CompTIA Security+

Cyber Security (SY0-601) :

Lesson 1 : Comparing Security Roles and Security Controls

• Compare and Contrast Information Security Roles
• Compare and Contrast Security Control and Framework Types

Lesson 2 : Explaining Threat Actors and Threat Intelligence

• Explain Threat Actor Types and Attack Vectors
• Explain Threat Intelligence Sources

Lesson 3 : Performing Security Assessments

• Assess Organizational Security with Network Reconnaissance Tools
• Explain Security Concerns with General Vulnerability Types
• Summarize Vulnerability Scanning Techniques
• Explain Penetration Testing Concepts

Lesson 4 : Identifying Social Engineering and Malware

• Compare and Contrast Social Engineering Techniques
• Analyze Indicators of Malware-Based Attacks

Lesson 5 : Summarizing Basic Cryptographic Concepts

• Compare and Contrast Cryptographic Ciphers
• Summarize Cryptographic Modes of Operation
• Summarize Cryptographic Use Cases and Weaknesses
• Summarize Other Cryptographic Technologies

Lesson 6 : Implementing Public Key Infrastructure

• Implement Certificates and Certificate Authorities
• Implement PKI Management

Lesson 7 : Implementing Authentication Controls

• Summarize Authentication Design Concepts
• Implement Knowledge-Based Authentication
• Implement Authentication Technologies
• Summarize Biometrics Authentication Concepts

 

 

Lesson 8 : Implementing Identity and Account Management Controls

• Implement Identity and Account Types
• Implement Account Policies
• Implement Authorization Solutions
• Explain the Importance of Personnel Policies

Lesson 9 : Implementing Secure Network Designs

• Implement Secure Network Designs
• Implement Secure Switching and Routing
• Implement Secure Wireless Infrastructure
• Implement Load Balancers

Lesson 10 : Implementing Network Security Appliances

• Implement Firewalls and Proxy Servers
• Implement Network Security Monitoring
• Summarize the Use of SIEM

Lesson 11 : Implementing Secure Network Protocols

• Implement Secure Network Operations Protocols
• Implement Secure Application Protocols
• Implement Secure Remote Access Protocols

Lesson 12 : Implementing Host Security Solutions

• Implement Secure Firmware
• Implement Endpoint Security
• Explain Embedded System Security Implications

Lesson 13 : Implementing Secure Mobile Solutions

• Implement Mobile Device Management
• Implement Secure Mobile Device Connections

Lesson 14 : Summarizing Secure Application Concepts

• Analyze Indicators of Application Attacks
• Analyze Indicators of Web Application Attacks
• Summarize Secure Coding Practices
• Implement Secure Script Environments
• Summarize Deployment and Automation Concepts

 

Lesson 15 : Implementing Secure Cloud Solutions

• Summarize Secure Cloud and Virtualization Services
• Apply Cloud Security Solutions
• Summarize Infrastructure as Code Concepts

Lesson 16 : Explaining Data Privacy and Protection Concepts

• Explain Privacy and Data Sensitivity Concepts
• Explain Privacy and Data Protection Controls

Lesson 17 : Performing Incident Response

• Summarize Incident Response Procedures
• Utilize Appropriate Data Sources for Incident Response
• Apply Mitigation Controls

Lesson 18 : Explaining Digital Forensics

• Explain Key Aspects of Digital Forensics Documentation
• Explain Key Aspects of Digital Forensics Evidence Acquisition

Lesson 19 : Summarizing Risk Management Concepts

• Explain Risk Management Processes and Concepts
• Explain Business Impact Analysis Concepts

Lesson 20 : Implementing Cybersecurity Resilience

• Implement Redundancy Strategies
• Implement Backup Strategies
• Implement Cybersecurity Resiliency Strategies

Lesson 21 : Explaining Physical Security

• Explain the Importance of Physical Site Security Controls
• Explain the Importance of Physical Host Security Controls

Security+ (SY0-601) DOMAINS:

• Attacks, Threats, and Vulnerabilities (24%)
• Architecture and Design (21%)
• Implementation (25%)
• Operations and Incident Response (16%)
• Governance, Risk, and Compliance (14%)