Apresentação

This CompTIA Security+ training course provides the foundational knowledge you need to pass the CompTIA Security+ SY0-501 certification exam, and the skills to ensure compliance and operational security in your organization.

CompTIA Security+ certification is a vendor-neutral certification that is recognized worldwide as a benchmark for information system security best practices. Earning Security+ certification demonstrates your knowledge of industry-wide information assurance topics, like systems security, network infrastructure, access control, assessments and audits, cryptography, and organizational security.

Attend this CompTIA Security+ training in one of three formats – live training or instructor-led.

CAMPANHA

Oferta do exame de certificação, válida até 6 meses após a conclusão da ação de formação.

Destinatários

• Network Administrators
• Cybersecurity Associates
• IT personnel interested in pursuing a career in cybersecurity

Objetivos

• Prepare for and pass the CompTIA Security+ exam
• Confidently explain and define an array of security terminologies
• Navigate the complexity of secure communication protection
• Explore the concepts of network protection with firewalls and IDS
• Investigate privacy and integrity issues

Pré-requisitos

• Recommended that students have taken CompTIA Network+  course and exam, together with 24 months experience of networking support/IT administration
• Know the function and basic features of PC components
• Able to use Windows to create and manage files and use basic administrative features (Explorer, Control Panel and Management Consoles)
• Know basic network terminology and functions (such as OSI Model, toplogy, Ethernet, TCP/IP, switches and touters)
• Understand TCP/IP addressing, core protocols and troubleshooting tools.

Programa

Introduction to the CompTIA Security+ Exam

• The six domains of knowledge
• Expected level of expertise
• Assessing initial readiness

Securing the Network

      Communication security goals

• Evaluating network design and components
• Examining ports, protocols and threats
• Implementing wireless security

Compliance and Operational Security

Risk-related concepts

• Inspecting methods of control
• Conducting risk reduction
• Formulating risk models
• Evaluating risk

Mitigation strategies

• Deterrence, avoidance and transference
• Incident response
• Preparing security awareness training

Business continuity measures

• Assessing environmental controls
• Planning for disaster recovery
• Analyzing continuity of business plans
• Implementing high availability

Access Controls

Infrastructure principles

• Assessing MAC, DAC and RBAC
• Comparing logical and physical access controls

Strengthening the infrastructure

• Utilizing 802.1x and RADIUS
• Implementing multifactor authentication
• Kerberos and CHAP

Threats and Vulnerabilities

Identifying vulnerabilities and threats

• Isolating botnets, viruses and worms
• Preventing man-in-the-middle attacks
• Stopping social engineering ploys
• Zero day attacks
• Spamming, phishing and vishing

Application attacks

• Detecting buffer overflows
• Rejecting injection attacks
• Preventing cookie misuse
• Halting Cross-Site Scripting (XSS)

Application, Data and Host Security

Security assessment tools

• Fuzzers
• Patch management
• Securing mobile devices and BYOD

Host security tools and techniques

• Anti-malware
• Data Loss Prevention
• Physical Security

Fundamentals of Cryptography

Assuring privacy with encryption

• The CIA model and beyond
• Cryptographic standards and protocols
• Deploying symmetric encryption
• Implementing Public Key cryptography

Establishing cryptographic security

• Creating digital signatures
• Exploring the role of certificate authorities
• Managing keys and the CRL
• Analyzing X.509 certificates

Final Review

Preparing for the examination

• Getting ready for the exam
• Handling out-of-date questions
• Utilizing additional study guides

Assessing readiness

• Final review and assessment
• Taking a complete practice exam