CompTIA Security+ Certification Exam SY0-601
The CompTIA Security+ exam will certify that you have the knowledge and skills required to assess the security posture of an enterprise environment, recommend and implement appropriate security solutions, monitor and secure hybrid environments, operate with an awareness of applicable laws and policies, and identify, analyses, and respond to security events and incidents.
Recommended Prerequisite:
(a) Basic understanding of Operating Systems and computer networking
(b) 0-2 years of IT experience
Possible Job Roles:
Security Administrator
Systems Administrator
Helpdesk Manager / Analyst
Network / Cloud Engineer
Security Engineer / Analyst
DevOps / Software Developer
IT Auditors
IT Project Manager
1 – COMPARING SECURITY ROLES AND CONTROLS
Topic 1A: Compare and Contrast Information Security Roles
Topic 1B: Compare and Contrast Security Control and Framework Types
2 – EXPLAINING THREAT ACTORS AND THREAT INTELLIGENCE
Topic 2A: Explain Threat Actor Types and Attack Vectors
3 – PERFORMING SECURITY ASSESSMENTS
Topic 3A: Assess Organizational Security with Network Reconnaissance Tools
Topic 3B: Explain Security Concerns with General Vulnerability Types
Topic 3C: Summarize Vulnerability Scanning Techniques
Topic 3D: Explain Penetration Testing Concepts
4 – IDENTIFYING SOCIAL ENGINEERING AND MALWARE
Topic 4A: Compare and Contrast Social Engineering Techniques
Topic 4B: Analyze Indicators of Malware-Based Attacks
5 – SUMMARIZING BASIC CRYPTOGRAPHIC CONCEPTS
Topic 5A: Compare and Contrast Cryptographic Ciphers
Topic 5B: Summarize Cryptographic Modes of Operation
Topic 5C: Summarize Cryptographic Use Cases and Weaknesses
Topic 5D: Summarize Other Cryptographic Technologies
6 – IMPLEMENTING PUBLIC KEY INFRASTRUCTURE
Topic 6A: Implement Certificates and Certificate Authorities
Topic 6B: Implement PKI Management
7 – IMPLEMENTING AUTHENTICATION CONTROLS
Topic 7A: Summarize Authentication Design Concepts
Topic 7B: Implement Knowledge-Based Authentication
Topic 7C: Implement Authentication Technologies
Topic 7D: Summarize Biometrics Authentication Concepts
8 – IMPLEMENTING IDENTITY AND ACCOUNT MANAGEMENT CONTROLS
Topic 8A: Implement Identity and Account Types
Topic 8B: Implement Account Policies
Topic 8C: Implement Authorization Solutions
Topic 8D: Explain the Importance of Personnel Policies
9 – IMPLEMENTING SECURE NETWORK DESIGNS
Topic 9A: Implement Secure Network Designs
Topic 9B: Implement Secure Switching and Routing
Topic 9C: Implement Secure Wireless Infrastructure
Topic 9D: Implement Load Balancers
10 – IMPLEMENTING NETWORK SECURITY APPLIANCES
Topic 10A: Implement Firewalls and Proxy Servers
Topic 10B: Implement Network Security Monitoring
Topic 10C: Summarize the Use of SIEM
11 – IMPLEMENTING SECURE NETWORK PROTOCOLS
Topic 11A: Implement Secure Network Operations Protocols
Topic 11B: Implement Secure Application Protocols
Topic 11C: Implement Secure Remote Access Protocols
12 – IMPLEMENTING HOST SECURITY SOLUTIONS
Topic 12A: Implement Secure Firmware
Topic 12B: Implement Endpoint Security
Topic 12C: Explain Embedded System Security Implications
13 – IMPLEMENTING SECURE MOBILE SOLUTIONS
Topic 13A: Implement Mobile Device Management
Topic 13B: Implement Secure Mobile Device Connections
14 – SUMMARIZING SECURE APPLICATION CONCEPTS
Topic 14A: Analyze Indicators of Application Attacks
Topic 14B: Analyze Indicators of Web Application Attacks
Topic 14C: Summarize Secure Coding Practices
Topic 14D: Implement Secure Script Environments
Topic 14E: Summarize Deployment and Automation Concepts
15 – IMPLEMENTING SECURE CLOUD SOLUTIONS
Topic 15A: Summarize Secure Cloud and Virtualization Services
Topic 15B: Apply Cloud Security Solutions
Topic 15C: Summarize Infrastructure as Code Concepts
16 – EXPLAINING DATA PRIVACY AND PROTECTION CONCEPTS
Topic 16A: Explain Privacy and Data Sensitivity Concepts
Topic 16B: Explain Privacy and Data Protection Controls
17 – PERFORMING INCIDENT RESPONSE
Topic 17A: Summarize Incident Response Procedures
Topic 17B: Utilize Appropriate Data Sources for Incident Response
Topic 17C: Apply Mitigation Controls
18 – EXPLAINING DIGITAL FORENSICS
Topic 18A: Explain Key Aspects of Digital Forensics Documentation
Topic 18B: Explain Key Aspects of Digital Forensics Evidence Acquisition
19 – SUMMARIZING RISK MANAGEMENT CONCEPTS
Topic 19A: Explain Risk Management Processes and Concepts
20 – IMPLEMENTING CYBERSECURITY RESILIENCE
Topic 20A: Implement Redundancy Strategies
Topic 20B: Implement Backup Strategies
Topic 20C: Implement Cybersecurity Resiliency Strategies
21 – EXPLAINING PHYSICAL SECURITY
Topic 21A: Explain the Importance of Physical Site Security Controls
Topic 21B: Explain the Importance of Physical Host Security Controls
