This is the full course with deep dive into security protocols and procedures.
MODULE 1 - Security Concepts
=========================
0:00:00 - IT Security Overview and CIA Triad
0:19:45 - Security Deployment Overview
0:26:09 - Network, Endpoint, and Application Security Systems
0:38:21 - Agentless and Agent-Based Protections
0:42:50 - Legacy Antivirus and Antimalware
0:46:20 - SIEM, SOAR and Log Management
0:58:13 - Threat Intelligence
1:01:51 - Threat Intelligence Platforms
1:05:56 - Threat Hunting
1:10:41 - Malware Analysis
1:15:45 - Threat Actor
1:24:00 - Run Book Automation (RBA)
1:29:18 - Reverse Engineering
1:35:28 - Sliding Window Anomaly Detection
1:38:13 - Principle of Least Privilege
1:43:20 - Zero Trust
1:47:58 - Risk, Threat, Vulnerability and Exploit
2:02:11 - Defense-in-Depth Strategy
2:07:37 - Access Control Modes
2:21:47 - CVSS Metrics and Calculation
2:53:05 - Cloud Data Visibility
3:03:07 - Network Data Visibility
3:07:14 - Endpoint Data Visibility
3:15:04 - Data Loss Prevention (DLP)
3:28:18 - Identify Compromised Host Using 5-Tuple
4:02:53 - Signature-Based vs Behavior-Based Detection
MODULE 2 - Security Monitoring
==========================
4:17:44 - Attack Surface
4:24:57 - Vulnerabilities
4:37:57 - TCP Dump
4:44:17 - Netflow
4:51:30 - Next-Gen Firewall
4:55:14 - Traditional Stateful Firewall
4:59:17 - Application Visibility and Control
5:02:17 - Web Content Filtering
5:06:59 - Email Content Filtering
5:13:49 - Access Control List
5:17:59 - NAT/PAT
5:20:40 - Tunneling and Encapsulation
5:24:56 - TOR
5:27:43 - Encryption
5:31:32 - P2P
5:34:03 - Load Balancing
5:37:52 - Full Packet Capture
5:43:52 - Session Data
5:47:52 - Transaction Data
5:50:17 - Statistical Data
5:53:49 - Metadata
5:55:50 - Alert Data
6:01:32 - Denial of Service & Distributed Denial of Service Attack
6:14:15 - Main-in-the-Middle
6:19:46 - SQL Injection
6:25:02 - Command Injection
6:32:08 - Cross-Site Scripting
6:36:17 - Social Engineering Attacks
6:58:56 - Buffer Overflow
7:10:02 - Command and Control
7:16:17 - Malware
7:23:48 - Ransomware
7:30:25 - Encryption
7:35:44 - Cryptanalysis
7:41:28 - Symmetric Encryption and Asymmetric Encryption
7:48:15 - Public Key Infrastructure
7:59:11 - Certificate Components
MODULE 3 - Host-Based Analysis
===========================
8:17:42 - Host-Based Firewall
8:23:13 - Host-Based Intrusion Prevention System
8:30:24 - Host-Based Antivirus
8:36:22 - Host-Based Antimalware
8:43:29 - Application-Level Whitelisting/Blacklisting
8:49:22 - Systems-based Sandboxing
8:53:43 - Windows Processes
9:03:46 - Windows Threads
9:13:27 - Windows Registry Database
9:18:59 - Windows Handles
9:22:41 - Windows Services
9:26:32 - Windows Users, Group, and Permissions
9:30:13 - Windows Network Activity from the CLI
9:34:08 - Windows Network Activity from the GUI
9:36:02 - Linux — Bourne Again Shell
9:40:30 - Linux Directory Structure
9:44:07 - Linux Basic File Manipulations
9:51:42 - Linux File System Permissions
10:06:28 - Linux Piping and Redirection of Standard I/O
10:11:32 - Linux Grep Stream Filter
10:15:41 - Linux Processes
10:18:49 - Linux Netstat Command
10:21:36 - Role of Attribution in an Investigation
10:39:07 - Types of Evidence
10:46:35 - Compare Tampered and Untampered Disk Image
10:52:02 - Interpret Logs and Identify an Event
10:59:18 - Interpret the Output Report of a Malware Analysis Tool
MODULE 4 - Network Intrusion Analysis
================================
11:12:32 - Map Security Event Type to Source Technologies
11:25:37 - IPS Alert Matrix and Its Impact
11:31:05 - Packet Filtering vs Deep Packet Inspection
11:42:55 - SPAN vs TAPS
11:52:18 - Flow Analysis vs Full-Packet Analysis
12:00:43 - Extracting files from a TCP Stream given a PCAP File
12:09:19 - Malicious Traffic Analysis
12:22:29 - Interpreting Protocol Header Fields - Ethernet Frame
12:50:57 - Interpret Security Event Artifacts
12:57:21 - Interpret Basic Regular Expressions
MODULE 5 - Security Policies and Procedures
=====================================
13:03:41 - Describe Management Concepts
13:16:18 - Describe the Elements in an Incident Response Plan as Stated in NIST.SP800-61r2
13:21:23 - The Cyber Kill Chain (Incident Response Model)
13:38:30 - Map Elements to These Steps of Analysis Based on The NIST.SP800-61 - Preparation
13:44:47 - Map Elements to These Steps of Analysis Based on The NIST.SP800-61 - Detection and Analysis
13:51:22 - Map Elements to These Steps of Analysis Based on The NIST.SP800-61 - Containment, Eradication, and Recovery
13:57:38 - Map Elements to These Steps of Analysis Based on The NIST.SP800-61 - Post-Incident Activity
14:06:25 - Incident Response Stakeholders
14:11:05 - Describe Concepts as Documented In NIST.SP800-86
14:17:46 - Identify These Elements Used in Network Profiling - MANY
15:00:06 - Identify Protected Data In a Network
15:11:49 - The Diamond Model (Incident Response Model)
15:20:39 - SOC Metrics