CompTIA Security+ SY0-401

Explore Security+ SY0-401 exam domains, including four (application data and host security), with network security 20%, compliance and operational security 18%, threats and vulnerabilities 20%, identity management 15%, cryptography 12%.

Explore additional security goals, including authentication with username and password, digital signatures for non-repudiation, and CIA principles, and learn prevention, detection, and response strategies using backups and incident response.

Harden the operating system, enable antivirus, and close unused ports to reduce the attack surface. Deploy bastion hosts in the DMZ, apply host-based IDS, and enforce least privilege.

Discover layered security using patches, firewalls, and multiple access controls. Examine mandatory, role-based, rule-based, and discretionary access control, plus authentication methods—something you know, have, or are—and multi-factor options.

Review the chapter one concepts and revisit them throughout the course to strengthen familiarity. Keep these concepts in mind and strive to become as familiar as you can with them.

Explore organizational security by examining steps to institutionalize security approaches, including security policies, incident response, and proper procedures.

Outline the circular operational process for security programs, from planning to implementing, monitoring, evaluating, and adjusting, and examine physical and logical access controls, including access control lists and group policies.

Learn how password policies enforce access controls through time-based restrictions, expiration, length, and complexity, along with password history. Also examine hardware tokens and one-time codes in stronger authentication.

Demonstrate implementing a password policy on a single machine or domain. Remember the last eight passwords, set maximum age to 30 days, and enable complexity requiring three of four criteria.

Explain change management policies that require approvals and track impacts, along with information classification, acceptable use, internet usage, and email usage policies that govern access and behavior.

Understand policies implementing due care, due diligence, due process, separation of duties, least privilege, and need to know to protect data. Include disposal, destruction, privacy, and service level agreements.

Explore human resources policies governing hiring, background checks, promotions, retirement, separation, and terminations, ensuring equal treatment, with mandatory vacations, a code of ethics, and an incident response plan.

Summarizes the module's coverage of security policies and introduces a basic framework to guide enterprises in creating a security program or policy.

Explore how global cybercrime prompts legal responses, from the first international convention to national laws like the electronic communications privacy act and the computer fraud and abuse act.

Examine export controls on encryption under the Bureau of Industry and Security and the Wassa arrangement. Discuss electronic signatures, digital rights management, and privacy in commerce law.

Review ethics and privacy, and confirm familiarity with the major laws covered in this module, plus the legal issues and types of laws used in this area.

Explore how cryptography secures communications against third parties. Analyze transposition and shift ciphers, learn their reversibility, and examine how keys and algorithms encrypt and decrypt data.

Explore how cryptographic math uses a key with bitwise XOR to encrypt and decrypt binary data, and how hashing provides data integrity with one-way, fixed-length outputs and salt.

Explore encryption and hashing algorithms for confidentiality and integrity, including sha and md families, and analyze des as a symmetric block cipher and its key tradeoffs.

Explore symmetric encryption, including triple encryption with three keys and the reverse process, and note AES-based encryption as the current standard with 128, 192, and 256-bit keys.

Examine block and stream ciphers, including RC4, Blowfish, and IDEA, and understand RSA public-key cryptography for digital signatures; learn PBKDF2 with salt to resist rainbow tables and brute-force attacks.

Explore how cryptography safeguards confidentiality and integrity within the CIA triad and supports non repudiation.

Explore the hardware, applications, and interfaces that enable a public key infrastructure, and examine the cryptographic algorithms that make PKI work.

Explore how a public key infrastructure uses certificates, keys, and a certificate authority to enable secure document exchange with symmetric and asymmetric encryption and digital signatures.

Explore certificate hierarchies with root certificate authority and subordinate certificate authorities, centralized versus distributed issuance, and class one, class two, and class three certificates, repositories, and distinguished names.

Verify the certificate by matching its signer to the trusted CA list, computing the message digest, decrypting the signature with the CA’s key, and checking validity and revocation.

Manage certificate trust by using a certificate revocation list (crl) with delta updates and ocsp for real-time validation, while securely handling key destruction and local private keys.

Implement secure key archival and recovery with dual-control agents and thresholds, and understand key escrow and the roles of public, internal, and outsourced certificate authorities.

Explore how cross certification and trust domains enable PKI to validate and vouch for identities across certificate authorities within a hierarchical root and intermediate structure and path validation.

Explore the components that enable a public Canfor structure to operate. Review certificate types and trust models, and outline issuing and revoking processes for the exam.

Explore the standards and protocols that enable public key infrastructures to communicate using a common method, and examine how these standards are created to make this possible.

Understand how ssl and tls secure privacy via the handshake and record protocols, while certificates, authorities, and key management enable authentication and encryption across pki-enabled systems.

Explore how IPsec secures network-layer traffic in transport and tunnel modes, using AH and ESP for authentication, integrity, and optional encryption, with FIPS guidelines.

analyze the standards and protocols that underpin a public key infrastructure, review pki standards, explore applications like s/mime and ipsec, and examine business processes enabled by these standards and protocols.

Learn physical security measures that cover preventative and detective aspects, including access control, locks, server room security, Faraday cages, bios password protection, USB controls, and policies for computers and users.

protect devices from theft and damage through robust physical security. authenticate users with biometrics and tokens using multi-factor approaches.

Harden servers by removing unnecessary protocols and shares, renaming administrator account and password, patching operating system, securing physical access, and reinforcing switch security with mac address tables and secure shell.

Learn vpn tunneling with ipsec that encrypts data and headers, and how intrusion detection uses signature or anomaly methods alongside network access protection and Cisco trust agent.

Learn SNMP monitoring version 3 with community strings and secure default changes, assess mobile malware risks, and compare coax, shielded twisted pair, fiber, iscsi, and fiber channel protocols.

Address big data challenges for organizations, where relational databases falter, and secure radio frequency, infrared, and microwave media with encryption; emphasize physical security for removable media and backups.

Segment networks into security zones with a dmz and extranet, use firewalls to block access, and manage vlan trunking and nat to protect internal addresses.

Explore remote access technologies and authentication methods used to secure connections to the office network and access resources.

Explore how remote access relies on triple-A and Kerberos, with a key distribution center issuing time-stamped tickets to authenticate users and grant service access.

Diameter aims to replace radius as a triple-a protocol suite, offering authentication, authorization, and accounting with encrypted client-server communication via a shared secret, similar to tacacs+.

Federated authentication uses security token services across trust domains to let resource providers access a user's rights, while single sign-on and mutual authentication with certificates securely validate users and servers.

Explore HOTP and TOTP, MAC-based one-time passwords with sequence- and time-based generation, and secure remote access concepts like tunneling, IPsec with AH/ESP, and security associations.

Explore remote authentication protocols such as CHAP, PAP, and EAP, noting CHAP avoids passwords over the network and PAP sends credentials in clear text.

Explore remote access technologies and authentication methods for secure remote connections. Examine secure methods for connecting to and managing infrastructure devices.