Certified: The CompTIA SecurityX Audio Course

This episode teaches how to defend against firmware and physical tactics, techniques, and procedures that bypass many traditional controls, which SecurityX tests because real attackers use physical proximity, peripheral abuse, and firmware persistence to survive reimaging and evade detection. You’ll learn what shimming attacks look like in practice, why they can intercept authentication or manipulate boot processes, and how to reduce risk through secure boot, device integrity validation, and strong control of boot media and ports. USB attacks are covered beyond “don’t plug things in,” focusing on how devices can emulate keyboards, network adapters, or storage, and what practical defenses exist such as device control policies, port management, endpoint protections, and user workflow design that limits risky exceptions. BIOS/UEFI threats are explored as persistence mechanisms, including how firmware tampering can undermine operating system trust, and how firmware update policies, signed updates, and hardware-rooted verification support defense. Memory-focused risks are addressed at a conceptual level, including why sensitive secrets in memory matter, how certain attacks attempt to capture them, and what protections such as full disk encryption, secure credential storage, and privileged access controls can and cannot prevent. You’ll also learn how to answer exam scenarios by prioritizing controls that reduce physical exposure, strengthen boot integrity, and produce evidence when tampering is suspected. Produced by BareMetalCyber.com, where you’ll find more cyber audio courses, books, and information to strengthen your educational path. Also, if you want to stay up to date with the latest news, visit DailyCyber.News for a newsletter you can use, and a daily podcast you can commute with.