Certified: The CompTIA Security+ Audio Course
Episodes
Episode 122: System and Process Auditing (Domain 4)
15 Jun 2025
Contributed by Lukas
Auditing is how security teams verify that controls are working, policies are being followed, and no one is operating outside expected behavior—and ...
Episode 121: Vulnerability Identification Methods (Part 2) (Domain 4)
15 Jun 2025
Contributed by Lukas
Continuing our exploration of how vulnerabilities are identified, this episode focuses on external and community-driven methods, including penetration...
Episode 120: Vulnerability Identification Methods (Part 1) (Domain 4)
15 Jun 2025
Contributed by Lukas
Finding vulnerabilities before attackers do is a core function of modern cybersecurity, and this episode explores the technical methods used to identi...
Episode 119: Data Retention and Secure Management Practices (Domain 4)
15 Jun 2025
Contributed by Lukas
Data retention policies define what data must be kept, for how long, and under what security controls—and when they’re done right, they strike a b...
Episode 118: Secure Asset Disposal and Decommissioning (Domain 4)
15 Jun 2025
Contributed by Lukas
When assets reach the end of their lifecycle, they don’t just disappear—they become potential liabilities if not securely decommissioned. In this ...
Episode 117: Asset Monitoring and Tracking (Domain 4)
15 Jun 2025
Contributed by Lukas
Security begins with visibility, and that means knowing what devices, systems, and software exist within your environment at all times. In this episod...
Episode 116: Assignment, Ownership, and Classification (Domain 4)
15 Jun 2025
Contributed by Lukas
To manage risk effectively, organizations must know what they own, who is responsible for it, and how critical it is—this is the basis of asset assi...
Episode 115: Acquisition and Procurement Security (Domain 4)
15 Jun 2025
Contributed by Lukas
Security doesn’t start when a system is installed—it begins during the procurement process. In this episode, we examine how secure acquisition str...
Episode 114: Isolation and Monitoring Techniques (Domain 4)
15 Jun 2025
Contributed by Lukas
Isolation and monitoring form a defensive pairing that not only limits the spread of threats but enables rapid detection and response. In this episode...
Episode 113: Application Security Essentials (Domain 4)
15 Jun 2025
Contributed by Lukas
Applications are often the most exposed layer of an organization’s attack surface, and defending them requires both proactive development practices ...
Episode 112: Advanced Wireless Security Techniques (Domain 4)
15 Jun 2025
Contributed by Lukas
As wireless threats become more sophisticated, organizations must move beyond basic security measures and implement advanced techniques to protect acc...
Episode 111: Securing Mobile Connectivity (Domain 4)
15 Jun 2025
Contributed by Lukas
Mobile devices connect through a variety of channels—cellular networks, Wi-Fi, and Bluetooth—each with its own risks and requirements for secure o...
Episode 110: Securing Mobile Solutions (Domain 4)
15 Jun 2025
Contributed by Lukas
Mobile devices have become indispensable for productivity, but they also introduce unique security challenges due to their portability, connectivity, ...
Episode 109: Securing Wireless Networks (Part 1) (Domain 4)
15 Jun 2025
Contributed by Lukas
Wireless networks offer convenience, but they also expand the attack surface by broadcasting connectivity beyond physical boundaries, making them inhe...
Episode 108: Hardening Embedded Systems and IoT Devices (Domain 4)
15 Jun 2025
Contributed by Lukas
Embedded systems and IoT devices often operate in environments where security is either underprioritized or extremely difficult to implement, making t...
Episode 107: Hardening Computing Resources (Part 2) (Domain 4)
15 Jun 2025
Contributed by Lukas
Continuing our discussion on hardening, this episode shifts focus to cloud infrastructure, servers, and industrial systems—each of which requires a ...
Episode 106: Hardening Computing Resources (Part 1) (Domain 4)
15 Jun 2025
Contributed by Lukas
Hardening is the practice of stripping down systems to only what they need to function securely, and this episode focuses on doing just that for mobil...
