The CompTIA exam has six domains with several objectives within each domain.
1.0 Threats, Attacks and Vulnerabilities 21%
2.0 Technologies and Tools 22%
3.0 Architecture and Design 15%
4.0 Identity and Access Management 16%
5.0 Risk Management 14%
6.0 Cryptography and PKI 12% Total 100%
1.0 Threats, Attacks and Vulnerabilities
*Given a scenario, analyze indicators of compromise and determine the type of malware.
* Compare and contrast types of attacks.
Social engineering • Application/service attacks • Wireless attacks Cryptographic attacks
*Explain threat actor types and attributes
• Types of actors • Attributes of actors Use of open-source intelligence
* Explain penetration testing concepts.
* Explain vulnerability scanning concepts.
*Explain the impact associated with types of vulnerabilities
• Memory/buffer vulnerability • System sprawl/undocumented assets s • Architecture/design weaknesses • New threats/zero day Improper certificate and key management
2.0 Technologies and Tools
*Install and configure network components, both hardwareand software-based, to support organizational security.
• Firewall • VPN concentrator • NIPS/NIDS • Router Switch • Proxy • Load balancer • Access point • SIEM • DLP • NAC • Mail gateway
*Given a scenario, use appropriate software tools to assess the security posture of an organization.
• Protocol analyzer • Network scanners – Rogue system detection – Network mapping • Wireless scanners/cracker • Password cracker • Vulnerability scanner • Configuration compliance scanner • Exploitation frameworks • Data sanitization tools • Steganography tools • Honeypot • Backup utilities • Banner grabbing • Passive vs. active • Command line tools
*Given a scenario, troubleshoot common security issues.
• Unencrypted credentials/clear text • Logs and events anomalies • Permission issues • Access violations • Certificate issues • Data exfiltration • Misconfigured devices
* Given a scenario, analyze and interpret output from security technologies.
• HIDS/HIPS • Antivirus • File integrity check • Host-based firewall • Application whitelisting • Removable media control • Advanced malware tools • Patch management tools • UTM • DLP • Data execution prevention • Web application firewall
*Given a scenario, deploy mobile devices securely.
• Connection methods • Mobile device management concepts • Enforcement and monitoring • Deployment models
*Given a scenario, implement secure protocols.
• Protocols • Use cases
3.0 Architecture and Design
*Explain use cases and purpose for frameworks, best practices and secure configuration guides.
• Industry-standard frameworks and reference architectures • Benchmarks/secure configuration guides • Defense-in-depth/layered security
*Given a scenario, implement secure network architecture concepts.
• Zones/topologies • Segregation/segmentation/isolation • Tunneling/VPN • Security device/technology placement
*Given a scenario, implement secure systems design.
• Hardware/firmware security • Operating systems • Peripherals
*Explain the importance of secure staging deployment concepts.
* Explain the security implications of embedded systems.
* Summarize secure application development and deployment concepts.
• Development life-cycle models • Secure DevOps • Provisioning and deprovisioning • Secure coding techniques • Code quality and testing
*Summarize cloud and virtualization concepts.
• Hypervisor • VM sprawl avoidance • Cloud storage • Cloud deployment models
*Explain how resiliency and automation strategies reduce risk.
• Automation/scripting • Templates • Non-persistence • Elasticity
*Explain the importance of physical security controls.
4.0 Identity and Access Management
* Compare and contrast identity and access management concepts
• Multifactor authentication • Federation • Single sign-on
*Given a scenario, install and configure identity and access services.
* Given a scenario, implement identity and access management controls.
• Access control models • Physical access control • Biometric factors • Tokens • Certificate-based authentication
*Given a scenario, differentiate common account management practices.
• Account types • General Concepts • Account policy enforcement
5.0 Risk Management
* Explain the importance of policies, plans and procedures related to organizational security.
• Standard operating procedure • Agreement types Personnel management • General security policies
*Summarize business impact analysis concepts.
* Explain risk management processes and concepts.
• Threat assessment • Risk assessment • Change management
*Given a scenario, follow incident response procedures.
• Incident response plan • Incident response process
*Summarize basic concepts of forensics.
• Data acquisition • Preservation • Track man-hours
*Explain disaster recovery and continuity of operation concepts.
• Recovery sites • Order of restoration • Backup concepts • Geographic considerations • Continuity of operation planning
*Compare and contrast various types of controls.
*Given a scenario, carry out data security and privacy practices.
• Data destruction and media sanitization • Data sensitivity labeling and handling • Data roles
*Compare and contrast basic concepts of cryptography.
*Explain cryptography algorithms and their basic characteristics.
• Symmetric algorithms • Cipher modes • Asymmetric algorithms • Hashing algorithms • Key stretching algorithms • Obfuscation
Looking for security+ training? Try out a course here https://itmasterkey.com/p/comptia-security-certification-course