- Understand penetration testing and vulnerability scanning concepts.
- Configure network components while assessing and troubleshooting issues to support network security.
- Implement secure network architecture concepts and systems design.
- Install identity and access services, as well as management controls.
- Implement and summarize risk management best practices and the business impact
- Install and configure wireless security settings and implement public key infrastructure
CompTIA Security+ SY0-501 Certification Training
Get CompTIA Security+ Certified and ease your way for Becoming a Cybersecurity Specialist
Self-Paced Training
USD 499
12 months access
• Access to Industry Experts
• Free Practice Test
• 11 Training Modules
Companies currently employing Certified CompTIA Security+ Specialists include:
Skills you will learn
THREATS, ATTACKS & VULNERABILITIES
Learn penetration testing and vulnerability scanning concepts
IDENTITY & ACCESS MANAGEMENT
Learn identity and access services, as well as management controls
ARCHITECTURE & DESIGN
Understand the concepts and systems design for Implementing secure architecture
RISK MANAGEMENT
Learn best practices to implement risk management
TECHNOLOGIES & TOOLS
Configure network components and troubleshoot issues to secure network
CRYPTOGRAPHY & PKI
Learn the configuration for wireless security settings and public key infrastructure
Salary Range forCompTIA Security+
Certified Professionals
$63,456Min $48K - Max $108K
JOBSYOU CAN GET:
- Systems Administrator
- Network Administrator
- Network Engineer
- Junior IT Auditor/ Penetration Tester
- Security Specialist
- Security Consultant
- Security Engineer
About the Training
The CompTIA Security+ Certification course is designed to help you with exam preparation for the CompTIA Sec+ (SY0-501) certification. The skillset you develop from this course will help you land a job in network security.
About the Certification:
CompTIA Security+ or Sec+ for short, is a global certification which provides evidence to
you
for the fact that you have the adequate fundamental skills to handle core security functions. This
certification which comprises of one exam only, but it puts the candidate on the path towards a
career
in network security.
What skills does this CompTIA Security+ certification course aim to teach you?
Who should take this CompTIA Security+ training?
The course is ideal for anyone seeking network security jobs or wanting to improve his/her portfolio by completing the CompTIA Security+ certification
Course Outline
Chapter 01: Identifying Security Fundamentals
Topic A : Identify Information Security Concepts
- Identify Information Security Concepts - Part 1
- Identify Information Security Concepts - Part 2
- Information Security
- Goals of Information Security
- Risk
- Vulnerabilities
- Threats
- Attacks
- Controls
- Types of Controls
- The Security Management Process
- Demo - Identifying Information Security Basics
- The CIA Triad - Part 1
- The CIA Triad - Part 2
- Non-repudiation
- Identification
- Authentication
- Authentication Factors
- Authorization
- Access Control
- Accounting and Auditing
- Principle of Least Privilege
- Privilege Management
- Demo - Identifying Basic Security Controls
- Passwords
- Tokens
- Biometrics
- Geolocation
- Keystroke Authentication
- Multi-factor Authentication
- Mutual Authentication
- Demo - Identifying Basic Authentication and Authorization Concepts
- Cryptography
- Encryption and Decryption - Part 1
- Encryption and Decryption - Part 2
- Encryption and Security Goals
- Ciphers
- A Key
- Symmetric Encryption
- Asymmetric Encryption - Part 1
- Asymmetric Encryption - Part 2
- Hashing
- Steganography
- Demo - Identifying Basic Cryptography Concepts
- Chapter 01 Review
- Review
Chapter 02: Analyzing Risk
Topic A : Analyze Organizational Risk
- Analyze Organizational Risk - Part 1
- Analyze Organizational Risk - Part 2
- Risk Management
- Components of Risk Analysis
- Phases of Risk Analysis
- Categories of Threat Types
