CompTIA Security+ (SY0-501)

CompTIA Security+ (SY0-501)

by Sari Greene
Released November 2017
Publisher(s): Pearson IT Certification
ISBN: 0134807553

Explore a preview version of CompTIA Security+ (SY0-501) right now.

O’Reilly members get unlimited access to live online training experiences, plus books, videos, and digital content from 200+ publishers.

Start your free trial

Video description

More than 19 hours of deep-dive training covering every objective in the CompTIA Security+ (SY0-501) exam.

Overview

CompTIA Security+ (SY0-501) Complete Video Course is an engaging self-paced video training solution that provides learners with more than 19 hours of personal training from security expert Sari Greene. Through the use of topic-focused instructional videos, you will gain an in-depth understanding of each objective in the CompTIA Security+ (SY0-501) exam as well as a deeper understanding of security foundations and principles.

Description

CompTIA Security+ (SY0-501) Complete Video Course contains more than 19 hours of training with content divided into 7 modules with more than 40 content-targeted lessons. This title covers every objective in the newly updated CompTIA Security+ SY0-501 exam and includes screencast teaching, whiteboard explanations, deep dives on security theory and everyday practices, and live demos/labs showing how to complete tasks in real time. Most lessons end with a "Security in Action" segment, which takes the security knowledge you’ve learned to the next level.

The video lessons in this course review each exam objective, so you can use it as a complete study tool for taking the CompTIA Security+ exam.

Major sections are as follows:
  • Threats, Attacks and Vulnerabilities
  • Tools and Technologies
  • Architecture and Design
  • Identity and Access Management
  • Risk Management
  • Cryptography and PKI
  • Acing the Exam
About the Instructor

Sari Greene is an information security practitioner, author, and entrepreneur. In 2003, Sari founded one of the first dedicated cybersecurity consultancies. She is a recognized leader in the field of cybersecurity and has amassed thousands of hours in the field working with a spectrum of technical, operational, compliance, and management personnel as well as boards of directors, regulators, service providers, and law enforcement agencies.

Sari’s first text was Tools and Techniques for Securing Microsoft Networks, commissioned by Microsoft to train its partner channel, followed soon after by the first edition of Security Policies and Procedures: Principles and Practices. The second edition of Security Program and Policies: Principles and Practices is currently being used in undergraduate and graduate programs nationwide. She is also the author and presenter of the best-selling CISSP Complete Video Course, CISSP Exam Prep Video Course, and CISA Complete Video Course. Sari has published a number of articles related to cybersecurity; has been quoted in The New York Times, in The Wall Street Journal, on CNN, and on CNBC; speaks regularly at cybersecurity, legal, financial, and healthcare conferences and workshops around the country; and is a frequent guest lecturer.

Sari serves on the Bangor Savings Bank Board of Directors and is chair of the Enterprise Risk Management Committee. She provided expert witness testimony in the groundbreaking PATCO v. Ocean National Bank case, represents industry on the Massachusetts Bankers Association Cybersecurity Task Force, and is a member of the American Bankers Association cybersecurity faculty.

Sari earned her MBA from the University of New Hampshire system. She holds multiple industry accreditations, including CISSP-ISSMP, CRISC, CISM, CISA, MCSE, and NSA/IAM. She is also certified in Offshore Emergency Medicine. Learn more at sarigreene.com.

Skill Level

Beginning

What You Will Learn
  • Every objective on the CompTIA Security+ exam
  • Tips to prepare for and pass the exam
  • Real-world security configuration skills
Who Should Take This Course

Primary audience: Anyone preparing for the CompTIA Security+ examination.
Secondary audience: Anyone interested in learning security fundamentals.

About LiveLessons Video Training

Pearson’s LiveLessons video training series publishes the industry’s leading video tutorials for IT pros, developers, sys admins, devops, network engineers, and certification candidates. LiveLessons feature the highest-quality professional skills training led by recognized author instructors published by Addison-Wesley, Cisco Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include IT certification, programming, development, networking, software skills for the home, office, and business, and more. Your purchase provides you with lifetime online access to the content.
http://www.pearsonitcertification.com/livelessons

