CompTIA IT Security+ (SY0-401)
CompTIA Authorized Partner 30+ Courses Certificate of Mastery/Completion 24/7 Online Access
- 30+ Courses
- 12 Month Access
- Labs, Games, Activities
- Printable Study Guides
- Exam Simulation
WHAT YOU'LL LEARN
This exclusive training bundle covers the essential principles for network security and risk management as laid out by CompTIA. CompTIA Security+ is globally recognized as the standard for securing the data stored and transmitted on any network. Through LearnSmart’s Security+ training, you will acquire the skills to deter hackers while securing your networks.
Knowledge areas include:
- Vulnerabilities Assessment
- Mobile Hacking
- Disaster Recovery
- Penetration Testing
- Spyware & Keyloggers
- Exploitation Techniques
- Cross-Site Scripting
Hacker / Security+ (SY0-401): Advanced Exploitation Techniques
Exploit is a common term in the computer security community that refers to a piece of software that takes advantage of a bug or glitch. In our course Advanced Exploitation Techniques, you will learn what advanced exploitation techniques are and how you can use them in your penetration testing. You will also learn how to use Metasploit to exploit vulnerabilities. This will be coupled with in-depth demos on using Metasploit and other Metasploit tools, such as, Meterpreter, Armitage, and Armitage-mimkatz.
Hacker / Security+ (SY0-401): Authentication Systems
Whenever we login to a computer system, we provide information to identify ourselves. We refer to this as authentication. Authentication has been developed to contain more than just username and password because we want added layers of security. In this course you will learn about authentication factors, forms of authentication, and authentication protocols. You will also learn RADIUS, LDAP, and SSO. We will pair this with several demos depicting practical uses of the many tools that we will discuss in this course.
Hacker / Security+ (SY0-401): Buffer Overflows
Buffer overflow occurs when you try to store more data than what the allocated buffer or storage area can hold. In this course you will be introduced to the concepts of buffer overflows, how they happen, and how attackers take advantage of them. You will also learn how to defend against buffer overflow attacks, and what security measures you can take to protect your data. We will accompany this with several demos that will delve deeper and help you understand some of the specific topics that will be discussed.
Hacker / Security+ (SY0-401): Covering Tracks
Covering Tracks will be going over various ways that attackers have at their disposal to cover any tracks that may lead to their unwanted eviction, or worse yet, to an audit trail that would lead directly back to them. In this course we will be discussing disabling auditing during or after an event, steps to take once it is disabled, and destroying any evidence. We will be going over various ways to avoid detection on Linux machines, and this will include several in-depth demos on various operations for the Linux machines.
Hacker / Security+ (SY0-401): Cross-Site Scripting
As a security tester or security analyst, it is important that you are aware of cross-site scripting vulnerabilities and how they may be exploited by attackers. In our course Cross-site Scripting, you will gain a comprehensive understanding of cross-site scripting; you will learn how to prevent it, and how you can test to identify cross-site scripting vulnerabilities. You will also learn what cross-site scripting is and what the different types of cross-site scripting you may come across. This course will also be paired with several demos that give you a real world view of what we have and will cover in this course.
Hacker / Security+ (SY0-401): Cryptography
Traditional cryptography uses a secret key for encrypting and decrypting a message. This is also known as a symmetric key. In public key cryptography, the CA creates private and public keys using the same algorithm, but it functions asymmetrically. In the course, Cryptography, you will discuss public key infrastructures, certificate authorities, and certificate management. We will combine that with in-depth demos on PKI Installation, CRL, Certificate Enrollment, and CA Management. We will discuss the steps to create and manage a public key infrastructure, and the relationship between public key infrastructures and certificate authority, as well as both traditional cryptography and public key cryptography, the implementation of certificates, and managing certificates.
Hacker / Security+ (SY0-401): Cryptography Weaknesses
Cryptography is the science of writing in secret code and is considered an ancient art. The first documented use of cryptography dates back to circa 1900 B.C. In Cryptography Weaknesses, we will discuss weaknesses in cryptography and ways to improve your security. We will also cover the use of symmetric and asymmetric keys and the use of hybrid keys, as well as the use of hashing algorithms and digital signatures. We will pair this with several demos to show you how each of these works in practical situations.
Hacker / Security+ (SY0-401): Denial of Service
Become familiar with the following concepts: denial-of-service, distributed denial-of-service, and how the denial-of-service and distributed denial-of-service attacks take place. You will also see what botnets are and how they are used to attack your system or network. You will find explanations on the tools that are used to attack, and how you can detect such attacks. You will be introduced to different countermeasures, so that you can plan, prepare, and establish the relevant countermeasures to protect your organization. You will also learn how DoS and DDoS can be used in penetration testing. You will go through discussions on how to protect your organization from the distributed denial-of-service attacks and denial-of-service penetration testing. Altogether, these topics focus on deepening your understanding of security concepts and practices, so that you’re a more efficient network administrator. With the skills you gain here, you’re equipped to pursue a number of security certifications from CompTIA, EC-Council, and CEH.
Hacker / Security+ (SY0-401): Disaster Recovery and Risk Management
Since you are a part of IT operations in your enterprise, you could be involved in planning and applying policies related to Risk Management and/or Disaster Recovery. In our course Disaster Recovery and Risk Management, you will receive an introduction to the basics of Risk Management and Disaster Recovery. When you have completed the course, you will be able to identify a risk and the effect that it has on daily operations. You will gain an understanding of security measures and how they are implemented, as well as, the importance and the process of managing risk in your environment. We will partner this with a detailed demo on the process of risk assessment. You will gain an understanding of Disaster Recovery, be able to define what a disaster is, rank a disaster, and create a plan that will define how to recover from a disaster, as well as, successfully recovering your data.
Hacker / Security+ (SY0-401): Evading Firewalls and Honeypots
Evading Firewalls and Honeypots, is the course where we will not only discuss what firewalls and honeypots are, but how attackers get around these preventive programs. You will learn about the different types of firewalls and how they may be evaded. You will also learn what honeypots are and how they are set-up to divert any would be attacker’s attention. You will be learning how attackers anticipate honeypots and how penetration testing can help you in dealing with these attackers. We have paired this course with several demos that will cover more in-depth the topics that we will be discussing and help you gain a broader understanding of those topics.
Hacker / Security+ (SY0-401): Evading IDS
Intrusion Detection System (IDS) is a device or software that monitors network activities and system activities. While monitoring, it looks for suspicious activities and security policy violations. In this course we will be discussing the vulnerabilities in an IS, types of IDS, types of evasion, techniques used to evade IDS, IDS tools, and how to carry out penetration testing so you can put a prevention plan in place. We will combine this with an in-depth demo on how to avoid an IDS.
Hacker / Security+ (SY0-401): Hacking Web and App Servers
Hacking Web and Application Servers, is a course that will give you a good idea about vulnerabilities and attacks available for web servers and web applications. This course includes in-depth demos on several of the tools used for hacking web servers and application servers. These tools include Apache2, Netcraft, Website Mirroring, W3AF, and WMAP. By the end of this course we will have discussed various ways to collect information from web servers, application server attacks, and finding vulnerabilities in a server.
Hacker / Security+ (SY0-401): Hacking Wireless Networks
Wireless attacks have become so easy even unskilled people with little computer literacy can accomplish them. This is because of the many automated tools available to perform this hack. In the course Hacking Wireless Networks, we will not be focusing on weaknesses of your wireless networks or how to protect them; instead, we will focus on how to gain access to a wireless network.
Hacker / Security+ (SY0-401): Introduction to Ethical Hacking
Ethical hacking is testing the IT resources for a good cause and for the betterment of technology. In Introduction to Ethical Hacking, you will be introduced to various concepts on ethical hacking. We will be talking about vulnerabilities, exploits, defense strategy, penetration testing, pentest types and methodology, vulnerability management, incident management, and security policy development, and at the end of this course we hope you will have a basic understanding of the various concepts involved in ethical hacking.
Hacker / Security+ (SY0-401): Mobile Hacking Basics
Mobile security is a challenge. Not many of us realize the extent of the threat nor do we realize the ease in which we are hacked. At the end of this course, we want you to walk away today with that understanding. Mobile Hacking Basics will start out by going over why we should be concerned about mobile security. You will learn the areas of IT that need to be considered when looking at security for your mobile devices. You will also learn about device and application security along with the additional issues that arise when we allow employees to bring their own devices. The course will finish up by looking at some examples of hardening this diverse amount of hardware. This course will be paired with several in-depth demos giving you working examples of the many subjects that are covered in this course.
Hacker / Security+ (SY0-401): Penetration Testing
Pentesting is an intentional attack on a system to discover security weaknesses. These can be left either by the security officer or the security controls. Penetration Testing is our course that covers security, vulnerabilities, different types of tests, and when to test as a pen tester. We have paired this with an in-depth demo on vulnerability assessment using the tool Nexpose. At the end of this course we will have reviewed security and vulnerability assessment, and the differences between automatic and manual testing.
Hacker / Security+ (SY0-401): Physical Security
What kind of security measures do you take to protect your facilities, equipment, resources, personnel, and property from damage caused by unauthorized access? Security is very important to any organization and physical security is no exception. In our course Physical Security you learn the physical security planning process, how to protect assets, internal support systems, and perimeter security.
Hacker / Security+ (SY0-401): Port Scanning
When a port is scanned on a server, the port returns a response indicating that the it is open and a service is listening. In Port Scanning, you will learn how ports can be scanned, how a hacker can break into your network through the ports, and the countermeasures you can take to protect your device or network. This course will offer in-depth discussions on port scanning methods and techniques, port scanning tools, and port scanning countermeasures. We will partner this with detailed demos on Ping, Ping tester, and Netstat.
Hacker / Security+ (SY0-401): Scanning Networks
Network scanning is the scanning of public or private networks to find out which systems are running, their IP addresses, and which services they are running. In Network Scanning, you will learn techniques for private and public network scanning using various tools. Accompanied with in-depth demos and discussions on how to use Angry IP, Nmap, Hping, and Zmap network scanners. Through this, you will learn the steps to network scanning, how to draw a network map, and plan an attack accordingly.
Hacker / Security+ (SY0-401): Session Hijacking
Have you heard the words session hijacking? Simply put, it is defined as an intruder taking over a genuine session between two computers and using it for sinister purposes. In the course Session Hijacking, you will learn details about session hijacking, well-known techniques employed by aggressors, the steps involved in session hijacking, various types of session hijacking, tools for hijacking sessions, ways you can protect yourselves from session hijacking, and how pentesting can be used to identify vulnerabilities.
Hacker / Security+ (SY0-401): Sniffers
Sniffers is our course where we take a look at Network Sniffing. We will be covering the basics of packet sniffing, ARP cache poisoning, DNS spoofing, SSL sniffing, VoIP phone calls, and sniffing remote desktop connections. This will be coupled with demos on Wireshark, ARP poisoning, and XARP.
Hacker / Security+ (SY0-401): Social Engineering
Social engineering is the art of extorting employees for information. It can take the form of human-based or digital. In the course, Social Engineering, you will learn what social engineering is, who's at risk, and how to protect and educate your employees against social engineering. You will learn the importance of creating a security policy, and how to deal with the threat of human-based attacks from both outside and inside the company. You will learn what kind of risks computer-based attacks and social media present. We will couple this with in-depth demos on phishing emails how to use Social Engineering Toolkit: SET-web Template, SET-spear phishing, SET-trojan, and SET-SMS Spoofing.
Hacker / Security+ (SY0-401): Spyware & Keyloggers
You will take a good look at spyware, the activities it performs, different types of spyware, and the countermeasures needed in order to prevent hackers from utilizing these types of techniques against your company. You will also spend time studying different types of keyloggers. There are three different types of keyloggers that we see used in today's environments: hardware, software, and kernel/driver keyloggers. A good pen tester or ethical hacker cannot perform his or her job properly without understanding the countermeasures for all of the hacking techniques used against today's computer systems. Overall, these topics will help prepare you for certification exams from vendors, such as Linux, CompTIA, and EC-Council.
Hacker / Security+ (SY0-401): SQL Injections
SQL injection is the most used of all attacks. In this course, SQL Injections, you will be learning how SQL injections can be initiated, cause damage or loss, how to prevent such attacks, and discussing detection tools. This course includes demos demonstrating BSQL tool as well as SQL Injection Username and Password. By the end of this course you will have covered SQL injection methodology, attacks, buffer overflow exploit, testing for SQL injection, countermeasures, and detection tools.
Hacker / Security+ (SY0-401): System Hacking
Ensure that you know everything involved in securing a Windows system against attack. During this course you’ll get into Windows passwords — how they’re created, how they’re stored, and different methods used to crack them. You’ll discover different methods used for guessing passwords and breaking the different security methods used within the Windows operating system. You’ll find discussions on responding to privilege escalation. You’ll also spend some time going through a couple of scenarios demonstrating how to use key defense tools. Overall, the topics explored here will teach you how to increase security on your Windows machines, as well as show you required procedures and tools to prepare for different certification exams from EC-Council, CompTIA, Linux, and CISSP.
Hacker / Security+ (SY0-401): Trojans and Backdoors
As an ethical hacker, there are times when you need to hide software from the company that you are performing the test against in order to verify that the defensive strategy isn't able to find your software. Trojans and Backdoors is the course where our software is going to be going undercover. In this course we are going to define malware and take a look at how a payload is delivered. We will overview the various Trojan tools, and tools used to generate Trojan programs, as well as, learning about Netcat. We will spend time going over countermeasures and various anti-Trojan software and hardware, and preventive methods that can be used to prevent attacks. We will also be incorporating several demos on the many tools that we will be discussing in this course.
Hacker / Security+ (SY0-401): Viruses and Worms
You will discover what viruses and worms are and how they can infect computers and systems. You’ll study their nature, how they function, and their impact. You will also spend time going through discussions on varieties of each, along with some real life examples. Refine your understanding of viruses and worms to better your system. The knowledge you gain here will prepare you to be a more effective network administrator. Furthermore, the topics covered here will help with preparing you for security certification exams offered by EC-Council, CompTIA, and Linux.
Hacker / Security+ (SY0-401): Vulnerability Assessment
Our course Vulnerability Assessment will introduce you to the concepts of: Vulnerability Assessment, Vulnerability Assessment Tools, and Patch Management. It will offer demos on several of the vulnerability assessment tools that are available, as well as in-depth discussions on the benefits of these tools. We will discuss the process of analyzing the scan results that the vulnerability assessment tools provide. Finally, we will discuss patch management and some tools that are available for this process and at the end of this course you will be able to create a comprehensive VA program, identify key vulnerabilities, and perform mitigation actions before those vulnerabilities can be exploited.
Hacker / Security+ (SY0-401): Wireless Types and Vulnerabilities
Wireless networks enable people to communicate and access applications and information without wires. This provides freedom of movement and the ability to extend applications to different parts of a building, city, or nearly anywhere in the world. In this course you will learn about wireless types and vulnerabilities. We will discuss different standards, systems, and attacks. This will be paired with demos on InSSIDer, Jammer, Fake AP, and Capsa.
