Security Operations

This comprehensive course provides an in-depth of different functions performed for security operations. Students will learn how security operations add value to an organization and the role of documented policies, frameworks, and controls in reducing risk. The course covers critical cybersecurity functions, including risk management, compliance management, asset and vulnerability management, identity and access management, data protection, vendor and supply chain security, security awareness, and monitoring.

Additionally, students will examine key risk assessment strategies, incident response planning, digital forensics, contingency planning, and auditing. By the end of the course, learners will have the knowledge and skills to implement and manage a robust cybersecurity program, ensuring organizational security, regulatory compliance, and effective risk mitigation.

About This Course

Key components of the course include

  • Define what a cybersecurity program is and how security operations can add value to an organization
  • Explain how documented policies, standards, procedures, guidelines, and controls play a role in reducing risk to an organization
  • Explain how frameworks can help form and implement security controls for an organization
  • Explain common cybersecurity program functions and their role in protecting an organization
  • Explain the function of compliance management and various considerations for compliance management in an organization
  • Explain key concepts to compliance management such as privacy, data roles, legal actions, and potential consequences of non-compliance
  • Describe common laws, regulations, and industry standards as it relates to compliance
  • Explain what a gap analysis is and how it can identify areas that need improvement
  • Explain the function of risk management and various considerations for risk management in an organization
  • Define key risk management actions and terms such as risk identification, risk analysis, risk register, and risk reporting
  • Define key risk measurement strategies and calculations such as AV, TCO, SLE, EF, ALE, and ARO
  • Describe risk management strategies
  • Explain methods of prioritizing projects using risk factors and Return on Investment (ROI)
  • Explain the function of asset acquisition and management and various considerations while managing assets of an organization
  • Explain the function of vulnerability management and various considerations while managing vulnerabilities
  • Explain key terms and resources for vulnerability management, such as CVE, CVSS, CPE, CCE, CVE, SCAP, Pentesting, red teams, and blue teams
  • Explain possible actions to take to deal with vulnerabilities within the organization
  • Explain the importance of patch management and processes associated with patch management
  • Explain the function of data management and various considerations while managing data
  • Define key terms for data management, such as compliance, privacy, data roles, data types, and PII
  • Explain types of data and the data type could determine the level of security controls needed to protect the data
  • Explain common methods for protecting data, such as data classification, data labeling, ACLs, encrypting data, steganography, data masking, data obfuscation, and DLP
  • Explain how data retention and retirement plays a role in keeping data safe
  • Explain the function of vendor and supply chain management
  • Explain key relationships to an organization and common agreement types
  • Explain considerations when choosing and evaluating vendors
  • Explain the function of personnel management
  • Explain key policies in relation to personnel management such as least privilege, need to know, separation of duties, job rotation, and mandatory vacations
  • Explain the function of Identity and Access Management (IAM) and it’s critical role in keeping an organization safe
  • Explain key concepts to IAM such as AAA, PAM, key storage, MFA, OTP, HOTP, TOTP, SSO, Federation, and identity proofing
  • Explain what makes a good password and the importance of a password manager and using MFA
  • Explain key IAM policies and considerations for those policies
  • Explain the importance of access control, access control models and their use cases for common access control models
  • Explain methods for physical access control
  • Explain the function of security awareness and training and its role in keeping an organization safe
  • Explain the function of configuration and change management and it’s critical role in keeping an organization safe
  • Explain the function of monitoring and its role in maintaining security for an organization
  • Explain types and methods of monitoring and how monitoring protocols and software play a role in maintaining an infrastructure
  • Define key monitoring terms, such as logging, NetFlow, SNMP, Syslog, benchmarking, SIEM, FIM, and threat hunting
  • Explain Indicators of Compromise (IoC)
  • Explain the function of alerting and it’s role of keeping an organization secure
  • Explain the function of Incident Management and its role in keeping an organization safe
  • Explain key concepts relating to incident management, such as uptime, five 9s, MTTR, MTBF, root cause analysis, and SOAR
  • List what goes into a incident response plan and explain the importance of it
  • Explain what digital forensics is, some key terms relating to digital forensics, and the process for collecting evidence
  • Explain the function of contingency planning and its role in keeping an organization safe
  • Explain key terms in relation to contingency planning, such as BIA, RPO, RTO, and DRP
  • Explain the function of auditing and assessments and its role in keeping an organization safe
  • Explain key terms, such as auditing, attestation, and gap analysis
  • Explain the function of program management and its role in keeping an organization safe
  • Describe key metrics for evaluating the performance of systems and programs related to security
  • List various regulatory compliance and describe key concepts
  • Determine who may have to comply with various compliance frameworks
  • Describe various agreement types and where they might apply

 

Learn it Right, Learn it Well, and Reap the Rewards

Spending the time now to fully understand what security operations looks like and how an organization can implement processes and procedures to reduce risk and improve their services.

