CompTIA Training

CompTIA Security+

Course Description:

This course will prepare students to pass the current CompTIA Security+ SY0-301 certification exam. After taking this course, students will understand the field of network security and how it relates to other areas of information technology.

CompTIA Security+ is an international, vendor-neutral certification that demonstrates competency in:

    * Network security

    * Compliance and operational security

    * Threats and vulnerabilities

    * Application, data and host security

    * Access control and identity management

    * Cryptography

Who Should Attend:

This course is targeted toward an Information Technology (IT) professional who has networking and administrative skills in Windows-based TCP/IP networks and familiarity with other operating systems, such as NetWare, Macintosh, UNIX/Linux, and OS/2, who wants to: further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security+ Certification examination; or use Security+ as the foundation for advanced security certifications or career roles.

Benefits of Attendance:

Upon completion of this course, students will be able to:

• Identify security threats.
• Harden internal systems and services.
• Harden internetwork devices and services.
• Secure network communications.
• Manage a PKI.
• Manage certificates.
• Enforce an organizational security policy.
• Monitor the security infrastructure.

Recommended Experience:

CompTIA Network+ certification and two years of technical networking experience, with an emphasis on security.

Course Domain:

Domain 1.0 – Network Security

• Security Function & Purpose of Network Devices & Technologies
• Apply & Implement Secure Network Administration Principles
• Distinguish & Differentiate Network Design Elements & Compounds
• Implement & Use Common Protocols
• Identify Commonly used default Network Ports
• Implement Wireless Network in a Secure Manner

Domain 2.0 – Compliance & Organizational Security

• Explain Risk related Concepts
• Carry out appropriate Risk Mitigation Strategies
• Execute appropriate Incident Response Procedures
• Importance of Security related Awareness & Training
• Compare & Contrast aspects of Business Continuity
• Impact & Proper use of Environmental Controls
• Execute Disaster Recovery Plans & Procedures
• Concepts of Confidentiality, Integrity & Availability (CIA)

Domain 3.0 – Threats & Vulnerabilities

• Analyze & Differentiate among Types of Malware
• Analyze & Differentiate among Types of Attacks
• Analyze & Differentiate among Types of Social Engineering Attacks
• Analyze & Differentiate among Types of Wireless Attacks
• Analyze & Differentiate among Types of Application Attacks
• Analyze & Differentiate among Types of Mitigation & Deterrent Techniques
• Implement Assessment Tools & Techniques to Discover Security Threats & Vulnerabilities
• Within the scope of Vulnerability Assessments, uses of Penetration Testing vs. Vulnerability Scanning

Domain 4.0 – Application, Data & Host Security

• Importance of Application Security
• Procedures to Establish Host Security
• Importance of Data Security

Domain 5.0 – Access Control & Identity Management

• Function & Purpose of Authentication Services
• Fundamental Concepts & Best Practices related to Authentication, Authorization & Access Control
• Implement Security Controls when Performing Account Management

Domain 6.0 – Cryptography

• Summarize general Cryptography Concepts
• Cryptographic Tools and Products
• Core Concepts of Public Key Infrastructure

Implement PKI, Certificate Management & Associated Components