CompTIA Security+

Overview

As a bench-mark to security administration, the Security+ certification provides entry level security administrators with the understanding and skills necessary for secure internetwork communications. Covering subjects like policies, authentication, encryption, viruses, firewalling and system hardening among others, the Security+ qualification ensures candidates receive the knowledge necessary for entry level security administrators.

Course Materials

All delegates are provided with highly recommended courseware. This includes the complete book on disk as well as many other resources like official technical drafts, white-papers and case studies. All students are furnished with materials like examination pads, pens, highlighters and other necessary stationary. Many other study aids are provided throughout the course ensuring each student a unique learning experience.

Course Duration

4 Days

Certification

Core Examination: SY0-301

For more details on the examination please use this link: Security+ 2011

Prerequisites

Candidates should have a good understanding of networking and systems infrastructure. Candidates should further have a professional certification or strong implementation skills from previous experience.

Course Topics

• Network Security: Firewalls, Routers, Switches, Load balancers, Proxies, Gateways, VPN, NIDS and NIPS, Protocol Analyzers, Sniffers, SPAM, URL filtering, Content inspection, Malware inspection.
• Secure Network: Rule based mangement, Firewall rules, VLAN management, Secure router, ACL, Port security, 802.1X, Flood guards, Loop protection, Log analysis.
• Network design: DMZ, Subnetting, VLAN, NAT, Remote Access, Telephony, NAC, Virtualisation, Cloud computing.
• Common protocols: IPSEC, SNMP, SSH, DNS, TLS, SSL, TCP/IP, FTPS, HTTPS, SFTP, SCP, ICMP, IPV4 Vs IPV6 and network protocol ports.
• Wireless networking: WPA, WPA2, WEP, EAP, PEAP, LEAP, MAC filter, SSID Broadcast, TKIP, CCMP, Antenna placement, Power level controls.
• Compliance and Operational Security: Control types, False postives, Polciies, Risk calculation, Quantitive Vs Qualitive, Risk avoidance, Transference, Acceptance, Mitigation, Deterrence, Risks associated with Cloud computing and Virtualisation.
• Risk Mitigation: Security controls, Change management, Incident management, User rights and permissions, Routine audits, Policies to prevent data loss/theft.
• Incident response prodcedures: Monitoring and witnesses, incident response teams.
• Security Training: Compliance and training people to understand importance of possible threats.
• Business continuity: Business impact, Planning strategies and disaster, High availability, Cold site, Hot site, Warm site.
• Environmental controls: HVAC, Fire suppression, EMI, Hot/Cold aisles, Enviroment monitoring, Temperature/Humidity controls, Video monitoring.
• CIA - Confidentiality, Integrity and Availability concepts.
• Threats and Vulnerabilities: Malware, Attacks, Social engineering, Wireless attacks, Application attacks, Deterrent techniques, Physical security, Hardening, Port security for devices, Security baselines, Reporting, IDS/IPS, Camera Vs Guard, Using tools to discover security threats, Penetration tests, Vulnerability scanning, Blackbox, Whitebox, and Graybox.
• Application, Data and Host Security: Application security, Procedures for host security, Data security, DLP, Data encryption, Hardware encryption, and Cloud computing.
• Access Control and Identity Mangement: RADIUS, TACACS, TACACS+, Kerberos, LDAP, XTACACS, Authentication, Authorisation and Access Control, Security controls/account management, User/Group privileges.
• Cryptography: Symmetric Vs Asymmetric, Block Vs Stream, Transport encryption, Non-repudiation, Hashing, Key Escrow, Steganography, Digital signatures, Elliptic curve and Quantum, Crypto tools, PKI Infrastructure.

Related Courses

Network +

Microsoft Certified Systems Administrator (MCSA)