CompTIA Security+ Training Certification Course Online or CBT CD
 CompTIA Security+ training course certification certifies the competency of security
professionals working in the IT industry. The theft or destruction of information or the disruption of communication resources can result in not only lost time and revenue, but
also an irreparable loss of confidence by clients and customers. The ability of computer networks to remain functional continuously for only their intended users has been a
necessity to business. Professionals who have Security+ training, who have demonstrated the ability to respond to human and organizational weaknesses by
passing the CompTIA tests, and who have had instruction in cryptography, communication security, can use real-world tools, understand the infrastructure, and
haven't just studied brain dumps will demand the respect of the IT industry. Your success in our training course will result in not only passing the certification exam, but
also success against those who would steal, destroy, or disable your business. Start your certification training today! This course is part of the DOD 8570 requirement.
CompTIA Security+ Training Certification Course
The certification exam is targeted at professionals with at least two years of networking experience and possess a thorough knowledge of TCP/IP. Those holding the
certification have demonstrated the aptitude and ability to master such knowledge areas as: general security concepts, communications security, infrastructure security, basics of cryptography, and
operational/organizational security.
It is recommended that the Security+ test candidate have the knowledge and skills equivalent of those tested for in the CompTIA
A+ and Network+ certification exams.
Training Curriculum contains the following
 Full Multi Media animated Training Course
24 x 7 access online for one year or CD-ROMS
Online Training can be downloaded to your hard drive for off line viewing
 Interactive Labs and Exercises
 Online mentoring - Instructor live access online 24 x 7 to answer any questions regarding your training
 Printable Transcripts of all lessons - no need for books that don't map to the training
Certificate of Completion
One Year of Free Upgrades of training course
Regular $399.00 Sales Price $299.00 online or
$349.00 CD-ROMS
|
Security+ Online Course One Year Access
|
s91150on
|
$249.00
|
|
|
Security+ CD-ROMs
|
s91150cd
|
$299.00
|
|
Security+ Certification Course Outline
Domain 1.0 General Security Concepts
1.1. Access Control
1.1.1. MAC/DAC/RBAC
1.2. Authentication
1.2.1. Kerberos
1.2.2. CHAP
1.2.3. Certificates
1.2.4. Username/Password
1.2.5. Tokens
1.2.6. Multi-Factor
1.2.7. Mutual Authentication
1.2.8. Biometrics
1.3. Non-essential Services and Protocols - Disabling unnecessary systems / process / programs.
1.4. Attacks
1.4.1. DOS/DDOS
1.4.2. Back Door
1.4.3. Spoofing
1.4.4. Man in the Middle
1.4.5. Replay
1.4.6. TCP/IP Hijacking
1.4.7. Weak Keys
1.4.8. Mathematical
1.4.9. Social Engineering
1.4.10. Birthday
1.4.11. Password Guessing
1.4.11.1. Brute Force
1.4.11.2. Dictionary
1.4.12. Software Exploitation
1.5. Malicious Code
1.5.1. Viruses
1.5.2. Trojan Horses
1.5.3. Logic Bombs
1.5.4. Worms
1.6. Social Engineering
1.7. Auditing - Logging, system scanning
Domain 2.0 Communication Security
1.1. Remote Access
1.1.1. 802.1x
1.1.2. VPN
1.1.3. RADIUS
1.1.4. TACACS/+
1.1.5. L2TP/PPTP
1.1.6. SSH
1.1.7. IPSEC
1.1.8. Vulnerabilities
1.2. Email
1.2.1. S/MIME
1.2.2. PGP
1.2.3. Vulnerabilities
1.2.3.1. Spam
1.2.3.2. Hoaxes
1.3. Web
1.3.1. SSL/TLS
1.3.2. HTTP/S
1.3.3. Instant Messaging
1.
