Transcription
TestOut Security Pro – English 7.0.xObjective Mappings:TestOut Security ProCompTIA Security SY0-601zRevised:2021-08-12yyyy/mm/dd
Objective Mappings — TestOut Security Pro – English 7.0.x2ContentsThis document contains four objective mappings. Click on a mapping to view its contents.Objective Mapping: LabSim Section to TestOut Security Pro Objective . 3Objective Mapping: TestOut Security Pro Objective to LabSim Section . 11Objective Mapping: LabSim Section to CompTIA SY0-601 Objective . 14Objective Mapping: CompTIA SY0-601 Objective to LabSim Section . 83Copyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x3Objective Mapping: LabSim Section to TestOut Security Pro ObjectiveSectionTitle1.0Introduction1.1Security Overview1.2Defense Planning1.3Using the Simulator2.0Threats, Attacks, and Vulnerabilities2.1Understanding Attacks2.2MalwareTestOut Security Pro Objectives3.1 Harden Computer Systems 3.1.2 Configure Anti-virus Protection2.3Social Engineering5.2 Assessment Techniques Assessment Techniques 5.2.2 Identify Social Engineering2.4Vulnerability Concerns3.0Physical3.1Physical Threats2.1 Harden Physical Access 2.1.1 Implement Physical Security3.2Device and Network Protection3.3Environmental Controls4.0Networks and Hosts Design and DiagnosisCopyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x4.1Manageable Network Plan4.2Windows System Hardening3.1 Harden Computer Systems 4.3File Server Security43.1.1 Configure File system Inheritance3.1.2 Configure Anti-virus Protection3.1.3 Configure NTFS Permissions3.1.4 Configure Windows Update3.1 Harden Computer Systems 3.1.1 Configure File system Inheritance 3.1.3 Configure NTFS Permissions4.4Linux Host Security5.0Devices and Infrastructure5.1Security Appliances2.1 Harden Physical Access 2.1.2 Install and Configure a Security Appliance 2.1.4 Create and Configure a Demilitarized Zone (DMZ)5.2Demilitarized Zones2.1 Harden Physical Access 2.1.4 Create and Configure a Demilitarized Zone (DMZ)5.3Firewalls2.1 Harden Physical Access 2.1.3 Install and Configure a Firewall5.4Network Address Translation2.1 Harden Physical Access 2.1.5 Configure Network Address Translation (NAT)5.5Virtual Private Networks2.2 Harden Network Devices 2.2.3 Configure and Access a Virtual Private Network (VPN) 2.2.4 Harden a Wireless NetworkCopyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x5.6Web Threat Protection53.2 Implement Application Defenses 3.2.3 Configure Web Application Security 3.2.4 Configure Email Filters and Settings5.7Network Access Control5.8Network Threats5.9Network Device Vulnerabilities2.2 Harden Network Devices 2.2.1 Configure and Access a Switch5.10Network Applications5.11Switch Security and Attacks2.1 Harden Physical Access 2.1.1 Implement Physical Security2.2 Harden Network Devices 2.2.1 Configure and Access a Switch5.12Using VLANs2.2 Harden Network Devices 2.2.7 Create and Connect to a Virtual Local Area Network (VLAN)5.13Router Security2.2 Harden Network Devices 2.2.5 Configure Router Security6.0Identity, Access, and Account Management6.1Access Control Models6.2Authentication6.3Authorization6.4Windows User ManagementCopyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x6.5Active Directory Overview61.1 Manage Identity 1.1.1 Manage Windows Local and Domain Users and Groups 1.1.3 Manage Active Directory OUs1.2 Harden Authentication 1.2.5 Configure and Link Group Policy Objects (GPO)6.6Hardening Authentication1.2 Harden Authentication 6.7Linux Users1.2.1 Configure Account Policies1.2.3 Secure Default and local accounts1.2.4 Enforce User Account Control (UAC)1.2.5 Configure and Link Group Policy Objects (GPO)1.1 Manage Identity 1.1.2 Manage Linux Users and Groups1.2 Harden Authentication 1.2.2 