The goal of this 5 Day CompTIA Authorized Security+ Boot Camp Training course is to provide IT Professionals with the most comprehensive accelerated learning environment for the Security+ (SY0-401) exam.
InfoSec Institute is time and time again recognized as the authority in the industry for high-quality Security+ exam prep. Our instructors have a total commitment to the exam objectives of the Security+, and will teach you vital tips and tricks needed to pass the exam the first time you take it. The Security+ Boot Camp teaches you information security theory, as well as reinforces theory with hands-on exercises that help you "learn by doing". You will learn how to configure and operate many different technical security controls over the course of the 5 day Boot Camp.
Our CompTIA Authorized Security+ Boot Camp is Updated with Latest Security+Performanced Based Exam Objectives:
The most recent edition of the CompTIA Security+ exam places greater emphasis on mitigating specific security issues. In previous editions, the Security+ Exam focused on merely recognizing security issues. CompTIA has also introduced Performance Based Exam Objectives, which introduces simulator-based testing commonly found on Cisco and Microsoft exams. Read more about how InfoSec Institue prepares you for these new, more difficult questions on the Security+ exam.
InfoSec Institute applauds this change, even though it makes the exam more difficult. The end result is a Security+ certification that is more meaningful for the information security community.
The new SY0-401 exam covers 6 Primary Objectives:
AS SEEN IN:
**In anticipation of the new version of Security+ from CompTIA, InfoSec Institute will be upgrading to the SY0-401 for all classes starting after 12/31/2011.
Module 1: General Security Concepts
Information Security • Physical Security • Operational Security • Management and Policies • Goals of Information Security • The Security Process • Antivirus Software • Access Control • Authentication • Services and Protocols • Security Topologies • Design Goals • Security Zones • Technologies • Business Concerns
Module 2: Know Your Enemy
Attack Strategies • Access Attacks • Modification and Repudiation Attacks • Denial of Service Attacks (DoS) • Common Attacks • Security Concerns and TCP/IP • The TCP/IP Protocol Suite • Application Layer • Host-to-Host or Transport Layer • Internet Layer • Network Interface Layer • Encapsulation • Protocols and Services • TCP/IP Attacks • Software Exploitation • Surviving Malicious Code • Viruses • Trojan Horses • Logic Bombs • Worms • Antivirus Software • Social Engineering • Auditing Processes and Files
Module 3: Infrastructure and Connectivity
Infrastructure Security • Hardware Components • Software Components • Devices • Firewalls • Routers • Switches • Wireless Access Points • Modems • Remote Access Services • Telecom/PBX Systems • Virtual Private Network • Network Monitoring and Diagnostics • Workstations • Servers • Mobile Devices • Remote Access • Serial Line Internet Protocol • Point-to-Point Protocol • Tunneling Protocols • Internet Connections • Ports and Sockets • E-Mail • Web • File Transfer Protocol • SNMP and Other TCP/IP Protocols • Cabling, Wires, and Communications • Coax • Unshielded Twisted Pair and Shielded Twisted Pair • Fiber Optic • Infrared • Radio Frequency • Microwave • Removable Media • Tape • CD-R • Hard Drives • Diskettes • Flash Cards • Smart Cards
Module 4: Monitoring Communications Activity
Network Monitoring • Types of Network Traffic • Network Monitoring Systems • Intrusion Detection Systems • Network-Based IDS • Host-Based IDS • Honey Pots • Incident Response • Incident Identification • Investigating the Incident • Repairing the Damage • Documenting the Response • Adjusting the Procedures • Wireless Systems • WTLS • IEEE 802.11 Wireless Protocols • WEP/WAP • Wireless Vulnerabilities • Instant Messaging • IM Vulnerabilities • 8.3 File Naming • Packet Sniffing • Privacy • Signal Analysis/Signal Intelligence • Footprinting • Scanning • Enumeration
Module 5: Implementing and Maintaining a Secure Network
Overview of Network Security Threats • Security Baselines • OS/NOS Hardening • Network Protocol Configuration • Microsoft Windows 9x • Microsoft Windows NT 4 • Microsoft Windows 2000 • Microsoft Windows XP • Windows .NET Server 2003 • UNIX/Linux • Novell NetWare • IBM • Apple Macintosh • File Systems • Operating System Updates • Network Hardening • Network Device Updates • Configuring Network Devices • Application Hardening • Web Servers • E-Mail Servers • FTP Servers • DNS Servers • NNTP Servers • File and Print Servers and Services • DHCP Services • Data Repositories
Module 6: Working with a Secure Network
Physical Security • Access Control • Social Engineering • Environment • Business Continuity Planning • Business Impact Analysis • Risk Assessment • Policies, Standards, and Guidelines • Policies • Standards • Guidelines • Security Standards and ISO 17799 • Information Classification • Public Information • Private Information • Government and Military Classifications • Roles in the Security Process • Information Access Controls
Module 7: Cryptography Basics and Methods