Table of contents

  1. Introduction
    1. CompTIA Security+ SY0-501: Introduction 00:05:44
  2. Module 1: Threats, Attacks and Vulnerabilities
    1. Module Introduction 00:00:58
  3. Lesson 1: Analyze Indicators of Compromise and Determine Malware
    1. Learning objectives 00:00:28
    2. 1.1 Types of Malware 00:17:31
    3. 1.2 Indicators of Compromise 00:15:39
    4. 1.3 Security in Action: Malware IOC 00:04:54
  4. Lesson 2: Compare and Contrast Cyber Attacks
    1. Learning objectives 00:00:30
    2. 2.1 Anticipating Cyber Attacks 00:11:02
    3. 2.2 Social Engineering 00:14:08
    4. 2.3 Application and Service Attacks 00:22:06
    5. 2.4 Wireless Attacks 00:11:21
    6. 2.5 Security in Action: Typo Squatting 00:03:08
  5. Lesson 3: Explain Threat Actors and Attributes
    1. Learning objectives 00:00:31
    2. 3.1 Actor Types and Attributes 00:09:27
    3. 3.2 Open Source Threat Intelligence (OSINT) 00:13:25
    4. 3.3 Security in Action: Open Source Intelligence 00:02:56
  6. Lesson 4: Explain Penetration Testing
    1. Learning objectives 00:00:27
    2. 4.1 Pen Testing Concepts 00:08:22
    3. 4.2 Pen Testing Techniques 00:15:28
    4. 4.3 Security in Action: Passive Recon 00:04:18
  7. Lesson 5: Explain Vulnerability Scanning
    1. Learning objectives 00:00:27
    2. 5.1 Scanning Techniques 00:12:06
    3. 5.2 Common Findings 00:09:05
    4. 5.3 Security in Action: Port Scanning 00:05:29
  8. Lesson 6: Explain the Impact of Vulnerabilities
    1. Learning objectives 00:00:28
    2. 6.1 Business Process Vulnerabilities 00:11:28
    3. 6.2 Source Code Vulnerabilities 00:16:01
    4. 6.3 Security in Action: Impact of End of Life Systems 00:03:30
    5. Module 1 Review 00:13:16
  9. Module 2: Tools and Technologies
    1. Module Introduction 00:01:09
  10. Lesson 7: Install and Configure Network Components
    1. Learning objectives 00:00:41
    2. 7.1 Firewalls 00:20:06
    3. 7.2 Filters and Proxies 00:09:22
    4. 7.3 IDS and IPS 00:12:14
    5. 7.4 Virtual Private Networks 00:11:50
    6. 7.5 Layer 1 and 2 Devices 00:08:55
    7. 7.6 Routers and Load Balancers 00:09:57
    8. 7.7 Access Points 00:08:05
    9. 7.8 NACs, DLPs, and Mail Gateways 00:11:57
    10. 7.9 SIEM 00:06:31
    11. 7.10 Security in Action: Firewall Rule 00:07:01
  11. Lesson 8: Assessing Security Posture
    1. Learning objectives 00:00:27
    2. 8.1 Security Scanners and Analyzers 00:13:27
    3. 8.2 Command Line Tools 00:06:25
    4. 8.3 Security in Action: Demonstrate Nmap 00:05:00
  12. Lesson 9: Troubleshoot Common Security Issues
    1. Learning objectives 00:00:28
    2. 9.1 Configuration and Operational Issues 00:15:31
    3. 9.2 Personnel Issues 00:06:55
    4. 9.3 Security in Action: Root Cause Analysis (5 Whys) 00:02:52
  13. Lesson 10: Interpreting Output
    1. Learning objectives 00:00:34
    2. 10.1 Activity and Error Reporting 00:08:35
    3. 10.2 Security in Action: Local Host Reporting 00:02:03
  14. Lesson 11: Deploy Mobile Devices Securely
    1. Learning objectives 00:00:33
    2. 11.1 Mobile Connection Methods 00:08:50
    3. 11.2 Mobile Device Management 00:09:22
    4. 11.3 Mobile Device Concerns 00:07:06
    5. 11.4 Security in Action: Mobile Device Ownership 00:02:15
  15. Lesson 12: Implement Secure Protocols
    1. Learning objectives 00:00:36
    2. 12.1 Secure Communication Protocols 00:12:04
    3. 12.2 Secure Network and Administration Protocols 00:12:08
    4. 12.3 Security in Action: Packet Capture and Protocol Analyzer 00:03:23
    5. Module 2 Review 00:12:04
  16. Module 3: Architecture and Design
    1. Module Introduction 00:01:18
  17. Lesson 13: Explain Use Cases and Purpose of Frameworks, Configuration Guides, and Best Practices
