All Episodes
Certified: The CompTIA Security+ Audio Course — 223 episodes
New Security+ Course Now Available! (V8 SY0-801)
Welcome to the SEC+ Audio Course
Episode 221: Developing and Executing Security Awareness Programs (Domain 5)
Episode 220: Security Reporting and Monitoring (Domain 5)
Episode 219: Hybrid and Remote Work Security Awareness (Domain 5)
Episode 218: User Guidance and Training (Part 3) (Domain 5)
Episode 217: User Guidance and Training (Part 2) (Domain 5)
Episode 216: User Guidance and Training (Part 1) (Domain 5)
Episode 215: Anomalous Behavior Recognition (Domain 5)
Episode 214: Effective Phishing Awareness (Domain 5)
Episode 213: Reconnaissance Techniques (Domain 5)
Episode 212: Penetration Testing Environments (Domain 5)
Episode 211: Fundamentals of Penetration Testing (Domain 5)
Episode 210: External Audits and Assessments (Domain 5)
Episode 209: Internal Audit Structures (Domain 5)
Episode 208: Attestation and Internal Audits (Domain 5)
Episode 207: Data Management and Compliance (Domain 5)
Episode 206: Privacy and Legal Implications of Compliance (Domain 5)
Episode 205: Data Inventory, Retention, and the Right to Be Forgotten (Domain 5)
Episode 204: Privacy Laws and Global Compliance (Domain 5)
Episode 203: Attestation and Acknowledgement in Compliance (Domain 5)
Episode 202: Consequences of Non-Compliance (Domain 5)
Episode 201: Effective Compliance Reporting (Domain 5)
Episode 200: Ongoing Vendor Monitoring and Engagement (Domain 5)
Episode 199: Agreement Types and Contractual Security (Domain 5)
Episode 198: Vendor Risk and Supply Chain Considerations (Domain 5)
Episode 197: Mean Time Metrics and System Resilience (Domain 5)
Episode 196: Understanding Recovery Objectives (Domain 5)
Episode 195: Business Impact Analysis (Domain 5)
Episode 194: Risk Reporting and Communication (Domain 5)
Episode 193: Risk Management Strategies (Domain 5)
Episode 192: Risk Appetite, Tolerance, and Thresholds (Domain 5)
Episode 191: Risk Registers and Key Risk Indicators (Domain 5)
Episode 190: Risk Analysis and Scoring (Domain 5)
Episode 189: Conducting Risk Assessments (Domain 5)
Episode 188: Risk Management Fundamentals (Domain 5)
Episode 187: Governance Structures and Roles (Part 2) (Domain 5)
Episode 186: Governance Structures and Roles (Part 1) (Domain 5)
Episode 185: Monitoring and Revising Governance Policies (Domain 5)
Episode 184: External Security Governance Considerations (Domain 5)
Episode 183: Procedures and Playbooks (Domain 5)
Episode 182: Security Standards and Physical Controls (Domain 5)
Episode 181: Incident Response Policies and Procedures (Domain 5)
Episode 180: Key Security Policies and Standards (Domain 5)
Episode 179: Introduction to Security Governance (Domain 5)
Episode 178: Introduction to Domain Five — Security Program Management and Oversight
Episode 177: Packet Captures in Investigations (Domain 4)
Episode 176: Dashboards and Visualization Tools (Domain 4)
Episode 175: Vulnerability Scan Data and Automated Reporting (Domain 4)
Episode 174: Leveraging Log Data (Part 2) (Domain 4)
Episode 173: Leveraging Log Data (Part 1) (Domain 4)
Episode 172: Forensic Evidence Preservation and E-Discovery (Domain 4)
Episode 171: Forensics – Data Acquisition and Reporting (Domain 4)
Episode 170: Digital Forensics Foundations (Domain 4)
Episode 169: Root Cause Analysis and Threat Hunting (Domain 4)
Episode 168: Incident Response Training and Testing (Domain 4)