- Risk Analysis Methods
- Risk Calculation
- Risk Response Techniques
- Risk Mitigation and Control Types
- Change Management - Part 1
- Change Management - Part 2
- Guidelines for Analyzing Risk
- Demo - Analyzing Risks to the Organization
- BIA
- Impact Scenarios - Part 1
- Impact Scenarios - Part 2
- Impact Scenarios - Part 3
- Privacy Assessments
- Critical Systems and Functions
- Maximum Tolerable Downtime
- Recovery Point Objective
- Recovery Time Objective
- Mean Time to Failure
- Mean Time to Repair
- Mean Time Between Failures
- Guidelines for Performing a Business Impact Analysis
- Demo - Performing a Business Impact Analysis
- Chapter 02 Review
- Review
Chapter 03: Identifying Security Threats
Topic A : Identify Types of Attackers
- Identify Types of Attackers - Part 1
- Identify Types of Attackers - Part 2
- Hackers and Attackers - Part 1
- Hackers and Attackers - Part 2
- Threat Actors - Part 1
- Threat Actors - Part 2
- Threat Actor Attributes - Part 1
- Threat Actor Attributes - Part 2
- Open-Source Intelligence
- Demo - Identifying Types of Attackers
- Social Engineering - Part 1
- Social Engineering - Part 2
- Effectiveness
- Impersonation
- Phishing and Related Attacks - Part 1
- Phishing and Related Attacks - Part 2
- Hoaxes
- Physical Exploits
- Watering Hole Attacks
- Demo - Identifying Social Engineering Attacks
- Malicious Code - Part 1
- Malicious Code - Part 2
- Viruses
- Worms
- Adware
- Spyware
- Trojan Horses
- Keyloggers
- Remote Access Trojans
- Logic Bombs
- Botnets - Part 1
- Botnets - Part 2
- Ransomware - Part 1
- Ransomware - Part 2
- Advance Persistent Threats
- Demo - Identifying Types of Malware
- Software Attacks
- Password Attacks
- Types of Password Attacks - Part 1
- Types of Password Attacks - Part 2
- Cryptographic Attacks
- Types of Cryptographic Attacks - Part 1
- Types of Cryptographic Attacks - Part 2
- Backdoor Attacks - Part 1
- Backdoor Attacks - Part 2
- Application Attacks - Part 1
- Application Attacks - Part 2
- Types of Application Attacks
- Driver Manipulation
- Privilege Escalation - Part 1
- Privilege Escalation - Part 2
- Demo - Identifying Password Attacks
- TCP/IP Basics - Part 1
- TCP/IP Basics - Part 2
- Spoofing Attacks
- IP and MAC Address Spoofing - Part 1
- IP and MAC Address Spoofing - Part 2
- ARP Poisoning
- DNS Poisoning
- Port Scanning Attacks - Part 1
- Port Scanning Attacks - Part 2
- Scan Types - Part 1
- Scan Types - Part 2
- Eavesdropping Attacks
- Man-in-the-Middle Attacks - Part 1
- Man-in-the-Middle Attacks - Part 2
- Man-in-the-Browser Attacks
- Replay Attacks - Part 1
- Replay Attacks - Part 2
- DoS Attacks
- DDoS Attacks
- Hijacking Attacks - Part 1
- Hijacking Attacks - Part 2
- Amplification Attacks - Part 1
- Amplification Attacks - Part 2
- Pass the Hash Attacks
- Demo - Identifying Threats to DNS
- Demo - Identifying Port Scanning Threats
- Rogue Access Points
- Evil Twins
- Jamming
- Bluejacking
- Bluesnarfing
- Near Field Communication Attacks
- RFID System Attacks
- War Driving, War Walking, and War Chalking
- Packet Sniffing
- IV Attacks
- Wireless Replay Attacks
- WEP and WPA Attacks
- WPS Attacks
- Wireless Disassociation
- Demo - Identifying Wireless Threats
- Physical Threats and Vulnerabilities
- Hardware Attacks
- Environmental Threats and Vulnerabilities - Part 1
- Environmental Threats and Vulnerabilities - Part 2
- Demo - Identifying Physical Threats
- Chapter 03 Review
- Review
Chapter 04: Conducting Security Assessments
Topic A : Identify Vulnerabilities
- Identify Vulnerabilities - Part 1
- Identify Vulnerabilities - Part 2
- Host Vulnerabilities
- Software Vulnerabilities
- Encryption Vulnerabilities
- Network Architecture Vulnerabilities
- Account Vulnerabilities
- Operations Vulnerabilities
- Demo - Identifying Vulnerabilities
- Security Assessment
- Security Assessment Techniques
- Vulnerability Assessment Tools
- Types of Vulnerability Scans
- False Positives
- Guidelines for Assessing Vulnerabilities
- Demo - Capturing Network Data with Wireshark
