Scroll to top button

SY0-401 : CompTIA Security+ (Course & Lab)

CompTIA Security+ (Course & Lab)
ISBN : 978-1-61691-516-2
Gain hands-on expertise in CompTIA Security+ certification exam by CompTIA Security+ course and performance-based labs. Performance-based labs simulate real-world, hardware, software & command line interface environments and can be mapped to any text-book, course & training. CompTIA Security course and performance-based labs cover all the objectives of CompTIA Security+ SY0-401 exam which include the application of security controls to maintain confidentiality, integrity, and availability; identification of appropriate technologies and products; troubleshooting security events and incidents, and much more. CompTIA Security+ is an entry-level, international, vendor-neutral credential designed for IT security professionals to identify risk, participate in risk mitigation activities, provide infrastructure, information, operational, and application security.


uCertify uses content from well known publishers, instructors, and subject matter experts. They have a minimum of 15 years of experience in their fields. uCertify brings these textbooks to life. It is full of interactive activities that keep the learner engaged. uCertify brings all available learning resources for a topic in one place so that the learner can efficiently learn without going to multiple places. Challenge questions are also embedded in the chapters so learners can attempt those while they are learning about that particular topic. This helps them grasp the concepts better because they can go over it again right away which improves learning. At the end of every lesson, uCertify courses guide the learners on the path they should follow.

uCertify platform supports 50+ different types of interactive activities, connect the idea, or try it yourself lab activities embedded throughout its course. These interactive activities keep learners engaged and make learning fun.

Here's What You Get

Exercises Flashcards Quizzes Glossary

Each lesson comes with Exercises, Flashcards & Quizzes. There is no limit to the number of times learners can attempt these. Exercises come with detailed remediation, which ensures that learners are confident on the topic before proceeding. Flashcards help master the key concepts. Glossary defines the key terms.

Exercise Questions
Glossary of terms
Videos and How To..

uCertify course includes videos to help understand concepts. It also includes How Tos that help learners with how to accomplish certain tasks.


Test Prep & Practice Questions

uCertify provides full length practice tests. These tests closely follow the exam objectives and are designed to simulate real exam conditions. Each course has a number of test sets consisting of hundreds of items to ensure that learners are prepared for the certification exam.

Here's What You Get

Pre-assessments Questions
Full Length Tests
Post-Assessments Questions


Full Remediation

Each question comes with detailed remediation explaining not only why an answer option is correct but also why the incorrect answer options are incorrect.

Unlimited Practice

Each test can be taken unlimited number of times until the learner feels they are prepared. Learner can review the test and read detailed remediation. Detailed test history is also available.

Learn, Test and Review Mode

Each test set comes with learn, test and review modes. In learn mode, learners will attempt a question and will get immediate feedback and complete remediation as they move on to the next question. In test mode, learners can take a timed test simulating the actual exam conditions. In review mode, learners can read through one item at a time without attempting it.


Online labs can be used to supplement training. uCertify labs are an inexpensive & safe way to explore and learn. uCertify labs are versatile - labs simulate real-world, hardware, software & command line interface environments and can be mapped to any text-book, course & training.

Here's What You Get

Performance based lab
Video tutorials

Hands on Activities

Measuring and Weighing Risk  

  • Identifying risk actions
  • Identifying service associated with cloud computing
  • Understanding measures of risk calculation
  • Understanding key areas of policy implementation
  • Identifying areas to consider for the business policy
  • Downloading the Windows 7 service pack
  • Identifying key aspects of standard documents

Monitoring and Diagnosing Networks

  • Viewing different event details
  • Viewing the current version of BIOS
  • Identifying methods of updating an operating system
  • Understanding methods of OS hardening
  • Installing the Web Server IIS server role
  • Configuring NPS Accounting
  • Creating a network bridge
  • Deleting the web browsing history
  • Checking the integrity of messages through MAC values
  • Understanding security posture methods
  • Understanding key areas of reporting

Understanding Devices and Infrastructure

  • Understanding email protocols
  • Viewing the ARP table
  • Identifying TCP/IP architecture layer protocols
  • Understanding application layer protocols
  • Understanding Internet layer protocols
  • Understanding TCP/IP protocols
  • Identifying TCP ports
  • Identifying ports and services
  • Identifying primary areas of security topologies
  • Understanding protocols
  • Identifying the tunnel
  • Identifying technologies to create less vulnerable networks
  • Understanding the network infrastructure devices
  • Spotting the intranet network
  • Identifying Intrusion detection key terms
  • Understanding passive responses of intrusion
  • Identifying device for network connectivity
  • Identifying PBX system layers
  • Understanding router protocols
  • Identifying sequence in which the IDS instructs the TCP to reset connections
  • Understanding the network devices
  • Configuring the settings in Content Advisor
  • Working with a host-based IDS
  • Joining SpyNet community using Windows Defender
  • Scanning the computer
  • Viewing the update history and details
  • Identifying types of firewall

Access Control, Authentication, and Authorization

  • Identifying policies
  • Viewing disk configuration
  • Identifying authentication protocols
  • Creating a hash rule in Windows Server 2012
  • Customizing group and user access with MMC
  • Turning off the guest account
  • Enabling BitLocker
  • Managing the certificate server using the mmc tool
  • Configuring NPS to provide RADIUS authentication
  • Identifying tunneling protocols
  • Configuring NPS network policy
  • Understanding LDAP names
  • Identifying authentication services
  • Enabling the network policy server
  • Identifying types of authentication services
  • Identifying access control methods
  • Performing XArp software installation
  • Protecting a computer by blocking communications
  • Creating a new inbound rule
  • Blocking a connection
  • Understanding evaluation assurance levels
  • Viewing the Generate Random Password screenshot

Protecting Wireless Networks

  • Identifying wireless protocols
  • Understanding technologies used to communicate in the 802.11 standard
  • Enabling LMHOSTS lookup
  • Understanding WAP security levels
  • Configuring wireless network settings

Securing the Cloud

  • Identifying cloud computing service models
  • Understanding cloud models
  • Understanding primary virtualization topics

Host, Data, and Application Security

  • Understanding models for improving system performance
  • Configuring IE settings to avoid disruption in computer operations
  • Configuring Windows firewall settings
  • Identifying types of system attack
  • Identifying causes of compromised security
  • Downloading and installing the Avast antivirus, and scanning the system
  • Installing the FTP server under the Web Server role
  • Creating DNS domains
  • Configuring pop-up blocker settings
  • Editing a virtual hard disk file


  • Mounting and dismounting an encrypted volume
  • Identifying asymmetric algorithms
  • Identifying hashing algorithm
  • Understanding PKCS standards
  • Identifying approaches of non-mathematical cryptography
  • Creating a virtual volume
  • Encrypting and decrypting a message
  • Encrypting and decrypting a message using the RSA algorithm
  • Identifying protocols for secure connections
  • Creating and backing up an encryption certificate
  • Backing up an encryption certificate and key
  • Viewing memory usage of programs
  • Adding counters
  • Encrypting a picture
  • Understanding public cryptographic initiatives
  • Adding the Active Directory Certificate Services role
  • Understanding trust models
  • Identifying the authority process
  • Examining certificate details
  • Examining the Microsoft Root Authority certificate details
  • Understanding PKI trust models
  • Installing a subordinate Certification Authority

Malware, Vulnerabilities, and Threats

  • Identifying the filename extension
  • Identifying types of malware
  • Viewing the running processes of all the users
  • Identifying types of viruses
  • Understanding classification of viruses
  • Understanding code-breaking techniques
  • Identifying attacks
  • Identifying social engineering attacks
  • Determining vulnerability of a network to attacks
  • Understanding web-based applications
  • Understanding types of application attacks
  • Identifying security factors
  • Preventing IP address spoofing
  • Identifying vulnerability scanning tasks

Social Engineering and Other Foes

  • Identifying physical security devices
  • Configuring account time limits
  • Identifying retardants of fire extinguishers
  • Identifying measures for spamming protection
  • Sharing a folder with a different user on a single computer

Security Administration

  • Viewing details of an event in Windows Server
  • Understanding information categories
  • Identifying Information models
  • Understanding acts to ensure privacy of information
  • Understanding security measures for mobile devices

Disaster Recovery and Incident Response

  • Identifying storage mechanism
  • Identifying auditing processes
  • Identifying backup types
  • Understanding backup plans
  • Identifying various alternate site
  • Identifying steps to be followed on occurrence of an incident
  • Identifying SLAs measures
  • Identifying testing types
  • Identifying ethical hacking approaches
  • Performing penetration testing

Video Tutorials

Exam Information

CompTIA Security+ is a standalone certification from CompTIA with the exam code SY0-401. This certification covers the most important principles for securing a network and managing risk. The CompTIA Network+ certification is recommended before taking the Security+ exam.

Prepare for the following certification

Career Prospects
  • Security Engineer
  • Network Administrator
  • IA Technician or Manager
  • Security Consultant/Specialist
Exam FAQs
What are the prerequisites for this exam?
While there are no official prerequisites for the SY0-401 exam, both CompTIA and uCertify strongly recommend candidates to have minimum of two years of experience in IT administration with a focus on security.
What is the exam registration fee?
USD 320

Pricing and taxes may vary from country to country.

Where do I take the exam?
The SY0-401 exam is administered by Pearson VUE at testing centers worldwide. Click here to find a testing center near you.
What is the format of the exam?
Multiple choice and performance-based
How many questions are asked in the exam?
The exam contains 90 questions.
What is the duration of the exam?
90 minutes
What is the passing score?

(on a scale of 100-900)

What is the exam's retake policy?

SY0-401 examination, CompTIA's retake policy is:

  • CompTIA does not require a waiting period between the first and second attempt to pass such examination. However, if you need a third or subsequent attempt to pass the examination, you shall be required to wait for a period of at least fourteen calendar days from the date of your last attempt before you can retake the exam.
  • If a candidate has passed an exam, he/she cannot take it again without prior consent from CompTIA.
  • A test result found to be in violation of the retake policy will not be processed, which will result in no credit awarded for the test taken. Repeat violators will be banned from participation in the CompTIA Certification Program.
  • Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer free re-tests or discounts on retakes.
What is the validity of the certification?
CompTIA Security+ certification are valid for three years from the date the candidate is certified, after which the certification holder will need to renew their certification via CompTIA's Continuing Education Program.
Where can I find more information about this exam?
To know more about the SY0-401-complete, click here.

Table of Content

Here's What you will Learn

Lesson 1: Measuring and Weighing Risk  

  • Risk Assessment 
  • Developing Policies, Standards, and Guidelines
  • Summary
  • Exam Essentials

Lesson 2: Monitoring and Diagnosing Networks

  • Monitoring Networks
  • Understanding Hardening 
  • Securing the Network
  • Security Posture
  • Reporting Security Issues
  • Differentiating between Detection Controls and Prevention Controls
  • Summary
  • Exam Essentials

Lesson 3: Understanding Devices and Infrastructure

  • Mastering TCP/IP
  • Designing a Secure Network
  • Understanding the Various Network Infrastructure Devices
  • Summary
  • Exam Essentials

Lesson 4: Access Control, Authentication, and Authorization

  • Understanding Access Control Basics
  • Understanding Remote Access Connectivity
  • Understanding Authentication Services
  • Understanding Access Control
  • Implementing Access Controlling Best Practices
  • Summary
  • Exam Essentials

Lesson 5: Protecting Wireless Networks

  • Working with Wireless Systems
  • Understanding Wireless Devices
  • Wireless Vulnerabilities to Know
  • Summary
  • Exam Essentials

Lesson 6: Securing the Cloud

  • Working with Cloud Computing
  • Working with Virtualization
  • Security and the Cloud
  • Summary
  • Exam Essentials

Lesson 7: Host, Data, and Application Security

  • Application Hardening
  • Host Security
  • Protecting Data Through Fault Tolerance
  • Application Security
  • Best Practices for Security
  • Summary
  • Exam Essentials

Lesson 8: Cryptography

  • An Overview of Cryptography
  • Modern Cryptography
  • Using Cryptographic Systems
  • Understanding Cryptography Standards and Protocols
  • Using Public Key Infrastructure
  • Summary
  • Exam Essentials

Lesson 9: Malware, Vulnerabilities, and Threats

  • Understanding Malware
  • Surviving Viruses
  • Understanding Various Types of Attacks
  • Identifying Types of Application Attacks
  • Tools for Finding Threats
  • Summary
  • Exam Essentials

Lesson 10: Social Engineering and Other Foes

  • Understanding Social Engineering
  • Understanding Physical Security
  • Environmental Controls
  • Control Types
  • Data Policies
  • Summary
  • Exam Essentials

Lesson 11: Security Administration

  • Third-Party Integration
  • Understanding Security Awareness and Training
  • Classifying Information
  • Information Access Controls
  • Complying with Privacy and Security Regulations
  • Mobile Devices
  • Alternative Methods to Mitigate Security Risks
  • Summary
  • Exam Essentials

Lesson 12: Disaster Recovery and Incident Response

  • Issues Associated with Business Continuity
  • Reinforcing Vendor Support
  • Penetration Testing
  • Summary
  • Exam Essentials

Lesson 13: Video Tutorials

  • Introduction
  • Security Fundamentals and Controls
  • Security and Risk
  • Business Continuity and Load Balancing
  • Threats, Vulnerabilities, and Assessment Tools
  • Application, Data, and Host Security
  • Access Control and Identity Management
  • Security Controls and Cryptography
  • Virtual Private Networks
  • Conclusion

Copyright © 2002-2017 uCertify / All Rights Reserved.