Course overview
This course bundle is aimed at both experts working within IT and/or those who have extensive knowledge of IT technologies, including networking. It includes three expert-level, globally recognised CompTIA cyber security certifications: 1. The CompTIA PenTest+ (Penetration Tester), 2. The CompTIA CySA+ (Cyber Security Analyst), 3. The CompTIA CASP+ (Certified Advanced Security Practitioner).
There is no denying that the level of cyber-attacks has increased over the last decade. Some have affected small pockets of the world, whereas others have had more of a global impact. As the world becomes more interconnected through computer technology, the opportunity to steal data and disrupt lives has become more prevalent. There has never been a better time to become a Cyber cybersecurity specialist than now. Demand for specialists continues to grow.
The certification bundle starts off by looking at key security concepts such as threat assessment, threat management, controls, cryptography, and ongoing management. From there, the course then becomes highly specialised exploring security architecture and design, encryption, software development security, and telecommunications and network security.
Upon completion of the course, you will not only exit with a series of globally respected cyber security certifications but a deeper knowledge of cyber security concepts, practices and tools to better equip you to manage and respond to cyber security issues. You will possess a set of skills you can apply to a vast range of cyber security job roles.
What’s included in this certification bundle?
This bundle contains three CompTIA certification courses (inclusive of three official CompTIA exams).
As part of this bundle, you will also get access to a MeasureUP or Kaplan practice test for each certification course. Scroll down to read more about the MeasureUP/Kaplan practice tests and how they will help you pass your exams the first time.
Job outcomes
- Cyber Security Engineer
- Cyber Security Analyst
- Cyber Security Investigator
- Cyber Security Architect
- Cyber Security Incident Manager
- Cyber Threat Analyst
- Cyber Threat Consultant
- IT Security Specialist
- IT Security Consultant
Study method
- Online
- Blended
- In-class
Duration study load
Some people finish their course faster than others. Each certification course is between 12-30 hours. If you choose to only do one of the certification courses from this bundle, then it will take you less time than if you do two or three or all of them. No matter what though, you will always have 12 months to complete your course.
Course features
- Official CompTIA Video Content
- Simulators
- MeasureUP Practice Tests
- Official CompTIA Exams
Assessment
Certification exams included:
- CompTIA PenTest+ PT0-002
- CompTIA CySA+ CS0-003
- CompTIA CASP+ CAS-004
Live Labs/Simulators included:
- CompTIA PenTest+ PT0-002
- CompTIA CySA+ CS0-003
- CompTIA CASP+ CAS-004
Practice tests included:
- CompTIA PenTest+ PT0-002
- CompTIA CySA+ CS0-003
- CompTIA CASP+ CAS-004
Delivery
All courses are online and self-paced, meaning you do it in your own home, in your own time, at your own pace and best of all… anywhere in the world, providing you have access to a laptop, PC or desktop computer, and an internet connection. Each lesson is pre-recorded allowing you to pause, fast-forward, skip sections, or go back to another lesson if you need to. The lessons are multi-media based, which means video and audio are used to teach the lessons. Your tutor will PowerPoint slides, illustrations, diagrams and give demonstrations to teach each class. Most lessons are also interactive, prompting the learner to participate. This might involve answering on-screen questions, participating in tasks.
Subjects
PLANNING AND SCOPING
Overview
Regulation And Compliance
Common Pentest Restrictions
Legal Concepts And Documents
Standards And Methodologies
Scoping An Engagement
Professionalism And Integrity
INFORMATION GATHERING AND VULNERABILITY SCANNING
DNS Recon
Target Recon
Host Discovery And Enumeration
Web And Cloud Discovery And Enumeration
Defence Detection And Avoidance
Vulnerability Scanning
Nmap
ATTACKS AND EXPLOITS
Exploit Resources
Denial Of Service
ARP And DNS Poisoning
Password Attacks
VLAN Hopping
MAC Spoofing
Wireless Attacks
OWASP Top 10 Web App Security Risks
SSRF Attacks
Business Logic Flaws
SQL Injection Attacks
Other Injection Attacks
XSS Attacks
Session Attacks
API Attacks
Cloud Attacks
Mobile Attacks
IoT Hacking
Data Storage System Vulnerabilities
ICS SCADA And IIOT Vulnerabilities
Virtual Environment Vulnerabilities
Container Vulnerabilities
Social Engineering And Physical Attacks
Post-Exploitation Enumeration And Tools
Network Segmentation Testing
Privilege Escalation
Persistence
Detection Avoidance
REPORTING AND COMMUNICATION
Components Of Written Reports
Recommended Remediations
Communication During A Pentest
Post Report Delivery Activities
TOOLS AND CODE ANALYSIS
Basic Programming Concepts
Analyse Scripts Or Code For Use In A Pentest
Opportunities For Automation
CYBERSECURITY CONCEPTS
Course Overview
Common Log Ingestion Concepts
Common Operating System Concepts
Common Infrastructure Concepts
Common IAM Concepts
Common Encryption Concepts
Protecting Sensitive Data
Common Network Architecture
Malicious Network Activity
Malicious Host Activity
Malicious Application Activity
Other Malicious Activity
Packet Capture Tools
Log Analysis Tools
Endpoint Detection And Response
DNS And IP Reputation Tools
File Analysis Tools
Sandboxing Tools
Email Analysis Tools
User And Entity Behavior Analytics
Scripting And Programming
Threat Actor Types
TTPs
CTI Confidence Levels
CTI Sources
CTI Sharing
Threat Hunting
Process Standardisation
Streamlining Operations
Integrating Tools And Technology Into Security Operations
VULNERABILITY TYPES AND CONCEPTS
Asset Discovery And Mapping
Vulnerability Scanning Types And Considerations
Vulnerability Scanning Frameworks
Analyse Vulnerability Assessment Scanner Output
CVSS
Vulnerability Prioritisation
Software Vulnerability Mitigations
SDLC
Threat Modeling
Compensating Controls
System Maintenance Procedures
Risk Management Principles
Policies, Governance, And SLOs
Prioritisation And Escalation
Attack Surface Management
Secure Coding Best Practices
MANAGING CYBERSECURITY INCIDENT RESPONSE
Attack Methodology Frameworks
Detection And Analysis
Containment, Eradication, And Recovery
Preparation Phase
Post-Incident Activity
COMMUNICATING CYBERSECURITY FINDINGS EFFECTIVELY
Communicate Vulnerability Management Reporting
Communicate Incident Response Metrics And KPIs
Communicate Compliance Reporting
Communicate Inhibitors To Remediation
Communicate Incident Response Reports
Communicate Root Cause Analysis
Communicate Vulnerability Metrics And KPIs
SECURITY ARCHITECTURE
Overview
Services – Discussion
Segmentation – Discussion
Services & Segmentation – Scenarios
Deperimeterization/Zero Trust
Merging Of Networks
Software-Defined Networking (SDN)
Infrastructure Design – Discussion
Infrastructure Design – Scenarios
Baselines & Templates & Software Assurance
Integrating Enterprise Applications
Security In The Development Lifecycle
Securing Enterprise Architecture
Authentication & Authorization – Discussion
Authentication & Authorization – Scenarios
Secure Cloud & Virtualization
Cryptography & PKI
Impact Of Emerging Technologies
Security Architecture – Key Points
SECURITY OPERATIONS
Perform Threat Management
Indicators Of Compromise & Response
Vulnerability Management Activities
Vulnerability Assessment – Methods & Tools
Analyze Vulnerabilities – Vulnerabilities
Analyze Vulnerabilities – Vulnerable Systems
Analyze Vulnerabilities – Attacks
Use Processes To Reduce Risk
Triage & Incident Response
Forensic Concepts
File Carving & Binary Analysis
Analysis Tools
Live Collection Tools
Security Operations – Key Points
SECURITY ENGINEERING AND CRYPTOGRAPHY
Managed Configurations
Deployment Scenarios
Security Considerations
Hardening Techniques
Processes
Mandatory Access Control
Trustworthy Computing
Compensating Controls
Security Considerations – Embedded
Security Considerations – ICS-SCADA
Security Considerations – Protocols
Security Considerations – Sectors
Cloud Technology – Basics
Cloud Technology – Advanced
PKI – Basics
PKI – Advanced
Hashing & Symmetric Algorithms
Asymmetric Algorithms & Protocols
Troubleshoot Cryptography – Keys
Security Engineering & Cryptography – Key Points
Troubleshoot Cryptography – Misconfigurations
GOVERNANCE, RISK, AND COMPLIANCE
Risk Assessment
Risk Handling Techniques
Risk Types
Risk Management Life Cycle
Risk Tracking
Policies And Security Practices
Shared Responsibility Model – Cloud
Performing Vendor Assessments
Technical Considerations
Data Considerations
Regulations Accreditations & Standards
Legal Considerations
Contract And Agreement Types
Business Impact Analysis (BIA)
Privacy Impact Assessment
Disaster Recovery & Business Continuity Planning
Incident Response Plan
Testing Plans
Governance, Risk & Compliance – Key Points
About Hudson
In the confusing world of e-learning, Hudson is quite simply one of the best at what they do. Why? Because they offer first-class customer service. The Hudson Learning Center puts their customers’ needs before anything else. If there’s something they can do to help you, Hudson will climb mountains to do it.
The Hudson online courses, certifications, and diplomas are highly effective, offering a whole range of features designed to get you certified faster. Some of these incredible features include video and audio based training so you can see and hear your tutor, 24/7 online tutor support, and online labs to practice your skills in a simulated environment.
Come and give Hudson a try. They’ll change the way you think about learning.