O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CompTIA Security+ (SY0-401) Complete Video Course

CompTIA Security+ (SY0-401) Complete Video Course

by Michael J. Shannon
Publisher: Pearson IT Certification
Release Date: May 2014
ISBN: 9780133888706
View table of contents
Start watching

Video Description

10+ Hours of Video Instruction

Overview

CompTIA Security+ (SY0-401) Complete Video Courseis an engaging self-paced video training solution that provides learners with over 10 hours of personal, visual instruction from an expert trainer who has over a decade of practical teaching experience. Through the use of topic-focused instructional videos you will gain an in-depth understanding of the CompTIA Security+ SY0-401 exam as well as a deeper understanding of security so you master the key foundational principles for securing a network and managing risk. Included with the product are dynamic and interactive hands-on exercises and quizzes so you can test your knowledge while you study. The course also includes a practice exam which is based on the updated Security + exam.

Description

CompTIA Security+ (SY0-401) Complete Video Coursecontains over 10 hours of training with content divided into 6 parts with 32 video lessons. The videos consist of live trainer discussions, screencasts, animations, and live demos. The video lessons in this course review each exam objective so you can use this course as a complete study tool for taking the CompTIA Security+ SY0-401 exam. Instruction throughout offers detailed explanations, demos, tips, and more.

Major sections are as follows:

Part 1: Understanding Network Security

Lesson 1: Understanding Enterprise Security Concepts

Lesson 2: Identifying Infrastructure Devices

Lesson 3: Understanding Security Devices and Systems

Lesson 4: Explaining Network Design Components

Lesson 5: Exploring Secure Network Administration

Lesson 6: Wireless Networking Security

Lesson 7: Part 1 Summary

Part 2: Understanding Threats and Vulnerabilities

Lesson 8: Recognizing Malware Types

Lesson 9: Exploring Prevalent Attack Methods

Lesson 10: Understanding Threat Management

Lesson 11: Deploying Threat Discovery Tools

Lesson 12: Part 2 Summary

Part 3: Understanding Compliance and Operational Security

Lesson 13: Understanding Risk Related Concepts

Lesson 14: Examining the Importance for Security Awareness

Lesson 15: Exploring Incident Response and Forensics

Lesson 16: Implementing Physical Security and Environmental Controls

Lesson 17: Part 3 Summary

Part 4: Understanding Application, Data, and Host Security

Lesson 18: Examining Application Attack Types

Lesson 19: Explaining Application Security Controls and Techniques

Lesson 20: Summarizing Mobile Security Concepts

Lesson 21: Establishing Host Security

Lesson 22: Understanding Data Security Controls

Lesson 23: Part 4 Summary

Part 5: Understanding Access Control and Identity Management

Lesson 24: Understanding AAA Services

Lesson 25: Comparing Authentication Services

Lesson 26: Securing Account Management

Lesson 27: Part 5 Summary

Part 6: Understanding Cryptography

Lesson 28: Exploring Cryptographic Concepts

Lesson 29: Understanding Choices in Algorithms and Methods

Lesson 30: Exploring Protocols for Secure Transport

Lesson 31: Understanding PKI

Lesson 32: Part 6 Summary

About the Instructor

Michael J Shannonbegan his IT career when he transitioned from recording studio engineer to network engineer for a major telecommunications company in the early 1990’s. He began to focus on security and was one of the first 10 people to attain the HIPAA Certified Security Specialist. He has worked as an employee, contractor, and consultant for several companies including Platinum Technologies, Fujitsu, IBM, State Farm, and MindSharp among others. He has attained the CCSI, CCNP Security, CISSP, ITIL Intermediate SO and RCV, and Security+ certifications in the security field. He is presently a senior technical instructor for Skillsoft Corp.

Skill Level

  • Beginning to intermediate

Who Should Take This Course

Primary audience—CompTIA Security+ certification candidates

Secondary audience—Anyone in an information security role looking to gain a practical understanding of computer security. This includes administrators, technicians, and network engineers who are responsible for securing IT infrastructure, and additionally the personnel in management or sales roles that deal with information security topics. Government workers and contractors looking to work in security.