Manage account password6.8Linux Groups1.1 Manage Identity 1.1.2 Manage Linux Users and Groups6.9Remote Access6.10Network Authentication1.2 Harden Authentication 1.2.5 Configure and Link Group Policy Objects (GPO)Copyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x7.0Cryptography and PKI7.1Cryptography74.2 Implement Encryption Technologies 4.2.1 Encrypt Data Communications7.2Cryptography Implementations7.3Hashing4.2 Implement Encryption Technologies 4.2.1 Encrypt Data Communications7.4File Encryption4.2 Implement Encryption Technologies 4.2.2 Encrypt Files7.5Public Key Infrastructure4.2 Implement Encryption Technologies 4.2.3 Manage Certificates8.0Wireless Threats8.1Wireless Overview2.2 Harden Network Devices 2.2.2 Configure and Access a Wireless Network8.2Wireless Attacks2.2 Harden Network Devices 2.2.2 Configure and Access a Wireless Network8.3Wireless Defenses2.2 Harden Network Devices 2.2.4 Harden a Wireless Network9.0Virtualization, Cloud Security, and Securing Mobile Devices9.1Host Virtualization3.3 Implement Virtualization 3.3.1 Create Virtual MachinesCopyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x9.2Virtual Networking83.3 Implement Virtualization 3.3.2 Create Virtual Switches9.3Software-Defined Networking9.4Cloud Services9.5Cloud Security9.6Mobile Devices9.7Mobile Device Management9.8BYOD Security2.2 Harden Network Devices 2.2.6 Bring Your Own Device (BYOD) Security9.9Embedded and Specialized Systems10.0Securing Data and Applications10.1Data Transmission Security3.2 Implement Application Defenses 3.2.3 Configure Web Application Security10.2Data Loss Prevention10.3Web Application Attacks3.2 Implement Application Defenses 3.2.3 Configure Web Application Security10.4Application Development and Security3.2 Implement Application Defenses 3.2.1 Implement Application Whitelisting 3.2.2 Implement Data Execution Prevention (DEP)11.0Security Assessments11.1Penetration Testing11.2Monitoring and ReconnaissanceCopyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x11.3Intrusion Detection95.2 Assessment Techniques Assessment Techniques 5.2.1 Implement Intrusion Detection11.4Security Assessment Techniques5.2 Assessment Techniques Assessment Techniques 5.2.3 Scan for Vulnerabilities11.5Protocol Analyzers11.6Analyzing Network Attacks5.2 Assessment Techniques Assessment Techniques 5.2.4 Analyze Network Attacks11.7Password Attacks5.2 Assessment Techniques Assessment Techniques 5.2.5 Analyze Password Attacks12.0Incident Response, Forensics, and Recovery12.1Incident Response12.2Mitigation of an Incident12.3Log Management12.4Windows Logging12.5Digital Forensics12.6File and Packet Manipulation12.7Redundancy4.1 Protect and Maintain Data files 4.1.1 Perform data backups and recovery12.8Backup and Restore4.1 Protect and Maintain Data files 4.1.1 Perform data backups and recoveryCopyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x13.0Risk Management13.1Organizational Security Policies13.2Risk Management13.3Email103.2 Implement Application Defenses 3.2.4 Configure Email Filters and Settings14.0Governance and Compliance14.1Audits5.1 Implement Logging and Auditing 5.1.1 Configure Advanced Audit Policy 5.1.2 Enable Device Logs14.2Controls and Frameworks14.3Sensitive Data and PrivacyA.0TestOut Security Pro - Practice ExamsA.1Prepare for TestOut Security Pro CertificationA.2TestOut Security Pro Domain ReviewB.0CompTIA Security SY0-601 - Practice ExamsB.1Prepare for CompTIA Security SY0-601 CertificationB.2CompTIA Security Domain Review (20 Questions)B.3CompTIA Security Domain Review (All Questions)Copyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x11Objective Mapping: TestOut Security Pro Objective to LabSim Section#DomainModule.Section1.0Identity