Episode 105: Secure Baselines and System Management (Domain 4)
15 Jun 2025
Contributed by Lukas
Establishing a secure baseline is one of the most fundamental—and often overlooked—steps in managing system security. In this episode, we explain ...
Episode 104: Introduction to Domain Four — Security Operations
15 Jun 2025
Contributed by Lukas
If Domains One through Three are about understanding the principles and design of cybersecurity, then Domain Four is about the actual day-to-day work ...
Episode 103: Power Resilience and Continuity (Domain 3)
15 Jun 2025
Contributed by Lukas
Without reliable power, even the most secure systems are at risk of failure—and in many environments, loss of power is both a security and safety is...
Episode 102: Data Recovery Techniques (Domain 3)
15 Jun 2025
Contributed by Lukas
Backups are only half of the story—the other half is how effectively you can recover from them. In this episode, we focus on data recovery technique...
Episode 101: Backup Strategies and Best Practices (Part 2) (Domain 3)
15 Jun 2025
Contributed by Lukas
Continuing our discussion on backups, this episode explores encryption, snapshots, and backup lifecycle management—three critical components of a se...
Episode 100: Backup Strategies and Best Practices (Part 1) (Domain 3)
15 Jun 2025
Contributed by Lukas
Backups form the last line of defense when everything else fails, and a good strategy turns potential disaster into a recoverable event. In this episo...
Episode 99: Comprehensive Testing for Resilience (Domain 3)
15 Jun 2025
Contributed by Lukas
Preparation is only as good as its ability to withstand the unexpected, and resilience testing is how you find out whether your systems, processes, an...
Episode 98: Continuity of Operations and Capacity Planning (Domain 3)
15 Jun 2025
Contributed by Lukas
Even the most secure systems are useless if they can’t operate under pressure, and this episode explores the intersection of cybersecurity with busi...
Episode 97: Platform Diversity and Multi-cloud Architecture (Domain 3)
15 Jun 2025
Contributed by Lukas
Relying on a single technology stack or vendor can introduce systemic risk, and in this episode, we explore how platform diversity and multi-cloud str...
Episode 96: Disaster Recovery Site Considerations (Domain 3)
15 Jun 2025
Contributed by Lukas
Disaster recovery planning ensures that when critical infrastructure goes offline—whether due to cyberattack, natural disaster, or hardware failure—...
Episode 95: High Availability and System Resilience (Domain 3)
15 Jun 2025
Contributed by Lukas
Security isn’t just about keeping attackers out—it’s also about keeping services running when they try to bring you down. In this episode, we ex...
Episode 94: Methods to Secure Data (Part 3) (Domain 3)
15 Jun 2025
Contributed by Lukas
In this final installment on data protection methods, we focus on segmentation and permission restrictions—two strategic approaches that limit both ...
Episode 93: Methods to Secure Data (Part 2) (Domain 3)
15 Jun 2025
Contributed by Lukas
Beyond encryption, organizations have additional tools to secure data in contexts where usability, compliance, or performance requirements call for al...
Episode 92: Methods to Secure Data (Part 2) (Domain 3)
15 Jun 2025
Contributed by Lukas
Beyond encryption, organizations have additional tools to secure data in contexts where usability, compliance, or performance requirements call for al...
Episode 91: Methods to Secure Data (Part 1) (Domain 3)
15 Jun 2025
Contributed by Lukas
Protecting data effectively starts with strong core methods that control access and visibility, and in this episode, we focus on geographic restrictio...
Episode 90: Data Sovereignty and Geolocation (Domain 3)
15 Jun 2025
Contributed by Lukas
Where data physically resides has become a legal and operational priority for organizations operating in an increasingly globalized and regulated worl...
Episode 89: General Data Considerations – States of Data (Domain 3)
15 Jun 2025
Contributed by Lukas
Data security isn’t just about what kind of data you’re protecting—it’s also about when and where that data is at any given time. In this epis...
