Architecture and Design for CompTIA Security+
This course will teach you the fundamentals and key concepts around the security architecture and design, and how your organization implements and utilizes various tools and technologies to secure the environment.
What you'll learn
In this course, you’ll learn about the tools and technologies used to secure the environment. First you’ll learn various methods to ensure data is secure, changes are tracked, and disruptions are minimized. Next, you’ll learn how virtualization and cloud computing can be leverage securely to enhance both productivity and security. Then, you'll learn about automation, resiliency, and failover to strengthen your company’s security posture. Lastly, you’ll dive into the basics of cryptographic concepts to ensure data is secure at-rest, in-transit and in-use. When you’ve finished this courses, you’ll have the knowledge required to pass the architecture and design section of Security+, along with the skills needed to help ensure your companies critical data and assets are secure from attacks both internal and external.
Table of contents
- Module Intro 2m
- Configuration Management 4m
- Diagrams 1m
- Baseline Configuration 2m
- IP Address Schema 2m
- Data Sovereignty 1m
- Data Loss Prevention (DLP) 2m
- Types of Data to Secure 1m
- Data Masking 4m
- Tokenization 2m
- Digital Rights Management (DRM) 1m
- Hardware Based Encryption (TPM and HSM) 1m
- Geographical Considerations 2m
- Cloud Access Security Broker (CASB) 1m
- Security-as-a-Service (SECaaS) 1m
- Differences between CASB and SECaaS 1m
- Recovery 2m
- Secure Protocols and SSL/TLS Inspection 2m
- Hashing 2m
- API Considerations and API Gateways 2m
- Recovery Site Options (Cold, Warm, Hot, and Cloud-based Sites) 3m
- Disaster Area Example 2m
- Honeypots and Honeyfiles 1m
- Honeynets 1m
- Fake Telemetry 1m
- DNS Sinkhole 2m
- Module Intro 1m
- Cloud Storage 2m
- Cloud Computing 2m
- "X" as a Service 1m
- Infrastructure as a Service (IaaS) 2m
- IaaS and Automation 2m
- Platform as a Service (PaaS) 2m
- Software as a Service (SaaS) 1m
- IaaS, PaaS, and SaaS Differentiators 1m
- Types of Clouds 1m
- Managed Service Providers (MSP) 4m
- Fog Computing 3m
- Edge Computing 1m
- VDI 4m
- Virtualization 4m
- Containers 6m
- Microservices and APIs 4m
- Infrastructure as Code (IAC) 1m
- Software Defined Networking (SDN) 1m
- Software Defined Visibility (SDV) 1m
- Serverless Architecture 2m
- IaaS, PaaS, FaaS, and SaaS Differentiators 1m
- Service Integrations and Resource Policies 2m
- Transit Gateway 1m
- VM Sprawl Avoidance 2m
- VM Escape 1m
- Module Review 1m
- Module Intro 1m
- Environments (Dev, Test, Staging, and Production) 4m
- Environment Example 2m
- Provisioning and Deprovisioning 2m
- Integrity Measurement 2m
- Static Code Analysis 2m
- Secure Coding Techniques 6m
- Security Automation 2m
- Continuous Monitoring and Validation 1m
- Continuous Integration 2m
- Continuous Delivery and Continuous Development 2m
- OWASP 1m
- Software Diversity, Compiler, and Binary 2m
- Elasticity and Scalability 1m
- Version Control 3m
- Module Intro 1m
- Directory Services 2m
- Usernames 1m
- Federation 1m
- Transitive Trust / Authentication 1m
- Attestation 1m
- Time-Based One-Time Password (TOTP) 2m
- HMAC-Based One-Time Password (HOTP) 1m
- SMS Authentication 1m
- Tokens 1m
- Static Codes 1m
- Authentication Applications 1m
- Push Notifications 1m
- Smart Cards 1m
- Proximity Cards 1m
