Scroll to top button

CompTIA Security+ (Course & Lab)

ISBN : 9781616915162

Start preparing for CompTIA Security+ certification exam with CompTIA Security+ course and performance-based labs. Performance-based labs simulate real-world, hardware, software & command line interface environments and can be mapped to any text-book, course & training. CompTIA Security course and performance-based labs cover all the objectives of CompTIA Security+ SY0-401 exam which include the application of security controls to maintain confidentiality, integrity, and availability; identification of appropriate technologies and products; troubleshooting security events and incidents, and much more. 

CompTIA Security+ is a standalone certification from CompTIA with the exam code SY0-401. This certification covers the most important principles for securing a network and managing risk. The CompTIA Network+ certification is recommended before taking the Security+ exam. CompTIA Security+ is an entry-level, international, vendor-neutral credential designed for IT security professionals to identify risk, participate in risk mitigation activities, provide infrastructure, information, operational, and application security.

Glossary of terms
Pre Assessment Questions
Post Assessment Questions
Performance lab
Video tutorials

Videos and How To

uCertify course includes videos to help understand concepts. It also includes How Tos that help learners with how to accomplish certain tasks.

Video Lessons
Exam related FAQs
What are the prerequisites for this exam? CompTIA Network+ and two years of experience in IT administration with a focus on security.
What is the exam registration fee? USD 330
Where do I take the exam? Pearson VUE
What is the format of the exam? Multiple choice and performance-based
How many questions are asked in the exam? The exam contains 90 questions.
What is the duration of the exam? 90 minutes
What is the passing score? 750

(on a scale of 0-900)

What is the exam's retake policy?

In the event that you fail your first attempt at passing the SY0-401 examination, CompTIA's retake policy is:

  1. CompTIA does not require a waiting period between the first and second attempt to pass such examination. However, if you need a third or subsequent attempt to pass the examination, you shall be required to wait for a period of at least 14 calendar days from the date of your last attempt before you can retake the exam.
  2. If a candidate has passed an exam, he/she cannot take it again without prior consent from CompTIA.
  3. A test result found to be in violation of the retake policy will not be processed, which will result in no credit awarded for the test taken. Repeat violators will be banned from participation in the CompTIA Certification Program.
  4. Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer free re-tests or discounts on retakes.
What is the validity of the certification? CompTIA Security+ certification are valid for three years from the date the candidate is certified, after which the certification holder will need to renew their certification via CompTIA's Continuing Education Program.
Where can I find more information about this exam? To know more about the SY0-401-complete, click here.
Which certification covers this exam?
What are the career opportunities after passing this exam?
  • Security Engineer
  • Network Administrator
  • IA Technician or Manager
  • Security Consultant/Specialist
  • Risk Assessment
  • Developing Policies, Standards, and Guidelines
  • Summary
  • Exam Essentials
  • Monitoring Networks
  • Understanding Hardening
  • Securing the Network
  • Security Posture
  • Reporting Security Issues
  • Differentiating between Detection Controls and Prevention Controls
  • Summary
  • Exam Essentials
  • Mastering TCP/IP
  • Designing a Secure Network
  • Understanding the Various Network Infrastructure Devices
  • Summary
  • Exam Essentials
  • Understanding Access Control Basics
  • Understanding Remote Access Connectivity
  • Understanding Authentication Services
  • Understanding Access Control
  • Implementing Access Controlling Best Practices
  • Summary
  • Exam Essentials
  • Working with Wireless Systems
  • Understanding Wireless Devices
  • Wireless Vulnerabilities to Know
  • Summary
  • Exam Essentials
  • Working with Cloud Computing
  • Working with Virtualization
  • Security and the Cloud
  • Summary
  • Exam Essentials
  • Application Hardening
  • Host Security
  • Protecting Data Through Fault Tolerance
  • Application Security
  • Best Practices for Security
  • Summary
  • Exam Essentials
  • An Overview of Cryptography
  • Modern Cryptography
  • Using Cryptographic Systems
  • Understanding Cryptography Standards and Protocols
  • Using Public Key Infrastructure
  • Summary
  • Exam Essentials
  • Understanding Malware
  • Surviving Viruses
  • Understanding Various Types of Attacks
  • Identifying Types of Application Attacks
  • Tools for Finding Threats
  • Summary
  • Exam Essentials
  • Understanding Social Engineering
  • Understanding Physical Security
  • Environmental Controls
  • Control Types
  • Data Policies
  • Summary
  • Exam Essentials
  • Third-Party Integration
  • Understanding Security Awareness and Training
  • Classifying Information
  • Information Access Controls
  • Complying with Privacy and Security Regulations
  • Mobile Devices
  • Alternative Methods to Mitigate Security Risks
  • Summary
  • Exam Essentials
  • Issues Associated with Business Continuity
  • Reinforcing Vendor Support
  • Penetration Testing
  • Summary
  • Exam Essentials
  • Introduction
  • Security Fundamentals and Controls
  • Security and Risk
  • Business Continuity and Load Balancing
  • Threats, Vulnerabilities, and Assessment Tools
  • Application, Data, and Host Security
  • Access Control and Identity Management
  • Security Controls and Cryptography
  • Virtual Private Networks
  • Conclusion

Hands on Activities (Labs)

  • Identifying risk actions
  • Identifying service associated with cloud computing
  • Understanding measures of risk calculation
  • Understanding key areas of policy implementation
  • Identifying areas to consider for the business policy
  • Downloading the Windows 7 service pack
  • Identifying key aspects of standard documents
  • Identifying policies
  • Viewing different event details
  • Viewing details of an event in Windows Server
  • Viewing the current version of BIOS
  • Understanding methods of OS hardening
  • Installing the Web Server IIS server role
  • Sharing a folder with a different user on a single computer
  • Configuring NPS Accounting
  • Creating a network bridge
  • Deleting the web browsing history
  • Understanding security posture methods
  • Understanding key areas of reporting
  • Understanding email protocols
  • Viewing the ARP table
  • Identifying TCP/IP architecture layer protocols
  • Understanding application layer protocols
  • Understanding Internet layer protocols
  • Understanding TCP/IP protocols
  • Identifying TCP ports
  • Identifying ports and services
  • Identifying primary areas of security topologies
  • Understanding protocols
  • Identifying the tunnel
  • Identifying technologies to create less vulnerable networks
  • Understanding the network infrastructure devices
  • Spotting the intranet network
  • Identifying Intrusion detection key terms
  • Understanding passive responses of intrusion
  • Identifying device for network connectivity
  • Identifying PBX system layers
  • Understanding router protocols
  • Identifying sequence in which the IDS instructs the TCP to reset connections
  • Understanding the network devices
  • Configuring the settings in Content Advisor
  • Working with a host-based IDS
  • Joining SpyNet community using Windows Defender
  • Scanning the computer
  • Viewing the update history and details
  • Identifying types of firewall
  • Viewing disk configuration
  • Identifying authentication protocols
  • Creating a hash rule in Windows Server 2012
  • Customizing group and user access with MMC
  • Turning off the guest account
  • Viewing the Generate Random Password screenshot
  • Configuring NPS to provide RADIUS authentication
  • Identifying tunneling protocols
  • Configuring NPS network policy
  • Understanding LDAP names
  • Identifying authentication services
  • Enabling the network policy server
  • Identifying types of authentication services
  • Identifying access control methods
  • Performing XArp software installation
  • Protecting a computer by blocking communications
  • Blocking a connection
  • Understanding evaluation assurance levels
  • Configuring account time limits
  • Identifying wireless protocols
  • Understanding technologies used to communicate in the 802.11 standard
  • Enabling LMHOSTS lookup
  • Understanding WAP security levels
  • Configuring wireless network settings
  • Identifying cloud computing service models
  • Understanding primary virtualization topics
  • Editing a virtual hard disk file
  • Understanding cloud models
  • Identifying methods of updating an operating system
  • Understanding models for improving system performance
  • Configuring IE settings to avoid disruption in computer operations
  • Configuring Windows firewall settings
  • Downloading and installing the Avast antivirus, and scanning the system
  • Installing the FTP server under the Web Server role
  • Creating DNS domains
  • Configuring pop-up blocker settings
  • Creating a new inbound rule
  • Mounting and dismounting an encrypted volume
  • Identifying approaches of non-mathematical cryptography
  • Identifying asymmetric algorithms
  • Identifying hashing algorithm
  • Understanding code-breaking techniques
  • Creating a virtual volume
  • Encrypting and decrypting a message
  • Encrypting and decrypting a message using the RSA algorithm
  • Checking the integrity of messages through MAC values
  • Identifying protocols for secure connections
  • Creating and backing up an encryption certificate
  • Backing up an encryption certificate and key
  • Viewing memory usage of programs
  • Adding counters
  • Encrypting a picture
  • Understanding public cryptographic initiatives
  • Understanding PKCS standards
  • Adding the Active Directory Certificate Services role
  • Understanding trust models
  • Identifying the authority process
  • Examining certificate details
  • Examining the Microsoft Root Authority certificate details
  • Understanding PKI trust models
  • Installing a subordinate Certification Authority
  • Enabling BitLocker
  • Managing the certificate server using the mmc tool
  • Identifying the filename extension
  • Identifying types of malware
  • Viewing the running processes of all the users
  • Identifying types of viruses
  • Understanding classification of viruses
  • Identifying attacks
  • Determining vulnerability of a network to attacks
  • Identifying types of system attack
  • Preventing IP address spoofing
  • Understanding web-based applications
  • Understanding types of application attacks
  • Identifying security factors
  • Identifying vulnerability scanning tasks
  • Identifying social engineering attacks
  • Identifying measures for spamming protection
  • Identifying physical security devices
  • Identifying retardants of fire extinguishers
  • Identifying causes of compromised security
  • Understanding information categories
  • Identifying Information models
  • Understanding acts to ensure privacy of information
  • Understanding security measures for mobile devices
  • Identifying storage mechanism
  • Identifying auditing processes
  • Identifying backup types
  • Understanding backup plans
  • Identifying various alternate site
  • Identifying steps to be followed on occurrence of an incident
  • Identifying SLAs measures
  • Identifying ethical hacking approaches
  • Performing penetration testing
  • Identifying testing types