Certification Training Category > CD-ROM Online >

Computer Training Courses CDs and Videos
Home Page Training
Product List
New Products
Classes
A+ Certification
Adobe Acrobat
AutoCAD Training
Business Softwares
CDIA + Certification
Certified Wireless Admin
Check Point CCSA NGX
Cisco Certification Training
CISSP  Certification
CompTIA Courses
CTP Certification
Computer Security Certification
Crystal Reports Training
Delphi Training
Desktop Publishing
Dreamweaver
Flash Training
IBM DB2 WebsphereTraining
i-Net+ Certification
Java Certification Training
Linux Training Course
Lotus Notes Main Page
MCDST Training
MCPD MCTS Microsoft.NET
MCSE Training
Microsoft Certification
MCSD Certification
Microsoft Office Training
MCTS MCITP SQL
Microsoft Project
Microsoft .NET Training
MOS MCAS Certification
Flash/Director/Premiere
Network+ Certification
Oracle Certification
Photoshop Tutorials
PHP Programming
Programming Training
PMP Project Management
SAP Training
Server+ Certification
Security+ Training
SharePoint Microsoft
UNIX Training
Visio Training Course
Visual Basic Training
Visual C++ Training
IBM Websphere
Web Training & Certification
Windows Operating Systems
Wordperfect 11
3D Studio Max Training
Demo Page
Testimonials
Resource Links
Specials
Privacy Policy
About Us
Training Specials
Testimonials
MCMCSE
IT Articles

Security+ Training

Security+ Certification (Exam: SY0-101)

Security+ Boot Camp

CompTIA Security+ Certification certifies the competency of security professionals working in the IT industry. The theft or destruction of information or the disruption of communication resources can result in not only lost time and revenue, but also an irreparable loss of confidence by clients and customers. The ability of computer networks to remain functional continuously for only their intended users has been a necessity to business. Professionals who have Security+ training, who have demonstrated the ability to respond to human and organizational weaknesses by passing Security+ tests, and who have had instruction in cryptography, communication security, can use real-world tools, understand the infrastructure, and haven't just studied Security+ brain dumps will demand the respect of the IT industry. Your success in our Security+ training and investigation of our Security+ study guide will result in not only passing Security+ tests, but also success against those who would steal, destroy, or disable your business. Start your certification training today!

CompTIA Security+ Certification Training Curriculum - Test Objectives

Security+ certification exam is targeted at professionals with at least two years of networking experience and possess a thorough knowledge of TCP/IP. Those holding the Security+ certification have demonstrated the aptitude and ability to master such knowledge areas as: general security concepts, communications security, infrastructure security, basics of cryptography, and operational/organizational security.

It is recommended that the Security+ test candidate have the knowledge and skills equivalent of those tested for in the CompTIA A+ and Network+ certification exams.

Content Areas:                                                           % of Exam

CompTIA Security+ General Exam Information

The CompTIA Security+ certification exam is targeted at professionals with at least two years of networking experience and possess a thorough knowledge of TCP/IP. Those holding the Security+ certification have demonstrated the aptitude and ability to master such knowledge areas as: general security concepts, communications security, infrastructure security, basics of cryptography, and operational/organizational security.

It is recommended that the Security+ test candidate have the knowledge and skills equivalent of those tested for in the CompTIA A+ and Network+ certification exams.

Security+ Online Course Details

s91150on

$269.00

Security+  CD Set, Test Preps and Online Mentoring

s91150cd

$299.00

Security+ Certification Examination Objectives

Response Limits

The examinee selects the option that best completes the statement or answers the question from four (4) or more response options. Distracters or wrong answers are response options that examinees with incomplete knowledge or skill would likely choose, but are generally plausible responses fitting into the content area

Test item formats used in this examination are:

    Multiple-choice:
    The examinee selects one option that best answers the question or completes the statement. The option may be to point and click on a selection that is embedded in a graphic.

    Sample Directions:
    The examinee reads the statement or question and selects only the option(s) that represent the best answer(s) from the options presented.

