Dr. Jason Edwards
Certified: The CompTIA Security+ Audio Course
Certified - Security+ 701 is your completely free audio companion for mastering the CompTIA Security+ SY0-701 certification exam. Developed by BareMetalCyber.com, this immersive Audio Course transforms every domain of the official exam objectives into clear, practical, and exam-ready lessons you can learn anywhere—whether commuting, exercising, or studying at home. Each episode delivers focused explanations, real-world examples, and proven study strategies designed to build confidence and help you pass on your first attempt. Structured for busy professionals and new learners alike, the series...
Author
Dr. Jason Edwards
Category
Podcast website
Latest episode
Apr 28, 2026
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
New Security+ Course Now Available! (V8 SY0-801) 28.04.2026 0:46
The new CompTIA Security+ Course for 2026 is now online! Find it at: https://secv8.baremetalcyber.com/
Welcome to the SEC+ Audio Course 14.10.2025 1:54
Dive into a fast, no-fluff overview of what this podcast delivers, who it’s for, and how each episode helps you level up with practical, real-world takeaways. In this trailer, you’ll hear the show’s promise, the format you can expect, and a sneak peek at the kinds of stories, tips, and expert insights coming your way. Hit follow to get new episodes as they drop and start listening smarter from day...
Episode 221: Developing and Executing Security Awareness Programs (Domain 5) 16.06.2025 18:41
Security awareness programs don’t happen by accident—they’re built with intent, tested with feedback, and refined over time. In this final episode of the series, we walk through how to develop and execute a successful awareness program, from defining goals and identifying target audiences to choosing content formats and delivery methods. We discuss how to incorporate phishing simulations, microlea...
Episode 220: Security Reporting and Monitoring (Domain 5) 16.06.2025 18:01
A well-informed workforce should be empowered not just to avoid risk—but to report it. In this episode, we explore how organizations build clear, accessible reporting channels that encourage employees to share suspicious activity, policy violations, or near misses without fear of reprisal. We also examine how recurring reports—like monthly phishing metrics or training completion rates—can help mon...
Episode 219: Hybrid and Remote Work Security Awareness (Domain 5) 16.06.2025 17:16
Remote and hybrid work models create new layers of security complexity—blending corporate environments with home networks, personal devices, and cloud-first workflows. In this episode, we explore the core topics of remote work security awareness, starting with safe home Wi-Fi configurations, strong authentication, and VPN use for secure connections. We then discuss endpoint hardening for laptops a...
Episode 218: User Guidance and Training (Part 3) (Domain 5) 16.06.2025 17:32
Security training must evolve with the threat landscape—and that means addressing common but high-risk topics like removable media, social engineering, and operational security (OPSEC). In this episode, we explain how removable media—like USB drives and external hard drives—pose significant threats when plugged into unmanaged or infected systems. We also explore how cables, chargers, and other see...
Episode 217: User Guidance and Training (Part 2) (Domain 5) 16.06.2025 17:38
Beyond basic policy understanding, users need targeted training in key risk areas that attackers frequently exploit—especially insiders, passwords, and privileged access. In this episode, we focus on insider threat awareness, teaching employees how to recognize red flags like excessive access, unusual behavior, or data hoarding by peers. We also cover password management best practices: creating c...
Episode 216: User Guidance and Training (Part 1) (Domain 5) 16.06.2025 17:33
Users are often the first and last line of defense in cybersecurity, and their success depends on clear guidance and ongoing training. In this episode, we focus on policy awareness and handbooks, which provide employees with a foundational understanding of acceptable use, access controls, device handling, and reporting expectations. We explore how to develop and distribute effective security handb...
Episode 215: Anomalous Behavior Recognition (Domain 5) 16.06.2025 18:18
Cyber threats often hide in plain sight, masquerading as normal user activity until they trigger something unexpected—and that’s why recognizing anomalous behavior is such a valuable skill. In this episode, we explore how to identify risky, unexpected, or unintentional actions that may indicate insider threats, compromised accounts, or social engineering in progress. Examples include unusual file...
Episode 214: Effective Phishing Awareness (Domain 5) 16.06.2025 18:17
Phishing remains one of the most effective—and dangerous—forms of cyberattack because it targets people, not systems. In this episode, we explore how to build an effective phishing awareness program that trains employees to recognize and report suspicious messages before damage is done. We discuss how simulated phishing campaigns help reinforce training through experiential learning, and how metri...
Episode 213: Reconnaissance Techniques (Domain 5) 16.06.2025 17:59
Reconnaissance is the first phase of any attack—and the first opportunity for defenders to detect malicious intent. In this episode, we break down both passive and active reconnaissance techniques used by ethical hackers and adversaries alike. Passive recon relies on publicly available data, such as DNS records, social media, job postings, WHOIS data, or open-source intelligence (OSINT), to build...
Episode 212: Penetration Testing Environments (Domain 5) 16.06.2025 17:25
The value of a penetration test is closely tied to how realistic the environment is—and in this episode, we examine the types of environments in which pen tests are conducted: known, partially known, and unknown. A known environment test, also called white-box testing, gives the tester full knowledge of systems, code, or architecture—allowing them to focus on deep technical vulnerabilities. In par...
