CompTIA Security+ (SY0-501): Complete Course and Practice Exam

Video description

This course is designed to help prepare you for the CompTIA Security+ (SY0-501) certification exam and covers the six domains for the Security+ (SY0-501) certification exam:

Threats, Attacks, and Vulnerabilities

Technologies and Tools

Architecture and Design

Identity and Access Management

Risk Management

Cryptography and PKI

You will learn the fundamentals of cybersecurity and gain experience in the configuration, management, and troubleshooting of common wired and wireless networks.

What You Will Learn

  • Performing basic security configurations
  • Become an effective security technician in a business environment

Audience

Students who want to pass the CompTIA Security+ certification exam. Students wanting to learn the terminology and nomenclature of computer security. Students seeking a career in cybersecurity.

About The Author

Jason Dion: Jason Dion, CISSP No. 349867, is an adjunct instructor at Liberty University's College of Engineering and Computational Science and Anne Arundel Community College's Department of Computing Technologies with multiple information technology professional certifications, including Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Network Defense Architect (CNDA), Digital Forensic Examiner (DFE), Digital Media Collector (DMC), Security+, Network+, A+, PRINCE2, and Information Technology Infrastructure Library v3. He has been a deputy director of a network operations center, and an information systems officer for large organizations around the globe.

Table of contents

  1. Chapter 1 : Overview of Security
    1. Welcome
    2. Overview of Security
    3. CIA Triad
    4. AAA of Security
    5. Security Threats
    6. Mitigating Threats
    7. Hackers
    8. Threat Actors
  2. Chapter 2 : Malware
    1. Malware
    2. Viruses
    3. Worms
    4. Trojans
    5. Demo: Viruses and Trojans
    6. Ransomware
    7. Spyware
    8. Rootkits
    9. Spam
    10. Summary of Malware
  3. Chapter 3 : Malware Infections
    1. Malware Infections
    2. Common Delivery Methods
    3. Demo: Phishing
    4. Botnets and Zombies
    5. Active Interception and Privilege Escalation
    6. Demo: Privilege Escalation
    7. Backdoors and Logic Bombs
    8. Symptoms of Infection
    9. Removing Malware
    10. Preventing Malware
  4. Chapter 4 : Security Applications and Devices
    1. Security Applications and Devices
    2. Software Firewalls
    3. Demo: Software Firewalls
    4. IDS
    5. Pop-up Blockers
    6. Data Loss Prevention (DLP)
    7. Securing the BIOS
    8. Securing Storage Devices
    9. Disk Encryption
  5. Chapter 5 : Mobile Device Security
    1. Mobile Device Security
    2. Securing Wireless Devices
    3. Mobile Malware
    4. SIM Cloning ID Theft
    5. Bluetooth Attacks
    6. Mobile Device Theft
    7. Security of Apps
    8. BYOD
    9. Hardening Mobile Devices
  6. Chapter 6 : Hardening
    1. Hardening
    2. Unnecessary Applications
    3. Restricting Applications
    4. Demo: Unnecessary Services
    5. Trusted Operating System
    6. Updates and Patches
    7. Patch Management
    8. Group Policies
    9. Demo: Group Policies
    10. File Systems and Hard Drives
  7. Chapter 7 : Virtualization
    1. Virtualization
    2. Hypervisors
    3. Demo: How to create a VM
    4. Threats to VMs
    5. Securing VMs
    6. Demo: Securing VMs
  8. Chapter 8 : Application Security
    1. Application Security
    2. Web Browser Security
    3. Web Browser Concerns
    4. Demo: Web Browser Configuration
    5. Securing Applications
  9. Chapter 9 : Secure Software Development
    1. Software Development
    2. SDLC Principles
    3. Testing Methods
    4. Software Vulnerabilities and Exploits
    5. Buffer Overflows
    6. Demo: Buffer Overflow Attack
    7. XSS and XSRF
    8. SQL Injection
    9. Demo: SQL Injection
  10. Chapter 10 : Network Design
    1. Network Security
    2. The OSI Model
    3. Switches
    4. Routers
    5. Network Zones
    6. Network Access Control
    7. VLANs
    8. Subnetting
    9. Network Address Translation
    10. Telephony
  11. Chapter 11 : Perimeter Security
