An Introduction to CompTIA Security+ SY0-601 by NetCom Learning

An Introduction to CompTIA Security+ - SY0 601

Sheik Raashid Javid NetCom Learning

1998-2021 NetComLearning Learning 1998-2022 NetCom ©©

RECORDED WEBINAR VIDEO To watch the recorded webinar video for live demos, please access the link: https://bit.ly/3N4DeT1

Interested in training? Contact us! | www.netcomlearning.com | (888) 563-8266 | comptia@netcomlearning.com www.netcomlearning.com || info@netcomlearning.com || 1-888-563-8266

AGENDA Lesson 1: Comparing Security Roles and Security Controls

Lesson 2: Explaining Threat Actors and Threat Intelligence Lesson 3: Performing Security Assessments Lesson 4: Identifying Social Engineering and Malware

Lesson 5: Summarizing Basic Cryptographic Concepts Lesson 6: Implementing Public Key Infrastructure Lesson 7: Implementing Authentication Controls

Lesson 8: Implementing Identity and Account Management Controls Lesson 9: Implementing Secure Network Designs Lesson 10: Implementing Network Security Appliances

Interested in training? Contact us!

AGENDA Lesson 11: Implementing Secure Network Protocols

Lesson 12: Implementing Host Security Solutions Lesson 13: Implementing Secure Mobile Solutions Lesson 14: Summarizing Secure Application Concepts

Lesson 15: Implementing Secure Cloud Solutions Lesson 16: Explaining Data Privacy and Protection Concepts Lesson 17: Performing Incident Response

Lesson 18: Explaining Digital Forensics Lesson 19: Summarizing Risk Management Concepts Lesson 20: Implementing Cybersecurity Resilience Lesson 21: Explaining Physical Security

Interested in training? Contact us!

COMPARING SECURITY ROLES AND SECURITY CONTROLS

▪ Compare and Contrast Information Security Roles ▪ Information Security- CIA



Compare and Contrast Security Control and Framework Types 

Security control categories- Technical, Managerial, Operational.



Security Control Functional TypesPreventive, Detective, Corrective, Physical, Compensating, Deterrent



ISO and Cloud Frameworks- 27K, 31K, Cloud Security Alliance



Regulations, standards- GDPR, PCI-DSS

▪ Cybersecurity Framework- NIST ▪ Information Security Responsibilities

Roles

and

▪ SOC ▪ Incident Response

Interested in training? Contact us!

EXPLAINING THREAT ACTORS AND THREAT INTELLIGENCE

▪ Explain Threat Actor Types and Attack Vectors

Explain Threat Intelligence Sources 

Threat research sources- dark web



▪ Hackers, Script Kiddies, Hactivists, State actor, APT, Competitors, Insider.

Threat intelligence providers- IBM XForce, FireEye, Recorded Future, ISAC, OSINT



TTPs and IOC.

▪ Attack Surface, Actor vector



Threat Data Feeds- STIX, TAXII etc.



AI and ML

▪ Vulnerability, Threat, Risk ▪ Attributes of Threat ActorsInternal/External, Motivation, Funding



Interested in training? Contact us!

PERFORMING SECURITY ASSESSMENTS

▪ Assess organizational security with network reconnaissance tools.

Summarize vulnerability scanning techniques. 

Security assessment, vulnerability scan types

▪ Ipconfig, Ping, ARP, Route, Traceroute



CVE, CVSS, NVD

▪ IP Scanners and Nmap- Service Discovery



False positive and false negatives

▪ Netstat and Nslookup, Wireshark, tcpdump, Metasploit etc.



Threat Hunting



▪ Explain security concerns with general vulnerability types.

Explain penetration testing concepts. 

Penetration Testing



ROE

▪ Software vulnerabilities and patch management



Black Box, White Box, Gray Box

▪ Zero-day, legacy, weak host configurations, weak network configurations



Red/Blue Team



Active/passive Reconnaissance

▪ Impact from vulnerabilities, 3rd party risk, vendor management



Interested in training? Contact us!

