Hot course
CompTIA Security+
CompTIA Security+ is a global certification that validates the baseline skills necessary to perform core security functions and pursue an IT security career.
Category
83
Students
enrolled
- Description
- Curriculum
CompTIA Security+ is a widely recognized certification that validates foundational cybersecurity skills and knowledge. It is ideal for IT professionals aiming to establish a career in cybersecurity or enhance their existing IT credentials.
Key Components:
-
Threats, Attacks, and Vulnerabilities:
- Understanding various types of cybersecurity threats, attacks (e.g., malware, phishing), and vulnerabilities in systems and networks.
- Implementing strategies to mitigate risks and protect against security breaches.
-
Technologies and Tools:
- Knowledge of essential cybersecurity technologies, including firewalls, encryption methods, and intrusion detection systems (IDS).
- Proficiency in using security assessment tools and techniques to evaluate system vulnerabilities.
-
Architecture and Design:
- Designing secure network architectures and implementing secure protocols (e.g., SSL/TLS).
- Understanding cloud computing security considerations and implementing secure virtualization technologies.
-
Identity and Access Management:
- Managing user identities, implementing access controls, and ensuring authentication and authorization mechanisms are secure.
- Understanding principles of least privilege and role-based access control (RBAC).
-
Risk Management:
- Identifying and assessing cybersecurity risks within an organization.
- Implementing risk mitigation strategies and maintaining security awareness among stakeholders.
-
Cryptography and PKI:
- Understanding cryptographic algorithms, techniques, and their applications in securing communications and data.
- Managing public key infrastructure (PKI) and digital certificates for secure authentication and data integrity.
Benefits of CompTIA Security+:
- Industry Recognition: Globally recognized certification that demonstrates competency in cybersecurity fundamentals.
- Career Advancement: Opens doors to various roles such as cybersecurity analyst, security consultant, and network administrator.
- Validation of Skills: Validates practical skills in securing IT infrastructure and mitigating cybersecurity risks, enhancing credibility in the field.
Applications:
- Cybersecurity Roles: Entry-level positions in cybersecurity operations, incident response, and penetration testing.
- IT Infrastructure Roles: Relevant for professionals involved in securing network infrastructure and systems administration.
- Government and Defense: Required or preferred certification for cybersecurity roles in government and defense sectors.
CompTIA Security+ certification prepares individuals to tackle cybersecurity challenges effectively, equipping them with essential skills to protect organizations from evolving cyber threats and vulnerabilities.
Course materials
2 items
Download all
Lesson 1: Summarize Fundamental Security Concepts
-
1
CompTIA CertMaster Learn for Security+ Exam SY0-701 -
2
Using CertMaster Learn
-
3
Lesson 1 Summarize Fundamental Security Concepts
-
4
Topic 1A Security Concepts
-
5
Information Security
-
6
Cybersecurity Framework
-
7
Gap Analysis
-
8
Access Control
-
9
Topic 1B Security Controls
-
10
Security Control Categories
-
11
Security Control Functional Types
-
12
Information Security Roles and Responsibilities
-
13
Information Security Competencies
-
14
Information Security Business Units
-
15
Lesson 1 Summary
-
16
Lesson 1: Summarize Fundamental Security Concepts
Lesson 2:Compare Threat Types
-
17
Lesson 2: Introduction & Objectives
-
18
Introduction: Threat Actors
-
19
Vulnerability, Threat, and Risk
-
20
Attributes of Threat Actors
-
21
Motivations of Threat Actors
-
22
Hackers and Hacktivists
-
23
Nation-State Actors
-
24
Organized Crime and Competitors
-
25
Internal Threat Actors
-
26
Topic 2B Attack Surfaces
-
27
Attack Surface and Threat Vectors
-
28
