CompTIA Security+ (SY0-701)

(SY0-701.AB1) / ISBN : 978-1-64459-581-7
This course includes
Lessons
TestPrep
Hands-On Labs
AI Tutor (Add-on)
Get A Free Trial

About This Course

Skills You’ll Get

Get the support you need. Enroll in our Instructor-Led Course.

Lessons

30+ Lessons | 591+ Exercises | 267+ Quizzes | 678+ Flashcards | 678+ Glossary of terms

TestPrep

90+ Pre Assessment Questions | 2+ Full Length Tests | 90+ Post Assessment Questions | 180+ Practice Test Questions

Hands-On Labs

48+ LiveLab | 48+ Video tutorials | 01:48+ Hours

1

Introduction

  • Goals and Methods
  • Who Should Read This Course?
  • CompTIA Security+ Exam Topics
2

Comparing and Contrasting the Various Types of Controls

  • Control Categories
  • Control Types
  • Review Key Topics
  • Review Questions
3

Summarizing Fundamental Security Concepts

  • Confidentiality, Integrity, and Availability (CIA)
  • Non-repudiation
  • Authentication, Authorization, and Accounting (AAA)
  • Gap Analysis
  • Zero Trust
  • Physical Security
  • Deception and Disruption Technology
  • Review Key Topics
  • Review Questions
4

Understanding Change Management’s Security Impact

  • Business Processes Impacting Security Operations
  • Technical Implications
  • Documentation
  • Version Control
  • Review Key Topics
  • Review Questions
5

Understanding the Importance of Using Appropriate Cryptographic Solutions

  • Public Key Infrastructure (PKI)
  • Encryption
  • Transport/Communication
  • Symmetric Versus Asymmetric Encryption
  • Key Exchange
  • Algorithms
  • Key Length
  • Tools
  • Trusted Platform Module
  • Hardware Security Module
  • Key Management System
  • Secure Enclave
  • Obfuscation
  • Steganography
  • Hashing
  • Salting
  • Digital Signatures
  • Key Stretching
  • Blockchain
  • Open Public Ledger
  • Certificates
  • Review Key Topics
  • Review Questions
6

Comparing and Contrasting Common Threat Actors and Motivations

  • Threat Actors
  • Attributes of Actors
  • Motivations
  • War
  • Review Key Topics
  • Review Questions
7

Understanding Common Threat Vectors and Attack Surfaces

  • Message-Based
  • Image-Based
  • File-Based
  • Voice Call
  • Removable Device
  • Vulnerable Software
  • Unsupported Systems and Applications
  • Unsecure Networks
  • Open Service Ports
  • Default Credentials
  • Supply Chain
  • Human Vectors/Social Engineering
  • Review Key Topics
  • Review Questions
8

Understanding Various Types of Vulnerabilities

  • Application
  • Operating System (OS)–Based
  • Web-Based
  • Hardware
  • Virtualization
  • Cloud Specific
  • Supply Chain
  • Cryptographic
  • Misconfiguration
  • Mobile Device
  • Zero-Day Vulnerabilities
  • Review Key Topics
  • Review Questions
9

Understanding Indicators of Malicious Activity

  • Malware Attacks
  • Physical Attacks
  • Network Attacks
  • Application Attacks
  • Cryptographic Attacks
  • Password Attacks
  • Indicators
  • Review Key Topics
  • Review Questions
10

Understanding the Purpose of Mitigation Techniques Used to Secure the Enterprise

  • Segmentation
  • Access Control
  • Isolation
  • Patching
  • Encryption
  • Monitoring
  • Least Privilege
  • Configuration Enforcement
  • Decommissioning
  • Hardening Techniques
  • Review Key Topics
  • Review Questions
11

Comparing and Contrasting Security Implications of Different Architecture Models

  • Architecture and Infrastructure Concepts
  • Considerations
  • Review Key Topics
  • Review Questions
12

