GENERAL SECURITY CONCEPTS

* Compare and contrast various types of security controls
* Summarize fundamental security concepts.
* Explain the importance of change management processes and the impact to security
* Explain the importance of change management Explain the importance of using appropriate
* cryptographic solutions.”

THREATS, VULNERABILITIES, AND MITIGATIONS

* Compare and contrast common threat actions and motivations
* Explain common threat vectors and attack surfaces
* Explain various types of vulnerabilities
* Given a scenario, analyze indicators of malicious activity
* Explain the purpose of mitigation techniques used to secure the enterprise

SECURITY ARCHITECTURE

* Compare and contrast security implications of different architecture models
* Given a scenario, apply security principles to secure enterprise * infrastructure.
* Compare and contrast concepts and strategies to protect data
* Explain the importance of resilience and recovery in security architecture.

SECURITY OPERATIONS

* Given a scenario, apply common security techniques to computing resources.
* Explain the security implications of proper hardware, software, and data asset management.
* Explain various activities associated with vulnerability management.
* Explain security alerting and monitoring concepts and tools
* Given a scenario, modify enterprise capabilities to enhance security.
* Given a scenario, implement and maintain identity and access management.
* Explain the importance of automation and orchestration related to secure operations.
* Explain appropriate incident response activities.
* Given a scenario, use data sources to support an investigation.

SECURITY PROGRAM MANAGEMENT AND OVERSIGHT

* Summarize elements of effective security governance.
* Explain elements of the risk management process.
* Explain the processes associated with third-party risk assessment and management.
* Summarize elements of effective security compliance.
* Explain types and purposes of audits and assessments.
* Given a scenario, implement security awareness practices.

The Security+ certification is considered to be the minimum level of certification for all IT security positions beyond entry-level. This course delivers the core knowledge required to pass the exam and the skills necessary to advance to an intermediate-level security job.

Students will benefit most from this course if they intend to take the CompTIA Security+ SY0-701 exam.

This course supports a certification that is a DoD Approved 8570 Baseline Certification and meets DoD 8140/8570 training requirements.

• Network Administrators
• Cybersecurity Associates
• IT personnel interested in pursuing a career in cybersecurity
Prerequisites

This course assumes basic knowledge of using and maintaining individual workstations.

Attendees should be CompTIA A+ certified (or have equivalent experience) and CompTIA Network+ certified (or have equivalent experience) with 2-3 years networking experience.

• Lesson 1: Comparing Security Roles and Security Controls
• Lesson 2: Explaining Threat Actors and Threat Intelligence
• Lesson 3: Performing Security Assessments
• Lesson 4: Identifying Social Engineering and Malware
• Lesson 5: Summarizing Basic Cryptographic Concepts
• Lesson 6: Implementing Public Key Infrastructure
• Lesson 7: Implementing Authentication Controls
• Lesson 8: Implementing Identity and Account Management Controls
• Lesson 9: Implementing Secure Network Designs
• Lesson 10: Implementing Network Security Appliances
• Lesson 11: Implementing Secure Network Protocols
• Lesson 12: Implementing Host Security Solutions
• Lesson 13: Implementing Secure Mobile Solutions
• Lesson 14: Summarizing Secure Application Concepts
• Lesson 15: Implementing Secure Cloud Solutions
• Lesson 16: Explaining Data Privacy and Protection Concepts
• Lesson 17: Performing Incident Response
• Lesson 18: Explaining Digital Forensics
• Lesson 19: Summarizing Risk Management Concepts
• Lesson 20: Implementing Cybersecurity Resilience
• Lesson 21: Explaining Physical Security
• Appendix A: Mapping Course Content to CompTIA Security+ SY0-701 Exam
Objectives
• Appendix B: Course Acronyms

• Assisted Lab: Exploring the Lab Environment
• Assisted Lab: Scanning and Identifying Network Nodes
• Assisted Lab: Intercepting and Interpreting Network Traffic with Packet
Sniffing Tools
• Assisted Lab: Analyzing the Results of a Credentialed Vulnerability Scan
• Assisted Lab: Installing, Using, and Blocking a Malware-based Backdoor
• Applied Lab: Performing Network Reconnaissance and Vulnerability Scanning
• Assisted Lab: Managing the Lifecycle of a Certificate
• Assisted Lab: Managing Certificates with OpenSSL
• Assisted Lab: Auditing Passwords with a Password Cracking Utility
• Assisted Lab: Managing Centralized Authentication
• Assisted Lab: Managing Access Controls in Windows Server
• Assisted Lab: Configuring a System for Auditing Policies
• Assisted Lab: Managing Access Controls in Linux
• Applied Lab: Configuring Identity and Access Management Controls
• Assisted Lab: Implementing a Secure Network Design
• Assisted Lab: Configuring a Firewall
• Assisted Lab: Configuring an Intrusion Detection System
• Assisted Lab: Implementing Secure Network Addressing Services
• Assisted Lab: Implementing a Virtual Private Network
• Assisted Lab: Implementing a Secure SSH Server
• Assisted Lab: Implementing Endpoint Protection
• Applied Lab: Securing the Network Infrastructure
• Assisted Lab: Identifying Application Attack Indicators
• Assisted Lab: Identifying a Browser Attack
• Assisted Lab: Implementing PowerShell Security
• Assisted Lab: Identifying Malicious Code
• Applied Lab: Identifying Application Attacks
• Assisted Lab: Managing Data Sources for Incident Response
• Assisted Lab: Configuring Mitigation Controls
• Assisted Lab: Acquiring Digital Forensics Evidence
• Assisted Lab: Backing Up and Restoring Data in Windows and Linux
• Applied Lab: Managing Incident Response, Mitigation and Recovery