Inhalt: More and more companies are migrating their applications and infrastructure to the cloud, shifting operational aspects to service providers such as Microsoft and Amazon. However, cloud computing is a shared responsibility, especially when it comes to keeping your data, users, and systems safe. In this course, Malcolm Shore outlines the major forms of cloud technology, its benefits and risks, and the cybersecurity standards and body of knowledge required to mitigate those risks. He introduces concepts such as software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS) and the different deployment models available. He then reviews offerings from Microsoft Azure, Amazon Web Services, and Google Apps. Malcolm also shows the Security as a Service (SecaaS) capability of each platform, which can be used to identify unauthorized access and put cloud security defenses like encryption, logging, and monitoring into place. Umfang: 02:27:56
Inhalt: Set a rock-solid foundation for your network, users, and data by learning about the basics of cybersecurity. Security expert Malcolm Shore describes how to assess and mitigate risks using various cybersecurity frameworks and control standards, such as NIST, COBIT 5, and the Payment Card Industry Data Security Standard (PCI DSS). Malcolm details pertinent cyber threats and how they operate, including how cyber criminals hide their attacks, how advanced persistent threats (APTs) work, and even how to determine what's real and what's merely cyber fear, uncertainty, and doubt (FUD). Throughout the course, he also covers managing cyber risk; selecting and applying controls; and the overall cybersecurity lifecycle, from managing defense to responding to cybersecurity incidents when they occur. Umfang: 01:59:57.00
Inhalt: You've secured your systems, you've trained your users, and you've fortified your network. Think you're ready to handle a cybersecurity threat? Penetration testing is one of the best ways to see if your security will hold. It puts testers in the role of attackers, looking for vulnerabilities in your networks, computers, applications, email, and even your users. This course provides an introduction to the key knowledge and skills to start a program of professional penetration testing at your organization. Cybersecurity expert Malcolm Shore reviews popular pen testing tools, as well as the Bash and Python scripting skills required to be able to acquire, modify, and re-use exploit code. He also provides a refresher on Kali Linux and introduces techniques for testing web services. At the end of this course, you'll be prepared to take more advanced training, and to pursue the popular Offensive Security Certified Professional (OSCP) certification. Umfang: 02:29:22.00
Inhalt: Mobile devices are used for our most sensitive transactions, including email, banking, and social media. But they have a unique set of vulnerabilities, which hackers are all too willing to exploit. Security professionals need to know how to close the gaps and protect devices, data, and users from attacks. Join author Malcolm Shore as he explores the two dominant mobile operating systems, Android and iOS, and shows ways to protect devices through analysis and testing. Watch this course to review the basics of mobile OS models, the toolsets you need for testing, and the techniques for detecting and preventing the majority of security flaws. These methods recognized by EC Council as integral part of those looking to earn their Certified Ethical Hacker certification. The complete CEH BOK can be found at https://www.eccouncil.org/Certification/certified-ethical-hacker/CEH-What-You-Will-Learn. Umfang: 01:52:18.00
Inhalt: Wireless networks are convenient and popular, but poor configuration and encryption leave them open to attack. Hackers can use Wi-Fi vulnerabilities to infiltrate your entire network. Security professionals need to know how to detect, prevent, and counter these kinds of attacks using the latest tools and techniques-the subject of this course with cybersecurity expert Malcolm Shore. Malcolm covers everything from configuring basic security to understanding how hackers extract passwords, harvest connections at rogue access point, and attack networks via Bluetooth. He also explains how to select the right antennae for testing and introduces some sophisticated Windows and Linux tools to scan for vulnerabilities, including Acrylic, Ekahau, and Wireshark. By the end of the course, you should be able to shore up your wireless connections and gain confidence that your local network is safe to use. Note: This course is part of our test prep series for the Certified Ethical Hacker exam. Review the complete exam objectives at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/. Umfang: 01:41:36.00
Inhalt: Ethical hacking involves testing to see if an organization's network is vulnerable to outside threats. Denial-of-service (DoS) attacks are one of the biggest threats out there. Being able to mitigate DoS attacks is one of the most desired skills for any IT security professional-and a key topic on the Certified Ethical Hacker exam. In this course, learn about the history of the major DoS attacks and the types of techniques hackers use to cripple wired and wireless networks, applications, and services on the infrastructure. Instructor Malcolm Shore covers the basic methods hackers use to flood networks and damage services, the rising threat of ransomware like Cryptolocker, mitigation techniques for detecting and defeating DoS attacks, and more. Note: The Ethical Hacking series maps to the 20 parts of the EC-Council Certified Ethical Hacker (CEH) exam (312_50) version 10. Umfang: 01:33:46.00
