CompTIA Security+ SY0-601 Complete Video Course

CompTIA Security+ SY0-601 Complete Video Course

English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 23h 08m | 5.91 GB

CompTIA Security+ (SY0-601) Complete Video Course is an engaging self-paced video training solution that provides learners with more than 23 hours of personal training from security expert Sari Greene. Through the use of topic-focused instructional videos, you will gain an in-depth understanding of each objective in the CompTIA Security+ (SY0-601) exam, as well as a deeper understanding of security foundations and principles to ensure exam success. CompTIA Security+ (SY0-601) Complete Video Course contains more than 23 hours of training with content divided into 5 modules with 35 content-targeted lessons. This title covers every objective in the newly updated CompTIA Security+ SY0-601 exam and includes screencast teaching, deep dives on security theory and everyday practices, question reviews, and live demos/labs showing how to complete tasks in real time. Most lessons end with a “Security in Action” segment, which takes the security knowledge youve learned to the next level. The video lessons in this course review each exam objective, so you can use it as a complete study tool for taking the CompTIA Security+ exam. Major sections are as follows:
  • Threats, Attacks and Vulnerabilities
  • Architecture and Design
  • Implementation
  • Operations and Incident Response
  • Governance, Risk & Compliance
Learn How To
  • Confidently understand every objective on the CompTIASecurity+ exam this course covers every objective and topic in depth.
  • Prepare for exam success Sari shares her best practices forstudying for and taking the Security+ exam.
  • Enhance your real-world cybersecurity skills and knowledge
Module 1, Threats, Attacks, and Vulnerabilities, corresponds to the firstCompTIA domain. 24% of the exam questions will relate to this domain, and eachlesson within Module 1 aligns with the eight exam objectives. Module 1 willcover social engineering principles, tactics, techniques, attack vectors,malware families and attributes, password attacks, physical attacks,adversarial artificial intelligence, and identifying indicators of compromise(IOC). The lessons will then move into application weaknesses, validationissues, injection, XSS and forgery attacks, and explore various system attacks.Next up, it will take a look at digitalinfrastructure attacks, wireless attacks, and malicious code or script executionincluding using PowerShell, Python. and Bash. The lessons also discussadversaries including means and motivation, threat modeling, and how to useOSINT–open source intelligence. The later lessons in this module cover some ofthe most common and dangerous operational vulnerabilities, risks associatedwith third-parties, threat hunting, vulnerability identification, andautomation tools including SIEM and SOAR. Lastly, the module discusses the importance of penetrationtesting, pen testing options, and how pen testing really works. Module 2, Architecture and Design, corresponds to the second CompTIA domain, which makes up 21% of the exam questions. Within this module, configuration management, data protection concepts, deception and disruption techniques, and tactics are covered. It then examines the security and performance features of virtualization, cloud deployment, and cloud service models. Secure staging workflow, secure coding techniques, and the role of automation with a focus on identify management, authentication factors, attributes and methods, as well as a deep dive into biometrics. The lesson then discusses resiliency, non-persistence, redundancy, and backup and recovery techniques including RAID and replication. Next up is defining what embedded and IoT systems are, look at why and when they are embedded they are vulnerable to attack, and discuss best practices for securing embedded and IoT systems. The module then focuses attention on building and facility design considerations and controls, environmental issues such as air flow, heat, humidity, electrostatic discharge, date emanation, fire, and power as well as secure data destruction. The next lesson begins with a primer, and then surveys cryptographic and related use cases and techniques including steganography, symmetric encryption, asymmetric encryption, hashing, digital signatures, and emerging cryptography. Module 3, Implementation, corresponds to 25% of the exam questions and covers a lot. The module starts by looking at the practical application and use cases of secure communications and