CompTIA Security+ (Exam SYO-501) Certification Series!
Overview: This course will teach students about identifying security fundamentals and threats, analyzing risk, conducting security assessments, implementing network, operational , host, and software security, managing identity and access, implementing cryptography, addressing security issues, and ensuring business continuity. CompTIA Security+ is the certification globally trusted to validate foundational, vendor- neutral IT security knowledge and skills. As a benchmark for best practices in IT security, this certification covers the essential principles for network security and risk management – making it an important stepping stone of an IT security career. Recommended experience for this certification includes CompTIA Network+ and two years of experience in IT administration with a security focus. No prerequisites required.
Series Taught By: Patrick Loner
Available CEUs for Course Series Completion: 20
Students can earn up to 20 CEUs for fully completing this course series. This information will be displayed on the certificate of completion.Learn More
$150.00Read more
Course Modules
(Duration: 1h 21m)
- Workbook (Pdf)
- Topic A: Identify Information Security Concepts
- Information Security
- Goals of Information Security
- Risk
- Vulnerabilities
- Threats
- Attacks
- Controls
- Types of Controls
- The Security Management Process
- Demo – Identifying Information Security Basics
- Topic B: Identify Basic Security Controls
- The CIA Triad
- Non-repudiation
- Identification
- Authentication
- Authentication Factors
- Authorization
- Access Control
- Accounting and Auditing
- Principle of Least Privilege
- Privilege Management
- Demo – Identifying Basic Security Controls
- Topic C: Identify Basic Authentication and Authorization Concepts
- Passwords
- Tokens
- Biometrics
- Geolocation
- Keystroke Authentication
- Multi-factor Authentication
- Mutual Authentication
- Demo – Identifying Basic Authentication and Authorization Concepts
- Topic D: Identify Basic Cryptography Concepts
- Cryptography
- Encryption and Decryption
- Encryption and Security Goals
- Ciphers
- A Key
- Symmetric Encryption
- Asymmetric Encryption
- Hashing
- Steganography
- Demo – Identifying Basic Cryptography Concepts
- Chapter 01 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 46m)
- Workbook (Pdf)
- Topic A: Analyze Organizational Risk
- Risk Management
- Components of Risk Analysis
- Phases of Risk Analysis
- Categories of Threat Types
- Risk Analysis Methods
- Risk Calculation
- Risk Response Techniques
- Risk Mitigation and Control Types
- Change Management
- Guidelines for Analyzing Risk
- Demo – Analyzing Risks to the Organization
- Topic B: Analyze the Business Impact of Risk
- BIA
- Impact Scenarios
- Privacy Assessments
- Critical Systems and Functions
- Maximum Tolerable Downtime
- Recovery Point Objective
- Recovery Time Objective
- Mean Time to Failure
- Mean Time to Repair
- Mean Time Between Failures
- Guidelines for Performing a Business Impact Analysis
- Demo – Performing a Business Impact Analysis
- Chapter 02 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 2h 49m)
- Workbook (Pdf)
- Topic A: Identify Types of Attackers
- Hackers and Attackers
- Threat Actors
- Threat Actor Attributes
- Open-Source Intelligence
- Demo – Identifying Types of Attackers
- Topic B: Identify Social Engineering Attacks
- Social Engineering
- Effectiveness
- Impersonation
- Phishing and Related Attacks
- Hoaxes
- Physical Exploits
- Watering Hole Attacks
- Demo – Identifying Social Engineering Attacks
- Topic C: Identify Malware
- Malicious Code
- Viruses
- Worms
- Adware
- Spyware
- Trojan Horses
- Keyloggers
- Remote Access Trojans
- Logic Bombs
- Botnets
- Ransomware
- Advance Persistent Threats
- Demo – Identifying Types of Malware
- Topic D: Identify Software-Based Threats
- Software Attacks
- Password Attacks
- Types of Password Attacks
- Cryptographic Attacks
- Types of Cryptographic Attacks
- Backdoor Attacks
- Application Attacks
- Types of Application Attacks
- Driver Manipulation
- Privilege Escalation
- Demo – Identifying Password Attacks
- Topic E: Identify Network-Based Threats
- TCP/IP Basics
- Spoofing Attacks
- IP and MAC Address Spoofing
- ARP Poisoning
- DNS Poisoning
- Port Scanning Attacks
- Scan Types
- Eavesdropping Attacks
- Man-in-the-Middle Attacks
- Man-in-the-Browser Attacks
- Replay Attacks
- DoS Attacks
- DDoS Attacks
- Hijacking Attacks
- Amplification Attacks
- Pass the Hash Attacks
- Demo- Identifying Threats to DNS
- Demo- Identifying Port Scanning Threats