Applying Security Principles to Secure Enterprise Infrastructure

  • Infrastructure Considerations
  • Secure Communication/Access
  • Selection of Effective Controls
  • Review Key Topics
  • Review Questions
13

Comparing and Contrasting Concepts and Strategies to Protect Data

  • Data Types
  • Data Classifications
  • General Data Considerations
  • Methods to Secure Data
  • Review Key Topics
  • Review Questions
14

Understanding the Importance of Resilience and Recovery in Security Architecture

  • High Availability
  • Site Considerations
  • Platform Diversity
  • Multi-Cloud System
  • Continuity of Operations
  • Capacity Planning
  • Testing
  • Backups
  • Power
  • Review Key Topics
  • Review Questions
15

Applying Common Security Techniques to Computing Resources

  • Secure Baselines
  • Hardening Targets
  • Wireless Devices
  • Mobile Solutions
  • Connection Methods
  • Wireless Security Settings
  • Application Security
  • Sandboxing
  • Monitoring
  • Review Key Topics
  • Review Questions
16

Understanding the Security Implications of Hardware, Software, and Data Asset Management

  • Acquisition/Procurement Process
  • Assignment/Accounting
  • Monitoring/Asset Tracking
  • Disposal/Decommissioning
  • Review Key Topics
  • Review Questions
17

Understanding Various Activities Associated with Vulnerability Management

  • Identification Methods
  • Analysis
  • Vulnerability Response and Remediation
  • Validation of Remediation
  • Reporting
  • Review Key Topics
  • Review Questions
18

Understanding Security Alerting and Monitoring Concepts and Tools

  • Monitoring and Computing Resources
  • Activities
  • Tools
  • Review Key Topics
  • Review Questions
19

Modifying Enterprise Capabilities to Enhance Security

  • Firewall
  • IDS/IPS
  • Web Filter
  • Operating System Security
  • Implementation of Secure Protocols
  • DNS Filtering
  • Email Security
  • File Integrity Monitoring
  • DLP
  • Network Access Control (NAC)
  • Endpoint Detection and Response (EDR)/Extended Detection and Response (XDR)
  • User Behavior Analytics
  • Review Key Topics
  • Review Questions
20

Implementing and Maintaining Identity and Access Management

  • Provisioning/De-provisioning User Accounts
  • Permission Assignments and Implications
  • Identity Proofing
  • Federation
  • Single Sign-On (SSO)
  • Interoperability
  • Attestation
  • Access Controls
  • Multifactor Authentication (MFA)
  • Password Concepts
  • Privileged Access Management Tools
  • Review Key Topics
  • Review Questions
21

Understanding the Importance of Automation and Orchestration Related to Secure Operations

  • Use Cases of Automation and Scripting
  • Benefits
  • Other Considerations
  • Review Key Topics
  • Review Questions
22

Understanding Appropriate Incident Response Activities

  • Process
  • Training
  • Testing
  • Root Cause Analysis
  • Threat Hunting
  • Digital Forensics
  • Review Key Topics
  • Review Questions
23

Using Data Sources to Support an Investigation

  • Log Data
  • Data Sources
  • Review Key Topics
  • Review Questions
24

Summarizing Elements of Effective Security Governance

  • Guidelines
  • Policies
  • Standards
  • Procedures
  • External Considerations
  • Monitoring and Revision
  • Types of Governance Structures
  • Roles and Responsibilities for Systems and Data
  • Review Key Topics
  • Review Questions
25

Understanding Elements of the Risk Management Process

  • Risk Identification
  • Risk Assessment
  • Risk Analysis
  • Risk Register
  • Risk Tolerance
  • Risk Appetite
  • Risk Management Strategies
  • Risk Reporting
  • Business Impact Analysis
  • Review Key Topics
  • Review Questions
26

Understanding the Processes Associated with Third-Party Risk Assessment and Management