IDENTIFYING SOCIAL ENGINEERING AND MALWARE

▪ Compare and contrast engineering techniques.

social



Analyze indicators based attacks.

malware-

▪ Social Engineering- principles



Malware Classification

▪ Impersonation, dumpster diving, tailgating, identity fraud



Virus, Worm, spyware, keylogger,

▪ Phishing, whaling, vishing, spam, pharming.



Backdoor, RAT, Rootkit



Ransomware, Logic Bomb



Malware Indicators



Process Analysis- Process Explorer

Interested in training? Contact us!

SUMMARIZING BASIC CRYPTOGRAPHIC CONCEPTS

▪

Compare and contrast cryptographic ciphers.



Summarize cryptographic use cases and weaknesses.

▪

Cryptographic Concepts



Cryptography supporting CIA

▪

Hashing



Limitations and Attacks

▪

Symmetric and Asymmetric Encryption



Key stretching and salting

Summarize cryptographic modes of operation.



Summarize other cryptographic technologies. 

Quantum computing

Digital Certificates



Blockchain

Digital Envelopes etc.



Steganography etc.

▪

Digital Signatures

▪ ▪

Interested in training? Contact us!

IMPLEMENTING PUBLIC KEY INFRASTRUCTURE

▪ Implement certificates and certificate authorities. ▪ Public and private keys ▪ Certificate Authority ▪ Trust Models- Registration AuthorityCSR ▪ Digital Certificate- Types, Attributes

Interested in training? Contact us!



Implement PKI management. 

Key management



Key Recovery-Escrow



Certificate Expiration



CRL



Online Certificate Responders etc.

Status

Protocol

IMPLEMENTING AUTHENTICATION CONTROLS

▪ Summarize authentication design concepts.



▪ Identity and Access Management



Smart card authentication

▪ Authentication Factors



Key management devices

▪ MFA etc.



RADIUS and TACACS



OTPs

▪ Implement knowledge-based authentication. ▪ Local, Remote Authentication ▪ Kerberos ▪ Password Attacks , crackers. ▪ Authentication Management etc.

Implement authentication technologies.

Interested in training? Contact us!



Summarize biometrics authentication concepts. 

Biometric Authentication- FRR, FAR, CER



Fingerprints Recognition



Facial Recognition etc.

IMPLEMENTING IDENTITY AND ACCOUNT MANAGEMENT CONTROLS ▪

Implement identity and account types.



▪ Identity Management Controls- certificates, smart cards, tokens Identity Providers.

Implement authorization solutions. 

DAC, RBAC, MAC

▪ Background Check- onboarding Policies



Directory service

▪ Personnel Policies- Separation of duties, Job rotation, mandatory vacation etc.



Federation etc.

▪ Root Accounts etc.

▪ Implement account policies.



Explain the importance of personnel policies. 

Conduct policies

▪ Account attributes and access policies



User and Role based training

▪ Password policy



Types of Training

▪ Account restrictions, permissions, auditing and lockout

Interested in training? Contact us!

IMPLEMEMNTING SECURE NETWORK DESIGNS

▪ Implement secure network designs.



▪ Secure Network Designs



Wireless Network Installation Considerations

▪ Routing and Switching Protocols



AP Security

▪ Segmentation, Topology, Zones, DMZ



WEP, WPA2, WPA3, WPS



Disassociation, Replay Attack, Jamming

▪ Network Appliances

▪ Implement secure routing and switching.

Implement secure wireless infrastructure.



Implement load balancers.

▪ MITM & Layer 2 Attacks



DDoS & Mitigation

▪ ARP Poisoning, MAC Flooding.



Load Balancing

▪ Loop prevention, MAC Filtering etc.



Clustering, QoS

Interested in training? Contact us!

IMPLEMEMNTING NETWORK SECURITY APPLIANCES

▪ Implement firewalls and proxy servers.



Summarize the use of SIEM

▪ Packet Filtering Firewalls



Monitoring Services

▪ Stateful Inspection Firewalls



SIEM

▪ Iptables, Proxies, Gateways, NAT etc.



