Information Request










CompTIA Sec+ logo

 

 

 

 




Register Now



Course Number: Security+
Course Number for CompTIA Security+ Certcamp: Security+C

Duration: 3 day session or 5 day session

Instruction Method: Instructor Led classroom, Instructor Led virtual live, Group Onsite, Group virtual live

The CompTIA Security+ Certification is a vendor neutral credential. The CompTIA Security+ exam is an internationally recognized validation of foundation-level security skills and knowledge, and is used by organizations and security professionals around the globe.

Course Details


The CompTIA Security+ Certification is a vendor neutral credential. The CompTIA Security+ exam is an internationally recognized validation of foundation-level security skills and knowledge, and is used by organizations and security professionals around the globe.

The CompTIA Security+ exam will certify that the successful candidate has the knowledge and skills required to identify risk and participate in risk mitigation activities, provide infrastructure, application, operational and information security, apply security controls to maintain confidentiality, integrity and availability, identify appropriate technologies and products, and operate with an awareness of applicable policies, laws and regulations. The CompTIA Security+ Certification is aimed at an IT security professional who has:
 A minimum of 2 years experience in IT administration with a focus on security
 Day to day technical information security experience
 Broad knowledge of security concerns and implementation including the topics in the domain list below

CompTIA Security+ is ISO 17024 Accredited (Personnel Certification Accreditation) and, as such, undergoes regular reviews and updates to the exam objectives. The following CompTIA Security+ objectives reflect the subject areas in this edition of this exam, and result from subject matter expert workshops and industry-wide survey results regarding the skills and knowledge required of an information security professional with two years of experience.

This examination blueprint includes domain weighting, test objectives, and example content. Example topics and concepts are included to clarify the test objectives and should not be construed as a comprehensive listing of all the content of this examination. 

CompTIA Security+ Certification Exam Objectives:

1.0 Network Security

1.1 Explain the security function and purpose of network devices and technologies
 Firewalls
 Routers
 Switches
 Load Balancers
 Proxies
 Web security gateways
 VPN concentrators
 NIDS and NIPS (Behavior based, signature based, anomaly based, heuristic)
 Protocol analyzers
 Sniffers
 Spam filter, all-in-one security appliances
 Web application firewall vs. network firewall
 URL filtering, content inspection, malware inspection

1.2 Apply and implement secure network administration principles
 Rule-based management
 Firewall rules
 VLAN management
 Secure router configuration
 Access control lists
 Port Security
 802.1x
 Flood guards
 Loop protection
 Implicit deny
 Prevent network bridging by network separation
 Log analysis

1.3 Distinguish and differentiate network design elements and compounds
 DMZ
 Subnetting
 VLAN
 NAT
 Remote Access
 Telephony
 NAC
 Virtualization
 Cloud Computing
o Platform as a Service
o Software as a Service
o Infrastructure as a Service

1.4 Implement and use common protocols
 IPSec
 SNMP
 SSH
 DNS
 TLS
 SSL
 TCP/IP
 FTPS
 HTTPS
 SFTP
 SCP
 ICMP
 IPv4 vs. IPv6

1.5 Identify commonly used default network ports
FTP
 SFTP
 FTPS
 TFTP
 TELNET
 HTTP
 HTTPS
 SCP
 SSH
 NetBIOS

1.6 Implement wireless network in a secure manner
 WPA
 WPA2
 WEP
 EAP
 PEAP
 LEAP
 MAC filter
 SSID broadcast
 TKIP
 CCMP
 Antenna Placement
 Power level controls

2.0 Compliance and Operational Security

2.1 Explain risk related concepts

 Control types
o Technical
o Management
o Operational
 False positives
 Importance of polic
ies in reducing risk o Privacy policy
o Acceptable use
o Security policy
o Mandatory vacations
o Job rotation
o Separation of duties
o Least privilege
 Risk calculation
o Likelihood
o ALE
o Impact
 Quantitative vs. qualitative
 Risk-avoidance, transference, acceptance, mitigation, deterrence 
 Risks associated to Cloud Computing and Virtualization

2.2 Carry out appropriate risk mitigation strategies
 Implement security controls based on risk
 Change management
 Incident management
 User rights and permissions reviews
 Perform routine audits
 Implement policies and procedures to prevent data loss or theft

2.3 Execute appropriate incident response procedures
 Basic forensic procedures
o Order of volatility
o Capture system image
o Network traffic and logs
o Capture video
o Record time offset
o Take hashes
o Screenshots
o Witnesses
o Track man hours and expense
 Damage and loss control
 Chain of custody
 Incident response: first responder