Course Requirements

2-3 years of experience in IT networking, network storage, or data center administration

Table of Contents

Part 1—Understanding Network Security

Lesson 1: Understanding Enterprise Security Concepts

1.1 Introducing Security+

1.2 Defining CIA, Control Types, and Control Methods

Lesson 2: Identifying Infrastructure Devices

2.1 Defining Switches, Routers, and Multilayer Switches

2.2 Understanding Load Balancers, Proxies, and Gateways

2.3 Identifying Clients and Servers

2.4 Discovering Specialty and Emerging Technology

Lesson 3: Understanding Security Devices and Systems

3.1 Using Firewalls

3.2 Using IDS and IPS

3.3 Using VPN Gateways and Concentrators

3.4 Using Application Layer Inspection

3.5 Using Unified Threat Management

Lesson 4: Explaining Network Design Components

4.1 Defining Subnetting and Summarization

4.2 Defining VLANs and PVLANs

4.3 Defining NAT and PAT

4.4 Defining Security Zones and DMZs

4.5 Defining Defense in Depth

4.6 Defining Telephony and Conferencing

4.7 Defining Virtualization

4.8 Defining Cloud Computing and Personal Cloud Services

4.9 Defining NAC and Remote Access

Lesson 5: Exploring Secure Network Administration

5.1 Understanding Security Policies

5.2 Common Protocols and Services

5.3 Exploring Management Protocols and Services

5.4 Examining Rule-Based vs. Role-Based

5.5 Implementing Local and Centralized Management

5.6 Exploring Layer 2 Security Administration

5.7 Exploring Layer 3 Security Administration

Lesson 6: Wireless Networking Security

6.1 Understanding Wireless Fundamentals

6.2 Deploying Wireless Networks

6.3 Surveying the Evolution of Wireless Security

Lesson 7: Part 1 Summary

7.1 Part 1 Summary

Part 2—Understanding Threats and Vulnerabilities

Lesson 8: Recognizing Malware Types

8.1 Defining Threats and Vulnerabilities

8.2 Recognizing Prevalent Malware Types

8.3 Recognizing Polymorphic, Hybrid, and Emerging Malware

Lesson 9: Exploring Prevalent Attack Methods

9.1 Defining Spoofing and Man-in-the-middle

9.2 Defining DoS, DDoS, Flooding, and Replaying

9.3 Defining Spam, Spim, Phishing, Whaling, Pharming, and Vishing

9.4 Defining Password Cracking and Poisoning

9.5 Defining Specialty Web Attacks

9.6 Defining Social Engineering Attacks

9.7 Surveying Wireless Attacks

Lesson 10: Understanding Threat Management

10.1 Examining Device Hardening

10.2 Examining Monitoring and Logging

10.3 Examining Reporting

Lesson 11: Deploying Threat Discovery Tools

11.1 Understanding Assessment Concepts

11.2 Surveying Assessment Tools and Vulnerability Scanning

11.3 Explaining Penetration Testing

11.4 Examining White, Gray and Black Box Testing

Lesson 12: Part 2 Summary

12.1 Part 2 Summary

Part 3—Understanding Compliance and Operational Security

Lesson 13: Understanding Risk Related Concepts

13.1 Examining Risk Reduction Principles

13.2 Comparing Quantitative vs. Qualitative Analysis

13.3 Calculating Risk

13.4 Handling Risk

13.5 Understanding Risks of 3rd Party Integration

13.6 Mitigating Risk

13.7 Recognizing Risk Management Best Practices

13.8 Surveying Fault Tolerance

13.9 Understanding Disaster Recovery Concepts

Lesson 14: Examining the Importance for Security Awareness

14.1 Recognizing the Need for Training

14.2 Examining Information Classification

14.3 Recognizing User Habits

Lesson 15: Exploring Incident Response and Forensics

15.1 Understanding the Need for an IRT