Management and Authentication1.1Manage Identity6.5, 6.7, 6.81.1.1 Manage Windows Local and Domain Users and Groups1.1.2 Manage Linux Users and Groups1.1.3 Manage Active Directory OUs1.2Harden Authentication6.5, 6.6, 6.7, 6.101.2.1 Configure Account Policies1.2.2 Manage account password1.2.3 Secure Default and local accounts1.2.4 Enforce User Account Control (UAC)1.2.5 Configure and Link Group Policy Objects (GPO)2.0Physical and Network Security2.1Harden Physical Access3.15.1, 5.2, 5.3, 5.4, 5.112.1.1 Implement Physical Security2.1.2 Install and Configure a Security Appliance2.1.3 Install and Configure a Firewall2.1.4 Create and Configure a Demilitarized Zone (DMZ)2.1.5 Configure Network Address Translation (NAT)2.2Harden Network Devices2.2.1 Configure and Access a Switch2.2.2 Configure and Access a Wireless Network2.2.3 Configure and Access a Virtual Private Network (VPN)5.5, 5.9, 5.11, 5.12, 5.138.1, 8.2, 8.39.8Copyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x122.2.4 Harden a Wireless Network2.2.5 Configure Router Security2.2.6 Bring Your Own Device (BYOD) Security2.2.7 Create and Connect to a Virtual Local Area Network (VLAN)3.0Host and Application Defense3.1Harden Computer Systems2.24.2, 4.33.1.1 Configure File system Inheritance3.1.2 Configure Anti-virus Protection3.1.3 Configure NTFS Permissions3.1.4 Configure Windows Update3.2Implement Application Defenses3.2.1 Implement Application Whitelisting3.2.2 Implement Data Execution Prevention (DEP)3.2.3 Configure Web Application Security3.2.4 Configure Email Filters and Settings3.2.5 Configure Browser Settings3.3Implement Virtualization5.610.1, 10.3, 10.413.39.1, 9.23.3.1 Create Virtual Machines3.3.2 Create Virtual Switches4.0Data Security4.1Protect and Maintain Data files12.7, 12.84.1.1 Perform data backups and recovery4.1.2 Implement redundancyCopyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x4.2Implement Encryption Technologies137.1, 7.3, 7.4, 7.54.2.1 Encrypt Data Communications4.2.2 Encrypt Files4.2.3 Manage Certificates5.0Audit and Security Assessment5.1Implement Logging and Auditing14.15.1.1 Configure Advanced Audit Policy5.1.2 Enable Device Logs5.2 Assessment TechniquesAssessment Techniques2.311.3, 11.4, 11.6, 11.75.2.1 Implement Intrusion Detection5.2.2 Identify Social Engineering5.2.3 Scan for Vulnerabilities5.2.4 Analyze Network Attacks5.2.5 Analyze Password AttacksCopyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x14Objective Mapping: LabSim Section to CompTIA SY0-601 ObjectiveSectionTitle1.0Introduction1.1Security OverviewObjectives1.5 Explain different threat actors, vectors, and intelligence sources. 1.5.1 - Actors and threats1.5.1.2 - Insider threats 1.5.2 - Attributes of actors1.5.2.1 - Internal/external 1.5.5 - Research sources1.5.5.8 - Threat feeds1.6 Explain the security concerns associated with various types of vulnerabilities. 1.6.1 - Cloud-based vs. on-premises vulnerabilities2.8 Summarize the basics of cryptographic concepts. 2.8.19 - Common use cases2.8.19.8 - Supporting non-repudiation4.5 Explain the key aspects of digital forensics. 4.5.4 - IntegrityCopyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x154.5.4.1 - Hashing5.4 Summarize risk management processes and concepts. 5.4.1 - Risk types5.4.1.2 - Internal5.5 Explain privacy and sensitive data concepts in relation to security. 5.5.3 - Data types5.5.3.1.4 - Classifications - Confidential1.2Defense Planning1.1 Compare and contrast different types of social engineering techniques. 1.1.1 - Phishing1.5 Explain different threat actors, vectors, and intelligence sources. 1.5.1 - Actors and threats1.5.1.2 - Insider threats1.8 Explain the techniques used in penetration testing. 1.8.1 - Penetration testing3.2 Given a scenario, implement host or application security solutions. 3.2.4 - Application securityCopyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x163.4 Given a scenario, install and configure wireless security settings. 3.4.1 - Cryptographic protocols4.4 Given an incident, apply mitigation techniques or controls to secure an environment. 4.4.2 - Configuration changes4.4.2.1 - Firewall rules5.3 Explain the importance of policies to organizational security. 5.3.1 - Personnel5.3.1.1 - Acceptable use policy5.3.1.6 - Clean desk space1.3Using the Simulator2.0Threats, Attacks, and Vulnerabilities2.1Understanding Attacks1.1 Compare and contrast different types of social engineering techniques. 1.1.17 - Reconnaissance1.5 Explain different threat actors, vectors, and intelligence sources. 1.5.1 - Actors and threats1.5.1.1 - Advanced persistent threat (APT)1.5.1.2 - Insider threats1.5.1.3 - State actors1.5.1.4 - Hacktivists1.5.1.5 - Script kiddies1.5.1.6 - Criminal syndicatesCopyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x171.5.1.7.1 - Hackers - White hat1.5.1.7.2 - Hackers - Black hat1.5.1.7.3 - Hackers - Gray hat1.5.1.8 - Shadow IT1.5.1.9 - Competitors 1.5.2 - Attributes of actors1.5.2.1 - Internal/external1.5.2.2 - Level of sophistication/capability1.5.2.3 - Resources/funding1.5.2.4 - Intent/motivation 1.5.4 - Threat intelligence sources1.5.4.1 - Open source intelligence (OSINT)5.3 Explain the importance of policies to organizational security. 5.3.1 - Personnel5.3.1.5 - Least privilege2.2Malware1.2 Given a scenario, analyze potential indicators to determine the type of attack. 1.2.1 - Malware1.2.1.1 - Ransomware1.2.1.2 - Trojans1.2.1.3 - Worms1.2.1.4 - Potentially unwanted programs (PUPs)1.2.1.5 - Fileless virus1.2.1.6 - Command and control1.2.1.7 - Bots1.2.1.8 - Crypto malware1.2.1.9 - Logic bombsCopyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x181.2.1.10 - Spyware1.2.1.11 - Keyloggers1.2.1.12 - Remote access Trojan (RAT)1.2.1.13 - Rootkit1.2.1.14 - Backdoor2.3Social Engineering1.1 Compare and contrast different types of social engineering techniques. 1.1.1 - Phishing1.1.2 - Smishing1.1.3 - Vishing1.1.4 - Spam1.1.5 - Spam over Internet messaging (SPIM)1.1.6 - Spear phishing1.1.7 - Dumpster diving1.1.8 - Shoulder surfing1.1.9 - Pharming1.1.10 - Tailgating1.1.11 - Eliciting information1.1.12 - Whaling1.1.13 - Prepending1.1.14 - Identity fraud1.1.15 - Invoice scams1.1.16 - Credential harvesting1.1.17 - Reconnaissance1.1.18 - Hoax1.1.19 - Impersonation1.1.20 - Watering hole attack1.1.21 - Typo squatting1.1.22 - Influence campaigns1.1.22.1 - Hybrid warfare1.1.22.2 - Social media 1.1.23 - Principles (reasons for effectiveness)Copyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x191.1.23.1 - Authority1.1.23.2 - Intimidation1.1.23.3 - Consensus1.1.23.4 - Scarcity1.1.23.5 - Familiarity1.1.23.6 - Trust1.1.23.7 - Urgency1.5 Explain different threat actors, vectors, and intelligence sources. 1.5.1 - Actors and threats1.5.1.2 - Insider threats1.5.1.4 - Hacktivists1.5.1.5 - Script kiddies2.4Vulnerability Concerns1.2 Given a scenario, analyze potential indicators to determine the type of attack. 1.2.5 - Supply-chain attacks1.3 Given a scenario, analyze potential indicators associated with application attacks. 1.3.1 - Privilege escalation1.6 Explain the security concerns associated with various types of vulnerabilities. 