Episode 167: Incident Response – Lessons Learned (Domain 4)
Episode 166: Incident Response Process (Part 2) (Domain 4)
Episode 165: Incident Response Process (Part 1) (Domain 4)
Episode 164: Considerations for Security Automation (Part 2) (Domain 4)
Episode 163: Considerations for Security Automation (Part 1) (Domain 4)
Episode 162: Benefits of Security Automation (Part 2) (Domain 4)
Episode 161: Benefits of Security Automation (Part 1) (Domain 4)
Episode 160: Continuous Integration and API Automation (Domain 4)
Episode 159: Technical Debt in Automation (Domain 4)
Episode 158: Automation and Scripting in Security (Domain 4)
Episode 157: Privileged Access Management (PAM) (Domain 4)
Episode 156: Secure Password Management (Domain 4)
Episode 155: MFA Authentication Factors (Domain 4)
Episode 154: Multifactor Authentication (MFA) Implementations (Domain 4)
Episode 153: Advanced Access Controls and Least Privilege (Domain 4)
Episode 152: Access Control Models (Part 2) (Domain 4)
Episode 151: Access Control Models (Part 1) (Domain 4)
Episode 150: Interoperability and Attestation (Domain 4)
Episode 149: Single Sign-On (SSO) and Protocols (Domain 4)
Episode 148: Identity Proofing and Federation (Domain 4)
Episode 147: User Account Provisioning and Permission Management (Domain 4)
Episode 146: User Behavior Analytics (Domain 4)
Episode 145: Network Access Control and Endpoint Protection (Domain 4)
Episode 144: File Integrity Monitoring and Data Loss Prevention (Domain 4)
Episode 143: DNS Filtering and Email Security Enhancements (Domain 4)
Episode 142: Secure Protocol Implementation (Domain 4)
Episode 141: Operating System Security Enhancements (Domain 4)
Episode 140: Web Filtering and Content Security (Domain 4)
Episode 139: Enhancing IDS/IPS Effectiveness (Domain 4)
Episode 138: Enhancing Firewall Capabilities (Domain 4)
Episode 137: Vulnerability Scanning Tools and Practices (Domain 4)
Episode 136: Network-Based Monitoring Tools (Domain 4)
Episode 135: Endpoint and Data Security Monitoring Tools (Domain 4)
Episode 134: Security Monitoring Tools (Part 2) (Domain 4)
Episode 133: Security Monitoring Tools (Part 1) (Domain 4)
Episode 132: Alert Response and Validation (Domain 4)
Episode 131: Key Security Monitoring Activities (Part 2) (Domain 4)
Episode 130: Key Security Monitoring Activities (Part 1) (Domain 4)
Episode 129: Monitoring Computing Resources (Domain 4)
Episode 128: Effective Vulnerability Reporting (Domain 4)
Episode 127: Validation of Remediation Efforts (Domain 4)
Episode 126: Vulnerability Response and Remediation (Part 2) (Domain 4)
Episode 125: Vulnerability Response and Remediation (Part 1) (Domain 4)
Episode 124: Vulnerability Analysis and Prioritization (Part 2) (Domain 4)
Episode 123: Vulnerability Analysis and Prioritization (Part 1) (Domain 4)
Episode 122: System and Process Auditing (Domain 4)
Episode 121: Vulnerability Identification Methods (Part 2) (Domain 4)
Episode 120: Vulnerability Identification Methods (Part 1) (Domain 4)
Episode 119: Data Retention and Secure Management Practices (Domain 4)
Episode 118: Secure Asset Disposal and Decommissioning (Domain 4)
Episode 117: Asset Monitoring and Tracking (Domain 4)
Episode 116: Assignment, Ownership, and Classification (Domain 4)
Episode 115: Acquisition and Procurement Security (Domain 4)
Episode 114: Isolation and Monitoring Techniques (Domain 4)
Episode 113: Application Security Essentials (Domain 4)
Episode 112: Advanced Wireless Security Techniques (Domain 4)
