CompTIA SecurityX is a comprehensive cybersecurity course designed for IT professionals looking to enhance their skills and knowledge in protecting computer net...
Buy Now
CompTIA SecurityX is a comprehensive course designed to equip individuals with the knowledge and skills required to secure networks, identify and mitigate security threats, and protect valuable data assets. This course covers topics such as network security, cryptography, risk management, and compliance, providing participants with a strong foundation in cybersecurity principles. By the end of the course, participants will be prepared to take the CompTIA SecurityX certification exam and embark on a career in the fast-growing field of cybersecurity.
Design and implement secure, resilient architectures for cloud, hybrid and on-premises environments
Develop and execute incident response strategies to swiftly contain and remediate security incidents
Ensure compliance with governance, risk management methodologies and regulatory frameworks
Assess and improve organizational cybersecurity readiness, identifying gaps and recommending enhancements
Lead technical teams in deploying and managing enterprise-wide security solutions aligned with ISO/ANSI 17024 and U.S. DoD requirements
CompTIA SecurityX is a comprehensive cybersecurity course designed for IT professionals looking to enhance their skills and knowledge in protecting computer net...
Flexible online learning tailored to your lifestyle and goals.
One-on-one mentorship from industry professionals to accelerate your growth.
Create portfolio projects that showcase your expertise to potential employers.
Module 3.0 Introduction
3.1 Implementing Security Through Software Development Practices
3.1.1 Defining Security Requirements for Software Development
3.1.2 Software Assurance and Secure Development Environments
3.1.3 Safe Integration of Software Applications
00:08:243.1.4 Continuous Integration/Continuous Deployment (CI/CD)
3.1.5 Supply Chain Risk Management
3.1.6 Hardware Assurance
3.1.7 Managing End-of-Life (EOL) Technology: Risks, Challenges, and Strategic Planning
3.1.8 Lesson Recap
0:10:03.2 Building Security Through Integrated Software Architecture
3.2.1 Managing and Reducing the Attack Surface
3.2.2 Enabling Detection and Proactive Threat Hunting
3.2.3 Part 1: Tools and Enablers for Detection and Threat Hunting
00:05:133.2.4 Part 2: Tools and Enablers for Detection and Threat Hunting
00:07:303.2.5 Designing Information and Data Security Frameworks
3.2.6 Designing Secure Information and Data Systems
00:06:163.2.7 Applying Effective Data Security Methods
00:06:323.2.4 Understanding Data Loss Prevention (DLP) and Its Role in Data Security
3.2.5 Understanding Hybrid Infrastructures: Balancing On-Premises and Cloud Services
3.2.6 Managing Security in Third-Party Integrations
3.2.7 Evaluating the Effectiveness of Security Controls
3.2.8 Lesson Recap
0:20:03.3 Designing for Operational Resilience in IT Systems
3.3.1 Key Design Strategies for Ensuring Availability and Data Integrity
3.3.2 Inspecting Network Traffic: Tools for Threat Detection and Prevention
3.3.3 Securing Access: Network Access Control and VPN Technologies
3.3.4 Proxies and Web Application Firewalls: Enhancing Control and Security in Web Traffic
3.3.5 Specialized Network Components: Enhancing Performance, Visibility, and Security
3.3.6 Lesson Recap
0:10:03.4 Strengthening and Securing Cloud Infrastructure
3.4.1 Understanding Cloud Access Security Brokers (CASB)
3.4.2 Detecting and Managing Shadow IT
3.4.3 Understanding the Shared Responsibility Model in Cloud Security
