SY0-601 - CompTIA Security+: Basic Cryptography & Public Key Infrastructure

SY0-601 - CompTIA Security+: Basic Cryptography & Public Key Infrastructure

• discover the key concepts covered in this course
• contrast symmetric and asymmetric cryptosystems
• describe a cryptographic key including key length, strength, stretching, and perfect forward secrecy
• compare block cipher and stream cipher operations
• relate the functions and features of cryptographic hashing including hashed message authentication codes (HMAC)
• distinguish common key exchange mechanisms such as Diffie-Hellman and Diffie-Hellman ephemeral
• survey modes of operation including authenticated (AEAD), unauthenticated, and counter
• interpret advanced concepts such as quantum and post-quantum computing, blockchain, and homomorphic encryption
• recognize everyday use cases like confidentiality, integrity, obfuscation, authentication, and non-repudiation
• define several aspects of PKI including key management, certificate authority (CA), certificate revocation list (CRL), certificate attributes, the Online Certificate Status Protocol (OCSP) and certificate signing requests (CSR)
• classify different types of certificates such as wildcard, SAN, code signing, self-signed, machine/computer, email, user, root, domain validation, and extended validation, then survey certificate formats like Distinguished Encoding Rules (DER), Privacy-enhanced Mail (PEM), Personal Information Exchange (PFX), .cer, P12, and P7B
• identify core PKI concepts such as online, offline, stapling, pinning, key escrow, and certificate chaining
• summarize the key concepts covered in this course

To prepare for the CompTIA Security+ SY0-601 certification exam, you will need to be able to identify and describe basic cryptography concepts and their application in everyday use. You'll also need to recognize common aspects of Public Key Infrastructure (PKI). In this CompTIA Security+ SY0-601 course, you'll compare symmetric and asymmetric cryptography, recognize the characteristics of a cryptographic key, and contrast block and stream cipher operations. You'll explore the purpose and features of cryptographic hashing, common key exchange mechanisms, and various next-generation concepts such as lightweight cryptography, quantum and post-quantum computing, and homomorphic encryption. You'll move on to identify the main aspects and core concepts associated with Public Key Infrastructure (PKI). Finally, you'll distinguish several types of certificates and review different certificate formats.

SY0-601 - CompTIA Security+: Implementing Identity and Account Management & AAA Solutions

SY0-601 - CompTIA Security+: Implementing Identity and Account Management & AAA Solutions

• discover the key concepts covered in this course
• describe various identity controls such as identity providers, attributes, certificates, tokens, SSH keys, and smart cards
• define different account types as in user, shared, generic, guest, and service accounts
• configure common account policies for AWS Identity and Access Management
• describe advanced account policy methods such as time of day, network location, geofencing, geotagging, and geolocation
• describe various authentication management techniques like password keys, password vaults , TPM, HSM, and knowledge-based authentication
• survey common authentication protocols such as EAP-CHAP, password authentication protocol, 802.1x, and RADIUS
• survey protocols and services used for federation and single-sign-on like SAML 2.0, TACACS+, OAuth, OIDC, and Kerberos
• describe access control schemes like Attribute-based Access Control, Role-based Access Control, Rule-based Access Control, Mandatory Access Control, and Discretionary Access Control
• summarize the key concepts covered in this course

Identity and access management (IAM) is used to protect your data by ensuring the right users have access to the right resources. This CompTIA Security+ SY0-601 course covers various identity controls including identity providers, attributes, certifications, tokens, and SSH keys. It also discusses the use of different account types and common account policies, and authentication management techniques such as password keys, password vaults, TPM, HSM, and knowledge-based authentication. Finally, you learn about protocols and services used for federation and single sign-on, and access control schemes like ABAC, DAC, RBAC, and MAC. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

SY0-601 - CompTIA Security+: Implementing Secure Protocols & Application Security Solutions

SY0-601 - CompTIA Security+: Implementing Secure Protocols & Application Security Solutions

