CompTIA Security+ Certification Training (SY0-501)

CompTIA Security+ Certification Training

Course Delivery

This Course is available in the following format:

Request this course in a different delivery format

GSA Schedule 70 Saving for Government Customers

Course Overview:

CompTIA Security+ Certification Training (SY0-501) – Hands-on Labs

Prepare for the CompTIA Security+ certification while learning real-world skills.

CompTIA Security+ Certification Training (SY0-501) provides the basic knowledge needed to plan, implement, and maintain information security in a vendor-neutral format. This includes risk management, host and network security, authentication and access control systems, cryptography, and organizational security. This CompTIA Security+ Certification Training course maps to the CompTIA Security+ certification exam. Objective coverage is marked throughout the CompTIA Security+ Certification Training course.

Our CompTIA Authorized Security+ Boot Camp is Updated with Latest Security+ Performanced Based Exam Objectives:

The most recent edition of the CompTIA Security+ exam places greater emphasis on mitigating specific security issues. In previous editions, the Security+ Exam focused on merely recognizing security issues. CompTIA has also introduced Performance Based Exam Objectives, which introduces simulator-based testing commonly found on Cisco and Microsoft exams. Read more about how ENO prepares you for these new, more difficult questions on the Security+ exam. ENO applauds this change, even though it makes the exam more difficult. The end result is a Security+ certification that is more meaningful for the information security community. The new CompTIA Security+ SY0-501 exam covers 6 Primary Objectives: ENO’s courseware is aligned with these objectives, enabling our students to have a powerful exam prep resource.

1. Network Security (21% of exam)
2. Compliance and Operational Security (18%)
3. Threats and Vulnerabilities (21%)
4. Application, Data and Host Security (16%)
5. Access Control and Identity Management (13%)
6. Cryptography (11%)

Security+ Related Courses

CompTIA A+ Certification Training (Exam 202-1001/1002)
CompTIA Network+ Certification Training Prep (N10-007)
Certified Information Systems Security Professional Training (CISSP)
CompTIA Cybersecurity Analyst+ Training (CySA+)

CompTIA Security+ Certification Training (SY0-501) – Customize It:

• If you are familiar with some aspects of this CompTIA Security+ Certification Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the CompTIA Security+ Certification Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the CompTIA Security+ Certification Training course in manner understandable to lay audiences.

CompTIA Security+ Certification Training (SY0-501) – Audience / Target Group:

The target audience for this CompTIA Security+ Certification Training course:

• Candidates for the Security+ certification (SY0-501)

CompTIA Security+ Certification Training (SY0-501) – Class Prerequisites:

The knowledge and skills that a learner must have before attending this CompTIA Security+ Certification Training course are as follows:

• A+ Certification Prep Course
• Network+ Prep Course

CompTIA Security+ Certification Training (SY0-501) – Objectives:

Upon completing this CompTIA Security+ Certification Training course, learners will be able to meet these objectives:

• Proactively implement sound security protocols to mitigate security risks
• Quickly respond to security issues
• Retroactively identify where security breaches may have occurred
• Design a network, on-site or in the cloud, with security in mind

CompTIA Security+ Certification Training (SY0-501) – Objectives:

• Identify the fundamental concepts of computer security
• Identify security threats and vulnerabilities
• Manage data, application, and host security
• Implement network security
• Identify and implement access control and account management security measures
• Manage certificates
• Identify and implement compliance and operational security measures
• Manage risk
• Troubleshoot and manage security incidents
• Plan for business continuity and disaster recovery

CompTIA Security+ Certification Training (SY0-501) – Course Syllabus:

Module 1: General Security Concepts Information Security

Physical Security
Operational Security
Management and Policies
Goals of Information Security
The Security Process
Antivirus Software
Access Control
Authentication
Services and Protocols
Security Topologies
Design Goals
Security Zones
Technologies
Business Concerns

Module 2: Know Your Enemy Attack Strategies

Access Attacks
Modification and Repudiation Attacks
Denial of Service Attacks (DoS)
Common Attacks
Security Concerns and TCP/IP
The TCP/IP Protocol Suite
Application Layer
Host-to-Host or Transport Layer
Internet Layer
Network Interface Layer
Encapsulation
Protocols and Services
TCP/IP Attacks
Software Exploitation
Surviving Malicious Code
Viruses
Trojan Horses
Logic Bombs
Worms
Antivirus Software
Social Engineering
Auditing Processes and Files

Module 3: Infrastructure and Connectivity Infrastructure Security

Hardware Components
Software Components
Devices
Firewalls
Routers
Switches
Wireless Access Points
Modems
Remote Access Services
Telecom/PBX Systems
Virtual Private Network
Network Monitoring and Diagnostics
Workstations
Servers
Mobile Devices
Remote Access
Serial Line Internet Protocol
Point-to-Point Protocol
Tunneling Protocols
Internet Connections
Ports and Sockets
E-Mail
Web
File Transfer Protocol
SNMP and Other TCP/IP Protocols
Cabling, Wires, and Communications
Coax
Unshielded Twisted Pair and Shielded Twisted Pair
Fiber Optic
Infrared
Radio Frequency
Microwave
Removable Media
Tape
CD-R
Hard Drives
Diskettes
Flash Cards
Smart Cards

