Twenty-two videos cover everything you want to know about access control fundamentals. Beginning with access control basics (definitions and subject-object relationships), we move on to access control categories, authentication, account management, Single Sign-On (SSO) and Kerberos, the three forms of user authentication and the arguable fourth form, remote authentication services and much more. This is a complex subject, but our Access Control Fundamentals course dives deep and dredges up the answers for you.
Organizations know the importance of planning ahead, and that’s what this course is about. A five-video series introduces you to security policies, procedures, standards, baselines and guidelines. Take an in-depth look at personnel security, the most common control frameworks, service-level agreements and the various types of security documents. What’s the difference between a policy and a procedure? Come find out!
It’s nearly impossible to completely eliminate risk, but there are steps you can take to reduce it. This nine-video series on risk management takes a close look at risk management: definitions, tools, notable risk frameworks such as the NIST Risk Management Framework (RMF) and other Special Publications and the process of calculating risk. We also touch on threats and threat agents, the difference between due diligence and due care, and tips and best practices for ensuring that your employees are security-conscious and aware of risks. People are always the weakest link, so take an hour to learn how to strengthen them.
Information is increasingly subject to legislation, and that means companies have a choice between regulatory compliance or legal trouble. Five videos give the student a look at the nitty-gritty of regulatory compliance, from the laws and regulations that protect data privacy rights (the Health Insurance Portability and Accountability Act, the California Consumer Privacy Act and more) to issues of intellectual property, the challenges of keeping data safe in an international market and the ethical codes an information security professional is expected to follow.
Two videos introduce you to the basic principles of security governance, beginning with a close look at the CIA (Confidentiality, Integrity and Availability) triad and what it means for a well-designed system. Includes an examination of the DAD (Disclosure, Alternation and Denial) triad, which opposes CIA. We also look at security governance fundamentals and the importance of roles, developing proper organization processes, aligning business objectives with strategies and a wide array of sample security roles and responsibilities.