SY0-601 Videos

A secure configuration can be designed to include many different features. In this video, you’ll learn about isolation, containment, segmentation, and SOAR. << Previous Video: Endpoint Security Configuration Next: Digital Forensics >> Our latest generation of firewalls allows us to allow or deny certain applications from traversing the network. This means the firewall might allow […]

Security administrators use a few different philosophies when configuring security policies on endpoints. In this video, you’ll learn about approval lists, block lists, quarantine areas, and the criteria used for application approval lists. << Previous Video: Log Management Next: Security Configurations >> When we refer to the endpoint, we’re talking about the devices that we

Security monitoring processes create extensive logs and data. In this video, you’ll learn about transferring, storing, and reporting on logs created from journalctl, metadata, NetFlow, IPFIX, sFlow, protocol analyzers, and more. << Previous Video: Log Files Next: Endpoint Security Configuration >> One of the standard methods for transferring log files from one device to a

Security information can be found in the logs files of almost any device. In this video, you’ll learn about viewing log files on network devices, systems, applications, web servers, and more. << Previous Video: SIEM Dashboards Next: Log Management >> There are a number of devices that are connected to our networking infrastructure that can

A SIEM can provide extensive visibility and reporting options. In this video, you’ll learn about using a SIEM (Security Information and Event Management) console and searching for important security details. << Previous Video: Vulnerability Scan Output Next: Log Files >> S-I-E-M, or SIEM, stands for Security Information and Event Management. This is usually a device

The output of a vulnerability scan can identify significant security vulnerabilities. In this video, you’ll learn about vulnerability scans, reading through the results, and managing false positives and false negatives. << Previous Video: Attack Frameworks Next: SIEM Dashboards >> Vulnerability scanners are an important part of maintaining the safety and security of the devices on

An attack framework can help prepare, understand, and react to cyber attacks. In this video, you’ll learn about the MITRE ATT&CK framework, the Diamond Model of Intrusion Analysis, and the cyber kill chain. << Previous Video: Incident Response Planning Next: Vulnerability Scan Output >> If you’re an IT security professional and you’re responsible for protecting

Most of the hard work related to security incidents happens before an event occurs. In this video, you’ll learn about tabletop exercises, walkthroughs, simulations, communication plans, and more. << Previous Video: Incident Response Process Next: Attack Frameworks >> Usually when we talk about security incidents, it’s usually after the fact, when one has already occurred.

Identifying and responding to an incident is an important part of IT security. In this video, you’ll learn about incident preparation, detection, precursors, indicators, and more. << Previous Video: Forensic Tools Next: Incident Response Planning >> As a security professional, you’ll be responsible for responding to security events that occur in your organization. Events like

Some IT security investigations will require additional forensics. In this video, you’ll learn about memdump, WinHex, FTK imager, Autopsy, and more. << Previous Video: Packet Tools Next: Incident Response Process >> If you’ve ever imaged a drive or a partition in Linux, then you’ve probably used the DD command. The term DD comes from another