• discover the key concepts covered in this course
• describe an array of secure protocols including DNSSEC, SSH, S/MIME, SRTP, LDAPS, FTPS, SFTP, and SNMPv3
• describe IPsec in terms of Authentication Header (AH), Encapsulated Security Payload (ESP), and tunnel vs. transport mode
• list various use cases which include voice and video, time synchronization, email, web, file transfer, directory services, and remote access
• describe endpoint protection in terms of antivirus, anti-malware, RDE, DLP, next-generation firewalls, HIDS, and HIPS
• outline boot integrity mechanisms such as boot security/Unified Extensible Firmware Interface (UEFI), measured boot, and boot attestation
• recognize specific database security mechanisms like tokenization, salting, and hashing
• define various application security measures like input validations, secure cookies, code signing, whitelisting, and blacklisting
• describe hardening targets like open ports and services, registry, disk encryption, and patch management
• identify advanced application security techniques like self-encrypting drives (SED), full-disk encryption (FDE), Opal, hardware root of trust, Trusted Platform Module (TPM), and sandboxing
• summarize the key concepts covered in this course

In this CompTIA Security+ SY0-601 course, you'll explore a variety of core secure protocols.

You'll examine Domain Name System Security Extension (DNSSEC), SSH, Secure/Multipurpose Internet Mail Exchanger (S/MIME), Secure Real-time Protocol (SRTP), LDAPS, File Transfer Protocol Secure (FTPS), Secured File Transfer Protocol (SFTP), Simple Network Management Protocol version 3 (SNMPv3), Hypertext Transfer Protocol over SSL/TLS (HTTPS), IPsec, Authentication Header (AH), and Encapsulated Security Payload (ESP) and its tunnel/transport modes.

You'll move on to list several use cases for these concepts. You'll then describe endpoint protection, boot integrity mechanisms, database security mechanisms, and hardening targets. Finally, you'll identify several advanced application security techniques. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

SY0-601 - CompTIA Security+: Physical Security Controls

SY0-601 - CompTIA Security+: Physical Security Controls

• discover the key concepts covered in this course
• recognize different barrier types such as bollards, barricades, gates, and fences
• describe cameras and surveillance techniques such as CCTV, webcams, motion and object detection, and lighting
• recognize personnel controls such as guards, robot sentries, reception desks, and two-person integrity and control
• describe locks for physical security including biometric, electronic, physical, and cable locks
• recognize various methods and techniques for fire detection, suppression, and prevention including types of fire extinguishers
• recognize different types of sensors including motion detection, noise detection, proximity readers, moisture detection, and temperature sensors
• describe secure areas such as air gaps, vaults, safes, hot aisles, and cold aisles
• recognize methods for secure data disposition like burning, shredding, pulping, pulverizing, degaussing, and third-party solutions
• summarize the key concepts covered in this course

In this CompTIA Security+ SY0-601 course you will realize that real security begins with physical security. You will explore a wide array of physical security controls including bollards, barricades, and badges. You will discover the importance of controls like alarms, signage, cameras, motion recognition and detection. You will answer many questions about the security guards as well. Other important topics include locks, biometrics, lighting, fencing, fire suppression, sensors, motion detection, faraday cages, air gapping, and secure data destruction techniques. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

SY0-601 - CompTIA Security+: Analyzing Application & Network Attacks

SY0-601 - CompTIA Security+: Analyzing Application & Network Attacks

• discover the key concepts covered in this course
• describe privilege escalation and elevation techniques that exploit poor least privilege policies
• describe and compare cross-site scripting and cross-site request forgery, which are now the most common attacks against web services
• describe different injection attacks against SQL, DLLs, LDAP, and XML
• recognize a variety of coding attacks like pointer/object dereference, directory traversal, buffer overflows, and race conditions
• describe API attacks, the most common being against login credentials and authentication
• describe secure sockets layer stripping against web servers and pass the hash attacks against older version of Windows operating systems, which are still common in IoT and embedded devices
• define device driver manipulation in Windows and *nix systems including shimming and refactoring
• describe wireless attacks like evil twin, rogue access points, disassociation, and jamming
• define exploits where the attacker secretly relays and possibly alters communications between two parties who assume they are communicating with each other
• describe Layer 2 attacks such as ARP poisoning, MAC flooding, and MAC cloning
• define DNS attacks such as domain hijacking, DNS poisoning, and URL redirection
• describe DDoS attacks against the network, applications, and operational technology
• recognize malicious code or script execution targeting PowerShell, Python, Bash shells, macros, and Visual Basic for Applications
• summarize the key concepts covered in this course

