800-413-0939

CompTIA Security+ Training Course

CompTIA Security+

Duration: 5 Days | Price: $2595 *California residents call for pricing. | Class Dates:

Click here for information regarding remote access training.

Students Will Learn:

  • Identifying the Fundamental Concepts of Computer Security
  • Identifying Security Threats and Vulnerabilities
  • Examining Network Security
  • Managing Application, Data and Host Security
  • Identifying Access Control and Account Management Security Measures
  • Managing Public Key Infrastructure (PKI)
  • Managing Certificates
  • Identifying Compliance and Operational Security Measures
  • Managing Risk
  • Establishing Key Components of the Security Infrastructure
  • Managing Security Incidents
  • Developing Business Continuity and Disaster Recovery Plans

Course Description: This course is targeted toward an Information Technology (IT) professional who has networking and administrative skills in Windows-based TCP/IP networks and familiarity with other operating systems, such as OS X, UNIX, or Linux, and who wants to further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security+ Certification examination; or use Security+ as the foundation for advanced security certifications or career roles. Students will learn how to implement and monitor security on networks, applications, and operating systems, and respond to security breaches.

Course Prerequisites: Basic Windows skills and fundamental understanding of computer and networking concepts are required. CompTIA A+ and Network+ certifications, or equivalent knowledge, and six to nine months experience in networking, including experience configuring and managing TCP/IP, are strongly recommended.

CompTIA Security+ Course Overview:

