In Lesson 1 of CompTIA Security+, students are introduced to the fundamentals of information security, including an overview of the various roles and responsibilities within the field.

This lesson also covers the different types of security controls and framework categories, as well as the various regulations and standards that govern information security practices.

By the end of this lesson, students should be able to compare and contrast the different types of security controls and framework types, as well as understand the importance of different information security roles and competencies.

Lesson 2 of CompTIA Security+, covers the concepts of threat actors, attack vectors, and threat intelligence sources. The lesson begins by defining vulnerability, threat, and risk, and then goes on to discuss the attributes of various types of threat actors, including hackers, state actors, criminal syndicates, and insider threat actors. The concept of an attack surface and various attack vectors are also introduced.

The lesson concludes with an overview of threat intelligence sources, including threat research sources, tactics, techniques, and procedures, indicators of compromise, threat data feeds, and artificial intelligence and predictive analysis.

Lesson 3 of CompTIA Security+ covers various topics related to organizational security assessment. The lesson covers network reconnaissance tools such as ipconfig, ping, ARP, route, traceroute, IP scanners, Nmap, netstat, and nslookup. It also covers packet capture and analysis tools like tcpdump and Wireshark, and exploitation frameworks like Netcat.

The lesson explains different types of vulnerabilities such as software vulnerabilities, weak host and network configurations, and third-party risks. The vulnerability scanning techniques discussed include security assessments, vulnerability scan types, common vulnerabilities and exposures, intrusive versus non-intrusive scanning, and credentialed versus non-credentialed scanning.

Finally, the lesson explains the concepts of penetration testing, rules of engagement, exercise types, passive and active reconnaissance, and the pen test attack life cycle.

Lesson 4 of CompTIA Security+ covers two main topics: social engineering techniques and malware-based attacks. The first part of the lesson compares and contrasts various types of social engineering, including impersonation, dumpster diving, phishing, and more. The second part of the lesson focuses on analyzing indicators of malware-based attacks, such as computer viruses, spyware, and ransomware.

By the end of the lesson, students should have a solid understanding of these concepts and be able to apply them to real-world scenarios.

Lesson 5 of CompTIA Security+ covers an introduction to cryptographic ciphers and concepts. The lesson compares and contrasts different cryptographic modes of operation, including hashing algorithms, encryption ciphers and keys, symmetric and asymmetric encryption, public key cryptography algorithms, digital signatures, and certificates.

The lesson also discusses cryptographic use cases and weaknesses, such as supporting authentication, confidentiality, integrity, and resiliency, as well as performance and security limitations, longevity, and cryptographic attacks. Other cryptographic technologies such as quantum and post-quantum, homomorphic encryption, blockchain, and steganography are also briefly introduced.

In Lesson 6 of CompTIA Security+, the focus is on implementing certificates and certificate authorities. The lesson covers topics such as public and private key usage, certificate authorities, PKI trust models, registration authorities and CSRs, digital certificates, certificate attributes, and subject name attributes. Additionally, the lesson delves into the different types of certificates, including web server certificate types and other certificate types.

The second half of the lesson focuses on implementing PKI management, including certificate and key management, key recovery and escrow, certificate expiration, certificate revocation lists, online certificate status protocol responders, certificate pinning, and certificate formats such as OpenSSL. Finally, the lesson details common issues that can arise with certificates.

Lesson 7 of CompTIA Security+ covers various topics related to authentication design and management.

The lesson starts by introducing the concepts of identity and access management, authentication factors, and authentication design, as well as the need for multifactor authentication and authentication attributes. It then covers different types of authentication, including knowledge-based authentication and various authentication protocols such as Kerberos, PAP, CHAP, and MS-CHAP.

The lesson also covers password attacks, authentication management, and different authentication technologies such as smart card authentication and 2-step verification.

Finally, the lesson concludes with a summary of biometric authentication concepts, including fingerprint recognition, facial recognition, and behavioral technologies.

Lesson 8 covers the implementation of identity and account management, account policies, and authorization solutions.

It begins with identity management controls, background checks, and onboarding and offboarding policies. The lesson also discusses security account types, privileges, and credential management, including secure shell keys and third-party credentials. Account policies settings encompass attributes, access policies, password policies, restrictions, audits, permissions, usage audits, and lockout mechanisms.

Additionally, it explores authorization solutions like role-based access control, file system permissions, and directory services. The lesson highlights the importance of personnel policies, including conduct policies, user training, and the use of various training techniques.

Overall, it equips learners with crucial knowledge to enhance IT environment security.

Lesson 9 of CompTIA Security+ covers implementing secure network designs, secure switching and routing, secure wireless infrastructure, and load balancers. Topics include network architectures, demilitarized zones, IPv6 implications, man-in-the-middle attacks, network access control, wireless security, authentication methods, DDoS attacks, and load balancing for mitigation.

Lesson 10 of CompTIA Security+ covers the implementation of firewalls and proxy servers, including packet filtering and stateful inspection firewalls, access control lists, network address translation, and virtual firewalls. The lesson also covers network security monitoring, including network-based intrusion detection and prevention systems, next-generation firewalls, and host-based intrusion detection systems. Finally, the lesson summarizes the use of Security Information and Event Management (SIEM) for monitoring services, analysis, and report review, as well as file manipulation, regular expressions, and grep.

