LearnKey Training

Security+ (SY0-501) Course

Security+ (SY0-501) Course

Back to Product Page


Security+ (SY0-501) Course

6 Sessions -
14 Hours of Interactive Training

This CompTIA certification course helps to prepare students to take and pass the SY0-501 Security+ exam and obtain the Security+ certification. This course is excellent for those looking to increase their employability prospects in security administration careers. Specific topics covered in this course include: security threats, attacks and vulnerabilities, tools and technologies, architecture and design, identity and access methods, risk management, and cryptography.

Benefits
  • Get prepared for exam SY0-501
  • Put your skills to the test with hundreds of Pre/Post-Test questions
  • View your online courseware anytime anywhere

About The Author
Jason Manibog, LearnKey’s senior instructor, has spent over 15 years in the Information Technology arena as a trainer, consultant, and courseware writer. Jason is a Microsoft Certified Trainer with multiple certifications in Microsoft, CompTIA, and Adobe. Jason brings a wealth of real-world experience and the ability to explain things in very practical, real-life like terms to any class he teaches, courseware he writes, or e-Learning courses he develops.

Session 1

Section A: Course Opening

  • Introduction
  • How to Study for This Exam

Section B: Malware

  • Viruses, Cryptomalware/Ransomware, Worms
  • Other Malware Forms
  • Bot, Logic Bomb, Backdoor

Section C: Types of Attacks

  • Social Engineering
  • Other Social Engineering Attacks
  • Reasons for Effectiveness
  • DoS
  • Injection, Cross-Site Attacks
  • ARP Poisoning
  • Amplification
  • DNS Poisoning
  • Data Interceptions
  • Hijacking and Related Attacks
  • Driver Manipulation
  • Spoofing, Wireless Attacks
  • Personal Area Network Attacks
  • Cryptographic Attacks
  • Downgrade, Replay, Weak Implementations

Section D: Threat Actors

  • Types of Actors
  • Insiders, Competitors
  • Attributes of Actors
  • Use of Open-Source Intelligence

Section E: Penetration Testing Concepts

  • Reconnaissance Types
  • Privilege Escalation, Boxes
  • Pen Testing vs. Vulnerability Scanning

Section F: Vulnerability Scanning Concepts

  • Passively Test Security Controls
  • Security Controls, Misconfigurations
  • Intrusive vs. Non-Intrusive
  • Credentials, False Positive

Section G: Vulnerability Impact

  • Race Conditions
  • Vulnerabilities Due to System Age
  • Improper Input Handling
  • Improper Error Handling
  • Bad and Default Configurations
  • Resource Exhaustion
  • Vulnerable Users and Business Processes
  • Memory/Buffer Vulnerability
  • System Sprawl, Design Weakness, Zero Day
  • Improper Certificate and Key Management
  • Domain 1 Exam Tips

Session 2

Section A: Network Components

  • Firewall, ACL
  • Firewall Types, Implicit Deny
  • VPN Concentrator, Access Types
  • IPSec
  • Tunnels, TLS, Always-on VPN
  • NIPS/NIDS
  • Signature-Based, Heuristic/Behavioral
  • Anomaly, Inline vs. Passive
  • Management, Rules, Analytics, Results
  • Router, ACLs, Antispoofing
  • Switch, Port Security
  • Loop Prevention, Flood Guard
  • Proxy Types
  • Load Balancer
  • Load Balancer Types
  • Access Points
  • Bands, Antennas, Controller Types
  • SIEM
  • Event Deduplication, Logs/WORM
  • DLP, USB Blocking, Cloud-Based, Email
  • NAC
  • Mail Gateway
  • Bridges, SSL, Hardware Security

Section B: Security Posture Assessment

  • Network Analysis Tools
  • Wireless Scanners, Password Crackers
  • Other Scanners and Tools
  • Honeypot, Utilities, Banner Grabbing
  • Ping, Netstat, Tracert
  • Nslookup/Dig, ARP
  • Ipconfig/Ifconfig
  • Tcpdump
  • Nmap
  • Netcat

Section C: Common Security Issues

  • Unencrypted Credentials/Clear Text
  • Anomalies, Permission Issues, Violations
  • Certificate Issues, Data Exfiltration
  • Misconfigured Devices
  • Weak Security Configurations
  • Personnel Issues
  • Social Engineering
  • Social Media, Personal Email
  • Software, Baselines, Licensing
  • Asset Management, Authentication Issues

