Certified: SANS GIAC GSEC Audio Course
Episodes
Welcome to the SANS GSEC Audio Course
22 Oct 2025
Contributed by Lukas
Episode 100 — Final Exam-Day Readiness: Calm, Confident Execution
22 Oct 2025
Contributed by Lukas
Every hour of study leads to this moment, and this closing episode focuses on how to perform at your best when it counts. You’ll learn strategies fo...
Episode 99 — Continuous Improvement: Audits, Drills, and Reviews
22 Oct 2025
Contributed by Lukas
Improvement only happens when you measure and test what you’ve built. This episode focuses on how audits, exercises, and management reviews sustain ...
Episode 98 — Building a Security Program: Roadmaps and Maturity
22 Oct 2025
Contributed by Lukas
A strong security program doesn’t happen by chance—it’s built through deliberate planning and continuous growth. This episode walks through how ...
Episode 97 — Mapping Controls to Risks and Threats
22 Oct 2025
Contributed by Lukas
A control has no value unless it addresses a real risk, and this episode explores how to build that connection intentionally. You’ll learn how risk ...
Episode 96 — Frameworks Overview: CIS, NIST CSF, and ATT&CK
22 Oct 2025
Contributed by Lukas
Security frameworks turn best practices into organized action, and this episode introduces three of the most widely used: the Center for Internet Secu...
Episode 95 — Post-Incident Activities: Lessons, RCA, and Controls
22 Oct 2025
Contributed by Lukas
Every incident ends with questions: what happened, why, and how to prevent it next time. This episode explains how post-incident reviews turn disrupti...
Episode 94 — Incident Response II: Containment, Eradication, and Recovery
22 Oct 2025
Contributed by Lukas
Once an incident is confirmed, response shifts from analysis to action. This episode explores containment strategies—isolating infected hosts, block...
Episode 93 — Incident Response I: Preparation and Detection
22 Oct 2025
Contributed by Lukas
Incident response begins long before an alert fires, and this episode focuses on the first two phases—preparation and detection. You’ll learn how ...
Episode 92 — Playbooks and Runbooks: Standardizing Response
22 Oct 2025
Contributed by Lukas
Consistency under pressure saves time, and this episode explains how playbooks and runbooks make that possible. You’ll learn the difference between ...
Episode 91 — Detection Engineering Basics: From Hypothesis to Rule
22 Oct 2025
Contributed by Lukas
Detection engineering bridges the gap between raw telemetry and actionable alerts, and this episode explores how the process works. You’ll learn how...
Episode 90 — Metrics and Reporting: Turning Data into Decisions
22 Oct 2025
Contributed by Lukas
Metrics are how security proves its value, and this episode teaches you how to turn measurements into meaningful management insight. You’ll learn ho...
Episode 89 — Legal, Privacy, and Ethics for Practitioners
22 Oct 2025
Contributed by Lukas
Cybersecurity is as much about responsibility as it is about technology, and this episode explores the legal and ethical framework professionals must ...
Episode 88 — Physical Security and Environmental Controls
22 Oct 2025
Contributed by Lukas
Cybersecurity may dominate headlines, but physical safeguards remain just as vital. This episode explores how physical and environmental controls prot...
Episode 87 — Supply Chain and Third-Party Risk
22 Oct 2025
Contributed by Lukas
Every organization depends on vendors and partners, and this episode examines how that dependency creates new exposure. You’ll learn how software an...
Episode 86 — Secure File Transfer and Collaboration Patterns
22 Oct 2025
Contributed by Lukas
As organizations share data across teams, vendors, and regions, secure file transfer becomes essential to maintaining trust. This episode explains the...
Episode 85 — Email Security: SPF, DKIM, DMARC, and Gateways
22 Oct 2025
Contributed by Lukas
Email remains the top vector for phishing, fraud, and malware, and this episode explains how layered defenses counter those risks. You’ll learn how ...
Episode 84 — Data Loss Prevention: Endpoints, Network, and Cloud
22 Oct 2025
Contributed by Lukas
Data Loss Prevention (DLP) combines technology and policy to stop sensitive information from leaving where it belongs. This episode introduces the cor...
Episode 83 — Data Classification and Handling Requirements
22 Oct 2025
Contributed by Lukas
Not all data is created equal, and this episode explains how classification brings order and protection to information assets. You’ll learn how orga...
Episode 82 — Secrets Management and Key Handling
22 Oct 2025
Contributed by Lukas
Every system depends on secrets—API tokens, encryption keys, and credentials—and this episode focuses on how to protect them. You’ll learn the d...
