In this course, we will discuss protecting sensitive data with cryptography, which is the practice of disguising information in a way that looks random. We will cover the history of cryptography, hashing, passwords, and keys.

There are a range of groups and individuals who might carry out an attack or impact an organization's operations. In this course, we review various types of threat actors who might seek to harm an organization along with their motivations. Also discussed are the various ways an attack might occur. Ways a social engineering attack might be carried out is also described.

A number of cyberattacks are possible including physical, network, application, and cryptographic attacks. In this course, we review the general types of cyber attacks mentioned in the CompTIA Security+ exam. We also describe their general operation of specific examples of attacks both over the network and in applications.

Identity and access management is all about verifying the right users have the right access to the tools and technologies needed to do their job. Learn about the most important security concepts related to identity and access management: identification, authentication, authorization, and accounting.

There are a number of ways an organization can create a secure operating environment. In this course, we review ways organizations protect their networks and software in order to prevent data loss.

A number of network devices can be used to help secure an organization's networks. In this course, we delve into different network devices used to safeguard networks from malicious activity, protect data confidentiality, and reduce potential harmful intrusions.

As an organization implements new technologies and evolves its existing infrastructure, various secure operating requirements should be utilized. In this course, we review the concepts driving security management at an organization including practices, policies, and specific technologies such as a security information and event management system to better monitor a network for security incidents.

Virtualization has given rise to a host of new computing technologies and operations. Most major enterprise solutions utilize virtualization, automation, and cloud services. In this course, we review the terminology used in virtualization and how organizations leverage cloud computing services to meet their needs.

As mobile devices proliferate the modern workplace, various security controls must be implemented to safeguard the organization from data loss. In this course, we explore mobile device management solutions as well as the manner in which organization choose to implement mobile device usage for their employees.

Determining if a system or network is impacted by vulnerabilities is the first step toward identifying and correcting security shortcomings. In this section, we outline the methods by which secure organizations identify vulnerabilities, analyze the findings, and determine which vulnerabilties require a response.

This course explains the purpose and main components of an incident response plan and walks through the phases of incident response, contingency planning and creating backups. Explore how an incident response plan works and the basic concepts related to digital forensics.

Organizations must be on guard to protect their data both from outside threats as well as inside threats. In this course, we disuss the ideas surrounding data protection through the use of secure data management practices, data management technologies, and regulatory requirements involving how an organization's data protection operation is structured.

Secure, mature organizations thoughtfully consider how individuals at the organization will operate and take proactive steps to safeguard the organization from data loss. In this course, we review legal and industry regulations that might shape how an organization operates and we describe the methods by which an organization creates and implements policies.