Inhalt: Websites and web applications are-by their very nature-accessible remotely, which puts them at high risk of cyberattacks. Knowing how to detect and prevent web attacks is a critical skill for developers and information security professionals alike. In this course, find out how to test your sites and applications for weaknesses. Cybersecurity expert Malcolm Shore examines the various parts of a web application and introduces the Open Web Application Security Project (OWASP), which provides documentation, tools, and forums for web developers and testers. He also provides an overview of popular testing tools, including Burp Suite and OWASP ZAP. Learn how to use these utilities to run basic and advanced tests, and protect sites against common attacks. Note: The Ethical Hacking series maps to the 20 parts of the EC-Council Certified Ethical Hacker (CEH) exam (312-50) version 10. Umfang: 01:25:26.00
Inhalt: Kali Linux is targeted at digital forensics experts and penetration testers. It includes over 400 pen-testing programs, and it is the primary tool used by ethical hackers. Using Kali Linux, you can test networks to see if they're vulnerable to outside attacks. This course helps you explore Kali as well as the careers, techniques, and tools behind ethical hacking-one of the most competitive and sought-after IT security skills. Get a short overview of the tools in Kali as well as third-party solutions such as Deepmagic, Nikto, Burp Suite, nmap, and more. Cybersecurity expert Malcolm Shore shows how to set up a virtual environment for testing, configure Kali Linux, and install and use toolsets for information gathering, vulnerability scanning, password cracking, and target exploitation. Umfang: 01:43:57
Inhalt: Websites are one of the most vulnerable pieces of technology since their contents are exposed on the internet. By understanding how attackers locate and exploit these vulnerabilities, you can help build more secure websites and applications. This course shows how to perform advanced web testing using Burp Suite, the professional pen testing framework. Instructor Malcolm Shore also introduces other scanning tools, including Whatweb, Dirbuster, DirScanner, DIRB, and Wfuzz, for finding hidden webpages and other nonstandard attack vectors. Once scanning is complete, you can learn how to zero in on vulnerabilities and intercept messages, integrating tools like sqlmap and Nikto. Then find out how to attack a site using uploaded shell files, SQL injection, and login circumvention. Malcolm shares different approaches for JavaScript, PHP, and Jenkins-based sites, as well as techniques for penetrating content management systems such as WordPress and Joomla. By the end of the course, you should be able to gain access to websites and applications, access data from web servers, use command shells, and perform advanced web testing with Burp Suite and other pen testing tools. Umfang: 02:35:16.00
Inhalt: Developing graphical user interfaces (GUIs) in Python traditionally involves a lot of manual coding. wxGlade, a GUI designer written in Python for the wxPython GUI toolkit, was designed to help simplify this process. In this course, learn how to quickly develop Python GUI apps using the wxPython library-which brings the wxWidgets capability to Python-and the wxGlade tool. To lend each concept a real-world context, instructor Malcom Shore steps through how to build a cybersecurity compliance app based on the NIST Cybersecurity Framework. Malcom begins by detailing how to create a simple wxPython application. He then shows how to construct a user interface for your application using wxGlade and add functional application code to put the finishing touches on your project. Umfang: 02:06:37
Inhalt: It is estimated that by 2020, there will be 20 billion IoT devices worldwide. Designing security around these devices is crucial. In this course, Malcolm discusses what some of the security concerns are, and then shows you how to design with these concerns in mind. He covers IoT development and he explains how to test an IoT gateway and IoT devices. Umfang: 02:50:08.00
Inhalt: The security required for cloud deployments is quite different from the security applied to on-site infrastructure. In order to ensure the most effective cloud security, cloud deployments should be properly architected. In this course, instructor Malcolm Shore shows how to do this using the SABSA enterprise security architecture. Malcolm goes over strategy, planning, and the ongoing architectural management processes needed to maintain the architecture and keep it relevant. He walks you through establishing a conceptual architecture, threat modeling, and risk management, then explains how the elements of the contextual and conceptual layers work together to provide a conceptual architecture suitable for the cloud. Malcolm covers how to create the logical architecture and align security services with attributes. He concludes with a description of cloud-delivered security services and a review of what you covered in the course. Umfang: 01:11:11