- Topic F: Identify Wireless Threats
- Rogue Access Points
- Evil Twins
- Jamming
- Bluejacking
- Bluesnarfing
- Near Field Communication Attacks
- RFID System Attacks
- War Driving, War Walking, and War Chalking
- Packet Sniffing
- IV Attacks
- Wireless Replay Attacks
- WEP and WPA Attacks
- WPS Attacks
- Wireless Disassociation
- Demo- Identifying Wireless Threats
- Topic G: Identify Physical Threats
- Physical Threats and Vulnerabilities
- Hardware Attacks
- Environmental Threats and Vulnerabilities
- Demo- Identifying Physical Threats
- Chapter 03 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 1h 3m)
- Workbook (Pdf)
- Topic A: Identify Vulnerabilities
- Host Vulnerabilities
- Software Vulnerabilities
- Encryption Vulnerabilities
- Network Architecture Vulnerabilities
- Account Vulnerabilities
- Operations Vulnerabilities
- Demo- Identifying Vulnerabilities
- Topic B: Assess Vulnerabilities
- Security Assessment
- Security Assessment Techniques
- Vulnerability Assessment Tools
- Types of Vulnerability Scans
- False Positives
- Guidelines for Assessing Vulnerabilities
- Demo- Capturing Network Data with Wireshark
- Demo- Scanning for General Vulnerabilities
- Topic C: Implement Penetration Testing
- Penetration Testing
- Penetration Testing Techniques
- Box Testing Methods
- Penetration Testing Tools
- Guidelines for Implementing Penetration Testing
- Demo- Implementing Penetration Testing
- Chapter 04 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 1h 56m)
- Workbook (Pdf)
- Topic A: Implement Host Security
- Hardening
- Operating System Security
- Operating System Hardening Techniques
- Trusted Computing Base
- Hardware and Firmware Security
- Security Baselines
- Software Updates
- Application Blacklisting and Whitelisting
- Logging
- Auditing
- Anti-malware Software
- Types of Anti-malware Software
- Hardware Peripheral Security
- Embedded Systems
- Security Implications for Embedded Systems
- Guidelines for Securing Hosts
- Demo- Implementing Auditing
- Demo- Hardening a Server
- Topic B: Implement Cloud and Virtualization Security
- Virtualization
- Hypervisors
- Virtual Desktop Infrastructure
- Virtualization Security
- Cloud Computing
- Cloud Deployment Models
- Cloud Service Types
- Guidelines for Securing Virtualized and Cloud-Based Resources
- Demo- Securing Virtual Machine Networking
- Topic C: Implement Mobile Device Security
- Mobile Device Connection Methods
- Mobile Device Management
- Mobile Device Security Controls
- Mobile Device Monitoring and Enforcement
- Mobile Deployment Models
- BYOD Security Controls
- Guidelines for Implementing Mobile Device Security
- Demo – Implementing Mobile Device Security
- Topic D: Incorporate Security in the Software Development Lifecycle
- Software Development Lifecycle
- Software Development Models
- DevOps
- Versioning
- Secure Coding Techniques
- Code Testing Methods
- Guidelines for Incorporating Security in the Software Development Lifecycle
- Demo – Performing Static Code Analysis
- Chapter 05 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 2h 15m)
- Workbook (Pdf)
- Topic A: Configure Network Security Technologies
- Network Components
- Network Devices
- Routers
- Switches
- Proxies
- Firewalls
- Load Balancer
- Network Scanners and Analysis Tools
- Intrusion Detection Systems
- Network IDS
- Intrusion Prevention Systems
- Network IPS
- Types of Network Monitoring Systems
- Security Information and Event Management
- Data Loss/Leak Prevention
- Virtual Private Networks
- VPN Concentrators
- Security Gateways
- Unified Threat Management
- Guidelines for Configuring Network Security Technologies
- Demo – Configuring a Network IDS
- Topic B: Secure Network Design Elements
- Network Access Control
- Demilitarized Zones
- Network Isolation
- Virtual Local Area Networks
- Network Security Device Placement
- Network Address Translation
- Software-Defined Networking
- Guidelines for Securing Network Design Elements
- Demo – Securing Network Design Elements
- Topic C: Implement Secure Networking Protocols and Services
- The Open Systems Interconnection Model
- OSI Model and Security
- Internet Protocol Suite
- Domain Name System
- Hypertext Transfer Protocol
- Secure Sockets Layer/Transport Layer Security
- HTTP Secure
- Secure Shell
- Simple Network Management Protocol
- Real-Time Transport Protocol
- Internet Control Message Protocol
- Internet Protocol Security
- Network Basic Input/Output System
- File Transfer Protocols
- Email Protocols
- Additional Networking Protocols and Services
- Ports and Port Ranges
