1. Welcome to the Course SY0-701 FREE CHAPTER

• Introduction to the CompTIA Security+ Exam
• Introduction to the Course
• How to Prepare for the Exam

2. Part 1 - Summarize Fundamental Security Concepts

• Section Preview
• Introduction to Information Security
• Cybersecurity Framework
• Control Objectives
• Security Control Categories
• Security Control Functional Types
• Pop Quiz
• Information Security Roles & Responsibilities

3. Part 2 - Compare Threat Types

• Section Preview
• Vulnerability, Threat, and Risk
• Attributes of Threat Actors
• Threat Actors
• Attack Surface & Attack Vectors
• Vulnerable Software & Network Vectors
• Lure-Based & Message-Based Vectors
• Third Party Risks
• Introduction to Social Engineering
• Social Engineering Techniques Part 1
• Social Engineering Techniques Part 2
• Social Engineering Techniques Part 3

4. Part 3 - Explain Cryptographic Solutions

• Section Preview
• Introduction to Cryptography and Hashing
• Encryption
• Cryptographic Modes of Operation
• Demo - Calculating Hash Values with PowerShell
• Certificates, PKIs, RAs, and CSRs
• Digital Certificates
• Key Management
• Certificate Management
• Certificate Formats & OpenSSL
• Demo - Digital Certificates
• Longevity, Salting & Key Stretching
• Homomorphic Encryption, Blockchain, and Steganography

5. Part 4 - Implement Identity and Access Management

• Section Preview
• Identity Access Management
• Authentication Factors, Design & Attributes
• Biometric Authentication
• Password Concepts
• Demo - Account Password Policy
• Authorization Solutions - Part 1
• Authorization Solutions - Part 2
• Account Attributes and Access Policies
• Local, Network, and Remote Authentication
• Kerberos Authentication & Authorization

6. Part 5 - Secure Enterprise Network Architecture

• Section Preview
• Secure Network Designs
• Network Segmentation, Topology & DMZs
• Routing and Switching Protocols
• Secure Switching and Routing
• Firewalls
• Firewall Implementation
• Demo - Windows 10 Firewall Configuration
• Demo - Creating an Outbound Rule
• Next-Generation Firewalls & HBIDS
• Remote Access Architecture Part 1
• Remote Access Architecture Part 2

7. Part 6 - Secure Cloud Network Architecture

• Section Preview
• Cloud Deployment Models
• Cloud Security Solutions - Part 1
• Cloud Security Solutions - Part 2
• Infrastructure as Code Concepts
• Zero Trust
• Embedded Systems
• Industrial Control Systems & Internet of Things

8. Part 7 - Explain Resiliency and Site Security Concepts

• Section Preview
• Backup Strategies
• Backup Storage
• Cyber Security Resilience
• Implementing Redundancy Strategies
• Diversity and Defense in Depth
• Physical Security Controls - Part 1
• Physical Security Controls - Part 2
• Physical Host Security Controls

9. Part 8 - Explain Vulnerability Management

• Section Preview
• Vulnerability Discovery
• Weak Host and Network Configurations
• Evaluation Scope
• Overflows, Resource Exhaustion, Memory Leaks & Race Conditions
• Cross-Site Scripting Attack
• Standard Query Language Injection Attack
• Sideloading, Rooting & Jailbreaking
• Threat Research Sources
• Threat Intelligence Providers
• Threat Data Feeds & AI
• Vulnerability Response & Remediation

10. Part 9 - Evaluate Network Security Capabilities

• Section Preview
• Bench Marks & Secure Configuration Guides
• Wi-Fi Authentication Methods - Part 1
• Wi-Fi Authentication Methods - Part 2
• Network Security Monitoring
• Web Filtering

11. Part 10 - Assess Endpoint Security Capabilities

• Section Preview
• Endpoint Security
• Segmentation
• Mobile Device Management - Part 1
• Mobile Device Management - Part 2
• Secure Mobile Device Connections
• Secure Design Principles

12. Part 11 - Enhance Application Security Capabilities

• Section Preview
• DNS Security, Directory Services & SNMP
• File Transfer Email and Video Services
• Secure Coding Techniques - Part 1
• Secure Coding Techniques - Part 2

13. Part 12 - Explain Incident Response and Monitoring Concepts

• Section Preview
• Incident Response Process
• Cyber Incident Response Team
• Incident Identification - Part 1
• Incident Identification Part 2
• Incident Response Plan
• Incident Response Exercises, Recovery and Retention Policy
• Digital Forensics Documentation
• Digital Forensics Evidence Acquisition Part 1
• Digital Forensics Evidence Acquisition Part 2
• Data Sources

14. Part 13 - Analyze Indicators of Malicious Activity

• Section Preview
• Malware Classification
• Computer Viruses
• Computer Worms & Fileless Malware
• Spyware, Keyloggers, Rootkits, Backdoors, Ransomware & Logic Bombs
• Malware Indicators and Process Analysis
• Password Attacks
• Tactics, Techniques & Procedures
• Privilege Escalation & Error Handling
• Uniform Resource Locator Analysis & Percent Encoding
• API & Replay Attacks, CSRF, Clickjacking & SSL Strip Attacks
• Other Injection Attacks

15. Part 14 - Summarize Security Governance Concepts

• Section Preview
• Regulations, Standards & Legislation
• ISO and Cloud Frameworks
• Governance Structure
• Governance Documents
• Change Management
• Configuration Management
• Scripting, Automation and Orchestration

16. Part 15 - Explain Risk Management

• Section Preview
• Risk Management Process
• Risk Controls
• Pop Quiz
• Business Impact Analysis
• Third-Party Risk Management & Security Agreements
• Audit and Assurance
• Introduction to Penetration Testing
• Pen Test Attack Life Cycle

17. Part 16 - Summarize Data Protection and Compliance Concepts

• Section Preview
• Privacy and Sensitive Data Concepts
• Data Sovereignty, Privacy Breaches & Data Sharing
• Privacy and Data Controls
• Pop Quiz
• Privacy Principles
• Compliance Monitoring
• Education, Training and Awareness
• Personnel Policies

18. Conclusion

• Conclusion

19. Welcome to the Course (SY0-601)

• Introduction to the CompTIA Security+ Exam

20. Part 1 - Intro To Information Security And Security Roles & Responsibilities

• Section Preview
• Introduction To Information Security
• Cybersecurity Framework
• Security Roles & Responsibilities
• Security Control Categories
• Security Control Functional Types
• ISO and Cloud Frameworks
• Bench Marks & Secure Configuration Guides
• Regulations, Standards & Legislation

21. Section 2 - Explaining Threat Actors And Threat Vectors

• Section Preview
• Vulnerability, Threat And Risk
• Attributes Of Threat Actors
• Threat Actors
• Attack Surface & Attack Vectors
• Threat Research Sources
• Threat Intelligence Providers
• Tactics, Techniques & Procedures
• Threat Data Feeds

22. Part 3 - Performing Security Assessments

• Section Preview
• Network Reconnaissance Tools
• Other Network Reconnaissance Tools
• Demo - Ipconfig, Ping, Tracert, Netstat & Nslookup
• Simulated Question Test
• Software Vulnerabilities and Patch Management
• Weak Host and Network Configurations
• Vulnerability Impacts
• Third Party Risks
• Introduction to Penetration Testing
• Reconnaissance
• Pen Test Attack Life Cycle
• Demo - NMAP

23. Part 4 - Social Engineering Techniques & Malware

• Section Preview
• Intro to Social Engineering
• Social Engineering Techniques Part 1
• Social Engineering Techniques Part 2
• Social Engineering Techniques Part 3
• Malware Classification
• Computer Viruses
• Computer Worms & Fileless Malware
• Spyware, Keyloggers, Rootkits, Backdoors, Ransomware & Logic Bombs
• Malware Indicators & Process Analysis

24. Part 5 - Cryptographic Concepts, Hashing, Ciphers & Encryption

• Section Preview
• Introduction to Cryptography
• Encryption
• Cryptographic Modes of Operation
• Cipher Suites & Modes of Operation
• Cryptographic Use Cases
• Cryptographic Limitations
• Longevity, Salting, and Key Stretching
• Man in the Middle and Downgrade Attacks
• Homomorphic Encryption, Blockchain, and Steganography
• Quantum and Post Quantum
• Demo - Calculating Hash Values with PowerShell

25. Part 6 - Implementing Public Key Infrastructure

• Section Preview
• Certificates, PKIs, RAs, and CSRs
• Digital Certificates
• Key Management
• Certificate Management
• Certificate Formats & OpenSSL
• Demo - Digital Certificates

26. Part 7 - Authentication Design Concepts

• Section Preview
• Identity & Access Management
• Authentication Factors, Design & Attributes
• Local, Network & Remote Authentication
• Kerberos Authentication & Authorization
• PAP, CHAP, and MS-CHAP Authentication
• Authentication Technologies and Protocols
• Biometric Authentication

27. Part 8 - Identity and Management Controls

• Section Preview
• Identity Management Controls
• Pop Quiz
• Account Attributes and Access Policies
• Authorization Solutions - Part 1
• Authorization Solutions - Part 2
• Personnel Policies
• Demo - Account Password Policy

28. Part 9 - Implementing Secure Network Designs

• Section Preview
• Secure Network Designs
• Network Segmentation, Topology & DMZs
• Secure Switching and Routing
• Routing and Switching Protocols
• Wi-Fi Authentication Methods - Part 1
• Wi-Fi Authentication Methods - Part 2
• Network Attacks
• Network Attacks Mitigation

29. Part 10 - Firewalls and Proxy Servers

• Section Preview
• Firewalls
• Firewall Implementation
• Access Control Lists, NAT, Virtual Firewalls
• Next-Generation Firewalls & HBIDS
• Demo - Windows 10 Firewall Configuration
• Demo - How to Create an Outbound Rule
• Network Security Monitoring
• Monitoring Services and SIEMs
• File Manipulation, REGEX and GREP

30. Part 11 - Implement Secure Network Operations Protocols

• Section Preview
• Secure Network Operations
• DNS Security Directory Services and SNMP
• Secure Application Protocols
• File Transfer Email and Video Services
• Remote Access Architecture Part 1
• Remote Access Architecture Part 2

31. Part 12 - Implement Host Security Solutions

• Section Preview
• Hardware Root of Trust
• Boot Integrity
• Disk Encryption & USB Flash Drive Security
• Pop Quiz
• Third-Party Risk Management
• Endpoint Security
• Embedded Systems
• Embedded Systems Communications Considerations
• Industrial Control Systems & Internet Of Things
• Specialized Systems

32. Part 13 - Implement Secure Mobile Solutions

• Section Preview
• Mobile Device Management Part 1
• Mobile Device Management Part 2
• Secure Mobile Device Connections

33. Part 14 - Application Attacks

• Section Preview
• Privilege Escalation & Error Handling
• Overflows, Resource Exhaustion, Memory Leaks & Race Conditions
• Uniform Resource Locator Analysis & Percent Encoding
• API & Replay Attacks, CSRF, Clickjacking & SSL Strip Attacks
• Cross-Site Scripting Attack
• SQL Injection
• Other Injection Attacks
• Secure Coding Techniques - Part 1
• Secure Coding Techniques - Part 2
• Implement Secure Script Environments
• Deployment and Automation Concepts

34. Part 15 - Implement Secure Cloud Solutions

• Section Preview
• Cloud Deployment Models
• Virtualization Technology & Hypervisor Types
• Cloud Security Solutions - Part 1
• Cloud Security Solutions Part 2
• Infrastructure as Code Concepts

35. Part 16 - Data Privacy & Protection Concepts

• Section Preview
• Privacy and Sensitive Data Concepts
• Data Sovereignty, Privacy Breaches & Data Sharing
• Privacy and Data Controls

36. Part 17 - Incident Response Procedures

• Section Preview
• Incident Response Process
• Cyber Incident Response Team
• Incident Response Plan
• Incident Response Exercises, Recovery and Retention Policy
• Incident Identification Part 1
• Incident Identification Part 2
• Mitigation Controls

37. Part 18 - Digital Forensics

• Section Preview
• Digital Forensics Documentation
• Digital Forensics Evidence Acquisition Part 1
• Digital Forensics Evidence Acquisition Part 2

38. Part 19 - Risk Management Processes and Concepts

• Section Preview
• Risk Management Process
• Risk Controls
• Pop Quiz
• Business Impact Analysis

39. Part 20 - Implement Cyber Security Resilience

• Section Preview
• Cyber Security Resilient Strategies
• Implementing Redundancy
• Backup Strategies
• Backup Storage
• Defense in Depth

40. Part 21 - Implement Physical Security

• Section Preview
• Physical Host Security Controls
• Physical Host Security Controls Part 1
• Physical Host Security Host Controls Part 2