Vulnerable Software Vectors
-
29
Network Vectors
-
30
Lure-Based Vectors
-
31
Message-Based Vectors
-
32
Supply Chain Attack Surface
-
33
Topic 2C Social Engineering
-
34
Human Vectors
-
35
Impersonation and Pretexting
-
36
Phishing and Pharming
-
37
Typosquatting
-
38
Business Email Compromise
-
39
Lesson 2 Summary
-
40
Lesson 2: Compare Threat Types
Lesson 3 Explain Cryptographic Solutions
-
41
Lesson 3 Explain Cryptographic Solutions
-
42
Topic 3A Cryptographic Algorithms
-
43
Cryptographic Concepts
-
44
Symmetric Encryption
-
45
Key Length
-
46
Asymmetric Encryption
-
47
Hashing
-
48
Digital Signatures
-
49
Topic 3B Public Key Infrastructure
-
50
Certificate Authorities
-
51
Digital Certificates
-
52
Root of Trust
-
53
Certificate Signing Requests
-
54
Subject Name Attributes
-
55
Certificate Revocation
-
56
Key Management
-
57
Cryptoprocessors and Secure Enclaves
-
58
Key Escrow
-
59
Topic 3C Cryptographic Solutions
-
60
Encryption Supporting Confidentiality
-
61
Disk and File Encryption
-
62
Database Encryption
-
63
Transport Encryption and Key Exchange
-
64
Perfect Forward Secrecy
-
65
Salting and Key Stretching
-
66
Blockchain
-
67
Obfuscation
-
68
Lesson 3 Summary
-
69
Lesson 3: Explain Cryptographic Solutions
Lesson 4 Implement Identity and Access Management
-
70
Lesson 4: Introduction & Objectives
-
71
Topic 4A Authentication
-
72
Authentication Design
-
73
Password Concepts
-
74
Password Managers
-
75
Multifactor Authentication
-
76
Biometric Authentication
-
77
Hard Authentication Tokens
-
78
Soft Authentication Tokens
-
79
Passwordless Authentication
-
80
Topic 4B Authorization
-
81
Discretionary and Mandatory Access Control
-
82
Role- and Attribute-Based Access Control
-
83
Rule-Based Access Control
-
84
Least Privilege Permission Assignments
-
85
User Account Provisioning
-
86
Account Attributes and Access Policies
-
87
Account Restrictions
-
88
Privileged Access Management
-
89
Topic 4C Identity Management
-
90
Local, Network, and Remote Authentication
-
91
Directory Services
-
92
Single Sign-on Authentication
-
93
Single Sign-on Authorization
-
94
Federation
-
95
Security Assertion Markup Language
-
96
Open Authorization
-
97
Lesson 4 Summary
-
98
Lesson 4: Implement Identity and Access Management
Lesson 5 Secure Enterprise Network Architecture
-
99
Lesson 5: Introduction & Objectives
-
100
Topic 5A Enterprise Network Architecture
-
101
Architecture and Infrastructure Concepts
-
102
Network Infrastructure
-
103
Switching Infrastructure Considerations
-
104
Routing Infrastructure Considerations
-
105
Security Zones
-
106
Attack Surface
-
107
Port Security
-
108
Physical Isolation
-
109
Architecture Considerations
-
110
Topic 5B Network Security Appliances
-
111
Device Placement
-
112
Device Attributes
-
113
Firewalls
-
114
Layer 4 and Layer 7 Firewalls
-
115
Proxy Servers
-
116
Intrusion Detection Systems
-
117
Next-Generation Firewalls and Unified Threat Management
-
118
Load Balancers
-
119
Web Application Firewalls
-
120
Topic 5C Secure Communications
-
121
Remote Access Architecture
-
122
Transport Layer Security Tunneling
-
123
Internet Protocol Security Tunneling
-
124
Internet Key Exchange
-
125
Remote Desktop
-
126
Secure Shell
-
127
Out-of-Band Management and Jump Servers
-
128
Lesson 5 Summary
-
129
Lesson 5: Secure Enterprise Network Architecture
Lesson 6 Secure Cloud Network Architecture
-
130
Lesson 6 : Introduction & Objectives
-
131
Topic 6A Cloud Infrastructure
-
132
Cloud Deployment Models
-
133
Responsibility Matrix
-
134
Centralized and Decentralized Computing
-
135
Resilient Architecture Concepts
-
136
Application Virtualization and Container Virtualization
-
137
Cloud Architecture
-
138
Cloud Automation Technologies
-
139
Software Defined Networking
-
140
Cloud Architecture Features
-
141
Cloud Security Considerations
-
142
Topic 6B Embedded Systems and Zero Trust Architecture
-
143
Embedded Systems
-
144
Industrial Control Systems
-
145
Internet of Things
-
146
Deperimeterization and Zero Trust
-
147
Zero Trust Security Concepts
