In this course, you’ll learn about the various ways you can secure your company’s systems, network and data using secure protocols, hardware and software. First, you’ll learn about secure protocols and their various use cases. Next, you’ll learn about the hardware that helps harden a company’s security posture including endpoint protection, encryption mechanisms, database and application security, and network access control. Next, you’ll learn about securing WiFi and mobile solutions, along with protecting data in the cloud. Lastly, you’ll learn about authentication and public key infrastructure. When you’ve finished the course, you’ll have the knowledge necessary to pass the Implementation domain of the CompTIA Security+ exam as well as the skills required to secure your company’s data both on-prem and in the cloud.

Recommended order of completion:

Attacks, Threats, and Vulnerabilities for CompTIA Security+
Architecture and Design for CompTIA Security+
Implementation of Secure Solutions for CompTIA Security+
Operations and Incident Response for CompTIA Security+
Governance, Risk, and Compliance for CompTIA Security+
CompTIA Security+: Exam Briefing

Chapter 1 14 Lessons Implementing Secure Protocols 25:50

Intro
0:50

Network Protocols and TCP Three-Way Handshake
3:44

Domain Name System Security Extensions (DNSSEC)
3:48

Secure Shell (SSH)
1:17

Secure/Multipurpose Internet Mail Extensions (SMIME)
1:02

Secure Real Time Transport Protocol (SRTP)
0:42

Lightweight Directory Access Protocol Over SSL LDAPS
0:58

File Transfer Protocol (FTP) and Secure File Transfer Protocol (SFTP)
1:35

Simple Network Management Protocol (SNMP)
1:15

Secure Sockets Layer (SSL) and Transport Layer Security (TLS)
1:02

Hypertext Transfer Protocol Secure (HTTPS)
1:28

Secure Post Office Protocol (POP) and Internet Messaging Access Protocol (IMAP)
2:53

Use Cases
4:13

Review
1:03
Chapter 2 26 Lessons Understanding Host or Application Security Solutions 51:06

Overview
0:43

Antivirus
1:16

Endpoint Detection and Response
2:10

Data Loss Prevention
2:24

Next Generation Firewall
1:42

Host-based Intrusion Detection System and Host-based Intrusion Prevention System
0:59

Host-based Firewall
1:30

Boot Loader Protections and Secure Boot
2:31

Measured Launch
0:40

Integrity Measurement Architecture (IMA)
0:30

Basic Input/Output System and Unified Extensible Firmware Interface
0:36

Hashing
2:12

Salt
1:07

Secure Coding Techniques
6:28

Code Quality and Testing
2:47

Static Code Analysis
2:09

Fuzzing
3:36

Additional Secure Coding Concepts
1:55

Peripherals Security
2:24

Hardening the Environment
2:26

Common Ports
1:12

Registry Hardening
1:32

Self-Encrypting Drives (SED)
2:11

Hardware Root of Trust
1:14

Hardware Based Encryption
2:47

Sandboxing
2:05
Chapter 3 20 Lessons Implementing Secure Network Designs Part 1 44:58

Overview
0:48

Load Balancers
4:13

Security Segmentation Models
2:50

Virtualization
1:15

Air Gaps
2:04

East West Traffic
1:52

Zero Trust
1:44

VPN
4:10

Split Tunnel
0:49

IPSec and Transport Encryption
1:31

VPN Concentrator
1:04

Domain Name System Security Extensions (DNSSEC)
3:47

Network Access Control
2:35

In-Band vs Out-of-Band Management
3:58

Port Security and 802.1x
4:02

Loop Protection and Flood Guards
2:07

Spanning Tree Protocol (STP)
2:41

Dynamic Host Configuration Protocol (DHCP) Snooping
1:05

MAC Filtering
1:56

Review
0:27
Chapter 4 20 Lessons Implementing Secure Network Designs Part 2 44:39

