CompTIA Security+ SY0-601 Domain 1
- 2. www.infosectrain.com | [email protected] 01 About Security+ SY0-601 CompTIA Security+ is a worldwide certification that verifies the fundamental skills required to execute basic security activities and build a career in information security. CompTIA Security+ SY0-601 is the latest version of the Security+ certification. The very first security certification that IT professionals can obtain is CompTIA Security+, and it is the best entry-level certification. The main reason why CompTIA’s Security+(Plus) certification is such an excellent entry-level certification is It provides the fundamental information that each cybersecurity professional must have. Its areas are based on a straightforward premise: a major emphasis on practical skills. After passing the certification you can show that you are prepared to deal with a real-world scenario and It also provides a platform for intermediate-level cybersecurity positions.
- 3. www.infosectrain.com | [email protected] 02 The latest version of Security+ SY0-601 have 5 Domains: Domain 1.0: Attacks, Threats, and Vulnerabilities (24%) Domain 2.0: Architecture and Design (21%) Domain 3.0: Implementation (25%) Domain 4.0: Operations and Incident Response (16%) Domain 5.0: Governance, Risk, and Compliance (14%) In this blog, we discuss the first domain Attacks, Threats, and Vulnerabilities.
- 4. www.infosectrain.com | [email protected] 03 Attacks, Threats, and Vulnerabilities D O M A I N 1 The first domain of CompTIA Security+ (plus), SY0-601 addresses a fundamental requirement of every data security expert: the ability to detect and comprehend various threats, attack methods, and vulnerabilities that might be exploited. The weightage of this domain is 24%. In this domain, we learn about: 1. Social Engineering Techniques and Type 2. Malware Based Attack 3. Threat Actors, Vectors, and Threat Intelligence 4. Explain Penetration Testing Techniques 5. Explain Security Concerns with Type of Vulnerability
- 5. www.infosectrain.com | [email protected] 04 Social Engineering Techniques and Type 01 In this lesson, we will learn all about social engineering and its techniques. We discuss various principles of social engineering like: • Familiarity • Social Proof • Authority and Intimidation • Scarcity and Urgency • Impersonation and trust We also cover Impersonation and Trust: It is a common technique of social engineering. Trying to pretend to be someone else is known as impersonation. After that we learn different types of social engineering: • Phishing • Smishing • Vishing • Spear Phishing • Dumpster Diving • Shoulder Surfing • Tailgating • Whaling
- 6. www.infosectrain.com | [email protected] 05 Malware-Based Attack 02 Malicious code is one of the most common dangers to devices today. As a cybersecurity specialist, you will almost certainly have faced undesirable malware attacking your computers. You’ll be better equipped to fix affected systems or prevent malware if you classify the various forms of malware and recognize the indications of infection. In this part, we will discuss different types of Malware and how it Then we learn some different Malware Indicators, Sandbox Execution, Resource Consumption, and File system. • Ransomware • Trojans • Worms • PUPs (Potentially Unwanted Programs) • Bots • Rootkit • Backdoor
- 7. www.infosectrain.com | [email protected] 06 Threat Actors, Vectors, and Threat Intelligence: 03 You should be able to describe defensive and attack tactics in order to conduct a successful security analysis. Your primary responsibility will most likely be protecting assets, but in order to do so, you’ll need to be able to describe threat actors’ strategies, techniques, and processes. You should also be able to discover trusted sources of threat intelligence and research as the threat landscape evolves. In this lesson we will learn 1. Threat Actor and Vectors: In this part, we will discuss types of threat actors: Insider Threat Actors, Hackers, Script Kiddies, Hacker Team, State Actors, Advanced Persistent Threats, and Criminal Syndicates. We also cover Attributes of Threat Actors. Inside this, we discuss Internal/External, Intent/Motivation, Level of Sophistication/Capability, Resources/Funding. Also, we understand Attack Vectors and how attack vectors help threat actors to gain access to a protected system. Inside Attack vector, we also learn Direct access, Removable media, Email, Remote and wireless, Social chain, and Cloud. 2. Threat Intelligence: In this part we explain threat intelligence, work of threat intelligence, we learn, Threat Intelligence Source and Research Source In Threat Intelligence Source we discuss Open-source intelligence (OSINT), Closed/ proprietary, Vulnerability databases, Public/private information sharing centers, Dark web, Indicators of compromise, and Threat maps.In Research Source we discuss: 1. Threat Actors and Vectors. 2. Threat Intelligence. • Vendor websites • Vulnerability feeds • Conferences • Academic journals • Request for Comments (RFC) • Local industry groups • Social media • Threat feeds • Adversary tactics, techniques, and procedures (TTP)
- 8. www.infosectrain.com | [email protected] 07 Explain Penetration Testing Techniques 04 Penetration testing is a form of evaluation that uses well-known strategies and procedures to try to break into a system. In this part we understand Penetration Testing, inside this, we discuss: • Known environment • Unknown environment • Partially known environment • Rules of engagement • Lateral movement We understand Passive and active reconnaissance: We also cover Exercise Types. In this part, we learn about some Teams. What is the work of these teams: Red-team, Blue-team, White-team, Purple-team. • Drones • War flying • War driving • Footprinting • OSINT • Privilege escalation • Persistence • Cleanup • Bug bounty • Pivoting
- 9. www.infosectrain.com | [email protected] 08 Explain Security Concerns with Type of Vulnerability 05 You must be aware of the many types of vulnerabilities that impact computer systems and networks. You should be able to analyze and describe the potential consequences of vulnerabilities in order to prioritize evaluation and remediation actions where they are most required. In this lesson, we discuss Software Vulnerabilities and Patch Management, Zero-Day, Third-Party Risk, Improper or Weak Patch Management, Impacts of Vulnerabilities.