Episode 211: Fundamentals of Penetration Testing (Domain 5) 16.06.2025 18:14
Penetration testing goes beyond identifying vulnerabilities—it simulates real-world attacks to see how systems, defenses, and teams hold up under pressure. In this episode, we explore the foundational concepts of penetration testing, starting with physical tests that assess physical security through social engineering, badge cloning, or simulated intrusions. We then differentiate offensive testing...
Episode 210: External Audits and Assessments (Domain 5) 16.06.2025 18:40
External audits provide an independent review of an organization’s security and compliance posture, often driven by regulatory mandates, certification requirements, or contractual obligations. In this episode, we explore different types of external audits and assessments, starting with regulatory audits that evaluate adherence to laws like HIPAA, PCI-DSS, or SOX. We also cover independent third-pa...
Episode 209: Internal Audit Structures (Domain 5) 16.06.2025 18:43
The effectiveness of internal audits depends not just on what’s reviewed, but on how the audit function is structured within the organization. In this episode, we examine audit committees—teams responsible for planning, conducting, and overseeing internal audits to ensure objectivity and alignment with organizational goals. We discuss how committees bring together expertise from IT, legal, risk, a...
Episode 208: Attestation and Internal Audits (Domain 5) 16.06.2025 18:25
Attestation and internal audits are two of the most powerful tools for ensuring your security program is functioning as intended. In this episode, we start by exploring attestation—formal declarations that certify compliance with policies, procedures, or external frameworks. Attestations are used in vendor contracts, employee training, and system certifications, and they provide legally binding st...
Episode 207: Data Management and Compliance (Domain 5) 16.06.2025 17:24
Effective data management is critical for both operational success and regulatory compliance, and in this episode, we explore how organizations maintain control over what they collect, where it’s stored, and how long it’s retained. We begin with the concept of data ownership—assigning clear accountability for specific datasets to ensure someone is responsible for access controls, accuracy, and com...
Episode 206: Privacy and Legal Implications of Compliance (Domain 5) 16.06.2025 20:19
Privacy and compliance are deeply intertwined, especially as global regulations push organizations to safeguard personal data across jurisdictions. In this episode, we examine how privacy laws operate at local, national, and international levels—highlighting frameworks like GDPR in Europe and CCPA in California, and exploring how they shape data collection, processing, and sharing practices. We al...
Episode 205: Data Inventory, Retention, and the Right to Be Forgotten (Domain 5) 16.06.2025 18:43
Managing personal data effectively starts with knowing exactly what you have, where it lives, how long you keep it, and what rights users have over it. In this final episode, we explore how to build and maintain a data inventory that tracks types of data collected, processing activities, access permissions, and storage locations. We also discuss retention policies that define how long different ca...
Episode 204: Privacy Laws and Global Compliance (Domain 5) 16.06.2025 18:01
Data privacy is no longer just a legal issue—it’s a global business imperative, and this episode explores the complex and evolving landscape of privacy laws. We cover key regulations such as the European Union’s GDPR, California’s CCPA, Brazil’s LGPD, and other region-specific rules that govern how personal data is collected, processed, stored, and transferred. These laws define roles like data co...
Episode 203: Attestation and Acknowledgement in Compliance (Domain 5) 16.06.2025 19:08
Attestation and acknowledgement are critical for ensuring that individuals and third parties formally understand and accept their roles in maintaining security and compliance. In this episode, we explain how attestation involves signing a formal statement that certifies understanding or adherence—used in contexts like security training, policy acceptance, or vendor contract obligations. Acknowledg...
Episode 202: Consequences of Non-Compliance (Domain 5) 16.06.2025 19:31
Failing to meet regulatory or contractual obligations can carry severe consequences, both financially and reputationally. In this episode, we break down the real-world impacts of non-compliance—including fines, sanctions, lawsuits, contract termination, and loss of certifications or business licenses. We examine examples where organizations were penalized for data breaches, late disclosures, weak...
Episode 201: Effective Compliance Reporting (Domain 5) 16.06.2025 18:34
Compliance reporting ensures that an organization can demonstrate adherence to regulatory, contractual, and internal security requirements—and in this episode, we explore how to make it both accurate and efficient. We cover internal reporting practices, such as monthly compliance dashboards and policy enforcement summaries, as well as external reports prepared for auditors, regulators, and industr...
Episode 200: Ongoing Vendor Monitoring and Engagement (Domain 5) 16.06.2025 18:58
Vendor risk doesn’t stop after the contract is signed—ongoing monitoring and relationship management are critical for maintaining visibility and accountability. In this episode, we explore how organizations track vendor performance through periodic assessments, SLA reviews, compliance reports, and security questionnaires. We highlight how to use continuous monitoring tools and threat intelligence...
Episode 199: Agreement Types and Contractual Security (Domain 5) 16.06.2025 18:08
Contracts are one of the most powerful tools in managing cybersecurity obligations, and in this episode, we break down the types of agreements that define roles, responsibilities, and expectations with external parties. We cover Service-Level Agreements (SLAs), which outline performance and availability targets; Memorandums of Understanding (MOUs) and Memorandums of Agreement (MOAs), which define...
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.