Arista

CompTIA Security+ (Exam SYO-601)

Skip to main content
Page

CompTIA Security+ (Exam SYO-601)

CompTIA Security+ (Exam SYO-601) 


ARMY IGNITED CRITERIA

TRAINING NAME:
  • CompTIA Security+ (Exam SYO-601)       
          

FORMAT:

  • Online, On Demand
  • Learn on Your Schedule

ASSOCIATED CREDENTIAL:
  • CompTIA Security+ ce
    •  
   LOCATION:
  • Virtual, can be taken Anytime, Anywhere
COST:
  • Contact Learn@AristaLearn.com for $
                 TESTING VOUCHER or CERTIFICATE OF COMPLETION?
  • One (1)  Testing Voucher Provided with this Course
WHO IS THIS CLASS FOR?
  • Anyone interested in Information Technology & Security.
   PREREQUISITES:

  • None

COURSE MATERIALS INCLUDE:
  • Access to on-line Learning Portal
  • Videos, training content, examples, quizzes, labs, and all items needed to learn the material and successfully pass this course!
                 

 HOW TO
ENROLL:
  • Email Learn@AristaLearn for a Quote & Detailed Upload instructions


Course Overview

This course will teach students about identifying security fundamentals and threats, analyzing risk, conducting security assessments, implementing network, operational , host, and software security, managing identity and access, implementing cryptography, addressing security issues, and ensuring business continuity.

Chapter 01 - Identifying Security Fundamentals

  • Topic A: Identify Information Security Concepts
  • Information Security, Goals of Information Security, Risk
  • Vulnerabilities, Threats, Attacks
  • Controls, Types of Controls
  • The Security Management Process
  • Demo - Identifying Information Security Basics
  • Topic B: Identify Basic Security Controls
  • The CIA Triad, Non-repudiation, Identification, Authentication
  • Authentication Factors, Authorization, Access Control
  • Accounting and Auditing, Principle of Least Privilege
  • Demo - Identifying Basic Security Controls
  • Topic C: Identify Basic Authentication and Authorization Concepts
  • Passwords, Tokens, Privilege Management
  • Biometrics, Geolocation, Keystroke Authentication
  • Multi-factor Authentication, Mutual Authentication
  • Demo - Identifying Basic Authentication and Authorization Concepts
  • Topic D: Identify Basic Cryptography Concepts
  • Cryptography, Encryption and Decryption
  • Encryption and Security Goals
  • Ciphers, A Key, Symmetric Encryption, Asymmetric Encryption
  • Hashing, Steganography
  • Demo - Identifying Basic Cryptography Concepts
  • Chapter 01 Review

Chapter 02 - Analyzing Risk

  • Topic A: Analyze Organizational Risk
  • Risk Management, Components of Risk Analysis
  • Phases of Risk Analysis, Categories of Threat Types
  • Risk Analysis Methods, Risk Calculation
  • Risk Response Techniques, Risk Mitigation and Control Types
  • Change Management, Guidelines for Analyzing Risk
  • Demo - Analyzing Risks to the Organization
  • Topic B: Analyze the Business Impact of Risk
  • BIA, Impact Scenarios, Privacy Assessments
  • Critical Systems and Functions, Maximum Tolerable Downtime
  • Recovery Point Objective, Recovery Time Objective
  • Mean Time to Failure, Mean Time to Repair
  • Mean Time Between Failures, Guidelines for Performing a Business Impact Analysis
  • Demo - Performing a Business Impact Analysis
  • Chapter 02 Review

