CompTIA Security+ (SY0-501)

CompTIA Security+ (SY0-501)

by Sari Greene
Released November 2017
Publisher(s): Pearson IT Certification
ISBN: 0134807553

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to live online training experiences, plus books, videos, and digital content from O’Reilly and nearly 200 trusted publishing partners.

Start your free trial

Video description

An updated edition of this video title is available. Please go to CompTIA Security+ SY0-601 Complete Video Course (Video Training): https://learning.oreilly.com/videos/comptia-security-sy0-601/9780137280971/

More than 19 hours of deep-dive training covering every objective in the CompTIA Security+ (SY0-501) exam.

Overview

CompTIA Security+ (SY0-501) Complete Video Course is an engaging self-paced video training solution that provides learners with more than 19 hours of personal training from security expert Sari Greene. Through the use of topic-focused instructional videos, you will gain an in-depth understanding of each objective in the CompTIA Security+ (SY0-501) exam as well as a deeper understanding of security foundations and principles.

Description

CompTIA Security+ (SY0-501) Complete Video Course contains more than 19 hours of training with content divided into 7 modules with more than 40 content-targeted lessons. This title covers every objective in the newly updated CompTIA Security+ SY0-501 exam and includes screencast teaching, whiteboard explanations, deep dives on security theory and everyday practices, and live demos/labs showing how to complete tasks in real time. Most lessons end with a "Security in Action" segment, which takes the security knowledge you’ve learned to the next level.

The video lessons in this course review each exam objective, so you can use it as a complete study tool for taking the CompTIA Security+ exam.

Major sections are as follows:
  • Threats, Attacks and Vulnerabilities
  • Tools and Technologies
  • Architecture and Design
  • Identity and Access Management
  • Risk Management
  • Cryptography and PKI
  • Acing the Exam
About the Instructor

Sari Greene is an information security practitioner, author, and entrepreneur. In 2003, Sari founded one of the first dedicated cybersecurity consultancies. She is a recognized leader in the field of cybersecurity and has amassed thousands of hours in the field working with a spectrum of technical, operational, compliance, and management personnel as well as boards of directors, regulators, service providers, and law enforcement agencies.

Sari’s first text was Tools and Techniques for Securing Microsoft Networks, commissioned by Microsoft to train its partner channel, followed soon after by the first edition of Security Policies and Procedures: Principles and Practices. The second edition of Security Program and Policies: Principles and Practices is currently being used in undergraduate and graduate programs nationwide. She is also the author and presenter of the best-selling CISSP Complete Video Course, CISSP Exam Prep Video Course, and CISA Complete Video Course. Sari has published a number of articles related to cybersecurity; has been quoted in The New York Times, in The Wall Street Journal, on CNN, and on CNBC; speaks regularly at cybersecurity, legal, financial, and healthcare conferences and workshops around the country; and is a frequent guest lecturer.

Sari serves on the Bangor Savings Bank Board of Directors and is chair of the Enterprise Risk Management Committee. She provided expert witness testimony in the groundbreaking PATCO v. Ocean National Bank case, represents industry on the Massachusetts Bankers Association Cybersecurity Task Force, and is a member of the American Bankers Association cybersecurity faculty.

Sari earned her MBA from the University of New Hampshire system. She holds multiple industry accreditations, including CISSP-ISSMP, CRISC, CISM, CISA, MCSE, and NSA/IAM. She is also certified in Offshore Emergency Medicine. Learn more at sarigreene.com.

Skill Level

Beginning

What You Will Learn
  • Every objective on the CompTIA Security+ exam
  • Tips to prepare for and pass the exam
  • Real-world security configuration skills
Who Should Take This Course

Primary audience: Anyone preparing for the CompTIA Security+ examination.
Secondary audience: Anyone interested in learning security fundamentals.

About LiveLessons Video Training

Pearson’s LiveLessons video training series publishes the industry’s leading video tutorials for IT pros, developers, sys admins, devops, network engineers, and certification candidates. LiveLessons feature the highest-quality professional skills training led by recognized author instructors published by Addison-Wesley, Cisco Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include IT certification, programming, development, networking, software skills for the home, office, and business, and more. Your purchase provides you with lifetime online access to the content.
http://www.pearsonitcertification.com/livelessons

