All Episodes
Displaying 101 - 119 of 119 in total
Episode 101 — Standards and Procedures: Baselines, Passwords, Physical Security, RFCs, Encryption, SOPs, and Runbooks (5.1)
This episode explains how standards and procedures turn broad security policy into repeatable action. Students should understand that baselines define approved configu...
Episode 102 — Plans and Policies: BCP, DRP, BYOD, AUP, Clean Desk, Incident Response, Data Retention, Access Control, and Privacy (5.1)
This episode covers major security plans and policies students are expected to recognize for the Security+ exam. Business continuity plans focus on keeping essential f...
Episode 103 — Risk Identification and Assessment: Assets, Stakeholders, Scoring, and Categorization (5.2)
This episode introduces risk identification and assessment as the process of finding what could go wrong, what assets could be affected, and who needs to be involved i...
Episode 104 — Risk Analysis and Registers: Impact, Likelihood, Owners, Current Mitigations, and Qualitative vs. Quantitative Risk (5.2)
This episode explains risk analysis and the role of the risk register in tracking organizational risk. Students should understand impact as the amount of harm a risk c...
Episode 105 — Risk Treatment and Business Impact: Transfer, Accept, Avoid, Mitigate, BIA, Appetite, Residual Risk, SLE, ALE, and ARO (5.2)
This episode covers risk treatment and business impact concepts that help organizations decide what to do after a risk is assessed. Students should understand that ris...
Episode 106 — Third-Party Risk: Vendor Selection, RFP, RFI, RFQ, EOI, Due Diligence, and Conflicts (5.3)
This episode explains third-party risk and why vendors, partners, suppliers, service providers, and contractors can extend an organization’s attack surface and complia...
Episode 107 — Agreements and Monitoring: SLA, SLO, MOU, MOA, NDA, MSA, SOW, and Right to Audit (5.3)
This episode covers common third-party agreements and monitoring terms that define expectations between organizations. Service-level agreements establish required serv...
Episode 108 — Vendor Constraints and Rules of Engagement: Jurisdiction, ROI, Lock-In, and Assurance Mechanisms (5.3)
This episode explains vendor constraints and assurance mechanisms that affect third-party risk decisions. Students should understand that staffing, resources, geograph...
Episode 109 — Compliance Training and Monitoring: Data Handling, AML/CTF, Anti-Bribery, and Attestations (5.4)
This episode explains compliance as the need to meet laws, regulations, contracts, internal policies, and industry standards. Students should understand that complianc...
Episode 110 — Non-Compliance, Privacy Rights, Legal Holds, Legal Orders, and Retention (5.4)
This episode covers the consequences of non-compliance and the legal and privacy concepts that shape data handling decisions. Students should understand that non-compl...
Episode 111 — Audit Data Gathering: Sampling, Questionnaires, Interviews, Assertions, and Reference Sources (5.5)
This episode explains how audits and assessments gather evidence to determine whether controls, processes, and security requirements are working as expected. Students ...
Episode 112 — Audit Scope and Engagements: Charters, Gap Analysis, Internal Reviews, External Reviews, and Benchmarking (5.5)
This episode covers audit scope and engagement planning, including charters, frequency, boundaries, gap analysis, internal reviews, external reviews, regulatory assess...
Episode 113 — Penetration Testing, Reconnaissance, Frameworks, Functional Testing, and Behavioral Testing (5.5)
This episode explains penetration testing and related assessment methods at a Security+ level. Students should understand the difference between known, unknown, and pa...
Episode 114 — Security Awareness Training: Onboarding, Ongoing, Targeted, and Corrective Training (5.6)
This episode explains security awareness as an ongoing program rather than a one-time compliance activity. Students should understand onboarding training as the first ...
Episode 115 — Awareness Delivery and Effectiveness: LMS, Self-Service, Metrics, Behavior Risk Scoring, BEC, BYOD, and Remote Work (5.6)
This episode covers how security awareness is delivered, measured, and improved over time. Students should understand learning management systems, self-service trainin...
Episode 116 — PBQ Strategy: Turning Objectives into Scenario Decisions (Review)
This episode teaches students how to approach performance-based questions by turning exam objectives into practical scenario decisions. A strong PBQ approach starts by...
Episode 117 — Full-Course Review: The SY0-801 Memory Map (Review)
This episode provides a guided review of the major relationships students should remember across the SY0-801 course. The five-domain structure can be understood as a c...
Episode 118 — Final Objectives Update: What Changed When CompTIA Finalized SY0-801 (Update)
This episode is reserved for final updates after CompTIA finalizes the SY0-801 exam objectives. Its purpose is to identify what changed from the draft objectives, incl...
Welcome to the CompTIA Security+ Audio Course!
Certified: The CompTIA Security+ V8 / SY0-801 Audio Course is built for learners who want a clear, practical path into modern cybersecurity fundamentals without being ...