Chapter 03 - Identifying Security Threats

  • Topic A: Identify Types of Attackers
  • Hackers and Attackers, Threat Actors, Threat Actor Attributes
  • Open-Source Intelligence, Demo - Identifying Types of Attackers
  • Topic B: Identify Social Engineering Attacks
  • Social Engineering, Effectiveness, Impersonation
  • Phishing and Related Attacks, Hoaxes
  • Physical Exploits, Watering Hole Attacks
  • Demo - Identifying Social Engineering Attacks
  • Topic C: Identify Malware, Malicious Code
  • Viruses, Worms, Adware, Spyware, Trojan Horses
  • Keyloggers, Remote Access Trojans, Logic Bombs
  • Botnets, Ransomware, Advance Persistent Threats
  • Demo - Identifying Types of Malware
  • Topic D: Identify Software-Based Threats
  • Software Attacks, Password Attacks, Types of Password Attacks
  • Cryptographic Attacks, Backdoor Attacks
  • Types of Cryptographic Attacks, Application Attacks
  • Types of Application Attacks, Driver Manipulation
  • Privilege Escalation, Demo - Identifying Password Attacks
  • Topic E: Identify Network-Based Threats
  • TCP/IP Basics, Spoofing Attacks
  • IP and MAC Address Spoofing
  • ARP Poisoning, DNS Poisoning, Port Scanning Attacks
  • Scan Types, Eavesdropping Attacks
  • Man-in-the-Middle Attacks, Man-in-the-Browser Attacks
  • Replay Attacks, DoS Attacks, DDoS Attacks
  • Hijacking Attacks, Amplification Attacks, Pass the Hash Attacks
  • Demo - Identifying Threats to DNS
  • Demo - Identifying Port Scanning Threats
  • Topic F: Identify Wireless Threats
  • Rogue Access Points, Evil Twins, Jamming
  • Bluejacking, Bluesnarfing, Near Field Communication Attacks
  • RFID System Attacks, War Driving, War Walking, and War Chalking
  • Packet Sniffing, IV Attacks, Wireless Replay Attacks
  • WEP and WPA Attacks, WPS Attacks, Wireless Disassociation
  • Demo - Identifying Wireless Threats
  • Topic G: Identify Physical Threats
  • Physical Threats and Vulnerabilities, Hardware Attacks
  • Environmental Threats and Vulnerabilities
  • Demo - Identifying Physical Threats

Chapter 04 - Conducting Security Assessments

  • Topic A: Identify Vulnerabilities
  • Host Vulnerabilities, Software Vulnerabilities, Encryption Vulnerabilities
  • Network Architecture Vulnerabilities, Account Vulnerabilities
  • Operations Vulnerabilities, Demo - Identifying Vulnerabilities
  • Topic B: Assess Vulnerabilities, Security Assessment
  • Security Assessment Techniques, Vulnerability Assessment Tools
  • Types of Vulnerability Scans, False Positives
  • Guidelines for Assessing Vulnerabilities
  • Demo - Capturing Network Data with Wireshark
  • Demo - Scanning for General Vulnerabilities
  • Topic C: Implement Penetration Testing
  • Penetration Testing, Penetration Testing Techniques
  • Box Testing Methods, Penetration Testing Tools
  • Guidelines for Implementing Penetration Testing
  • Demo - Implementing Penetration Testing

Chapter 05 - Implementing Host and Software Security

  • Topic A: Implement Host Security
  • Hardening, Operating System Security, Operating System Hardening Techniques
  • Trusted Computing Base, Hardware and Firmware Security
  • Security Baselines, Software Updates, Application Blacklisting and Whitelisting
  • Logging, Auditing, Anti-malware Software
  • Types of Anti-malware Software, Hardware Peripheral Security
  • Embedded Systems, Security Implications for Embedded Systems
  • Guidelines for Securing Hosts, Demo - Implementing Auditing
  • Demo - Hardening a Server
  • Topic B: Implement Cloud and Virtualization Security
  • Virtualization, Hypervisors, Virtual Desktop Infrastructure
  • Virtualization Security, Cloud Computing
  • Cloud Deployment Models, Cloud Service Types
  • Guidelines for Securing Virtualized and Cloud-Based Resources
  • Demo - Securing Virtual Machine Networking
  • Topic C: Implement Mobile Device Security
  • Mobile Device Connection Methods, Mobile Device Management
  • Mobile Device Security Controls, Mobile Deployment Models
  • Mobile Device Monitoring and Enforcement
  • BYOD Security Controls
  • Guidelines for Implementing Mobile Device Security
  • Demo - Implementing Mobile Device Security
  • Topic D: Incorporate Security in the Software Development Lifecycle
  • Software Development Lifecycle, Software Development Models
  • DevOps, Versioning, Secure Coding Techniques
  • Code Testing Methods
  • Guidelines for Incorporating Security in the Software Development Lifecycle
  • Demo - Performing Static Code Analysis

