Exam Number: SY0-501

The CompTIA Security+ certification is a vendor-neutral credential. The CompTIA Security+ SY0-501 exam is an internationally recognized validation of foundation-level security skills and knowledge, and is used by organizations and security professionals around the globe.

The CompTIA Security+ exam will certify the successful candidate has the knowledge and skills required to:

  • Install and configure systems to secure applications, networks and devices
  • Perform threat analysis and respond with appropriate mitigation techniques
  • Participate in risk mitigation activities
  • Operate with an awareness of applicable policies, laws and regulations

The successful candidate will perform these tasks to support the principles of confidentiality, integrity, and availability.

The CompTIA Security+ certification is aimed at an IT security professional who has:

  • A minimum of two years’ experience in IT administration with a focus on security
  • Day-to-day technical information security experience
  • Broad knowledge of security concerns and implementation, including the topics in the domain list

These content examples are meant to clarify the test objectives and should not be construed as a comprehensive listing of all content in this examination.

Course Objectives

1.0 Threats, Attacks and Vulnerabilities
-Compare and contrast types of attacks.
-Explain threat actor types and attributes.
-Explain penetration testing concepts.
-Explain vulnerability scanning concepts.
-Explain the impact associated with types of vulnerabilities.
-Install and configure network components, both hardware- and software-based, to support organizational security.
-Given a scenario, use appropriate software tools to assess the security posture of an organization.

2.0 Technologies and Tools
-Given a scenario, troubleshoot common security issues.
-Given a scenario, analyze and interpret output from security technologies.
-Given a scenario, deploy mobile devices securely.
-Given a scenario, implement secure protocols.

3.0 Architecture and Design
-Explain use cases and purpose for frameworks, best practices and secure configuration guides.
-Given a scenario, implement secure network architecture concepts.
-Given a scenario, implement secure systems design.
-Explain the importance of secure staging deployment concepts.
-Explain the security implications of embedded systems.
-Summarize secure application development and deployment concepts.
-Summarize cloud and virtualization concepts.
-Explain how resiliency and automation strategies reduce risk.
-Explain the importance of physical security controls.

4.0 Identity and Access Management
-Compare and contrast identity and access management concepts
-Given a scenario, install and configure identity and access services.
-Given a scenario, implement identity and access management controls.
-Given a scenario, differentiate common account management practices.
-Explain the importance of policies, plans and procedures related to organizational security.
-Summarize business impact analysis concepts.
-Explain risk management processes and concepts.

5.0 Risk Management
-Given a scenario, follow incident response procedures.
-Summarize basic concepts of forensics.
-Explain disaster recovery and continuity of operations concepts.
-Compare and contrast various types of controls.
-Given a scenario, carry out data security and privacy practices.
-Compare and contrast basic concepts of cryptography.
-Explain cryptography algorithms and their basic characteristics.

6.0 Cryptography and PKI
-Given a scenario, install and configure wireless security settings.
-Given a scenario, implement public key infrastructure.

Register Today