Mike Meyers’ Comptia Security+ Certification Passport, Sixth Edition (Exam Sy0-601)

Dawn Dunkerley (Meridianville, AL), CISSP, ISSAP, ISSEP, ISSMP, CSSLP, PMP, received a Ph.D. in Information Systems from Nova Southeastern University in 2011 with a doctoral focus of information security success within organizations. Her research interests include cyberwarfare, cybersecurity, and the success and measurement of organizational cybersecurity initiatives. She holds the 2011 ISC2 Government Information Security Leadership Award (Crystal).

This quick review, cram-style study guide offers 100% coverage of every topic on the latest version of the CompTIA Security+ exam

Domain 1 Attacks, Threats, and Vulnerabilities 1.1 Compare and contrast different types of social engineering techniques 1.2 Given a scenario, analyze potential indicators to determine the type of attack 1.3 Given a scenario, analyze potential indicators associated with application attacks 1.4 Given a scenario, analyze potential indicators associated with network attacks 1.5 Explain different threat actors, vectors, and intelligence sources 1.6 Threat Awareness and Mitigation 1.7 Summarize the techniques used in security assessments 1.8 Explain the techniques used in penetration testing Domain 5 Governance, Risk, and Compliance 5.1 Compare and contrast various types of controls 5.2 Explain the importance of applicable regulations, standards, or frameworks that impact organizations 5.3 Explain the importance of policies to organizational security 5.4 Summarize risk management processes and concepts 5.5 Explain privacy and sensitive data concepts in relation to security Domain 2 Architecture and Design 2.1 Explain the importance of security concepts in an enterprise environment 2.2 Summarize virtualization and cloud computing concepts 2.3 Summarize secure application development, deployment, and automation concepts 2.4 Summarize authentication and authorization design concepts 2.5 Given a scenario, implement cybersecurity resilience 2.6 Explain the security implications of embedded and specialized systems 2.7 Explain the importance of physical security controls 2.8 Summarize the basics of cryptographic concepts Domain 3 Implementation 3.1 Given a scenario, implement secure protocols 3.2 Given a scenario, implement host or application security solutions 3.3 Given a scenario, implement secure network designs 3.4 Given a scenario, install and configure wireless security settings 3.5 Given a scenario, implement secure mobile solutions 3.6 Given a scenario, apply cybersecurity solutions to the cloud 3.7 Given a scenario, implement identity and account management controls 3.8 Given a scenario, implement authentication and authorization solutions 3.9 Given a scenario, implement public key infrastructure Domain 4 Operations and Incident Response 4.1 Given a scenario, use the appropriate tool to assess organizational security 4.2 Summarize the importance of policies, processes, and procedures for incident response 4.3 Given an incident, utilize appropriate data sources to support an investigation 4.4 Given an incident, apply mitigation techniques or controls to secure an environment 4.5 Explain the key aspects of digital forensics