  • Vendor Assessment
  • Vendor Selection
  • Agreement Types
  • Vendor Monitoring
  • Questionnaires
  • Rules of Engagement
  • Review Key Topics
  • Review Questions
27

Summarizing Elements of Effective Security Compliance

  • Compliance Reporting
  • Consequences of Non-compliance
  • Compliance Monitoring
  • Attestation and Acknowledgment
  • Privacy
  • Review Key Topics
  • Review Questions
28

Understanding Types and Purposes of Audits and Assessments

  • Attestation
  • Internal
  • External
  • Penetration Testing
  • Review Key Topics
  • Review Questions
29

Implementing Security Awareness Practices

  • Phishing
  • Anomalous Behavior Recognition
  • User Guidance and Training
  • Reporting and Monitoring
  • Development
  • Execution
  • Review Key Topics
  • Review Questions
30

Final Preparation

  • Hands-on Activities
  • Suggested Plan for Final Review and Study
  • Summary

2

Summarizing Fundamental Security Concepts

  • Identifying Access Badge Areas
  • Implementing Physical Security
4

Understanding the Importance of Using Appropriate Cryptographic Solutions

  • Examining PKI Certificates
  • Creating Asymmetric Key Pairs
  • Using Symmetric Encryption
  • Using BitLocker in Windows 10
  • Performing Steganography Using OpenStego
  • Encrypting Files with EFS
  • Creating Certificates with OpenSSL
6

Understanding Common Threat Vectors and Attack Surfaces

  • Scanning the Network
  • Using Social Engineering Techniques to Plan an Attack
7

Understanding Various Types of Vulnerabilities

  • Exploiting a TOCTOU Vulnerability
  • Exploiting an Overflow Vulnerability
  • Examining Application Vulnerabilities
  • Performing SQL Injection in DVWA
  • Performing an XSS Attack in DVWA
  • Detecting Virtualization
8

Understanding Indicators of Malicious Activity

  • Opening OWASP ZAP and Starting Brute Force Attack
  • Examining Spyware
  • Spoofing a MAC Address with SMAC
  • Launching a DoS Attack
  • Observing an MD5-Generated Hash Value
  • Conducting a Cross-Site Request Forgery Attack
  • Cracking Passwords
  • Cracking a Linux Password Using John the Ripper
9

Understanding the Purpose of Mitigation Techniques Used to Secure the Enterprise

  • Using the chmod Command
11

Applying Security Principles to Secure Enterprise Infrastructure

  • Implementing a Proxy Server
  • Binding a Site Using IIS
  • Configuring a VPN
  • Examining Kerberos Settings
12

Comparing and Contrasting Concepts and Strategies to Protect Data

  • Creating File Hashes
13

Understanding the Importance of Resilience and Recovery in Security Architecture

  • Gathering Site Information
  • Scheduling a Server Backup
14

Applying Common Security Techniques to Computing Resources

  • Creating and Enforcing a Security Template
  • Enforcing Password Policies
  • Installing a RADIUS Server
17

Understanding Security Alerting and Monitoring Concepts and Tools

  • Conducting Vulnerability Scanning Using Nessus
  • Consulting a Vulnerability Database
18

Modifying Enterprise Capabilities to Enhance Security

  • Configuring a Network Firewall
19

Implementing and Maintaining Identity and Access Management

  • Examining Active Directory Objects
21

Understanding Appropriate Incident Response Activities

  • Examining MITRE ATT&CK
  • Completing the Chain of Custody
22

Using Data Sources to Support an Investigation

  • Viewing Linux Event Logs
  • Viewing Windows Event Logs
  • Capturing Credentials On-Path
23

Summarizing Elements of Effective Security Governance

  • Cracking Passwords Using Rainbow Tables
27

Understanding Types and Purposes of Audits and Assessments

  • Using the theHarvester Tool
28

Implementing Security Awareness Practices

  • Configuring an SSH Server

Related Courses

All Course
scroll to top