3.4.4 Securing the CI/CD Pipeline in Cloud Environments
3.4.5 CI/CD: Streamlining Code Integration and Delivery
00:06:403.4.6 Terraform and OpenTofu – Infrastructure as Code for Cloud Security and Automation
3.4.7 Ansible – Simplifying IT Automation and Configuration Management
3.4.8 Package Monitoring – Securing Software Dependencies Across Platforms
3.4.9 Container Security – Safeguarding Applications in Lightweight Virtual Environments
3.4.10 Container Orchestration – Automating the Management of Containerized Applications
3.4.11 Serverless Architecture – Function-Based Cloud Computing for Agile Workloads
3.4.12 API Security – Protecting the Gateway to Your Data
3.4.13 Cloud vs. Customer-Managed Encryption & Licensing
3.4.14 Cloud Data Security Challenges and Best Practices
3.4.15 Key Considerations for Securing Data in the Cloud
00:07:553.4.16 Cloud Control Strategies for Security and Compliance
3.4.17 Strategies for Managing Cloud Environments
00:08:063.4.18 Connecting to the Cloud – Options for Secure and Reliable Access
3.4.19 Cloud Service Integration – Balancing Innovation with Security
3.4.20 Lesson Recap
0:25:03.5 Embedding Zero Trust Principles in Modern Security Architectures
3.5.1 Continuous Authorization in Zero Trust Architectures
3.5.2 Context-Based Reauthentication in Zero Trust Security
3.5.3 Designing Secure Network Architectures in Zero Trust Environments
3.5.4 Identifying Security Criteria to Build a Secure Network Infrastructure.mp4
00:09:263.5.5 Securing API Integration and Validation in Zero Trust Architectures
3.5.6 Asset Identification, Management, and Attestation in Zero Trust Architectures
3.5.7 Redefining Security Boundaries in Zero Trust Architecture
3.5.8 The Concept of Deperimeterization in Modern Networking
3.5.9 Understanding Subject-Object Relationships in Zero Trust Security
3.5.10 Lesson Recap
0:20:03.6 Troubleshooting with AAA and IAM: Strengthening User Access Security
3.6.1 Provisioning and Deprovisioning: Managing User Access and Resources
3.6.2 Federation and Single Sign-On: Enhancing Interoperability and Access Management
3.6.3 Conditional Access: Securing Resources Based on Specific Criteria
3.6.4 Identity and Service Providers: Managing Access Through Authentication and Attestation
3.6.5 Policy Decision and Enforcement Points: Ensuring Context-Aware Access Control
3.6.6 Understanding Access Control Models: From Flexibility to Strict Enforcement
3.6.7 Logging and Auditing: Essential Pillars of Cybersecurity Operations
3.6.8 Public Key Infrastructure (PKI): Architecture, Deployment, and Trust Models
3.6.9 Access Control Systems: Designing Effective AAA Frameworks
3.6.10 Subject-Based Access Control: Managing Access Across Users, Devices, and Services
3.6.11 Biometric Authentication: Balancing Security, Usability, and Privacy
3.6.12 Secrets Management: Protecting Sensitive Credentials
3.6.13 Secrets Management
00:06:373.6.14 Logging and Monitoring in Identity and Access Management (IAM)
3.6.15 Managing Elevated Access with Privileged Identity Management (PIM)
3.6.16 Key Mechanisms for Authentication and Authorization
3.6.17 Lesson Recap
0:10:03.7 Module Quiz
1:0:0Module 4.0 Introduction
4.1: Enhance Endpoint Security
4.1.1 Endpoint Detection and Response (EDR)
4.1.2 Configure and Implement Endpoint Security Controls
00:06:324.1.3 Endpoint Privilege Management (EPM)
4.1.4 Attack Surface Monitoring and Reduction
4.1.5 Endpoint Protection Tools
4.1.6 Mobile Device Management (MDM) Technologies
4.1.7 Threat-Actor Tactics, Techniques, and Procedures (TTPs)