How to Take This Course!

Option #1 – Watch this course on YouTube. For convenience, I’ve included links to the videos down below

Option #2 – Take this course on Udemy. This is not a free option, but has the advantage of a full learning management system, no commercials, and completion certificates.

Here’s the link to the Udemy Course:

https://www.udemy.com/share/10dj8F/

Course Content

Module 0 – Welcome and Getting Started

Welcome https://youtu.be/jLA4T9PQoSA 0:0:49
Course Overview https://youtu.be/e4TWt4cBPEU 0:10:30
Syllabus N/A
Meet Your Instructor N/A

 

Module 1 – Security Program

Module Intro https://youtu.be/reiqmqa6D_A 0:01:14
Security Operations https://youtu.be/CH8giGZQuLA 0:04:30
What is a Cybersecurity Program https://youtu.be/OuIZkeYsPpQ 0:07:52
Security Program Documentation https://youtu.be/uJbrR746NyE 0:04:35
Policies https://youtu.be/VBgoePcAcYE 0:05:57
Information Security Policy (ISP) https://youtu.be/AyvqYjac5hY 0:02:46
Standards https://youtu.be/NLJ7z10oAC8 0:03:29
Procedures https://youtu.be/hZbiMf2ZWY0 0:04:42
Guidelines https://youtu.be/6qhCLZPH0rk 0:02:26
Controls https://youtu.be/bMOHOEC1PrU 0:03:36
Fail-Open vs Fail-Closed https://youtu.be/3RTOIZVx1mA 0:06:16
Types of Controls https://youtu.be/X8wBjWxFbr0 0:05:16
Policies, Standards, Procedures, Guidelines https://youtu.be/I1PGDHnqVf8 0:09:07
Cybersecurity Frameworks https://youtu.be/QlhgY8j4a74 0:07:39
Monitoring and Revisions https://youtu.be/VxknoICuLRA 0:02:38
Security Program Governance https://youtu.be/fxIWDqBGS-Q 0:07:40

 

Module 2 – Security Operations

Module Intro https://youtu.be/H3N4aCasjtA 0:03:56
Compliance Management https://youtu.be/Wzwhy9WRFkI 0:01:56
Risk Management https://youtu.be/6g6VcqPRqL8 0:05:13
Asset Acquisition and Management https://youtu.be/5w-dreWicEU 0:02:33
Vulnerability Management https://youtu.be/Fg6XTelPKG4 0:06:09
Patch Management https://youtu.be/wBijFzSeirU 0:02:59
Data Management https://youtu.be/z8QbvQ8hKa0 0:01:11
Vendor and Supply Chain Management https://youtu.be/9NdDX-eBjBM 0:05:08
Personnel Management https://youtu.be/rp18sO3UwMo 0:02:30
Identity and Access Management (IAM) https://youtu.be/UXMJfmIyIRk 0:01:05
Security Awareness & Training Management https://youtu.be/jF2ekqGLkuk 0:01:59
Configuration and Change Management https://youtu.be/LIoUTD0W4_8 0:04:06
Monitoring and Alerting https://youtu.be/SlZ18dg7YoM 0:03:17
Incident Management https://youtu.be/ElsSqnAeleI 0:02:37
Contingency Planning https://youtu.be/Pu3zBK0SH6E 0:02:18
Auditing and Assessments https://youtu.be/Dre8uA_gHus 0:02:03
Program Management https://youtu.be/LBPI66WGWlo 0:01:22

 

