MCSEClasses Certification Training Boot Camp

MCSE MCSD MCDBA Cisco CIW Linux Oracle Java Security

CompTIA Network Security Certification Training

CompTIA Network+/Security+ Dual Certification Training Course

Course Length:	9 days
Certifications:	CompTIA Network+ CompTIA Security+
Number of Exams:	2

Class Schedule

05/17/12 - 05/25/12		Info/Enroll
07/12/12 - 07/20/12		Info/Enroll
08/23/12 - 08/31/12		Info/Enroll
11/08/12 - 11/16/12		Info/Enroll

Includes roundtrip airfare and lodging (for boot camps held in Georgia and Florida only)
Hands-on instruction by a certified instructor
Includes all course materials and practice exams
Includes all certification exams
Onsite Testing
Breakfast and Lunch provided each day

The CompTIA Network+ (2009 Edition) certification ensures that the successful candidate has the important knowledge and skills necessary to manage, maintain, troubleshoot, install, operate and configure basic network infrastructure, describe networking technologies, basic design principles, and adhere to wiring standards and use testing tools.

Security+, a CompTIA Certification is the primary course you will need to take if your job responsibilities include securing network services, network devices, and network traffic. It is also the main course you will take to prepare for the CompTIA Security+ examination (exam number SY0-301). In this course, you'll build on your knowledge and professional experience with computer hardware, operating systems, and networks as you acquire the specific skills required to implement basic security services on any type of computer network.

Network+ certification
Security+ certification

Network+ certification

The CompTIA Network+ (2009 Edition) certification is an internationally recognized validation of the technical knowledge required of foundation-level IT network practitioners.

The skills and knowledge measured by this examination were derived from an industry-wide job task analysis and validated through an industry-wide global survey in Q2 2008. The results of this survey were used in weighing the domains and ensuring that the weighting is representative of the relative importance of the content.

Course Content

Network Technologies

Explain the function of common networking protocols
Identify commonly used TCP and UDP default ports
Identify the following address formats
Given a scenario, evaluate the proper use of the following addressing technologies and addressing schemes
Identify common IPv4 and IPv6 routing protocols
Explain the purpose and properties of routing
Compare the characteristics of wireless communication standards

Network Media and Topologies

Categorize standard cable types and their properties
Identify common connector types
Identify common physical network topologies
Given a scenario, differentiate and implement appropriate wiring standards
Categorize WAN technology types and properties
Categorize LAN technology types and properties
Explain common logical network topologies and their characteristics
Install components of wiring distribution

Network Devices

Install, configure and differentiate between common network devices
Identify the functions of specialized network devices
Explain the advanced features of a switch
Implement a basic wireless network

Network Management

Explain the function of each layer of the OSI model
Identify types of configuration management documentation
Given a scenario, evaluate the network based on configuration management documentation
Conduct network monitoring to identify performance and connectivity issues
Explain different methods and rationales for network performance optimization
Given a scenario, implement the following network troubleshooting methodology
Given a scenario, troubleshoot common connectivity issues and select an appropriate solution

Network Tools

Given a scenario, select the appropriate command line interface tool and interpret the output to verify functionality
Explain the purpose of network scanners
Given a scenario, utilize the appropriate hardware tools

Network Security

Explain the function of hardware and software security devices
Explain common features of a firewall
Explain the methods of network access security
Explain methods of user authentication
Explain issues that affect device security
Identify common security threats and mitigation techniques

[ back to top ]

Security+ certification

The CompTIA Security+ Certification (SY0-301 exam) is a vendor neutral credential. The CompTIA Security+ exam is an internationally recognized validation of foundation-level security skills and knowledge, and is used by organizations and security professionals around the globe.

CompTIA Security+ demonstrates competency in:

Network security
Compliance and operational security
Threats and vulnerabilities
Application, data and host security
Access control and identity management
Cryptography

CompTIA Security+ not only ensures that candidates will apply knowledge of security concepts, tools, and procedures to react to security incidents, it ensures that security personnel are anticipating security risks and guarding against them.