Episode 111: Securing Mobile Connectivity (Domain 4)
Episode 110: Securing Mobile Solutions (Domain 4)
Episode 109: Securing Wireless Networks (Part 1) (Domain 4)
Episode 108: Hardening Embedded Systems and IoT Devices (Domain 4)
Episode 107: Hardening Computing Resources (Part 2) (Domain 4)
Episode 106: Hardening Computing Resources (Part 1) (Domain 4)
Episode 105: Secure Baselines and System Management (Domain 4)
Episode 104: Introduction to Domain Four — Security Operations
Episode 103: Power Resilience and Continuity (Domain 3)
Episode 102: Data Recovery Techniques (Domain 3)
Episode 101: Backup Strategies and Best Practices (Part 2) (Domain 3)
Episode 100: Backup Strategies and Best Practices (Part 1) (Domain 3)
Episode 99: Comprehensive Testing for Resilience (Domain 3)
Episode 98: Continuity of Operations and Capacity Planning (Domain 3)
Episode 97: Platform Diversity and Multi-cloud Architecture (Domain 3)
Episode 96: Disaster Recovery Site Considerations (Domain 3)
Episode 95: High Availability and System Resilience (Domain 3)
Episode 94: Methods to Secure Data (Part 3) (Domain 3)
Episode 93: Methods to Secure Data (Part 2) (Domain 3)
Episode 92: Methods to Secure Data (Part 2) (Domain 3)
Episode 91: Methods to Secure Data (Part 1) (Domain 3)
Episode 90: Data Sovereignty and Geolocation (Domain 3)
Episode 89: General Data Considerations – States of Data (Domain 3)
Episode 88: Data Classification Strategies (Part 2) (Domain 3)
Episode 87: Data Classification Strategies (Part 1) (Domain 3)
Episode 86: Human vs. Non-human Readable Data (Domain 3)
Episode 85: Data Types and Their Protection (Domain 3)
Episode 84: Selecting Effective Security Controls (Domain 3)
Episode 83: Advanced Secure Access Solutions (Domain 3)
Episode 82: Secure Communication and Remote Access (Domain 3)
Episode 81: Firewalls and Security Gateways (Domain 3)
Episode 80: Port Security and Authentication Protocols (Domain 3)
Episode 79: Load Balancers and Sensors (Domain 3)
Episode 78: Device Attributes and Network Appliances (Domain 3)
Episode 77: Connectivity and Failure Modes (Domain 3)
Episode 76: Infrastructure Security Foundations (Domain 3)
Episode 75: Architecture Security Considerations (Part 3) (Domain 3)
Episode 74: Architecture Security Considerations (Part 2) (Domain 3)
Episode 73: Architecture Security Considerations (Part 1) (Domain 3)
Episode 72: High Availability Architectures (Domain 3)
Episode 71: Specialized Architecture Models (Domain 3)
Episode 70: On-Premises, Centralized, and Decentralized Architectures (Domain 3)
Episode 69: Network Infrastructure Security Models (Domain 3)
Episode 68: Cloud Architecture and Responsibilities (Domain 3)
Episode 67: Introduction to Domain Three — Security Architecture
Episode 66: System Hardening Techniques (Part 3) (Domain 2)
Episode 65: System Hardening Techniques (Part 2) (Domain 2)
Episode 64: System Hardening Techniques (Part 1) (Domain 2)
Episode 63: Configuration Enforcement and Decommissioning (Domain 2)
Episode 62: Monitoring and Least Privilege (Domain 2)
Episode 61: Patching and Encryption (Domain 2)
Episode 60: Application Allow Lists and Isolation (Domain 2)
Episode 59: Segmentation and Access Control (Domain 2)
Episode 58: General Indicators of Malicious Activity (Domain 2)
Episode 57: Password Attack Indicators (Domain 2)
Episode 56: Cryptographic Attack Indicators (Domain 2)
Episode 55: Application-Level Attack Indicators (Domain 2)
