The goal of this 5 Day CompTIA Authorized Security+ Boot Camp Training course is to provide IT Professionals with the most comprehensive accelerated learning environment for the Security+ (SY0-201) exam.

InfoSec Institute is time and time again recognized as the authority in the industry for high-quality Security+ exam prep. Our instructors have a total commitment to the exam objectives of the Security+, and will teach you vital tips and tricks needed to pass the exam the first time you take it. The Security+ Boot Camp teaches you information security theory, as well as reinforces theory with hands-on exercises that help you "learn by doing". You will learn how to configure and operate many different technical security controls over the course of the 5 day Boot Camp.

Our CompTIA Authorized Security+ Boot Camp is Updated with Latest 2008-2010 Security+ Exam Objectives:

The 2008 Edition of the CompTIA Security+ exam places greater emphasis on mitigating specific security issues. In previous editions, the Security+ Exam focused on merely recognizing security issues. InfoSec Institute applauds this change, even though it makes the exam more difficult. The end result is a Security+ certification that is more meaningful for the information security community.

InfoSec Institute is an active member of the Security+ Cornerstone Committee responsible for developing the Security+ Certification.

Since 2008, the new SY0-201 exam covers 6 Primary Objectives: Systems Security, Network Infrastructure, Access Control, Assessments and Audits, Cryptography, and Organizational Security. InfoSec Institute's courseware is aligned with these objectives, enabling our students to have a powerful exam prep resource

Our 5-day accelerated learning format Security+ Boot Camp provides to you the most complete preparation for the Security+ certification. This is an accelerated immersion course, designed for computer professionals that demand effective, real-world skill-building and certification success.

There are many options for Security+ certification, why is InfoSec Institute the right place for you?

1. Five (5) full days of quality Security+ training with an expert security instructor
2. You learn from our CompTIA Authorized Quality Curriculum (CAQC)
3. Informative practice exams (enhanced by InfoSec Institute custom practice questions)
4. Extra course content on the Security+ modules we have found is most likely to trip up even seasoned IT pros - Organizational and Infrastructure Baseline Security
5. Gain measurable improvement in hands-on security skills that directly translate to the work environment
6. The InfoSec Institute Personal Touch - one-on-one time with the instructor to help you prepare for the exam
7. Breakfast, Lunch and snacks provided on each day of class

Security+ Course Prerequisites:
This course is targeted toward an Information Technology (IT) professional who has networking and administrative skills who want to further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security+ Certification examination; or use Security+ as the foundation for advanced security certifications or career roles.

The CompTIA Security+ validates knowledge of communication security, infrastructure security, cryptography, operational security, and general security concepts. It is an international, vendor-neutral certification that is taught at colleges, universities and commercial training centers around the world. Although not a prerequisite, it is recommended that CompTIA Security+ candidates have at least two years on-the-job networking experience, with an emphasis on security.

Because human error is the number one cause for a network security breach, CompTIA Security+ is recognized by the technology community as a valuable credential that proves competency with information security. Major corporations such as Sun, IBM/Tivoli Software Group, Symantec, Motorola, Hitachi Electronics Services and Verisign value the CompTIA Security+ certification and recommend or require it of their IT employees.

The results of these milestones were used in weighing the domains and ensuring that the weighting assigned to each domain is representative of the relative importance of the content. The Security+ certification is an internationally recognized validation of the technical knowledge required of foundation-level security practitioners. A Security+ certified individual has successfully proven holding a foundation-level of skill and knowledge in General Security Concepts, Communication Security, Infrastructure Security, Basics of Cryptography and Operational / Organizational Security. Candidates are recommended to have two years experience in a networking role with preexisting knowledge of TCP/IP, experience in a security related role, Network+ or equivalent certification, and adequate training and self-study materials. All candidates are encouraged to review the Security+ objectives thoroughly prior to attempting the exam. This examination includes blueprint weighting, test objectives and example content. Example concepts are included to clarify the test objectives and should not be construed as a comprehensive listing of the content of the examination.

Fundamentals of Information Security: Course Syllabus:

Module 1: General Security Concepts
Information Security • Physical Security • Operational Security • Management and Policies • Goals of Information Security • The Security Process • Antivirus Software • Access Control • Authentication • Services and Protocols • Security Topologies • Design Goals • Security Zones • Technologies • Business Concerns

Module 2: Know Your Enemy
Attack Strategies • Access Attacks • Modification and Repudiation Attacks • Denial of Service Attacks (DoS) • Common Attacks • Security Concerns and TCP/IP • The TCP/IP Protocol Suite • Application Layer • Host-to-Host or Transport Layer • Internet Layer • Network Interface Layer • Encapsulation • Protocols and Services • TCP/IP Attacks • Software Exploitation • Surviving Malicious Code • Viruses • Trojan Horses • Logic Bombs • Worms • Antivirus Software • Social Engineering • Auditing Processes and Files

Module 3: Infrastructure and Connectivity
Infrastructure Security • Hardware Components • Software Components • Devices • Firewalls • Routers • Switches • Wireless Access Points • Modems • Remote Access Services • Telecom/PBX Systems • Virtual Private Network • Network Monitoring and Diagnostics • Workstations • Servers • Mobile Devices • Remote Access • Serial Line Internet Protocol • Point-to-Point Protocol • Tunneling Protocols • Internet Connections • Ports and Sockets • E-Mail • Web • File Transfer Protocol • SNMP and Other TCP/IP Protocols • Cabling, Wires, and Communications • Coax • Unshielded Twisted Pair and Shielded Twisted Pair • Fiber Optic • Infrared • Radio Frequency • Microwave • Removable Media • Tape • CD-R • Hard Drives • Diskettes • Flash Cards • Smart Cards

Module 4: Monitoring Communications Activity
Network Monitoring • Types of Network Traffic • Network Monitoring Systems • Intrusion Detection Systems • Network-Based IDS • Host-Based IDS • Honey Pots • Incident Response • Incident Identification • Investigating the Incident • Repairing the Damage • Documenting the Response • Adjusting the Procedures • Wireless Systems • WTLS • IEEE 802.11 Wireless Protocols • WEP/WAP • Wireless Vulnerabilities • Instant Messaging • IM Vulnerabilities • 8.3 File Naming • Packet Sniffing • Privacy • Signal Analysis/Signal Intelligence • Footprinting • Scanning • Enumeration

Module 5: Implementing and Maintaining a Secure Network
Overview of Network Security Threats • Security Baselines • OS/NOS Hardening • Network Protocol Configuration • Microsoft Windows 9x • Microsoft Windows NT 4 • Microsoft Windows 2000 • Microsoft Windows XP • Windows .NET Server 2003 • UNIX/Linux • Novell NetWare • IBM • Apple Macintosh • File Systems • Operating System Updates • Network Hardening • Network Device Updates • Configuring Network Devices • Application Hardening • Web Servers • E-Mail Servers • FTP Servers • DNS Servers • NNTP Servers • File and Print Servers and Services • DHCP Services • Data Repositories

Module 6: Working with a Secure Network
Physical Security • Access Control • Social Engineering • Environment • Business Continuity Planning • Business Impact Analysis • Risk Assessment • Policies, Standards, and Guidelines • Policies • Standards • Guidelines • Security Standards and ISO 17799 • Information Classification • Public Information • Private Information • Government and Military Classifications • Roles in the Security Process • Information Access Controls

Module 7: Cryptography Basics and Methods
Overview of Cryptography • Physical Cryptography • Mathematical Cryptography • Quantum Cryptography • The Myth of Unbreakable Codes • Cryptographic Algorithms • Hashing • Symmetric Algorithms • Asymmetric Algorithms • Using Cryptographic Systems • Confidentiality • Integrity • Authentication • Non-Repudiation • Access Control • Public Key Infrastructure • Certificate Authority • RAs and LRAs • Certificates • Certificate Revocation • Trust Models • Cryptographic Attacks

Module 8: Cryptography Standards
Cryptography Standards and Protocols • Origins of Encryption Standards • PKIX/PKCS • X.509 • SSL • TLS • ISAKMP • CMP • S/MIME • SET • SSH • PGP • HTTPS • S-HTTP • IPSec • FIPS • Common Criteria • WTLS • WEP • ISO 17799 • Key Management and the Key Life Cycle • Centralized versus Decentralized Key Generation • Key Storage and Distribution • Key Escrow • Key Expiration • Key Revocation • Key Suspension • Recovering and Archiving Keys • Renewing Keys • Key Destruction • Key Usage

Module 9: Security Policies and Procedures
Business Continuity • Utilities • High Availability • Disaster Recovery • Vendor Support • Service Level Agreements • Code Escrow • Policies and Procedures • Personnel Policies • Business Policies • Certificate Policies • Incident Response Policies • Privilege Management • User and Group Role Management • Single Sign-On • Privilege Decision Making • Auditing • Access Control

Module 10: Security Management
Computer Forensics • Methodology of a Forensic Investigation • Chain of Custody • Preservation of Evidence • Collection of Evidence • Security Management • Best Practices and Documentation • Change Management • Systemic Change • Understanding the Roles in a Change Process • Justifying the Need for Change • Scheduling Changes • Change Staging • Change Documentation • Change Notification • Security Awareness and Education • Communications and Awareness • Education • Staying on Top of Security • Websites • Trade Publications • Privacy and Security Regulations • HIPAA • Gramm-Leach Bliley Act of 1999 • Computer Fraud and Abuse Act • FERPA • Computer Security Act of 1987 • Cyberspace Electronic Security Act (CESA) • Cyber Security Enhancement Act • Patriot Act • International Efforts

Current Course List: