Copy of CompTIA Security+

Provided by

About the course

Learn via:Classroom/AFA

Duration:5 Days


Tech type:Essentials



The CompTIA Security+ exam will certify the successful candidate has the knowledge and skills required to install and configure systems to secure applications, networks, and devices; perform threat analysis and respond with appropriate mitigation techniques; participate in risk mitigation activities; and operate with an awareness of applicable policies, laws, and regulations. This course will help delegates prepare for exam SY0-501 - released on October ​4, 2017.


CompTIA Security+ is aimed at IT professionals with job roles such as security architect, security engineer, security consultant/specialist, information assurance technician, security administrator, systems administrator, and network administrator.

Ideally, you should have successfully completed the 'CompTIA Network+ Support Skills' course and have around 24 months' experience of networking support or IT administration. It is not necessary that you pass the Network+ exam before completing Security+ certification, but it is recommended.

Specifically, it is recommended that you have the following skills and knowledge before starting this course:

  • Know the function and basic features of the components of a PC.
  • Use Windows Server to create and manage files and use basic administrative features (Explorer, Control Panel, Server Manager, and Management Consoles).
  • Operate the Linux OS using basic command-line tools.
  • Know basic network terminology and functions (such as OSI Model, Topology, Ethernet, Wi-Fi, switches, routers).
  • Understand TCP/IP addressing, core protocols, and troubleshooting tools

Learning outcomes

This course will teach you the fundamental principles of installing and configuring cybersecurity controls and participating in incident response and risk mitigation.

Study of the course can also help to build the prerequisites to study more advanced IT security qualifications, including CompTIA Cybersecurity Analyst (CSA)+, CompTIA Advanced Security Practitioner (CASP), and ISC’s CISSP (Certified Information Systems Security Professional).

On course completion, you will be able to:

  • Identify network attack strategies and defenses.
  • Understand the principles of organizational security and the elements of effective security policies.
  • Know the technologies and uses of cryptographic standards and products.
  • Identify network- and host-based security technologies and practices.
  • Describe how wireless and remote access security is enforced.
  • Describe the standards and products used to enforce security on web and communications technologies.
  • Identify strategies for ensuring business continuity, fault tolerance, and disaster recovery.
  • Summarize application and coding vulnerabilities and identify development and deployment methods designed to mitigate them.

Course outline

Module 1: Security fundamentals
  • Security concepts
  • Enterprise security strategy
  • Security program components
Module 2: Risk management
  • Understanding threats
  • Risk management programs
  • Security assessments
Module 3: Cryptography
  • Cryptography concepts
  • Public key infrastructure
  • Module 4: Network connectivity
  • Network attacks
  • Packet flow
Module 5: Network security technologies
  • Network security components
  • Monitoring tools
Module 6: Secure network configuration
  • Secure network protocols
  • Hardening networks
Module 7: Authentication
  • Authentication factors
  • Authentication protocols
Module 8: Access control
  • Access control principles
  • Account management
Module 9: Securing hosts and data
  • Malware
  • Securing data
  • Securing hosts
Module 10: Securing specialized systems
  • Mobile security
  • Embedded and specialized systems
Module 11: Application security
  • Application attacks
  • Securing applications
Module 12: Cloud security
  • Virtual and cloud systems
  • Securing cloud services
Module 13: Organizational security
  • Social engineering
  • Security policies
  • User roles and training
  • Physical security and safety
Module 14: Disaster planning and recovery
  • Business continuity
  • Resilient systems
  • Incident response procedures

Related article

QA's practice director of Cyber Security, Richard Beck, rounds up the latest cyber security news.