CompTIA Security+ (Exam SY0-601)

CompTIA Security+ (Exam SY0-601)

4.15 (47 reviews)
Udemy
platform
English
language
IT Certification
category
214
students
11 hours
content
Apr 2022
last update
$54.99
regular price

What you will learn

Understand threats, attacks, and vulnerabilities

Analyze attacks

Learn about enterprise security architecture

Design authentication and authorization

Understand cloud and virtualization concepts

Secure application development and deployment

Implement physical security controls

Secure embedded and specialized systems

Learn about cryptographic concepts

Implement public key infrastructures

Implement secure networks

Implement secure mobile solutions

Implement secure hosts and identities

Use tools to assess security

Utilize data sources for investigation

Apply mitigation techniques

Learn about incident response and forensics

Understand governance, risk, and compliance

Description

Information and network security has become an important topic of discussion in recent times and the focus of almost every organization on information and network security is increasing with each passing day. This is primarily due to increased reliance on digital systems for day-to-day operations. There is a substantial amount of data residing on the digital systems that lures hackers and state actors towards illegally accessing and using it for monetary benefits and other political reasons.

This course prepares the candidates to appear in the CompTIA Security+ (SY0-601) exam. The CompTIA Security+ exam is a foundational exam for aspiring information security professionals and enables them to understand different threats, analyze attacks, learn cryptography, implement secure networks, devise operational procedures, perform forensic analysis and more to ensure integrity and protection of sensitive data.

This course also provides the basis to build on the knowledge gained and advance towards other professional certifications in the field of information and network security. This can be a great career move for young IT professionals to explore the in-demand network and information security arena.

The CompTIA Security+ is the premier vendor-neutral security certification. This preparatory course for the CompTIA Security+ certification exam assures that the students completely learn and understand the exam topics of the latest SY0-601 exam version. The students will be able to demonstrate their knowledge of security concepts, tools, and procedures. It also confirms their ability to react to security incidents, and validates their skills in anticipating security risks and guarding against them.

Overall, the course is very well designed to give a detailed overview of network and information security concepts and practical implications to the students. This helps them to appear in the CompTIA Security+ exam as well as polish their skills to improve their productivity in their jobs.

Content

Course Introduction

Course Introduction
Courseware Information
Instructor Introduction

Chapter 01 - Identifying Security Fundamentals

Identifying Security Fundamentals
Topic A: Identify Information Security Concepts
Information Security
Goals of Information Security
Risk
Vulnerabilities
Threats
Attacks
Controls
Types of Controls
The Security Management Process
Demo - Identifying Information Security Basics
Topic B: Identify Basic Security Controls
The CIA Triad
The CIA Triad (cont.)
Non-repudiation
Identification
Authentication
Authentication Factors
Authorization
Access Control
Accounting and Auditing
Principle of Least Privilege
Privilege Management
Demo - Identifying Basic Security Controls
Topic C: Identify Basic Authentication and Authorization Concepts
Passwords
Tokens
Biometrics
Geolocation
Keystroke Authentication
Multi-factor Authentication
Mutual Authentication
Demo - Identifying Basic Authentication and Authorization Concepts
Topic D: Identify Basic Cryptography Concepts
Cryptography
Encryption and Decryption
Encryption and Decryption (cont.)
Encryption and Security Goals
Ciphers
A Key
Symmetric Encryption
Asymmetric Encryption
Asymmetric Encryption ( cont.)
Hashing
Steganography
Demo - Identifying Basic Cryptography Concepts
Chapter 01 Review
chapter 01 - Quiz

Chapter 02 - Analyzing Risk

Analyzing Risk
Topic A: Analyze Organizational Risk
Risk Management
Components of Risk Analysis
Phases of Risk Analysis
Categories of Threat Types
Risk Analysis Methods
Risk Calculation
Risk Response Techniques
Risk Mitigation and Control Types
Change Management
Change Management (cont.)
Guidelines for Analyzing Risk
Demo - Analyzing Risks to the Organization
Topic B: Analyze the Business Impact of Risk
BIA
Impact Scenarios
Impact Scenarios (cont.1)
Impact Scenarios (cont.2)
Privacy Assessments
Critical Systems and Functions
Maximum Tolerable Downtime
Recovery Point Objective
Recovery Time Objective
Mean Time to Failure
Mean Time to Repair
Mean Time Between Failures
Guidelines for Performing a Business Impact Analysis
Demo - Performing a Business Impact Analysis
Chapter 02 Review
Chapter 02 - Quiz

