CompTIA Security+ OFFICIAL Video Training Partner (SY0-501)

In this show, Wes and Cherokee discuss several different types of malware. First, they explore virus variations such as boot sector, polymorphic, macro, stealth viruses and more! You will also hear them explain other associated attacks such as logic bombs and ransomware. Tune in to learn what defines these types of attacks.

This is a continuation of a previous show discussion where Cherokee and Wes discuss several types of malware. They pick up explaining how a worm is different from a virus. Next, they cover trojans, rootkits, keyloggers and adware.

In this episode Cherokee and Wes explain numerous types of attacks one should be aware of. Specifically, they begin looking at social engineering. Tune in to learn how phishing, spear phishing, whaling, vishing, tailgating, impersonation, dumpster diving, shoulder surfing, hoaxes, and watering hole attacks are all related.

This a continuation of a previous conversation where Cherokee and Wes discuss several types of attacks. They talk about different types of Denial of Service (DoS) and Distributed Denial of Service (DDoS), Man-in-the-Middle (MitM), Buffer overflow, injection, Cross-site Scripting (XSS) and Cross-site Request Forgery (CSRF or XSRF), Privilege Escalation and more! Tune in to get all of the details.

Wes and Cherokee continue to cover many different types of attack methods. They pick up from a Previous DNS poisoning conversation and segue into the topics of hijacking and associated techniques an attacker may use. Wes explains shimming, ,spoofing, and various 802.11 type attacks.

Cherokee and Wes continue speaking about wireless attack methods, they specifically focus on wireless transmission attacks that may be associated with Bluetooth, RFID and NFC. Tune in to watch them round out this multi-part topic.

In this show, Wes and Cherokee explain the different types of threat actors and vectors used to execute an attack. Attacks are not always a one size fits all, sometimes they may incorporate many techniques. Tune in to learn more.

In this show, Cherokee and Wes discuss concepts associates with penetration testing. They explain different levels of tests such as black, grey and white box testing. Tune in to learn additional methods used to test an organizations security.

In this show, Cherokee and Wes stress the importance of understanding how penetration testing differs from a vulnerability scan. Although, a vulnerability scan may be incorporated in a pen test one must be able to discern the two. Tune in to learn about vulnerability scanning concepts.

This episode focuses on what the possible repercussions of one may encounter if a vulnerability is exercised. Watch Wes and Cherokee explain situations to be aware of such as Race conditions, End-of-life systems, Embedded systems, and improper input/error handling,

In this show Cherokee and Wes continue their previous discussion by explaining how improperly configured accounts can impact an organizations security. They also talk about memory buffer vulnerabilities, architecture or design weaknesses, zero day attacks, and improper certificate and key management.

In this show, Cherokee and Wes begin a discussion focused on understanding how both hardware and software impact an organizations security. They begin examining different firewalls and the importance of their configurations. They continue to cover many topics such as VPN Concentrators, Network Intrusion/Prevention Systems, and routers.

In this episode, Wes and Cherokee take a look at IPSec and how it can be used for transmitting information. They also discuss what a proxy is and how it may offer different functionalities based upon how it is implemented.

In this episode, Cherokee and Wes begin discussing why one may want to use load balancing and the many ways it can be implemented. They also cover topics such as access points, Security Information and Event Management systems (SIEM), and Data Loss/Leakage Prevention (DLP) techniques.

Cherokee and Wes continue to examine how both hardware and software can impact security. In this episode they discuss several concepts such as Network Access Control (NAC), Mail Gateway, Bridges, SSL/TLS accelerators, SSL decryptors, Mail Gateways and Hardware Security Modules (HSM's).

In this show, Cherokee and Wes begin a discussion focused on software-based utilities that can assist in remaining compliant with an organizations security posture. Wes demonstrates several tools such as Wireshark, Nexpose and other wireless scanners.

In this show, Cherokee and Wes continue a conversation about tools that can be used to assist posture assessment compliance. Wes shows chow to use and navigate through a vulnerability scanner.

In this show, Wes and Cherokee continue to share tools to assist in assist posture assessment compliance. First, they suggest how to sanitize drives by overwriting at a bit a bit level depending on different regulatory compliance. Next, they discuss steganography tools to be aware of. Lastly, they explain the benefits of setting up a honeypot or honeynet.

