Course Summary

This CompTIA Security+ (SY0-701) course focuses on an understanding of computer topics such as how to install operating systems and applications and networking topics such as how to configure IP addressing and what a VLAN is. The CompTIA Security+ will help you prepare to succeed on the CompTIA Security+ exam by directly addressing the exams objectives as stated by CompTIA. Preparation hints and test-taking tips, helping you identify areas of weakness and improving both your conceptual knowledge and hands-on skills are shared.

Passing this exam fulfills your requirements for the CompTIA Security+ certification credential, proving that you have familiarity with computer security theory and hands-on knowledge.

Methodology:

180-day access to:

  • Lessons
  • Video learning
  • Labs for CompTIA Security+ (SY0-701).
  • MeasureUp Practice Test for CompTIA Security+ (SY0-701). Practice Mode with remediation and Certification mode to simulate the test day experience.
Duration: 

Approximately 74 hours of primary course content. Each learner will progress at their own rate.

Audience: 

Designed for anyone who wants to start or advance a career in computer security.

Prerequisites:
  • Basic level of computer, networking, and organizational security knowledge.
  • 2 or more years of IT administration experience, with an emphasis on hands-on and technical security concepts.
  • CompTIA Network+ certification
Course Outline: 

Upon successful completion of this course, students should be able to:

  • Describe general security concepts
  • Identify threats, vulnerabilities, and mitigations
  • Explain security architecture
  • Describe security operations
  • Discuss security program management and oversight

Part I: General Security Concepts (4 hours and 48 minutes)

Lesson 1: Comparing and Contrasting the Various Types of Controls (24 minutes)

  • Control Categories
  • Control Types
  • Summary
  • Quiz

Lesson 2: Summarizing Fundamental Security Concepts (1 hours and 24 minutes)

  • Confidentiality, Integrity, and Availability (CIA)
  • Non – repudiation
  • Authentication, Authorization, and Accounting (AAA)
  • Gap Analysis
  • Zero Trust
  • Physical Security
  • Deception and Disruption Technology
  • Summary
  • Quiz

Lesson 3: Understanding Change Management’s Security impact (48 minutes)

  • Business Processes Impacting Security Operations
  • Technical Implications
  • Documentation
  • Version Control
  • Summary
  • Quiz

Lesson 4: Understanding the Importance of Using Appropriate Cryptographic Solutions (2 hours and 12 minutes)

  • Public Key Infrastructure (PKI)
  • Encryption
  • Tools
  • Obfuscation
  • Hashing
  • Salting
  • Digital Signatures
  • Key Stretching
  • Blockchain
  • Open Public Ledger
  • Certificates
  • Summary
  • Quiz

Part II: Threats, Vulnerabilities, and Mitigations (9 hours)

Lesson 5: Comparing and Contrasting Common Threat Actors and Motivations (48 minutes)

  • Threat Actors
  • Attributes of Actors
  • Motivations
  • War
  • Summary
  • Quiz

Lesson 6: Understanding Common Threat Vectors and Attack Surfaces (2 hours and 24 minutes)

  • Message – Based
  • Image – Based
  • File – Based
  • Voice Call
  • Removable Device
  • Vulnerable Software
  • Unsupported Systems and Applications
  • Unsecure Networks
  • Open Service Ports
  • Default Credentials
  • Supply Chain
  • Human Vectors/Social Engineering
  • Summary
  • Quiz

Lesson 7: Understanding Various Types of Vulnerabilities (2 hours and 12 minutes)

  • Application
  • Operating System (OS) – Based
  • Web – Based
  • Hardware
  • Virtualization
  • Cloud Specific
  • Supply Chain
  • Cryptographic
  • Misconfiguration
  • Mobile Device
  • Zero – Day Vulnerabilities
  • Summary
  • Quiz

Lesson 8: Understanding Indicators of Malicious Activity (1 hour and 24 minutes)

  • Malware Attacks
  • Physical Attacks
  • Network Attacks
  • Application Attacks
  • Cryptographic Attacks
  • Password Attacks
  • Indicators
  • Summary
  • Quiz

Lesson 9: Understanding the Purpose of Mitigation Techniques Used to Secure the Enterprise (2 hours and 12 minutes)

  • Segmentation
  • Access Control
  • Application Allow List
  • Isolation
  • Patching
  • Encryption
  • Monitoring
  • Least Privilege
  • Configuration Enforcement
  • Decommissioning
  • Hardening Techniques
  • Summary
  • Quiz

Part IIII: Security Architecture (3 hours and 36 minutes)

Lesson 10: Comparing and Contrasting Security Implications of Different Architecture Models (24 minutes)

  • Architecture and Infrastructure Concepts
  • Considerations
  • Summary
  • Quiz

Lesson 11: Applying Security Principles to Secure Enterprise Infrastructure (36 minutes)

  • Infrastructure Considerations
  • Secure Communication/Access
  • Selection of Effective Controls
  • Summary
  • Quiz