It is crucial that you be able to recognize various application and network attacks and be able to protect your infrastructure from them. In this course, you'll learn to analyze different application attacks such as privilege escalation, cross-site scripting, request forgery, injection, code, and APIs. You'll also look at other attacks like SSL stripping, pass the hash, and driver manipulation. Then, you'll move on to explore a variety of network attacks, including wireless, man-in-the-middle, Layer 2, DNS, DDoS, and malicious code or script execution. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

SY0-601 - CompTIA Security+: Authentication & Authorization Design Concepts

SY0-601 - CompTIA Security+: Authentication & Authorization Design Concepts

• discover the key concepts covered in this course
• describe the attributes of AAA services including authentication and identity, authorization and access management, and accounting for audit and billing purposes
• compare character mode access for administrative actions to packet or network mode for mediated access services
• describe the importance of directory services such as Microsoft Active Directory, Azure AD, AWS Directory Services, and Apache Directory and their main attributes for security
• define federation and attestation including single-sign-on, trusted services, and secure tokens
• compare authentication technologies like time-based one-time password, HMAC-based one-time password, and SMS services
• describe various smart card solutions and applications for authentication and identity services
• recognize common and emerging biometric identity mechanisms including fingerprint, retina, iris, facial, and voice recognition
• describe multi-factor authentication as in something you know, something you have, and something you are
• compare the differences in authentication and authorization design in an on-premise environment and a cloud service provider environment
• summarize the key concepts covered in this course

Authentication and authorization are very closely related but have specific roles to play in security. In this CompTIA Security+ SY0-601 course you will explore authentication, authorization, and accounting (AAA) services, directory services, federation and attestation, smart-card and biometrics, and multi-factor authentication. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

SY0-601 - CompTIA Security+: Controls & Application Development, Deployment, & Automation

SY0-601 - CompTIA Security+: Controls & Application Development, Deployment, & Automation

• discover the key concepts covered in this course
• describe control categories as in administrative/managerial, operational/technical, and physical
• define various control types such as preventative, detective, corrective, deterrent, and compensating
• describe secure application environments as in development, testing, staging, and production
• compare provisioning and deprovisioning and methods for automation, containerization, and using predefined stacks and templates
• describe various forms of integrity measurement to enhance application security such as digitally signing code and API calls
• describe secure coding techniques like normalization, using stored procedures, obfuscation, and code reuse
• use the Open Web Application Security Project guidelines to secure web applications and services
• describe software diversity and how it relates specifically to compilers and binaries
• describe automation and scripting including continuous monitoring, validation, integration, delivery, and deployment
• summarize the key concepts covered in this course

This CompTIA Security+ course covers some of the most important topics in the entire training series. First, the learner will discover the NIST control categories used by CompTIA along with the five critical control types. The remainder of this course deals with vital security concepts related to application development, deployment, and automation. Other core topics include various DevOps environments, secure coding techniques, OWASP, software diversity and automation. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

SY0-601 - CompTIA Security+: Implementing Cybersecurity Resilience

SY0-601 - CompTIA Security+: Implementing Cybersecurity Resilience

• discover the key concepts covered in this course
• describe various redundancy concepts like geographic dispersal, RAID arrays, multipath, load balancers, and NIC teaming
• define common replication methods like storage area networking and virtual machines
• recognize backup types including full, incremental, differential, and snapshot
• describe non-persistence concepts as in Revert to Known State, Last Known Good Configuration, and live boot media
• define high availability concepts like redundancy and durability
• describe order of restoration when dealing with continuity of operations and resiliency measures in the enterprise
• recognize diversity concepts, which include technologies, vendors, crypto, and controls
• discover the key concepts covered in this course

In order to protect your enterprise assets, you should be familiar with and know how to apply key cybersecurity resiliency concepts. In this course, you'll learn about redundancy concepts like geographic dispersal, RAID, and NIC teaming. You'll explore replication methods like storage area networking and virtual machines. You'll move on to examine various backup types, including full, incremental, differential, and snapshot. Next, you'll look at non-persistence and high availability concepts. Finally, you'll learn about the order of restoration and diversity concepts. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

