Course Summary
This CompTIA Security+ (SY0-701) course focuses on an understanding of computer topics such as how to install operating systems and applications and networking topics such as how to configure IP addressing and what a VLAN is. The CompTIA Security+ will help you prepare to succeed on the CompTIA Security+ exam by directly addressing the exams objectives as stated by CompTIA. Preparation hints and test-taking tips, helping you identify areas of weakness and improving both your conceptual knowledge and hands-on skills are shared.
Passing this exam fulfills your requirements for the CompTIA Security+ certification credential, proving that you have familiarity with computer security theory and hands-on knowledge.
Methodology:
180-day access to:
- Lessons
- Video learning
- Labs for CompTIA Security+ (SY0-701).
- MeasureUp Practice Test for CompTIA Security+ (SY0-701). Practice Mode with remediation and Certification mode to simulate the test day experience.
Duration:
Approximately 74 hours of primary course content. Each learner will progress at their own rate.
Audience:
Designed for anyone who wants to start or advance a career in computer security.
Prerequisites:
- Basic level of computer, networking, and organizational security knowledge.
- 2 or more years of IT administration experience, with an emphasis on hands-on and technical security concepts.
- CompTIA Network+ certification
Course Outline:
Upon successful completion of this course, students should be able to:
- Describe general security concepts
- Identify threats, vulnerabilities, and mitigations
- Explain security architecture
- Describe security operations
- Discuss security program management and oversight
Part I: General Security Concepts (4 hours and 48 minutes)
Lesson 1: Comparing and Contrasting the Various Types of Controls (24 minutes)
- Control Categories
- Control Types
- Summary
- Quiz
Lesson 2: Summarizing Fundamental Security Concepts (1 hours and 24 minutes)
- Confidentiality, Integrity, and Availability (CIA)
- Non – repudiation
- Authentication, Authorization, and Accounting (AAA)
- Gap Analysis
- Zero Trust
- Physical Security
- Deception and Disruption Technology
- Summary
- Quiz
Lesson 3: Understanding Change Management’s Security impact (48 minutes)
- Business Processes Impacting Security Operations
- Technical Implications
- Documentation
- Version Control
- Summary
- Quiz
Lesson 4: Understanding the Importance of Using Appropriate Cryptographic Solutions (2 hours and 12 minutes)
- Public Key Infrastructure (PKI)
- Encryption
- Tools
- Obfuscation
- Hashing
- Salting
- Digital Signatures
- Key Stretching
- Blockchain
- Open Public Ledger
- Certificates
- Summary
- Quiz
Part II: Threats, Vulnerabilities, and Mitigations (9 hours)
Lesson 5: Comparing and Contrasting Common Threat Actors and Motivations (48 minutes)
- Threat Actors
- Attributes of Actors
- Motivations
- War
- Summary
- Quiz
Lesson 6: Understanding Common Threat Vectors and Attack Surfaces (2 hours and 24 minutes)
- Message – Based
- Image – Based
- File – Based
- Voice Call
- Removable Device
- Vulnerable Software
- Unsupported Systems and Applications
- Unsecure Networks
- Open Service Ports
- Default Credentials
- Supply Chain
- Human Vectors/Social Engineering
- Summary
- Quiz
Lesson 7: Understanding Various Types of Vulnerabilities (2 hours and 12 minutes)
- Application
- Operating System (OS) – Based
- Web – Based
- Hardware
- Virtualization
- Cloud Specific
- Supply Chain
- Cryptographic
- Misconfiguration
- Mobile Device
- Zero – Day Vulnerabilities
- Summary
- Quiz
Lesson 8: Understanding Indicators of Malicious Activity (1 hour and 24 minutes)
- Malware Attacks
- Physical Attacks
- Network Attacks
- Application Attacks
- Cryptographic Attacks
- Password Attacks
- Indicators
- Summary
- Quiz
Lesson 9: Understanding the Purpose of Mitigation Techniques Used to Secure the Enterprise (2 hours and 12 minutes)
- Segmentation
- Access Control
- Application Allow List
- Isolation
- Patching
- Encryption
- Monitoring
- Least Privilege
- Configuration Enforcement
- Decommissioning
- Hardening Techniques
- Summary
- Quiz
Part IIII: Security Architecture (3 hours and 36 minutes)
Lesson 10: Comparing and Contrasting Security Implications of Different Architecture Models (24 minutes)
- Architecture and Infrastructure Concepts
- Considerations
- Summary
- Quiz
Lesson 11: Applying Security Principles to Secure Enterprise Infrastructure (36 minutes)