Chapter 03 - Identifying Security Threats

Identifying Security Threats
Topic A: Identify Types of Attackers
Hackers and Attackers
Hackers and Attackers (cont.)
Threat Actors
Threat actors (cont.)
Threat Actor Attributes
Threat Actor Attributes (cont.)
Open-Source Intelligence
Demo - Identifying Types of Attackers
Topic B: Identify Social Engineering Attacks
Social Engineering
Social Engineering (cont.)
Effectiveness
Impersonation
Phishing and Related Attacks
Phishing and Related Attacks (cont.)
Hoaxes
Physical Exploits
Watering Hole Attacks
Demo - Identifying Social Engineering Attacks
Topic C: Identify Malware
Malicious Code
Malicious Code (cont.)
Viruses
Worms
Adware
Spyware
Trojan Horses
Keyloggers
Remote Access Trojans
Logic Bombs
Botnets
Bonets (cont.)
Ransomware
Ransomware (cont.)
Advance Persistent Threats
Demo - Identifying Types of Malware
Topic D: Identify Software-Based Threats
Software Attacks
Password Attacks
Types of Password Attacks
Types of Password Attacks (cont.)
Cryptographic Attacks
Types of Cryptographic Attacks
Types of Cryptographic Attacks (cont.)
Backdoor Attacks
Backdoor Attaxks (cont.)
Application Attacks
Application Attacks (cont.)
Types of Application Attacks
Driver Manipulation
Privilege Escalation
Privilege Escalation (cont.)
Demo - Identifying Password Attacks
Topic E: Identify Network-Based Threats
TCP/IP Basics
TCP/IP (cont.)
Spoofing Attacks
IP and MAC Address Spoofing
IP and MAC Address Spoofing (cont.)
ARP Poisoning
DNS Poisoning
Port Scanning Attacks
Port Scanning Attacks (cont.)
Scan Types
Scan Types (cont.)
Eavesdropping Attacks
Man-in-the-Middle Attacks
Man-in-the-Middle Attacks (cont.)
Man-in-the-Browser Attacks
Replay Attacks
Replay Attacks (cont.)
DoS Attacks
DDoS Attacks
Hijacking Attacks
Hijacking Attacks (cont.)
Amplification Attacks
Amplification Attacks (cont.)
Pass the Hash Attacks
Demo - Identifying Threats to DNS
Demo - Identifying Port Scanning Threats
Topic F: Identify Wireless Threats
Rogue Access Points
Evil Twins
Jamming
Bluejacking
Bluesnarfing
Near Field Communication Attacks
RFID System Attacks
War Driving, War Walking, and War Chalking
Packet Sniffing
IV Attacks
Wireless Replay Attacks
WEP and WPA Attacks
WPS Attacks
Wireless Disassociation
Demo - Identifying Wireless Threats
Topic G: Identify Physical Threats
Physical Threats and Vulnerabilities
Hardware Attacks
Environmental Threats and Vulnerabilities
Environmental Threats and Vulnerabilities (cont.)
Demo - Identifying Physical Threats
Chapter 03 Review
Chapter 03 - Quiz

Chapter 04 - Conducting Security Assessments

Conducting Security Assessments
Topic A: Identify Vulnerabilities
Host Vulnerabilities
Software Vulnerabilities
Encryption Vulnerabilities
Network Architecture Vulnerabilities
Account Vulnerabilities
Operations Vulnerabilities
Demo - Identifying Vulnerabilities
Topic B: Assess Vulnerabilities
Security Assessment
Security Assessment Techniques
Vulnerability Assessment Tools
Types of Vulnerability Scans
False Positives
Guidelines for Assessing Vulnerabilities
Demo - Capturing Network Data with Wireshark
Demo - Scanning for General Vulnerabilities
Topic C: Implement Penetration Testing
Penetration Testing
Penetration Testing Techniques
Box Testing Methods
Penetration Testing Tools
Guidelines for Implementing Penetration Testing
Demo - Implementing Penetration Testing
Chapter 04 Review
Chapter 04 - Quiz

