Security+ : Certification Exam preparation

Description:

Certification CompTIA Security + (2008 Edition) is technologically neutral.

This course will allow you to describe the MPLS technology, the basic concepts of switching labels up to specific features offered by this technology.

Target audience:

This internationally recognized certification is for security professionals with the following characteristics:
- A minimum of 2 years experience in network administration including security features
- Daily technical experience in security
- An extensive knowledge of security issues and a practical experience of the largest number of topics listed below.
The breakdown below shows the areas covered by this certification and their respective weight in the examination questions.

Learning Objectives:

1. Systems Security;

2. Network Infrastructure;

3. Access Control

4. Assessments & Audits

5. Cryptography

6. Organizational security

Duration: 3 days

Course content:

1.0 System Security

1.1 Identify various threats.

1.2 Risks explanation related to hardware and devices.

1.3 Implement processes and procedures for hardening operating systems (OS) to protect servers and workstations.

1.4 Develop procedures for development and implementation of security applications.

1.5 Implement application security.

1.6 Explain the interest and application of virtualization technologies.

2.0 Network Infrastructure

2.1 Differentiate between various ports and protocols, associated threats and countermeasures to reduce risk.

2.2 Distinguish between elements and components of a network design.

2.3 Determine the appropriate use of tools for network security.

2.4 Implement the appropriate network security tools.

2.5 Explain the vulnerabilities and countermeasures applicable to network equipment.

2.6 Explain the vulnerabilities and countermeasures applicable to transmission media.

2.7 Explain the vulnerabilities and countermeasures applicable to wireless networks.

3.0 Access Control

3.1 Identify and implement best practices and methods of access control.

3.2 Explain the main types of access control and their differences.

3.3 Organizing user accounts and computers in groups by function with the appropriate level of security by distinguishing their rights and privileges.

3.4 Apply the appropriate controls to the file and print resource.

3.5 Compares and implement the methods of logical access control.

3.6 Summarizes the authentication models and identify their components.

3.7 Deployment of authentication models and identify their components

3.8 Explain the difference between identification and authentication.

3.9 Explain and apply the methods of physical access control.

4.0 Reviews & Audits

4.1 Conduct risk assessments and implement compensatory measures.

4.2 Perform vulnerability assessments with basic tools.

4.3 Explain the difference between intrusion tests and looking for vulnerabilities.

4.4 Use of surveillance tools on systems and networks and detect security anomalies.

4.5 Compare the different methods of monitoring.

4.6 Perform appropriate procedures for logging and evaluating results.

4.7 Conduct regular audits of security configurations systems.

5.0 Cryptography

5.1 Explain the general concepts of cryptography.

5.2 Explanation of the basic concepts of hash and link between the algorithms and their applications.

5.3 Explanation of the basic concepts of encryption and link between the algorithms and their applications.

5.4 Protocols explanation and implementation.

5.5 Explanation of the key principles related to public keys and cryptography.

5.6 Implement a public key infrastructure and certificates management.

6.0 Organizational Security

6.1 Explain the planning and redundancy of its components.

6.2 Implement procedures for information relief.

6.3 Run the appropriate procedure for incident management.

6.4 Identify and explain the applicable legal and normative framework.

6.5 Explain the importance of environmental controls.

6.6 Explain the concept of social engineering and how to reduce the impact.