SY0-601 - CompTIA Security+: Implementing Secure Network Designs

SY0-601 - CompTIA Security+: Implementing Secure Network Designs

• discover the key concepts covered in this course
• define network segmentation and zoning concepts, such as a virtual local area network (VLAN), PVLAN, DMZ, east-west traffic, extranets, intranets, and zero-trust deployments
• describe various load balancing concepts and techniques, including active/active, active/passive, elastic, scheduling, virtual IP addresses, and persistence
• survey different VPN deployments, like always-on, split tunnel, full tunnel, remote access, site-to-site, IPsec, SSL/TLS, HTML5, and the Layer 2 Tunneling Protocol (L2TP)
• describe port security techniques, as in broadcast storm prevention, loop prevention, BPDU guard, DHCP snooping, and MAC filtering
• survey the features of firewalls, such as ACLs, WAF, next-generation, stateful vs. stateless, UTM, NAT gateways, content/URL filtering, hardware vs. software, and appliance vs. host-based vs. virtual
• compare various network appliance solutions, such as NAC, jump/bastion servers, proxy servers, NIDS, port mirroring/spanning, tapping, NIPS, signature-based vs. heuristic/behavior vs. anomaly, and inline vs. passive sensors, collectors, and aggregators
• describe various advanced networking solutions, like HSM, DNS, route security, QoS, IPv6 implications, next-gen monitoring and visibility, and file integrity monitoring
• summarize the key concepts covered in this course

Networking has always been one of the primary paths to becoming a security expert. This CompTIA Security+ SY0-601 course involves recognizing how to implement secure networking environments and designs.

In this course, you'll explore the concepts, techniques, and deployments involved in the following valuable network security technologies: load balancing, networking segmentation/zoning, and virtual private networks. Next, you'll examine several switch port security techniques, such as BPDU guard, DHCP snooping, and MAC filtering. You'll then recognize the various features of firewalls, such as ACLs and WAF, and compare network appliance solutions, such as port spanning, NAC, NIDS, and NIPS.

Finally, you'll outline advanced network environment solutions, like route security, IPv6, and next-gen monitoring. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

SY0-601 - CompTIA Security+: Incident Response, Digital Forensics, & Supporting Investigations

SY0-601 - CompTIA Security+: Incident Response, Digital Forensics, & Supporting Investigations

• discover the key concepts covered in this course
• describe incident response plans and processes, such as preparation, identification, containment, eradication, recovery, and lessons learned
• survey various types of incident response exercises, including tabletop, walkthroughs, and simulations
• compare the following attack frameworks: MITRE ATT&CK, the Diamond Model of Intrusion Analysis, and Cyber Kill Chain
• define different incident response plan types used by the IRT, such as communication, disaster recovery, business continuity, and continuity of operation planning (COOP)
• compare different types of forensic documentation and evidence, including legal holds, videos, admissibility issues, a chain of custody, and timelines of events in sequence
• describe the forensic acquisition concept, "order of volatility," and identify potential acquisition sources, such as disks, RAM, swap/pagefile, OS, firmware, and snapshots
• survey various forensic concepts, such as integrity, provenance, preservation, e-discovery, data recovery, non-repudiation, and strategic intelligence/counterintelligence
• summarize the key concepts covered in this course

To best support a digital forensic investigation, incident response teams need to be aware of the various incident response plans and processes available to them. In this CompTIA Security+ SYO-601 course, you'll start by exploring various incident response exercises, such as tabletop sessions, walkthroughs, and simulations. Then, you'll outline three fundamental attack frameworks: MITRE, The Diamond Model of Intrusion Analysis, and the Cyber Kill Chain.

Next, you'll examine different incident response plans types, including communication plans, disaster recovery plans, business continuity plans, and continuity of operation planning (COOP). You'll then identify key aspects of digital forensics, such as documentation/evidence, acquisition and integrity maintenance, preservation, e-discovery, data recovery, non-repudiation, and strategic intelligence and counterintelligence. Lastly, you'll outline how to utilize appropriate digital forensic data sources to support an investigation.

SY0-601 - CompTIA Security+: Monitoring, Visibility, & Reporting

SY0-601 - CompTIA Security+: Monitoring, Visibility, & Reporting

• discover the key concepts covered in this course
• examine common Windows logs, like security, application, and system logs
• outline how to use Linux logging utilities, such as systemd and auditd
• outline how to work with Wireshark's output
• describe the purpose of various AWS cloud computing services, such as CloudWatch, CloudTrail, and AWS Config
• recognize the importance of log aggregation and collection tools
• summarize the best practices and guidelines for dealing with visibility and reporting
• identify lessons learned and their relationship to AARs
• summarize the key concepts covered in this course

In this CompTIA Security+ SY0-601 course, you'll bring your existing security knowledge together to prepare the delivery of your work's output and results to executive management, C-suite, and other stakeholders. You'll start by exploring how to take advantage of Windows and Linux logging and monitoring. You'll then examine how to work with protocol analyzer output, cloud computing tools, and log aggregation and collection. Next, you'll identify some best practices and guidelines to use when working with visibility and reporting. Finally, you'll outline how to identify lessons learned and create after-action reports. This course is part of a series that prepares you for the CompTIA Security+ (SY0-601) exam.

