About this Course

Course 7 - Systems and Application Security This is the seventh course under the specialization SSCP. This course discusses two major changes in recent years to how we use our data: going mobile and using the cloud. First, we use our data on the go by means of data services provided to our mobile phones, Wi-Fi, and other devices. Second, so many of the enhanced functions we take for granted in our daily personal and professional lives are made possible by cloud services, where our data is stored or processed. Course 7 Learning Objectives After completing this course, the participant will be able to: - Classify different types of malware. - Determine how to implement malware countermeasures. - Identify various types of malicious activities. - Develop strategies for mitigating malicious activities. - Describe various social engineering methods used by attackers. - Explain the role of behavior analytics technologies in detecting and mitigating threats. - Explain the role and functionality of host-based intrusion prevention system (HIPS), host-based intrusion detection system (HIDS), and host-based firewalls. - Evaluate the benefits of application whitelisting in endpoint device security. - Explain the concept of endpoint encryption and its role in endpoint security. - Describe the role and functionality of Trusted Platform Module (TPM) technology in providing hardware-based security features. - Identify the steps in implementing secure browsing practices using digital certificates and secure communication protocols. - Explain the concept of endpoint detection and response (EDR) and its role in providing real-time monitoring, detection, investigation, and response capabilities to identify and mitigate advanced threats and security incidents on endpoint devices. - Identify provisioning techniques for mobile devices. - Explain the concept of containerization and how it contributes to effective mobile device management. - Explain how encryption contributes to effective mobile device management. - Describe the process of Mobile Application Management (MAM) to effectively manage the life cycle of mobile applications. - Distinguish among public, private, hybrid, and community deployment models in cloud security. - Distinguish among various service models and their impact on cloud security practices. - Describe virtualization technologies and their role in maintaining cloud security. - Identify legal and regulatory concerns related to cloud security. - Determine strategies to implement data storage, processing, and transmission while maintaining cloud security. - Explain the requirements and considerations associated with third-party services and outsourcing in cloud storage. - Explain the concept of the shared responsibility model in cloud storage. - Identify steps to manage and secure hypervisor environments. - Explain how to deploy, configure, and maintain virtual appliances within virtualized environments. - Determine the process for managing containerized environments. - Describe the best practices of storage management in virtualized environments. - Develop strategies for ensuring business continuity and resilience in virtualized environments. - Analyze potential threats and attacks targeting virtual environments. Who Should Take This Course: Beginners Experience Required: No prior experience required

Created by: ISC2