Table of Contents

1.1 Security principles
1.2 Vulnerabilities
1.3 Threat actors and attack vectors
1.4 Threat intelligence and research sources
1.5 Social engineering
1.6 Social engineering: Physical and technical-based attacks
1.7 Social engineering: Social-based attacks
1.8 Malware
1.9 Malware: Spread, block, and spy
1.10 Malware: Mislead and hide

2.1 Principles
2.2 Authentication: Factors
2.3 Authentication: Methods
2.4 Authentication: Biometrics
2.5 Authentication protocols: PAP and CHAP
2.6 Authentication protocols: Kerberos
2.7 Authentication protocols: EAP and IEEE 802.1X
2.8 Authentication protocols: RADIUS and TACACS+
2.9 Authentication and authorization on the Internet: SAML, OpenID, and OAuth
2.10 Accounts: Types and policies
2.11 Accounts: Controls and maintenance
2.12 Access control models: DAC and MAC
2.13 Access control models: Role, rule, and attribute-based
2.14 Access control: Filesystem permissions, privileged access management, and conditional access

3.1 Cryptographic principles
3.2 Historical cryptosystems
3.3 Encryption
3.4 Symmetric encryption: Stream cipher
3.5 Symmetric encryption: Block cipher
3.6 Asymmetric encryption
3.7 Cryptographic hash functions
3.8 Message Authentication Code (MAC)
3.9 Digital signatures
3.10 Digital certificates
3.11 Public Key Infrastructure (PKI)

4.1 DDoS, DNS poisoning, and domain hijacking
4.2 ARP poisoning, MAC flooding, and MAC cloning
4.3 On-path attacks: Man-In-The-Middle and Man-In-The-Browser

5.1 POPS, IMAPS, and S/MIME
5.2 SSH, FTPS, and SFTP
5.3 SRTP, LDAPS, and HTTPS
5.4 SNMPv3
5.5 IPSec

6.1 Network segmentation and VLAN
6.2 Firewalls: Types and security appliances
6.3 Firewalls: Host-based, virtual, and application
6.4 Network intrusion detection and prevention systems (NIDS/NIPS)
6.5 Virtual Private Networks (VPNs)
6.6 Port security
6.7 Load balancing
6.8 Data center traffic, Intranet, and Extranet

7.1 Wireless Communications
7.2 Common wireless connectivity
7.3 WLAN standards
7.4 WLAN design
7.5 WLAN security standards
7.6 WLAN authentication and attacks
7.7 Bluetooth security
7.8 Embedded systems
7.9 Mobile devices

8.1 Cross-site scripting
8.2 Cross-site and server-side request forgeries (CSRF and SSRF)
8.3 Memory vulnerabilities: Buffer and integer overflows, memory leak, and pointer dereferencing
8.4 Replay attack and pass the hash
8.5 Injection attacks: SQL, XML, LDAP, and DLL
8.6 Race condition and resource exhaustion
8.7 Device driver manipulation and privilege escalation
8.8 Directory traversal, API attacks, and SSL stripping

9.1 Application environments, provisioning, and version control
9.2 Secure coding practices
9.3 Elasticity, scalability, and software diversity
9.4 Database security
9.5 Code review, fuzzing, and automation
9.6 OWASP and input validation

10.1 Endpoint protection: EDR and anti-malware
10.2 Endpoint protection: DLP and host-based systems
10.3 Endpoint hardening: Disk, registry, ports, and services
10.4 Endpoint hardening: Software updates and patch management
10.5 Boot integrity

11.1 Cloud computing and deployment models
11.2 Containers, serverless and microservices architectures
11.3 Virtualization
11.4 Software-Defined Networking
11.5 Storage, Network, and Compute Security Controls
11.6 Cloud security solutions

12.1 Guards, badges and sensors
12.2 Site security and data destruction
12.3 Secure areas

13.1 Regulations and Standards
13.2 Frameworks
13.3 Configuration Guides
13.4 Documentation
13.5 Plans and Policies
13.6 Personnel Training

