Identify critical functions, determine downtime windows, and conduct a business impact analysis to assess tangible and intangible impacts for risk management and business continuity.

Explore how access control uses ACLs and security tokens to govern user access to network resources, domains, and devices, and learn best practices for authentication, permissions, and password hygiene.

Explore four main access control methods—mandatory, discretionary, role-based, and rule-based—and how groups, permissions, and allow lists shape secure resource access.

Illustrates setting domain-level permissions on Windows Server 2012 using ACLs and NTFS, assigning read rights to the sales group for the infinite skills folder via the sharing and security tabs.

Explore the four tcp/ip layers—application, transport, internet, and network access—and how data moves from applications through tcp or udp, ip addressing, routing, fragmentation, and reassembly, with security implications.

Explore protocols and ports, such as ftp (20/21), telnet (23), smtp (25), http (80), https (443), pop3 (110), imap (143), ldap (389), with well-known 0–1024, registered 1024–49151, dynamic 49152–65535.

Define firewalls as devices that isolate networks and filter traffic between trusted and untrusted networks. Learn three firewall types: packet filtering, proxy, and stateful inspection, and their impact on security.

Connect two networks using routers, which act as traffic cops. Create networks on each side with switches by linking devices, and understand routers' role for security design.

Discover how intrusion detection systems monitor network traffic to detect intrusions and alert, while intrusion prevention systems block malicious traffic, with behavior-based, signature-based, and anomaly-based approaches.

Explore unified threat management (UTM) devices that consolidate firewall, intrusion prevention, gateway antivirus, anti-spam, VPN, content filtering, load balancing, and reporting into one box.

Explore how protocol analyzers, or packet sniffers, capture and log network traffic, reveal headers and data, and how encryption, SSL, VPNs, and encrypted archives protect against eavesdropping.

Explore layered security and defense in depth across physical, data, and network layers, including dmz, lan, and nat, with authentication and authorization, encryption, and tunneling.

Identify common malware types—spyware, adware, rootkits, trojan horses, logic bombs, backdoors, botnets, and ransomware—and how malicious software exploits browser, firewall, and software weaknesses.

Antivirus software remains the main method to prevent virus infections by detecting and eradicating malware via signatures, fingerprint scanning, and regular updates across gateways, servers, and desktops.

Explore ten common attack types, from denial of service to privilege escalation, including spoofing, phishing, spearfishing, pharming, Christmas attack, man-in-the-middle, replay, and password attacks.

Explore the ten most common attack types, including man-in-the-middle with rogue routers, replay and smurf attacks, privilege escalation, and password attacks like brute force and rainbow table attack.

Examine common application attacks, including XSS and SQL injection, and learn how insecure input handling leads to directory traversal, command injection, and buffer overflows.

Explain how extensible authentication protocol secures wireless access via an authentication server, and compare LEAP and PEAP as secure options with Windows support and encrypted channels.

Explore how databases store, manipulate, and retrieve data using relational database management systems and SQL, and compare one-tier, two-tier, and three-tier architectures for security and scalability.

Patches and updates close security holes as software grows more complex, covering service packs, patches, and hotfixes, with urgent hotfixes requiring prompt application and ongoing management of application patches.

Secure coding integrates security into the design and development process to prevent sql injection and other application-level attacks, with input validation and data verification taught via owasp and cert resources.

establish host security by enforcing up-to-date malware protection and a rigorous security baseline, then deploy antivirus, antispyware, spam filters, host-based firewall and ids to balance security and usability.

Authorize a DHCP server in Windows Server 2012 using the DHCP manager to prevent rogue servers from handing out addresses, then activate the scope to start serving clients.

Learn how fault tolerance protects data by allowing systems to continue operating after a failure. Evaluate recovery time, data backups, RAID, clustering, and load balancing to maintain availability.

Explore how clustering combines two or more computers into a single virtual server to provide fault tolerance and seamless failover, with active and passive cluster modes and heartbeat monitoring.

Construct a comprehensive backup plan by understanding full, differential, and incremental backups, and use archive bits and recovery testing to ensure rapid data restoration after a failure.

Explore full, differential, and incremental backups, how archive bits guide changes, and the recovery trade-offs between fast backups and longer restores.