    1. Learning objectives 00:00:31
    2. 13.1 Frameworks, Benchmarks, and Guides 00:09:35
    3. 13.2 Security in Action: Configuration Guidance 00:02:41
  18. Lesson 14: Implement Secure Network Architecture
    1. Learning objectives 00:00:36
    2. 14.1 Zones 00:12:35
    3. 14.2 Isolation 00:06:47
    4. 14.3 Device Placement 00:09:30
    5. 14.4 Security in Action: Secure Enclave & Air Gapping 00:05:01
  19. Lesson 15: Implement Secure System Design
    1. Learning objectives 00:00:28
    2. 15.1 Hardware / Firmware Security 00:07:20
    3. 15.2 Operating System Security 00:10:58
    4. 15.3 Security in Action: Hardening an Operating System 00:03:34
  20. Lesson 16: Explain the Importance of Secure Staging and Deployment
    1. Learning objectives 00:00:28
    2. 16.1 Staging and Deployment Strategies 00:07:06
    3. 16.2 Security in Action: Staging Process 00:02:54
  21. Lesson 17: Explain the Security Implications of Embedded Systems
    1. Learning objectives 00:00:32
    2. 17.1 Embedded System Security 00:10:58
    3. 17.2 Security in Action: Available Resources 00:04:53
  22. Lesson 18: Summarize Secure Application Development and Deployment Concepts
    1. Learning objectives 00:00:35
    2. 18.1 Development Lifecycle 00:12:17
    3. 18.2 Secure Coding Techniques 00:09:53
    4. 18.3 Code Quality and Testing 00:07:03
    5. 18.4 Security in Action: Code Attacks 00:05:43
  23. Lesson 19: Summarize Cloud and Virtualization Concepts
    1. Learning objectives 00:00:34
    2. 19.1 Virtualization 00:12:33
    3. 19.2 Cloud Service and Deployment Models 00:14:34
    4. 19.3 Security in Action: Workstation Virtualization 00:03:03
  24. Lesson 20: Explain Risk Reducing Resiliency and Automation Strategies
    1. Learning objectives 00:00:32
    2. 20.1 Automation and Persistence Techniques 00:08:08
    3. 20.2 Redundancy and Fault Tolerance 00:08:31
    4. 20.3 Security in Action: RAID 00:04:17
  25. Lesson 21: Explain the Importance of Physical Security Controls
    1. Learning objectives 00:00:37
    2. 21.1 Building and Facility Security 00:13:14
    3. 21.2 Environment Controls 00:11:44
    4. 21.3 Security in Action: CPTED 00:02:31
    5. Module 3 Review 00:13:25
  26. Module 4: Identity and Access Management
    1. Module Introduction 00:00:58
  27. Lesson 22: Compare and Contrast Identity and Access Management Concepts
    1. Learning objectives 00:00:37
    2. 22.1 Identification and Authentication 00:10:44
    3. 22.2 Identity Management 00:06:21
    4. 22.3 Security in Action: Transitive Trust 00:02:35
  28. Lesson 23: Install and Configure Identity and Access Services
    1. Learning objectives 00:00:40
    2. 23.1 Network Identity and Access Services 00:16:44
    3. 23.2 Web Identity and Access Services 00:09:28
    4. 23.3 Security in Action: OAuth 2.0 00:03:28
  29. Lesson 24: Implement Identity and Access Management Controls
    1. Learning objectives 00:00:31
    2. 24.1 Authentication Controls 00:09:18
    3. 24.2 Access Control Models 00:16:11
    4. 24.3 Security in Action: DAC Permissions 00:06:03
  30. Lesson 25: Differentiate Common Account Management Practices
    1. Learning objectives 00:00:30
    2. 25.1 Account Types 00:09:31
    3. 25.2 General Concepts 00:10:01
    4. 25.3 Account Auditing 00:09:42
    5. 25.4 Security in Action: Account Policy Enforcement 00:04:33
    6. Module 4 Review 00:09:16
  31. Module 5: Risk Management
    1. Module Introduction 00:01:13
  32. Lesson 26: Explain the Importance of Policies, Plans and Procedures
    1. Learning objectives 00:00:39
    2. 26.1 Security Policies and Agreements 00:10:17
    3. 26.2 Personnel Management 00:07:24