Module 3 – Compliance Management

Module Intro https://youtu.be/0xvXjlNA0CE 0:02:27
Compliance Management https://youtu.be/g4BCD_n8FDI 0:05:15
Privacy https://youtu.be/wx-Q2qrtexM 0:09:16
Data Roles https://youtu.be/IpTRSb15G5E 0:04:08
Compliance Factors https://youtu.be/-PaDQ0c9sKg 0:09:35
Regulation, Accreditations, and Standards https://youtu.be/PdWU6ZckqmQ 0:04:23
Customer, Vendor, and Partner Agreements https://youtu.be/IZhGJgcWFxE 0:04:09
Legal Actions https://youtu.be/uI2l6LbCX7U 0:07:46
Compliance Monitoring and Reporting https://youtu.be/h76Z63_TGRo 0:10:04
Gap Analysis https://youtu.be/0g_f_cAop1U 0:04:01
Consequences of Non-Compliance https://youtu.be/PKsYh4t2IUM 0:02:20

 

Module 4 – Risk Management

Module Intro https://youtu.be/-LNC8ljRSpE 0:02:24
Risk Management https://youtu.be/b3muOmLdZ3o 0:12:55
Risk Management Approach https://youtu.be/4Omv3ClgZgI 0:07:15
Risk Assessment https://youtu.be/VPcSsrBNXkU 0:02:52
Risk Appetite, Risk Threshold, and Risk Tolerance https://youtu.be/zGDiMQaXy8I 0:10:22
Risk Identification https://youtu.be/0DJCuhpWvxc 0:04:39
DEMO: Assessments https://youtu.be/XrMXPUeWwjw 0:04:39
Risk Tracking & Risk Register https://youtu.be/c-W8V4g1FD8 0:02:27
Risk Analysis https://youtu.be/xN3a0eEVKdk 0:06:01
Qualitative Risk Analysis https://youtu.be/2vX1Ui3-jC0 0:06:01
DEMO: Risk Register and Analysis https://youtu.be/lUzqiEFJ-9c 0:03:16
Asset Value (AV) and Total Cost of Ownership (TCO) https://youtu.be/h8MQ4MJNAeg 0:06:23
Quantitative Risk Analysis https://youtu.be/BxWV2BoA70s 0:05:25
Single-Loss Expectancy (SLE) and Exposure Factor (EF) https://youtu.be/G2F3Rvs0AC8 0:05:22
Annualized Loss Expectancy (ALE) and Annual Rate of Occurrence (ARO) https://youtu.be/cLD8BKzuBMs 0:05:22
Risk Reporting https://youtu.be/BL57aFNuTEI 0:07:14
Risk Management Strategies https://youtu.be/5GfIpGefjJk 0:05:27
Risk Mitigation and Controls https://youtu.be/HUJezjmZTCI 0:05:30
Inherent and Residual Risk https://youtu.be/xbW611wJ3qI 0:01:37
Trade-Off Analysis https://youtu.be/imxybEfWafQ 0:10:36
Cost-Benefit Analysis (CBA) Example https://youtu.be/HDWdFoCOakI 0:09:53
Calculating Return On Investment (ROI) https://youtu.be/q4CsfusndQA 0:09:40
DEMO: ROI Worksheet https://youtu.be/PB5MBLu4GqI 0:03:39
Planning and Prioritization https://youtu.be/JuJEyGLgxHg 0:07:14

 

Module 5 – Asset Acquisition and Management

Module Intro https://youtu.be/TNUanMGeCxQ 0:02:18
Asset Management https://youtu.be/WCb8_N8v_VA 0:10:36
Acquisition and Procurement https://youtu.be/Jza1dIYPW9c 0:07:57
Assignment and Accounting https://youtu.be/JdfXjk_DpHw 0:02:55
Monitoring and Asset tracking https://youtu.be/fn0S0OFxQ3s 0:04:45
Decommissioning and Disposal https://youtu.be/4KGsEYJCCWc 0:07:14

 