4.1.8 Specialized and Embedded Systems
4.1.9 Securing Enterprise Mobility Through Configuration Management
00:05:444.1.10 Security and Privacy Challenges in Cyber-Physical Systems (CPS)
4.1.11 Sector-Specific Cybersecurity Challenges: Legacy Systems and Critical Operations
4.1.12 Security Challenges of Legacy and Specialized Systems in Critical Infrastructure
4.1.13 Lesson Recap
0:20:04.2 Securing and Troubleshooting Network Infrastructure
4.2.1 Identifying and Resolving Network Misconfigurations
4.2.2 Troubleshooting IPS/IDS Issues in Network Security
4.2.3 Observability – Gaining Deep Insight into Systems
4.2.4 DNS Security – Safeguarding the Internet’s Directory
4.2.5 Email Security – Protecting Your Communications
4.2.6 Cryptography Issues – Safeguarding Secure Communication
4.2.7 Implementing the Appropriate PKI Solution
00:08:234.2.8 Resource Exhaustion – How Attacks and Mismanagement Drain Systems
4.2.9 Lesson Recap
0:15:04.3 Initiating Security Automation – Enhancing Defenses with AI and Automation Tools
4.3.1 Hardware Security Technologies – Strengthening Devices with Advanced Hardware Solutions
4.3.2 Secure Boot
00:08:594.3.3 Hardware Security Features – Advanced Solutions for Modern Protection
4.3.4 Threat-Actor Tactics, Techniques, and Procedures (TTPs)
4.3.5 Host-Based Encryption
00:09:524.3.6 Automating Security with Scripting, Scheduling, and Event Triggers
4.3.7 The Role of Generative AI in Security Automation
4.3.8 Security Orchestration, Automation, and Response (SOAR)
4.3.9 Workflow Automation
4.3.10 Lesson Recap
0:10:04.4 Apply Cryptography Concepts
4.4.1 Post-Quantum Cryptography (PQC)
4.4.2 Key Strengthening Methods: Key Stretching, Key Splitting, and Envelope Encryption
4.4.3 Privacy-Preserving Computation: Homomorphic Encryption and Secure Multiparty Computation
4.4.4 Ensuring Secure Communication: Forward Secrecy, Mutual Authentication, and AEAD
4.4.5 Mutual Authentication
00:06:064.4.6 Balancing Cryptographic Performance and Security
4.4.7 Understanding Data Security States
4.4.8 Encryption and Authentication Mechanisms: Protecting Data in Transit and Beyond
4.4.9 Implementing the Appropriate Cryptographic Protocols and Algorithms.mp4
00:05:534.4.10 Advanced Data Protection Techniques: Sanitization, Anonymization, and Cryptographic Privacy
4.4.11 Blockchain, Immutable Databases, and Cryptographic Trust Mechanisms
4.4.12 Cryptography: Legal Compliance, Technical Challenges, and Resource Considerations
4.4.13 Ensuring Software Integrity and Provenance through Cryptography
4.4.14 Advanced Data Protection and Privacy Mechanisms
4.4.15 Ensuring Data Integrity and Authenticity
4.4.16 Modern Encryption Techniques: Balancing Security, Speed, and Practicality
4.4.17 Lesson Recap
0:20:04.5 Module Recap
1:0:0Module 5.0 Introduction
5.1 Conducting Strategic Threat Modeling in the Age of AI
5.1.1 Profiling Threat Actors—Motivations, Methods, and Capabilities
5.1.2 Leveraging Threat Frameworks for Structured Threat Assessment
5.1.3 Methods for Identifying and Assessing Threats
00:04:555.1.4 Identifying and Securing the Attack Surface
5.1.5 Tailoring Threat Models to Your Organizational Environment
5.1.6 Identifying and Managing Threats to the Threat Model
5.1.7 Navigating the Threat Landscape of AI-Driven Cyber Attacks
5.1.8 Managing the Security and Ethics of AI-Enabled Assistants
5.1.9 Lesson Recap
0:10:05.2 Security Monitoring – Tools, Techniques & Best Practices
5.2.1 Data Collection and Integration – Maximizing SIEM Capabilities
5.2.2 Data Processing and Behavioral Benchmarking – Enhancing Operational Security
