CompTIA Security+ Course Outline • Reviews | Certstaffix® Training


CompTIA Security+ Course


Attend Our Classes From Home - No Software Needed - Learn More...

Security+ TrainingCompTIA Security+

by Certstaffix® Training

Length: 5 day(s)      Public Class Price: $2800/person (USD)      Group Class Price: Request Quote      Course Category: CompTIA Security+ Certification


Security+ Training
This course offers invaluable preparation for Exam SY0-601 and covers 100% of the exam objectives with clear, concise explanation. You'll learn how to handle threats, attacks, and vulnerabilities using industry-standard tools and technologies, while understanding the role of architecture and design. From everyday tasks like identity and access management to complex topics like risk management and cryptography, this course helps you consolidate your knowledge base in preparation for the Security+ exam. Practical examples illustrate how these processes play out in real-world scenarios, allowing you to immediately translate essential concepts to on-the-job application. Students also get access to a robust toolkit for more thorough prep: flashcards, glossary of key terms, practice questions, and a pre-assessment exam equip you with everything you need to enter the exam confident in your skill set.
  • Master essential security technologies, tools, and tasks
  • Understand how Security+ concepts are applied in the real world
  • Study on the go with electronic flashcards and more
  • Test your knowledge along the way with hundreds of practice questions

To an employer, the CompTIA Security+ certification proves that you have the knowledge base and skill set to secure applications, devices, and networks; analyze and respond to threats; participate in risk mitigation, and so much more. As data threats loom larger every day, the demand for qualified security professionals will only continue to grow.

Certification exams are administered by third party testing companies such as Pearson Vue or Prometric. Our courses prepare you for the certification exam, which is an additional fee paid to the testing provider. You must contact Prometric, Pearson Vue or the corresponding testing provider to take a certification exam.
Course Description: Print It | Download PDF | Email It

  Public Classes - Live Online at Your Location or OursHow It Works

Certstaffix® Training public classes are instructor-led, live online training you attend from your home or work or in one of our local computer labs. Our live online instructors teach you from a remote location while being able to interact with students as in a traditional classroom setting.

  • A real, live instructor teaching you from another location
  • Hands-on learning with the software/skills you are being taught
  • Interaction with all students in the class at other locations
  • Any needed software for class provided in online lab environment
  • Easy assistance from the instructor

Click a class date below to register & view location/attendance options.

  Group Classes for Organizations - Onsite or Online How It Works

Have a group of employees needing the same training? Onsite training at your office or group live online classes are great solutions.  

  • An expert Instructor will either come to your office or deliver a private live online class to your students
  • Course can be customized to your training needs
  • Course is scheduled based on dates you provide (Subject to instructor availability)
  • We usually require about 4 weeks lead time to arrange a training session

  Detailed Course Topics

Course Description: Print It | Download PDF | Email It

Related Certifications

CompTIA Security+ Certification


Knowledge Pre-Requisites


Course Topics

Introduction xxv
Assessment Test xxxvi

Chapter 1 Today’s Security Professional 1
Cybersecurity Objectives 2
Data Breach Risks 3
The DAD Triad 3
Breach Impact 5
Implementing Security Controls 7
Security Control Categories 7
Security Control Types 8
Data Protection 9
Summary 12
Exam Essentials 12
Review Questions 14

Chapter 2 Cybersecurity Threat Landscape 19
Exploring Cybersecurity Threats 20
Classifying Cybersecurity Threats 20
Threat Actors 22
Threat Vectors 28
Threat Data and Intelligence 30
Open Source Intelligence 31
Proprietary and Closed-Source Intelligence 33
Assessing Threat Intelligence 35
Threat Indicator Management and Exchange 36
Public and Private Information Sharing Centers 37
Conducting Your Own Research 38
Summary 38
Exam Essentials 39
Review Questions 40

Chapter 3 Malicious Code 45
Malware 46
Ransomware 47
Trojans 47
Worms 48
Rootkits 48
Backdoors 49
Bots 50
Keyloggers 52
Logic Bombs 53
Viruses 53
Fileless Viruses 53
Spyware 54
Potentially Unwanted Programs (PUPs) 55
Malicious Code 55
Adversarial Artificial Intelligence 57
Summary 58
Exam Essentials 59
Review Questions 61

Chapter 4 Social Engineering, Physical, and Password Attacks 65
Social Engineering 66
Social Engineering Techniques 67
Influence Campaigns 72
Password Attacks 72
Physical Attacks 74
Summary 76
Exam Essentials 76
Review Questions 78

Chapter 5 Security Assessment and Testing 83
Vulnerability Management 84
Identifying Scan Targets 84
Determining Scan Frequency 86
Configuring Vulnerability Scans 87
Scanner Maintenance 92
Vulnerability Scanning Tools 95
Reviewing and Interpreting Scan Reports 96
Validating Scan Results 106
Security Vulnerabilities 107
Patch Management 107
Legacy Platforms 108
Weak Configurations 109
Error Messages 110
Insecure Protocols 111
Weak Encryption 112
Penetration Testing 113
Adopting the Hacker Mindset 114
Reasons for Penetration Testing 115
Benefits of Penetration Testing 115
Penetration Test Types 116
Rules of Engagement 118
Reconnaissance 119
Running the Test 120
Cleaning Up 120
Training and Exercises 120
Summary 122
Exam Essentials 122
Review Questions 124

Chapter 6 Secure Coding 129
Software Assurance Best Practices 130
The Software Development Life Cycle 130
Software Development Phases 131
Software Development Models 133
DevSecOps and DevOps 136
Designing and Coding for Security 138
Secure Coding Practices 138
API Security 139
Code Review Models 139
Software Security Testing 143
Analyzing and Testing Code 143
Injection Vulnerabilities 144
SQL Injection Attacks 145
Code Injection Attacks 148
Command Injection Attacks 149
Exploiting Authentication Vulnerabilities 150
Password Authentication 150
Session Attacks 151
Exploiting Authorization Vulnerabilities 154
Insecure Direct Object References 154
Directory Traversal 155
File Inclusion 156
Privilege Escalation 157
Exploiting Web Application Vulnerabilities 157
Cross-Site Scripting (XSS) 158
Request Forgery 160
Application Security Controls 161
Input Validation 162
Web Application Firewalls 163
Database Security 163
Code Security 166
Secure Coding Practices 168
Source Code Comments 168
Error Handling 168
Hard-Coded Credentials 170
Memory Management 170
Race Conditions 171
Unprotected APIs 172
Driver Manipulation 172
Summary 173
Exam Essentials 173
Review Questions 175

Chapter 7 Cryptography and the Public Key Infrastructure 179
An Overview of Cryptography 180
Historical Cryptography 181
Goals of Cryptography 186
Confidentiality 187
Integrity 188
Authentication 188
Nonrepudiation 189
Cryptographic Concepts 189
Cryptographic Keys 189
Ciphers 190
Modern Cryptography 191
Cryptographic Secrecy 191
Symmetric Key Algorithms 192
Asymmetric Key Algorithms 193
Hashing Algorithms 196
Symmetric Cryptography 197
Data Encryption Standard 197
Triple DES 199
Advanced Encryption Standard 200
Symmetric Key Management 200
Asymmetric Cryptography 203
RSA 203
Elliptic Curve 204
Hash Functions 205
SHA 206
MD5 207
Digital Signatures 207
HMAC 208
Digital Signature Standard 209
Public Key Infrastructure 209
Certificates 209
Certificate Authorities 211
Certificate Generation and Destruction 212
Certificate Formats 215
Asymmetric Key Management 216
Cryptographic Attacks 217
Emerging Issues in Cryptography 220
Tor and the Dark Web 220
Blockchain 220
Lightweight Cryptography 221
Homomorphic Encryption 221
Quantum Computing 222
Summary 222
Exam Essentials 222
Review Questions 224

Chapter 8 Identity and Access Management 229
Identity 230
Authentication and Authorization 231
Authentication and Authorization Technologies 232
Directory Services 236
Authentication Methods 237
Multifactor Authentication 237
One-Time Passwords 239
Biometrics 241
Knowledge-Based Authentication 243
Managing Authentication 244
Accounts 245
Account Types 245
Account Policies and Controls 245
Access Control Schemes 248
Filesystem Permissions 249
Summary 251
Exam Essentials 252
Review Questions 253

Chapter 9 Resilience and Physical Security 257
Building Cybersecurity Resilience 258
Storage Resiliency: Backups and Replication 260
Response and Recovery Controls 266
Physical Security Controls 269
Site Security 269
Summary 278
Exam Essentials 279
Review Questions 281