- Personal Identification Verification Card (PIV) 1m
- Common Access Card 1m
- Biometric Factors 1m
- Facial Recognition 2m
- Vein and Gait Analysis 2m
- Efficacy Rates 1m
- Identification vs. Authentication vs. Authorization 1m
- Multifactor Authentication 1m
- Authentication Factors 2m
- Authorization 1m
- Authentication Factors 1m
- Authentication, Authorization, and Accounting (AAA) 1m
- On-prem vs. Cloud Requirements 3m
- Module Intro 2m
- Geographically Disperse 1m
- Geographical Dispersal of Assets 1m
- RAID 3m
- Multipath 2m
- Load Balancer 1m
- Power Resiliency 2m
- Replication 2m
- On-prem vs. Cloud 2m
- Backup Plans / Policies 1m
- Backup Execution / Frequency 1m
- Backup Types 3m
- Backup Environments 1m
- Online vs. Offline Backups 1m
- Backups - Distance Considerations 2m
- Non-persistence, Snapshots, and Live Boot Media 2m
- High Availability 2m
- Redundancy 2m
- Fault Tolerant Hardware 1m
- Technology and Vendor Diversity 2m
- Crypto and Control Diversity 3m
- Module Intro 1m
- Module Goal 1m
- Embedded Systems 1m
- Embedded Systems Examples 2m
- SCADA / ICS 4m
- SCADA Security Concerns 3m
- Smart Devices / IoT 2m
- Smart Devices / IoT Weak Defaults 1m
- Special Purpose Devices 1m
- Vehicles 1m
- Voice over IP (VoIP) 2m
- HVAC 2m
- Aircraft/UAV 2m
- Printers/MFDs 2m
- Real Time Operating Systems (RTOS) 1m
- Surveillance Systems 2m
- System on a Chip (SoC) 1m
- 5G Networks and Security Concerns 2m
- Narrow-band and Baseband Radio 1m
- Zigbee 2m
- Constraints 2m
- Module Intro 1m
- Barricades 1m
- Mantraps 1m
- Badges 2m
- Alarms 2m
- Lighting and Signs 2m
- Cameras and Video Surveillance 2m
- Guards 1m
- Robot Sentries 1m
- Reception 1m
- Two Person Integrity (TPI) / Control 1m
- Hardware Locks 1m
- Biometrics 1m
- Cable Locks, Safes, and Locking Cabinets 1m
- USB Data Blocker 1m
- Fencing 1m
- Fire Suppression 3m
- Motion Detection / Infrared 1m
- Proximity Readers 1m
- Drones / UAV 1m
- Logs 1m
- Air Gaps 3m
- Demilitarized Zone (DMZ) 4m
- Protected Distribution System (PDS) 4m
- Hot and Cold Aisles 3m
- Non-Digital and Digital Data Destruction 1m
- Shredding 1m
- Pulping and Pulverizing 1m
- Deguassing 2m
- Purging 1m
- Wiping 3m
- Module Review 1m
- Module Intro 1m
- Why You Should Care 1m
- Cryptographic Terminology and History 4m
- Vigenere Table 3m
- Digital Signatures 1m
- Key Stretching 3m
- Hashing 2m
- In-band vs. Out-of-band Key Exchange 1m
- Elliptic Curve Cryptography (ECC) 1m
- Perfect Forward Secrecy 1m
- Quantum Communications 3m
- Quantum Computing 1m
- Post Quantum 1m
- Ephemeral Key 1m
- Cipher Modes 1m
- XOR Function 1m
- Cryptographic Methods and Design 4m
- Blockchain 4m
- Fundamental Differences and Encryption Methods 2m
- Session Keys 1m
- Asymmetric Encryption 3m
- Lightweight Encryption 1m
- Steganography 2m
- Homomorphic Encryption 2m
- Common Use Cases 4m
- Cipher Suites 2m
- Limitations 2m
- Random and Pseudorandom Number Generators (PRNG) 1m
- Quantum Random Number Generators (QRNG) 1m
About the author
Chris is a professional information technologist, author, trainer, manager and a lifelong learner. He is married with 3 beautiful children and interested in working out, spending time with family and friends and being creative whenever possible. He has been an author for over 25 years and has created over 60 IT Certification training courses. Chris really enjoys helping people advance in their careers through training and personal development.