CompTIA CYSA+ CS0-002 – Mitigate Software Vulnerabilities and Attacks Part 1
1. SDLC Integration (OBJ 2.2) Software development lifecycle integration. In this lesson we’re going to talk about the software development lifecycle and how important it is to start embedding your security in from the beginning. Now, when I talk about the software development lifecycle or SDLC, this is talking about the process of planning, analysis,… Read More »
CompTIA CYSA+ CS0-002 – Technical Data and Privacy Controls Part 2
4. Data Loss Prevention (OBJ 5.1) Data loss prevention. In this lesson, we are going to talk about DLP, which is data loss prevention. Now, DLP is a software solution that detects and prevents sensitive information from being stored on unauthorized systems or being transmitted over unauthorized networks. Essentially, we’re trying to protect our data… Read More »
CompTIA CYSA+ CS0-002 – Technical Data and Privacy Controls Part 1
1. Access Controls (OBJ 5.1) Access controls. In this lesson, we’re going to start talking about access controls and how we can use those to protect our information. Now, an access control model can be applied to any type of data or software resource. There are lots of different ways of doing this, including looking… Read More »
CompTIA CYSA+ CS0-002 – Non-technical Data and Privacy Controls Part 3
5. Data Retention (OBJ 5.1) Data retention. In this lesson, we are going to talk about data retention. When we talk about data retention, it’s really just talking about a set of policies, procedures, and tools for managing the storage of persistent data. Essentially, think about, how long should I keep this thing? Now, as… Read More »
CompTIA CYSA+ CS0-002 – Non-technical Data and Privacy Controls Part 2
3. Legal Requirements (OBJ 5.1) Legal requirements. In this lesson, we’re going to talk about some of the legal requirements around privacy. Now, any type of information or asset needs to consider how a compromise of that information can threaten the three core security attributes of the CIA triad confidentiality, integrity, and availability. And I… Read More »
CompTIA CYSA+ CS0-002 – Non-technical Data and Privacy Controls Part 1
1. Data Classification (OBJ 5.1) Data classification. In this lesson, we’re going to explore the world of data classification. And this all comes as part of data governance. When we talk about data governance, this is the process of managing information over its life cycle, from creation to destruction. So as we start thinking about… Read More »
CompTIA CYSA+ CS0-002 – Specialized Technology Part 3
6. Premise System Vulnerabilities (OBJ 1.5) Premise system vulnerabilities. In this lesson we are going to talk about premise systems. Now, what is a premise system? Well, a premise system is a system used for building automation and physical access security. And these are a different type of network as well. Oftentimes you’ll have this… Read More »
CompTIA CYSA+ CS0-002 – Specialized Technology Part 2
4. ICS & SCADA Vulnerabilities (OBJ 1.5) ICS and SCADA vulnerabilities. So at this point we’ve talked about a couple of pieces inside embedded systems and a lot of these things are going to be put together into an ICS or SCADA network. Now before we dive into that, let me first take a step… Read More »
CompTIA CYSA+ CS0-002 – Specialized Technology Part 1
1. Mobile Vulnerabilities (OBJ 1.5) Mobile vulnerabilities. In this lesson we’re going to start talking about mobile vulnerabilities. Now, as you look around the workforce these days, you cannot go within a couple of minutes without seeing somebody on their smartphone or on their tablet or on some other kind of mobile device, maybe a… Read More »
CompTIA CYSA+ CS0-002 – Hardware Assurance Best Practices
1. Supply Chain Assessment (OBJ 5.2) Supply chain assessment. In this lesson we’re going to talk about supply chain assessment and why it’s so important. When you think about supply chain assessment and more largely supply chain management, you have to think about all the components that go into a particular product. So for example,… Read More »
