CompTIA Security+ Certification (SY0-501) FastTrack Study Guide + Practice Labs
ALL you need to qualify with CompTIA’s Security+ certification exam
- Prepares for SY0-501 exam
- Fully-integrated with Professor Messer’s training videos
- CompTIA CAQC approved with an outstanding 5/5 Procert Labs score
- Available as Skillpipe eBook with instant activation
- Over 200 exam practice questions included
- Includes Practice Labs for SY0-501, practice your skills on real equipment
This money-saving bundle includes both our CAQC-approved Skillpipe eBook AND Practice Labs – perfect exam preparation from gtslearning!
This book is for anyone wishing to qualify with the latest CompTIA Security+ Certification exam (SY0-501). CompTIA Security+ is aimed at IT professionals with job roles such as security architect, security engineer, security consultant/specialist, information assurance technician, security administrator, systems administrator and network administrator.
Professor Messer videos are fully integrated into the book with quicklinks taking you to video content that matches the section you are studying. This is unique and exclusive to gtslearning.
Skillpipe eReader gives browser or app-based access to the full content with full bookmarking and annotation features. Find out more about Skillpipe
An activation key to your Skillpipe content is emailed on purchase.
Content may be printed on a chapter-by-chapter basis for personal use only.
What should you know?
Students should meet the following criteria prior to taking the course:
- Recommended that students have taken CompTIA Network+ certification course and exam, together with 24 months experience of networking support/IT administration
- Know the function and basic features of the components of a PC
- Use Windows Server to create and manage files and use basic administrative features (Explorer, Control Panel, Management Consoles)
- Operate the Linux OS using basic command-line tools
- Know basic network terminology and functions (such as OSI Model, Topology, Ethernet, Wi-Fi, switches, routers)
- Understand TCP/IP addressing, core protocols, and troubleshooting tools
Module 1 / Threats, Attacks, and Vulnerabilities
- Indicators of Compromise • Why is Security Important? • Security Policy • Threat Actor Types • The Kill Chain • Social Engineering • Phishing • Malware Types • Trojans and Spyware • Open Source Intelligence • Labs • VM Orientation • Malware Types
- Critical Security Controls • Security Control Types • Defense in Depth • Frameworks and Compliance • Vulnerability Scanning and Pen Tests • Security Assessment Techniques • Pen Testing Concepts • Vulnerability Scanning Concepts • Exploit Frameworks • Lab • Using Vulnerability Assessment Tools
- Security Posture Assessment Tools • Topology Discovery • Service Discovery • Packet Capture • Packet Capture Tools • Remote Access Trojans • Honeypots and Honeynets • Labs • Using Network Scanning Tools 1 • Using Network Scanning Tools 2 • Using Steganography Tools
- Incident Response • Incident Response Procedures • Preparation Phase • Identification Phase • Containment Phase • Eradication and Recovery Phases
Module 2 / Identity and Access Management
- Cryptography • Uses of Cryptography • Cryptographic Terminology and Ciphers • Cryptographic Products • Hashing Algorithms • Symmetric Algorithms • Asymmetric Algorithms • Diffie-Hellman and Elliptic Curve • Transport Encryption • Cryptographic Attacks • Lab • Implementing Public Key Infrastructure
- Public Key Infrastructure • PKI Standards • Digital Certificates • Certificate Authorities • Types of Certificate • Implementing PKI • Storing and Distributing Keys • Key Status and Revocation • PKI Trust Models • PGP / GPG • Lab • Deploying Certificates and Implementing Key Recovery
- Identification and Authentication • Access Control Systems • Identification • Authentication • LAN Manager / NTLM • Kerberos • PAP, CHAP, and MS-CHAP • Password Attacks • Token-based Authentication • Biometric Authentication • Common Access Card • Lab • Using Password Cracking Tools
- Identity and Access Services • Authorization • Directory Services • RADIUS and TACACS+ • Federation and Trusts • Federated Identity Protocols
- Account Management • Formal Access Control Models • Account Types • Windows Active Directory • Creating and Managing Accounts • Account Policy Enforcement • Credential Management Policies • Account Restrictions • Accounting and Auditing • Lab • Using Account Management Tools
