SECURITY+ ( SY0-501)

IThe CeCompTIA Security+ is a global certification that validates the baseline skills you need to perform core security functions and pursue an IT security career.rtified Ethical Hacker (CEH v10) program is a trusted and respected ethical hacking training Program that any information security professional will need. Certified Ethical Hacker has been the absolute choice of the industry globally. It is a respected certification in the industry and is listed as a baseline certification on the credibility and value to credential members.n recent years, electronic devices and handheld applications have become an indispensible part of daily life, backed by the rapid development of internet technologies. At the same time, the widespread adoption of these technologies has led to incidents involving unauthorised access or leakage of sensitive information and private data. This has raised public awareness of the importance of information security.


Click here to Enroll


SECURITY+ Objective

  • No other certification that assesses baseline cybersecurity skills has performance-based questions on the exam. Security+ emphasizes hands-on practical skills, ensuring the security professional is better prepared to problem solve a wider variety of issues.
  • Security+ focuses on the latest trends and techniques in risk management, risk mitigation, threat management and intrusion detection.
  • The new Security+ certification covers the Junior IT Auditor/Penetration Tester job role, in addition to the previous job roles for Systems Administrator, Network Administrator, and Security Administrator.

Course Outlcome

  • The CompTIA Security+ exam will certify the successful candidate has the knowledge and skills required to install and configure systems to secure applications, networks, and devices; perform threat analysis and respond with appropriate mitigation techniques; participate in risk mitigation activities; and operate with an awareness of applicable policies, laws, and regulations. The successful candidate will perform these tasks to support the principles of confidentiality, integrity, and availability.
  • Today’s best practices for risk management and risk mitigation
  • More emphasis on the practical and hands-on ability to both identify and address security threats, attacks and vulnerabilities.
  • Skills covered in Security+ have become a baseline for all cybersecurity jobs and the new version has been updated to reflect how cybersecurity jobs are becoming more specialized, like security analytics. Because of this, the importance of and demand for Security+ has increased for a broader variety of job roles.

Contents Outline

  • Threats, Attacks and Vulnerabilities
  •      - Managing Risk
  •      - Given a scenario, analyze indicators of compromise and determine the type of malware.
  •      - Compare and contrast types of attacks.
  •      - Explain threat actor types and attributes.
  •      - Explain penetration testing concepts.
  •      - Explain vulnerability scanning concepts.
  •      - Explain the impact associated with types of vulnerabilities.

  • Monitoring and Diagnosing Networks
  •      - Monitoring and Diagnosing Networks Terminology
  •      - Frameworks, Best Practices, and Configuration Guides
  •      - Industry-Standard Frameworks and Reference
  •      - Architectures National Institute of Standards and Technology (NIST)
  •      - Benchmarks/Secure Configuration Guides
  •      - Secure Network Architecture Concepts Tunneling/VPN Secure Systems Design Hardware
  •      - Firmware Security Operating Systems Secure Staging Deployment Concepts

  • Architecture and Design
  •      - Explain use cases and purpose for frameworks, best practices and secure configuration guides.
  •      - Given a scenario, implement secure network architecture concepts.
  •      - Given a scenario, implement secure systems design.
  •      - Architecture and Design Explain the importance of secure staging deployment concepts.
  •      - Explain the security implications of embedded systems.
  •      - Summarize secure application development and deployment concepts.
  •      - Summarize cloud and virtualization concepts
  •      - Explain how resiliency and automation strategies reduce risk.
  •      - Explain the importance of physical security controls.

  • Understanding Devices and Infrastructure
  •      - Infrastructure Terminology
  •      - Designing with Security in Mind
  •      - Firewalls VPNs and VPN Concentrators
  •      - Intrusion Detection Systems Router Switch Proxy Load Balancer Access Point SIEM DLP
  •      - Network Access Control (NAC) Mail Gateway Bridge SSL/TLS Accelerators SSL Decryptors
  •      - Media Gateway Hardware Security Module

  • Identity and Access Management
  •      - Compare and contrast identity and access management concepts
  •      - Given a scenario, install and configure identity and access services.
  •      - Given a scenario, implement identity and access management controls.
  •      - Given a scenario, differentiate common account management practices.