Inhalt: Enumeration is designed for ethical hackers who want to build their skills in reconnaissance of targets and in optimizing their penetration testing. In this course, instructor Malcolm Shore teaches the basic methods of enumerating networks and targeting systems with common enumeration tools. Malcolm explains what enumeration is and gives you opportunities in the course for hands-on experience. He covers enumeration for local and remote hosts. Malcolm discusses how to enumerate web apps, the internet, and cloud resources. He also goes over how to use tools like SuperScan, NetScanTools Pro, Nmap, JXplorer, and more. Umfang: 02:04:02
Inhalt: Protect your network from cyberattacks. In this course, Malcolm Shore shows how to use the latest tools to discourage and combat hackers, phishers, and snoops attempting to infiltrate your Windows and Linux systems. Learn what forms cyberattacks can take, as well as the two most common types of protection you can build into your system: antivirus protection and firewalls. Then, learn how to scan your network for suspicious files, detect intruders with Netcat, and identify vulnerabilities at the host level with Nessus scans. Malcolm also shows how to combat application-level threats and monitor packet-level activity on your network. Umfang: 02:27:27.00
Inhalt: Ransomware is a growing threat, and it's imperative that IT security professionals have the knowledge and skills needed to protect their networks and systems against these attacks. In this course, instructor Malcolm Shore provides an in-depth look at tools and techniques you can use to reverse engineer malware. He discusses how to use reverse engineering to better understand malware, and demonstrates how to approach static and dynamic malware analysis. To wrap up, he dives into a real-world example of ransomware- the devastating WannaCry malware-using this case study to help you better understand how malware functions. Umfang: 01:22:39.00
Inhalt: IoT is one of the biggest new developments in IT, with growth expected to reach billions of devices in the short term. There is, however, a major gap in understanding of security for IoT. Many first-wave IoT systems are showing significant security weaknesses, and security is often recognized as one of the key blockers to successful IoT deployments. In this course, Malcolm Shore provides guidance for businesses intending to deploy IoT solutions on the end-to-end security architecture required to ensure the comprehensive security of their deployment. He provides an introduction to security architecture and discusses emerging IoT reference architecture, domain specific architecture, proximity network services, and more. Umfang: 02:05:01.00
Inhalt: Enumeration is the key to achieving success with penetration testing, and learning how to do it effectively can be challenging. Whether you're preparing for the Offensive Security Certified Professional (OSCP) exam or you're just looking to brush up on enumeration, this course can help you become more adept at this essential phase in pen testing. Instructor Malcolm Shore provides a refresher on the basic methods of enumerating networks and target systems, offering you hands-on experience with the main tools. Malcolm then digs deeper into some more sophisticated uses of the tools and introduces new ones which provide a broader range of enumeration options. He also discusses some automated systems which bring together many tools to do scripted enumeration. Umfang: 01:39:19.00
Inhalt: The traditional model of a firewalled enterprise separating trusted insiders from untrusted outsiders worked effectively for years, but it's no longer a viable option in today's world. Workers working remotely, insider threats, and attackers taking advantage of trust between internal systems-these demand a new approach to extending protection to all users and their devices, regardless of their location. In this course, Malcolm Shore shows how to better protect your networks and systems by adopting what's known as a zero trust approach to access control-removing trust relationships in networks and requiring that trust decisions are made at the time that access is requested. Malcom starts with a brief history of the concept of software trust, before moving onto key facets of the zero trust approach, the reasons for wanting to minimize trust relationships in network architectures, and the tenets and models that have been proposed for zero trust. Umfang: 00:52:02
Inhalt: Bolster your penetration testing skillset by learning three advanced techniques: tunneling, pivoting, and exfiltration. In this installment of the Penetration Testing series, instructor Malcolm Shore helps you grasp the basics of these three techniques, detailing what they are and how to leverage them when doing pen testing or responding to an attack. To begin, Malcom goes over how to tunnel through a network to gain access to deeper subnets. Next, he discusses what pivoting is and how to pivot with Armitage and Metaspoit. To wrap up, he goes over exfiltration, the covert extraction of information. Discover the ten rules for successful exfiltration, how to use PyExfil to exfiltrate over HTTPS, how to use the dnsteal tool to exfiltrate data across a DNS service, and more. Umfang: 01:15:41.00
