Register your product to gain access to bonus material or receive a coupon.
CompTIA Security+ SY0-601 Complete Video Course (Video Training)
- By Sari Greene
- Published Dec 23, 2020 by Pearson IT Certification. Part of the LiveLessons series.
Online Video
- Your Price: $479.99
- List Price: $599.99
- About this video
Video accessible from your Account page after purchase.
Description
- Copyright 2021
- Edition: 1st
- Online Video
- ISBN-10: 0-13-728104-8
- ISBN-13: 978-0-13-728104-6
23+ Hours of Video Instruction
CompTIA Security+ (SY0-601) Complete Video Course is an engaging self-paced video training solution that provides learners with more than 23 hours of personal training from security expert Sari Greene. Through the use of topic-focused instructional videos, you will gain an in-depth understanding of each objective in the CompTIA Security+ (SY0-601) exam, as well as a deeper understanding of security foundations and principles to ensure exam success.
CompTIA Security+ (SY0-601) Complete Video Course contains more than 23 hours of training with content divided into 5 modules with 35 content-targeted lessons. This title covers every objective in the newly updated CompTIA Security+ SY0-601 exam and includes screencast teaching, deep dives on security theory and everyday practices, question reviews, and live demos/labs showing how to complete tasks in real time. Most lessons end with a "Security in Action" segment, which takes the security knowledge you've learned to the next level.
The video lessons in this course review each exam objective, so you can use it as a complete study tool for taking the CompTIA Security+ exam.
Major sections are as follows:
- Threats, Attacks and Vulnerabilities
- Architecture and Design
- Implementation
- Operations and Incident Response
- Governance, Risk & Compliance
Skill Level
- Beginner
Learn How To
· Confidently understand every objective on the CompTIASecurity+ exam this course covers every objective and topic in depth.
· Prepare for exam success Sari shares her best practices forstudying for and taking the Security+ exam.
· Enhance your real-world cybersecurity skills and knowledge
Who Should Take This Course
- Anyone preparing for the CompTIA Security+ examination. Secondaryaudiences: IT professionals
- Anyone interested in learning security fundamentals
Course Requirements
· Day-to-day information technology or cybersecurity experience.
· Note: CompTIA recommends but does not require at least twoyears of experience in IT administration with a focus on security prior totaking the certification exam.
Lesson Descriptions
Module 1, Threats, Attacks, and Vulnerabilities, corresponds to the firstCompTIA domain. 24% of the exam questions will relate to this domain, and eachlesson within Module 1 aligns with the eight exam objectives. Module 1 willcover social engineering principles, tactics, techniques, attack vectors,malware families and attributes, password attacks, physical attacks,adversarial artificial intelligence, and identifying indicators of compromise(IOC). The lessons will then move into application weaknesses, validationissues, injection, XSS and forgery attacks, and explore various system attacks.Next up, it will take a look at digitalinfrastructure attacks, wireless attacks, and malicious code or script executionincluding using PowerShell, Python. and Bash. The lessons also discussadversaries including means and motivation, threat modeling, and how to useOSINT--open source intelligence. The later lessons in this module cover some ofthe most common and dangerous operational vulnerabilities, risks associatedwith third-parties, threat hunting, vulnerability identification, andautomation tools including SIEM and SOAR. Lastly, the module discusses the importance of penetrationtesting, pen testing options, and how pen testing really works.
Module 2, Architecture and Design, corresponds to the second CompTIA domain, which makes up 21% of the exam questions. Within this module, configuration management, data protection concepts, deception and disruption techniques, and tactics are covered. It then examines the security and performance features of virtualization, cloud deployment, and cloud service models. Secure staging workflow, secure coding techniques, and the role of automation with a focus on identify management, authentication factors, attributes and methods, as well as a deep dive into biometrics. The lesson then discusses resiliency, non-persistence, redundancy, and backup and recovery techniques including RAID and replication. Next up is defining what embedded and IoT systems are, look at why and when they are embedded they are vulnerable to attack, and discuss best practices for securing embedded and IoT systems. The module then focuses attention on building and facility design considerations and controls, environmental issues such as air flow, heat, humidity, electrostatic discharge, date emanation, fire, and power as well as secure data destruction. The next lesson begins with a primer, and then surveys cryptographic and related use cases and techniques including steganography, symmetric encryption, asymmetric encryption, hashing, digital signatures, and emerging cryptography.
Module 3, Implementation, corresponds to 25% of the exam questions and covers a lot. The module starts by looking at the practical application and use cases of secure communications and network protocols including SSl/TLS, SSH, DNSSEC, SNMPv3, and secure email protocols. Then, it surveys trusted computing-base components and endpoint security solutions, as well as meeting security objectives by implementing zone, segmentation, and isolation options and network appliances including jump servers, proxy servers, IDS/IPS, NACS, firewalls and VPNS. The lesson ends with a look at the TCP/IP model. The module continues with a dive into wireless design and configuration options with an emphasis on planning a secure wireless network, as well as looking at mobile device connection methods, mobile device deployment options, Mobile device management solutions (commonly known as MDM), and mobile device concerns including attack vectors. Next up is revisiting the cloud environmentthis time from an infrastructure perspective. The module looks at design options; use of virtual private clouds and critically cloud security controls; explores the entire user identity and access management lifecycle; and dives into the configuration elements of network and web services including LDAP, Kerberos, TACACS+, RADIUS, CHAP, PAP, SAML, OpenID Connect, OAuth 2.0, and Shibboleth as well as access control and authorization models. Lastly, the module focuses on creating and managing digital certificates as well as cryptovariable (key) management and best practices.
