In this section, you will learn how to identify security threats, attacks, vulnerabilities, technologies, and tools.
Threats, Attacks, and Vulnerabilities for CompTIA Security+
This course covers domain one of the CompTIA Security+ certification exam. In this course, Threats, Attacks, and Vulnerabilities for CompTIA Security+, you'll learn about the various types of threats and attacks every company faces. First, you'll learn the ins and outs of Malware, ransom-ware, viruses, Trojans, rootkits, social engineering attacks, application vulnerabilities, and DDoS attacks. Next, you'll also learn the characteristics of the various types of threat actors, the skills they have and the tools they use. Finally, you'll learn about penetration testing and vulnerability scanning and how they're used to help tighten security and mitigate potential breaches. By the end of this course, you'll have a solid understanding of the various threats you're likely to face and what tools are available to mitigate these threats.
Table of contents
- Analyzing Indicators of Compromise & Determining Malware Types28m 37s
- Comparing & Contrasting Attacks Types1h 29m
- Exploring Threat Actor Types and Attributes13m 26s
- Defining the Penetration Testing Process19m 59s
- Defining the Vulnerability Scanning Process12m 57s
- Impacts Associated with Types of Vulnerabilities39m 46s
Technologies and Tools for CompTIA Security+
IT Security comprises many different areas and organizations that need skilled IT security personnel who understand the tools and technologies required to architect, deploy, maintain, and troubleshoot the infrastructure required to keep a company's data secure. In this course, Technologies and Tools for CompTIA Security+, you'll learn the networking components (hardware and software) required to maintain organizational security. First, you'll explore the concepts required to troubleshoot and remediate issues. Next, you'll discover the tools required to properly assess a company's security posture, including network scanners, protocol analyzers, vulnerability scanning, and exploitation frameworks. Finally, you'll learn the infrastructure and security concerns dealing with mobile device deployment, including the protocols, devices, and infrastructure needed to secure a company's assets. By the end of this course, you'll understand the various technologies and tools required to assess a company's security posture, identify gaps in their defenses, and recommend solutions to mitigate those risks.
Table of contents
- Course Overview1m 49s
- Installing and Configuring Network Components1h 11m 39s
- Assessing the Security Posture of an Organization46m 12s
- Troubleshooting Common Security Issues29m 34s
- Analyzing and Interpreting Output from Security Technologies19m 49s
- Deploying Mobile Devices Securely37m
- Implementing Secure Protocols26m 7s
This segment of the Path discusses security architecture and design while also exploring identity and access management.
Architecture and Design for CompTIA Security+
Security is the number one thing that every company needs, and with each massive breach this becomes more and more apparent. IT security is a multi-pronged approach and employs defense-in-depth principles. In this course, Architecture and Design for CompTIA Security+, you'll learn architecture and design for CompTIA Securty+. First, you'll start by learning the best practices and frameworks required for creating a secure environment. Next, you'll discover designing secure networks, honeypots, VPNs, firewalls, and various security infrastructure. Then, you'll explore the virtualization techniques, and how IaaS and PaaS, coupled with cloud technologies can increase security. Finally, you'll learn about the importance of physical security and how that can strengthen or weaken your overall security posture. By the end of this course, you'll have a better understanding of critical components to maintaining a successful security posture.
Table of contents
- Course Overview1m 54s
- Frameworks, Best Practices, and Secure Configuration Guides27m 31s
- Implementing Secure Network Architecture18m 43s
- Implementing Secure Systems Design34m 46s
- Secure Staging Deployment13m 58s
- Security Implications of Embedded Systems24m 57s
- Secure Application Development and Deployment38m 27s
- Cloud and Virtualization37m 45s
- Reducing Risk with Resiliency and Automation Strategies21m 41s
- Physical Security Controls35m 42s
Identity and Access Management for CompTIA Security+
Organizations are constantly faced with the ongoing threat of breaches and data comprise from both internal and external threats. In this course, Identity and Access Management for CompTIA Security+, you'll learn the critical foundational concepts that form the building blocks of every company's information security posture. First, you'll explore the various methods of identification, authentication, and authorization, including the technologies that enable secure access to resources both locally and remotely. Next, you'll delve into the various technologies that enable identity and access management, including physical controls, group policy based controls, and biometric controls. Finally, you'll learn user account and access best practices, including various account types, account maintenance, and policy enforcement. By the end of this course, you'll have a better understanding of user account and access management, and you'll be able to take this knowledge into the Security+ exam.
