CompTIA Security+ (Exam SYO-501)

Identifying Security Fundamentals

Description: In this module, you will learn to identify information security concepts, basic security controls, basic authentication and authorization, as well as basic cryptography concepts.

• Topic A: Identify Information Security Concepts
• Topic A - Demo 1 - Identifying Information Security Basics
• Topic B: Identify Basic Security Controls
• Topic B - Demo 1 - Identifying Basic Security Controls
• Topic C: Identify Basic Authentication and Authorization Concepts
• Topic C - Demo 1 - Identifying Basic Authentication and Authorization Concepts
• Topic D: Identify Basic Cryptography Concepts
• Topic D - Demo 1 - Identifying Basic Cryptography Concepts
• Assessment: Review Quiz

Analyzing Risk

Description: In this module, you will learn about analyzing the organizational and business impact of risks. The process of identifying risks, analyzing them, developing a response strategy for them, and mitigating their future impact is all part of being a security professional.

• Topic A: Analyze Organizational Risk
• Topic A - Demo 1 - Analyzing Risks to the Organization
• Topic B: Analyze the Business Impact of Risk
• Topic B - Demo 1 - Performing a Business Impact Analysis
• Assessment: Review Quiz

Identifying Security Threats

Description: In this module, you will learn to identify types of attackers, social engineering attacks, malware, software-based threats, network-based threats, wireless threats, as well as physical threats. This module also contains demos for these topics.

• Topic A: Identify Types of Attackers
• Topic A - Demo 1 - Identifying Types of Attackers
• Topic B: Identify Social Engineering Attacks
• Topic B - Demo 1 - Identifying Social Engineering Attacks
• Topic C: Identify Malware
• Topic C - Demo 1 - Identifying Types of Malware
• Topic D: Identify Software-Based Threats
• Topic D - Demo 1 - Identifying Password Attacks
• Topic E: Identify Network-Based Threats
• Topic E - Demo 1 - Identifying Threats to DNS
• Topic E - Demo 2 - Identifying Port Scanning Threats
• Topic F: Identify Wireless Threats
• Topic F - Demo 1 - Identifying Wireless Threats
• Topic G: Identify Physical Threats
• Topic G - Demo 1 - Identifying Physical Threats
• Assessment: Review Quiz

Conducting Security Assessments

Description: In this module, you will learn about identifying and assessing vulnerabilities, and implementing penetration testing. This module covers software vulnerabilities such as zero-day, improper input handling, improper error handling, resource exhaustion, race condition and memory vulnerabilities.

• Topic A: Identify Vulnerabilities
• Topic A - Demo 1 - Identifying Vulnerabilities
• Topic B: Assess Vulnerabilities
• Topic B - Demo 1 - Capturing Network Data with Wireshark
• Topic B - Demo 2 - Scanning for General Vulnerabilities
• Topic C: Implement Penetration Testing
• Topic C - Demo 1 - Implementing Penetration Testing
• Assessment: Review Quiz

Implementing Host and Software Security

Description: In this module, you will learn about implementing host, cloud and virtualization and mobile device securities, and incorporating everything in the software development lifecycle.

• Topic A: Implement Host Security
• Topic A - Demo 1 - Implementing Auditing
• Topic A - Demo 2 - Hardening a Server
• Topic B: Implement Cloud and Virtualization Security
• Topic B - Demo 1 - Securing Virtual Machine Networking
• Topic C: Implement Mobile Device Security
• Topic C - Demo 1 - Implementing Mobile Device Security
• Topic D: Incorporate Security in the Software Development Lifecycle
• Topic D - Demo 1 - Performing Static Code Analysis
• Assessment: Review Quiz

Implementing Network Security

Description: In this module students will learn about configuring network security technologies, secure network design elements, implementing secure networking protocols and services, and securing wireless traffic.

• Topic A: Configure Network Security Technologies
• Topic A - Demo 1 - Configuring a Network IDS
• Topic B: Secure Network Design Elements
• Topic B - Demo 1 - Securing Network Design Elements
• Topic C: Implement Secure Networking Protocols and Services
• Topic C - Demo 1 - Installing an Internet Information Services Web Server
• Topic C - Demo 2 - Securing Network Traffic Using IPSec
• Topic D: Secure Wireless Traffic
• Topic D - Demo 1 - Securing Wireless Traffic
• Assessment: Review Quiz

Managing Identity and Access

Description: In this module you will learn about implementing identity and access management, configuring directory and access services, and managing accounts. Identity and access management is a security process that provides identity, authentication and authorization mechanisms.

