Upon course completion, students will be able to:
- Compare security roles and security controls
- Explain threat actors and threat intelligence
- Perform security assessments and identify social engineering attacks and malware types
- Summarize basic cryptographic concepts and implement public key infrastructure
- Implement authentication controls
- Implement identity and account management controls
- Implement secure network designs, network security appliances, and secure network protocols
- Implement host, embedded/Internet of Things, and mobile security solutions
- Implement secure cloud solutions
- Explain data privacy and protection concepts
- Perform incident response and digital forensics
- Summarize risk management concepts and implement cybersecurity resilience
- Explain physical security
This course prepares a student to take the CompTIA Security+ SY0-601 national certification exam.
Lesson 1: Comparing Security Roles and Security Controls
Security is an ongoing process that includes assessing requirements, setting up organizational security systems, hardening them, monitoring them, responding to attacks in progress, and deterring attackers. As a security professional, it is important that you understand how the security function is implemented as departments or units and professional roles within different types of organizations. You must also be able to explain the importance of compliance factors and best practice frameworks in driving the selection of security controls.
Lesson 2: Explaining Threat Actors and Threat Intelligence
To make an effective security assessment, you must be able to explain strategies for both defense and attack. Your responsibilities are likely to lie principally in defending assets, but to do this you must be able to explain the tactics, techniques, and procedures of threat actors. You must also be able to differentiate the types and capabilities of threat actors. As the threat landscape is continually evolving, you must also be able to identify reliable sources of threat intelligence and research.
Lesson 3: Performing Security Assessments
Security assessment refers to processes and tools that evaluate the attack surface. With knowledge of adversary tactics and capabilities, you can assess whether points on the attack surface are potentially vulnerable attack vectors. The output of assessment is recommendations for deploying, enhancing, or reconfiguring security controls to mitigate the risk that vulnerabilities are exploitable by threat actors.
Lesson 4: Identifying Social Engineering and Malware
It is not sufficient for security assessments to focus solely on software vulnerabilities and configuration errors. As well as these hardware and software systems, the attack surface contains a company’s employees and the degree to which they can be exploited to gain unauthorized access or privileges. Threat actors use social engineering techniques to elicit information, obtain access to premises, and to trick users into running malicious code. You must understand these attacks and train your colleagues and customers with the ability to detect and report them. As well as being able to explain these techniques, you must be able to describe the indicators associated with different types of malware and analyze your systems for possible infections.
Lesson 5: Summarizing Basic Cryptographic Concepts
Assess and monitor activities (utilizing threat intelligence) to identify potential attack vectors and detect malicious activity. The protect cybersecurity function aims to build secure IT processing systems that exhibit the attributes of confidentiality, integrity, and availability. Many of these secure systems depend wholly or in part on cryptography.
A cryptographic system encodes data in such a way that only authorized persons can decode it. Cryptography is the basis for many of the security systems you will be implementing and configuring. As an information security professional, you must have a good understanding of the concepts underpinning cryptographic algorithms and their implementation in secure protocols and services. All security personnel must be able to contrast the different types of cryptographic ciphers, understand how they can be used to apply data confidentiality, integrity, and availability, and describe the weaknesses they may exhibit. A secure technical understanding of the subject will enable you to explain the importance of cryptographic systems and to select appropriate technologies to meet a given security goal.
Lesson 6: Implementing Public Key Infrastructure
Digital certificates and public key infrastructure (PKI) are critical services used to manage identification, authentication, and data confidentiality across most private and public networks. It is important that you understand the types of certificate that can be issued and are able to apply effective management principles when configuring and supporting these systems.
Lesson 7: Implementing Authentication Controls
Each network user and host device must be identified with an account so that you can control their access to your organization’s applications, data, and services. The processes that support this requirement are referred to as identity and access management (IAM). Within IAM, authentication technologies ensure that only valid subjects (users or devices) can operate an account. Authentication requires the account holder to submit credentials that should only be known or held by them in order to access the account. There are many authentication technologies and it is imperative that you be able to compare and contrast and to implement these security controls.
Lesson 8: Implementing Identity and Account Management Controls
As well as ensuring that only valid users and devices connect to managed networks and devices, you must ensure that these subjects are authorized with only necessary permissions and privileges to access and change resources. These tasks are complicated by the need to manage identities across on-premises networks and cloud services. Also, account security depends on effective organizational policies for personnel and security training. You will often be involved in shaping and updating these policies in line with best practice, as well as delivering security awareness education and training programs.
Lesson 9: Implementing Secure Network Designs
Managing user authentication and authorization is only one part of building secure information technology services. The network infrastructure must also be designed to run services with the properties of confidentiality, integrity, and availability. While design might not be a direct responsibility for you at this stage in your career, you should understand the factors that underpin design decisions, and be able to implement a design by deploying routers, switches, access points, and load balancers in secure configurations.