Overview
0:44

Jump Server
2:01

Proxies
3:37

Web Security Gateways
1:48

Intrusion Detection and Prevention
5:53

IDS vs IPS Component Workflow
1:19

Four Approaches to IDS
1:54

Network-based IDS
2:09

Security Device Placement
2:26

Firewalls
6:20

Web Application Firewalls
2:13

Unified Threat Management (UTM)
1:02

Content Filters
1:02

Implicit Deny and Access Control List
0:40

Route Security
1:36

Quality of Service (QoS)
1:47

Implications of IPv6
2:20

Port Mirroring, Port Spanning and Port Taps
3:06

File Integrity Check
2:10

Review
0:32
Chapter 5 17 Lessons Installing and Configuring Wireless Security Settings 34:44

Overview
0:37

Wireless Definitions
1:58

WEP, WPA, and WPA2
1:27

WPA and WPA2 Security
3:50

WPA3
4:09

Wireless Security Examples
1:54

Wireless Security and Pen Testing Tools
2:32

EAP, PEAP, and LEAP
2:21

802.1x Wireless Protocols
2:21

Radius Federation
0:27

Wi-Fi Protected Setup
0:57

Captive Portal
2:06

Installation Considerations
1:07

Access Points Wi-Fi Security
3:41

Band Selection Width
1:52

Fat vs Thin Access and Stand-Alone vs Controller Based
2:55

Review
0:30
Chapter 6 17 Lessons Implementing Secure Mobile Solutions 40:07

Overview
0:33

Cellular
7:16

Securing Wi-Fi
1:37

Near Field Communication
1:18

Additional Areas of Concern
2:26

MicroSD Hardware Security Module
0:54

Mobile Device Management, Mobile Application Management, and Unified Endpoint Management
1:16

Security Enhancements for Android
1:06

Device Security
4:03

Application Security and Key Credential Management
2:55

Authentication
1:49

Geo-Tagging
1:31

Context Aware Authentication
2:05

Enforcement and Monitoring
4:25

BYOD Concerns and Deployment Models
3:41

Additional BYOD Concerns
2:48

Review
0:24
Chapter 7 18 Lessons Applying Cybersecurity Solutions to the Cloud 34:16

Overview
0:42

High Availability
2:11

Resource Policies
1:18

Secrets Management
2:20

Storage in the Cloud
2:50

Virtual Networks
2:40

API Inspection and Integration
1:35

Growth of Enterprise Cloud Application
1:30

Cyber Kill Chain in the Cloud
3:54

Compute in the Cloud
3:41

Cloud Access Security Broker
0:56

Application Security
1:04

Next Gen Secure Web Gateway
0:47

Firewall Considerations in a Cloud Environment
1:57

Transmission Control Protocol,Internet Protocol, and Open Systems Interconnection Models
0:39

Application Layer, Protocol Layer, and Volumetric Attacks
2:06

Cost
1:14

Cloud Native Controls vs Third Party Solutions
2:52
Chapter 8 22 Lessons Implementing Identity and Account Management Controls 33:36

Overview
0:29

Identity Provider
1:28

Identity Provider Example
1:45

Certificates, Tokens, and SSH Keys
1:31

Certificate Issues
2:48

Smart Cards
0:56

User Accounts
1:00

Account Management
1:59

Password Complexity
1:19

Password History
1:50

Password Reuse
1:18

Time of Day Restrictions
0:55

User Access Best Practices
2:26

Permissions, Auditing, and Review
1:14

Recertification
1:45

Group Policy
2:18

Expiration
2:29

Recovery
1:39

Impossible Travel Risky Login
2:23

Lockout
0:45

Disablement
0:50

Review
0:29
Chapter 9 22 Lessons Implementing Authentication and Authorization Solutions 38:36