- Demo - Scanning for General Vulnerabilities
- Penetration Testing
- Penetration Testing Techniques
- Box Testing Methods
- Penetration Testing Tools
- Guidelines for Implementing Penetration Testing
- Demo - Implementing Penetration Testing
- Chapter 04 Review
- Review
Chapter 05: Implementing Network Security
Topic A : Configure Network Security Technologies
- Configure Network Security Technologies - Part 1
- Configure Network Security Technologies - Part 2
- Network Components
- Network Devices
- Routers
- Switches
- Proxies
- Firewalls
- Load Balancer
- Network Scanners and Analysis Tools
- Intrusion Detection Systems
- Network IDS
- Intrusion Prevention Systems
- Network IPS
- Types of Network Monitoring Systems
- Security Information and Event Management
- Data Loss/Leak Prevention
- Virtual Private Networks
- VPN Concentrators
- Security Gateways
- Unified Threat Management
- Guidelines for Configuring Network Security Technologies
- Demo - Configuring a Network IDS
- Network Access Control
- Demilitarized Zones
- Network Isolation - Part 1
- Network Isolation - Part 2
- Virtual Local Area Networks - Part 1
- Virtual Local Area Networks - Part 2
- Network Security Device Placement
- Network Address Translation
- Software-Defined Networking
- Guidelines for Securing Network Design Elements
- Demo - Securing Network Design Elements
- The Open Systems Interconnection Model
- OSI Model and Security
- Internet Protocol Suite
- Domain Name System
- Hypertext Transfer Protocol
- Secure Sockets Layer/Transport Layer Security - Part 1
- Secure Sockets Layer/Transport Layer Security - Part 2
- HTTP Secure
- Secure Shell
- Simple Network Management Protocol
- Real-Time Transport Protocol
- Internet Control Message Protocol
- Internet Protocol Security
- Network Basic Input/Output System
- File Transfer Protocols
- Email Protocols
- Additional Networking Protocols and Services
- Ports and Port Ranges
- Demo - Installing an Internet Information Services Web Server with Basic Security
- Demo - Securing Network Traffic Using IPSec
- Wireless Networks
- Wireless Antenna Types
- 802.11 Protocols
- Wireless Cryptographic Protocols
- Wireless Authentication Protocols
- VPNs and Open Wireless
- Wireless Client Authentication Methods
- Wireless Access Point Security
- Captive Portals
- Site Surveys
- Guidelines for Securing Wireless Traffic
- Demo - Securing Wireless Traffic
- Chapter 06 Review
- Review
Chapter 06: Managing Identity and Access
Topic A : Implement Identity and Access Management
- Implement Identity and Access Management - Part 1
- Implement Identity and Access Management - Part 2
- Identity and Access Management
- Access Control Models
- Physical Access Control Devices
- Biometric Devices
- Certificate-Based Authentication
- File System and Database Access
- Guidelines for Implementing IAM
- Demo - Implementing DAC for a File Share
- Directory Services - Part 1
- Directory Services - Part 2
- Lightweight Directory Access Protocol
- Secure LDAP
- Common Directory Services
- Demo - Backing Up Active Directory
- Remote Access Methods
- Tunneling
- Remote Access Protocols
- HMAC-Based One-Time Password
- Time-Based OTP
- Password Authentication Protocol
- Challenge-Handshake Authentication Protocol
- NT LAN Manager
- Authentication, Authorization, and Accounting
- Remote Authentication Dial-In User Service - Part 1
- Remote Authentication Dial-In User Service - Part 2
- Terminal Access Controller Access-Control System
- Kerberos - Part 1
- Kerberos - Part 2
- Demo - Configuring a Remote Access Server
- Demo - Setting Up Remote Access Authentication
- Account Management
- Account Privileges
- Account Types
- Account Policy
- Password Policy
- Multiple Accounts
- Shared Accounts
- Account Management Security Controls
- Credential Management
- Group Policy
- Identity Federation
- Identity Federation Methods
- Guidelines for Managing Accounts
- Demo - Managing Accounts
- Chapter 07 Review
- Review
Chapter 07: Implementing Cryptography
