Security+ Outline

CompTIA Security+ Certification (2011 Objectives)

Duration
Instructor-led – 5 Days

Overview
After taking this course, students will understand the field of network security and how it relates to other areas of information technology. This course also provides the broad-based knowledge necessary to prepare for further study in specialized security fields, or it can serve as a capstone course that gives a general introduction to the field.

Who Should Attend
This course is targeted toward an Information Technology (IT) professional who has networking and administrative skills in Windows-based TCP/IP networks and familiarity with other operating systems, such as OS X, Unix, or Linux, and who wants to further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security+ Certification examination; or use Security+ as the foundation for advanced security certifications or career roles.

At Course Completion
Upon successful completion of this course, students will be able to: – identify fundamental concepts of computer security. – identify security threats and vulnerabilities – network security – managing appliation, data, and host security – access control, authentication, and account management – managing certificates – compliance & operational security – risk management – managing security incidents – business continuity and disaster recovery planning

Prerequisite Comments
There are no enforced prerequisites, however the recommended prerequisites are the CompTIA Network+ certification and two years of technical networking experience with an emphasis on security.
After mastering CompTIA’s vendor-neutral approach to Security students may wish to look to a vendor-specific approach to security in a Microsoft of Cisco offering. Additionally students may want to expand their security by knowledge by focusing on security policy and procedures in CISSP. For a more targeted approach to Security there is the CEH offering. In order to obtain the Security+ Certification students must pass the Security+ 2011 Objectives exam code SY0-301.

Course Outline

Lesson 1: Mitigating threats
  • Topic A: Core system maintenance
  • Topic B: Virus and spyware management
  • Topic C: Browser security
  • Topic D: Social engineering threats
Lesson 2: Cryptography
  • Topic A: Symmetric cryptography
  • Topic B: Public key cryptography
Lesson 3: Authentication systems
  • Topic A: Authentication
  • Topic B: Hashing
  • Topic C: Authentication systems
Lesson 4: Messaging security
  • Topic A: E-mail security
  • Topic B: Messaging and peer-to-peer security
Lesson 5: User and role based security
  • Topic A: Security policies
  • Topic B: Securing file and print resources
Lesson 6: Public key infrastructure
  • Topic A: Key management and life cycle
  • Topic B: Setting up a certificate server
  • Topic C: Web server security with PKI
Lesson 7: Access security
  • Topic A: Biometric systems
  • Topic B: Physical access security
  • Topic C: Peripheral and component security
  • Topic D: Storage device security
Lesson 8: Ports and protocols
  • Topic A: TCP/IP review
  • Topic B: Protocol-based attacks
Lesson 9: Network security
  • Topic A: Common network devices
  • Topic B: Secure network topologies
  • Topic C: Browser-related network security
  • Topic D: Virtualization
Lesson 10: Wireless security
  • Topic A: Wi-Fi network security
  • Topic B: Non-PC wireless devices
Lesson 11: Remote access security
  • Topic A: Remote access
  • Topic B: Virtual private networks
Lesson 12: Auditing, logging, and monitoring
  • Topic A: System logging
  • Topic B: Server monitoring
Lesson 13: Vulnerability testing
  • Topic A: Risk and vulnerability assessment
  • Topic B: IDS and IPS
  • Topic C: Forensics
Lesson 14: Organizational security
  • Topic A: Organizational policies
  • Topic B: Education and training
  • Topic C: Disposal and destruction
Lesson 15: Business continuity
  • Topic A: Redundancy planning
  • Topic B: Backups
  • Topic C: Environmental controls