network protocols including SSl/TLS, SSH, DNSSEC, SNMPv3, and secure email protocols. Then, it surveys trusted computing-base components and endpoint security solutions, as well as meeting security objectives by implementing zone, segmentation, and isolation options and network appliances including jump servers, proxy servers, IDS/IPS, NACS, firewalls and VPNS. The lesson ends with a look at the TCP/IP model. The module continues with a dive into wireless design and configuration options with an emphasis on planning a secure wireless network, as well as looking at mobile device connection methods, mobile device deployment options, Mobile device management solutions (commonly known as MDM), and mobile device concerns including attack vectors. Next up is revisiting the cloud environmentthis time from an infrastructure perspective. The module looks at design options; use of virtual private clouds and critically cloud security controls; explores the entire user identity and access management lifecycle; and dives into the configuration elements of network and web services including LDAP, Kerberos, TACACS+, RADIUS, CHAP, PAP, SAML, OpenID Connect, OAuth 2.0, and Shibboleth as well as access control and authorization models. Lastly, the module focuses on creating and managing digital certificates as well as cryptovariable (key) management and best practices. Module 4, Operations and Incident Response, covers about 16% of the exam and starts by surveying network reconnaissance and discovery approaches; tools and techniques including scanning, packet capture, and netflows; and introduces Linux operating system commands security practitioners should be familiar with. Then, the importance of incident response preparedness is discussed, as well as defining the elements of an incident response plan, identifying the phases of incident response, reviewing the process, and studying attack frameworks. Next, the module revisits a number of data sources including scans, logs, and metadata from an investigative perspective. The final lessons of this module discuss a variety of manual and automated mitigation, containment and eradication techniques and controls, and then tackles forensic fundamentals including evidence collection, data acquisition and breach disclosure, and notification requirements. Module 5, Governance, Risk and Compliance, covers about 14% of the exam. The module starts by taking a close look at control management, control classifications, and control objectives, which taken together comprise an defense-in-depth environment. It then dives into cybersecurity and privacy related regulations and obligations and how to build a compliance information security program incorporating frameworks, benchmarks, and audit standards. The module then examines the role of policies and supporting governance documents, identify key personnel and operational policies and practices, as well as third-party and supply chain risk management. Next, the module identifies fundamental risk management and assessment concepts, teaches how to conduct a quantitative risk assessment and walks through the fundamental concepts of business continuity, including facilitating a business impact assessment. Lastly, it focuses on data classification, privacy requirements and obligations, roles and responsibilities, privacy enhancing technologies, and the relationship between cybersecurity and privacy.
+ Table of Contents

1 CompTIA Security+ SY0-601 – Introduction
2 Introduction to Module 1
3 Learning Objectives
4 1.1 Social Engineering Principles
5 1.2 Social Engineering Attack Vectors
6 1.3 Influence Campaigns
7 Closer Look Lab – Phone and Text Spoofing
8 Learning Objectives
9 2.1 Malware Primer
10 2.2 Malware Families
11 2.3 Password Attacks
12 2.4 Physical Attacks
13 2.5 Adversarial Artificial Intelligence
14 2.6 Indicators of Compromise
15 Closer Look Lab – Malware Analysis
16 Learning Objectives
17 3.1 Input and Output Validation
18 3.2 Injection, XSS and Forgery Attacks
19 3.3 System Attacks
20 Closer Look Lab – Constructing Error Messages
21 Learning Objectives
22 4.1 Digital Infrastructure Attacks
23 4.2 Wireless Attacks
24 4.3 Code or Script Execution
25 Closer Look Lab – Powershell
26 Learning Objectives
27 5.1 Threat Actors and Attributes
28 5.2 Threat Modeling
29 5.3 Threat Intelligence
30 Closer Look Lab – Threat Intelligence Workflow
31 Learning Objectives
32 6.1 Operational Vulnerabilities
33 6.2 Third-party Risks
34 Closer Look Lab – Zero Day Vulnerability
35 Learning Objectives
36 7.1 Threat Hunting and Vulnerability Identification
37 7.2 Syslog, SIEM, and SOAR
