ISC2 CC - Certified in Cybersecurity with Flashcards "2024
- Description
- Curriculum
- FAQ
- Reviews
Welcome to the ISC2 Certified in Cybersecurity (CC) Training Course, Start Your Cybersecurity Journey with Cyvitrix
** Your Gateway to Cybersecurity & Information Security and GRC Career **
** Taught by Experts to make you a Real Expert **
Access more than 500 Pages of detailed study notes and more than 60 flashcards per lecture!
This course is a complete cybersecurity course tailored for you as a beginner!
Cyber+Security = Cybersecurity!
Our ISC2 Certified in Cybersecurity (CC) Training Course is specifically tailored for beginners in cybersecurity and information security. This course will provide you with a solid foundation in the field, ensuring you are well-prepared to kickstart your cybersecurity career.
Why Choose Cyvitrix’s Certified in Cybersecurity (CC) Training?
Comprehensive Coverage: Our course offers thorough coverage of all CC certification topics and effective exam preparation strategies.
Beginner-Friendly: Designed with beginners in mind, our step-by-step approach makes complex concepts easy to understand.
Extensive Resources:
-
19 Hours of Video Lectures: Detailed discussions on everything you need to know from scratch.
-
150+ Practice Questions: Quizzes and post-course exams to test your knowledge.
-
Key Takeaways Lectures: Written summaries of all discussed topics for easy reference.
-
Instructor Support: Get answers to your questions within 24-36 hours in the QA section.
Course Highlights
-
Introduction to Cybersecurity: Overview of the cybersecurity landscape, terminology, and critical principles.
-
Network Security Basics: Fundamentals of securing computer networks, network architecture, protocols, and common security threats.
-
Security Awareness and Best Practices: Promoting security awareness and implementing best practices for secure computing.
-
Information Security Principles: Concepts of confidentiality, integrity, and availability (CIA).
-
Risk Management Fundamentals: Basics of risk assessment and mitigation strategies.
-
Secure Configuration and Access Controls: Secure system and network configurations and access control mechanisms.
-
Incident Response Basics: Procedures and techniques for handling cybersecurity incidents.
About Cyvitrix
At Cyvitrix, we specialize in providing comprehensive training courses for individuals starting their journey in cybersecurity. Our goal is to empower beginners with the knowledge and skills they need to succeed in this dynamic field.
Disclaimer
This course is unofficial and not sponsored by ISC2. It is designed to supplement official study materials and provide a foundational understanding of cybersecurity concepts for entry-level roles.
Enroll Now
Take the first step towards a successful career in cybersecurity with our ISC2 Certified in Cybersecurity (CC) Training Course.
Join us and build a strong foundation in cybersecurity today!
-
1Certified in Cybersecurity Course Introduction - What we will cover?Video lesson
This lecture provides an introduction to the Certified in Cybersecurity course, which is essential in today's digital world for protecting sensitive information against cyberattacks and breaches. The course covers foundational knowledge and skills in securing networks and systems, with domains such as network security, cryptography, risk management, and incident response. Additionally, the lecture explores various careers in cybersecurity and the skills needed to excel in this field. By the end, students will understand the course's relevance and gain insight into the practical skills they will acquire.
-
2**How to get the most out of this Course**Video lesson
-
3About TrainerVideo lesson
-
4Useful Links for CC Certification TrainingText lesson
-
5Get The Study Materials!Text lesson
-
6What is the purpose of Information Security and Cybersecurity?Video lesson
The lecture will provide a detailed understanding of the CIA Triad (Confidentiality, Integrity, and Availability) and security objectives in information security. It will explain the components of the CIA Triad and explore techniques such as encryption, access controls, and backups to ensure data and system security. It will also cover other security objectives like authentication and accountability. The lecture will use case studies and examples to demonstrate how these principles work together to create a comprehensive security framework. By the end, attendees will have a thorough understanding of these concepts and will be equipped to implement effective security measures in their organizations.
-
7Cyber Security, Information Security and Information AssuranceVideo lesson
This lecture will cover essential security terms in information security, providing explanations and definitions for concepts like encryption, access controls, authentication, authorization, non-repudiation, accountability, digital signatures, checksums, redundancy, backups, and disaster recovery plans. By the end of the lecture, attendees will have a clear understanding of these terms and how they contribute to maintaining the security of data and systems. This knowledge will empower them to make informed decisions and implement effective security measures to protect sensitive information and ensure system integrity and availability.
