CompTIA Security+ (Custom)

The Security+ Certification Study Guide will teach you the fundamental principles of installing and configuring cybersecurity controls and participating in incident response and risk mitigation. It will prepare you to take the CompTIA Security+ SY0-501 exam by providing 100% coverage of the objectives and content examples listed on the syllabus.

After reading the text, you will be able to:

  • Identify strategies developed by cyber adversaries to attack networks and hosts and the countermeasures deployed to defend them.
  • Understand the principles of organizational security and the elements of effective security policies.
  • Know the technologies and uses of cryptographic standards and products.
  • Install and configure network- and host-based security technologies.
  • Describe how wireless and remote access security is enforced.
  • Describe the standards and products used to enforce security on web and communications technologies.
  • Identify strategies for ensuring business continuity, fault tolerance, and disaster recovery.
  • Summarize application and coding vulnerabilities and identify development and deployment methods designed to mitigate them.
  • Prerequisites

To get the most out of the CompTIA Security+ Study Guide and be able to prepare for your exam you should have successfully passed the CompTIA Network+ certification exam and have acquired 24 months of experience in networking support and IT administration. We also recommend the following skills and knowledge before starting this course:

  • Use a keyboard and mouse.
  • Know the function and basic features of PC components.
  • Able to use Windows to create and manage files and use basic administrative features (Explorer, Control Panel and Management Consoles).
  • Know basic network terminology and functions (such as OSI Model, topology, Ethernet, TCP/IP, switches and routers).
  • Understand TCP/IP addressing, core protocols and troubleshooting tools.

Kurikulum Kursus

  • Modul 1

    Identifying Social Engineering and Malware

    • Environment Lab Preparation for Lab 4.1
    • Compare and Contrast Social Engineering Techniques
    • Social Engineering Principles
    • Impersonation and Trust
    • Dumpster Diving and Tailgating
    • Identity Fraud and Invoice Scams
    • Phishing, Whaling, and Vishing
    • Spam, Hoaxes, and Prepending
    • Pharming and Credential Harvesting
    • Influence Campaigns
    • Analyze Indicators of Malware-Based Attacks
    • Malware Classification
    • Computer Viruses
    • Computer Worms and Fileless Malware
    • Spyware and Keyloggers
    • Backdoors and Remote Access Trojans
    • Rootkits
    • Ransomware, Crypto-Malware, and Logic Bombs
    • Malware Indicators
    • Process Analysis
    • Lab 1: Analyze Indicators of Social Engineering-Based Attacks (PBQ)
    • kuis 1
  • Modul 2

    Summarizing Basic Cryptographic Concepts

    • Compare and Contrast Cryptographic Ciphers
    • Cryptographic Concepts
    • Hashing Algorithms
    • Encryption Ciphers and Keys
    • Symmetric Encryption
    • Stream and Block Ciphers
    • Asymmetric Encryption
    • Public Key Cryptography Algorithms
    • Summarize Cryptographic Modes of Operation
    • Digital Signatures
    • Digital Envelopes and Key Exchange
    • Digital Certificates
    • Perfect Forward Secrecy
    • Cipher Suites and Modes of Operation
    • Authenticated Modes of Operation
    • Summarize Cryptographic Use Cases and Weaknesses
    • Cryptography Supporting Authentication and Non-repudiation
    • Cryptography Supporting Confidentiality
    • Cryptography Supporting Integrity and Resiliency
    • Cryptographic Performance Limitations
    • Cryptographic Security Limitations
    • Longevity and Cryptographic Attacks
    • Man-in-the-Middle and Downgrade Attacks
    • Key Stretching and Salting
    • Collisions and the Birthday Attack
    • Summarize Other Cryptographic Technologies
    • Quantum and Post-quantum
    • Homomorphic Encryption
    • Steganography
    • kuis 2
  • Modul 3

    Implementing Public Key Infrastructure

    • Implement Certificates and Certificate Authorities
    • Public and Private Key Usage
    • Certificate Authorities
    • PKI Trust Models
    • Registration Authorities and CSRs
    • Digital Certificates
    • Certificate Attributes
    • Subject Name Attributes
    • Types of Certificate
    • Web Server Certificate Types
    • Other Certificate Types
    • Implement PKI Management
    • Certificate and Key Management
    • Key Recovery and Escrow
    • Certificate Expiration
    • Certificate Revocation Lists
    • Online Certificate Status Protocol Responders
    • Certificate Pinning
    • Certificate Formats
    • OpenSSL
    • Certificate Issues
    • Lab 3: Implement Certificates and Certificate Authorities (PBQ)
    • kuis 3
  • Modul 4