- Demo – Installing an Internet Information Services Web Server with Basic Security
- Demo – Securing Network Traffic Using IPSec
- Topic D: Secure Wireless Traffic
- Wireless Networks
- Wireless Antenna Types
- 802.11 Protocols
- Wireless Cryptographic Protocols
- Wireless Authentication Protocols
- VPNs and Open Wireless
- Wireless Client Authentication Methods
- Wireless Access Point Security
- Captive Portals
- Site Surveys
- Guidelines for Securing Wireless Traffic
- Demo – Securing Wireless Traffic
- Chapter 06 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 1h 42m)
- Workbook (Pdf)
- Topic A: Implement Identity and Access Management
- Identity and Access Management
- Access Control Models
- Physical Access Control Devices
- Biometric Devices
- Certificate-Based Authentication
- File System and Database Access
- Guidelines for Implementing IAM
- Demo – Implementing DAC for a File Share
- Topic B: Configure Directory Services
- Directory Services
- Lightweight Directory Access Protocol
- Secure LDAP
- Common Directory Services
- Demo- Backing Up Active Directory
- Topic C: Configure Access Services
- Remote Access Methods
- Tunneling
- Remote Access Protocols
- HMAC-Based One-Time Password
- Time-Based OTP
- Password Authentication Protocol
- Challenge-Handshake Authentication Protocol
- NT LAN Manager
- Authentication, Authorization, and Accounting
- Remote Authentication Dial
- -In User Service
- Terminal Access Controller Access-Control System
- Kerberos
- Demo- Configuring a Remote Access Server
- Demo- Setting Up Remote Access Authentication
- Topic D: Manage Accounts
- Account Management
- Account Privileges
- Account Types
- Account Policy
- Password Policy
- Multiple Accounts
- Shared Accounts
- Account Management Security Controls
- Credential Management
- Group Policy
- Identity Federation
- Identity Federation Methods
- Guidelines for Managing Accounts
- Demo- Managing Accounts
- Chapter 07 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 1h 41m)
- Workbook (Pdf)
- Topic A: Identify Advanced Cryptography Concepts
- Cryptography Elements
- Hashing Concepts
- Data States
- Key Exchange
- Digital Signatures
- Cipher Suites
- Session Keys
- Key Stretching
- Special Considerations for Cryptography
- Demo – Identifying Advanced Cryptographic Concepts
- Topic B: Select Cryptographic Algorithms
- Types of Ciphers
- Types of Hashing Algorithms
- Types of Symmetric Encryption Algorithms
- Types of Asymmetric Encryption Techniques
- Types of Key Stretching Algorithms
- Substitution Ciphers
- Exclusive Or
- Cryptographic Modules
- Demo – Selecting Cryptographic Algorithms
- Topic C: Configure a Public Key Infrastructure
- Public Key Infrastructure
- PKI Components
- CA Hierarchies
- The Root CA
- Subordinate CAs
- Offline Root CAs
- Types of Certificates
- X.509
- Certificate File Formats
- CA Hierarchy Design Options
- Demo – Installing a CA
- Demo – Securing a Windows Server 2016 CA
- Topic D: Enroll Certificates
- The Certificate Enrollment Process
- The Certificate Lifecycle
- Certificate Lifecycle Management
- The SSL/TLS Connection Process
- Demo – Enrolling Certificates
- Demo – Securing Network Traffic with Certificates
- Topic E: Back Up and Restore Certificates and Private Keys
- Private Key Protection Methods
- Key Escrow
- Private Key Restoration Methods
- Private Key Replacement
- Demo – Backing Up a Certificate and Private Key
- Demo – Restoring a Certificate and Private Key
- Topic F: Revoke Certificates
- Certificate Revocation
- Certificate Revocation List
- Online Certificate Status Protocol
- Demo – Revoking Certificates
- Chapter 08 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 1h 25m)
- Workbook (Pdf)
- Topic A: Evaluate Security Frameworks and Guidelines
- Security Frameworks
- Security Framework Examples
- Security Configuration Guides
- Compliance
- Layered Security
- Defense in Depth
- Demo- Evaluating Security Frameworks and Guidelines
- Topic B: Incorporate Documentation in Operational Security
- Security Policies
- Common Security Policy Types
- Personnel Management
- Separation of Duties
- Job Rotation
- Mandatory Vacation
- Additional Personnel Management Tasks
- Training and Awareness
- Business Agreements
- Guidelines for Incorporating Documentation in Operational Security
- Demo- Incorporating Documentation in Operational Security
- Topic C: Implement Security Strategies
- Security Automation
- Scalability
- Elasticity
- Redundancy
- Fault Tolerance
- Redundant Array of Independent Disks
- Non-persistence
- High Availability
- Deployment Environments
- Guidelines for Implementing Security Strategies