Chapter 06 - Implementing Network Security

  • Topic A: Configure Network Security Technologies
  • Network Components, Network Devices, Routers, Switches
  • Proxies, Firewalls, Load Balancer
  • Network Scanners and Analysis Tools, Intrusion Detection Systems
  • Network IDS, Intrusion Prevention Systems, Network IPS
  • Types of Network Monitoring Systems
  • Security Information and Event Management
  • Data Loss/Leak Prevention, Virtual Private Networks
  • VPN Concentrators, Security Gateways, Unified Threat Management
  • Guidelines for Configuring Network Security Technologies
  • Demo - Configuring a Network IDS
  • Topic B: Secure Network Design Elements
  • Network Access Control, Demilitarized Zones
  • Network Isolation, Virtual Local Area Networks
  • Network Security Device Placement, Network Address Translation
  • Software-Defined Networking
  • Guidelines for Securing Network Design Elements
  • Demo - Securing Network Design Elements
  • Topic C: Implement Secure Networking Protocols and Services
  • The Open Systems Interconnection Model
  • OSI Model and Security, Internet Protocol Suite
  • Domain Name System, Hypertext Transfer Protocol
  • Secure Sockets Layer/Transport Layer Security
  • HTTP Secure, Secure Shell, Simple Network Management Protocol
  • Real-Time Transport Protocol, Internet Control Message Protocol
  • Internet Protocol Security, Network Basic Input/Output System
  • File Transfer Protocols, Email Protocols
  • Additional Networking Protocols and Services
  • Demo - Installing an Internet Information Services Web Server with Basic Security
  • Demo - Securing Network Traffic Using IPSec
  • Topic D: Secure Wireless Traffic
  • Wireless Networks, Ports and Port Ranges
  • Wireless Antenna Types, 802.11 Protocols
  • Wireless Cryptographic Protocols, Wireless Authentication Protocols
  • Wireless Client Authentication Methods
  • Wireless Access Point Security, VPNs and Open Wireless
  • Captive Portals, Site Surveys, Guidelines for Securing Wireless Traffic
  • Demo - Securing Wireless Traffic

Chapter 07 - Managing Identity and Access

  • Topic A: Implement Identity and Access Management
  • Identity and Access Management, Access Control Models
  • Physical Access Control Devices, Biometric Devices
  • Certificate-Based Authentication, File System and Database Access
  • Guidelines for Implementing IAM
  • Demo - Implementing DAC for a File Share
  • Topic B: Configure Directory Services
  • Directory Services, Lightweight Directory Access Protocol
  • Secure LDAP, Common Directory Services
  • Demo - Backing Up Active Directory
  • Topic C: Configure Access Services
  • Remote Access Methods, Tunneling, Remote Access Protocols
  • HMAC-Based One-Time Password, Time-Based OTP
  • Password Authentication Protocol
  • Challenge-Handshake Authentication Protocol
  • NT LAN Manager, Kerberos, Demo - Managing Accounts
  • Authentication, Authorization, and Accounting
  • Remote Authentication Dial-In User Service
  • Terminal Access Controller Access-Control System
  • Demo - Configuring a Remote Access Server
  • Demo - Setting Up Remote Access Authentication
  • Topic D: Manage Accounts
  • Account Management, Account Privileges, Account Types
  • Account Policy, Password Policy, Multiple Accounts
  • Shared Accounts, Account Management Security Controls
  • Credential Management, Group Policy, Identity Federation
  • Identity Federation Methods, Guidelines for Managing Accounts

Chapter 08 - Implementing Cryptography

  • Topic A: Identify Advanced Cryptography Concepts
  • Cryptography Elements, Hashing Concepts, Data States
  • Key Exchange, Digital Signatures, Cipher Suites
  • Session Keys, Key Stretching
  • Special Considerations for Cryptography
  • Demo - Identifying Advanced Cryptographic Concepts
  • Topic B: Select Cryptographic Algorithms
  • Types of Ciphers, Types of Hashing Algorithms
  • Types of Symmetric Encryption Algorithms
  • Types of Asymmetric Encryption Techniques
  • Types of Key Stretching Algorithms
  • Substitution Ciphers, Exclusive Or, Cryptographic Modules
  • Demo - Selecting Cryptographic Algorithms
  • Topic C: Configure a Public Key Infrastructure
  • Public Key Infrastructure, PKI Components, CA Hierarchies
  • The Root CA, Subordinate Cas, Offline Root CAs
  • Types of Certificates, X.509, Certificate File Formats
  • CA Hierarchy Design Options, Demo - Installing a CA
  • Demo - Securing a Windows Server 2016 CA
  • Topic D: Enroll Certificates
  • The Certificate Enrollment Process
  • The Certificate Lifecycle, Certificate Lifecycle Management
  • The SSL/TLS Connection Process, Demo - Enrolling Certificates
  • Demo - Securing Network Traffic with Certificates
  • Topic E: Back Up and Restore Certificates and Private Keys
  • Private Key Protection Methods, Key Escrow
  • Private Key Restoration Methods, Private Key Replacement
  • Demo - Backing Up a Certificate and Private Key
  • Demo - Restoring a Certificate and Private Key
  • Topic F: Revoke Certificates, Demo - Revoking Certificates
  • Certificate Revocation, Certificate Revocation List, Online Certificate Status Protocol

