Networking has always been one of the primary paths to becoming a security expert. This CompTIA Security+ SY0-601 course involves recognizing how to implement secure networking environments and designs.
In this course, you'll explore the concepts, techniques, and deployments involved in the following valuable network security technologies: load balancing, networking segmentation/zoning, and virtual private networks. Next, you'll examine several switch port security techniques, such as BPDU guard, DHCP snooping, and MAC filtering. You'll then recognize the various features of firewalls, such as ACLs and WAF, and compare network appliance solutions, such as port spanning, NAC, NIDS, and NIPS.
Finally, you'll outline advanced network environment solutions, like route security, IPv6, and next-gen monitoring. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.
define network segmentation and zoning concepts, such as a virtual local area network (VLAN), PVLAN, DMZ, east-west traffic, extranets, intranets, and zero-trust deployments
describe various load balancing concepts and techniques, including active/active, active/passive, elastic, scheduling, virtual IP addresses, and persistence
survey different VPN deployments, like always-on, split tunnel, full tunnel, remote access, site-to-site, IPsec, SSL/TLS, HTML5, and the Layer 2 Tunneling Protocol (L2TP)
describe port security techniques, as in broadcast storm prevention, loop prevention, BPDU guard, DHCP snooping, and MAC filtering
survey the features of firewalls, such as ACLs, WAF, next-generation, stateful vs. stateless, UTM, NAT gateways, content/URL filtering, hardware vs. software, and appliance vs. host-based vs. virtual
compare various network appliance solutions, such as NAC, jump/bastion servers, proxy servers, NIDS, port mirroring/spanning, tapping, NIPS, signature-based vs. heuristic/behavior vs. anomaly, and inline vs. passive sensors, collectors, and aggregators
describe various advanced networking solutions, like HSM, DNS, route security, QoS, IPv6 implications, next-gen monitoring and visibility, and file integrity monitoring