Analysis & Report Review

▪ Implement network security monitoring.



File Manipulation Commands

▪ NIDS & NIPS ▪ Signature based and Behavior based detection ▪ Next Generation Firewalls ▪ HIDS, WAF

Interested in training? Contact us!

IMPLEMEMNTING SECURE NETWORK PROTOCOL

▪ Implement secure network operations protocols.



▪ NAT ▪ DNS ▪ DNS Poisoning- Security ▪ Secure Directory Services

▪ SNMP Security

Interested in training? Contact us!



Implement secure application protocols. 

HTTP and Web Services



TLS



FTP- Security



Email- POP- IMAP- S/MIME-Security



VOIP-SIP

Implement secure remote access protocols. 

VPN



IPsec, L2TP.



RDP-SSH

IMPLEMEMNTING HOST SECURITY SOLUTIONS

▪ Implement secure firmware. ▪ ▪ ▪ ▪ ▪



Implement endpoint security. 

Secure Boot Disk Encryption USB/Flash Drive Security EOL Systems Organizational Security Agreements

   



Explain embedded system security implications.      

Interested in training? Contact us!

Hardening Base Configuration, Registry settings Patch Management End-point protection- Next Generation Antivirus

Embedded Systems Logic Controllers- Communication Industrial Control Systems IoT Specialized Systems- Multifunction Printers, etc. Security for embedded Systems etc.

IMPLEMEMNTING SECURE MOBILE SOLUTIONS

▪ Implement mobile device management. ▪ ▪ ▪ ▪ ▪ ▪

Deployment Models Enterprise Mobility Management Mobile Access Control Systems Remote Wipe- Full Device Encryption Location services Application Management -Content Management ▪ Rooting/ Jailbreaking

Interested in training? Contact us!



Implement secure mobile device connections. 

Cellular & GPS



Wi-Fi and Tethering



Bluetooth



Infrared-NFC – USB etc.

SUMMARIZING SECURE APPLICATION CONCEPTS

▪ Analyze indicators of application attacks.

▪

Application Attacks Overflow Vulnerabilities Race Conditions- Memory Leak- Resource Exhaustion Driver Manipulation, pass the hash

▪ Analyze attacks. ▪ ▪ ▪ ▪

indicators

web

▪

▪ ▪ ▪

▪

Interested in training? Contact us!

▪

Secure coding techniques, Web app security Data exposure-Memory Management Secure code usage Static/Dynamic Code analysis

Implement secure script environments. ▪

application

URL Analysis API Attacks Replay- Session Hijack- CSRF SQL Injection-Directory Traversal

Summarize secure coding practices.

Scripting, Python, PowerShell Malicious code indicators etc.

Summarize deployment and automation concepts. ▪ ▪ ▪

Application Development, Deployment, Automation Secure Application Development Environment Provisioning, Deprovisioning, Version Control etc.

IMPLEMENTING SECURE CLOUD SOLUTIONS

▪ Summarize secure cloud and virtualization services. ▪ ▪ ▪ ▪ ▪ ▪ ▪

Cloud Deployment Models Cloud Service Models Anything as a service Security as a service Virtualization- Hypervisor Virtual Desktop VM Escape Protection- Sprawl Avoidance

Interested in training? Contact us!



Apply cloud security solutions. 

Cloud security Integration and Auditing



Security Controls- compute security



Storage Security- High Availability



Network Security- Firewalls etc.

Summarize infrastructure as code concepts. 

Microservices



API



Serverless Architecture



SDN etc.

EXPLAINING DATA PRIVACY AND PROTECTION CONCEPTS

▪ Explain privacy and data sensitivity concepts. ▪ ▪ ▪ ▪

Privacy and sensitive data concepts Data Roles and responsibilities Data Classifications Data Retention- Geographical Considerations ▪ Breaches ▪ Data Sharing

Interested in training? Contact us!



Explain privacy and data protection controls. 

