CompTIA Security+ Certification

CompTIA Security+ Certification

Audience

Professionals interested in pursuing CompTIA Security+ certification.

Prerequisites

CompTIA Network+ Certification and two years of experience in IT administration with a security focus.

Duration

5 days. Hands-on.

Course Objectives

IT security is paramount to organizations as cloud computing and mobile devices have changed the way we do business. With the massive amounts of data transmitted and stored on networks throughout the world, it’s essential to have effective security practices in place. That’s where CompTIA Security+ comes in. Get the Security+ certification to show that you have the skills to secure a network and deter hackers and you’re ready for the job.

CompTIA Security+ is the certification globally trusted to validate foundational, vendor-neutral IT security knowledge and skills. As a benchmark for best practices in IT security, this certification covers the essential principles for network security and risk management – making it an important stepping stone of an IT security career.

The CompTIA Security+ exam (SY0-501) will certify the successful candidate has the knowledge and skills required to install and configure systems to secure applications, networks, and devices; perform threat analysis and respond with appropriate mitigation techniques; participate in risk mitigation activities; and operate with an awareness of applicable policies, laws, and regulations. The successful candidate will perform these tasks to support the principles of confidentiality, integrity, and availability.

The primary goal of this course is to help each student pass the exam required to earn the Security+ certification. To do this, your knowledgeable instructor will blend hands-on labs with tailored lectures and practice exams to help you prepare. Our on-site testing centre allows you to take the exam when you're ready.

Course Content

This outline includes all topics relevant to the required exams, however, due to the flexible nature of this bootcamp course, your instructor will customise your training to focus on topics you need to fill the knowledge gap in order for you to successfully pass the exams and earn your certification.

Threats, Attacks and Vulnerabilities

Given a scenario, analyze indicators of compromise and determine the type of malware
Viruses
Crypto-malware
Ransomware
Worm
Trojan
Rootkit
Keylogger
Adware
Spyware
Bots
RAT
Logic bomb
Backdoor

Compare and contrast types of attacks
Social engineering
Application/service attacks
Wireless attacks
Cryptographic attacks

Explain threat actor types and attributes
Types of actors
Attributes of actors
Use of open-source intelligence

Explain penetration testing concepts
Active reconnaissance
Passive reconnaissance
Pivot
Initial exploitation
Persistence
Escalation of privilege
Black box
White box
Gray box
Penetration testing vs. vulnerability scanning

Explain vulnerability scanning concepts
Passively test security controls
Identify vulnerability
Identify lack of security controls
Identify common misconfigurations
Intrusive vs. non-intrusive
Credentialed vs. non-credentialed
False positive

Explain the impact associated with types of vulnerabilities
Race conditions
Vulnerabilities due to end-of-life systems, embedded systems, lack of vendor support
Improper input handling
Improper error handling
Misconfiguration/weak configuration
Default configuration
Resource exhaustion
Untrained users
Improperly configured accounts
Vulnerable business processes
Weak cipher suites and implementations
Memory/buffer vulnerability
System sprawl/undocumented assets
Architecture/design weaknesses
New threats/zero day
Improper certificate and key management

Technologies and Tools

Install and configure network components, both hardware and software-based, to support organizational security
Firewall
VPN concentrator
NIPS/NIDS
Router
Switch
Proxy
Load balancer
Access point
SIEM
DLP
NAC
Mail gateway
Bridge
SSL/TLS accelerators
SSL decryptors
Media gateway
Hardware security module

Given a scenario, use appropriate software tools to assess the security posture of an organization
Protocol analyzer
Network scanners
Wireless scanners/cracker
Password cracker
Vulnerability scanner
Configuration compliance scanner
Exploitation frameworks
Data sanitization tools
Steganography tools
Honeypot
Backup utilities
Banner grabbing
Passive vs. active
Command line tools

Given a scenario, troubleshoot common security issues
Unencrypted credentials/clear text
Logs and events anomalies
Permission issues
Access violations
Certificate issues
Data exfiltration
Misconfigured devices
Weak security configurations
Personnel issues
Unauthorized software
Baseline deviation
License compliance violation (availability/integrity)
Asset management
Authentication issues

Given a scenario, analyze and interpret output from security technologies
HIDS/HIPS
Antivirus
File integrity check
Host-based firewall
Application whitelisting
Removable media control
Advanced malware tools
Patch management tools
UTM
DLP
Data execution prevention
Web application firewall

Given a scenario, deploy mobile devices securely
Connection methods
Mobile device management concepts
Enforcement and monitoring
Deployment models

Given a scenario, implement secure protocols
Protocols
Use cases

Architecture and Design

Explain use cases and purpose for frameworks, best practices and secure configuration guides
Industry-standard frameworks and reference architectures
Benchmarks/secure configuration guides
Defense-in-depth/layered security

Given a scenario, implement secure network architecture concepts
Zones/topologies
Segregation/segmentation/isolation
Tunneling/VPN
Security device/technology placement
SDN

Given a scenario, implement secure systems design
Hardware/firmware security
Operating systems
Peripherals

Explain the importance of secure staging deployment concepts
Sandboxing
Environment
Secure baseline
Integrity measurement

Explain the security implications of embedded systems
SCADA/ICS
Smart devices/IoT
HVAC
SoC
RTOS
Printers/MFDs
Camera systems
Special purpose

Summarize secure application development and deployment concepts
Development life-cycle models
Secure DevOps
Version control and change management
Provisioning and deprovisioning
Secure coding techniques
Code quality and testing
Compiled vs. runtime code

Summarize cloud and virtualization concepts
Hypervisor
VM sprawl avoidance
VM escape protection
Cloud storage
Cloud deployment models
On-premise vs. hosted vs. cloud
VDI/VDE
Cloud access security broker
Security as a Service

Explain how resiliency and automation strategies reduce risk
Automation/scripting
Templates
Master image
Non-persistence
Elasticity
Scalability
Distributive allocation
Redundancy
Fault tolerance
High availability
RAID

Explain the importance of physical security controls
Lighting
Signs
Fencing/gate/cage
Security guards
Alarms
Safe
Secure cabinets/enclosures
Protected distribution/Protected cabling
Airgap
Mantrap
Faraday cage
Lock types
Biometrics
Barricades/bollards
Tokens/cards
Environmental controls
Cable locks
Screen filters
Cameras
Motion detection
Logs
Infrared detection
Key management

Identity and Access Management

Compare and contrast identity and access management concepts
Identification, authentication, authorization and accounting (AAA)
Multifactor authentication
Federation
Single sign-on
Transitive trust

Given a scenario, install and configure identity and access services
LDAP
Kerberos
TACACS+
CHAP
PAP
MSCHAP
RADIUS
SAML
OpenID Connect
OAUTH
Shibboleth
Secure token
NTLM

Given a scenario, implement identity and access management controls
Access control models
Physical access control
Biometric factors
Tokens
Certificate-based authentication
File system security
Database security

Given a scenario, differentiate common account management practices
Account types
General Concepts
Account policy enforcement

Risk Management

Explain the importance of policies, plans and procedures related to organizational security
Standard operating procedure
Agreement types
Personnel management
General security policies

Summarize business impact analysis concepts
RTO/RPO
MTBF
MTTR
Mission-essential functions
Identification of critical systems
Single point of failure
Impact
Privacy impact assessment
Privacy threshold assessment

Explain risk management processes and concepts
Threat assessment
Risk assessment
Change management

Given a scenario, follow incident response procedures
Incident response plan
Incident response process

Summarize basic concepts of forensics
Order of volatility
Chain of custody
Legal hold
Data acquisition
Preservation
Recovery
Strategic intelligence/counterintelligence gathering
Track man-hours

Explain disaster recovery and continuity of operation concepts
Recovery sites
Order of restoration
Backup concepts
Geographic considerations
Continuity of operation planning

Compare and contrast various types of controls
Deterrent
Preventive
Detective
Corrective
Compensating
Technical
Administrative
Physical

Given a scenario, carry out data security and privacy practices
Data destruction and media sanitization
Data sensitivity labeling and handling
Data roles
Data retention
Legal and compliance

Cryptography and PKI

Compare and contrast basic concepts of cryptography
Symmetric algorithms
Modes of operation
Asymmetric algorithms
Hashing
Salt, IV, nonce
Elliptic curve
Weak/deprecated algorithms
Key exchange
Digital signatures
Diffusion
Confusion
Collision
Steganography
Obfuscation
Stream vs. block
Key strength
Session keys
Ephemeral key
Secret algorithm
Data-in-transit
Data-at-rest
Data-in-use
Random/pseudo-random number generation
Key stretching
Implementation vs. algorithm selection
Perfect forward secrecy
Security through obscurity
Common use cases

Explain cryptography algorithms and their basic characteristics
Symmetric algorithms
Cipher modes
Asymmetric algorithms
Hashing algorithms
Key stretching algorithms
Obfuscation

Given a scenario, install and configure wireless security settings
Cryptographic protocols
Authentication protocols
Methods

Given a scenario, implement public key infrastructure
Components
Concepts
Types of certificates
Certificate formats

Virtual Courses

ALL of our courses can be delivered virtually. And our Bath public schedule of courses are now available as live virtual sessions, using the popular Zoom Virtual Classroom and remote labs. Delegates can test their access at: www.zoom.us/test

Public Courses

On-Site Courses

Can't attend one of our public classes? Booking for multiple people?

All our courses are available on your site! Delivered for your staff, at your premises.

Contact us to find out more...