Security architects design and implement secure architectures and translate business processes and risk into policy and implementation rules. In this course, you'll explore designing secure application and data architectures. First, you'll examine the history of development, the role of the application architect, and application architecture goals. Next, you'll learn about disciplines related to application architecture, as well as Service-oriented Architecture and its standards. You'll move on to learn about modular framework development, authentication, patching, and vulnerability testing. Next, you'll examine data architecture, data classification, data privacy, and database security. Finally, you'll learn about encryption and big data, as well as data architecture analysis and influences.

Cryptography is a process used to keep information secret and safe by transforming it into an unrecognizable form that unwanted and unintended recipients cannot understand. In this course, you'll explore how cryptography can be used for confidentiality and integrity. Discover when to use symmetric and asymmetric encryption and discover the advantages and disadvantages of both. Explore practical use cases for cryptography and explore how hashing can be used to ensure data integrity. Discover how digital signatures can provide message integrity, authenticity, and non-repudiation and learn how to implement digital signatures. Discover how to differentiate between rights and permissions and explore access control methods such as discretionary access control, mandatory access control, and role-based access control. Lastly, explore how steganography can be used to hide secret information in or on another object, and how digital rights management (DRM) tools can be used to control access to protected data. This course was originally created by Global Knowledge (GK).

The phases of developing good security architecture help provide a well-organized and secure environment. Examine the areas of TOGAF(r) related to SOA and Security. Trademark Disclaimer: TOGAF(r) IS A REGISTERED TRADEMARK OF THE OPEN GROUP. THIS COURSE IS NOT REVIEWED, ENDORSED, CERTIFIED, OR ACCREDITED BY OR AFFILIATED WITH THE OPEN GROUP.

In this course, you'll learn about documentation requirements for a security architecture and alternate architectures. First, you'll explore the types of documentation required to guide an architecture. You'll examine input documentation, including business requirements and objectives, standards and best practices, and laws and regulations. Next, you'll learn about architecture documentation, including how and what to document. You'll examine output documentation as well, including policies, procedures, and guidelines. You'll learn about the Security Requirements Traceability Matrix, including required fields. Finally, you'll learn about virtualization and how to evaluate cloud and hybrid cloud solutions, focusing on factors like shared responsibility, encryption, and key management.

Bash is the default shell language in most server computing environments in Linux. The ability to leverage Bash scripting abilities for system administration and automation of tasks, including security, makes it an essential tool to understand and use. In this course, you'll navigate the vital elements of the Bash scripting language and analyze the output of common commands and scripts. You'll learn how to use Bash variables, conditionals, and loops and apply timing to a Bash script. You'll also learn how to change and list directories using Bash scripts, as well as how to change the ownership and permissions on files and folders. Next, you'll create files and custom functions, use piped commands to chain Bash scripts together, and redirect outputs using a Bash script.

"C and C++ are two of the most widely-used compiled languages for infrastructure and performance-critical applications. Mistakes and careless use of these tools can often lead to system and application crashes and security breaches through remote code execution. In this course, you'll learn and construct the essential elements of C and C++ code and generate binary files suitable for Linux and Windows operating systems. You'll work with variables and arrays in C/C++, and learn how to use vectors and standard containers in C++. Next, you'll learn how to use C/C++ conditional statements and loops, as well as how to perform string manipulation in both C and C++. Lastly, you'll learn how to define and call C/C++ functions, and how to work with pointers in a C program."

PowerShell is the command shell and scripting language in the Microsoft Windows operating system. The ability to leverage PowerShell scripting abilities for system administration and automation of tasks, including security, makes it an essential tool to understand and use. In this course, you'll navigate basic elements of the PowerShell scripting language and analyze the output of common commands. You'll learn how to use PowerShell cmdlets, get object properties, and filter inputs. You'll then learn how to use variables, conditionals, and loops in a PowerShell script. You'll also learn how to get interactive help, create custom functions, use piped commands to chain PowerShell scripts together, and set the execution policy using a PowerShell script.

Social engineering is a form of attack that is accomplished using malicious activities through human interactions. In a common social engineering attack, humans are tricked into making security mistakes or giving away sensitive information. In this course, you'll explore the goals of social engineering including gaining access to sensitive data, physical locations, and systems. Discover vulnerabilities that make social engineering possible, explore common targets, and learn about indirect and direct social engineering attacks. Explore how searching a person or business's trash can produce information that can be used to carry out an attack, and discover the importance of staying up to date with the latest social engineering stats and trends. Explore the importance of cyber awareness and reporting workplace abnormalities, and discover the various social media site types including social networks, video sharing, blogging, and photo sharing. Lastly, explore factors that drive people to post compromising material on social media. This course was originally created by Global Knowledge (GK).

