CompTIA Security+ / CySA+ / CASP+ Certification Training
CompTIA Security+ / CySA+ / CASP+
| Course Number: |
#CED-1384 |
| Course Length: |
15 days |
| Number of Exams: |
3 |
| Certifications: |
CompTIA Security+
CompTIA Cybersecurity Analyst (CySA)
|
Grants (discounts) are available for multiple students for the same or different courses. |
Instructor-Led
- Certified Instructor
- Includes all course materials
Can't travel or you want to stay with your family or business. No problem!
Stay in your own city and save the additional expenses of roundtrip airfare, lodging, transportation, and meals and receive the same great instruction live from our instructors in our Live Instructor-Led Remote Classroom Training.
Remote Classroom Training
Our Remote Classroom Training is a live class with students observing the instructor and listening through your computer speakers.
You will see the instructor's computer, slides, notes, etc., just like in the classroom. You will be following along, doing work, labs, and individual assignments.
The CompTIA Security+ exam will certify that the successful candidate has the knowledge and
skills required to identify risk, to participate in risk mitigation activities, and to provide
infrastructure, application, information, and operational security.
CompTIA Cybersecurity Analyst (CySA+) is an international, vendor-neutral cybersecurity certification that applies behavioral analytics to improve the overall state of IT security. CySA+ validates critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats.
The CompTIA Advanced Security Practitioner (CASP) Certification is a vendor-neutral credential. The CASP exam is an internationally targeted validation of advanced-level security skills and knowledge. While there is no required prerequisite, the CASP certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, "hands-on" focus at the enterprise level.
CompTIA Security+
CompTIA Security+ (SY0-701) is a global certification that validates the baseline skills necessary to perform core security functions and pursue an IT security career.
Open the Door to Your Cybersecurity Career
Launch a successful cybersecurity career
Develop a core foundation of essential skills, paving the way for a fulfilling career. More job roles use Security+ for baseline cybersecurity skills than any other certification in the industry.
Assess on-the-job skills
Security+ is the most widely adopted ISO/ANSI-accredited early career cybersecurity certification on the market with hands-on, performance-based questions on the certification exam. These practical questions assess your ability to effectively problem solve in real-life situations and demonstrate your expertise to potential employers immediately.
Embrace the latest trends
Understand and use the most recent advancements in cybersecurity technology, terms, techniques, and tools. By acquiring early career skills in the latest trends such as automation, zero trust, risk analysis, operational technology, and IoT, you will be well-equipped to excel in the ever-evolving cybersecurity landscape.
Exam SY0-701
The new CompTIA Security+ represents the latest and greatest in cybersecurity, covering the most in-demand skills related to current threats, automation, zero trust, IoT, risk - and more. Once certified, you'll understand the core skills needed to succeed on the job - and employers will notice too. The Security+ exam verifies you have the knowledge and skills required to:
- Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions.
- Monitor and secure hybrid environments, including cloud, mobile, Internet of Things (IoT), and operational technology.
- Operate with an awareness of applicable regulations and policies, including principles of governance, risk, and compliance.
- Identify, analyze, and respond to security events and incidents.
CompTIA Security+ is compliant with ISO 17024 standards and approved by the U.S. DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.
What Skills Will You Learn?
General Security Concepts
Includes key cybersecurity terminology and concepts up front to provide a foundation for security controls discussed throughout the exam.
Threats, Vulnerabilities & Mitigations
Focuses on responding to common threats, cyberattacks, vulnerabilities, and security incidents and appropriate mitigation techniques to monitor and secure hybrid environments.
Security Architecture
Includes security implications of different architecture models, principles of securing enterprise infrastructure, and strategies to protect data.
Security Operations
Includes applying and enhancing security and vulnerability management techniques, as well as security implications of proper hardware, software, and data management.
Security Program Management & Oversight
Updated to better reflect the reporting and communication skills required for Security+ job roles relating to governance, risk management, compliance, assessment, and security awareness.
Jobs You Can Land With CompTIA Security+
- Cloud Penetration Tester
- Network Security Operations
- Penetration Tester
- Network Security Analyst
- Web App Penetration Tester
- Security Architect
Course Content
1.0 General Security Concepts
Compare and contrast various types of security controls.
Summarize fundamental security concepts.
