ITPro.TV: CompTIA Security+ (SY0-601)

author: Nathan Acks
date: 2022-05-07
tags: #MOC

Threats, Attacks, and Vulnerabilities

Overview

Social Engineering Techniques

Malware

Password Attacks - Types

Password Attacks - Tools

Application Attacks - Injections

Application Attacks - System Resources

Application Attacks - XSS And XSRF

Application Attacks - Replay Attacks

Network Attacks - DNS Attacks

Network Attacks - Layer 2 Attacks

Network Attacks - DoS And DDoS

Network Attacks - MiTM And MiTB

Network Attacks - Wireless

Vulnerabilities

Threat Intelligence - OSINT

Threat Intelligence - Threat Maps And Feeds

Threat Intelligence Vulnerability Databases Feed

Threat Actors And Vectors

Cryptography

Cryptography Concepts

Encryption And Steganography

Hashing

Symmetric vs. Asymmetric Encryption

Secure Protocols

Keys

PKI Concepts

Certificates

IPSec

Identity and Access Management

Authentication and Authorization

Authentication Methods

Additional Authentication Methods

Biometrics

Authentication Protocols - PAP And CHAP

Authentication Protocols - EAP and 802.1X

Authentication Protocols - RADIUS and TACACS

Authentication Protocols - Kerberos

Access Control Schemes

Account Management - Account Types

Account Management - Password Policies

Account Management - Account Policies

Implementing Security

Application Security

Physical Security

Wireless Security

Secure Data Destruction

Host Security - Endpoint Protection

Host Security - Hardening

Mobile Device Deployment

Mobile Device Management And Enforcement

Mobile Device Connections

Specialized Systems

Network Security - Segmentation

Network Security - VPNs

Network Security - Proxies And Load Balancing

Network Security - Port Security

Network Security - Firewalls

Network Security - NIDS And NIPS

Cloud and Virtualization

Virtualization

Cloud Concepts

Cloud Services

Cloud Models

Computing Types

Cloud Security Controls

Operational Resiliency

Hardware Redundancy

Site Redundancy

Non-Persistence Concepts

Backup And Recovery

Operational Security and Incident Response

Network Reconnaissance And Discovery

Packet Capture And Replay

Vulnerability Scans

SIEM And SOAR Systems

Pentesting Techniques

Pentesting Exercise Types

Digital Forensics Concepts

Investigational Data Sources

Incident Response Process

Incident Response Plans

Attack Frameworks

Governance, Risk, and Compliance

Security Controls

Regulations, Standards And Frameworks

Spotlight On General Data Protection Regulation

Organizational Security Policies - Personnel

Organizational Security Policies - 3rd Party Risk

Organizational Security Policies - Data

Organizational Security Policies - Other Areas

Risk Management Concepts - Vocabulary

Risk Management Concepts - Types & Strategies

Risk Management Concepts - Risk Analysis

Risk Management Concepts - Business Impact Analysis

Privacy and Data Sensitivity - Breaches & Data Types

Privacy and Data Sensitivity - Privacy Enhancing Tech

Privacy and Data Sensitivity - Roles & Responsibilities

Privacy and Data Sensitivity - Other Areas