15.2 Summarizing the Incident Response Process

15.3 Recognizing Recovery and Reconstitution Procedures

15.4 Describing Network Forensics

15.5 Implementing Basic Forensic Procedures

Lesson 16: Implementing Physical Security and Environmental Controls

16.1 Recognizing Control Types

16.2 Survey of Physical Security Mechanisms

16.3 Environmental Controls

Lesson 17: Part 3 Summary

17.1 Part 3 Summary

Part 4—Understanding Application, Data, and Host Security

Lesson 18: Examining Application Attack Types

18.1 Defining the Primary Application Attacks

18.2 Defining Injection Attacks

18.3 Defining Other Common Application Attacks

Lesson 19: Explaining Application Security Controls and Techniques

19.1 Understanding Secure Coding Concepts

19.2 Mitigating Application Attacks

Lesson 20: Summarizing Mobile Security Concepts

20.1 Exploring Mobile Device Security Methods

20.2 Surveying Mobile Application Security

20.3 Understanding BYOD Issues and Concerns

Lesson 21: Establishing Host Security

21.1 Examining OS Hardening and Security Settings

21.2 Examining Host-Based Firewalls and IPS

21.3 Examining Endpoint Virtualization and Cloud Services

21.4 Examining Host Hardware Security

Lesson 22: Understanding Data Security Controls

22.1 Surveying Storage Types

22.2 Understanding Data Encryption

22.3 Applying Permissions, Access Controls, and Data Policies

22.4 Exploring Alternative Countermeasures

Lesson 23: Part 4 Summary

23.1 Part 4 Summary

Part 5—Understanding Access Control and Identity Management

Lesson 24: Understanding AAA Services

24.1 Defining Authentication Factors

24.2 Exploring Authentication/Identification Methods

24.3 Understanding Authorization

24.4 Examining Accounting

Lesson 25: Comparing AAA Services

25.1 Comparing RADIUS vs. TACACS+ vs. XTACACS

25.2 Examining LDAP, Kerberos, and SAML

Lesson 26: Securing Account Management

26.1 Exploring Common Challenges

26.2 Enforcing Account Policy

26.3 Examining User and Group Accounts

26.4 Striving for Continual Improvement

Lesson 27: Part 5 Summary

27.1 Part 5 Summary

Part 6—Understanding Cryptography

Lesson 28 Exploring Cryptographic Concepts

28.1 Explaining Cryptographic Mechanisms

28.2 Adding Non-Repudiation to CIA

28.3 Comparing Steganography and Covert and Overt Channels

Lesson 29 Understanding Choices in Algorithms and Methods

29.1 Examining Hashing Algorithms

29.2 Examining Symmetric Cryptography

29.3 Examining Asymmetric Cryptography

29.4 Examining The RC Family of Algorithms

29.5 Examining NTLM, NTLMv2, and OTP

Lesson 30 Exploring Protocols for Secure Transport

30.1 Understanding IPSEC

30.2 Understanding SSL/TLS

30.1 Understanding SSH

Lesson 31 Understanding PKI

31.1 Discovering Public Key Infrastructure

31.2 Explaining Certificate Authorities and Management

31.4 Exploring Digital Signatures

Lesson 32: Part 6 Summary

32.1 Part 6 Summary

About LiveLessons Video Training

LiveLessons Video Training series publishes hundreds of hands-on, expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. This professional and personal technology video series features world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, IBM Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include: IT Certification, Programming, Web Development, Mobile Development, Home and Office Technologies, Business and Management, and more. View all LiveLessons at http://www.pearsonitcertification.com/livelessons

