Objectives Chapters
1.0: Network Security
. Implement security confi guration parameters on network devices and other technologies
. Given a scenario, use secure network administration principles , , ,
. Explain network design elements and components ,
. Given a scenario, implement common protocols and services , , ,
. Given a scenario, troubleshoot security issues related to wireless networking
5.0: Access Control and Identity Management
. Compare and contrast the function and purpose of authentication services
. Given a scenario, select the appropriate authentication, authorization or access control , ,
. Install and confi gure security controls when performing account management, based on best practices ,
3.0: Threats and Vulnerabilities
. Explain types of malware
. Summarize various types of attacks , , , ,
. Summarize social engineering attacks and the associated e ectiveness with each attack
. Explain types of wireless attacks
. Explain types of application attacks ,
. Analyze a scenario and select the appropriate type of mitigation and deterrent techniques , , ,
. Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities
. Explain the proper use of penetration testing versus vulnerability scanning
6.0: Cryptography
. Given a scenario, utilize general cryptography concepts ,
. Given a scenario, use appropriate cryptographic methods , ,
. Given a scenario, use appropriate PKI, certifi cate management and associated components
4.0: Application, Data and Host Security
. Explain the importance of application security controls and techniques
. Summarize mobile security concepts and technologies , , ,
. Given a scenario, select the appropriate solution to establish host security , ,
. Implement the appropriate controls to ensure data security , , , ,
. Compare and contrast alternative methods to mitigate security risks in static environments 4
CompTIA Security+ SY0-401 Examination Objectives
2.0: Compliance and Operational Security
. Explain the importance of risk related concepts , , , ,
. Summarize the security implications of integrating systems and data with third parties
. Given a scenario, implement appropriate risk mitigation strategies ,
. Given a scenario, implement basic forensic procedures
. Summarize common incident response procedures
. Explain the importance of security related awareness and training
. Compare and contrast physical security and environmental controls , ,
. Summarize risk management best practices
. Given a scenario, select the appropriate control to meet the goals of security ,