Table of contents
- Course Overview1m 45s
- Comparing and Contrasting Identity and Access Management Concepts14m 33s
- Installing and Configuring Identity and Access Services28m 9s
- Implementing Identity and Access Management Controls26m 52s
- Differentiating Common Account Management Practices28m 59s
This section encompasses the more advanced fundamentals topics, which include managing security risks, cryptography, and public key infrastructure (PKI).
Risk Management for CompTIA Security+
Managing risk is a critical component of an organizations security posture. In this course, Risk Management for CompTIA Security+, you'll learn how to assess a company's risk across each area within IT. First, you'll explore the various methods used to assess risk like SLE, ALE, and ARO. Next, you'll learn the fundamentals of computer forensics, including maintaining chain of custody, legal holds, and data acquisition techniques. Finally, you'll discover the principals of disaster recovery, maintaining highly available infrastructure, and business continuity basics. By the end of the course, you'll understand what's required to assess an organization's operational risk, the methods used to conduct a forensic investigation, and how to keep a business operational leveraging disaster recovery and business continuity concepts.
Table of contents
- Course Overview1m 48s
- Understanding Organizational Policies, Plans, and Procedures27m 19s
- Business Impact Analysis Concepts20m 29s
- Understanding Risk Management Processes and Concepts27m 15s
- Following Incident Response Procedures27m 22s
- Reviewing the Fundamentals of Digital Forensics41m 7s
- Defining Disaster Recovery and Continuity of Operation28m 44s
- Comparing and Contrasting Various Types of Controls7m 9s
- Performing Data Security and Privacy Practices20m 40s
Cryptography and PKI for CompTIA Security+
Providing secure communication, access to data, and disposal of assets is no longer essential to every company's overall IT security plan. In this course, Cryptography and PKI for CompTIA Security+, you'll learn the various concepts and components that make up a company's Public Key Infrastructure (PKI). First, you'll delve into the basics of cryptography, including symmetric and asymmetric algorithms, and cipher types. Next, you'll explore the various methods to encrypt data and how to verify a file's integrity. Then, you'll discover how to secure wireless communication using encryption. Finally, you'll learn about the components that make up a PKI. By the end of this course, you'll have the information necessary to discuss and assess your company's PKI, wireless security posture, and identify gaps both internally and externally.
Table of contents
- Course Overview1m 52s
- Comparing and Contrasting Basic Cryptography Concepts38m 34s
- Deciphering Cryptographic Algorithms19m 10s
- Installing and Configuring Wireless Security Settings24m 40s
- Implementing Public Key Infrastructure29m 13s
What you will learn
- How to analyze indicators of compromise and determine the type of malware
- How to compare and contrast types of attacks and explain threat actor types and attributes
- How to explain penetration testing and vulnerability scanning concepts
- How to explain the impact associated with types of vulnerabilities
- How to install and configure network components, both hardware and software-based, to support organizational security
- How to use appropriate software tools to assess the security posture of an organization
- How to troubleshoot common security issues
- How to analyze and interpret output from security technologies
- How to deploy mobile devices securely
- How to implement secure protocols
- How to explain use cases and purpose for frameworks, best practices and secure configuration guides
- How to implement secure network architecture concepts and secure systems design
- How to explain the importance of secure staging deployment concepts
- How to explain the security implications of embedded systems
- How to summarize secure application development and deployment concepts
- How to summarize cloud and virtualization concepts
- How to explain how resiliency and automation strategies reduce risk
- How to explain the importance of physical security controls
- How to compare and contrast identity and access management concepts
- How to install and configure identity and access services
- How to implement identity and access management controls and how to differentiate common account management practices
- How to explain the importance of policies, plans and procedures related to organizational security
- How to summarize business impact analysis concepts
- How to explain risk management processes and concepts
- How to follow incident response procedures
- How to summarize basic concepts of forensics
- How to explain disaster recovery and continuity of operation concepts
- How to compare and contrast various types of controls
- How to carry out data security and privacy practices
- How to compare and contrast basic concepts of cryptography and how to explain cryptography algorithms and their basic characteristics
- How to install and configure wireless security settings
- How to implement public key infrastructure
This path does not require any prior knowledge or experience.
Register for FREE. Get your Pluralsight IQ.
You’ll get unlimited access to adaptive skill assessments that help you validate your skills in as little as 5 minutes, and you'll get to see the Pluralsight platform first-hand.