CompTIA Security+ (SY0-501) Online Course - Retired

CompTIA Security+ (SY0-501) Online Course

This course provides all the essential knowledge and skills needed to successfully pass the CompTIA Security+ SY0-501 certification exam. Its primary aim is to help you become a competent IT security professional while thoroughly preparing you for exam success along the way.

Who should take the Course?

The CompTIA Security+ (SY0-501) Online Course is ideal for aspiring cybersecurity professionals, network administrators, systems engineers, and IT support staff who want to gain foundational knowledge in information security. It’s also suitable for individuals preparing for the Security+ SY0-501 certification exam. Prior understanding of basic networking and IT concepts is recommended, though not mandatory, making it a great entry point into cybersecurity.

Course Curriculum

Risk Management

• Introduction to the CompTIA Security+ Exam SY0-501
• The CIA of Security
• Threat Actors
• What is Risk?
• Managing Risk
• Using Guides for Risk Assessment
• Security Controls
• Interesting Security Controls
• Defense in Depth
• IT Security Governance
• Security Policies
• Frameworks
• Quantitative Risk Calculations
• Business Impact Analysis
• Organizing Data
• Security Training
• Third Party Agreements

Cryptography

• Cryptography Basics
• Cryptographic Methods
• Symmetric Cryptosystems
• Symmetric Block Modes
• RSA Cryptosystems
• Diffie-Hellman
• PGP/GPG
• Hashing
• HMAC
• Steganography
• Certificates and Trust
• Public Key Infrastructure
• Cryptographic Attacks

Identity and Access Management

• Identification
• Authorization Concepts
• Access Control List
• Password Security
• Linux File Permissions
• Windows File Permissions
• User Account Management
• AAA
• Authentication Methods
• Single Sign-On

Tools of the Trade

• OS Utilities, Part 1
• OS Utilities, Part 2
• Network Scanners
• Protocol Analyzers
• SNMP
• Logs

Securing Individual Systems

• Denial of Service
• Host Threats
• Man-in-the-Middle
• System Resiliency
• RAID
• NAS and SAN
• Physical Hardening
• RFI, EMI and ESD
• Host Hardening
• Data and System Security
• Disk Encryption
• Hardware/Firmware Security
• Secure OS Types
• Securing Peripherals
• Malware
• Analyzing Output
• IDS and IPS
• Automation Strategies
• Data Destruction

The Basic LAN

• LAN Review
• Network Topologies Review
• Network Zone Review
• Network Access Controls
• The Network Firewall
• Proxy Servers
• Honeypots
• Virtual Private Networks
• IPSec
• NIDS/NIPS
• SIEM

Beyond the Basic LAN

• Wireless Review
• Living in Open Networks
• Vulnerabilities with Wireless Access Points
• Cracking 802.11 - WEP
• Cracking 802.11 - WPA
• Cracking 802.11 - WPS
• Wireless Hardening
• Wireless Access Points
• Virtualization Basics
• Virtual Security
• Containers
• IaaS
• PaaS
• SaaS
• Deployment Models
• Static Hosts
• Mobile Connectivity
• Deploying Mobile Devices
• Mobile Enforcement
• Mobile Device Management
• Physical Controls
• HVAC
• Fire Suppression

Secure Protocols

• Secure Applications and Protocols
• Network Models
• Know Your Protocols - TCP/IP
• Know Your Protocols - Applications
• Transport Layer Security (TLS)
• Internet Service Hardening
• Protecting Your Servers
• Secure Code Development
• Secure Deployment Concepts
• Code Quality and Testing

Testing Your Infrastructure

• Vulnerability Scanning Tools
• Vulnerability Scanning Assessment
• Social Engineering Principles
• Social Engineering Attacks
• Attacking Web Sites
• Attacking Applications
• Exploiting a Target
• Vulnerability Impact

Dealing with Incidents

• Incident Response
• Digital Forensics
• Contingency Planning
• Backups