CompTIA Training Overview
CompTIA® Security+® (Exam SY0-301) is the primary course you will need to take if your job responsibilities include securing network services, devices, and traffic and your organization as a whole including the physical security elements and operational security measures. It is also the main course you will take to prepare for the CompTIA Security+ Certification examination. In this course, you will build on your knowledge and professional experience with security fundamentals, networks, and organizational security as you acquire the specific skills required to implement basic security services on any type of computer network.
This course can benefit you in two ways. If you intend to pass the CompTIA Security+ (Exam SY0-301) Certification examination, this course can be a significant part of your preparation. But certification is not the only key to professional success in the field of computer security. Today's job market demands individuals with demonstrable skills, and the information and activities in this course can help you build your computer security skill set so that you can confidently perform your duties in any security-related professional role.
CompTIA Training Prerequisites
Basic Windows skills and a fundamental understanding of computer and networking concepts are required. Students can obtain this level of skill and knowledge by taking one or both of the following courses:
CompTIA A+ and Network+ certifications, or equivalent knowledge, and six to nine months experience in networking, including experience configuring and managing TCP/IP, are strongly recommended. Students can obtain this level of skill and knowledge by taking any of the following courses:
- Using Microsoft® Windows® 8
- Microsoft® Windows® 8 Transition from Windows® 7
Additional introductory courses or work experience in application development and programming or in network and operating system administration for any software platform or system are helpful but not required.
- CompTIA® A+® Certification: A Comprehensive Approach (Exams 220-801 and 220-802)
- CompTIA® Network+® (Exam N10-005)
CompTIA Training Audience
This course is targeted toward the information technology (IT) professional who has networking and administrative skills in Windows®-based Transmission Control Protocol/Internet Protocol (TCP/IP) networks and familiarity with other operating systems, such as Mac OS® X, Unix, or Linux, and who wants to further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security+ Certification examination; or use Security+ as the foundation for advanced security certifications or career roles.
CompTIA Training Course duration
Course-specific Technical Requirements
To run this course, make sure all equipment is designed for Microsoft® Windows Server® 2008 R2. You will need one computer for each student and one for the instructor. Each computer will need to meet the recommended hardware specifications for Windows Server 2008 R2 as well as the classroom hardware specifications:
- 1.4 gigahertz (GHz) (single 64-bit processor) or 1.3 GHz (dual core).
- 1 gigabyte (GB) of Random Access Memory (RAM) or greater.
- 80 GB hard disk or larger.
- Super VGA (SVGA) or higher resolution monitor capable of a screen resolution of at least 1024 x 768 pixels, at least 256-color display, and a video adapter with at least 4 MB of memory.
- Bootable DVD-ROM drive.
- Mouse or compatible tracking device.
- Network adapter and cabling connecting each classroom computer.
- Network interface card and network cabling.
- IP addresses that do not conflict with other portions of your network.
- Internet connectivity is not required, but is recommended.
- The instructor computer will need a display system to project the instructor's computer screen.
This course was developed and tested on Microsoft Windows Server 2008 R2. During development, Service Pack 1 for Windows Server 2008 R2 was released. The activities in the course were not tested with the service pack, so if you choose to install it, keying activities may vary.Windows Server 2008 requires activation unless you have a volume-licensing agreement. There is a grace period for activation. If the duration of your class will exceed the activation grace period (for example, if you are teaching the class over the course of an academic semester), you must activate the installations at some point before the grace period expires. Otherwise, those operating systems will stop working before the class ends.
CompTIA Training Course outline
- Microsoft Windows Server 2008 R2, Enterprise Edition, with sufficient licenses.
- Microsoft Baseline Security Analyzer version 2.2 (MBSASetup-x64-EN.msi), available from www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=02be8aee-a3b6-4d94-b1c9-4b1989e0900c. (You will need to download this tool from a valid copy of Microsoft Windows.)
- The Microsoft Windows Malicious Software Removal Tool (KB890830), available from www.microsoft.com/downloads/en/details.aspx?FamilyID=585d2bde-367f-495e-94e7-6349f4effc74.
- The Microsoft Network Monitor 3.4 (NM34_x64.exe) available from www.microsoft.com/downloads/en/details.aspx?FamilyID=983b941d-06cb-4658-b7f6-3088333d062f&displaylang=en
- Security Update Windows KB2259539 (Windows6.1-KB2259539-x64.msu) available from www.microsoft.com/downloads/en/details.aspx?FamilyID=4eaf707a-e042-483e-a9b6-c2777f18c431 or by searching for KB2259539 on the microsoft.com website.
- Third-party security tools: SuperScan, Cain & Able, and Snort. See the Class Setup section for details.
Lesson 1: Security Fundamentals
Lesson 2: Security Threats and Vulnerabilities
- Topic A: The Information Security Cycle
- Topic B: Information Security Controls
- Topic C: Authentication Methods
- Topic D: Cryptography Fundamentals
- Topic E: Security Policy Fundamentals
Lesson 3: Network Security
- Topic A: Social Engineering
- Topic B: Physical Threats and Vulnerabilities
- Topic C: Network-Based Threats
- Topic D: Wireless Threats and Vulnerabilities
- Topic E: Software-Based Threats
Lesson 4: Managing Application, Data, and Host Security
- Topic A: Network Devices and Technologies
- Topic B: Network Design Elements and Components
- Topic C: Implement Networking Protocols
- Topic D: Apply Network Security Administration Principles
- Topic E: Secure Wireless Traffic
Lesson 5: Access Control, Authentication, and Account Management
- Topic A: Establish Device/Host Security
- Topic B: Application Security
- Topic C: Data Security
- Topic D: Mobile Security
Lesson 6: Managing Certificates
- Topic A: Access Control and Authentication Services
- Topic B: Implement Account Management Security Controls
Lesson 7: Compliance and Operational Security
- Topic A: Install a CA Hierarchy
- Topic B: Enroll Certificates
- Topic C: Secure Network Traffic by Using Certificates
- Topic D: Renew Certificates
- Topic E: Revoke Certificates
- Topic F: Back Up and Restore Certificates and Private Keys
Lesson 8: Risk Management
- Topic A: Physical Security
- Topic B: Legal Compliance
- Topic C: Security Awareness and Training
Lesson 9: Managing Security Incidents
- Topic A: Risk Analysis
- Topic B: Implement Vulnerability Assessment Tools and Techniques
- Topic C: Scan for Vulnerabilities
- Topic D: Mitigation and Deterrent Techniques
Lesson 10: Business Continuity and Disaster Recovery Planning
- Topic A: Respond to Security Incidents
- Topic B: Recover from a Security Incident
Appendix A: CompTIA® Security+® (Exam SY0-301) Objectives Mapping
- Topic A: Business Continuity
- Topic B: Plan for Disaster Recovery
- Topic C: Execute DRPs and Procedures