CompTIA Security+ Certification Course - SY0-601

$1499

$1449

-3% Off
Categories
Cyber security

Course Curriculum

Learning Objective: This section details social engineering techniques, determine the type of attack, associate application, and network attacks, explain different threat actors, vectors, and sources and understand different vulnerabilities. 

Topics:

  • Security Policy

  • Threat Actors

  • Social Engineering 

  • Phishing & Types of Malware 

  • Trojans and Spyware 

  • Security Control Types 

  • Defense in Depth 

  • Frameworks and Compliance 

  • Vulnerability Scanning and Pen Tests 

  • Security Assessment Techniques 

  • Pen Testing Concepts

  • Vulnerability Scanning Concepts 

  • Exploitation Frameworks

Learning Objective: This section details social engineering techniques, determine the type of attack, associate application, and network attacks, explain different threat actors, vectors, and sources and understand different vulnerabilities. 

Topics:

  • Security Policy

  • Threat Actors

  • Social Engineering 

  • Phishing & Types of Malware 

  • Trojans and Spyware 

  • Security Control Types 

  • Defense in Depth 

  • Frameworks and Compliance 

  • Vulnerability Scanning and Pen Tests 

  • Security Assessment Techniques 

  • Pen Testing Concepts

  • Vulnerability Scanning Concepts 

  • Exploitation Frameworks

Learning Objective: Learn the basics of cryptographic concepts, implement symmetric, and asymmetric algorithms, understand attacks and how to mitigate them. 

Topics:

  • Cryptographic Terminology and Ciphers 

  • Cryptographic Products 

  • Hashing Algorithms 

  • Symmetric Algorithms

  • Asymmetric Algorithms 

  • Diffie-Hellman and Elliptic Curve 

  • Transport Encryption 

  • Cryptographic Attacks

  • PKI Standards 

  • Digital Certificates 

  • Certificate Authorities 

  • Types of Certificate 

  • Implementing PKI 

  • Storing and Distributing Keys 

  • Key Status and Revocation 

  • PKI Trust Models 

  • PGP / GPG

Learning Objective: Learn about the authentication and authorization design concepts, account management controls, and understand LDAP and Active Directory. 

Topics:

  • Access Control Systems 

  • Identification & Authentication 

  • LAN Manager / NTLM 

  • Kerberos 

  • PAP, CHAP, and MS-CHAP

  • Password Attacks

  • Token-based & Biometric Authentication 

  • Common Access Card 

  • Authorization 

  • Directory Services 

  • RADIUS and TACACS+ 

  • Federation and Trusts 

  • Federated Identity Protocols

  • Formal Access Control Models 

  • Account Types 

  • Windows Active Directory 

  • Creating and Managing Accounts 

  • Account Policy Enforcement 

  • Credential Management Policies 

  • Account Restrictions 

  • Accounting and Auditing

Learning Objective: Understand the network security, implement secure network design, and install and configure security appliances. 

Topics:

  • Network Zones and Segments 

  • Subnetting 

  • Switching Infrastructure 

  • Switching Attacks and Hardening 

  • Endpoint Security 

  • Network Access Control 

  • Routing Infrastructure 

  • Network Address Translation 

  • Software-Defined Networking

  • Basic & Stateful Firewalls 

  • Implementing a Firewall or Gateway 

  • Web Application Firewalls 

  • Proxies and Gateways 

  • Denial of Service Attacks

  • Load Balancers

Learning Objective: Explain and study the implications of embedded and specialized systems, host applications security solutions, configure wireless security solutions, learn hardening concepts, deploying secure host embedded systems. 

Topics:

  • Wireless LANs 

  • WEP and WPA 

  • Wi-Fi Authentication 

  • Extensible Authentication Protocol 

  • Wi-Fi Site Security 

  • Personal Area Networks 

  • Trusted Computing 

  • Hardware / Firmware Security 

  • Peripheral Device Security 

  • Secure Configurations 

  • OS Hardening 

  • Patch Management 

  • Embedded Systems 

  • Security for Embedded System

Learning Objective: Understand the important security protocols used, secure network access protocols, and secure network applications. 

