Security+ Certification (Comptia)      

Code:

 CT22-560

Series:

 IT Technical

Duration:

 5 days
Security overview
Introduction to network security
Understanding security threats
Creating a secure network strategy
Windows 2003 server access control

Authentication
Introduction to authentication
Kerberos
Challenge Handshake Authentication Protocol
Digital certificates
Security tokens
Biometrics

Attacks and malicious code
Denial of service attacks
Man-in-the-middle attacks
Spoofing
Replays
TCP session hijacking
Social engineering
Attacks against encrypted data
Software exploitation

Remote access
Securing remote communications
Authentication
Virtual private networks
Telecommuting vulnerabilities

E-mail
Secure e-mail and encryption
PGP and S/MIME encryption
E-mail vulnerabilities		 Web security
SSL/TLS protocol
Instant messaging
Vulnerabilities of Web tools
Configuring Internet Explorer security

Directory and file transfer services
Introduction to directory services
File transfer services
File sharing

Wireless and instant messaging
IEEE 802.11
WAP 1.x and WAP 2.0
Wired equivalent privacy
Instant messaging

Network devices
Understanding firewalls
Routers
Switches
Telecom, cable modem, and wireless devices
Securing remote access
Intrusion detection systems
Workstations and servers

Transmission and storage media
Transmission media
Storage media

Network security topologies
Security topologies
Network Address Translation
Tunneling
Virtual Local Area Networks		 Intrusion detection
Intrusion detection systems
Network-based and host-based IDS
Active and passive detection
Honeypots
Incident response

Security baselines
OS/NOS hardening
Network hardening
Application hardening

Cryptography
Concepts of cryptography
Public Key Infrastructure (PKI)
Key management and life cycle
Setting up a certificate server

Physical security
Access control
Environment

Disaster recovery and business continuity
Disaster recovery
Business continuity
Policies and procedures
Privilege management

Computer forensics and advanced topics
Understanding computer forensics
Risk identification
Education and training
Auditing
Documentation

Security+ Certification (Comptia) 


After completing this course, students will know how to:

  • Define security terminology, explain the purpose and goals of network security policies, and outline various security threats.
  • Understand the need for authentication and the development of authentication devices including Kerberos, CHAP, digital certificates, tokens, biometrics, mutual authentication, and multi-factor authentication.
  • Identify the major types of attacks and malicious codes that commonly affect the confidentiality, integrity, and availability of networks; and discuss the business impact of security along with the countermeasures and best practices used to prevent or mitigate the effect of attacks and malicious codes.
  • Understand the concepts and practices of remote access, including commonly used authentication protocols (IEEE 802.1X, RADIUS and TACACS+) and tunneling technologies (PPTP, L2TP, IPSec and Secure Shell).
  • Discuss e-mail vulnerabilities and how to safeguard against them, and the benefits of PGP and S/MIME.
  • Discuss Web security including SSL/TLC protocols; HTTPS as it relates to SSL; the most common uses of instant messaging applications; and the variety of mainstream Web tools such as JavaScript, Buffer Overflow, ActiveX, Cookies, Applets and SMTP that are commonly exploited by attackers on the Internet.
  • Explain the benefits offered by centralized enterprise directory services such as LDAP over traditional authentication systems; discuss FTP vulnerabilities and alternatives to using FTP; and describe the threat posed to a network by unmonitored file shares.
  • Identify aspects of security pertaining to wireless and instant messaging; explain WTLS and IEEE 802.11x vulnerabilities, site surveys, naming conventions and packet switching.
  • Discuss the role of all major networking devices, including routers, switches, firewall technology and servers, in establishing a secure network; and explain VPN and RAS technologies.
  • Discuss transmission media and storage media and identify their vulnerabilities.
  • Describe the importance of network topologies to an organization’s security policy; and explain the role of DMZs, NAT, Virtual Local Area Networks, and tunneling in maintaining network security.
  • Define intrusion detection systems and outline some of the major characteristics of intrusion detection products; and discuss the difference between host-based and network-based systems as well as active and passive detection features.
  • Discuss security baselines, including operating system, file system, and network hardening practices.
  • Explain the basic concepts of cryptography, including algorithms, digital signatures and PKI certificates, and the policies and procedures surrounding them.
  • Discuss the issues associated with physical security, including building location, offsite backup storage, offsite facilities, and fire safety.
  • Outline the critical process of disaster recovery planning along with the procedures and policies than an organization should employ to minimize the impact of disasters.
  • Explain computer forensics and the rules of evidence governing the detection and prosecution of network-related damage and crime; and discuss risk identification, education, and documentation.

Prerequisites:


Some familiarity with computer hardware, operating systems, file systems, and networking concepts.