CompTIA Security+ Objectives

The CompTIA exam has six domains with several objectives within each domain.

1.0 Threats, Attacks and Vulnerabilities 21%

2.0 Technologies and Tools 22%

3.0 Architecture and Design 15%

4.0 Identity and Access Management 16%

5.0 Risk Management 14%

6.0 Cryptography and PKI 12% Total 100%

1.0 Threats, Attacks and Vulnerabilities

*Given a scenario, analyze indicators of compromise and determine the type of malware.

* Compare and contrast types of attacks.

Social engineering • Application/service attacks • Wireless attacks Cryptographic attacks

*Explain threat actor types and attributes

• Types of actors • Attributes of actors Use of open-source intelligence

* Explain penetration testing concepts.

* Explain vulnerability scanning concepts.

*Explain the impact associated with types of vulnerabilities

• Memory/buffer vulnerability • System sprawl/undocumented assets s • Architecture/design weaknesses • New threats/zero day Improper certificate and key management

2.0 Technologies and Tools

*Install and configure network components, both hardwareand software-based, to support organizational security.

• Firewall • VPN concentrator • NIPS/NIDS • Router Switch • Proxy • Load balancer • Access point • SIEM • DLP • NAC • Mail gateway

*Given a scenario, use appropriate software tools to assess the security posture of an organization.

• Protocol analyzer • Network scanners – Rogue system detection – Network mapping • Wireless scanners/cracker • Password cracker • Vulnerability scanner • Configuration compliance scanner • Exploitation frameworks • Data sanitization tools • Steganography tools • Honeypot • Backup utilities • Banner grabbing • Passive vs. active • Command line tools

*Given a scenario, troubleshoot common security issues.

• Unencrypted credentials/clear text • Logs and events anomalies • Permission issues • Access violations • Certificate issues • Data exfiltration • Misconfigured devices

* Given a scenario, analyze and interpret output from security technologies.

• HIDS/HIPS • Antivirus • File integrity check • Host-based firewall • Application whitelisting • Removable media control • Advanced malware tools • Patch management tools • UTM • DLP • Data execution prevention • Web application firewall

*Given a scenario, deploy mobile devices securely.

• Connection methods • Mobile device management concepts • Enforcement and monitoring • Deployment models

*Given a scenario, implement secure protocols.

• Protocols • Use cases

3.0 Architecture and Design

*Explain use cases and purpose for frameworks, best practices and secure configuration guides.

• Industry-standard frameworks and reference architectures • Benchmarks/secure configuration guides • Defense-in-depth/layered security

*Given a scenario, implement secure network architecture concepts.

• Zones/topologies • Segregation/segmentation/isolation • Tunneling/VPN • Security device/technology placement

*Given a scenario, implement secure systems design.

• Hardware/firmware security • Operating systems • Peripherals

*Explain the importance of secure staging deployment concepts.

* Explain the security implications of embedded systems.

* Summarize secure application development and deployment concepts.

• Development life-cycle models • Secure DevOps • Provisioning and deprovisioning • Secure coding techniques • Code quality and testing

*Summarize cloud and virtualization concepts.

• Hypervisor • VM sprawl avoidance • Cloud storage • Cloud deployment models

*Explain how resiliency and automation strategies reduce risk.

• Automation/scripting • Templates • Non-persistence • Elasticity

*Explain the importance of physical security controls.

4.0 Identity and Access Management

* Compare and contrast identity and access management concepts

• Multifactor authentication • Federation • Single sign-on

*Given a scenario, install and configure identity and access services.

* Given a scenario, implement identity and access management controls.

• Access control models • Physical access control • Biometric factors • Tokens • Certificate-based authentication

*Given a scenario, differentiate common account management practices.

• Account types • General Concepts • Account policy enforcement

5.0 Risk Management

* Explain the importance of policies, plans and procedures related to organizational security.

• Standard operating procedure • Agreement types Personnel management • General security policies

*Summarize business impact analysis concepts.

* Explain risk management processes and concepts.

• Threat assessment • Risk assessment • Change management

*Given a scenario, follow incident response procedures.

• Incident response plan • Incident response process

*Summarize basic concepts of forensics.

• Data acquisition • Preservation • Track man-hours

*Explain disaster recovery and continuity of operation concepts.

• Recovery sites • Order of restoration • Backup concepts • Geographic considerations • Continuity of operation planning

*Compare and contrast various types of controls.

*Given a scenario, carry out data security and privacy practices.

• Data destruction and media sanitization • Data sensitivity labeling and handling • Data roles

6.0 Cryptography

*Compare and contrast basic concepts of cryptography.

*Explain cryptography algorithms and their basic characteristics.

• Symmetric algorithms • Cipher modes • Asymmetric algorithms • Hashing algorithms • Key stretching algorithms • Obfuscation

Looking for security+ training? Try out a course here https://itmasterkey.com/p/comptia-security-certification-course

Leave a Reply