CompTIA Security+ SY0-601

CompTIA Security+ SY0-601

by Sari Greene
Released December 2020
Publisher(s): Pearson
ISBN: 0137280971

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

23+ Hours of Video Instruction

Get intensive, hands-on CompTIA Security+ training with Sari Greene in this 2-day/8-hour live training course: CompTIA Security+ SY0-601 Certification Crash Course.

CompTIA Security+ (SY0-601) Complete Video Course is an engaging self-paced video training solution that provides learners with more than 23 hours of personal training from security expert Sari Greene. Through the use of topic-focused instructional videos, you will gain an in-depth understanding of each objective in the CompTIA Security+ (SY0-601) exam, as well as a deeper understanding of security foundations and principles to ensure exam success.

CompTIA Security+ (SY0-601) Complete Video Course contains more than 23 hours of training with content divided into 5 modules with 35 content-targeted lessons. This title covers every objective in the newly updated CompTIA Security+ SY0-601 exam and includes screencast teaching, deep dives on security theory and everyday practices, question reviews, and live demos/labs showing how to complete tasks in real time. Most lessons end with a “Security in Action” segment, which takes the security knowledge you’ve learned to the next level.

The video lessons in this course review each exam objective, so you can use it as a complete study tool for taking the CompTIA Security+ exam.

This course also includes:
  • A practice exam that runs in the Pearson test prep software
    • Major sections are as follows:
    • Threats, Attacks and Vulnerabilities
    • Architecture and Design
    • Implementation
    • Operations and Incident Response
    • Governance, Risk & Compliance
    About the Instructor

    Sari is the author of Security Program and Policies: Principles and Practices and is currently being used in undergraduate and graduate programs nationwide. She is also the author and presenter of the best-selling Security + SY0-501 Complete Video Course as well as the CISSP Complete Video Course and the CISA Complete Video Course. Sari has published numerous articles related to cybersecurity; has been quoted in the New York Times, Wall Street Journal, CNN, and CNBC; speaks regularly at cybersecurity, legal, financial, and healthcare conferences around the country; and is a frequent guest lecturer.

    Sari holds multiple industry accreditations including CISSP-ISSMP, CRISC, CISM, CISA, MCSE, Sec+, and NSA/IAM. She is a strong proponent of certification and continuing education. Sari is committed to training the next generation of cybersecurity practitioners who are dedicated to protecting their company, their community, and their country.
    You can contact Sari at sari@sarigreenegroup.com, follow her on Twitter at @sari_greene or visit her website http://www.sarigreenegroup.com. Skill Level
    • Beginner
    Learn How To
    • Confidently understand every objective on the CompTIASecurity+ exam—this course covers every objective and topic in depth.
    • Prepare for exam success—Sari shares her best practices forstudying for and taking the Security+ exam.
    • Enhance your real-world cybersecurity skills and knowledge
    Who Should Take This Course
    • Anyone preparing for the CompTIA Security+ examination. Secondaryaudiences: IT professionals
    • Anyone interested in learning security fundamentals
    Course Requirements
    • Day-to-day information technology or cybersecurity experience.
    • Note: CompTIA recommends but does not require at least twoyears of experience in IT administration with a focus on security prior totaking the certification exam.
    Lesson Descriptions

    Module 1, “Threats, Attacks, and Vulnerabilities,” corresponds to the firstCompTIA domain. 24% of the exam questions will relate to this domain, and eachlesson within Module 1 aligns with the eight exam objectives. Module 1 willcover social engineering principles, tactics, techniques, attack vectors,malware families and attributes, password attacks, physical attacks,adversarial artificial intelligence, and identifying indicators of compromise(IOC). The lessons will then move into application weaknesses, validationissues, injection, XSS and forgery attacks, and explore various system attacks.Next up, it will take a look at digitalinfrastructure attacks, wireless attacks, and malicious code or script executionincluding using PowerShell, Python. and Bash. The lessons also discussadversaries including means and motivation, threat modeling, and how to useOSINT—open source intelligence. The later lessons in this module cover some ofthe most common and dangerous operational vulnerabilities, risks associatedwith third-parties, threat hunting, vulnerability identification, andautomation tools including SIEM and SOAR. Lastly, the module discusses the importance of penetrationtesting, pen testing options, and how pen testing really works.