Chapter 05 - Implementing Host and Software Security

Implementing Host and Software Security
Topic A: Implement Host Security
Hardening
Operating System Security
Operating System Hardening Techniques
Trusted Computing Base
Hardware and Firmware Security
Hardware and Firmware Security (cont.)
Security Baselines
Software Updates
Application Blacklisting and Whitelisting
Logging
Auditing
Anti-malware Software
Types of Anti-malware Software
Hardware Peripheral Security
Embedded Systems
Security Implications for Embedded Systems
Security Implications for Embedded System (cont.)
Guidelines for Securing Hosts
Demo - Implementing Auditing
Demo - Hardening a Server
Topic B: Implement Cloud and Virtualization Security
Virtualization
Hypervisors
Hypervisors (cont.)
Virtual Desktop Infrastructure
Virtualization Security
Cloud Computing
Cloud Deployment Models
Cloud Service Types
Guidelines for Securing Virtualized and Cloud-Based Resources
Demo - Securing Virtual Machine Networking
Topic C: Implement Mobile Device Security
Mobile Device Connection Methods
Mobile Device Connection Methods (cont.)
Mobile Device Management
Mobile Device Security Controls
Mobile Device Security Controls (cont.)
Mobile Device Monitoring and Enforcement
Mobile Device Monitoring and Enforcement (cont.)
Mobile Deployment Models
BYOD Security Controls
Guidelines for Implementing Mobile Device Security
Demo - Implementing Mobile Device Security
Topic D: Incorporate Security in the Software Development Lifecycle
Software Development Lifecycle
Software Development Models
DevOps
Versioning
Secure Coding Techniques
Secure Coding Techniques (cont.)
Code Testing Methods
Guidelines for Incorporating Security in the Software Development Lifecycle
Demo - Performing Static Code Analysis
Chapter 05 Review
Chapter 05 - Quiz

Chapter 06 - Implementing Network Security

Mobile Device Monitoring and Enforcement
Topic A: Configure Network Security Technologies
Network Components
Network Devices
Routers
Switches
Proxies
Firewalls
Load Balancer
Network Scanners and Analysis Tools
Intrusion Detection Systems
Network IDS
Intrusion Prevention Systems
Network IPS
Types of Network Monitoring Systems
Security Information and Event Management
Data Loss/Leak Prevention
Virtual Private Networks
VPN Concentrators
Security Gateways
Unified Threat Management
Guidelines for Configuring Network Security Technologies
Demo - Configuring a Network IDS
Topic B: Secure Network Design Elements
Network Access Control
Demilitarized Zones
Network Isolation
Network Isolation (cont.)
Virtual Local Area Networks
Virtual Local Area Networks (cont.)
Network Security Device Placement
Network Address Translation
Software-Defined Networking
Guidelines for Securing Network Design Elements
Demo - Securing Network Design Elements
Topic C: Implement Secure Networking Protocols and Services
The Open Systems Interconnection Model
OSI Model and Security
Internet Protocol Suite
Domain Name System
Hypertext Transfer Protocol
Secure Sockets Layer/Transport Layer Security
Secure Sockets Layer/Transport Layer Security (cont.)
HTTP Secure
Secure Shell
Simple Network Management Protocol
Real-Time Transport Protocol
Internet Control Message Protocol
Internet Protocol Security
Network Basic Input/Output System
File Transfer Protocols
Email Protocols
Additional Networking Protocols and Services
Ports and Port Ranges
Demo - Installing an Internet Information Services Web Server with Basic Securit
Demo - Securing Network Traffic Using IPSec
Topic D: Secure Wireless Traffic
Wireless Networks
Wireless Antenna Types
802.11 Protocols
Wireless Cryptographic Protocols
Wireless Authentication Protocols
VPNs and Open Wireless
Wireless Client Authentication Methods
Wireless Access Point Security
Captive Portals
Site Surveys
Guidelines for Securing Wireless Traffic
Demo - Securing Wireless Traffic
Chapter 06 Review
Chapter 06 - Quiz