• Topic A: Implement Identity and Access Management
• Topic A - Demo 1 - Implementing DAC for a File Share
• Topic B: Configure Directory Services
• Topic B - Demo 1 - Backing Up Active Directory
• Topic C: Configure Access Services
• Topic C - Demo 1 - Configuring a Remote Access Server
• Topic C - Demo 2 - Setting Up Remote Access Authentication
• Topic D: Manage Accounts
• Topic D - Demo 1 - Managing Accounts
• Assessment: Review Quiz

Implementing Cryptography

Description: In this module, you will learn to identify advanced cryptography concepts, select cryptographic algorithms, configure a public key infrastructure, enrol certificates, back up and restore certificates and private keys, and revoke certificates. This module covers cryptography elements such as confusion, diffusion, collision, obfuscation, PRNG, and PFS.

• Topic A: Identify Advanced Cryptography Concepts
• Topic A - Demo 1 - Identifying Advanced Cryptographic Concepts
• Topic B: Select Cryptographic Algorithms
• Topic B - Demo 1 - Selecting Cryptographic Algorithms
• Topic C: Configure a Public Key Infrastructure
• Topic C - Demo 1 - Installing a CA
• Topic C - Demo 2 - Securing a Windows Server 2016 CA
• Topic D: Enroll Certificates
• Topic D - Demo 1 - Enrolling Certificates
• Topic D - Demo 2 - Securing Network Traffic with Certificates
• Topic E: Back Up and Restore Certificates and Private Keys
• Topic E - Demo 1 - Backing Up a Certificate and Private Key
• Topic E - Demo 2 - Restoring a Certificate and Private Key
• Topic F: Revoke Certificates
• Topic F - Demo 1 - Revoking Certificates
• Assessment: Review Quiz

Implementing Operational Security

Description: In this module you will learn to evaluate security frameworks and guidelines, incorporate documentation in operational security, manage data security processes, and implement physical controls. Security frameworks define how to categorize and identify elements of security operations, focus tasks at a high level, and helps avoid building security in a vacuum or without considering important concepts.

• Topic A: Evaluate Security Frameworks and Guidelines
• Topic A - Demo 1 - Evaluating Security Frameworks and Guidelines
• Topic B: Incorporate Documentation in Operational Security
• Topic B - Demo 1 - Incorporating Documentation in Operational Security
• Topic C: Implement Security Strategies
• Topic C - Demo 1 - Implementing Virtual Machine Snapshots
• Topic D: Manage Data Security Processes
• Topic D - Demo 1 - Destroying Data Securely
• Topic D - Demo 2 - Encrypting a Storage Device
• Topic E: Implement Physical Controls
• Topic E - Demo 1 - Implementing Physical Controls
• Assessment: Review Quiz

Addressing Security Issues

Description: In this module, you will learn to troubleshoot common security issues, respond to security incidents, and investigate security incidents. Students will learn about authentication and permissions issues, and access violations.

• Topic A: Troubleshoot Common Security Issues
• Topic A - Demo 1 - Identifying Event Log Anomalies
• Topic B: Respond to Security Incidents
• Topic B - Demo 1 - Responding to a Security Incident
• Topic C: Investigate Security Incidents
• Topic C - Demo 1 - Implementing Forensic Procedures
• Assessment: Review Quiz

Ensuring Business Continuity

Description: In this module, students will learn to select a business continuity and disaster recovery process and develop a business continuity plan. Business continuity is a collection of processes enabling an organization to maintain normal business operations after an adverse event and is a key aspect of a security specialist's skillset.

• Topic A: Select Business Continuity and Disaster Recovery Processes
• Topic A - Demo 1 - Selecting Business Continuity and Disaster Recovery Process
• Topic B: Develop a Business Continuity Plan
• Topic B - Demo 1 - Developing a BCP
• Assessment: Review Quiz

Course assessment

• Assessment: CompTIA Security+ (Exam SYO-501) - Course Assessment