CompTIA Security+ Class Details/Candidate Commitments
- All AIS employees sitting on this class should meet the CompTIA recommended prerequisite knowledge and experience for the Security+ exam:
- CompTIA Network+ and two years of experience in IT administration with a security focus, OR
- CompTIA Network+ and two years of experience working in a security/ systems administrator job role
- For AIS employees and those participating in the test pass guarantee program: all students* participating in this program will be distributed a benchmark assessment to complete at a minimum of one week before class at a minimum 55% threshold (showing 55% of the knowledge required to pass the exam before class begins).
- *Candidates who hold an active CompTIA A+ and Network+ certification do not need to meet the 55% threshold for the exam pass guarantee (proof of active certification must be submitted to Logical Operations at least one week before class).
- Those who miss the 55% threshold, and do not pass the official CopmTIA Security+ exam on the first attempt, will be required to complete the following at no additional cost:
- Re-sit a virtual CompTIA Security+ class conducted by Logical Operations (specifically on the days which will review key portions of the exam content they need assistance with) before being provided a second exam voucher.
- Attend a 3-hour virtual exam session conducted by Logical Operations, before they attempt the official CompTIA Security+ exam for a second time.
- Practice exam questions will be reviewed/discussed throughout class delivery. Class will consist of lecture, exam practice, and technology demonstrations (time will not be spent by students doing traditional lab activities).
This course maps to the CompTIA Security+ certification exam (SY0-601) and establishes the core knowledge required of any cybersecurity role, as well as providing a springboard to intermediate-level cybersecurity jobs. This course emphasizes both the practical and hands-on ability to identify and address security threats, attacks and vulnerabilities. CompTIA Security+ is a globally trusted, vendor-neutral certification that validates the baseline skills necessary to perform core security functions and pursue an IT security career. CompTIA Security+ is also a DoD Approved 8570 Baseline Certification and this course meets DoD 8140/8570 Training requirements
Learning Objectives
In this course you will:
- Prepare for the CompTIA Security+ exam
- Confidently explain and define an array of security vulnerabilities
- Navigate the complexities of secure system and network design
- Explore the defensive measures like PKI, firewalls and IDS
- Implement robust identity management and access control
Lesson 1: COMPARING SECURITY ROLES AND CONTROLS
- Topic 1A: Compare and Contrast Information Security Roles
- Topic 1B: Compare and Contrast Security Control and Framework Types
Lesson 2: EXPLAINING THREAT ACTORS AND THREAT INTELLIGENCE
-
Topic 2A: Explain Threat Actor Types and Attack Vectors
Lesson 3: PERFORMING SECURITY ASSESSMENTS
- Topic 3A: Assess Organizational Security with Network Reconnaissance Tools
- Topic 3B: Explain Security Concerns with General Vulnerability Types
- Topic 3C: Summarize Vulnerability Scanning Techniques
- Topic 3D: Explain Penetration Testing Concepts
Lesson 4: IDENTIFYING SOCIAL ENGINEERING AND MALWARE
- Topic 4A: Compare and Contrast Social Engineering Techniques
- Topic 4B: Analyze Indicators of Malware-Based Attacks
Lesson 5: SUMMARIZING BASIC CRYPTOGRAPHIC CONCEPTS
- Topic 5A: Compare and Contrast Cryptographic Ciphers
- Topic 5B: Summarize Cryptographic Modes of Operation
- Topic 5C: Summarize Cryptographic Use Cases and Weaknesses
- Topic 5D: Summarize Other Cryptographic Technologies
Lesson 6: IMPLEMENTING PUBLIC KEY INFRASTRUCTURE
- Topic 6A: Implement Certificates and Certificate Authorities
- Topic 6B: Implement PKI Management
Lesson 7: IMPLEMENTING AUTHENTICATION CONTROLS
- Topic 7A: Summarize Authentication Design Concepts
- Topic 7B: Implement Knowledge-Based Authentication
- Topic 7C: Implement Authentication Technologies
- Topic 7D: Summarize Biometrics Authentication Concepts
Lesson 8: IMPLEMENTING IDENTITY AND ACCOUNT MANAGEMENT CONTROLS
- Topic 8A: Implement Identity and Account Types
- Topic 8B: Implement Account Policies
- Topic 8C: Implement Authorization Solutions
- Topic 8D: Explain the Importance of Personnel Policies
Lesson 9: IMPLEMENTING SECURE NETWORK DESIGNS
- Topic 9A: Implement Secure Network Designs
- Topic 9B: Implement Secure Switching and Routing
- Topic 9C: Implement Secure Wireless Infrastructure
- Topic 9D: Implement Load Balancers
Lesson 10: IMPLEMENTING NETWORK SECURITY APPLIANCES
- Topic 10A: Implement Firewalls and Proxy Servers
- Topic 10B: Implement Network Security Monitoring
- Topic 10C: Summarize the Use of SIEM
Lesson 11: IMPLEMENTING SECURE NETWORK PROTOCOLS
- Topic 11A: Implement Secure Network Operations Protocols
- Topic 11B: Implement Secure Application Protocols
- Topic 11C: Implement Secure Remote Access Protocols
Lesson 12: IMPLEMENTING HOST SECURITY SOLUTIONS
- Topic 12A: Implement Secure Firmware
- Topic 12B: Implement Endpoint Security
- Topic 12C: Explain Embedded System Security Implications
Lesson 13: IMPLEMENTING SECURE MOBILE SOLUTIONS
- Topic 13A: Implement Mobile Device Management
- Topic 13B: Implement Secure Mobile Device Connections
Lesson 14: SUMMARIZING SECURE APPLICATION CONCEPTS
- Topic 14A: Analyze Indicators of Application Attacks
- Topic 14B: Analyze Indicators of Web Application Attacks
- Topic 14C: Summarize Secure Coding Practices
- Topic 14D: Implement Secure Script Environments
- Topic 14E: Summarize Deployment and Automation Concepts
Lesson 15: IMPLEMENTING SECURE CLOUD SOLUTIONS
- Topic 15A: Summarize Secure Cloud and Virtualization Services
- Topic 15B: Apply Cloud Security Solutions
- Topic 15C: Summarize Infrastructure as Code Concepts
Lesson 16: EXPLAINING DATA PRIVACY AND PROTECTION CONCEPTS
- Topic 16A: Explain Privacy and Data Sensitivity Concepts
- Topic 16B: Explain Privacy and Data Protection Controls
Lesson 17: PERFORMING INCIDENT RESPONSE
- Topic 17A: Summarize Incident Response Procedures
- Topic 17B: Utilize Appropriate Data Sources for Incident Response
- Topic 17C: Apply Mitigation Controls
Lesson 18: EXPLAINING DIGITAL FORENSICS
- Topic 18A: Explain Key Aspects of Digital Forensics Documentation
- Topic 18B: Explain Key Aspects of Digital Forensics Evidence Acquisition
Lesson 19: SUMMARIZING RISK MANAGEMENT CONCEPTS
-
Topic 19A: Explain Risk Management Processes and Concepts
Lesson 20: IMPLEMENTING CYBERSECURITY RESILIENCE
- Topic 20A: Implement Redundancy Strategies
- Topic 20B: Implement Backup Strategies
- Topic 20C: Implement Cybersecurity Resiliency Strategies
Lesson 21: EXPLAINING PHYSICAL SECURITY
- Topic 21A: Explain the Importance of Physical Site Security Controls
- Topic 21B: Explain the Importance of Physical Host Security Controls