Overview
Are you an early-career IT professionals or mid – level IT looking to advance your career and gain greater recognition? The CompTIA CNSP certification is the perfect choice for you! Designed specifically with 2-5 years of experience in mind, the Certification Path includes all learning materials that will help prepare you to pass each exam: Security+, PenTest+ & Cybersecurity Analyst (CySA+) – allowing you to reach cybersecurity mastery. Are you an early-career IT professionals or mid – level IT looking to advance your career and gain greater recognition? The CompTIA CNSP certification is the perfect choice for you! Designed specifically with 2-5 years of experience in mind, the Certification Path includes all learning materials that will help prepare you to pass each exam: Security+, PenTest+ & Cybersecurity Analyst (CySA+) – allowing you to reach cybersecurity mastery. This course is designed to provide business analysts and IT professionals with the knowledge and skills needed to make strategic Cloud business decisions. The training covers all the objectives required to pass the CompTIA Cloud Essentials+ CLO-002 Certification including Cloud Concepts, Business Principles of Cloud Environments, cloud principles, Management, cloud networking concepts, Technical Operations, Governance, Risk, Compliance, and Security for the Cloud. The CompTIA CNVP is an invaluable certification specifically crafted for IT professionals with 2 to 5 years of experience. This stackable program provides the course materials required to not only earn your Security+ and PenTest+ certifications, but also allows you to excel in your knowledge as a cybersecurity specialist. The CompTIA CSIS is a progressive certification in the IT field that was crafted by CompTIA. It is ideal for those with 0-2 years of experience who are looking to upskill. At TOIT, we offer an extensive Certification Path which comes bundled with educative materials and preparing you to pass the three exams;CompTIA A+, Comptia Network+ and Comptia Security+. The CompTIA A+ 220-1001 & 220-1002 training for the Core Series covers topics that are growing in IT support, including expanded content on security baselines and a different way of assessing competence in operational procedures. TOIT’s online learning environment is ideal for those with a busy schedule, offering convenience and flexibility, study when you want.
Your Training Instructors
Chrys Thorsen
Education and Technology Expert
Chrys is an education and technology expert who specializes in enterprise-level IT infrastructure consulting and certified training-of-trainers. In her career, she has garnered 35 IT Certifications including Cisco CCSI/CCNP, CISSP, CISA, MCSE/MCITP, and many more. She has also authored 40 published certification textbooks and is currently working on the new CompTIA PenTest+ courseware.
John Abueg
Senior Technical Instructor
John is a Senior Technical Instructor at Ft. Gordon in Augusta, Georgia, instructing U.S. military and civilian employees on a number of cybersecurity subjects and certifications. He has been an IT professional for well over two decades, as prior to his current job he retired from the Army after a 20-year career as a soldier in the signal branch (IT and communications). John holds a bachelor’s degree in Computer Science from the University of Maryland Global Campus as well as the following IT certifications: Network+, Security+, Cybersecurity Analyst (CySA+), CompTIA Advanced Security Practitioner (CASP+), Certified Information Systems Security Professional (CISSP).
Brian O’Hair
IT Training Professor
Professor Brian O’Hare has over 25 years of experience in the IT industry. He started off in web design as a Corporate Webmaster but wanted to understand how the internet worked. While working towards his bachelor’s in computer science, he studied and got his MCSE (Microsoft Certified Systems Engineer) and his MCT (Microsoft Certified Trainer). Once certified he paid for his degree working as a Network Engineer and then a Trainer for others wanting to learn about Microsoft’s Desktop and Server products.
- 64 Traning Hours
- 266 Videos
- 44 Topics
- 495 Practice Questions
Are you an IT professional with 2 to 5 years of experience looking for a stackable certification by CompTIA? Consider the CompTIA CNSP! The TOIT Certification Path provides all the necessary materials and guidelines for studying and passing the required certification exam, such as Security+, PenTest+ and CySA+. With this stackable certification path, your technical skills in these areas will be tested – helping you gain confidence in yourself that’s backed up by security certification.
The TOIT Certification Path is designed for self-paced learning. Work at your own pace and join our community of IT professionals who have already begun their journey to advance their career in cybersecurity! With access to our online course training, you can master the material quickly and easily with videos, lectures, and practice questions that cover the exact information you need. Our TOIT Certification Path helps you to prepare for success as a cybersecurity professionals and take control of your future.
