CompTIA Security+ (SY0-701) Cert Prep

Contents

• Introduction Introduction

  • About the Security+ exam

    1m 2s
  • What's new in SY0-701?

    1m 35s
• 1. The Security+ Exam 1. The Security+ Exam

  • The Security+ exam

    2m 35s
  • (Locked)
    Careers in information security

    3m 45s
  • (Locked)
    The value of certification

    3m 14s
  • (Locked)
    Stackable certifications

    3m 12s
  • (Locked)
    Study resources

    1m 33s
• 2. Inside the Security+ Exam 2. Inside the Security+ Exam

  • (Locked)
    In-person exam environment

    3m 5s
  • (Locked)
    At-home testing

    1m 10s
  • (Locked)
    Security+ question types

    2m 43s
  • (Locked)
    Passing the Security+ exam

    2m 26s
• 3. Preparing for the Exam 3. Preparing for the Exam

  • (Locked)
    Exam tips

    1m
  • (Locked)
    Practice tests

    47s
  • (Locked)
    Continuing education requirements

    2m 8s
• 4. Domain 1: General Security Concepts 4. Domain 1: General Security Concepts

  • General security concepts

    2m 19s
• 5. Fundamental Security Concepts 5. Fundamental Security Concepts

  • (Locked)
    The goals of information security

    2m 11s
  • (Locked)
    Authentication, authorization, and accounting (AAA)

    3m 31s
  • (Locked)
    Categorizing security controls

    5m 11s
  • (Locked)
    Conducting a gap analysis

    2m 34s
  • (Locked)
    Zero Trust

    5m 32s
  • (Locked)
    Physical access control

    4m 40s
  • (Locked)
    Physical security personnel

    2m 12s
  • (Locked)
    Deception technologies

    2m 55s
  • (Locked)
    Change management

    6m 2s
• 6. Cryptography 6. Cryptography

  • (Locked)
    Understanding encryption

    2m 49s
  • (Locked)
    Symmetric and asymmetric cryptography

    4m 18s
  • (Locked)
    Goals of cryptography

    3m 47s
  • (Locked)
    Choosing encryption algorithms

    3m 27s
  • (Locked)
    The cryptographic lifecycle

    2m 34s
  • (Locked)
    Data de-identification

    2m 44s
  • (Locked)
    Data obfuscation

    2m 12s
• 7. Symmetric Cryptography 7. Symmetric Cryptography

  • (Locked)
    Data Encryption Standard (DES)

    2m 50s
  • (Locked)
    3DES

    2m 58s
  • (Locked)
    AES, Blowfish, and Twofish

    5m 47s
  • (Locked)
    Steganography

    3m 57s
• 8. Asymmetric Cryptography 8. Asymmetric Cryptography

  • (Locked)
    Rivest, Shamir, Adleman (RSA)

    2m 47s
  • (Locked)
    PGP and GnuPG

    10m 47s
  • (Locked)
    Elliptic-curve and quantum cryptography

    2m 46s
  • (Locked)
    Tor and perfect forward secrecy

    5m 23s
• 9. Key Management 9. Key Management

  • (Locked)
    Key exchange

    2m 42s
  • (Locked)
    Diffie-Hellman

    4m 33s
  • (Locked)
    Key escrow

    2m 55s
  • (Locked)
    Key stretching

    1m 43s
  • (Locked)
    Hardware security modules

    3m 2s
• 10. Public Key Infrastructure 10. Public Key Infrastructure

  • (Locked)
    Trust models

    2m 52s
  • (Locked)
    PKI and digital certificates

    4m 5s
  • (Locked)
    Hash functions

    7m 38s
  • (Locked)
    Digital signatures

    3m 50s
  • (Locked)
    Digital signature standard

    1m 27s
  • (Locked)
    Create a digital certificate

    4m 55s
  • (Locked)
    Revoke a digital certificate

    1m 28s
  • (Locked)
    Certificate stapling

    2m 29s
  • (Locked)
    Certificate authorities

    6m 13s
  • (Locked)
    Certificate subjects

    3m 35s
  • (Locked)
    Certificate types

    2m 55s
  • (Locked)
    Certificate formats

    2m 30s
• 11. Cryptographic Applications 11. Cryptographic Applications

  • (Locked)
    TLS and SSL

    3m 38s
  • (Locked)
    Blockchain

    1m 45s
• 12. Domain 2: Threats, Vulnerabilities, and Mitigations 12. Domain 2: Threats, Vulnerabilities, and Mitigations