Episode 81 — Virtualization and Container Security Basics
22 Oct 2025
Contributed by Lukas
Virtualization and containers have revolutionized how systems are deployed, but they’ve also redefined the attack surface. This episode explains how...
Episode 80 — Cloud Security III: Logging, Keys, and Workload Hygiene
22 Oct 2025
Contributed by Lukas
Visibility, key management, and workload upkeep form the operational backbone of secure cloud environments. This episode explains how enabling platfor...
Episode 79 — Cloud Security II: IAM, Network, and Storage Controls
22 Oct 2025
Contributed by Lukas
Identity, network, and storage security define the heart of cloud defense, and this episode dives deep into each. You’ll learn how cloud IAM policie...
Episode 78 — Cloud Security I: Shared Responsibility Model
22 Oct 2025
Contributed by Lukas
The cloud redefines where control ends and trust begins, and this episode introduces the shared responsibility model that governs it. You’ll learn h...
Episode 77 — Secure Baselines: Hardening Guides and Benchmarks
22 Oct 2025
Contributed by Lukas
Every secure environment starts with a baseline, and this episode explains how hardening guides and benchmarks create consistency across systems. You’...
Episode 76 — Change and Configuration Management Controls
22 Oct 2025
Contributed by Lukas
Stability and security both depend on disciplined change, and this episode explores how organizations govern that process through Change and Configura...
Episode 75 — Business Continuity and Disaster Recovery Basics
22 Oct 2025
Contributed by Lukas
When incidents scale beyond a single system, organizations rely on Business Continuity (BC) and Disaster Recovery (DR) planning to stay afloat. This e...
Episode 74 — Backup Fundamentals: 3-2-1, Immutability, and Testing
22 Oct 2025
Contributed by Lukas
Backups are the ultimate recovery safety net, but only if they’re designed correctly. This episode explains the 3-2-1 backup rule—three copies of ...
Episode 73 — Remediation Planning and Verification Loops
22 Oct 2025
Contributed by Lukas
Finding vulnerabilities is only half the equation—fixing them effectively is what truly reduces risk. This episode walks through how remediation pla...
Episode 72 — Pen Testing Basics: Rules, Methods, and Ethics
22 Oct 2025
Contributed by Lukas
Penetration testing turns theory into simulation, offering a controlled way to measure defensive strength. This episode explains how pen testing diffe...
Episode 71 — Vulnerability Management II: Scanners, False Positives, and SLAs
22 Oct 2025
Contributed by Lukas
Once assets are identified, the next challenge is analyzing their weaknesses efficiently and accurately. This episode explores how vulnerability scann...
Episode 70 — Vulnerability Management I: Asset Inventory and Scoping
22 Oct 2025
Contributed by Lukas
You can’t protect what you don’t know you have, and this episode begins the journey into vulnerability management by focusing on discovery and sco...
Episode 69 — Phishing and Social Engineering Countermeasures
22 Oct 2025
Contributed by Lukas
Technology can fail, but awareness turns people into active defenders. This episode focuses on phishing and social engineering—the most persistent c...
Episode 68 — Ransomware: Controls, Backups, and Playbooks
22 Oct 2025
Contributed by Lukas
Ransomware has transformed from nuisance to national security issue, and this episode explores how to counter it systematically. You’ll learn how at...
Episode 67 — Malware II: Prevention, Detection, and Containment
22 Oct 2025
Contributed by Lukas
Once you know what malware is, the next step is learning how to stop it. This episode explores preventive measures such as least privilege, patch mana...
Episode 66 — Malware I: Types, Vectors, and Evasion
22 Oct 2025
Contributed by Lukas
Malware is a constant in cybersecurity, and this episode breaks down its many forms, how it spreads, and how it hides. You’ll learn the defining cha...
Episode 65 — API Security Fundamentals: Keys, Tokens, and Rate-Limits
22 Oct 2025
Contributed by Lukas
APIs are the unseen infrastructure of digital communication, and this episode examines how to secure them without slowing innovation. You’ll learn h...
Episode 64 — Common Web Risks: Injection, XSS, and CSRF
22 Oct 2025
Contributed by Lukas
Web applications remain one of the most common attack surfaces, and this episode dives into three of the most critical risks—Injection, Cross-Site S...
Episode 63 — Web Communication Security II: Headers and HSTS
22 Oct 2025
Contributed by Lukas
The smallest details in web configuration often have the biggest impact on security, and this episode explains how HTTP headers and strict transport p...
Episode 62 — Web Communication Security I: HTTPS, Cookies, and Sessions
22 Oct 2025
Contributed by Lukas
Web traffic security is at the core of modern cyber defense, and this episode unpacks how HTTPS, cookies, and sessions protect—or sometimes expose—...
