AUCKLAND (09) 378-0411       HAMILTON (07) 838-0700       WELLINGTON (04) 472-4830      CHRISTCHURCH (03) 365-5020      |      
Home Courses CompTIA Security +

Courses


CompTIA Security +

Length: 5 Days    Cost: $3,500 + GST    Version: Security+

= Scheduled class    = Guaranteed to run    = Fully booked
Click on the dates to book online
CentreJulAugSepOct
Auckland--
06
--
15
Hamilton--------
Christchurch
23
--
17
--
Wellington
23
--
17
--

Can't find a class in your area? Contact our sales team and request a class date.


About this Course

This 5-day course will teach you the fundamental principles of installing and configuring cybersecurity controls and participating in incident response and risk mitigation processes. It will prepare you to take the CompTIA Security+ SY0-501 exam by providing 100% coverage of the objectives and content examples listed on the syllabus.



Audience


Security+ is aimed at IT professionals with job roles such as security engineer, security consultant / specialist, information assurance technician, junior auditor / penetration tester, security administrator, systems administrator, and network administrator.

Prerequisites

To get started with this course, you should have successfully completed gtslearning's "CompTIA Network+ Study Guide" course (gtsgo.to/i9osb) and obtained Network+ certification, and / or have around 24 months' experience of networking support or IT administration. It is not necessary that you pass the Network+ exam before completing Security+ certification, but it is recommended. Specifically, it is recommended that you have the following skills and knowledge before starting this course:

  • Know the function and basic features of the components of a PC.
  • Use Windows Server OS to create and manage files and use basic administrative features (Explorer, Control Panel, Server Manager, and Management Consoles).
  • Operate the Linux OS using basic command-line tools.
  • Know basic network terminology and functions (such as OSI Model, Topology, Ethernet, Wi-Fi, switches, routers).
  • Understand TCP/IP addressing, core protocols, and troubleshooting tools.

At Course Completion

On course completion, you will be able to:

  • Identify strategies developed by cyber adversaries to attack networks and hosts and the countermeasures deployed to defend them.
  • Understand the principles of organizational security and the elements of effective security policies.
  • Know the technologies and uses of cryptographic standards and products.
  • Install and configure network- and host-based security technologies.
  • Describe how wireless and remote access security is enforced.
  • Describe the standards and products used to enforce security on web and communications technologies.
  • Identify strategies for ensuring business continuity, fault tolerance, and disaster recovery.
  • Summarize application and coding vulnerabilities and identify development and deployment methods designed to mitigate them.

Course Outline


Module 1 / Threats, Attacks, and Vulnerabilities

Indicators of Compromise

Why is Security Important?

Security Policy

Threat Actor Types

The Kill Chain

Social Engineering

Phishing

Malware Types

Trojans and Spyware

Open Source Intelligence

Labs

VM Orientation

Malware Types

Critical Security Controls

Security Control Types

Defense in Depth

Frameworks and Compliance

Vulnerability Scanning and Pen Tests

Security Assessment Techniques

Pen Testing Concepts

Vulnerability Scanning Concepts

Exploit Frameworks

Lab

Using Vulnerability Assessment Tools

Security Posture Assessment Tools

Topology Discovery

Service Discovery

Packet Capture

Packet Capture Tools

Remote Access Trojans

Honeypots and Honeynets

Labs

Using Network Scanning Tools 1

Using Network Scanning Tools 2

Using Steganography Tools

Incident Response

Incident Response Procedures

Preparation Phase

Identification Phase

Containment Phase

Eradication and Recovery Phases

Module 2 / Identity and Access Management

Cryptography

Uses of Cryptography

Cryptographic Terminology and Ciphers

Cryptographic Products

Hashing Algorithms

Symmetric Algorithms

Asymmetric Algorithms

Diffie-Hellman and Elliptic Curve

Transport Encryption

Cryptographic Attacks

Lab

Implementing Public Key Infrastructure

Public Key Infrastructure

PKI Standards

Digital Certificates

Certificate Authorities

Types of Certificate

Implementing PKI

Storing and Distributing Keys

Key Status and Revocation

PKI Trust Models

PGP / GPG

Lab

Deploying Certificates and Implementing Key Recovery

Identification and Authentication

Access Control Systems

Identification

Authentication

LAN Manager / NTLM

Kerberos

PAP, CHAP, and MS-CHAP

Password Attacks

Token-based Authentication

Biometric Authentication

Common Access Card

Lab

Using Password Cracking Tools

Identity and Access Services

Authorization

Directory Services

RADIUS and TACACS+

Federation and Trusts

Federated Identity Protocols

Account Management

Formal Access Control Models

Account Types

Windows Active Directory

Creating and Managing Accounts

Account Policy Enforcement

Credential Management Policies

Account Restrictions

Accounting and Auditing

Lab

Using Account Management Tools

Module 3 / Architecture and Design (1)

Secure Network Design

Network Zones and Segments

Subnetting

Switching Infrastructure

Switching Attacks and Hardening

Endpoint Security

Network Access Control

Routing Infrastructure

Network Address Translation

Software Defined Networking

Lab

Implementing a Secure Network Design

Firewalls and Load Balancers

Basic Firewalls

Stateful Firewalls

Implementing a Firewall or Gateway

Web Application Firewalls

Proxies and Gateways

Denial of Service Attacks

Load Balancers

Lab

Implementing a Firewall

IDS and SIEM

Intrusion Detection Systems

Configuring IDS

Log Review and SIEM

Data Loss Prevention

Malware and Intrusion Response

Lab

Using an Intrusion Detection System

Secure Wireless Access

Wireless LANs

WEP and WPA

Wi-Fi Authentication

Extensible Authentication Protocol

Additional Wi-Fi Security Settings

Wi-Fi Site Security

Personal Area Networks

Physical Security Controls

Site Layout and Access

Gateways and Locks

Alarm Systems

Surveillance

Hardware Security

Environmental Controls

Module 4 / Architecture and Design (2)

Secure Protocols and Services

DHCP Security

DNS Security

Network Management Protocols

HTTP and Web Servers

SSL / TSL and HTTPS

Web Security Gateways

Email Services

S/MIME

File Transfer

Voice and Video Services

VoIP

Labs

Implementing Secure Network Addressing Services

Configuring a Secure Email Service

Secure Remote Access

Remote Access Architecture

Virtual Private Networks

IPSec

Remote Access Servers

Remote Administration Tools

Hardening Remote Access Infrastructure

Lab

Implementing a Virtual Private Network

Secure Systems Design

Trusted Computing

Hardware / Firmware Security

Peripheral Device Security

Secure Configurations

OS Hardening

Patch Management

Embedded Systems

Security for Embedded Systems

Secure Mobile Device Services

Mobile Device Deployments

Mobile Connection Methods

Mobile Access Control Systems

Enforcement and Monitoring

Secure Virtualization and Cloud Services

Virtualization Technologies

Virtualization Security Best Practices

Cloud Computing

Cloud Security Best Practices

Module 5 / Risk Management

Forensics

Forensic Procedures

Collecting Evidence

Capturing System Images

Handling and Analyzing Evidence

Lab

Using Forensic Tools

Disaster Recovery and Resiliency

Continuity of Operations Plans

Disaster Recovery Planning

Resiliency Strategies

Recovery Sites

Backup Plans and Policies

Resiliency and Automation Strategies

Risk Management

Business Impact Analysis

Identification of Critical Systems

Risk Assessment

Risk Mitigation

Secure Application Development

Application Vulnerabilities

Application Exploits

Web Browser Exploits

Secure Application Design

Secure Coding Concepts

Auditing Applications

Secure DevOps

Lab

Identifying a Man-in-the-Browser Attack

Organizational Security

Corporate Security Policy

Personnel Management Policies

Interoperability Agreements

Data Roles

Data Sensitivity Labeling and Handling

Data Wiping and Disposal

Privacy and Employee Conduct Policies

Security Policy Training


 Print this page