Security+ (SY0-401): Business Continuity
Business continuity plans are important if the organization wishes to continue its normal operations in disasters, whether it is man-made or natural. Business continuity plans study all kinds of threats and estimates the damage resulting from those threats. In this course, you will learn the different categories that the events that threaten your business are classified under. You will also learn the steps in creating a business continuity plan. You will also delve further into the development process for a business continuity plan, and learn all the necessary steps that are involved in initiating the plan as well.
Security+ (SY0-401): Network Design and Security Controls
Today’s threats and cyber intelligence have made it mandatory for us to use devices for protection. Threats can come from inside our network and the internet. This makes it so that a firewall alone is not sufficient. We need to design a secure network. In Network Design and Security Controls, you will learn the steps and the tools to designing a secure network. You will also learn of the many security devices that you have at your disposal, with an in-depth discussion on firewalls and their uses. Included in this course will be detailed demos on Firewall and Proxy, NAT, DMZ, and IDS-IPS.
Security+ (SY0-401): Security Incidents
Handling incidents often needs preparation. There are plans and procedures to be taken, and drills to prepare the team. A successful handling team can prevent loss of money for an organization in the case of incident. It is an investment rather than a cost if it is done correctly. In Security Incidents, you will learn how to recognize what an incident is and where they potentially come from. You will then learn the steps to handling incidents and implementing those steps into your everyday policies and procedures.
Many tools availableThere are many learning tools available that help with each course content Use these tools with the videos
Set your own paceEasy to use and go at your own pace. Make the time to discipline to follow through on the training.
Very good customer supportThere could be clearer direction on how to download the material for training once logged in. Customer support was very good to explain how to use their website
Excellent contentExcellent subject matter content and great material overall!
Very impressedI was very impressed with the instructors, content, ease of understanding, and the wide variety of courses that are available. . . . it helped me gain new knowledge during my career transition and now I am using that knowledge to further my career at my current company. I gladly recommend LearnSmart for anyone that needs to expand their skill set or gain more knowledge in their current role.
CompTIA Security+ (SY0-401)
Information Security Analyst
Career Description:Information security analysts plan and carry out security measures to protect an organization's computer networks and systems. Their responsibilities are continually expanding as the number of cyberattacks increase.
Job Role Includes:
- Troubleshooting and provide resolutions to incident response and triage for customer incidents
- Work on planning, design, implementation of Database Auditing and Monitoring
- Utilize malware and various attack vectors commonly employed by hackers
Related Career Titles:
- Security Assurance Analyst
- IT Software Systems Architect
- Security Architect
Computer Network Architect
Career Description:Computer network architects design and build data communication networks, including local area networks (LANs), wide area networks (WANs), and intranets.
Job Role Includes:
- Perform network systems design in web centric data center.
- Evaluate new technologies and analyze and explain cost.
- Maintain and improve technical infrastructure based on troubleshooting problems and developing innovative solutions.
Related Careers Titles:
- Solutions Architect
- IT Software Systems Architect
- Security Architect
Where can I go to get more information about the CompTIA Security+ (SY0-401) certification?
Visit CompTIA's website for more information: https://certification.comptia.org/
Does this package contain everything I need?
Yes! This is a complete and comprehensive training package. You will not need to purchase additional training to learn the material necessary to pass the exams.
What is the format of this training?
LearnSmart provides self-paced online training that mimics the interactive classroom experience. Our courses include comprehensive instruction by certified industry experts, real-world demonstrations of advanced techniques and technologies, games and printable learning materials, and interactive exercises.
Does this package include exam vouchers?
Exam vouchers are not part of this package but are available for purchase from LearnSmart at a discounted rate.
Where do I take a CompTIA exam?
CompTIA exams are administered by Pearson/VUE at one of their thousands of worldwide locations. Visit Pearson/VUE to locate and register for your exam: http://home.pearsonvue.com/Home.aspx