Security+

Security+ 2018-05-08T16:03:03+00:00

Security+

Course Length :  35 Hours

Course Description

CompTIA Security+ is aimed at IT professionals with job roles such as security architect, security engineer, security consultant/specialist, information assurance technician, security administrator, systems administrator, and network administrator.

Course Prerequisites

Ideally, you should have successfully completed the “CompTIA Network+ Support Skills” course and have around 24 months’ experience of networking support or IT administration. It is not necessary that you pass the Network+ exam before completing Security+ certification, but it is recommended.

  • Know the function and basic features of the components of a PC.
  • Use Windows to create and manage files and use basic administrative features (Explorer, Control Panel, and Management Consoles).
  • Know basic network terminology and functions (such as OSI Model, Topology, Ethernet, TCP/IP, switches, routers).
  • Understand TCP/IP addressing, core protocols, and troubleshooting tools.

 

Outline

Security Threats and Controls

  • Security Controls
  • Why is Security Important?
  • Security Policy
  • Security Controls
  • Identification
  • Authentication
  • Authorization
  • Basic Authorization Policies
  • Accounting
  • Threats and Attacks
  • Vulnerability, Threat, and Risk
  • Social Engineering
  • Phishing
  • Malware /Trojans and Spyware
  • Preventing Malware
  • Anti-Virus Software
  • Removing Malware
  • Network Attacks
  • Network Fundamentals
  • Sniffers and Protocol Analyzers
  • ARP Attacks
  • IP Spoofing and Hijacking
  • Network Mappers and Port Scanners
  • Denial of Service Attacks
  • Assessment Tools and Techniques
  • Vulnerability Assessments and Pentests
  • Security Assessment Techniques
  • Vulnerability Scanners
  • Honeypots and Honeynets

Cryptography and Access Control

  • Cryptography
  • Uses of Cryptography
  • Cryptographic Terminology and Ciphers
  • Encryption Technologies
  • Cryptographic Hash Functions
  • Symmetric Encryption
  • Public Key Infrastructure
  • PKI and Certificates
  • Certificate Authorities
  • Implementing PKI
  • Creating Keys
  • Key Recovery Agents
  • Key Status and Revocation
  • PKI Trust Models
  • Cryptographic Standards
  • PGP / GPG
  • Password Authentication
  • LAN Manager / NTLM
  • Kerberos /PAP and CHAP
  • Password Protection
  • Password Attacks
  • Strong Authentication
  • Token-based Authentication
  • Asymmetric Encryption
  • Diffie-Hellman
  • ECC and Quantum Cryptography
  • Transport Encryption
  • Cryptographic Attacks
  • Steganography
  • Biometric Authentication
  • Common Access Card
  • Extensible Authentication Protocol
  • RADIUS and TACACS+
  • Federation and Trusts
  • Authorization and Account Management
  • Privilege Policies
  • Directory Services
  • Lightweight Directory Access Protocol
  • Windows Active Directory
  • Creating and Managing User Accounts
  • Managing Group Accounts
  • Account Policy Enforcement
  • User Rights, Permissions, and Access Reviews

Network Security

  • Secure Network Design
  • Secure Network Topologies
  • Demilitarized Zones
  • Other Security Zones
  • Network Device Exploitation
  • Switches and VLANs
  • Switch Vulnerabilities and Exploits
  • Routers
  • Network Address Translation
  • Security Appliances and Applications
  • Basic Firewalls
  • Stateful Firewalls
  • Proxies and Gateways
  • Implementing a Firewall or Gateway
  • Web and Email Security Gateways
  • Intrusion Detection Systems
  • IDS Analysis Engines
  • Monitoring System Logs
  • Wireless Network Security
  • Wireless LANs
  • WEP and WPA
  • Wi-Fi Authentication
  • Additional Wi-Fi Security Settings
  • Wi-Fi Site Security
  • VPN and Remote Access Security
  • Remote Access
  • Virtual Private Networks
  • IPSec
  • Remote Access Servers
  • Remote Administration Tools
  • Hardening Remote Access Infrastructure
  • Network Application Security
  • Application Layer Security
  • DHCP Security
  • DNS Security
  • SNMP Security
  • Storage Area Network Security
  • IPv4 versus IPv6
  • Telephony

Application Security

  • Host Security
  • Computer Hardening
  • Host Security Management Plan
  • Network Access Control
  • Data Security
  • Data Handling
  • Data Encryption
  • Data Loss Prevention
  • Backup Plans and Policies
  • Backup Execution and Frequency
  • Restoring Data and Verifying Backups
  • Data Wiping and Disposal
  • Web Services Security
  • HyperText Transport Protocol
  • SSL / TLS
  • Web Servers
  • Load Balancers
  • File Transfer
  • OS Hardening
  • Patch Management
  • Endpoint Security
  • Web Application Security
  • Web Application Technologies
  • Web Application Databases
  • Web Application Exploits
  • Web Application Browser Exploits
  • Secure Web Application Design
  • Auditing Web Applications
  • Web Browser Security
  • Virtualization and Cloud Security
  • Virtualization Technologies
  • Virtual Platform Applications
  • Virtualization Best Practices
  • Cloud Computing
  • Risks of Cloud Computing

Operational Security

  • Site Security
  • Site Layout and Access
  • Gateways and Locks
  • Alarm Systems
  • Surveillance
  • Hardware Security
  • Environmental Controls
  • Hot and Cold Aisles
  • RFI / EMI
  • Fire Prevention and Suppression
  • Mobile and Embedded Device Security
  • Static Environments
  • Mitigating Risk in Static Environments
  • Mobile Device Security
  • Mobile Device Management
  • BYOD Concerns
  • Mobile Application Security
  • Bluetooth and NFC
  • Risk Management
  • Business Continuity Concepts
  • Risk Calculation
  • Risk Mitigation
  • Integration with Third Parties
  • Service Level Agreements
  • Change and Configuration Management
  • Disaster Recovery
  • Disaster Recovery Planning
  • IT Contingency Planning
  • Clusters and Sites
  • Incident Response and Forensics
  • Incident Response Procedures
  • Preparation
  • Detection and Analysis
  • Containment
  • Eradication and Recovery
  • Forensic Procedures
  • Collection of Evidence
  • Handling and Analyzing Evidence
  • Security Policies and Training
  • Corporate Security Policy
  • Operational Policies
  • Privacy and Employee Policies
  • Standards and Best Practice
  • Security Policy Training and User Habits
Online Course Fee Payment
Other Amount:
Your Email Address:

Security+

  • Duration :   35 Hours
  • Certificates :   Yes
Online Course Fee Payment
Other Amount:
Your Email Address:

Quick Facts

CompTIA Security+ is aimed at IT professionals with job roles such as security architect, security engineer, security consultant/specialist, information assurance technician, security administrator, systems administrator, and network administrator.