Information Security Cycle
  • What Is Information Security?
  • What to Protect
  • Goals of Security
  • Vulnerabilities
  • Threats
  • Attacks
  • Intrusions
  • Risk
  • Controls
  • Types of Controls
  • Security Management Objectives
Information Security Controls
  • The CIA Triad
  • Non-repudiation
  • Authentication
  • Identification
  • The Five As
  • Access Control Methods
  • Implicit Deny
  • Least Privilege
  • Separation of Duties
  • Job Rotation
  • Mandatory Vacation
  • Time of Day Restrictions
  • Privilege Management
Authentication Methods
  • Authentication Factors
  • User Name/Password Authentication
  • Tokens
  • Trusted OS
  • Biometrics
  • Multi-Factor Authentication
  • Mutual Authentication
Cryptography Fundamentals
  • Cryptography
  • Encryption
  • Ciphers
  • Cipher Types
  • Encryption and Security Goals
  • Encryption Algorithms
  • Steganography
  • Keys
  • Hashing Encryption
  • Hashing Encryption Algorithms
  • Symmetric Encryption
  • Symmetric Encryption Algorithms
  • Asymmetric Encryption
  • Asymmetric Encryption Algorithms
  • Digital Signatures
  • Quantum Cryptography
  • Hardware-Based Encryption Devices
Security Policy Fundamentals
  • Security Policies
  • Security Policy Components
  • Security Policy Issues
  • Common Security Policy Types
  • Security Document Categories
  • Change Management
  • Documentation Handling Measures
Social Engineering
  • Social Engineering Attacks
  • Types of Social Engineering
  • Hackers and Attackers
  • Categories of Attackers
Physical Threats and Vulnerabilities
  • Physical Security
  • Physical Security Threats and Vulnerabilities
  • Hardware Attacks
  • Environmental Threats and Vulnerabilities
Network-Based Threats
  • TCP/IP Basics
  • Port Scanning Attacks
  • Eavesdropping Attacks
  • Replay Attacks
  • Social Network Attacks
  • Man-in-the-Middle Attacks
  • Denial of Service (DoS) Attacks
  • Distributed Denial of Service (DDoS) Attacks
  • Types of DoS Attacks
  • Session Hijacking
  • P2P Attacks
  • ARP Poisoning
  • DNS Vulnerabilities
Wireless Threats and Vulnerabilities
  • Wireless Security
  • Wireless Threats and Vulnerabilities
Software Based Threats
  • Software Attacks
  • Malicious Code Attacks
  • Types of Malicious Code Attacks
  • Password Attacks
  • Types of Password Attacks
  • Backdoor Attacks
  • Application Attacks
  • Types of Application Attacks
Network Devices and Technologies
  • Network Components
  • Network Devices
  • Network Technologies
  • Intrusion Detection Systems (IDSs)
  • NIDS
  • NIPS
  • Types of Network Monitoring Systems
  • Virtual Private Networks (VPNs)
  • VPN Concentrator
  • Web Security Gateways
Network Design Elements and Components
  • NAC
  • VLANs
  • Subnetting
  • NAT
  • Remote Access
  • Remote Access Methods
  • Telephony Components
  • Virtualization
  • Cloud Computing
  • Cloud Computing Service Types
Implementing Networking Protocols
  • Internet Protocols
  • DNS
  • HTTP
  • SSL
  • Transport Layer Security (TLS)
  • HTTPS
  • SSH
  • SNMP
  • ICMP
  • IPSec
  • File Transfer Protocols
  • Ports
  • MMC
Appling Network Security Administration Principles
  • Rule-Based Management
  • Network Administration Security Methods
Securing Wireless Traffic
  • The 802.11 Protocol
  • 802.11 Standards
  • The WAP Protocol
  • Wireless Security Protocols
  • Wireless Security Methods
Establishing Device/Host Security
  • Hardening
  • Operating System Security
  • Operating System Security Settings
  • Security Baselines
  • Software Updates
  • Patch Management
  • Logging
  • Auditing
  • Anti-Malware Software
  • Types of Anti-Malware Software
  • Virtualization Security Techniques
  • Hardware Security Controls
  • Strong Passwords
Application Security
  • What is Application Security?
  • Application Security Methods
  • Input Validation
  • Input Validation Vulnerabilities
  • Error and Exception Handling
  • Cross-Site Scripting
  • Cross-Site Request Forgery (XSRF)
  • Cross-Site Attack Prevention Methods
  • Fuzzing
  • Web Browser Security
Data Security
  • What is Data Security?
  • Data Security Vulnerabilities
  • Data Encryption Methods
  • Hardware-Based Encryption Devices
Mobile Security
  • Mobile Device Types
  • Mobile Device Vulnerabilities
  • Mobile Device Security Controls
Access Control and Authentication Services
  • Directory Services
  • LDAP
  • Common Directory Services
  • Remote Access Methods
  • Tunneling
  • VPN
  • Layer Two Tunneling Protocol (L2TP)
  • Point-to-Point Tunneling Protocol (PPTP)
  • CHAP
  • PAP
  • PGP
  • RADIUS
  • TACACS
  • Kerberos
  • The Kerberos Process
Implementing Account Management Security Controls
  • Identity Management
  • Account Management
  • Account Privileges
  • Account Policy
  • Multiple Accounts
  • Multiple User Account Issues
  • Account Management Security Controls
  • Group Policy
Installing a Certificate Authority (CA) Hierarchy
  • Digital Certificates
  • Certificate Authentication
  • Single vs. Dual Sided Certificate Authentication
  • Public Key Infrastructure (PKI)
  • PKI Components
  • CA Hierarchies (Trust Models)
  • The Root CA
  • Public and Private Roots
  • Subordinate CAs
  • Offline Root CAs
  • CA Hierarchy Design Options
  • Backing Up a CA
  • Restoring a CA
Enrolling Certificates
  • The Certificate Enrollment Process
  • The Certificate Life Cycle
  • Certificate Life Cycle Management
Securing Network Traffic by Using Certificates
  • SSL Enrollment Process
  • Renewing Certificates
  • Revoking Certificates
  • The Certificate Revocation List (CRL)
  • Backing Up Certificates and Private Keys
  • Private Key Protection Methods
  • Key Escrow
  • Private Key Restoration Methods
  • Private Key Replacement
Physical Security
  • Physical Security Controls
  • Physical Security Control Types
  • Environmental Exposures
  • Environmental Controls
  • Environmental Monitoring
Legal Compliance
  • Compliance Laws and Regulations
  • Legal Requirements
  • Types of Legal Requirements
  • Due Care
  • Due Diligence
  • Due Process
  • Forensic Requirements
Security Awareness and Training
  • Security Policy Awareness
  • Employee Education
  • User Security Responsibilities
Risk Analysis
  • Risk Management
  • Types of Risk
  • Components of Risk Analysis
  • Phases of Risk Analysis
  • Risk Analysis Methods
  • Risk Calculation
  • Risk Response Strategies
Implementing Risk Mitigation Strategies
  • Risk Control Types
  • Security Incident Management
  • Risk Mitigation Techniques
Implementing Vulnerability Assessment Tools and Techniques
  • Security Assessment Types
  • Security Assessment Techniques
  • Security Assessment Tools
  • Honeypots
Scanning for Vulnerabilities
  • The Hacking Process
  • Ethical Hacking
  • Penetration Testing and Vulnerability Scanning
  • Types of Vulnerability Scans
  • Box Testing Methods
  • Security Utilities
  • Vulnerable Port Ranges
Mitigation and Deterrent Techniques
  • Security Posture
  • Detection vs. Prevention Controls
  • Types of Mitigation and Deterrent Techniques
Responding to Security Incidents
  • Computer Crime
  • First Responders
  • Chain of Custody
  • Incident Response Policies
  • Computer Forensics
  • Order of Volatility
  • Basic Forensic Response Procedures for IT
  • Basic Forensic Process
Recovering from a Security Incident
  • Damage Assessment and Loss Control Guidelines
  • Organizational Security Reporting Structures
  • Security Incident Reporting Options
Business Continuity
  • Business Continuity Plans
  • Business Impact Analysis
  • Continuity of Operations Plan
  • IT Contingency Planning
  • Succession Planning
  • Business Continuity Testing
Planning for Disaster Recovery
  • Disaster Recovery Plans
  • Fault Tolerance
  • Redundancy Measures
  • High Availability
  • Alternate Sites
  • Disaster Recovery Testing
  • Disaster Recovery Evaluation and Maintenance
Executing Disaster Recovery Plans and Procedures
  • The Recovery Team
  • The Salvage Team
  • The Disaster Recovery Process
  • Secure Recovery
  • Backup Types and Recovery Plans
  • Backout Contingency Plans
  • Secure Backups
  • Backup Storage Locations
 

Multiple Training Locations - Convenience and Cost Control

Regularly Scheduled Courses in more than 75 Cities Across North America and the United Kingdom