The principles of software engineering include designing, developing, implementing, and maintaining a software solution. One crucial aspect of software security is to determine if software is safe to release to an organization or public. In this course, you'll explore the Software Development Life Cycle (SDLC) and learn about maturity levels used to define agility and effectiveness of a development solution. Discover how security guidelines can help improve the quality and security of a software development, and explore the importance of staying current with the types and trends of software threats and exploits. Continue to learn about software vulnerabilities while exploring common attacks including buffer overflows, database injection, cross-site scripting, and directory traversal attacks. Lastly, explore how misconfiguration of servers increases the likelihood of attacks, and discover how permissions are used to secure directories used by applications. This course was originally created by Global Knowledge (GK).

Enterprise assets, including data, must be protected at all times. Explore cryptography best practices, including hashing, salting, encryption, digital signatures, regulatory requirements, PKI, and Web of Trust.

Identifying, evaluating, and prioritizing threats are critical for proper IT systems security. Explore risk assessment, treatment, and assessment; best practices for monitoring systems; and security analytics, metrics, and trends.

Security hardening is the process of securing systems and networks by reducing the surface of vulnerability. In this course, you'll learn the types of systems that can be hardened as well as how security baselines can be used to define normal conditions on a network. Explore how Group Policy can be used to apply computer settings to numerous systems at once, and discover the benefits of performing ongoing security patching. Explore steps used to harden systems by role including: client, server, database, web server, FTP, DNS, DHCP, network, and mobile devices. Lastly, learn how to differentiate between free and commercial hardening tools, recognize steps to properly implement authentication, authorization, and accounting, and implement physical security to contribute to overall security stability. This course was originally created by Global Knowledge (GK).

Cybersecurity is the practice of protecting systems, networks, and programs from cyber threats and exploits. Therefore, organizations are required to allocate a growing number of resources to protect their data from unwanted and unauthorized data breaches and disclosures. In this course, you'll explore the possible constraints that may prevent an organization from having an ideal IT security solution including budget, regulations, design limitations, and political issues. Discover driving forces in cybersecurity including money, mobile devices, education, and new technologies, and explore the risks associated with portable electronic devices (PED) such as geolocations. Explore how supervisory control and data acquisition (SCADA) systems can be used to monitor important infrastructure including electric grids, water supplies, and pipelines, and discover how most people now use the Internet daily to send email, shop, and watch TV. Lastly, discover how cybersecurity and IT standards continue to evolve and how no one standard is foolproof or future proof. This course was originally created by Global Knowledge (GK).

Online user accounts are one of easiest entry points for savvy hackers. Discover why and how most common user account breaches happen, as well as general security practices to help protect against potential intrusions via user accounts.

As organizations continue to evolve, they must focus on key trends including mobility, information security, and social capabilities. In this course, you explore mobile trends and how mobility can impact a business. Discover how mobility incorporates mobile communication, hardware, and applications, and explore potential challenges organizations face when implementing mobile solutions. You'll also explore information security factors brought forward by the increased use of networks, computers, and mobiles. Discover how information security can protect physical and digital assets from theft, compromise, alteration, destruction, and unwanted manipulation, and explore potential challenges organizations face when implementing a security solution. You'll also learn about social trends including social networking and social media components. Lastly, explore how organizations are focusing on social trends including brand awareness, digital advertising, customer experience, and lead conversion. This course was originally created by Global Knowledge (GK).

Vulnerabilities can be defined as a flaw or weakness that can be exploited. One method to identify vulnerabilities is to use a scanner to assess computers, networks, and applications for known weaknesses. By using a scanner, attackers can learn how to best exploit a target system. In this course, you will learn how port scanning works and recognize common ports with known protocols. Discover how to perform network discovery using Nmap, as well as how to perform vulnerability scanning using Nessus. Discover how to exploit a target system using Nessus and Metasploit, and explore how to take over a remote system. Lastly, you'll also explore vulnerability and system scanning countermeasures, and explore countermeasure techniques used to protect against system exploitation. This course was originally created by Global Knowledge (GK).