Target Audience
CompTIA Security+ is aimed at IT professionals with job roles such as security architect, security engineer, security consultant/specialist, information assurance technician, security administrator, systems administrator and network administrator.
Course Prerequisites
Students should meet the following criteria prior to taking the course:
- Recommended that students have taken CompTIA Network+ certification course and exam, together with 24 months experience of networking support/IT administration
- Know the function and basic features of PC components
- Able to use Windows to create and manage files and use basic administrative features (Explorer, Control Panel and Management Consoles)
- Know basic network terminology and functions (such as OSI Model, toplogy, Ethernet, TCP/IP, switches and touters)
-
Understand TCP/IP addressing, core protocols and troubleshooting tools
Module 1 – Security Threats and Controls
- Security Controls:
Why is Security Important? • Security Policy • Security Controls • Identification • Authentication • Authorization • Basic Authorization Policies • Accounting - Threats and Attacks:
Vulnerability, Threat, and Risk • Social Engineering • Phishing • Malware • Trojans and Spyware • Preventing Malware • Anti-Virus Software • Removing Malware - Network Attacks:
Network Fundamentals • Sniffers and Protocol Analyzers • ARP Attacks • IP Spoofing and Hijacking • Network Mappers and Port Scanners • Denial of Service Attacks - Assessment Tools and Techniques:
Vulnerability Assessments and Pentests • Security Assessment Techniques • Vulnerability Scanners • Honeypots and Honeynets
Module 2 – Cryptography and Access Control
- Cryptography:
Uses of Cryptography • Cryptographic Terminology and Ciphers • Encryption Technologies • Cryptographic Hash Functions • Symmetric Encryption • Asymmetric Encryption • Diffie-Hellman • ECC and Quantum Cryptography • Transport Encryption • Cryptographic Attacks • Steganography • Labs • Steganography - Public Key Infrastructure:
PKI and Certificates • Certificate Authorities • Implementing PKI • Creating Keys • Key Recovery Agents • Key Status and Revocation • PKI Trust Models • Cryptographic Standards • PGP / GPG • Labs • Configuring Certificate Services - Password Authentication:
LAN Manager / NTLM • Kerberos • PAP and CHAP • Password Protection • Password Attacks - Strong Authentication:
Token-based Authentication • Biometric Authentication • Common Access Card • Extensible Authentication Protocol • RADIUS and TACACS+ • Federation and Trusts - Authorization and Account Management:
Privilege Policies • Directory Services • Lightweight Directory Access Protocol • Windows Active Directory • Creating and Managing User Accounts • Managing Group Accounts • Account Policy Enforcement • User Rights, Permissions, and Access Reviews
Module 3 – Network Security
- Secure Network Design:
Secure Network Topologies • Demilitarized Zones • Other Security Zones • Network Device Exploitation • Switches and VLANs • Switch Vulnerabilities and Exploits • Routers • Network Address Translation • Security Appliances and Applications • Basic Firewalls • Stateful Firewalls • Proxies and Gateways • Implementing a Firewall or Gateway • Web and Email Security Gateways • Intrusion Detection Systems • IDS Analysis Engines • Monitoring System Logs - Wireless Network Security:
Wireless LANs • WEP and WPA • Wi-Fi Authentication • Additional Wi-Fi Security Settings • Wi-Fi Site Security - VPN and Remote Access Security:
Remote Access • Virtual Private Networks • IPSec • Remote Access Servers • Remote Administration Tools • Hardening Remote Access Infrastructure - Network Application Security:
Application Layer Security • DHCP Security • DNS Security • SNMP Security • Storage Area Network Security • IPv4 versus IPv6 • Telephony
Module 4 – Host, Data, and Application Security
- Host Security:
Computer Hardening • Host Security Management Plan • OS Hardening • Patch Management • Endpoint Security • Network Access Control • Labs • Network Access Protection - Data Security:
Data Handling • Data Encryption • Data Loss Prevention • Backup Plans and Policies • Backup Execution and Frequency • Restoring Data and Verifying Backups • Data Wiping and Disposal - Web Services Security:
HyperText Transport Protocol • SSL / TLS • Web Servers • Load Balancers • File Transfer • Web Application Security • Web Application Technologies • Web Application Databases • Web Application Exploits • Web Application Browser Exploits • Secure Web Application Design • Auditing Web Applications • Web Browser Security - Virtualization and Cloud Security:
Virtualization Technologies • Virtual Platform Applications • Virtualization Best Practices • Cloud Computing • Risks of Cloud Computing
Module 5 – Operational Security
- Site Security:
Site Layout and Access • Gateways and Locks • Alarm Systems • Surveillance • Hardware Security • Environmental Controls • Hot and Cold Aisles • RFI / EMI • Fire Prevention and Suppression - Mobile and Embedded Device Security:
Static Environments • Mitigating Risk in Static Environments • Mobile Device Security • Mobile Device Management • BYOD Concerns • Mobile Application Security • Bluetooth and NFC - Risk Management:
Business Continuity Concepts • Risk Calculation • Risk Mitigation • Integration with Third Parties • Service Level Agreements • Change and Configuration Management - Disaster Recover:
Disaster Recovery Planning • IT Contingency Planning • Clusters and Sites - Incident Response and Forensics:
Incident Response Procedures • Preparation • Detection, and Analysis • Containment • Eradication, and Recovery • Forensic Procedures • Collection of Evidence • Handling and Analyzing Evidence -
Security Policies and Training:
Corporate Security Policy • Operational Policies • Privacy and Employee Policies • Standards and Best Practice • Security Policy Training and User Habits
Auditoriniai mokymai
Pradžios data | Trukmė, d. | Kurso pavadinimas | Kaina, € | Statusas |
2022-10-24 | 5 | Kompiuterinių tinklų pagrindai pagal CompTIA Network+ | 1300 | |
2022-09-12 | 5 | CompTIA Security + | 1300 | |
2022-10-03 | 5 | CompTIA A+ | 1300 | |
2022-10-31 | 5 | CompTIA Server+ | 1300 | |
Užklausti | 5 | CompTIA A+ Certification 220-1001 Support Skills (nuotolinė klasė - ENG) | ||
Užklausti | 5 | CompTIA A+ Certification 220-1002 Support Skills (nuotolinė klasė - ENG) | ||
Užklausti | 5 | CompTia Network+ Certfication Support Skills (nuotolinė klasė - ENG) |