A comprehensive, all-in-one resource for those preparing for the Security+ (SY0-701) certification exam.
Overview
Syllabus
Introduction
- About the Security+ exam
- What's new in SY0-701?
- The Security+ exam
- Careers in information security
- The value of certification
- Stackable certifications
- Study resources
- In-person exam environment
- At-home testing
- Security+ question types
- Passing the Security+ exam
- Exam tips
- Practice tests
- Continuing education requirements
- General security concepts
- The goals of information security
- Authentication, authorization, and accounting (AAA)
- Categorizing security controls
- Conducting a gap analysis
- Zero Trust
- Physical access control
- Physical security personnel
- Deception technologies
- Change management
- Understanding encryption
- Symmetric and asymmetric cryptography
- Goals of cryptography
- Choosing encryption algorithms
- The cryptographic lifecycle
- Data de-identification
- Data obfuscation
- Data Encryption Standard (DES)
- 3DES
- AES, Blowfish, and Twofish
- Steganography
- Rivest, Shamir, Adleman (RSA)
- PGP and GnuPG
- Elliptic-curve and quantum cryptography
- Tor and perfect forward secrecy
- Key exchange
- Diffie-Hellman
- Key escrow
- Key stretching
- Hardware security modules
- Trust models
- PKI and digital certificates
- Hash functions
- Digital signatures
- Digital signature standard
- Create a digital certificate
- Revoke a digital certificate
- Certificate stapling
- Certificate authorities
- Certificate subjects
- Certificate types
- Certificate formats
- TLS and SSL
- Blockchain
- Threats, vulnerabilities, and mitigations
- Vulnerability impact
- Supply chain vulnerabilities
- Configuration vulnerabilities
- Architectural vulnerabilities
- Comparing viruses, worms, and trojans
- Malware payloads
- Understanding backdoors and logic bombs
- Looking at advanced malware
- Understanding botnets
- Malicious script execution
- Cybersecurity adversaries
- Attacker motivations
- Preventing insider threats
- Attack vectors
- Zero-day attacks
- Social engineering
- Impersonation attacks
- Identity fraud and pretexting
- Watering hole attacks
- Physical social engineering
- Business email compromise
- Misinformation and disinformation
- Password attacks
- Password spraying and credential stuffing
- Preventing SQL injection
- Understanding cross-site scripting
- Request forgery
- Overflow attacks
- Explaining cookies and attachments
- Session hijacking
- Code execution attacks
- Privilege escalation
- OWASP Top Ten
- Application security
- Defending against directory traversal
- Race condition vulnerabilities
- Brute force attacks
- Knowledge-based attacks
- Limitations of encryption algorithms
- Denial-of-service attacks
- Eavesdropping attacks
- DNS attacks
- Wireless attacks
- Propagation attacks
- Preventing rogues and evil twins
- Disassociation attacks
- Understanding Bluetooth attacks
- RFID security
- Attack indicators
- Security architecture
- What is the cloud?
- Cloud computing roles
- Drivers for cloud computing
- Multitenant computing
- Cloud considerations
- Security service providers
- Virtualization
- Desktop and application virtualization
- Cloud compute resources
- Cloud storage
- Cloud networking
- Cloud databases
- Cloud orchestration
- Containers
- SOA and microservices
- Cloud activities and the cloud reference architecture
- Cloud deployment models
- Cloud service categories
- Security and privacy concerns in the cloud
- Data sovereignty
- Operational concerns in the cloud
- Cloud firewall considerations
- Cloud application security
- Cloud provider security controls
- Introducing TCP/IP
- IP addresses and DHCP
- Domain Name System (DNS)
- Network ports
- ICMP
- Security zones
- VLANs and network segmentation
- Security device placement
- Software-defined networking (SDN)
- Routers, switches, and bridges
- Firewalls
- Web application firewalls
- Proxy servers
- Load balancers
- VPNs and VPN concentrators
- Network intrusion detection and prevention
- Protocol analyzers
- Unified threat management
- Failure modes
- Restricting network access
- Network access control
- Router configuration security
- Switch configuration security
- Maintaining network availability
- Network monitoring
- SNMP
- Isolating sensitive systems
- Zero trust networking
- Secure access service edge (SASE)
- Industrial control systems
- Internet of Things
- Securing smart devices
- Secure networking for smart devices
- Embedded systems
- Understanding data security
- Data types
- Data anonymization
- Data obfuscation
- Information classification
- Business continuity planning
- Business continuity controls
- High availability and fault tolerance
- Disaster recovery
- Backups
- Restoring backups
- Disaster recovery sites
- Testing BC/DR plans
- Capacity planning
- Security operations
- Developing security baselines
- Leveraging industry standards
- Customizing security standards
- Operating system security
- Malware prevention
- Application management
- Host-based network security controls
- File integrity monitoring
- Data loss prevention
- Data encryption
- Hardware and firmware security
- Linux file permissions
- Web content filtering
- Change management
- Configuration management
- Physical asset management
- Disposal and decommissioning
- Mobile connection methods
- Mobile device security
- Mobile device management
- Mobile device tracking
- Mobile application security
- Mobile security enforcement
- Bring your own device (BYOD)
- Mobile deployment models
- Understanding wireless networking
- Wireless encryption
- Wireless authentication
- RADIUS
- Wireless signal propagation
- Wireless networking equipment
- Code review
- Software testing
- Code security tests
- Fuzz testing
- Acquired software
- Package monitoring
- Threat intelligence
- Intelligence sharing
- Threat hunting
- What is vulnerability management?
- Identify scan targets
- Scan configuration
- Scan perspective
- Security Content Automation Protocol (SCAP)
- Common Vulnerability Scoring System (CVSS )
- Analyzing scan reports
- Correlating scan results
- Vulnerability response and remediation
- Penetration testing
- Responsible disclosure
- Bug bounty
- Logging security information
- Security information and event management
- Monitoring activities
- Endpoint monitoring
- Automation and orchestration
- TLS and SSL
- IPSec
- Securing common protocols
- DKIM, DMARC, and SPF
- Email gateways
- Identification, authentication, authorization, and accounting
- Usernames and access cards
- Biometrics
- Registration and identity proofing
- Authentication factors
- Multifactor authentication
- Something you have
- Password policy
- Password managers
- Passwordless authentication
- Single sign-on and federation
- Kerberos and LDAP
- SAML
- OAUTH and OpenID Connect
- Certificate-based authentication
- Understanding authorization
- Mandatory access controls
- Discretionary access controls
- Access control lists
- Advanced authorization concepts
- Understanding account and privilege management
- Privileged access management
- Provisioning and deprovisioning
- Build an incident response program
- Incident identification
- Escalation and notification
- Mitigation
- Containment techniques
- Incident eradication and recovery
- Post-incident activities
- Incident response training and testing
- Introduction to forensics
- System and file forensics
- Chain of custody
- E-discovery and evidence production
- Investigation data sources
- Security program management and oversight
- Security policy framework
- Security policies
- Security standards
- Security procedures
- Policy monitoring and revision
- Policy considerations
- Security governance structures
- Data security roles
- Risk assessment
- Quantitative risk assessment
- Business impact analysis
- Risk treatment options
- Risk visibility and reporting
- Ongoing risk assessment
- Security metrics
- Managing vendor relationships
- Vendor agreements
- Vendor information management
- Legal and compliance risks
- Compliance monitoring and reporting
- Audits and assessments
- Continuing Your Studies
Taught by
Mike Chapple
