CompTIA Security+ SY0-601 Course
-
About the course and examAbout the course and certification
-
About the course author
-
Pre-requisites
-
Tools and tips to help you study more efficiently
-
Study techniques that will help you pass
-
What surprised me the most about the exam
-
Domain 1: Threats, Attacks, and VulnerabilitiesAbout threats, attacks, and vulnerabilities
-
1.1: Compare and contrast social engineering techniquesWhat is social engineering?
-
Principles
-
Spam
-
Blocking and Managing Spam
-
Phishing
-
Smishing
-
Vishing
-
Spear Phishing
-
Whaling
-
Impersonation
-
Dumpster diving
-
Shoulder surfing
-
Pharming
-
Tailgating
-
Eliciting information
-
Prepending
-
Identity fraud
-
Invoice scams
-
Credentials harvesting
-
Reconnaissance
-
Hoax
-
Watering hole attack
-
Typo squatting and URL hijacking
-
Influence campaigns
-
Hybrid warfare
-
Practical knowledge check
-
1.2: Analyze potential indicators to determine the type of attackWhat is malware?
-
Malware classification
-
Virus
-
Worms
-
Backdoor
-
Trojans
-
Remote Access Trojan (RAT)
-
Ransomware and Crypto Malware
-
How does ransomware work?
-
Potentially unwanted programs (PUPs)
-
Spyware
-
Adware and Malvertising
-
Keyloggers
-
Fileless malware
-
Logic bombs
-
Rootkit
-
Bots and Botnets
-
Command and control
-
What are password attacks?
-
Plaintext, encrypted, and hashed passwords
-
Brute force
-
Dictionary attacks
-
Spraying attacks
-
Rainbow and hash tables
-
Credential stuffing
-
What are physical attacks?
-
Malicious universal serial bus (USB) cable
-
Malicious flash drive
-
Card cloning
-
Skimming
-
What is adversarial AI and tainted training for ML?
-
Supply-chain attacks
-
Cloud-based vs. on-premises attacks
-
Cryptography concepts
-
Cryptographic attacks
-
Quiz: 1.23 Quizzes
-
1.3: Analyze potential indicators associated with application attacksPrivilege escalation
-
Improper input handling
-
Improper error handling
-
Cross-Site Scripting (XSS)
-
Structured Query Language (SQL) injections
-
Dynamic Link Library (DLL) Injections
-
Lightweight directory access protocol (LDAP) Injections
-
Extensible Markup Language (XML) and XPATH Injections
-
XXE Injections
-
Directory traversal
-
Request forgeries (server-side, client-side, and cross-site)
-
Application Programming Interface (API) attacks
-
Secure Sockets Layer (SSL) stripping
-
Replay attacks (session replays)
-
Pass the hash
-
Race conditions (time of check and time of use)
-
Resource exhaustion
-
Memory leak
-
Pointer/object dereference
-
Integer overflow
-
Buffer overflows
-
Driver manipulation (shimming and refactoring)
-
Quiz 1.32 Quizzes
-
1.4: Analyze potential indicators of network attacksWhat are wireless attacks?
-
Distributed Denial of Service (DDoS)
-
Rogue access point and Evil Twin
-
Bluesnarfing and Bluejacking
-
Disassociation and Jamming
-
Radio Frequency Identifier (RFID) attacks
-
Near Field Communication (NFC)
-
Initialization Vector (IV)
-
Man in the middle (on-path)
-
Man in the browser (on-path browser)
-
What are layer 2 attacks?
-
Address resolution protocol (ARP)
-
Media access control (MAC) flooding
-
MAC cloning
-
What are Domain Name System (DNS) attacks and defenses?
-
Domain hijacking
-
DNS poisoning
-
Universal resource locator (URL) redirection
-
Domain reputation
-
Quiz 1.41 Quiz
-
1.5: Explain threat actors, vectors, and intelligence sourcesWhat are actors and threats?
-
Attributes of actors
-
Vectors
-
Insider threats
-
State actors
-
Hacktivists
-
Script kiddies
-
Hackers (white hat, black hat, gray hat)
-
Criminal syndicates
-
Advanced persistent threats (APTs)
-
Shadow IT
-
Competitors
-
Threat intelligence sources (OSINT and others)
-
Using threat intelligence
-
Research sources
-
Quiz 1.51 Quiz
-
1.6: Security concerns associated with various vulnerabilitiesCloud-based vs. on-premises vulnerabilities
-
Zero-day vulnerabilities
-
Weak configurations
-
Weak encryption, hashing, and digital signatures
-
Third-party risks
-
Improper or weak patch management
-
Legacy platforms
-
Impacts
-
Quiz 1.61 Quiz
-
1.7: Summarizing techniques used in security assessmentsThreat hunting
-
Vulnerability scans
-
Security information and event management (SIEM) and Syslog
-
Security orchestration, automation, and response (SOAR)
-
Quiz 1.71 Quiz
-
1.8: Explaining techniques used in penetration testingImportant pentesting concepts
-
Bug bounties
-
Exercise types (red, blue, white, and purple teams)
-
Passive and active reconnaissance
-
Quiz 1.81 Quiz
-
Domain 2: Architecture and DesignAbout architecture and design
-
2.1: Explaining the importance of security concepts in an enterprise environmentConfiguration management
-
Data sovereignty
-
Data protection
-
Hardware security module (HSM) and Trusted Platform Module (TPM)
-
Geographical considerations
-
Cloud access security broker (CASB)
-
Response and recovery controls
-
Secure Sockets Layer (SSL) and Transport Layer Security (TLS) inspection
-
Hashing
-
API considerations
-
Site resiliency
-
Deception and disruption
-
Quiz 2.11 Quiz
-
2.2: Virtualization and cloud computing conceptsComparing cloud models
-
Cloud service providers
-
Virtualization
-
Containers
-
Microservices and APIs
-
Serverless architecture
-
MSPs and MSSPs
-
On-premises vs. off-premises
-
Edge computing
-
Fog computing
-
Thin client
-
Infrastructure as Code
-
Services integration
-
Resource policies
-
Transit gateway
-
Quiz 2.21 Quiz
-
2.3: Secure application development, deployment, and automation conceptsUnderstanding development environments
-
Automation and scripting
-
Version control
-
Secure coding techniques
-
Open Web Application Security Project (OWASP)
-
Integrity measurement
-
Software diversity
-
Provisioning and deprovisioning
-
Elasticity
-
Scalability
-
Quiz 2.31 Quiz
-
2.4: Authentication and authorization design conceptsImportant authentication and authorization concepts
-
Multifactor authentication (MFA) factors and attributes
-
Quiz: MFA factors and attributes1 Quiz
-
Authentication technologies
-
Biometrics techniques and concepts
-
Authentication, authorization, and accounting (AAA)
-
Cloud vs. on-premises requirements
-
Quiz 2.41 Quiz
-
2.5: Implementing cybersecurity resilienceWhat is redundancy?
-
Disk redundancy (RAID levels)
-
Network redundancy
-
Power redundancy
-
Replication
-
Backup types (full, incremental, differential, and snapshot)
-
Backup types practice scenarios
-
Backup devices and strategies
-
Quiz: Backup types, devices, and strategies1 Quiz
-
Non-persistence
-
Restoration order
-
Diversity
-
Quiz 2.51 Quiz
-
2.6: Security implications of embedded and specialized systemsWhat are embedded systems?
-
System on a Chip (SoC)
-
SCADA and ICS
-
Internet of Things (IoT)
-
Specialized systems
-
VoIP, HVAC, Drones/AVs, MFP, RTOS, Surveillance systems
-
Communication considerations
-
Important constraints
-
2.7: Importance of physical security controlsBollards/barricades, Mantraps, Badges, Alarms, Signage
-
Lighting and fencing
-
Cameras and Closed-circuit television (CCTV)
-
Industrial camouflage
-
Personnel, robots, drones/UAVs
-
Locks
-
Different sensors
-
Fire suppression
-
Protected cable distribution (PCD)
-
Secure areas (air gap, faraday cages, DMZ, etc…)
-
Hot and cold aisles
-
Secure data destruction
-
USB data blocker
-
Quiz 2.71 Quiz
-
2.8: Basics of cryptographyCommon use cases
-
Key length
-
Key stretching
-
Salting, hashing, digital signatures
-
Perfect forward secrecy
-
Elliptic curve cryptography
-
Ephemeral
-
Symmetric vs. asymmetric encryption
-
Key exchange
-
Cipher suites
-
Modes of operation
-
Lightweight cryptography and Homomorphic encryption
-
Steganography
-
Blockchain
-
Quantum and post-quantum
-
Limitations
-
Quizzes 2.82 Quizzes
-
Domain 3: ImplementationAbout implementation
-
3.1: Implement Secure ProtocolsImportant protocols to know and use cases
-
Important email secure protocols
-
IPsec and VPN
-
FTPS, SFTP, SCP
-
DNSSEC
-
SRTP and NTPsec
-
DHCP
-
SNMP and SNMPv3
-
Quiz 3.11 Quiz
-
3.2: Implement host or application security solutionsEndpoint protection
-
Self-encrypting drive (SED), full disk encryption (FDE), and file-level encryption
-
Boot integrity
-
Database and data security
-
Application security
-
Hardening hosts
-
Sandboxing
-
Quiz 3.21 Quiz
-
3.3: Implement secure network designsDNS
-
Load balancing
-
Network segmentation
-
East-West and North-South
-
Jump servers (bastion hosts)
-
Network Address Translation (NAT) Gateway
-
Proxy servers
-
Out-of-band management
-
Quiz 3.3.11 Quiz
-
Virtual Private Networks (VPNs) and IPsec
-
Network Access Control (NAC)
-
Port security
-
Network-based intrusion detection system (NIDS) and network-based intrusion prevention system (NIPS)
-
Firewalls
-
Next-Generation Firewalls
-
Access Control List (ACL) and Security Groups (SGs)
-
Quiz 3.3.21 Quiz
-
Quality of Service (QoS)
-
Implications of IPv6
-
Port scanning and port mirroring
-
File integrity monitors
-
Quiz 3.3.31 Quiz
-
3.4: Install and configure wireless security settingsCryptographic protocols
-
Methods
-
Authentication protocols
-
Installation considerations
-
Quiz 3.41 Quiz
-
3.5: Implement secure mobile solutionsConnection methods and receivers
-
Mobile deployment models
-
Mobile device management (MDM)
-
Mobile devices
-
Enforcement and monitoring
-
Quiz 3.51 Quiz
-
3.6: Apply cybersecurity solutions to the cloudCloud security controls
-
Secure cloud storage
-
Secure cloud networking
-
Secure cloud compute resources
-
Secure cloud solutions
-
Quiz 3.61 Quiz
-
3.7: Implement identity and account management controlsUnderstanding identity
-
Account types to consider
-
Account policies to consider
-
Quiz 3.71 Quiz
-
3.8: Implement authentication and authorization solutionsAuthentication management
-
Authentication protocols and considerations
-
Extensible Authentication Protocol (EAP)
-
RADIUS and TACACS+
-
Kerberos, LDAP, and NTLM
-
Federated Identities
-
Access control schemes
-
Recap notes from this section
-
Quiz 3.81 Quiz
-
3.9: Implement public key infrastructureWhat is public key infrastructure?
-
Types of certificates
-
Certificate formats
-
Important concepts
-
Quiz 3.91 Quiz
-
4.0: Operations and Incident ResponseAbout operations and incident response
-
4.1: Use the appropriate tools to assess organizational securityNetwork reconnaissance and discovery part 1
-
Network reconnaissance and discovery part 2
-
File manipulation
-
Shell and script environments
-
Packet capture and replay
-
Forensics tools
-
Exploitation frameworks
-
Password crackers
-
Data sanitization
-
Quiz 4.11 Quiz
-
4.2: Policies, processes, and procedures for incident responseIncident response plans
-
Incident response process
-
Important exercises
-
Important attack frameworks
-
BCP, COOP, and DRP
-
Incident response team and stakeholder management
-
Retention policies
-
Quiz 4.21 Quiz
-
4.3: Using appropriate data sources to support investigations after an incidentVulnerability scan outputs
-
SIEM dashboards
-
Log files
-
Syslog, rsyslog, syslog-ng
-
Journald and journalctl
-
NXLog
-
Bandwidth and network monitors
-
Important and useful metadata
-
Quiz 4.31 Quiz
-
4.4: Applying mitigation techniques or controls to secure environments during an incidentReconfiguring endpoint security solutions
-
Configuration changes
-
Isolation, containment, and segmentation
-
Secure Orchestration, Automation, and Response (SOAR)
-
Quiz 4.41 Quiz
-
4.5: Key aspects of digital forensicsDocumentation and evidence
-
E-discovery, data recovery, and non-repudiation
-
Integrity and preservation of information
-
Acquisition
-
On-premises vs. cloud
-
Strategic intelligence and counterintelligence
-
Quiz 4.51 Quiz
-
Domain 5: Governance, Risk, and ComplianceAbout governance, risk and compliance
-
5.1: Compare and contrast various types of controlsCategories
-
Control types
-
Quiz 5.11 Quiz
-
5.2: Applicable regulations, standards, or frameworks that impact organizational security postureRegulations, standards, and legislation
-
Key frameworks to know about
-
Benchmarks and secure configuration guides
-
Quiz 5.21 Quiz
-
5.3: Importance of policies to organizational securityPersonnel
-
User training
-
Third-party risk management
-
Data
-
Credential policies
-
Organizational policies
-
Quiz 5.31 Quiz
-
5.4 Risk management processes and conceptsTypes of risks
-
Risk management strategies
-
Risk analysis
-
Disasters
-
Business impact analysis
-
Quiz 5.41 Quiz
-
5.5: Privacy and sensitive data concepts in relation to securityOrganizational consequences of privacy breaches
-
Notifications of breaches
-
Data types
-
Privacy enhancing technologies
-
Roles and responsibilities
-
Quiz 5.51 Quiz
-
Course Recap and Next StepsLooking for the practice exams?
-
Receiving your Certificate of Completion
Like I mentioned in the prior video, if your idea of studying is simply to watch back-to-back videos or read a book from start to finish, then this is an important lesson for you.
That’s one of the least effective ways of studying so I’m going to share multiple different tactics and techniques you can try to use to increase the effectiveness of your studies.
I’m not going to deep dive into each of these topics, because there are many resources that cover them in much more detail than I could, so I’ll tell you about them and then I’ll show you resources and references so that you can further research them if you’re interested!
With that, let’s get started.
Pick your study time wisely
If you can, try to pick the time of day when you study to be the time of day when you will be taking the actual exam.
The reason you want to do that is because if you’re able to do it for at least a few days, or preferably a few weeks, it will “train” your brain to be in the zone. It can help facilitate memories related to the topic and will all around make the testing experience a little bit easier.
That’s not always possible, of course, but it can help if you can do it.
Spaced repetition
Spaced repetition – helps avoid cramming (which does not work)
A lot of people tell themselves they’ll start studying earlier than needed and “do it right this time!” But then time goes by, they get closer to the exam date, and they start cramming. The problem is that our brains don’t function like that. They’re not good at receiving massive amounts of information all at once and then remember it.
A much more effective method is to space out your study sessions, and a helpful way to do that is to follow the spaced repetition method.
Flashcards
For creating flashcards, I’ve heard Anki is a helpful tool.
Anki is built around the spaced repetition method, so it can be a helpful way of creating flashcards that have this method built-in.
Retrospective timetables
Retrospective Timetables – helps organize your studying
Planning out study sessions — especially since you will be using spaced repetition now, right? — can be a challenge.
This post on using retrospective revision timetables by Ali Abdaal (the popular YouTuber) offers a spin on standard prospective timetables. It’s definitely worth the quick read to get a general idea of the purpose and how it all works.
The Feynman technique
The Feynman technique – aka “the best way to learn anything”
If you’ve ever heard of ELI5 (”Explain it like I’m 5”), then you’ve heard of the Feynman technique. The entire point is to choose a topic you want to learn about, explain it to someone much younger — lets be realistic and say a 12 years old instead of 5 — and then let’s keep improving our explanation until it’s as simple as we can make it.
If that 12 year old still doesn’t understand what you’re trying to explain, then you don’t fully understand it yourself and need to continue refining your explanation.
This is brilliant because the more you have to work on explaining it, the more you will end up understanding the topic and the more you will remember it. It becomes deeper knowledge.
So I challenge you: as you go through my course, a good test of whether concepts are sticking or not is to try and explain them to someone else in simple terms. It could even be a family member or someone with little knowledge of IT. If you can’t explain it in simple terms, then you don’t yet understand it.
The SQ3R & PQ4R method
The SQ3R method & PQ4R method – especially helpful for books
Next, let’s talk about both the SQ3R and PQ4R methods.
SQ3R is a reading comprehension method that has 5 steps:
- Survey
- Question
- Read
- Recite
- Review
Before you even read a chapter, take a look at the title and read the introduction or summary. Use that information to start framing the subject you’re about to read and to focus on the most important points. Next, use headers, images, and other aids like italics or bold fonts to organize your mind as you prepare to read the chapter itself.
After that, turn the headings for each section into as many questions as you can think will be answered in that section. This forces your mind to actively look for answers which makes the reading far more engaging.
Then, read one section at a time with your questions in mind and look for answers.
After each section, stop and recall your questions and see if you can answer them from memory. If you can’t, then look back at the text again until you can.
Finally, once you’ve completed the chapter, go back over the questions you created for each header and see if you can still answer them. If you can’t, look back through the text to refresh your memory until you can.
The PQ4R method is very similar, although this breakdown is a bit different so it’s a helpful technique to compare with to see what works best for you.
Active recall
Active recall – helpful for both courses and books
Whether you are watching video lessons or reading chapters, once you’ve completed a section or lesson, close the book or change screens, then write down everything you remember about the topic.
After you’ve run out of things to write down, go back to the lesson window or re-open the book and compare.
Look for anything important you missed or that’s wrong, and try again at a later time.
Another approach is to test yourself by writing down questions about the topic and attempting to answer those questions from memory.
This is why I include quizzes after each section of the course so that you can get quizzed right away and not just at the very end of the course with large practice exams. However, don’t just stop there. Write your own questions as you go through the material, and make yourself answer those questions after going through the material until you get them right.
Mind mapping and Spider Diagrams
Mind mapping and Spider Diagrams – especially helpful for visual learners & organizing topics
You’ve probably seen or used mind maps before, but you essentially start by writing down a topic at the center of the page, and then you work outward in all directions to create a diagram of related keywords, phrases, concepts, facts, and figures.
A similar but slightly different approach is using spider diagrams. They look like mind maps, but they are logically organized and not as creative as mind maps.
This can be a helpful approach for note-taking and to help organize your brain or to combine with active recall.
Major Method System & Memory/Mind Palace
Major Method System & Memory/Mind Palace – helpful for memorizing facts and numbers (like port numbers)
The Major Method System converts numbers into consonant sounds and then into words by adding vowels. This system works on the principle that images can be remembered more easily than numbers. This can be a little bit weird at first, so I’ll let you research it further if you’re interested.
In combination, we can also use a Memory or Mind Palace approach. This approach uses the power of visualization to place facts you need to remember in this mental construct you create. Again, it can be a bit weird at first, so I’ll let you research it further if interested :).
Cornell Note Taking System
Cornell Note Taking System – helps take much more useful notes through its format and by having you ask questions instead of writing down what was said or read
We talked a little bit about this already, but this note-taking system takes it a bit further and really focuses on notes instead of active recall.
Let’s walk through some examples. Let’s say you’re going through domain 1.1 of the course which talks about various topics that are fairly similar, like phishing vs. vishing vs. whaling. For your notes, you could ask and answer:
- The difference between phishing and vishing is ___?
- The difference between phishing and whaling is ___?
It works for a bunch of topics, like:
- The difference between bug bounties and pentests is ___?
- What are the different types of malware?
- What is the difference between ransomware and crypto malware?
Another challenge: as you go through my content and think of questions…write them down. If I don’t answer them in a way that satisfies your question, then further research the topic until you get your answer. The process of thinking about the answer and/or further searching for the answer will help a lot.
References & Conclusion
Finally, this is a really helpful video that ties in best practices for studying if you need more help in this area. One of the key points made in the video is to study with friends. To find others studying for the Security+ exam who can help hold you accountable, join our Discord!
Another helpful video is “How I take notes as an Engineering Student” so feel free to check that out if you need help in that area, or to share your questions and thoughts below in the comments.
That’s it for this lesson! Go ahead and complete it, and I’ll see you in the next.
zettelkasten method, I’m not really sure if it works for the IT field but yeah…