14.1 IR Development
14.2 IR Identification Resources
14.3 IR Containment and Eradication Techniques
14.4 IR Attack Frameworks and Exercises

15.1 Risks
15.2 Managing risk
15.3 Disaster and Analysis

16.1 Vulnerability management
16.2 Security vulnerabilities
16.3 Penetration testing
16.4 Training and exercises
16.5 Summary

17.1 Digital forensic concepts
17.2 Conducting digital forensics
17.3 Reporting
17.4 Digital forensics and intelligence
17.5 Summary

18.1 Privacy breaches
18.2 Data classifications and privacy technologies
18.3 Privacy lifecycle and agreements

19.1 High availability and restoration
19.2 Redundancy
19.3 Data protection

1. Introduction to Security Labs
1.1 zyLab training: Basics
1.2 LAB: Malware
1.3 LAB: Credential harvesting using Email phishing
1.4 LAB: Account management
1.5 LAB: Account management (CA)
1.6 LAB: Asymmetric cryptography
1.7 LAB: Public Key Infrastructure (PKI)
1.8 LAB: Denial-of-Service (DoS) attacks
1.9 LAB: Secure shell (SSH)
1.10 LAB: Firewalls
1.11 LAB: Virtual private network (VPN)
1.12 LAB: RADIUS Server
1.13 LAB: Pass the hash
1.14 LAB: Application fuzzing
1.15 LAB: Host security
1.16 LAB: Secure virtualization

Teach security and CompTIA Security+ certification with the only interactive course and labs designed specifically for classroom instruction


Introduction to Security with CompTIA Security+ is the first complete course with labs designed for the classroom (live or online), presenting in-depth fundamentals of security with the skills required to succeed on the CompTIA Security+ certification exam.

  • Advanced auto-graded virtual machine-based labs are built in-house by zyBooks authors and fully integrated with the interactive content, saving you prep and grading time
  • Customizable course material is continually updated and new labs are added regularly
  • Updated practice exam questions cover everything you need to prepare students for the Security+ (SY0-601) certification
Stop struggling to mash self-study guides with outdated labs to teach your class; get started right away

Lead author, Professor Babak Shoraka, discusses the challenges in IT security instruction:

What is a zyBook?


Introduction to Security with CompTIA Security+ is a web-native, interactive zyBook that helps students visualize concepts to learn faster and more effectively than with a traditional textbook. (Check out our research.)

Since 2012, over 1,200 universities and colleges across the country have adopted web-native zyBooks to transform their STEM education.

zyBooks benefit both students and instructors:

  • Instructor benefits
  • Customize your course by reorganizing existing content or adding your own
  • Continuous publication model automatically updates your course with the latest content and technologies
  • Robust reporting gives you insight into students’ progress, reading and participation
  • Save time with auto-graded labs and challenge activities that seamlessly integrate with your LMS gradebook
  • Build quizzes and exams with included test questions
  • Student benefits
  • Learning questions and other content serve as an interactive form of reading
  • Instant feedback on labs and homework
  • Concepts come to life through extensive animations embedded into the interactive content
  • Save chapters as PDFs to reference the material at any time
  • Self-study practice exams to help prepare for certification

The Power of zyBooks Labs


All labs in Introduction to Security with CompTIA Security+ are developed in-house by zyBooks authors and run on live virtual machines, the gold standard in IT education.

These VM-based lab assignments expose students to the complex challenges of real systems, allowing them to apply theoretical concepts to real hardware, operating systems, applications and tools.

In this video, Dr. Shoraka demonstrates the power of zyBooks VM-based labs:

Author

Dr. Babak Shoraka
Information Technology Content Lead / MSc Software and Systems Security – University of Oxford / MS Computer Science – University of Florida / PhD Information Systems – Nova Southeastern University

Contributors

Daniel Goodman
Information Technology Content Developer / MS Information Systems / Pace University

Frank Marsaglia
Information Technology Content Developer / MS Computer Science / University of Illinois–Springfield

Erica Perich
Associate Content Developer / BS Mathematics Education / Brigham Young University

Instructors: Interested in evaluating this zyBook for your class?