Data Protection



Data Exfiltration



DLP



Privacy enhancing- deidentification etc.

PERFORMING INCIDENT RESPONSE

▪ Summarize incident response procedures. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

Incident Response Process Preparation Identification Containment Eradication Recovery Lessons Learned Team, Communication, Plan, Exercise Attack Frameworks- Cyber Kill Chain

Interested in training? Contact us!



Utilize appropriate data sources for incident response.    



Incident Identification SIEM- Dashboards Trend Analysis Logging- Data Sources

Apply mitigation controls.   

Incident Containment Eradication and recovery Firewall, content filter, end point configuration changes, SOAR etc.

EXPLAINING DIGITAL FORENSICS

▪ Explain key aspects of digital forensics documentation. ▪ Key aspects of digital forensics ▪ Report- E-Discovery- witness interviewTimeline- Logs- Intelligence

Interested in training? Contact us!



Explain key aspects of digital forensics evidence acquisition. 

Data acquisition and order of volatility



Forensic software



Image and other data acquisition



Integrity



Data forensics in Cloud

SUMMARIZING RISK MANAGEMENT CONCEPTS

▪ Explain risk management processes and concepts. ▪ ▪ ▪ ▪

Risk management Process Risk Types Assessment- Quantitative, Qualitative Risk Management Strategies ▪ Avoid, Transfer, Accept ▪ Risk Awareness

Interested in training? Contact us!



Explain business impact analysis concepts. 

Business Impact Analysis



Mission Essential Functions



Critical systems- single point of failure



Disaster Recovery Plans etc.

IMPLEMENTING CYBERSECURITY RESILIENCE

▪ Implement redundancy strategies. ▪ ▪ ▪ ▪ ▪

High availability Power redundancy Network Redundancy Disk Redundancy Geographical Redundancy- Replication



Implement backup strategies.     



Implement cybersecurity resiliency strategies. 

   

Interested in training? Contact us!

Backup & Retention Policies Backup types Snapshots and Images Backup storage Issues Restoration Order etc.

Configuration Management Assets Management Change Management Site Resiliency- Defense in Depth Disruption Strategies etc

EXAM DETAILS Exam Code Launch Date

Exam Description

Number of Questions

SY0-601 November 12, 2020 The CompTIA Security+ certification exam will verify the successful candidate has the knowledge and skills required to assess the security posture of an enterprise environment and recommend and implement appropriate security solutions; monitor and secure hybrid environments, including cloud, mobile, and IoT; operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance; identify, analyze, and respond to security events and incidents

Type of Questions

Length of Test

Multiple choice and performance-based

90 minutes

Passing Score

750 (on a scale of 100-900)

Recommended Experience

CompTIA Network+ and two years of experience in IT administration with a security focus

Languages

English, Japanese, Vietnamese, Thai, Portuguese

Retirement

Usually, three years after launch

Testing Provider

•Pearson VUE Testing Centers •Online Testing

Maximum of 90 questions

Interested in training? Contact us!

COMPTIA LABS FOR SECURITY+ (SY0 601) ▪ Assisted Lab: Exploring the Lab Environment ▪ Assisted Lab: Scanning and Identifying Network Nodes ▪ Assisted Lab: Intercepting and Interpreting Network Traffic with Packet Sniffing Tools ▪ Assisted Lab: Analyzing the Results of a Credentialed Vulnerability Scan ▪ Assisted Lab: Installing, Using, and Blocking a Malware-based Backdoor ▪ APPLIED LAB: Performing Network Reconnaissance and Vulnerability Scanning ▪ Assisted Lab: Managing the Lifecycle of a Certificate ▪ Assisted Lab: Managing Certificates with OpenSSL ▪ Assisted Lab: Auditing Passwords with a Password Cracking Utility ▪ Assisted Lab: Managing Centralized Authentication ▪ Assisted Lab: Managing Access Controls in Windows Server