Chapter 10 Cloud and Virtualization Security 285
Exploring the Cloud 286
Benefits of the Cloud 287
Cloud Roles 289
Cloud Service Models 289
Cloud Deployment Models 293
Shared Responsibility Model 295
Cloud Standards and Guidelines 298
Virtualization 300
Hypervisors 300
Cloud Infrastructure Components 302
Cloud Compute Resources 302
Cloud Storage Resources 304
Cloud Networking 307
Cloud Security Issues 311
Availability 311
Data Sovereignty 311
Virtualization Security 312
Application Security 312
Governance and Auditing 313
Cloud Security Controls 313
Cloud Access Security Brokers 314
Resource Policies 314
Secrets Management 316
Summary 316
Exam Essentials 316
Review Questions 318

Chapter 11 Endpoint Security 323
Protecting Endpoints 324
Preserving Boot Integrity 325
Endpoint Security Tools 326
Hardening Endpoints and Systems 332
Service Hardening 333
Operating System Hardening 335
Hardening the Windows Registry 336
Configuration, Standards, and Schemas 336
Disk Security and Sanitization 338
File Manipulation and Other Useful Command-Line Tools 341
Scripting, Secure Transport, and Shells 343
Securing Embedded and Specialized Systems 344
Embedded Systems 345
SCADA and ICS 346
Securing the Internet of Things 348
Specialized Systems 349
Communication Considerations 350
Security Constraints of Embedded Systems 351
Summary 352
Exam Essentials 354
Review Questions 356

Chapter 12 Network Security 361
Designing Secure Networks 363
Network Segmentation 365
Network Access Control 366
Port Security and Port-Level Protections 367
Port Spanning/Port Mirroring 369
Virtual Private Network 370
Network Appliances and Security Tools 371
Network Security, Services, and Management 377
Deception and Disruption 382
Secure Protocols 383
Using Secure Protocols 383
Secure Protocols 384
Attacking and Assessing Networks 389
On-Path Attacks 389
Domain Name System Attacks 391
Layer 2 Attacks 393
Distributed Denial-of-Service Attacks 394
Network Reconnaissance and Discovery Tools and Techniques 398
Summary 411
Exam Essentials 412
Review Questions 414

Chapter 13 Wireless and Mobile Security 419
Building Secure Wireless Networks 420
Connectivity Methods 421
Wireless Network Models 425
Attacks Against Wireless Networks 426
Designing a Network 430
Controller and Access Point Security 432
Wi-Fi Security Standards 433
Wireless Authentication 434
Managing Secure Mobile Devices 436
Mobile Device Deployment Methods 436
Mobile Device Management 438
Specialized Mobile Device Security Tools 442
Summary 442
Exam Essentials 443
Review Questions 445

Chapter 14 Incident Response 449
Incident Response 450
The Incident Response Process 451
Attack Frameworks and Identifying Attacks 457
Incident Response Data and Tools 461
Security Information and Event Management Systems 462
Alerts and Alarms 464
Correlation and Analysis 465
Rules 465
Mitigation and Recovery 473
Summary 477
Exam Essentials 478
Review Questions 480

Chapter 15 Digital Forensics 485
Digital Forensic Concepts 486
Legal Holds and e-Discovery 487
Conducting Digital Forensics 488
Acquiring Forensic Data 489
Acquisition Tools 493
Validating Forensic Data Integrity 496
Data Recovery 499
Forensic Suites and a Forensic Case Example 499
Reporting 504
Digital Forensics and Intelligence 504
Summary 505
Exam Essentials 505
Review Questions 507

Chapter 16 Security Policies, Standards, and Compliance 511
Understanding Policy Documents 512
Policies 512
Standards 515
Procedures 517
Guidelines 518
Exceptions and Compensating Controls 519
Personnel Management 520
Least Privilege 520
Separation of Duties 521
Job Rotation and Mandatory Vacations 521
Clean Desk Space 522
Onboarding and Offboarding 522
Nondisclosure Agreements 522
Social Media 522
User Training 522
Third-Party Risk Management 523
Winding Down Vendor Relationships 524
Complying with Laws and Regulations 524
Adopting Standard Frameworks 525
NIST Cybersecurity Framework 525
NIST Risk Management Framework 528
ISO Standards 529
Benchmarks and Secure Configuration Guides 531
Security Control Verification and Quality Control 531
Summary 533
Exam Essentials 534
Review Questions 535

Chapter 17 Risk Management and Privacy 539
Analyzing Risk 540
Risk Identification 541
Risk Calculation 542
Risk Assessment 543
Managing Risk 547
Risk Mitigation 547
Risk Avoidance 549
Risk Transference 549
Risk Acceptance 549
Risk Analysis 550
Disaster Recovery Planning 552
Disaster Types 552
Business Impact Analysis 553
Privacy 553
Sensitive Information Inventory 554
Information Classification 554
Data Roles and Responsibilities 556
Information Lifecycle 557
Privacy Enhancing Technologies 557
Privacy and Data Breach Notification 558
Summary 559
Exam Essentials 559
Review Questions 560

Appendix Answers to Review Questions 565
Index 603
Course Description: Print It | Download PDF | Email It

Public Class Format

Certstaffix® Training public classes are instructor-led live online training you attend either from your home/work location or in one of our computer labs. Our live online instructors teach you from a remote location while being able to interact with you like in a traditional classroom.


Quality Instructors

Our instructors have many years of experience teaching adult learners in person and online.

Complete Lab Environment

Access to software required is provided in a lab environment during class.

Hands-on Learning

Most classes are not all lecture - you can learn by actually doing.


Small Classes

You get more attention from the instructor and classes flow more smoothly.

Post-Class Lab Access*

Access practice lab environment for 180 days after most classes*.


Low Cancellation Rate

Most classes run as scheduled.



*These courses do not have post-class lab environment access: Adobe, Salesforce, QuickBooks Online Edition, Google, HTML, WordPress, ITIL, Six Sigma, CompTIA, Project Management, SEO, Social Media.


Group Training

Have a group of employees needing the same training? Onsite training at your office or group live online classes are great solutions.

How Group Training Works





  • An expert Instructor will either come to your office or deliver a private live online class to your students
  • Course can be fully customized to your training needs
  • Each student receives a Course Manual with Practice Files (Materials provided before the class date)
  • If a course has a hands‐on lab, we provide access to the configured course software and files.
    (Requires a high‐speed internet connection and certain open ports on your firewall. You can perform a Connection Assessment Test here)
  • Course is scheduled based on dates you provide (Subject to instructor availability)
  • We usually require about 4 weeks lead time to arrange a training session
  • Training is completed in a convenient session(s) of your choosing
  • Two 15 minute breaks and one hour long break for lunch daily

Request a Free Quote

CompTIA Security+ Class Reviews

Here are a sample of CompTIA Security+ Certification class reviews from past students that have attended our CompTIA Security+ Certification training courses.



This course offers invaluable preparation for Exam SY0-601 and covers 100% of the exam objectives with clear, concise explanation. You'll learn how to handle threats, attacks, and vulnerabilities using industry-standard tools and technologies, while understanding the role of architecture and design. From everyday tasks like identity and access management to complex topics like risk management and cryptography, this course helps you consolidate your knowledge base in preparation for the Security+ exam. Practical examples illustrate how these processes play out in real-world scenarios, allowing you to immediately translate essential concepts to on-the-job application. Students also get access to a robust toolkit for more thorough prep: flashcards, glossary of key terms, practice questions, and a pre-assessment exam equip you with everything you need to enter the exam confident in your skill set.
  • Master essential security technologies, tools, and tasks
  • Understand how Security+ concepts are applied in the real world
  • Study on the go with electronic flashcards and more
  • Test your knowledge along the way with hundreds of practice questions

To an employer, the CompTIA Security+ certification proves that you have the knowledge base and skill set to secure applications, devices, and networks; analyze and respond to threats; participate in risk mitigation, and so much more. As data threats loom larger every day, the demand for qualified security professionals will only continue to grow.

Certification exams are administered by third party testing companies such as Pearson Vue or Prometric. Our courses prepare you for the certification exam, which is an additional fee paid to the testing provider. You must contact Prometric, Pearson Vue or the corresponding testing provider to take a certification exam.


Certstaffix® Class Reviews

Student Average:
4.97 out of 5 from 3 students

5.00 out of 5

Excellent instruction.


- attended our CompTIA Security+ (2014 Objectives) class

4.96 out of 5


- attended our CompTIA Security+ (SY0-501) class

4.94 out of 5


- attended our CompTIA Security+ (2014 Objectives) class



Please contact us if we do not yet have any reviews or you would like more.


View all CompTIA Security+ Certification training reviews

CompTIA Security+ Certification Courses By City:

       FL - Winter Park       NC - Asheville       PA - York      
- - your home       GA - Atlanta       NC - Charlotte       PR - Puerto Rico      
AL - Birmingham       GA - Augusta       NC - Greensboro       QC - Montreal      
AL - Huntsville       GA - Columbus       NC - Raleigh       RI - Providence      
AL - Mobile       GA - Savannah       NC - Winston-Salem       SC - Greenville      
AR - Bentonville       HI - Honolulu       ND - Bismarck       SC - Myrtle Beach      
BC - Vancouver       IA - Des Moines       ND - Fargo       SC - North Charleston      
CA - Bakersfield       IA - Iowa City       NE - Lincoln       SK - Regina      
CA - Fresno       ID - Boise       NE - Omaha       SK - Saskatoon      
CA - Los Angeles       IL - Chicago       NH - Bedford       TN - Chattanooga      
CA - Merced       IL - Rockford       NJ - Bridgewater       TN - Knoxville      
CA - Modesto       IN - Bloomington       NM - Albuquerque       TN - Memphis      
CA - Napa       IN - Evansville       NM - Las Cruces       TN - Nashville      
CA - Oakland       IN - Fort Wayne       NM - Santa Fe       TX - Amarillo      
CA - Oxnard       IN - Indianapolis       NS - Halifax       TX - Austin      
CA - Rancho Cucamonga       IN - South Bend       NV - Henderson       TX - Beaumont      
CA - Sacramento       KS - Overland Park       NV - Reno       TX - Corpus Christi      
CA - Salinas       KS - Topeka       NY - Albany       TX - Dallas      
CA - San Diego       KY - Lexington       NY - Buffalo       TX - El Paso      
CA - San Jose       KY - Louisville       NY - New York City       TX - Fort Worth      
CA - Santa Maria       LA - Baton Rouge       NY - Rochester       TX - Houston      
CA - Santa Rosa       LA - Lafayette       NY - Syracuse       TX - Killeen      
CA - Stockton       LA - New Orleans       OH - Beavercreek       TX - Laredo      
CB - Caribbean       LA - Shreveport       OH - Cincinnati       TX - Longview      
CB - Kingston       MA - Burlington       OH - Columbus       TX - Lubbock      
CB - Nassau       MA - Springfield       OH - Highland Heights       TX - McAllen      
CO - Boulder       MA - Westborough       OH - Toledo       TX - Midland      
CO - Colorado Springs       MB - Winnipeg       OH - Youngstown       TX - San Antonio      
CO - Denver       MD - Largo       OK - Oklahoma City       TX - Tyler      
CT - Cheshire       MD - Laurel       OK - Tulsa       TX - Waco      
CT - New Haven       ME - Portland       ON - Ottawa       UT - Ogden      
CT - Stamford       MI - Ann Arbor       ON - Toronto       UT - Salt Lake City      
DE - Wilmington       MI - Flint       OR - Beaverton       VA - Charlottesville      
FL - Daytona Beach       MI - Grand Rapids       OR - Bend       VA - Glen Allen      
FL - Fort Lauderdale       MI - Lansing       OR - Eugene       VA - Harrisonburg      
FL - Fort Myers       MI - Livonia       OR - Medford       VA - Roanoke      
FL - Gainesville       MN - Minnetonka       OR - Salem       VA - Virginia Beach      
FL - Jacksonville       MO - Columbia       PA - Allentown       VT - Burlington      
FL - Lakeland       MO - St. Louis       PA - Erie       WA - Seattle      
FL - Miami       MS - Biloxi       PA - Harrisburg       WA - Spokane      
FL - Naples       MS - Jackson       PA - Malvern       WI - Eau Claire      
FL - Pensacola       MT - Billings       PA - Philadelphia       WI - Green Bay      
FL - Sarasota       MT - Montana       PA - Pittsburgh       WI - Madison      
FL - Tallahassee       NB - Moncton       PA - Reading       WI - Milwaukee      
FL - Tampa       NB - Saint John       PA - Scranton-Wilkes Barre