CompTIA Security + Certification

CompTIA Security+ is an accredited course that allows the candidates to understand the Network Security, Compliance and operative safety. The candidates will also get knowledge about Threats and weaknesses of the security model. The CompTIA plus training covers the Access control, identity management, and cryptography. By undergoing this course, the candidates can apply security controls to retain integrity, privacy, and availability. The Security training covers the security laws and regulations.

EXAM:

The important topics for the exam point of view are Access control, identity management, and cryptography. The other ones are mitigation and deterrent methods to address network attacks and susceptibilities.

Module1: An Overview of Security Threats and Controls

• What are Security Threats?
• What is the need of Security?
• Controlling Security of an organization
• Using Identification, Authentication, and Authorization in an organization
• The concept of attacks
• Types of attacks
• Mitigating attacks
• Recognizing risks
• Recognizing Assessment tools and methods

Module2: Describing Cryptography and Access Control

• An Introduction to Cryptography
• Uses of Cryptography
• Recognizing Hash Functions
• Difference between Symmetric and Asymmetric Encryption
• Recognizing Steganography
• understanding Public Key Infrastructure (PKI)
• The Implementation of PKI
• Creating keys
• Using and managing keys
• Using Key Recovery Agents and Revocations
• Using password authentication
• What are PAP and CHAP?
• Protecting passwords
• How be authentication secure?
• The types of authentication
• Understanding RADIUS and TACACS+
• Managing Account
• Using Privilege Policies
• An Introduction to Directory Services
• Managing user and group accounts

Module3: The Summary of Network Security

• What are network topologies?
• Analysis of Demilitarized Zones
• Switches Overview
• How routers and Network Address Translation are used?
• Security Appliances and Applications Overview
• Types of firewalls
• An overview of Intrusion Detection Systems and Wireless Network Security
• Using wireless LANs and wireless authentication
• Analysis of WEP and WPA
• An introduction to VPN and Remote Access Security
• Understanding Virtual Private Networks and IPsec
• An overview of Network Application Security
• An overview of DHCP, DNS, and SNMP Security
• Differentiate between IPv4 and IPv6

Module4: Host, Data, and Application Security

• What is Host security?
• What are computer and OS hardening?
• Managing Patch
• What is Network Access Control?
• The definition and importance of data security
• Need of Data encryption and Handling
• An overview of Data Loss Prevention and Data Wiping
• Using Web Services Security
• Analysis of SSL and TLS
• Concept of Web Servers and Load Balancers
• An Introduction to Web Application Security
• The databases of Web Application
• What are Exploits?
• Concept of Virtualization and its approaches
• What is Cloud Security?
• Using cloud computing
• The risks involved in cloud computing

Module5: Operational Security

• What is Site Layout and Access?
• An overview of Gateways and Locks
• The concept of hardware security
• The need of Environmental Control
• An Introduction to Mobile and Embedded Device Security
• What is BYOD model?
• Defining Mobile Device Security and Mobile Device Management
• An overview of risk management
• Executing risk calculation and mitigation
• Managing configurations
• Planning of Disaster Recovery
• Formation of Clusters
• An Introduction to Incident Responses procedure