▪ Assisted Lab: Configuring a System for Auditing Policies ▪ Assisted Lab: Managing Access Controls in Linux ▪ APPLIED LAB: Configuring Identity and Access Management Controls ▪ Assisted Lab: Implementing a Secure Network Design ▪ Assisted Lab: Configuring a Firewall ▪ Assisted Lab: Configuring an Intrusion Detection System ▪ Assisted Lab: Implementing Secure Network Addressing Services ▪ Assisted Lab: Implementing a Virtual Private Network ▪ Assisted Lab: Implementing a Secure SSH Server ▪ Assisted Lab: Implementing Endpoint Protection ▪ APPLIED LAB: Securing the Network Infrastructure

Interested in training? Contact us!

▪ Assisted Lab: Identifying Application Attack Indicators ▪ Assisted Lab: Identifying a Browser Attack ▪ Assisted Lab: Implementing PowerShell Security ▪ Assisted Lab: Identifying Malicious Code ▪ APPLIED LAB: Identifying Application Attack ▪ Assisted Lab: Managing Data Sources for Incident Response ▪ Assisted Lab: Configuring Mitigation Controls ▪ Assisted Lab: Acquiring Digital Forensics Evidence ▪ Assisted Lab: Backing Up and Restoring Data in Windows and Linux ▪ APPLIED LAB: Managing Incident Response, Mitigation and Recovery

ABOUT NETCOM LEARNING

100K+

14K+

3500

Professionals trained

Corporate clients

IT, Business & Soft Skillscourses

96%

8.6/9

20+

Of customers recommend us to others

Instructor evaluations

Leadingvendors recognitions

Microsoft’s

80%

Top20

Worldwide training partner of the year

Trained of the Fortune 100

ITTraining Company

NetCom Learning is an award-winning global leader in managed learning services, training and talent development. Founded

: 1998

Headquarters

: New YorkCity

Delivery Capability

: Worldwide

CEO

: RussellSarder

Interested in training? Contact us! | www.netcomlearning.com | (888) 563-8266 | comptia@netcomlearning.com www.netcomlearning.com www.netcomlearning.com || info@netcomlearning.com || 1-888-563-8266

RECOMMENDED COURSES AND MARKETING ASSETS NetCom Learning offers a comprehensive portfolio for Security » COMPTIA SECURITY+ CERTIFICATION PREP (EXAM SY0-601) - Class Scheduled on Jun 20 » COMPTIA ADVANCED SECURITY PRACTITIONER (CASP+) - Class Scheduled on Jul 18 » COMPTIA PENTEST+ CERTIFICATION PREP (EXAM PT0-002) - Class Scheduled on Jul 11 » COMPTIA NETWORK+ CERTIFICATION PREP (EXAM N10-008) - Class Scheduled on Jun 27

You can also access the below Marketing Assets » Free 1hr Training - An Introduction to CompTIA A+ (220 – 1101) » Free On-Demand Training - What is new with CompTIA PenTest+ - PT0 002 » Blog - CompTIA Cybersecurity certification pathway and job prospects

Interested in training? Contact us! | www.netcomlearning.com | (888) 563-8266 | comptia@netcomlearning.com www.netcomlearning.com || info@netcomlearning.com || 1-888-563-8266

UPCOMING WEBINARS ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

Master Class: Understand the Fundamentals of Architecting on AWS Simplify Complex Projects with SCRUM What’s New in Power Apps and Power Automate? Cisco Enterprise Networks: Learn How to Implement and Configure OSPF Getting Started with Well-Architected Framework on AWS Master Class : Designing and Implementing DevOps Processes and Practices 10 Essential PMI skills for Leader AWS Discovery Day - Machine Learning Basics Learn Incident Handling & Response in Under 40 Minutes Master Class: Getting started with AWS DevOps An Introduction to CompTIA A+ (220 – 1101) AWS Discovery Day - Strategies and tools to perform large-scale migrations Learn to Defend Against Multi-Stage Network Breaches in 40 Minutes

Interested in training? Contact us! | www.netcomlearning.com | (888) 563-8266 | comptia@netcomlearning.com www.netcomlearning.com www.netcomlearning.com || info@netcomlearning.com || 1-888-563-8266