Topic A : Identify Advanced Cryptography Concepts
- Identify Advanced Cryptography Concepts - Part 1
- Identify Advanced Cryptography Concepts - Part 2
- Cryptography Elements
- Hashing Concepts
- Data States
- Key Exchange - Part 1
- Key Exchange - Part 2
- Digital Signatures - Part 1
- Digital Signatures - Part 2
- Cipher Suites
- Session Keys
- Key Stretching
- Special Considerations for Cryptography
- Demo - Identifying Advanced Cryptographic Concepts
- Types of Ciphers
- Types of Hashing Algorithms
- Types of Symmetric Encryption Algorithms
- Types of Asymmetric Encryption Techniques
- Types of Key Stretching Algorithms
- Substitution Ciphers
- Exclusive Or
- Cryptographic Modules
- Demo - Selecting Cryptographic Algorithms
- Public Key Infrastructure
- PKI Components
- CA Hierarchies
- The Root CA
- Subordinate CAs
- Offline Root CAs
- Types of Certificates - Part 1
- Types of Certificates - Part 2
- X.509
- Certificate File Formats
- CA Hierarchy Design Options
- Demo - Installing a CA
- Demo - Securing a Windows Server 2016 CA
- The Certificate Enrollment Process
- The Certificate Lifecycle
- Certificate Lifecycle Management
- The SSL/TLS Connection Process
- Demo - Enrolling Certificates
- Demo - Securing Network Traffic with Certificates
- Private Key Protection Methods
- Key Escrow
- Private Key Restoration Methods
- Private Key Replacement
- Demo - Backing Up a Certificate and Private Key
- Demo - Restoring a Certificate and Private Key
- Certificate Revocation
- Certificate Revocation List - Part 1
- Certificate Revocation List - Part 2
- Online Certificate Status Protocol
- Demo - Revoking Certificates
- Chapter 08 Review
- Review
Chapter 08: Implementing Operational Security
Topic A : Evaluate Security Frameworks and Guidelines
- Evaluate Security Frameworks and Guidelines - Part 1
- Evaluate Security Frameworks and Guidelines - Part 2
- Security Frameworks
- Security Framework Examples
- Security Configuration Guides
- Compliance
- Layered Security
- Defense in Depth
- Demo - Evaluating Security Frameworks and Guidelines
- Security Policies - Part 1
- Security Policies - Part 2
- Common Security Policy Types
- Personnel Management
- Separation of Duties
- Job Rotation
- Mandatory Vacation
- Additional Personnel Management Tasks
- Training and Awareness
- Business Agreements
- Guidelines for Incorporating Documentation in Operational Security
- Demo - Incorporating Documentation in Operational Security
- Security Automation
- Scalability
- Elasticity
- Redundancy
- Fault Tolerance
- Redundant Array of Independent Disks
- Non-persistence
- High Availability
- Deployment Environments
- Guidelines for Implementing Security Strategies
- Demo - Implementing Virtual Machine Snapshots
- Data Security
- Data Security Vulnerabilities
- Data Storage Methods
- Data Encryption Methods
- Data Sensitivity
- Data Management Roles
- Data Retention
- Data Disposal
- Guidelines for Managing Data Security
- Demo - Destroying Data Securely
- Demo - Encrypting a Storage Device
- Review
- Physical Security Controls
- Physical Security Control Types - Part 1
- Physical Security Control Types - Part 2
- Physical Security Control Types - Part 3
- Physical Security Control Types - Part 4
- Environmental Exposures
- Environmental Controls - Part 1
- Environmental Controls - Part 2
- Environmental Monitoring
- Safety
- Guidelines for Implementing Physical Controls
- Demo - Implementing Physical Controls
- Chapter 09 Review
- Review
Chapter 9: Addressing Security Issues
Topic A : Troubleshoot Common Security Issues
- Troubleshoot Common Security Issues - Part 1
- Troubleshoot Common Security Issues - Part 2
- Access Control Issues
- Encryption Issues
- Data Exfiltration
- Anomalies in Event Logs
- Security Configuration Issues
- Baseline Deviations
- Software Issues
- Personnel Issues
- Asset Management Issues
- Demo - Identifying Event Log Anomalies
- Incident Response
- Incident Preparation
- Incident Detection and Analysis
- Incident Containment
