CompTIA Security+ Certification Boot Camp

CompTIA Security+ Certification: Exam SYO-101

The Security+ certification is an internationally recognized validation of the technical knowledge required of foundation-level security practitioners. A Security+ certified individual has successfully proven holding a foundation-level of skill and knowledge in General Security Concepts, Communication Security, Infrastructure Security, Basics of Cryptography and Operational / Organizational Security.

Prerequisites
Knowledge and skills equivalent of those tested for in the CompTIA A+ and Network+ certification exams

Domain 1.0 – General Security Concepts - 30%
1.1 Recognize and be able to differentiate and explain the following access control models
1.2 Recognize and be able to differentiate and explain the following methods of authentication
1.3 Identify non-essential services and protocols and know what actions to take to reduce the risks of those services and protocols
1.4 Recognize the following attacks and specify the appropriate actions to take to mitigate vulnerability and risk
1.5 Recognize the following types of malicious code and specify the appropriate actions to take to mitigate vulnerability and risk
1.6 Understand the concept of and know how reduce the risks of social engineering
1.7 Understand the concept and significance of auditing, logging and system scanning

Domain 2.0 – Communication Security - 20%
2.1 Recognize and understand the administration of the following types of remote access technologies
2.2 Recognize and understand the administration of the following email security concepts
2.3 Recognize and understand the administration of the following Internet security concepts
2.4 Recognize and understand the administration of the following directory security concepts
2.5 Recognize and understand the administration of the following file transfer protocols and concepts
2.6 Recognize and understand the administration of the following wireless technologies and concepts

Domain 3.0 Infrastructure Security – 20%
3.1 Understand security concerns and concepts of the following types of devices
3.2 Understand the security concerns for the following types of media
3.3 Understand the concepts behind the following kinds of Security Topologies
3.4 Differentiate the following types of intrusion detection, be able to explain the concepts of each type, and understand the implementation and configuration of each kind of intrusion detection system
3.5 Understand the following concepts of Security Baselines, be able to explain what a Security Baseline is, and understand the implementation and configuration of each kind of intrusion detection system

Domain 4.0 Basics of Cryptography – 15%
4.1 Be able to identify and explain the of the following different kinds of cryptographic algorithms
4.2 Understand how cryptography addresses the following security concepts
4.3 Understand and be able to explain the following concepts of PKI (Public Key Infrastructure)
4.4 Identify and be able to differentiate different cryptographic standards and protocols
4.5 Understand and be able to explain the following concepts of Key Management and Certificate Lifecycles

Domain 5.0 Operational / Organizational Security – 15%
5.1 Understand the application of the following concepts of physical security
5.2 Understand the security implications of the following topics of disaster recovery
5.3 Understand the security implications of the following topics of business continuity
5.4 Understand the concepts and uses of the following types of policies and procedures
5.5 Explain the following concepts of privilege management
5.6 Understand the concepts of the following topics of forensics
5.7 Understand and be able to explain the following concepts of risk identification
5.8 Understand the security relevance of the education and training of end users, executives and human resources
5.9 Understand and explain the following documentation concepts