    Implementing Secure Network Designs

    • Implement Secure Network Designs
    • Business Workflows and Network Architecture
    • Network Appliances
    • Routing and Switching Protocols
    • Network Segmentation
    • Network Topology and Zones
    • Demilitarized Zones
    • Demilitarized Zone Topologies
    • Screened Hosts
    • Implications of IPv6
    • Other Secure Network Design Considerations
    • Implement Secure Switching and Routing
    • Man-in-the-Middle and Layer 2 Attacks
    • ARP Poisoning and MAC Flooding Attacks
    • Loop Prevention
    • Physical Port Security and MAC Filtering
    • Network Access Control
    • Route Security
    • Implement Secure Wireless Infrastructure
    • Wireless Network Installation Considerations
    • Controller and Access Point Security
    • Wi-Fi Protected Access
    • Wi-Fi Authentication Methods
    • Wi-Fi Protected Setup
    • Open Authentication and Captive Portals
    • Enterprise/IEEE 802.1X Authentication
    • Extensible Authentication Protocol
    • PEAP, EAP-TTLS, and EAP-FAST
    • RADIUS Federation
    • Rogue Access Points and Evil Twins
    • Disassociation and Replay Attacks
    • Jamming Attacks
    • Implement Load Balancers
    • Distributed Denial of Service Attacks
    • Amplification, Application, and OT Attacks
    • Distributed Denial of Service Attack Mitigation
    • Load Balancing
    • Clustering
    • Quality of Service (QoS)
    • Lab 4: Implement Secure Switching and Routing (PBQ)
    • Lab 4.1: Firewall NAT Rules
    • kuis 4
  • Modul 5

    Implementing Network Security Appliances

    • Implement Firewalls and Proxy Servers
    • Packet Filtering Firewalls
    • Stateful Inspection Firewalls
    • iptables
    • Firewall Implementation
    • Proxies and Gateways
    • Access Control Lists
    • Network Address Translation
    • Virtual Firewalls
    • Open-source versus Proprietary Firewalls
    • Implement Network Security Monitoring
    • Network-Based Intrusion Detection Systems
    • TAPs and Port Mirrors
    • Network-Based Intrusion Prevention Systems
    • Signature-Based Detection
    • Behavior and Anomaly-Based Detection
    • Next-generation Firewalls and Content Filters
    • Host-Based Intrusion Detection Systems
    • Web Application Firewalls
    • Summarize the Use of SIEM
    • Monitoring Services
    • Security Information and Event Management
    • Analysis and Report Review
    • File Manipulation
    • Regular Expressions and grep
    • Lab 5: Implement Firewalls and Proxy Servers (PBQ)
    • Lab 5.1: Intrusion Detection/Prevention System [ID]
    • kuis 5
  • Modul 6

    Implementing Secure Network Protocols

    • Implement Secure Network Operations Protocols
    • DOMAIN NAME RESOLUTION
    • DNS POISONING
    • DNS SECURITY
    • SECURE DIRECTORY SERVICES
    • TIME SYNCHRONIZATION
    • Implement Secure Application Protocols
    • TRANSPORT LAYER SECURITY
    • API CONSIDERATIONS
    • FILE TRANSFER SERVICES
    • EMAIL SERVICES
    • SECURE/MULTIPURPOSE INTERNET MAIL EXTENSIONS
    • VOICE AND VIDEO SERVICES
    • Implement Secure Remote Access Protocols
    • TRANSPORT LAYER SECURITY VPN
    • INTERNET PROTOCOL SECURITY
    • IPSEC TRANSPORT AND TUNNEL MODES
    • INTERNET KEY EXCHANGE
    • LAYER 2 TUNNELING PROTOCOL AND IKE V2
    • VPN CLIENT CONFIGURATION
    • REMOTE DESKTOP
    • OUT-OF-BAND MANAGEMENT AND JUMP SERVERS
    • SECURE SHELL
    • Lab 6: Implement Secure Remote Access Protocols (PBQ)
    • kuis 6
  • Modul 7

