CompTIA Security+ Student Guide (Exam SY0-501) 2019 Update - 93-060 Course Outline

(5 Days)

Overview

CompTIA is a not-for-profit trade association with the purpose of advancing the interests of IT professionals and IT channel organizations and its industry-leading IT certifications are an important part of that mission. CompTIA’s Security+ certification is a foundation-level certificate designed for IT administrators with two years’ experience whose job role is focused on system security.

The CompTIA Security+ exam will certify the successful candidate has the knowledge and skills required to install and configure systems to secure applications, networks, and devices; perform threat analysis and respond with appropriate mitigation techniques; participate in risk mitigation activities; and operate with an awareness of applicable policies, laws, and regulations.

The Official CompTIA® Security+® (Exam SY0-501): 2019 Updateis the primary course you will need to take if your job responsibilities include securing network services, devices, and traffic in your organization. You can also take this course to prepare for the CompTIA Security+ (Exam SY0-501) certification examination. In this course, you will build on your knowledge of and professional experience with security fundamentals, networks, and organizational security as you acquire the specific skills required to implement basic security services on any type of computer network.

This course can benefit you in two ways. If you intend to pass the CompTIA Security+ (Exam SY0-501) certification examination, this course can be a significant part of your preparation. But certification is not the only key to professional success in the field of computer security. Today’s job market demands individuals with demonstrable skills, and the information and activities in this course can help you build your computer security skill set so that you can confidently perform your duties in any security-related role.

Audience Profile

This course is designed for information technology (IT) professionals who have networking and administrative skills in Windows®-based Transmission Control Protocol/Internet Protocol (TCP/IP) networks; familiarity with other operating systems, such as macOS®, Unix®, or Linux®; and who want to further a career in IT by acquiring foundational knowledge of security topics or using CompTIA Security+ as the foundation for advanced security certifications or career roles.

This course is also designed for students who are seeking the CompTIA Security+ certification and who want to prepare for the CompTIA Security+ SY0-501 Certification Exam.

Prerequisites

To ensure your success in this course, you should have basic Windows user skills and a fundamental understanding of computer and networking concepts.

  • CompTIA A+ and Network+ certifications, or equivalent knowledge, and six to nine months’ experience in networking, including configuring security parameters, are strongly recommended. Students can obtain this level of skill and knowledge by taking any of the following Official CompTIA courses:
  • The Official CompTIA® A+®: Core 1 (Exam 220-1001)
  • The Official CompTIA® A+®: Core 2 (Exam 220-1002)
  • The Official CompTIA® Network+® (Exam N10-007)
  • Note: The prerequisites for this course might differ significantly from the prerequisites for the CompTIA certification exams. For the most up-to-date information about the exam prerequisites, complete the form on this page:https://certification.comptia.org/training/exam-objectives.

At Course Completion

In this course, you will use fundamental security principles to install and configure cybersecurity controls and participate in incident response and risk mitigation.

You will:

  • Compare and contrast attacks.
  • Compare and contrast security controls.
  • Use security assessment tools.
  • Explain basic cryptography concepts.
  • Implement a public key infrastructure.
  • Implement identity and access management controls.
  • Manage access services and accounts.
  • Implement a secure network architecture.
  • Install and configure security appliances.
  • Install and configure wireless and physical access security.
  • Deploy secure host, mobile, and embedded systems.
  • Implement secure network access protocols.
  • Implement secure network applications.
  • Explain risk management and disaster recovery concepts.
  • Describe secure application development concepts.
  • Explain organizational security concepts.

