| Printed Courseware Catalogue
|
|
|
|
|
|
|
|
|
Catalogue IT & CertificationCompTIASecurity+
|
|
Axzo Press
CompTIA
624 pages
Purchase Price
1-9 manuals: $275 per manual
10+ manuals: $245 per manual
Trainer Material: Instructor's Edition $300 each
|
Code: CT22-560
Series: IT & Certification
Format: A4
Duration: 5 day(s)
Download Data Files
Printer friendly version of this outline
|
|
Outline
Security overview
Introduction to network security
Understanding security threats
Creating a secure network strategy
Windows Server 2003 server access control
Authentication
Introduction to authentication
Kerberos
Challenge Handshake Authentication Protocol
Digital certificates
Security tokens
Biometrics
Attacks and malicious code
Denial of service attacks
Man-in-the-middle attacks
Spoofing
Replays
TCP session hijacking
Social engineering
Attacks against encrypted data
Software exploitation
Remote access
Securing remote communications
Authentication
Virtual private networks
Telecommuting vulnerabilities
| E-mail
Secure e-mail and encryption
PGP and S/MIME encryption
E-mail vulnerabilities
Web security
SSL/TLS protocol
Vulnerabilities of Web tools
Configuring Internet Explorer security
Directory and file transfer services
Introduction to directory services
File transfer services
File sharing
Wireless and instant messaging
IEEE 802.11
WAP 1.x and WAP 2.0
Wired equivalent privacy
Instant messaging
Network devices
Understanding firewalls
Routers
Switches
Telecom, cable modem, and wireless devices
Securing remote access
Intrusion detection systems
Network monitoring
Transmission and storage media
Transmission media
Storage media
Network security topologies
Security topologies
Network Address Translation
Tunneling
Virtual Local Area Networks
Intrusion detection
Intrusion detection systems
Network-based and host-based IDS
Active and passive detection
Honeypots
Incident response
Security baselines
OS/NOS hardening
Network hardening
Application hardening
Workstations and servers
Cryptography
Concepts of cryptography
Public Key Infrastructure (PKI)
Key management and life cycle
Setting up a certificate server Physical security
Access control
Environment
Disaster recovery and business continuity
Disaster recovery
Business continuity
Policies and procedures
Privilege management
Computer forensics and advanced topics
Understanding computer forensics
Risk identification
Education and training
Auditing
Documentation
Appendix A
Certification exam objectives map
Comprehensive exam objectives
|
After completing this course, you will know how to:
- Define security terminology, explain the purpose and goals of network security
policies, and outline various security threats.
- Understand the need for authentication and the development of authentication
devices including Kerberos, CHAP, digital certificates, tokens, biometrics,
mutual authentication, and multi-factor authentication.
- Identify the major types of attacks and malicious codes that commonly affect
the confidentiality, integrity, and availability of networks; and discuss the
business impact of security along with the countermeasures and best practices
used to prevent or mitigate the effect of attacks and malicious codes.
- Understand the concepts and practices of remote access, including commonly used
authentication protocols (IEEE 802.1X, RADIUS and TACACS+) and tunneling
technologies (PPTP, L2TP, IPSec and Secure Shell).
- Discuss e-mail vulnerabilities and how to safeguard against them, and the
benefits of PGP and S/MIME.
- Discuss Web security including SSL/TLC protocols; HTTPS as it relates to SSL;
the most common uses of instant messaging applications; and the variety of
mainstream Web tools such as JavaScript, Buffer Overflow, ActiveX, Cookies,
Applets and SMTP that are commonly exploited by attackers on the Internet.
- Explain the benefits offered by centralized enterprise directory services such
as LDAP over traditional authentication systems; discuss FTP vulnerabilities
and alternatives to using FTP; and describe the threat posed to a network by
unmonitored file shares.
- Identify aspects of security pertaining to wireless and instant messaging;
explain WTLS and IEEE 802.11x vulnerabilities, site surveys, naming conventions
and packet switching.
- Discuss the role of all major networking devices, including routers, switches,
firewall technology and servers, in establishing a secure network; and explain
VPN and RAS technologies.
- Discuss transmission media and storage media and identify their
vulnerabilities.
- Describe the importance of network topologies to an organization?s security
policy; and explain the role of DMZs, NAT, Virtual Local Area Networks, and
tunneling in maintaining network security.
- Define intrusion detection systems and outline some of the major
characteristics of intrusion detection products; and discuss the difference
between host-based and network-based systems as well as active and passive
detection features.
- Discuss security baselines, including operating system, file system, and
network hardening practices.
- Explain the basic concepts of cryptography, including algorithms, digital
signatures and PKI certificates, and the policies and procedures surrounding
them.
- Discuss the issues associated with physical security, including building
location, offsite backup storage, offsite facilities, and fire safety.
- Outline the critical process of disaster recovery planning along with the
procedures and policies than an organization should employ to minimize the
impact of disasters.
- Explain computer forensics and the rules of evidence governing the detection
and prosecution of network-related damage and crime; and discuss risk
identification, education, and documentation.
|
Prerequisites
CompTIA A+ Certification: Core Hardware, 2003 Objectives, CompTIA A+
Certification: OS Technologies, 2003 Objectives and CompTIA Network+
Certification, 2005 Objectives, or equivalent experience
|
|
|
|
|
|
|
|