CompTIA Security+ یک گواهینامه استاندارد صنعتی و شناخته شده است که مهارت های مورد نیاز برای موفقیت در حرفه امنیت سایبری را پوشش می دهد. در این دوره، با پوشش اولین حوزه دانش – مفاهیم عمومی امنیت، با کنترل های امنیتی اساسی و انواع کنترل های قابل استفاده آشنا می شوید. علاوه بر این، ما به موضوعات مرتبط با زیرساخت ها، مدیریت هویت و حساب و مفاهیم مختلف رمزنگاری خواهیم پرداخت. شما در مورد چرایی اهمیت مدیریت در یک سازمان و بخش های مختلف یک برنامه مدیریت تغییر موفق، خواهید آموخت. ما این اولین دامنه را با نگاهی به محیطهای PKI جمعبندی میکنیم، و از راههای مختلف رمزگذاری میتوان برای پشتیبانی از نیازهای محرمانه و یکپارچگی سازمان استفاده کرد.
لینک دانلود مجموعه آموزش دوره سکیوریتی پلاس INE – CompTIA Security+ Domain 1-2-3
حجم: 6.5 گیگابایت
دانلود – بخش اول
دانلود – بخش دوم
دانلود – بخش سوم
دانلود – بخش چهارم
دانلود – بخش پنجم
دانلود – بخش ششم
دانلود – بخش هفتم
Security Domain 3 SecurityResilience
Date: 2024
Publisher: INE
By: Brian Olliff
Course Duration: 27h 7m
Format: Video + Slide
Difficulty Level: Novice
Website: Link
The CompTIA Security+ is an industry-standard, well recognized certification that covers the skills needed to succeed in a cybersecurity career. In this course, covering the first knowledge domain – General Security Concepts, you’ll learn about fundamental security controls and the various types of controls that can be used. In addition, we’ll go over topics related to zero trust infrastructure, identity and account management, and various cryptography concepts. You’ll learn about why change management is important in an organization, and the various parts of a successful change management program. We’ll wrap up this first domain looking at PKI environments, and the various ways encryption can be used to support an organization’s confidentiality and integrity needs.
Welcome
Introduction
Activities:1
Course Introduction
Lessons
Security
Activities:12
Security Controls
Test your knowledge: Security Controls
Fundamental Security Concepts
Test your knowledge: Fundamental Security Concepts
Authentication, Authorization & Accounting
Test your knowledge: Authentication, Authorization & Accounting
Zero Trust
Test your knowledge: Zero Trust
Physical Security
Test your knowledge: Physical Security
Deception & Disruption Techniques
Test your knowledge: Deception & Disruption Techniques
Changes
Activities:6
Change Management Operations
Test your knowledge: Change Management Operations
Change Management Technical Considerations
Test your knowledge: Change Management Technical Considerations
Documenting Changes
Test your knowledge: Documenting Changes
Encryption
Activities:14
Encryption Types
Test your knowledge: Encryption Types
Symmetric Key Encryption
Asymmetric Encryption
PKI
Test your knowledge: PKI
Self-Signed Certificate
Encryption Tools
Test your knowledge: Encryption Tools
Cryptographic Solutions
Test your knowledge: Cryptographic Solutions
Exploring Hashing Algorithms
Obfuscation: Steganography
Checksum
Goodbye
Conclusion
Activities:1
Course Conclusion
Security+ Domain 2: Threats, Vulnerabilities & Mitigations
The CompTIA Security+ is an industry-standard, well-recognized certification that covers the skills needed to succeed in a cybersecurity career. In this course, we’ll go over the second domain of topics covered in the exam: Threats, Vulnerabilities, and Mitigations. We’ll start by taking a look at the various types of threat actors and attackers, and some of their various motivations. In addition, you’ll learn about various attack surfaces and threat vectors and some methods to protect them. We’ll cover several different types of vulnerabilities from application vulnerabilities to hardware and physical ones, in addition to the multiple types of attacks that can target these various vulnerabilities. To wrap up this second domain, you’ll learn about how to spot possible malicious activity, and how to introduce some mitigations and hardening techniques to better protect an organization’s infrastructure.
