All Episodes
Displaying 1 - 20 of 63 in total
Welcome to Certified: The CompTIA SecurityX Audio Course
Certified: The CompTIA SecurityX Certification Audio Course is an audio-first study companion built for working IT and security professionals who want a focused path i...
Episode 1 — Master the SecurityX Exam Format, Policies, Scoring, and PBQ Time Tactics
This episode breaks down the SecurityX exam structure so you can treat it like a timed operations problem rather than a surprise quiz, with special focus on how scorin...
Episode 2 — Build a Spoken Study Plan and Exam-Day Mental Models for SecurityX Success
This episode teaches you how to build a study plan that is realistic for working professionals and aligned to the way SecurityX questions reward reasoning, not memoriz...
Episode 3 — Operationalize Security Program Documentation: Policies, Standards, Procedures, Guidelines
This episode focuses on the documentation backbone of a security program and why SecurityX expects you to understand how policy, standard, procedure, and guideline art...
Episode 4 — Run Security Program Management Like a Pro: Training, RACI, Reporting
This episode explains how SecurityX evaluates your ability to run security as a coordinated program, not a collection of tools, by emphasizing training, accountability...
Episode 5 — Apply Governance Frameworks Wisely: COBIT, ITIL, and Practical Control Mapping
This episode teaches you how to treat governance frameworks as decision aids rather than rigid checklists, which is exactly the kind of judgment SecurityX often tests ...
Episode 6 — Control Change and Configuration Management Without Creating Security Drift
This episode explores how change management and configuration management prevent “security drift,” where systems slowly diverge from hardened baselines until controls ...
Episode 7 — Use GRC Tools for Mapping, Automation, Continuous Monitoring, and Evidence
This episode explains what governance, risk, and compliance (GRC) tools actually do in a mature program and how SecurityX expects you to think about them as systems fo...
Episode 8 — Govern Data Across Staging Environments: Dev, Test, QA, and Production
This episode teaches how to govern data across development and deployment environments, a frequent source of real-world breaches and a recurring SecurityX theme when q...
Episode 9 — Perform Impact Analysis Using Extreme-but-Plausible Scenarios That Actually Matter
This episode shows you how to perform impact analysis the way SecurityX expects: by using scenarios that are dramatic enough to reveal dependencies, but still plausibl...
Episode 10 — Execute Risk Assessments: Quantitative vs Qualitative, Appetite, Tolerance, Prioritization
This episode builds the risk assessment foundation that SecurityX uses across governance and architecture questions, focusing on how to choose between quantitative and...
Episode 11 — Manage Third-Party Risk: Supply Chain, Vendors, and Subprocessors Without Blind Spots
This episode explains how SecurityX expects you to evaluate third-party risk as an extension of your own attack surface, not a separate procurement checkbox, because m...
Episode 12 — Protect Availability: BC/DR Testing, Connected Backups, Disconnected Backups, Recovery
This episode focuses on availability as a security property with measurable engineering requirements, not just a slogan, and shows how SecurityX questions commonly tes...
Episode 13 — Protect Confidentiality: Leak Response, Privileged Data Breach, Reporting, Encryption
This episode teaches confidentiality as an operational capability you must be ready to execute under pressure, which is why SecurityX often frames questions around dat...
Episode 14 — Protect Integrity: Hashing, Remote Journaling, Anti-Tampering, Interference Controls
This episode explains integrity as the discipline of ensuring data and systems remain correct, complete, and unaltered without authorization, which SecurityX tests thr...
Episode 15 — Build Privacy Into Risk Decisions: Sovereignty, Biometrics, and Data Subject Rights
This episode shows how SecurityX expects you to integrate privacy into security risk decisions, especially when data types and jurisdictions introduce constraints that...
Episode 16 — Explain Compliance Impacts: Industry Requirements and Cross-Jurisdiction Realities
This episode prepares you for SecurityX questions that blend security architecture with compliance realities, where the correct answer is often the option that satisfi...
Episode 17 — Map Standards and Frameworks: PCI DSS, ISO/IEC 27000, SOC 2, NIST CSF, CIS, CSA
This episode teaches you how to map and translate standards and frameworks into a unified control language, which SecurityX frequently tests by asking you to choose th...
Episode 18 — Threat Modeling Like You Mean It: Actors, Motivations, Resources, Capabilities
This episode explains threat modeling as a practical way to predict likely attack paths and choose controls with intent, which SecurityX tests by presenting scenarios ...
Episode 19 — Threat Modeling Frameworks in Practice: ATT&CK, CAPEC, STRIDE, Kill Chain, OWASP
This episode teaches you how to use well-known threat modeling and adversary frameworks as working tools rather than memorized buzzwords, which is exactly how Security...