SY0-601 - CompTIA Security+: Organizational Security Assessment tools & Mitigation Controls

SY0-601 - CompTIA Security+: Organizational Security Assessment tools & Mitigation Controls

• discover the key concepts covered in this course
• describe the following network reconnaissance and discovery tools: tracert/traceroute, nslookup/dig, ipconfig/ifconfig, Nmap, ping/pathping, hping, netstat, netcat, arp, route, curl, theHarvester, sn1per, DNSenum, Nessus, and Cuckoo
• compare the following packet capture and replay tools: Tcpreplay, Tcpdump, and Wireshark
• survey file manipulation tools, as in head, tail, cat, grep, chmod, and logger
• describe shell and script environments like SSH, PowerShell, Python, and OpenSSL
• compare various forensic tools like dd, Memdump, WinHex, FTK Imager, and Autopsy
• describe exploitation frameworks, exploitation kits, and various password crackers like John the Ripper and Cain
• describe methods for reconfiguring endpoint security solutions, like application whitelisting, blacklisting, and quarantine
• define configuration changes for mitigation, like firewall rules, MDM, DLP, content and URL filtering, and updating or revoking certificates
• describe the mitigation concepts of isolation, containment, and segmentation with popular use cases
• define the concept of secure orchestration, automation, and response (SOAR) and its associated runbooks and playbooks
• summarize the key concepts covered in this course

To prepare for the CompTIA Security+ SY0-601 certification exam, you will need to identify and describe popular organizational security assessment tools and risk mitigation controls. You will likely come across these tools at some point in your career, so prior knowledge of how these work and what they're used for will be highly beneficial.

In this CompTIA Security+ SY0-601 course, you'll explore the concept of network reconnaissance and discovery, and examine packet capture and replay, file manipulation, and forensic tools. You'll also identify shell and script environments, exploitation kits, and password crackers. You'll move on to recognize methods for reconfiguring endpoint security solutions and describe configuration changes for mitigation, the concepts of isolation, containment, and segmentation, and secure orchestration, automation, and response (SOAR) solutions. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

SY0-601 - CompTIA Security+: Risk Management, Privacy, & Sensitive Data Security

SY0-601 - CompTIA Security+: Risk Management, Privacy, & Sensitive Data Security

• discover the key concepts covered in this course
• compare risk types, such as internal, external, and multiparty
• describe risk management strategies, like acceptance, avoidance, transference, and mitigation
• define risk analysis terms, as in risk register, inherent risk, residual risk, and control risk
• list disasters and classify their types, such as environmental, human-made, and external
• describe business impact analysis concepts, like recovery time vs. recovery point objectives, mean time to repair, and mean time between failures, and outline a disaster recovery plan
• explore the consequences of breaches, such as fines and identity theft
• define various data type classifications, like public, sensitive, and critical
• compare different roles and responsibilities, as in data owners, controllers, processors, custodians, and stewards
• describe privacy-enhancing technologies, such as tokenization, data minimization and masking, and anonymization
• explore privacy concepts, like information's life cycle, impact assessment, terms of agreement, and privacy notices
• summarize the key concepts covered in this course

In this CompTIA Security+ SY0-601 course, you'll explore some advanced security concepts and build on some you may already know. The main topics you'll examine are risk management, privacy issues, and sensitive data management.

You'll start by recognizing the essential aspects and considerations of risk types, risk management strategies, risk analysis, and disasters. You'll then review the business impact analysis (BIA) aspect of business continuity planning. Moving on to sensitive data security, you'll identify privacy breach consequences, data classification types, and associated roles and responsibilities.

You'll also outline privacy protection measures, such as notifications of privacy breaches, privacy-enhancing technologies, and advanced privacy concepts, like impact assessments and privacy notices. This course is part of a series that prepares you for the CompTIA Security+ (SY0-601) exam.