    Module 2, “Architecture and Design,” corresponds to the second CompTIA domain, which makes up 21% of the exam questions. Within this module, configuration management, data protection concepts, deception and disruption techniques, and tactics are covered. It then examines the security and performance features of virtualization, cloud deployment, and cloud service models. Secure staging workflow, secure coding techniques, and the role of automation with a focus on identify management, authentication factors, attributes and methods, as well as a deep dive into biometrics. The lesson then discusses resiliency, non-persistence, redundancy, and backup and recovery techniques including RAID and replication. Next up is defining what embedded and IoT systems are, look at why and when they are embedded they are vulnerable to attack, and discuss best practices for securing embedded and IoT systems. The module then focuses attention on building and facility design considerations and controls, environmental issues such as air flow, heat, humidity, electrostatic discharge, date emanation, fire, and power as well as secure data destruction. The next lesson begins with a primer, and then surveys cryptographic and related use cases and techniques including steganography, symmetric encryption, asymmetric encryption, hashing, digital signatures, and emerging cryptography.

    Module 3, “Implementation,” corresponds to 25% of the exam questions and covers a lot. The module starts by looking at the practical application and use cases of secure communications and network protocols including SSl/TLS, SSH, DNSSEC, SNMPv3, and secure email protocols. Then, it surveys trusted computing-base components and endpoint security solutions, as well as meeting security objectives by implementing zone, segmentation, and isolation options and network appliances including jump servers, proxy servers, IDS/IPS, NACS, firewalls and VPNS. The lesson ends with a look at the TCP/IP model. The module continues with a dive into wireless design and configuration options with an emphasis on planning a secure wireless network, as well as looking at mobile device connection methods, mobile device deployment options, Mobile device management solutions (commonly known as MDM), and mobile device concerns including attack vectors. Next up is revisiting the cloud environment—this time from an infrastructure perspective. The module looks at design options; use of virtual private clouds and critically cloud security controls; explores the entire user identity and access management lifecycle; and dives into the configuration elements of network and web services including LDAP, Kerberos, TACACS+, RADIUS, CHAP, PAP, SAML, OpenID Connect, OAuth 2.0, and Shibboleth as well as access control and authorization models. Lastly, the module focuses on creating and managing digital certificates as well as cryptovariable (key) management and best practices.

    Module 4, “Operations and Incident Response,” covers about 16% of the exam and starts by surveying network reconnaissance and discovery approaches; tools and techniques including scanning, packet capture, and netflows; and introduces Linux operating system commands security practitioners should be familiar with. Then, the importance of incident response preparedness is discussed, as well as defining the elements of an incident response plan, identifying the phases of incident response, reviewing the process, and studying attack frameworks. Next, the module revisits a number of data sources including scans, logs, and metadata from an investigative perspective. The final lessons of this module discuss a variety of manual and automated mitigation, containment and eradication techniques and controls, and then tackles forensic fundamentals including evidence collection, data acquisition and breach disclosure, and notification requirements.

    Module 5, “Governance, Risk and Compliance,” covers about 14% of the exam. The module starts by taking a close look at control management, control classifications, and control objectives, which taken together comprise an defense-in-depth environment. It then dives into cybersecurity and privacy related regulations and obligations and how to build a compliance information security program incorporating frameworks, benchmarks, and audit standards. The module then examines the role of policies and supporting governance documents, identify key personnel and operational policies and practices, as well as third-party and supply chain risk management. Next, the module identifies fundamental risk management and assessment concepts, teaches how to conduct a quantitative risk assessment and walks through the fundamental concepts of business continuity, including facilitating a business impact assessment. Lastly, it focuses on data classification, privacy requirements and obligations, roles and responsibilities, privacy enhancing technologies, and the relationship between cybersecurity and privacy.

    About Pearson Video Training

    Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Sams, and Que. Topics include IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more.

    Learn more about Pearson Video training at http://www.informit.com/video.

Table of contents

  1. Introduction
    1. CompTIA Security+ SY0-601: Introduction
  2. Module 1: Attacks, Threats, and Vulnerabilities
    1. Introduction to Module 1
  3. Lesson 1: Compare and Contrast Different Types of Social Engineering Techniques
    1. Learning Objectives
    2. 1.1 Social Engineering Principles
    3. 1.2 Social Engineering Attack Vectors
    4. 1.3 Influence Campaigns
    5. Closer Look Lab: Phone and Text Spoofing
  4. Lesson 2: Given a Scenario, Analyze Indicators of Compromise and Determine the Malware
    1. Learning Objectives
    2. 2.1 Malware Primer
    3. 2.2 Malware Families
    4. 2.3 Password Attacks
    5. 2.4 Physical Attacks
    6. 2.5 Adversarial Artificial Intelligence
    7. 2.6 Indicators of Compromise
    8. Closer Look Lab: Malware Analysis
  5. Lesson 3: Given a Scenario, Analyze Potential Indicators Associated with Application Attacks
    1. Learning Objectives
    2. 3.1 Input and Output Validation
    3. 3.2 Injection, XSS and Forgery Attacks
    4. 3.3 System Attacks
    5. Closer Look Lab: Constructing Error Messages
  6. Lesson 4: Given a Scenario, Analyze Potential Indicators Associated with Network Attacks
    1. Learning Objectives
    2. 4.1 Digital Infrastructure Attacks
    3. 4.2 Wireless Attacks
    4. 4.3 Code or Script Execution
    5. Closer Look Lab: Powershell
  7. Lesson 5: Explain Different Threat Actors, Vectors and Intelligence Sources
    1. Learning Objectives
    2. 5.1 Threat Actors and Attributes
    3. 5.2 Threat Modeling
    4. 5.3 Threat Intelligence
    5. Closer Look Lab: Threat Intelligence Workflow
  8. Lesson 6: Explain the Security Concerns Associated with Various Types of Vulnerabilities
    1. Learning Objectives
    2. 6.1 Operational Vulnerabilities
    3. 6.2 Third-party Risks
    4. Closer Look Lab: Zero Day Vulnerability
  9. Lesson 7: Summarize the Techniques Used in Security Assessments
    1. Learning Objectives
    2. 7.1 Threat Hunting and Vulnerability Identification
    3. 7.2 Syslog, SIEM, and SOAR
    4. Closer Look Lab: Common Vulnerabilities and Exposures
  10. Lesson 8: Explain the Techniques Used in Penetration Testing
    1. Learning Objectives
    2. 8.1 Penetration Testing Concepts
    3. 8.2 Penetration Testing Techniques
    4. Closer Look Lab: Passive Reconnaissance
    5. Module 1 REVIEW
  11. Module 2: Architecture and Design
    1. Introduction to Module 2
  12. Lesson 9: Explain the Importance of Security Concepts in an Enterprise Environment
    1. Learning Objectives
    2. 9.1 Configuration Management
    3. 9.2 Data Protection
    4. 9.3 Deception and Disruption
    5. Closer Look Lab: Honeypots
  13. Lesson 10: Summarize Virtualization and Cloud Computing Concepts
    1. Learning Objectives
    2. 10.1 Cloud Computing
    3. 10.2 Virtualization
    4. Closer Look Lab: Virtualization
  14. Lesson 11: Summarize Secure Application Development, Deployment, and Automation Concepts
    1. Learning Objectives
    2. 11.1 Secure Staging
    3. 11.2 Secure Coding Techniques
    4. 11.3 Automation
