Security Specialist (Security +)

Description:
Course will provide IT professionals with the knowledge of information security fundamentals including including communication security, infrastructure security, cryptography, access control, authentication, external attack and operational and organization security.

Exams
The skilled security professionals are always in demand, including government, public and priviate sectors. The exam is provided by CompTIA Security+TM.

Duration: 1 wk


Prerequisites: Experience in network administration with a focus on security. Some knowledge of security concerns and implementations.

Learning process:
Lecturing and an overview of recommended study methods.

Schedule:
Day 1: Systems Security
Day 2: Network Infrastructure
Day 3: Access Control
Day 4: Assessments & Audits
Day 5: Cryptography, Organizational Security


Course Outline:
1.0 Systems Security
1.1 Differentiate among various systems security threats.
1.2 Explain the security risks pertaining to system hardware and peripherals.
1.3 Implement OS hardening practices and procedures to achieve workstation and server security.
1.4 Carry out the appropriate procedures to establish application security.
1.5 Implement security applications.
1.6 Explain the purpose and application of virtualization technology.
2.0 Network Infrastructure
2.1 Differentiate between the different ports & protocols, their respective threats and mitigation techniques.
2.2 Distinguish between network design elements and components.
2.3 Determine the appropriate use of network security tools to facilitate network security.
2.4 Apply the appropriate network tools to facilitate network security.
2.5 Explain the vulnerabilities and mitigations associated with network devices.
2.6 Explain the vulnerabilities and mitigations associated with various transmission media.
2.7 Explain the vulnerabilities and implement mitigations associated with wireless networking.
3.0 Access Control
3.1 Identify and apply industry best practices for access control methods.
3.2 Explain common access control models and the differences between each.
3.3 Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges.
3.4 Apply appropriate security controls to file and print resources.
3.5 Compare and implement logical access control methods.
3.6 Summarize the various authentication models and identify the components of each.
3.7 Deploy various authentication models and identify the components of each.
3.8 Explain the difference between identification and authentication (identity proofing).
3.9 Explain and apply physical access security methods.
4.0 Assessments & Audits
4.1 Conduct risk assessments and implement risk mitigation.
4.2 Carry out vulnerability assessments using common tools.
4.3 Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning.
4.4 Use monitoring tools on systems and networks and detect security-related anomalies.
4.5 Compare and contrast various types of monitoring methodologies.
4.6 Execute proper logging procedures and evaluate the results.
4.7 Conduct periodic audits of system security settings.
5.0 Cryptography
5.1 Explain general cryptography concepts.
5.2 Explain basic hashing concepts and map various algorithms to appropriate applications.
5.3 Explain basic encryption concepts and map various algorithms to appropriate applications.
5.4 Explain and implement protocols.
5.5 Explain core concepts of public key cryptography.
5.6 Implement PKI and certificate management.
6.0 Organizational Security
6.1 Explain redundancy planning and its components.
6.2 Implement disaster recovery procedures.
6.3 Differentiate between and execute appropriate incident response procedures.
6.4 Identify and explain applicable legislation and organizational policies.
6.5 Explain the importance of environmental controls.
6.6 Explain the concept of and how to reduce the risks of social engineering.
7.0 Security acronyms


Next step: Training in advanced security topics.

For additional information please call us at 312.804.0772 or send us an email at abrar@ecgmn.com or use our contact form.

Home Page