Security + Certification (ITSY 1076) Syllabus

Transcription

1 Security + Certification (ITSY 1076) Syllabus Course: ITSY 1076 Security+ 40 hours Course Description: This course is targeted toward an Information Technology (IT) professional who has networking and administrative skills in Windows-based TCP/IP networks and familiarity with other operating systems, such as OS X, Unix, or Linux, and who wants to further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security+ Certification examination; or use Security+ as the foundation for advanced security certifications or career roles. (2011 Objectives) Prerequisite: CompTIA A+ and Network+ certifications, or equivalent knowledge, and six to nine months experience in networking Course Objectives: Upon successful completion of this course, students will be able to: identify the fundamental concepts of computer security. identify security threats and vulnerabilities. examine network security. manage application, data and host security. identify access control and account management security measures. manage public key infrastructure (PKI). manage certificates. identify compliance and operational security measures. manage risk. establish key components of the security infrastructure. manage security incidents. develop business continuity and disaster recovery plans. Rationale: A vendor and product neutral course which will earn the student an established industry credential that validates their network and server expertise. Will serve as a jumping off point for higher level certifications. Evaluation: Those who participate in class discussions, complete class labs and miss no more than three class meetings will be awarded 4.0 continuing education units. Ultimate evaluation of the student will be their successfully passing the CompTIA Security + (2011 edition) (SY0-201) examination. Books Required: (Available at ACC Rio Grande book store) ITSY 1076 SecurityPlus Page 1 of 10

2 CompTIA Security+ All-in-One Exam Guide, Fourth Edition (Exam SY0-401) ISBN-13: Mike Meyers CompTIA Security+ Certification Passport, Fourth Edition (Exam SY0-401) (Mike Meyers' Certficiation Passport) ISBN-13: Proposed Schedule Lesson 1: Security Fundamentals Topic 1A: Information Security Cycle What Is Information Security? What to Protect Goals of Security Vulnerabilities Threats Attacks Intrusions Risk Controls Types of Controls Security Management Objectives Topic 1B: Information Security Controls The CIA Triad Non-repudiation Authentication Identification The Five As Access Control Methods Implicit Deny Least Privilege Separation of Duties Job Rotation Mandatory Vacation Time of Day Restrictions Privilege Management Topic 1C: Authentication Methods Authentication Factors User Name/Password Authentication Tokens Trusted OS Biometrics Multi-Factor Authentication Mutual Authentication ITSY 1076 SecurityPlus Page 2 of 10

3 Topic 1D: Cryptography Fundamentals Cryptography Encryption Ciphers Cipher Types Encryption and Security Goals Encryption Algorithms Steganography Keys Hashing Encryption Hashing Encryption Algorithms Symmetric Encryption Symmetric Encryption Algorithms Asymmetric Encryption Asymmetric Encryption Algorithms Digital Signatures Quantum Cryptography Hardware-Based Encryption Devices Topic 1E: Security Policy Fundamentals Security Policies Security Policy Components Security Policy Issues Common Security Policy Types Security Document Categories Change Management Documentation Handling Measures Lesson 2: Security Threats and Vulnerabilities Topic 2A: Social Engineering Social Engineering Attacks Types of Social Engineering Hackers and Attackers Categories of Attackers Topic 2B: Physical Threats and Vulnerabilities Physical Security Physical Security Threats and Vulnerabilities Hardware Attacks Environmental Threats and Vulnerabilities Topic 2C: Network-Based Threats TCP/IP Basics ITSY 1076 SecurityPlus Page 3 of 10

4 Port Scanning Attacks Eavesdropping Attacks Replay Attacks Social Network Attacks Man-in-the-Middle Attacks Denial of Service (DoS) Attacks Distributed Denial of Service (DDoS) Attacks Types of DoS Attacks Session Hijacking P2P Attacks ARP Poisoning DNS Vulnerabilities Topic 2D: Wireless Threats and Vulnerabilities Wireless Security Wireless Threats and Vulnerabilities Topic 2E: Software Based Threats Software Attacks Malicious Code Attacks Types of Malicious Code Attacks Password Attacks Types of Password Attacks Backdoor Attacks Application Attacks Types of Application Attacks Lesson 3: Network Security Topic 3A: Network Devices and Technologies Network Components Network Devices Network Technologies Intrusion Detection Systems (IDSs) NIDS NIPS Types of Network Monitoring Systems Virtual Private Networks (VPNs) VPN Concentrator Web Security Gateways Topic 3B: Network Design Elements and Components NAC VLANs ITSY 1076 SecurityPlus Page 4 of 10

5 Subnetting NAT Remote Access Remote Access Methods Telephony Components Virtualization Cloud Computing Cloud Computing Service Types Topic 3C: Implement Networking Protocols Internet Protocols DNS HTTP SSL Transport Layer Security (TLS) HTTPS SSH SNMP ICMP IPSec File Transfer Protocols Ports MMC Implement Networking Protocols Topic 3D: Apply Network Security Administration Principles Rule-Based Management Network Administration Security Methods Apply Network Security Administration Principles Topic 3E: Secure Wireless Traffic The Protocol Standards The WAP Protocol Wireless Security Protocols Wireless Security Methods Secure Wireless Traffic Lesson 4: Managing Application, Data and Host Security Topic 4A: Establish Device/Host Security Hardening Operating System Security Operating System Security Settings Security Baselines Software Updates Patch Management ITSY 1076 SecurityPlus Page 5 of 10