    5. Closer Look Lab: Open Web Application Security Project (OWASP)
  15. Lesson 12: Summarize Authentication and Authorization Design Concepts
    1. Learning Objectives
    2. 12.1 Identity Management
    3. 12.2 Authentication Factors
    4. 12.3 Biometrics
    5. Closer Look Lab: Pwned Passwords
  16. Lesson 13: Given a Scenario, Implement Cybersecurity Resilience
    1. Learning Objectives
    2. 13.1 Resiliency and Redundancy
    3. 13.2 Backup and Recovery
    4. Closer Look Lab: RAID
  17. Lesson 14: Explain the Security Implications of Embedded and Specialized Systems
    1. Learning Objectives
    2. 14.1 Embedded Systems
    3. 14.2 Internet of Things
    4. Closer Look Lab: Raspberry Pi
  18. Lesson 15: Explain the Importance of Physical Security Controls
    1. Learning Objectives
    2. 15.1 Site and Building Security
    3. 15.2 Environmental Controls
    4. 15.3 Secure Data Destruction
    5. Closer Look Lab: Disk Wiping
  19. Lesson 16: Summarize the Basics of Cryptographic Concepts
    1. Learning Objectives
    2. 16.1 Cryptography Primer
    3. 16.2 Steganography
    4. 16.3 Symmetric Encryption
    5. 16.4 Asymmetric Encryption
    6. 16.5 Hashing
    7. 16.6 Digital Signatures
    8. 16.7 Emerging Cryptography
    9. Closer Look Lab: Hashing
    10. Module 2 REVIEW
  20. Module 3: Implementation
    1. Introduction to Module 3
  21. Lesson 17: Given a Scenario, Implement Secure Protocols
    1. Learning Objectives
    2. 17.1 Secure Communications Protocols
    3. 17.2 Secure Network Protocols
    4. Closer Look Lab: SSL/TLS Packets
  22. Lesson 18: Given a Scenario, Implement Host or Application Security Solutions
    1. Learning Objectives
    2. 18.1 Trusted Computing Base
    3. 18.2 Endpoint Security
    4. 18.3 Database and Application Security
    5. Closer Look Lab: Endpoint Firewall
  23. Lesson 19: Given a Scenario, Implement Secure Network Designs
    1. Learning Objectives
    2. 19.1 Zones and Segments
    3. 19.2 Network Appliances
    4. 19.3 Firewalls
    5. 19.4 Virtual Private Networks
    6. 19.5 TCP/IP
    7. Closer Look Lab: IPv6 Addressing
  24. Lesson 20: Given a Scenario, Install and Configure Wireless Security Settings
    1. Learning Objectives
    2. 20.1 Wireless Configuration
    3. 20.2 Wireless Design
    4. Closer Look Lab: Wireless Heat Map
  25. Lesson 21: Given a Scenario, Implement Secure Mobile Solutions
    1. Learning Objectives
    2. 21.1 Mobile Connectivity
    3. 21.2 Mobile Device Management
    4. Closer Look Lab: Mobile Device Ownership and Deployment Options
  26. Lesson 22: Given a Scenario, Apply Cybersecurity Solutions to the Cloud
    1. Learning Objectives
    2. 22.1 Cloud Infrastructure
    3. 22.2 Virtual Private Clouds
    4. 22.3 Cloud Security Controls
    5. Closer Look Lab: CSA Cloud Controls Matrix
  27. Lesson 23: Given a Scenario, Implement Identity and Account Management Controls
    1. Learning Objectives
    2. 23.1 Identity and Access Management
    3. Closer Look Lab: Sign-in Risk Triggers
  28. Lesson 24: Given a Scenario, Implement Authentication and Authorization Solutions
    1. Learning Objectives
    2. 24.1 Authentication Protocols
    3. 24.2 Federated Identity
    4. 24.3 Authorization and Access Control
    5. Closer Look Lab: OAuth 2.0 in Action
  29. Lesson 25: Given a Scenario, Implement Public Key Infrastructure
