Table of Contents
1. Introduction to Security
1.1 Security principles
1.2 Vulnerabilities
1.3 Threat actors and attack vectors
1.4 Social engineering
1.5 Social engineering: Physical and technical-based attacks
1.6 Social engineering: Social-based attacks
1.7 Malware
1.8 Malware: Spread, block, and spy
1.9 Malware: Mislead and hide
1.10 Security control types
1.11 LAB: Basics (Walkthrough)
1.12 LAB: Basics (Scenario)
1.13 LAB: Malware (Walkthrough)
1.14 LAB: Credential harvesting using email phishing (Walkthrough)
2. Identity and Access Management
2.1 Principles
2.2 Authentication: Factors
2.3 Authentication: Methods
2.4 Authentication: Biometrics
2.5 Authentication protocols: PAP and CHAP
2.6 Authentication protocols: Kerberos
2.7 Authentication protocols: EAP and IEEE 802.1X
2.8 Authentication protocols: RADIUS and TACACS+
2.9 Authentication and authorization on the Internet: SAML, OpenID, and OAuth
2.10 Accounts: Types and policies
2.11 Accounts: Controls and maintenance
2.12 Access control models: DAC and MAC
2.13 Access control models: Role, rule, and attribute-based
2.14 Access control: Filesystem permissions, privileged access management, and conditional access
2.15 LAB: Account management (Walkthrough)
2.16 Â LAB: Account management (Scenario)
2.17 LAB: Securing accounts (Walkthrough)
3. Cryptography
3.1 Cryptographic principles
3.2 Historical cryptosystems
3.3 Encryption
3.4 Symmetric encryption: Stream cipher
3.5 Symmetric encryption: Block cipher
3.6 Asymmetric encryption
3.7 Cryptographic hash functions
3.8 Message Authentication Code (MAC)
3.9 Digital signatures
3.10 Digital certificates
3.11 Public Key Infrastructure (PKI)
3.12 Blockchain
3.13 Obfuscation methods
3.14 LAB: Asymmetric cryptography (Walkthrough)
3.15 LAB: Securing email communications (Scenario)
3.16 LAB: Public Key Infrastructure (PKI) (Walkthrough)
4. Network Attacks and Secure Network Protocols
4.1 DDoS, DNS poisoning, and domain hijacking
4.2 ARP poisoning, MAC flooding, and MAC cloning
4.3 On-path attacks: Man-In-The-Middle and Man-In-The-Browser
4.4 POPS, IMAPS, and S/MIME
4.5 SSH, FTPS, and SFTP
4.6 SRTP, LDAPS, and HTTPS
4.7 SNMPv3
4.8 IPSec
4.9 LAB: Network enumeration (Walkthrough)
4.10 LAB: Â Security audit through network scanning (Scenario)
4.11 LAB: Denial-of-Service (DoS) attacks (Walkthrough)
4.12 LAB: Secure shell (SSH) (Walkthrough)
4.13 LAB: HTTPS (Walkthrough)
5. Secure Network Design
5.1 Network segmentation and VLAN
5.2 Zero trust
5.3 Firewalls: Types and security appliances
5.4 Firewalls: Host-based, virtual, and application
5.5 Network intrusion detection and prevention systems (NIDS/NIPS)
5.6 Virtual Private Networks (VPNs)
5.7 Port security
5.8 Load balancing
5.9 Data center traffic, intranet, and extranet
5.10 LAB: Firewalls (Walkthrough)
5.11 LAB: Securing the network (Scenario)
5.12 Â LAB: Virtual private network (VPN) (Walkthrough)
6. Wireless, Mobile, and IoT Security
6.1 Wireless communications
6.2 Common wireless connectivity
6.3 WLAN standards
6.4 WLAN design
6.5 WLAN security standards
6.6 WLAN authentication and attacks
6.7 Bluetooth security
6.8 Embedded systems
6.9 Mobile devices
6.10 LAB: RADIUS server (Walkthrough)
6.11 LAB: Wireless attacks (Walkthrough)
7. Application Attacks
7.1 Cross-site scripting
7.2 Cross-site and server-side request forgeries (CSRF and SSRF)
7.3 Memory vulnerabilities: Buffer and integer overflows, memory leak, and pointer dereferencing
7.4 Replay attack and pass the hash
7.5 Injection attacks: SQL, XML, LDAP, and DLL
7.6 Race condition and resource exhaustion
7.7 Driver manipulation, privilege escalation, and password attacks
7.8 Directory traversal, API attacks, and SSL stripping
7.9 LAB: Pass the hash (Walkthrough)
7.10 LAB: Cross-site scripting (XSS) attacks (Walkthrough)
8. Secure Application Development
8.1 Application environments, provisioning, and version control
8.2 Secure coding practices
8.3 Elasticity, scalability, and software diversity
8.4 Database security
8.5 Email security
8.6 Code review, fuzzing, and automation
8.7 OWASP and input validation
8.8 LAB: Application fuzzing (Walkthrough)
8.9 LAB: SQL injection (Walkthrough)
9. Endpoint Security
9.1 Endpoint protection: EDR and anti-malware
9.2 Endpoint protection: DLP and host-based systems
9.3 Endpoint hardening: Disk, registry, ports, and services
9.4 Endpoint hardening: Software updates, patch management, and operating system vulnerabilities
9.5 Boot integrity
9.6 LAB: Host security (Walkthrough)
9.7 LAB: Linux hardening (Walkthrough)
9.8 LAB: Securing endpoints (Scenario)
10. Cloud Security
10.1 Cloud computing and deployment models
10.2 Containers, serverless, and microservices architectures
10.3 Virtualization
10.4 Software-defined networking
10.5 Storage, network, and compute security controls
10.6 Cloud security solutions
10.7 LAB: Secure virtualization (Walkthrough)
10.8 LAB: Cloud security (Walkthrough)
11. Cybersecurity Resilience and Physical Security
11.1 High availability and restoration
11.2 Redundancy
11.3 Data protection
11.4 Secure data destruction
11.5 Physical access controls
11.6 Equipment protection
11.7 LAB: Backup and restore (Walkthrough)
11.8 LAB: Securing data at rest (Scenario)
11.9 LAB: Redundant Array of Independent Disks (RAID) (Walkthrough)
12. Security Assessment
12.1 Vulnerability scans
12.2 Event management
12.3 Penetration testing
12.4 Security teams and TTP analysis
12.5 Threat intelligence and research sources
12.6 Indicators of attack and compromise
12.7 Security automation and orchestration
12.8 Vulnerability management
12.9 LAB: Vulnerability assessment with OpenVAS (Walkthrough)
12.10 LAB: Â Log management in Windows and Linux (Walkthrough)
12.11 LAB: Enhancing log management practices (Scenario)
13. Digital Forensics and Incident Response
13.1 Digital forensics
13.2 Digital evidence acquisition
13.3 Digital forensic investigations
13.4 IR development
13.5 IR identification resources
13.6 IR containment and eradication techniques
13.7 IR attack frameworks and exercises
13.8 LAB: Digital forensics (Walkthrough)
13.9 LAB: Digital forensics evidence acquisition (Walkthrough)
13.10 LAB: Analyzing data breaches through USB forensics (Scenario)
14. Security Standards and Policies
14.1 Laws, regulations, and standards
14.2 Frameworks
14.3 Configuration guides
14.4 Documentation
14.5 Asset management
14.6 Change management
14.7 Plans
14.8 Policies
14.9 Personnel training
14.10 Security awareness practices
14.11 LAB: Security policies (Walkthrough)
14.12 LAB: Enhancing security through policy implementation (Scenario)
15. Risk Management and Privacy
15.1 Risks
15.2 Risk analysis
15.3 Risk management
15.4 Disaster and analysis
15.5 Privacy breaches
15.6 Data classifications and privacy technologies
15.7 Privacy lifecycle and agreements
15.8 LAB: Business continuity planning (BCP) (Walkthrough)
16. Test banks
16.1 Introduction to Security Test Bank
16.2 Identity and Access Management Test Bank
16.3 Cryptography Test Bank
16.4 Network Attacks and Secure Network Protocols Test Bank
16.5 Secure Network Design Test Bank
16.6 Wireless, Mobile and IoT Security Test Bank
16.7 Application Attacks Test Bank
16.8 Secure Application Development Test Bank
16.9 Endpoint Security Test Bank
16.10 Cloud Security Test Bank
16.11 Cybersecurity Resilience and Physical Security Test Bank
16.12 Security Assessment Test Bank
16.13 Digital Forensics and Incident Response Test Bank
16.14 Security Standards and Policies Test Bank
16.15 Risk Management and Privacy Test Bank
16.16 Security Practice Test 1
16.17 Security Practice Test 2
Teach security and CompTIA Security+ certification with the only interactive course and labs designed specifically for classroom instruction
Updated for SY0-701 Topics
Introduction to Security with CompTIA Security+ is the first complete course with labs designed for the classroom (live or online), presenting in-depth fundamentals of security with the skills required to succeed on the CompTIA Security+ certification exam.
- Advanced auto-graded virtual machine-based labs are built in-house by zyBooks authors and fully integrated with the interactive content, saving you prep and grading time
- Customizable course material is continually updated and new labs are added regularly
- Updated practice exam questions cover everything you need to prepare students for the Security+ (SY0-701) certification
Stop struggling to mash self-study guides with outdated labs to teach your class; get started right away
Lead author, Professor Babak Shoraka, discusses the challenges in IT security instruction:
What is a zyBook?
Introduction to Security with CompTIA Security+ is a web-native, interactive zyBook that helps students visualize concepts to learn faster and more effectively than with a traditional textbook. (Check out our research.)
Since 2012, over 1,200 universities and colleges across the country have adopted web-native zyBooks to transform their STEM education.
zyBooks benefit both students and instructors:
- Instructor benefits
- Customize your course by reorganizing existing content or adding your own
- Continuous publication model automatically updates your course with the latest content and technologies
- Robust reporting gives you insight into students’ progress, reading and participation
- Save time with auto-graded labs and challenge activities that seamlessly integrate with your LMS gradebook
- Build quizzes and exams with included test questions
- Student benefits
- Learning questions and other content serve as an interactive form of reading
- Instant feedback on labs and homework
- Concepts come to life through extensive animations embedded into the interactive content
- Save chapters as PDFs to reference the material at any time
- Self-study practice exams to help prepare for certification
The Power of zyBooks Labs
All labs in Introduction to Security with CompTIA Security+ are developed in-house by zyBooks authors and run on live virtual machines, the gold standard in IT education.
These VM-based lab assignments expose students to the complex challenges of real systems, allowing them to apply theoretical concepts to real hardware, operating systems, applications and tools.
In this video, Dr. Shoraka demonstrates the power of zyBooks VM-based labs:
Author
Dr. Babak Shoraka
Information Technology Content Lead / MSc Software and Systems Security – University of Oxford / MS Computer Science – University of Florida / PhD Information Systems – Nova Southeastern University
Contributors
Daniel Goodman
Information Technology Content Developer / MS Information Systems / Pace University
Frank Marsaglia
Information Technology Content Developer / MS Computer Science / University of Illinois–Springfield
Erica Perich
Associate Content Developer / BS Mathematics Education / Brigham Young University