Table of contents

  1. Introduction
    1. CompTIA Security+ SY0-501: Introduction
  2. Module 1: Threats, Attacks and Vulnerabilities
    1. Module Introduction
  3. Lesson 1: Analyze Indicators of Compromise and Determine Malware
    1. Learning objectives
    2. 1.1 Types of Malware
    3. 1.2 Indicators of Compromise
    4. 1.3 Security in Action: Malware IOC
  4. Lesson 2: Compare and Contrast Cyber Attacks
    1. Learning objectives
    2. 2.1 Anticipating Cyber Attacks
    3. 2.2 Social Engineering
    4. 2.3 Application and Service Attacks
    5. 2.4 Wireless Attacks
    6. 2.5 Security in Action: Typo Squatting
  5. Lesson 3: Explain Threat Actors and Attributes
    1. Learning objectives
    2. 3.1 Actor Types and Attributes
    3. 3.2 Open Source Threat Intelligence (OSINT)
    4. 3.3 Security in Action: Open Source Intelligence
  6. Lesson 4: Explain Penetration Testing
    1. Learning objectives
    2. 4.1 Pen Testing Concepts
    3. 4.2 Pen Testing Techniques
    4. 4.3 Security in Action: Passive Recon
  7. Lesson 5: Explain Vulnerability Scanning
    1. Learning objectives
    2. 5.1 Scanning Techniques
    3. 5.2 Common Findings
    4. 5.3 Security in Action: Port Scanning
  8. Lesson 6: Explain the Impact of Vulnerabilities
    1. Learning objectives
    2. 6.1 Business Process Vulnerabilities
    3. 6.2 Source Code Vulnerabilities
    4. 6.3 Security in Action: Impact of End of Life Systems
    5. Module 1 Review
  9. Module 2: Tools and Technologies
    1. Module Introduction
  10. Lesson 7: Install and Configure Network Components
    1. Learning objectives
    2. 7.1 Firewalls
    3. 7.2 Filters and Proxies
    4. 7.3 IDS and IPS
    5. 7.4 Virtual Private Networks
    6. 7.5 Layer 1 and 2 Devices
    7. 7.6 Routers and Load Balancers
    8. 7.7 Access Points
    9. 7.8 NACs, DLPs, and Mail Gateways
    10. 7.9 SIEM
    11. 7.10 Security in Action: Firewall Rule
  11. Lesson 8: Assessing Security Posture
    1. Learning objectives
    2. 8.1 Security Scanners and Analyzers
    3. 8.2 Command Line Tools
    4. 8.3 Security in Action: Demonstrate Nmap
  12. Lesson 9: Troubleshoot Common Security Issues
    1. Learning objectives
    2. 9.1 Configuration and Operational Issues
    3. 9.2 Personnel Issues
    4. 9.3 Security in Action: Root Cause Analysis (5 Whys)
  13. Lesson 10: Interpreting Output
    1. Learning objectives
    2. 10.1 Activity and Error Reporting
    3. 10.2 Security in Action: Local Host Reporting
  14. Lesson 11: Deploy Mobile Devices Securely
    1. Learning objectives
    2. 11.1 Mobile Connection Methods
    3. 11.2 Mobile Device Management
    4. 11.3 Mobile Device Concerns
    5. 11.4 Security in Action: Mobile Device Ownership
  15. Lesson 12: Implement Secure Protocols
    1. Learning objectives
    2. 12.1 Secure Communication Protocols
    3. 12.2 Secure Network and Administration Protocols
    4. 12.3 Security in Action: Packet Capture and Protocol Analyzer
    5. Module 2 Review
  16. Module 3: Architecture and Design
    1. Module Introduction
  17. Lesson 13: Explain Use Cases and Purpose of Frameworks, Configuration Guides, and Best Practices
    1. Learning objectives
    2. 13.1 Frameworks, Benchmarks, and Guides
    3. 13.2 Security in Action: Configuration Guidance
  18. Lesson 14: Implement Secure Network Architecture
    1. Learning objectives
    2. 14.1 Zones
    3. 14.2 Isolation
    4. 14.3 Device Placement
    5. 14.4 Security in Action: Secure Enclave Air Gapping
  19. Lesson 15: Implement Secure System Design
    1. Learning objectives
    2. 15.1 Hardware / Firmware Security
    3. 15.2 Operating System Security
    4. 15.3 Security in Action: Hardening an Operating System
  20. Lesson 16: Explain the Importance of Secure Staging and Deployment
    1. Learning objectives
    2. 16.1 Staging and Deployment Strategies
    3. 16.2 Security in Action: Staging Process
  21. Lesson 17: Explain the Security Implications of Embedded Systems
    1. Learning objectives
    2. 17.1 Embedded System Security
    3. 17.2 Security in Action: Available Resources
  22. Lesson 18: Summarize Secure Application Development and Deployment Concepts
    1. Learning objectives
    2. 18.1 Development Lifecycle
    3. 18.2 Secure Coding Techniques
    4. 18.3 Code Quality and Testing
    5. 18.4 Security in Action: Code Attacks
  23. Lesson 19: Summarize Cloud and Virtualization Concepts
    1. Learning objectives
    2. 19.1 Virtualization
    3. 19.2 Cloud Service and Deployment Models
    4. 19.3 Security in Action: Workstation Virtualization
  24. Lesson 20: Explain Risk Reducing Resiliency and Automation Strategies
    1. Learning objectives
    2. 20.1 Automation and Persistence Techniques