Module 3 / Architecture and Design (1)
- Secure Network Design • Network Zones and Segments • Subnetting • Switching Infrastructure • Switching Attacks and Hardening • Endpoint Security • Network Access Control • Routing Infrastructure • Network Address Translation • Software Defined Networking • Lab • Implementing a Secure Network Design
- Firewalls and Load Balancers • Basic Firewalls • Stateful Firewalls • Implementing a Firewall or Gateway • Web Application Firewalls • Proxies and Gateways • Denial of Service Attacks • Load Balancers • Lab • Implementing a Firewall
- IDS and SIEM • Intrusion Detection Systems • Configuring IDS • Log Review and SIEM • Data Loss Prevention • Malware and Intrusion Response • Lab • Using an Intrusion Detection System
- Secure Wireless Access • Wireless LANs • WEP and WPA • Wi-Fi Authentication • Extensible Authentication Protocol • Additional Wi-Fi Security Settings • Wi-Fi Site Security • Personal Area Networks
- Physical Security Controls • Site Layout and Access • Gateways and Locks • Alarm Systems • Surveillance • Hardware Security • Environmental Controls
Module 4 / Architecture and Design (2)
- Secure Protocols and Services • DHCP Security • DNS Security • Network Management Protocols • HTTP and Web Servers • SSL / TSL and HTTPS • Web Security Gateways • Email Services • S/MIME • File Transfer • Voice and Video Services • VoIP • Labs • Implementing Secure Network Addressing Services • Configuring a Secure Email Service
- Secure Remote Access • Remote Access Architecture • Virtual Private Networks • IPSec • Remote Access Servers • Remote Administration Tools • Hardening Remote Access Infrastructure • Lab • Implementing a Virtual Private Network
- Secure Systems Design • Trusted Computing • Hardware / Firmware Security • Peripheral Device Security • Secure Configurations • OS Hardening • Patch Management • Embedded Systems • Security for Embedded Systems
- Secure Mobile Device Services • Mobile Device Deployments • Mobile Connection Methods • Mobile Access Control Systems • Enforcement and Monitoring
- Secure Virtualization and Cloud Services • Virtualization Technologies • Virtualization Security Best Practices • Cloud Computing • Cloud Security Best Practices
Module 5 / Risk Management
- Forensics • Forensic Procedures • Collecting Evidence • Capturing System Images • Handling and Analyzing Evidence • Lab • Using Forensic Tools
- Disaster Recovery and Resiliency • Continuity of Operations Plans • Disaster Recovery Planning • Resiliency Strategies • Recovery Sites • Backup Plans and Policies • Resiliency and Automation Strategies
- Risk Management • Business Impact Analysis • Identification of Critical Systems • Risk Assessment • Risk Mitigation
- Secure Application Development • Application Vulnerabilities • Application Exploits • Web Browser Exploits • Secure Application Design • Secure Coding Concepts • Auditing Applications • Secure DevOps • Lab • Identifying a Man-in-the-Browser Attack
- Organizational Security • Corporate Security Policy • Personnel Management Policies • Interoperability Agreements • Data Roles • Data Sensitivity Labeling and Handling • Data Wiping and Disposal • Privacy and Employee Conduct Policies • Security Policy Training
About our live Practice Labs
Buy this bundle and you will get 12 months access to real, live computer equipment through your web browser. Practice Labs are not simulations, just a risk-free way for you to guarantee your understanding of practical tasks and concepts without any possibility of making damaging mistakes.
- REAL equipment Practice Labs gives you access to dedicated live equipment (not simulations)
- Perfect for self-study learning Complement theory with Practice Labs to give a complete learning experience
- Practice makes perfect Improve practical IT skills
- Certification ready Significantly increase chances of certification success
- No hardware or software needed No complicated software installation
- Totally flexible. Courses can be modified to meet specific requirements. Sections can be removed. New content added. One or more titles can be combined. Whatever your training requirements, our courseware can help you meet that need.
- 24×7 access Accessible through the internet, from anywhere, 24×7