Security+ Domain 1.0 General Security Concepts

1.1. Access Control
1.1.1. MAC/DAC/RBAC

1.2. Authentication
1.2.1. Kerberos
1.2.2. CHAP
1.2.3. Certificates
1.2.4. Username/Password
1.2.5. Tokens
1.2.6. Multi-Factor
1.2.7. Mutual Authentication
1.2.8. Biometrics

1.3. Non-essential Services and Protocols - Disabling unnecessary systems / process / programs.

1.4. Attacks
1.4.1. DOS/DDOS
1.4.2. Back Door
1.4.3. Spoofing
1.4.4. Man in the Middle
1.4.5. Replay
1.4.6. TCP/IP Hijacking
1.4.7. Weak Keys
1.4.8. Mathematical
1.4.9. Social Engineering
1.4.10. Birthday
1.4.11. Password Guessing
1.4.11.1. Brute Force
1.4.11.2. Dictionary
1.4.12. Software Exploitation

1.5. Malicious Code
1.5.1. Viruses
1.5.2. Trojan Horses
1.5.3. Logic Bombs
1.5.4. Worms

1.6. Social Engineering

1.7. Auditing - Logging, system scanning

top

Security+ Domain 2.0 Communication Security

1.1. Remote Access
1.1.1. 802.1x
1.1.2. VPN
1.1.3. RADIUS
1.1.4. TACACS/+
1.1.5. L2TP/PPTP
1.1.6. SSH
1.1.7. IPSEC
1.1.8. Vulnerabilities

1.2. Email
1.2.1. S/MIME
1.2.2. PGP
1.2.3. Vulnerabilities
1.2.3.1. Spam
1.2.3.2. Hoaxes

1.3. Web
1.3.1. SSL/TLS
1.3.2. HTTP/S
1.3.3. Instant Messaging
1. 3.3.1 Vulnerabilities
1.3.3.2 8.3 Naming Conventions
1.3.3.3 Packet Sniffing
113.3.4 Privacy
1.3.4. Vulnerabilities
1.3.4.1. Java Script
1.3.4.2. ActiveX
1.3.4.3. Buffer Overflows
1.3.4.4. Cookies
1.3.4.5. Signed Applets
1.3.4.6. CGI
1.3.4.7. SMTP Relay

1.4. Directory - Recognition not administration
1.4.1. SSL/TLS
1.4.2. LDAP

1.5. File Transfer
1.5.1. S/FTP
1.5.2. Blind FTP/Anonymous
1.5.3. File sharing
1.5.4. Vulnerabilities
1.5.4.1. Packet Sniffing

1.6. Wireless
1.6.1. WTLS
1.6.2. 802.11x
1.6.3. WEP/WAP
1.6.4. Vulnerabilities
1.6.4.1. Site Surveys

top

Security+ Domain 3.0 Infrastructure Security

1.1. Devices
1.1.1. Firewalls
1.1.2. Routers
1.1.3. Switches
1.1.4. Wireless
1.1.5. Modems
1.1.6. RAS
1.1.7. Telecom/PBX
1.1.8. VPN
1.1.9. IDS
1.1.10. Network Monitoring/Diagnostic
1.1.11. Workstations
1.1.12. Servers
1.1.13. Mobile Devices

1.2. Media
1.2.1. Coax
1.2.2. UTP/STP
1.2.3. Fiber
1.2.4. Removable media
1.2.4.1. Tape
1.2.4.2. CDR
1.2.4.3. Hard drives
1.2.4.4. Diskettes
1.2.4.5. Flashcards
1.2.4.6. Smartcards

1.3. Security Topologies
1.3.1. Security Zones
1.3.1.1. DMZ
1.3.1.2. Intranet
1.3.1.3. Extranet
1.3.2. VLANs
1.3.3. NAT
1.3.4. Tunneling

1.4. Intrusion Detection
1.4.1. Network Based
1.4.1.1. Active Detection
1.4.1.2. Passive Detection
1.4.2. Host Based
1.4.2.1. Active Detection
1.4.2.2. Passive Detection

1.4.3. Honey pots
1.4.4. Incident Response

1.5. Security Baselines
1.5.1. OS/NOS Hardening (Concepts and processes)
1.5.1.1. File System
1.5.1.2. Updates (Hotfixes, Service Packs, Patches)
1.5.2. Network Hardening
1.5.2.1. Updates (Firmware)
1.5.2.2. Configuration
1.5.2.2.1. Enabling and Disabling Services and Protocols
1.5.2.2.2. Access control lists
1.5.3. Application Hardening
1.5.3.1. Updates (Hotfixes, Service Packs, Patches)
1.5.3.2. Web Servers
1.5.3.3. Email Servers
1.5.3.4. FTP Servers
1.5.3.5. DNS Servers
1.5.3.6. NNTP Servers
1.5.3.7. File/Print Servers
1.5.3.8. DHCP Servers
1.5.3.9. Data Repositories
1.5.3.9.1. Directory Services
1.5.3.9.2. Databases

top

Security+ Domain 4.0 Basics of Cryptography

1.1. Algorithms
1.1.1. Hashing
1.1.2. Symmetric
1.1.3. Asymmetric

1.2. Concepts of Using Cryptography
1.2.1. Confidentiality
1.2.2. Integrity
1.2.2.1. Digital Signatures
1.2.3. Authentication
1.2.4. Non-Repudiation
1.2.4.1. Digital Signatures
1.2.5. Access Control