5.2.3 Integrating Multiple Data Sources
00:05:545.2.4 Alerting Concepts and Practices – Ensuring Effective Detection
5.2.5 Reporting and Metrics – Measuring and Improving Security Posture
5.2.6 Lesson Recap
0:15:05.3 Analyze Known Attack Methods and Associated Mitigations
5.3.1 Vulnerabilities — Input and Output Manipulation
5.3.2 Vulnerabilities — Memory and Execution Vulnerabilities
5.3.3 Vulnerabilities — Cryptographic Issues
5.3.4 Vulnerabilities — System Configuration and Management
5.3.5 Vulnerabilities — Supply Chain and External Dependencies
5.3.6 Mitigations — Input and Output Security
5.3.7 Assessing Vulnerabilities and Suggesting Risk Reduction Strategies
00:06:025.3.8 Mitigations — Secure Software Development Practices
5.3.9 Mitigations — System Maintenance and Secure Configuration Management
5.3.10 Mitigations — Data Protection and Access Control Strategies
5.3.11 Lesson Recap
0:20:05.4 Leveraging Threat Hunting Tools and Intelligence Frameworks
5.4.1 Leveraging Internal Intelligence for Threat Detection
5.4.2 Leveraging External Intelligence Sources
5.4.3 Counterintelligence and Operational Security
5.4.4 Threat Intelligence Platforms (TIPs)
5.4.5 Indicator of Compromise (IoC) Sharing
5.4.6 Analyzing Indicators of Compromise
00:06:235.4.7 Rule-Based Languages
5.4.8 Lesson Recap
0:9:05.5 Evaluate Incident Analysis and Response
5.5.1 Malware Analysis
5.5.2 Malware Analysis
00:05:185.5.2 Forensic Analysis
5.5.3 Detection and Initial Analysis
5.5.4 Continuous Improvement
5.5.5 Metadata Analysis
00:04:565.5.6 Preparedness and Prevention
5.5.7 Lesson Recap
0:10:05.5.8 Module Recap
1:0:0Module A.0 Introduction
A.1 Preparing for the CompTIA SecurityX Certification
A.1.1 Why Should I Take a Certification Exam?
A.1.2 SecurityX (CAS-005) Exam Overview and Preparation
A.1.3 How to Schedule and Take the CompTIA SecurityX (CAS-005) Certification Exam
A.1.4 Essential Tips for Taking the SecurityX (CAS-005) Exam
A.2 SecurityX CAS-005 Practice Exams
A.2.1 Exam Practice 1 – Governance, Risk, and Compliance
1:0:0A.2.2 Exam Practice 2 – Security Architecture
1:0:0A. 2.3 Exam Practice 3 – Security Engineering
1:0:0A.2.4 Exam Practice 4 – Security Operations
1:0:0A.2.5 Full SecurityX CAS-005 Exam Practice
1:0:0Module 2.0 Introduction
2.1 Establishing the Right Governance Components
2.1.1 Developing Security Program Documentation
2.1.2 Managing Security Programs
2.1.3 Frameworks for Governance
2.1.4 Change and Configuration Management
2.1.5 Tools for Governance, Risk, and Compliance (GRC)
2.1.6 Managing Data Governance in Staging Environments
2.1.7 The Legal and Privacy Impact of AI Implementation
2.1.8 Lesson Recap
0:20:02.2 Understanding Legal Compliance
2.2.1 Industry-Specific Compliance Awareness
2.2.2 Overview of Industry Standards
2.2.3 Frameworks for Security and Compliance Reporting
2.2.4 The Role of Audits, Assessments, and Certifications in Compliance
2.2.5 Key Privacy Laws and Regulations
2.2.6 Meeting Compliance Requirements in Multiple Jurisdictions
2.2.7 Lesson Recap
0:20:02.3 Implementing Risk Management Strategies
2.3.1 Assessing Potential Impacts
2.3.2 Risk Analysis and Mitigation
2.3.3 Implementing the Right Risk Management Strategies
00:06:522.3.4 Managing Third-Party Risks
2.3.5 Assessing Availability Risks
2.3.6 Assessing Confidentiality Risks
2.3.7 Integrity Risk Assessment
2.3.8 Data Integrity Risk Evaluation
2.3.9 Risks Associated with AI Implementation
2.3.10 Managing Crisis Situations
2.3.11 Breach Management and Response
2.3.12 Lesson Recap
0:20:02.4 Module Quiz
1:0:0