SY0-601 - CompTIA Security+: Security Assessment & Penetration Testing Techniques

SY0-601 - CompTIA Security+: Security Assessment & Penetration Testing Techniques

• discover the key concepts covered in this course
• describe threat hunting concepts such as intelligence fusion, threat feeds, advisories, bulletins, and maneuvers
• survey vulnerability scanning terms like false positives, false negatives, and credentialed vs. non-credentialed
• define additional vulnerability scanning tools and techniques like common vulnerabilities and exposures (CVE), common vulnerability scoring system (CVSS), and configuration review
• compare syslog and SIEM system techniques such as review reports, packet captures, data inputs, user behavior analysis (UBA) and sentiment analysis
• describe the characteristics of security orchestration, automation, response (SOAR) systems
• describe pen testing terms such as white box, black box, and gray box
• survey fundamental methods for pen testing like lateral movement, privilege escalation, persistence, and pivoting
• describe passive reconnaissance as it relates to pen testing as in drones/unmanned aerial vehicle (UAV), war flying, and war driving
• describe active reconnaissance techniques such as footprinting
• compare exercise teams as in red, blue, white, and purple teams
• discover the key concepts covered in this course

It is important for security professionals to be aware of various security assessment and penetration testing techniques and methods. In this course, explore key assessment techniques like intelligence fusion, threat hunting, threat feeds, advisories and bulletins, vulnerability scans, and false positives/false negatives. You will also examine the fundamentals of penetration testing including black/blue/gray box methodologies, lateral movement , privilege escalation, persistence, and pivoting. Other topics include passive and active reconnaissance as well as the different exercise teams. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

SY0-601 - CompTIA Security+: Security Concepts in an Enterprise Environment

SY0-601 - CompTIA Security+: Security Concepts in an Enterprise Environment

• discover the key concepts covered in this course
• define change and configuration management concepts like diagram, baseline configurations, standard naming conventions, and documenting the IP schema
• describe data sovereignty, the conversion and storage of data in binary digital form, and how data is subject to the laws of the located country
• describe data protection including topics like data loss prevention, masking, and encryption
• identify key roles of hardware security modules (HSMs) in providing hardened, tamper-resistant devices that generate keys, encrypt and decrypt data, and create and verify digital signatures
• recognize geographic factors such as jurisdictions, privacy laws, import-export restrictions, and cryptographic regulations
• describe the on-premises or cloud-based CASB security policy enforcement points that are set between cloud service providers and their consumers
• compare response and recovery controls as a part of enterprise business continuity and disaster recovery
• describe SSL/TLS inspection accomplished by next-generation firewalls, WAF solutions, and other cloud-based techniques
• describe hashing and application programming interfaces and the importance of digitally signing all API calls
• describe types of site resiliency including hot site, cold site, and warm site solutions
• define deception and disruption techniques using honeypots, honey tokens, honeyfiles, honeynets, fake telemetry, and DNS sinkholes
• discover the key concepts covered in this course

As a security specialist, you need to be familiar with and apply a range of security concpets related to operating in an enterprise environment. In this course, you'll explore enterprise security factors like change and configuration management, as well as data sovereignty, protection, and loss prevention. You'll learn about hardware security modules, geographical considerations, cloud access security brokers. You'll move on to examine response and recovery controls, SSL/TLS inspection, and site resiliency. Finally, you'll learn about deception and disruption techniques using honeypots, honeyfiles, honeynets, fake telemetry, and DNS sinkholes. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

SY0-601 - CompTIA Security+: Security Policies, Regulations, Standards, & Frameworks

SY0-601 - CompTIA Security+: Security Policies, Regulations, Standards, & Frameworks

• discover the key concepts covered in this course
• describe personnel policies, like AUP, job rotation, mandatory vacations, separation of duties, least privilege, clean desk space, background checks, and non-disclosure agreements (NDAs)
• survey third-party risks concepts, such as vendors, supply chains, business partners, SLA, MOU, MSA, BPA, EOL, EOS, and NDA
• define data policies, like data classification, governance, and retention
• describe credential policies, including service accounts, administrator, and root accounts
• survey various organizational polices, such as change management , change control, and asset management
• define regulations, standards, and legislation, such as PCI-DSS, GDPR, and various national, territory, or state laws
• examine key frameworks like CIS, NIST, RMF/CSF, ISO 27001/27002/27701/31000, SSAE SOC 2 type II/III, and Cloud Security Alliance (CSA)
• survey various benchmarks and secure configuration guides, as in platform/vendor-specific guides for web servers, OS, application servers, and network infrastructure devices
• summarize the key concepts covered in this course

