INE – CompTIA Security+ Domain 1-2-3

CompTIA Security+ یک گواهینامه استاندارد صنعتی و شناخته شده است که مهارت های مورد نیاز برای موفقیت در حرفه امنیت سایبری را پوشش می دهد. در این دوره، با پوشش اولین حوزه دانش – مفاهیم عمومی امنیت، با کنترل های امنیتی اساسی و انواع کنترل های قابل استفاده آشنا می شوید. علاوه بر این، ما به موضوعات مرتبط با زیرساخت ها، مدیریت هویت و حساب و مفاهیم مختلف رمزنگاری خواهیم پرداخت. شما در مورد چرایی اهمیت مدیریت در یک سازمان و بخش های مختلف یک برنامه مدیریت تغییر موفق، خواهید آموخت. ما این اولین دامنه را با نگاهی به محیط‌های PKI جمع‌بندی می‌کنیم، و از راه‌های مختلف رمزگذاری می‌توان برای پشتیبانی از نیازهای محرمانه و یکپارچگی سازمان استفاده کرد.

Date: 2024
Publisher: INE
By: Brian Olliff
Course Duration: 27h 7m
Format: Video + Slide
Difficulty Level: Novice
Website: Link

The CompTIA Security+ is an industry-standard, well recognized certification that covers the skills needed to succeed in a cybersecurity career. In this course, covering the first knowledge domain – General Security Concepts, you’ll learn about fundamental security controls and the various types of controls that can be used. In addition, we’ll go over topics related to zero trust infrastructure, identity and account management, and various cryptography concepts. You’ll learn about why change management is important in an organization, and the various parts of a successful change management program. We’ll wrap up this first domain looking at PKI environments, and the various ways encryption can be used to support an organization’s confidentiality and integrity needs.

Welcome
Introduction

Activities:1

Course Introduction

Lessons
Security

Activities:12

Security Controls

Test your knowledge: Security Controls

Fundamental Security Concepts

Test your knowledge: Fundamental Security Concepts

Authentication, Authorization & Accounting

Test your knowledge: Authentication, Authorization & Accounting

Zero Trust

Test your knowledge: Zero Trust

Physical Security

Test your knowledge: Physical Security

Deception & Disruption Techniques

Test your knowledge: Deception & Disruption Techniques

Changes

Activities:6

Change Management Operations

Test your knowledge: Change Management Operations

Change Management Technical Considerations

Test your knowledge: Change Management Technical Considerations

Documenting Changes

Test your knowledge: Documenting Changes

Encryption

Activities:14

Encryption Types

Test your knowledge: Encryption Types

Symmetric Key Encryption

Asymmetric Encryption

PKI

Test your knowledge: PKI

Self-Signed Certificate

Encryption Tools

Test your knowledge: Encryption Tools

Cryptographic Solutions

Test your knowledge: Cryptographic Solutions

Exploring Hashing Algorithms

Obfuscation: Steganography

Checksum

Goodbye
Conclusion

Activities:1

Course Conclusion

Security+ Domain 2: Threats, Vulnerabilities & Mitigations
The CompTIA Security+ is an industry-standard, well-recognized certification that covers the skills needed to succeed in a cybersecurity career. In this course, we’ll go over the second domain of topics covered in the exam: Threats, Vulnerabilities, and Mitigations. We’ll start by taking a look at the various types of threat actors and attackers, and some of their various motivations. In addition, you’ll learn about various attack surfaces and threat vectors and some methods to protect them. We’ll cover several different types of vulnerabilities from application vulnerabilities to hardware and physical ones, in addition to the multiple types of attacks that can target these various vulnerabilities. To wrap up this second domain, you’ll learn about how to spot possible malicious activity, and how to introduce some mitigations and hardening techniques to better protect an organization’s infrastructure.

Welcome
Introduction
Activities:1

Course Introduction

Attacks
Attackers
Activities:3

Attackers

Attacker Motivations

Test your knowledge: Attacker Motivations

Attack Surfaces & Vectors
Activities:9

Attack Surfaces

Test your knowledge: Attack Surfaces

Threat Vectors

Test your knowledge: Threat Vectors

Understanding Threat Vectors: Open Service Ports

Understanding Threat Vectors: Files

Social Engineering

Test your knowledge: Social Engineering

Understanding Threat Vectors: Human Vectors (Typosquatting)

Vulnerabilities & Attacks
Activities:20

Vulnerabilities

Test your knowledge: Vulnerabilities

Application & Web Vulnerabilities

Test your knowledge: Application & Web Vulnerabilities

Understanding Vulnerabilities: Web-based (XSS)

Understanding Vulnerabilities: Web-based (SQLI)

Hardware & Virtualization Vulnerabilities

Malware Attacks

Test your knowledge: Malware Attacks

Malware Attacks: Keyloggers

Physical & Network Attacks

Test your knowledge: Physical & Network Attacks

Application-based Attacks

Test your knowledge: Application-based Attacks

Application Attacks: Directory Traversal

Cryptographic & Password Attacks

Test your knowledge: Cryptographic & Password Attacks

Password Attacks: Password Spraying

Indicators of Compromise

Test your knowledge: Indicators of Compromise

Mitigations
Mitigation & Hardening
Activities:6

Mitigation Techniques

Test your knowledge: Mitigation Techniques

Endpoint Mitigation & Protection

Test your knowledge: Endpoint Mitigation & Protection

System Hardening Techniques

Test your knowledge: System Hardening Techniques

Goodbye
Conclusion
Activities:1

Course Conclusion

Security+ Domain 3: Security Architecture
The CompTIA Security+ is an industry-standard, well recognized certification that covers the skills needed to succeed in a cybersecurity career. In this course, we’ll go over the third domain of topics covered in the exam: Security Architecture. We’ll start by taking a look at what makes up an organization’s IT systems, the various architectures that are available, and then infrastructure that they consist of. We’ll look at cloud-based technologies as well as on-premise systems, virtualization and embedded systems, plus what sort of considerations should go into the selection and securing processes. In addition, you’ll learn about various data types and how they can be classified and some of the options for properly securing and protecting an organization’s data. Since no systems can have 100% uptime, we’ll wrap up this course by discussing options for deploying and configuring a resilient architecture to ensure business operations can continue in the event of systems failures or disasters.
Welcome
Introduction
Activities:1

Course Introduction

Infrastructure Security
Architecture & Infrastructure
Activities:10

Network Infrastructure

Test your knowledge: Network Infrastructure

Cloud Infrastructure

Test your knowledge: Cloud Infrastructure

Cloud Architecture

Virtualization

Test your knowledge: Virtualization

IoT & ICS

Test your knowledge: IoT & ICS

Architecture Considerations

Secure Architecture
Activities:10

Infrastructure Considerations

Test your knowledge: Infrastructure Considerations

Network Security

Test your knowledge: Network Security

IDS (Snort)

Firewall (Windows Firewall)

Firewall (Pfsense)

Secure Communication

Test your knowledge: Secure Communication

VPN – IPsec Site-to-Site

Data Security & Resilience
Data Protection
Activities:6

Data Types

Test your knowledge: Data Types

Data Classification

Test your knowledge: Data Classification

Securing Data

Test your knowledge: Securing Data

Security Resilience
Activities:6

Resilient Architecture

Test your knowledge: Resilient Architecture

Business Continuity

Backups

Test your knowledge: Backups

Data Backup & Restore

Goodbye
Conclusion
Activities:1

Course Conclusion