* All percentages are approximate and are subject to change.



Similar documents
COURSE DETAILS. Introduction to Ethical Hacking. FootPrinting. What is Hacking. Who is a Hacker. Skills of a Hacker.

Session 9 : Information Security and Risk

CSC 421 COURSE COMPACT

CNS-205: Citrix NetScaler 11 Essentials and Networking

Citrix XenApp 6.5 Basic Administration

Microsoft Certified Database Administrator (MCDBA)

Securely Managing Cryptographic Keys used within a Cloud Environment

CXA Citrix XenApp 6.5 Basic Administration

Configuring, Managing and Maintaining Windows Server 2008 Servers MOC-6419

Serv-U Distributed Architecture Guide

HIPAA HITECH ACT Compliance, Review and Training Services

CNS-205 Citrix NetScaler 10.5 Essentials and Networking

Enterprise Security Management CIS 259

Security + Certification (ITSY 1076) Syllabus

ABELMed Platform Setup Conventions

Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013

CXA-204-1I Basic Administration for Citrix XenApp 6

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy

Cloud Services Frequently Asked Questions FAQ

Oracle Cloud Enterprise Hosting and Delivery Policies

OCR LEVEL 2 CAMBRIDGE TECHNICAL

GUIDANCE FOR BUSINESS ASSOCIATES

State of Wisconsin Division of Enterprise Technology (DET) Distributed Database Hosting Service Offering Definition (SOD)

Implementing CiscoWorks LMS

Systems and Principles Unit Syllabus

An Overview of Honeywell s Secure Remote Access to Process Control Systems

Datasheet. PV4E Management Software Features

PROTIVITI FLASH REPORT

Fundamentals of Network Security - Theory and Practice-

Restricted Document. Pulsant Technical Specification

MCSE Private Cloud Master Dos certificaciones en una, consigue el nivel experto en Cloud con el MCSA Windows Server + Pivate Cloud!

Help Desk Level Competencies

Server 2008 R2 - Generic - Case

How To Manage An Infrmatin Security Gvernance Prgram

Eleventh Hour Security+

ITIL V3 Planning, Protection and Optimization (PPO) Certification Program - 5 Days

CXA-300-1I: Advanced Administration for Citrix XenApp 5.0 for Windows Server 2008

City of Dublin Education & Training Board. Programme Module for. Network Security. leading to. Level 6 QQI. Network Security 6N0720

Endpoint Protection Solution Test Plan

Configuring SSL and TLS Decryption in ngeniusone

Serv-U Distributed Architecture Guide

Installation Guide Marshal Reporting Console

NERC-CIP Cyber Security Standards Compliance Documentation

RUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer

Cisco IT Essentials v4.1. Course Overview. Total Hours: 240

ITIL Service Offerings & Agreement (SOA) Certification Program - 5 Days

Installation Guide Marshal Reporting Console

ROSS RepliWeb Operations Suite for SharePoint. SSL User Guide

Christchurch Polytechnic Institute of Technology Access Control Security Standard

HP ExpertOne. HP2-T21: Administering HP Server Solutions. Table of Contents

Avatier Identity Management Suite

CSUSB Containment Guidelines CSUSB, Information Security Office

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

CASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT

Ensuring end-to-end protection of video integrity

Personal Data Security Breach Management Policy

Systems Support - Extended

JADU DATA PLATFORM SERVICE DEFINITION

ITIL Release Control & Validation (RCV) Certification Program - 5 Days

Basics of Supply Chain Management

ISO Management Systems. Guidance on understanding the benefits of an ISO Management System

The following chart provides the breakdown of exam as to the weight of each section of the exam.

Junos Pulse Instructions for Windows and Mac OS X

Chapter 7 Business Continuity and Risk Management

HOWTO: How to configure SSL VPN tunnel gateway (office) to gateway

Transcription:

CmpTIA Security+ Examinatin Objectives Versin 1.0 Intrductin The skills and knwledge measured by the CmpTIA Security+ examinatin were derived and validated thugh input frm a cmmittee and ver 1,000 subject matter experts representative f industry. A jb task analysis (JTA), glbal survey, beta examinatin and beta results review were each milestnes in the develpment prcess. The results f these milestnes were used in weighing the dmains and ensuring that the weighting assigned t each dmain is representative f the relative imprtance f the cntent. The CmpTIA Security+ certificatin is an internatinally recgnized validatin f the technical knwledge required f fundatin-level security practitiners. A CmpTIA Security+ certified individual has successfully prven hlding a fundatin-level f skill and knwledge in General Security Cncepts, Cmmunicatin Security, Infrastructure Security, Basics f Cryptgraphy and Operatinal / Organizatinal Security. Candidates are recmmended t have tw years experience in a netwrking rle with preexisting knwledge f TCP/IP, experience in a security related rle, CmpTIA Netwrk+ r equivalent certificatin, and adequate training and self-study materials. All candidates are encuraged t review the CmpTIA Security+ bjectives thrughly prir t attempting the exam. This examinatin includes blueprint weighting, test bjectives and example cntent. Example cncepts are included t clarify the test bjectives and shuld nt be cnstrued as a cmprehensive listing f the cntent f the examinatin. The table belw lists the dmains measured by this examinatin and the extent t which they are represented in the examinatin. CmpTIA Security+ (2007 Editin) exams are based n these bjectives. CmpTIA Security+ Certificatin Dmains % f Exam* 1.0 General Security Cncepts 30% 2.0 Cmmunicatin Security 20% 3.0 Infrastructure Security 20% 4.0 Basics f Cryptgraphy 15% 5.0 Operatinal / Organizatinal Security 15% * All percentages are apprximate and are subject t change. CmpTIA is cnstantly reviewing the cntent f ur exams and updating test questins t be sure ur exams are current and the security f the questins is prtected. When necessary, we will publish updated exams based n existing exam bjectives. Please knw that all related exam preparatin materials will still be valid. 1