Module 6 – Vulnerability and Patch Management

Module Intro https://youtu.be/ZSWKUFz6BaA 0:04:42
Vulnerability Management https://youtu.be/y6xKWY-0ADM 0:13:47
Common Vulnerabilities and Exposures (CVE) https://youtu.be/XZZyRflWIz0 0:03:42
Common Vulnerability Scoring System (CVSS) https://youtu.be/0iNg5XpuvF8 0:12:09
Discovering Vulnerabilities https://youtu.be/zeN5z3w4p0w 0:07:24
Discovering Application Vulnerabilities https://youtu.be/VU31jCpp9wA 0:05:57
Vulnerability Scans https://youtu.be/LEETqqdhlCc 0:08:11
Vulnerability Scanner Settings and Considerations https://youtu.be/LP3OJC_GLt8 0:16:18
Penetration Testing (Pentesting) https://youtu.be/0WAfI3-OVe0 0:08:16
Red Teams and Blue Teams https://youtu.be/c8vNcEwWGNM 0:02:28
Reporting https://youtu.be/VQIySU8h0rQ 0:03:53
Vulnerability Validation https://youtu.be/yABHFGPtan0 0:03:26
Vulnerability Analysis and (Re-)Classification https://youtu.be/xHsRs7FABAU 0:03:10
Prioritization and Escalation https://youtu.be/R-GF4Gp3jq4 0:02:50
Action Plan https://youtu.be/RzE0klvaAjE 0:06:14
Vulnerability Remediation https://youtu.be/Aka2XvY1b6Q 0:07:51
Validation of Remediation https://youtu.be/ddhix34M-2M 0:01:43
Patch Management https://youtu.be/6kOS2dcAFfg 0:08:41

 

Module 7 – Data Management

Module Intro https://youtu.be/Xfa_1OTvp7I 0:01:56
Data Management https://youtu.be/85v1d37uU5w 0:05:13
Compliance, Privacy, and Data Roles https://youtu.be/I2DdMOjx9kU 0:07:31
Data Types https://youtu.be/iAScK_PuQU4 0:03:25
Personally Identifiable Information (PII) https://youtu.be/wgM0UOQxmpE 0:09:08
Data Classifications https://youtu.be/C-Vvpd7bFWM 0:04:56
Data Inventory and Data Labeling https://youtu.be/j0WA09KjtxY 0:02:58
Data Protection https://youtu.be/wgXYTDYcNnM 0:06:48
Data States https://youtu.be/yDC_pa4O9HQ 0:03:46
Keeping Data Confidential https://youtu.be/vXZMCFCtpfM 0:07:19
Encrypting Data https://youtu.be/Nv7PDlQej9Q 0:05:37
Steganography https://youtu.be/-HPELXT1Er8 0:05:37
Data Masking and Obfuscation https://youtu.be/DY4nJG-JplE 0:10:42
Data Loss Detection https://youtu.be/hr2XvIYcQBI 0:03:35
Data Loss Prevention https://youtu.be/kjRMOv–G8c 0:03:45
Data Retention and Retirement https://youtu.be/IXrPai3zD7Y 0:05:29

 

Module 8 – Vendor and Supply Chain Management

Module Intro https://youtu.be/tjjLIBVt_-Y 0:05:16
Vendor Management https://youtu.be/v1jDWBj1WZM 0:05:25
Gathering Requirements https://youtu.be/bVMJfQp_PkI 0:09:06
Vendor Assessment https://youtu.be/FHEimY7sNvo 0:13:30
Cloud Hosting Considerations https://youtu.be/PaRfLmUezQE 0:05:34
Supply Chain Management https://youtu.be/usWr5C8_OLM 0:04:52
Vendor Selection https://youtu.be/X90dpxCnmRs 0:02:28
Agreement Types https://youtu.be/cjDoyxO5KX4 0:10:30
Vendor Monitoring and Termination https://youtu.be/R0tg8r6_ynA 0:04:19

 

Module 9 – Personnel Management

Module Intro https://youtu.be/2IM2Cg2tpbo 0:03:01
Personnel Management https://youtu.be/Ja9CGTsBkSE 0:11:38
Onboarding and Termination Procedures https://youtu.be/eheqoK4T5fA 0:04:59
Least Privilege https://youtu.be/dczZQgvloUw 0:03:53
Need to Know https://youtu.be/YQVDG11gzh8 0:03:35
Separation of Duties https://youtu.be/BiB2143UyO4 0:05:11
Job Rotation https://youtu.be/VlcWQq3fcOk 0:04:10
Mandatory Vacations https://youtu.be/G7ueoqtJeWg 0:02:11

 

Module 10 – Identity and Access Management (IAM)