In this episode, Cherokee and Wes round off a discussion centered around software-based solutions that assist organization adhere to their security posture. Specifically, they begin looking at different backup options. With the advent of cloud-based solutions we see an expansion of redundancy options which Wes covers. Lastly, they look at command line utilities to assist in both Windows and Nix-based systems.

In this show, Cherokee and Wes begin to cover different issues one may have to troubleshoot. They begin explaining protocols that send information in clear or plain text such as FTP, Telnet, PAP and HTTP. Nest they discuss the importance of logs, permissions, access violations and certificate issues.

In this show, Cherokee and Wes continue to examine common issues that one may encounter. They point out insecure protocols, missing log information, permission issues, access violations and more. Tune in now to learn techniques and tips that may help mitigate problems one might face.

With the vast selection of tools available it may not be difficult to find one to suite your needs, however learning all of those tools may not always come without some practice. Tune in to watch Cherokee and Wes demonstrate how to interpret the output of some commonly used tools.

In this show Cherokee and Wes continue to analyze and interpret the output of various tools. They begin with firewalls and continue to examine additional tools such as Microsoft's AppLocker followed with assorted malware utilities.

In this episode, Cherokee and Wes discuss the importance of mobile security. Because mobile devices have become such an integral part of our lives it is imperative to address the potential vulnerabilities and weaknesses. Tune in now to learn how to increase security while using these devices.

In this show, Cherokee and Wes stess the importance of not only knowing what secure protocols are but rather one should also understand why they should not use the insecure counterpart. They also mention that in addition to understanding these protocols it is very important to be able to recognize the port numbers associated with these protocols for proper configuration and network analysis.

In this episode, Daniel and Wes explore common best practices and security configuration guides covered in the Security+ exam. Here they look into industry standard frameworks to secure specialized environments, defense-in-depth guides, and user training. All these are used to make the securing of a networked system easier and consistent.

In this show, Cherokee and Wes explain how the successful network designs can improve the overall network security. Tune in to learn what they recommend.

In this show, Cherokee and Wes explain how the design of individual devices may add an additional layer of security. Tune in to learn several suggestions for consideration when choosing what type of devices to use within your environment.

Wes and Zach breakdown secure staging deployment concepts, what is sandboxing and why its important, environment types including Development-Test-Staging-Production, Secure Baseline, then concluding with what is Integrity Measurement.

In this episode, Cherokee and Wes discuss the security implications of embedded systems. They explain how SCADA systems can be used to perform pretty serious attacks. They also point out additional elements to consider such as IoT devices, HVAC systems, systems on a chip (SoC) and real-time operating system (RTOS) to name a few.

In this episode, Daniel and Wes explain the development and deployment of secure applications. Here they explore development life-cycle models like Waterfall and Agile. They also discuss secure DevOps, version control and change management, secure coding techniques, code quality and testing, and compiled vs. runtime code.

In this episode, Daniel and Wes introduce you to different cloud and virtualization concepts. Here you will learn about Hypervisors, Cloud Storage, and Cloud deployment models like IaaS, SaaS, and PaaS. They also discuss the difference between On-premise vs. hosted vs. cloud and start their look into VDI/VDE.

In this episode, Daniel and Wes continue their look into Cloud and Virtualization concepts. Here they pick back up with their discussion on Virtual Desktop Infrastructure(VDI/VDE). They also cover cloud access security brokers, VM Sprawl avoidance, and VM escape protections.

In this episode, Daniel and Wes explain how to use automation and resiliency to reduce risk. Here they show you how through the use of standard procedures and automated task you can reduce the amount of common error through human fallibility. Other topics include Elasticity, Scalability, Redundancy, Fault Tolerance, and High Availability.

In this episode, Cherokee and Wes stress the importance of physical security controls. They explain how each layer of security adds complexity. They offer several suggestions that can be implemented to improve an organizations security. Tune in to learn how airgaps, mantraps, lighting and more can help your network!

In this episode, Cherokee and Wes continue to explain how physical security is an integral part of an organizations security posture. They begin by discussing Faraday cages, lock types, biometrics and so much more. Tune in to see what else they recommend for network security.

In this episode, Daniel and Wes look into identity and access management concepts. Here they discuss Identification, Authentication/Authorization/Accounting (AAA), and Multi-factor Authentication practices.

