We proudly offer our expert Cybersecurity training for a wide range of public and private companies, government entities, Armed Forces, educational institutions, and individuals. We provide high-quality training delivered in an exciting, dynamic format both in person and via online tools. 

Contact us today for group training and rates. 
CompTIA – Security+
CompTIA Security+ is a global certification that validates the baseline skills you need to perform core security functions and pursue an IT security career.
 
PrerequisitesNetwork+, IT Fundamentals
 
Learning Outcomes:
  • No other certification that assesses baseline cybersecurity skills has performance-based questions on the exam. Security+ emphasizes hands-on practical skills, ensuring the security professional is better prepared to problem solve a wider variety of issues.
  • More choose Security+ for DoD 8570 compliance than any other certification.
  • Security+ focuses on the latest trends and techniques in risk management, risk mitigation, threat management and intrusion detection.
  • The new Security+ certification covers the Junior IT Auditor/Penetration Tester job role, in addition to the previous job roles for Systems Administrator, Network Administrator, and Security Administrator.
 
NICE Framework Connections:
  • Securely Provision
  • Operate and maintain
  • Protect and Defend
 
Knowledge Skills and Abilities (KSAs) Mapping: The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Specialty Area details within the interactive National Cybersecurity Workforce Framework.
  • Risk Management
  • Systems Administration
  • Vulnerability Assessment and Management

Course Outline:
  • Threats, Attacks, and Vulnerabilities
  • Tech and Tools
  • Architecture and Design
  • Identity and Access Management
  • Risk Management
  • TCP IP and OSI Model
  • Crypto and PKI

Bootcamp Includes
PLEASE NOTE:  WE PROVIDE THE SECURITY+ CERTIFICATION EXAM VOUCHER FOR THIS COURSE, BUT THE EXAM WILL NEED TO BE SCHEDULED SEPARATELY at a convenient Pearson-Vue test center. The exam voucher can be purchased through CyberProtex as part of the price or can be purchased directly through Pearson-Vue.

Exam voucher must be used (exam taken) within one year of bootcamp. 

All courses are subject to cancellation and/or rescheduling due to insufficient enrollment or unforeseen circumstances, as per CyberProtex Policy.  Additionally, if for some unforeseen reason an instructor cannot be available at any particular time, we will notify the attendees of the class as soon as possible and allow a makeup time for the missed instruction due to the instructors' absence.

Check out our YouTube Channel for Security+ Topics

Curriculum

comptia-security-sy0-601-exam-objectives-_2-0_.pdf
File Size: 197 kb
File Type: pdf
Download File
0-intro-security-sy0-601-final.pdf
File Size: 484 kb
File Type: pdf
Download File
1_-_security__sy0-601_domain_1_-_final-two-per-page.pdf
File Size: 1476 kb
File Type: pdf
Download File
2_-_security__sy0-601_domain_2_-_final---two-slides-per-page-reduced.pdf
File Size: 1443 kb
File Type: pdf
Download File
3_-_security__sy0-601_domain_3-final_-_two_per_page.pdf
File Size: 2300 kb
File Type: pdf
Download File
4_-_security__sy0-601_domain_4-final_-_two_per_page.pdf
File Size: 1629 kb
File Type: pdf
Download File
5_-_security__sy0-601_domain_5_-_final---two-slides-per-page.pdf
File Size: 765 kb
File Type: pdf
Download File

Additional Resources

hacking_wireless_networks.pdf
File Size: 23212 kb
File Type: pdf
Download File
security_studyguiderev10.pdf
File Size: 1754 kb
File Type: pdf
Download File
If you watch these videos, you WILL learn more about each of these topics.
​I suggest watching these videos @ 1.5x speed if you can’t stand my voice for any longer 😊
 
Identity and Access Management Overview 
https://youtu.be/g9BOjBTj6gg
 
Clouds - Pizza As A Service 
https://youtu.be/phZo-jssAAw
 
Network Segmentation - VLANS
https://youtu.be/6dghYSZzcF8
 
Using Smoky the Bear approach for Authorization Mechanisms – DAC, MAC, RBAC, Rule Based
https://youtu.be/-Y2FboBbgnc
 
Authentication for Dummies - EAP PEAP LEAP - YOU CHEAP 
https://youtu.be/I5UofyTDSUQ
 
ALE, SLE, ARO - Risk Management and Risk Assessment 
https://youtu.be/eMUZ8HpJ8ho

802.11 -- WEP Sucks! What types Of Wireless Encryption Should you use?
https://youtu.be/axDvGWvPbSQ
 

Security+ Bootcamp --- Videos --- September 2023

🎯 Security+ Certification 3-Week Master Plan

Let’s go from good to certified—Security+ is yours if you lock in the routine, trust the process, and out-practice the competition!

