Overview
The Operations/IT Learning Path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed for those responsible for managing operations and sharing responsibility for project success, and managing day-to-day IT processes.
Concepts covered include:
- Essential goals and controls needed for secure software development
- Managing risk associated with the software development lifecycle
- Developing, implementing, and ensuring compliance with operational application security policies and procedures
- DES 151 – Fundamentals of the PCI Secure SLC Standard
- ENG 110 – Essential Account Management Security
- ENG 111 – Essential Session Management Security
- ENG 112 – Essential Access Control for Mobile Devices
- ENG 113 – Essential Secure Configuration Management
- ENG 114 – Essential Risk Assessment
- ENG 115 – Essential System & Information Integrity
- ENG 116 – Essential Security Planning Policy & Procedures
- ENG 117 – Essential Information Security Program Planning
- ENG 118 – Essential Incident Response
- ENG 119 – Essential Security Audit & Accountability
- ENG 120 – Essential Security Assessment & Authorization
- ENG 121 – Essential Identification & Authentication
- ENG 122 – Essential Physical & Environmental Protection
- ENG 123 – Essential Security Engineering Principles
- ENG 124 – Essential Application Protection
- ENG 125 – Essential Data Protection
- ENG 126 – Essential Security Maintenance Policies
- ENG 127 – Essential Media Protection
- ENG 150 – Meeting Confidentiality, Integrity, and Availability
- ENG 151 – Fundamentals of Privacy Protection
- API 250 – Controlling Access to the Kubernetes API (NEW)
- COD 252 – Securing Google Platform Applications & Data
- CYB 211 – Identifying and Protecting Assets Against Ransomware (NEW)
- CYB 212 – Fundamentals of Security Information & Event Management (SIEM) (NEW)
- DES 206 – Meeting Cloud Governance and Compliance Requirements
- DES 207 – Mitigating OWASP API Security Top 10
- DES 208 – Defending Against the CSA Top 11 Threats to Cloud Computing
- DES 210 – Hardening Linux/Unix Systems
- DES 214 – Securing Infrastructure Architecture (UPDATED)
- DES 215 – Defending Infrastructure (UPDATED)
- DES 216 – Protecting Cloud Infrastructure (UPDATED)
- DES 217 – Securing Terraform Infrastructure and Resources
- DES 218 – Protecting Microservices, Containers, and Orchestration (UPDATED)
- DSO 201 – Fundamentals of Secure DevOps
- DSO 205 – Securing the COTS Supply Chain
- DSO 206 – Securing the Open Source Supply Chain
- DSO 211 – Identifying Threats to Containers in a DevSecOps Framework
- DSO 212 – Fundamentals of Zero Trust Security
- DSO 256 – DevSecOps in the Google Cloud Platform
- ENG 205 – Fundamentals of Threat Modeling
- TST 202 – Penetration Testing Fundamentals
- TST 205 – Performing Vulnerability Scans
- TST 206 – ASVS Requirements for Developers
- DES 313 – Hardening a Kubernetes Cluster
- DES 314 – Hardening the Docker Engine
- DSO 301 – Orchestrating Secure System and Service Configuration
- DSO 302 – Automated Security Testing
- DSO 303 – Automating Security Updates
- DSO 305 – Automating CI/CD Pipeline Compliance
- TST 303 – Penetration Testing for Google Cloud Platform
- TST 304 – Penetration Testing for AWS Cloud
- TST 305 – Penetration Testing for Azure Cloud
Learning Path Details
Number of Courses: 54
Total Duration: 16 hours
Total CPE Credits: 19