CompTIA Security+ SY0-601 Training & Certification
Course Description
CompTIA Security+ Training offers you a chance to earn a global certification that focuses on core cybersecurity skills which are indispensable for security and network administrators. The training is ideal to validate your skill set in risk management, risk mitigation, threat management, and intrusion detection. This CompTIA Security+ certification enables you to handle security incidents, not just identify them. CompTIA Security+ training is designed to meet the industry benchmarks and will help you master foundational skills that are needed to pursue a career in IT security.
Why should you take CompTIA Security+?
- Amazon, Dell, E&Y, Accenture, Capgemini, Intel, HP, Verizon, and many other established MNCs have made it mandatory to be CompTIA Security+ Certified when applying for various security profiles.
- Average salary of CompTIA Security+ Certified Professional varies from $84,000 – $120,000 – Indeed.com.
- As breach after breach hits the headline, the demand for certified professionals in the latest cybersecurity counter measures goes up. CompTIA Security+ course provides a steppingstone for intermediate-level cybersecurity jobs.
Key features
♦ 32 hours of instructor-led learning
♦ Covers 6 domains required to become an IT security professional
♦ Hands-on based learning
♦ Course Completion certificate
♦ Exam Voucher included
Online Classroom Flexi-Pass
Curriculums
-
Learning Objective:
Compare and contrast different types of social engineering techniques
Given a scenario, analyze potential indicators to determine the type of attack
Analyze potential indicators associated with application and network attacks
Explain different threat actors, vectors, and intelligence sources
Explain the security concerns associated with various types of vulnerabilities
Explain the techniques used in penetration testingTopics:
Security Policy
Threat Actors
Social Engineering
Phishing & Types of Malware
Trojans and Spyware
Security Control Types
Defence in Depth
Frameworks and Compliance
Vulnerability Scanning and Pen Tests
Security Assessment Techniques
Pen Testing Concepts
Vulnerability Scanning Concepts
Exploitation Frameworks -
Learning Objective:
Summarize the basics of cryptographic concepts
Implement Symmetric & Asymmetric Algorithms
Understand Cryptographic Attacks & how to mitigate them
Implement public key infrastructureTopics:
Cryptographic Terminology and Ciphers
Cryptographic Products
Hashing Algorithms
Symmetric Algorithms
Asymmetric Algorithms
Diffie-Hellman and Elliptic Curve
Transport Encryption
Cryptographic Attacks
PKI Standards
Digital Certificates
Certificate Authorities
Types of Certificate
Implementing PKI
Storing and Distributing Keys
Key Status and Revocation
PKI Trust Models
PGP / GPG -
Learning Objective:
Summarize authentication and authorization design concepts
Implement identity and account management controls
Implement authentication and authorization solutions
Understand LDAP & Active DirectoryTopics:
Access Control Systems
Identification & Authentication
LAN Manager / NTLM
Kerberos
PAP, CHAP, and MS-CHAP
Password Attacks
Token-based & Biometric Authentication
Common Access Card
Authorization
Directory Services
RADIUS and TACACS+
Federation and Trusts
Federated Identity Protocols
Formal Access Control Models
Account Types
Windows Active Directory
Creating and Managing Accounts
Account Policy Enforcement
Credential Management Policies
Account Restrictions
Accounting and Auditing -
Learning Objective:
Understand how to make a network secure
Implement secure network designs
Install and Configure Security AppliancesTopics:
Network Zones and Segments
Subnetting
Switching Infrastructure
Switching Attacks and Hardening
Endpoint Security
Network Access Control
Routing Infrastructure
Network Address Translation
Software Defined Networking
Basic & Stateful Firewalls
Implementing a Firewall or Gateway
Web Application Firewalls
Proxies and Gateways
Denial of Service Attacks
Load Balancers -
Learning Objective:
Explain the security implications of embedded and specialized systems
Implement host or application security solutions
Install and configure wireless security settings
Understand various hardening concepts
Deploying Secure Host Embedded SystemsTopics:
Wireless LANs
WEP and WPA
Wi-Fi Authentication
Extensible Authentication Protocol
Wi-Fi Site Security
Personal Area Networks
Trusted Computing
Hardware / Firmware Security
Peripheral Device Security
Secure Configurations
OS Hardening
Patch Management
Embedded Systems
Security for Embedded System -
Learning Objective:
Understand all the important security protocols & where they are used
Implementing Secure Network Access Protocols
Given a scenario, implement secure protocols
Implementing Secure Network ApplicationsTopics:
DHCP Security
DNS Security
Network Management Protocols
HTTP and Web Servers
SSL / TLS and HTTPS
Web Security Gateways
Email Services
S/MIME
File Transfer
Voice and Video Services
Voice over IP (VoIP)
Remote Access Architecture
Virtual Private Networks
IPsec and IKE
Remote Access Servers
Remote Administration Tools
Hardening Remote Access Infrastructure -
Learning Objective:
Summarize mobile and cloud computing concepts
Explain the importance of physical security controls
Implement secure mobile solutions
Apply cybersecurity solutions to the cloudTopics:
Mobile Device Deployments
Mobile Connection Methods
Mobile Access Control Systems
Enforcement and Monitoring
Virtualization Technologies
Virtualization Security Best Practices
Cloud Computing
Cloud Security Best Practices
Site Layout and Access
Gateways and Locks
Alarm Systems
Surveillance
Hardware Security
Environmental Controls -
Learning Objective:
Summarize secure application development, deployment, and automation concepts
Summarize risk management processes and concepts
Explain the importance of applicable regulations, standards, or frameworks that impact organizational security postureTopics:
Business Impact Analysis
Identification of Critical Systems
Risk Assessment
Risk Mitigation
Application Vulnerabilities
Application Exploits
Web Browser Exploits
Secure Application Design
Secure Coding Concepts
Auditing Applications
Secure DevOps -
Learning Objective:
Implement cybersecurity resilience
Explain the key aspects of digital forensics
Explaining Disaster Recovery Concepts
Explain the importance of policies to organizational security
Explain privacy and sensitive data concepts in relation to securityTopics:
Continuity of Operations Planning
Disaster Recovery Planning
Resiliency Strategies
Recovery Sites
Backup Plans and Policies
Resiliency and Automation Strategies
Corporate Security Policy
Personnel Management Policies
Interoperability Agreements
Data Roles
Data Sensitivity Labeling and Handling
Data Wiping and Disposal
Privacy and Employee Conduct Policies
Security Policy Training
Forensic Procedures
Collecting Evidence
Capturing System Images
Handling and Analyzing Evidence -
Learning Objective:
Summarize the techniques used in security assessments
Explain the importance of security concepts in an enterprise environment.
Use the appropriate tool to assess organizational security
Summarize the importance of policies, processes, and procedures for incident response
Given an incident, utilize appropriate data sources to support an investigation
Apply mitigation techniques or controls to secure an environmentTopics:
Topology & Service Discovery
Packet Capture Tools
Remote Access Trojans
Honeypots and Honeynets
Incident Response Procedures
Preparation Phase
Identification Phase
Containment Phase
Eradication and Recovery Phases