SC110: CompTIA™ Security+

Agenda:

• General security concepts (12%)
  
  • Security controls: comparing technical, preventive, managerial, deterrent, operational, detective, physical, corrective, compensating, and directive controls.
  • Fundamental concepts: summarizing confidentiality, integrity, and availability (CIA); non-repudiation; authentication, authorization, and accounting (AAA); zero trust; and deception/disruption technology.
  • Change management: explaining business processes, technical implications, documentation, and version control.
  • Cryptographic solutions: using public key infrastructure (PKI), encryption, obfuscation, hashing, digital signatures, and blockchain.

• Threats, vulnerabilities, and mitigations (22%)
  • Threat actors and motivations: comparing nation-states, unskilled attackers, hacktivists, insider threats, organized crime, shadow IT, and motivations like data exfiltration, espionage, and financial gain.
  • Threat vectors and attack surfaces: explaining message-based, unsecure networks, social engineering, file-based, voice call, supply chain, and vulnerable software vectors.
  • Vulnerabilities: explaining application, hardware, mobile device, virtualization, operating system (OS)-based, cloud-specific, web-based, and supply chain vulnerabilities.
  • Malicious activity: analyzing malware attacks, password attacks, application attacks, physical attacks, network attacks, and cryptographic attacks.
  • Mitigation techniques: using segmentation, access control, configuration enforcement, hardening, isolation, and patching.

• Security architecture (18%)
  • Architecture models: comparing on-premises, cloud, virtualization, Internet of Things (IoT), industrial control systems (ICS), and infrastructure as code (IaC).
  • Enterprise infrastructure: applying security principles to infrastructure considerations, control selection, and secure communication/access.
  • Data protection: comparing data types, securing methods, general considerations, and classifications.
  • Resilience and recovery: explaining high availability, site considerations, testing, power, platform diversity, backups, and continuity of operations.

• Security operations (28%)
  • Computing resources: applying secure baselines, mobile solutions, hardening, wireless security, application security, sandboxing, and monitoring.
  • Asset management: explaining acquisition, disposal, assignment, and monitoring/tracking of hardware, software, and data assets.
  • Vulnerability management: identifying, analyzing, remediating, validating, and reporting vulnerabilities.
  • Alerting and monitoring: explaining monitoring tools and computing resource activities.
  • Enterprise security: modifying firewalls, IDS/IPS, DNS filtering, DLP (data loss prevention), NAC (network access control), and EDR/XDR (endpoint/extended detection and response).
  • Identity and access management: implementing provisioning, SSO (single sign-on), MFA (multifactor authentication), and privileged access tools.
  • Automation and orchestration: explaining automation use cases, scripting benefits, and considerations.
  • Incident response: implementing processes, training, testing, root cause analysis, threat hunting, and digital forensics.
  • Data sources: using log data and other sources to support investigations.

• Security program management and oversight (20%)
  • Security governance: summarizing guidelines, policies, standards, procedures, external considerations, monitoring, governance structures, and roles/responsibilities.
  • Risk management: explaining risk identification, assessment, analysis, register, tolerance, appetite, strategies, reporting, and business impact analysis (BIA).
  • Third-party risk: managing vendor assessment, selection, agreements, monitoring, questionnaires, and rules of engagement.
  • Security compliance: summarizing compliance reporting, consequences of non-compliance, monitoring, and privacy.
  • Audits and assessments: explaining attestation, internal/external audits, and penetration testing.
  • Security awareness: implementing phishing training, anomalous behavior recognition, user guidance, reporting, and monitoring.

Objectives:

• Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions
• Monitor and secure hybrid environments, including cloud, mobile, and IoT
• Operate with an awareness of applicable laws and policies, including the principles of governance, risk, and compliance
• Identify, analyze, and respond to security events and incidents

The CompTIA™ Security+ certification exam consists of a maximum of 90 questions that must be answered within 90 minutes. You need a score of at least 750 points (on a scale of 100-900) to pass the exam.

You can take the exam at a Pearson VUE test center or online.

Target audience:

Prerequisites:

The following prerequisites are recommended:

• two years of experience in IT administration with focus on security
• understanding of operating systems and knowledge of Windows-based systems such as Windows 7 or Windows 8.1
• ability to identify basic network components and their roles, including routers, switches, firewalls and server roles. Experience in firewall configuration is advantageous.
• basic understanding of wireless networks
• basic understanding of the OSI model and TCP/IP including IPv4 subnetting

Description:

In the 5-day training SC110 CompTIA™ Security+ you will learn and apply the essential dimensions of modern information security – hands-on and at the level of the internationally recognized CompTIA™ Security+ certification.

The focus is on applicable knowledge for securing networks, applications and endpoints – with particular emphasis on ensuring confidentiality, integrity and availability of data.

You will learn to identify and effectively address real security-relevant challenges – from authentication and access control to threat detection, incident response and encryption techniques.

The course SC110 CompTIA™ Security+ is aimed at IT professionals, ideally with at least two years of experience, who want to build their knowledge in information security fundamentally on an internationally recognized standard.

Depending on prior knowledge and learning pace, this training qualifies for the CompTIA™ Security+ certification exam, which can then be taken directly afterwards or at a self-selected later date.
Via the voucher to the CompTIA™ learning platform, interactive learning content, guided lab exercises and unlimited practice exams are available, which can also be accessed after the training.