CompTIA Security X

Participants should have five years of IT experience, ideally with some hands-on security.

Target audience

This course is ideal for:

• Experienced IT security professionals preparing for the CompTIA SecurityX® certification
• Security architects, engineers, and analysts responsible for enterprise risk and compliance
• IT teams operating across hybrid, cloud, and legacy infrastructures

By the end of this course, learners will be able to:

• Design and implement resilient, secure system architectures across enterprise environments
• Manage governance, compliance, and threat modelling aligned to security frameworks
• Apply cryptographic and cloud security principles within secure deployment pipelines
• Monitor enterprise systems to detect threats and automate remediation
• Use threat intelligence, incident response, and root cause analysis in live scenarios
• Align enterprise security strategies with AI trends, Zero Trust, and modern compliance needs

Governance, risk, and compliance

• Security program documentation: policies, procedures, standards, and guidelines.
• Program management: training (phishing, security, privacy), communication, reporting, and RACI matrix.
• Frameworks: COBIT, ITIL, etc.
• Configuration management: asset life cycle, CMDB, and inventory.
• GRC tools: mapping, automation, and compliance tracking.
• Data governance: production, development, testing, and QA.
• Risk management: impact analysis, risk assessment (quantitative vs. qualitative), third-party risk, confidentiality, integrity, and availability.
• Threat modeling: actor characteristics, attack patterns, and frameworks (ATT&CK, CAPEC, STRIDE).
• Attack surface: architecture reviews, data flows, and trust boundaries.
• Compliance strategies: industry-specific standards (PCI DSS, ISO 27000).
• Security frameworks: NIST, CSF, CSA, and others.

Security architecture

• Cloud capabilities: CASB (API-based, proxy-based), shadow IT detection, shared responsibility model, CI/CD pipeline, Terraform, Ansible, container security, orchestration, and serverless workloads.
• Cloud data security: data exposure, leakage, remanence, insecure storage, and encryption keys.
• Cloud control strategies: proactive, detective, and preventative controls; customer-to-cloud connectivity, service integration, and continuous authorization.
• Network architecture: segmentation, micro segmentation, VPN, always-on VPN, and API integration.
• Security boundaries: asset identification, management, attestation, data perimeters, and secure zones.
• De-perimeterisation: SASE, SD-WAN, and software-defined networking.
• Zero trust concepts: defining subject-object relationships.

Security engineering

• Automation: scripting (PowerShell, Bash, Python), event triggers, IoC, cloud APIs, generative AI, containerization, patching, SOAR, and workflow automation.
• Vulnerability management: scanning, reporting, and SCAP (OVAL, XCCDF, CPE, CVE, CVSS).
• Advanced cryptography: PQC, key stretching, homomorphic encryption, forward secrecy, and hardware acceleration.
• Cryptographic use cases: data at rest, in transit, and in use; secure email, blockchain, privacy, compliance, and certificate-based authentication.
• Cryptographic techniques: tokenization, code signing, cryptographic erase, digital signatures, hashing, and symmetric/asymmetric cryptography.

Security operations

• Monitoring and data analysis: SIEM (event parsing, retention, false positives/negatives), aggregate analysis (correlation, prioritisation, trends), and behaviour baselines (network, systems, users).
• Vulnerabilities and attack surface: injection, XSS, insecure configurations, outdated software, and weak ciphers; mitigations include input validation, patching, encryption, and defence-in-depth.
• Threat hunting: internal intelligence (honeypots, UBA), external intelligence (OSINT, dark web, ISACs), TIPs, IoC sharing (STIX, TAXII), and rule-based languages (Sigma, YARA, Snort).
• Incident response: malware analysis (sandboxing, IoC extraction, code stylometry), reverse engineering, metadata analysis, data recovery, and root cause analysis.

Exams and assessments

This course prepares learners for the CompTIA SecurityX® (CVO-005) certification exam, taken post course, and included with your course booking.

• Exam format: Maximum of 90 multiple-choice and performance-based questions
• Duration: 165 minutes
• Grading: Pass/fail

Participants will also complete scenario-based labs, knowledge checks, and discussions to reinforce exam readiness. An exam voucher is included.

Hands-on learning

This course features:

• Guided labs to apply concepts in identity, network, and cloud security
• Real-world threat modelling, compliance, and automation tasks
• Group discussions on AI risks, Zero Trust, and governance practices
• Instructor-led simulations of incident response and malware forensics