Section D: Security Technologies

  • HIDS/HIPS
  • Antivirus
  • File Integrity Check
  • Host-Based Firewall
  • Application Whitelisting
  • Removable Media Control, Malware Tools
  • Path Management Tools
  • UTM, DLP, DEP, Web Application Firewall

Section E: Mobile Device Deployment

  • Connection Methods
  • Bluetooth, NFC, ANT
  • Infrared, USB
  • Mobile Device Management Concepts
  • Remote Wipe, Geofencing, Geolocation
  • Physical Security and Push Notification
  • Authentication, Storage, Encryption
  • Enforcement and Monitoring
  • Carriers, Firmware Updates, Camera Use
  • Texts, External Media, USB OTG, Mics
  • Tagging, Ad Hoc, Tethering, Payments
  • Deployment Models

Section F: Secure Protocols

  • Protocols, DNSSEC, SSH, S/MIME
  • SRTP, LDAPS, FTPS, SFTP
  • SSL/TLS, HTTPS, Secure POP/IMAP
  • Protocol Implementation Use Cases
  • Domain 2 Exam Tips

Session 3

Section A: Use Cases and Framework Purposes

  • Regulatory, Non-Regulatory
  • National vs. International
  • Industry-Specific Frameworks
  • Configuration and Vendor-Specific Guides
  • General Purpose Guides
  • Defense-In-Depth, Security Controls
  • User Training

Section B: Secure Network Architecture

  • Network Zones and Topologies
  • Wireless Networks and Honeynets
  • NAT and Ad Hoc Connections
  • Physical vs. Logical Networks
  • Virtualization, Air Gaps
  • Tunneling/VPN, Types of VPNs
  • Security Devices and Placement
  • Proxies, Firewalls, VPN Concentrators
  • Other Security Devices
  • SDN

Section C: Secure Systems Design

  • Hardware/Firmware Security
  • Boot Design, Supply Chain, EMI
  • Types of Operating Systems
  • Appliance, Kiosk, Mobile OS
  • Patch Management
  • Functionality and Configurations
  • Trusted OS, Whitelisting, Blacklisting
  • Disable Default Accounts/Passwords
  • Peripherals
  • SD Cards, Printers, Storage Devices

Section D: Staging Deployment Concepts

  • Sandboxing
  • Environment
  • Secure Baseline
  • Integrity Measurement

Section E: Embedded Systems

  • SCADA/ICS
  • Smart Devices and IoT
  • HVAC
  • SoC
  • RTOS
  • Printers/MFDs
  • Camera Systems
  • Special Purpose
  • Aircraft/UAV

Section F: Application Development and Deployment

  • Development Life Cycle Models
  • Secure DevOps
  • Baselining, Immutable Systems
  • Version Control and Change Management
  • Provisioning and Deprovisioning
  • Secure Coding Techniques
  • Normalization
  • Stored Procedures, Code Signing
  • Encryption, Obfuscation, Code Reuse
  • Validation, Memory Management
  • Libraries, SDKs, Data Exposure
  • Code Quality, Testing, and Analyzers
  • Stress Testing, Sandboxing, Verification
  • Complied vs. Real-Time Code

Section G: Cloud and Virtualization

  • Hypervisor, Type I, Type II
  • Application Cells/Containers
  • VM Sprawl Avoidance
  • VM Escape Protection
  • Cloud Storage
  • Cloud Deployment Models
  • On-Premise vs. Hosted vs. Cloud
  • VDI/VDE
  • Cloud Access Security Broker
  • Security as a Service

Section H: Resiliency and Automation Strategies

  • Automation/Scripting, Courses of Action
  • Monitoring, Configuration Validation
  • Templates
  • Master Image
  • Non-Persistence, Snapshots
  • Revert to Known State
  • Rollback to Known Configuration
  • Live Boot Media
  • Elasticity
  • Scalability
  • Distributive Allocation
  • Redundancy, Fault Tolerance
  • High Availability
  • RAID

Section I: Physical Security

  • Perimeter Security
  • Internal Security
  • Protect Cabling and Server Rooms
  • Inside-the-Building Protection
  • Environmental Controls
  • Locks, Screen Filters, Cameras, Logs
  • Infrared Detection, Key Management
  • Domain 3 Exam Tips

