Security+
Days 5 Code S300
CompTIA Security+ validates knowledge of communication security, infrastructure security, cryptography, operational security, and general security concepts.
Course Details
CompTIA Security+ is aimed at IT professionals with job roles such as security architect, security engineer, security consultant/specialist, information assurance technician, security administrator, systems administrator and network administrator.
Objectives
On course completion, students will be able to:
-
Identify network attack strategies and defenses.
-
Know the technologies and uses of encryption standards and products.
-
Describe how remote access security is enforced.
-
Identify strategies for ensuring business continuity, fault tolerance, and disaster recovery.
-
Understand the principles of organizational security and the elements of effective security policies.
-
Identify network- and host-based security technologies and practices.
-
Describe the standards and products used to enforce security on web and communications technologies.
Certification
This course will prepare students to take the SY0-301 CompTIA Security+ Certification exam, for the objectives released in April 2011. This course is pending approval through the CompTIA Authorized Quality Curriculum program.
CompTIA Security+ Certification has been created as a benchmark for entry-level security skills. Major corporations such as Sun, IBM/Tivoli Software Group, Symantec, Motorola, Hitachi Electronics Services and VeriSign value the CompTIA Security+ certification and recommend or require it of their IT employees.
Prerequisites
Students should meet the following criteria prior to taking the course:
-
Recommended that students have taken CompTIA Network+ certification course and exam, together with 24 months experience of networking support/IT administration
-
Able to use Windows to create and manage files and use basic administrative features (Explorer, Control Panel and Management Consoles)
-
Understand TCP/IP addressing, core protocols and troubleshooting tools
-
Know the function and basic features of PC components
-
Know basic network terminology and functions (such as OSI Model, toplogy, Ethernet, TCP/IP, switches and touters)
Course Outline
-
Module 1 – Security Threats and Controls
Security Controls Why is Security Important? • Security Policy • Security Controls • Identification • Authentication • Authorization • Basic Authorization Policies • Accounting
Threats and Attacks • Vulnerability, Threat, and Risk • Social Engineering • Phishing • Malware • Trojans and Spyware • Preventing Malware • Anti-Virus Software • Removing Malware
Network Attacks • Network Fundamentals • Sniffers and Protocol Analyzers • ARP Attacks • IP Spoofing and Hijacking • Network Mappers and Port Scanners • Denial of Service Attacks
Assessment Tools and Techniques • Vulnerability Assessments and Pentests • Security Assessment Techniques • Vulnerability Scanners • Honeypots and Honeynets -
Module 3 – Network Security
Secure Network Design Secure Network Topologies • Demilitarized Zones • Other Security Zones • Network Device Exploitation • Switches and VLANs • Switch Vulnerabilities and Exploits • Routers • Network Address Translation
Security Appliances and Applications • Basic Firewalls • Stateful Firewalls • Proxies and Gateways • Implementing a Firewall or Gateway • Web and Email Security Gateways • Intrusion Detection Systems • IDS Analysis Engines • Monitoring System Logs
Wireless Network Security • Wireless LANs • WEP and WPA • Wi-Fi Authentication • Additional Wi-Fi Security Settings • Wi-Fi Site Security
VPN and Remote Access Security • Remote Access • Virtual Private Networks • IPSec • Remote Access Servers • Remote Administration Tools • Hardening Remote Access Infrastructure
Network Application Security • Application Layer Security • DHCP Security • DNS Security • SNMP Security • Storage Area Network Security • IPv4 versus IPv6 • Telephony -
Module 5 – Operational Security
Site Security Site Layout and Access • Gateways and Locks • Alarm Systems • Surveillance • Hardware Security • Environmental Controls • Hot and Cold Aisles • RFI / EMI • Fire Prevention and Suppression
Mobile and Embedded Device Security • Static Environments • Mitigating Risk in Static Environments • Mobile Device Security • Mobile Device Management • BYOD Concerns • Mobile Application Security • Bluetooth and NFC
Risk Management • Business Continuity Concepts • Risk Calculation • Risk Mitigation • Integration with Third Parties • Service Level Agreements • Change and Configuration Management
Disaster Recovery • Disaster Recovery Planning • IT Contingency Planning • Clusters and Sites
Incident Response and Forensics • Incident Response Procedures • Preparation • Detection, and Analysis • Containment • Eradication, and Recovery • Forensic Procedures • Collection of Evidence • Handling and Analyzing Evidence
Security Policies and Training • Corporate Security Policy • Operational Policies • Privacy and Employee Policies • Standards and Best Practice • Security Policy Training and User Habits
-
Module 2 – Cryptography and Access Control
Cryptography Uses of Cryptography • Cryptographic Terminology and Ciphers • Encryption Technologies • Cryptographic Hash Functions • Symmetric Encryption • Asymmetric Encryption • Diffie-Hellman • ECC and Quantum Cryptography • Transport Encryption • Cryptographic Attacks • Steganography • Labs • Steganography
Public Key Infrastructure • PKI and Certificates • Certificate Authorities • Implementing PKI • Creating Keys • Key Recovery Agents • Key Status and Revocation • PKI Trust Models • Cryptographic Standards • PGP / GPG • Labs • Configuring Certificate Services
Password Authentication • LAN Manager / NTLM • Kerberos • PAP and CHAP • Password Protection • Password Attacks
Strong Authentication • Token-based Authentication • Biometric Authentication • Common Access Card • Extensible Authentication Protocol • RADIUS and TACACS+ • Federation and Trusts
Authorization and Account Management • Privilege Policies • Directory Services • Lightweight Directory Access Protocol • Windows Active Directory • Creating and Managing User Accounts • Managing Group Accounts • Account Policy Enforcement • User Rights, Permissions, and Access Reviews -
Module 4 – Host, Data, and Application Security
Host Security Computer Hardening • Host Security Management Plan • OS Hardening • Patch Management • Endpoint Security • Network Access Control • Labs • Network Access Protection
Data Security • Data Handling • Data Encryption • Data Loss Prevention • Backup Plans and Policies • Backup Execution and Frequency • Restoring Data and Verifying Backups • Data Wiping and Disposal
Web Services Security • HyperText Transport Protocol • SSL / TLS • Web Servers • Load Balancers • File Transfer
Web Application Security • Web Application Technologies • Web Application Databases • Web Application Exploits • Web Application Browser Exploits • Secure Web Application Design • Auditing Web Applications • Web Browser Security
Virtualization and Cloud Security • Virtualization Technologies • Virtual Platform Applications • Virtualization Best Practices • Cloud Computing • Risks of Cloud Computing