SY0-701 - CompTIA Security+: Audits, Assessments, & Awareness
A security audit is a systematic and methodical examination of an organization’s security infrastructure, policies, and procedures. The goal is to identify vulnerabilities, weaknesses, and potential threats to sensitive information assets, physical assets, and personnel. In this final course, the learner will be exposed to topics such as internal and external audit and attestation, penetration testing audits, user guidance and training, phishing campaigns, and security training monitoring and reporting. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
0.4
SY0-701 - CompTIA Security+: Audits, Assessments, & Awareness
provide an overview of internal audit and attestation, including compliance, audit committee, and self-assessments
define external audit and attestation with regulatory, examinations, assessment, and independent third-party audits
provide an overview of penetration testing, including known environment, partially known environment, unknown environment, physical, offensive, defensive, integrated, passive, and active reconnaissance
provide an overview of user guidance and training involving policy/handbooks, situational awareness, insider threats, password management, removable media and cables, social engineering, operational security, anomalous behavior recognition, and hybrid/remote work environments best practices
identify how to recognize a phishing attempt and respond to reported suspicious messages
explain security training monitoring and reporting techniques
it_cssecp23_20_enus