    1. Perimeter Security
    2. Firewalls
    3. Demo: SOHO Firewall
    4. Proxy Servers
    5. Honeypots and Honeynets
    6. Data Loss Prevention
    7. NIDS and NIPS
    8. Unified Threat Management
  12. Chapter 12 : Cloud Security
    1. Cloud Computing
    2. Cloud Types
    3. As a Service
    4. Cloud Security
    5. Defending Servers
  13. Chapter 13 : Network Attacks
    1. Network Attacks
    2. Ports and Protocols
    3. Memorization of Ports
    4. Unnecessary Ports
    5. Denial of Service
    6. DDoS
    7. Stopping a DDoS
    8. Spoofing
    9. Hijacking
    10. Replay Attack
    11. Demo: Null Sessions
    12. Transitive Attacks
    13. DNS Attacks
    14. ARP Poisoning
  14. Chapter 14 : Securing Networks
    1. Securing Networks
    2. Securing Network Devices
    3. Securing Network Media
    4. Securing WiFi Devices
    5. Wireless Encryption
    6. Wireless Access Points
    7. Wireless Attacks
    8. Demo: Wireless Attack
    9. Other Wireless Technologies
  15. Chapter 15 : Physical Security
    1. Physical Security
    2. Surveillance
    3. Door Locks
    4. Demo: Lock Picking
    5. Biometric Readers
  16. Chapter 16 : Facilities Security
    1. Facilities Security
    2. Fire Suppression
    3. HVAC
    4. Shielding
    5. Vehicles
  17. Chapter 17 : Authentication
    1. Authentication
    2. Authentication Models
    3. 802.1x
    4. LDAP and Kerberos
    5. Remote Desktop Services
    6. Remote Access Service
    7. VPN
    8. RADIUS vs TACACS+
    9. Authentication Summary
  18. Chapter 18 : Access Control
    1. Access Control
    2. Access Control Models
    3. Best Practices
    4. Users and Groups
    5. Permissions
    6. Usernames and Passwords
    7. Demo: Policies
    8. User Account Control
  19. Chapter 19 : Risk Assessments
    1. Risk Assessments
    2. Qualitative Risk
    3. Quantitative Risk
    4. Methodologies
    5. Security Controls
    6. Vulnerability Management
    7. Penetration Testing
    8. OVAL
    9. Vulnerability Assessments
    10. Demo: Nmap Scanning
    11. Demo: Vulnerability Scanning
    12. Password Analysis
    13. Demo: Password Cracking
  20. Chapter 20 : Monitoring and Auditing
    1. Monitoring Types
    2. Performance Baselining
    3. Protocol Analyzers
    4. SNMP
    5. Demo: Analytical Tools
    6. Auditing
    7. Demo: Auditing Files
    8. Logging
    9. Log Files
    10. SIEM
  21. Chapter 21 : Cryptography
    1. Cryptography
    2. Symmetric vs Asymmetric
    3. Symmetric Algorithms
    4. Public Key Cryptography
    5. Asymmetric Algorithms
    6. Pretty Good Privacy
    7. Key Management
    8. One-Time Pad
    9. Demo: Steganography
    10. Hashing
    11. Demo: Hashing
    12. Hashing Attacks
    13. Increasing Hash Security
  22. Chapter 22 : Public Key Infrastructure
    1. Public Key Infrastructure
    2. Digital Certificates
    3. Demo: Certificates
    4. Certificate Authorities
    5. Web of Trust
  23. Chapter 23 : Security Protocols
    1. Security Protocols
    2. S/MIME
    3. SSL and TLS
    4. SSH
    5. VPN Protocols
    6. Demo: Setting up a VPN
  24. Chapter 24 : Planning for the Worst
    1. Planning for the Worst
    2. Redundant Power
    3. Backup Power
    4. Data Redundancy
    5. Demo: RAIDs
    6. Network Redundancy
    7. Server Redundancy
    8. Redundant Sites
    9. Data Backup
    10. Tape Rotation
    11. Disaster Recovery Plan
  25. Chapter 25 : Social Engineering
    1. Social Engineering
    2. Demo: Pretexting
    3. Insider Threat
    4. Phishing
    5. More Social Engineering
    6. User Education
  26. Chapter 26 : Policies and Procedures
    1. Policies and Procedures
    2. Data Classifications
    3. PII and PHI
    4. Security Policies
    5. User Education
    6. Vendor Relationships
    7. Disposal Policies
    8. Incident Response Procedures
    9. Data Collection Procedures
    10. Demo: Disk Imaging
    11. IT Security Frameworks
  27. Chapter 27 : Conclusion
    1. Conclusion
    2. Exam Tricks

Product information

  • Title: CompTIA Security+ (SY0-501): Complete Course and Practice Exam
  • Author(s): Jason Dion
  • Release date: March 2019
  • Publisher(s): Packt Publishing
  • ISBN: 9781838826352