-
8Understand the Security ControlsVideo lesson
The lecture focuses on the importance of security controls in protecting information systems and sensitive data. It covers various types of controls, such as administrative, technical, and physical, and their roles in risk mitigation. Attendees will learn about selecting and implementing appropriate controls, including risk assessments and compliance requirements. The lecture emphasizes continuous monitoring and evaluation of controls through security audits, penetration testing, and vulnerability assessments. Real-life examples and case studies will be used to teach practical strategies for developing and maintaining an effective security control framework. Ultimately, participants will gain the knowledge and skills to design, implement, and evaluate security controls, enhancing their organization's security posture.
-
9IT General Controls and Control examplesVideo lesson
-
10Keep Moving: Overcome Obstacles, Success is Your Ally!Text lesson
-
11Control Objective & Compensating ControlsVideo lesson
-
12ISC2 CC - Defense in DepthVideo lesson
The lecture will focus on Defense in Depth, a layered approach to security that protects information systems from threats and attacks. It will explain the principles and benefits of Defense in Depth, covering physical, technical, and administrative controls. Strategies for implementation, including vulnerability assessment and selecting appropriate measures, will be discussed. Ongoing monitoring and evaluation will be emphasized, using security audits and testing. Attendees will learn practical strategies and real-world examples to design and implement their own Defense in Depth strategy. The goal is to provide a comprehensive understanding of Defense in Depth and the ability to enhance overall security posture.
-
13ISC2 CC - Risk Management OverviewVideo lesson
This lecture will provide an overview of risk management, covering its importance and key concepts. It will delve into the process of risk management, including steps such as risk identification, assessment, analysis, evaluation, treatment, and monitoring. The lecture will highlight the benefits of effective risk management in minimizing the impact of potential risks on organizations or projects.
Various risk management strategies and techniques will be discussed, including risk mitigation, risk transfer, risk acceptance, and risk avoidance. Real-world case studies and examples will be used to demonstrate the application of risk management principles in different industries and scenarios.
By the end of the lecture, attendees will have a clear understanding of the fundamentals of risk management and its significance in organizations. They will be equipped with knowledge and tools to identify, assess, and mitigate risks effectively, contributing to better decision-making and overall risk governance.
-
14ISC2 CC - Types of Risk and Risk LevelsVideo lesson
This lecture will provide a comprehensive exploration of different types of risks organizations face, including financial, operational, strategic, compliance, and reputational risks. It will cover their characteristics, sources, and impact on organizations, using real-world examples and case studies. The lecture will also highlight the interdependencies of risks and the need for a holistic approach to risk management. Attendees will gain knowledge and insights to effectively identify, assess, and mitigate specific risks, enabling them to make informed decisions and enhance risk resilience within their organizations.
-
15ISC2 CC - Risk IdentificationVideo lesson
-
16Risk AnalysisVideo lesson
-
17ISC2 CC - Risk Evaluation and ResponseVideo lesson
This lecture will focus on risk response strategies for managing various types of risks. It will explore techniques such as risk avoidance, mitigation, transfer, and acceptance, and discuss their application in different organizational contexts and industries. The lecture emphasizes the importance of developing a risk response plan and monitoring its effectiveness, using risk management frameworks and tools. Participants will gain practical insights on selecting and implementing tailored risk response strategies, supported by examples and case studies. The overall goal is to equip attendees with the knowledge and skills to enhance risk resilience within their organizations.
-
18ISC2 CC - Risk Reporting and MonitoringVideo lesson
This lecture will focus on the importance of risk monitoring in effective risk management. It will cover various techniques and aspects involved in monitoring risks throughout different stages of a project or within an organization. The lecture will emphasize the use of risk indicators, key performance indicators, and other monitoring tools to identify and evaluate potential risks. It will also delve into the process of establishing a risk monitoring framework and designing appropriate risk monitoring plans, including techniques for tracking and assessing risks. Effective communication and collaboration in risk monitoring will be highlighted, along with the role of stakeholders, project teams, and risk management professionals. Attendees will learn practical strategies for developing and implementing a tailored risk monitoring system, supported by case studies and real-life examples. The overall goal of the lecture is to equip participants with the knowledge and skills necessary to establish a proactive and effective risk monitoring process.
