I. Overview:

CompTIA Security+ is a best global certification that validates the foundational cybersecurity skills necessary to perform core security functions and pursue an IT security career.

1.      VALUE Prop 1 (Career Changer/Student)

The newest CompTIA Security+ (SY0-701) represents the latest and greatest in cybersecurity, covering the most in-demand skills related to current threats, automation, zero trust, IoT, risk – and more. Once certified, you’ll understand the core skills needed to succeed on the job – and employers will notice too.

2.      VALUE Prop 2 (Employer)

CompTIA Security+ validates core knowledge required of any cybersecurity role, and emphasizing vendor-neutral, hands-on practical skills, ensuring the security professional is better prepared to problem solve a wider variety of today’s complex issues

II. Duration:  48 hours

III. Course Objectives:

After this course, you will be able to:

• Compare and contrast various types of security controls.
• Summarize fundamental security concepts.
• Explain the importance of change management processes and the impact to security.
• Explain the importance of using appropriate cryptographic solutions.
• Compare and contrast common threat actors and motivations.
• Explain common threat vectors and attack surfaces.
• Explain various types of vulnerabilities.
• Analyze indicators of malicious activity.
• Explain the purpose of mitigation techniques used to secure the enterprise.
• Compare and contrast security implications of different architecture models.
• Apply security principles to secure enterprise infrastructure.
• Compare and contrast concepts and strategies to protect data.
• Explain the importance of resilience and recovery in security architecture.
• Apply common security techniques to computing resources.
• Explain the security implications of proper hardware, software, and data asset management.
• Explain various activities associated with vulnerability management.
• Explain security alerting and monitoring concepts and tools.
• Modify enterprise capabilities to enhance security.
• Implement and maintain identity and access management.
• Explain the importance of automation and orchestration related to secure operations.
• Explain appropriate incident response activities.
• Use data sources to support an investigation.
• Summarize elements of effective security governance.
• Explain elements of the risk management process.
• Explain the processes associated with third-party risk assessment and management.
• Summarize elements of effective security compliance.
• Explain types and purposes of audits and assessments.
• Implement security awareness practices.

IV. Prerequisites

To get the most out of the CompTIA Security+ course and be able to prepare for your exam, you’re highly recommend you have successfully passed the CompTIA Network+ certification exam and have acquired 24 months of experience in networking support and IT administration. We also recommend the following skills and knowledge before starting this course:

• Use a keyboard and mouse.
• Know the function and basic features of PC components.
• Able to use Windows to create and manage files and use basic administrative features (Explorer, Control Panel and Management Consoles).
• Know basic network terminology and functions (such as OSI Model, topology, Ethernet, TCP/IP, switches and routers).
• Understand TCP/IP addressing, core protocols and troubleshooting tools.

V. Target Audience

• Security Specialist
• Security Administrator
• Systems Administrator
• Help Desk Analyst
• Security Analyst
• Security Engineer

VI.  Course outlines:

1.      Summarize Fundamental Security Concepts

• Security Concepts
• Security Controls

2.      Compare Threat Types

• Threat Actors
• Attack Surfaces
• Social Engineering

3.      Explain Cryptographic Solutions

• Cryptographic Algorithms
• Public Key Infrastructure
• Cryptographic Solutions

4.      Implement Identity and Access Management

• Authentication
• Authorization
• Identity Management

5.      Secure Enterprise Network Architecture

• Enterprise Network Architecture
• Network Security Appliances
• Secure Communications

6.      Secure Cloud Network Architecture

• Cloud Infrastructure
• Embedded Systems and Zero Trust Architecture

7.      Explain Resiliency and Site Security Concepts

• Asset Management
• Redundancy Strategies
• Physical Security

8.      Explain Vulnerability Management

• Device and OS Vulnerabilities
• Application and Cloud Vulnerabilities
• Vulnerability Identification Methods
• Vulnerability Analysis and Remediation

9.      Evaluate Network Security Capabilities

• Network Security Baselines
• Network Security Capability Enhancement

10.  Assess Endpoint Security Capabilities

• Implement Endpoint Security
• Mobile Device Hardening

11.  Enhance Application Security Capabilities

• Application Protocol Security Baselines
• Cloud and Web Application Security Concepts

12.  Explain Incident Response and Monitoring Concepts

• Incident Response
• Digital Forensics
• Data Sources
• Alerting and Monitoring Tools

13.  Analyze Indicators of Malicious Activity

• Malware Attack Indicators
• Physical and Network Attack Indicators
• Application Attack Indicators

14.  Summarize Security Governance Concepts

• Policies, Standards, and Procedures
• Change Management
• Automation and Orchestration

15.  Explain Risk Management Processes

• Risk Management Processes and Concepts
• Vendor Management Concepts
• Audits and Assessments

16.  Summarize Data Protection and Compliance Concepts

• Data Classification and Compliance
• Personnel Policies