Overview of Cryptography • Physical Cryptography • Mathematical Cryptography • Quantum Cryptography • The Myth of Unbreakable Codes • Cryptographic Algorithms • Hashing • Symmetric Algorithms • Asymmetric Algorithms • Using Cryptographic Systems • Confidentiality • Integrity • Authentication • Non-Repudiation • Access Control • Public Key Infrastructure • Certificate Authority • RAs and LRAs • Certificates • Certificate Revocation • Trust Models • Cryptographic Attacks
Module 8: Cryptography Standards
Cryptography Standards and Protocols • Origins of Encryption Standards • PKIX/PKCS • X.509 • SSL • TLS • ISAKMP • CMP • S/MIME • SET • SSH • PGP • HTTPS • S-HTTP • IPSec • FIPS • Common Criteria • WTLS • WEP • ISO 17799 • Key Management and the Key Life Cycle • Centralized versus Decentralized Key Generation • Key Storage and Distribution • Key Escrow • Key Expiration • Key Revocation • Key Suspension • Recovering and Archiving Keys • Renewing Keys • Key Destruction • Key Usage
Module 9: Security Policies and Procedures
Business Continuity • Utilities • High Availability • Disaster Recovery • Vendor Support • Service Level Agreements • Code Escrow • Policies and Procedures • Personnel Policies • Business Policies • Certificate Policies • Incident Response Policies • Privilege Management • User and Group Role Management • Single Sign-On • Privilege Decision Making • Auditing • Access Control
Module 10: Security Management
Computer Forensics • Methodology of a Forensic Investigation • Chain of Custody • Preservation of Evidence • Collection of Evidence • Security Management • Best Practices and Documentation • Change Management • Systemic Change • Understanding the Roles in a Change Process • Justifying the Need for Change • Scheduling Changes • Change Staging • Change Documentation • Change Notification • Security Awareness and Education • Communications and Awareness • Education • Staying on Top of Security • Websites • Trade Publications • Privacy and Security Regulations • HIPAA • Gramm-Leach Bliley Act of 1999 • Computer Fraud and Abuse Act • FERPA • Computer Security Act of 1987 • Cyberspace Electronic Security Act (CESA) • Cyber Security Enhancement Act • Patriot Act • International Efforts
The skills and knowledge measured by the Security+ examination were derived and validated though input from a committee and over 1,000 subject matter experts representative of industry. A job task analysis (JTA), global survey, beta examination and beta results review were each milestones in the development process.
The results of these milestones were used in weighing the domains and ensuring that the weighting assigned to each domain is representative of the relative importance of the content. The Security+ certification is an internationally recognized validation of the technical knowledge required of foundation-level security practitioners. A Security+ certified individual has successfully proven holding a foundation-level of skill and knowledge in General Security Concepts, Communication Security, Infrastructure Security, Basics of Cryptography and Operational / Organizational Security. Candidates are recommended to have two years experience in a networking role with preexisting knowledge of TCP/IP, experience in a security related role, Network+ or equivalent certification, and adequate training and self-study materials. All candidates are encouraged to review the Security+ objectives thoroughly prior to attempting the exam. This examination includes blueprint weighting, test objectives and example content. Example concepts are included to clarify the test objectives and should not be construed as a comprehensive listing of the content of the examination.
This course is targeted toward an Information Technology (IT) professional who has networking and administrative skills who want to further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security+ Certification examination; or use Security+ as the foundation for advanced security certifications or career roles.
The CompTIA Security+ validates knowledge of communication security, infrastructure security, cryptography, operational security, and general security concepts. It is an international, vendor-neutral certification that is taught at colleges, universities and commercial training centers around the world. Although not a prerequisite, it is recommended that CompTIA Security+ candidates have at least two years on-the-job networking experience, with an emphasis on security.
Because human error is the number one cause for a network security breach, CompTIA Security+ is recognized by the technology community as a valuable credential that proves competency with information security. Major corporations such as Sun, IBM/Tivoli Software Group, Symantec, Motorola, Hitachi Electronics Services and Verisign value the CompTIA Security+ certification and recommend or require it of their IT employees.
Exam Duration: 90 minutes each
Two years experience in networking with emphasis on security
Adequate training and self-study
CompTIA Network+ recommended, but not required
750 on a scale of 100 - 900
CompTIA Security+ E2C Exam: JK0-015
CompTIA Security+ 2011 Exam: SY0-401
Note: An updated version of Security+ is scheduled to launch in May 2011.
Call (866)-471-0059 or fill out this short form for current pricing
Our 5-day intense Security+ Boot Camp provides the most comprehensive approach to Security+ certification.
This is an accelerated immersion course, designed for computer professionals that require effective,
real-world skill-building and timely certification.