CompTIA Security+ (SY0-701) Cert Prep

A comprehensive, all-in-one resource for those preparing for the Security+ (SY0-701) certification exam.

Introduction

• About the Security+ exam
• What's new in SY0-701?

1. The Security+ Exam

• The Security+ exam
• Careers in information security
• The value of certification
• Stackable certifications
• Study resources

2. Inside the Security+ Exam

• In-person exam environment
• At-home testing
• Security+ question types
• Passing the Security+ exam

3. Preparing for the Exam

• Exam tips
• Practice tests
• Continuing education requirements

4. Domain 1: General Security Concepts

• General security concepts

5. Fundamental Security Concepts

• The goals of information security
• Authentication, authorization, and accounting (AAA)
• Categorizing security controls
• Conducting a gap analysis
• Zero Trust
• Physical access control
• Physical security personnel
• Deception technologies
• Change management

6. Cryptography

• Understanding encryption
• Symmetric and asymmetric cryptography
• Goals of cryptography
• Choosing encryption algorithms
• The cryptographic lifecycle
• Data de-identification
• Data obfuscation

7. Symmetric Cryptography

• Data Encryption Standard (DES)
• 3DES
• AES, Blowfish, and Twofish
• Steganography

8. Asymmetric Cryptography

• Rivest, Shamir, Adleman (RSA)
• PGP and GnuPG
• Elliptic-curve and quantum cryptography
• Tor and perfect forward secrecy

9. Key Management

• Key exchange
• Diffie-Hellman
• Key escrow
• Key stretching
• Hardware security modules

10. Public Key Infrastructure

• Trust models
• PKI and digital certificates
• Hash functions
• Digital signatures
• Digital signature standard
• Create a digital certificate
• Revoke a digital certificate
• Certificate stapling
• Certificate authorities
• Certificate subjects
• Certificate types
• Certificate formats

11. Cryptographic Applications

• TLS and SSL
• Blockchain

12. Domain 2: Threats, Vulnerabilities, and Mitigations

• Threats, vulnerabilities, and mitigations

13. Understanding Vulnerability Types

• Vulnerability impact
• Supply chain vulnerabilities
• Configuration vulnerabilities
• Architectural vulnerabilities

14. Malware

• Comparing viruses, worms, and trojans
• Malware payloads
• Understanding backdoors and logic bombs
• Looking at advanced malware
• Understanding botnets
• Malicious script execution

15. Understanding Attackers

• Cybersecurity adversaries
• Attacker motivations
• Preventing insider threats
• Attack vectors
• Zero-day attacks

16. Social Engineering Attacks

• Social engineering
• Impersonation attacks
• Identity fraud and pretexting
• Watering hole attacks
• Physical social engineering
• Business email compromise
• Misinformation and disinformation

17. Password Attacks

• Password attacks
• Password spraying and credential stuffing

18. Application Attacks

• Preventing SQL injection
• Understanding cross-site scripting
• Request forgery
• Overflow attacks
• Explaining cookies and attachments
• Session hijacking
• Code execution attacks
• Privilege escalation
• OWASP Top Ten
• Application security
• Defending against directory traversal
• Race condition vulnerabilities

19. Cryptanalytic Attacks

• Brute force attacks
• Knowledge-based attacks
• Limitations of encryption algorithms

20. Network Attacks

• Denial-of-service attacks
• Eavesdropping attacks
• DNS attacks
• Wireless attacks
• Propagation attacks
• Preventing rogues and evil twins
• Disassociation attacks
• Understanding Bluetooth attacks
• RFID security

21. Attack Indicators

• Attack indicators

22. Domain 3: Security Architecture

• Security architecture

23. Cloud Computing

• What is the cloud?
• Cloud computing roles
• Drivers for cloud computing
• Multitenant computing
• Cloud considerations
• Security service providers

24. Virtualization

• Virtualization
• Desktop and application virtualization

25. Cloud Building Blocks

• Cloud compute resources
• Cloud storage
• Cloud networking
• Cloud databases
• Cloud orchestration
• Containers
• SOA and microservices

26. Cloud Activities

• Cloud activities and the cloud reference architecture
• Cloud deployment models
• Cloud service categories
• Security and privacy concerns in the cloud
• Data sovereignty
• Operational concerns in the cloud

27. Cloud Security Controls

• Cloud firewall considerations
• Cloud application security
• Cloud provider security controls

28. TCP/IP Networking

• Introducing TCP/IP
• IP addresses and DHCP
• Domain Name System (DNS)
• Network ports
• ICMP

29. Secure Network Design

• Security zones
• VLANs and network segmentation
• Security device placement
• Software-defined networking (SDN)

