Alabama Computer Solutions Certification Training Boot Camp MCSE MCSD MCDBA Cisco CIW Linux Oracle Java Security Military Discounts Testimonials About Us Linux/Unix Certification MCSD Certification Home MCSE Certification MCDBA Certification Cisco Certification Security Certification Java Certification Oracle® Certification CIW Certification Jobs Boot Camp Financing Boot Camp Pricing Boot Camp Technical Schedule Contact Us


CompTIA Security+

Course Length: 6 days
Certifications: Security+
Number of Exams: 1

Class Schedule
11/12/18 - 11/17/18

Info/Enroll

12/17/18 - 12/21/18

Info/Enroll

01/14/19 - 01/19/19

Info/Enroll

02/04/19 - 02/09/19

Info/Enroll

02/25/19 - 03/02/19

Info/Enroll

03/18/19 - 03/23/19

Info/Enroll

04/08/19 - 04/13/19

Info/Enroll

CompTIA Security+ (Exam SY0-501) is the certification globally trusted to validate foundational, vendor-neutral IT security knowledge and skills. As a benchmark for best practices in IT security, this certification covers the essential principles for network security and risk management - making it an important stepping stone of an IT security career.

IT security is paramount to organizations as cloud computing and mobile devices have changed the way we do business. With the massive amounts of data transmitted and stored on networks throughout the world, it's essential to have effective security practices in place. That's where CompTIA Security+ comes in. Get the Security+ certification to show that you have the skills to secure a network and deter hackers and you're ready for the job.

Security+ is government approved

CompTIA Security+ meets the ISO 17024 standard and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. Once you obtain your Security+ you automatically have the CE designation required in the DoD Directive 8570.01 manual and going forward must comply with the CE program requirement of completing 50 CEUs in three years to maintain the credential. Security+ is also compliant with government regulations under Federal Information Security Management Act (FISMA).

Security+ is globally recognized

CompTIA Security+ is a globally recognized credential with certified professionals working in over 147 countries throughout the world.

Security+ provides substantial earnings potential

According to the Bureau of Labor Statistics, Security Specialists, Administrators and Managers earn over $86,000 per year.

Target Student

The CompTIA Security+ certification is aimed at an IT security professional who has:

  • A minimum of two years' experience in IT administration with a focus on security
  • Day-to-day technical information security experience
  • Broad knowledge of security concerns and implementation, including the topics in the domain list

Course Content

1.0 Threats, Attacks and Vulnerabilities
1.1 Given a scenario, analyze indicators of compromise and determine the type of malware.
  • Viruses
  • Crypto-malware
  • Ransomware
  • Worm
  • Trojan
  • Rootkit
  • Keylogger
  • Adware
  • Spyware
  • Bots
  • RAT
  • Logic bomb
  • Backdoor
1.2 Compare and contrast types of attacks
  • Social engineering
  • Application/service attacks
  • Wireless attacks
  • Cryptographic attacks
1.3 Explain threat actor types and attributes.
  • Types of actors
  • Attributes of actors
  • Use of open-source intelligence
  • 1.4 Explain penetration testing concepts.
  • Active reconnaissance
  • Passive reconnaissance
  • Pivot
  • Initial exploitation
  • Persistence
  • Escalation of privilege
  • Black box
  • White box
  • Gray box
  • Penetration testing vs. vulnerability scanning
1.5 Explain vulnerability scanning concepts.
  • Passively test security controls
  • Identify vulnerability
  • Identify lack of security controls
  • Identify common misconfigurations
  • Intrusive vs. non-intrusive
  • Credentialed vs. non-credentialed
  • False positive
1.6 Explain the impact associated with types of vulnerabilities.
  • Race conditions
  • Vulnerabilities
  • Improper input handling
  • Improper error handling
  • Misconfiguration/weak configuration
  • Default configuration
  • Resource exhaustion
  • Untrained users
  • Improperly configured accounts
  • Vulnerable business processes
  • Weak cipher suites and implementations
  • Memory/buffer vulnerability
  • System sprawl/undocumented assets
  • Architecture/design weaknesses
  • New threats/zero day
  • Improper certificate and key management
2.0 Technologies and Tools
2.1 Install and configure network components, both hardware- and software-based, to support organizational security.
  • Firewall
  • VPN concentrator
  • NIPS/NIDS
  • Router
  • Switch
  • Proxy
  • Load balancer
  • Access point
  • SIEM
  • DLP
  • NAC
  • Mail gateway
  • Bridge
  • SSL/TLS accelerators
  • SSL decryptors
  • Media gateway
  • Hardware security module
2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization.
  • Protocol analyzer
  • Network scanners
  • Wireless scanners/cracker
  • Password cracker
  • Vulnerability scanner
  • Configuration compliance scanner
  • Exploitation frameworks
  • Data sanitization tools
  • Steganography tools
  • Honeypot
  • Backup utilities
  • Banner grabbing
  • Passive vs. active
  • Command line tools
2.3 Given a scenario, troubleshoot common security issues.
  • Unencrypted credentials/clear text
  • Logs and events anomalies
  • Permission issues
  • Access violations
  • Certificate issues
  • Data exfiltration
  • Misconfigured devices
  • Weak security configurations
  • Personnel issues
  • Unauthorized software
  • Baseline deviation
  • License compliance violation (availability/integrity)
  • Asset management
  • Authentication issues
2.4 Given a scenario, analyze and interpret output from security technologies.
  • HIDS/HIPS
  • Antivirus
  • File integrity check
  • Host-based firewall
  • Application whitelisting
  • Removable media control
  • Advanced malware tools
  • Patch management tools
  • UTM
  • DLP
  • Data execution prevention
  • Web application firewall
2.5 Given a scenario, deploy mobile devices securely.
  • Connection methods
  • Mobile device management concepts
  • Enforcement and monitoring
  • Deployment models
2.6 Given a scenario, implement secure protocols.
  • Protocols
  • Use cases
3.0 Architecture and Design
3.1 Explain use cases and purpose for frameworks, best practices and secure configuration guides.
  • Industry-standard frameworks and reference architectures
  • Benchmarks/secure configuration guides
  • Defense-in-depth/layered security
3.2 Given a scenario, implement secure network architecture concepts.
  • Zones/topologies
  • Segregation/segmentation/isolation
  • Tunneling/VPN
  • Security device/technology placement
  • SDN
3.3 Given a scenario, implement secure systems design.
  • Hardware/firmware security
  • Operating systems
  • Peripherals
3.4 Explain the importance of secure staging deployment concepts.
  • Sandboxing
  • Environment
  • Secure baseline
  • Integrity measurement
3.5 Explain the security implications of embedded systems.
  • SCADA/ICS
  • Smart devices/IoT
  • HVAC
  • SoC
  • RTOS
  • Printers/MFDs
  • Camera systems
  • Special purpose
3.6 Summarize secure application development and deployment concepts.
  • Development life-cycle models
  • Secure DevOps
  • Version control and change management
  • Provisioning and deprovisioning
  • Secure coding techniques
  • Code quality and testing
  • Compiled vs. runtime code
3.7 Summarize cloud and virtualization concepts.
  • Hypervisor
  • VM sprawl avoidance
  • VM escape protection
  • Cloud storage
  • Cloud deployment models
  • On-premise vs. hosted vs. cloud
  • VDI/VDE
  • Cloud access security broker
  • Security as a Service
3.8 Explain how resiliency and automation strategies reduce risk.
  • Automation/scripting
  • Templates
  • Master image
  • Non-persistence
  • Elasticity
  • Scalability
  • Distributive allocation
  • Redundancy
  • Fault tolerance
  • High availability
3.9 Explain the importance of physical security controls.
  • Lighting
  • Signs
  • Fencing/gate/cage
  • Security guards
  • Alarms
  • Safe
  • Secure cabinets/enclosures
  • Protected distribution/Protected cabling
  • Airgap
  • Mantrap
  • Faraday cage
  • Lock types
  • Biometrics
  • Barricades/bollards
  • Tokens/cards
  • Environmental controls
  • Cable locks
  • Screen filters
  • Cameras
  • Motion detection
  • Logs
  • Infrared detection
  • Key management
4.0 Identity and Access Management
4.1 Compare and contrast identity and access management concepts
  • Identification, authentication, authorization and accounting (AAA)
  • Multifactor authentication
  • Federation
  • Single sign-on
  • Transitive trust
4.2 Given a scenario, install and configure identity and access services.
  • LDAP
  • Kerberos
  • TACACS+
  • CHAP
  • PAP
  • MSCHAP
  • RADIUS
  • SAML
  • OpenID Connect
  • OAUTH
  • Shibboleth
  • Secure token
  • NTLM
4.3 Given a scenario, implement identity and access management controls.
  • Access control models
  • Physical access control
  • Biometric factors
  • Tokens
  • Certificate-based authentication
  • File system security
  • Database security
4.4 Given a scenario, differentiate common account management practices.
  • Account types
  • General Concepts
  • Account policy enforcement
5.0 Risk Management
5.1 Explain the importance of policies, plans and procedures related to organizational security.
  • Standard operating procedure
  • Agreement types
  • Personnel management
  • General security policies
5.2 Summarize business impact analysis concepts.
  • RTO/RPO
  • MTBF
  • MTTR
  • Mission-essential functions
  • Identification of critical systems
  • Single point of failure
  • Impact
  • Privacy impact assessment
  • Privacy threshold assessment
5.3 Explain risk management processes and concepts.
  • Threat assessment
  • Risk assessment
  • Change management
5.4 Given a scenario, follow incident response procedures.
  • Incident response plan
  • Incident response process
5.5 Summarize basic concepts of forensics.
  • Order of volatility
  • Chain of custody
  • Legal hold
  • Data acquisition
  • Preservation
  • Recovery
  • Strategic intelligence/counterintelligence gathering
  • Track man-hours
5.6 Explain disaster recovery and continuity of operation concepts.
  • Recovery sites
  • Order of restoration
  • Backup concepts
  • Geographic considerations
  • Continuity of operation planning
5.7 Compare and contrast various types of controls.
  • Deterrent
  • Preventive
  • Detective
  • Corrective
  • Compensating
  • Technical
  • Administrative
  • Physical
5.8 Given a scenario, carry out data security and privacy practices.
  • Data destruction and media sanitization
  • Data sensitivity labeling and handling
  • Data roles
  • Data retention
  • Legal and compliance
6.0 Cryptography and PKI
6.1 Compare and contrast basic concepts of cryptography.
  • Symmetric algorithms
  • Modes of operation
  • Asymmetric algorithms
  • Hashing
  • Salt, IV, nonce
  • Elliptic curve
  • Weak/deprecated algorithms
  • Key exchange
  • Digital signatures
  • Diffusion
  • Confusion
  • Collision
  • Steganography
  • Obfuscation
  • Stream vs. block
  • Key strength
  • Session keys
  • Ephemeral key
  • Secret algorithm
  • Data-in-transit
  • Data-at-rest
  • Data-in-use
  • Random/pseudo-random number generation
  • Key stretching
  • Implementation vs. algorithm selection
  • Perfect forward secrecy
  • Security through obscurity
  • Common use cases
6.2 Explain cryptography algorithms and their basic characteristics.
  • Symmetric algorithms
  • Cipher modes
  • Asymmetric algorithms
  • Hashing algorithms
  • Key stretching algorithms
  • Obfuscation
6.3 Given a scenario, install and configure wireless security settings.
  • Cryptographic protocols
  • Authentication protocols
  • Methods
6.4 Given a scenario, implement public key infrastructure.
  • Components
  • Concepts
  • Types of certificates
  • Certificate formats

Alabama Computer Solutions is your best choice for Security+, Security+ training, Security+ certification, Security+ certification boot camp, Security+ boot camp, Security+ certification training, Security+ boot camp training, Security+ boot camp certification, Security+ certification course, Security+ course, training Security+, certification Security+, boot camp Security+, certification Security+ boot camp, certification Security+ training, boot camp Security+ training, certification Security+ course.



home | technical schedule | application schedule | class outlines | mcse, mcdba, mcsd training | microsoft .net | cisco certification | security training | alabama training solutions oracle® certification training | linux, unix | comptia certification | web development | pricing | locations | financing | instructors needed | e-mail us





Search classes by keyword:


Search classes by category:

mcse training
MCSE boot camp MCSE Training MCSE Certification MCSE Bootcamp MCSE Boot Camp MCSE Course MCSE Training MCSE Certification MCSE Bootcamp MCSE Boot Camp MCSE MCSA Training MCSA Certification MCSA Bootcamp MCSA Boot Camp MCSA Course MCSA Training MCSA Certification MCSA Bootcamp MCSA Boot Camp MCSA Course MCSA MCSE 2003 MCSE Training 2003 MCSE Certification 2003 MCSE Boot Camp 2003 MCSE Course 2003 MCSE 2003 Training MCSE 2003 Certification MCSE 2003 Boot Camp MCSE 2003 Course Training MCSE 2003 Certification MCSE 2003 Boot Camp MCSE 2003 Course MCSE 2003 MCSE Training Course MCSE Training Boot Camp MCSE training
MCSE certification MCSE Training Certification
Training MCSE Certification Training MCSE Boot Camp Training MCSE Course MCSE Certification Training MCSE Certification Boot Camp MCSE Certification Course MCSE Boot Camp Training MCSE Boot Camp Course MCSE Course Training MCSE Course Certification MCSD MCSD Training MCSD Certification MCSD Course Certification Training Training Certification Microsoft Certification Certification Microsoft Microsoft Training

Copyright © 2018 Alabama Computer Solutions. Alabama Computer Solutions Refund Policy. All Rights Reserved.