CompTIA's Security+ is the premier vendor-neutral security certification and demonstrates your knowledge of security concepts, tools, and procedures. It confirms your ability to react to security incidents, and it validates your skill in anticipating security risks and guarding against them.

In our Security+ Prep Course, you will learn to:

• Proactively implement sound security protocols to mitigate security risks
• Quickly respond to security issues
• Retroactively identify where security breaches may have occurred
• Design a network, on-site or in the cloud, with security in mind

Our Security+ Prep Course prepares you for the Security+ certification exam based on the 2011 objectives (Exam SYO-301), which is included in the approved list of certifications to meet DoD Directive 8570.1 requirements. Our Security+ courseware has received the CompTIA Approved Quality Content (CAQC) symbol assuring you that all test objectives are covered in the training material.

What You'll Learn

• Control fundamentals and security threats
• Network protocols, attacks, and defenses
• Create secure networks and perform security assessments
• Network and system security mechanisms
• Remote access and wireless security
• Authentication, biometrics, and security controls
• Securing the IT environment
• Cryptography and public key infrastructures
• Securing applications, virtualized environments, and cloud computing
• Business continuity, disaster recovery, security training, and forensics

Who Needs to Attend

Candidates for the Security+ certification (SY0-301)

Prerequisites

CompTIA A+ certification and CompTIA Network+ certification or equivalent experience

Follow-On Courses

• Certified Ethical Hacker v7
• CISSP Prep Course
• CISA Prep Course

Certification Programs and Certificate Tracks

This course is part of the following programs or tracks:

• CompTIA Security+ Certification

Course Outline

1. Control Fundamentals and Security Threats

• Control types
• Authentication
• Authorization
• Access control strategies
• Various types of malware
• Social engineering
• Spam/phishing attacks

2. Network Protocols, Attacks, and Defenses

• TCP/IP protocol suite
• OSI model
• Different protocols that operate within the layers of the models
• Various attacks that protocols and ports can face
• Tools that can be used to detect attacks

3. Creating Secure Networks and Performing Security Assessments

• Using of routers and switches to create a secure environment
• Creating subnets, DMZs, and VLANs used to secure an environment
• Security assessment techniques
• Penetration testing
• Vulnerability scanning tools
• Honeypots

4. Network and System Security Mechanisms

• Different types of firewalls
• NIDS and NIPS
• Proxy servers
• All-in-one security appliances
• Mitigation and deterrent techniques
• Security log analysis
• Methods to secure DHCP and DNS servers

5. Remote Access and Wireless Security

• Different remote access strategies and technologies
  • PPP
  • VPNs
  • PPTP
  • L2TP
  • IPsec
  • RADIUS
  • TACACS
• Wireless security mechanisms
  • WEP
  • WPA
  • CCMP
  • EAP
  • PEAP
  • LEAP
  • MAC filters
  • SSID broadcast
  • Antenna placement

6. Authentication, Biometrics, and Security Controls

• Authentication services and protocols
• Biometric security mechanisms
• Tokens and smart cards
• Using LDAP to create security in an environment
• Risk reduction mechanisms
  • Policies for mandatory vacations
  • Job rotation
  • Separation of duties

7. Securing the IT Environment

• Methods, tools, and applications used to secure the data, mobile devices, and operating systems
• Deploying environmental controls and physical access controls
• Locking mechanisms
  • Application and physical
• Encryption schemes for data on servers and mobile devices
• Environmental and physical controls that can be used to secure an IT environment

8. Cryptography and Public Key Infrastructures (PKIs)

• Cryptography
• Algorithms, ciphers, and tools
• Symmetric and asymmetric algorithms
• Block and stream ciphers
• One-time pads
• Steganography
• Message authentication
• Digital signatures
• PKIs
• Certification authorization and revocation

9. Securing Applications, Virtualized Environments, and Cloud Computing

• Communication standards and protocols used in the web server environment
• Ways to harden web servers and web browsers
• Types of attacks that web servers and web-based applications can face
• Services and challenges
  • Virtualized environments
  • Cloud computing

10. Business Continuity, Disaster Recovery, Security Training, and Forensics

• Business continuity plans
• Risk assessment techniques
• Strategies used when creating a risk management process
• Security training for end users
• Methodologies and tools used when performing computer forensics

Labs

Lab activities are embedded in each lesson.