CompTIA Security+ (SY0-701) Cert Prep: 1 General Security Concepts

Prepare for the first domain of the CompTIA Security+ (SY0-701) exam, General Security Concepts.

Introduction

• Security concepts

1. Fundamental Security Concepts

• The goals of information security
• Authentication, authorization, and accounting (AAA)
• Categorizing security controls
• Conducting a gap analysis
• Zero Trust
• Physical access control
• Physical security personnel
• Deception technologies
• Change management

2. Cryptography

• Understanding encryption
• Symmetric and asymmetric cryptography
• Goals of cryptography
• Choosing encryption algorithms
• The cryptographic lifecycle
• Data de-identification
• Data obfuscation

3. Symmetric Cryptography

• Data Encryption Standard (DES)
• 3DES
• AES, Blowfish, and Twofish
• Steganography

4. Asymmetric Cryptography

• Rivest, Shamir, Adleman (RSA)
• PGP and GnuPG
• Elliptic-curve and quantum cryptography
• Tor and perfect forward secrecy

5. Key Management

• Key exchange
• Diffie-Hellman
• Key escrow
• Key stretching
• Hardware security modules

6. Public Key Infrastructure

• Trust models
• PKI and digital certificates
• Hash functions
• Digital signatures
• Digital signature standard
• Create a digital certificate
• Revoke a digital certificate
• Certificate stapling
• Certificate authorities
• Certificate subjects
• Certificate types
• Certificate formats

7. Cryptographic Applications

• TLS and SSL
• Blockchain

Conclusion

• Continuing your studies