CompTIA Security+ (SY0-601) Course with Practice Exam

About the course and exam
About the course and certification
About the course author
Pre-requisites
Tools and tips to help you study more efficiently
Study techniques that will help you pass
What surprised me the most about the exam
Join our Discord community for support and interaction
Acronym definitions and study template

Domain 1 Threats, Attacks, and Vulnerabilities
About threats, attacks, and vulnerabilities

Compare and contrast social engineering techniques
What is social engineering
Principles
Spam
Blocking and Managing Spam
Phishing
Smishing
Vishing
Spear phishing
Whaling
Impersonation
Dumpster diving
Shoulder surfing
Pharming
Tailgating
Eliciting information
Prepending
Identity fraud
Invoice scams
Credentials harvesting
Reconnaissance
Hoax
Watering hole attack
Typo squatting and URL Hijacking
Influence campaigns
Hybrid warfare
Knowledge check

Analyze potential indicators to determine the type of attack
What is malware
Malware classification
Virus
Worms
Backdoor
Trojans
Remote access Trojan (RAT)
Ransomware and Crypto Malware
How does ransomware work
Potentially unwanted programs (PUPs)
Spyware
Adware & Malvertising
Keyloggers
Fileless malware
Logic bombs
Rootkit
Bots and Botnets
Command and control
What are password attacks
Plaintext, encrypted, and hashed passwords
Brute force
Dictionary attacks
Spraying attacks
Rainbow and hash tables
Credential stuffing
What are physical attacks
Malicious universal serial bus (USB) cable
Malicious flash drive
Card cloning
Skimming
What is adversarial AI and tainted training for ML
Supply-chain attacks
Cloud-based vs. on-premises attacks
Cryptography concepts
Cryptographic attacks
Knowledge Check 1.2.1
Knowledge Check 1.2.2
Knowledge Check 1.2.3

Analyze potential indicators associated with application attacks
Privilege escalation
Improper input handling
Improper error handling
Cross-Site Scripting (XSS)
Structured query language (SQL Injections)
Dynamic Link Library (DLL Injections)
Lightweight directory access protocol (LDAP Injections)
Extensible Markup Language (XML) and XPATH Injections
XXE Injections
Directory traversal
Request forgeries
Application Programming Interface (API) attacks
Secure Sockets Layer (SSL) stripping
Replay attack (session replays)
Pass the hash
Race conditions (time of check and time of use)
Resource exhaustion
Memory leak
Pointerobject dereference
Integer overflow
Buffer overflows
Driver manipulation (shimming and refactoring)
Knowledge Check 1.3.1
Knowledge Check 1.3.2

Analyze potential indicators of network attacks
What are wireless attacks
Distributed Denial of Service (DDoS)
Rogue access point and Evil Twin
Bluesnarfing and Bluejacking
Disassociation and Jamming
Radio Frequency Identifier (RFID) attacks
Near Field Communication (NFC) attacks
Initialization Vector (IV)
Man in the middle
Man in the browser
What are layer 2 attacks
Address resolution protocol (ARP) poisoning
Media access control (MAC) flooding
MAC cloning & spoofing
What are Domain Name System (DNS) attacks and defenses
Domain hijacking
DNS poisoning
Universal resource locator (URL) redirection
Domain reputation
Knowledge Check

Explain threat actors, vectors, and intelligence sources
What are actors and threats
Attributes of actors
Vectors
Insider threats
State actors
Hacktivists
Script kiddies
Hackers (white hat, black hat, gray hat)
Criminal syndicates
Advanced persistent threat (APT)
Shadow IT
Competitors
Threat intelligence sources (OSINT and others)
Using threat intelligence
Research sources
Knowledge Check

Security concerns associated with various vulnerabilities
Cloud-based vs. on-premises vulnerabilities
Zero-day vulnerabilities
Weak configurations
Weak encryption, hashing, and digital signatures
Third-party risks
Improper or weak patch management
Legacy platforms
Impacts
Knowledge Check

Summarizing techniques used in security assessments
Threat hunting
Vulnerability scans
SyslogSecurity information and event management (SIEM)
Security orchestration, automation, response (SOAR)
Knowledge Check

Explaining techniques used in penetration testing
Important pentesting concepts
Bug bounties
Exercise types (red, blue, white, and purple teams)
Passive and active reconnaissance
Knowledge Check

Domain 2 Architecture and Design
About architecture and design

Explaining the importance of security concepts in an enterprise environment
Configuration management
Data sovereignty
Data protection
Hardware security module (HSM) and Trusted Platform Module (TPM)
Geographical considerations
Cloud access security broker (CASB)
Response and recovery controls
Secure Sockets Layer (SSL) and Transport Layer Security (TLS) inspection
Hashing
API considerations
Site resiliency
Deception and disruption
Knowledge Check 2.1

Virtualization and cloud computing concepts
Comparing cloud models
Cloud service providers
Virtualization
Containers
Microservices and APIs
Serverless architecture
MSPs and MSSPs
On-premises vs. off-premises
Edge computing
Fog computing
Thin client
Infrastructure as Code (IaC)
Services integration
Resource policies
Transit gateway
Knowledge Check 2.2

Secure application development, deployment, and automation concepts
Understanding development environments
Automation and scripting
Version control
Secure coding techniques
Open Web Application Security Project (OWASP)
Integrity measurement
Software diversity
Provisioning and deprovisioning
Elasticity
Scalability
Knowledge Check 2.3

Authentication and authorization design concepts
Important authentication and authorization concepts
Multifactor authentication (MFA) factors and attributes
MFA factors and attributes
Authentication technologies
Biometrics techniques and concepts
Authentication, authorization, and accounting (AAA)
Cloud vs. on-premises requirements
Knowledge Check 2.4

Implementing cybersecurity resilience
What is redundancy
Disk redundancy (RAID levels)
Network redundancy
Power redundancy
Replication
Backup types (full, incremental, differential, and snapshot)
Backup types practice scenarios
Backup devices and strategies
Backup types, devices, and strategies
Non-persistence
Restoration order
Diversity
Knowledge Check 2.5

Security implications of embedded and specialized systems
What are embedded systems
System on a Chip (SoC)
SCADA and ICS
Internet of Things (IoT)
Specialized systems
VoIP, HVAC, DronesAVs, MFP, RTOS, Surveillance systems
Communication considerations
Important constraints

Importance of physical security controls
Bollardsbarricades, Mantraps, Badges, Alarms, Signage
Lighting and fencing
Cameras and Closed-circuit television (CCTV)
Industrial camouflage
Personnel, robots, dronesUAVs
Locks
Different sensors
Fire suppression
Protected cable distribution (PCD)
Secure areas (air gap, faraday cages, DMZ, etc…)
Hot and cold aisles
Secure data destruction
USB data blocker
Knowledge Check 2.7

Basics of cryptography
Common use cases
Key length
Key stretching
Salting, hashing, digital signatures
Perfect forward secrecy
Elliptic curve cryptography
Ephemeral
Symmetric vs. asymmetric encryption
Key exchange
Cipher suites
Modes of operation
Lightweight cryptography and Homomorphic encryption
Steganography
Blockchain
Quantum and post-quantum
Limitations
Knowledge Check 2.8.1

Domain 3 Implementation
About implementation

Implement Secure Protocols
Important protocols to know and use cases
Important email secure protocols
IPsec and VPN
FTPS, SFTP, SCP
DNSSEC
SRTP and NTPsec
DHCP
SNMP and SNMPv3

Implement host or application security solutions
Endpoint protection
Self-encrypting drive (SED), full disk encryption (FDE), and file-level encrypti
Boot integrity
Database and data security
Application security
Hardening hosts
Sandboxing

Implement secure network designs
DNS
Load balancing
Network segmentation
East-West and North-South
Jump servers (bastion hosts)
NAT Gateways
Proxy servers
Out-of-band management
Virtual Private Networks (VPNs) and IPsec
Network Access Control (NAC)
Port security
Network-based intrusion detection and prevention system (NIDS and NIPS)
Firewalls
Next-Generation Firewalls
Access Control List (ACL) and Security Groups (SGs)
Quality of Service (QoS)
Implications of IPv6
Port scanning and port mirroring
File integrity monitors

Install and configure wireless security settings
Cryptographic protocols
Methods
Authentication protocols
Installation considerations

Implement secure mobile solutions
Connection methods and receivers
Mobile deployment models
Mobile device management (MDM)
Mobile devices
Enforcement and monitoring

Apply cybersecurity solutions to the cloud
Cloud security controls
Secure cloud storage
Secure cloud networking
Secure cloud compute resources
Secure cloud solutions

Implement identity and account management controls
Understanding identity
Account types to consider
Account policies to consider

Implement authentication and authorization solutions
Authentication management
Authentication protocols and considerations
Extensible Authentication Protocol (EAP)
RADIUS and TACACS+
Kerberos, LDAP, and NTLM
Federated Identities
Access control schemes

Implement public key infrastructure
What is public key infrastructure
Types of certificates
Certificate formats
Important concepts

Domain 4 Operations and Incident Response
About operations and incident response

Use the appropriate tools to assess organizational security
Network reconnaissance and discovery part 1
Network reconnaissance and discovery part 2
File manipulation
Shell and script environments
Packet capture and replay
Forensics tools
Exploitation frameworks
Password crackers
Data sanitization

Policies, processes, and procedures for incident response
Incident response plans
Incident response process
Important exercises
Important attack frameworks
BCP, COOP, and DRP
Incident response team and stakeholder management
Retention policies

Using appropriate data sources to support investigations after an incident
Vulnerability scan outputs
SIEM dashboards
Log files
Syslog, rsyslog, syslog-ng
Journald and journalctl
NXLog
Bandwidth and network monitors
Important and useful metadata

Applying mitigation techniques or controls to secure environments during an
Reconfiguring endpoint security solutions
Configuration changes
Isolation, containment, and segmentation
Secure Orchestration, Automation, and Response (SOAR)

Key aspects of digital forensics
Documentation and evidence
E-discovery, data recovery, and non-repudiation
Integrity and preservation of information
Acquisition
On-premises vs. cloud
Strategic intelligence and counterintelligence

Domain 5 Governance, Risk, and Compliance
About governance, risk and compliance

Compare and contrast various types of controls
Categories
Control types

Applicable regulationsstandardsframeworks that impact security posture
Regulations, standards, and legislation
Key frameworks to know about
Benchmarks and secure configuration guides

Importance of policies to organizational security
Personnel
User training
Third-party risk management
Data
Credential policies
Organizational policies

Risk management processes and concepts
Types of risks
Risk management strategies
Risk analysis
Disasters
Business impact analysis

Privacy and sensitive data concepts in relation to security
Organizational consequences of privacy breaches
Notifications of breaches
Data types
Privacy enhancing technologies
Roles and responsibilities

Practice Exams and Next Steps
What should you do next
Bonus FREE Performance-Based Questions (PBQs)
Realistic Security+ Practice Exam