Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Ultimate GRC Training | Governance, Risk, Compliance Complete Course
Course Introduction - Become a GRC Consultant
Navigating the Cybersecurity & GRC Landscape (7:18)
Building Resume for Cybersecurity Career (7:27)
Mastering Networking for Career Success (13:07)
Part 1 - Security Essentials for GRC Candidates
The Security Objective (7:15)
What is the Governance, Risk and Compliance? (5:08)
Information Security roles and GRC (4:03)
Key Security Terminologies (8:41)
Adversaries and Threat Actors (4:58)
Security vulnerabilities (5:15)
What is Malware? (11:33)
The Cyber Security Attacks (4:12)
Understand Web Application Attacks (9:31)
Social Engineering (10:02)
IT Infrastructure (6:07)
Part 2 - Security Program and Information Security Function
The Purpose of Security Program (13:49)
Cybersecurity and Information Security and Information Assurance (4:27)
Security Goals and Strategy (5:24)
Security manager role (8:46)
Security roles and responsibilities (6:21)
Key Performance Indicators (5:34)
Part 3 - Regulations and Standards and its influence
Information Security Standards and Frameworks (12:11)
Laws and Regulations that Affect Information Security (3:53)
Privacy Regulation Requirements (11:01)
Privacy Policy (4:58)
Performing Gap analysis (7:27)
Part 4 - Enterprise Risk Management - ERM
Risk Management Overview (10:12)
Risk Terminologies (6:50)
Risk Identification (6:48)
Risk Analysis (8:52)
Risk Evaluation and Response (12:43)
Risk Reporting and Monitoring (9:23)
Risk Management Frameworks (2:44)
Threat Model Overview (6:18)
Part 5 - Security Controls
Security Controls (11:26)
ITGC (6:50)
Control Objective, Compensating Control and Countermeasures (7:23)
Defence in Depth or layered defences (8:10)
Security Control Assessment & Control References (4:42)
Part 6 - Security Governance Tools
Policies (4:46)
Example - Acceptable Use - Physical Security - Clear Desk (7:21)
Example - Internet Access, Email Security - Remote Access Policies (7:07)
Example - Network, Wireless & BYOD Policies (7:04)
Example - Data Protection, Encryption, Classification Policies (8:19)
User Account, Password and Access Control Policies (7:55)
Artificial Intelligence Usage Policy (5:36)
Standards (4:18)
Procedures and Guidelines (4:24)
Review Policies, Standards and Procedures (6:47)
Part 7 - Personnel and Third-Party Risk Management - TRPM
Vendor Management and requirements in Contracts (Outsourcing) (14:04)
Supply Chain Security and Risk Management (9:47)
Personnel Security / Human Resource Security (11:11)
Security Awareness Training Program (4:55)
Part 8 - Information System Auditing and Control Validation
Information System Auditing overview (5:29)
Types of Audits (4:59)
Audit Committee (4:26)
Audit Planning (16:09)
Audit Execution (4:44)
Evidence Collection during Auditing (5:37)
Evaluation of Controls during the Audit (5:42)
Using Sampling in Audit Engagement (7:01)
Audit Reporting and Documentation (5:52)
SSAE (7:41)
SOC Audit and Understand SOC Reports (5:11)
Part 9 - 1 - Guide to Information Systems Network and Computing Basics
Information System Architecture (6:32)
# Computing System Components (20:25)
# Computing device forms and types of OS and Platforms (19:05)
# Introduction to IT Networks (19:05)
# OSI & TCP/IP Reference Models (25:43)
# Transport Protocols and Application Layer in Networking (9:24)
Part 9 - 2 - Databases
# Introduction to Databases (11:21)
# Primary and Foreign Key (3:10)
# Database Management System (DBMS) (3:25)
# Database Security (12:12)
# Database Resiliency (8:23)
Part 9 - 3 - Identity & Access Management
# IAAA Framework (10:30)
# Authorization and Access Control Models (11:15)
# Accounting (6:43)
# Active Directory and LDAP Overview (18:31)
Part 9 - 4 - Advanced Technologies
Virtualization and Hypervisors (7:37)
Containers (7:37)
Software Defined Networks (10:19)
Cloud Computing Overview (8:30)
Cloud Deployments Models (5:47)
Cloud Service Models (8:34)
Cloud Shared Responsibility Matrix (6:56)
Cloud Advantages and Security (8:26)
Part 10 - Endpoint and Data and Physical Security Overview
# Securing Endpoints (14:50)
# Endpoint Security Software & Endpoint Protection Platform (13:12)
Data Lifecycle (3:45)
Roles in Data and Assets Protection (4:49)
Data Classification (12:12)
Data Security Measures and Controls (6:47)
DLP (7:37)
DRM (8:13)
Data Destruction (4:39)
Physical Access Control Security Measures (6:00)
Part 11 - Software Development and Security Aspects
The Process of Acquiring New technology (6:05)
Feasibility Analysis and Business Case (4:44)
Software Development Process (12:08)
Software Development Methodologies (7:35)
Software and Information System Testing (12:43)
Secure Coding and Software Development (8:45)
DevOps (6:37)
DevSecOps (7:11)
Software Types and Licenses (8:56)
Intellectual Property (3:24)
Part 12 - Release Management and Change Management
Software and System Implementation & PIR (10:39)
Vulnerability Assessment and Patch Management (4:54)
Penetration Testing (10:06)
The Bug Bounty Program (5:23)
Release Management (7:15)
Change Management Process (11:05)
Configuration Management (7:15)
IT Assets Management (6:51)
IT Management and ITIL Framework Overview (8:40)
Control Objective of IT - COBIT (6:11)
Part 13 - The Incident Management and Business Continuity
# Incident Management Process (10:26)
# Responding to Incidents (15:37)
# Business Impact Assessment (17:21)
# Understand RTO and RPO (12:35)
# Recovery Strategies (5:47)
# BCP and DRP Testing and Evaluation (6:19)
Backup and Recovery (10:47)
# Storage Redundancy and RAID (11:03)
# Network Redundancy (9:30)
Containers
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock