Security+ Training Boot Camp SYO-501

The goal of this five day CompTIA authorized Security+ boot camp training course is to provide IT professionals with the most comprehensive accelerated learning environment for the Security+ (SY0-401) exam.

InfoSec Institute is time and time again recognized in the industry as the authority for high-quality Security+ exam prep. Our instructors have a total commitment to the objectives of the Security+ exam, and will teach you vital tips and tricks needed to pass the exam the first time you take it. The Security+ boot camp teaches you information security theory, as well as reinforces theory with hands-on exercises that help you “learn by doing”. You will learn how to configure and operate many different technical security controls over the course of the five day boot camp.

Our CompTIA Authorized Security+ Boot Camp is Updated with Latest Security+ Performanced Based Exam Objectives:

The most recent edition of the CompTIA Security+ exam places greater emphasis on mitigating specific security issues. In previous editions, the Security+ Exam focused on merely recognizing security issues. CompTIA has also introduced Performance Based Exam Objectives, which introduces simulator-based testing commonly found on Cisco and Microsoft exams. Read more about how InfoSec Institue prepares you for these new, more difficult questions on the Security+ exam. InfoSec Institute applauds this change, even though it makes the exam more difficult. The end result is a Security+ certification that is more meaningful for the information security community. The new SY0-401 exam covers 6 Primary Objectives: InfoSec Institute’s courseware is aligned with these objectives, enabling our students to have a powerful exam prep resource.

1. Network Security (21% of exam)
2. Compliance and Operational Security (18%)
3. Threats and Vulnerabilities (21%)
4. Application, Data and Host Security (16%)
5. Access Control and Identity Management (13%)
6. Cryptography (11%)

There are many options for Security+ certification, why choose InfoSec Institute?

• Five (5) full days of quality Security+ training with an expert security instructor
• You learn from our CompTIA Authorized Quality Curriculum (CAQC)
• Informative practice exams (enhanced by InfoSec Institute custom practice questions)
• We have found the course content within the Security+ modules that is the most likely piece to trip up even the most seasoned IT pros
• You’ll gain measurable improvement in hands-on security skills that directly translate to the work environment
• The InfoSec Institute Personal Touch – A one-on-one time with the instructor to help you prepare for the exam
• Breakfast, lunch and snacks are provided on each day of class

YOU ALSO GET

• CompTIA Authorized Quality Curriculum (CAQC)
• Best-of-breed practice exams (enhanced by Intense School’s Proprietary Materials)
• Personal, one-on-one mentoring by course instructor
• Purposeful practice exams and hands-on labs
• Lunch and snacks provided on each day of class

Module 1: General Security Concepts Information Security

• Physical Security
• Operational Security
• Management and Policies
• Goals of Information Security
• The Security Process
• Antivirus Software
• Access Control
• Authentication
• Services and Protocols
• Security Topologies
• Design Goals
• Security Zones
• Technologies
• Business Concerns

Module 2: Know Your Enemy Attack Strategies

• Access Attacks
• Modification and Repudiation Attacks
• Denial of Service Attacks (DoS)
• Common Attacks
• Security Concerns and TCP/IP
• The TCP/IP Protocol Suite
• Application Layer
• Host-to-Host or Transport Layer
• Internet Layer
• Network Interface Layer
• Encapsulation
• Protocols and Services
• TCP/IP Attacks
• Software Exploitation
• Surviving Malicious Code
• Viruses
• Trojan Horses
• Logic Bombs
• Worms
• Antivirus Software
• Social Engineering
• Auditing Processes and Files

Module 3: Infrastructure and Connectivity Infrastructure Security

• Hardware Components
• Software Components
• Devices
• Firewalls
• Routers
• Switches
• Wireless Access Points
• Modems
• Remote Access Services
• Telecom/PBX Systems
• Virtual Private Network
• Network Monitoring and Diagnostics
• Workstations
• Servers
• Mobile Devices
• Remote Access
• Serial Line Internet Protocol
• Point-to-Point Protocol
• Tunneling Protocols
• Internet Connections
• Ports and Sockets
• E-Mail
• Web
• File Transfer Protocol
• SNMP and Other TCP/IP Protocols
• Cabling, Wires, and Communications
• Coax
• Unshielded Twisted Pair and Shielded Twisted Pair
• Fiber Optic
• Infrared
• Radio Frequency
• Microwave
• Removable Media
• Tape
• CD-R
• Hard Drives
• Diskettes
• Flash Cards
• Smart Cards

Module 4: Monitoring Communications Activity Network Monitoring

• Types of Network Traffic
• Network Monitoring Systems
• Intrusion Detection Systems
• Network-Based IDS
• Host-Based IDS
• Honey Pots
• Incident Response
• Incident Identification
• Investigating the Incident
• Repairing the Damage
• Documenting the Response
• Adjusting the Procedures
• Wireless Systems
• WTLS
• IEEE 802.11 Wireless Protocols
• WEP/WAP
• Wireless Vulnerabilities
• Instant Messaging
• IM Vulnerabilities
• 8.3 File Naming
• Packet Sniffing
• Privacy
• Signal Analysis/Signal Intelligence
• Footprinting
• Scanning
• Enumeration

Module 5: Implementing and Maintaining a Secure Network Overview of Network Security Threats

• Security Baselines
• OS/NOS Hardening
• Network Protocol Configuration
• Microsoft Windows 9x
• Microsoft Windows NT 4
• Microsoft Windows 2000
• Microsoft Windows XP
• Windows .NET Server 2003
• UNIX/Linux
• Novell NetWare
• IBM
• Apple Macintosh
• File Systems
• Operating System Updates
• Network Hardening
• Network Device Updates
• Configuring Network Devices
• Application Hardening
• Web Servers
• E-Mail Servers
• FTP Servers
• DNS Servers
• NNTP Servers
• File and Print Servers and Services
• DHCP Services
• Data Repositories

Module 6: Working with a Secure Network Physical Security

• Access Control
• Social Engineering
• Environment
• Business Continuity Planning
• Business Impact Analysis
• Risk Assessment
• Policies, Standards, and Guidelines
• Policies
• Standards
• Guidelines
• Security Standards and ISO 17799
• Information Classification
• Public Information
• Private Information
• Government and Military Classifications
• Roles in the Security Process
• Information Access Controls

Module 7: Cryptography Basics and Methods Overview of Cryptography

• Physical Cryptography
• Mathematical Cryptography
• Quantum Cryptography
• The Myth of Unbreakable Codes
• Cryptographic Algorithms
• Hashing
• Symmetric Algorithms
• Asymmetric Algorithms
• Using Cryptographic Systems
• Confidentiality
• Integrity
• Authentication
• Non-Repudiation
• Access Control
• Public Key Infrastructure
• Certificate Authority
• RAs and LRAs
• Certificates
• Certificate Revocation
• Trust Models
• Cryptographic Attacks

Module 8: Cryptography Standards Cryptography Standards and Protocols

• Origins of Encryption Standards
• PKIX/PKCS
• X.509
• SSL
• TLS
• ISAKMP
• CMP
• S/MIME
• SET
• SSH
• PGP
• HTTPS
• S-HTTP
• IPSec
• FIPS
• Common Criteria
• WTLS
• WEP
• ISO 17799
• Key Management and the Key Life Cycle
• Centralized versus Decentralized Key Generation
• Key Storage and Distribution
• Key Escrow
• Key Expiration
• Key Revocation
• Key Suspension
• Recovering and Archiving Keys
• Renewing Keys
• Key Destruction
• Key Usage

Module 9: Security Policies and Procedures Business Continuity

• Utilities
• High Availability
• Disaster Recovery
• Vendor Support
• Service Level Agreements
• Code Escrow
• Policies and Procedures
• Personnel Policies
• Business Policies
• Certificate Policies
• Incident Response Policies
• Privilege Management
• User and Group Role Management
• Single Sign-On
• Privilege Decision Making
• Auditing
• Access Control

Module 10: Security Management Computer Forensics

• Methodology of a Forensic Investigation
• Chain of Custody
• Preservation of Evidence
• Collection of Evidence
• Security Management
• Best Practices and Documentation
• Change Management
• Systemic Change
• Understanding the Roles in a Change Process
• Justifying the Need for Change
• Scheduling Changes
• Change Staging
• Change Documentation
• Change Notification
• Security Awareness and Education
• Communications and Awareness
• Education
• Staying on Top of Security
• Websites
• Trade Publications
• Privacy and Security Regulations
• HIPAA
• Gramm-Leach Bliley Act of 1999
• Computer Fraud and Abuse Act
• FERPA
• Computer Security Act of 1987
• Cyberspace Electronic Security Act (CESA)
• Cyber Security Enhancement Act
• Patriot Act
• International Efforts

Get Security+ Certified

The skills and knowledge measured by the Security+ examination were derived and validated though input from a committee and over 1,000 subject matter experts within the industry. A job task analysis (JTA), global survey, beta examination and beta results review were each milestones in the development process.

The results of these milestones were used in weighing the domains and ensuring that the weighting assigned to each domain is representative of the relative importance of the content. The Security+ certification is an internationally recognized validation of the technical knowledge required of foundation-level security practitioners. A Security+ certified individual has successfully proven holding a foundation-level of skill and knowledge in general security concepts, communication security, infrastructure security, basics of cryptography and operational / organizational security. Candidates are recommended to have two years experience in a networking role with preexisting knowledge of TCP/IP, experience in a security related role, Network+ or equivalent certification, and adequate training and self-study materials. All candidates are encouraged to review the Security+ objectives thoroughly prior to attempting the exam. This examination includes blueprint weighting, test objectives and example content. Example concepts are included to clarify the test objectives and should not be construed as a comprehensive listing of the content of the examination.

Course Prerequisites:

This course is targeted toward an Information Technology (IT) professional who has networking and administrative skills who want to further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security+ Certification examination; or use Security+ as the foundation for advanced security certifications or career roles.