CmpTIA Security+ Examinatin Objectives Versin 1.0 Dmain 1.0 General Security Cncepts (30%) 1.1 Recgnize and be able t differentiate and explain the fllwing access cntrl mdels MAC (Mandatry Access Cntrl) DAC (Discretinary Access Cntrl) RBAC (Rle Based Access Cntrl) 1.2 Recgnize and be able t differentiate and explain the fllwing methds f authenticatin Kerbers CHAP (Challenge Handshake Authenticatin Prtcl) Certificates Username / Passwrd Tkens Multi-factr Mutual Bimetrics 1.3 Identify nn-essential services and prtcls and knw what actins t take t reduce the risks f thse services and prtcls 1.4 Recgnize the fllwing attacks and specify the apprpriate actins t take t mitigate vulnerability and risk DOS / DDOS (Denial f Service / Distributed Denial f Service) Back Dr Spfing Man in the Middle Replay TCP/IP Hijacking Weak Keys Mathematical Scial Engineering Birthday Passwrd Guessing Brute Frce Dictinary Sftware Explitatin 1.5 Recgnize the fllwing types f malicius cde and specify the apprpriate actins t take t mitigate vulnerability and risk Viruses Trjan Hrses Lgic Bmbs Wrms 1.6 Understand the cncept f and knw hw t reduce the risks f scial engineering 1.7 Understand the cncept and significance f auditing, lgging and system scanning 2

CmpTIA Security+ Examinatin Objectives Versin 1.0 Dmain 2.0 Cmmunicatin Security - 20% 2.1 Recgnize and understand the administratin f the fllwing types f remte access technlgies 802.1x VPN (Virtual Private Netwrk) RADIUS (Remte Authenticatin Dial-In User Service) TACACS (Terminal Access Cntrller Access Cntrl System) L2TP / PPTP (Layer Tw Tunneling Prtcl / Pint t Pint Tunneling Prtcl) SSH (Secure Shell) IPSEC (Internet Prtcl Security) Vulnerabilities 2.2 Recgnize and understand the administratin f the fllwing email security cncepts S/MIME (Secure Multipurpse Internet Mail Extensins) PGP (Pretty Gd Privacy) like technlgies Vulnerabilities SPAM Haxes 2.3 Recgnize and understand the administratin f the fllwing Internet security cncepts SSL / TLS (Secure Sckets Layer / Transprt Layer Security) HTTP/S (Hypertext Transfer Prtcl / Hypertext Transfer Prtcl ver Secure Sckets Layer) Instant Messaging Vulnerabilities Packet Sniffing Privacy Vulnerabilities Java Script ActiveX Buffer Overflws Ckies Signed Applets CGI (Cmmn Gateway Interface) SMTP (Simple Mail Transfer Prtcl) Relay 2.4 Recgnize and understand the administratin f the fllwing directry security cncepts SSL / TLS (Secure Sckets Layer / Transprt Layer Security) LDAP (Lightweight Directry Access Prtcl) 2.5 Recgnize and understand the administratin f the fllwing file transfer prtcls and cncepts S/FTP (File Transfer Prtcl) Blind FTP (File Transfer Prtcl) / Annymus File Sharing Vulnerabilities Packet Sniffing 8.3 Naming Cnventins 2.6 Recgnize and understand the administratin f the fllwing wireless technlgies and cncepts WTLS (Wireless Transprt Layer Security) 802.11 and 802.11x WEP / WAP (Wired Equivalent Privacy / Wireless Applicatin Prtcl) 3

CmpTIA Security+ Examinatin Objectives Versin 1.0 Vulnerabilities Site Surveys Dmain 3.0 Infrastructure Security 20% 3.1 Understand security cncerns and cncepts f the fllwing types f devices Firewalls Ruters Switches Wireless Mdems RAS (Remte Access Server) Telecm / PBX (Private Branch Exchange) VPN (Virtual Private Netwrk) IDS (Intrusin Detectin System) Netwrk Mnitring / Diagnstics Wrkstatins Servers Mbile Devices 3.2 Understand the security cncerns fr the fllwing types f media Caxial Cable UTP / STP (Unshielded Twisted Pair / Shielded Twisted Pair) Fiber Optic Cable Remvable Media Tape CD-R (Recrdable Cmpact Disks) Hard Drives Diskettes Flashcards Smartcards 3.3 Understand the cncepts behind the fllwing kinds f Security Tplgies Security Znes DMZ (Demilitarized Zne) Intranet Extranet VLANs (Virtual Lcal Area Netwrk) NAT (Netwrk Address Translatin) Tunneling 3.4 Differentiate the fllwing types f intrusin detectin, be able t explain the cncepts f each type, and understand the implementatin and cnfiguratin f each kind f intrusin detectin system Netwrk Based Active Detectin Passive Detectin Hst Based Active Detectin Passive Detectin Hney Pts Incident Respnse 3.5 Understand the fllwing cncepts f Security Baselines, be able t explain what a Security Baseline is, and understand the implementatin and cnfiguratin f each kind f intrusin detectin system OS / NOS (Operating System / Netwrk Operating System) Hardening File System 4

CmpTIA Security+ Examinatin Objectives Versin 1.0 Updates (Htfixes, Service Packs, Patches) Netwrk Hardening Updates (Firmware) Cnfiguratin Enabling and Disabling Services and Prtcls Access Cntrl Lists Applicatin Hardening Updates (Htfixes, Service Packs, Patches) Web Servers E-mail Servers FTP (File Transfer Prtcl) Servers DNS (Dmain Name Service) Servers NNTP (Netwrk News Transfer Prtcl) Servers File / Print Servers DHCP (Dynamic Hst Cnfiguratin Prtcl) Servers Data Repsitries Directry Services Databases 5

CmpTIA Security+ Examinatin Objectives Versin 1.0 Dmain 4.0 Basics f Cryptgraphy 15% 4.1 Be able t identify and explain each f the fllwing different kinds f cryptgraphic algrithms Hashing Symmetric Asymmetric 4.2 Understand hw cryptgraphy addresses the fllwing security cncepts Cnfidentiality Integrity Digital Signatures Authenticatin Nn-Repudiatin Digital Signatures Access Cntrl 4.3 Understand and be able t explain the fllwing cncepts f PKI (Public Key Infrastructure) Certificates Certificate Plicies Certificate Practice Statements Revcatin Trust Mdels 4.4 Identify and be able t differentiate different cryptgraphic standards and prtcls 4.5 Understand and be able t explain the fllwing cncepts f Key Management and Certificate Lifecycles Centralized vs. Decentralized Strage Hardware vs. Sftware Private Key Prtectin Escrw Expiratin Revcatin Status Checking Suspensin Status Checking Recvery M-f-N Cntrl (Of M apprpriate individuals, N must be present t authrize recvery) Renewal Destructin Key Usage Multiple Key Pairs (Single, Dual) 6

CmpTIA Security+ Examinatin Objectives Versin 1.0 Dmain 5.0 Operatinal / Organizatinal Security 15% 5.1 Understand the applicatin f the fllwing cncepts f physical security Access Cntrl Physical Barriers Bimetrics Scial Engineering Envirnment Wireless Cells Lcatin Shielding Fire Suppressin 5.2 Understand the security implicatins f the fllwing tpics f disaster recvery Backups Off Site Strage Secure Recvery Alternate Sites Disaster Recvery Plan 5.3 Understand the security implicatins f the fllwing tpics f business cntinuity Utilities High Availability / Fault Tlerance Backups 5.4 Understand the cncepts and uses f the fllwing types f plicies and prcedures Security Plicy Acceptable Use Due Care Privacy Separatin f Duties Need t Knw Passwrd Management SLAs (Service Level Agreements) Dispsal / Destructin HR (Human Resurces) Plicy Terminatin (Adding and revking passwrds and privileges, etc.) Hiring (Adding and revking passwrds and privileges, etc.) Cde f Ethics Incident Respnse Plicy 5.5 Explain the fllwing cncepts f privilege management User / Grup / Rle Management Single Sign-n Centralized vs. Decentralized Auditing (Privilege, Usage, Escalatin) MAC / DAC / RBAC (Mandatry Access Cntrl / Discretinary Access Cntrl / Rle Based Access Cntrl) 5.6 Understand the cncepts f the fllwing tpics f frensics Chain f Custdy 7

CmpTIA Security+ Examinatin Objectives Versin 1.0 Preservatin f Evidence Cllectin f Evidence 5.7 Understand and be able t explain the fllwing cncepts f risk identificatin Asset Identificatin Risk Assessment Threat Identificatin Vulnerabilities 5.8 Understand the security relevance f the educatin and training f end users, executives and human resurces Cmmunicatin User Awareness Educatin On-line Resurces 5.9 Understand and explain the fllwing dcumentatin cncepts Standards and Guidelines Systems Architecture Change Dcumentatin Lgs and Inventries Classificatin Ntificatin Retentin / Strage Destructin 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information