Week 1: Launch Sequence (Memorize + Build a Base)Goal: Build your flashcard arsenal and begin mastering core concepts
🎓 Daily Routine (2–3 hours/day)
  • 🧠 Memorization (2 hrs/day): Focus on terminology, acronyms, and foundational concepts
  • 📇 Flash Cards: Create or refine at least 100–150 flash cards this week
  • 📝 Practice Questions (1 hr/day): Aim for 30 quality questions/day
🚗 Automobile University
  • Listen during commute (~20 minutes/day)
    • Focus on weaker areas: VPN, Wireless, Access Controls, Firewalls
    • Suggested Channel: Professor Messer or Mike Meyers Security+ videos
📅 End-of-Week Checkpoint
  • Goal: Hit 50% or better on your practice tests
  • Milestone: Have 150 flashcards built and reviewed at least once

Week 2: Lock and Load (Test and Target Weaknesses)Goal: Reduce reliance on flashcards and start owning practice test questions
🎓 Daily Routine (2–3 hours/day)
  • 🧠 Memorization (1 hr/day): Keep reviewing your flashcards (focus on what’s tripping you up)
  • 📝 Practice Questions (2 hrs/day): Aim for 45–60 questions/day
🛠️ Sharpen Your Tools
  • Mark missed questions and create flashcards for incorrect answers
  • Start simulating exam conditions: no phones, time your sessions, no notes
📅 End-of-Week Checkpoint
  • Goal: Reach 65% or higher on average practice exams
  • Flashcards should be at 200–250 total
  • Start seeing repeat questions (that’s a good sign!)

Week 3: Cert Mode Activated (Simulate & Score High)Goal: Transition to test-day simulation and mental endurance
🎓 Daily Routine (3–3.5 hours/day)
  • 🧠 Memorization (30 mins/day): Final reviews of key flashcards
  • 📝 Practice Tests (3 hrs/day): Take full or near-full length tests
🔁 Rinse and Repeat
  • Rotate different practice platforms (MeasureUp, Pearson Vue, Professor Messer quizzes)
  • Practice performance-based questions (PBQs) — know how to apply knowledge!
📅 End-of-Week Checkpoint
  • Aim for 80–90% on final practice tests
  • Schedule your exam if you haven’t already!

🔁 Bonus – Week 4 (Optional Review Week)Goal: Final review and confidence booster before game day
  • Memorization (15 min/day): Only red-flag topics
  • Full Simulated Exam (100 questions): Treat it like game day every day
  • Mindset Training: Hydrate, rest, positive self-talk, confidence = performance

🎧 Automobile University – Daily Drive Topics👂 Listen, don’t watch. Choose one topic per day and rotate:
  • 🔒 VPNs & IPSEC
  • 🌐 Wireless Security Standards
  • 🚪 Firewalls & Proxy Configs
  • 🧑‍💼 Identity and Access Management (IAM)
  • 🧱 Network Segmentation, DMZs, and VLANs

