CIA Triad (Confidentiality, Integrity, Availability)

Category

Home
About Us
Our Courses
- Course
- Course Filter
Why Bascombridge
- Faculty
- Events
- Blog
Contact Us

Currently Empty: ₹0.00

Continue shopping

Try for free

Home
About Us
Our Courses
- Course
- Course Filter
Why Bascombridge
- Faculty
- Events
- Blog
Contact Us

CompTIA Security+

Curriculum

20 Sections
82 Lessons
10 Weeks

Expand all sectionsCollapse all sections

Understanding Core Security Concepts
5
- 1.1
  CIA Triad (Confidentiality, Integrity, Availability)
- 1.2
  Security Posture & Risk
- 1.3
  Concepts: Least Privilege, Separation of Duties, Defense in Depth
- 1.4
  Attack Surface vs. Attack Vector
- 1.5
  Threat Modeling and Risk Analysis
Security Controls and Frameworks
4
- 2.1
  Types: Administrative, Technical, Physical
- 2.2
  Control Categories: Preventive, Detective, Corrective, Deterrent, Compensating
- 2.3
  Frameworks: NIST, ISO 27001, CIS Controls, COBIT, PCI DSS
- 2.4
  Regulatory requirements and standards mapping
Understanding Cryptography and PKI
5
- 3.1
  Cryptographic Algorithms: Symmetric, Asymmetric, Hashing
- 3.2
  Key Management, Key Exchange (Diffie-Hellman, RSA)
- 3.3
  Digital Signatures and Certificates
- 3.4
  Certificate Authorities (CA) & Public Key Infrastructure (PKI)
- 3.5
  Encryption types: At rest, In transit, End-to-End
Identifying Threat Actors and Attack Types
3
- 4.1
  Threat Actors: Script Kiddies, Hacktivists, Nation States, Insiders
- 4.2
  Types of Attacks: Phishing, MITM, DDoS, Social Engineering, Credential Stuffing
- 4.3
  Tactics, Techniques, and Procedures (TTPs)
Vulnerabilities, Exploits, and Mitigation Strategies
5
- 5.1
  Software Vulnerabilities (Buffer Overflows, Race Conditions, SQL Injection)
- 5.2
  Patch Management and Secure Coding
- 5.3
  CVE & CVSS scoring
- 5.4
  Exploit Kits and Zero-Day Exploits
- 5.5
  Mitigation: Patching, Input Validation, Firewalls
Indicators of Compromise and Malware Analysis
4
- 6.1
  IOC Examples: IPs, Hashes, URLs, Registry Keys
- 6.2
  Malware Types: Trojans, Worms, Ransomware, Adware
- 6.3
  Behaviour-based detection
- 6.4
  Sandboxing and heuristic analysis
Securing Network Architectures
4
- 7.1
  Network Zones (DMZ, Intranet, Extranet)
- 7.2
  Network Segmentation & VLANs
- 7.3
  Secure Network Design Principles
- 7.4
  Proxy, NAT, Load Balancers, VPNs
Cloud, Virtualization, and Zero Trust Security Models
4
- 8.1
  Cloud Service Models (IaaS, PaaS, SaaS)
- 8.2
  Shared Responsibility Model
- 8.3
  Virtualization Security Concerns
- 8.4
  Zero Trust Architecture: Principles, Implementation
Designing Resilient Security Architectures
4
- 9.1
  High Availability (HA), Load Balancing
- 9.2
  Redundancy: RAID, Clustering
- 9.3
  Business Continuity Planning (BCP) & Disaster Recovery (DRP)
- 9.4
  Fault Tolerance and Failover Systems
Implementing Network Security Controls
4
- 10.1
  Firewalls (Stateful vs Stateless)
- 10.2
  IDS/IPS, NIPS/NIDS
- 10.3
  Network Access Control (NAC)
- 10.4
  Port Security, Switch Hardening, ACLs
Endpoint and Mobile Device Security
4
- 11.1
  Endpoint Protection Platforms (EPP), EDR solutions
- 11.2
  MDM/MAM (Mobile Device/Application Management)
- 11.3
  BYOD policies and enforcement
- 11.4
  Secure Configuration (Baseline, Hardening)
Identity and Access Management (IAM)
4
- 12.1
  User Access Models: RBAC, ABAC, MAC, DAC
- 12.2
  Identity Federation and SSO
- 12.3
  Directory Services (LDAP, AD)
- 12.4
  Provisioning and De-provisioning
Authentication, Authorization, and Accounting (AAA)
4
- 13.1
  Authentication Methods: Passwords, Biometrics, MFA
- 13.2
  Authorization Protocols: OAuth, SAML, RADIUS
- 13.3
  Accounting/Logging Best Practices
- 13.4
  AAA in VPNs and Network Devices
Security Operations and Monitoring
4
- 14.1
  SOC Roles and Responsibilities
- 14.2
  Log Management and SIEM
- 14.3
  Use Cases and Alert Tuning
- 14.4
  Anomaly vs Signature-Based Detection
Automation, Orchestration, and Incident Response
4
- 15.1
  SOAR Platforms
- 15.2
  Playbooks and Runbooks
- 15.3
  IR Phases: Preparation, Detection, Containment, Eradication, Recovery, Lessons Learned
- 15.4
  Real-time Alerting and Automated Response
Forensics and Evidence Collection
4
- 16.1
  Chain of Custody Principles
- 16.2
  Data Acquisition Methods (Live vs Static)
- 16.3
  Volatile Data Collection (RAM, Logs)
- 16.4
  Preservation and Analysis of Artifacts
Governance, Risk Management, and Compliance
4
- 17.1
  GRC Overview and Principles
- 17.2
  Risk Management Lifecycle
- 17.3
  Compliance Standards: HIPAA, GDPR, SOX, FISMA
- 17.4
  Security Policies and Audit Logs
Vendor Risk and Third-Party Assessments
4
- 18.1
  Vendor Due Diligence & Onboarding
- 18.2
  Third-party Audit Reports (SOC 2, ISO 27001)
- 18.3
  SLAs and Security Requirements
- 18.4
  Data Sharing and Access Control
Security Awareness and Training Programs
4
- 19.1
  Phishing Simulations
- 19.2
  Role-Based Training
- 19.3
  Continuous Education Programs
- 19.4
  Gamification and Engagement Strategies
Developing and Managing Security Policies
4
- 20.1
  Types: Acceptable Use, Access Control, Data Classification, Incident Response
- 20.2
  Policy Creation Process
- 20.3
  Periodic Review and Updates
- 20.4
  Communication and Enforcement Mechanisms

This content is protected, please login and enroll in the course to view this content!

Security Posture & Risk

Lorem ipsum dolor amet consecto adi pisicing elit sed eiusm tempor incidid unt labore dolore.

Address:
4th Floor, Old, Himalaya Complex, Lake, opp. Sardar Centre, Vastrapur, Ahmedabad, Gujarat 380015
Contact Number:
+91 9376007676
+91 9558876763

Add: 4th Floor, Old, Himalaya Complex, Lake, opp. Sardar Centre, Vastrapur, Ahmedabad, Gujarat 380015
Call: +91 9376007676

+91 9558876763

Email: ranjana@bascombridge.com

Online Platform

About Us
Course
Faculty
Events

Contacts

Enter your email address to register to our newsletter subscription

Icon-facebook Icon-linkedin2 Icon-instagram Icon-twitter Icon-youtube

All third-party trademarks, service marks, logos, and trade names (collectively, “Trademarks”) displayed on this website are the registered or unregistered Trademarks of their respective owners. Their display on this website does not imply any affiliation with, endorsement by, or sponsorship from the Trademark owners to www.bascombridge.com, unless specifically stated otherwise. www.bascombridge.com acknowledges the rights of the respective Trademark owners and uses these Trademarks solely for identification purposes.

CompTIA Security+

Curriculum

Online Platform

Links

Contacts

Sign in

Sign up

Modal title