-
19ISC2 CC - Risk Management FrameworksVideo lesson
-
20ISC2 CC - Governance and ManagementVideo lesson
-
21ISC2 CC - Information Security GovernanceVideo lesson
The lecture will explore security governance's importance in cybersecurity and its role in decision-making and risk management. It will highlight aligning security objectives with organizational strategy through a governance framework.
Attendees will learn about the benefits of security governance, such as improved risk management and decision-making. The lecture will emphasize risk identification, policy establishment, and control implementation.
Additionally, the lecture will cover security governance's role in regulatory compliance and creating a security-aware culture. Real-world examples will demonstrate its application, and attendees will engage in discussions and exercises.
By the end, participants will understand security governance's significance, recognize the need for a governance framework, and have the knowledge to implement effective practices.
-
22ISC2 CC - PoliciesVideo lesson
The set of lectures will discuss the significance of standards, policies, and procedures in various organizational contexts. They provide a framework for consistency, efficiency, and reliability in operations.
The lectures will cover the concept of standards and their role in establishing quality and performance benchmarks. Different types of standards will be explored, including industry, regulatory, and internal standards, emphasizing compliance, interoperability, and best practices.
Policies will be discussed in regards to guiding decision-making and behavior within an organization. Clear and well-defined policies promote consistency, fairness, and compliance. The lectures will highlight policy creation, dissemination, enforcement, and their impact on organizational culture and functioning.
Procedures' importance in providing step-by-step instructions for tasks and processes will also be emphasized. Well-documented procedures improve efficiency, reduce errors, and enhance training and onboarding processes.
Real-world examples and case studies will be used to showcase the practical application of these elements. Attendees will participate in discussions and exercises that foster critical thinking and problem-solving.
By the end of the lectures, participants will understand the importance of standards, policies, and procedures in achieving consistency, compliance, and efficiency. They will be equipped to develop and implement effective elements within their organizations.
-
23AUP & Clear Desk and Physical Security PoliciesVideo lesson
-
24Example - Internet Access, Email Security - Remote Access PoliciesVideo lesson
-
25Example - Network, Wireless & BYOD PoliciesVideo lesson
-
26Example - Data Protection, Encryption, Classification PoliciesVideo lesson
-
27ISC2 CC - StandardsVideo lesson
The set of lectures will discuss the significance of standards, policies, and procedures in various organizational contexts. They provide a framework for consistency, efficiency, and reliability in operations.
The lectures will cover the concept of standards and their role in establishing quality and performance benchmarks. Different types of standards will be explored, including industry, regulatory, and internal standards, emphasizing compliance, interoperability, and best practices.
Policies will be discussed in regards to guiding decision-making and behavior within an organization. Clear and well-defined policies promote consistency, fairness, and compliance. The lectures will highlight policy creation, dissemination, enforcement, and their impact on organizational culture and functioning.
Procedures' importance in providing step-by-step instructions for tasks and processes will also be emphasized. Well-documented procedures improve efficiency, reduce errors, and enhance training and onboarding processes.
Real-world examples and case studies will be used to showcase the practical application of these elements. Attendees will participate in discussions and exercises that foster critical thinking and problem-solving.
By the end of the lectures, participants will understand the importance of standards, policies, and procedures in achieving consistency, compliance, and efficiency. They will be equipped to develop and implement effective elements within their organizations.
-
28ISC2 CC - Procedures and GuidelinesVideo lesson
The set of lectures will discuss the significance of standards, policies, and procedures in various organizational contexts. They provide a framework for consistency, efficiency, and reliability in operations.
The lectures will cover the concept of standards and their role in establishing quality and performance benchmarks. Different types of standards will be explored, including industry, regulatory, and internal standards, emphasizing compliance, interoperability, and best practices.
Policies will be discussed in regards to guiding decision-making and behavior within an organization. Clear and well-defined policies promote consistency, fairness, and compliance. The lectures will highlight policy creation, dissemination, enforcement, and their impact on organizational culture and functioning.