Passing the three exams required for this path will grant you not one, but three CompTIA certifications and ultimately render you a Certified Network Security Professional, CompTIA CNSP.
This CompTIA CNSP pathway consists of three courses:
- CompTIA Security+
- CompTIA PenTest+
- CompTIA Cybersecurity Analyst (CySA+)
Upon successfully passing the applicable exams provided by CompTIA, you will earn the CNSP certification badge.
To discover more about CompTIA’s Stackable Certifications, visit the CompTIA website. With this revolutionary certification program, you can take your career and credentials to the next level. Explore what options are available for enhancing your knowledge base and expanding into new fields of expertise.Pricing charged by CompTIA varies by exam. For details on current pricing, visit CompTIA Pricing on their website.
Frequently Asked Questions About CompTIA Network Security Professional (CNSP)
What is the CompTIA CNSP certification and who is it designed for?
The CompTIA CNSP (Network Security Professional) certification is a course designed for early-career IT professionals or mid-level IT individuals looking to advance their career and gain greater recognition. Specifically, it is intended for those with 2-5 years of experience. This certification includes all learning materials that will help prepare you to pass each exam: Security+, PenTest+, and Cybersecurity Analyst (CySA+).
What is the format of the course?
The TOIT Certification Path is designed for self-paced learning, which means you can work at your own pace. The course includes 64 training hours, 266 videos, 44 topics, and 495 practice questions.
What is the CompTIA Security+ certification about and what skills does it cover?
The CompTIA Security+ certification is a global certification that validates the baseline skills necessary to perform core security functions. It covers skills such as assessing the security of an organization, monitoring and securing hybrid environments, operating with awareness of applicable laws and policies, and responding to security events and incidents. It is compliant with ISO 17024 standards and is approved by the U.S. DoD.
What is the CompTIA PenTest+ certification about and what skills does it cover?
The CompTIA PenTest+ certification is for cybersecurity professionals tasked with penetration testing and vulnerability management. It covers skills such as planning and scoping, information gathering and vulnerability scanning, attacks and exploits, reporting and communication, and tools and code analysis. It emphasizes the most relevant pen testing skills for the cloud, hybrid environments, web applications, and the Internet of Things (IoT).
What jobs can I potentially land with these certifications?
Jobs that you can potentially land with these certifications include business analyst, cybersecurity manager, software developer, systems administrator, security consultant, cloud penetration tester, web app penetration tester, cloud security specialist, network security specialist, network security operations, threat intelligence analyst, and vulnerability analyst.
CompTIA Security+ SY0-601 (2022) Course Outline
Module 1 – Introduction to Security
- 1.1 Introduction to Security
Module 2 – Malware and Social Engineering Attacks
- 2.1 Malware and Social Engineering Attacks
Module 3 – Basic Cryptography
- 3.1 Basic Cryptography
Module 4 – Advanced Cryptography and PKI
- 4.1 Advanced Cryptography and PKI
Module 5 – Networking and Server Attacks
- 5.1 Networking and Server Attacks
Module 6 – Network Security Devices, Designs and Technology
- 6.1 Network Security Devices, Designs and Technology
Module 7 – Administering a Secure Network