Chapter 09 - Implementing Operational Security

  • Topic A: Evaluate Security Frameworks and Guidelines
  • Security Frameworks, Security Framework Examples
  • Security Configuration Guides, Compliance, Layered Security
  • Demo - Evaluating Security Frameworks and Guidelines
  • Topic B: Incorporate Documentation in Operational Security
  • Security Policies, Defense in Depth
  • Common Security Policy Types, Personnel Management
  • Separation of Duties, Job Rotation, Mandatory Vacation
  • Additional Personnel Management Tasks
  • Training and Awareness, Business Agreements
  • Guidelines for Incorporating Documentation in Operational Security
  • Demo - Incorporating Documentation in Operational Security
  • Topic C: Implement Security Strategies
  • Security Automation, Scalability, Elasticity
  • Redundancy, Fault Tolerance, Redundant Array of Independent Disks
  • Non-persistence, High Availability, Deployment Environments
  • Guidelines for Implementing Security Strategies
  • Demo - Implementing Virtual Machine Snapshots
  • Topic D: Manage Data Security Processes
  • Data Security, Data Security Vulnerabilities
  • Data Storage Methods, Data Encryption Methods
  • Data Sensitivity, Data Management Roles
  • Data Retention, Data Disposal, Guidelines for Managing Data Security
  • Demo - Destroying Data Securely
  • Demo - Encrypting a Storage Device
  • Topic E: Implement Physical Controls
  • Physical Security Controls, Physical Security Control Types
  • Environmental Exposures, Environmental Controls
  • Environmental Monitoring, Safety
  • Guidelines for Implementing Physical Controls
  • Demo - Implementing Physical Controls

Chapter 10 - Addressing Security Issues

  • Topic A: Troubleshoot Common Security Issues
  • Access Control Issues, Encryption Issues, Data Exfiltration
  • Anomalies in Event Logs, Security Configuration Issues
  • Baseline Deviations, Software Issues, Personnel Issues
  • Demo - Identifying Event Log Anomalies
  • Topic B: Respond to Security Incidents
  • Incident Response, Incident Preparation, Incident Detection and Analysis
  • Incident Containment, Incident Eradication, Incident Recovery
  • Lessons Learned, Incident Response Plans
  • First Responders, An Incident Report
  • Guidelines for Responding to Security Incidents
  • Demo - Responding to a Security Incident
  • Topic C: Investigate Security Incidents
  • Computer Forensics, The Basic Forensic Process
  • Preservation of Forensic Data, Asset Management Issues
  • Basic Forensic Response Procedures
  • Order of Volatility, Chain of Custody
  • Guidelines for Investigating Security Incidents
  • Demo - Implementing Forensic Procedures

Chapter 11 - Ensuring Business Continuity

  • Topic A: Select Business Continuity and Disaster Recovery Processes
  • Business Continuity and Disaster Recovery
  • The Disaster Recovery Process, Recovery Team
  • Order of Restoration, Recovery Sites, Secure Recovery
  • Backup Types (Full), Backup Types (Differential vs. Incremental)
  • Secure Backups, Geographic Considerations
  • Guidelines for Selecting Business Continuity and Disaster Recovery Processes
  • Demo - Selecting Business Continuity and Disaster Recovery Processes
  • Topic B: Develop a Business Continuity Plan
  • Business Continuity Plans, Disaster Recovery Plans
  • IT Contingency Plans, Succession Plans, Failover
  • Alternate Business Practices, Testing Exercises
  • After-Action Reports, Guidelines for Developing a BCP
  • Demo - Developing a BCP

 


CONTACT

United States

747-338-3307

learn@aristalearn.com

COMPANY

PROGRAMS

COMMUNITY

Arista

Copyright © 2023 - All Rights Reserved - ARISTALEARN

Privacy Policy