Module Intro https://youtu.be/9owgJAjT2CQ 0:0:33
Identity and Access Management (IAM) https://youtu.be/S7lfSVSv4KE 0:04:48
Authentication, Authorization, and Accounting (AAA) https://youtu.be/dNdtdDh8uHE 0:03:26
What Makes a Good Password https://youtu.be/8eRsKCwV6Q4 0:21:56
Password Manager https://youtu.be/b8iC695TD9w 0:07:41
Privileged Access Management (PAM) https://youtu.be/7MHrmrqEbGM 0:06:16
Key Storage https://youtu.be/ktBLZUt-p40 0:02:06
Multi Factor Authentication (MFA) https://youtu.be/fhS9Tdy2hFQ 0:05:39
One-Time Passwords (OTP) https://youtu.be/dWnnnJbmJ_Q 0:03:24
HOTP and TOTP https://youtu.be/HVko8oD0HAk 0:07:50
IAM Policies and Enforcement https://youtu.be/3Ya3RM0xFyg 0:06:18
Single Sign-On (SSO) https://youtu.be/vcFKiOkDU_M 0:05:08
Federation https://youtu.be/JBGQ_jCIGRs 0:04:27
Identity Proofing https://youtu.be/giMdO5uFoPo 0:01:38
Access Control https://youtu.be/ViDMpB1v4aQ 0:10:24
Access Control Models https://youtu.be/q687FIec8q0 0:09:28
Physical Access Control https://youtu.be/yxUGH3R64KU 0:06:24

 

Module 11 – Security Awareness and Training

Module Intro https://youtu.be/6RyzoK5zJyo 0:01:26
Awareness https://youtu.be/mOkc7i_SXQo 0:05:51
Training https://youtu.be/CaqOviHGQag 0:05:11
Security Training Content https://youtu.be/fjGuPTQqbL4 0:03:19
Delivery https://youtu.be/A6AIBr5XeeI 0:11:04
Awareness Testing https://youtu.be/HbfsSuQkzXg 0:04:06
Monitoring and Reporting https://youtu.be/YR7b9BjDyrU 0:01:21

 

Module 12 – Configuration and Change Management

Module Intro https://youtu.be/HLrzisEJXvc 0:01:44
Configuration vs Change Management https://youtu.be/5U7h1_tEZZA 0:04:09
Change Management https://youtu.be/q0uQRIBdXx0 0:06:48
Planning Considerations https://youtu.be/zLPqfWzwgNU 0:08:16
Evaluation and Implementation https://youtu.be/Wd-zZINvyXE 0:02:06
Monitoring, Documentation, and Closure https://youtu.be/yPaYI_z_tlE 0:02:39
Automation https://youtu.be/dUuyVfdweYQ 0:15:26

 

Module 13 – Monitoring and Alerting

Module Intro https://youtu.be/38_ulAtvCf0 0:03:11
Monitoring https://youtu.be/MdSBiASORAI 0:05:25
Monitoring Example https://youtu.be/xoaIaLFYb3w 0:09:26
Monitoring Methods https://youtu.be/6ZcB7sCzWm4 0:02:59
Capturing https://youtu.be/JzOHKzIWBC8 0:06:27
Scanning and Probing https://youtu.be/8iMUIPlTZ3M 0:03:47
Polling https://youtu.be/yRKtnZ-Ic4w 0:04:13
Logging https://youtu.be/jl3wsh7l6Uc 0:05:33
Netflow vs SNMP vs Syslog https://youtu.be/-jqRo8Z7G-g 0:01:43
Benchmarking https://youtu.be/fmAil-GcrNY 0:02:06
Security Information and Event Management (SIEM) https://youtu.be/HkO9fnO-2L0 0:02:43
Indicators of Compromise (IoC) https://youtu.be/zfQrwwK0xZk 0:04:55
File Integrity Monitoring (FIM) https://youtu.be/GU8-NBU-MNw 0:02:08
Alerting https://youtu.be/MZzGbmdMbFg 0:08:21
Log Management and Archiving https://youtu.be/2XBVcQDZuX4 0:02:33
Threat Hunting https://youtu.be/OsQEFMtsPiE 0:03:39

 

Module 14 – Incident Management

 

