Security+ is a vendor-neutral certification that proves competency in network security and risk management. Security+ labs focus on the principles and best practices in network security. Students gain hands-on practice in the skills needed to secure a network and prepare for industry certification.
Security+ labs are supported in NETLAB+ using the Security+ v4 Pod.
Certification Resources: Please see the table below for details on how the labs map to the CompTIA Security+ Certification Exam Objectives and the CompTIA Security+ All-in-One Exam Guide, Sixth Edition (Exam SY0-601).
| Lab | Title | CompTIA Security+ (SY0-601) Exam Objectives |
All-In-One CompTIA Security+ Sixth Edition ISBN-13: 978-1260464009 Chapters |
|---|---|---|---|
| 1 | Social Engineering Attack |
1.1: Compare and contrast different types of social engineering techniques 1.2: Given a scenario, analyze potential indicators to determine the type of attack |
1: Social Engineering Techniques 2: Type of Attack Indicators |
| 2 | Analyze Types of Malware & Application Attacks |
1.2: Given a scenario, analyze potential indicators to determine the type of attack 1.3: Given a scenario, analyze potential indicators associated with application attacks 1.6: Explain the security concerns associated with various types of vulnerabilities |
2: Type of Attack Indicators 3: Application Attack Indicators 6: Vulnerabilities |
| 3 | Analyzing Types of Web Application Attacks | 1.3: Given a scenario, analyze potential indicators associated with application attacks | 3: Application Attack Indicators |
| 4 | Investigating ARP Poisoning | 1.4: Given a scenario, analyze potential indicators associated with network attacks | 4: Network Attack Indicators |
| 5 | Analyzing Types of Attacks and Mitigation Techniques |
1.2: Given a scenario, analyze potential indicators to determine the type of attack 1.3: Given a scenario, analyze potential indicators associated with application attacks 1.4: Given a scenario, analyze potential indicators associated with network attacks 1.6: Explain the security concerns associated with various types of vulnerabilities |
2: Type of Attack Indicators 3: Application Attack Indicators 4: Network Attack Indicators 6: Vulnerabilities |
| 6 | Vulnerability Checks with OpenVAS |
1.6: Explain the security concerns associated with various types of vulnerabilities 1.7: Summarize the techniques used in security assessments |
6: Vulnerabilities 7: Security Assessments |
| 7 | Performing Active Reconnaissance |
1.7: Summarize the techniques used in security assessments 1.8: Explain the techniques used in penetration testing 4.1: Given a scenario, use the appropriate tool to assess organizational security |
7: Security Assessments 8: Penetration Testing 26: Tools/Assess Organizational Security |
| 8 | Identifying & Analyzing Network/Host Intrusion Detection System (NIDS/HIDS) Alerts |
1.7: Summarize the techniques used in security assessments 3.2: Given a scenario, implement host or application security solutions 3.3: Given a scenario, implement secure network designs 4.3: Given an incident, utilize appropriate data sources to support an investigation |
7: Security Assessments 18: Host and Application Security 19: Secure Network Design 28: Investigations |
| 9 | Virtualization, Group Policy Objects (GPO) |
2.2: Summarize virtualization and cloud computing concepts 2.4: Summarize authentication and authorization design concepts |
10: Virtualization and Cloud Security 12: Authentication and Authorization |
| 10 | JavaScript Obfuscation & Dead Code Injection | 2.3: Summarize secure application development, deployment, and automation concepts | 11: Secure Application Development, Deployment, and Automation Concepts |
| 11 | Configuring a RADIUS Server | 3.8: Given a scenario, implement authentication and authorization solutions | 24: Implement Authentication and Authorization |
| 12 | Setting Up a Load Balancer | 2.5: Given a scenario, implement cybersecurity resilience | 13: Cybersecurity Resilience |
| 13 | IoT Management | 2.6: Explain the security implications of embedded and specialized systems | 14: Embedded and Specialized Systems |
| 14 | Cryptography Concepts | 2.8: Summarize the basics of cryptographic concepts | 16: Cryptographic Concepts |
| 15 | Implementing Common Protocols and Services for Basic Security Practices |
3.1: Given a scenario, implement secure protocols 3.3: Given a scenario, implement secure network designs |
17: Secure Protocols 19: Secure Network Design |
| 16 | Securing Data with Encryption Software |
2.1: Explain the importance of security concepts in an enterprise environment 3.2: Given a scenario, implement host or application security solutions |
9: Enterprise Security Architecture 18: Host and Application Security |
| 17 | Configuring a Network-Based Firewall |
3.3: Given a scenario, implement secure network designs 4.4: Given an incident, apply mitigation techniques or controls to secure an environment |
19: Secure Network Design 29: Mitigation Techniques and Controls |
| 18 | Wireless Networking Attack and Mitigation Techniques | 3.4: Given a scenario, install and configure wireless security settings | 20: Wireless Security |
| 19 | Working with Android | 3.5: Given a scenario, implement mobile solutions | 21: Secure Mobile Solutions |
| 20 | Linux Account Management | 3.7: Given a scenario, implement identity and account management controls | 23: Identity and Account Management Controls |
| 21 | PKI Management with Windows | 3.9: Given a scenario, implement public key infrastructure | 25: Public Key Infrastructure |
| 22 | Capturing Network Traffic |
3.1: Given a scenario, implement secure protocols 4.1: Given a scenario, use the appropriate tool to assess organizational security |
17: Secure Protocols 26: Tools/Assess Organizational Security |
| 23 | Incident Response Procedures |
1.2: Given a scenario, analyze potential indicators to determine the type of attack 4.1: Given a scenario, use the appropriate tool to assess organizational security 4.2: Summarize the importance of policies, processes, and procedures for incident response 4.3: Given an incident, utilize appropriate data sources to support an investigation |
2: Type of Attack Indicators 26: Tools/Assess Organizational Security 27: Incident Response Policies, Processes, and Procedures 28: Investigations |
| 24 | Performing Backups | 2.5: Given a scenario, implement cybersecurity resilience | 13: Cybersecurity Resilience |
| 25 | Using Autopsy for Forensics and Lost Data Recovery |
4.1: Given a scenario, use the appropriate tool to assess organizational security 4.5: Explain the key aspects of digital forensics |
26: Tools/Assess Organizational Security 30: Digital Forensics |
The book listed below is a recommended resource to accompany the NDG Security+ v4 labs.
CompTIA Security+ All-in-One Exam Guide Sixth Edition (Exam SY0-601) 6th Edition by Wm. Arthur Conklin (Author), Greg White (Author), Dwayne Williams ISBN-13: 978-1260464009 ISBN-10: 1260464008
To enable the Security+ v4 labs, install the NDG Security+ v4 course using the Course Manager. See the Course Manager section of the NETLAB+ VE Admin Guide for details. The course content will then be available to be added to classes.