- Confidentiality, Integrity, and Availability (CIA)
- Non-repudiation
- Authentication, Authorization, and Accounting (AAA)
- Gap analysis
- Zero Trust
- Physical security
- Deception and disruption technology
Explain the importance of change management processes and the impact to security.
- Business processes impacting security operation
- Technical implications
- Documentation
- Version control
Explain the importance of using appropriate cryptographic solutions.
- Public key infrastructure (PKI)
- Encryption
- Tools
- Obfuscation
- Steganography
- Tokenization
- Data masking
- Hashing
- Salting
- Digital signatures
- Key stretching
- Blockchain
- Open public ledger
- Certificates
2.0 Threats, Vulnerabilities, and Mitigations
Compare and contrast common threat actors and motivations.
- Threat actors
- Attributes of actors
- Motivations
Explain common threat vectors and attack surfaces.
- Message-based
- Email
- Short Message Service (SMS)
- Instant messaging (IM)
- Image-based
- File-based
- Voice call
- Removable device
- Vulnerable software
- Unsupported systems and applications
- Unsecure networks
- Open service ports
- Default credentials
- Supply chain
- Human vectors/social engineering
Explain various types of vulnerabilities.
- Application
- Operating system (OS)-based
- Web-based
- Hardware
- Virtualization
- Cloud-specific
- Supply chain
- Cryptographic
- Misconfiguration
- Mobile device
- Zero-day
Given a scenario, analyze indicators of malicious activity.
- Malware attacks
- Physical attacks
- Network attacks
- Application attacks
- Cryptographic attacks
- Password attacks
- Indicators
Explain the purpose of mitigation techniques used to secure the enterprise.
- Segmentation
- Access control
- Application allow list
- Isolation
- Patching
- Encryption
- Monitoring
- Least privilege
- Configuration enforcement
- Decommissioning
- Hardening techniques
3.0 Security Architecture
Compare and contrast security implications of different architecture models.
- Architecture and infrastructure concepts
- Considerations
Given a scenario, apply security principles to secure enterprise infrastructure.
- Infrastructure considerations
- Secure communication/access
- Selection of effective controls
Compare and contrast concepts and strategies to protect data.
- Data types
- Data classifications
- General data considerations
- Methods to secure data
Explain the importance of resilience and recovery in security architecture.
- High availability
- Site considerations
- Platform diversity
- Multi-cloud systems
- Continuity of operations
- Capacity planning
- Testing
- Backups
- Power
4.0 Security Operations
Given a scenario, apply common security techniques to computing resources.
- Secure baselines
- Hardening targets
- Wireless devices
- Mobile solutions
- Wireless security settings
- Application security
- Sandboxing
- Monitoring
Explain the security implications of proper hardware, software, and data asset management.
- Acquisition/procurement process
- Assignment/accounting
- Monitoring/asset tracking
- Disposal/decommissioning
Explain various activities associated with vulnerability management.
- Identification methods
- Analysis
- Vulnerability response and remediation
- Validation of remediation
- Reporting
Explain security alerting and monitoring concepts and tools.
- Monitoring computing resources
- Activities
- Tools
Given a scenario, modify enterprise capabilities to enhance security.
- Firewall
- IDS/IPS
- Web filter
- Operating system security
- Implementation of secure protocols
- DNS filtering
- Email security
- File integrity monitoring
- DLP
- Network access control (NAC)
- Endpoint detection and response (EDR)/extended detection and response (XDR)
- User behavior analytics
Given a scenario, implement and maintain identity and access management.
- Provisioning/de-provisioning user accounts
- Permission assignments and implications
- Identity proofing
- Federation
- Single sign-on (SSO)
- Interoperability
- Attestation
- Access controls
- Multifactor authentication
- Password concepts
- Privileged access management tools
Explain the importance of automation and orchestration related to secure operations.
- Use cases of automation and scripting
- Benefits
- Other considerations
Explain appropriate incident response activities.
- Process
- Training
- Testing
- Root cause analysis
- Threat hunting
- Digital forensics
Given a scenario, use data sources to support an investigation.
5.0 Security Program Management and Oversight
Summarize elements of effective security governance.
- Guidelines
- Policies
- Standards
- Procedures
- External considerations
- Monitoring and revision
- Types of governance structures
- Roles and responsibilities for systems and data
Explain elements of the risk management process.
- Risk identification
- Risk assessment
- Risk analysis
- Risk register
- Risk tolerance
- Risk appetite
- Risk management strategies
- Risk reporting
- Business impact analysis
Explain the processes associated with third-party risk assessment and management.
- Vendor assessment
- Vendor selection
- Agreement types
- Vendor monitoring
- Questionnaires
- Rules of engagement
Summarize elements of effective security compliance.
- Compliance reporting
- Consequences of non-compliance
- Compliance monitoring
- Privacy
Explain types and purposes of audits and assessments.
- Attestation
- Internal
- External
- Penetration testing
Given a scenario, implement security awareness practices.
- Phishing
- Anomalous behavior recognition
- User guidance and training
- Reporting and monitoring
- Development
- Execution
[ back to top ]
CompTIA Cybersecurity Analyst (CySA+)
CompTIA Cybersecurity Analyst (CySA+) is an international, vendor-neutral cybersecurity certification that applies behavioral analytics to improve the overall state of IT security. CySA+ validates critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats.
Overview
As attackers have learned to evade traditional signature-based solutions such as firewalls, an analytics-based approach within the IT security industry is increasingly important for most organizations. The behavioral analytics skills covered by CySA+ identify and combat malware, and advanced persistent threats (APTs), resulting in enhanced threat visibility across a broad attack surface. CompTIA CySA+ is for IT professionals looking to gain the following security analyst skills:
- Configure and use threat detection tools.
- Perform data analysis.
- Interpret the results to identify vulnerabilities, threats and risks to an organization.
CySA+ certified skills are in-demand
Properly trained IT security staff who can analyze, monitor and protect cybersecurity resources are in high demand. The U.S. Bureau of Labor Statistics (BLS) predicts that information security analysts will be the fastest growing overall job category, with 37 percent overall growth between 2012 and 2022.
CySA+ is globally recognized
CompTIA CySA+ is ISO/ANSI 17024 accredited and is awaiting approval by the U.S. Department of Defense (DoD) for directive 8140/8570.01-M requirements.
CySA+ provides substantial earnings potential
A career in information security analysis ranked seventh on U.S. News and World Report's list of the 100 best technology jobs for 2017. According to the Bureau of Labor Statistics, the median pay for an information security analyst is $90,120 per year.
Target Student
The CompTIA CySA+ examination is designed for IT security analysts, vulnerability analysts or threat
intelligence analysts. The exam will certify that the successful candidate has the knowledge
and skills required to configure and use threat detection tools, perform data analysis and
interpret the results to identify vulnerabilities, threats and risks to an organization with the
end goal of securing and protecting applications and systems within an organization.
Prerequisite
The CompTIA CySA+ exam is an internationally targeted validation of intermediate-level security skills and knowledge.
While there is no required prerequisite, the CompTIA CySA+ certification is intended to follow CompTIA
Security+ or equivalent experience and has a technical, "hands-on" focus on IT security analytics.
It is recommended for CompTIA CySA+ certification candidates to have the following:
- 3-4 years of hands-on information security or related experience
- Network+, Security+ or equivalent knowledge
Course Content
Threat Management
- Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes.
- Given a scenario, analyze the results of a network reconnaissance.
- Given a network-based threat, implement or recommend the appropriate response and countermeasure.
- Explain the purpose of practices used to secure a corporate environment.
Vulnerability Management
- Given a scenario, implement an information security vulnerability management process.
- Given a scenario, analyze the output resulting from a vulnerability scan.
- Compare and contrast common vulnerabilities found in the following targets within an organization.
Cyber Incident Response
- Given a scenario, distinguish threat data or behavior to determine the impact of an incident.
- Given a scenario, prepare a toolkit and use appropriate forensics tools during an investigation.
- Explain the importance of communication during the incident response process.
- Given a scenario, analyze common symptoms to select the best course of action to support incident response.
- Summarize the incident recovery and post-incident response process.
Security Architecture and Tool Sets
- Explain the relationship between frameworks, common policies, controls, and procedures.
- Given a scenario, use data to recommend remediation of security issues related to identity and access management.
- Given a scenario, review security architecture and make recommendations to implement compensating controls.
- Given a scenario, use application security best practices while participating in the Software Development Life Cycle (SDLC).
- Compare and contrast the general purpose and reasons for using various cybersecurity tools and technologies.
[ back to top ]
CompTIA Advanced Security Practitioner (CASP)
CompTIA Advanced Security Practitioner (CASP+) CAS-004 is an advanced-level cybersecurity certification for security architects and senior security engineers charged with leading and improving an enterprise's cybersecurity readiness.
Why is CASP+ Different?
CASP+ is the only hands-on, performance-based certification for advanced practitioners - not managers - at the advanced skill level of cybersecurity. While cybersecurity managers help identify what cybersecurity policies and frameworks could be implemented, CASP+ certified professionals figure out how to implement solutions within those policies and frameworks.
Unlike other certifications, CASP+ covers both security architecture and engineering - CASP+ is the only certification on the market that qualifies technical leaders to assess cyber readiness within an enterprise, and design and implement the proper solutions to ensure the organization is ready for the next attack.
What Skills Will You Learn?
Security Architecture
Expanded coverage to analyze security requirements in hybrid networks to work toward an enterprise-wide, zero trust security architecture with advanced secure cloud and virtualization solutions.
Security Operations
Expanded emphasis on newer techniques addressing advanced threat management, vulnerability management, risk mitigation, incident response tactics, and digital forensics analysis.
Governance, Risk, and Compliance
Expanded to support advanced techniques to prove an organization's overall cybersecurity resiliency metric and compliance to regulations, such as CMMC, PCI-DSS, SOX, HIPAA, GDPR, FISMA, NIST, and CCPA.
Security Engineering and Cryptography
Expanded to focus on advanced cybersecurity configurations for endpoint security controls, enterprise mobility, cloud/hybrid environments, and enterprise-wide PKI and cryptographic solutions.
Jobs That Use CASP+
- Security Architect
- Senior Security Engineer
- SOC Manager
- Security Analyst
Class Outline
1.0 Security Architecture
Given a scenario, analyze the security requirements and
objectives to ensure an appropriate, secure network
architecture for a new or existing network.
- Services
- Segmentation
- Deperimeterization/zero trust
- Merging of networks from various organizations
- Software-defined networking (SDN)
Given a scenario, analyze the organizational requirements
to determine the proper infrastructure security design.
- Scalability
- Resiliency
- Performance
- Automation
- Containerization
- Virtualization
- Content delivery network
- Caching
Given a scenario, integrate software applications
securely into an enterprise architecture.
- Baseline and templates
- Software assurance
- Considerations of integrating enterprise applications
- Integrating security into development life cycle
Given a scenario, implement data security techniques
for securing enterprise architecture.
- Data loss prevention
- Data loss detection
- Data classification, labeling, and tagging
- Obfuscation
- Anonymization
- Encrypted vs. unencrypted
- Data life cycle
- Data inventory and mapping
- Data integrity management
- Data storage, backup, and recovery
Given a scenario, analyze the security requirements and objectives to
provide the appropriate authentication and authorization controls.
- Credential management
- Password policies
- Federation
- Access control
- Protocols
- Multifactor authentication (MFA)
- One-time password (OTP)
- Hardware root of trust
- Single sign-on (SSO)
- JavaScript Object Notation (JSON) web token (JWT)
- Attestation and identity proofing
Given a set of requirements, implement secure
cloud and virtualization solutions
- Virtualization strategies
- Provisioning and deprovisioning
- Middleware
- Metadata and tags
- Deployment models and considerations
- Hosting models
- Service models
- Cloud provider limitations
- Extending appropriate on-premises controls
- Storage models
Explain how cryptography and public key infrastructure (PKI)
support security objectives and requirements.
- Privacy and confidentiality requirements
- Integrity requirements
- Non-repudiation
- Compliance and policy requirements
- Common cryptography use cases
- Common PKI use cases
Explain the impact of emerging technologies
on enterprise security and privacy.
- Artificial intelligence
- Machine learning
- Quantum computing
- Blockchain
- Homomorphic encryption
- Secure multiparty computation
- Distributed consensus
- Big Data
- Virtual/augmented reality
- 3-D printing
- Passwordless authentication
- Nano technology
- Deep learning
- Biometric impersonation
2.0 Security Operations
Given a scenario, perform threat management activities.
- Intelligence types
- Actor types
- Threat actor properties
- Intelligence collection methods
- Frameworks
Given a scenario, analyze indicators of compromise
and formulate an appropriate response.
- Indicators of compromise
- Response
Given a scenario, perform vulnerability management activities.
- Vulnerability scans
- Security Content Automation Protocol (SCAP)
- Self-assessment vs. third- party vendor assessment
- Patch management
- Information sources
Given a scenario, use the appropriate vulnerability
assessment and penetration testing methods and tools.