PROMOTIONS

Stay Digital Safe - Assess and Upskill your team against cyber threats now ! NetCom Learning's end-user Cybersecurity Awareness Training & Phishing Simulation Solution offers phishing simulations on email, voice, and text to organizations, and is bundled with 90+ interactive security awareness video courses for the end-users. Request a Demo

www.netcomlearning.com www.netcomlearning.com info@netcomlearning.com 1-888-563-8266 || info@netcomlearning.com || 1-888-563-8266 www.netcomlearning.com Interested in training? Contact us! | www.netcomlearning.com | (888) 563-8266 | comptia@netcomlearning.com

PROMOTIONS

Free Cybersecurity Training! NetCom Learning brings an immersive two-hour, instructor-led Free Training on Cybersecurity that is designed to help businesses understand the importance of Cybersecurity in today’s digital world and gain expert insights into how security breaches can affect a business.. Learn More

PROMOTIONS

Explore The World Of Unlimited Training Subscription! NetCom+ is a limitless 12-month subscription program. Attend over 500+ courses as from a range of authorized training courses. Get access to bundled offerings of Virtual Instructor-Led courses, e-Learning, Discovery Days, and On-Demand training via NetCom+ training subscription.. Save Now

www.netcomlearning.com Interested in training? Contact us! | www.netcomlearning.com | (888) 563-8266 | comptia@netcomlearning.com www.netcomlearning.com || info@netcomlearning.com || 1-888-563-8266

PROMOTIONS

E- Learning To Skill Up ! Align and upskill your team via e-Learning to drive results! Our robust library includes EC-Council, Microsoft, Cisco, Citrix, CompTIA, Autodesk, and more. Our e-Learning solutions allow perfect balance among work and upskilling, without interrupting workflow. It’s all about saving time, quality learning, knowledge check, 24/7 availability. Learn More

PROMOTIONS

Access Your Passport To A Year Full Of Learning! The NetCom Learning Passport is a flexible pre-pay training package allowing you to plan and manage your teams’ annual training needs. With our Learning Passport, organizations get special pricing and extended program options to simplify management. Equipped with this Passport, you make the most of your budget. It has been specifically designed to specialize for the number of learners you plan to train.. Unlock Now

www.netcomlearning.com www.netcomlearning.com Interested in training? Contact us! | www.netcomlearning.com | (888) 563-8266 | comptia@netcomlearning.com || info@netcomlearning.com || 1-888-563-8266

PROMOTIONS

Worry-Free Training with Price Match Guarantee! Our Price Match Guarantee ensures that we'll match the offers of any other authorized training provider if you succeed at finding anyone offering the same publicly scheduled class within 30 days of our schedule at a lower regular price.. Learn More

Interested in training? Contact us! | www.netcomlearning.com | (888) 563-8266 | comptia@netcomlearning.com www.netcomlearning.com www.netcomlearning.com || info@netcomlearning.com || 1-888-563-8266

Instagram

Twitter

YouTube

Interested in training? Contact us! | www.netcomlearning.com | (888) 563-8266 | comptia@netcomlearning.com www.netcomlearning.com www.netcomlearning.com || info@netcomlearning.com || 1-888-563-8266

BUILDING AN INNOVATIVE LEARNING ORG.

A BOOK FROM RUSSELL SARDER, CEO AT NETCOM LEARNING

A framework to build a smarter workforce, adapt to change and drive growth.

DOWNLOAD e-book

Interested in training? Contact us! | www.netcomlearning.com | (888) 563-8266 | comptia@netcomlearning.com www.netcomlearning.com www.netcomlearning.com || info@netcomlearning.com || 1-888-563-8266

Thank you

Interested in training? Contact us! | www.netcomlearning.com | (888) 563-8266 | comptia@netcomlearning.com www.netcomlearning.com info@netcomlearning.com www.netcomlearning.com | || info@netcomlearning.com || 1-888-563-8266