💥 Final Tip: This Exam is Passable with Practice!Practice test questions are the key 🔑. The more you expose yourself to scenarios, the more your brain connects the dots. By week 3, you’ll recognize 80–90% of test content.
CompTIA Security+ SY0-701
Keywords & Definitions Study Guide
Domain 1: General Security Concepts (12%)
  1. Threat Actor – Any individual or group posing a threat to digital assets.
  2. Attack Vector – The method or pathway used by a threat actor to gain unauthorized access.
  3. Threat Intelligence – Collected data on current or emerging threat actors and methods.
  4. Indicators of Compromise (IOCs) – Artifacts observed on a network or system that indicate a potential intrusion.
  5. Zero-Day – A vulnerability that is exploited before a patch is available.
  6. Risk – The likelihood and impact of a threat exploiting a vulnerability.
  7. Vulnerability – A flaw or weakness in a system or network.
  8. Exploit – Code or commands that take advantage of a vulnerability.
  9. Risk Mitigation – Actions taken to reduce risk to an acceptable level.
  10. CIA Triad – Confidentiality, Integrity, Availability: the core principles of information security.
  11. Confidentiality – Ensuring only authorized parties can access data.
  12. Integrity – Ensuring that data remains accurate and unaltered.
  13. Availability – Ensuring systems and data are accessible when needed.
  14. Red Team – Offensive security professionals simulating real-world attacks.
  15. Blue Team – Defensive security professionals protecting systems from attack.
  16. Purple Team – A blend of Red and Blue Teams collaborating to improve security.
  17. Penetration Testing – Simulated attacks to find and fix vulnerabilities.
  18. Vulnerability Scan – Automated tools that identify known vulnerabilities.
  19. False Positive – An alert for a non-existent threat.
  20. Security Control – A safeguard to reduce risk (e.g., technical, administrative, physical).
Domain 2: Threats, Vulnerabilities, and Mitigations (22%)
  1. Phishing – Deceptive emails used to trick users into revealing sensitive info.
  2. Spear Phishing – A targeted phishing attack on a specific individual or organization.
  3. Whaling – Phishing that targets high-profile individuals (e.g., executives).
  4. Smishing – Phishing through SMS messages.
  5. Vishing – Voice phishing through phone calls.
  6. Social Engineering – Manipulating people into breaking security procedures.
  7. Insider Threat – A trusted individual who poses a security risk.
  8. Malware – Malicious software, such as viruses, worms, trojans, ransomware.
  9. Ransomware – Malware that encrypts data and demands payment for its return.
  10. Spyware – Software that secretly gathers user information.
  11. Adware – Displays unwanted ads, often bundled with free software.
  12. Rootkit – Software that hides the presence of malware.
  13. Botnet – A network of infected computers controlled remotely.
  14. DDoS – Distributed Denial of Service attack that floods systems with traffic.
  15. Brute Force Attack – Systematically trying passwords to gain access.
  16. Dictionary Attack – Trying known words or commonly used passwords.
  17. Rainbow Table – Precomputed hashes used to crack passwords.
  18. Keylogger – Records keystrokes to steal data.
  19. Privilege Escalation – Gaining higher access than originally authorized.
  20. Backdoor – Undocumented access method to a system.
Domain 3: Security Architecture (18%)
  1. Firewall – A device or software that filters network traffic.
  2. Stateful Firewall – Tracks the state of active connections.
  3. Stateless Firewall – Filters packets independently.
  4. Proxy Server – Intermediary server between user and the internet.
  5. VPN (Virtual Private Network) – Encrypts data between user and destination.
  6. Split Tunneling – VPN feature allowing access to both VPN and public internet.
  7. IPSec – Protocol suite for securing IP communications.
  8. TLS/SSL – Protocols for securing data in transit over the internet.
  9. Network Segmentation – Dividing a network to improve security and performance.
  10. DMZ (Demilitarized Zone) – A network area that is exposed to untrusted networks.
  11. NAT (Network Address Translation) – Translates private IPs to public IPs.
  12. Load Balancer – Distributes traffic among multiple systems.
  13. Zero Trust Architecture – “Never trust, always verify” approach to security.
  14. SIEM (Security Information and Event Management) – Collects and analyzes security events.
  15. EDR (Endpoint Detection and Response) – Monitors endpoint activity for threats.
  16. NAC (Network Access Control) – Restricts access based on device compliance.
  17. UEBA (User and Entity Behavior Analytics) – Detects anomalies in user behavior.
  18. WAF (Web Application Firewall) – Protects web applications by filtering HTTP traffic.
  19. CASB (Cloud Access Security Broker) – Enforces security policies across cloud apps.
  20. Honeypot – A decoy system used to lure attackers.
Domain 4: Security Operations (28%)
  1. Incident Response – Steps to manage and recover from a security incident.
  2. SOAR (Security Orchestration, Automation, and Response) – Automates incident response.
  3. Forensics – Collecting and analyzing digital evidence.
  4. Chain of Custody – Documentation of evidence handling.
  5. Snapshot – A point-in-time copy of system state for recovery or analysis.
  6. SIEM Alerts – Automated notifications from monitoring tools.
  7. Playbook – Predefined response procedures for specific incidents.
  8. Runbook – Step-by-step instructions for operations or remediation tasks.
  9. Containment – Isolating affected systems to prevent spread.
  10. Eradication – Removing the cause of an incident.
  11. Recovery – Restoring systems to normal operations.
  12. Post-Incident Review – Analysis conducted after resolving an incident.
  13. Patch Management – Regularly updating systems to fix vulnerabilities.
  14. Change Management – Controlled changes to IT systems.
  15. Configuration Management – Maintaining consistency of system settings.
  16. Asset Management – Tracking IT assets to ensure visibility and protection.
  17. Baseline Configuration – A standard system setup for security reference.
  18. Secure Boot – Ensures a device boots using only trusted software.
  19. Application Whitelisting – Only approved apps can run on a system.
  20. Data Loss Prevention (DLP) – Detects and prevents unauthorized data transmission.
Domain 5: Governance, Risk, and Compliance (20%)
  1. Compliance – Adhering to laws, regulations, and policies.
  2. Governance – Strategic direction and oversight of security practices.
  3. NIST CSF – A framework for improving critical infrastructure cybersecurity.
  4. NIST 800-53 – Catalog of security and privacy controls.
  5. NIST 800-171 – Requirements for protecting CUI in nonfederal systems.
  6. ISO 27001 – International standard for information security management.
  7. HIPAA – U.S. regulation for protecting health information.
  8. PCI DSS – Security standard for credit card data.
  9. GDPR – European regulation for data privacy and protection.
  10. CMMC – Cybersecurity Maturity Model Certification for DoD contractors.
  11. Data Classification – Labeling data based on sensitivity and impact.
  12. Retention Policy – Rules for how long data must be stored.
  13. Acceptable Use Policy (AUP) – Rules for employee use of IT systems.
  14. Least Privilege – Giving users the minimum access needed.
  15. Separation of Duties – Dividing responsibilities to reduce fraud or error.
  16. Security Awareness Training – Educating users on security best practices.
  17. Audit Trail – Logs that provide a history of activity for accountability.
  18. Risk Assessment – Identifying and evaluating potential threats.
  19. Business Continuity Plan (BCP) – Ensures critical functions continue during disruption.
  20. Disaster Recovery Plan (DRP) – Procedures to restore systems after an incident.
CyberProtex, LLC - 2012-2025

[email protected]

256-401-7072