WEBVTT

00:00.000 --> 00:01.440
>> Hi everybody.

00:01.440 --> 00:03.000
I want to talk to you
a little bit about

00:03.000 --> 00:04.950
the Security plus
certification course

00:04.950 --> 00:06.930
that we offer here at Cybrary.

00:06.930 --> 00:08.400
This course was developed

00:08.400 --> 00:10.049
>> by instructor
Kelly Handerhan,

00:10.049 --> 00:11.535
>> and as you can
see on the slide,

00:11.535 --> 00:13.245
she holds a number
of certifications,

00:13.245 --> 00:15.480
including Security plus.

00:15.480 --> 00:17.160
What we're going to cover

00:17.160 --> 00:19.260
>> in this video will
help you decide whether

00:19.260 --> 00:21.300
>> the Security plus
course is right for you

00:21.300 --> 00:23.429
>> and how you can
benefit from it.

00:23.429 --> 00:25.170
>> What we're going
to talk about first

00:25.170 --> 00:27.290
is why you should
take this course,

00:27.290 --> 00:29.250
what this course and
the certification

00:29.250 --> 00:31.229
>> can mean to you
and your career.

00:31.229 --> 00:33.240
>> I'll cover the
target audience,

00:33.240 --> 00:35.925
who this course is
specifically designed for.

00:35.925 --> 00:38.700
We'll talk a little bit about
the details of the exam

00:38.700 --> 00:39.720
>> and what to expect for

00:39.720 --> 00:41.684
>> when you sit for
the certification,

00:41.684 --> 00:44.010
>> the prerequisites
for this course,

00:44.010 --> 00:46.685
a little more information
about the instructor,

00:46.685 --> 00:49.370
and then ultimately what
your objectives are

00:49.370 --> 00:52.770
as far as learning goals
for the course itself.

00:55.760 --> 00:58.160
Why should you take this course?

00:58.160 --> 00:59.724
>> What's in it for you?

00:59.724 --> 01:01.790
>> Probably the most
important reason is

01:01.790 --> 01:03.140
>> to help you increase
your knowledge

01:03.140 --> 01:05.734
>> and gain an understanding
of information security,

01:05.734 --> 01:07.580
>> one of the most
rapidly growing fields

01:07.580 --> 01:09.560
in information technology.

01:09.560 --> 01:11.900
It's hard to keep up with
the skills necessary

01:11.900 --> 01:14.464
>> to combat information
security risks today.

01:14.464 --> 01:17.540
>> This course will absolutely
help you with that.

01:17.540 --> 01:21.270
Secondly, is to learn how to
protect company assets in

01:21.270 --> 01:25.024
>> your organization proactively
instead of re-actively.

01:25.024 --> 01:27.260
>> Many times if
we're reacting to

01:27.260 --> 01:29.420
a compromise, it's
already too late.

01:29.420 --> 01:32.210
Let's focus on pro-activity.

01:32.210 --> 01:34.490
This course will
enhance your career

01:34.490 --> 01:36.200
and provide for
career advancement.

01:36.200 --> 01:37.955
It's a great
certification to get,

01:37.955 --> 01:39.470
both for those who want to break

01:39.470 --> 01:40.850
>> into the security industry

01:40.850 --> 01:42.380
>> and those who want to advance

01:42.380 --> 01:44.134
>> their information
security career,

01:44.134 --> 01:46.010
>> especially for
those in the military

01:46.010 --> 01:49.294
>> or government or participating
on government contracts.

01:49.294 --> 01:53.205
>> If you're familiar with
the DoD directive, 8570,

01:53.205 --> 01:56.020
or 8140 requirements,

01:56.020 --> 01:58.790
they call for you to have a
certain level of certification

01:58.790 --> 02:00.020
>> to maintain your status

02:00.020 --> 02:02.739
>> in a certain position
or for advancement.

02:02.739 --> 02:05.930
>> This is a great
certification to get for that.

02:05.930 --> 02:08.570
Also, it will validate
your career skills

02:08.570 --> 02:11.164
>> for those of you who've
been around for a while.

02:11.164 --> 02:12.950
>> Certainly one of the things

02:12.950 --> 02:16.204
>> we hope you get out of this
course is to get certified.

02:16.204 --> 02:18.680
>> I do want to
stress that no book

02:18.680 --> 02:20.844
>> or course can
guarantee certification,

02:20.844 --> 02:22.900
>> and you'll need to
study on your own.

02:22.900 --> 02:25.520
This course will help make
sure that you understand

02:25.520 --> 02:27.994
>> all the elements of
information security.

02:27.994 --> 02:31.190
>> Last but not least, once
you get the certification,

02:31.190 --> 02:32.510
it will be a great springboard

02:32.510 --> 02:34.860
>> for other certifications.

02:35.319 --> 02:37.250
>> Like I said before,

02:37.250 --> 02:39.799
>> this is really targeted
for career changers,

02:39.799 --> 02:41.660
>> information security
professionals,

02:41.660 --> 02:43.850
>> and individuals who
are looking to increase

02:43.850 --> 02:46.509
>> their understanding
of information security.