1.3. PKI
1.3.1. Certificates - Distinguish which certificates are used for what purpose. Basics only.
1.3.1.1. Certificate Policies
1.3.1.2. Certificate Practice Statements
1.3.2. Revocation
1.3.3. Trust Models

1.4. Standards and Protocols

1.5. Key Management/Certificate Lifecycle
1.5.1. Centralized vs. Decentralized
1.5.2. Storage
1.5.2.1. Hardware vs. Software
1.5.2.2. Private Key Protection
1.5.3. Escrow
1.5.4. Expiration
1.5.5. Revocation
1.5.5.1. Status Checking
1.5.6. Suspension
1.5.6.1. Status Checking
1.5.7. Recovery
1.5.7.1. M of N Control
1.5.8. Renewal
1.5.9. Destruction
1.5.10. Key Usage
1.5.10.1. Multiple Key Pairs (Single, Dual)

top

Security+ Domain 5.0 Operational/Organizational Security

1.1. Physical Security
1.1.1. Access Control
1.1.1.1. Physical Barriers
1.1.1.2. Biometrics
1.1.2. Social Engineering
1.1.3. Environment
1.1.3.1. Wireless Cells
1.1.3.2. Location
1.1.3.3. Shielding
1.1.3.4. Fire Suppression

1.2. Disaster Recovery
1.2.1. Backups
1.2.1.1. Off Site Storage
1.2.2. Secure Recovery
1.2.2.1. Alternate Sites
1.2.3. Disaster Recovery Plan

1.3. Business Continuity
1.3.1. Utilities
1.3.2. High Availability / Fault Tolerance
1.3.3. Backups

1.4. Policy and Procedures
1.4.1. Security Policy
1.4.1.1. Acceptable Use
1.4.1.2. Due Care
1.4.1.3. Privacy
1.4.1.4. Separation of duties
1.4.1.5. Need to Know
1.4.1.6. Password Management
1.4.1.7. SLA
1.4.1.8. Disposal / Destruction
5.4.1.9 HR Policy
5.4.1.9.1 Termination - Adding / revoking passwords, privileges, etc.
5.4.1.9.2 Hiring - Adding / revoking passwords, privileges, etc.
5.4.1.9.3 Code of Ethics
1.4.2. Incident Response Policy

1.5. Privilege Management
1.5.1. User/Group/Role Management
1.5.2. Single Sign-on
1.5.3. Centralized vs. Decentralized
1.5.4. Auditing (Privilege, Usage, Escalation)
1.5.5. MAC/DAC/RBAC

1.6. Forensics (Awareness, conceptual knowledge and understanding - know what your role is)
1.6.1. Chain of Custody
1.6.2. Preservation of Evidence
1.6.3. Collection of Evidence

1.7. Risk Identification
1.7.1. Asset Identification
1.7.2. Risk Assessment
1.7.3. Threat Identification
1.7.4. Vulnerabilities

1.8. Education - Training of end users, executives and HR
1.8.1. Communication
1.8.2. User Awareness
1.8.3. Education
1.8.4. Online Resources

1.9. Documentation
1.9.1. Standards and Guidelines
1.9.2. Systems Architecture
1.9.3. Change Documentation
1.9.4. Logs and Inventories
1.9.5. Classification
1.9.5.1. Notification
1.9.6. Retention/Storage
1.9.7. Destruction top

This Study guide and/or material is not sponsored by, endorsed by or affiliated with Cisco Systems, Inc. Cisco®, Cisco Systems®, CCDA™, CCNA ™, CCDP™, CCNP ™, CCIE™, CCSI™, the Cisco Systems logo and the CCIE logo are trademarks or registered trademarks of Cisco Systems, Inc.

CDi

sales@cdicomp.com
webmaster@netwind.com
Copyright  © CDi Communications Inc. 1996-2008

*30-Day Guarantee applies only if products purchased are returned with 50% of product unopened. For example if product purchased contains 6 videos, 3 must remain unopened.