-
(Locked)
Introducing reverse engineering6m 30s
-
(Locked)
Understanding evidence preservation and chain of custody8m 9s
-
(Locked)
Collecting evidence from endpoints and servers6m 7s
-
(Locked)
Collecting evidence from mobile and IoT devices5m 2s
-
(Locked)
Exploring memory analysis with Volatility7m 56s
-
(Locked)
-
-
(Locked)
Module 3: Ethical hacking, penetration testing, and bug hunting introduction41s
-
(Locked)
Learning objectives47s
-
(Locked)
How to start a career in ethical hacking5m 7s
-
(Locked)
Understanding the difference between traditional pen testing, bug bounties, and red team assessments6m 45s
-
(Locked)
Exploring bug bounty programs9m 34s
-
(Locked)
Understanding the ethical hacking and bug hunting methodology11m 39s
-
(Locked)
Planning and scoping a penetration testing assessment5m 9s
-
(Locked)
-
-
(Locked)
Learning objectives1m 14s
-
(Locked)
Understanding information gathering and vulnerability identification2m 27s
-
(Locked)
Introducing open source intelligence (OSINT) techniques14m 39s
-
(Locked)
Performing DNS-based passive recon9m 2s
-
(Locked)
Identifying cloud vs. self-hosted assets7m 13s
-
(Locked)
Introducing Shodan, Maltego, AMass, Recon-NG, and other recon tools17m 34s
-
(Locked)
Surveying password dumps, file metadata, and public source-code repositories10m 53s
-
(Locked)
Introduction to Google hacking and search engine reconnaissance5m 26s
-
(Locked)
-
-
(Locked)
Learning objectives44s
-
(Locked)
Introduction to host and service enumeration6m 35s
-
(Locked)
Mastering Nmap24m 34s
-
(Locked)
Performing website and web application reconnaissance10m 22s
-
(Locked)
Discovering cloud assets7m 2s
-
(Locked)
Crafting packets with Scapy to perform reconnaissance5m 48s
-
(Locked)
-
-
(Locked)
Learning objectives53s
-
(Locked)
Performing on-path attacks5m 43s
-
(Locked)
Exploring the OWASP Top 10 risks in web applications6m 17s
-
(Locked)
Exploiting cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities16m 47s
-
(Locked)
Understanding server-side request forgery (SSRF) vulnerabilities10m 6s
-
(Locked)
Hacking databases23m 2s
-
(Locked)
Exploiting wireless vulnerabilities16m 54s
-
(Locked)
Exploiting buffer overflows and creating payloads24m 4s
-
(Locked)
-
-
(Locked)
Learning objectives1m 4s
-
(Locked)
Avoiding detection and evading security tools4m 26s
-
(Locked)
Introduction to lateral movement and exfiltration3m 32s
-
(Locked)
Exploring command and control (C2) techniques7m 54s
-
(Locked)
Understanding living-off-the-land and fileless malware4m 52s
-
(Locked)
Best practices when creating pen testing and bug bounty reports11m 24s
-
(Locked)
Understanding post-engagement cleanup4m 22s
-
(Locked)
-
-
(Locked)
Module 4: Cloud, DevOps, and IoT security introduction40s
-
(Locked)
Learning objectives34s
-
(Locked)
Introducing the different cloud deployment and service models4m 32s
-
(Locked)
Surveying patch management in the cloud13m 54s
-
(Locked)
Performing security assessments in cloud environments5m 58s
-
(Locked)
Exploring cloud logging and monitoring methodologies4m 10s
-
(Locked)
-
-
(Locked)
Module 5: AI security, ethics, and privacy: Balancing innovation with protection introduction33s
-
(Locked)
Learning objectives47s
-
(Locked)
Surveying the AI landscape and use cases6m 25s
-
(Locked)
Exploring LLMs, ChatGPT, Co-pilot and more7m 16s
-
(Locked)
Understanding the importance of AI security8m 53s
-
(Locked)
Exploring the OWASP Top 10 for LLMs11m 20s
-
(Locked)
-
-
(Locked)
Learning objectives52s
-
(Locked)
Exploring the secure AI development lifecycle8m 11s
-
(Locked)
Understanding privacy-preserving AI techniques5m 53s
-
(Locked)
Understanding robustness and resilience in AI models2m 2s
-
(Locked)
Surveying AI security best practices4m 23s
-
(Locked)
Exploring AI security tools and frameworks4m 51s
-
(Locked)
Understanding the legal landscape and potential new regulations4m 47s
-
(Locked)
Investigating ethical implications of artificial intelligence5m 6s
-
(Locked)