Episode 61 — Crypto Tools: VPNs, SSH, GPG, and Disk Encryption
22 Oct 2025
Contributed by Lukas
Encryption moves from theory to practice through the tools we use every day, and this episode explores how they work together to protect data in motio...
Episode 60 — TLS in Practice: Ciphers, Versions, and Configs
22 Oct 2025
Contributed by Lukas
Transport Layer Security (TLS) is the protocol that makes online trust visible to users, and this episode breaks down how it actually works. You’ll ...
Episode 59 — PKI and Certificates: CA, CRL, and OCSP
22 Oct 2025
Contributed by Lukas
Public Key Infrastructure (PKI) brings order to digital trust, and this episode unpacks how it works from the inside out. You’ll learn how certifica...
Episode 58 — Cryptography II: Symmetric, Asymmetric, and Hashing
22 Oct 2025
Contributed by Lukas
Building on the previous episode, this discussion dives into the main families of cryptographic systems. You’ll learn how symmetric encryption uses ...
Episode 57 — Cryptography I: Core Concepts and Threats
22 Oct 2025
Contributed by Lukas
Encryption is the language of confidentiality, and this episode introduces the principles that make it work. You’ll learn the core goals of cryptogr...
Episode 56 — Retention, Chain of Custody, and Privacy Considerations
22 Oct 2025
Contributed by Lukas
This episode explores what happens after logs and evidence are collected—the policies that determine how long to keep them, how to protect them, and...
Episode 55 — Building Dashboards and Triage Routines
22 Oct 2025
Contributed by Lukas
Dashboards transform raw data into visual understanding, and this episode explains how to design them for clarity and purpose. You’ll learn how to s...
Episode 54 — SIEM Use Cases: Alerts, Detections, and Tuning
22 Oct 2025
Contributed by Lukas
A Security Information and Event Management (SIEM) platform is only as valuable as the detections it produces. This episode examines how SIEM systems ...
Episode 53 — Log Normalization and Time Synchronization (NTP)
22 Oct 2025
Contributed by Lukas
Log normalization and time synchronization may sound like technical housekeeping, but they’re the foundation of credible analytics. This episode unp...
Episode 52 — Logging Fundamentals: What, Where, and Why
22 Oct 2025
Contributed by Lukas
Good logging turns invisible activity into actionable intelligence. This episode explains what to log, where to collect it, and why retention matters....
Episode 51 — Zero Trust Networking: Principles to Practice
22 Oct 2025
Contributed by Lukas
Zero Trust has become one of the most discussed—and misunderstood—security models in recent years. This episode breaks down the concept into its p...
Episode 50 — Proxies, Gateways, and CASB Basics
22 Oct 2025
Contributed by Lukas
This episode focuses on the middlemen of modern connectivity—devices and services that inspect, control, and secure traffic before it reaches its de...
Episode 49 — Network Security Devices II: IDS/IPS and Placement
22 Oct 2025
Contributed by Lukas
Detection depends on visibility, and this episode explores how Intrusion Detection and Prevention Systems (IDS/IPS) turn network data into actionable ...
Episode 48 — Network Security Devices I: Firewalls and Policy
22 Oct 2025
Contributed by Lukas
Firewalls remain the cornerstone of perimeter defense, and this episode explores how they’ve evolved from simple packet filters to context-aware enf...
Episode 47 — macOS Security Essentials and Hardening
22 Oct 2025
Contributed by Lukas
Apple systems may be known for their usability, but they still demand deliberate hardening. This episode explains how macOS implements security throug...
Episode 46 — Mobile Device Security: MDM, BYOD, and App Risks
22 Oct 2025
Contributed by Lukas
Mobile devices blur the line between personal convenience and corporate exposure, and this episode explores how to manage that balance. You’ll learn...
Episode 45 — Browser and Email Client Hardening
22 Oct 2025
Contributed by Lukas
Browsers and email clients are constant targets because they sit at the crossroads of user behavior and external content. This episode explains how to...
Episode 44 — Endpoint Security II: Application Control and Sandboxing
22 Oct 2025
Contributed by Lukas
The most effective security often focuses on what is allowed, not just what is blocked. This episode explains how application control enforces that pr...
Episode 43 — Endpoint Security I: EPP, HIDS/HIPS, Firewalls
22 Oct 2025
Contributed by Lukas
Endpoint protection remains the front line of enterprise defense, and this episode explores the major technologies that define it. You’ll learn how ...
Episode 42 — Linux Incident Basics: Triage and Artifacts
22 Oct 2025
Contributed by Lukas
When something goes wrong on a Linux system, knowing where to start determines how much truth you recover. This episode walks you through initial tria...