Table of Contents

  1. Introduction
    1. CompTIA Security+ (SY0-401) Complete Video Course: Introduction 00:04:42
  2. Part 1
    1. Understanding Network Security 00:00:39
  3. Lesson 1: Understanding Enterprise Security Concepts
    1. Learning objectives 00:00:26
    2. 1.1 Introducing Security+ 00:04:00
    3. 1.2 Defining CIA, Control Types, and Control Methods 00:18:05
  4. Lesson 2: Identifying Infrastructure Devices
    1. Learning objectives 00:00:35
    2. 2.1 Defining Switches, Routers, and Multilayer Switches 00:12:20
    3. 2.2 Understanding Load Balancers, Proxies, and Gateways 00:07:34
    4. 2.3 Identifying Clients and Servers 00:11:25
    5. 2.4 Discovering Specialty and Emerging Technologies 00:04:41
  5. Lesson 3: Understanding Security Devices and Systems
    1. Learning objectives 00:00:30
    2. 3.1 Using Firewalls 00:08:23
    3. 3.2 Using IDS and IPS 00:08:29
    4. 3.3 Using VPN Gateways and Concentrators 00:04:20
    5. 3.4 Using Application Layer Inspection 00:05:38
    6. 3.5 Using Unified Threat Management 00:01:50
  6. Lesson 4: Explaining Network Design Components
    1. Learning objectives 00:00:43
    2. 4.1 Defining Subnetting and Summarization 00:10:24
    3. 4.2 Defining VLANs and PVLANs 00:07:28
    4. 4.3 Defining NAT and PAT 00:11:07
    5. 4.4 Defining Security Zones and DMZs 00:03:33
    6. 4.5 Defining Defense in Depth 00:03:32
    7. 4.6 Defining Telephony and Conferencing 00:05:25
    8. 4.7 Defining Virtualization 00:08:46
    9. 4.8 Defining Cloud Computing and Personal Cloud Services 00:04:12
    10. 4.9 Defining NAC and Remote Access 00:05:16
  7. Lesson 5: Exploring Secure Network Administration
    1. Learning objectives 00:00:32
    2. 5.1 Understanding Security Policies 00:09:13
    3. 5.2 Common Protocols and Services 00:05:26
    4. 5.3 Exploring Management Protocols and Services 00:11:14
    5. 5.4 Examining Rule-Based vs. Role-Based 00:13:39
    6. 5.5 Implementing Local and Centralized Management 00:03:47
    7. 5.6 Layer 2 and Layer 3 Device Hardening 00:04:14
  8. Lesson 6: Wireless Networking Security
    1. Learning objectives 00:00:23
    2. 6.1 Understanding Wireless Fundamentals 00:10:15
    3. 6.2 Deploying Wireless Networks 00:04:54
    4. 6.3 Surveying the Evolution of Wireless Security 00:10:23
  9. Lesson 7: Part 1 Summary
    1. 7.1 Part 1 Summary 00:02:02
  10. Part 2
    1. Understanding Threats and Vulnerabilities 00:00:30
  11. Lesson 8: Recognizing Malware Types
    1. Learning objectives 00:00:24
    2. 8.1 Defining Threats and Vulnerabilities 00:12:15
    3. 8.2 Recognizing Prevalent Malware Types 00:17:07
    4. 8.3 Recognizing Polymorphic, Hybrid, and Emerging Malware 00:05:55
  12. Lesson 9: Exploring Prevalent Attack Methods
    1. Learning objectives 00:00:37
    2. 9.1 Defining Spoofing and Man-in-the-Middle 00:07:40
    3. 9.2 Defining DoS, DDoS, Flooding, and Replaying 00:12:08
    4. 9.3 Defining Spam, Spim, Phishing, Whaling, Pharming, and Vishing 00:08:16
    5. 9.4 Defining Password Cracking and Poisoning 00:09:35
    6. 9.5 Defining Specialty Web Attacks 00:07:56
    7. 9.6 Defining Social Engineering Attacks 00:05:33
    8. 9.7 Surveying Wireless Attacks 00:12:14
  13. Lesson 10: Understanding Threat Management
    1. Learning objectives 00:00:26
    2. 10.1 Examining Device Hardening 00:10:44
    3. 10.2 Examining Monitoring and Logging 00:10:56
    4. 10.3 Examining Reporting 00:03:12
  14. Lesson 11: Deploying Threat Discovery Tools
    1. Learning objectives 00:00:29
    2. 11.1 Understanding Assessment Concepts 00:10:27
    3. 11.2 Surveying Assessment Tools and Vulnerability Scanning 00:12:05
    4. 11.3 Explaining Penetration Testing 00:06:49
    5. 11.4 Examining White, Black, and Gray Box Testing 00:03:49
  15. Lesson 12: Part 2 Summary
    1. Part 2 Summary 00:00:27
  16. Part 3
    1. Understanding Compliance and Operational Security 00:00:33
  17. Lesson 13: Understanding Risk Related Concepts
    1. Learning objectives 00:00:39
    2. 13.1 Examining Risk Reduction Principles 00:04:19
    3. 13.2 Comparing Quantitative vs. Qualitative Analysis 00:02:47
    4. 13.3 Calculating Risk 00:04:26
    5. 13.4 Handling Risk 00:06:17
    6. 13.5 Understanding Risks of 3rd Party Integration 00:05:53
    7. 13.6 Mitigating Risk 00:06:11
    8. 13.7 Recognizing Risk Management Best Practices 00:03:59
    9. 13.8 Surveying Fault Tolerance 00:05:07
    10. 13.9 Understanding Disaster Recovery Concepts 00:06:06
  18. Lesson 14: Examining the Importance for Security Awareness
    1. Learning objectives 00:00:28
