CompTIA Security+

Cui îi este dedicat cursul?

• IT professionals with job roles such as security engineer, security consultant /specialist, information assurance technician, junior auditor / penetration tester, security administrator, systems administrator, and network administrator.

Cunoștințe și abilități inițiale

• A minimum of 2 years’ experience in IT administration with a focus on security
• Day to day technical information security experience
• Broad knowledge of security concerns and implementation including the topics in the domain list above

Prezentarea cursului

In this course you will gain the knowledge and skills required to identify risk, to participate in risk mitigation activities, and to provide infrastructure, application, information, and operational security. In addition, the successful candidate will apply security controls to maintain confidentiality, integrity, and availability, identify appropriate technologies and products, troubleshoot security events and incidents, and operate with an awareness of applicable policies, laws, and regulations.

This course will prepare you for CompTIA Security+ certification exam.

Ce subiecte abordează cursul

Attacks, Threats, and Vulnerabilities
Different types of social engineering techniques
Analysis of potential indicators to determine the type of attacks
Analysis of potential indicators associated with application attacks
Analysis of potential indicators associated with network attacks
Different threat actors, vectors, and intelligence sources.
Security concerns associated with various types of vulnerabilities.
Techniques used in security assessments.
Techniques used in penetration testing.
Architecture and Design
Importance of security concepts in an enterprise environment
Virtualization and cloud computing concepts
Secure application development, deployment, and automation concepts
Authentication and authorization design concepts
Implementation of cybersecurity resilience
Security implications of embedded and specialized systems
Importance of physical security controls
Basics of cryptographic concepts
Implementation
Implementation of secure protocols
Implementation of host or application security solutions
Implementation of secure network designs
Installation and configuration of wireless security settings
Implementation of secure mobile solutions
Applying of cybersecurity solutions to the cloud
Implementation of identity and account management controls
Implementation of authentication and authorization solutions
Implementation of public key infrastructure
Operations and Incident Response
Usage of the appropriate tool to assess organizational security
Policies, processes, and procedures for incident response.
Incident: utilizing of appropriate data sources to support an investigation
Incident: applying of mitigation techniques or controls to secure an environment
Key aspects of digital forensics.
Governance, Risk, and Compliance
Comparing and contrast various types of controls
Importance of applicable regulations, standards, or frameworks that impact organizational security posture
Importance of policies to organizational security
Summarizing of risk management processes and concepts.
Privacy and sensitive data concepts in relation to security

Ce abilități se dobândesc în urmă cursului

• Attacks, Threats and Vulnerabilities - More threats, attacks and vulnerabilities from newer custom devices that must be mitigated, such as IoT and embedded devices, newer DDoS attacks and social engineering attacks based on current events
• Architecture and Design - Enterprise environments and reliance on the cloud, which is growing quickly as organizations transition to hybrid networks
• Implementation - Administering identity, access management, PKI, basic cryptography, wireless and end-to-end security
• Operations and Incident Response - Organizational security assessment and incident response procedures, such as basic threat detection, risk mitigation techniques, security controls and basic digital forensics 
• Governance, Risk and Compliance - Organizational risk management and compliance with regulations, such as PCI-DSS, SOX, HIPAA, GDPR, FISMA, NIST and CCPA