Episode 88: Data Classification Strategies (Part 2) (Domain 3)
15 Jun 2025
Contributed by Lukas
Building on the foundation from part one, this episode explores public and private data categories, the importance of policy-driven classification, an...
Episode 87: Data Classification Strategies (Part 1) (Domain 3)
15 Jun 2025
Contributed by Lukas
Data classification provides the foundation for applying security controls based on risk and sensitivity, and in this episode, we examine the first pa...
Episode 86: Human vs. Non-human Readable Data (Domain 3)
15 Jun 2025
Contributed by Lukas
Not all data is meant for human eyes, and in cybersecurity, understanding the distinction between human-readable and non-human-readable data formats i...
Episode 85: Data Types and Their Protection (Domain 3)
15 Jun 2025
Contributed by Lukas
Data is not monolithic—its classification and context determine how it should be secured. In this episode, we explore different types of data, inclu...
Episode 84: Selecting Effective Security Controls (Domain 3)
15 Jun 2025
Contributed by Lukas
Choosing the right security controls is not about applying everything—it’s about applying the right things, in the right places, at the right time...
Episode 83: Advanced Secure Access Solutions (Domain 3)
15 Jun 2025
Contributed by Lukas
Traditional perimeter security isn’t enough in a world of mobile users, cloud resources, and third-party integrations. In this episode, we explore a...
Episode 82: Secure Communication and Remote Access (Domain 3)
15 Jun 2025
Contributed by Lukas
As remote work and distributed systems become the norm, securing communication across potentially hostile networks is more important than ever. In thi...
Episode 81: Firewalls and Security Gateways (Domain 3)
15 Jun 2025
Contributed by Lukas
Firewalls are one of the oldest and most trusted tools in network defense, but today’s environments require more than just simple packet filtering. ...
Episode 80: Port Security and Authentication Protocols (Domain 3)
15 Jun 2025
Contributed by Lukas
Every port on your network is a potential doorway, and port security ensures those doors stay locked unless explicitly authorized. In this episode, we...
Episode 79: Load Balancers and Sensors (Domain 3)
15 Jun 2025
Contributed by Lukas
Load balancers and network sensors are often associated with performance and visibility—but they are just as critical to your security architecture....
Episode 78: Device Attributes and Network Appliances (Domain 3)
15 Jun 2025
Contributed by Lukas
Security isn’t just about policies and firewalls—it’s also about the capabilities and placement of the physical and virtual devices enforcing th...
Episode 77: Connectivity and Failure Modes (Domain 3)
15 Jun 2025
Contributed by Lukas
Connectivity powers modern organizations, but with it comes risk—especially when failure modes are not considered in the security design. In this ep...
Episode 76: Infrastructure Security Foundations (Domain 3)
15 Jun 2025
Contributed by Lukas
Securing infrastructure starts with design decisions about where and how devices are placed, how data flows, and where trust boundaries begin and end....
Episode 75: Architecture Security Considerations (Part 3) (Domain 3)
15 Jun 2025
Contributed by Lukas
In this final installment on architectural considerations, we focus on risk transference, ease of recovery, and the practical realities of patch avail...
Episode 74: Architecture Security Considerations (Part 2) (Domain 3)
15 Jun 2025
Contributed by Lukas
Responsiveness, scalability, and ease of deployment are three more pillars that heavily influence secure architecture decisions, especially in environ...
Episode 73: Architecture Security Considerations (Part 1) (Domain 3)
15 Jun 2025
Contributed by Lukas
Designing secure systems means weighing a variety of architectural considerations, and in this episode, we begin by focusing on availability, resilien...
Episode 72: High Availability Architectures (Domain 3)
15 Jun 2025
Contributed by Lukas
Availability is one of the core tenets of cybersecurity, and in mission-critical environments, downtime is simply not an option. In this episode, we f...