- 7.1 Administering a Secure Network
Module 8 – Wireless Network Security
- 8.1 Wireless Network Security
Module 9 – Client and Application Security
- 9.1 Client and Application Security
Module 10 – Mobile and Embedded Device Security
- 10.1 Mobile and Embedded Device Security
Module 11 – Authentication and Account Management
- 11.1 Authentication and Account Management
Module 12 – Access Management
- 12.1 Access Management
Module 13 – Vulnerability Assessment and Data Security
- 13.1 Vulnerability Assessment and Data Security
Module 14 – Business Continuity
- 14.1 Business Continuity
Module 15 – Risk Mitigation
- 15.1 Risk Mitigation
Module 16 – Security Plus Summary and Review
- 16.1 – Security Plus Summary and Review
Module 17 – Hands-On Training
- 17.1 Hands-On Scanning Part 1
- 17.2 Hands-On Scanning Part 2
- 17.3 Hands-On Advanced Scanning
- 17.4 Hands-On MetaSploit
- 17.5 Hands-On BurpSuite
- 17.6 Hands-On Exploitation Tools Part 1
- 17.7 Hands-On Exploitation Tools Part 2
- 17.8 Hands-On Invisibility Tools
- 17.9 Hands-On Connect to Tor
CompTIA CySA+ (Cybersecurity Analyst+) CS0-002 Course Outline
Module 1: Threat and Vulnerability Management
- Instructor Intro
- About the Exam
- Test Taking Tips and Techniques
- Explain the importance of threat data and intelligence
- Given a scenario, utilize threat intelligence to support organizational security
- Given a scenario, perform vulnerability management activities Pt 1
- Given a scenario, perform vulnerability management activities Pt 2
- Given a scenario, analyze the output from common vulnerability assessment tools
- Explain the threats and vulnerabilities associated with specialized technology
- Explain the threats and vulnerabilities associated with operating in the Cloud
- Given a scenario, implement controls to mitigate attacks and software vulnerabilities Pt 1
- Given a scenario, implement controls to mitigate attacks and software vulnerabilities Pt 2
Module 2: Software and Systems Security
- Outline
- Given a scenario, apply security solutions for infrastructure management Pt 1
- Given a scenario, apply security solutions for infrastructure management Pt 2
- Given a scenario, apply security solutions for infrastructure management Pt 3
- Flashcards
- Explain software assurance best practices
- Scatter
- Explain hardware assurance best practices
- Learn
- Speller
- Workbook
Module 3: Security Operations and Monitoring
- Given a scenario, analyze data as part of security monitoring activities Pt 1
- Given a scenario, analyze data as part of security monitoring activities Pt 2
- Given a scenario, analyze data as part of security monitoring activities Pt 3
- Given a scenario, implement configuration changes to existing controls to improve security Pt 1
- Given a scenario, implement configuration changes to existing controls to improve security Pt 2
- Explain the importance of proactive threat hunting
- Compare and contrast automation concepts and technologies
Module 4: Incident Response
- Explain the importance of the incident response process
- Given a scenario, apply the appropriate the incident response procedure
- Given an incident, analyze potential indicators of compromise
- Given a scenario, utilize basic digital forensic techniques
Module 5: Compliance and Assessment
- Understand the importance of data privacy and protection
- Given a scenario, apply security concepts in support of organizational risk mitigation Pt 1
- Given a scenario, apply security concepts in support of organizational risk mitigation Pt 2
- Explain the importance of frameworks, policies, procedures, and controls Pt 1
- Explain the importance of frameworks, policies, procedures, and controls Pt 2