Module 4: Monitoring Communications Activity Network Monitoring

Types of Network Traffic
Network Monitoring Systems
Intrusion Detection Systems
Network-Based IDS
Host-Based IDS
Honey Pots
Incident Response
Incident Identification
Investigating the Incident
Repairing the Damage
Documenting the Response
Adjusting the Procedures
Wireless Systems
WTLS
IEEE 802.11 Wireless Protocols
WEP/WAP
Wireless Vulnerabilities
Instant Messaging
IM Vulnerabilities
8.3 File Naming
Packet Sniffing
Privacy
Signal Analysis/Signal Intelligence
Footprinting
Scanning
Enumeration

Module 5: Implementing and Maintaining a Secure Network Overview of Network Security Threats

Security Baselines
OS/NOS Hardening
Network Protocol Configuration
Microsoft Windows 9x
Microsoft Windows NT 4
Microsoft Windows 2000
Microsoft Windows XP
Windows .NET Server 2003
UNIX/Linux
Novell NetWare
IBM
Apple Macintosh
File Systems
Operating System Updates
Network Hardening
Network Device Updates
Configuring Network Devices
Application Hardening
Web Servers
E-Mail Servers
FTP Servers
DNS Servers
NNTP Servers
File and Print Servers and Services
DHCP Services
Data Repositories

Module 6: Working with a Secure Network Physical Security

Access Control
Social Engineering
Environment
Business Continuity Planning
Business Impact Analysis
Risk Assessment
Policies, Standards, and Guidelines
Policies
Standards
Guidelines
Security Standards and ISO 17799
Information Classification
Public Information
Private Information
Government and Military Classifications
Roles in the Security Process
Information Access Controls

Module 7: Cryptography Basics and Methods Overview of Cryptography

Physical Cryptography
Mathematical Cryptography
Quantum Cryptography
The Myth of Unbreakable Codes
Cryptographic Algorithms
Hashing
Symmetric Algorithms
Asymmetric Algorithms
Using Cryptographic Systems
Confidentiality
Integrity
Authentication
Non-Repudiation
Access Control
Public Key Infrastructure
Certificate Authority
RAs and LRAs
Certificates
Certificate Revocation
Trust Models
Cryptographic Attacks

Module 8: Cryptography Standards Cryptography Standards and Protocols

Origins of Encryption Standards
PKIX/PKCS
X.509
SSL
TLS
ISAKMP
CMP
S/MIME
SET
SSH
PGP
HTTPS
S-HTTP
IPSec
FIPS
Common Criteria
WTLS
WEP
ISO 17799
Key Management and the Key Life Cycle
Centralized versus Decentralized Key Generation
Key Storage and Distribution
Key Escrow
Key Expiration
Key Revocation
Key Suspension
Recovering and Archiving Keys
Renewing Keys
Key Destruction
Key Usage

Module 9: Security Policies and Procedures Business Continuity

Utilities
High Availability
Disaster Recovery
Vendor Support
Service Level Agreements
Code Escrow
Policies and Procedures
Personnel Policies
Business Policies
Certificate Policies
Incident Response Policies
Privilege Management
User and Group Role Management
Single Sign-On
Privilege Decision Making
Auditing
Access Control

Module 10: Security Management Computer Forensics

Methodology of a Forensic Investigation
Chain of Custody
Preservation of Evidence
Collection of Evidence
Security Management
Best Practices and Documentation
Change Management
Systemic Change
Understanding the Roles in a Change Process
Justifying the Need for Change
Scheduling Changes
Change Staging
Change Documentation
Change Notification
Security Awareness and Education
Communications and Awareness
Education
Staying on Top of Security
Websites
Trade Publications
Privacy and Security Regulations
HIPAA
Gramm-Leach Bliley Act of 1999
Computer Fraud and Abuse Act
FERPA
Computer Security Act of 1987
Cyberspace Electronic Security Act (CESA)
Cyber Security Enhancement Act
Patriot Act
International Efforts

Security+ Certification & Compliance

Get Security+ Certified

The skills and knowledge measured by the Security+ examination were derived and validated through input from a committee and over 1,000 subject matter experts within the industry. A job task analysis (JTA), global survey, beta examination and beta results review were each milestones in the development process.

The results of these milestones were used in weighing the domains and ensuring that the weighting assigned to each domain is representative of the relative importance of the content. The Security+ certification is an internationally recognized validation of the technical knowledge required of foundation-level security practitioners. A Security+ certified individual has successfully proven holding a foundation-level of skill and knowledge in general security concepts, communication security, infrastructure security, basics of cryptography and operational / organizational security. Candidates are recommended to have two years experience in a networking role with preexisting knowledge of TCP/IP, experience in a security related role, Network+ or equivalent certification, and adequate training and self-study materials. All candidates are encouraged to review the Security+ objectives thoroughly prior to attempting the exam. This Security+ examination includes blueprint weighting, test objectives and example content. Example concepts are included to clarify the test objectives and should not be construed as a comprehensive listing of the content of the Security+ examination.

Whether you are looking for general information or have a specific question, we want to help!

Request More Information

Print Friendly, PDF & Email