Procedures' importance in providing step-by-step instructions for tasks and processes will also be emphasized. Well-documented procedures improve efficiency, reduce errors, and enhance training and onboarding processes.
Real-world examples and case studies will be used to showcase the practical application of these elements. Attendees will participate in discussions and exercises that foster critical thinking and problem-solving.
By the end of the lectures, participants will understand the importance of standards, policies, and procedures in achieving consistency, compliance, and efficiency. They will be equipped to develop and implement effective elements within their organizations.
-
29ISC2 CC - Development and Review of PoliciesVideo lesson
-
30ISC2 CC - Security Standards and FrameworksVideo lesson
these lecture will explore the development and enforcement of cybersecurity laws and regulations. This will include examining the roles of different entities involved in the legal system, such as lawmakers, regulatory bodies, and law enforcement agencies. The lectures will emphasize the importance of collaboration between public and private entities in ensuring effective implementation and enforcement of cybersecurity laws and regulations. Attendees will also learn about the implications of non-compliance with cybersecurity laws and regulations, including legal ramifications and potential financial and reputational damage. The lectures will highlight the need for organizations to establish robust compliance programs and adopt industry best practices to mitigate risks and ensure adherence to relevant laws and regulations.
-
31ISC2 CC - Security vs Privacy and Privacy RegulationsVideo lesson
-
32Laws and their typesVideo lesson
-
33ISC2 Values - Understand the ISC2 Code of EthicsVideo lesson
The lecture will focus on the ISC2 Code of Ethics, which guides ethical behavior in cybersecurity. It will emphasize the importance of ethical conduct for individual integrity and the reputation of the cybersecurity community. The principles of protecting society, acting honorably, providing diligent service, and demonstrating competence will be explored. Attendees will learn about their responsibilities in safeguarding data and acting transparently. The lecture will stress the significance of maintaining confidentiality, avoiding conflicts of interest, and promoting professionalism. Real-world scenarios and case studies will be used to illustrate ethical decision-making. By the end, participants will have a comprehensive understanding of the Code of Ethics and the ability to make ethical choices in the cybersecurity profession.
-
34ISC2 CC - Basic Security Terminologies - Security FoundationsVideo lesson
Security threats can utilize the vulnerability, or can exploit the weakness in our system to cause
damage to our information system.
The threat is referring to something that has a potential to cause a harm or damage, and in the context
of the cybersecurity threats, could be the malicious attacks, which can impact the confidentiality,
integrity or availability to the system.
This kind of malicious attacks or this kind of threats could include viruses, hacking attempts, malware,
social engineering, and so on.
So a threat generally is linked to a vulnerability.
And by exploiting the vulnerability, the threat can cause damage.
And any asset will has a vulnerability.
Any asset will have a vulnerability because vulnerability is something that we cannot control.
We can identify the existing security vulnerabilities and we can close and remediate these security
vulnerabilities.
But that does not mean that our system will totally free from vulnerabilities.
We are basically detect known security vulnerabilities and known security issues.
But what about the unknown security issues and the unknown security vulnerabilities?
What about the zero day attacks, which refer to a kind of security attack that exploits the unknown
vulnerability?
So basically, if there is no threat, vulnerabilities will not be impacted.
If there is no vulnerability threat, cannot take access or gain access to the system.
So security threats include many types in the context of information and cyber security, which includes
a malware, phishing attacks, social engineering network attacks such as denial of services or distributed
denial of service.
Insider threat, which is someone who can misuse his authorized or her authorized access to cause damage
to the organization, or advanced persistent threats, which is sophisticated attacks that target organizations
and really last for a long time.
Some advanced persistent threats might take years without being detected by the security teams, and
during this duration, they might exfiltrate confidential information or even attack other customers,
or attack your business partners through your organization or through your company.
So security threats also could include data breaches.
Man in the middle attack, SQL injection attack, buffer overflow attack, cross-site scripting, and
zero day exploits.
And during the upcoming sections, we are going to talk in detail about each one of these types of attacks
to the level that is required in order to allow you to understand and comprehend how such attacks are
really working.