Episode 41 — Bash for Security Automation
22 Oct 2025
Contributed by Lukas
Automation turns routine security work into scalable process, and Bash scripting remains one of the simplest and most flexible tools for doing just th...
Episode 40 — Linux Hardening: SSH, PAM, and Auditd
22 Oct 2025
Contributed by Lukas
Hardening Linux turns flexibility into security discipline, and this episode focuses on three pillars that make it possible: SSH, PAM, and Auditd. You...
Episode 39 — Linux Logging: Syslog, Journald, and Log Rotation
22 Oct 2025
Contributed by Lukas
Visibility defines resilience, and this episode explains how Linux records the events that matter. You’ll learn the roles of Syslog and Journald, ho...
Episode 38 — Linux Services and Daemons: systemd Control
22 Oct 2025
Contributed by Lukas
Behind every Linux workload runs a network of background services, or daemons, and this episode explores how systemd unifies their management. You’l...
Episode 37 — Linux Networking: Interfaces, iptables, and nftables
22 Oct 2025
Contributed by Lukas
This episode dives into how Linux handles network connectivity and control. You’ll learn how interfaces are configured, how IP addresses and routes ...
Episode 36 — Linux Permissions: UGO, SUID/SGID, and Sticky Bits
22 Oct 2025
Contributed by Lukas
Permissions are at the heart of Linux security, and this episode breaks down how the User, Group, and Other (UGO) model governs every file interaction...
Episode 35 — Linux Fundamentals: Files, Users, and Groups
22 Oct 2025
Contributed by Lukas
Linux plays a major role in modern security operations, and this episode introduces its foundational structure. You’ll learn how everything in Linux...
Episode 34 — Windows Investigation: Common Artifacts
22 Oct 2025
Contributed by Lukas
When incidents occur, the clues often hide in plain sight across the Windows operating system. This episode guides you through where to look and what ...
Episode 33 — PowerShell for Security Tasks
22 Oct 2025
Contributed by Lukas
PowerShell has become one of the most powerful tools in a Windows defender’s arsenal. This episode explores how administrators and analysts use it t...
Episode 32 — Windows Auditing: Event Logs and Policies
22 Oct 2025
Contributed by Lukas
Auditing turns system behavior into evidence, and this episode focuses on how Windows logging makes that visibility possible. You’ll learn how audit...
Episode 31 — Windows Patching and Update Channels
22 Oct 2025
Contributed by Lukas
Keeping Windows systems current is one of the most visible signs of a healthy security posture. This episode explains how Microsoft’s update ecosyst...
Episode 30 — Windows Services: RDP, SMB, IIS Hardening
22 Oct 2025
Contributed by Lukas
Windows services provide the functionality users rely on, but they also represent key points of exposure. This episode examines three common services—...
Episode 29 — Group Policy: Security Settings and Enforcement
22 Oct 2025
Contributed by Lukas
Group Policy is one of the most powerful management tools in the Windows ecosystem, and this episode shows how it translates governance into automatio...
Episode 28 — Windows Domain Basics: AD Structure and Trusts
22 Oct 2025
Contributed by Lukas
This episode dives into Active Directory (AD), the identity backbone of most enterprise Windows networks. You’ll learn how AD organizes resources in...
Episode 27 — Windows Accounts: Users, Groups, and Privileges
22 Oct 2025
Contributed by Lukas
Windows user management forms the identity layer of the operating system, and this episode explains how its structure enforces accountability and acce...
Episode 26 — Windows Fundamentals: Filesystems and ACLs
22 Oct 2025
Contributed by Lukas
Understanding the Windows filesystem is a cornerstone of both system administration and security analysis. This episode explains how file structures, ...
Episode 25 — Session Management and Timeout Strategy
22 Oct 2025
Contributed by Lukas
Once users are authenticated, managing that access safely becomes the next challenge. This episode explains how session management protects the contin...
Episode 24 — Password Policy, MFA, and Credential Hygiene
22 Oct 2025
Contributed by Lukas
Credentials remain the front door to most systems, and this episode explores how to secure them with modern best practices. We unpack how password gui...
Episode 23 — Identity & Access Management II: Roles and Least Privilege
22 Oct 2025
Contributed by Lukas
Building on the previous discussion, this episode moves from theory to design—showing how well-structured roles enforce control and accountability. ...
Episode 22 — Identity & Access Management I: AuthN vs AuthZ
22 Oct 2025
Contributed by Lukas
Identity is the foundation of control, and this episode clarifies two of its most important pillars: authentication and authorization. You’ll hear h...