    Summarizing Secure Application Concepts

    • Analyze Indicators of Application Attacks
    • APPLICATION ATTACKS
    • OVERFLOW VULNERABILITIES
    • NULL POINTER DEREFERENCING AND RACE CONDITIONS
    • MEMORY LEAKS AND RESOURCE EXHAUSTION
    • DLL INJECTION AND DRIVER MANIPULATION
    • PASS THE HASH ATTACK
    • Analyze Indicators of Web Application Attacks
    • UNIFORM RESOURCE LOCATOR ANALYSIS
    • APPLICATION PROGRAMMING INTERFACE ATTACKS
    • REPLAY ATTACKS
    • SESSION HIJACKING AND CROSS-SITE REQUEST FORGERY
    • CROSS-SITE SCRIPTING
    • STRUCTURED QUERY LANGUAGE INJECTION ATTACKS
    • XML AND LDAP INJECTION ATTACKS
    • DIRECTORY TRAVERSAL AND COMMAND INJECTION ATTACKS
    • SERVER-SIDE REQUEST FORGERY
    • Summarize Secure Coding Practices
    • SECURE CODING TECHNIQUES
    • SERVER-SIDE VERSUS CLIENT-SIDE VALIDATION
    • DATA EXPOSURE AND MEMORY MANAGEMENT
    • SECURE CODE USAGE
    • STATIC CODE ANALYSIS
    • Implement Secure Script Environments
    • SCRIPTING
    • PYTHON SCRIPT ENVIRONMENT
    • POWERSHELL SCRIPT ENVIRONMENT
    • EXECUTION CONTROL
    • MALICIOUS CODE INDICATORS
    • POWERSHELL MALICIOUS INDICATORS
    • BASH AND PYTHON MALICIOUS INDICATORS
    • MACROS AND VISUAL BASIC FOR APPLICATIONS (VBA)
    • MAN-IN-THE-BROWSER ATTACK
    • Summarize Deployment and Automation Concepts
    • SECURE APPLICATION DEVELOPMENT ENVIRONMENTS
    • PROVISIONING, DEPROVISIONING, AND VERSION CONTROL
    • AUTOMATION/SCRIPTING RELEASE PARADIGMS
    • SOFTWARE DIVERSITY
    • Lab 7: Implement Secure Script Environments (PBQ)
    • Lab 7.1: Enkripsi Disk dengan Linux Unified Key Setup (LUKS)
    • kuis 7
  • Modul 8

    Implementing Secure Cloud Solutions

    • Summarize Secure Cloud and Virtualization Services
    • CLOUD DEPLOYMENT MODELS
    • CLOUD SERVICE MODELS
    • ANYTHING AS A SERVICE
    • SECURITY AS A SERVICE
    • VIRTUALIZATION TECHNOLOGIES AND HYPERVISOR TYPES
    • VIRTUAL DESKTOP INFRASTRUCTURE AND THIN CLIENTS
    • APPLICATION VIRTUALIZATION AND CONTAINER VIRTUALIZATION
    • VM ESCAPE PROTECTION
    • VM SPRAWL AVOIDANCE
    • Apply Cloud Security Solutions
    • CLOUD SECURITY INTEGRATION AND AUDITING
    • CLOUD SECURITY CONTROLS
    • CLOUD COMPUTE SECURITY
    • CLOUD STORAGE SECURITY
    • HIGH AVAILABILITY
    • CLOUD NETWORKING SECURITY
    • VPCS AND TRANSIT GATEWAYS
    • VPC ENDPOINTS
    • CLOUD FIREWALL SECURITY
    • SECURITY GROUPS
    • CLOUD ACCESS SECURITY BROKERS
    • Summarize Infrastructure as Code Concepts
    • SERVICES INTEGRATION AND MICROSERVICES
    • APPLICATION PROGRAMMING INTERFACES
    • SERVERLESS ARCHITECTURE
    • INFRASTRUCTURE AS CODE
    • SOFTWARE-DEFINED NETWORKING
    • SOFTWARE-DEFINED VISIBILITY
    • FOG AND EDGE COMPUTING
    • Lab 8: Apply Cloud Security Solutions (PBQ)
    • Lab 8.1: Linux Security Assessment Dengan OpenSCAP
    • kuis 8

Reviews (7)

4.7

Course Rating

derson adianto

20 Okt. 2022, 14.26

kelas terbaik 🫰🏻🫰🏻

Muhamad Fadhil Daksana

19 Okt. 2022, 16.58

mantap

Robby Zidny Ilman

17 Okt. 2022, 15.28

noice

Rayhan Efendi

10 Okt. 2022, 15.01

mantap banget dah

Iqbal Fajar Syahbana

10 Okt. 2022, 13.20

sangat jelas


Level Menengah
testing sec+ custom
22 Sep. 2022 - 20 Okt. 2022

Kategori

security