-
35ISC2 CC - Understand the Concept of Security VulnerabilitiesVideo lesson
-
36ISC2 CC - Adversaries and Threat ActorsVideo lesson
-
37ISC2 CC - Malware - Worm, Virus, Trojan, Spyware, Botnet, Adware, FilelessVideo lesson
-
38ISC2 CC - Anti-Malware Security Measures and Security Best PracticesVideo lesson
-
39ISC2 CC - Cyber Attacks - MiTMVideo lesson
-
40ISC2 CC - Cyber Attacks - DOS & DDOSVideo lesson
-
41ISC2 CC - Web Application AttacksVideo lesson
-
42ISC2 CC - How Cyber Attack Works?Video lesson
-
43ISC2 CC - Cyber Kill ChainVideo lesson
-
44ISC2 CC - Incident ManagementVideo lesson
-
45ISC2 CC - Incident ResponseVideo lesson
-
46ISC2 CC - Collecting digital Evidence and ForensicVideo lesson
-
47ISC2 CC - Disasters and Business Impact AssessmentVideo lesson
-
48ISC2 CC - Disaster Recovery PlanVideo lesson
-
49ISC2 CC - Business Continuity PlanVideo lesson
-
50ISC2 CC - RPO and RTOVideo lesson
-
51ISC2 CC - Recovery StrategiesVideo lesson
-
52ISC2 CC - BCP Testing and EvaluationVideo lesson
-
53ISC2 CC - Data BackupVideo lesson
-
54ISC2 CC - Backup TypesVideo lesson
-
55ISC2 CC - Storage Redundancy using RAIDVideo lesson
-
56ISC2 CC - What is Database?Video lesson
-
57ISC2 CC - Database Resiliency and Data AvailabilityVideo lesson
-
583- 1 - CC - Security Facility DesignVideo lesson
-
593- 2 - CC - Physical Access ControlsVideo lesson
-
603- 3 - CC - Environmental SecurityVideo lesson
-
613- 4 - CC - AAA OverviewVideo lesson
-
623- 5 - CC - Password AttacksVideo lesson
-
63Access Control ConceptsVideo lesson
-
643- 6 - CC - Authorization and Access Control ModelsVideo lesson
-
653- 7 - CC - Accounting and AuditingVideo lesson
-
663- 8 - CC - SSO and RSO - Single Sign On and Reduced Sign On ConceptVideo lesson
-
673- 10 - CC - Personnel Security MeasuresVideo lesson
-
684- 1 - CC - Introduction to IT Networks and Networking Basic ConceptsVideo lesson
-
694- 2 - CC - OSI and TCPIP Models overviewVideo lesson
-
704- 3 - CC - Explaining OSI Lower Layers - Physical LayerVideo lesson
-
714- 4 - CC - Explaining OSI Lower Layers - Layer 2Video lesson
-
724- 5 - CC - Explaining OSI Lower Layers - Network LayerVideo lesson
-
734- 6 - CC - Explaining OSI Higher Layers - Transport to ApplicationVideo lesson
-
744- 7 - CC - Wireless and Radio Frequency Based CommunicationVideo lesson
-
754- 8 - CC - Network Segmentation and VLANsVideo lesson
-
764- 9 - CC - Layer 2 Attacks - WiredVideo lesson
-
774- 10 - CC - Firewall and DMZ and Screened SubnetVideo lesson
-
784- 11 - CC - Proxy, Load Balance devices, Email Security and VPNVideo lesson
-
794- 12 - CC - IPS and IDSVideo lesson
-
804- 13 - CC - Virtualization and SDDCVideo lesson
-
814- 14 - CC - Containers and Functions and Serverless ComputingVideo lesson
-
824- 15 - CC - Cloud ComputingVideo lesson
-
834- 16 - CC - Cloud Deployment ModelsVideo lesson
-
844- 17 - CC - Cloud Shared Responsibility MatrixVideo lesson
-
854- 18 - CC - Cloud Security and AdvantagesVideo lesson
-
864- 19 - CC - Secure Access Service Edge (SASE) & Cloud Access Security BrokerVideo lesson
-
874- 20 - CC - OT & Industrial Control System and Purdu ModelVideo lesson
-
884- 21 - CC - SDN - Software Defined NetworkVideo lesson
-
89A Real Case Study - Crowdstrike Outage July 2024Video lesson
External Links May Contain Affiliate Links read more