Objective:
- Students will be able to analyze how logs can be used to support an investigation.
Standards:
CompTIA Security+ SYO-701 Objective:
4.9 – Given a scenario, use data sources to support an investigation
- Log data
- Firewall logs
- Application logs
- Endpoint logs
- OS-specific security logs
- IPS/IDS logs
- Network logs
- Metadata
- Data sources
- Vulnerability scans
- Automated reports
- Dashboards
- Packet captures
Guiding Question:
How can logs be used to support an investigation?
Resources:
- Lesson 4.8.1 – Incident Response.pptx Presentation available on Google Classroom
Assignment:
- Read the Lesson 4.9.1 – Logs.pptx presentation in today’s class.
- Complete the Unit 3 – Logs Check for Understanding activity using the materials provided in Google Classroom.
- Complete the Lab – Metadata.pptx Activity in class using the materials provided in Google Classroom.
- To confirm completion the lab activity, upload a screenshot displaying the metadata displayed when using exiftool on the target image file to today’s Google Classroom post.
Assigned: January 13th, 2026
Teacher Pacing Due Date: January 14th, 2026
Objective:
- Students will be able to investigate common incident response activities.
Standards:
CompTIA Security+ SYO-701 Objective:
4.8 – Explain appropriate incident response activities
- Process
- Preparation
- Detection
- Analysis
- Containment
- Eradication
- Recovery
- Lessons learned
- Training
- Testing
- Tabletop exercise
- Simulation
- Root cause analysis
- Threat hunting
- Digital forensics
- Legal hold
- Chain of custody
- Acquisition
- Reporting
- Preservation
- E-discovery
Guiding Question:
What are some common incident response activities?
Resources:
- Lesson 4.8.1 – Incident Response.pptx Presentation available on Google Classroom
Assignment:
- Read the Lesson 4.8.1 – Incident Response.pptx presentation in today’s class.
- Complete the Unit 3 – Incident Response Check for Understanding activity using the materials provided in Google Classroom.
- Complete the Lab – Cuckoo.pptx Activity in class using the materials provided in Google Classroom.
- To confirm completion the lab activity, upload a screenshot displaying the results of your Cuckoo analysis identifying the malware file to today’s Google Classroom post.
Assigned: January 12th, 2026
Teacher Pacing Due Date: January 13th, 2026
Objective:
- Students will be able to explain the importance of automation and orchestration in secure operations.
Standards:
CompTIA Security+ SYO-701 Objective:
4.7 – Explain the importance of automation and orchestration related to secure operations.
- Use cases of automation and scripting
- User provisioning
- Resource provisioning
- Guard rails
- Security groups
- Ticket creation
- Escalation
- Enabling/disabling services and access
- Continuous integration and testing
- Integrations and Applications programming interfaces (APIs)
- Benefits
- Efficiency/time saving
- Enforcing baselines
- Standard infrastructure configurations
- Scaling in a secure manner
- Employee retention
- Reaction time
- Workforce multiplier
- Other considerations
- Complexity
- Cost
- Single point of failure
- Technical debt
- Ongoing supportability
Guiding Question:
What is the importance of automation and orchestration in secure operations?
Resources:
- Lesson 4.7.1 – Scripting and Automation.pptx Presentation available on Google Classroom
Assignment:
- Read the 4.7.1 – Scripting and Automation.pptx presentation in today’s class.
- Complete the Unit 3 – Scripting and Automation Check for Understanding activity using the materials provided in Google Classroom.
Assigned: January 9th, 2026
Teacher Pacing Due Date: January 12th, 2026
Objective:
- Students will investigate common methods to manage access.
Standards:
CompTIA Security+ SYO-701 Objective:
4.6 – Given a scenario, implement and maintain identity and access management
- Provisioning/de-provisioning user accounts
- Permission assignments and implications
- Identity proofing
- Federation
- Single sign-on (SSO)
- Lightweight Directory Access Protocol (LDAP)
- Open authorization (OAuth)
- Security Assertions Markup Language (SAML)
- Interoperability
- Attestation
- Access controls
- Mandatory
- Discretionary
- Role-based
- Rule-based
- Attribute-based
- Time-of-day restrictions
- Least privilege
- Privileged access management tools
- Just-in-time permissions
- Password vaulting
- Ephemeral credentials
Guiding Question:
What are some common methods to manage access?
Resources:
Assignment:
- Read the Lesson 4.6.1 – Access Management.pptx presentation in today’s class.
- Complete the Unit 3 – Access Management Check for Understanding activity using the materials provided in Google Classroom.
- Complete the Case Study – Quantum Cryptography.pdf Activity in class using the materials provided in Google Classroom.
Assigned: December 9th, 2025
Teacher Pacing Due Date: December 10th, 2025
Objective:
- Students will be able to analyze common architecture and infrastructure concepts.
Standards:
CompTIA Security+ SYO-701 Objective:
4.1 – Given a scenario, apply common security techniques to computing
- Secure baselines
- Establish
- Deploy
- Maintain
- Hardening targets
- Mobile devices
- Workstations
- Switches
- Routers
- Cloud infrastructure
- Servers
- ICS/SCADA
- Embedded Systems
- RTOS
- IoT devices
Guiding Question:
What are common methods to secure baselines and harden targets?
Resources:
- 4.1.1 – Hardening Targets and Secure Baselines.pptx Presentation available on Google Classroom
Assignment:
- Read the 4.1.1 – Hardening Targets and Secure Baselines.pptx presentation in today’s class.
- Complete the Unit 3 – Hardening Targets and Secure Baselines Check for Understanding activity using the materials provided in Google Classroom.