Course Outline

Lesson 1:Comparing and Contrasting Attacks

  • Topic A:Compare and Contrast Information Security Roles
  • Topic B:Explain Threat Actor Types
  • Topic C:Compare and Contrast Social Engineering Attack Types
  • Topic D:Determine Malware Types

Lesson 2:Comparing and Contrasting Security Controls

  • Topic A:Compare and Contrast Security Control and Framework Types
  • Topic B:Follow Incident Response Procedures

Lesson 3:Assessing Security Posture with Software Tools

  • Topic A:Explain Penetration Testing Concepts
  • Topic B:Assess Security Posture with Topology Discovery Software Tools
  • Topic C:Assess Security Posture with Fingerprinting and Sniffing Software Tools
  • Topic D:Assess Security Posture with Vulnerability Scanning Software Tools

Lesson 4:Explaining Basic Cryptography Concepts

  • Topic A:Compare and Contrast Basic Concepts of Cryptography
  • Topic B:Explain Hashing and Symmetric Cryptographic Algorithms
  • Topic C:Explain Asymmetric Cryptographic Algorithms

Lesson 5:Implementing a Public Key Infrastructure

  • Topic A:Implement Certificates and Certificate Authorities
  • Topic B:Implement PKI Management

Lesson 6:Implementing Identity and Access Management Controls

  • Topic A:Compare and Contrast Identity and Authentication Concepts
  • Topic B:Install and Configure Authentication Protocols
  • Topic C:Implement Multifactor Authentication

Lesson 7:Managing Access Services and Accounts

  • Topic A:Install and Configure Authorization and Directory Services
  • Topic B:Implement Access Management Controls
  • Topic C:Differentiate Account Management Practices
  • Topic D:Implement Account Auditing and Recertification

Lesson 8:Implementing a Secure Network Architecture

  • Topic A:Implement Secure Network Architecture Concepts
  • Topic B:Install and Configure a Secure Switching Infrastructure
  • Topic C:Install and Configure Network Access Control
  • Topic D:Install and Configure a Secure Routing and NAT Infrastructure

Lesson 9:Installing and Configuring Security Appliances

  • Topic A:Install and Configure Firewalls and Proxies
  • Topic B:Install and Configure Load Balancers
  • Topic C:Install and Configure Intrusion Detection/Prevention Systems
  • Topic D:Install and Configure Data Loss Prevention (DLP) Systems
  • Topic E:Install and Configure Logging and SIEM Systems

Lesson 10:Installing and Configuring Wireless and Physical Access Security

  • Topic A:Install and Configure a Wireless Infrastructure
  • Topic B:Install and Configure Wireless Security Settings
  • Topic C:Explain the Importance of Physical Security Controls

Lesson 11:Deploying Secure Host, Mobile, and Embedded Systems

  • Topic A:Implement Secure Hardware Systems Design
  • Topic B:Implement Secure Host Systems Design
  • Topic C:Implement Secure Mobile Device Systems Design
  • Topic D:Implement Secure Embedded Systems Design

Lesson 12:Implementing Secure Network Access Protocols

  • Topic A:Implement Secure Network Operations Protocols
  • Topic B:Implement Secure Remote Access Protocols
  • Topic C:Implement Secure Remote Administration Protocols

Lesson 13:Implementing Secure Network Applications

  • Topic A:Implement Secure Web Services
  • Topic B:Implement Secure Communications Services
  • Topic C:Summarize Secure Virtualization Infrastructure
  • Topic D:Summarize Secure Cloud Services

Lesson 14:Explaining Risk Management and Disaster Recovery Concepts

  • Topic A:Explain Risk Management Processes and Concepts
  • Topic B:Explain Resiliency and Automation Strategies
  • Topic C:Explain Disaster Recovery and Continuity of Operation Concepts
  • Topic D:Summarize Basic Concepts of Forensics

Lesson 15:Summarizing Secure Application Development Concepts

  • Topic A:Explain the Impact of Vulnerability Types
  • Topic B:Summarize Secure Application Development Concepts

Lesson 16:Explaining Organizational Security Concepts

  • Topic A:Explain the Importance of Security Policies
  • Topic B:Implement Data Security and Privacy Practices
  • Topic C:Explain the Importance of Personnel Management