    4. 26.3 Security Awareness Training 00:07:43
    5. 26.4 Security in Action: Policies, Standards and Procedures 00:03:18
  33. Lesson 27: Summarize Business Impact Analysis Concepts
    1. Learning objectives 00:00:30
    2. 27.1 Business Impact Analysis 00:10:04
    3. 27.2 Privacy Impact and Threshold Assessments 00:13:12
    4. 27.3 Security in Action: BIA Metrics 00:03:58
  34. Lesson 28: Explain Risk Management Concepts
    1. Learning objectives 00:00:32
    2. 28.1 Risk Management 00:10:31
    3. 28.2 Risk Assessments 00:12:00
    4. 28.3 Testing and Change Management 00:05:07
    5. 28.4 Security in Action: Quantitative Risk Assessment 00:03:37
  35. Lesson 29: Follow Incident Response Procedures
    1. Learning objectives 00:00:32
    2. 29.1 Incident Response Plans 00:10:45
    3. 29.2 Incident Response Process 00:09:09
    4. 29.3 Security in Action: IR Response Creating a Playbook 00:03:25
  36. Lesson 30: Summarize the Basic Concepts of Forensics
    1. Learning objectives 00:00:33
    2. 30.1 Forensic Fundamentals 00:09:58
    3. 30.2 Data Acquisition 00:09:49
    4. 30.3 Security in Action: Forensic Techniques 00:02:34
  37. Lesson 31: Explain Disaster Recovery and Continuity of Operations Concepts
    1. Learning objectives 00:00:37
    2. 31.1 Recovery and Restoration 00:14:07
    3. 31.2 Continuity of Operations Planning 00:10:10
    4. 31.3 Security in Action: Site Selection Decision Tree 00:02:56
  38. Lesson 32: Compare and Contrast Controls
    1. Learning objectives 00:00:29
    2. 32.1 Comparing and Contrasting Controls 00:09:38
    3. 32.2 Security in Action: Technical Control Crossover 00:04:28
  39. Lesson 33: Carry Out Data Security and Privacy Practices
    1. Learning objectives 00:00:31
    2. 33.1 Data Protection and Classification 00:09:57
    3. 33.2 Data Retention and Destruction 00:07:17
    4. 33.3 Security in Action: Disk Wiping 00:02:54
    5. Module 5 Review 00:11:57
  40. Module 6: Cryptography and PKI
    1. Module Introduction 00:00:56
  41. Lesson 34: Compare and Contrast Basic Concepts of Cryptography
    1. Learning objectives 00:00:31
    2. 34.1 Cryptography Basics 00:11:27
    3. 34.2 Steganography 00:03:56
    4. 34.3 Security in Action: Basic Steganography 00:02:29
  42. Lesson 35: Explain Cryptographic Algorithms and Their Basic Characteristics
    1. Learning objectives 00:00:29
    2. 35.1 Symmetric Encryption 00:14:07
    3. 35.2 Asymmetric Encryption 00:14:13
    4. 35.3 Hashing 00:11:46
    5. 35.4 Digital Signatures 00:07:01
    6. 35.5 Security in Action: Hashing 00:02:55
  43. Lesson 36: Install and Configure Wireless Security Standards
    1. Learning objectives 00:00:31
    2. 36.1 Wireless Cryptographic Protocols 00:10:33
    3. 36.2 Security in Action: WPS Issues 00:00:56
  44. Lesson 37: Implement PKI
    1. Learning objectives 00:00:32
    2. 37.1 Digital Certificates 00:18:30
    3. 37.2 Key Lifecycle Managment 00:06:51
    4. 37.3 Cryptographic Attacks 00:08:29
    5. 37.4 Security in Action: Crypto Vulnerabilities 00:02:54
    6. Module 6 Review 00:11:51
  45. Module 7: Acing Your Exam
    1. Module Introduction 00:00:39
    2. Lesson 38: Understanding the Security+ Exam Structure 00:02:43
    3. Lesson 39: Test Taking Strategies 00:03:39
    4. Lesson 40: The Week Leading Up to You Exam 00:02:59
    5. Lesson 41: What to Expect at the Testing Center 00:03:29
    6. Lesson 42: Attaining and Maintaining Your Security+ Certification 00:01:16
  46. Summary
    1. CompTIA Security+ SY0-501: Summary 00:01:09

Product information

  • Title: CompTIA Security+ (SY0-501)
  • Author(s): Sari Greene
  • Release date: November 2017
  • Publisher(s): Pearson IT Certification
  • ISBN: 0134807553