-
148
Lesson 6 Summary
-
149
Lesson 6: Secure Cloud Network Architecture
Lesson 7 Explain Resiliency and Site Security Concepts
-
150
Lesson 7 : Introduction & Objectives
-
151
Topic 7A Asset Management
-
152
Asset Tracking
-
153
Asset Protection Concepts
-
154
Data Backups
-
155
Advanced Data Protection
-
156
Secure Data Destruction
-
157
Topic 7B Redundancy Strategies
-
158
Continuity of Operations
-
159
Capacity Planning Risks
-
160
High Availability
-
161
Clustering
-
162
Power Redundancy
-
163
Diversity and Defense in Depth
-
164
Deception Technologies
-
165
Testing Resiliency
-
166
Topic 7C Physical Security
-
167
Physical Security Controls
-
168
Site Layout, Fencing, and Lighting
-
169
Gateways and Locks
-
170
Security Guards and Cameras
-
171
Alarm Systems and Sensors
-
172
Lesson 7 Summary
-
173
Lesson 7: Explain Resiliency and Site Security Concepts
Lesson 8 Explain Vulnerability Management
-
174
Lesson 8 : Introduction & Objectives
-
175
Topic 8A Device and OS Vulnerabilities
-
176
Operating System Vulnerabilities
-
177
Vulnerability Types
-
178
Zero-Day Vulnerabilities
-
179
Misconfiguration Vulnerabilities
-
180
Cryptographic Vulnerabilities
-
181
Sideloading, Rooting, and Jailbreaking
-
182
Topic 8B Application and Cloud Vulnerabilities
-
183
Application Vulnerabilities
-
184
Evaluation
-
185
Web Application Attacks
-
186
Cloud-based Application Attacks
-
187
Supply Chain
-
188
Topic 8C Vulnerability Identification Methods
-
189
Vulnerability Scanning
-
190
Threat Feeds
-
191
Deep and Dark Web
-
192
Other Vulnerability Assessment Methods
-
193
Topic 8D Vulnerability Analysis and Remediation
-
194
Common Vulnerabilities and Exposures
-
195
False Positives, False Negatives, and Log Review
-
196
Vulnerability Analysis
-
197
Vulnerability Response and Remediation
-
198
Lesson 8 Summary
-
199
Lesson 8: Explain Vulnerability Management
Lesson 9 Evaluate Network Security Capabilities
-
200
Lesson 9 : Introduction & Objectives
-
201
Topic 9A Network Security Baselines
-
202
Benchmarks and Secure Configuration Guides
-
203
Wireless Network Installation Considerations
-
204
Wireless Encryption
-
205
Wi-Fi Authentication Methods
-
206
Network Access Control
-
207
Topic 9B Network Security Capability Enhancement
-
208
Access Control Lists
-
209
Intrusion Detection and Prevention Systems
-
210
IDS and IPS Detection Methods
-
211
Web Filtering
-
212
Lesson 9 Summary
-
213
Lesson 9: Evaluate Network Security Capabilities
-
214
Snort Rules
Lesson 10 Assess Endpoint Security Capabilities
-
215
Lesson 10 Assess Endpoint Security Capabilities
-
216
Topic 10A Implement Endpoint Security
-
217
Endpoint Hardening
-
218
Endpoint Protection
-
219
Advanced Endpoint Protection
-
220
Endpoint Configuration
-
221
Hardening Techniques
-
222
Hardening Specialized Devices
-
223
Topic 10B Mobile Device Hardening
-
224
Mobile Hardening Techniques
-
225
Full Device Encryption and External Media
-
226
Location Services
-
227
Cellular and GPS Connection Methods
-
228
Wi-Fi and Tethering Connection Methods
-
229
Bluetooth Connection Methods
-
230
Near-Field Communications and Mobile Payment Services
-
231
Lesson 10 Summary
-
232
Lesson 10: Assess Endpoint Security Capabilities
Lesson 11 Enhance Application Security Capabilities
-
233
Lesson 11 Enhance Application Security Capabilities
-
234
Topic 11A Application Protocol Security Baselines
-
235
Secure Protocols
-
236
Transport Layer Security
-
237
Secure Directory Services
-
238
Simple Network Management Protocol Security
-
239
File Transfer Services
-
240
Email Services
-
241
Email Security
-
242
Email Data Loss Prevention
-
243
DNS Filtering
-
244
Topic 11B Cloud and Web Application Security Concepts
-
245
Secure Coding Techniques
-
246
Application Protections
-
247
Software Sandboxing
-
248
Lesson 11 Summary
-
249
Lesson 11: Enhance Application Security Capabilities
-
250
DNSSEC
Lesson 12 Explain Incident Response and Monitoring Concepts
-
251
Lesson 12 Explain Incident Response and Monitoring Concepts
-
252
