Overview:

This course is intended for students wishing to prepare for the CompTIA Security+ Certification Exam. The qualification is aimed primarily at networking professionals, but because security is vital to all levels and job roles within an organization, it will also benefit PC support analysts, application developers and senior managers in accounting, sales, product development and marketing.

Duration:  

48 hours

Objectives:

Upon successful completion of this course, students will learn to:

• Identify the fundamental concepts of computer security
• Identify security threats and vulnerabilities
• Manage data, application, and host security
• Implement network security
• Identify and implement access control and account management security measures
• Manage certificates
• Identify and implement compliance and operational security measures
• Manage risk
• Troubleshoot and manage security incidents
• Plan for business continuity and disaster recovery

Prerequisites

None, but CompTIA A+ and Network+ certifications, or equivalent knowledge, and six to nine months experience in networking, including configuring security parameters, are strongly recommended.

Course outlines:

1. Threats, Attacks and Vulnerabilities

• Given a scenario, analyze indicators of compromise and determine the type of malware.
• Compare and contrast types of attacks.
• Explain threat actor types and attributes.
• Explain penetration testing concepts
• Explain vulnerability scanning concepts.
• Explain the impact associated with types of vulnerabilities.

2. Technologies and Tools

• Install and configure network components, both hardware and software-based, to support organizational security
• Given a scenario, use appropriate software tools to assess the security posture of an organization
• Given a scenario, troubleshoot common security issues.
• Given a scenario, analyze and interpret output from security technologies.
• Given a scenario, deploy mobile devices securely
• Given a scenario, implement secure protocols

3. Architecture and Design

• Explain use cases and purpose for frameworks, best practices and secure configuration guides.
• Given a scenario, implement secure network architecture concepts.
• Given a scenario, implement secure systems design.
• Explain the importance of secure staging deployment concepts.
• Explain the security implications of embedded systems.
• Summarize secure application development and deployment concepts.
• Summarize cloud and virtualization concepts
• Explain how resiliency and automation strategies reduce risk.
• Explain the importance of physical security controls.

4. Identity and Access Management

• Compare and contrast identity and access management concepts.
• Given a scenario, install and configure identity and access services.
• Given a scenario, implement identity and access management controls.
• Given a scenario, differentiate common account management practices.

5. Risk Management

• Explain the importance of policies, plans and procedures related to organizational security.
• Summarize business impact analysis concepts.
• Explain risk management processes and concepts.
• Given a scenario, follow incident response procedures.
• Summarize basic concepts of forensics.
• Explain disaster recovery and continuity of operation concepts.
• Compare and contrast various types of controls.
• Given a scenario, carry out data security and privacy practices.

6. Cryptography and PKI

• Compare and contrast basic concepts of cryptography.
• Explain cryptography algorithms and their basic characteristics.
• Given a scenario, install and configure wireless security settings.
• Given a scenario, implement public key infrastructure.