1.6.1 - Cloud-based vs. on-premises vulnerabilities 1.6.2 - Zero-day 1.6.3 - Weak configurations1.6.3.1 - Open permissions1.6.3.2 - Unsecured root accounts1.6.3.3 - Errors1.6.3.4 - Weak encryption1.6.3.5 - Unsecure protocolsCopyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x201.6.3.6 - Default settings1.6.3.7 - Open ports and services 1.6.4 - Third-party risks1.6.4.1.1 - Vendor management - System integration1.6.4.1.2 - Vendor management - Lack of vendor support1.6.4.2 - Supply chain1.6.4.3 - Outsourced code development1.6.4.4 - Data storage 1.6.5 - Improper or weak patch management1.6.5.1 - Firmware1.6.5.2 - Operating system (OS)1.6.5.3 - Applications 1.6.6 - Legacy platforms 1.6.6 - Impacts1.6.6.1 - Data loss1.6.6.2 - Data breaches1.6.6.3 - Data exfiltration1.6.6.4 - Identity theft1.6.6.5 - Financial1.6.6.6 - Reputation1.6.6.7 - Availability loss5.1 Compare and contrast various types of controls. 5.1.2 - Control type5.1.2.6 - Physical5.4 Summarize risk management processes and concepts.Copyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x21 5.4.3 - Risk analysis5.4.3.6 - Inherent risk3.0Physical3.1Physical Threats2.7 Explain the importance of physical security controls. 2.7.1 - Bollards/barricades2.7.2 - Mantraps2.7.3 - Badges2.7.4 - Alarms2.7.5 - Signage2.7.6 - Cameras2.7.6.1 - Motion recognition2.7.6.2 - Object detection 2.7.7 - Closed-circuit television (CCTV) 2.7.8 - Industrial camouflage 2.7.9 - Personnel2.7.9.1 - Guards2.7.9.2 - Robot sentries2.7.9.3 - Reception2.7.9.4 - Two-person integrity/control 2.7.10 - Locks2.7.10.1 - Biometrics 2.7.11 - USB data blocker2.7.12 - Lighting2.7.13 - Fencing2.7.16 - Drones/UAV2.7.17 - Visitor logsCopyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x22 2.7.18 - Faraday cages 2.7.19 - Air gap 2.7.20 - Demilitarized zone (DMZ)3.7 Given a scenario, implement identity and account management controls. 3.7.1 - Identity3.7.1.6 - Smart cards4.2 Summarize the importance of policies, processes, and procedures for incidentresponse. 4.2.2 - Incident response process4.2.2.5 - Recovery3.2Device and Network Protection1.2 Given a scenario, analyze potential indicators to determine the type of attack. 1.2.3 - Physical attacks1.2.3.1 - Malicious universal serial bus (USB) cable1.2.3.2 - Malicious flash drive1.2.3.3 - Card cloning1.2.3.4 - Skimming2.7 Explain the importance of physical security controls. 2.7.10 - Locks2.7.10.1 - Biometrics2.7.10.2 - Electronic2.7.10.3 - Physical2.7.10.4 - Cable locksCopyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Microsoft. Cisco and CCNA are the trademarks of Cisco. Certified Ethical Hacker and CEH are the trademarks of the EC-Council.TestOut has no affiliation with any of these companies and the products and services advertised herein are not endorsed by any of them.
Objective Mappings — TestOut Security Pro – English 7.0.x23 2.7.11 - USB data blocker 2.7.15 - Sensors2.7.15.1 - Motion detection2.7.15.2 - Noise detection2.7.15.3 - Proximity reader2.7.15.4 - Moisture detection2.7.15.5 - Cards2.7.15.6 - Temperature 3.3Environmental Controls2.7.18 - Faraday cages2.7.19 - Air gap2.7.20 - Demilitarized zone (DMZ)2.7.21 - Protected cable distribution2.7.23 - Secure data destruction2.5 Given a scenario, implement cybersecurity resilience. 2.5.1 - Redundancy2.5.1.4.1 - Power - Uninterruptible power supply (UPS)2.7 Explain the importance of physical security controls. 2.7.14 - Fire suppression 2.7.15 - Sensors2.7.15.2 - Noise detection2.7.15.4 - Moisture detection2.7.15.6 - Temperature 2.7.22 - Secure areas2.7.22.1 - Air gap2.7.22.2 - Vault2.7.22.3 - Safe2.7.22.4 - Hot aisleCopyright 2021 TestOut Corporation. CompTIA, A , Network , Security , Linux , IT Fundamentals, Cybersecurity Analyst (CySA ), and related trademarks and trade names are the trademarks of CompTIA.Microsoft, MCITP, MSCA, MCTS, Office, and Windows are the trademarks of Micros
z Objective Mappings: TestOut Security Pro CompTIA Security SY0-601 TestOut Security Pro - English 7.0.x Revised: 2021-08-12 yyyy/mm/dd