    1. Learning Objectives
    2. 25.1 PKI Cryptographic Review
    3. 25.2 Digital Certificates
    4. 25.3 Digital Certificate Lifecycle
    5. 25.4 Key Management
    6. Closer Look Lab: Digital Certificates
    7. Module 3 Review
  30. Module 4: Operations and Incident Response
    1. Introduction to Module 4
  31. Lesson 26: Given a Scenario, Use the Appropriate Tool to Assess Organizational Security
    1. Learning Objectives
    2. 26.1 Reconnaissance and Discovery
    3. 26.2 Packet Capture and NetFlows
    4. 26.3 Linux Commands
    5. Closer Look Lab: ZenMap
  32. Lesson 27: Summarize the Importance of Policies, Processes, and Procedures for Incident Response
    1. Learning Objectives
    2. 27.1 Incident Response Plans
    3. 27.2 Incident Handling Process
    4. Closer Look Lab: Mitre ATT Framework
  33. Lesson 28: Given an Incident, Utilize Appropriate Data Sources to Support an Investigation
    1. Learning Objectives
    2. 28.1 Data Sources
    3. Closer Look Lab: Log Files
  34. Lesson 29: Given an Incident, Apply Mitigation Techniques or Controls to Secure an Environment
    1. Learning Objectives
    2. 29.1 Incident Mitigation
    3. Closer Look Lab: SOAR
  35. Lesson 30: Explain the Key Aspects of Digital Forensics
    1. Learning Objectives
    2. 30.1 Forensic Evidence
    3. 30.2 Forensic Examination
    4. 30.3 Disclosure and Notification
    5. Closer Look Lab: RAM Capture
    6. Module 4 Review
  36. Module 5: Governance, Risk, and Compliance
    1. Introduction to Module 5
  37. Lesson 31: Compare and Contrast Various Types of Controls
    1. Learning Objectives
    2. 31.1 Controls and Countermeasures
    3. Closer Look Lab: Overlapping Control Categories
  38. Lesson 32: Explain the Importance of Applicable Regulations Standards or Frameworks That Impact Organizational Security Posture
    1. Learning Objectives
    2. 32.1 Compliance and Regulations
    3. 32.2 Frameworks and Guidance
    4. 32.3 Benchmarks and Audit Standards
    5. Closer Look Lab: CIS Benchmarks
  39. Lesson 33: Explain the Importance of Policies to Organizational Security
    1. Learning Objectives
    2. 33.1 Governance and Policies
    3. 33.2 Personnel Policies
    4. 33.3 Personnel Practices
    5. 33.4 Organizational Policies
    6. 33.5 Third-party Risk Management
    7. Closer Look Lab: Policy Standards
  40. Lesson 34: Summarize Risk Management Processes and Concepts
    1. Learning Objectives
    2. 34.1 Risk Management
    3. 34.2 Risk Assessment
    4. 34.3 Business Continuity
    5. Closer Look Lab: Quantitative Risk Assessment
  41. Lesson 35: Explain Privacy and Sensitive Data Concepts in Relation to Security
    1. Learning Objectives
    2. 35.1 Privacy Principles
    3. 35.2 Privacy Management
    4. Closer Look Lab: Privacy Walkthrough
  42. Lesson 36: Preparing for the Exam
    1. Learning Objectives
    2. 36.1 Understanding the Security+ Exam Structure
    3. 36.2 Study Strategies
    4. 36.3 Test Taking Strategies
    5. 36.4 Testing Options
    6. 36.5 Attaining and Maintaining Your Security+ Certification
    7. Module 5 Review
  43. Summary
    1. CompTIA Security+ SY0-601: Summary

Product information

  • Title: CompTIA Security+ SY0-601
  • Author(s): Sari Greene
  • Release date: December 2020
  • Publisher(s): Pearson
  • ISBN: 0137280971