Module 6: Afterword
- Recap
- Review Questions
- Before the Exam
CompTIA PenTest+ (PT0-001) Course Outline
Module 1 – The Pen Test Engagement
- Module 1 Notes
- 1.0 PenTest Plus Introduction
- 1.1 PenTest Plus Topics
- 1.2 PenTest Engagement
- 1.3 Threat Modeling
- 1.4 Technical Constraints
- 1.5 PenTest Engagement Review
- 1.6 Examining PenTest Engagement Documents Act
Module 2 – Passive Reconnaissance
- Module 2 Notes
- 2.1 Passive Reconnaissance part1
- 2.2 WHOIS Act
- 2.3 Passive Reconnaissance part2
- 2.4 Google Hacking Act
- 2.5 Passive Reconnaissance part3
- 2.6 DNS Querying Act
- 2.7 Passive Reconnaissance part4
- 2.8 Email Server Querying Act
- 2.9 SSL-TLS Cerfificates
- 2.10 Shodan Act
- 2.11 The Havester
- 2.12 TheHarvester Act
- 2.13 Recon-ng
- 2.14 Recon-g Act
- 2.14 Recon-ng-Part-2-API-key Act
- 2.15 Maltego
- 2.16 Have I been Pwned
- 2.17 Punked and Owned Pwned Act
- 2.18 Fingerprinting Organization with Collected Archives
- 2.19 FOCA Act
- 2.20 Findings Analysis Weaponization
- 2.21 Chp 2 Review
Module 3 – Active Reconnaissance
- Module 3 Notes
- 3.1 Active Reconnaissannce
- 3.2 Discovery Scans Act
- 3.3 Nmap
- 3.4 Nmap Scans Types Act
- 3.5 Nmap Options
- 3.6 Nmap Options Act
- 3.7 Stealth Scans
- 3.8 Nmap Stealth Scans Act
- 3.9 Full Scans
- 3.10 Full Scans Act
- 3.11 Packet Crafting
- 3.12 Packet Crafting Act
- 3.13 Network Mapping
- 3.14 Metasploit
- 3.15 Scanning with Metasploit Act
- 3.16 Enumeration
- 3.17 Banner Grabbing Act
- 3.18 Windows Host Enumeration
- 3.19 Winddows Host Enumeration Act
- 3.20 Linux Host Enumeration
- 3.21 Linux Host Enumeration Act
- 3.22 Service Enumeration
- 3.23 Service Enumeration Act
- 3.24 Network Shares
- 3.25 SMB Share Enumeration Act
- 3.26 NFS Network Share Enumeration
- 3.27 NFS Share Enumeration Act
- 3.28 Null Sessions
- 3.29 Null Sessions Act
- 3.30 Website Enumeration
- 3.31 Website Enumeration Act
- 3.32 Vulnerability Scans
- 3.33 Compliance Scans Act
- 3.34 Credentialed Non-credentialed Scans
- 3.35 Using Credentials in Scans Act
- 3.36 Server Service Vulnerability Scan
- 3.37 Vulnerability Scanning Act
- 3.38 Web Server Database Vulnerability Scan
- 3.39 SQL Vulnerability Scanning Act
- 3.40 Vulnerability Scan Part 2 OpenVAS Act
- 3.41 Web App Vulnerability Scan
- 3.42 Web App Vulnerability Scanning Act
- 3.43 Network Device Vulnerability Scan
- 3.44 Network Device Vuln Scanning Act
- 3.45 Nmap Scripts
- 3.46 Using Nmap Scripts for Vuln Scanning Act
- 3.47 Packet Crafting for Vulnerbility Scans
- 3.48 Firewall Vulnerability Scans
- 3.49 Wireless Access Point Vunerability
- 3.50 Wireless AP Scans Act
- 3.51 WAP Vulnerability Scans
- 3.52 Container Security issues
- 3.53 How to Update Metasploit Pro Expired Trial License
Module 4 – Physical Security
- Module 4 Notes
- 4.1 Physical Security
- 4.2 Badge Cloning Act
- 4.3 Physical Security Review
Module 5 – Social Engineering
- Module 5 Notes
- 5.1 Social Engineering
- 5.2 Using Baited USB Stick Act
- 5.3 Using Social Enginnering to Assist Attacks
- 5.4 Phishing Act
- 5.5 Social Engineering Review
Module 6 – Vulnerability Scan Analysis
- Module 6 Notes
- 6.1 Vulnerbility Scan Analysis
- 6.2 Validating Vulnerability Scan Results Act
- 6.3 Vulnerbility Scan Analysis Review
Module 7 – Password Cracking
- Module 7 Notes
- 7.1 Password Cracking
- 7.2 Brute Force Attack Against Network Service Act
- 7.3 Network Authentication Interception Attack
- 7.4 Intercepting Network Authentication Act
- 7.5 Pass the Hash Attacks
- 7.6 Pass the Hash Act
- 7.7 Password Cracking Review
Module 8 – Penetrating Wired Networks
- Module 8 Notes
- 8.1 Penetrating Wired Network
- 8.2 Sniffing Act
- 8.3 Eavesdropping
- 8.4 Eavesdropping Act
- 8.5 ARP Poisoning
- 8.6 ARP Poisoning Act
- 8.7 Man In The Middle
- 8.8 MITM Act
- 8.9 TCP Session HiJacking
- 8.10 Server Message Blocks SMB Exploits
- 8.11 SMB Attack Act
- 8.12 Web Server Attacks
- 8.13 FTP Attacks
- 8.14 Telnet Server Attacks
- 8.15 SSH Server Attacks
- 8.16 Simple Network Mgmt Protocol SNMP
- 8.17 Simple Mail Transfer Protocol SMTP
- 8.18 Domain Name System DNS Cache Poisoning
- 8.19 Denail of Service Attack DoS-DDoS
- 8.20 DoS Attack Act
- 8.21 VLAN Hopping Review
Module 9 – Penetrating Wireless Networks
- Module 9 Notes
- 9.1 Penetrating Wireless Networks
- 9.2 Jamming Act
- 9.3 Wireless Sniffing
- 9.4 Replay Attacks
- 9.5 WEP Cracking Act
- 9.6 WPA-WPA2 Cracking
- 9.7 WAP Cracking Act
- 9.8 Evil Twin Attacks
- 9.9 Evil Twin Attack Act
- 9.10 WiFi Protected Setup
- 9.11 Bluetooth Attacks
- 9.12 Penetrating Wireless Networks
Module 10 – Windows Exploits
- Module 10 Notes
- 10.1 Windows Exploits
- 10.2 Dumping Stored Passwords Act
- 10.3 Dictionary Attacks
- 10.4 Dictionary Attack Against Windows Act
- 10.5 Rainbow Table Attacks
- 10.6 Credential Brute Force Attacks
- 10.7 Keylogging Attack Act
- 10.8 Windows Kernel
- 10.9 Kernel Attack Act
- 10.10 Windows Components
- 10.11 Memory Vulnerabilities
- 10.12 Buffer Overflow Attack Act
- 10.13 Privilegde Escalation in Windows
- 10.14 Windows Accounts
- 10.15 Net and WMIC Commands
- 10.16 Sandboxes
Module 11 – Linux Exploits
- Module 11 Notes
- 11.1 Linux Exploits
- 11.2 Exploiting Common Linux Features Act
- 11.3 Password Cracking in Linux
- 11.4 Cracking Linux Passwords Act
- 11.5 Vulnerability Linux
- 11.6 Priviledge Escalation Linux
- 11.7 Linux Accounts
- 11.8 Linux Exploits Review
Module 12 – Mobile Devices
- Module 12 Notes
- 12.1 Mobile Devices
- 12.2 Hacking Android Act
- 12.3 Apple Exploits
- 12.4 Moblie Devices Review
Module 13 – Specialized Systems
- Module 13 Notes
- 13.1 Specialized Systems
- 13.2 Specialized Systems Review
Module 14 – Scripts
- Module 14 Notes
- 14.1 Scripts
- 14.2 Powershell
- 14.3 Python
- 14.4 Ruby
- 14.5 Common Scripting Elements
- 14.6 Scripts Review
- 14.7 Better Ping Sweep
- 14.8 Simple Port Scanner2
- 14.9 Multitarget Port Scanner
- 14.10 Port Scanner with Nmap
- 14.11 Scripts Review
Module 15 – Application Testing
- Module 15 Notes
- 15.1 Application Testing
- 15.2 Reverse Engineering
Module 16 – Web App Exploits
- Module 16 Notes
- 16.1 Webb App Exploits
- 16.2 Injection Attacks
- 16.3 HTML Injection
- 16.4 SQL Hacking – SQLmap Act
- 16.5 Cross-Site Attacks
- 16.6 Cross-Site Request Forgery
- 16.7 Other Web-based Attacks
- 16.8 File Inclusion Attacks
- 16.9 Web Shells
- 16.10 Web Shells Review
Module 17 – Lateral Movement
- Module 17 Notes
- 17.1 Lateral Movement
- 17.2 Lateral Movement with Remote Mgmt Services
- 17.3 Process Migration Act
- 17.4 Passing Control Act
- 17.5 Pivoting
- 17.6 Tools the Enable Pivoting
- 17.7 Lateral Movement Review
Module 18 – Persistence
- Module 18 Notes
- 18.1 Persistence
- 18.2 Breeding RATS Act
- 18.3 Bind and Reverse Shells
- 18.4 Bind Shells Act
- 18.5 Reverse Shells
- 18.6 Reverse Shells Act
- 18.7 Netcat
- 18.8 Netcat Act
- 18.9 Scheduled Tasks
- 18.10 Scheduled Tasks Act
- 18.11 Services and Domains
- 18.12 Persistence Review
Module 19 – Cover Your Tracks
- Module 19 Notes
- 19.1 Cover Your Tracks
- 19.2 Cover Your Tracks – Timestomp Files Act
- 19.3 Cover Your Tracks – Frame the Administrator Act
- 19.4 Cover Your Tracks – Clear the Event Log Act
- 19.5 Cover Your Tracks Review
Module 20 – The Report
- Module 20 Notes
- 20.1 The Report
- 20.2 The Report Review
Module 21 – Post Engagement Cleanup
- Module 21 Notes
- 21.1 Post Engagement Cleanup_1
- 21.3 Post Engagement Cleanup Review
- 21.4 PenTest Plus Conclusion.mp4