800-413-0939

CompTIA Security+ Training Course

Hands On IT Training Across North AmericaRegister Now and Travel Packages
PDF E-mail this Page

CompTIA Security+

Duration: 5 Days | Price: $2595 *California residents call for pricing. | Class Dates:

Students Will Learn:

  • Identifying the Fundamental Concepts of Computer Security
  • Identifying Security Threats and Vulnerabilities
  • Examining Network Security
  • Managing Application, Data and Host Security
  • Identifying Access Control and Account Management Security Measures
  • Managing Public Key Infrastructure (PKI)
  • Managing Certificates
  • Identifying Compliance and Operational Security Measures
  • Managing Risk
  • Establishing Key Components of the Security Infrastructure
  • Managing Security Incidents
  • Developing Business Continuity and Disaster Recovery Plans

Course Description: This course is targeted toward an Information Technology (IT) professional who has networking and administrative skills in Windows-based TCP/IP networks and familiarity with other operating systems, such as OS X, UNIX, or Linux, and who wants to further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security+ Certification examination; or use Security+ as the foundation for advanced security certifications or career roles. Students will learn how to implement and monitor security on networks, applications, and operating systems, and respond to security breaches.

Course Prerequisites: Basic Windows skills and fundamental understanding of computer and networking concepts are required. CompTIA A+ and Network+ certifications, or equivalent knowledge, and six to nine months experience in networking, including experience configuring and managing TCP/IP, are strongly recommended.

CompTIA Security+ Course Overview:

Information Security Cycle
  • What Is Information Security?
  • What to Protect
  • Goals of Security
  • Vulnerabilities
  • Threats
  • Attacks
  • Intrusions
  • Risk
  • Controls
  • Types of Controls
  • Security Management Objectives
Information Security Controls
  • The CIA Triad
  • Non-repudiation
  • Authentication
  • Identification
  • The Five As
  • Access Control Methods
  • Implicit Deny
  • Least Privilege
  • Separation of Duties
  • Job Rotation
  • Mandatory Vacation
  • Time of Day Restrictions
  • Privilege Management
Authentication Methods
  • Authentication Factors
  • User Name/Password Authentication
  • Tokens
  • Trusted OS
  • Biometrics
  • Multi-Factor Authentication
  • Mutual Authentication
Cryptography Fundamentals
  • Cryptography
  • Encryption
  • Ciphers
  • Cipher Types
  • Encryption and Security Goals
  • Encryption Algorithms
  • Steganography
  • Keys
  • Hashing Encryption
  • Hashing Encryption Algorithms
  • Symmetric Encryption
  • Symmetric Encryption Algorithms
  • Asymmetric Encryption
  • Asymmetric Encryption Algorithms
  • Digital Signatures
  • Quantum Cryptography
  • Hardware-Based Encryption Devices
Security Policy Fundamentals
  • Security Policies
  • Security Policy Components
  • Security Policy Issues
  • Common Security Policy Types
  • Security Document Categories
  • Change Management
  • Documentation Handling Measures
Social Engineering
  • Social Engineering Attacks
  • Types of Social Engineering
  • Hackers and Attackers
  • Categories of Attackers
Physical Threats and Vulnerabilities
  • Physical Security
  • Physical Security Threats and Vulnerabilities
  • Hardware Attacks
  • Environmental Threats and Vulnerabilities
Network-Based Threats
  • TCP/IP Basics
  • Port Scanning Attacks
  • Eavesdropping Attacks
  • Replay Attacks
  • Social Network Attacks
  • Man-in-the-Middle Attacks
  • Denial of Service (DoS) Attacks
  • Distributed Denial of Service (DDoS) Attacks
  • Types of DoS Attacks
  • Session Hijacking
  • P2P Attacks
  • ARP Poisoning
  • DNS Vulnerabilities
Wireless Threats and Vulnerabilities
  • Wireless Security
  • Wireless Threats and Vulnerabilities
Software Based Threats
  • Software Attacks
  • Malicious Code Attacks
  • Types of Malicious Code Attacks
  • Password Attacks
  • Types of Password Attacks
  • Backdoor Attacks
  • Application Attacks
  • Types of Application Attacks
Network Devices and Technologies
  • Network Components
  • Network Devices
  • Network Technologies
  • Intrusion Detection Systems (IDSs)
  • NIDS
  • NIPS
  • Types of Network Monitoring Systems
  • Virtual Private Networks (VPNs)
  • VPN Concentrator
  • Web Security Gateways
Network Design Elements and Components
  • NAC
  • VLANs
  • Subnetting
  • NAT
  • Remote Access
  • Remote Access Methods
  • Telephony Components
  • Virtualization
  • Cloud Computing
  • Cloud Computing Service Types
Implementing Networking Protocols
  • Internet Protocols
  • DNS
  • HTTP
  • SSL
  • Transport Layer Security (TLS)
  • HTTPS
  • SSH
  • SNMP
  • ICMP
  • IPSec
  • File Transfer Protocols
  • Ports
  • MMC
Appling Network Security Administration Principles
  • Rule-Based Management
  • Network Administration Security Methods
Securing Wireless Traffic
  • The 802.11 Protocol
  • 802.11 Standards
  • The WAP Protocol
  • Wireless Security Protocols
  • Wireless Security Methods
Establishing Device/Host Security
  • Hardening
  • Operating System Security
  • Operating System Security Settings
  • Security Baselines
  • Software Updates
  • Patch Management
  • Logging
  • Auditing
  • Anti-Malware Software
  • Types of Anti-Malware Software
  • Virtualization Security Techniques
  • Hardware Security Controls
  • Strong Passwords
Application Security
  • What is Application Security?
  • Application Security Methods
  • Input Validation
  • Input Validation Vulnerabilities
  • Error and Exception Handling
  • Cross-Site Scripting
  • Cross-Site Request Forgery (XSRF)
  • Cross-Site Attack Prevention Methods
  • Fuzzing
  • Web Browser Security
Data Security
  • What is Data Security?
  • Data Security Vulnerabilities
  • Data Encryption Methods
  • Hardware-Based Encryption Devices
Mobile Security
  • Mobile Device Types
  • Mobile Device Vulnerabilities
  • Mobile Device Security Controls
Access Control and Authentication Services
  • Directory Services
  • LDAP
  • Common Directory Services
  • Remote Access Methods
  • Tunneling
  • VPN
  • Layer Two Tunneling Protocol (L2TP)
  • Point-to-Point Tunneling Protocol (PPTP)
  • CHAP
  • PAP
  • PGP
  • RADIUS
  • TACACS
  • Kerberos
  • The Kerberos Process
Implementing Account Management Security Controls
  • Identity Management
  • Account Management
  • Account Privileges
  • Account Policy
  • Multiple Accounts
  • Multiple User Account Issues
  • Account Management Security Controls
  • Group Policy
Installing a Certificate Authority (CA) Hierarchy
  • Digital Certificates
  • Certificate Authentication
  • Single vs. Dual Sided Certificate Authentication
  • Public Key Infrastructure (PKI)
  • PKI Components
  • CA Hierarchies (Trust Models)
  • The Root CA
  • Public and Private Roots
  • Subordinate CAs
  • Offline Root CAs
  • CA Hierarchy Design Options
  • Backing Up a CA
  • Restoring a CA
Enrolling Certificates
  • The Certificate Enrollment Process
  • The Certificate Life Cycle
  • Certificate Life Cycle Management
Securing Network Traffic by Using Certificates
  • SSL Enrollment Process
  • Renewing Certificates
  • Revoking Certificates
  • The Certificate Revocation List (CRL)
  • Backing Up Certificates and Private Keys
  • Private Key Protection Methods
  • Key Escrow
  • Private Key Restoration Methods
  • Private Key Replacement
Physical Security
  • Physical Security Controls
  • Physical Security Control Types
  • Environmental Exposures
  • Environmental Controls
  • Environmental Monitoring
Legal Compliance
  • Compliance Laws and Regulations
  • Legal Requirements
  • Types of Legal Requirements
  • Due Care
  • Due Diligence
  • Due Process
  • Forensic Requirements
Security Awareness and Training
  • Security Policy Awareness
  • Employee Education
  • User Security Responsibilities
Risk Analysis
  • Risk Management
  • Types of Risk
  • Components of Risk Analysis
  • Phases of Risk Analysis
  • Risk Analysis Methods
  • Risk Calculation
  • Risk Response Strategies
Implementing Risk Mitigation Strategies
  • Risk Control Types
  • Security Incident Management
  • Risk Mitigation Techniques
Implementing Vulnerability Assessment Tools and Techniques
  • Security Assessment Types
  • Security Assessment Techniques
  • Security Assessment Tools
  • Honeypots
Scanning for Vulnerabilities
  • The Hacking Process
  • Ethical Hacking
  • Penetration Testing and Vulnerability Scanning
  • Types of Vulnerability Scans
  • Box Testing Methods
  • Security Utilities
  • Vulnerable Port Ranges
Mitigation and Deterrent Techniques
  • Security Posture
  • Detection vs. Prevention Controls
  • Types of Mitigation and Deterrent Techniques
Responding to Security Incidents
  • Computer Crime
  • First Responders
  • Chain of Custody
  • Incident Response Policies
  • Computer Forensics
  • Order of Volatility
  • Basic Forensic Response Procedures for IT
  • Basic Forensic Process
Recovering from a Security Incident
  • Damage Assessment and Loss Control Guidelines
  • Organizational Security Reporting Structures
  • Security Incident Reporting Options
Business Continuity
  • Business Continuity Plans
  • Business Impact Analysis
  • Continuity of Operations Plan
  • IT Contingency Planning
  • Succession Planning
  • Business Continuity Testing
Planning for Disaster Recovery
  • Disaster Recovery Plans
  • Fault Tolerance
  • Redundancy Measures
  • High Availability
  • Alternate Sites
  • Disaster Recovery Testing
  • Disaster Recovery Evaluation and Maintenance
Executing Disaster Recovery Plans and Procedures
  • The Recovery Team
  • The Salvage Team
  • The Disaster Recovery Process
  • Secure Recovery
  • Backup Types and Recovery Plans
  • Backout Contingency Plans
  • Secure Backups
  • Backup Storage Locations
 

Multiple Training Locations - Convenience and Cost Control

Regularly Scheduled Courses in more than 75 Cities Across North America and the United Kingdom

Northeast/New England

CT - Hartford
CT - New Haven
CT - Stamford
DC - Washington
MA - Boston
MA - Chelmsford
MA - Quincy
MA - Springfield
MA - Waltham
MA - Woburn
MA - Worcester
MD - Baltimore
MD - Columbia
NH - Manchester
NH - Nashua
NJ - Jersey City
NJ - Newark
NJ - Princeton
NY - Albany
NY - Binghamton
NY - Buffalo
NY - Ithaca
NY - Manhattan
NY - Rochester
NY - Syracuse
PA - Harrisburg
PA - Philadelphia
PA - Pittsburgh
RI - Providence

Southeast

AL - Huntsville
FL - Fort Lauderdale
FL - Jacksonville
FL - Miami
FL - Orlando
FL - Pensacola
FL - Sarasota
FL - Tampa
FL - West Palm Beach
GA - Atlanta
GA - Savannah
LA - Shreveport
NC - Charlotte
NC - Raleigh-Durham
NC - Winston-Salem
SC - Charleston
VA - Alexandria
VA - Fairfax
VA - Norfolk
VA - Richmond
VA - Williamsburg

Midwest

AR - Little Rock
IA - Cedar Rapids
IA - Des Moines
IL - Chicago
IL - Schaumburg
IL - Springfield
IN - Indianapolis
KY - Louisville
MI - Detroit
MI - Lansing
MN - Minneapolis
MO - Kansas City
MO - St. Charles
MO - Springfield
NE - Omaha
OH - Cincinnati
OH - Cleveland
OH - Columbus
OH - Dayton
OK - Oklahoma City
OK - Tulsa
TN - Memphis
TN - Nashville
WI - Milwaukee

West/Southwest

AZ - Phoenix
AZ - Tucson
CA - Bakersfield
CA - Fresno
CA - Irvine
CA - Los Angeles
CA - Modesto
CA - Oakland
CA - Riverside
CA - Sacramento
CA - San Bernardino
CA - San Diego
CA - San Francisco
CA - San Jose
CA - Santa Clarita
CA - Santa Monica
CA - Temecula
CO - Denver
ID - Boise
NM - Albuquerque
NM - Las Cruces
NV - Las Vegas
OR - Portland
TX - Austin
TX - Corpus Christi
TX - Dallas
TX - El Paso
TX - Fort Worth
TX - Houston
TX - San Antonio
UT - Salt Lake City
WA - Seattle
WA - Spokane

Canada

AB - Calgary
AB - Edmonton
BC - Vancouver
MB - Winnipeg
QC - Montreal
QC - Quebec City
ON - Kingston
ON - Mississauga
ON - Ottawa
ON - Toronto
SK - Regina

United Kingdom

Birmingham
Bristol
Chelmsford
Edinburgh
Glasgow
Leeds
Liverpool
London
Manchester

SQL Training .NET Training Java Training Web Training UNIX/Linux Training Certification Training Register Now Travel Packages