  • Threats, vulnerabilities, and mitigations

    2m 9s
• 13. Understanding Vulnerability Types 13. Understanding Vulnerability Types

  • (Locked)
    Vulnerability impact

    5m 16s
  • (Locked)
    Supply chain vulnerabilities

    4m 23s
  • (Locked)
    Configuration vulnerabilities

    3m 44s
  • (Locked)
    Architectural vulnerabilities

    2m 3s
• 14. Malware 14. Malware

  • (Locked)
    Comparing viruses, worms, and trojans

    5m 20s
  • (Locked)
    Malware payloads

    3m 51s
  • (Locked)
    Understanding backdoors and logic bombs

    3m 56s
  • (Locked)
    Looking at advanced malware

    2m 58s
  • (Locked)
    Understanding botnets

    2m 54s
  • (Locked)
    Malicious script execution

    2m 44s
• 15. Understanding Attackers 15. Understanding Attackers

  • (Locked)
    Cybersecurity adversaries

    4m 19s
  • (Locked)
    Attacker motivations

    2m 40s
  • (Locked)
    Preventing insider threats

    2m 43s
  • (Locked)
    Attack vectors

    3m 59s
  • (Locked)
    Zero-day attacks

    3m 25s
• 16. Social Engineering Attacks 16. Social Engineering Attacks

  • (Locked)
    Social engineering

    5m 29s
  • (Locked)
    Impersonation attacks

    4m 39s
  • (Locked)
    Identity fraud and pretexting

    2m 56s
  • (Locked)
    Watering hole attacks

    2m 33s
  • (Locked)
    Physical social engineering

    2m 31s
  • (Locked)
    Business email compromise

    2m 1s
  • (Locked)
    Misinformation and disinformation

    1m 59s
• 17. Password Attacks 17. Password Attacks

  • (Locked)
    Password attacks

    8m 12s
  • (Locked)
    Password spraying and credential stuffing

    1m 47s
• 18. Application Attacks 18. Application Attacks

  • (Locked)
    Preventing SQL injection

    4m 25s
  • (Locked)
    Understanding cross-site scripting

    3m 17s
  • (Locked)
    Request forgery

    4m 8s
  • (Locked)
    Overflow attacks

    3m 21s
  • (Locked)
    Explaining cookies and attachments

    4m 7s
  • (Locked)
    Session hijacking

    4m 8s
  • (Locked)
    Code execution attacks

    2m 43s
  • (Locked)
    Privilege escalation

    1m 56s
  • (Locked)
    OWASP Top Ten

    4m 45s
  • (Locked)
    Application security

    4m 3s
  • (Locked)
    Defending against directory traversal

    3m 4s
  • (Locked)
    Race condition vulnerabilities

    2m 13s
• 19. Cryptanalytic Attacks 19. Cryptanalytic Attacks

  • (Locked)
    Brute force attacks

    2m 57s
  • (Locked)
    Knowledge-based attacks

    2m 41s
  • (Locked)
    Limitations of encryption algorithms

    2m 42s
• 20. Network Attacks 20. Network Attacks

  • (Locked)
    Denial-of-service attacks

    4m 15s
  • (Locked)
    Eavesdropping attacks

    4m 12s
  • (Locked)
    DNS attacks

    3m 30s
  • (Locked)
    Wireless attacks

    2m 54s
  • (Locked)
    Propagation attacks

    4m 19s
  • (Locked)
    Preventing rogues and evil twins

    2m 50s
  • (Locked)
    Disassociation attacks

    2m 10s
  • (Locked)
    Understanding Bluetooth attacks

    1m 23s
  • (Locked)
    RFID security

    2m 17s
• 21. Attack Indicators 21. Attack Indicators

  • (Locked)
    Attack indicators

    2m 42s
• 22. Domain 3: Security Architecture 22. Domain 3: Security Architecture

  • Security architecture

    1m 58s
• 23. Cloud Computing 23. Cloud Computing

  • (Locked)
    What is the cloud?

    3m 53s
  • (Locked)
    Cloud computing roles

    2m 35s
  • (Locked)
    Drivers for cloud computing

    3m 17s
  • (Locked)
    Multitenant computing

    2m 15s
  • (Locked)
    Cloud considerations

    2m 14s
  • (Locked)
    Security service providers

    2m 38s
• 24. Virtualization 24. Virtualization

  • (Locked)
    Virtualization

    4m 48s
  • (Locked)
    Desktop and application virtualization

    2m 38s
• 25. Cloud Building Blocks 25. Cloud Building Blocks

  • (Locked)
    Cloud compute resources

    7m 52s
  • (Locked)
    Cloud storage

    3m 2s
  • (Locked)
    Cloud networking

    2m 30s
  • (Locked)
    Cloud databases

    1m 56s
  • (Locked)
    Cloud orchestration

    2m 18s
  • (Locked)
    Containers

    1m 58s
  • (Locked)
    SOA and microservices

    1m 39s
• 26. Cloud Activities 26. Cloud Activities

  • (Locked)
    Cloud activities and the cloud reference architecture

    2m 48s
  • (Locked)
    Cloud deployment models

    2m 45s
  • (Locked)
    Cloud service categories

    4m 41s
  • (Locked)
    Security and privacy concerns in the cloud

    2m 51s
  • (Locked)
    Data sovereignty

    2m 37s
  • (Locked)
    Operational concerns in the cloud

    3m 37s
• 27. Cloud Security Controls 27. Cloud Security Controls

  • (Locked)
    Cloud firewall considerations

    3m 7s
  • (Locked)
    Cloud application security

    4m 10s
  • (Locked)
    Cloud provider security controls

    2m 17s
• 28. TCP/IP Networking 28. TCP/IP Networking

  • (Locked)
    Introducing TCP/IP

    5m 6s
  • (Locked)
    IP addresses and DHCP

    3m 55s
  • (Locked)
    Domain Name System (DNS)

    4m 22s
  • (Locked)
    Network ports

    3m 37s
  • (Locked)
    ICMP

    3m 16s
• 29. Secure Network Design 29. Secure Network Design

  • (Locked)
    Security zones

    3m 38s
  • (Locked)
    VLANs and network segmentation

    1m 36s
  • (Locked)
    Security device placement

    6m 17s
  • (Locked)
    Software-defined networking (SDN)

    3m 49s
• 30. Network Security Devices 30. Network Security Devices

  • (Locked)
    Routers, switches, and bridges

    3m 6s
  • (Locked)
    Firewalls

    5m 50s
  • (Locked)
    Web application firewalls

    3m 7s
  • (Locked)
    Proxy servers

    2m 41s
  • (Locked)
    Load balancers

    4m 9s
  • (Locked)
    VPNs and VPN concentrators

    4m 29s
  • (Locked)
    Network intrusion detection and prevention

    4m 58s
  • (Locked)
    Protocol analyzers

    8m 57s
  • (Locked)
    Unified threat management

    1m 57s
  • (Locked)
    Failure modes

    1m 47s
• 31. Network Security Techniques 31. Network Security Techniques

  • (Locked)
    Restricting network access

    2m 8s
  • (Locked)
    Network access control

    4m 30s
  • (Locked)
    Router configuration security

    4m 5s
  • (Locked)
    Switch configuration security

    3m 42s
  • (Locked)
    Maintaining network availability

    2m 32s
  • (Locked)
    Network monitoring

    3m 41s
  • (Locked)
    SNMP

    2m 54s
  • (Locked)
    Isolating sensitive systems

    2m
  • (Locked)
    Zero trust networking

    4m 9s
  • (Locked)
    Secure access service edge (SASE)

    3m 50s
• 32. Embedded Systems Security 32. Embedded Systems Security

  • (Locked)
    Industrial control systems

    5m 8s
  • (Locked)
    Internet of Things

    3m 6s
  • (Locked)
    Securing smart devices

    3m 7s
  • (Locked)
    Secure networking for smart devices

    2m 23s
  • (Locked)
    Embedded systems

    4m 29s
• 33. Data Protection 33. Data Protection

  • (Locked)
    Understanding data security

    2m 18s
  • (Locked)
    Data types

    2m 6s
  • (Locked)
    Data anonymization

    2m 58s
  • (Locked)
    Data obfuscation

    2m 3s
  • (Locked)
    Information classification

    3m 12s
• 34. Resilience and Recovery 34. Resilience and Recovery

  • (Locked)
    Business continuity planning

    3m 10s
  • (Locked)
    Business continuity controls

    3m 32s
  • (Locked)
    High availability and fault tolerance

    5m 10s
  • (Locked)
    Disaster recovery

    4m 24s
  • (Locked)
    Backups

    5m 18s
  • (Locked)
    Restoring backups

    2m 11s
  • (Locked)
    Disaster recovery sites

    3m 16s
  • (Locked)
    Testing BC/DR plans

    2m 26s
  • (Locked)
    Capacity planning

    1m 30s
• 35. Domain 4: Security Operations 35. Domain 4: Security Operations

  • Security operations

    2m 59s
• 36. Data Security Controls 36. Data Security Controls

  • (Locked)
    Developing security baselines

    4m 13s
  • (Locked)
    Leveraging industry standards

    1m 52s
  • (Locked)
    Customizing security standards

    2m 14s
• 37. Host Security 37. Host Security

  • (Locked)
    Operating system security

    8m 44s
  • (Locked)
    Malware prevention

    7m 25s
  • (Locked)
    Application management

    3m 46s
  • (Locked)
    Host-based network security controls

    7m 44s
  • (Locked)
    File integrity monitoring

    4m 9s
  • (Locked)
    Data loss prevention

    5m 17s
  • (Locked)
    Data encryption

    5m 39s
  • (Locked)
    Hardware and firmware security

    5m 24s
  • (Locked)
    Linux file permissions

    4m 2s
  • (Locked)
    Web content filtering

    1m 47s
• 38. Configuration Enforcement 38. Configuration Enforcement

  • (Locked)
    Change management

    2m 21s
  • (Locked)
    Configuration management

    2m 31s
  • (Locked)
    Physical asset management

    3m 8s
  • (Locked)
    Disposal and decommissioning

    3m 4s
• 39. Mobile Device Security 39. Mobile Device Security

  • (Locked)
    Mobile connection methods

    2m 36s
  • (Locked)
    Mobile device security

    2m 27s
  • (Locked)
    Mobile device management

    6m 17s
  • (Locked)
    Mobile device tracking

    3m 5s
  • (Locked)
    Mobile application security

    3m 54s
  • (Locked)
    Mobile security enforcement

    3m 54s
  • (Locked)
    Bring your own device (BYOD)

    4m 35s
  • (Locked)
    Mobile deployment models

    2m 54s
• 40. Wireless Networking 40. Wireless Networking

  • (Locked)
    Understanding wireless networking

    2m 56s
  • (Locked)
    Wireless encryption

    2m 52s
  • (Locked)
    Wireless authentication

    4m 42s
  • (Locked)
    RADIUS

    2m 18s
  • (Locked)
    Wireless signal propagation

    2m 48s
  • (Locked)
    Wireless networking equipment

    1m 43s
• 41. Code Security 41. Code Security

  • (Locked)
    Code review

    2m 40s
  • (Locked)
    Software testing

    2m 44s
  • (Locked)
    Code security tests

    2m 15s
  • (Locked)
    Fuzz testing

    6m 48s
  • (Locked)
    Acquired software

    2m 57s
  • (Locked)
    Package monitoring

    1m 1s
• 42. Threat Intelligence 42. Threat Intelligence

  • (Locked)
    Threat intelligence

    3m 21s
  • (Locked)
    Intelligence sharing

    2m 6s
  • (Locked)
    Threat hunting

    3m 50s
• 43. Vulnerability Management 43. Vulnerability Management

  • (Locked)
    What is vulnerability management?

    5m 2s
  • (Locked)
    Identify scan targets

    4m 24s
  • (Locked)
    Scan configuration

    5m 20s
  • (Locked)
    Scan perspective

    4m 24s
  • (Locked)
    Security Content Automation Protocol (SCAP)

    2m 27s
  • (Locked)
    Common Vulnerability Scoring System (CVSS )

    3m 31s
  • (Locked)
    Analyzing scan reports

    4m 37s
  • (Locked)
    Correlating scan results

    2m 20s
  • (Locked)
    Vulnerability response and remediation

    2m 14s
• 44. Penetration Testing and Exercises 44. Penetration Testing and Exercises

  • (Locked)
    Penetration testing

    6m 1s
  • (Locked)
    Responsible disclosure

    3m
  • (Locked)
    Bug bounty

    3m 48s
• 45. Security Alerting, Monitoring, and Automation 45. Security Alerting, Monitoring, and Automation

  • (Locked)
    Logging security information

    5m 30s
  • (Locked)
    Security information and event management

    4m 8s
  • (Locked)
    Monitoring activities

    2m 59s
  • (Locked)
    Endpoint monitoring

    2m 56s
  • (Locked)
    Automation and orchestration

    4m 46s
• 46. Secure Protocols 46. Secure Protocols

  • (Locked)
    TLS and SSL

    5m 4s
  • (Locked)
    IPSec

    2m 49s
  • (Locked)
    Securing common protocols

    8m 1s
  • (Locked)
    DKIM, DMARC, and SPF

    5m 38s
  • (Locked)
    Email gateways

    1m 21s
• 47. Identification 47. Identification

  • (Locked)
    Identification, authentication, authorization, and accounting

    3m 34s
  • (Locked)
    Usernames and access cards

    3m 23s
  • (Locked)
    Biometrics

    2m 42s
  • (Locked)
    Registration and identity proofing

    4m 10s
• 48. Authentication 48. Authentication

  • (Locked)
    Authentication factors

    3m 26s
  • (Locked)
    Multifactor authentication

    2m 17s
  • (Locked)
    Something you have

    4m 24s
  • (Locked)
    Password policy

    4m 19s
  • (Locked)
    Password managers

    2m 3s
  • (Locked)
    Passwordless authentication

    3m 23s
  • (Locked)
    Single sign-on and federation

    3m 9s
  • (Locked)
    Kerberos and LDAP

    5m 18s
  • (Locked)
    SAML

    2m 35s
  • (Locked)
    OAUTH and OpenID Connect

    2m 55s
  • (Locked)
    Certificate-based authentication

    5m 25s
• 49. Authorization 49. Authorization

  • (Locked)
    Understanding authorization

    4m 3s
  • (Locked)
    Mandatory access controls

    2m 28s
  • (Locked)
    Discretionary access controls

    2m 28s
  • (Locked)
    Access control lists

    4m 50s
  • (Locked)
    Advanced authorization concepts

    5m 18s
• 50. Account Management 50. Account Management

  • (Locked)
    Understanding account and privilege management

    3m 8s
  • (Locked)
    Privileged access management

    3m 45s
  • (Locked)
    Provisioning and deprovisioning

    3m 47s
• 51. Incident Response 51. Incident Response

  • (Locked)
    Build an incident response program

    4m 13s
  • (Locked)
    Incident identification

    4m 26s
  • (Locked)
    Escalation and notification

    2m 29s
  • (Locked)
    Mitigation

    2m 22s
  • (Locked)
    Containment techniques

    3m
  • (Locked)
    Incident eradication and recovery

    5m 1s
  • (Locked)
    Post-incident activities

    3m 49s
  • (Locked)
    Incident response training and testing

    1m 13s
• 52. Digital Forensics 52. Digital Forensics

  • (Locked)
    Introduction to forensics

    3m 21s
  • (Locked)
    System and file forensics

    4m 26s
  • (Locked)
    Chain of custody

    1m 50s
  • (Locked)
    E-discovery and evidence production

    3m 3s
  • (Locked)
    Investigation data sources

    2m 47s
• 53. Domain 5: Security Program Management and Oversight 53. Domain 5: Security Program Management and Oversight

  • Security program management and oversight

    1m 52s
• 54. Security Policies 54. Security Policies

  • (Locked)
    Security policy framework

    4m 34s
  • (Locked)
    Security policies

    5m 7s
  • (Locked)
    Security standards

    1m 27s
  • (Locked)
    Security procedures

    1m 22s
  • (Locked)
    Policy monitoring and revision

    1m 23s
  • (Locked)
    Policy considerations

    1m 11s
• 55. Security Governance 55. Security Governance

  • (Locked)
    Security governance structures

    2m 56s
  • (Locked)
    Data security roles

    3m 38s
• 56. Risk Analysis 56. Risk Analysis

  • (Locked)
    Risk assessment

    5m 51s
  • (Locked)
    Quantitative risk assessment

    6m 10s
  • (Locked)
    Business impact analysis

    2m 12s
  • (Locked)
    Risk treatment options

    6m
  • (Locked)
    Risk visibility and reporting

    2m 57s
  • (Locked)
    Ongoing risk assessment

    2m 25s
  • (Locked)
    Security metrics

    3m 24s
• 57. Supply Chain Risk 57. Supply Chain Risk

  • (Locked)
    Managing vendor relationships

    4m 12s
  • (Locked)
    Vendor agreements

    3m 49s
  • (Locked)
    Vendor information management

    1m 41s
• 58. Privacy and Compliance 58. Privacy and Compliance

  • (Locked)
    Legal and compliance risks

    2m 19s
  • (Locked)
    Compliance monitoring and reporting

    3m 16s
• 59. Auditing 59. Auditing

  • (Locked)
    Audits and assessments

    5m 15s
• 60. Conclusion 60. Conclusion

  • (Locked)
    Continuing Your Studies

    22s