2.4 Explain the importance of security related awareness and training
 Security policy training and procedures
 Personally identifiable information
 Information classification: Sensitivity of data (hard or soft)
 Data labeling, handling and disposal
 Compliance with laws, best practices and standards
 User habits
o Password behaviors
o Data handling
o Clean desk policies
o Prevent tailgating
o Personally owned devices
 Threat awareness
o New viruses
o Phishing attacks
o Zero days exploits
 Use of social networking and P2P

2.5 Compare and contrast aspects of business continuity
 Business impact analysis
 Removing single points of failure
 Business continuity planning and testing
 Continuity of operations
 Disaster recovery
 IT contingency planning
 Succession planning

2.6 Explain the impact and proper use of environmental controls
 HVAC
 Fire suppression
 EMI shielding
 Hot and cold aisles
 Environmental monitoring
 Temperature and humidity controls
 Video monitoring

2.7 Execute disaster recovery plans and procedures
 Backup / backout contingency plans or policies
 Backups, execution and frequency
 Redundancy and fault tolerance
o Hardware
o RAID
o Clustering
o Load balancing
o Servers
 High availability
 Cold site, hot site, warm site
 Mean time to restore, mean time between failures, recovery time objectives and recovery point objectives

2.8 Exemplify the concepts of confidentiality, integrity and availability (CIA)

3.0 Threats and Vulnerabilities

3.1 Analyze and differentiate among types of malware
 Adware
 Virus
 Worms
 Spyware
 Trojan
 Rootkits
 Backdoors
 Logic bomb
 Botnets

3.2 Analyze and differentiate among types of attacks
 Man-in-the-middle
 DDoS
 DoS
 Replay
 Smurf attack
 Spoofing
 Spam
 Phishing
 Spim
 Vishing
 Spear phishing
 Xmas attack
 Pharming
 Privilege escalation
 Malicious insider threat
 DNS poisoning and ARP poisoning
 Transitive access
 Client-side attacks

3.3 Analyze and differentiate among types of social engineering attacks
 Shoulder surfing
 Dumpster diving
 Tailgating
 Impersonation
 Hoaxes
 Whaling
 Vishing

3.4 Analyze and differentiate among types of wireless attacks
 Rogue access points
 Interference
 Evil twin
 War driving
 Bluejacking
 Bluesnarfing
 War chalking
 IV attack
 Packet sniffing

3.5 Analyze and differentiate among types of application attacks
 Cross-site scripting
 SQL injection
 LDAP injection
 XML injection
 Directory traversal/command injection
 Buffer overflow
 Zero day
 Cookies and attachments
 Malicious add-ons
 Session hijacking
 Header manipulation

3.6 Analyze and differentiate among types of mitigation and deterrent techniques
 Manual bypassing of electronic controls
o Failsafe/secure vs. failopen
 Monitoring system logs
o Event logs
o Audit logs
o Security logs
o Access logs
 Physical security
o Hardware locks
o Mantraps
o Video surveillance
o Fencing
o Proximity readers
o Access list
 Hardening
o Disabling unnecessary services
o Protecting management interfaces and applications
o Password protection
o Disabling unnecessary accounts
 Port security
o MAC limiting and filtering
o 802.1x
o Disabling unused ports
 Security posture
o Initial baseline configuration
o Continuous security monitoring
o remediation
 Reporting
o Alarms
o Alerts
o Trends
 Detection controls vs. prevention controls
o IDS vs. IPS
o Camera vs. guard

3.7 Implement assessment tools and techniques to discover security threats and vulnerabilities
 Vulnerability scanning and interpret results
 Tools
o Protocol analyzer
o Sniffer
o Vulnerability scanner
o Honeypots
o Honeynets
o Port scanner
 Risk calculations
o Threat vs. likelihood
 Assessment types
o Risk
o Threat
o Vulnerability
 Assessment technique
o Baseline reporting
o Code review
o Determine attack surface
o Architecture
o Design reviews

3.8 Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning
 Penetration testing
o Verify a threat exists
o Bypass security controls
o Actively test security controls
o Exploiting vulnerabilities
 Vulnerability scanning
o Passively testing security controls
o Indentify vulnerability
o Indentify lack of security controls
o Indentify common misconfiguration
 Black box
 White box
 Gray box