The CompTIA Security+ exam (SY0-301) will certify that the successful candidate has the knowledge and skills required to identify risk and participate in risk mitigation activities, provide infrastructure, application, operational and information security, apply security controls to maintain confidentiality, integrity and availability, identify appropriate technologies and products, and operate with an awareness of applicable policies, laws and regulations.

Target Student: This course is targeted toward an Information Technology (IT) professional who has networking and administrative skills in Windows-based TCP/IP networks and familiarity with other operating systems and to those who want to further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security+ Certification examination; or use Security+ as the foundation for advanced security certifications.

Prerequisites: CompTIA A+ and Network+ certifications, or equivalent knowledge. Experience in networking, including experience configuring and managing TCP/IP is helpful.

Course Content:

1.0 Network Security

1.1 Explain the security function and purpose of network devices and technologies

Firewalls
Routers
Switches
Load Balancers
Proxies
Web security gateways
VPN concentrators
NIDS and NIPS (Behavior based, signature based, anomaly based, heuristic)
Protocol analyzers
Sniffers
Spam filter, all-in-one security appliances
Web application firewall vs. network firewall
URL filtering, content inspection, malware inspection

1.2 Apply and implement secure network administration principles

Rule-based management
Firewall rules
VLAN management
Secure router configuration
Access control lists
Port Security
802.1x
Flood guards
Loop protection
Implicit deny
Prevent network bridging by network separation
Log analysis

1.3 Distinguish and differentiate network design elements and compounds

DMZ
Subnetting
VLAN
NAT
Remote Access
Telephony
NAC
Virtualization
Cloud Computing

1.4 Implement and use common protocols

IPSec
SNMP
SSH
DNS
TLS
SSL
TCP/IP
FTPS
HTTPS
SFTP
SCP
ICMP
IPv4 vs. IPv6

2.0 Compliance and Operational Security

2.1 Explain risk related concepts

Control types
False positives
Importance of policies in reducing risk
Quantitative vs. qualitative
Risk-avoidance, transference, acceptance, mitigation, deterrence
Risks associated to Cloud Computing and Virtualization

2.2 Carry out appropriate risk mitigation strategies

Implement security controls based on risk
Change management
Incident management
User rights and permissions reviews
Perform routine audits
Implement policies and procedures to prevent data loss or theft

2.3 Execute appropriate incident response procedures

Basic forensic procedures
Damage and loss control
Chain of custody
Incident response: first responder

2.4 Explain the importance of security related awareness and training

Security policy training and procedures
Personally identifiable information
Information classification: Sensitivity of data (hard or soft)
Data labeling, handling and disposal
Compliance with laws, best practices and standards
User habits
Threat awareness
Use of social networking and P2P

2.5 Compare and contrast aspects of business continuity

Business impact analysis
Removing single points of failure
Business continuity planning and testing
Continuity of operations
Disaster recovery
IT contingency planning
Succession planning

2.6 Explain the impact and proper use of environmental controls

HVAC
Fire suppression
EMI shielding
Hot and cold aisles
Environmental monitoring
Temperature and humidity controls
Video monitoring

2.7 Execute disaster recovery plans and procedures

Backup / backout contingency plans or policies
Backups, execution and frequency
Redundancy and fault tolerance
High availability
Cold site, hot site, warm site
Mean time to restore, mean time between failures, recovery time objectives and recovery point objectives

2.8 Exemplify the concepts of confidentiality, integrity and availability (CIA)

3.0 Threats and Vulnerabilities

3.1 Analyze and differentiate among types of malware

Adware
Virus
Worms
Spyware
Trojan
Rootkits
Backdoors
Logic bomb
Botnets

3.2 Analyze and differentiate among types of attacks

Man-in-the-middle
DDoS
DoS
Replay
Smurf attack
Spoofing
Spam
Phishing
Spim
Vishing
Spear phishing
Xmas attack
Pharming
Privilege escalation
Malicious insider threat
DNS poisoning and ARP poisoning
Transitive access
Client-side attacks

