Cyber-Minds HOME

CompTia Security+

BACK

Security+

The CompTia Security+ certification designates knowledgeable professionals in the field of security, one of the fastest-growing fields in IT. 

On this page:

• E-Learning CompTIA Security+® - 2008 Objectives (Comprehensive)  

• Book CompTia Security+ Certification - 2008 Edition

Security threats are increasing in number and severity, and the gap between the need for security professionals and qualified IT personnel is the largest of any IT specialty, according to a 2008 CompTia study. Even in a troubled economy, most businesses plan to maintain or increase their investment in security.

CompTia Security+ is an international, vendor-neutral certification that proves competency in system security, network infrastructure, access control and organizational security. Major organizations that employ CompTia Security+ certified staff include Booz Allen Hamilton, Hewlett-Packard, IBM, Motorola, Symantec, Telstra, Hitachi, Ricoh, Lockheed Martin, Unisys, Hilton Hotels Corp., General Mills, the U.S. Navy, Army, Air Force and Marines.

Although not a prerequisite, it is recommended that CompTia Security+ candidates have at least two years of technical networking experience, with an emphasis on security. The CompTia Network+ certification is also recommended.

Title: CompTIA Security+® (2008 Objectives)

(Comprehensive)

E-Learning + Books

Estimated Time of Completion: 24 hours

Description:
CompTia Security+® (2008 Objectives) is the primary course you will need to take if your job responsibilities include securing network services, network devices, and network traffic. This course can benefit you in two ways. If you intend to pass the CompTia Security+ (2008 Edition) Certification examination (exam number SY0-201), then this is the main course you will take to prepare for the examination. But certification is not the only key to professional success in the field of computing security. Today's job market demands individuals with demonstrable skills, and the information and activities in this course can help you build your computer security skill set so that you can confidently perform your duties in any security-related professional role. This course will build on your knowledge and professional experience with computer hardware, operating systems, and networks as you acquire the specific skills required to implement basic security services on any type of computer network. This course is targeted toward an Information Technology (IT) professional who has networking and administrative skills in Windows-based TCP/IP networks and familiarity with other operating systems, such as OS X, Unix, or Linux, and who wants to further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTia Security+ Certification examination; or use Security+ as the foundation for advanced security certifications or career roles.

Objectives:

• In this course, you will implement and monitor security on networks, applications, and operating systems, and respond to security breaches.

PLUS

CompTia Security+ Certification - 2008 Edition

Book

AXO84–006

Days: 5 (30 hours)

Prerequisites: CompTIA A+ Certification and CompTIA Network+ Certification or equivalent experience

Topic–Level Outline

Unit 1: Mitigating Threats

Topic A: Core System Maintenance

A–1: Identifying common security threats

A–2: Updating the operating system

A–3: Managing software patches

A–4: Installing service packs

A–5: Determining whether you need to update your computer’s BIOS

A–6: Configuring Windows Firewall

Topic B: Virus and Spyware Management

B–1: Installing antivirus software

B–2: Scanning your system for spyware

B–3: Configuring Windows Mail to prevent spam

Topic C: Browser Security

C–1: Managing pop–ups

C–2: Managing cookies

C–3: Managing scripting, Java, and ActiveX components

C–4: Examining input validation, buffer overflows, and XSS

Topic D: Social Engineering Threats

D–1: Discussing social engineering

D–2: Examining phishing

Unit 2: Cryptography

Topic A: Symmetric Cryptography

A–1: Encrypting and decrypting data

A–2: Calculating hashes

A–3: Sharing a secret message with steganography

Topic B: Public Key Cryptography

B–1: Exploring public key cryptography

B–2: Examining certificates

B–3: Examining certificate trusts

B–4: Comparing single– and dual–sided certificates

B–5: Mapping algorithms to applications

Unit 3: Authentication Systems

Topic A: Authentication

A–1: Identifying the components of authentication

A–2: Comparing one, two, and three–factor authentication

A–3: Capturing passwords with a protocol analyzer

A–4: Installing Active Directory Services

A–5: Joining a domain

Topic B: Hashing

B–1: Hashing data

B–2: Cracking passwords

Topic C: Authentication Systems

C–1: Identifying the requirements of a secure authentication system

C–2: Examining the components of Kerberos

C–3: Examining null sessions

C–4: Comparing authentication systems

Unit 4: Messaging Security

Topic A: E–mail Security

A–1: Identifying the security risks of an e–mail system

A–2: Configuring security on an e–mail server

A–3: Digitally signing a message

A–4: Sending an encrypted message

Topic B: Messaging and Peer–to–Peer Security

B–1: Identifying the security risks of messaging systems

B–2: Configuring security on an IM server

B–3: Configuring IM client security

Unit 5: User and Role Based Security

Topic A: Security Policies

A–1: Creating a console to manage local security policies

A–2: Using the GPMC

A–3: Implementing domain GPOs

A–4: Analyzing a Windows Vista computer’s security

Topic B: Securing File and Print Resources

B–1: Creating users and groups based on security needs

B–2: Securing file resources

B–3: Securing printer resources

Unit 6: Public Key Infrastructure

Topic A: Key Management and Life Cycle

A–1: Understanding certificate life cycle and management

Topic B: Setting Up a Certificate Server

B–1: Installing a standalone root certificate authority

B–2: Installing an enterprise subordinate CA

B–3: Implementing a file–based certificate request

B–4: Managing your certificate server

B–5: granting the log on locally right

B–6: Requesting a user certificate

B–7: Revoking a certificate

B–8: Enabling the EFS recovery agent template

B–9: Enrolling for a recovery agent certificate

B–10: Enabling key archival

B–11: Re–enrolling all certificates

Topic C: Web Server Security with PKI

C–1: Requesting and installing a Web server certificate

C–2: Enabling SSL for the certificate server Web site

C–3: Making a secure connection

C–4: Requesting a client certificate via the Web

Unit 7: Access Security

Topic A: Biometric Systems

A–1: Identifying biometric authentication systems

A–2: Installing a fingerprint reader

Topic B: Physical Access Security

B–1: Identifying the risks associated with physical access to systems

B–2: Examining logging and surveillance best practices

Topic C: Peripheral and Component Security

C–1: Identifying the risks associated with common peripherals

C–2: Mitigating security risks of peripherals

Topic D: Storage Device Security

D–1: Enabling file–based encryption

D–2: Enabling whole disk encryption systems (optional)

Unit 8: Ports and Protocols

Topic A: TCP/IP Review

A–1: Examining protocols in the TCP/IP suite

A–2: Comparing IPv4 and IPv6 packets

Topic B: Protocol–based Attacks

B–1: Preventing common protocol–based attacks

B–2: Assessing your vulnerability to DDoS attacks

B–3: Port scanning

B–4: Checking the ARP cache

B–5: Examining spoofing attacks

B–6: Examining replay and hijacking attacks

B–7: Examining antiquated protocols

Unit 9: Network Security

Topic A: Common Network Devices

A–1: Examining switches and bridges

A–2: Examining routers

A–3: Examining NAT/PAT devices

A–4: Examining firewalls and proxy servers

A–5: Identifying inherent weaknesses in network devices

A–6: Examining the ways to overcome device threats

Topic B: Secure Network Topologies

B–1: Comparing firewall–based secure topologies

B–2: Identifying the benefits of NAC

B–3: Identifying the security enabled by VPNs

Topic C: Browser–related Network Security

C–1: Configuring the Phishing Filter

C–2: Setting security zones

C–3: Setting privacy options

Topic D: Virtualization

D–1: Exploring the benefits of virtualization technologies

Unit 10: Wireless Security

Topic A: Wi–Fi Network Security

A–1: Identifying wireless networking vulnerabilities

A–2: Scanning for insecure access points

A–3: Installing third–party router firmware (instructor demonstration)

A–4: Configuring basic router security (instructor only)

A–5: Enabling transmission encryption (instructor only)

Topic B: Non–PC Wireless Devices

B–1: Identifying cell phone and PDA related threats

Unit 11: Remote Access Security

Topic A: Remote Access

A–1: Examining RADIUS and Diameter authentication

A–2: Examining the role of LDAP in a remote access environment

A–3: Examining TACACS+ authentication

A–4: Examining how 802.1x adds security to your network

A–5: Installing Network Policy and Access Services

A–6: Configuring an NPS network policy

A–7: Configuring NPS accounting

Topic B: Virtual Private Networks

B–1: Comparing VPN protocols

B–2: Installing Routing and Remote Access Services

B–3: Enabling a VPN

B–4: Configuring NPS to provide RADIUS authentication for your VPN

B–5: Making a VPN connection

Unit 12: Auditing, Logging, and Monitoring

Topic A: System Logging

A–1: Viewing event logs

A–2: Discussing device and application logging

Topic B: Server Monitoring

B–1: Monitoring with Performance Monitor

B–2: Running a Data Collector Set

B–3: Viewing a Data Collector Set report

B–4: Considering auditing policies and practices

Unit 13: Vulnerability Testing

Topic A: Risk and Vulnerability Assessment

A–1: Analyzing risks

A–2: Installing the MBSA

A–3: Analyzing your system with the MBSA

A–4: Downloading and installing OVAL

A–5: Downloading an OVAL XML file

A–6: Scanning with OVAL

A–7: Downloading and installing Nessus

A–8: Scanning with Nessus

Topic B: IDS and IPS

B–1: Discussing IDS characteristics

B–2: Installing and monitoring with the Snort IDS

B–3: Comparing HIDS and NIDS

B–4: Examining the role and use of honeypots

Topic C: Forensics

C–1: Examining the forensics process

Unit 14: Organizational Security

Topic A: Organizational Policies

A–1: Creating a security policy

A–2: Creating a human resources policy

A–3: Creating an incident response and reporting policy

A–4: Implementing change management

Topic B: Education and Training

B–1: Identifying the need for user education and training

B–2: Identifying education opportunities and methods

Topic C: Disposal and Destruction

C–1: Deciding whether to destroy or dispose of IT equipment

Unit 15: Business Continuity

Topic A: Redundancy Planning

A–1: Identifying the need for and appropriate use of redundancy

A–2: Creating a disaster recovery plan

Topic B: Backups

B–1: Selecting backup schemes

B–2: Backing up data

B–3: Restoring data

B–4: Identifying appropriate media rotation and storage plans

Topic C: Environmental Controls

C–1: Examining environmental controls

Appendix A: Certification Exam Objectives Map

Topic A: Comprehensive exam objectives

Appendix B: CompTIA Security+ 2008 Acronyms

Topic A: Acronym list

UNDER CONSTRUCTION

please contact us at info@cyber-minds.com for more details in the meantime.

Learning Topics:

Programming

Web Development

IT Certification Training

Business Certifications

Business Soft skills

Project Management

Full Career Tracks

Copyright 2010 Cyber-Minds (PTY) Ltd. Cape Town, South Africa