Lesson 12: Comparing and Contrasting Concepts and Strategies to Protect Data (48 minutes)

  • Data Types
  • Data Classifications
  • General Data Considerations
  • Methods to Secure Data
  • Summary
  • Quiz

Lesson 13: Understanding the Importance of Resilience and Recovery in Security Architecture (1 hour and 48 minutes)

  • High Availability
  • Site Considerations
  • Platform Diversity
  • Multi – Cloud System
  • Continuity of Operations
  • Capacity Planning
  • Testing
  • Backups
  • Power
  • Summary
  • Quiz

Part IV: Security Operations (11 hours)

Lesson 14: Applying Common Security Techniques to Computing Resources (1 hour and 48 minutes)

  • Secure Baselines
  • Hardening Targets
  • Wireless Devices
  • Mobile Solutions
  • Connection Methods
  • Wireless Security Settings
  • Application Security
  • Sandboxing
  • Monitoring
  • Summary
  • Quiz

Lesson 15: Understanding the Security Implications of Hardware, Software, and Data Asset Management (48 minutes)

  • Acquisition/Procurement Process
  • Assignment/Accounting
  • Monitoring/Asset Tracking
  • Disposal/Decommissioning
  • Summary
  • Quiz

Lesson 16: Understanding Various Activities Associated with Vulnerability Management (1 hour)

  • Identification Methods
  • Analysis
  • Vulnerability Response and Remediation
  • Validation of Remediation
  • Reporting
  • Summary
  • Quiz

Lesson 17: Understanding Security Alerting and Monitoring Concepts and Tools (36 minutes)

  • Monitoring and Computing Resources
  • Activities
  • Tools
  • Summary
  • Quiz

Lesson 18: Modifying Enterprise Capabilities to Enhance Security (2 hours and 24 minutes)

  • Firewall
  • IDS/IPS
  • Web Filter
  • Operating System Security
  • Implementation of Secure Protocols
  • DNS Filtering
  • Email Security
  • File Integrity Monitoring
  • DLP
  • Network Access Control (NAC)
  • Endpoint Detection and Response (EDR)/Extended Detection and Response (XDR)
  • User Behavior Analytics
  • Summary
  • Quiz

Lesson 19: Implementing and Maintaining Identity and Access Management (2 hours and 12 minutes)

  • Provisioning/De – provisioning User Accounts
  • Permission Assignments and Implications
  • Identity Proofing
  • Federation
  • Single Sign – On (SSO)
  • Interoperability
  • Attestation
  • Access Controls
  • Multifactor Authentication (MFA)
  • Password Concepts
  • Privileged Access Management Tools
  • Summary
  • Quiz
  •  

Lesson 20: Understanding the Importance of Automation and Orchestration Related to Secure Operations (36 minutes)

  • Use Cases of Automation and Scripting
  • Benefits
  • Other Considerations
  • Summary
  • Quiz

Lesson 21: Understanding Appropriate Incident Response Activities (1 hour and 12 minutes)

  • Process
  • Training
  • Testing
  • Root Cause Analysis
  • Threat Hunting
  • Digital Forensics
  • Summary
  • Quiz

Lesson 22: Using Data Sources to Support an Investigation (24 minutes)

  • Log Data
  • Data Sources
  • Summary
  • Quiz

Part V: Security Program Management and Oversight (7 hours and 36 minutes)

Lesson 23: Summarizing Elements of Effective Security Governance (1 hour and 36 minutes)

  • Guidelines
  • Policies
  • Standards
  • Procedures
  • External Considerations
  • Monitoring and Revision
  • Types of Governance Structures
  • Roles and Responsibilities for Systems and Data
  • Summary
  • Quiz

Lesson 24: Understanding Elements of the Risk Management Process (1 hour and 48 minutes)

  • Risk Identification
  • Risk Assessment
  • Risk Analysis
  • Risk Register
  • Risk Tolerance
  • Risk Appetite
  • Risk Management Strategies
  • Risk Reporting
  • Business Impact Analysis
  • Summary
  • Quiz

Lesson 25: Understanding the Processes Associated with Third – Party Risk Assessment and Management (1 hour and 12 minutes)

  • Vendor Assessment
  • Vendor Selection
  • Agreement Types
  • Vendor Monitoring
  • Questionnaires
  • Rules of Engagement
  • Summary
  • Quiz

Lesson 26: Summarizing Elements of Effective Security Compliance (1 hour)

  • Compliance Reporting
  • Consequences of Non – compliance
  • Compliance Monitoring
  • Attestation and Acknowledgment
  • Privacy
  • Summary
  • Quiz

Lesson 27: Understanding Types and Purposes of Audits and Assessments (48 minutes)

  • Attestation
  • Internal
  • External
  • Penetration Testing
  • Summary
  • Quiz

Lesson 28: Implementing Security Awareness Practices (1 hour and 12 minutes)

  • Phishing
  • Anomalous Behavior Recognition
  • User Guidance and Training
  • Reporting and Monitoring
  • Development
  • Execution
  • Summary
  • Quiz