    2. 14.1 Recognizing the Need for Training 00:04:15
    3. 14.2 Examining Information Classification 00:04:56
    4. 14.3 Recognizing User Habits 00:05:00
  19. Lesson 15: Exploring Incident Response and Forensics
    1. Learning objectives 00:00:30
    2. 15.1 Understanding the Need for an IRT 00:05:28
    3. 15.2 Summarizing the Incident Response Process 00:05:07
    4. 15.3 Recognizing Recovery and Reconstitution Procedures 00:03:31
    5. 15.4 Describing Network Forensics 00:19:51
  20. Lesson 16: Implementing Physical Security and Environmental Controls
    1. Learning objectives 00:00:26
    2. 16.1 Recognizing Control Types 00:03:54
    3. 16.2 Survey of Physical Security Mechanisms 00:16:44
    4. 16.3 Environmental Controls 00:08:24
  21. Lesson 17: Part 3 Summary
    1. 17.1 Part 3 Summary 00:00:32
  22. Part 4
    1. Understanding Application, Data, and Host Security 00:00:37
  23. Lesson 18: Examining Application Attack Types
    1. Learning objectives 00:00:26
    2. 18.1 Defining the Primary Application Attacks 00:07:05
    3. 18.2 Defining Injection Attacks 00:06:05
    4. 18.3 Defining Other Common Application Attacks 00:06:38
  24. Lesson 19: Explaining Application Security Controls and Techniques
    1. Learning objectives 00:00:25
    2. 19.1 Understanding Secure Coding Concepts 00:04:21
    3. 19.2 Mitigating Application Attacks 00:09:59
  25. Lesson 20: Summarizing Mobile Security Concepts
    1. Learning objectives 00:00:25
    2. 20.1 Exploring Mobile Device Security Methods 00:10:13
    3. 20.2 Surveying Mobile Application Security 00:07:27
    4. 20.3 Understanding BYOD Issues and Concerns 00:05:27
  26. Lesson 21: Establishing Host Security
    1. Learning objectives 00:00:28
    2. 21.1 Examining OS Hardening and Security Settings 00:11:35
    3. 21.2 Examining Host-Based Firewalls and IPS 00:09:40
    4. 21.3 Examining Endpoint Virtualization and Cloud Services 00:10:09
    5. 21.4 Examining Host Hardware Security 00:06:47
  27. Lesson 22: Understanding Data Security Controls
    1. Learning objectives 00:00:28
    2. 22.1 Surveying Storage Types 00:04:40
    3. 22.2 Understanding Data Encryption 00:08:42
    4. 22.3 Applying Permissions, Access Controls, and Data Policies 00:08:49
    5. 22.4 Exploring Alternative Countermeasures 00:03:10
  28. Lesson 23: Part 4 Summary
    1. 22.1 Part 4 Summary 00:00:32
  29. Part 5
    1. Understanding Access Control and Identity Management 00:00:34
  30. Lesson 24: Understanding AAA Services
    1. Learning objectives 00:00:29
    2. 24.1 Defining Authentication Factors 00:07:33
    3. 24.2 Exploring Authentication/Identification Methods 00:13:18
    4. 24.3 Understanding Authorization 00:12:11
    5. 24.4 Examining Accounting 00:03:38
  31. Lesson 25: Comparing AAA Services
    1. Learning objectives 00:00:24
    2. 25.1 Comparing RADIUS vs. TACACS+ vs. XTACACS 00:09:20
    3. 25.2 Examining LDAP, Kerberos, and SAML 00:07:37
  32. Lesson 26: Securing Account Management
    1. Learning objectives 00:00:26
    2. 26.1 Exploring Common Challenges 00:03:43
    3. 26.2 Enforcing Account Policy 00:11:17
    4. 26.3 Striving for Continual Improvement 00:02:46
  33. Lesson 27: Part 5 Summary
    1. 27.1 Part 5 Summary 00:00:29
  34. Part 6
    1. Understanding Cryptography 00:00:30
  35. Lesson 28: Exploring Cryptographic Concepts
    1. Learning objectives 00:00:25
    2. 28.1 Explaining Cryptographic Mechanisms 00:08:57
    3. 28.2 Adding Non-Repudiation to CIA 00:02:36
    4. 28.3 Comparing Steganography and Covert and Overt Channels 00:04:04
  36. Lesson 29: Understanding Choices in Algorithms and Methods
    1. Learning objectives 00:00:33
    2. 29.1 Examining Hashing Algorithms 00:08:28
    3. 29.2 Examining Symmetric Cryptography 00:03:43
    4. 29.3 Examining Asymmetric Cryptography 00:05:19
    5. 29.4 Examining The RC Family of Algorithms 00:05:58
    6. 29.5 Examining NTLM, NTLMv2, and OTP 00:03:28
  37. Lesson 30: Exploring Protocols for Secure Transport
    1. Learning objectives 00:00:28
    2. 30.1 Understanding IPsec 00:12:46
    3. 30.2 Understanding SSL/TLS 00:04:52
    4. 30.3 Understanding SSH 00:04:09
  38. Lesson 31: Understanding PKI
    1. Learning objectives 00:00:26
    2. 31.1 Discovering Public Key Infrastructure 00:06:02
    3. 31.2 Explaining Certificate Authorities and Management 00:08:10
    4. 31.3 Exploring Digital Signatures 00:01:44
  39. Lesson 32: Part 6 Summary
    1. 32.1 Part 6 Summary 00:00:35
  40. Summary
    1. CompTIA Security+ (SY0-401) Complete Video Course: Summary 00:02:28