CompTIA Security+ (Exam: SY0-701) Courseware

In this courseware, students will learn the skills and knowledge to evaluate an organization’s overall security posture and recommend suitable security solutions while maintaining adherence to applicable laws, regulations, and policies. This courseware will cover topics such as monitoring and securing mobile, enterprise network, cloud and Internet of Things (IoT) environments; threats, vulnerabilities, and their mitigation; incident response; governance, risk, and compliance; cryptography; data protection, and much more.

Chapter 1: General Security Concepts

• Introduction
• Fundamental Security Concepts
• Security Control Categories and Types
• Physical Security
• Change Management

 

Exam objectives covered in this chapter:

1.1 Compare and contrast various types of security controls.

1.2 Summarize fundamental security concepts.

1.3 Explain the importance of change management processes and the impact to security.

 

Chapter 2: Cryptographic Solutions and Threats

• Cryptography Concepts
• Implementations of Cryptography
• Cryptographic Tools
• Public Key Infrastructure (PKI)
• Threats
• Social Engineering

 

Exam objectives covered in this chapter:

1.4 Explain the importance of using appropriate cryptographic solutions.

2.1 Compare and contrast common threat actors and motivations.

2.2 Explain common threat vectors and attack surfaces

 

Chapter 3: Vulnerabilities, Indicators of Malicious Activity, and Mitigation

• Types of Vulnerabilities
• Indicators of Malicious Activity
• Mitigation Techniques to Secure the Enterprise

 

Exam objectives covered in this chapter:

2.3 Explain various types of vulnerabilities.

2.4 Given a scenario, analyze indicators of malicious activity.

2.5 Explain the purpose of mitigation techniques used to secure the enterprise.

 

Chapter 4: Secure Network and Cloud Architectures, and Data Protection

• Security Implications of Different Architecture Models
• Secure Enterprise Infrastructure
• Concepts and Strategies to Protect Data

 

Exam objectives covered in this chapter:

3.1 Compare and contrast security implications of different architecture models.

3.2 Given a scenario, apply security principles to secure enterprise infrastructure.

3.3 Compare and contrast concepts and strategies to protect data.

 

Chapter 5: Resilience and Recovery, Secure Computing Resources, and Asset Management

• Importance of Resilience and Recovery in Security Architecture
• Common Security Techniques for Computing Resources
• Secure Asset Management

 

Exam objectives covered in this chapter:

3.4 Explain the importance of resilience and recovery in security architecture.

4.1 Given a scenario, apply common security techniques to computing resources.

4.2 Explain the security implications of proper hardware, software, and data asset management.

 

Chapter 6: Vulnerability Management, Alerting and Monitoring, and Enhancing Enterprise Security

• Activities Associated with Vulnerability Management
• Security Alerting and Monitoring
• Modify Enterprise Capabilities to Enhance Security

 

Exam objectives covered in this chapter:

4.3 Explain various activities associated with vulnerability management.

4.4 Explain security alerting and monitoring concepts and tools.

4.5 Given a scenario, modify enterprise capabilities to enhance security.

 

Chapter 7: Identity and Access Management, Automation and Orchestration, Incident Response, and Log Data

• Implement and Maintain Identity and Access Management (IAM)
• Automation and Orchestration to Secure Operations
• Incident Response
• Log Data

 

Exam objectives covered in this chapter:

4.6 Given a scenario, implement and maintain identity and access management.

4.7 Explain the importance of automation and orchestration related to secure operations.

4.8 Explain appropriate incident response activities.

4.9 Given a scenario, use data sources to support an investigation.

 

Chapter 8: Governance and Risk Management

• Security Governance
• Risk Management Process
• Third-Party Risk Assessment and Management

 

Exam objectives covered in this chapter:

5.1 Summarize elements of effective security governance.

5.2 Explain elements of the risk management process.

5.3 Explain the processes associated with third-party risk assessment and management.

 

Chapter 9: Compliance, Audits and Assessments, and Security Awareness

• Security Compliance
• Audits and Assessments
• Security Awareness

 

Exam objectives covered in this chapter:

5.4 Summarize elements of effective security compliance.

5.5 Explain types and purposes of audits and assessments.

5.6 Given a scenario, implement security awareness practices.