3.3 Analyze and differentiate among types of social engineering attacks

Shoulder surfing
Dumpster diving
Tailgating
Impersonation
Hoaxes
Whaling
Vishing

3.4 Analyze and differentiate among types of wireless attacks

Rogue access points
Interference
Evil twin
War driving
Bluejacking
Bluesnarfing
War chalking
IV attack
Packet sniffing

3.5 Analyze and differentiate among types of application attacks

Cross-site scripting
SQL injection
LDAP injection
XML injection
Directory traversal/command injection
Buffer overflow
Zero day
Cookies and attachments
Malicious add-ons
Session hijacking
Header manipulation

3.6 Analyze and differentiate among types of mitigation and deterrent techniques

Manual bypassing of electronic controls
Monitoring system logs
Physical security
Hardening
Port security
Security posture
Reporting
Detection controls vs. prevention controls

3.7 Implement assessment tools and techniques to discover security threats and vulnerabilities

Vulnerability scanning and interpret results
Tools
Risk calculations
Assessment types
Assessment technique

3.8 Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning

Penetration testing
Vulnerability scanning
Black box
White box
Gray box

4.0 Application, Data and Host Security

4.1 Explain the importance of application security

Fuzzing
Secure coding concepts
Cross-site scripting prevention
Cross-site Request Forgery (XSRF) prevention
Application configuration baseline (proper settings)
Application hardening
Application patch management

4.2 Carry out appropriate procedures to establish host security

Operating system security and settings
Anti-malware
Patch management
Hardware security
Host software baselining
Mobile devices
Virtualization

4.3 Explain the importance of data security

Data Loss Prevention (DLP)
Data encryption
Hardware based encryption devices
Cloud computing

5.0 Access Control and Identity Management

5.1 Explain the function and purpose of authentication services

RADIUS
TACACS
TACACS+
Kerberos
LDAP
XTACACS

5.2 Explain the fundamental concepts and best practices related to authentication, authorization and access control

Identification vs. authentication
Authentication (single factor) and authorization
Multifactor authentication
Biometrics
Tokens
Common access card
Personal identification verification card
Smart card
Least privilege
Separation of duties
Single sign on
ACLs
Access control
Mandatory access control
Discretionary access control
Role/rule-based access control
Implicit deny
Time of day restrictions
Trusted OS
Mandatory vacations
Job rotation

5.3 Implement appropriate security controls when performing account management

Mitigates issues associated with users with multiple account/roles
Account policy enforcement
Group based privileges
User assigned privileges

6.0 Cryptography

6.1 Summarize general cryptography concepts

Symmetric vs. asymmetric
Fundamental differences and encryption methods
Transport encryption
Non-repudiation
Hashing
Key escrow
Steganography
Digital signatures
Use of proven technologies
Elliptic curve and quantum cryptography

6.2 Use and apply appropriate cryptographic tools and products

WEP vs. WPA/WPA2 and preshared key
MD5
SHA
RIPEMD
AES
DES
3DES
HMAC
RSA
RC4
One-time-pads
CHAP
PAP
NTLM
NTLMv2
Blowfish
PGP/GPG
Whole disk encryption
TwoFish
Comparative strengths of algorithms
Use of algorithms with transport encryption

6.3 Explain the core concepts of public key infrastructure

Certificate authorities and digital certificates
PKI
Recovery agent
Public key
Private key
Registration
Key escrow
Trust models

6.4 Implement PKI, certificate management and associated components

Certificate authorities and digital certificates
PKI
Recovery agent
Public key
Private keys
Registration
Key escrow
Trust models

[ back to top ]

MCSEClasses.com is your best choice for CompTIA Network, CompTIA Network training, CompTIA Network certification, CompTIA Network certification boot camp, CompTIA Network boot camp, CompTIA Network certification training, CompTIA Network boot camp training, CompTIA Network boot camp certification, CompTIA Network certification course, CompTIA Network course, training CompTIA Network, certification CompTIA Network, boot camp CompTIA Network, certification CompTIA Network boot camp, certification CompTIA Network training, boot camp CompTIA Network training, certification CompTIA Network course.