Episode 21 — Wireless Hardening: Configs, Rogue APs, and WIDS/WIPS
22 Oct 2025
Contributed by Lukas
Once you understand wireless fundamentals, the next step is learning how to harden them against misuse. This episode examines how configuration choice...
Episode 20 — Wireless Basics: 802.11, WPA2/3, and EAP
22 Oct 2025
Contributed by Lukas
Wireless networking brings convenience and complexity in equal measure. This episode introduces the fundamentals of 802.11 standards, explaining how a...
Episode 19 — Network Monitoring: NetFlow, SPAN, and Taps
22 Oct 2025
Contributed by Lukas
Seeing what’s happening on the wire is essential for both prevention and response, and this episode covers the methods that make that visibility pos...
Episode 18 — DNS, DHCP, NAT: Security Implications
22 Oct 2025
Contributed by Lukas
Core network services often go overlooked, yet they represent some of the most targeted and misunderstood layers of modern infrastructure. This episod...
Episode 17 — Secure Routing and Switching Fundamentals
22 Oct 2025
Contributed by Lukas
Routing and switching form the circulatory system of any network, and understanding them is key to securing data in transit. This episode explains how...
Episode 16 — Network Segmentation: VLANs, Zones, and Trust
22 Oct 2025
Contributed by Lukas
Segmentation is one of the simplest yet most powerful ways to contain risk, and this episode explores how it works in practice. You’ll learn how Vir...
Episode 15 — Networking & Protocols III: Ports, Services, Bannering
22 Oct 2025
Contributed by Lukas
This episode dives into one of the most practical areas of network understanding: ports, services, and banners. Listeners learn how ports define the r...
Episode 14 — Networking & Protocols II: Addressing and Subnets
22 Oct 2025
Contributed by Lukas
Understanding IP addressing and subnetting isn’t just a math exercise—it’s a gateway to real security visibility. This episode explains how IP a...
Episode 13 — Networking & Protocols I: OSI and TCP/IP
22 Oct 2025
Contributed by Lukas
Every cybersecurity role depends on understanding how data moves, and this episode makes the OSI and TCP/IP models come alive. You’ll hear how each ...
Episode 12 — Security Awareness: Human Risk Controls
22 Oct 2025
Contributed by Lukas
Technology alone can’t stop breaches if people remain untrained, and this episode focuses on the human side of defense. You’ll hear how awareness ...
Episode 11 — Security Standards, Baselines, and Procedures
22 Oct 2025
Contributed by Lukas
This episode explains how security standards and baselines transform policy intent into measurable, repeatable action. You’ll learn how standards de...
Episode 10 — Security Policies: Purpose, Scope, Ownership
22 Oct 2025
Contributed by Lukas
Policies often read like paperwork, but this episode shows how they operate as enforceable promises that align behavior, budgets, and controls. We bre...
Episode 9 — Risk, Likelihood, and Impact in Practice
22 Oct 2025
Contributed by Lukas
This episode translates risk math into plain language you can apply under time pressure. We clarify how likelihood describes the chance a scenario mat...
Episode 8 — Threats, Vulnerabilities, and Exposure Basics
22 Oct 2025
Contributed by Lukas
Here we untangle three terms that often get blended in conversation and on exams. The episode defines a threat as an agent or event with intent or cap...
Episode 7 — Security Mindset & Defense in Depth
22 Oct 2025
Contributed by Lukas
This episode frames the series’ technical content with a practitioner’s mindset: assume failure is possible, design so it’s contained, and verif...
Episode 6 — Mindset, Note-Taking, and Memory Techniques
22 Oct 2025
Contributed by Lukas
This episode helps you build a study mindset that sustains momentum rather than relying on last-minute cramming. You’ll hear how to set intention fo...
Episode 5 — Building Your Personal Learning Plan
22 Oct 2025
Contributed by Lukas
Everyone studies differently, and this episode helps listeners create a plan that actually works for them. It covers how to set realistic goals, map o...
Episode 4 — Test-Taking Tactics and Time Management
22 Oct 2025
Contributed by Lukas
Knowing the material is only half the battle; the other half is mastering how to take the test. This episode focuses on building calm, deliberate habi...
Episode 3 — Study Blueprint and Resource Strategy
22 Oct 2025
Contributed by Lukas
Every great exam performance starts with a plan, and this episode lays out exactly how to build one. Listeners will learn how to translate the GSEC ob...
Episode 2 — Registration, Exam Logistics, and Scoring
22 Oct 2025
Contributed by Lukas
Before diving into study materials, it helps to understand how the GSEC exam process works from start to finish. This episode walks through everything...