CompTIA Security+ (SY0-701) Cert Prep

سرفصل های دوره

CompTIA Security+ is an entry-level certification that requires a thorough understanding of network and device security, risk mitigation strategies, compliance, and more. This course provides CompTIA Security+ candidates with essential information they need to prepare for the qualifying exam. Cybersecurity expert Mike Chapple first goes over some of the basics of the exam, then covers the six domains for the latest version of the exam, SY0-701. He shares study tips that can help you feel prepared to take and pass the test on your first try. Plus, learn where to find practice tests to get hands-on experience and how to keep your certification current by continuing your studies.

01 - Introduction

01 - About the Security+ exam

02 - Whats new in SY0-701

02 - 1. The Security+ Exam

01 - The Security+ exam

02 - Careers in information security

03 - The value of certification

04 - Stackable certifications

05 - Study resources

03 - 2. Inside the Security+ Exam

01 - In-person exam environment

02 - At-home testing

03 - Security+ question types

04 - Passing the Security+ exam

04 - 3. Preparing for the Exam

01 - Exam tips

02 - Practice tests

03 - Continuing education requirements

05 - 4. Domain 1 General Security Concepts

01 - General security concepts

06 - 5. Fundamental Security Concepts

01 - The goals of information security

02 - Authentication, authorization, and accounting (AAA)

03 - Categorizing security controls

04 - Conducting a gap analysis

05 - Zero Trust

06 - Physical access control

07 - Physical security personnel

08 - Deception technologies

09 - Change management

07 - 6. Cryptography

01 - Understanding encryption

02 - Symmetric and asymmetric cryptography

03 - Goals of cryptography

04 - Choosing encryption algorithms

05 - The cryptographic lifecycle

06 - Data de-identification

07 - Data obfuscation

08 - 7. Symmetric Cryptography

01 - Data Encryption Standard (DES)