Topics:

  • DHCP Security 

  • DNS Security 

  • Network Management Protocols 

  • HTTP and Web Servers 

  • SSL / TLS and HTTPS 

  • Web Security Gateways 

  • Email Services 

  • S/MIME 

  • File Transfer 

  • Voice and Video Services 

  • Voice over IP (VoIP)

  • Remote Access Architecture 

  • Virtual Private Networks 

  • IPsec and IKE 

  • Remote Access Servers 

  • Remote Administration Tools 

  • Hardening Remote Access Infrastructure

Learning Objective: Study the cloud computing basics, the importance of physical security controls, secure mobile applications, apply cybersecurity solutions to the cloud. 

Topics:

  • Mobile Device Deployments

  • Mobile Connection Methods 

  • Mobile Access Control Systems 

  • Enforcement and Monitoring

  • Virtualization Technologies 

  • Virtualization Security Best Practices 

  • Cloud Computing 

  • Cloud Security Best Practices

  • Site Layout and Access 

  • Gateways and Locks

  • Alarm Systems 

  • Surveillance 

  • Hardware Security 

  • Environmental Controls

Learning Objective: Study application development, deployment, and automation concepts, risk management, and the importance of application regulations, standards, and frameworks. 

Topics:

  • Business Impact Analysis 

  • Identification of Critical Systems 

  • Risk Assessment 

  • Risk Mitigation 

  • Application Vulnerabilities 

  • Application Exploits 

  • Web Browser Exploits 

  • Secure Application Design 

  • Secure Coding Concepts 

  • Auditing Applications 

  • Secure DevOps

Learning Objective: Study the importance of cybersecurity resilience, digital forensics, disaster recovery concepts, organizational security, privacy, and security data concepts. 

Topics:

  • Continuity of Operations Planning 

  • Disaster Recovery Planning 

  • Resiliency Strategies 

  • Recovery Sites 

  • Backup Plans and Policies 

  • Resiliency and Automation Strategies

  • Corporate Security Policy 

  • Personnel Management Policies 

  • Interoperability Agreements 

  • Data Roles 

  • Data Sensitivity Labeling and Handling 

  • Data Wiping and Disposal 

  • Privacy and Employee Conduct Policies 

  • Security Policy Training

  • Forensic Procedures 

  • Collecting Evidence 

  • Capturing System Images 

  • Handling and Analyzing Evidence

Course Description

CertOcean’s CompTIA Security Training Certificate is designed and developed to prepare professionals who want to establish a career in cybersecurity. Post the completion of the course, you will develop core knowledge and hands-on experience in troubleshooting networks, techniques in risk management, risk mitigation, threat management, intrusion detection, etc.

The participants will learn about the fundamental principles of installing and configuring cybersecurity controls in incident response and risk mitigation. You will also establish strategies developed by cyber adversaries to attack networks, deploy countermeasures to defend them, understand the principles of organizational security, implement the elements of effective security policies using some cryptographic standards.
Professionals who wish to build a career in the system domain, security consultancy, network admin, security specialist, security engineer can opt for this course. Moreover, candidates looking for the junior penetration tester and IT auditor can take up the course. Anybody who is a cybersecurity enthusiast can take up the training.

Post the completion of the course, you will learn about:

  • Potent vulnerabilities and threats that may cause harm to a system or network 

  • Corrective measures for incident response

  • Implement cryptographic standards and products

  • Install, configure, and deploy network components, identity and access services (Identity & Access Management), and management controls

  • Learn the principles of organizational security and the elements of effective security policies

  • Implement secure network system design and architecture concepts 

  • Remote access and wireless security is enforced

  • Risks and take corrective measures for risk mitigation and management

  • Identify strategies for fault tolerance, ensuring business continuity, and disaster recovery

There are no specific requirements to take up this training, but a professional who understands Linux OS and networking is at advantage.

Features

Frequently Asked Questions (FAQs):

To clear the exam, you need a minimum score of 750. The exam duration is 90 minutes and includes 90 questions.

The exam fee is included in the course fee.

The eligibility requirements include:

  • At least two years of experience in IT security administration

  • Hands-on experience in technical information security

  • Broad knowledge of security concepts