6 Logging Auditing Anti-Malware Software Types of Anti-Malware Software Virtualization Security Techniques Hardware Security Controls Strong Passwords Establish Device/Host Security Topic 4B: Application Security What is Application Security? Application Security Methods Input Validation Input Validation Vulnerabilities Error and Exception Handling Cross-Site Scripting Cross-Site Request Forgery (XSRF) Cross-Site Attack Prevention Methods Fuzzing Web Browser Security Topic 4C: Data Security What is Data Security? Data Security Vulnerabilities Data Encryption Methods Hardware-Based Encryption Devices Topic 4D: Mobile Security Mobile Device Types Mobile Device Vulnerabilities Mobile Device Security Controls Lesson 5: Access Control, Authentication, and Account Management Topic 5A: Access Control and Authentication Services Directory Services LDAP Common Directory Services Remote Access Methods Tunneling VPN Layer Two Tunneling Protocol (L2TP) Point-to-Point Tunneling Protocol (PPTP) CHAP PAP ITSY 1076 SecurityPlus Page 6 of 10

7 PGP RADIUS TACACS Kerberos The Kerberos Process Topic 5B: Implement Account Management Security Controls Identity Management Account Management Account Privileges Account Policy Multiple Accounts Multiple User Account Issues Account Management Security Controls Group Policy Implement Account Management Security Controls Lesson 6: Managing Public Key Infrastructure (PKI) Topic 6A: Install a Certificate Authority (CA) Hierarchy Digital Certificates Certificate Authentication Single vs. Dual Sided Certificate Authentication Public Key Infrastructure (PKI) PKI Components CA Hierarchies (Trust Models) The Root CA Public and Private Roots Subordinate CAs Offline Root CAs CA Hierarchy Design Options Install a Certificate Authority (CA) Hierarchy Topic 6B: Back Up a CA Back Up a CA Topic 6C: Restore a CA Restore a CA Lesson 7: Managing Certificates Topic 7A: Enroll Certificates The Certificate Enrollment Process The Certificate Life Cycle Certificate Life Cycle Management Enroll Certificates ITSY 1076 SecurityPlus Page 7 of 10

8 Topic 7B: Secure Network Traffic by Using Certificates SSL Enrollment Process Secure Network Traffic by Using Certificates Topic 7C: Renew Certificates Renew Certificates Topic 7D: Revoke Certificates Certificate Revocation The Certificate Revocation List (CRL) Revoke Certificates Topic 7E: Back Up Certificates and Private Keys Private Key Protection Methods Key Escrow Back Up Certificates and Private Keys Topic 7F: Restore Certificates and Private Keys Private Key Restoration Methods Private Key Replacement Restore Certificates and Private Keys Lesson 8: Compliance and Operational Security Topic 8A: Physical Security Physical Security Controls Physical Security Control Types Environmental Exposures Environmental Controls Environmental Monitoring Topic 8B: Legal Compliance Compliance Laws and Regulations Legal Requirements Types of Legal Requirements Due Care Due Diligence Due Process Forensic Requirements Topic 8C: Security Awareness and Training Security Policy Awareness Employee Education User Security Responsibilities ITSY 1076 SecurityPlus Page 8 of 10

9 Lesson 9: Managing Risk Topic 9A: Risk Analysis Risk Management Types of Risk Components of Risk Analysis Phases of Risk Analysis Risk Analysis Methods Risk Calculation Risk Response Strategies Topic 9B: Implement Risk Mitigation Strategies Risk Control Types Security Incident Management Risk Mitigation Techniques Implement Risk Mitigation Strategies Lesson 10: The Security Infrastructure Topic 10A: Implement Vulnerability Assessment Tools and Techniques Security Assessment Types Security Assessment Techniques Security Assessment Tools Honeypots Implement Vulnerability Assessment Tools and Techniques Topic 10B: Scan for Vulnerabilities The Hacking Process Ethical Hacking Penetration Testing and Vulnerability Scanning Types of Vulnerability Scans Box Testing Methods Security Utilities Vulnerable Port Ranges Scan for Vulnerabilities Topic 10C: Mitigation and Deterrent Techniques Security Posture Detection vs. Prevention Controls Types of Mitigation and Deterrent Techniques Lesson 11: Managing Security Incidents Topic 11A: Respond to Security Incidents Computer Crime First Responders ITSY 1076 SecurityPlus Page 9 of 10

10 Chain of Custody Incident Response Policies Computer Forensics Order of Volatility Basic Forensic Response Procedures for IT Basic Forensic Process Respond to Security Incidents Topic 11B: Recover from a Security Incident Damage Assessment and Loss Control Guidelines Organizational Security Reporting Structures Security Incident Reporting Options Recover from a Security Incident Lesson 12: Business Continuity and Disaster Recovery Topic 12A: Business Continuity Business Continuity Plans Business Impact Analysis Continuity of Operations Plan IT Contingency Planning Succession Planning Business Continuity Testing Topic 12B: Plan for Disaster Recovery Disaster Recovery Plans Fault Tolerance Redundancy Measures High Availability Alternate Sites Disaster Recovery Testing Disaster Recovery Evaluation and Maintenance Plan for Disaster Recovery Topic 12C: Execute Disaster Recovery Plans and Procedures The Recovery Team The Salvage Team The Disaster Recovery Process Secure Recovery Backup Types and Recovery Plans Backout Contingency Plans Secure Backups Backup Storage Locations Execute Disaster Recovery Plans and Procedures ITSY 1076 SecurityPlus Page 10 of 10