This course prepares individuals to successfuly pass the CompTIA Security+ SY0-701 certification exam. It covers each of the five domains in the Security+ exam: General Security Concepts; Threats, Vulnerabilities, and Mitigations; Security Architecture; Security Operations; and Security Program Management and Oversight. Each course will explain the concepts and terminology covered on the exam and include helpful analogies, memory aids, and practical applications of the material to better remember important key points, with each video providing targeted details of important individual topics or similar, related concepts.
Overview
Syllabus
- Security basics
- In this module, we explain general concepts and vocabulary used in cybersecurity and explore categories and types of security controls used to protect assets. Physical controls are also considered as ways of protecting physical infrastructure.
- Cryptography
- In this course, we will discuss protecting sensitive data with cryptography, which is the practice of disguising information in a way that looks random. We will cover the history of cryptography, hashing, passwords, and keys.
- Threats
- There are a range of groups and individuals who might carry out an attack or impact an organization's operations. In this course, we review various types of threat actors who might seek to harm an organization along with their motivations. Also discussed are the various ways an attack might occur. Ways a social engineering attack might be carried out is also described.
- Attacks
- A number of cyberattacks are possible including physical, network, application, and cryptographic attacks. In this course, we review the general types of cyber attacks mentioned in the CompTIA Security+ exam. We also describe their general operation of specific examples of attacks both over the network and in applications.
- Identity and access management
- Identity and access management is all about verifying the right users have the right access to the tools and technologies needed to do their job. Learn about the most important security concepts related to identity and access management: identification, authentication, authorization, and accounting.
- Organizational security
- There are a number of ways an organization can create a secure operating environment. In this course, we review ways organizations protect their networks and software in order to prevent data loss.
- Network security devices
- A number of network devices can be used to help secure an organization's networks. In this course, we delve into different network devices used to safeguard networks from malicious activity, protect data confidentiality, and reduce potential harmful intrusions.
- Security operations
- As an organization implements new technologies and evolves its existing infrastructure, various secure operating requirements should be utilized. In this course, we review the concepts driving security management at an organization including practices, policies, and specific technologies such as a security information and event management system to better monitor a network for security incidents.
- Virtualization
- Virtualization has given rise to a host of new computing technologies and operations. Most major enterprise solutions utilize virtualization, automation, and cloud services. In this course, we review the terminology used in virtualization and how organizations leverage cloud computing services to meet their needs.
- Mobile security
- As mobile devices proliferate the modern workplace, various security controls must be implemented to safeguard the organization from data loss. In this course, we explore mobile device management solutions as well as the manner in which organization choose to implement mobile device usage for their employees.
- Vulnerability and risk management
- Determining if a system or network is impacted by vulnerabilities is the first step toward identifying and correcting security shortcomings. In this section, we outline the methods by which secure organizations identify vulnerabilities, analyze the findings, and determine which vulnerabilties require a response.
- Incident response
- This course explains the purpose and main components of an incident response plan and walks through the phases of incident response, contingency planning and creating backups. Explore how an incident response plan works and the basic concepts related to digital forensics.
- Data protection
- Organizations must be on guard to protect their data both from outside threats as well as inside threats. In this course, we disuss the ideas surrounding data protection through the use of secure data management practices, data management technologies, and regulatory requirements involving how an organization's data protection operation is structured.
- Governance
- Secure, mature organizations thoughtfully consider how individuals at the organization will operate and take proactive steps to safeguard the organization from data loss. In this course, we review legal and industry regulations that might shape how an organization operates and we describe the methods by which an organization creates and implements policies.
Taught by
Elizabeth Manar