Menu
CompTIA Security (Course & Lab)
(SY0-401-complete)/ISBN:978-1-61691-516-2
Start preparing for CompTIA Security+ certification exam with CompTIA Security+ course and performance-based labs. Performance-based labs simulate real-world, hardware, software & command line interface environments and can be mapped to any text-book, course & training. CompTIA Security course and performance-based labs cover all the objectives of CompTIA Security+ SY0-401 exam which include the application of security controls to maintain confidentiality, integrity, and availability; identification of appropriate technologies and products; troubleshooting security events and incidents, and much more.
Here's what you will get
CompTIA Security+ is a standalone certification from CompTIA with the exam code SY0-401. This certification covers the most important principles for securing a network and managing risk. The CompTIA Network+ certification is recommended before taking the Security+ exam. CompTIA Security+ is an entry-level, international, vendor-neutral credential designed for IT security professionals to identify risk, participate in risk mitigation activities, provide infrastructure, information, operational, and application security.
Lessons
14+ Lessons | 235+ Exercises | 123+ Quizzes | 730+ Flashcards | 730+ Glossary of terms
TestPrep
94+ Pre Assessment Questions | 5+ Full Length Tests | 108+ Post Assessment Questions | 460+ Practice Test Questions
Hands-On Labs
141+ LiveLab | 55+ Video tutorials | 44+ Minutes
Video Lessons
48+ Videos | 05:47+ Hours
Need guidance and support? Click here to check our Instructor Led Course.
Here's what you will learn
Download Course OutlineLessons 1: Measuring and Weighing Risk
- Risk Assessment
- Developing Policies, Standards, and Guidelines
- Summary
- Exam Essentials
Lessons 2: Monitoring and Diagnosing Networks
- Monitoring Networks
- Understanding Hardening
- Securing the Network
- Security Posture
- Reporting Security Issues
- Differentiating between Detection Controls and Prevention Controls
- Summary
- Exam Essentials
Lessons 3: Understanding Devices and Infrastructure
- Mastering TCP/IP
- Designing a Secure Network
- Understanding the Various Network Infrastructure Devices
- Summary
- Exam Essentials
Lessons 4: Access Control, Authentication, and Authorization
- Understanding Access Control Basics
- Understanding Remote Access Connectivity
- Understanding Authentication Services
- Understanding Access Control
- Implementing Access Controlling Best Practices
- Summary
- Exam Essentials
Lessons 5: Protecting Wireless Networks
- Working with Wireless Systems
- Understanding Wireless Devices
- Wireless Vulnerabilities to Know
- Summary
- Exam Essentials
Lessons 6: Securing the Cloud
- Working with Cloud Computing
- Working with Virtualization
- Security and the Cloud
- Summary
- Exam Essentials
Lessons 7: Host, Data, and Application Security
- Application Hardening
- Host Security
- Protecting Data Through Fault Tolerance
- Application Security
- Best Practices for Security
- Summary
- Exam Essentials
Lessons 8: Cryptography
- An Overview of Cryptography
- Modern Cryptography
- Using Cryptographic Systems
- Understanding Cryptography Standards and Protocols
- Using Public Key Infrastructure
- Summary
- Exam Essentials
Lessons 9: Malware, Vulnerabilities, and Threats
- Understanding Malware
- Surviving Viruses
- Understanding Various Types of Attacks
- Identifying Types of Application Attacks
- Tools for Finding Threats
- Summary
- Exam Essentials
Lessons 10: Social Engineering and Other Foes
- Understanding Social Engineering
- Understanding Physical Security
- Environmental Controls
- Control Types
- Data Policies
- Summary
- Exam Essentials
Lessons 11: Security Administration
- Third-Party Integration
- Understanding Security Awareness and Training
- Classifying Information
- Information Access Controls
- Complying with Privacy and Security Regulations
- Mobile Devices
- Alternative Methods to Mitigate Security Risks
- Summary
- Exam Essentials
Lessons 12: Disaster Recovery and Incident Response
- Issues Associated with Business Continuity
- Reinforcing Vendor Support
- Penetration Testing
- Summary
- Exam Essentials
Lessons 13: Video Tutorials
- Introduction
- Security Fundamentals and Controls
- Security and Risk
- Business Continuity and Load Balancing
- Threats, Vulnerabilities, and Assessment Tools
- Application, Data, and Host Security
- Access Control and Identity Management
- Security Controls and Cryptography
- Virtual Private Networks
- Conclusion
Lessons 14: Mapping Videos to CompTIA® Security+® Exam SY0-401
Hands-on LAB Activities (Performance Labs)
Measuring and Weighing Risk
- Identifying risk actions
- Identifying service associated with cloud computing
- Understanding measures of risk calculation
- Understanding key areas of policy implementation
- Identifying areas to consider for the business policy
- Downloading the Windows 7 service pack
- Identifying key aspects of standard documents
- Identifying policies
Monitoring and Diagnosing Networks
- Viewing different event details
- Viewing details of an event in Windows Server
- Viewing the current version of BIOS
- Understanding methods of OS hardening
- Installing the Web Server IIS server role
- Sharing a folder with a different user on a single computer
- Configuring NPS Accounting
- Creating a network bridge
- Deleting the web browsing history
- Understanding security posture methods
- Understanding key areas of reporting
Understanding Devices and Infrastructure
- Understanding email protocols
- Viewing the ARP table
- Identifying TCP/IP architecture layer protocols
- Understanding application layer protocols
- Understanding Internet layer protocols
- Understanding TCP/IP protocols
- Identifying TCP ports
- Identifying ports and services
- Identifying primary areas of security topologies
- Understanding protocols
- Identifying the tunnel
- Identifying technologies to create less vulnerable networks
- Understanding the network infrastructure devices