Lesson 10: Implementing Network Security Appliances
In addition to the secure switching and routing appliances and protocols used to implement network connectivity, the network infrastructure design must also include security appliances to ensure confidentiality, integrity, and availability of services and data. You should be able to distinguish the features of security and monitoring devices and software and deploy these devices to appropriate locations in the network.
Lesson 11: Implementing Secure Network Protocols
When hosts join a network, they need to be configured with the appropriate settings for that network. The services that provide these settings, such as DHCP and DNS, must be deployed securely. When hosts access data using server applications, such as web/HTTP, email, and VoIP, the communications between clients and servers must be managed using secure versions of the application protocols. You will also need to configure secure protocols that allow users to access networks, host desktops, and appliance configuration interfaces remotely.
Lesson 12: Implementing Host Security Solutions
Effective network architecture design, protocol configuration, and the use of appliances such as firewalls and intrusion detection help to provide a secure network environment, but we also need to consider the security systems configured on network hosts as well. Security procedures and solutions are complicated by the range of different types of hosts that networks must support, from PCs and laptops to smartphones and embedded controllers.
Lesson 13: Implementing Secure Mobile Solutions
Mobile devices are now the preferred client for many common work tasks, and network management and security systems have had to adapt to accommodate them. The shift toward mobile also presages a move toward unified management of endpoints, and the use of virtualized workspaces as a better model for provisioning corporate apps and data processing.
Lesson 14: Summarizing Secure Application Concepts
Automation strategies for resiliency, disaster recovery, and incident response put development (programming and scripting) at the heart of secure network administration and operations (DevSecOps). As well as automating operations, more companies are having to maintain bespoke code in customer-facing software, such as web applications. Consequently, secure application development is a competency that will only grow in importance over the course of your career.
Lesson 15: Implementing Secure Cloud Solutions
The main idea behind cloud computing is that you can access and manage your data and applications from any host, anywhere in the world, while the storage method and location are hidden or abstracted through virtualization. Cloud applications—whether accessed as public services or provisioned over private virtualization infrastructure—are rapidly overtaking on-premises service delivery models. Security in and of the cloud considerations will form an increasingly important part of your career as a security professional.
Lesson 16: Explaining Data Privacy and Protection Concepts
If people are an organization’s most important asset, then data comes a close second. The rapid adoption of cybersecurity awareness and technologies has come about because of the huge reputational and financial costs of high-profile data and privacy breaches. It is usually data that the threat actors want, and data that the whole system is set up to protect.
The confidentiality, integrity, and availability security attributes of data processing and storage are ensured through a mixture of managerial, operational, and technical controls. Along with security, you should also be able to assess privacy factors when collecting and storing data, and identify how processes must be shaped by legislative and regulatory compliance.
Lesson 17: Performing Incident Response
From a day-to-day perspective, incident response means investigating the alerts produced by monitoring systems and issues reported by users. This activity is guided by policies and procedures and assisted by various technical controls.
Incident response is a critical security function and very large part of your work as a security professional will be taken up with it. You must be able to summarize the phases of incident handling, utilize appropriate data sources to assist an investigation, and apply mitigation techniques to secure the environment after an event.
Lesson 18: Explaining Digital Forensics
Where incident response emphasizes the swift eradication of malicious activity, digital forensics requires patient capture, preservation, and analysis of evidence using verifiable methods. You may be called on to assist with an investigation into the details of a security incident and to identify threat actors. To assist these investigations, you must be able to summarize the basic concepts of collecting and processing forensic evidence that could be used in legal action or for strategic counterintelligence.
Lesson 19: Summarizing Risk Management Concepts
If a company operates with one or more vulnerable business processes, it could result in disclosure, modification, loss, destruction, or interruption of critical data or it could lead to loss of service to customers. Quite apart from immediate financial losses arising from such security incidents, either outcome will reduce a company’s reputation. If a bank lost its trading floor link to its partners, even for an hour, since the organization’s primary function (trading) would be impossible, huge losses may result. Consequently, when planning a network or other IT system, you must perform risk management to assess threats and vulnerabilities.
Analyzing risk plays a major role in ensuring a secure environment for an organization. By assessing and identifying specific risks that can cause damage to network components, hardware, and personnel, you can mitigate possible threats and establish the right corrective measures to avoid losses and liabilities.
Lesson 20: Implementing Cybersecurity Resilience
Cybersecurity resilience means that even successful intrusions by threat actors have limited impact on confidentiality, integrity, and availability. Provisioning redundancy in storage, power, and network systems, plus effective backup procedures, site resiliency, and effective procedures for change control and configuration management are crucial in maintaining high availability.
Lesson 21: Explaining Physical Security
Risks from intrusion by social engineering, wireless backdoors, and data exfiltration by mobile devices all mean that physical security is a critical consideration for site design and operations. The premises in which networks are installed need to use access control mechanisms and be resilient to person-made and natural disasters, such as fire.
This course includes the official CompTIA course content, hands on virtual labs and practice exam.
This course prepares a student to take the CompTIA Security+ SY0-601 national certification exam.