CompTIA Security + Training

CompTIA Security +

SY0-401

Duration: 5 Days

Fees: £1400.00


Who is it for?

Network Administrators and other IT Professionals looking to learn more about Network Security.

Entry requirements

While there are no formal entry requirements, the CompTIA Security+ course is designed for delegates who have at least two years of networking experience and possess a thorough knowledge of TCP/IP.

Experience in implementing technical information security solutions is also highly desirable, and it is recommended that students already hold a CompTIA Network+ certificate.

Upon successful completion of this course, students will learn:

Identify network attack strategies and defenses

Understand the principles of organizational security and the elements of effective security policies

Know the technologies and uses of encryption standards and products

Identify network- and host-based security technologies and practices

Describe how remote access security is enforced

Identify strategies for ensuring business continuity, fault tolerance and disaster recovery

Exam Details
Exam Codes SY0-401

Exam Description CompTIA Security+ certification covers network security, compliance and operation security, threats and vulnerabilities as well as application, data and host security. Also included are access control, identity management, and cryptography.
Number of Questions Maximum of 90 question
Type of Questions Multiple choice and performance-based
Length of Test 90 Minutes
Passing Score 750 (on a scale of 100-900)

 

Training Course Content
This training course will include the following modules:
Module 1 / Security Threats and Controls
Security Controls
Why is Security Important?
Security Policy
Security Controls
Identification
Authentication
Authorization
Basic Authorization Policies
Accounting
Labs
Hyper-V
Threats and Attacks
Vulnerability, Threat, and Risk
Social Engineering
Phishing
Malware
Trojans and Spyware
Preventing Malware
Anti-Virus Software
Removing Malware
Labs
Trojans and Malware Protection
Network Attacks
Network Fundamentals
Sniffers and Protocol Analyzers
ARP Attacks
IP Spoofing and Hijacking
Network Mappers and Port Scanners
Denial of Service Attacks
Labs
Network Vulnerabilities
Assessment Tools and Techniques
Vulnerability Assessments and Pentests
Security Assessment Techniques
Vulnerability Scanners
Honeypots and Honeynets
Labs
Baseline Security Analyzer
Module 2 / Cryptography and Access Control
Cryptography
What is Cryptography?
Uses of Cryptography
Cryptographic Hash Functions
Symmetric Encryption
Asymmetric Encryption
Asymmetric Ciphers
Diffie-Hellman
ECC and Quantum Cryptography
Cryptographic Attacks
Steganography
Labs
Steganography
Public Key Infrastructure
PKI and Certificates
Certificate Authorities
Implementing PKI
Key Management
Creating Keys
Key Recovery Agents
Key Status and Revocation
Cryptographic Standards
PGP / GPG
Labs
Configuring Certificate Services
Password Authentication
LAN Manager / NTLM
Kerberos
PAP and CHAP
Password Protection
Password Attacks
Labs
Password Sniffing
Strong Authentication
Token-based Authentication
Biometric Authentication
Common Access Card
Extensible Authentication Protocol
RADIUS and TACACS+
Federation and Trusts
Authorization and Account Management
Privilege Policies
Directory Services
Lightweight Directory Access Protocol
Windows Active Directory
Creating and Managing User Accounts
Managing Group Accounts
Account Policy Enforcement
User Rights, Permissions, and Access Reviews
Module 3 / Network Security
Secure Network Design
Secure Network Topologies
Demilitarized Zones
Other Security Zones
Network Device Exploitation
Switches and VLANs
Switch Vulnerabilities and Exploits
Routers
Network Address Translation
Security Appliances and Applications
Basic Firewalls
Stateful Firewalls
Proxies and Gateways
Implementing a Firewall or Gateway
Web and Email Security Gateways
Intrusion Detection Systems
IDS Analysis Engines
Monitoring System Logs
Wireless Network Security
Wireless LANs
WEP and WPA
Wi-Fi Authentication
Additional Wi-Fi Security Settings
Wi-Fi Site Security
VPN and Remote Access Security
Remote Access
Virtual Private Networks
IPSec
Remote Access Servers
Remote Administration Tools
Hardening Remote Access Infrastructure
Labs
Configuring a VPN
Network Application Security
Application Layer Security
DHCP Security
DNS Security
SNMP Security
Storage Area Network Security
IPv4 versus IPv6
Telephony
Labs
Attacks Against DHCP and DNS
Module 4 / Host, Data, and Application Security
Host Security
Computer Hardening
Host Security Management Plan
OS Hardening
Patch Management
Network Access Control
Implementing Network Access Control
Labs
Network Access Protection
Data Security
Data Handling
Data Encryption
Data Loss Prevention
Backup Plans and Policies
Backup Execution and Frequency
Restoring Data and Verifying Backups
Data Wiping and Disposal
Labs
Data Leakage Prevention
Web Services Security
HyperText Transport Protocol
SSL / TLS
Web Servers
Load Balancers
File Transfer
Labs
HTTP and HTTPS
Web Application Security
Web Application Technologies
Web Application Databases
Web Application Exploits
Web Application Browser Exploits
Secure Web Application Design
Auditing Web Applications
Web Browser Security
Labs
Web Application Vulnerabilities
Virtualization and Cloud Security
Virtualization Technologies
Virtual Platform Applications
Virtualization Best Practices
Cloud Computing
Risks of Cloud Computing
Module 5 / Operational Security
Site Security
Site Layout and Access
Gateways and Locks
Alarm Systems
Surveillance
Hardware Security
Environmental Controls
Hot and Cold Aisles
RFI / EMI
Fire Prevention and Suppression
Mobile and Embedded Device Security
Static Environments
Mitigating Risk in Static Environments
Mobile Device Security
Mobile Device Management
BYOD Concerns
Mobile Application Security
Bluetooth and NFC
Risk Management
Business Continuity Concepts
Risk Calculation
Risk Mitigation
Integration with Third Parties
Service Level Agreements
Change and Configuration Management
Disaster Recovery
Disaster Recovery Planning
IT Contingency Planning
Clusters and Sites
Incident Response and Forensics
Incident Response Procedures
Preparation
Detection, and Analysis
Containment
Eradication, and Recovery
Forensic Procedures
Collection of Evidence
Handling and Analyzing Evidence
Labs
Computer Forensic Tools
Security Policies and Training
Corporate Security Policy
Operational Policies
Privacy and Employee Policies
Standards and Best Practice
Security Policy Training and User Habits
Labs
Scenario Questions