CompTIA Security+ (Exam SY0-501) Boot Camp - 5 Days
CompTIA® Security+® (Exam SY0-501)
CompTIA® Security+® (Exam SY0-501) is the primary course you will need to take if your job responsibilities include securing network services, devices, and traffic in your organization. You can also take this course to prepare for the CompTIA Security+ certification examination. In this course, you will build on your knowledge of and professional experience with security fundamentals, networks, and organizational security as you acquire the specific skills required to implement basic security services on any type of computer network.
This course can benefit you in two ways. If you intend to pass the CompTIA Security+ (Exam SY0-501) certification examination, this course can be a significant part of your preparation. But certification is not the only key to professional success in the field of computer security. Today's job market demands individuals with demonstrable skills, and the information and activities in this course can help you build your computer security skill set so that you can confidently perform your duties in any security-related role.
In this course, you will implement information security across a variety of different contexts.
- Identify the fundamental components of information security.
- Analyze risk.
- Identify various threats to information security.
- Conduct security assessments to detect vulnerabilities.
- Implement security for hosts and software.
- Implement security for networks.
- Manage identity and access.
- Implement cryptographic solutions in the organization.
- Implement security at the operational level.
- Address security incidents.
- Ensure the continuity of business operations in the event of an incident.
This course is targeted toward the information technology (IT) professional who has networking and administrative skills in Windows®-based Transmission Control Protocol/Internet Protocol (TCP/IP) networks; familiarity with other operating systems, such as macOS®, Unix, or Linux; and who wants to further a career in IT by acquiring foundational knowledge of security topics; preparing for the CompTIA Security+ certification examination; or using Security+ as the foundation for advanced security certifications or career roles.
To ensure your success in this course, you should possess basic Windows user skills and a fundamental understanding of computer and networking concepts. You can obtain this level of skills and knowledge by taking one of the following Logical Operations courses:
- Using Microsoft® Windows® 10
- Microsoft® Windows® 10 Transition from Windows® 7
CompTIA A+ and Network+ certifications, or equivalent knowledge, and six to nine months’ experience in networking, including configuring security parameters, are strongly recommended. Students can obtain this level of skill and knowledge by taking any of the following CHOICE courses:
- CompTIA® A+®: A Comprehensive Approach (Exams 220-901 and 220-902)
- CompTIA® Network+® (Exam N10-006)
Additional introductory courses or work experience in application development and programming, or in network and operating system administration for any software platform or system, are helpful but not required. For instance, to gain experience with managing Windows Server® 2016, you could take any or all of the following CHOICE courses:
- Microsoft® Windows® Server 2016: Install, Store, and Compute
- Microsoft® Windows® Server 2016: Networking
- Microsoft® Windows® Server 2016: Identity
Course-specific Technical Requirements
For this course, you will need one Windows Server® 2016 computer for each student and for the instructor. Make sure that each computer meets the minimum hardware specifications as well as the classroom hardware specifications:
Windows Server 2016
- 1.4 gigahertz (GHz) 64-bit processor that supports the VT-x or AMD-V virtualization instruction set and Second Level Address Translation (SLAT).
- 4 gigabytes (GB) of Random Access Memory (RAM). (8 GB recommended.)
- 80 GB hard disk or larger.
- Super VGA (SVGA) or higher resolution monitor capable of a screen resolution of at least 1024 x 768 pixels, at least 256-color display, and a video adapter with at least 4 MB of memory.
- Bootable DVD-ROM or USB drive.
- Keyboard and mouse or compatible pointing device.
- Gigabit Ethernet adapter (10/100/1000BaseT) and cabling to connect to the classroom network.
- IP addresses that do not conflict with other portions of your network.
- Internet access (contact your local network administrator).
- (Instructor computer only) A display system to project the instructor's computer screen.
- Microsoft® Windows Server® 2016 Standard Edition with sufficient licenses.
Windows Server 2016 requires activation unless you have volume-licensing agreements. There is a grace period for activation. If the duration of your class will exceed the activation grace period (for example, if you are teaching the class over the course of an academic semester), you should activate the installations at some point before the grace period expires. Otherwise, the operating system may stop working before the class ends.
- Miscellaneous third-party software, some of which is included in the course data files:
- Microsoft Baseline Security Analyzer version 2.3 (MBSASetup-x64-EN.msi).
- PsTools Suite version 2.45 (PSTools.zip).
- Cain & Abel version 4.9.56 (ca_setup.exe).
- Recuva version 1.53.1087 (rcsetup153.exe).
- Wireshark version 2.2.5 (Wireshark-win64-2.2.5.exe).
- Nmap version 7.40 (nmap-7.40-setup.exe).
- Snort version 18.104.22.168 (Snort_2_9_6_0_Installer.exe).
- VisualCodeGrepper version 2.1.0 (VCG-Setup.msi).
- DiskCryptor version 1.1.846.118 (dcrypt_setup.exe).
- Sumatra PDF version 3.1.2 (SumatraPDF.exe).
- Puppy Linux (Slacko) version 6.3.2 (slacko64-6.3.2-uefi.iso).
- WinPcap version 4.1.3 (WinPcap_4_1_3.exe).
Due to licensing restrictions, MBSA, PsTools Suite, Cain & Abel, and Recuva are not distributed with the data files. The steps to download these tools are described in the course setup that follows. Note that the URL paths to these downloads may have changed after this course was written. Wireshark, Nmap, Snort, and VisualCodeGrepper are distributed with the course data files under version 2 of the GNU General Public License (GPL). DiskCryptor and Sumatra PDF are distributed under version 3 of the GNU GPL. Puppy Linux is distributed under the GNU Lesser General Public License (LGPL). WinPcap is distributed with the course data files and includes the pertinent licensing information.
The activities in this course were written to the versions of the software noted previously. If new versions of MBSA, PsTools, Cain & Abel, or Recuva have been released when you present this course, make sure to test them with their corresponding activities to note any keying discrepancies.
- If necessary, software for viewing the course slides (instructor machine only).
Lesson 1: Identifying Security Fundamentals
Topic A: Identify Information Security Concepts
Topic B: Identify Basic Security Controls
Topic C: Identify Basic Authentication and Authorization Concepts
Topic D: Identify Basic Cryptography Concepts
Lesson 2: Analyzing Risk
Topic A: Analyze Organizational Risk
Topic B: Analyze the Business Impact of Risk
Lesson 3: Identifying Security Threats
Topic A: Identify Types of Attackers
Topic B: Identify Social Engineering Attacks
Topic C: Identify Malware
Topic D: Identify Software-Based Threats
Topic E: Identify Network-Based Threats
Topic F: Identify Wireless Threats
Topic G: Identify Physical Threats
Lesson 4: Conducting Security Assessments
Topic A: Identify Vulnerabilities
Topic B: Assess Vulnerabilities
Topic C: Implement Penetration Testing
Lesson 5: Implementing Host and Software Security
Topic A: Implement Host Security
Topic B: Implement Cloud and Virtualization Security
Topic C: Implement Mobile Device Security
Topic D: Incorporate Security in the Software Development Lifecycle
Lesson 6: Implementing Network Security
Topic A: Configure Network Security Technologies
Topic B: Secure Network Design Elements
Topic C: Implement Secure Networking Protocols and Services
Topic D: Secure Wireless Traffic
Lesson 7: Managing Identity and Access
Topic A: Implement Identity and Access Management
Topic B: Configure Directory Services
Topic C: Configure Access Services
Topic D: Manage Accounts
Lesson 8: Implementing Cryptography
Topic A: Identify Advanced Cryptography Concepts
Topic B: Select Cryptographic Algorithms
Topic C: Configure a Public Key Infrastructure
Topic D: Enroll Certificates
Topic E: Back Up and Restore Certificates and Private Keys
Topic F: Revoke Certificates
Lesson 9: Implementing Operational Security
Topic A: Evaluate Security Frameworks and Guidelines
Topic B: Incorporate Documentation in Operational Security
Topic C: Implement Security Strategies
Topic D: Manage Data Security Processes
Topic E: Implement Physical Controls
Lesson 10: Addressing Security Incidents
Topic A: Troubleshoot Common Security Issues
Topic B: Respond to Security Incidents
Topic C: Investigate Security Incidents
Lesson 11: Ensuring Business Continuity
Topic A: Select Business Continuity and Disaster Recovery Processes
Topic B: Develop a Business Continuity Plan
Appendix A: Mapping Course Content to CompTIA® Security+® (Exam SY0-501)