- Spotting the intranet network
- Identifying Intrusion detection key terms
- Understanding passive responses of intrusion
- Identifying device for network connectivity
- Identifying PBX system layers
- Understanding router protocols
- Identifying sequence in which the IDS instructs the TCP to reset connections
- Understanding the network devices
- Configuring the settings in Content Advisor
- Working with a host-based IDS
- Joining SpyNet community using Windows Defender
- Scanning the computer
- Viewing the update history and details
- Identifying types of firewall
Access Control, Authentication, and Authorization
- Viewing disk configuration
- Identifying authentication protocols
- Creating a hash rule in Windows Server 2012
- Customizing group and user access with MMC
- Turning off the guest account
- Viewing the Generate Random Password screenshot
- Configuring NPS to provide RADIUS authentication
- Identifying tunneling protocols
- Configuring NPS network policy
- Understanding LDAP names
- Identifying authentication services
- Enabling the network policy server
- Identifying types of authentication services
- Identifying access control methods
- Performing XArp software installation
- Protecting a computer by blocking communications
- Blocking a connection
- Understanding evaluation assurance levels
- Configuring account time limits
Protecting Wireless Networks
- Identifying wireless protocols
- Understanding technologies used to communicate in the 802.11 standard
- Enabling LMHOSTS lookup
- Understanding WAP security levels
- Configuring wireless network settings
Securing the Cloud
- Identifying cloud computing service models
- Understanding primary virtualization topics
- Editing a virtual hard disk file
- Understanding cloud models
Host, Data, and Application Security
- Identifying methods of updating an operating system
- Understanding models for improving system performance
- Configuring IE settings to avoid disruption in computer operations
- Configuring Windows firewall settings
- Downloading and installing the Avast antivirus, and scanning the system
- Installing the FTP server under the Web Server role
- Creating DNS domains
- Configuring pop-up blocker settings
- Creating a new inbound rule
Cryptography
- Mounting and dismounting an encrypted volume
- Identifying approaches of non-mathematical cryptography
- Identifying asymmetric algorithms
- Identifying hashing algorithm
- Understanding code-breaking techniques
- Creating a virtual volume
- Encrypting and decrypting a message
- Encrypting and decrypting a message using the RSA algorithm
- Checking the integrity of messages through MAC values
- Identifying protocols for secure connections
- Creating and backing up an encryption certificate
- Backing up an encryption certificate and key
- Viewing memory usage of programs
- Adding counters
- Encrypting a picture
- Understanding public cryptographic initiatives
- Understanding PKCS standards
- Adding the Active Directory Certificate Services role
- Understanding trust models
- Identifying the authority process
- Examining certificate details
- Examining the Microsoft Root Authority certificate details
- Understanding PKI trust models
- Installing a subordinate Certification Authority
- Enabling BitLocker
- Managing the certificate server using the mmc tool
Malware, Vulnerabilities, and Threats
- Identifying the filename extension
- Identifying types of malware
- Viewing the running processes of all the users
- Identifying types of viruses
- Understanding classification of viruses
- Identifying attacks
- Determining vulnerability of a network to attacks
- Identifying types of system attack
- Preventing IP address spoofing
- Understanding web-based applications
- Understanding types of application attacks
- Identifying security factors
- Identifying vulnerability scanning tasks
Social Engineering and Other Foes
- Identifying social engineering attacks
- Identifying measures for spamming protection
- Identifying physical security devices
- Identifying retardants of fire extinguishers
Security Administration
- Identifying causes of compromised security
- Understanding information categories
- Identifying Information models
- Understanding acts to ensure privacy of information
- Understanding security measures for mobile devices
Disaster Recovery and Incident Response
- Identifying storage mechanism
- Identifying auditing processes
- Identifying backup types
- Understanding backup plans
- Identifying various alternate site
- Identifying steps to be followed on occurrence of an incident
- Identifying SLAs measures
- Identifying ethical hacking approaches
- Performing penetration testing
- Identifying testing types
Exam FAQs
CompTIA Network+ and two years of experience in IT administration with a focus on security.
USD 330
Pricing and taxes may vary from country to country.
Multiple choice and performance-based
The exam contains 90 questions.
90 minutes
750
(on a scale of 100-900)
In the event that you fail your first attempt at passing the SY0-401 examination, CompTIA's retake policy is:
- CompTIA does not require a waiting period between the first and second attempt to pass such examination. However, if you need a third or subsequent attempt to pass the examination, you shall be required to wait for a period of at least 14 calendar days from the date of your last attempt before you can retake the exam.
- If a candidate has passed an exam, he/she cannot take it again without prior consent from CompTIA.
- A test result found to be in violation of the retake policy will not be processed, which will result in no credit awarded for the test taken. Repeat violators will be banned from participation in the CompTIA Certification Program.
- Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer free re-tests or discounts on retakes.
CompTIA Security+ certification are valid for three years from the date the candidate is certified, after which the certification holder will need to renew their certification via CompTIA's Continuing Education Program.