- Infrastructure Considerations
- Secure Communication/Access
- Selection of Effective Controls
- Summary
- Quiz
Lesson 12: Comparing and Contrasting Concepts and Strategies to Protect Data (48 minutes)
- Data Types
- Data Classifications
- General Data Considerations
- Methods to Secure Data
- Summary
- Quiz
Lesson 13: Understanding the Importance of Resilience and Recovery in Security Architecture (1 hour and 48 minutes)
- High Availability
- Site Considerations
- Platform Diversity
- Multi – Cloud System
- Continuity of Operations
- Capacity Planning
- Testing
- Backups
- Power
- Summary
- Quiz
Part IV: Security Operations (11 hours)
Lesson 14: Applying Common Security Techniques to Computing Resources (1 hour and 48 minutes)
- Secure Baselines
- Hardening Targets
- Wireless Devices
- Mobile Solutions
- Connection Methods
- Wireless Security Settings
- Application Security
- Sandboxing
- Monitoring
- Summary
- Quiz
Lesson 15: Understanding the Security Implications of Hardware, Software, and Data Asset Management (48 minutes)
- Acquisition/Procurement Process
- Assignment/Accounting
- Monitoring/Asset Tracking
- Disposal/Decommissioning
- Summary
- Quiz
Lesson 16: Understanding Various Activities Associated with Vulnerability Management (1 hour)
- Identification Methods
- Analysis
- Vulnerability Response and Remediation
- Validation of Remediation
- Reporting
- Summary
- Quiz
Lesson 17: Understanding Security Alerting and Monitoring Concepts and Tools (36 minutes)
- Monitoring and Computing Resources
- Activities
- Tools
- Summary
- Quiz
Lesson 18: Modifying Enterprise Capabilities to Enhance Security (2 hours and 24 minutes)
- Firewall
- IDS/IPS
- Web Filter
- Operating System Security
- Implementation of Secure Protocols
- DNS Filtering
- Email Security
- File Integrity Monitoring
- DLP
- Network Access Control (NAC)
- Endpoint Detection and Response (EDR)/Extended Detection and Response (XDR)
- User Behavior Analytics
- Summary
- Quiz
Lesson 19: Implementing and Maintaining Identity and Access Management (2 hours and 12 minutes)
- Provisioning/De – provisioning User Accounts
- Permission Assignments and Implications
- Identity Proofing
- Federation
- Single Sign – On (SSO)
- Interoperability
- Attestation
- Access Controls
- Multifactor Authentication (MFA)
- Password Concepts
- Privileged Access Management Tools
- Summary
- Quiz
Lesson 20: Understanding the Importance of Automation and Orchestration Related to Secure Operations (36 minutes)
- Use Cases of Automation and Scripting
- Benefits
- Other Considerations
- Summary
- Quiz
Lesson 21: Understanding Appropriate Incident Response Activities (1 hour and 12 minutes)
- Process
- Training
- Testing
- Root Cause Analysis
- Threat Hunting
- Digital Forensics
- Summary
- Quiz
Lesson 22: Using Data Sources to Support an Investigation (24 minutes)
- Log Data
- Data Sources
- Summary
- Quiz
Part V: Security Program Management and Oversight (7 hours and 36 minutes)
Lesson 23: Summarizing Elements of Effective Security Governance (1 hour and 36 minutes)
- Guidelines
- Policies
- Standards
- Procedures
- External Considerations
- Monitoring and Revision
- Types of Governance Structures
- Roles and Responsibilities for Systems and Data
- Summary
- Quiz
Lesson 24: Understanding Elements of the Risk Management Process (1 hour and 48 minutes)
- Risk Identification
- Risk Assessment
- Risk Analysis
- Risk Register
- Risk Tolerance
- Risk Appetite
- Risk Management Strategies
- Risk Reporting
- Business Impact Analysis
- Summary
- Quiz
Lesson 25: Understanding the Processes Associated with Third – Party Risk Assessment and Management (1 hour and 12 minutes)
- Vendor Assessment
- Vendor Selection
- Agreement Types
- Vendor Monitoring
- Questionnaires
- Rules of Engagement
- Summary
- Quiz
Lesson 26: Summarizing Elements of Effective Security Compliance (1 hour)
- Compliance Reporting
- Consequences of Non – compliance
- Compliance Monitoring
- Attestation and Acknowledgment
- Privacy
- Summary
- Quiz
Lesson 27: Understanding Types and Purposes of Audits and Assessments (48 minutes)
- Attestation
- Internal
- External
- Penetration Testing
- Summary
- Quiz
Lesson 28: Implementing Security Awareness Practices (1 hour and 12 minutes)
- Phishing
- Anomalous Behavior Recognition
- User Guidance and Training
- Reporting and Monitoring
- Development
- Execution
- Summary
- Quiz