Topic 12A Incident Response
-
253
Incident Response Processes
-
254
Preparation
-
255
Detection
-
256
Analysis
-
257
Containment
-
258
Eradication and Recovery
-
259
Lessons Learned
-
260
Testing and Training
-
261
Threat Hunting
-
262
Topic 12B Digital Forensics
-
263
Due Process and Legal Hold
-
264
Acquisition
-
265
System Memory Acquisition
-
266
Disk Image Acquisition
-
267
Preservation
-
268
Reporting
-
269
Topic 12C Data Sources
-
270
Data Sources, Dashboards, and Reports
-
271
Log Data
-
272
Host Operating System Logs
-
273
Application and Endpoint Logs
-
274
Network Data Sources
-
275
Packet Captures
-
276
Metadata
-
277
Topic 12D Alerting and Monitoring Tools
-
278
Security Information and Event Management
-
279
Alerting and Monitoring Activities
-
280
Alert Tuning
-
281
Monitoring Infrastructure
-
282
Monitoring Systems and Applications
-
283
Benchmarks
-
284
Lesson 12 Summary
-
285
Lesson 12: Explain Incident Response and Monitoring Concepts
Lesson 13 Analyze Indicators of Malicious Activity
-
286
Lesson 13 Analyze Indicators of Malicious Activity
-
287
Topic 13A Malware Attack Indicators
-
288
Malware Classification
-
289
Computer Viruses
-
290
Computer Worms and Fileless Malware
-
291
Spyware and Keyloggers
-
292
Backdoors and Remote Access Trojans
-
293
Rootkits
-
294
Ransomware, Crypto-Malware, and Logic Bombs
-
295
TTPs and IoCs
-
296
Malicious Activity Indicators
-
297
Topic 13B Physical and Network Attack Indicators
-
298
Physical Attacks
-
299
Network Attacks
-
300
Distributed Denial of Service Attacks
-
301
On-Path Attacks
-
302
Domain Name System Attacks
-
303
Wireless Attacks
-
304
Password Attacks
-
305
Credential Replay Attacks
-
306
Cryptographic Attacks
-
307
Malicious Code Indicators
-
308
Topic 13C Application Attack Indicators
-
309
Application Attacks
-
310
Replay Attacks
-
311
Forgery Attacks
-
312
Injection Attacks
-
313
Birthday Attacks -
314
Directory Traversal and Command Injection Attacks
-
315
URL Analysis
-
316
Web Server Logs
-
317
Lesson 13 Summary
-
318
Lesson 13: Analyze Indicators of Malicious Activity
Lesson 14 Summarize Security Governance Concepts
-
319
Lesson 14 Summarize Security Governance Concepts
-
320
Topic 14A Policies, Standards, and Procedures
-
321
Policies
-
322
Procedures
-
323
Standards
-
324
Legal Environment
-
325
Governance and Accountability
-
326
Topic 14B Change Management
-
327
Change Management Programs
-
328
Allowed and Blocked Changes
-
329
Restarts, Dependencies, and Downtime
-
330
Documentation and Version Control
-
331
Topic 14C Automation and Orchestration
-
332
Automation and Scripting
-
333
Automation and Orchestration Implementation
-
334
Lesson 14 Summary
-
335
Lesson 14: Summarize Security Governance Concepts
Lesson 15 Explain Risk Management Processes
-
336
Lesson 15 Explain Risk Management Processes
-
337
Topic 15A Risk Management Processes and Concepts
-
338
Risk Identification and Assessment
-
339
Risk Management Strategies
-
340
Risk Management Processes
-
341
Business Impact Analysis
-
342
Topic 15B Vendor Management Concepts
-
343
Vendor Selection
-
344
Vendor Assessment Methods
-
345
Legal Agreements
-
346
Topic 15C Audits and Assessments
-
347
Attestation and Assessments
-
348
Penetration Testing
-
349
Exercise Types
-
350
Lesson 15 Summary
-
351
Lesson 15: Explain Risk Management Processes
Lesson 16 Summarize Data Protection and Compliance Concepts
-
352
Lesson 16 Summarize Data Protection and Compliance Concepts
-
353
Topic 16A Data Classification and Compliance
-
354
Data Types
-
355
Data Classifications
-
356
Data Sovereignty and Geographical Considerations
-
357
Privacy Data
-
358
Privacy Breaches and Data Breaches
-
359
Compliance
-
360
Monitoring and Reporting
-
361
Data Protection
-
362
Data Loss Prevention
-
363
Topic 16B Personnel Policies
-
364
Conduct Policies
-
365
User and Role-Based Training
-
366
Training Topics and Techniques
-
367
Security Awareness Training Lifecycle
-
368
Lesson 16 Summary
-
369
Lesson 16: Summarize Data Protection and Compliance Concepts
