CompTIA Security+

Successful Passing SY0-601

Welcome to Security+ Training Course!
Rita Whitfield
Google Drive
rjtrainingsolutions@gmail.com
Email rwhitfield@i-
tekacademy.com
Phone 202-751-0227
Website www.i-tekacademy.com Work Experience:
Certifications:
❑McGraw Hill Building, Charles Products
❑ITF+, Cloud Essentials, CCNA
Security, Cloud+, MTA- ❑TESST College of Technology
Networking, E|ND, CEI, ❑Academy of Computer Education
CYSA,MOS, MCAS (master), A+,
Net+, Security+, Green IT, MCTS, ❑Phoenix TS
MCP, MCT,CEH, CASP, Cloud+, ❑UMBC
CIOS, CSIS, CSAE, CSAP,CHFI,
CCSP, SSCP, CAP,CISA, CISM, ❑Office Pro
CISSP,CRISC ❑TechSherpas
Education: ❑Catholic University
❑TESST College of Technology
❑Info-Tech Institute ❑Training, etc.
❑Strayer University ❑Global Knowledge, Knowlogy
❑Kaplan University
❑CET Institute, Contract Instructor
❑Academy of Computer
Education ❑OAA – Fort Belvoir , Army - Fort Meade
❑CED Solutions ❑Ndepth Security
 • Class-Related
• Sign-in Sheet
• Length and times
• Break and lunchroom locations
• Course Flow

General Administration
• Facilities-Related
• Course materials
• Rest rooms
CompTIA Career Pathway
A Closer Look

5
Understanding the CompTIA Track

Vendor
Neutral

CompTIA

Specialty - Internationally
Focused Recognized
CompTIA
Career
Pathway
A Closer Look at
Security+

Let’s talk about the exam details

 Security+ Exam Information

Item Description
Exam code SY0-601
Pricing $370 USD (same pricing tier as Security+)
Testing Provider Pearson VUE Testing Centers
Question Types Performance based and multiple choice
No. of Questions Estimated at 90 questions maximum
Length of Test Estimated at 90 minutes or longer
Passing Score Scale of 900, cut score to be determined*
Languages English, translations TBD
2 years of hands-on information security or related experience.
Recommended Experience
Network+, or equivalent knowledge.
CE Program Yes
Security+ Exam Objectives
Security+ Objective Domains

1.0 Threats, Attacks, and Vulnerabilities 24%

1.1 Compare and contrast different types of social engineering techniques.
1.2 Given a scenario, analyze potential indicators to determine the type of
attack.
1.3 Given a scenario, analyze potential indicators associated with application
attacks.
1.4 Given a scenario, analyze potential indicators associated with network
attacks.
1.5 Explain different threat actors, vectors, and intelligence sources.
1.6 Explain the security concerns associated with various types of
vulnerabilities.
1.7 Summarize the techniques used in security assessments
1.8 Explain the techniques used in penetration testing.
Security+ Objective Domains

Architecture and Design 21

2.1 Explain the importance of security concepts in an enterprise environment.
2.2 Summarize virtualization and cloud computing concepts
2.3 Summarize secure application development, deployment, and automation
concepts.
2.4 Summarize authentication and authorization design concepts.
2.5 Given a scenario, implement cybersecurity resilience.
2.6 Explain the security implications of embedded and specialized systems.
2.7 Explain the importance of physical security controls.
2.8 Summarize the basics of cryptographic concepts
Security+ Objective Domains

Implementation 16%
3.1 Given a scenario, implement secure protocols.
3.2 Given a scenario, implement host or application security solutions.
3.3 Given a scenario, implement secure network designs.
3.4 Given a scenario, install and configure wireless security settings.
3.5 Given a scenario, implement secure mobile solutions.
3.6 Given a scenario, apply cybersecurity solutions to the cloud.
3.7 Given a scenario, implement identity and account management controls.
3.8 Given a scenario, implement authentication and authorization solutions.
3.9 Given a scenario, implement public key infrastructure.
Security+ Objective Domains

Operations and Incident Response 16%

4.1 Given a scenario, use the appropriate tool to assess organizational
security.
4.2 Summarize the importance of policies, processes, and procedures for
incident response.
4.3 Given an incident, utilize appropriate data sources to support an
investigation.
4.4 Given an incident, apply mitigation techniques or controls to secure an
environment.
4.5 Explain the key aspects of digital forensics
Security+ Objective Domains

Governance, Risk, and Compliance 14%

5.1 Compare and contrast various types of controls
5.2 Explain the importance of applicable regulations, standards, or
frameworks that impact organizational security posture.
5.3 Explain the importance of policies to organizational security.
5.4 Summarize risk management processes and concepts.
5.5 Explain privacy and sensitive data concepts in relation to security.
Taking the exam

16
Taking the
Exam
• Schedule Exams and Retake
Policy
• www.pearsonvue.com/sc
heduleexams
• Exam can be rescheduled
after
24 hrs. / 2 weeks
• Certification Expiration
• Each certification has
expiration of three years
• Higher level exams will
renew any lower-level
exams.
Continuing Education Renewal Fees
❑ Renew by earning a higherlevel CompTIA
certification
❑ If you plan to earn a higher-level CompTIA
certification to fulfill your renewal
requirements, you don’t need to pay the CE
fees.

❑ Renew by passing a Recertification Exam

❑ If you plan on taking a Recertification Exam to
fulfill your renewal requirements, you don’t
need to pay the CE fees.

❑ Renewing multiple CompTIA certifications

❑ If you already have two or more active CE
certifications, you’ll only need to pay the CE
*CE
feesfees for renewable
for your highest-levelcertifications*
certification.
Renewal of Certifications
 CEUs
Required
Exam Tips

21
 Answer questions you are confident about first

Test If you're not sure flag it, and come back at the
end when you have 30-45 min left on the timer

Taking
Tips
Be comfortable with practice exams (testing
practices)

That gut answer can many times be trusted!!

How to Get the Most
from this Course
• Preview the chapter before your instructor covers
the material:
• Make notes of things you want to ask about.
• Take notes during class:
• Do not try to copy everything; use keywords
as a memory aid.
• Take time to review what you studied:
• Use the keywords to help your memory to
recall the material.
• Go over chapter questions/answers until you know
them well.
Make a Date
• Write down an exam date goal. Post it where it is often
seen.
• Helps you stay focused.
• Set a pretest date by which you will start taking practice
exams.
• Break down the goal into manageable sections.
• Use the book chapters to remind you of what to study.
• Use the end-of-chapter questions to pinpoint specific
areas to be mastered.

• Tip: Get a study partner who has the same date as yours.
• You can help each other with labs.
• You can assist each other with concepts that you did not
understand fully.
 Practice Exams

Practice Exams can be used to

Practice Exams increase your
predict your chances of
chances of success:
success:

• Expose your weaknesses so that • An exam average of 90% or

you can pinpoint areas needing better on three or more exams
further study. suggest you are ready to take
• Avoid spending large sums of the real exam.
money recovering from failures.
• Get to work faster.
Learning Content &
Resources

26
 Learning Content & Resources

• Kali Linux / Parrot

• Virtual Box
• Darril Gibson
• Professor Messer
• Cybrary.IT
• Malware Museum
• NetInVM
 • TestOut
• Cengage
Learning Content & • Practice Labs
Resources • uCertify
• ITPRO.TV
Security+ Resources
www.bls.gov – job requirements, salary, job outlook, skill level
www.onetonline.org – tasks, tools, technology, knowledge, skills, abilities, education, wages, job openings
 Security+ Job Roles

Job Role Key Job Responsibilities

• Application of patches
• Configuration of operating systems, networks, and accounts
Systems Administrator
• Basic troubleshooting of hardware/software
• Account management
• Data loss prevention
• Backup management
• Configuration of logging
• Capacity management
Network Administrator
• Certificate management
• Mobile device management
 Security+ Job Roles

Job Role Key Job Responsibilities

• Account management
• Vulnerability management
Security Administrator • IDS/IPS management
• Log reviews
• Policy reviews
• Antivirus management
• Incident response involvement/DR

• Compliance management
• Review risk assessment
Junior IT Auditor / Penetration Tester • Control testing
• Policy review
• Process review
• Process testing
Introducing Yourself
Name / company

Job function

Type and amount of experience

Expectations and objectives

CompTIA Security+
Successful Passing SY0-601