- Incident Eradication
- Incident Recovery
- Lessons Learned
- Incident Response Plans
- First Responders
- An Incident Report
- Guidelines for Responding to Security Incidents
- Demo - Responding to a Security Incident
- Computer Forensics
- The Basic Forensic Process
- Preservation of Forensic Data
- Basic Forensic Response Procedures - Part 1
- Basic Forensic Response Procedures - Part 2
- Order of Volatility
- Chain of Custody
- Guidelines for Investigating Security Incidents
- Demo - Implementing Forensic Procedures
- Chapter 10 Review
- Review
Chapter 10: Ensuring Business Continuity
Topic A : Select Business Continuity and Disaster Recovery
Processes
- Select Business Continuity and Disaster Recovery Processes - Part 1
- Select Business Continuity and Disaster Recovery Processes - Part 2
- Business Continuity and Disaster Recovery
- The Disaster Recovery Process
- Recovery Team
- Order of Restoration
- Recovery Sites
- Secure Recovery
- Backup Types (Full)
- Backup Types (Differential vs. Incremental)
- Secure Backups
- Geographic Considerations
- Guidelines for Selecting Business Continuity and Disaster Recovery Processes
- Demo - Selecting Business Continuity and Disaster Recovery Processes
- Business Continuity Plans - Part 1
- Business Continuity Plans - Part 2
- Disaster Recovery Plans - Part 1
- Disaster Recovery Plans - Part 2
- IT Contingency Plans
- Succession Plans
- Failover
- Alternate Business Practices
- Testing Exercises
- After-Action Reports
- Guidelines for Developing a BCP
- Demo - Developing a BCP
- Chapter 11 Review
- Review
- Course Closure
- Course Summary
Case Study: Meet Bernard,
who turned failure into opportunity
Bernard’s story is a classic tale of ups and downs. Ever since he was in college, he wanted to become an
entrepreneur. When he graduated in 2010 with a degree in business administration, he was all set to
establish his own ecommerce store. He did and with a lot of effort, was able to bring the venture to a
break
even in three years.
Unfortunately, just as things were looking on the bright side, the startup suffered a cyberattack.
Financial
data from the company as well as that from clients was stolen. Some of it was held for ransom while the
rest
ended up on the internet. Bernard and his team tried with all their might but were unable to recover
from
this debacle. In 2016, citing poor revenues and lack of customer trust, the platform was shut.
Bernard kept fluctuating between jobs, but he was never able to settle. Moreover, he hadn’t been able to
completely come to terms with how several years of his work had been wiped out with one attack. He
decided
to do something about it and start looking to learn cybersecurity and that’s where his journey began
with
Wagner College and with only a few weeks of preparation, he aced it.
He took the CompTIA Security+ training from Wagner College and cleared the certification exam in his
first attempt. He gathered a couple of his colleagues and began a firm which provided security
frameworks and infrastructure design services for startups who are dealing with or are potential victims
of cyberattacks. “I had been a victim of such an attack and the loss I suffered made me a quick and
passionate learner” Bernard says about the program. He goes on to add; “the up-to-date courseware gives
students the capability to understand current market dynamics and risks. The CompTIA Security+
certificate gave me a stamp of credibility which has been extremely helpful.”
Bernard plans to gain experiences working with current market players and expand not only the knowledge
of
his team and himself but also the breadth of his company’s services.
CERTIFICATE OF
COMPLETION
The course prepares you for success with key topics that include security threats & attacks, architecture & design, maintenance & monitoring, access & risk management, cryptography & public key infrastructure. Students will receive a certificate of completion upon completing all modules.
Ready to make the commitment?
