CompTIA's Security+ is the premier vendor-neutral security certification and is included in the approved list of certifications to meet DoD Directive 8570.1 requirements. Our Security+ courseware has received CompTIA Authorized Quality Curriculum (CAQC) approval. The CompTIA CAQC symbol assures you that all test objectives are covered in the training material.
Our Security+ Prep Course is a full-service solution from test preparation to full examination and includes:
CompTIA Press Security+ student manual
Security+ study guide
Security+ certification practice exams
Security+ extra practice test questions
Comprehension exercises, study digest, and quick reference card
Security+ exam voucher
In this course, you will perform over 80 hands-on activities to reinforce Security+ concepts such as managing browser security, encrypting and digitally signing e-mail messages, and installing and configuring vulnerability scanners and intrusion detection systems. You will establish the essential components of a public key infrastructure, including starting a certificate authority, granting and revoking certificates, and configuring a secure web server using SSL. You will configure group policies and access control methods for restricting access to file shares. You will assess computer security using a baseline analyzer, and you will test user security by attempting to crack passwords and scan systems for vulnerable ports.
What You'll Learn
Mitigating threats
Cryptography
Authentication systems
Messaging security
User and role-based security
Public key infrastructure
Access security
Ports and protocols
Network security
Wireless security
Remote access security
Auditing, logging, and monitoring
Vulnerability testing
Organizational security
Business continuity
CompTIA Security+ objectives map
CompTIA Security+ acronyms
Course Outline
1. Mitigating Threats
Core system maintenance
Identifying common security threats
Updating the operating system
Managing software patches
Installing service packs
Determining whether you need to update your computer's BIOS
Configuring Windows Firewall
Virus and spyware management
Installing antivirus software
Scanning your system for spyware
Configuring Windows Mail to prevent spam
Browser security
Managing pop-ups
Managing cookies
Managing scripting, Java, and ActiveX components
Examining input validation, buffer overflows, and XSS
Social engineering threats
Discussing social engineering
Examining phishing
2. Cryptography
Symmetric cryptography
Encrypting and decrypting data
Calculating hashes
Sharing a secret message with steganography
Public key cryptography
Exploring public key cryptography
Examining certificates
Examining certificate trusts
Comparing single- and dual-sided certificates
Mapping algorithms to applications
3. Authentication Systems
Authentication
Identifying the components of authentication
Comparing one-, two-, and three-factor authentication
Capturing passwords with a protocol analyzer
Installing Active Directory Services
Joining a domain
Hashing
Hashing data
Cracking passwords
Authentication systems
Identifying the requirements of a secure authentication system
Examining the components of Kerberos
Examining null sessions
Comparing authentication systems
4. Messaging Security
E-mail security
Identifying the security risks of an e-mail system
Configuring security on an e-mail server
Digitally signing a message
Sending an encrypted message
Messaging and peer-to-peer security
Identifying the security risks of messaging systems
Configuring security on an IM server
Configuring IM client security
5. User and Role-Based Security
Security policies
Creating a console to manage local security policies
Using the GPMC
Implementing domain GPOs
Analyzing a Windows Vista computer's security
Securing file and print resources
Creating users and groups based on security needs
Securing file resources
Securing printer resources
6. Public Key Infrastructure (PKI)
Key management and life cycle
Understanding certificate life cycle and management
Setting up a certificate server
Installing a stand-alone root certificate authority (CA)
Installing an enterprise subordinate CA
Implementing a file-based certificate request
Managing your certificate server
Side trip: Granting the log on locally right
Requesting a user certificate
Revoking a certificate
Enabling the EFS recovery agent template
Enrolling for a recovery agent certificate
Enabling key archival
Re-enrolling all certificates
Web server security with PKI
Requesting and installing a web server certificate
Enabling SSL for the certificate server web site
Making a secure connection
Requesting a client certificate via the web
7. Access Security
Biometric systems
Identifying biometric authentication systems
Installing a fingerprint reader
Physical access security
Identifying the risks associated with physical access to systems
Examining logging and surveillance best practices
Peripheral and component security
Identifying the risks associated with common peripherals
Mitigating security risks of peripherals
Storage device security
Enabling file-based encryption
Enabling whole disk encryption systems (optional)
8. Ports and Protocols
TCP/IP review
Examining protocols in the TCP/IP suite
Comparing IPv4 and IPv6 packets
Protocol-based attacks
Preventing common protocol-based attacks
Assessing your vulnerability to DDoS attacks
Port scanning
Checking ARP cache
Examining spoofing attacks
Examining replay and hijacking attacks
Examining antiquated protocols
9. Network Security
Common network devices
Examining switches and bridges
Examining routers
Examining NAT/PAT devices
Examining firewalls and proxy servers
Identifying inherent weaknesses in network devices
Examining the ways to overcome device threats
Secure network topologies
Comparing firewall-based secure topologies
Identifying the benefits of NAC
Examining the security enabled by VPNs
Browser-related network security
Configuring the Phishing Filter
Setting security zones
Setting privacy options
Virtualization
Exploring the benefits of virtualization technologies
10. Wireless Security
Wi-Fi network security
Identifying wireless networking vulnerabilities
Scanning for insecure access points
Installing third-party router firmware
Configuring basic router security
Enabling transmission encryption
Non-PC wireless devices
Identifying cell phone and PDA-related threats
11. Remote Access Security
Remote access
Examining RADIUS and Diameter authentication
Examining the role of LDAP in a remote access environment
Examining TACACS+ authentication
Examining how 802.1x adds security to your network
Installing Network Policy and Access Services
Configuring an NPS network policy
Configuring NPS accounting
Virtual private networks
Comparing VPN protocols
Installing Routing and Remote Access Services
Enabling a VPN
Configuring NPS to provide RADIUS authentication for your VPN
Making a VPN connection
12. Auditing, Logging, and Monitoring
System logging
Viewing event logs
Discussing device and application logging
Server monitoring
Monitoring with Performance Monitor
Running a Data Collector Set
Viewing a Data Collector Set report
Considering auditing policies and practices
13. Vulnerability Testing
Risk and vulnerability assessment
Analyzing risks
Installing the MBSA
Analyzing your system with the MBSA
Downloading and installing OVAL
Downloading an OVAL XML file
Scanning with OVAL
Downloading and installing Nessus
Scanning with Nessus
IDS and IPS
Discussing IDS characteristics
Installing and monitoring with the Snort IDS
Comparing HIDS and NIDS
Examining the role and use of honeypots
Forensics
Examining the forensics process
14. Organizational Security
Organizational policies
Creating a security policy
Creating a human resources policy
Creating an incidence response and reporting policy
Implementing change management
Education and training
Identifying the need for user education and training
Identifying education opportunities and methods
Disposal and destruction
Deciding whether to destroy or dispose of IT equipment
15. Business Continuity
Redundancy planning
Identifying the need for and appropriate use of redundancy
Creating a disaster recovery plan
Backups
Selecting backup schemes
Backing up data
Restoring data
Identifying appropriate media rotation and storage plans
Environmental controls
Examining environmental controls
Appendix A: CompTIA Security+ Objectives Map
Appendix B: CompTIA Security+ Acronyms
In addition to preparing you for Security+ certification, this course also meets DoD 8570.1 training requirements.
