Video description23+ Hours of Video Instruction
Get intensive, hands-on CompTIA Security+ training with Sari Greene in this 2-day/8-hour live training course: CompTIA Security+ SY0-601 Certification Crash Course.
CompTIA Security+ (SY0-601) Complete Video Course is an engaging self-paced video training solution that provides learners with more than 23 hours of personal training from security expert Sari Greene. Through the use of topic-focused instructional videos, you will gain an in-depth understanding of each objective in the CompTIA Security+ (SY0-601) exam, as well as a deeper understanding of security foundations and principles to ensure exam success.
CompTIA Security+ (SY0-601) Complete Video Course contains more than 23 hours of training with content divided into 5 modules with 35 content-targeted lessons. This title covers every objective in the newly updated CompTIA Security+ SY0-601 exam and includes screencast teaching, deep dives on security theory and everyday practices, question reviews, and live demos/labs showing how to complete tasks in real time. Most lessons end with a “Security in Action” segment, which takes the security knowledge you’ve learned to the next level.
The video lessons in this course review each exam objective, so you can use it as a complete study tool for taking the CompTIA Security+ exam.
This course also includes:
- A practice exam that runs in the Pearson test prep software Major sections are as follows:
- Threats, Attacks and Vulnerabilities
- Architecture and Design
- Operations and Incident Response
- Governance, Risk & Compliance
- Confidently understand every objective on the CompTIASecurity+ exam—this course covers every objective and topic in depth.
- Prepare for exam success—Sari shares her best practices forstudying for and taking the Security+ exam.
- Enhance your real-world cybersecurity skills and knowledge
- Anyone preparing for the CompTIA Security+ examination. Secondaryaudiences: IT professionals
- Anyone interested in learning security fundamentals
- Day-to-day information technology or cybersecurity experience.
- Note: CompTIA recommends but does not require at least twoyears of experience in IT administration with a focus on security prior totaking the certification exam.
Sari is the author of Security Program and Policies: Principles and Practices and is currently being used in undergraduate and graduate programs nationwide. She is also the author and presenter of the best-selling Security + SY0-501 Complete Video Course as well as the CISSP Complete Video Course and the CISA Complete Video Course. Sari has published numerous articles related to cybersecurity; has been quoted in the New York Times, Wall Street Journal, CNN, and CNBC; speaks regularly at cybersecurity, legal, financial, and healthcare conferences around the country; and is a frequent guest lecturer.
Sari holds multiple industry accreditations including CISSP-ISSMP, CRISC, CISM, CISA, MCSE, Sec+, and NSA/IAM. She is a strong proponent of certification and continuing education. Sari is committed to training the next generation of cybersecurity practitioners who are dedicated to protecting their company, their community, and their country.
You can contact Sari at firstname.lastname@example.org, follow her on Twitter at @sari_greene or visit her website http://www.sarigreenegroup.com. Skill Level
Module 1, “Threats, Attacks, and Vulnerabilities,” corresponds to the firstCompTIA domain. 24% of the exam questions will relate to this domain, and eachlesson within Module 1 aligns with the eight exam objectives. Module 1 willcover social engineering principles, tactics, techniques, attack vectors,malware families and attributes, password attacks, physical attacks,adversarial artificial intelligence, and identifying indicators of compromise(IOC). The lessons will then move into application weaknesses, validationissues, injection, XSS and forgery attacks, and explore various system attacks.Next up, it will take a look at digitalinfrastructure attacks, wireless attacks, and malicious code or script executionincluding using PowerShell, Python. and Bash. The lessons also discussadversaries including means and motivation, threat modeling, and how to useOSINT—open source intelligence. The later lessons in this module cover some ofthe most common and dangerous operational vulnerabilities, risks associatedwith third-parties, threat hunting, vulnerability identification, andautomation tools including SIEM and SOAR. Lastly, the module discusses the importance of penetrationtesting, pen testing options, and how pen testing really works.
Module 2, “Architecture and Design,” corresponds to the second CompTIA domain, which makes up 21% of the exam questions. Within this module, configuration management, data protection concepts, deception and disruption techniques, and tactics are covered. It then examines the security and performance features of virtualization, cloud deployment, and cloud service models. Secure staging workflow, secure coding techniques, and the role of automation with a focus on identify management, authentication factors, attributes and methods, as well as a deep dive into biometrics. The lesson then discusses resiliency, non-persistence, redundancy, and backup and recovery techniques including RAID and replication. Next up is defining what embedded and IoT systems are, look at why and when they are embedded they are vulnerable to attack, and discuss best practices for securing embedded and IoT systems. The module then focuses attention on building and facility design considerations and controls, environmental issues such as air flow, heat, humidity, electrostatic discharge, date emanation, fire, and power as well as secure data destruction. The next lesson begins with a primer, and then surveys cryptographic and related use cases and techniques including steganography, symmetric encryption, asymmetric encryption, hashing, digital signatures, and emerging cryptography.
Module 3, “Implementation,” corresponds to 25% of the exam questions and covers a lot. The module starts by looking at the practical application and use cases of secure communications and network protocols including SSl/TLS, SSH, DNSSEC, SNMPv3, and secure email protocols. Then, it surveys trusted computing-base components and endpoint security solutions, as well as meeting security objectives by implementing zone, segmentation, and isolation options and network appliances including jump servers, proxy servers, IDS/IPS, NACS, firewalls and VPNS. The lesson ends with a look at the TCP/IP model. The module continues with a dive into wireless design and configuration options with an emphasis on planning a secure wireless network, as well as looking at mobile device connection methods, mobile device deployment options, Mobile device management solutions (commonly known as MDM), and mobile device concerns including attack vectors. Next up is revisiting the cloud environment—this time from an infrastructure perspective. The module looks at design options; use of virtual private clouds and critically cloud security controls; explores the entire user identity and access management lifecycle; and dives into the configuration elements of network and web services including LDAP, Kerberos, TACACS+, RADIUS, CHAP, PAP, SAML, OpenID Connect, OAuth 2.0, and Shibboleth as well as access control and authorization models. Lastly, the module focuses on creating and managing digital certificates as well as cryptovariable (key) management and best practices.