02 - 3DES

03 - AES, Blowfish, and Twofish

04 - Steganography

09 - 8. Asymmetric Cryptography

02 - PGP and GnuPG

03 - Elliptic-curve and quantum cryptography

04 - Tor and perfect forward secrecy

10 - 9. Key Management

01 - Key exchange

02 - Diffie-Hellman

03 - Key escrow

04 - Key stretching

05 - Hardware security modules

11 - 10. Public Key Infrastructure

01 - Trust models

02 - PKI and digital certificates

03 - Hash functions

04 - Digital signatures

05 - Digital signature standard

06 - Create a digital certificate

07 - Revoke a digital certificate

08 - Certificate stapling

09 - Certificate authorities

10 - Certificate subjects

11 - Certificate types

12 - Certificate formats

12 - 11. Cryptographic Applications

01 - TLS and SSL

02 - Blockchain

13 - 12. Domain 2 Threats, Vulnerabilities, and Mitigations

01 - Threats, vulnerabilities, and mitigations

14 - 13. Understanding Vulnerability Types

01 - Vulnerability impact

02 - Supply chain vulnerabilities

03 - Configuration vulnerabilities

04 - Architectural vulnerabilities

15 - 14. Malware

01 - Comparing viruses, worms, and trojans

02 - Malware payloads

03 - Understanding backdoors and logic bombs

04 - Looking at advanced malware

05 - Understanding botnets

06 - Malicious script execution

16 - 15. Understanding Attackers

01 - Cybersecurity adversaries

02 - Attacker motivations

03 - Preventing insider threats

04 - Attack vectors

05 - Zero-day attacks

17 - 16. Social Engineering Attacks

01 - Social engineering

02 - Impersonation attacks

03 - Identity fraud and pretexting

04 - Watering hole attacks

05 - Physical social engineering

06 - Business email compromise

07 - Misinformation and disinformation

18 - 17. Password Attacks

01 - Password attacks

02 - Password spraying and credential stuffing

19 - 18. Application Attacks

01 - Preventing SQL injection

02 - Understanding cross-site scripting

03 - Request forgery

04 - Overflow attacks

05 - Explaining cookies and attachments

06 - Session hijacking

07 - Code execution attacks

08 - Privilege escalation

09 - OWASP Top Ten

10 - Application security

11 - Defending against directory traversal

12 - Race condition vulnerabilities

20 - 19. Cryptanalytic Attacks

01 - Brute force attacks

02 - Knowledge-based attacks

03 - Limitations of encryption algorithms

21 - 20. Network Attacks

01 - Denial-of-service attacks

02 - Eavesdropping attacks

03 - DNS attacks

04 - Wireless attacks

05 - Propagation attacks

06 - Preventing rogues and evil twins

07 - Disassociation attacks

08 - Understanding Bluetooth attacks

09 - RFID security

22 - 21. Attack Indicators

01 - Attack indicators

23 - 22. Domain 3 Security Architecture

01 - Security architecture

24 - 23. Cloud Computing

01 - What is the cloud

02 - Cloud computing roles

03 - Drivers for cloud computing

04 - Multitenant computing

05 - Cloud considerations

06 - Security service providers

25 - 24. Virtualization

01 - Virtualization

02 - Desktop and application virtualization

26 - 25. Cloud Building Blocks

01 - Cloud compute resources

02 - Cloud storage

03 - Cloud networking

04 - Cloud databases

05 - Cloud orchestration

06 - Containers

07 - SOA and microservices

27 - 26. Cloud Activities

01 - Cloud activities and the cloud reference architecture

02 - Cloud deployment models

03 - Cloud service categories

04 - Security and privacy concerns in the cloud

05 - Data sovereignty

06 - Operational concerns in the cloud

28 - 27. Cloud Security Controls

01 - Cloud firewall considerations

02 - Cloud application security

03 - Cloud provider security controls

29 - 28. TCPIP Networking

01 - Introducing TCPIP

02 - IP addresses and DHCP

03 - Domain Name System (DNS)

04 - Network ports

05 - ICMP

30 - 29. Secure Network Design

01 - Security zones

02 - VLANs and network segmentation

03 - Security device placement

04 - Software-defined networking (SDN)

31 - 30. Network Security Devices

01 - Routers, switches, and bridges

02 - Firewalls

03 - Web application firewalls

04 - Proxy servers

05 - Load balancers

06 - VPNs and VPN concentrators

07 - Network intrusion detection and prevention

08 - Protocol analyzers

09 - Unified threat management

10 - Failure modes

32 - 31. Network Security Techniques

01 - Restricting network access

02 - Network access control

03 - Router configuration security

04 - Switch configuration security

05 - Maintaining network availability

06 - Network monitoring

07 - SNMP

08 - Isolating sensitive systems

09 - Zero trust networking

10 - Secure access service edge (SASE)

33 - 32. Embedded Systems Security

01 - Industrial control systems

02 - Internet of Things

03 - Securing smart devices

04 - Secure networking for smart devices

05 - Embedded systems

34 - 33. Data Protection

01 - Understanding data security

02 - Data types

03 - Data anonymization

04 - Data obfuscation

05 - Information classification

35 - 34. Resilience and Recovery

01 - Business continuity planning

02 - Business continuity controls

03 - High availability and fault tolerance

04 - Disaster recovery

05 - Backups

06 - Restoring backups

07 - Disaster recovery sites

08 - Testing BCDR plans

09 - Capacity planning

36 - 35. Domain 4 Security Operations

01 - Security operations

37 - 36. Data Security Controls

01 - Developing security baselines

02 - Leveraging industry standards

03 - Customizing security standards

38 - 37. Host Security

01 - Operating system security

02 - Malware prevention

03 - Application management

04 - Host-based network security controls

05 - File integrity monitoring

06 - Data loss prevention

07 - Data encryption

08 - Hardware and firmware security

09 - Linux file permissions

10 - Web content filtering

39 - 38. Configuration Enforcement

01 - Change management

02 - Configuration management

03 - Physical asset management

04 - Disposal and decommissioning

40 - 39. Mobile Device Security

01 - Mobile connection methods

02 - Mobile device security

03 - Mobile device management

04 - Mobile device tracking

05 - Mobile application security

06 - Mobile security enforcement

07 - Bring your own device (BYOD)

