CompTIA Security+

CompTIA Security+ is a global certification that validates the baseline skills necessary to perform core security functions and pursue an IT security career.

Gaining a CompTIA Security+ certification demonstrates your knowledge of industry-wide information assurance topics, like systems security, network infrastructure, access control, assessments and audits, cryptography, and organisational security.

More choose Security+ – chosen by more corporations and defence organizations than any other certification on the market to validate baseline security skills and for fulfilling the DoD 8570 compliance.

The CompTIA Security+ certification exam will verify the successful candidate has the knowledge and skills required to assess the security posture of an enterprise environment and recommend and implement appropriate security solutions; monitor and secure hybrid environments, including cloud, mobile, and IoT; operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance; identity, analyze, and respond to security events and incidents

What You Will Learn:

Comparing Security Roles and Security Controls

• Compare and Contrast Information Security Roles
• Compare and Contrast Security Control and Framework Type

Explaining Threat Actors and Threat Intelligence

• Explain Threat Actor Types and Attack Vectors
• Explain Threat Intelligence Sources

Performing Security Assessments

• Assess Organizational Security with Network
• Reconnaissance Tools
• Explain Security Concerns with General Vulnerability Types
• Summarize Vulnerability Scanning Techniques
• Explain Penetration Testing Concepts

Identifying Social Engineering and Malware

• Compare and Contrast Social Engineering Techniques
• Analyze Indicators of Malware-Based Attacks

Summarizing Basic Cryptographic Concepts

• Compare and Contrast Cryptographic Ciphers
• Summarize Cryptographic Modes of Operation
• Summarize Cryptographic Use Cases and Weaknesses
• Summarize Other Cryptographic Technologies

Implementing Public Key Infrastructure

• Implement Certificates and Certificate Authorities
• Implement PKI Management

Implementing Authentication Controls

• Summarize Authentication Design Concepts
• Implement Knowledge-Based Authentication
• Implement Authentication Technologies
• Summarize Biometrics Authentication Concepts

Implementing Identity and Account Management Controls

• Implement Identity and Account Types
• Implement Account Policies
• Implement Authorization Solutions
• Explain the Importance of Personnel Policies

Implementing Secure Network Designs

• Implement Secure Network Designs
• Implement Secure Switching and Routing
• Implement Secure Wireless Infrastructure
• Implement Load Balancers

Implementing Network Security Appliances

• Implement Firewalls and Proxy Servers
• Implement Network Security Monitoring
• Summarize the Use of SIEM

Implementing Secure Network Protocols

• Implement Secure Network Operations Protocols
• Implement Secure Application Protocols
• Implement Secure Remote Access Protocols

Implementing Host Security Solutions

• Implement Secure Firmware
• Implement Endpoint Security
• Explain Embedded System Security Implications

Implementing Secure Mobile Solutions

• Implement Mobile Device Management
• Implement Secure Mobile Device Connections

Summarizing Secure Application Concepts

• Analyze Indicators of Application Attacks
• Analyze Indicators of Web Application Attacks
• Summarize Secure Coding Practices
• Implement Secure Script Environments
• Summarize Deployment and Automation Concepts

Implementing Secure Cloud Solutions

• Summarize Secure Cloud and Virtualization Services
• Apply Cloud Security Solutions
• Summarize Infrastructure as Code Concepts

Explaining Data Privacy and Protection Concepts

• Explain Privacy and Data Sensitivity Concepts
• Explain Privacy and Data Protection Controls

Performing Incident Response

• Summarize Incident Response Procedures
• Utilize Appropriate Data Sources for Incident Response
• Apply Mitigation Controls

Explaining Digital Forensics

• Explain Key Aspects of Digital Forensics Documentation
• Explain Key Aspects of Digital Forensics Evidence Acquisition

Summarizing Risk Management Concepts

• Explain Risk Management Processes and Concepts
• Explain Business Impact Analysis Concepts

Implementing Cybersecurity Resilience

• Implement Redundancy Strategies
• Implement Backup Strategies
• Implement Cybersecurity Resiliency Strategies
   

Explaining Physical Security

• Explain the Importance of Physical Site Security Controls
• Explain the Importance of Physical Host Security Controls