.png){kind=logo}
CompTIA Security+ (SY0-701)
This course includes
Lessons
TestPrep
Hands-On Labs
AI Tutor (Add-on)
Get the support you need. Enroll in our Instructor-Led Course.
Lessons
30+ Lessons | 521+ Exercises | 267+ Quizzes | 678+ Flashcards | 678+ Glossary of terms
TestPrep
90+ Pre Assessment Questions | 2+ Full Length Tests | 90+ Post Assessment Questions | 180+ Practice Test Questions
Hands-On Labs
48+ LiveLab | 48+ Video tutorials | 01:48+ Hours
1
Introduction
- Goals and Methods
- Who Should Read This Course?
- CompTIA Security+ Exam Topics
2
Comparing and Contrasting the Various Types of Controls
- Control Categories
- Control Types
- Review Key Topics
- Review Questions
3
Summarizing Fundamental Security Concepts
- Confidentiality, Integrity, and Availability (CIA)
- Non-repudiation
- Authentication, Authorization, and Accounting (AAA)
- Gap Analysis
- Zero Trust
- Physical Security
- Deception and Disruption Technology
- Review Key Topics
- Review Questions
4
Understanding Change Management’s Security Impact
- Business Processes Impacting Security Operations
- Technical Implications
- Documentation
- Version Control
- Review Key Topics
- Review Questions
5
Understanding the Importance of Using Appropriate Cryptographic Solutions
- Public Key Infrastructure (PKI)
- Encryption
- Transport/Communication
- Symmetric Versus Asymmetric Encryption
- Key Exchange
- Algorithms
- Key Length
- Tools
- Trusted Platform Module
- Hardware Security Module
- Key Management System
- Secure Enclave
- Obfuscation
- Steganography
- Hashing
- Salting
- Digital Signatures
- Key Stretching
- Blockchain
- Open Public Ledger
- Certificates
- Review Key Topics
- Review Questions
6
Comparing and Contrasting Common Threat Actors and Motivations
- Threat Actors
- Attributes of Actors
- Motivations
- War
- Review Key Topics
- Review Questions
7
Understanding Common Threat Vectors and Attack Surfaces
- Message-Based
- Image-Based
- File-Based
- Voice Call
- Removable Device
- Vulnerable Software
- Unsupported Systems and Applications
- Unsecure Networks
- Open Service Ports
- Default Credentials
- Supply Chain
- Human Vectors/Social Engineering
- Review Key Topics
- Review Questions
8
Understanding Various Types of Vulnerabilities
- Application
- Operating System (OS)–Based
- Web-Based
- Hardware
- Virtualization
- Cloud Specific
- Supply Chain
- Cryptographic
- Misconfiguration
- Mobile Device
- Zero-Day Vulnerabilities
- Review Key Topics
- Review Questions
9
Understanding Indicators of Malicious Activity
- Malware Attacks
- Physical Attacks
- Network Attacks
- Application Attacks
- Cryptographic Attacks
- Password Attacks
- Indicators
- Review Key Topics
- Review Questions
10
Understanding the Purpose of Mitigation Techniques Used to Secure the Enterprise
- Segmentation
- Access Control
- Isolation
- Patching
- Encryption
- Monitoring
- Least Privilege
- Configuration Enforcement
- Decommissioning
- Hardening Techniques
- Review Key Topics
- Review Questions
11
Comparing and Contrasting Security Implications of Different Architecture Models
- Architecture and Infrastructure Concepts
- Considerations
- Review Key Topics
- Review Questions
12
Applying Security Principles to Secure Enterprise Infrastructure
- Infrastructure Considerations
- Secure Communication/Access
- Selection of Effective Controls
- Review Key Topics
- Review Questions
13
Comparing and Contrasting Concepts and Strategies to Protect Data
- Data Types
- Data Classifications
- General Data Considerations
- Methods to Secure Data
- Review Key Topics
- Review Questions
14
Understanding the Importance of Resilience and Recovery in Security Architecture
- High Availability
- Site Considerations
- Platform Diversity
- Multi-Cloud System
- Continuity of Operations
- Capacity Planning
- Testing
- Backups
- Power
- Review Key Topics
- Review Questions
15
Applying Common Security Techniques to Computing Resources
- Secure Baselines
- Hardening Targets
- Wireless Devices
- Mobile Solutions
- Connection Methods
- Wireless Security Settings
- Application Security
- Sandboxing
- Monitoring
- Review Key Topics
- Review Questions
16
Understanding the Security Implications of Hardware, Software, and Data Asset Management
- Acquisition/Procurement Process
- Assignment/Accounting
- Monitoring/Asset Tracking
- Disposal/Decommissioning
- Review Key Topics
- Review Questions
17
Understanding Various Activities Associated with Vulnerability Management
- Identification Methods
- Analysis
- Vulnerability Response and Remediation
- Validation of Remediation
- Reporting
- Review Key Topics
- Review Questions
18
Understanding Security Alerting and Monitoring Concepts and Tools
- Monitoring and Computing Resources
- Activities
- Tools
- Review Key Topics
- Review Questions
19
Modifying Enterprise Capabilities to Enhance Security
- Firewall
- IDS/IPS
- Web Filter
- Operating System Security
- Implementation of Secure Protocols
- DNS Filtering
- Email Security
- File Integrity Monitoring
- DLP
- Network Access Control (NAC)
- Endpoint Detection and Response (EDR)/Extended Detection and Response (XDR)