08 - Mobile deployment models

41 - 40. Wireless Networking

01 - Understanding wireless networking

02 - Wireless encryption

03 - Wireless authentication

04 - RADIUS

05 - Wireless signal propagation

06 - Wireless networking equipment

42 - 41. Code Security

01 - Code review

02 - Software testing

03 - Code security tests

04 - Fuzz testing

05 - Acquired software

06 - Package monitoring

43 - 42. Threat Intelligence

01 - Threat intelligence

02 - Intelligence sharing

03 - Threat hunting

44 - 43. Vulnerability Management

01 - What is vulnerability management

02 - Identify scan targets

03 - Scan configuration

04 - Scan perspective

05 - Security Content Automation Protocol (SCAP)

06 - Common Vulnerability Scoring System (CVSS )

07 - Analyzing scan reports

08 - Correlating scan results

09 - Vulnerability response and remediation

45 - 44. Penetration Testing and Exercises

01 - Penetration testing

02 - Responsible disclosure

03 - Bug bounty

46 - 45. Security Alerting, Monitoring, and Automation

01 - Logging security information

02 - Security information and event management

03 - Monitoring activities

04 - Endpoint monitoring

05 - Automation and orchestration

47 - 46. Secure Protocols

01 - TLS and SSL

02 - IPSec

03 - Securing common protocols

04 - DKIM, DMARC, and SPF

05 - Email gateways

48 - 47. Identification

01 - Identification, authentication, authorization, and accounting

02 - Usernames and access cards

03 - Biometrics

04 - Registration and identity proofing

49 - 48. Authentication

01 - Authentication factors

02 - Multifactor authentication

03 - Something you have

04 - Password policy

05 - Password managers

06 - Passwordless authentication

07 - Single sign-on and federation

08 - Kerberos and LDAP

09 - SAML

10 - OAUTH and OpenID Connect

11 - Certificate-based authentication

50 - 49. Authorization

01 - Understanding authorization

02 - Mandatory access controls

03 - Discretionary access controls

04 - Access control lists

05 - Advanced authorization concepts

51 - 50. Account Management

01 - Understanding account and privilege management

02 - Privileged access management

03 - Provisioning and deprovisioning

52 - 51. Incident Response

01 - Build an incident response program

02 - Incident identification

03 - Escalation and notification

04 - Mitigation

05 - Containment techniques

06 - Incident eradication and recovery

07 - Post-incident activities

08 - Incident response training and testing

53 - 52. Digital Forensics

01 - Introduction to forensics

02 - System and file forensics

03 - Chain of custody

04 - E-discovery and evidence production

05 - Investigation data sources

54 - 53. Domain 5 Security Program Management and Oversight

01 - Security program management and oversight

55 - 54. Security Policies

01 - Security policy framework

02 - Security policies

03 - Security standards

04 - Security procedures

05 - Policy monitoring and revision

06 - Policy considerations

56 - 55. Security Governance

01 - Security governance structures

02 - Data security roles

57 - 56. Risk Analysis

01 - Risk assessment

02 - Quantitative risk assessment

03 - Business impact analysis

04 - Risk treatment options

05 - Risk visibility and reporting

06 - Ongoing risk assessment

07 - Security metrics

58 - 57. Supply Chain Risk

01 - Managing vendor relationships

02 - Vendor agreements

03 - Vendor information management

59 - 58. Privacy and Compliance

01 - Legal and compliance risks

02 - Compliance monitoring and reporting

60 - 59. Auditing

01 - Audits and assessments

61 - 60. Conclusion

01 - Continuing Your Studies

139,000 تومان

افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: LinkedIn Learning (Lynda)