- Demo- Implementing Virtual Machine Snapshots
- Topic D: Manage Data Security Processes
- Data Security
- Data Security Vulnerabilities
- Data Storage Methods
- Data Encryption Methods
- Data Sensitivity
- Data Management Roles
- Data Retention
- Data Disposal
- Guidelines for Managing Data Security
- Demo- Destroying Data Securely
- Demo- Encrypting a Storage Device
- Topic E: Implement Physical Controls
- Physical Security Controls
- Physical Security Control Types
- Environmental Exposures
- Environmental Controls
- Environmental Monitoring
- Safety
- Guidelines for Implementing Physical Controls
- Demo- Implementing Physical Controls
- Chapter 09 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 45m)
- Workbook (Pdf)
- Topic A: Troubleshoot Common Security Issues
- Access Control Issues Encryption Issues
- Data Exfiltration
- Anomalies in Event Logs
- Security Configuration Issues
- Baseline Deviations
- Software Issues
- Personnel Issues
- Asset Management Issues
- Demo- Identifying Event Log Anomalies
- Topic B: Respond to Security Incidents Incident Response
- Incident Preparation
- Incident Detection and Analysis
- Incident Containment
- Incident Eradication
- Incident Recovery
- Lessons Learned
- Incident Response Plans
- First Responders
- An Incident Report
- Guidelines for Responding to Security Incidents
- Demo- Responding to a Security Incident
- Topic C: Investigate Security Incidents
- Computer Forensics
- The Basic Forensic Process
- Preservation of Forensic Data
- Basic Forensic Response Procedures
- Order of Volatility
- Chain of Custody
- Guidelines for Investigating Security Incidents
- Demo- Implementing Forensic Procedures
- Chapter 10 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 33m)
- Workbook (Pdf)
- Topic A: Select Business Continuity and Disaster Recovery Processes
- Business Continuity and Disaster Recovery
- The Disaster Recovery Process
- Recovery Team
- Order of Restoration
- Recovery Sites
- Secure Recovery
- Backup Types (Full)
- Backup Types (Differential vs. Incremental)
- Secure Backups
- Geographic Considerations
- Guidelines for Selecting Business Continuity and Disaster Recovery Processes
- Demo – Selecting Business Continuity and Disaster Recovery Processes
- Topic B: Develop a Business Continuity Plan
- Business Continuity Plans
- Disaster Recovery Plans
- IT Contingency Plans
- Succession Plans
- Failover
- Alternate Business Practices
- Testing Exercises
- After-Action Reports
- Guidelines for Developing a BCP
- Demo – Developing a BCP
- Chapter 11 Review
- Course Closure
- Review Quiz (Number of attempts allowed: Unlimited)
- about 16.19 hours on-demand video
- 11 downloadable Pdf Workbooks
- Unlimited time access (During Membership)
- Access on mobile and Desktop
- Certificate of Completion
Course Features Include:
Expert Lectures
Learn on-demand from top instructors who are industry subject matter experts. Our highly certified expert instructors possess a superior understanding of the subject matter in their fields and have the ability to convey this knowledge in an effective, engaging, and professional manner to a wide audience.Certificates of Completion
Upon completion of a series of courses you can earn a certificate of completion from Career Academy. Certificates of Completion will display your full name, course completed, as well as the date of completion. Students have the ability to print this out or save it digitally to showcase your accomplishment.PowerPoint Visuals:
Many of the in-depth theories and processes discussed in our courses can be learned most efficiently through the detailed PowerPoint slides presented. These visuals are accompanied by an instructor voice-over to provide our students with a clear, efficient, and complete presentation of concepts.Professional Development Activities
Students are provided access to professional development activity files which allow for an individual to test out course theories and apply the knowledge they earned from the course.Review Quizzes
Once a course is completed, test your knowledge by taking our course review quiz! Students have the ability to retake any review quizzes as many times as they wish to ensure they understand the material or to improve upon their scores.Mobile Access
With our universal course player, you can learn from your computer, tablet as well as mobile devices. Keep up with your training on the go!
Trusted by Aspiring IT Professionals, Corporations and
Government agencies for more than a Decade
Get unlimited online access learn anywhere, anytime using your computer or mobile device!