Session 4

Section A: Identity and Access Concepts

  • Identification, AAA
  • Multifactor Authentication
  • Federation, SSO, Transitive Trust

Section B: Identity and Access Services

  • LDAP, Kerberos, TACACS+
  • CHAP, PAP, MS-CHAP
  • RADIUS
  • Other Authentication Types

Section C: Identity and Access Controls

  • Access Control Models
  • Physical Access Control
  • Biometric Factors
  • False Acceptance/Rejection, Error Rate
  • Tokens, Hardware, Software, HOTP, TOTP
  • Certificate-Based Authentication
  • File System Security
  • Database Security

Section D: Account Management Practices

  • User, Shared, and Generic Accounts
  • Guest Accounts, Service Accounts
  • Privileged Accounts
  • General Concepts
  • Least Privilege, Onboarding, Offboarding
  • Usage Auditing and Review
  • Time-of-Day Restrictions
  • Recertification
  • Naming Conventions, Account Maintenance
  • Group-Based Access Control
  • Location Policies, Policy Enforcement
  • Credential Management, Group Policy
  • Password Complexity
  • Expiration, Recovery
  • Disablement and Lockout
  • Password History, Reuse, Length
  • Domain 4 Exam Tips

Session 5

Section A: Policies, Plans, and Procedures

  • Standard Operating Procedures
  • Agreement Types, BPA, SLA, ISA, MOU/MOA
  • Personnel Management
  • Clean Desks and Personnel Security
  • Role-Based Awareness Training
  • User, Privileged User, Executive User
  • NDA, Onboarding, AUP, Behavior
  • Security, Social Media, Email Policies

Section B: Business Analysis Impact Concepts

  • RTO/RPO, MTBF, MTTR
  • Systems, Single Point of Failure
  • Types of Impact
  • Privacy Impact Assessment

Section C: Risk Management Concepts

  • Threat Assessments
  • Assessments, Calculations, and Register
  • Probability and Impact
  • Testing, Testing Authorizations
  • Risk Response Techniques
  • Change Management

Section D: Incident Response Procedures

  • Incident Response Plan
  • Reporting, Response Teams, Exercises
  • Incident Response Process

Section E: Forensics Concepts

  • Volatility, Chain of Custody, Legal Hold
  • Data Acquisition
  • Capturing Information
  • Preservation, Recovery, Intelligence

Section F: Disaster Recovery

  • Recovery Sites
  • Order of Restoration
  • Backup Concepts, Full Backup
  • Incremental, Differential, Snapshots
  • Location Choices
  • Continuity of Operation Planning

Section G: Types of Controls

  • Security and Technical Controls

Section H: Data Security and Privacy Practices

  • Data Destruction and Media Sanitization
  • Data Sensitivity Labeling and Handling
  • PII, PHI
  • Data Roles
  • Data Retention, Legal and Compliance
  • Domain 5 Exam Tips

Session 6

Section A: Cryptography Concepts

  • Algorithm Types and Modes
  • Hashing, Salt, IV, Nonce, Elliptic Curve
  • Algorithm and Signature Terms
  • Cipher Types and Keys
  • Data in Transit, at Rest, in Use
  • Random Numbers, Key Stretching
  • Implementation vs. Algorithm Selection
  • Secrecy and Obscurity
  • Common Use Cases
  • Supporting Use Cases, Constraints

Section B: Cryptography Algorithms

  • Symmetric Algorithm Types
  • Cipher Modes
  • Asymmetric Algorithm Types, RSA, DSA
  • Diffie-Hellman, Groups, DHE, ECDHE
  • Elliptic Curve, PGP/GPG
  • Hashing Algorithms
  • Key Stretching Algorithms
  • Obfuscation, Substitution Ciphers

Section C: Wireless Security Installation

  • Cryptographic Protocols
  • Authentication Protocols, EAP Protocols
  • IEEE 802.1X, RADIUS Federation
  • Authentication Methods

Section D: Public Key Infrastructure

  • Components, CA, Intermediate CA
  • CRL, OCSP, CSR
  • Certificates, Keys, Object Identifiers
  • PKI Concepts
  • Types of Certificates
  • Email, User
  • Root CA and Validations
  • Certificate Formats

Section E: Course Conclusion

  • Domain 6 Exam Tips, Final Exam Tips
  • Closing