02:46.509 --> 02:49.520
>> Those who are new to the
field won't feel overwhelmed

02:49.520 --> 02:52.680
>> because this course
starts with the basics.

02:55.689 --> 02:57.413
>> Security plus is usually

02:57.413 --> 02:59.090
>> the first
certification folks get

02:59.090 --> 03:00.440
>> if they are
wanting to excel in

03:00.440 --> 03:02.240
>> the information
security field.

03:02.240 --> 03:03.530
It's a good starting point

03:03.530 --> 03:06.319
>> and there's good
motivation to do so

03:06.319 --> 03:09.200
>> because salaries for
information security professionals

03:09.200 --> 03:11.075
average around 100,000 per year,

03:11.075 --> 03:12.940
depending on the location.

03:12.940 --> 03:15.680
As I said before,
this certification

03:15.680 --> 03:17.690
satisfies the tier
two requirements

03:17.690 --> 03:22.950
of the Department of Defense
directives 8570, and 8140.

03:24.360 --> 03:26.770
You might also consider getting

03:26.770 --> 03:29.455
the Network plus certification
in addition to this one,

03:29.455 --> 03:30.400
just to make sure you have

03:30.400 --> 03:32.990
a good understanding
of networking.

03:34.880 --> 03:37.240
The domains we will
cover throughout

03:37.240 --> 03:39.115
the course breakdown as follows.

03:39.115 --> 03:40.960
The domain we will
start out with is

03:40.960 --> 03:43.345
access control and
identity management.

03:43.345 --> 03:45.070
You can see that 13 percent

03:45.070 --> 03:47.035
of the exam covers this domain.

03:47.035 --> 03:49.660
A good portion of the
exam is cryptography

03:49.660 --> 03:51.460
>> but the big
sections are threats

03:51.460 --> 03:53.799
>> and vulnerabilities
and network security.

03:53.799 --> 03:55.480
>> That's what we were
doing in this field,

03:55.480 --> 03:57.925
is protecting our
networks from threats.

03:57.925 --> 04:01.270
Then we'll look at compliance
and operational security;

04:01.270 --> 04:02.380
those day-to-day activities

04:02.380 --> 04:04.269
>> we do to protect
our resources.

04:04.269 --> 04:07.605
>> Then application,
data, and host security.

04:07.605 --> 04:09.200
This course does not cover

04:09.200 --> 04:10.985
the domains in
exactly the segments,

04:10.985 --> 04:13.220
rather, it presents
the information

04:13.220 --> 04:15.845
in more of a logical
graduation of topics.

04:15.845 --> 04:17.690
Everything that is on the exam

04:17.690 --> 04:20.070
will be covered in the course.

04:21.530 --> 04:25.040
The exam itself is
90 minutes long.

04:25.040 --> 04:27.140
You want to be cautious
with time there because

04:27.140 --> 04:29.389
>> you may have as
many as 90 questions.

04:29.389 --> 04:31.085
>> You may have slightly fewer,

04:31.085 --> 04:33.440
but you can have as many as 90.

04:33.440 --> 04:36.030
Most of the questions
will be multiple choice

04:36.030 --> 04:38.120
but there are also some
things like drag and drop

04:38.120 --> 04:39.860
>> but the performance
piece items

04:39.860 --> 04:41.374
>> can take time to complete.

04:41.374 --> 04:42.470
>> In this course,

04:42.470 --> 04:45.060
>> we'll try to help you
get ready for those.

04:45.909 --> 04:48.020
>> The instructor who created

04:48.020 --> 04:49.670
this course is Kelly Handerhan.

04:49.670 --> 04:51.560
She's been certified
in Security plus

04:51.560 --> 04:53.450
since the first version
of it came out,

04:53.450 --> 04:55.250
and she has maintained
her certification

04:55.250 --> 04:57.230
by taking the exam
year after year.

04:57.230 --> 04:59.540
She has all the
certifications listed here,

04:59.540 --> 05:01.340
as well as many others.

05:01.340 --> 05:03.650
She owns her own
consulting company

05:03.650 --> 05:05.629
>> called CyberTrain.IT.

05:05.629 --> 05:07.670
>> She's excited to have
you take this course

05:07.670 --> 05:09.260
>> and hopes it will
help you be successful

05:09.260 --> 05:11.610
>> with your
certification goals.

05:13.599 --> 05:16.945
>> What are your learning
objectives for this course?

05:16.945 --> 05:18.680
First of all, to understand

05:18.680 --> 05:20.630
the basics of
information security.

05:20.630 --> 05:22.970
You can come in with a
minimal amount of knowledge

05:22.970 --> 05:24.140
>> because we're
going to start with

05:24.140 --> 05:26.435
>> the basics like
confidentiality,

05:26.435 --> 05:28.780
integrity, and availability.

05:28.780 --> 05:31.230
We'll look at threats
and common attacks.

05:31.230 --> 05:32.950
We'll get into cryptography,

05:32.950 --> 05:33.860
but not really deep,

05:33.860 --> 05:36.394
>> just enough to
understand the basics.

