- Tel: +44 (0)1275 859666
CA03 - CompTIA Security+ Certification - 5 Days
Course Description
Customisation
For on-site courses (i.e. at your premises), we are more than happy to tailor the course agenda to suit your exact requirements. In many cases, we are able to build your in-house standards and naming conventions into the delivered course.
Course Details
Threats, Attacks and Vulnerabilities
- Compare and contrast different types of social engineering techniques
- Phishing
- Smishing
- Vishing
- Spam
- Spam over Internet messaging (SPIM)
- Spear phishing
- Dumpster diving
- Shoulder surfing
- Pharming
- Tailgating
- Eliciting information
- Whaling
- Prepending
- Identity fraud
- Invoice scams
- Credential harvesting
- Reconnaissance
- Hoax
- Impersonation
- Watering hole attack
- Typo squatting
- Influence campaigns
- Principles (reasons for effectiveness)
- Phishing
- Given a scenario, analyze potential indicators to determine the type of attack
- Malware
- Password attacks
- Physical attacks
- Adversarial artificial intelligence (AI)
- Supply-chain attacks
- Cloud-based vs. on-premises attacks
- Cryptographic attacks
- Password attacks
- Given a scenario, analyze potential indicators associated with application attacks
- Privilege escalation
- Cross-site scripting
- Injections
- Pointer/object dereference
- Directory traversal
- Buffer overflows
- Race conditions
- Error handling
- Improper input handling
- Replay attack
- Integer overflow
- Request forgeries
- Application programming interface (API) attacks
- Resource exhaustion
- Memory leak
- Secure sockets layer (SSL) stripping
- Driver manipulation
- Pass the hash
- Cross-site scripting
- Given a scenario, analyze potential indicators associated with network attacks
- Wireless
- Man in the middle
- Man in the browser
- Layer 2 attacks
- Domain name system (DNS)
- Distributed denial of service (DDoS)
- Malicious code or script execution
- Man in the middle
- Explain different threat actors, vectors, and intelligence sources
- Actors and threats
- Attributes of actors
- Vectors
- Threat intelligence sources
- Research sources
- Attributes of actors
- Explain the security concerns associated with various types of vulnerabilities
- Cloud-based vs. on-premises vulnerabilities
- Zero-day
- Weak configurations
- Third-party risks
- Improper or weak patch management
- Legacy platforms
- Impacts
- Zero-day
- Summarize the techniques used in security assessments
- Threat hunting
- Vulnerability scans
- Syslog/Security information and event management (SIEM)
- Security orchestration, automation, response (SOAR)
- Vulnerability scans
- Explain the techniques used in penetration testing
- Penetration testing
- Passive and active reconnaissance
- Exercise types
- Passive and active reconnaissance
Architecture and Design
- Explain the importance of security concepts in an enterprise environment
- Configuration management
- Data sovereignty
- Data protection
- Hardware security module (HSM)
- Geographical considerations
- Cloud access security broker (CASB)
- Response and recovery controls
- Secure Sockets Layer (SSL)/Transport Layer Security (TLS) inspection
- Hashing
- API considerations
- Site resiliency
- Deception and disruption
- Configuration management
- Summarize virtualization and cloud computing concepts
- Cloud models
- Cloud service providers
- Managed service provider (MSP)/Managed security service provider (MSSP)
- On-premises vs. off-premises
- Fog computing
- Edge computing
- Thin client
- Containers
- Micro-services/API
- Infrastructure as code
- Serverless architecture
- Services integration
- Resource policies
- Transit gateway
- Virtualization
- Cloud service providers
- Summarize secure application development, deployment, and automation concepts
- Environment
- Provisioning and deprovisioning
- Integrity measurement
- Secure coding techniques
- Open Web Application Security Project (OWASP)
- Software diversity
- Automation/scripting
- Elasticity
- Scalability
- Version control
- Provisioning and deprovisioning
- Summarize authentication and authorization design concepts
- Authentication methods
- Biometrics
- Multifactor authentication (MFA) factors and attributes
- Authentication, authorization, and accounting (AAA)
- Cloud vs. on-premises requirements
- Biometrics
- Given a scenario, implement cybersecurity resilience
- Redundancy
- Replication
- On-premises vs. cloud
- Backup types
- Non-persistence
- High availability
- Restoration order
- Diversity
- Replication
- Explain the security implications of embedded and specialized systems
- Embedded systems
- System control and data acquisition (SCADA)/industrial control system (ICS)
- Internet of Things (IoT)
- Specialized
- Voice over IP (VoIP)
- Heating, ventilation, air conditioning (HVAC)
- Drones/AVs
- Multifunction printer (MFP)
- Real-time operating system (RTOS)
- Surveillance systems
- System on chip (SoC)
- Communication considerations
- Constraints
- System control and data acquisition (SCADA)/industrial control system (ICS)
- Explain the importance of physical security controls
- Bollards/barricades
- Mantraps
- Badges
- Alarms
- Signage
- Cameras
- Closed-circuit television (CCTV)
