CompTIA Security+

General Security Concepts

Overview/Description
To introduce the key principles of security for the enterprise

Target Audience
Network administrators, firewall administrators, system administrators, application developers, and IT security officers

Prerequisites
Knowledge and skills equivalent of those tested for in the CompTIA A+ and Network+ certification exams

Expected Duration
6 to 12 Hours

General Security Concepts

• Describe how to achieve CompTIA Security + Certification
• Discuss access control concepts
• Discuss access control types and models
• Discuss resource access control and system access control
• Identify the requirements for system access control and resource access control
• Explain how to implement resource access control and system access control
• Define the principles of authentication and discuss authentication methods
• Explain the features and operation of Kerberos
• Explain the authentication mechanisms used in PPP
• Describe threats to information security and network infrastructure
• Explain how different types of denial-of-service attacks affect a network
• Describe some of the common attacks that are carried out on networks
• Detail threats that arise specifically from hackers
• Set up and monitor a Telnet session using a protocol analyzer
• Discuss the threat of social engineering
• Describe how passwords are stored and explain why they are vulnerable to attack
• Explain why a strong password policy is important and what can be done to protect password files on UNIX and Windows systems
• Use the password cracking utility LC4 and employ it to audit passwords from a number of locations

Communications Security

Overview/Description
To introduce the key issues in communications security

Target Audience
Network administrators, firewall administrators, system administrators, application developers, and IT security officers

Prerequisites
Knowledge and skills equivalent of those tested for in the CompTIA A+ and Network+ certification exams

Expected Duration
6 to 12 Hours

Communications Security

• Explain the technologies used to implement VPNs for secure WAN communications
• Detail the features of a VPN solution for secure remote connectivity
• Implement a VPN solution for secure remote access
• Outline the RADIUS authentication mechanism
• Outline the TACACS+ authentication mechanism and compare it to the RADIUS authentication mechanism
• Describe WEP and the differences between the various wireless LAN standards
• Describe wireless LAN security attacks and explain how to prevent them
• Identify the strengths and weaknesses of various wireless LAN security techniques
• Identify appropriate security solutions for wireless LANs
• Explain corporate security policies and outline the procedures involved in performing a site survey
• Conduct a wireless LAN site survey
• Describe the WAP protocol and discuss mechanisms for protecting the WAP gateway
• Provide an overview of the various threats to web security
• Describe how Gnutella and peer-to-peer networks work and outline the security issues that arise from their use
• Understand the FTP protocol and outline the measures used to secure FTP
• Discuss the security implications of popular instant messaging applications
• Identify the various components of LDAP
• Describe the security methods associated with LDAP

Infrastructure Security

Overview/Description
To describe how to detect and respond to network intruders, understand operating system security, and describe LAN devices and topology

Target Audience
Network administrators, firewall administrators, system administrators, application developers, and IT security officers

Prerequisites
Knowledge and skills equivalent of those tested for in the CompTIA A+ and Network+ certification exams

Expected Duration
7.25 to 14.5 Hours

Infrastructure Security

• Discuss the principles of detecting network intruders
• Describe how to distract network intruders and limit the damage they can cause
• Set up a decoy account and monitor both failed and successful login attempts
• Describe the characteristics and features of intrusion detection systems
• Describe the different types of intrusion detection mechanisms
• Discuss the deployment of intrusion detection systems
• Discuss how to respond to and manage computer-related security incidents
• Recognize the functionality and deployment issues of intrusion detection
• Describe network components and their application
• Explain the role of bridges, switches, and routers in a network
• Describe the basic operation of firewalls and proxy servers
• Describe the various frauds that are carried out on PBX systems
• Identify the different types of networking media that are used at the physical layer of the OSI model
• Describe Windows NT and Windows 2000 security issues
• Identify the threats to system security, both intentional and unintentional
• Run a security scan on a networked workstation
• Outline the main components of OS security
• Explain changes that can be made to an OS to make it more secure
• Discuss Windows 2000 Registry security
• Perform tasks to improve the security of the Windows OS
• Describe how VLANs operate
• List the components of NAT and explain when NAT should be implemented

Encryption Technologies

Overview/Description
To discuss techniques for encrypting information

Target Audience
Network administrators, firewall administrators, system administrators, application developers, and IT security officers

Prerequisites
Knowledge and skills equivalent of those tested for in the CompTIA A+ and Network+ certification exams

Expected Duration
4.75 to 9.5 Hours

Encryption Technologies

• Outline the history of encryption and the reasons why encryption is important
• Outline the principles of symmetric encryption
• Explain what a block cipher is and identify the algorithms that use them
• Discuss the fundamentals of asymmetric encryption
• Explain the functionality of hashes and message functions in protecting the integrity of encrypted data
• Describe the processes involved in symmetric and asymmetric encryption
• Outline the different methods of managing encryption keys
• Discuss some practical applications of encryption
• Implement a secure encryption scheme on a computer
• Exchange encrypted e-mails
• Explain the use of certificates for trusted secure public-key implementation
• Describe revocation and nonrepudiation of public-key certificates
• Discuss the X.509 standard for public-key certificates
• Describe public-key infrastructure and Secure Electronic Transactions (SETs)
• Outline certificate practices, policies, and paths

Operational and Organizational Security

Overview/Description
To present the key issues and policy requirements for organizational and operational security

Target Audience
Network administrators, firewall administrators, system administrators, application developers, and IT security officers

Prerequisites
Knowledge and skills equivalent of those tested for in the CompTIA A+ and Network+ certification exams

Expected Duration
6 to 12 Hours

Operational and Organizational Security

• Discuss the reason for business continuity plans
• Discuss the reason for and the process involved in creating a disaster recovery plan
• Discuss the reasons why business continuity plans are used and how to create them
• Describe how to develop a business impact assessment and a business continuity plan
• Discuss the process involved in maintaining and testing a disaster recovery plan
• Explain the underlying concepts and principles of security management
• List and explain the recognized industry standards and recommendations that address information and network security
• Define security policy and identify issue-specific security policy documents
• Design a security policy document
• Discuss employment practices in the workplace
• Describe the controls that are available to protect resources, restrict privileges, and limit the risk of access abuse in a network environment
• Describe the technologies and controls that make a working environment secure
• Describe the technologies and controls that make a safe working environment
• Identify the environmental safeguards and security strategies required to make a site secure
• Describe the technologies and controls that restrict access to a working environment and control data confidentiality
• Discuss risk management and its requirements with reference to security issues
• Describe the processes involved in implementing information risk management
• Explain how computer crime investigations are conducted