CompTIA Security+ 2017 (SY0-401, SY0-501)

Overview

This section focuses on CompTIA’s Security+ certifications. It is recognized worldwide as a benchmark for information system security best practices and is intended for aspiring IT security professionals entering into security.

Determining Types of Malware

This section discusses several different types of malware. It explores virus variations such as boot sector, polymorphic, macro, stealth viruses and ransomware. At the end it covers how a worm is different from a virus.

Types of Attacks

This section covers numerous types of attacks such as phishing, spear phishing, whaling, vishing, tailgating, impersonation, dumpster diving, shoulder surfing, hoaxes, and watering hole attacks.

Threat Vector Types and Attributes

This section covers different types of threat actors and vectord used to execute an attack. It explains Attacks are not always a one size, sometimes they may incorporate many techniques.

Penetration Testing Concepts

This section discusses concepts associates with penetration testing. It explains different levels of tests such as black, grey and white box testing.

Vulnerability Scanning Concepts

This section explains the importance of understanding how penetration testing differs from a vulnerability scan. It demonstrates a vulnerability scan in a pen test.

Impact of Various Vulnerabilities

This section explains how improperly configured accounts can impact an organizations security. It also covers memory buffer vulnerabilities, architecture or design weaknesses, zero day attacks, improper certificate and key management.

Hardware Software Organizational Security

This section focuses on how both hardware and software impact organizations security. It explains different firewalls and the importance of their configurations. It also covers VPN Concentrators, Network Intrusion/Prevention Systems, and routers.

Security Posture Assessment

This section explains software-based utilities that can assist in remaining compliant with an organizations security posture. It demonstrates several tools such as Wireshark, Nexpose and other wireless scanners. At the end it covers command line utilities to assist in both Windows and Nix-based systems.

Troubleshoot Common Security Issues

This section covers different issues one may have to troubleshoot. It explains protocols that send information in clear or plain text such as FTP, Telnet, PAP and HTTP. It also discusses the importance of logs, permissions, access violations and certificate issues.

Analyze and Interpret Outputs

This section demonstrates how to interpret the output of some commonly used tools. It covers tools such as Microsoft’s AppLocker followed with assorted malware utilities.

Deploy Mobile Security

This section discusses the importance of mobile security. It explains the potential vulnerabilities and weaknesses of mobile security and how to increase security while using these devices.

Implement Secure Protocols

This section explains the importance of secure protocols and the port numbers associated with these protocols for proper configuration and network analysis

Best Practices and Secure Config Guides

This sections explores common best practices and security configuration covered in the Security+ exam. It explains standard frameworks to secure specialized environments.

Secure Network Architecture Concepts

This section explains how the successful network designs can improve the overall network security.

Secure System Design

This section explains how the design of individual devices may add an additional layer of security.

Secure Staging Deployment Concepts

This section covers secure staging deployment concepts, what is sandboxing and why its important, environment types including Development-Test-Staging-Production and what is Integrity Measurement.

Security Implications of Embedded Systems

Ths section discusses the security implications of embedded systems. It explains how SCADA systems can be used to perform serious attacks.

Secure App Development and Deployment

This section explains the development and deployment of secure applications. It covers development life-cycle models like Waterfall and Agile, secure DevOps, version control, secure coding techniques, code quality and testing, and compiled vs. runtime code.

Cloud and Virtualization Concepts

This section introduces different cloud and virtualization concepts. It covers Hypervisors, Cloud Storage, and Cloud deployment models like IaaS, SaaS, and PaaS. At the end it explains cloud access security brokers, VM Sprawl avoidance, and VM escape protections

Resiliency and Automation to Reduce Risk

This section explains how to use automation and resiliency to reduce risk. It shows with the use of standard procedures and automated task the amount of common error through human fallibility can be reduced.

Importance of Physical Security

This section covers the importance of physical security controls. It explains how each layer of security adds complexity. It also discusses about Faraday cages, lock types, biometrics etc.

Identity and Access Management Concepts

This section covers identity and access management concepts. It explains Identification, Authentication/Authorization/Accounting (AAA), and Multi-factor Authentication practices.

Identity and Access Services

This section covers litany of Identity and Access services. It explains services like LDAP, Kerberos, PAP/CHAP/MSCHAP, RADIUS/TACACS+, SAML, OpenID Connect, OATH, Shibboleth, and NTLM.

Identity and Access Management Controls

This section dive into common Identity and Access Management Controls covered in the Security+ exam. It covers access control models like MAC, DAC, RBAC, ABAC, physical access, certificate-based controls and biometric factors.

Account Management Practices

This section explores common account management practices. It covers the different account types like user accounts, service accounts and privileged accounts.

Policies

This section dive into Policies, Plans, and Procedures. It covers different agreement types like BPA, SLA, ISA, and MOU/MOA.

Impact Business Analysis

This section covers identifying critical systems, privacy threshold assessments, privacy impact assessments, and mission essential functions.

Risk Management Processes and Concepts

This section explains risk management processes and concepts, components of threat assessments, differences between internal and external assessments, risk assessment, ALE=SLE *ARO – quantitative assessment, plus risk response techniques (or strategies).

Incident Response Procedures

This section explains incident types with appropriate response process measures.

Basic Concepts of Forensics

This section covers the basics of computer forensics such as Order of Volatility, Chain of Custody, Data Acquisition and Strategic Intelligence Gathering.

Disaster Recovery and Business Continuity

This section discusses the options in recovery sites, protocol or order for restoration and plus backup concepts.

Data Security and Privacy

This section discusses the options in recovery sites, protocol or order for restoration and plus backup concepts.

Basic Concepts of Cryptography

This section covers the basic concepts of Cryptography. It explains symmetric/asymmetric algorithms, modes of operation, hashing and salting. It also discusses the science of hiding data, and working with principles of encryption.

Cryptography Algorithms Basics

This section covers what are cryptography algorithms, basic characteristics, different types of cypher text, encryption keys, block stream cyphers, symmetric asymmetric algorithms, cypher modes, hashing algorithms, key stretching algorithms, Hashing Collision, obfuscation, and substitution cyphers.

Wireless Security

This section explores wireless security for the Security+ exam. It covers cryptographic protocols like WEP, WPA/WPA2, TKIP and authentication protocols like EAP, PEAP, IEEE 802.1x, and RADIUS.

Public Key Infrastructure

This section discusses public key infrastructure. It explains the basic design of a Certificate Authority hierarchy. It also covers different levels of validation, certificate formats and how to structure a Certificate Authority depending on your organizations need.