CompTIA Security+ SY0-601 – 5.4 Risk management processes and concepts Part 1
1. Risk types, terms, and Process In this video we’re going to be talking about risk types. Now before we get into this whole section on risk, let’s just define risk. Risk is defined. The definition of risk is the probability that a threat exploits a vulnerability. So there’s a couple of quick things here… Read More »
CompTIA Security+ SY0-601 – Performance Based Questions
1. Performance Based Questions Introduction In this video, I’m going to be talking about this section, performance based questions. Now, this particular section, I want to be going over with you guys a variety of different performancebased questions that the exam may ask you. In this one, you’re basically just going to watch me do… Read More »
CompTIA CYSA+ CS0-002 – Eradication, Recovery, and Post-incident Actions Part 2
5. Recovery Actions (OBJ 4.2) Recovery actions. In this lesson, we are going to talk about the four main types of recovery actions. These include things like patching, permissions, logging, and system hardening. When we talk about patching, this involves installing a set of changes to a computer program or it’s supporting data that’s designed… Read More »
CompTIA CYSA+ CS0-002 – Eradication, Recovery, and Post-incident Actions Part 1
1. Eradication, Recovery, and Post-incident Actions (Introduction) In this section of the course, we’re going to continue our discussion of the Incident response process by focusing on our final two phases the Eradication and Recovery phase and the Post Incident Actions phase. We’re going to be covering only domain four in this section of the… Read More »
CompTIA CYSA+ CS0-002 – Risk Mitigation Part 4
7. Communicating Risk (OBJ 5.2) Communicating risk. Now, one of your jobs as a cybersecurity analyst is to make sure you can explain risk in plain and simple language. Now, what do I mean by that? Well, let’s take the example of a denial of service attack. Let’s pretend you went into a meeting and… Read More »
CompTIA CYSA+ CS0-002 – Risk Mitigation Part 3
6. Risk Prioritization (OBJ 5.2) Risk prioritization. Now we’re going to talk about risk prioritization in this lesson because it’s important to remember that not all risks are created equal. Once we determine what a risk is, we have to determine what we’re going to do about that risk. And this brings up the question… Read More »
CompTIA CYSA+ CS0-002 – Risk Mitigation Part 2
4. Risk Calculation (OBJ 5.2) Conducting an assessment. In this lesson we are going to talk about conducting an assessment and what that really means. Now, when we talk about an assessment, most businesses have to assess their different assets. Most business assets have a specific value associated with them. If I look at the… Read More »
CompTIA CYSA+ CS0-002 – Risk Mitigation Part 1
1. Risk Mitigation (Introduction) In this section of the course, we’re going to cover risk mitigation. Now, we’re going to be covering domain five in this section of the course. Specifically objective 5. 2. Objective 5. 2 states that given a scenario, you must apply security concepts in support of organizational risk mitigation. As we… Read More »
CompTIA CYSA+ CS0-002 – Frameworks, Policies, and Procedures Part 2
5. Audits and Assessments (OBJ 5.3) Audits and assessments. In this lesson we are going to talk all about audits and assessments and all the different components that are comprised as part of this auditing and assessments. Now, this is going to include things like quality control and quality assurance, verification and validation, assessments and… Read More »
CompTIA CYSA+ CS0-002 – Frameworks, Policies, and Procedures Part 1
1. Frameworks, Policies, and Procedures (Introduction) In this section of the course, we’re going to cover frameworks, policies and procedures. We’re going to be covering domain five in this section, specifically, Objective 5. 3. Now, Objective 5. 3 states that you must be able to explain the importance of frameworks, policies, procedures, and controls. Now,… Read More »