Whether you're an employee or contractor, this CompTIA Security+ SY0-601 course will have something you can use to improve the organizational security at your workplace. You'll start by examining security topics related to the hiring to release process, such as background checks and investigations, non-disclosure agreements, acceptable use policy, and onboarding and offboarding. You'll move on to explore further personnel policies, including job rotation, mandatory vacations, separation of duties, clean desk space, and social media usage. You'll then recognize some useful security awareness practices, such as phishing simulations, computer-based training, role-based training, and diversity training techniques. Finally, you'll identify various business agreements, account types, regulations, and governance, such as GDPR, PCI DSS, CIS, NIST, and ISO. This course is part of a series that prepares the learner for the CompTIA Security+ (SY0-601) exam.

SY0-601 - CompTIA Security+: Social Engineering Techniques & Attack Types

SY0-601 - CompTIA Security+: Social Engineering Techniques & Attack Types

• discover the key concepts covered in this course
• define different phishing attacks including spear phishing and whaling
• describe spam and its variants such as spim
• describe dumpster diving, shoulder surfing, pharming, and other exploits
• define types of scams, fraud, and hoaxes
• describe influence campaigns and disinformation initiatives
• describe reasons for effectiveness such as authority, intimidation, and scarcity
• describe various common malware attacks like viruses and worms
• recognize additional more complex malware attack types like fileless viruses, command and control bots, and crypto malware
• describe password attacks such as spraying, dictionary, and brute force
• describe physical attacks like malicious flash drives, card cloning, and skimming
• define adversarial AI as in tainted training data for machine learning
• describe damage done to organizations by targeting less-secure elements in the supply network
• compare cloud-based service provider malware attacks to on-premise attacks on the data center or enterprise edge
• describe cryptographic attacks such as birthday, collision, and downgrade
• summarize the key concepts covered in this course

Common attack types social engineers use target victims using a long list of examples such as phishing, smishing, vishing, pretexting, pharming, tailgaiting, and shoulder surfing. In this course, you'll learn about various social engineering techniques including types of phishing, hoaxes, and intelligence gathering. Then you'll move on to examine influence campaigns and the reasons for social engineering effectiveness. Next, you'll learn about malware attacks including password attacks, physical attacks, supply-chain, and cryptographic attacks. Finally, you'll explore adversarial AI, and cloud-based vs. on-premise attacks. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

SY0-601 - CompTIA Security+: Threat Actors, Intelligence Sources, & Vulnerabilities

SY0-601 - CompTIA Security+: Threat Actors, Intelligence Sources, & Vulnerabilities

• discover the key concepts covered in this course
• describe threats and threat actors like privileged insiders, state actors, hacktivists, script kiddies, and criminal syndicates
• define the attributes of actors such as internal, external, sophistication, capability, resources, funding, intent, and motivation
• compare threat vectors as in direct access, wireless, e-mail, supply chain, social media, removable media, and cloud-based
• survey intelligence sources like OSINT, proprietary, vulnerability databases, public or private information, sharing centers, and the dark web
• describe research sources as in vendor web sites, vulnerability feeds, conferences, academic journals, and request for comments
• compare cloud-based vs. on-premise vulnerabilities
• describe zero-day vulnerabilities as in computer-software threats that are unknown to, or unaddressed by, those who should be interested in mitigating the vulnerability, including the vendor of the target software
• survey weak configurations such as open permissions, unsecured root accounts, errors, weak encryption, and unsecure protocols
• define third-party risks including partner or vendor management, system integration, lack of vendor support, supply chain risk, and outsourced code development
• describe improper patch management for firmware, operating systems, and applications
• recognize legacy platforms and varied impacts like data leakage and loss, data breaches, data exfiltration, and identity theft
• discover the key concepts covered in this course

When guarding against threats and vulnerabilities, it is important to understand the various sources of threat and how to leverage intelligence sources to mitigate them. In this course, you'll learn about threat actors and threat vectors, attributes of threat actors and agents, threat intelligence sources such as OSINT and the dark web, and various research sources. Then, you'll move on to examine different types of vulnerabilities, including cloud-based and on-premises, zero-day, weak configurations, third-party risks, improper patch management, and legacy platforms. Finally, you'll examine various impacts such as data loss and data breach, as you prepare for the CompTIA Security+ SY0-601 certification exam.

SY0-601 - CompTIA Security+: Virtualization, Cloud Computing, and Cloud Cybersecurity Solutions

SY0-601 - CompTIA Security+: Virtualization, Cloud Computing, and Cloud Cybersecurity Solutions

• discover the key concepts covered in this course
• describe virtualization and VM security issues like VM sprawl avoidance and VM escape protection
• compare cloud models and service types such as public, private, hybrid, Infrastructure as a Service, Platform as a Service, and Software as a Service
• define cloud service provider concepts such as fog computing, edge computing, containers, and microservices
• describe Infrastructure as Code and automation using JSON and YAML to create a single source of truth
• describe containerization and different CSP-managed Docker and Kubernetes services
• define serverless computing and Functions as a Service for a variety of use cases
• define the cloud provider's transit gateways that use cloud computing to replace traditional VPN concentrators and legacy transit virtual networks
• describe cloud security of block and object storage services at the cloud service provider
• describe cloud security of virtual networks or virtual private clouds including public and private subnets and other segmentation methods
• describe cloud compute security including security groups, dynamic resource allocation, instance awareness, secure endpoints, and container security
• compare and contrast cloud security solutions such as CASB application security and next-generation secure web gateways
• summarize the key concepts covered in this course

In this course, you'll explore the basics of virtualization which is the foundation of modern data center cloud computing architecture. You will also learn about VM security, cloud computing types and models such as IaaS and hybrid clouds. You'll learn about managed security service providers (MSSPs), containerization fundamentals, serverless computing, and Infrastructure as Code. You'll also learn about cloud storage, network, and compute security solutions. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

SY0-601 - CompTIA Security+: Wireless, Mobile, & Embedded Device Security

SY0-601 - CompTIA Security+: Wireless, Mobile, & Embedded Device Security

• discover the key concepts covered in this course
• describe cryptographic and authentication protocols for wireless, like WPA2, WPA3, CCMP, SAE, EAP, PEAP, EAP-FAST, EAP-TLS, and EAP-TTLS
• survey wireless security methods such as PSK vs. enterprise vs. open, WPS, and captive portals
• describe installation considerations, as in site surveys, heat maps, Wi-Fi analysis, channel overlays, and WAP placement
• compare various mobile connection methods and receivers, such as cellular, WiFi, Bluetooth, NFC, infrared, USB, RFID, and GPS
• describe mobile device types, like MicroSD HSM and SEAndroid
• define mobile deployment models, as in BYOD, COPE, CYOD, corporate-owned, and VDI
• describe mobile device management concepts like MDM vs. MAM, content management, remote wipe, geofencing, geolocation, screen locks, push notifications, passwords, pins, and biometrics
• survey mobile enforcement and monitoring concepts, such as third-party app stores, rooting, jailbreaking, sideloading, custom firmware, carrier unlocking, and firmware OTA updates
• describe embedded system security, such as in raspberry pi, FPGA, and Arduino, and constraints such as power, compute, network, crypto, inability to patch, authentication, range, cost, and implied trust
• define SCADA security issues such as facilities, industrial, manufacturing, energy, and logistics
• compare IoT security like sensors, smart devices, facility automation, specialized systems, medical systems, vehicles, aircraft, and smart meters
• describe specialty systems like VoIP, HVAC, drones, AVs, MFP, RTOS, surveillance systems, SoC, 5g, narrow-band, baseband radio, and SIM cards
• summarize the key concepts covered in this course

This domain encompasses one of the most rapidly changing and evolving sets of technologies. It also represents one of the most significant changes from the previous Security+ exam. In this CompTIA Security+ SY0-601 course, you'll explore a broad range of communication solutions based on the fundamental aspects of wireless, mobile, and embedded system technology security.

You'll learn about a variety of specialized systems and concepts, including wireless cryptographic and authentication protocols, wireless security methods and installation, mobile connection methods and receivers, device types and deployment models, MDM and MAM, mobility enforcement and monitoring, and various embedded and specialized systems.

By gaining knowledge in these areas, you will be prepared for a career in the world's most cutting-edge industries. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

TestPrep SY0-601 CompTIA Security+