Security+
Class Outline:
Description:
This course will prepare students to pass CompTIA’s Security+ certification exam. After taking this course, students will understand the field of network security and how it relates to other areas of information technology. This course also provides the broad-based knowledge necessary to prepare for further study in specialized security fields, or it can serve as a capstone course that gives a general introduction to the field.
Table of Contents:
Unit 1: Security overview
Topic A: Introduction to network security
Topic B: Understanding security threats
Topic C: Creating a secure network strategy
Topic D: Windows 2000 server access control
Unit 2: Authentication
Topic A: Introduction to authentication
Topic B: Kerberos
Topic C: Challenge Handshake Authentication Protocol
Topic D: Digital certificates
Topic E: Security tokens
Topic F: Biometrics
Unit 3: Attacks and malicious code
Topic A: Denial of service attacks
Topic B: Man-in-the-middle attacks
Topic C: Spoofing
Topic D: Replays
Topic E: TCP session hijacking
Topic F: Social engineering
Topic G: Attacks against encrypted data
Topic H: Software exploitation
Unit 4: Remote access
Topic A: Securing remote communications
Topic B: Authentication
Topic C: Virtual private networks
Topic D: Telecommuting vulnerabilities
Unit 5: E-mail
Topic A: Secure e-mail and encryption
Topic B: PGP and S/MIME encryption
Topic C: E-mail vulnerabilities
Unit 6: Web security
Topic A: SSL/TLS protocol
Topic B: Instant messaging
Topic C: Vulnerabilities of Web tools
Topic D: Configuring Internet Explorer security
Unit 7: Directory and file transfer services
Topic A: Introduction to directory services
Topic B: File transfer services
Topic C: File sharing
Unit 8: Wireless and instant messaging
Topic A: IEEE 802.11
Topic B: WAP 1.x and WAP 2.0
Topic C: Wired equivalent privacy
Topic D: Instant messaging
Unit 9: Network devices
Topic A: Understanding firewalls
Topic B: Routers
Topic C: Switches
Topic D: Telecom, cable modem, and wireless devices
Topic E: Securing remote access
Topic F: Intrusion detection systems
Topic G: Workstations and servers
Unit 10: Transmission and storage media
Topic A: Transmission media
Topic B: Storage media
Unit 11: Network security topologies
Topic A: Security topologies
Topic B: Network Address Translation
Topic C: Tunneling
Topic D: Virtual Local Area Networks
Unit 12: Intrusion detection
Topic A: Intrusion detection systems
Topic B: Network-based and host-based IDS
Topic C: Active and passive detection
Topic D: Honeypots
Topic E: Incident response
Unit 13: Security baselines
Topic A: OS/NOS hardening
Topic B: Network hardening
Topic C: Application hardening
Unit 14: Cryptography
Topic A: Concepts of cryptography
Topic B: Public Key Infrastructure (PKI)
Topic C: Key management and life cycle
Topic D: Setting up a certificate server
Unit 15: Physical security
Topic A: Access control
Topic B: Environment
Unit 16: Disaster recovery and business continuity
Topic A: Disaster recovery
Topic B: Business continuity
Topic C: Policies and procedures
Topic D: Privilege management
Unit 17: Computer forensics and advanced topics
Topic A: Understanding computer forensics
Topic B: Risk identification
Topic C: Education and training
Topic D: Auditing
Topic E: Documentation
Objectives:
-Define security terminology, explain the purpose and goals of network security policies, and outline various security threats.
-Understand the need for authentication and the development of authentication devices including Kerberos, CHAP, digital certificates, tokens, biometrics, mutual authentication, and multi-factor authentication.
-Identify the major types of attacks and malicious codes that commonly affect the confidentiality, integrity, and availability of networks; and discuss the business impact of security along with the countermeasures and best practices used to prevent or mitigate the effect of attacks and malicious codes.
-Understand the concepts and practices of remote access, including commonly used authentication protocols (IEEE 802.1X, RADIUS and TACACS+) and tunneling technologies (PPTP, L2TP, IPSec and Secure Shell).
-Discuss e-mail vulnerabilities and how to safeguard against them, and the benefits of PGP and S/MIME.
-Discuss Web security including SSL/TLC protocols; HTTPS as it relates to SSL; and the variety of mainstream Web tools such as JavaScript, Buffer Overflow, ActiveX, Cookies, Applets and SMTP that are commonly exploited by attackers on the Internet.
-Explain the benefits offered by centralized enterprise directory services such as LDAP over traditional authentication systems; discuss FTP vulnerabilities and alternatives to using FTP; and describe the threat posed to a network by unmonitored file shares.
-Identify aspects of security pertaining to wireless and instant messaging; explain WTLS and IEEE 802.11x vulnerabilities, site surveys, naming conventions and packet switching.
-Discuss the role of all major networking devices, including routers, switches, and firewall technology, in establishing a secure network; explain VPN and RAS technologies, discuss intrusion detection systems and perform network monitoring.