In this episode, Daniel and Wes walk you through a litany of Identity and Access services. Here they discuss services like LDAP, Kerberos, PAP/CHAP/MSCHAP, RADIUS/TACACS+, SAML, OpenID Connect, OATH, Shibboleth, and NTLM.

In this episode, Daniel and Wes dive into common Identity and Access Management Controls covered in the Security+ exam. Here you'll learn about access control models like MAC, DAC, RBAC, and ABAC. They also cover physical access, certificate-based controls, and biometric factors.

In this episode, Daniel and Wes continue looking at common Identity and Access Management controls. Here they cover the use of Token based systems, (both hardware and software), file system security, and database security.

In this episode, Daniel and Wes explore common account management practices. Here they will review the different account types like user accounts, service accounts, and privileged accounts.

In this episode, Daniel and Wes continue discussing common account management practices. They pick back up looking at general security practices like recertification, time restrictions, and group-based access control. They also go over account policy enforcement techniques.

In this episode, Daniel and Wes dive into Policies, Plans, and Procedures. Here they cover different agreement types like BPA, SLA, ISA, and MOU/MOA. Then they go over proper personnel management for risk reduction. Other topics covered includes NDAs, Onboarding, and Acceptable Use Policies.

Wes and Zach cover identifying critical systems, privacy threshold assessments, privacy impact assessments, and mission essential functions.

Wes and Zach explain risk management processes and concepts, what are the components of threat assessments, the differences between internal and external assessments, risk assessment, ALE=SLE *ARO - quantitative assessment, plus risk response techniques (or strategies).

Wes and Zach identify incident types with appropriate response process & measures. Documentation at all levels is emphasized.

In this episode, Daniel and Wes begin their discussion of the basics of computer forensics. Topics covered include Order of Volatility, Chain of Custody, Data Acquisition, and Strategic Intelligence Gathering.

Wes and Zach go over options in recovery sites, protocol or order for restoration, plus backup concepts.

Wes and Zach recap considerations about backup, geographic considerations, legal implications including data sovereignty, and operation planning.

In this show, Cherokee and Wes explain how to handle data past its useful life and and what one should consider whilst retaining data. They cover digital methods to dispose of data such as formatting and wiping as well as physical destruction methods. Tune in hear them cover other aspects of privacy as well.

In this episode, Daniel and Wes go over the basic concepts of Cryptography. Here they look at topics like symmetric/asymmetric algorithms, modes of operation, hashing and salting, which is a method used to increase the defense of hashing.

Wes and Zach discuss the science of hiding data, and working with principles of encryption. Sub-topics include Elliptic Curve, Digital Signatures, the difference between Diffusion and Confusion, Ephemeral Key, Data States, and more.

Wes and Zach cover what are cryptography algorithms, basic characteristics, different types of cyphertext, encryption keys, difference between block & stream cyphers, symmetric & asymmetric algorithms, and more.

Wes and Zach go over cypher modes & what they are, hashing algorithms, key stretching algorithms, what a Hashing Collision is, obfuscation, substitution cyphers, and deciding what are the best applications for your systems.

In this show, Cherokee and Wes take a look at concepts such as hash algorithms including MD5, SHA, HMAC, and RIPEMD. They also look additional obfuscation methods such as key stretching algorithms, XORing, using ROT ciphers and substitution ciphers.

In this episode, Daniel and Wes explore wireless security for the Security+ exam. Here they cover cryptographic protocols like WEP, WPA/WPA2, and TKIP. They also look at authentication protocols like EAP, PEAP, IEEE 802.1x, and RADIUS.

In this show Wes and Cherokee begin discussing public key infrastructure. Learn the basic design of a Certificate Authority hierarchy and learn terms such as CRL, OCSP and more!

In this show Cherokee and Wes continue discussing Public Key Infrastructure. First, they examine components for validation followed by additional concepts such as certificate pinning, key escrow and wildcards. Next, they look at different levels of validation and certificate formats.

In this show, Cherokee and Wes continue to examine the different ways certificates can be used. Wes explains how to structure a Certificate Authority depending on your organizations need.

In this show, Cherokee and Wes continue to explain PKI. Wes also demonstrates how create and configure a Root CA. He also sets up a subordinate s CA in Windows Server 2012.

Watch & Learn - Online IT training that's engaging and effective. Start or expand your IT career today.