LearnKey Training

Security+ 2011 Course

Security+ 2011 Course

Back to Product Page


Security+ 2011 Course

7 Sessions -
19 Hours of Interactive Training
Develop your understanding of network administration by gaining a certifiable knowledge of Security+ by CompTIA. Learn how to secure and manage all facets of your network from CPU cycles to software used by individuals or across a network. Security+ is the next level to attain certification for every IT network administrator. This course will prepare you to pass the CompTIA Security+® certification exam SY0-301.

Benefits
  • Implement and maintain an effective security strategy within your company's network infrastructure
  • Our courses meet or exceed all CompTIA® certification objectives for exam SY0-301
  • Learn the knowledge of systems security, network infrastructure, access control, assessments, and audits
About The Author
Tom Carpenter has delivered training programs to more than 27,000 professionals since 1997. He has written, developed, and delivered courses on: Windows NT, 2000, XP, and Server 2003. With experience as a Fortune 1000 system administrator and security officer, Carpenter brings a wealth of real-world experience and knowledge to his courses. Tom is Microsoft certified and is one of the founding managers of the Certified Technology Services Professional certification.

Session 1

Section A: Introduction

  • Importance of Security Knowledge
  • Security+ Exam Overview
  • Knowledge Domains
  • Exam Prerequisites
  • Taking the Exam
  • Exam Preparation Tips

Section B: Security Principles

  • CIA Defined
  • AAA
  • Least Privilege
  • Defense-in-Depth
  • Threats and Risks
  • Types of Attacks

Section C: Risk Analysis

  • Vulnerabilities
  • Threats
  • Risks
  • Assessment Techniques
  • Risk Analysis Example

Section D: Risk Mitigation

  • Risk Mitigation Process
  • Qualitative vs. Quantitative Risk
  • ALE
  • Qualitative Matrix
  • Risk Responses
  • Risk Mitigation Strategies

Section E: Incident Response

  • Incident Response Policy
  • IRP Contents
  • Detection
  • Containment
  • Eradication and Recovery
  • Follow-Up

Section F: Security Policies

  • Common Security Policies
  • Acceptable Use and Due Care
  • Privacy
  • Separation of Duties and Need to Know
  • Password Management and SLA
  • Disposal and Destruction
  • Additional Policy Considerations

Section G: Security Awareness Training

  • Education
  • Communication
  • User Awareness
  • Types of Training
  • Minimum Training Needs
  • Threat Awareness

Session 2

Section A: Business Continuity

  • Threats to Continuity
  • Business Impact Analysis
  • Operations Continuity
  • Removing Single Points of Failure
  • IT Contingency Planning
  • Continuity Documentation and Services
  • Succession Planning

Section B: Network Infrastructure Devices

  • Ethernet Switches/Ports
  • Speeds/PoE Switches
  • Management Methods
  • Routers/Tables
  • How Routing Works/Static Routing
  • Dynamic Routing
  • Secure Configuration

Section C: Network Services

  • Connection Points
  • Load Balancers
  • Resolving Computer Names
  • Configuring DNS Zones
  • Creating a DNS Host

Section D: Network Design

  • Subnetting/Network Perimeters
  • DMZ
  • VLANs
  • VLAN Example/Tagging
  • VLAN Trunk Example
  • Network Access Control
  • Introduction to VoIP Telephony

Section E: TCP/IP

  • TCP/IP Architecture
  • IPv4 Addressing
  • Address Classes/Types
  • Reserved Addresses
  • Subnetting
  • IPv6
  • IPv6 Addressing
  • Transmission Methods

Section F: Network Protocols and Ports

  • HTTP
  • HTTPS Connections
  • FTP/SFTP/FTPS
  • IPSec
  • Secure Shell
  • SCP
  • ICMP
  • Port Numbers
  • Protocol Port Numbers

Session 3

Section A: Understanding Firewalls

  • Network Firewalls
  • Firewalls Defined
  • Packet Filtering Firewalls
  • Stateful Inspection Firewalls
  • Proxy and Dynamic Firewalls
  • Personal Firewalls
  • Web Security Gateways
  • Rules-Based Management

Section B: Additional Network Components

  • Spam
  • Protocol Analyzers
  • Wireshark
  • Using Wireshark
  • Wireshark Reports

Section C: Understanding Wireless

  • Original 802.11
  • 802.11b and 802.11a
  • 802.11g
  • 802.11n
  • 802.11i and 802.11e
  • Wireless LAN Topologies
  • Wireless LAN Routers and Bridges
  • Wireless Repeaters and Controllers

Section D: Application Security

  • Web Applications
  • Web App Implementations
  • Application Tiers
  • SharePoint Farms
  • Internet Information Services
  • Application Pools

Section E: Data and Database Servers

  • Data Storage Methods
  • Share and Storage Management
  • File Server Resource Manager
  • Database Servers
  • What is SQL?
  • SQL Versions
  • SELECT Statements/SELECT in Apps

Section F: Understanding Authentication

  • Authentication Defined
  • Credential Types
  • Weak Authentication Methods
  • Strong Authentication Methods
  • Passwords and Authentication
  • Other Authentication Credentials
  • Single Sign-On
  • Access Control
  • Authentication Policies

Section G: Authentication Services

  • RADIUS Servers
  • User/Active Directories
  • RADIUS Server Selection
  • TACACS and TACACS+

Session 4

Section A: Cryptography 101

  • Cryptography
  • Simple Encryption
  • Cryptography Concepts
  • Cryptography Uses
  • Encryption Types
  • Symmetric Encryption
  • Asymmetric Encryption
  • ECC/Quantum Cryptography
  • Steganography

Section B: Cryptographic Tools and Products

  • Symmetric Ciphers
  • Asymmetric Ciphers
  • Hashing Algorithms
  • Authentication/Encryption
  • Algorithm Strengths
  • Encryption Options
  • Whole Disk Encryption
  • BitLocker Requirements
  • BitLocker Recovery

Section C: Public Key Infrastructure

  • PKI
  • Management
  • Setup/Initialization
  • Administration
  • Key Management
  • Administrative Responsibilities
  • Microsoft Certificate Services
  • Key Escrow/Recovery
  • Key Recovery Agent
  • Securing Web Servers
  • Commercial Certificates
  • HTTPS Connections

Section D: Authentication Attacks

  • Password Attacks
  • Weak Authentication
  • Capturing Authentication Packets
  • Cryptography Attacks

Section E: Wired Network Attacks

  • DoS Attacks
  • Three-Way Handshake
  • Smurf Attack
  • Ping of Death
  • Xmas Attacks
  • DDoS Attacks
  • DDoS Protection
  • Man-in-the-Middle
  • Address Spoofing
  • ARP Poisoning
  • Spoofing Attacks
  • TCP/IP Hijacking

Section F: Wireless Network Attacks

  • Wi-Fi Threats
  • Attack Methods
  • Mobile Device Attacks
  • Weak Wireless Security
  • Wireless Security Solutions
  • Enterprise Wireless Security

Session 5

Section A: Application Attacks

  • Buffer Overflows
  • Cross-Site Scripting
  • Injection Attacks
  • Web Server Exploits
  • OWASP: WebGoat

Section B: Database Vulnerabilities

  • DBMS Vulnerabilities
  • DBMS Security
  • SQL Injection
  • Permission Management
  • Service Hardening

Section C: Server Attacks

  • Transitive Access
  • Privilege Escalation/Client Side

Section D: Malware

  • Viruses/Worms
  • Virus Types
  • Virus Indications
  • Virus Phases
  • Trojans/Common Trojans
  • Additional Malware
  • Anti-Malware

Section E: Social Engineering

  • Social Engineering Tactics
  • Example Attacks
  • Dumpster Diving/Shoulder Surfing
  • Eavesdropping/Inside Attacks
  • Phishing Attacks
  • Identity Theft/URL Obfuscation
  • Message Tricks
  • Countermeasures

Section F: Additional Attacks

  • Spam and Spim
  • End User Anti-Spam
  • Malicious Insider Attacks
  • Scanning
  • Scanning Types
  • Scanning Methodology
  • Owning the Box
  • Rootkit Limitations
  • Backdoors

Session 6

Section A: Detecting Attacks

  • Control Types
  • Using Logs
  • Configure Audit Logs
  • Using Event Viewer
  • Viewing Security Events
  • Enable an Alert

Section B: Automated Detection

  • Intrusion Monitoring/Detection
  • IDS Intrusion Detection
  • Intrusion Prevention/IDS States
  • Intrusion Indications
  • IPS Models/Responses
  • WIPS
  • WIPS Device Detection
  • Physical IDS

Section C: Physical Security

  • Locks/Lock Picking Tools
  • Authentication and Security Personnel
  • Video Monitoring
  • Fasteners
  • Portable Security
  • Premises Access Control
  • Biometric Devices
  • Building Security
  • Man-Trap

Section D: Environmental Controls

  • Fire Suppression
  • Extinguisher Ratings/Contents
  • Fire Safety Guidelines
  • HVAC/Shielding
  • Monitoring Systems
  • NOC Controls/Hot and Cold Aisles

Section E: Secure Administration

  • Security Posture
  • User Rights Baseline
  • Password Policy/Permissions Baseline
  • Group Membership and Services Baseline
  • Application Rights Baseline

Section F: Server Hardening

  • Service Management
  • Management Interfaces and Applications
  • Password Protection
  • Disabling Unneeded Accounts

Session 7

Section A: Port Security

  • Port Security Defined
  • Port Security Violation Modes
  • Port-Based Authentication
  • 802.1X Components
  • Typical 802.1X Deployment
  • Looping in Switched Networks
  • Spanning Tree Protocol
  • Preventing Bridging

Section B: Vulnerability Scanning

  • Vulnerability Scanning Defined
  • Scanning Tools
  • Penetration Testing
  • Microsoft Baseline Security Analyzer
  • Analyzing Results
  • Using a Port Scanner

Section C: Application Security and Hardening

  • Application Security Methods
  • Preventing XSS
  • Mobile Device Protection

Section D: Update and Patch Management

  • Windows Update
  • Configuring Microsoft Update
  • Installing WSUS

Section E: Virtualization

  • Virtual Machines
  • Citrix XenServer
  • Virtualization Solutions
  • Virtualization Methods
  • Virtualization Risks
  • Creating a VM
  • Configuring a VM
  • Accessing the VM BIOS
  • Cloud Computing

Section F: Disaster Recovery

  • Disaster Recovery Plan
  • Redundancy and Availability
  • RAID 0
  • RAID 1
  • RAID 3
  • RAID 5
  • Combination RAID Sets
  • RAID Planning
  • Software vs. Hardware RAID
  • Backup Tools
  • Backup Types
  • Backup Media
  • Backup Storage
  • Backup Sites
  • Disaster Recovery Metrics