SEC+ - CompTIA Security+ Certification Training

CompTIA Security+ is an international, vendor-neutral certification that proves competency in system security, network infrastructure, access control and organizational security. Major organizations that employ CompTIA Security+ certified staff include Booz Allen Hamilton, Hewlett-Packard, IBM, Motorola, Symantec, Telstra, Hitachi, Ricoh, Lockheed Martin, Unisys, Hilton Hotels Corp., General Mills, the U.S. Navy, Army, Air Force and Marines.

The CompTIA Security+ certification designates knowledgeable professionals in the field of security, one of the fastest-growing fields in IT. Security threats are increasing in number and severity, and the gap between the need for security professionals and qualified IT personnel is the largest of any IT specialty, according to a recent CompTIA study. Even in a troubled economy, most businesses plan to maintain or increase their investment in security.

The latest version of CompTIA Security+ is CompTIA Security+ 2009.

Number of questions: 100
Length of test: 90 minutes
Passing score: 750 on a scale of 100-900
Recommended experience: CompTIA Network+ certification and two years of technical networking experience, with an emphasis on security.
Exam code: SY0-201

• You can download the CompTIA Security+ Exam 2009 Objectives here

Participants attending this course will cover the CompTIA Security+ exam objectives by learning how to explain common attacks against network assets, the associated threats and vulnerabilities, and what network security personnel do to secure assets. Participants will also learn how to use cryptography to secure information and how to choose an appropriate encryption method for an organisation, implement secure computing baselines in an organisation, secure information in an organisation by using authentication and access control, deploy and manage certificates, secure data transmission by identifying threats to network devices and implementing security for common data transmission, remote access, and wireless network traffic and secure Web servers against common attacks and configure security for Web browsers.

Students will also learn how to protect e-mail messages and instant messaging from common security threats, identify common security threats and vulnerabilities to directory services and DNS, and then apply security methods to protect them, identify network perimeter threats and monitor perimeter security for a network, identify types of security policies to manage operational security, and then use these policies to ensure compliance by users in an organisation, preserve business continuity by implementing a secure disaster recovery strategy, communicating risks to others, and performing secure backup and recovery, and identify, respond to, and assist in the formal investigation of security incidents.

Module 1: Security Fundamentals
• Security Building Blocks
• Authentication Methods
• Cryptography Fundamentals
• Security Policy Fundamentals

Module 2: Security Threats
• Social Engineering
• Software-Based Threats
• Hardware-Based Threats

Module 3: Hardening Internal Systems and Services
• Harden Operating Systems
• Harden Directory Services
• Harden DHCP Servers
• Harden File and Print Servers

Module 4: Hardening Internetwork Devices and Services
• Harden Internetwork Connection Devices
• Harden DNS and BIND Servers
• Harden Web Servers
• Harden File Transfer Protocol (FTP) Servers
• Harden Network News Transfer Protocol (NNTP) Servers
• Harden Email Servers
• Harden Conferencing and Messaging Servers

Module 5: Securing Network Communications
• Protect Network Traffic with IP Security (IPSec)
• Secure Wireless Traffic
• Harden a Web Browser
• Secure the Remote Access Channel

Module 6: Managing Public Key Infrastructure (PKI)
• Install a Certificate Authority (CA) Hierarchy
• Harden a Certificate Authority
• Back Up a CA
• Restore a CA

Module 7: Managing Certificates
• Enroll Certificates
• Secure Network Traffic by Using Certificates
• Renew Certificates
• Revoke Certificates
• Back Up Certificates and Private Keys
• Restore Certificates and Private Keys

Module 8: Enforcing Organisational Security Policies
• Enforce Corporate Security Policy Compliance
• Enforce Legal Compliance
• Enforce Physical Security Compliance
• Educate Users

Module 9: Monitoring the Security Infrastructure
• Scan for Vulnerabilities
• Monitor for Intruders
• Set Up a Honeypot
• Respond to Security Incidents

This course is designed for administrators who are responsible for the day-to-day administration of Microsoft Windows Server 2003/2008. Students should have general knowledge of networking concepts and one or more years of experience managing Windows Server 2003/2008. Other IT professionals may also take this course on the path to becoming a security specialist.

Although not a prerequisite, it is recommended that CompTIA Security+ candidates have at least two years of technical networking experience, with an emphasis on security. The CompTIA Network+ certification is also recommended.