Inhalt: Despite the arrival of myriad new and modern languages, COBOL still rules many government and legacy computing systems. Many of these systems are due to be retired, and the organization's applications must be migrated to a modern environment. In this course, learn about the ways in which developers can migrate legacy COBOL applications, the challenges in doing so, and techniques and tips for succeeding in a smooth transition. Discover various techniques and tools you can use to analyze legacy COBOL source code. Explore how to use visualization to better understand legacy code; how to extract code into a subprogram; how to effectively refactor code; and more. Get insight into some automated migration tools that streamline the process. Plus, instructor Malcolm Shore steps through the process of migrating some legacy-style COBOL application demonstrating key tools and processes along the way. Umfang: 02:48:21
Inhalt: Pen testing is a standard technique for on-site systems, but the way testing is carried out in the cloud is different. This course explores the different types of vulnerabilities in the cloud, the techniques used to test cloud deployments, and key open-source tools for testing Amazon Web Service deployments: CloudGoat, the AWS CLI, and the AWS Python Software Development Kit, known as boto3. Instructor Malcolm Shore shows how to set up your test environment and then use Python to enumerate policies, programmatically create users, manage secrets, list EC2 and RDS instances, and more. He also shows how to get a quick summary of the resources in your AWS account with the PATE tool and use other Python-based testing tools such as PACU. The skills you learn in this course will help you test your AWS deployments for the weaknesses that others will exploit and design your own customs scripts for testing. Umfang: 01:49:21
Inhalt: Kali Linux is a flavor of Linux targeted at digital forensics experts and penetration (pen) testers. It includes over 400 pen-testing programs, and it is the primary tool used by ethical hackers. Using Kali Linux, certified ethical hackers can test networks on their organizations'' behalves, to see if they''re vulnerable to outside attacks. This course will give prospective ethical hackers a short overview of the tools in Kali Linux. Cybersecurity expert Malcolm Shore shows how to set up a virtual environment for testing, configure Kali Linux, and install toolsets for information gathering, vulnerability assessment, password and hash cracking, and target exploitation. Because businesses are connected, they are also exposed. Vulnerability testing helps organizations limit that exposure. This course will help you explore the careers, techniques, and tools behind ethical hacking-one of the most competitive and sought-after IT security skills. Umfang: 02:31:49.00
Inhalt: How do you keep your organization''s files, applications, and accounts safe on the cloud? It starts with a considered design approach. In these videos, Malcolm Shore outlines the major cloud security risks, some of which have resulted in service disruptions at companies like Azure, Dropbox, Google, and Amazon, and shows how to plan for and minimize risk when it comes to your own cloud deployments. He introduces concepts such as software as a service (SaaS) and infrastructure as a service, and the differences between public and private clouds. Then, after reviewing the cloud security best practices from the Cloud Security Alliance and the European Network and Information Security Agency (ENISA), Malcolm shows how to use SABSA, a popular security requirements mapping approach, to figure out the business requirements for a successful and secure cloud deployment of your own. Umfang: 02:25:30.00
Inhalt: In this course, instructor Malcolm Shore offers you a hands-on introduction to programming in both the 32 bit and 64 bit x86 assembler and shows how you can use it to access system functions through the Windows API. First, Malcolm shows you how to install and test the GoAsm assembler, the Easy Code IDE, and the x64 debugger. He explains how to build a complex data structure and how to manipulate constants, registers, and main memory. He shows you how to write and call subprograms and how to manipulate information as an array. Then Malcolm goes into the Windows API and how to use it. He describes how to run a system command from inside an assembler program, as well as how to code and use jump tables. Next, he steps you through how to use what you've learned to complete an enigmatic encryptor. After showing you how to resolve some security issues in the assembler, Malcolm concludes with several examples of how you can run assembly code from another language with assembler subprograms. Umfang: 03:04:20
Inhalt: STRIDE is a popular threat modeling framework that helps security pros and software developers think strategically about risk. This course addresses the I in STRIDE, which stands for information disclosure. You can learn how to preserve the confidentiality of the data, secrets, and other information you store, and the policies you need to put into place to share that information safely. Topics include classic models such as data at rest and data in motion as well as information disclosure in processes and information disclosure in certain technologies such as cloud, Internet of Things and mobile, and AI and machine learning. Expert Adam Shostack also reviews the side effects of computation, the physical effects of CPUs, and the defenses you can put into place at your organization to manage metadata, secrets, and other sensitive information. Umfang: 00:29:23
Programm Findus Internet-OPAC findus.pl V20.235/8 auf Server windhund2.findus-internet-opac.de,
letztes Datenbankupdate: 26.04.2024, 12:10 Uhr. 4.194 Zugriffe im April 2024. Insgesamt 509.709 Zugriffe seit Januar 2009
Mobil - Impressum - Datenschutz - CO2-Neutral