- User Behavior Analytics
- Review Key Topics
- Review Questions
20
Implementing and Maintaining Identity and Access Management
- Provisioning/De-provisioning User Accounts
- Permission Assignments and Implications
- Identity Proofing
- Federation
- Single Sign-On (SSO)
- Interoperability
- Attestation
- Access Controls
- Multifactor Authentication (MFA)
- Password Concepts
- Privileged Access Management Tools
- Review Key Topics
- Review Questions
21
Understanding the Importance of Automation and Orchestration Related to Secure Operations
- Use Cases of Automation and Scripting
- Benefits
- Other Considerations
- Review Key Topics
- Review Questions
22
Understanding Appropriate Incident Response Activities
- Process
- Training
- Testing
- Root Cause Analysis
- Threat Hunting
- Digital Forensics
- Review Key Topics
- Review Questions
23
Using Data Sources to Support an Investigation
- Log Data
- Data Sources
- Review Key Topics
- Review Questions
24
Summarizing Elements of Effective Security Governance
- Guidelines
- Policies
- Standards
- Procedures
- External Considerations
- Monitoring and Revision
- Types of Governance Structures
- Roles and Responsibilities for Systems and Data
- Review Key Topics
- Review Questions
25
Understanding Elements of the Risk Management Process
- Risk Identification
- Risk Assessment
- Risk Analysis
- Risk Register
- Risk Tolerance
- Risk Appetite
- Risk Management Strategies
- Risk Reporting
- Business Impact Analysis
- Review Key Topics
- Review Questions
26
Understanding the Processes Associated with Third-Party Risk Assessment and Management
- Vendor Assessment
- Vendor Selection
- Agreement Types
- Vendor Monitoring
- Questionnaires
- Rules of Engagement
- Review Key Topics
- Review Questions
27
Summarizing Elements of Effective Security Compliance
- Compliance Reporting
- Consequences of Non-compliance
- Compliance Monitoring
- Attestation and Acknowledgment
- Privacy
- Review Key Topics
- Review Questions
28
Understanding Types and Purposes of Audits and Assessments
- Attestation
- Internal
- External
- Penetration Testing
- Review Key Topics
- Review Questions
29
Implementing Security Awareness Practices
- Phishing
- Anomalous Behavior Recognition
- User Guidance and Training
- Reporting and Monitoring
- Development
- Execution
- Review Key Topics
- Review Questions
30
Final Preparation
- Hands-on Activities
- Suggested Plan for Final Review and Study
- Summary
2
Summarizing Fundamental Security Concepts
- Identifying Access Badge Areas
- Implementing Physical Security
4
Understanding the Importance of Using Appropriate Cryptographic Solutions
- Examining PKI Certificates
- Creating Asymmetric Key Pairs
- Using Symmetric Encryption
- Using BitLocker in Windows 10
- Performing Steganography Using OpenStego
- Encrypting Files with EFS
- Creating Certificates with OpenSSL
6
Understanding Common Threat Vectors and Attack Surfaces
- Scanning the Network
- Using Social Engineering Techniques to Plan an Attack
7
Understanding Various Types of Vulnerabilities
- Exploiting a TOCTOU Vulnerability
- Exploiting an Overflow Vulnerability
- Examining Application Vulnerabilities
- Performing SQL Injection in DVWA
- Performing an XSS Attack in DVWA
- Detecting Virtualization
8
Understanding Indicators of Malicious Activity
- Opening OWASP ZAP and Starting Brute Force Attack
- Examining Spyware
- Spoofing a MAC Address with SMAC
- Launching a DoS Attack
- Observing an MD5-Generated Hash Value
- Conducting a Cross-Site Request Forgery Attack
- Cracking Passwords
- Cracking a Linux Password Using John the Ripper
9
Understanding the Purpose of Mitigation Techniques Used to Secure the Enterprise
- Using the chmod Command
11
Applying Security Principles to Secure Enterprise Infrastructure
- Implementing a Proxy Server
- Binding a Site Using IIS
- Configuring a VPN
- Examining Kerberos Settings
12
Comparing and Contrasting Concepts and Strategies to Protect Data
- Creating File Hashes
13
Understanding the Importance of Resilience and Recovery in Security Architecture
- Gathering Site Information
- Scheduling a Server Backup
14
Applying Common Security Techniques to Computing Resources
- Enforcing a Security Template
- Enforcing Password Policies
- Installing a RADIUS Server
17
Understanding Security Alerting and Monitoring Concepts and Tools
- Conducting Vulnerability Scanning Using Nessus
- Consulting a Vulnerability Database
18
Modifying Enterprise Capabilities to Enhance Security
- Configuring a Network Firewall
19
Implementing and Maintaining Identity and Access Management
- Examining Active Directory Objects
21
Understanding Appropriate Incident Response Activities
- Examining MITRE ATT&CK
- Completing the Chain of Custody
22
Using Data Sources to Support an Investigation
- Viewing Linux Event Logs
- Viewing Windows Event Logs
- Capturing Credentials On-Path
23
Summarizing Elements of Effective Security Governance
- Cracking Passwords Using Rainbow Tables
27
Understanding Types and Purposes of Audits and Assessments
- Using the theHarvester Tool
28
Implementing Security Awareness Practices
- Using Anti-Phishing Tools