Episode 71: Specialized Architecture Models (Domain 3)
15 Jun 2025
Contributed by Lukas
Some systems require specialized architectural models due to their operational roles, legacy constraints, or real-time performance needs. In this epis...
Episode 70: On-Premises, Centralized, and Decentralized Architectures (Domain 3)
15 Jun 2025
Contributed by Lukas
Security must adapt to the architecture of the environment it protects, and that starts with understanding how infrastructure is organized. In this ep...
Episode 69: Network Infrastructure Security Models (Domain 3)
15 Jun 2025
Contributed by Lukas
Modern networks are no longer simple, flat environments—they are segmented, layered, and increasingly software-defined. In this episode, we explore ...
Episode 68: Cloud Architecture and Responsibilities (Domain 3)
15 Jun 2025
Contributed by Lukas
Cloud computing changes the game for infrastructure design and security responsibility, requiring organizations to understand not just how services wo...
Episode 67: Introduction to Domain Three — Security Architecture
15 Jun 2025
Contributed by Lukas
Cybersecurity isn’t just about stopping threats as they happen—it’s also about designing systems that are harder to attack in the first place. A...
Episode 66: System Hardening Techniques (Part 3) (Domain 2)
15 Jun 2025
Contributed by Lukas
In the final part of our system hardening series, we tackle some of the most overlooked but impactful practices: disabling unnecessary ports and servi...
Episode 65: System Hardening Techniques (Part 2) (Domain 2)
15 Jun 2025
Contributed by Lukas
Continuing our exploration of system hardening, this episode focuses on host-based firewalls and intrusion prevention systems (HIPS), which defend ind...
Episode 64: System Hardening Techniques (Part 1) (Domain 2)
15 Jun 2025
Contributed by Lukas
System hardening is about reducing the attack surface by eliminating unnecessary features, closing open ports, and enforcing strict policies across en...
Episode 63: Configuration Enforcement and Decommissioning (Domain 2)
15 Jun 2025
Contributed by Lukas
Keeping systems secure isn’t just about building them right—it’s about making sure they stay that way, and knowing how to shut them down properl...
Episode 62: Monitoring and Least Privilege (Domain 2)
15 Jun 2025
Contributed by Lukas
Monitoring and the principle of least privilege are two complementary pillars of proactive cybersecurity, enabling both visibility and access limitati...
Episode 61: Patching and Encryption (Domain 2)
15 Jun 2025
Contributed by Lukas
Patching and encryption are two of the most basic yet essential components of any security strategy—one protects against known vulnerabilities, the ...
Episode 60: Application Allow Lists and Isolation (Domain 2)
15 Jun 2025
Contributed by Lukas
Controlling what software is allowed to run—and isolating it when needed—is a fundamental principle of endpoint security. In this episode, we exam...
Episode 59: Segmentation and Access Control (Domain 2)
15 Jun 2025
Contributed by Lukas
Network segmentation and access control are two of the most powerful tools for limiting the scope and impact of an attack, especially once a threat ac...
Episode 58: General Indicators of Malicious Activity (Domain 2)
15 Jun 2025
Contributed by Lukas
Not every security breach begins with a smoking gun—many start with subtle shifts in system behavior that point to something being off. This episode...
Episode 57: Password Attack Indicators (Domain 2)
15 Jun 2025
Contributed by Lukas
Password attacks are among the most common initial access vectors, and recognizing their early indicators is key to stopping intrusions before they es...
Episode 56: Cryptographic Attack Indicators (Domain 2)
15 Jun 2025
Contributed by Lukas
Even strong encryption systems can be undermined by poor implementation, weak configurations, or direct cryptographic attacks—and recognizing the si...
Episode 55: Application-Level Attack Indicators (Domain 2)
15 Jun 2025
Contributed by Lukas
Applications are often targeted because they represent the gateway to sensitive data and services, and attackers leave behind subtle but detectable si...
