Bootcamp Overview:

This bootcamp is designed to prepare students for the CompTIA Security+ certification exam SY0-701. Throughout this intensive program, students will gain hands-on experience in foundational and advanced cybersecurity practices, helping them develop the skills needed to secure and defend modern enterprise environments.

Who Should Attend:

This course is ideal for candidates pursuing the CompTIA Security+ certification who are interested in establishing a career in cybersecurity or IT security. It is also beneficial for IT professionals seeking to gain foundational and intermediate security knowledge that will enhance their current roles.

What’s Included:

• Four days of expert-led, live Security+ training (4 hours each day).
• Access to exam preparation software tailored specifically to the SY0-701 exam.
• Engaging practical exercises, review sessions, and a practice exam on the final day to ensure full preparedness.

Prerequisites:

Participants should have passed CIS120A and CIS120B to gain a basic understanding of IT concepts, including networking, computing devices, and systems administration. Familiarity with fundamental cybersecurity principles.

Recommended Resources:

CompTIA Security+ (SY0-701) Study Guide: Principles of Information Security, 7th Edition by Michael E. Whitman and Herbert J. Mattord. 2022

Certification Details:

This bootcamp prepares students to pass the CompTIA Security+ SY0-701 certification exam. Key domains and objectives covered in this course include:

• 1.0 General Security Concepts 12%
• 2.0 Threats, Vulnerabilities, and Mitigations 22%
• 3.0 Security Architecture 18%
• 4.0 Security Operations 28%
• 5.0 Security Program Management and Oversight 20%

What You’ll Learn:

• Basics of computing include input, processing, output, and storage.
• Security Models and Strategies:
• Understand Zero Trust Architecture and its role in modern security, focusing on adaptive identity, policy-driven access, and implicit trust zones.
• Deception Techniques such as honeypots and honeynets to mislead attackers and enhance security intelligence.

Cloud-Specific Threats:

• Identify and mitigate vulnerabilities unique to cloud environments, including containerization and serverless architectures.
• Best practices for securing cloud-based infrastructure and avoiding common configuration pitfalls.

Advanced Cryptographic Techniques:

• Encryption fundamentals (symmetric, asymmetric, hashing, salting) and their importance in data protection.
• Key Management practices include Public Key Infrastructure (PKI), digital signatures, and the use of trusted hardware (e.g., TPM, HSM).
• Advanced applications such as secure enclaves and certificate authorities to safeguard information assets.

Risk Management and Third-Party Security:

• Strategies for managing third-party and vendor risk in enterprise environments, emphasizing policy controls and vendor assessments.
• Overview of security frameworks for program management and oversight, ensuring consistent security operations.

Incident Response and Forensics:

• Introduction to incident response phases (e.g., detection, containment, eradication) and the incident response lifecycle.
• Use of digital forensics tools like Autopsy to identify and analyze digital evidence.
• Hands-on scenarios to practice response protocols and forensics procedures.

IoT and Embedded Systems Security:

• Security considerations for IoT, embedded, and specialized systems, addressing unique risks in these often-overlooked areas.
• Real-world examples of securing IoT devices and mitigating vulnerabilities in embedded systems.
• Automation in Security Operations:
• Overview of Security Orchestration, Automation, and Response (SOAR) tools and their role in streamlining security processes.
• Automating tasks like incident response, threat detection, and compliance monitoring for operational efficiency.

Vulnerability Scanning and CVSS:

• Basics of vulnerability management with an emphasis on scanning tools and interpreting Common Vulnerability Scoring System (CVSS) scores.
• Best practices for assessing, prioritizing, and remediating vulnerabilities to strengthen security posture.