Episode 54: Network-Based Indicators (Part 2) (Domain 2)
Episode 53: Network-Based Indicators (Part 1) (Domain 2)
Episode 52: Physical Security Attacks and Indicators (Domain 2)
Episode 51: Indicators of Malware Attacks (Domain 2)
Episode 50: Understanding Zero-Day Vulnerabilities (Domain 2)
Episode 49: Misconfiguration and Mobile Device Vulnerabilities (Domain 2)
Episode 48: Supply Chain and Cryptographic Vulnerabilities (Domain 2)
Episode 47: Virtualization and Cloud-Specific Vulnerabilities (Domain 2)
Episode 46: Hardware and Firmware Vulnerabilities (Domain 2)
Episode 45: Operating System and Web-Based Vulnerabilities (Domain 2)
Episode 44: Application-Level Vulnerabilities (Domain 2)
Episode 43: Human Vectors and Social Engineering (Part 2) (Domain 2)
Episode 42: Human Vectors and Social Engineering (Part 1) (Domain 2)
Episode 41: Open Ports, Default Credentials, and Supply Chain Risks (Domain 2)
Episode 40: Network-Based Attack Surfaces (Domain 2)
Episode 39: Vulnerable Systems, Software, and Devices (Domain 2)
Episode 38: Image, File, and Voice-Based Threats (Domain 2)
Episode 37: Message-Based and Communication Threat Vectors (Domain 2)
Episode 36: Introduction to Threat Vectors and Attack Surfaces (Domain 2)
Episode 35: Motivations Behind Cyber Attacks (Part 3) (Domain 2)
Episode 34: Motivations Behind Cyber Attacks (Part 2) (Domain 2)
Episode 33: Motivations Behind Cyber Attacks (Part 1) (Domain 2)
Episode 32: Attributes and Capabilities of Threat Actors (Domain 2)
Episode 31: Insider Threats, Organized Crime, and Shadow IT (Domain 2)
Episode 30: Understanding Threat Actors (Domain 2)
Episode 29: Introduction to Domain Two — Threats, Vulnerabilities, and Mitigations
Episode 28: Certificates, Authorities, and Management (Domain 1)
Episode 27: Advanced Cryptographic Techniques (Domain 1)
Episode 26: Hashing, Salting, and Digital Signatures (Domain 1)
Episode 25: Obfuscation and Data Protection Techniques (Domain 1)
Episode 24: Cryptographic Hardware and Secure Storage (Domain 1)
Episode 23: Comprehensive Encryption Techniques (Domain 1)
Episode 22: Introduction to Cryptography and PKI (Domain 1)
Episode 21: Documentation and Version Control (Domain 1)
Episode 20: Technical Implications of Change Management (Domain 1)
Episode 19: Effective Implementation and Maintenance in Change Management (Domain 1)
Episode 18: Business Processes in Change Management (Domain 1)
Episode 17: Introduction to Change Management (Domain 1)
Episode 16: Deception and Disruption Technologies (Domain 1)
Episode 15: Physical Security Essentials (Domain 1)
Episode 14: Gap Analysis and Zero Trust Security (Domain 1)
Episode 13: Non-Repudiation and AAA (Authentication, Authorization, Accounting) (Domain 1)
Episode 12: Confidentiality, Integrity, and Availability (CIA Triad) (Domain 1)
Episode 11: Compensating and Directive Controls (Domain 1)
Episode 10: Security Control Types Explained (Part 2) (Domain 1)
Episode 9: Security Control Types Explained (Part 1) (Domain 1)
Episode 8: Physical Controls and Their Implementation (Domain 1)
Episode 7: Security Control Categories Deep Dive (Domain 1)
Episode 6: Introduction to Security Controls (Domain 1)
Episode 5: Introduction to Domain One — General Security Concepts
Episode 4: What to Expect on Exam Day—and Beyond
Episode 3: Preparing for the Security Plus Exam: Study Strategies That Work
Episode 2: How the Security Plus SY0-701 Exam Is Organized
Episode 1: What Is the CompTIA Security Plus Certification?