Episode 54: Network-Based Indicators (Part 2) (Domain 2)
15 Jun 2025
Contributed by Lukas
Continuing our focus on network-based threats, this episode explores wireless-specific attacks and credential replay tactics that compromise network i...
Episode 53: Network-Based Indicators (Part 1) (Domain 2)
15 Jun 2025
Contributed by Lukas
The network is often where the first signs of an attack emerge—if you know what to look for. In this episode, we examine key indicators of network-b...
Episode 52: Physical Security Attacks and Indicators (Domain 2)
15 Jun 2025
Contributed by Lukas
While cybersecurity often focuses on virtual threats, physical attacks on facilities, hardware, and access points remain a serious and sometimes overl...
Episode 51: Indicators of Malware Attacks (Domain 2)
15 Jun 2025
Contributed by Lukas
Malware comes in many forms—ransomware, spyware, trojans, worms—and each leaves behind unique indicators that can help defenders detect infections...
Episode 50: Understanding Zero-Day Vulnerabilities (Domain 2)
15 Jun 2025
Contributed by Lukas
Zero-day vulnerabilities are software flaws that are unknown to the vendor and, critically, to defenders—giving attackers a window of opportunity to...
Episode 49: Misconfiguration and Mobile Device Vulnerabilities (Domain 2)
15 Jun 2025
Contributed by Lukas
Misconfiguration is one of the most common and preventable causes of security breaches, and mobile devices amplify this risk due to their ubiquity and...
Episode 48: Supply Chain and Cryptographic Vulnerabilities (Domain 2)
15 Jun 2025
Contributed by Lukas
Modern cybersecurity is deeply interconnected, and vulnerabilities in your vendors, partners, or third-party software can easily become vulnerabilitie...
Episode 47: Virtualization and Cloud-Specific Vulnerabilities (Domain 2)
15 Jun 2025
Contributed by Lukas
Virtualization and cloud computing introduce powerful efficiencies—but they also open up new categories of vulnerabilities that traditional security...
Episode 46: Hardware and Firmware Vulnerabilities (Domain 2)
15 Jun 2025
Contributed by Lukas
Cybersecurity doesn’t stop at software—hardware and firmware vulnerabilities can offer attackers deep, long-term access to systems in ways that ar...
Episode 45: Operating System and Web-Based Vulnerabilities (Domain 2)
15 Jun 2025
Contributed by Lukas
Operating systems and web applications form the backbone of IT infrastructure, and when left unpatched or misconfigured, they present rich targets for...
Episode 44: Application-Level Vulnerabilities (Domain 2)
15 Jun 2025
Contributed by Lukas
Applications serve as the user-facing layer of most digital environments, and they are frequently targeted by attackers exploiting poor coding practic...
Episode 43: Human Vectors and Social Engineering (Part 2) (Domain 2)
15 Jun 2025
Contributed by Lukas
While basic social engineering relies on message-based deception, more advanced techniques target identity, credibility, and digital presence through ...
Episode 42: Human Vectors and Social Engineering (Part 1) (Domain 2)
15 Jun 2025
Contributed by Lukas
People are often the weakest link in cybersecurity, and attackers exploit this through carefully crafted manipulation tactics known as social engineer...
Episode 41: Open Ports, Default Credentials, and Supply Chain Risks (Domain 2)
15 Jun 2025
Contributed by Lukas
Even the best-configured systems can fall victim to the most basic security oversights—like open ports and unchanged default passwords. In this epis...
Episode 40: Network-Based Attack Surfaces (Domain 2)
15 Jun 2025
Contributed by Lukas
Your network is the digital highway that connects everything in your organization—and if not properly secured, it becomes the perfect path for attac...
Episode 39: Vulnerable Systems, Software, and Devices (Domain 2)
15 Jun 2025
Contributed by Lukas
Many attacks succeed not because of advanced hacking techniques, but because of outdated, misconfigured, or unsupported systems that haven’t been pr...