3.3.1 Vulnerabilities
1.3.3.2 8.3 Naming Conventions
1.3.3.3 Packet Sniffing
113.3.4 Privacy
1.3.4. Vulnerabilities
1.3.4.1. Java Script
1.3.4.2. ActiveX
1.3.4.3. Buffer Overflows
1.3.4.4. Cookies
1.3.4.5. Signed Applets
1.3.4.6. CGI
1.3.4.7. SMTP Relay
1.4. Directory - Recognition not administration
1.4.1. SSL/TLS
1.4.2. LDAP
1.5. File Transfer
1.5.1. S/FTP
1.5.2. Blind FTP/Anonymous
1.5.3. File sharing
1.5.4. Vulnerabilities
1.5.4.1. Packet Sniffing
1.6. Wireless
1.6.1. WTLS
1.6.2. 802.11x
1.6.3. WEP/WAP
1.6.4. Vulnerabilities
1.6.4.1. Site Surveys
Domain 3.0 Infrastructure Security
1.1. Devices
1.1.1. Firewalls
1.1.2. Routers
1.1.3. Switches
1.1.4. Wireless
1.1.5. Modems
1.1.6. RAS
1.1.7. Telecom/PBX
1.1.8. VPN
1.1.9. IDS
1.1.10. Network Monitoring/Diagnostic
1.1.11. Workstations
1.1.12. Servers
1.1.13. Mobile Devices
1.2. Media
1.2.1. Coax
1.2.2. UTP/STP
1.2.3. Fiber
1.2.4. Removable media
1.2.4.1. Tape
1.2.4.2. CDR
1.2.4.3. Hard drives
1.2.4.4. Diskettes
1.2.4.5. Flashcards
1.2.4.6. Smartcards
1.3. Security Topologies
1.3.1. Security Zones
1.3.1.1. DMZ
1.3.1.2. Intranet
1.3.1.3. Extranet
1.3.2. VLANs
1.3.3. NAT
1.3.4. Tunneling
1.4. Intrusion Detection
1.4.1. Network Based
1.4.1.1. Active Detection
1.4.1.2. Passive Detection
1.4.2. Host Based
1.4.2.1. Active Detection
1.4.2.2. Passive Detection
1.4.3. Honey pots
1.4.4. Incident Response
1.5. Security Baselines
1.5.1. OS/NOS Hardening (Concepts and processes)
1.5.1.1. File System
1.5.1.2. Updates (Hotfixes, Service Packs, Patches)
1.5.2. Network Hardening
1.5.2.1. Updates (Firmware)
1.5.2.2. Configuration
1.5.2.2.1. Enabling and Disabling Services and Protocols
1.5.2.2.2. Access control lists
1.5.3. Application Hardening
1.5.3.1. Updates (Hotfixes, Service Packs, Patches)
1.5.3.2. Web Servers
1.5.3.3. Email Servers
1.5.3.4. FTP Servers
1.5.3.5. DNS Servers
1.5.3.6. NNTP Servers
1.5.3.7. File/Print Servers
1.5.3.8. DHCP Servers
1.5.3.9. Data Repositories
1.5.3.9.1. Directory Services
1.5.3.9.2. Databases
Domain 4.0 Basics of Cryptography
1.1. Algorithms
1.1.1. Hashing
1.1.2. Symmetric
1.1.3. Asymmetric
1.2. Concepts of Using Cryptography
1.2.1. Confidentiality
1.2.2. Integrity
1.2.2.1. Digital Signatures
1.2.3. Authentication
1.2.4. Non-Repudiation
1.2.4.1. Digital Signatures
1.2.5. Access Control
1.3. PKI
1.3.1. Certificates - Distinguish which certificates are used for what purpose. Basics only.
1.3.1.1. Certificate Policies
1.3.1.2. Certificate Practice Statements
1.3.2. Revocation
1.3.3. Trust Models
1.4. Standards and Protocols
1.5. Key Management/Certificate Lifecycle
1.5.1. Centralized vs. Decentralized
1.5.2. Storage
1.5.2.1. Hardware vs. Software
1.5.2.2. Private Key Protection
1.5.3. Escrow
1.5.4. Expiration
1.5.5. Revocation
1.5.5.1. Status Checking
1.5.6. Suspension
1.5.6.1. Status Checking
1.5.7. Recovery
1.5.7.1. M of N Control
1.5.8. Renewal
1.5.9. Destruction
1.5.10. Key Usage
1.5.10.1. Multiple Key Pairs (Single, Dual)
Domain 5.0 Operational/Organizational Security
1.1. Physical Security
1.1.1. Access Control
1.1.1.1. Physical Barriers
1.1.1.2. Biometrics
1.1.2. Social Engineering
1.1.3. Environment
1.1.3.1. Wireless Cells
1.1.3.2. Location
1.1.3.3. Shielding
1.1.3.4. Fire Suppression
1.2. Disaster Recovery
1.2.1. Backups
1.2.1.1. Off Site Storage
1.2.2. Secure Recovery
1.2.2.1. Alternate Sites
1.2.3. Disaster Recovery Plan
1.3. Business Continuity
1.3.1. Utilities
1.3.2. High Availability / Fault Tolerance
1.3.3. Backups
1.4. Policy and Procedures
1.4.1. Security Policy
1.4.1.1. Acceptable Use
1.4.1.2. Due Care
1.4.1.3. Privacy
1.4.1.4. Separation of duties
1.4.1.5. Need to Know
1.4.1.6. Password Management
1.4.1.7. SLA
1.4.1.8. Disposal / Destruction
5.4.1.9 HR Policy
5.4.1.9.1 Termination - Adding / revoking passwords, privileges, etc.
5.4.1.9.2 Hiring - Adding / revoking passwords, privileges, etc.
5.4.1.9.3 Code of Ethics
1.4.2. Incident Response Policy
1.5. Privilege Management
1.5.1. User/Group/Role Management
1.5.2. Single Sign-on
1.5.3. Centralized vs. Decentralized
1.5.4. Auditing (Privilege, Usage, Escalation)
1.5.5. MAC/DAC/RBAC
1.6. Forensics (Awareness, conceptual knowledge and understanding - know what your role is)
1.6.1. Chain of Custody
1.6.2. Preservation of Evidence
1.6.3. Collection of Evidence
1.7. Risk Identification
1.7.1. Asset Identification
1.7.2. Risk Assessment
1.7.3. Threat Identification
1.7.4. Vulnerabilities
1.8. Education - Training of end users, executives and HR
1.8.1. Communication
1.8.2. User Awareness
1.8.3. Education
1.8.4. Online Resources
1.9. Documentation
1.9.1. Standards and Guidelines
1.9.2. Systems Architecture
1.9.3. Change Documentation
1.9.4. Logs and Inventories
1.9.5. Classification
1.9.5.1. Notification
1.9.6. Retention/Storage
1.9.7. Destruction top
|