The CompTIA Security+ exam validates knowledge of communication security, infrastructure security, cryptography, operational security, and general security concepts. It is an international, vendor-neutral certification that is taught at colleges, universities and commercial training centers around the world. Although not a prerequisite, it is recommended that CompTIA Security+ candidates have at least two years on-the-job networking experience, with an emphasis on security.

Because human error is the number one cause for a network security breach, CompTIA Security+ is recognized by the technology community as a valuable credential that proves competency with information security. Major corporations such as Sun, IBM/Tivoli Software Group, Symantec, Motorola, Hitachi Electronics Services and Verisign value the CompTIA Security+ certification and recommend or require it of their IT employees.

What’s the value in earning the Security+ certification?

In today’s job market, there is a high demand for information security professionals—and receiving a Security+ certification is the perfect way for entry level students to get their foot in the door. It can also serve as a career differentiator for IT professionals already in the field.

What are the Pre-Requirements for earning the Security+?

While there are no mandatory pre-requirements to taking the Security+ exam, it’s highly suggested that students have at least 2 years experience working in network administration (with a focus on information security) in addition to the Network+ certification. Click here for more information.

What career opportunities are available to Security+ Boot Camp graduates? What’s the job outlook like for Security+ professionals?

The job market has never looked better for those who are certified in IT security, and in 2017 alone, over 27,000 jobs listed the Security+ as a hard requirement. Earning the Security+ can open open up a wide variety of job opportunities and the cert is often used as a resume filter in HR departments, even if it’s not listed as a requirement. Click here for more information about the job outlook and opportunities available to Security+ Boot Camp grads.

What is the difference between the SYO-401 and SYO-501 exams?

Due to constant changes within the infosec industry, including emerging threats and new technologies, CompTIA has updated it’s Security+ Exam from the SYO-401 to the SYO-501 in late 2017. 25% of the course content has been updated to reflect these changes in the industry and the new material dives deeper and wider than before. Click here for more information on the differences between these exams.

I recently passed the SYO-401 exam, is my certification still good?

While SYO-401 will be retired, students who were certified under the old exam will remain certified. The SYO-501 was debuted in October 2017, and SYO-401 will officially retire at the beginning of 2018, with the English version being the last to retire in July 2018.

What are Performance Based Questions (PBQs)?

The Security+ performance based questions come in a variety of formats and require students to perform a specific task or solve a problem in a simulated environment. These questions are more involved than the standard multiple choice, fill in the blank, and drag and drop questions.

What do I need to know about the new Performance Based Questions (PBQs)?

There are a few things you should know. First, there may be questions in which there is more than one way to get a correct answer. In these instances, the test taker will receive full points if the correct solution is achieved. Second, on all CompTIA exams, there is a timer—however, with PBQs, this timer is not visible. Third, partial credit on answers is occasionally offered.

How does the Security+ Examination Process work?

The exam takes 90 minutes and there are 90 questions. You will need to achieve a score of 750 (on a scale of 100-900) in order to pass. Questions are a combination of multiple choice and performance based and the Security+ Exam Voucher costs $330. Click here for more info on the examination process.

Is the online Security+ Boot Camp as effective and informative as an in-person training session?

Whether you choose to take your training course in-person or online, you will have access to the same resources and training materials as all other student enrolled in the course. You can rest assured that the class will be effective, regardless of the training modality you select.

What does this Security+ course offer that other certification prep classes do not?

InfoSec Institute’s Security+ boot camp has the highest first time pass rate in the industry — 93%! If you choose to take the course online, you will also receive our Exam Pass Guarantee. This means if you don’t pass the exam on the first attempt, we’ll pay for your second exam FREE!

How is the Security+ Related to the DoD 8570?

The Security+ fulfills the requirements for Department of Defense (DoD) Directive 8570, which is mandatory if you are looking to get a government job that is involved with any aspect of information security. Click here for more information.

What are the Security+ Domains?

There are 6 Domains for the Security+ SYO-501 exam. They are Threats, Attacks and Vulnerabilities, Technologies and Tools, Architecture and Design, Identity and Access Management, Risk Management and Cryptography and PKI. Click here for more information on these domains.

How long Is the Security+ certification good for after you pass the test?

The Security+ is valid for 3 years. However, certification holders are required to earn Continuing Education Units (CEUs) and pay a yearly Continuing Education (CE) fee. Click here for more information on CEUs.

What are the Renewal Requirements for the Security+?

Security+ cert holders are required to earn 50 CEUs per renewal period (every 3 years) and pay an $50 annual Continuing Education (CE) fee to CompTIA. Click here for more information on the renewal requirements.

What job titles are most common for people who hold CompTIA’s Security+ certification?

The job market has never looked better for those who are certified in IT security, and the Security+ certification can help you break into the industry. Some common positions that this certification can help you land include: Security Analyst, IT Support Technician, Security Specialist, Help Desk Support, and many others!

What are some tips for preparing for the Security+?

The first thing a student should do is perform a comprehensive review of which topics are tested in the certification exam. Some domains are weighted more heavily than others, but it’s important to study each topic with equal attention. Enrolling in a Security+ Boot Camp like the one offered here is another surefire method of preparing oneself for the exam. Click here for more study tips.