Overview
0:47

Authentication Management
3:06

Extensible Authentication Protocol
0:49

Challenge Handshake Authentication Protocol
0:59

Password Authentication Protocol
0:55

Port Security and 802.1x Authentication
4:02

Remote Authentication Dial-In User Service (RADIUS)
2:41

Single Sign On (SSO)
1:22

Security Assertion Markup Language (SAML)
2:17

Terminal Access Controller Access Control System (TACACS)
1:12

TACACS+
2:08

OAuth
1:57

OpenID and Shibboleth
1:25

Kerberos
3:37

Attribute Based Access Control
2:53

Role-Based and Role-Based Access Control
1:37

Access Control Methods
1:13

Mandatory Access Control
1:02

Discretionary Access Control
0:46

Conditional Access
1:12

Privileged Accounts
1:05

Filesystem Permissions
1:31
Chapter 10 17 Lessons Implementing Public Key Infrastructure 28:23

Overview
0:36

Certificate Authorities and Digital Certificates
0:52

Certificate Authority
1:55

Certification Revocation List (CRL)
1:28

Online Certificate Status Protocol
1:52

Certificate Signing Request (CSR) and Public Key Cryptography Standards (PKCS)
0:48

Public Key Infrastructure
3:55

Public Key
1:11

Private Key
0:40

Object Identifiers (OID)
1:53

Types of Certificates
5:08

Certificate Formats
1:05

Online vs Offline Certificate Authority
1:59

Stapling and Pinning
0:53

Trust Models
1:46

Key Escrow
1:18

Certificate Chaining
1:04

Practice alongside courses in Cloud Playground

What is Cloud Playground? Cloud Playground lets you build skills in real-world AWS, Google Cloud, and Azure environments. Spin up risk-free Sandboxes, Servers and Terminals and follow along with courses, test a new idea or prepare for exams.

Implementation of Secure Solutions for CompTIA Security+

About the course

Intro

Network Protocols and TCP Three-Way Handshake

Domain Name System Security Extensions (DNSSEC)

Secure Shell (SSH)

Secure/Multipurpose Internet Mail Extensions (SMIME)

Secure Real Time Transport Protocol (SRTP)

Lightweight Directory Access Protocol Over SSL LDAPS

File Transfer Protocol (FTP) and Secure File Transfer Protocol (SFTP)

Simple Network Management Protocol (SNMP)

Secure Sockets Layer (SSL) and Transport Layer Security (TLS)

Hypertext Transfer Protocol Secure (HTTPS)

Secure Post Office Protocol (POP) and Internet Messaging Access Protocol (IMAP)

Use Cases

Review

Overview

Antivirus

Endpoint Detection and Response

Data Loss Prevention

Next Generation Firewall

Host-based Intrusion Detection System and Host-based Intrusion Prevention System

Host-based Firewall

Boot Loader Protections and Secure Boot

Measured Launch

Integrity Measurement Architecture (IMA)

Basic Input/Output System and Unified Extensible Firmware Interface

Hashing

Salt

Secure Coding Techniques

Code Quality and Testing

Static Code Analysis

Fuzzing

Additional Secure Coding Concepts

Peripherals Security

Hardening the Environment

Common Ports

Registry Hardening

Self-Encrypting Drives (SED)

Hardware Root of Trust

Hardware Based Encryption

Sandboxing

Overview

Load Balancers

Security Segmentation Models

Virtualization

Air Gaps

East West Traffic

Zero Trust

VPN

Split Tunnel

IPSec and Transport Encryption

VPN Concentrator

Domain Name System Security Extensions (DNSSEC)

Network Access Control

In-Band vs Out-of-Band Management

Port Security and 802.1x

Loop Protection and Flood Guards

Spanning Tree Protocol (STP)

Dynamic Host Configuration Protocol (DHCP) Snooping

MAC Filtering

Review

Overview

Jump Server

Proxies

Web Security Gateways

Intrusion Detection and Prevention

IDS vs IPS Component Workflow

Four Approaches to IDS

Network-based IDS

Security Device Placement

Firewalls

Web Application Firewalls

Unified Threat Management (UTM)

Content Filters

Implicit Deny and Access Control List

Route Security

Quality of Service (QoS)

Implications of IPv6

Port Mirroring, Port Spanning and Port Taps