SY0-601 - CompTIA Security+: Organizational Security Assessment tools & Mitigation Controls


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description

To prepare for the CompTIA Security+ SY0-601 certification exam, you will need to identify and describe popular organizational security assessment tools and risk mitigation controls. You will likely come across these tools at some point in your career, so prior knowledge of how these work and what they're used for will be highly beneficial.

In this CompTIA Security+ SY0-601 course, you'll explore the concept of network reconnaissance and discovery, and examine packet capture and replay, file manipulation, and forensic tools. You'll also identify shell and script environments, exploitation kits, and password crackers. You'll move on to recognize methods for reconfiguring endpoint security solutions and describe configuration changes for mitigation, the concepts of isolation, containment, and segmentation, and secure orchestration, automation, and response (SOAR) solutions. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.



Expected Duration (hours)
0.7

Lesson Objectives

SY0-601 - CompTIA Security+: Organizational Security Assessment tools & Mitigation Controls

  • discover the key concepts covered in this course
  • describe the following network reconnaissance and discovery tools: tracert/traceroute, nslookup/dig, ipconfig/ifconfig, Nmap, ping/pathping, hping, netstat, netcat, arp, route, curl, theHarvester, sn1per, DNSenum, Nessus, and Cuckoo
  • compare the following packet capture and replay tools: Tcpreplay, Tcpdump, and Wireshark
  • survey file manipulation tools, as in head, tail, cat, grep, chmod, and logger
  • describe shell and script environments like SSH, PowerShell, Python, and OpenSSL
  • compare various forensic tools like dd, Memdump, WinHex, FTK Imager, and Autopsy
  • describe exploitation frameworks, exploitation kits, and various password crackers like John the Ripper and Cain
  • describe methods for reconfiguring endpoint security solutions, like application whitelisting, blacklisting, and quarantine
  • define configuration changes for mitigation, like firewall rules, MDM, DLP, content and URL filtering, and updating or revoking certificates
  • describe the mitigation concepts of isolation, containment, and segmentation with popular use cases
  • define the concept of secure orchestration, automation, and response (SOAR) and its associated runbooks and playbooks
  • summarize the key concepts covered in this course

    • Course Number:
    it_cssecp2020_16_enus

    Expertise Level
    Intermediate