4.0 Application, Data and Host Security 
4.1 Explain the importance of application security
 Fuzzing
 Secure coding concepts
o Error and exception handling
o Input validation
 Cross-site scripting prevention
 Cross-site Request Forgery (XSRF) prevention
 Application configuration baseline (proper settings)
 Application hardening
 Application patch management

4.2 Carry out appropriate procedures to establish host security
 Operating system security and settings
 Anti-malware
o Anti-virus
o Anti-spam
o Anti-spyware
o Pop-up blockers
o Host-based firewalls
 Patch management
 Hardware security
o Cable locks
o Safe
o Locking cabinets
 Host software baselining
 Mobile devices
o Screen lock
o Strong password
o Device encryption
o Remote wipe/sanitation
o Voice encryption
o GPS tracking
 Virtualization

4.3 Explain the importance
 Data Loss Prevention (DLP)
 Data encryption
o Full disk
o Database
o Individual files
o Removable media
o Mobile devices
 Hardware based encryption devices
o TPM
o HSM
o USB encryption
o Hard drive
 Cloud computing

5.0 Access Control and Identity Management

5.1 Explain the function and purpose of authentication services
 RADIUS
 TACACS
 TACACS+
 Kerberos
 LDAP
 XTACACS

5.2 Explain the fundamental concepts and best practices related to authentication, authorization and access control
 Identification vs. authentication
 Authentication (single factor) and authorization
 Multifactor authentication
 Biometrics
 Tokens
 Common access card
 Personal identification verification card
 Smart card
 Least privilege
 Separation of duties
 Single sign on
 ACLs
 Access control
 Mandatory access control
 Discretionary access control
 Role/rule-based access control
 Implicit deny
 Time of day restrictions
 Trusted OS
 Mandatory vacations
 Job rotation

5.3 Implement appropriate security controls when performing account management
 Mitigates issues associated with users with multiple account/roles
 Account policy enforcement
o Password complexity
o Expiration
o Recovery
o Length
o Disablement
o Lockout
 Group based privileges
 User assigned privileges

6.0 Cryptography

6.1 Summarize general cryptography concepts
 Symmetric vs. asymmetric
 Fundamental differences and encryption methods
o Block vs. stream
 Transport encryption
 Non-repudiation
 Hashing
 Key escrow
 Steganography
 Digital signatures
 Use of proven technologies
 Elliptic curve and quantum cryptography

6.2 Use and apply appropriate cryptographic tools and products
 WEP vs. WPA/WPA2 and preshared key
 MD5
 SHA
 RIPEMD
 AES
 DES
 3DES
 HMAC
 RSA
 RC4
 One-time-pads
 CHAP
 PAP
 NTLM
 NTLMv2
 Blowfish
 PGP/GPG
 Whole disk encryption
 TwoFish
 Comparative strengths of algorithms
 Use of algorithms with transport encryption
o SSL
o TLS
o IPSec
o SSH
o HTTPS

6.3 Explain the core concepts of public key infrastructure
 Certificate authorities and digital certificates
o CA
o CRLs
 PKI
 Recovery agent
 Public key
 Private key
 Registration
 Key escrow
 Trust models

6.4 Implement PKI, certificate management and associated components
 Certificate authorities and digital certificates
o CA
o CRLs
 PKI
 Recovery agent
 Public key
 Private keys
 Registration
 Key escrow
 Trust models


Certification Information

The Security+ exam covers the most important foundational principles for securing a network and managing risk.  Access control, identity management and cryptography are important topics on the exam, as well as selection of appropriate mitigation and deterrent techniques to address network attacks and vulnerabilities.  Security concerns associated with cloud computing, BYOD and SCADA are addressed in the SY0-401 exam.

While there is no required prerequisite, Network+ certification is recommended before taking the Security+ exam.

 

To Request Schedules and Additional Course Details send an email to Training@certfirst.com or call 1-630-684-0355.

 

CompTIA Test Vouchers: Receive 10% on the CompTIA Test vouchers with our partner discount code “Certfirst2014″

Test Details
Launch Date April 2014
Number of questions Maximum of 90 questions
Type of questions Multiple choice and performance-based
Length of test 90 minutes
Passing score 750
(on a scale of 100-900)
Recommended experience Minimum of two years of experience in IT administration with a focus on security
Languages English initially; other languages to follow
Exam codes SY0-401
Contact your local representative for academic discount information
Retirement Date TBD – Usually three years after launch

 

 

Five Different Delivery Options:

 

 

For more information on how CertFirst can assist you please Contact Us

Payment Policy | Terms & Conditions

Close [X]