Module 15 – Contingency Planning

Module Intro https://youtu.be/Qwk_a8L_l0Q 0:01:43
Contingency Planning https://youtu.be/wzgrrap_0xg 0:04:59
Business Impact Analysis (BIA) https://youtu.be/Zp3c2sDmIdA 0:06:53
RPO and RTO https://youtu.be/DPmVRAEA_wo 0:03:57
Disaster Recovery Plan (DRP) https://youtu.be/K4lhgm5cWLk 0:05:11
Testing Plans https://youtu.be/6_kWWqpVqhw 0:03:48

 

Module 16 – Auditing, Assessment, and Program Management

Module Intro https://youtu.be/egSYhtE1abE 0:01:27
Auditing https://youtu.be/z1XjmIxyur8 0:05:17
Attestation https://youtu.be/-AoP73n6OoQ 0:01:35
Compliance Audits Example https://youtu.be/YbZaZs5DPU0 0:03:44
Gap Analysis https://youtu.be/h5eKiHv5ACA 0:02:29
Program Management https://youtu.be/1VZwc8_FagQ 0:04:38
Evaluation and Metrics https://youtu.be/O1MPvJqi54w 0:03:36

 

Appendix A – Regulatory Compliance

Appendix Intro https://youtu.be/uxGbcYU60xM 0:01:27
General Data Protection Regulation (GDPR) https://youtu.be/umiat_wEoag 0:04:05
California Consumer Privacy Act (CCPA) https://youtu.be/czoWru16Nbk 0:04:02
Payment Card Industry Data Security Standard (PCI DSS) https://youtu.be/1T5pbwGUDsE 0:03:43
Sarbanes-Osxley Act (SOX) https://youtu.be/H2r8xuIflWU 0:04:35
Health Insurance Portability and Accountability Act (HIPAA) https://youtu.be/eI_bmbDRdW4 0:01:32
Cybersecurity Maturity Model Certification (CMMC) https://youtu.be/ZpGnSPQzj-k 0:02:49
Gramm-Leach-Bliley Act (GLBA) https://youtu.be/ZpGnSPQzj-k 0:01:54
Children’s Online Privacy Protection Act (COPPA) https://youtu.be/n0Vw7gorq9Q 0:01:42
Family Educational Rights and Privacy Act (FERPA) https://youtu.be/UHJK_CjWXMw 0:02:57

 

Appendix B – Agreements

Appendix Intro https://youtu.be/Fb26fGiN-g8 0:01:16
Service-level agreement (SLA) https://youtu.be/2uzhmPAU5Kg 0:04:19
Operational Level Agreement (OLA) https://youtu.be/oA13M146I5k 0:02:54
Privacy Level Agreement https://youtu.be/YDgY8OXfEVk 0:02:00
Master Service Agreement (MSA) https://youtu.be/u4gtjGql9_E 0:03:31
Work Order (WO)/Statement of Work (SoW) https://youtu.be/eY-XRNIuL8Y 0:02:57
Non-disclosure agreement (NDA) https://youtu.be/20HOYCrZ0As 0:01:57
Memorandum of Understanding (MOU) https://youtu.be/NUfmu8SkLuQ 0:02:21
Business Partners Agreement (BPA) https://youtu.be/BF-03FzxNCI 0:02:08
Memorandum of Agreement (MOA) https://youtu.be/tbMwByuLsB8 0:02:03
Interconnection Security Agreement (ISA) https://youtu.be/xVtlNNYaA4M 0:02:29
Aggrement Type Example: Pentesting https://youtu.be/Lu0mK-3T4jg 0:05:09
Aggrement Type Example: SaaS https://youtu.be/_eDBfSC6aQ8 0:03:18
Aggrement Type Example: Business Partner https://youtu.be/J2kfW2GHB_s 0:03:36

 

Module X – Wrap Up

Security Operations X-1: Review https://youtu.be/nffTuFXbeo8 0:06:35
Course Wrap Up https://youtu.be/ze1VSTWAH5o

 

Help the Effort

Creating these videos takes a lot of time, effort, and money. There are costs to producing the videos, hosting the site, and buying the equipment, not to mention the 1,000’s of hours I’ve put into recording these videos. So far, I’ve asked for and received very little in return. Please consider helping keep the effort going by one of the following: