CompTIA Security+

The CompTIA Security+ exam will certify that the successful candidate has the knowledge and skills required to install and configure systems, secure applications, networks, and devices; perform threat analysis and respond with appropriate mitigation techniques.

A student who successfully completes this course can participate in risk mitigation activities; and operate with an awareness of applicable policies, laws, and regulations.

Course Objectives:

Threats, Attacks, and Vulnerabilities

• Given a scenario, analyze indicators of compromise and determine the type of malware
• Compare and contrast types of attacks.
• Explain threat actor types and attributes.
• Explain penetration testing concepts
• Explain vulnerability scanning concepts
• Explain the impact associated with types of vulnerabilities

Technologies and Tools

• Install and configure network components, both hardware- and software-based, to support organizational security
• Given a scenario, use appropriate software tools to assess the security posture of an organization
• Given a scenario, troubleshoot common security issues
• Given a scenario, analyze and interpret output from security technologies
• Given a scenario, deploy mobile devices securely
• Given a scenario, implement secure protocols

Architecture and Design

• Explain use cases and purpose for frameworks, best practices and secure configuration guides
• Given a scenario, implement secure network architecture concepts
• Given a scenario, implement secure systems design
• Explain the importance of secure staging deployment concepts
• Explain the security implications of embedded systems
• Summarize secure application development and deployment concepts
• Summarize cloud and virtualization concepts
• Explain how resiliency and automation strategies reduce risk
• Explain the importance of physical security controls

Identity and Access Management

• Compare and contrast identity and access management concepts
• Given a scenario, install and configure identity and access services
• Given a scenario, implement identity and access management controls
• Given a scenario, differentiate common account management practices
• Risk Management
• Explain the importance of policies, plans, and procedures related to organizational security
• Summarize business impact analysis concepts
• Explain risk management processes and concepts
• Given a scenario, follow incident response procedures
• Summarize basic concepts of forensics
• Explain disaster recovery and continuity of operation concepts
• Compare and contrast various types of controls
• Given a scenario, carry out data security and privacy practice

Cryptography and PKI

• Compare and contrast basic concepts of cryptography
• Explain cryptography algorithms and their basic characteristics
• Given a scenario, install and configure wireless security settings
• Given a scenario, implement public key infrastructure