Lesson 11 of CompTIA Security+ covers the implementation of secure network operations, application protocols, and remote access protocols. The lesson includes topics such as network address allocation, domain name resolution, DNS security, time synchronization, and secure directory services. It also covers the implementation of secure application protocols such as HTTP, TLS, and API considerations. Finally, it discusses secure remote access protocols like Remote Desktop, VPN, and Secure Shell, among others.

Lesson 12 delves into two major areas of cybersecurity: secure firmware implementation and endpoint security. The lesson starts by introducing the importance of secure firmware, covering topics like Hardware Root of Trust, Boot Integrity, Disk Encryption, USB and Flash Drive Security, as well as Third-Party Risk Management and End of Life Systems. The focus then shifts to implementing robust endpoint security, encompassing Hardening, Baseline Configuration, Patch Management, and Endpoint Protection.

The lesson concludes by explaining the security implications of Embedded Systems, including Logic Controllers, Communications Considerations, and various specialized systems in IoT, facility automation, IT, vehicles, drones, and medical devices, all of which require critical attention for maintaining a secure cyber landscape.

Lesson 13 of CompTIA Security+ covers implementing mobile device management and secure mobile device connections. The lesson begins with an introduction to enterprise mobility management and covers iOS and Android in the enterprise, as well as mobile access control systems, remote wipe, full device encryption, and external media. The lesson also covers location services, application management, content management, rooting and jailbreaking.

The second part of the lesson covers secure mobile device connections, including cellular and GPS, Wi-Fi and tethering, Bluetooth, infrared and RFID, near field communications, mobile payment services, USB, SMS/MMS/RCS, push notifications, firmware over-the-air updates, and microwave radio connection methods.

Lesson 14 covers a wide range of topics related to application and web application attacks, secure coding practices, secure script environments, and deployment/automation concepts. The lesson starts by analyzing indicators of application attacks, such as overflow vulnerabilities, memory leaks, and DLL injection. It then shifts to web application attacks, including cross-site scripting and session hijacking. Secure coding practices are summarized, covering techniques like server-side validation and static code analysis.

The lesson also discusses implementing secure script environments like Python and PowerShell, along with malicious code indicators. Lastly, deployment and automation concepts are outlined, touching on application development environments and software diversity.

Lesson 15 of CompTIA Security+ covers Secure Cloud and Virtualization Services, including cloud deployment models, service models (IaaS, PaaS, SaaS), and virtualization technologies. It emphasizes Cloud Security Solutions like integration, auditing, and controls, as well as Cloud Compute and Storage Security. Networking security with VPCs, Transit Gateways, and Cloud Firewall is discussed, along with Infrastructure as Code concepts like APIs and Serverless Architecture.

Lesson 16 of CompTIA Security+ covers the introduction and objectives of privacy and data sensitivity concepts. The lesson includes an overview of data roles and responsibilities, data classifications, data types, privacy notices, and data retention. It also discusses data sovereignty, privacy breaches, data breaches, data sharing, and privacy terms of agreement.

In addition, the lesson covers data protection controls, data exfiltration, data loss prevention, rights management services, privacy-enhancing technologies, and database deidentification methods.

Lesson #17 of CompTIA Security+ covers incident response procedures, data sources for incident identification, and mitigation controls. Topics include Cyber Incident Response Teams, communication plans, Incident Response Plans, attack frameworks, and exercises.

Students learn to use SIEM dashboards, log files, and metadata for incident identification. Mitigation controls involve containment, eradication, and recovery strategies, such as firewall and content filter configuration changes and Security Orchestration, Automation, and Response (SOAR).

In lesson 18 of CompTIA Security+, learners are introduced to essential elements of digital forensics documentation and evidence acquisition. The lesson covers key aspects of digital forensics, including reports, e-discovery, video and witness interviews, timelines, event logs, network traffic, and strategic intelligence.

It also explores critical concepts related to evidence acquisition, such as data acquisition, order of volatility, digital forensics software, system memory acquisition, disk image acquisition, preservation of evidence, acquisition of other data, and digital forensics for cloud environments.

Lesson 19 of CompTIA Security+ provides an overview of Risk Management Processes and Concepts, covering various risk types and assessment methods, including quantitative and qualitative approaches. The lesson also explores essential Risk Management Strategies, such as risk avoidance, risk transference, and risk acceptance, while emphasizing the importance of risk awareness.

Additionally, the lesson introduces Business Impact Analysis (BIA) Concepts, focusing on identifying mission essential functions, critical systems, and preparing for disasters through Disaster Recovery Plans and Functional Recovery Plans.

Lesson 20 of CompTIA Security+ introduces the implementation of redundancy, backup, and cybersecurity resiliency strategies. Specifically, it covers high availability, power redundancy, network redundancy, disk redundancy, geographical redundancy and replication, backups and retention policy, backup types, snapshots and images, backup storage issues, backup media types, restoration order, nonpersistence, configuration management, asset management, change control and change management, site resiliency, diversity and defense in depth, and deception and disruption strategies.

Lesson 21 of CompTIA Security+ covers the significance of Physical Site and Host Security Controls. The lesson emphasizes the importance of safeguarding physical locations by implementing measures like site layout, fencing, lighting, gateways, locks, alarm systems, sensors, security guards, and cameras.

It also delves into protecting critical host environments through secure areas, protected distribution, Faraday cages, heating, ventilation, air conditioning, hot and cold aisles, fire detection and suppression systems, as well as secure data destruction and data sanitization tools.