- Methods
- Tools
- Dependency management
- Requirements
Given a scenario, analyze vulnerabilities
and recommend risk mitigations.
- Vulnerabilities
- Inherently vulnerable system/application
- Attacks
Given a scenario, use processes to reduce risk.
- Proactive and detection
- Security data analytics
- Preventive
- Application control
- Security automation
- Physical security
Given an incident, implement the appropriate response.
- Event classifications
- Triage event
- Preescalation tasks
- Incident response process
- Specific response playbooks/processes
- Communication plan
- Stakeholder management
Explain the importance of forensic concepts.
- Legal vs. internal corporate purposes
- Forensic process
- Integrity preservation
- Cryptanalysis
- Steganalysis
Given a scenario, use forensic analysis tools.
- File carving tools
- Binary analysis tools
- Analysis tools
- Imaging tools
- Hashing utilities
- Live collection vs. post-mortem tools
3.0 Security Engineering and Cryptography
Given a scenario, apply secure configurations to enterprise mobility.
- Managed configurations
- Deployment scenarios
- Security considerations
Given a scenario, configure and implement endpoint security controls.
- Hardening techniques
- Processes
- Mandatory access control
- Trustworthy computing
- Compensating controls
Explain security considerations impacting specific
sectors and operational technologies.
- Embedded
- ICS/supervisory control and data acquisition (SCADA)
- Protocols
- Sectors
Explain how cloud technology adoption
impacts organizational security.
- Automation and orchestration
- Encryption configuration
- Logs
- Monitoring configurations
- Key ownership and location
- Key life-cycle management
- Backup and recovery methods
- Infrastructure vs. serverless computing
- Application virtualization
- Software-defined networking
- Misconfigurations
- Collaboration tools
- Storage configurations
- Cloud access security broker (CASB)
Given a business requirement, implement
the appropriate PKI solution.
- PKI hierarchy
- Certificate types
- Certificate usages/profiles/templates
- Extensions
- Trusted providers
- Trust model
- Cross-certification
- Configure profiles
- Life-cycle management
- Public and private keys
- Digital signature
- Certificate pinning
- Certificate stapling
- Certificate signing requests (CSRs)
- Online Certificate Status Protocol (OCSP) vs. certificate revocation list (CRL)
- HTTP Strict Transport Security (HSTS)
Given a business requirement, implement the appropriate
cryptographic protocols and algorithms.
- Hashing
- Symmetric algorithms
- Asymmetric algorithms
- Protocols
- Elliptic curve cryptography
- Forward secrecy
- Authenticated encryption with associated data
- Key stretching
Given a scenario, troubleshoot issues with
cryptographic implementations.
- Implementation and configuration issues
- Keys
4.0 Governance, Risk, and Compliance
Given a set of requirements, apply the appropriate risk strategies.
- Risk assessment
- Risk handling techniques
- Risk types
- Risk management life cycle
- Risk tracking
- Risk appetite vs. risk tolerance
- Policies and security practices
Explain the importance of managing and mitigating vendor risk.
- Shared responsibility model (roles/responsibilities)
- Vendor lock-in and vendor lockout
- Vendor viability
- Meeting client requirements
- Support availability
- Geographical considerations
- Supply chain visibility
- Incident reporting requirements
- Source code escrows
- Ongoing vendor assessment tools
- Third-party dependencies
- Technical considerations
Explain compliance frameworks and legal
considerations, and their organizational impact.
- Security concerns of integrating diverse industries
- Data considerations
- Geographic considerations
- Third-party attestation of compliance
- Regulations, accreditations, and standards
- Legal considerations
- Contract and agreement types
Explain the importance of business continuity
and disaster recovery concepts.
- Business impact analysis
- Privacy impact assessment
- Disaster recovery plan (DRP)/ business continuity plan (BCP)
- Incident response plan
- Testing plans
[ back to top ]
CED Solutions is your best choice for CompTIA Security+ CySA+ CASP+,
CompTIA Security+ CySA+ CASP+ training,
CompTIA Security+ CySA+ CASP+ certification,
CompTIA Security+ CySA+ CASP+ boot camp,
CompTIA Security+ CySA+ CASP+ certification training,
CompTIA Security+ CySA+ CASP+ certification course,
CompTIA Security+ CySA+ CASP+ course,
CompTIA Security+ CySA+ CASP+ class.
|
Follow CED