Chapter 07 - Managing Identity and Access

Managing Identify and Access
Topic A: Implement Identity and Access Management
Identity and Access Management
Access Control Models
Physical Access Control Devices
Biometric Devices
Certificate-Based Authentication
File System and Database Access
Guidelines for Implementing IAM
Demo - Implementing DAC for a File Share
Topic B: Configure Directory Services
Directory Services
Directory Services (cont.)
Lightweight Directory Access Protocol
Secure LDAP
Common Directory Services
Demo - Backing Up Active Directory
Topic C: Configure Access Services
Remote Access Methods
Tunneling
Remote Access Protocols
HMAC-Based One-Time Password
Time-Based OTP
Password Authentication Protocol
Challenge-Handshake Authentication Protocol
NT LAN Manager
Authentication, Authorization, and Accounting
Remote Authentication Dial-In User Service
Remote Authentication Dial-In User Service (cont.)
Terminal Access Controller Access-Control System
Kerberos
Kerberos (Cont.)
Demo - Configuring a Remote Access Server
Demo - Setting Up Remote Access Authentication
Topic D: Manage Accounts
Account Management
Account Privileges
Account Types
Account Policy
Password Policy
Multiple Accounts
Shared Accounts
Account Management Security Controls
Credential Management
Group Policy
Identity Federation
Identity Federation Methods
Guidelines for Managing Accounts
Demo - Managing Accounts
Chapter 07 Review
Chapter 07 - Quiz

Chapter 08 - Implementing Cryptography

Implementing Crytography
Topic A: Identify Advanced Cryptography Concepts
Cryptography Elements
Hashing Concepts
Data States
Key Exchange
Key Exchange (cont.)
Digital Signatures
Digital Signatures (cont.)
Cipher Suites
Session Keys
Key Stretching
Special Considerations for Cryptography
Demo - Identifying Advanced Cryptographic Concepts
Topic B: Select Cryptographic Algorithms
Types of Ciphers
Types of Hashing Algorithms
Types of Symmetric Encryption Algorithms
Types of Asymmetric Encryption Techniques
Types of Key Stretching Algorithms
Substitution Ciphers
Exclusive Or
Cryptographic Modules
Demo - Selecting Cryptographic Algorithms
Topic C: Configure a Public Key Infrastructure
Public Key Infrastructure
PKI Components
CA Hierarchies
The Root CA
Subordinate CAs
Offline Root CAs
Types of Certificates
Types of Certificates (cont.)
X.509
Certificate File Formats
CA Hierarchy Design Options
Demo - Installing a CA
Demo - Securing a Windows Server 2016 CA
Topic D: Enroll Certificates
The Certificate Enrollment Process
The Certificate Lifecycle
Certificate Lifecycle Management
The SSL/TLS Connection Process
Demo - Enrolling Certificates
Demo - Securing Network Traffic with Certificates
Topic E: Back Up and Restore Certificates and Private Keys
Private Key Protection Methods
Key Escrow
Private Key Restoration Methods
Private Key Replacement
Demo - Backing Up a Certificate and Private Key
Demo - Restoring a Certificate and Private Key
Topic F: Revoke Certificates
Certificate Revocation
Certificate Revocation List
Certificate Revocation List (cont.)
Online Certificate Status Protocol
Demo - Revoking Certificates
Chapter 08 Review
Chapter 08 - Quiz

Screenshots

CompTIA Security+ (Exam SY0-601) - Screenshot_01CompTIA Security+ (Exam SY0-601) - Screenshot_02CompTIA Security+ (Exam SY0-601) - Screenshot_03CompTIA Security+ (Exam SY0-601) - Screenshot_04

Reviews

Paul
December 5, 2022
I'm finding more of the quizzes are asking questions not covered in the course content... looks like there will be more material that needs to be covered, so I feel misled.
Michael
January 21, 2020
the course could be better with interactive material other than just videos that i could stream on youtube. Its starting to seem like a waist of money.
Darrell
August 13, 2018
Course had good information overall. Some of it is a bit dated and there are too many grammatical errors that should have been caught. Even some of the acronyms are incorrect. Instructor did a good job making corrections during his speaking; however, still incorrect in the PDF's that will be used for later reference unless you print them out and update yourself.

Charts

Price

CompTIA Security+ (Exam SY0-601) - Price chart

Rating

CompTIA Security+ (Exam SY0-601) - Ratings chart

Enrollment distribution

CompTIA Security+ (Exam SY0-601) - Distribution chart
1607282
udemy ID
3/20/2018
course created date
11/22/2019
course indexed date
Bot
course submited by