A Student opting for CompTIA Security Plus Examination course will have to qualify the minimal passing marks to attain the certificate. It is mandatory to possess knowledge and requisite skillset for installation and commissioning and configuring systems in order to safely secure applications, the working network and connected devices. They must be able to perform threat analysis and their response time with appropriate mitigation techniques, take part in risk mitigation activities and successfully function, control and drive awareness –keeping in mind all applicable SOP, governing laws and regulation.This course is aimed to assist participants prepare well for their SUO-501 examination (ref release in October 2017)
Target Audience:IT professionals with job roles such as security architect, security engineer, security consultant/specialist, information assurance technician, security administrator, systems administrator, and network administrator.
Prerequisites:Ideally, you should have successfully completed the 'CompTIA Network+ Support Skills' course and have around 24 months' experience of networking support or IT administration. It is not necessary that you pass the Network+ exam before completing Security+ certification, but it is recommended.
Ideally, it is suggested that you have the following skills and knowledge before starting this course:
»Know the function and basic features of the components of a PC.
»Use Windows Server to create and manage files and use basic administrative features (Explorer, Control Panel, Server Manager, and Management Consoles).
»Operate the Linux OS using basic command-line tools.
»Know basic network terminology and functions (such as OSI Model, Topology, and Ethernet, WI-Fi, switches, and routers).
»Understand TCP/IP addressing, core protocols, and troubleshooting tool.
Course Outline: Module 1 / Threats, Attacks, and Vulnerabilities1) Indicators of Compromise :
Why is Security Important?
Security Policy
Threat Actor Types
The Kill Chain
Social Engineering
Phishing
Malware Types
Trojans and Spyware
Open Source Intelligence
Labs:
VM Orientation
Malware Types
2) Critical Security Controls :
Security Control Types
Defense in Depth
Frameworks and Compliance
Vulnerability Assessments and Pen tests
Security Assessment Techniques
Pen Testing Concepts
Vulnerability Scanning Concepts
Exploit Frameworks
Labs:
Using Vulnerability Assessment Tools
3) Security Posture Assessment Tools :
Topology Discovery
Service Discovery
Packet Capture & Packet Capture Tools
Remote Access Trojans
Honeypots and Honey nets
Labs:
Using Network Scanning Tools 1
Using Network Scanning Tools 2
Using Steganography Tools
4) Incident Response :
Incident Response Procedures
Preparation Phase
Identification Phase
Containment Phase
Eradication and Recovery Phases
Module 2 / Identity and Access Management1) Cryptography :
Uses of Cryptography
Cryptographic Terminology and Ciphers
Cryptographic Products
Hashing Algorithms
Symmetric Algorithms
Asymmetric Algorithms
Diffie-Hellman and Elliptic Curve
Transport Encryption
Cryptographic Attacks
Labs:
Implementing Public Key Infrastructure
2) Public Key Infrastructure :
PKI Standards
Digital Certificates
Certificate Authorities
Types of Certificate
Implementing PKI
Storing and Distributing Keys
Key Status and Revocation
PKI Trust Models
PGP / GPG
Labs:
Deploying Certificates and Implementing Key Recovery
3) Identification and Authentication :
Access Control Systems
Identification
Authentication
LAN Manager / NTL
Kerberos
PAP, CHAP, and MS-CHAP
Password Attacks
Token-based Authentication
Biometric Authentication
Common Access Card
Labs:
Using Password Cracking Tools
4) Identity and Access Services :
Authorization
Directory Services
RADIUS and TACACS+
Federation and Trusts
Federated Identity Protocols
5) Account Management :
Formal Access Control Models
Account Types
Windows Active Directory
Creating and Managing Accounts
Account Policy Enforcement
Credential Management Policies
Account Restrictions
Accounting and Auditing
Labs:
Using Account Management Tools
Module 3 / Architecture and Design (1)1) Secure Network Design :
Network Zones and Segments
Sub netting
Switching Infrastructure
Switching Attacks and Hardening
Endpoint Security
Network Access Control
Routing Infrastructure
Network Address Translation
Software Defined Networking
Labs:
Implementing a Secure Network Design
2) Firewalls and Load Balancers :
Basic Firewalls
Stateful Firewalls
Implementing a Firewall or Gateway
Web Application Firewalls
Proxies and Gateways
Denial of Service Attacks
Load Balancers
Labs:
Implementing a Firewall
3) IDS and SIEM :
Intrusion Detection Systems
Configuring IDS
Log Review and SIEM
Data Loss Prevention
Malware and Intrusion Response
Labs:
Using an Intrusion Detection System
4) Secure Wireless Access :
Wireless LANs
WEP and WPA
Wi-Fi Authentication
Extensible Authentication Protocol
Additional Wi-Fi Security Settings
Wi-Fi Site Security
Personal Area Networks
5) Physical Security Controls :
Site Layout and Access
Gateways and Locks
Alarm Systems
Surveillance
Hardware Security
Environmental Controls
Module 4 / Architecture and Design (2)1) Secure Protocols and Services :
DHCP Security
DNS Security
Network Management Protocols
HTTP and Web Servers
SSL / TSL and HTTPS
Web Security Gateways
Email Services
S/MIME
File Transfer
Voice and Video Services (VoIP and VTC)
Labs:
Implementing Secure Network Addressing Services
Configuring a Secure Email Service
2) Secure Remote Access :
Remote Access Architecture
Virtual Private Networks
IPSec
Remote Access Servers
Remote Administration Tools
Hardening Remote Access Infrastructure
Embedded Systems
Security for Embedded Systems
Labs:
Implementing a Virtual Private Network
3) Secure Systems Design :
Trusted Computing
Hardware / Firmware Security
Peripheral Device Security
Secure Configurations
OS Hardening
Patch Management
Embedded Systems
Security for Embedded Systems
4) Secure Mobile Device Services :
Mobile Device Deployments
Mobile Connection Methods
Mobile Access Control Systems
Enforcement and Monitoring
5) Secure Virtualization and Cloud Services :
Virtualization Technologies
Virtualization Security Best Practices
Cloud Computing
Cloud Security Best Practices
Module 5 / Risk Management:1) Forensic :
Forensic Procedures
Collecting Evidence
Capturing System Images
Handling and Analyzing Evidence
Labs:
Using Forensic Tools
2) Disaster Recovery and Resiliency :
Continuity of Operations Plans
Disaster Recovery Planning
Resiliency Strategies
Recovery Sites
Backup Plans and Policies
Resiliency and Automation Strategies
3) Risk Management :
Business Impact Analysis
Identification of Critical Systems
Risk Assessment
Risk Mitigation
4) Secure Application Development :
Application Vulnerabilities
Application Exploits
Web Browser Exploits
Secure Application Design
Secure Coding Concepts
Auditing Applications
Secure DevOps
Labs:
Identifying a Man-in-the-Browser Attack
5) Organizational Security :
Corporate Security Policy
Personnel Management Policies
Interoperability Agreements
Data Roles
Data Sensitivity Labeling and Handling
Data Wiping and Disposal
Privacy and Employee Conduct Policies
Security Policy Training
Delivery method: Classroom / Attend from Anywhere