- Industrial camouflage
- Personnel
- Locks
- USB data blocker
- Lighting
- Fencing
- Fire suppression
- Sensors
- Drones/UAV
- Visitor logs
- Faraday cages
- Air gap
- Demilitarized zone (DMZ)
- Protected cable distribution
- Secure areas
- Secure data destruction
- Mantraps
- Summarize the basics of cryptographic concepts
- Digital signatures
- Key length
- Key stretching
- Salting
- Hashing
- Key exchange
- Elliptical curve cryptography
- Perfect forward secrecy
- Quantum
- Post-quantum
- Ephemeral
- Modes of operation
- Blockchain
- Cipher suites
- Symmetric vs. asymmetric
- Lightweight cryptography
- Steganography
- Homomorphic encryption
- Common use cases
- Limitations
- Key length
Implementation
- Given a scenario, implement secure protocols
- Protocols
- Use cases
- Protocols
- Given a scenario, implement host or application security solutions
- Endpoint protection
- Boot integrity
- Database
- Application security
- Hardening
- Self-encrypting drive (SED)/full disk encryption (FDE)
- Hardware root of trust
- Trusted Platform Module (TPM)
- Sandboxing
- Boot integrity
- Given a scenario, implement secure network designs
- Load balancing
- Network segmentation
- Virtual private network (VPN)
- DNS
- Network access control (NAC)
- Out-of-band management
- Port security
- Network appliances
- Access control list (ACL)
- Route security
- Quality of service (QoS)
- Implications of IPv6
- Port spanning/port mirroring
- Monitoring services
- File integrity monitors
- Network segmentation
- Given a scenario, install and configure wireless security settings
- Cryptographic protocols
- Authentication protocols
- Methods
- Installation considerations
- Authentication protocols
- Given a scenario, implement secure mobile solutions
- Connection methods and receivers
- Mobile device management (MDM)
- Mobile devices
- Enforcement and monitoring
- Deployment models
- Mobile device management (MDM)
- Given a scenario, apply cybersecurity solutions to the cloud
- Cloud security controls
- Solutions
- Cloud native controls vs. third-party solutions
- Solutions
- Given a scenario, implement identity and account management controls
- Identity
- Account types
- Account policies
- Account types
- Given a scenario, implement authentication and authorization solutions
- Authentication management
- Authentication
- Access control schemes
- Authentication
- Given a scenario, implement public key infrastructure
- Public key infrastructure (PKI)
- Types of certificates
- Certificate formats
- Concepts
- Types of certificates
Operations and Incident Response
- Given a scenario, use the appropriate tool to assess organizational security
- Network reconnaissance and discovery
- File manipulation
- Shell and script environments
- Packet capture and replay
- Forensics
- Exploitation frameworks
- Password crackers
- Data sanitization
- Network reconnaissance and discovery
- Summarize the importance of policies, processes, and procedures for incident response
- Incident response plans
- Incident response process
- Exercises
- Attack frameworks
- Stakeholder management
- Communication plan
- Disaster recovery plan
- Business continuity plan
- Continuity of operation planning (COOP)
- Incident response team
- Retention policies
- Incident response process
- Given an incident, utilize appropriate data sources to support an investigation
- Vulnerability scan output
- SIEM dashboards
- Log files
- syslog/rsyslog/syslog-ng
- journalctl
- nxlog
- Retention
- Bandwidth monitors
- Metadata
- Netflow/sflow
- Protocol analyzer output
- SIEM dashboards
- Given an incident, apply mitigation techniques or controls to secure an environment
- Reconfigure endpoint security solutions
- Configuration changes
- Isolation
- Containment
- Segmentation
- Secure Orchestration, Automation, and Response (SOAR)
- Configuration changes
- Explain the key aspects of digital forensics
- Documentation/evidence
- Acquisition
- On-premises vs. cloud
- Integrity
- Preservation
- E-discovery
- Data recovery
- Non-repudiation
- Strategic intelligence/counterintelligence
- Acquisition
Governance, Risk, and Compliance
- Compare and contrast various types of controls
- Categories
- Control types
- Categories
- Explain the importance of applicable regulations, standards, or frameworks that impact organizational security posture
- Regulations, standards, and legislation
- Key frameworks
- Benchmarks/secure configuration guides
- Key frameworks
- Explain the importance of policies to organizational security
- Personnel
- Diversity of training techniques
- Third-party risk management
- Data
- Credential policies
- Organizational policies
- Diversity of training techniques
- Summarize risk management processes and concepts
- Risk types
- Risk management strategies
- Risk analysis
- Disasters
- Business impact analysis
- Risk management strategies
- Explain privacy and sensitive data concepts in relation to security
- Organizational consequences of privacy breaches
- Notifications of breaches
- Data types
- Privacy enhancing technologies
- Roles and responsibilities
- Information life cycle
- Impact assessment
- Terms of agreement
- Privacy notice
- Notifications of breaches