  • Wireless Network Threats
  •      - Wireless Threat Terminology Wireless Vulnerabilities to Know Replay Rogue APs and Evil Twins
  •      - Jamming WPS Bluejacking Bluesnarfing NFC and RFID Disassociation Wireless Commonsense
  •      - Wireless Attack Analogy

  • Risk Management
  •      - Explain the importance of policies, plans and procedures related to organizational security.
  •      - Summarize business impact analysis concepts.
  •      - Explain risk management processes and concepts.
  •      - Given a scenario, follow incident response procedures.
  •      - Summarize basic concepts of forensics.
  •      - Explain disaster recovery and continuity of operation concepts.
  •      - Compare and contrast various types of controls.
  •      - Given a scenario, carry out data security and privacy practices.

  • Securing the Cloud
  •      - Cloud-Related Terminology
  •      - Working with Cloud Computing Software as a Service (SaaS) Platform as a Service (PaaS) Infrastructure as a Service
  •      - Private Cloud Public Cloud Community Cloud Hybrid Cloud
  •      - Working with Virtualization Understanding Hypervisors
  •      - Understanding Containers and Application Cells
  •      - VDI/VDE On-Premise vs. Hosted vs. Cloud
  •      - VM Escape Protection VM Sprawl Avoidance Security and the Cloud
  •      - Cloud Access Security Brokers Cloud Storage Security as a Service

  • . Host, Data, and Application Security
  •      - Threat Actors and Attributes Script KiddiesHacktivist Organized Crime Nation-States/APT
  •      - Insiders Competitors Use of Open Source Intelligence Types of Vulnerabilities Configuration Issues
  •      - User Issues Zero-Day Exploits Other Issues Embedded Systems Security Application Vulnerabilities
  •      - Input Vulnerabilities Memory Vulnerabilities Secure Programming Programming Models
  •      - Software Testing Specific Types of Testing Secure Coding Standards Application Configuration
  •      - Baselining Operating System Patch Management Application Patch Management
  •      - Other Application Security Issues Databases and Technologies Database Security Secure
  •      - Configurations Code Issues
  •      - Threats, Attacks, and Vulnerabilities

  • Social Engineering
  •      - Social Engineering and Physical Security Terminology Understanding Social Engineering
  •      - Types of Social Engineering Attacks What Motivates an Attack? The Principles Behind Social
  •      - Engineering Social Engineering Attack Examples Understanding Physical Security Lighting Signs
  •      - Fencing, Gates, and Cages Security Guards Alarms Safe Secure Cabinets and Enclosures
  •      - Protected Distribution Protected Cabling Airgap Mantrap Faraday Cage Lock Types Biometrics
  •      - Barricades/Bollards Tokens/Cards Environmental Controls Cable Locks Screen Filters Cameras
  •      - Motion Detection Logs Infrared Detection Key Management Various Control Types An Analogy of
  •      - Control Types Data Security and Privacy Practices Data Destruction and Media Sanitation
  •      - Data Sensitivity Labeling and Handling Data Roles Data Retention
  •      - Legal and Compliance

  • Cryptography and PKI
  •      - Compare and contrast basic concepts of cryptography.
  •      - Explain cryptography algorithms and their basic characteristics
  •      - Given a scenario, install and configure wireless security settings.
  •      - Given a scenario, implement public key infrastructure.

  • Disaster Recovery and Incident Response
  •      - Disaster and Incident Related Terminology Penetration Testing What Should You Test?
  •      - Vulnerability Scanning Issues Associated with Business Continuity Types of Storage Mechanisms
  •      - Crafting a Disaster-Recovery Plan Incident Response Procedures Understanding Incident Response
  •      - Tabletop Exercises

Click here to Enroll



img

teachers

2000

img

studests

3000

img

Graduates

1500

img

countries

1000

our gallery

#

 

Sign Up for Newsletter

If you sign up for newsletter you’ll not fail to get our update.

Follow Us: