CompTIA Security+ (SY0-601) Online Course
CompTIA Security+ (SY0-601) Online Course
Master the CompTIA Security+ Certification SY0-601 exam with this comprehensive course, which delves deeply into key concepts of risk management and the various types of risks involved. Explore important security standards like PCI DSS and the Cloud Controls Matrix (CCM) to understand the security controls needed to mitigate risks, both on-premises and in the cloud. Additionally, gain insights into data protection and the cryptographic techniques used to safeguard the critical keys essential for secure communication.
This course also covers various types of certificates, including web, email, code-signing, machine/computer, and user certificates. Dive into the "3 As" of IT security—authentication, authorization, and accounting/auditing—which are crucial for maintaining security. Understand how auditing activity helps ensure accountability for resource access, such as files on a file server or database entries. Additionally, explore strategies for securing dedicated systems, including those using IoT technologies.
Course Curriculum
Chapter 1 - Risk Management
- Introduction
- About the Security+ (SY0-601) Exam
- Defining Risk
- Threats and Vulnerabilities
- Threat Intelligence
- Risk Management Concepts
- Security Controls
- Risk Assessments and Treatments
- Quantitative Risk Assessments
- Qualitative Risk Assessments
- Business Impact Analysis
- Data Types and Roles
- Security and the Information Life Cycle
- Data Destruction
- Personnel Risk and Policies
- Third-Party Risk Management
- Agreement Types
- Chapter 1 Exam Question Review
- Wiping Disks with the dd Command Lab
Chapter 2 - Cryptography
- Cryptography Basics
- Data Protection
- Cryptographic Methods
- Symmetric Cryptosystems
- Symmetric Block Modes
- Asymmetric Cryptosystems
- Diffie-Hellman
- Hashing
- Understanding Digital Certificates
- Trust Models
- Public Key Infrastructure
- Certificate Types
- Touring Certificates
- Cryptographic Attacks
- Password Cracking
- Password Cracking Demo
- Chapter 2 Exam Question Review
- SSH Public Key Authentication Lab
Chapter 3 - Identity and Account Management
- Identification, Authentication, and Authorization
- Enabling Multifactor Authentication
- Authorization
- Accounting
- Authentication Methods
- Access Control Schemes
- Account Management
- Network Authentication
- Identity Management Systems
- Chapter 3 Exam Question Review
- Creating Linux Users and Groups Lab
Chapter 4 - Tools of the Trade
- Touring the CLI
- Shells
- The Windows Command Line
- Microsoft PowerShell
- Linux Shells
- Python Scripts
- Windows Command-Line Tools
- Linux Command-Line Tools
- Network Scanners
- Network Scanning with Nmap
- Network Protocol Analyzers
- Using Wireshark to Analyze Network Traffic
- Using tcpdump to Analyze Network Traffic
- Log Files
- Centralized Logging
- Configuring Linux Log Forwarding
- Chapter 4 Exam Question Review
- Linux Shell Script Lab
- Nmap Lab
- Chapter 4 Ask Me Anything (AMA)
Chapter 5 - Securing Individual Systems
- Malware
- Weak Configurations
- Common Attacks
- Driver and Overflow Attacks
- Password Attacks
- Bots and Botnets
- Disk RAID Levels
- Securing Hardware
- Securing Endpoints
- Chapter 3 Exam Question Review
- Linux Software RAID Lab
- Chapter 3 Ask Me Anything (AMA)
Chapter 6 - The Basic LAN
- The OSI Model
- ARP Cache Poisoning
- Other Layer 2 Attacks
- Network Planning
- Load Balancing
- Securing Network Access
- Honeypots
- Firewalls
- Proxy Servers
- Network and Port Address Translation
- IP Security (IPsec)
- Virtual Private Networks (VPNs)
- Intrusion Detection and Prevention Systems (IDS/IPS)
- Chapter 6 Exam Question Review
- Linux Snort IDS Lab
- Chapter 6 Ask Me Anything (AMA)
Chapter 7 - Securing Wireless LANs
- Wi-Fi Encryption Standards
- RFID, NFC, and Bluetooth
- Wi-Fi Coverage and Performance
- Wi-Fi Discovery and Attacks
- Cracking WPA2
- Wi-Fi Hardening
- Chapter 7 Exam Question Review
- WPA2 Cracking Lab
- Chapter 7 Ask Me Anything (AMA)
Chapter 8 - Securing Public Servers
- Defining a Public Server
- Common Attacks and Mitigations
- Containers and Software-Defined Networking
- Hypervisors and Virtual Machines
- Cloud Deployment Models
- Cloud Service Models
- Securing the Cloud
- Chapter 8 Exam Question Review
- Docker Container Lab
- Chapter 8 Ask Me Anything (AMA)
Chapter 9 - Securing Dedicated Systems
- Embedded Systems
- Industrial Control System (ICS)
- Internet of Things (IoT) Devices
- Connecting to Dedicated and Mobile Systems
- Security Constraints for Dedicated Systems
- Mobile Device Deployment and Hardening
- Chapter 9 Exam Question Review
- Smartphone Hardening Lab
- Chapter 9 Ask Me Anything (AMA)
Chapter 10 - Physical Security
- Physical Security Overview
- Physical Security
- Keylogger Demo
- Environmental Controls
- Chapter 10 Exam Question Review
- Physical Security Lab
- Chapter 10 Ask Me Anything (AMA)
Chapter 11- Securing Dedicated Systems
- DNS Security
- FTP Packet Capture
- Secure Web and E-mail
- Request Forgery Attacks
- Cross-Site Scripting Attacks
- Web Application Security
- Web App Vulnerability Scanning
- Chapter 11 Exam Question Review
- OWASP ZAP Web App Scan Lab
- Chapter 11 Ask Me Anything (AMA)
Chapter 12 - Testing Infrastructure
- Testing Infrastructure Overview
- Social Engineering
- Social Engineering Attacks
- Vulnerability Assessments
- Penetration Testing
- Security Assessment Tools
- The Metasploit Framework
- Chapter 12 Exam Question Review
- hping3 Forged Packet Lab
- Chapter 12 Ask Me Anything (AMA)
Chapter 13 - Dealing with Incidents
- Incident Response Overview
- Incident Response Plans (IRPs)
- Threat Analysis and Mitigating Actions
- Digital Forensics
- Gathering Digital Evidence
- Business Continuity and Alternate Sites
- Data Backup
- Chapter 13 Exam Question Review
- Autopsy Forensic Browser Lab
- Chapter 13 Ask Me Anything (AMA)