38 Closer Look Lab – Common Vulnerabilities and Exposures
39 Learning Objectives
40 8.1 Penetration Testing Concepts
41 8.2 Penetration Testing Techniques
42 Closer Look Lab – Passive Reconnaissance
43 Module 1 REVIEW
44 Introduction to Module 2
45 Learning Objectives
46 9.1 Configuration Management
47 9.2 Data Protection
48 9.3 Deception and Disruption
49 Closer Look Lab – Honeypots
50 Learning Objectives
51 10.1 Cloud Computing
52 10.2 Virtualization
53 Closer Look Lab – Virtualization
54 Learning Objectives
55 11.1 Secure Staging
56 11.2 Secure Coding Techniques
57 11.3 Automation
58 Closer Look Lab – Open Web Application Security Project (OWASP)
59 Learning Objectives
60 12.1 Identity Management
61 12.2 Authentication Factors
62 12.3 Biometrics
63 Closer Look Lab – Pwned Passwords
64 Learning Objectives
65 13.1 Resiliency and Redundancy
66 13.2 Backup and Recovery
67 Closer Look Lab – RAID
68 Learning Objectives
69 14.1 Embedded Systems
70 14.2 Internet of Things
71 Closer Look Lab – Raspberry Pi
72 Learning Objectives
73 15.1 Site and Building Security
74 15.2 Environmental Controls
75 15.3 Secure Data Destruction
76 Closer Look Lab – Disk Wiping
77 Learning Objectives
78 16.1 Cryptography Primer
79 16.2 Steganography
80 16.3 Symmetric Encryption
81 16.4 Asymmetric Encryption
82 16.5 Hashing
83 16.6 Digital Signatures
84 16.7 Emerging Cryptography
85 Closer Look Lab – Hashing
86 Module 2 REVIEW
87 Introduction to Module 3
88 Learning Objectives
89 17.1 Secure Communications Protocols
90 17.2 Secure Network Protocols
91 Closer Look Lab – SSL_TLS Packets
92 Learning Objectives
93 18.1 Trusted Computing Base
94 18.2 Endpoint Security
95 18.3 Database and Application Security
96 Closer Look Lab – Endpoint Firewall
97 Learning Objectives
98 19.1 Zones and Segments
99 19.2 Network Appliances
100 19.3 Firewalls
101 19.4 Virtual Private Networks
102 19.5 TCP_IP
103 Closer Look Lab – IPv6 Addressing
104 Learning Objectives
105 20.1 Wireless Configuration
106 20.2 Wireless Design
107 Closer Look Lab – Wireless Heat Map
108 Learning Objectives
109 21.1 Mobile Connectivity
110 21.2 Mobile Device Management
111 Closer Look Lab – Mobile Device Ownership and Deployment Options
112 Learning Objectives
113 22.1 Cloud Infrastructure
114 22.2 Virtual Private Clouds
115 22.3 Cloud Security Controls
116 Closer Look Lab – CSA Cloud Controls Matrix
117 Learning Objectives
118 23.1 Identity and Access Management
119 Closer Look Lab – Sign-in Risk Triggers
120 Learning Objectives
121 24.1 Authentication Protocols
122 24.2 Federated Identity
123 24.3 Authorization and Access Control
124 Closer Look Lab – OAuth 2.0 in Action
125 Learning Objectives
126 25.1 PKI Cryptographic Review
127 25.2 Digital Certificates
128 25.3 Digital Certificate Lifecycle
129 25.4 Key Management
130 Closer Look Lab – Digital Certificates
131 Module 3 Review
132 Introduction to Module 4
133 Learning Objectives
134 26.1 Reconnaissance and Discovery
135 26.2 Packet Capture and NetFlows
136 26.3 Linux Commands
137 Closer Look Lab – ZenMap
138 Learning Objectives
139 27.1 Incident Response Plans
140 27.2 Incident Handling Process
141 Closer Look Lab – Mitre ATT&CK Framework
142 Learning Objectives
143 28.1 Data Sources
144 Closer Look Lab – Log Files
145 Learning Objectives
146 29.1 Incident Mitigation
147 Closer Look Lab – SOAR
148 Learning Objectives
149 30.1 Forensic Evidence
150 30.2 Forensic Examination
151 30.3 Disclosure and Notification
152 Closer Look Lab – RAM Capture
153 Module 4 Review
154 Introduction to Module 5
155 Learning Objectives
156 31.1 Controls and Countermeasures
157 Closer Look Lab – Overlapping Control Categories
158 Learning Objectives
159 32.1 Compliance and Regulations
160 32.2 Frameworks and Guidance
161 32.3 Benchmarks and Audit Standards
162 Closer Look Lab – CIS Benchmarks
163 Learning Objectives
164 33.1 Governance and Policies
165 33.2 Personnel Policies
166 33.3 Personnel Practices
167 33.4 Organizational Policies
168 33.5 Third-party Risk Management
169 Closer Look Lab – Policy & Standards
170 Learning Objectives
171 34.1 Risk Management
172 34.2 Risk Assessment
173 34.3 Business Continuity
174 Closer Look Lab – Quantitative Risk Assessment
175 Learning Objectives
176 35.1 Privacy Principles
177 35.2 Privacy Management
178 Closer Look Lab – Privacy Walkthrough
179 Learning Objectives
180 36.1 Understanding the Security+ Exam Structure
181 36.2 Study Strategies
182 36.3 Test Taking Strategies
183 36.4 Testing Options
184 36.5 Attaining and Maintaining Your Security+ Certification
185 Module 5 Review
186 CompTIA Security+ SY0-601 – Summary