Module 4, Operations and Incident Response, covers about 16% of the exam and starts by surveying network reconnaissance and discovery approaches; tools and techniques including scanning, packet capture, and netflows; and introduces Linux operating system commands security practitioners should be familiar with. Then, the importance of incident response preparedness is discussed, as well as defining the elements of an incident response plan, identifying the phases of incident response, reviewing the process, and studying attack frameworks. Next, the module revisits a number of data sources including scans, logs, and metadata from an investigative perspective. The final lessons of this module discuss a variety of manual and automated mitigation, containment and eradication techniques and controls, and then tackles forensic fundamentals including evidence collection, data acquisition and breach disclosure, and notification requirements.
Module 5, Governance, Risk and Compliance, covers about 14% of the exam. The module starts by taking a close look at control management, control classifications, and control objectives, which taken together comprise an defense-in-depth environment. It then dives into cybersecurity and privacy related regulations and obligations and how to build a compliance information security program incorporating frameworks, benchmarks, and audit standards. The module then examines the role of policies and supporting governance documents, identify key personnel and operational policies and practices, as well as third-party and supply chain risk management. Next, the module identifies fundamental risk management and assessment concepts, teaches how to conduct a quantitative risk assessment and walks through the fundamental concepts of business continuity, including facilitating a business impact assessment. Lastly, it focuses on data classification, privacy requirements and obligations, roles and responsibilities, privacy enhancing technologies, and the relationship between cybersecurity and privacy.
About Pearson Video Training
Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Sams, and Que. Topics include IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more.
Learn more about Pearson Video training at http://www.informit.com/video.
Sample Content
Table of Contents
Module 1: Threats, Attacks, and Vulnerabilities (24% Exam Objectives)Lesson 1 Compare and Contrast Different Types of Social Engineering TechniquesLesson 2 Given a Scenario, Analyze Indicators of Compromise and Determine the MalwareLesson 3 Given a Scenario, Analyze Potential Indicators Associated with Application AttacksLesson 4 Given a Scenario, Analyze Potential Indicators Associated with Network AttacksLesson 5 Explain Different Threat Actors, Vectors and Intelligence SourcesLesson 6 Explain the Security Concerns Associated with Various Types of VulnerabilitiesLesson 7 Summarize the Techniques Used in Security AssessmentsLesson 8 Explain the Techniques Used in Penetration Testing
Module 2: Architecture and Design (21% Exam Objectives)Lesson 9 Explain the Importance of Security Concepts in an Enterprise EnvironmentLesson 10 Summarize Virtualization and Cloud Computing ConceptsLesson 11 Summarize Secure Application Development, Deployment, and Automation ConceptsLesson 12 Summarize Authentication and Authorization Design ConceptsLesson 13 Given a Scenario, Implement Cybersecurity ResilienceLesson 14 Explain the Security Implications of Embedded and Specialized SystemsLesson 15 Explain the Importance of Physical Security ControlsLesson 16 Summarize the Basics of Cryptographic Concepts
Module 3: Implementation (25% Exam Objectives)Lesson 17 Given a Scenario, Implement Secure ProtocolsLesson 18 Given a Scenario, Implement Host or Application Security SolutionsLesson 19 Given a Scenario, Implement Secure Network DesignsLesson 20 Given a Scenario, Install and Configure Wireless Security SettingsLesson 21 Given a Scenario, Implement Secure Mobile SolutionsLesson 22 Given a Scenario, Apply Cybersecurity Solutions to the CloudLesson 23 Given a Scenario, Implement Identity and Account Management ControlsLesson 24 Given a Scenario, Implement Authentication and Authorization SolutionsLesson 25 Given a Scenario, Implement Public Key Infrastructure
Module 4: Operations and Incident Response (16% Exam Objectives)Lesson 26 Given a Scenario, Use the Appropriate Tool to Assess Organizational SecurityLesson 27 Summarize the Importance of Policies, Processes, and Procedures for Incident ResponseLesson 28 Given an Incident, Utilize Appropriate Data Sources to Support an InvestigationLesson 29 Given an Incident, Apply Mitigation Techniques or Controls to Secure an EnvironmentLesson 30 Explain the Key Aspects of Digital Forensics
Module 5: Governance, Risk & Compliance (14% Exam Objectives)Lesson 31 Compare and Contrast Various Types of ControlsLesson 32 Explain the Importance of Applicable Regulations Standards or Frameworks That Impact Organizational Security PostureLesson 33 Explain the Importance of Policies to Organizational SecurityLesson 34 Summarize Risk Management Processes and ConceptsLesson 35 Explain Privacy and Sensitive Data Concepts in Relation to SecurityLesson 36 Preparing for the Exam