CompTIA Security+ (SY0-701) Mastery Course w/ Labs & Exams

Explore domain two by identifying threat actors, their motivations, and data exfiltration, then assess vulnerabilities and attack surfaces across apps, OS, and cloud, and apply mitigation like patching and segmentation.

Analyze security architecture for cloud and on-prem networks, emphasizing infrastructure as code, serverless, and zero-trust design. Examine data protection, resilience, backups, and ransomware defenses across IoT, SCADA, and virtualization.

Explore governance, risk, and compliance (GRC) and learn how policies, standards, and procedures guide security program leadership, third-party risk, audits, and security awareness training, with case studies and pbqs.

Identify where valuable data and critical assets reside, and who can access them, using the CIS top 18 controls to inventory hardware and software and guide secure deployment.

Learn the NIST CSF 2.0, identify critical assets, implement protect and detect controls, and execute respond and recovery with governance and SIEM/IDS/EDR for rapid incident response.

Explore the csf 2.0 categories and their functions, including identify, protect, detect, respond, and recover, with governance, asset management, risk assessment, security awareness, and CIEM.

Master authentication, authorization, and accounting (AAA) fundamentals—identifying, verifying identity, and granting access by role-based (RBAC) or attributes—along with cloud IAM and auditing to track activity and prevent insider threats.

Master detective controls such as CCTV surveillance and real-time monitoring that detect incidents and alert responders; SNORT is IDS, while Splunk and Elastic are CIM tools that monitor activity.

learn to balance security with business enablement, practice risk management and acceptable risk, and support threat hunting, incident response, and penetration testing through practical, report-driven defense.

Detective controls reveal security events through monitored alerts from systems like Splunk. Note that CCTV or SIEM require human monitoring to function as detective controls.

Analyze threat actors by assessing motivation, capability, and persistence, including financial and political motives, advanced persistence threat groups, their tools, and how defenders use Mendiant and CrowdStrike.

Identify terrorist groups as threat actors who use cyber means to threaten governments and citizens with violence, spreading fear, propaganda, disinformation, and disruption.

Identify all potential entry points in the attack surface, distinguish it from attack vectors, and reduce risk by removing unnecessary services, ports, and accounts, and by implementing strong authentication.

Generate an asymmetric key pair in Kali Linux with ssh-keygen using RSA, creating a public key for sharing on MIT's public key server and a private key for secure communication.

Explain how cryptography achieves confidentiality, integrity, authentication, and non-repudiation by using a cipher and a key to transform plaintext into ciphertext and back through encryption and decryption.

Symmetric encryption uses a single secret key for both encryption and decryption, making it fast and ideal for bulk data, but its key distribution and non-repudiation limitations pose challenges.

Explore symmetric algorithms, including AES, DES, 3DES, RC4, Blowfish, and Twofish, with emphasis on AES as the current standard used in Wi‑Fi and the weaknesses of older ciphers.

Explore hashing algorithms and their role in data integrity and password security, showing how hashes protect passwords and how breaches like Rockyou exploit unencrypted credentials.

Discuss hashing algorithms for passwords, detailing md5 and sha, the sha-2 family, sha-3, and hmac, including collision issues and authentication use cases like one-time codes and bitcoin verification.

Explore how PKI creates a root of trust by linking encryption, hashing, and trusted websites through a CA hierarchy and domain, OV, and EV validations for https.

Identify the roles of the registration authority and certificate authority in PKI, and describe certificate signing requests, X.509 digital certificates, and certificate status methods like CRL and OCSP.

Explore obfuscation as making code hard to understand, and see how attackers misuse it; also cover steganography, data masking of PII and PHI, tokenization, and de-identification.

Analyze the 2010 Stuxnet case study, a cyber weapon targeting Iran's nuclear program, attributed to the US and Israeli intelligence, using usb delivery, zero-day exploits, and stolen Microsoft keys.

Explore how single sign-on enables a user to sign in once and access multiple applications. Understand federation, where an identity provider enables cross-organization sign-in using SAML, OAuth, and OpenID Connect.

Explore TACACS+ and its improvements over TACACS and Radius, highlighting TCP-based, fully encrypted conversations for centralized authentication, authorization, and accounting in device management for routers, switches, and firewalls.

Explore why physical security is essential to cybersecurity and how access controls protect data center assets and prevent unauthorized entry.

Approve changes via a manager or change management committee, test in a virtualized environment, announce a maintenance window, ensure ownership and accountability with a back-out plan and sops for compliance.

Distinguish viruses and worms; explain macros and polymorphic or metamorphic variants, with examples like Morris worm, I love you worm, Code Red, Conficker, Stuxnet.

Phishing uses a broad volume of fraudulent e-mails to exploit social engineering, while spear phishing targets specific individuals. Whaling narrows further to compromise high-value targets like the CEO.

Explore vishing and smishing as voice and text social engineering attacks, and farming (pharming) via DNS poisoning and host file manipulation to redirect users.