CompTIA Security+ is a global certification that validates the baseline skills necessary to perform core security functions and is the first security certification a candidate should earn.
CompTIA Security+ establishes the core knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs.
Learning Objectives
Agenda
Lesson 1: Summarize Fundamental Security Concepts
Security Concepts
Security Controls
Lesson 2: Compare Threat Types
Threat Actors
Attack Surfaces
Social Engineering
Lesson 3: Explain Cryptographic Solutions
Cryptographic Algorithms
Public Key Infrastructure
Cryptographic Solutions
Lesson 4: Implement Identity and Access Management
Authentication
Authorization
Identity Management
Lesson 5: Secure Enterprise Network Architecture
Enterprise Network Architecture
Network Security Appliances
Secure Communications
Lesson 6: Secure Cloud Network Architecture
Cloud Infrastructure
Embedded Systems and Zero Trust Architecture
Lesson 7: Explain Resiliency and Site Security Concepts
Asset Management
Redundancy Strategies
Physical Security
Lesson 8: Explain Vulnerability Management
Device and OS Vulnerabilities
Application and Cloud Vulnerabilities
Vulnerability Identification Methods
Vulnerability Analysis and Remediation
Lesson 9: Evaluate Network Security Capabilities
Network Security Baselines
Network Security Capability Enhancement
Lesson 10: Assess Endpoint Security Capabilities
Implement Endpoint Security
Mobile Device Hardening
Lesson 11: Enhance Application Security Capabilities
Application Protocol Security Baselines
Cloud and Web Application Security Concepts
Lesson 12: Explain Incident Response and Monitoring Concepts
Incident Response
Digital Forensics
Data Sources
Alerting and Monitoring Tools
Lesson 13: Analyze Indicators of Malicious Activity
Malware Attack Indicators
Physical and Network Attack Indicators
Application Attack Indicators
Lesson 14: Summarize Security Governance Concepts
Policies, Standards, and Procedures
Change Management
Automation and Orchestration
Lesson 15: Explain Risk Management Processes
Risk Management Processes and Concepts
Vendor Management Concepts
Audits and Assessments
Lesson 16: Summarize Data Protection and Compliance Concepts
Data Classification and Compliance
Personnel Policies
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.