Module 4, “Operations and Incident Response,” covers about 16% of the exam and starts by surveying network reconnaissance and discovery approaches; tools and techniques including scanning, packet capture, and netflows; and introduces Linux operating system commands security practitioners should be familiar with. Then, the importance of incident response preparedness is discussed, as well as defining the elements of an incident response plan, identifying the phases of incident response, reviewing the process, and studying attack frameworks. Next, the module revisits a number of data sources including scans, logs, and metadata from an investigative perspective. The final lessons of this module discuss a variety of manual and automated mitigation, containment and eradication techniques and controls, and then tackles forensic fundamentals including evidence collection, data acquisition and breach disclosure, and notification requirements.
Module 5, “Governance, Risk and Compliance,” covers about 14% of the exam. The module starts by taking a close look at control management, control classifications, and control objectives, which taken together comprise an defense-in-depth environment. It then dives into cybersecurity and privacy related regulations and obligations and how to build a compliance information security program incorporating frameworks, benchmarks, and audit standards. The module then examines the role of policies and supporting governance documents, identify key personnel and operational policies and practices, as well as third-party and supply chain risk management. Next, the module identifies fundamental risk management and assessment concepts, teaches how to conduct a quantitative risk assessment and walks through the fundamental concepts of business continuity, including facilitating a business impact assessment. Lastly, it focuses on data classification, privacy requirements and obligations, roles and responsibilities, privacy enhancing technologies, and the relationship between cybersecurity and privacy.
About Pearson Video Training
Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Sams, and Que. Topics include IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more.
Learn more about Pearson Video training at http://www.informit.com/video.
Table of contents
- Module 1: Attacks, Threats, and Vulnerabilities
- Lesson 1: Compare and Contrast Different Types of Social Engineering Techniques
- Lesson 2: Given a Scenario, Analyze Indicators of Compromise and Determine the Malware
- Lesson 3: Given a Scenario, Analyze Potential Indicators Associated with Application Attacks
- Lesson 4: Given a Scenario, Analyze Potential Indicators Associated with Network Attacks
- Lesson 5: Explain Different Threat Actors, Vectors and Intelligence Sources
- Lesson 6: Explain the Security Concerns Associated with Various Types of Vulnerabilities
- Lesson 7: Summarize the Techniques Used in Security Assessments
- Lesson 8: Explain the Techniques Used in Penetration Testing
- Module 2: Architecture and Design
- Lesson 9: Explain the Importance of Security Concepts in an Enterprise Environment
- Lesson 10: Summarize Virtualization and Cloud Computing Concepts
- Lesson 11: Summarize Secure Application Development, Deployment, and Automation Concepts
- Lesson 12: Summarize Authentication and Authorization Design Concepts
- Lesson 13: Given a Scenario, Implement Cybersecurity Resilience
- Lesson 14: Explain the Security Implications of Embedded and Specialized Systems
- Lesson 15: Explain the Importance of Physical Security Controls
- Lesson 16: Summarize the Basics of Cryptographic Concepts
- Module 3: Implementation
- Lesson 17: Given a Scenario, Implement Secure Protocols
- Lesson 18: Given a Scenario, Implement Host or Application Security Solutions
- Lesson 19: Given a Scenario, Implement Secure Network Designs
- Lesson 20: Given a Scenario, Install and Configure Wireless Security Settings
- Lesson 21: Given a Scenario, Implement Secure Mobile Solutions
- Lesson 22: Given a Scenario, Apply Cybersecurity Solutions to the Cloud
- Lesson 23: Given a Scenario, Implement Identity and Account Management Controls
- Lesson 24: Given a Scenario, Implement Authentication and Authorization Solutions
- Lesson 25: Given a Scenario, Implement Public Key Infrastructure
- Module 4: Operations and Incident Response
- Lesson 26: Given a Scenario, Use the Appropriate Tool to Assess Organizational Security
- Lesson 27: Summarize the Importance of Policies, Processes, and Procedures for Incident Response
- Lesson 28: Given an Incident, Utilize Appropriate Data Sources to Support an Investigation
- Lesson 29: Given an Incident, Apply Mitigation Techniques or Controls to Secure an Environment
- Lesson 30: Explain the Key Aspects of Digital Forensics
- Module 5: Governance, Risk, and Compliance
- Lesson 31: Compare and Contrast Various Types of Controls
- Lesson 32: Explain the Importance of Applicable Regulations Standards or Frameworks That Impact Organizational Security Posture
- Lesson 33: Explain the Importance of Policies to Organizational Security
- Lesson 34: Summarize Risk Management Processes and Concepts
- Lesson 35: Explain Privacy and Sensitive Data Concepts in Relation to Security
- Lesson 36: Preparing for the Exam
- Title: CompTIA Security+ SY0-601
- Release date: December 2020
- Publisher(s): Pearson IT Certification
- ISBN: 0137280971
You might also like
51+ hours of video instruction. Overview The professional programmer’s Deitel® video guide to Python development with …
Clean Code: A Handbook of Agile Software Craftsmanship
Even bad code can function. But if code isn't clean, it can bring a development organization …
Head First Design Patterns, 2nd Edition
You know you don’t want to reinvent the wheel, so you look to design patterns—the lessons …
Building Microservices, 2nd Edition
Distributed systems have become more fine-grained as organizations shift from code-heavy monolithic applications to smaller, self-contained …