Welcome
Introduction
Activities:1
Course Introduction
Attacks
Attackers
Activities:3
Attackers
Attacker Motivations
Test your knowledge: Attacker Motivations
Attack Surfaces & Vectors
Activities:9
Attack Surfaces
Test your knowledge: Attack Surfaces
Threat Vectors
Test your knowledge: Threat Vectors
Understanding Threat Vectors: Open Service Ports
Understanding Threat Vectors: Files
Social Engineering
Test your knowledge: Social Engineering
Understanding Threat Vectors: Human Vectors (Typosquatting)
Vulnerabilities & Attacks
Activities:20
Vulnerabilities
Test your knowledge: Vulnerabilities
Application & Web Vulnerabilities
Test your knowledge: Application & Web Vulnerabilities
Understanding Vulnerabilities: Web-based (XSS)
Understanding Vulnerabilities: Web-based (SQLI)
Hardware & Virtualization Vulnerabilities
Malware Attacks
Test your knowledge: Malware Attacks
Malware Attacks: Keyloggers
Physical & Network Attacks
Test your knowledge: Physical & Network Attacks
Application-based Attacks
Test your knowledge: Application-based Attacks
Application Attacks: Directory Traversal
Cryptographic & Password Attacks
Test your knowledge: Cryptographic & Password Attacks
Password Attacks: Password Spraying
Indicators of Compromise
Test your knowledge: Indicators of Compromise
Mitigations
Mitigation & Hardening
Activities:6
Mitigation Techniques
Test your knowledge: Mitigation Techniques
Endpoint Mitigation & Protection
Test your knowledge: Endpoint Mitigation & Protection
System Hardening Techniques
Test your knowledge: System Hardening Techniques
Goodbye
Conclusion
Activities:1
Course Conclusion
Security+ Domain 3: Security Architecture
The CompTIA Security+ is an industry-standard, well recognized certification that covers the skills needed to succeed in a cybersecurity career. In this course, we’ll go over the third domain of topics covered in the exam: Security Architecture. We’ll start by taking a look at what makes up an organization’s IT systems, the various architectures that are available, and then infrastructure that they consist of. We’ll look at cloud-based technologies as well as on-premise systems, virtualization and embedded systems, plus what sort of considerations should go into the selection and securing processes. In addition, you’ll learn about various data types and how they can be classified and some of the options for properly securing and protecting an organization’s data. Since no systems can have 100% uptime, we’ll wrap up this course by discussing options for deploying and configuring a resilient architecture to ensure business operations can continue in the event of systems failures or disasters.
Welcome
Introduction
Activities:1
Course Introduction
Infrastructure Security
Architecture & Infrastructure
Activities:10
Network Infrastructure
Test your knowledge: Network Infrastructure
Cloud Infrastructure
Test your knowledge: Cloud Infrastructure
Cloud Architecture
Virtualization
Test your knowledge: Virtualization
IoT & ICS
Test your knowledge: IoT & ICS
Architecture Considerations
Secure Architecture
Activities:10
Infrastructure Considerations
Test your knowledge: Infrastructure Considerations
Network Security
Test your knowledge: Network Security
IDS (Snort)
Firewall (Windows Firewall)
Firewall (Pfsense)
Secure Communication
Test your knowledge: Secure Communication
VPN – IPsec Site-to-Site
Data Security & Resilience
Data Protection
Activities:6
Data Types
Test your knowledge: Data Types
Data Classification
Test your knowledge: Data Classification
Securing Data
Test your knowledge: Securing Data
Security Resilience
Activities:6
Resilient Architecture
Test your knowledge: Resilient Architecture
Business Continuity
Backups
Test your knowledge: Backups
Data Backup & Restore
Goodbye
Conclusion
Activities:1
Course Conclusion