30. Network Security Devices

• Routers, switches, and bridges
• Firewalls
• Web application firewalls
• Proxy servers
• Load balancers
• VPNs and VPN concentrators
• Network intrusion detection and prevention
• Protocol analyzers
• Unified threat management
• Failure modes

31. Network Security Techniques

• Restricting network access
• Network access control
• Router configuration security
• Switch configuration security
• Maintaining network availability
• Network monitoring
• SNMP
• Isolating sensitive systems
• Zero trust networking
• Secure access service edge (SASE)

32. Embedded Systems Security

• Industrial control systems
• Internet of Things
• Securing smart devices
• Secure networking for smart devices
• Embedded systems

33. Data Protection

• Understanding data security
• Data types
• Data anonymization
• Data obfuscation
• Information classification

34. Resilience and Recovery

• Business continuity planning
• Business continuity controls
• High availability and fault tolerance
• Disaster recovery
• Backups
• Restoring backups
• Disaster recovery sites
• Testing BC/DR plans
• Capacity planning

35. Domain 4: Security Operations

• Security operations

36. Data Security Controls

• Developing security baselines
• Leveraging industry standards
• Customizing security standards

37. Host Security

• Operating system security
• Malware prevention
• Application management
• Host-based network security controls
• File integrity monitoring
• Data loss prevention
• Data encryption
• Hardware and firmware security
• Linux file permissions
• Web content filtering

38. Configuration Enforcement

• Change management
• Configuration management
• Physical asset management
• Disposal and decommissioning

39. Mobile Device Security

• Mobile connection methods
• Mobile device security
• Mobile device management
• Mobile device tracking
• Mobile application security
• Mobile security enforcement
• Bring your own device (BYOD)
• Mobile deployment models

40. Wireless Networking

• Understanding wireless networking
• Wireless encryption
• Wireless authentication
• RADIUS
• Wireless signal propagation
• Wireless networking equipment

41. Code Security

• Code review
• Software testing
• Code security tests
• Fuzz testing
• Acquired software
• Package monitoring

42. Threat Intelligence

• Threat intelligence
• Intelligence sharing
• Threat hunting

43. Vulnerability Management

• What is vulnerability management?
• Identify scan targets
• Scan configuration
• Scan perspective
• Security Content Automation Protocol (SCAP)
• Common Vulnerability Scoring System (CVSS )
• Analyzing scan reports
• Correlating scan results
• Vulnerability response and remediation

44. Penetration Testing and Exercises

• Penetration testing
• Responsible disclosure
• Bug bounty

45. Security Alerting, Monitoring, and Automation

• Logging security information
• Security information and event management
• Monitoring activities
• Endpoint monitoring
• Automation and orchestration

46. Secure Protocols

• TLS and SSL
• IPSec
• Securing common protocols
• DKIM, DMARC, and SPF
• Email gateways

47. Identification

• Identification, authentication, authorization, and accounting
• Usernames and access cards
• Biometrics
• Registration and identity proofing

48. Authentication

• Authentication factors
• Multifactor authentication
• Something you have
• Password policy
• Password managers
• Passwordless authentication
• Single sign-on and federation
• Kerberos and LDAP
• SAML
• OAUTH and OpenID Connect
• Certificate-based authentication

49. Authorization

• Understanding authorization
• Mandatory access controls
• Discretionary access controls
• Access control lists
• Advanced authorization concepts

50. Account Management

• Understanding account and privilege management
• Privileged access management
• Provisioning and deprovisioning

51. Incident Response

• Build an incident response program
• Incident identification
• Escalation and notification
• Mitigation
• Containment techniques
• Incident eradication and recovery
• Post-incident activities
• Incident response training and testing

52. Digital Forensics

• Introduction to forensics
• System and file forensics
• Chain of custody
• E-discovery and evidence production
• Investigation data sources

53. Domain 5: Security Program Management and Oversight

• Security program management and oversight

54. Security Policies

• Security policy framework
• Security policies
• Security standards
• Security procedures
• Policy monitoring and revision
• Policy considerations

55. Security Governance

• Security governance structures
• Data security roles

56. Risk Analysis

• Risk assessment
• Quantitative risk assessment
• Business impact analysis
• Risk treatment options
• Risk visibility and reporting
• Ongoing risk assessment
• Security metrics

57. Supply Chain Risk

• Managing vendor relationships
• Vendor agreements
• Vendor information management

58. Privacy and Compliance

• Legal and compliance risks
• Compliance monitoring and reporting

59. Auditing

• Audits and assessments

60. Conclusion

• Continuing Your Studies