Episode 38: Image, File, and Voice-Based Threats (Domain 2)
15 Jun 2025
Contributed by Lukas
While emails and text messages are well-known vectors, attackers also exploit images, file attachments, and voice communication to bypass traditional ...
Episode 37: Message-Based and Communication Threat Vectors (Domain 2)
15 Jun 2025
Contributed by Lukas
Attackers frequently exploit messaging channels—email, SMS, and instant messaging—to deliver payloads, harvest credentials, or manipulate users in...
Episode 36: Introduction to Threat Vectors and Attack Surfaces (Domain 2)
15 Jun 2025
Contributed by Lukas
Cybersecurity is not just about knowing your enemy—it’s about understanding the paths they take to reach you. This episode introduces threat vecto...
Episode 35: Motivations Behind Cyber Attacks (Part 3) (Domain 2)
15 Jun 2025
Contributed by Lukas
Not all cyberattacks are launched for money or politics—some are driven by emotion, chaos, or war. In this episode, we examine three additional moti...
Episode 34: Motivations Behind Cyber Attacks (Part 2) (Domain 2)
15 Jun 2025
Contributed by Lukas
Cyber threats aren’t always driven by stealth or sophistication—sometimes they are fueled by money, ideology, or ethics. In this episode, we conti...
Episode 33: Motivations Behind Cyber Attacks (Part 1) (Domain 2)
15 Jun 2025
Contributed by Lukas
Behind every cyberattack is a motive, and understanding why attackers do what they do is essential for predicting and preventing their behavior. This ...
Episode 32: Attributes and Capabilities of Threat Actors (Domain 2)
15 Jun 2025
Contributed by Lukas
To effectively model risk and defend systems, cybersecurity professionals must understand not just who the attackers are, but what they are capable of...
Episode 31: Insider Threats, Organized Crime, and Shadow IT (Domain 2)
15 Jun 2025
Contributed by Lukas
Some of the most damaging cybersecurity incidents originate not from unknown hackers, but from within—through employees, vendors, or unmanaged syste...
Episode 30: Understanding Threat Actors (Domain 2)
15 Jun 2025
Contributed by Lukas
Cyber threats come in many forms, and to defend effectively, you must understand the adversaries behind the attacks. This episode explores common cate...
Episode 29: Introduction to Domain Two — Threats, Vulnerabilities, and Mitigations
15 Jun 2025
Contributed by Lukas
If Domain One is the foundation of cybersecurity—built on core principles and frameworks—then Domain Two is where we start applying that knowledge...
Episode 28: Certificates, Authorities, and Management (Domain 1)
15 Jun 2025
Contributed by Lukas
Digital certificates are the backbone of online trust, providing the mechanism for authenticating websites, users, devices, and software in a secure, ...
Episode 27: Advanced Cryptographic Techniques (Domain 1)
15 Jun 2025
Contributed by Lukas
Modern threats require advanced cryptographic responses, and in this episode, we explore the techniques that strengthen authentication, protect weak c...
Episode 26: Hashing, Salting, and Digital Signatures (Domain 1)
15 Jun 2025
Contributed by Lukas
Data integrity and authenticity are two foundational pillars of cybersecurity, and in this episode, we explore how hashing, salting, and digital signa...
Episode 25: Obfuscation and Data Protection Techniques (Domain 1)
15 Jun 2025
Contributed by Lukas
While encryption is the gold standard for confidentiality, it’s not the only method for protecting sensitive information—especially in use cases l...
Episode 24: Cryptographic Hardware and Secure Storage (Domain 1)
15 Jun 2025
Contributed by Lukas
Software-based encryption can be effective, but for high-assurance environments, hardware-based cryptography adds critical layers of tamper resistance...
Episode 23: Comprehensive Encryption Techniques (Domain 1)
15 Jun 2025
Contributed by Lukas
Encryption is the most widely used method for ensuring data confidentiality, but its implementation must be tailored to the context in which data exis...