@richard-reeves132,

The additional TLS certificate, standalone or not shouldn't affect a redirect or security.

Remember that the redirect is accomplished using DNS (I'm assuming).

A certificate on your ABC would just give the ability for any client to use keys to secure traffic back to ABC and that you've connected to the ABC server.

@SIMON-TAPLIN,
I'm not sure why I forgot to post this. It should be in our catalog now. I had asked about it the day you posted. My apologies.

This question highlights an important cloud principle called the "Shared Responsibility Model". Let's say I spin up a Windows virtual machine in a public cloud (AWS, Azure, GCP, etc). It is my responsibility to install the appropriate antivirus software following the provisioning of the VM. It is the responsibility of the cloud provider to keep the hardware secure on which my VM is running.

When you are operating on-prem - everything is your responsibility. :-) Notice there is no Shared Responsibility Model in this case.

I hope this helps and I look forward to answering any follow up questions you might have.

Wow! What a comprehensive response! Thank you so much, Robin. Very helpful!

I am. I don't get to study as much as I would like, but I'm always learning something from the videos on here.

Hi Simon! The Cybersecurity Fundamentals course is a standalone course (one module) to assist with studying for the ISC2 CC exam. I went through the exam objectives and covered each topic to the best of my ability, but because it is a fairly short/less extensive exam, one module was sufficient to cover everything. I hope this helps!

Hey @Nat-Gregory

What many BC plans do is to perform a Risk Assessment and Business Impact Analysis(BIA) of their organization. From there you would be able to identify the most likely events and their impact to your business, which would allow you to estimate the cost of recovery. From there you would develop a recovery strategy and budget for those events. Finally you would review and test the plan regularly as well as document the plan and updates.

I hope that helps

Cheers,
Daniel

@Taylor-Armstrong,
These are not on our current roadmap. Please submit these as course requests via the chat bubble on our website. This will officially log these request and make sure they get to the right team for consideration.

@Taylor-Armstrong,
In 2024, we've had to remove some items on our video production schedule. Please submit this as a courses request via the site's chat bubble. This will officially log the request for us to consider for the road map.

@Andrew-Despres You are very welcome. Like Daniel once said. "If you can't go straight trough, take a detour". In my opinion, Cloud Security is new way to break into Cyber Security. Unless you create a big network of people inside the industry.

Please submit the name of the lab series and module you're attempting to get working, along with your description of the issue via the chat bubble on our site. This will log the issue with support and will allow our team to identify and work with you on the issue you're describing. Thank you.

Hi Robert - our category DODD 8570 identifies the content we have that is included as a baseline cert https://public.cyber.mil/wid/dod8140/dod-approved-8570-baseline-certifications/. As you said, there is a lot of information out there and it can be confusing. Hope this link helps. Thanks!

Thanks @daniel-lowrie87 that's why I asked. I would like to add Splunk knowledge to my resume. Since Splunk is a leading brand and with XDR exposure I think it would place me in a nice spot. Thanks for your time.

Please submit this as a course request via the chat bubble on our site. We do not currently have it on our roadmap for 2024. But that is the official way to insure that your request is logged and makes it to our team for evaluation and consideration.

I found the following article: https://www.techtarget.com/searchsecurity/tip/Steps-in-the-information-security-program-life-cycle

It doesn't reference what model is being used but it is aligned with this question. Would love to know whether I need to know this information for the CISSP exam.

Yes on that last point except if there is some sort of opportunity to perform an extraction of the keys through a more invasive approach. Pretty unlikely in most scenarios but I didn't want to leave out the possibility.

Thanks!

The real problematic one is "lighting" since this could be checked out in the initial analysis.

Yeah - the right answer here was shatter resistant because that was the main concern the question author was concerned with. In the actual exam, I would hope the question would make the choice a bit more obvious. For example, we could state in the question that employee safety is a primary concern.

Might be a potential course down the road.