Assigned: January 7th, 2026
Teacher Pacing Due Date: January 8th, 2026
Objective:
- Students will be able to analyze common architecture and infrastructure concepts.
Standards:
CompTIA Security+ SYO-701 Objective:
3.1 – Compare and contrast security implications of different architecture models
- Architecture and infrastructure concepts
- Cloud
- Responsibility matrix
- Hybrid considerations
- Third-party vendors
- Infrastructure as code (IaC)
- Serverless
- Microservices
- Network infrastructure
- Physical isolation
- Logical segmentation
- Software-defined networking (SDN)
- On-premises
- Centralized vs. decentralized
- Containerization
- Virtualization
- IoT
- Industrial control systems (ICS)/supervisory control and data acquisition (SCADA)
- Real-time operating system (RTOS)
- Embedded systems
- High availability
Guiding Question:
What are common architecture and infrastructure concepts?
Resources:
- 3.1.1 – Architecture and Infrastructure Concepts.pptx Presentation available on Google Classroom
Assignment:
- Read the 3.1.1 – Architecture and Infrastructure Concepts.pptx presentation in today’s class.
- Complete the Unit 3 – Architecture and Infrastructure Concepts Check for Understanding activity using the materials provided in Google Classroom.
- Next, complete the Case Study – Specialized Systems Vulnerabilities Activity using the document and Form posted in the Google Classroom.
- Please do your best to complete the Case Study by end of day on Wednesday, January 7th.
Assigned: January 6th, 2026
Teacher Pacing Due Date: January 7th, 2026
Objective:
- Students will be able to explain the purpose of mitigation techniques used to secure the enterprise.
Standards:
CompTIA Security+ SYO-701 Objective:
2.5 – Explain the purpose of mitigation techniques used to secure the enterprise
- Segmentation
- Access control
- Access control list (ACL)
- Permissions
- Application allow list
- Isolation
- Patching
- Encryption
- Monitoring
- Least privilege
- Configuration enforcement
- Decommissioning
Guiding Question:
What are common mitigation techniques that can be used to secure the enterprise?
Resources:
- Lesson 2.5.1 – Mitigation Techniques.pptx Presentation available on Google Classroom
Assignment:
- Read the Lesson 2.5.1 – Mitigation Techniques.pptx presentation in today’s class.
- Complete the Unit 3 – Mitigation Techniques activity using the materials provided in Google Classroom.
Assigned: January 5th, 2025
Teacher Pacing Due Date: January 6th, 2025
Objective:
- Students will be able to implement secure network designs.
Standards:
CompTIA Security+ SYO-701 Objective:
3.2 – Given a scenario, apply security principles to secure enterprise infrastructure
- Infrastructure considerations
- Network Appliances
- Jump Server
- Proxy Server
- Intrusion Prevention System (IPS)/Intrusion Detection System (IDS)
- Load balancer
- Sensors
Guiding Question:
How are network appliances secured?
Resources:
- Lesson 3.2.2 – Network Appliances.pptx Presentation available on Google Classroom
Assignment:
- Read the Lesson 3.2.2 – Network Appliances.pptx presentation in today’s class.
- Complete the Unit 3 – Network Appliances activity using the materials provided in Google Classroom.
Assigned: December 12th, 2025
Teacher Pacing Due Date: December 15th, 2025
Objective:
- Students will investigate common methods to enhance enterprise security with Firewalls, IDS/IPS devices and Web Filtering.
Standards:
CompTIA Security+ SYO-701 Objective:
4.5 – Given a scenario, modify enterprise capabilities to enhance security
- Firewalls
- Rules
- Access lists
- Ports/protocols
- Screened subnets
- IDS/IPS
- Web filter
- Agent-based
- Centralized proxy
- Universal Resource Locator (URL) scanning
- Content categorization
- Block rules
- Reputation
Guiding Question:
What is the best way to secure an organization’s infrastructure?
Resources:
- Lesson 4.5.3 – Endpoint – Firewall, IDS/IPS & Web Filter.pptx Presentation available on Google Classroom
Assignment:
- Read the Lesson 4.5.3 – Endpoint – Firewall, IDS/IPS & Web Filter.pptx presentation in today’s class.
- Complete the Unit 3 – Endpoint Firewall, IDS, and Web Filter activity using the materials provided in Google Classroom.
Assigned: December 11th, 2025
Teacher Pacing Due Date: December 12th, 2025
Objective:
- Students will compare various types of infrastructure security systems.
Standards:
CompTIA Security+ SYO-701 Objective:
3.2 – Given a scenario, apply security principles to secure enterprise infrastructure
- Infrastructure considerations
- Device placement
- Security zones
- Attack surface
- Connectivity
- Failure modes
- Device attribute
- Active vs passive
- Inline vs tap/monitor
- Port security
- 802.1X
- Extensible Authentication Protocol (EAP)
- Firewall types
- Web application firewall (WAF)
- Unified threat management (UTM)
- Next-generation firewall (NGFW)
- Layer 4/Layer 7
Guiding Question:
What is the best way to secure an organization’s infrastructure?
Resources:
- Lesson 3.2.1 – Infrastructure Considerations.pptx Presentation available on Google Classroom
Assignment:
- Read the Lesson 3.2.1 – Infrastructure Considerations.pptx presentation in today’s class.
- Complete the Unit 3 – Infrastructure Considerations activity using the materials provided in Google Classroom.
Assigned: December 10th, 2025
Teacher Pacing Due Date: December 11th, 2025
It's dangerous to go alone!