    3. 20.2 Redundancy and Fault Tolerance
    4. 20.3 Security in Action: RAID
  25. Lesson 21: Explain the Importance of Physical Security Controls
    1. Learning objectives
    2. 21.1 Building and Facility Security
    3. 21.2 Environment Controls
    4. 21.3 Security in Action: CPTED
    5. Module 3 Review
  26. Module 4: Identity and Access Management
    1. Module Introduction
  27. Lesson 22: Compare and Contrast Identity and Access Management Concepts
    1. Learning objectives
    2. 22.1 Identification and Authentication
    3. 22.2 Identity Management
    4. 22.3 Security in Action: Transitive Trust
  28. Lesson 23: Install and Configure Identity and Access Services
    1. Learning objectives
    2. 23.1 Network Identity and Access Services
    3. 23.2 Web Identity and Access Services
    4. 23.3 Security in Action: OAuth 2.0
  29. Lesson 24: Implement Identity and Access Management Controls
    1. Learning objectives
    2. 24.1 Authentication Controls
    3. 24.2 Access Control Models
    4. 24.3 Security in Action: DAC Permissions
  30. Lesson 25: Differentiate Common Account Management Practices
    1. Learning objectives
    2. 25.1 Account Types
    3. 25.2 General Concepts
    4. 25.3 Account Auditing
    5. 25.4 Security in Action: Account Policy Enforcement
    6. Module 4 Review
  31. Module 5: Risk Management
    1. Module Introduction
  32. Lesson 26: Explain the Importance of Policies, Plans and Procedures
    1. Learning objectives
    2. 26.1 Security Policies and Agreements
    3. 26.2 Personnel Management
    4. 26.3 Security Awareness Training
    5. 26.4 Security in Action: Policies, Standards and Procedures
  33. Lesson 27: Summarize Business Impact Analysis Concepts
    1. Learning objectives
    2. 27.1 Business Impact Analysis
    3. 27.2 Privacy Impact and Threshold Assessments
    4. 27.3 Security in Action: BIA Metrics
  34. Lesson 28: Explain Risk Management Concepts
    1. Learning objectives
    2. 28.1 Risk Management
    3. 28.2 Risk Assessments
    4. 28.3 Testing and Change Management
    5. 28.4 Security in Action: Quantitative Risk Assessment
  35. Lesson 29: Follow Incident Response Procedures
    1. Learning objectives
    2. 29.1 Incident Response Plans
    3. 29.2 Incident Response Process
    4. 29.3 Security in Action: IR Response Creating a Playbook
  36. Lesson 30: Summarize the Basic Concepts of Forensics
    1. Learning objectives
    2. 30.1 Forensic Fundamentals
    3. 30.2 Data Acquisition
    4. 30.3 Security in Action: Forensic Techniques
  37. Lesson 31: Explain Disaster Recovery and Continuity of Operations Concepts
    1. Learning objectives
    2. 31.1 Recovery and Restoration
    3. 31.2 Continuity of Operations Planning
    4. 31.3 Security in Action: Site Selection Decision Tree
  38. Lesson 32: Compare and Contrast Controls
    1. Learning objectives
    2. 32.1 Comparing and Contrasting Controls
    3. 32.2 Security in Action: Technical Control Crossover
  39. Lesson 33: Carry Out Data Security and Privacy Practices
    1. Learning objectives
    2. 33.1 Data Protection and Classification
    3. 33.2 Data Retention and Destruction
    4. 33.3 Security in Action: Disk Wiping
    5. Module 5 Review
  40. Module 6: Cryptography and PKI
    1. Module Introduction
  41. Lesson 34: Compare and Contrast Basic Concepts of Cryptography
    1. Learning objectives
    2. 34.1 Cryptography Basics
    3. 34.2 Steganography
    4. 34.3 Security in Action: Basic Steganography
  42. Lesson 35: Explain Cryptographic Algorithms and Their Basic Characteristics
    1. Learning objectives
    2. 35.1 Symmetric Encryption
    3. 35.2 Asymmetric Encryption
    4. 35.3 Hashing
    5. 35.4 Digital Signatures
    6. 35.5 Security in Action: Hashing
  43. Lesson 36: Install and Configure Wireless Security Standards
    1. Learning objectives
    2. 36.1 Wireless Cryptographic Protocols
    3. 36.2 Security in Action: WPS Issues
  44. Lesson 37: Implement PKI
    1. Learning objectives
    2. 37.1 Digital Certificates
    3. 37.2 Key Lifecycle Managment
    4. 37.3 Cryptographic Attacks
    5. 37.4 Security in Action: Crypto Vulnerabilities
    6. Module 6 Review
  45. Module 7: Acing Your Exam
    1. Module Introduction
    2. Lesson 38: Understanding the Security+ Exam Structure
    3. Lesson 39: Test Taking Strategies
    4. Lesson 40: The Week Leading Up to You Exam
    5. Lesson 41: What to Expect at the Testing Center
    6. Lesson 42: Attaining and Maintaining Your Security+ Certification
  46. Summary
    1. CompTIA Security+ SY0-501: Summary

Product information

  • Title: CompTIA Security+ (SY0-501)
  • Author(s): Sari Greene
  • Release date: November 2017
  • Publisher(s): Pearson IT Certification
  • ISBN: 0134807553