CompTIA Security+ (Exam SY0-410)



Similar documents
Security + Certification (ITSY 1076) Syllabus

Higher National Unit specification: general information

form approved June/2006 revised Page 1 of 7

CompTIA Network+ (Exam N10-005)

IT Networking and Security

CompTIA Security+ Certification Study Guide. (Exam SYO-301) Glen E. Clarke. Gravu Hill

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

CEH Version8 Course Outline

External Supplier Control Requirements


Eleventh Hour Security+

[CEH]: Ethical Hacking and Countermeasures

ICANWK406A Install, configure and test network security

Section 12 MUST BE COMPLETED BY: 4/22

Networking: EC Council Network Security Administrator NSA

CompTIA Security+ Rapid Review (Exam SY0-301) Michael Gregg

IT Networking and Security

Click to edit Master title style

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

SY0-301-ActualTests. Number: Passing Score: 800 Time Limit: 120 min File Version: 1.0. CompTIA SY CompTIA Security+

EC Council Certified Ethical Hacker V8

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

FBLA Cyber Security aligned with Common Core FBLA: Cyber Security RST RST RST RST WHST WHST

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus

IINS Implementing Cisco Network Security 3.0 (IINS)

Chapter 4 Application, Data and Host Security

Implementing Cisco IOS Network Security

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Table of Contents. Introduction. Audience. At Course Completion

Computer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs

External Supplier Control Requirements

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Jort Kollerie SonicWALL

PRINCE GEORGE'S COMMUNITY COLLEGE OFFICE OF INSTRUCTION MASTER COURSE SYLLABUS

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Chapter 15: Computer and Network Security

Detailed Description about course module wise:

Guideline on Auditing and Log Management

JK0-022 CompTIA Academic/E2C Security+ Certification Exam CompTIA

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Fundamentals of Network Security - Theory and Practice-

BUY ONLINE FROM:

Introduction p. 2. Introduction to Information Security p. 1. Introduction

Fear Not What Security Can Do to Your Firm; Instead, Imagine What Your Firm Can Do When Secured!

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA

Next Gen Firewall and UTM Buyers Guide

Chapter 3 Threats and Vulnerabilities

information security and its Describe what drives the need for information security.

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

Chapter 9 Firewalls and Intrusion Prevention Systems

Network Security Administrator

A Systems Engineering Approach to Developing Cyber Security Professionals

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

INFORMATION SECURITY TRAINING CATALOG (2015)

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

Information Security. Training

Security+ Certification Course

ICANWK602A Plan, configure and test advanced server based security

QuickBooks Online: Security & Infrastructure

Network and Security Controls

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

MALWARE THREATS AND TRENDS. Chris Blow, Director Dustin Hutchison, Director

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

Firewall and UTM Solutions Guide

Intrusion Detection and Threat Vectors Michael Arent EDS-Global Information Security

Securing Cisco Network Devices (SND)

What is Web Security? Motivation

Chapter 1 The Principles of Auditing 1

The IINS acronym to this exam will remain but the title will change slightly, removing IOS from the title, making the new title

Chapter 1 Network Security

Firewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

Understanding Security Testing

Monfort College of Business Semester Course Syllabus ( ) COURSE PREFIX/TITLE: BACS 382 TCP/IP Network Security Sem. Hrs. 3 Ed.

CISCO IOS NETWORK SECURITY (IINS)

CYBERTRON NETWORK SOLUTIONS

ensuring security the way how we do it

PCI DSS Compliance. with the Barracuda NG Firewall. White Paper

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

Information Technology Career Cluster Advanced Cybersecurity Course Number:

Advanced Administration for Citrix NetScaler 9.0 Platinum Edition

MCSA Windows 8 (Exam )

Protecting Your Organisation from Targeted Cyber Intrusion

Cisco Advanced Services for Network Security

Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110

LINUX / INFORMATION SECURITY

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST

Codes of Connection for Devices Connected to Newcastle University ICT Network

PART D NETWORK SERVICES

Transcription:

CompTIA Security+ (Exam SY0-410) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate CompTIA Corporate Short Course Instructor-led (classroom) Security affects all areas of business, not just the IT department. In addition to a loss of income and employee productivity, a security breach can cost your business its reputation. The Techtorium CompTIA Security+ Corporate Short Course aims to provide participants with the foundation-level security skills and knowledge used by organisations and security professionals in New Zealand and around the globe. This Corporate Short Course will prepare participants for the CompTIA Security+ exam, an internationally recognised certification that will certify that the successful candidate has the knowledge and skills required to identify risk, to participate in risk mitigation activities, and to provide infrastructure, application, information, and operational security. In addition, the successful candidate will apply security controls to maintain confidentiality, integrity, and availability, identify appropriate technologies and products, troubleshoot security events and incidents, and operate with an awareness of applicable policies, laws, and regulations. CompTIA Security+ is supported by top technology companies and other organisations for which information security is of primary importance. HP, IBM, Motorola, Symantec, Boeing, and Lockheed Martin are just some of the organisations that have participated in the development of the CompTIA Security+ exam. Audience Profile A minimum of 2 years experience in IT administration with a focus on security Day to day technical information security experience Broad knowledge of security concerns and implementation including the topics in the domain list below This Techtorium Corporate Short Course is designed for the following IT professionals: Security Architects Security Engineers Security Consultants/Specialists Information Assurance Technicians Security Administrators Systems Administrators Network Administrators

Module 1: Network Security Implement security configuration parameters on network devices and other technologies. o Firewalls o Routers o Switches o Load Balancers o Proxies o Web security gateways o VPN concentrators o NIDS and NIPS o Protocol analysers o Spam filter o UTM security appliances o Web application firewall vs. network firewall o Application aware devices Given a scenario, use secure network administration principles. o Rule-based management o Firewall rules o VLAN management o Secure router configuration o Access control lists o Port Security o 802.1x o Flood guards o Loop protection o Implicit deny o Network separation o Log analysis o Unified Threat Management Explain network design elements and components. o DMZ o Subnetting o VLAN o NAT o Remote Access o Telephony o NAC o Virtualisation o Cloud Computing o Telephony Given a scenario, implement common protocols and services. o Protocols o Ports o OSI relevance Given a scenario, troubleshoot security issues related to wireless networking.

Module 2: Compliance and Operational Security Explain the importance of risk related concepts. o Control types o False positives & False negatives o Importance of policies in reducing risk o Quantitative vs. qualitative o Vulnerabilities, threat vectors, threat likelihood o Risk-avoidance, transference, acceptance, mitigation, deterrence o Risks associated with Cloud Computing and Virtualisation Summarise the security implications of integrating systems and data with third parties. o On-boarding/off-boarding business partners o Social media networks and/or applications o Privacy considerations o Risk awareness o Unauthorised data sharing o Data ownership & Data backups o Review agreement requirements to verify compliance and performance standards Given a scenario, implement appropriate risk mitigation strategies. o Change management o Incident management o User rights and permissions reviews Given a scenario, implement basic forensic procedures o Order of volatility o Capture system image & Video o Network traffic and logs o Record time offset o Take hashes, Screenshots & Witnesses o Big Data analysis Summarise common incident response procedures o Incident identification, escalation and notification o Mitigation steps & Reporting o Recovery/reconstitution procedures o First responder & Incident isolation Explain the importance of security related awareness and training o Role-based training o Personally identifiable information o Information classification, Data labelling, handling and disposal o Compliance with laws, best practices and standards o New threats and new security trends/alerts Compare and contrast physical security and environmental controls o Environmental controls o Physical security o Control types Summarise risk management best practices. o Business continuity concepts o Fault tolerance o Disaster recovery concepts Given a scenario, select the appropriate control to meet the goals of security o Confidentiality, Integrity, Availability, Safety

Module 3: Threats and Vulnerabilities Explain types of malware o Adware o Virus o Spyware o Trojan o Rootkits o Backdoors o Logic bomb o Botnets o Ransomware o Polymorphic malware o Armored virus Summarise various types of attacks. o Man-in-the-middle o DDoS & DoS o Smurf attack o DNS poisoning and ARP poisoning o Typo squatting/url hijacking Summarise social engineering attacks and the associated effectiveness with each attack. o Shoulder surfing, Dumpster diving, Tailgating, Impersonation & Hoaxes (+) Explain types of wireless attacks. Explain types of application attacks o Cross-site scripting, o SQL injection, o LDAP injection, o XML injection, o Directory traversal/command injection, o Buffer overflow, o Integer overflow, o Zero-day, o Cookies and attachments, o LSO (Locally Shared Objects), o Flash Cookie, o Malicious add-ons, o Session hijacking, o Header manipulation, o Arbitrary code execution / remote code execution Analyse a scenario and select the appropriate type of mitigation and deterrent techniques. o Monitoring system logs o Hardening o Network security o Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities. Explain the proper use of penetration testing versus vulnerability scanning o Penetration testing o Vulnerability scanning o Black box, white box, grey box

Module 4: Application, Data and Host Security Explain the importance of application security controls and techniques o Fuzzing & Secure coding concepts o Cross-site scripting prevention & Request Forgery (XSRF) prevention o Application configuration baseline (proper settings), hardening & patch management o NoSQL databases vs. SQL databases o Server-side vs. Client-side validation Summarise mobile security concepts and technologies o Device security o Application security o BYOD concerns Given a scenario, select the appropriate solution to establish host security o Operating system security and settings o OS hardening o Anti-malware o Patch management o White listing vs. black listing applications o Trusted OS o Host-based firewalls o Host-based intrusion detection o Hardware security o Host software baselining o Virtualisation Implement the appropriate controls to ensure data security o Cloud storage o SAN o Handling Big Data o Data encryption Compare and contrast alternative methods to mitigate security risks in static environments o Environments and methods

Module 5: Access Control and Identity Management Compare and contrast the function and purpose of authentication services. o RADIUS, TACACS+, Kerberos, LDAP, XTACACS, SAML, Secure LDAP Given a scenario, select the appropriate authentication, authorization or access control. o Identification vs. authentication vs. authorization o Authentication & Authentication factors o Federation o Transitive trust/authentication Install and configure security controls when performing account management, based on best practices o Mitigate issues associated with users with multiple account/roles and/or shared accounts o Account policy enforcement o Group based privileges o User assigned privileges & User access reviews o Continuous monitoring Module 6: Cryptography Given a scenario, utilize general cryptography concepts Given a scenario, use appropriate cryptographic methods Given a scenario, use appropriate PKI, certificate management and associated components

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information