05:36.394 --> 05:38.060
>> We'll talk about networking,

05:38.060 --> 05:39.320
everything from the basics

05:39.320 --> 05:42.429
>> to network devices like
routers and firewalls.

05:42.429 --> 05:45.570
>> Then identity and
access management,

05:45.570 --> 05:47.270
how we create user accounts

05:47.270 --> 05:49.355
>> and how he make sure
those users have access

05:49.355 --> 05:51.084
>> to the resources they need.

05:51.084 --> 05:53.090
>> Then last but not least,

05:53.090 --> 05:55.715
we'll focus on
availability of resources.

05:55.715 --> 05:58.880
How do we get redundancy on
our network, for example?

05:58.880 --> 06:00.110
We'll talk about RAID,

06:00.110 --> 06:02.600
>> which is redundant
array of independent disks

06:02.600 --> 06:03.679
>> for hard drives.

06:03.679 --> 06:05.805
>> We'll talk about
clustering for servers,

06:05.805 --> 06:08.190
and then for computer
systems and processes

06:08.190 --> 06:10.430
>> we'll talk about our
disaster recovery plan,

06:10.430 --> 06:11.990
>> and for business as a whole,

06:11.990 --> 06:14.520
the business continuity plan.

06:16.280 --> 06:18.100
The prerequisites,

06:18.100 --> 06:20.214
>> for taking this
course are as follows.

06:20.214 --> 06:23.305
>> It's good to have the Network
plus certification first,

06:23.305 --> 06:25.210
but it's also good
enough to have

06:25.210 --> 06:27.590
just a basic understanding
of networking.

06:27.590 --> 06:29.915
Regardless of what
your skill of it is,

06:29.915 --> 06:32.210
you need a willingness
to learn and work hard.

06:32.210 --> 06:35.110
This is a tough test
that can be tricky.

06:35.110 --> 06:37.480
Taking notes, studying
and doing labs

06:37.480 --> 06:40.070
>> will help you get
prepared for the exam.

06:41.179 --> 06:44.085
>> Here's our syllabus
for the course.

06:44.085 --> 06:45.880
We'll cover seven modules,

06:45.880 --> 06:47.630
starting with risk management,

06:47.630 --> 06:51.565
threats, attacks and
vulnerabilities, cryptography,

06:51.565 --> 06:55.044
networking basics, network
connectivity devices,

06:55.044 --> 06:56.670
operational security,

06:56.670 --> 06:57.800
>> and then we wrap things up

06:57.800 --> 07:00.480
>> with identity and
access management.

07:01.519 --> 07:04.100
>> It's important to
get you certified,

07:04.100 --> 07:05.750
but it's also important
that you know what

07:05.750 --> 07:07.775
you're doing once
you are a certified.

07:07.775 --> 07:10.025
The idea is that when
you leave this course,

07:10.025 --> 07:11.930
you need to be able
to think about risks

07:11.930 --> 07:13.729
>> and then manage
them proactively,

07:13.729 --> 07:16.460
>> plan some proactive
steps to mitigate risks.

07:16.460 --> 07:18.890
Be able to configure
some network devices

07:18.890 --> 07:21.349
like routers through routing
tables and firewalls,

07:21.349 --> 07:25.360
proxy servers, network
address translation devices.

07:25.360 --> 07:27.410
Be able to map out a solution

07:27.410 --> 07:29.375
for identity and
access management,

07:29.375 --> 07:31.130
whether it's in your
internal domain

07:31.130 --> 07:32.540
or an external environment,

07:32.540 --> 07:34.340
meaning across the Internet.

07:34.340 --> 07:36.410
Know what to look
for when you monitor

07:36.410 --> 07:38.284
>> the current and
past environment.

07:38.284 --> 07:40.780
>> Be able to look at an
environment and identify

07:40.780 --> 07:42.860
>> what redundancy needs
to be put in place

07:42.860 --> 07:44.900
>> and then understand the role

07:44.900 --> 07:46.730
>> and implementation
of cryptography

07:46.730 --> 07:48.280
>> in securing traffic at rest

07:48.280 --> 07:50.360
>> but specifically
network traffic

07:50.360 --> 07:53.215
and through the use of
secure transport protocols.

07:53.215 --> 07:55.370
You need to have some
real-world knowledge

07:55.370 --> 07:58.290
>> and understanding when
you leave this course.

07:58.909 --> 08:01.320
>> Here's a quick wrap-up.

08:01.320 --> 08:03.575
We talked about why you
should take this course,

08:03.575 --> 08:05.165
what the target audience is,

08:05.165 --> 08:07.910
specific details about
the Security plus exam,

08:07.910 --> 08:09.740
prerequisites for the course,

08:09.740 --> 08:11.360
a little about the instructor,

08:11.360 --> 08:13.615
and the learning
objectives for the course.

08:13.615 --> 08:15.920
We hope this gave you a
little more information

08:15.920 --> 08:17.330
>> about the
Security plus course

08:17.330 --> 08:20.400
>> and look forward to
seeing you in the course.