CompTIA Security+ 2017 (SY0-401, SY0-501)



Disclaimer: Tech-Act is an independent training services provider. Any use of third party trademarks, brand names, products and services is only referential.Tech-Act disclaims any sponsorship, affiliation or endorsement of or by any third parties. Tech-Act is an authorized training partner only where explicitly stated and as listed here.



REQUEST INFORMATION


CompTIA Security+ 2017


About This Course

CompTIA certified Security+ course is a globally acknowledged IT training that validates vendor relevant IT security knowhow, fundamentals and skills. The course covers essential concepts of network risk management and security as a touchstone validating best practices in the IT security domain. CompTIA Security+ serves as a critical stepping-stone of an individual’s IT security profession.

Today, IT security sits at the top priority list of every organization’s IT strategy, since mobile and cloud technology have drastically transformed the way we have been doing business. With the humungous volumes of data being generated, transmitted and stored on both cloud and on-premise networks all across the world, it is imperative to have proper security protocols in place. This is where CompTIA Security+ comes into the picture. Yes, the Security+ certificate validates a candidate’s skillfulness and shrewdness in managing network and security.


Who Should Attend This Course

CompTIA Security+ is aimed at anyone, who intends to secure a job as an IT security expert or is looking to hone his/her network security skills. Moreover, the course is perfect for anyone interested in cybersecurity.

The course is just perfect for CIO or IT managers, who wish to extend their IT security knowhow.


Why This Course

Organizations across the world are startled by a range of cybersecurity attacks, which is the reason an increasing number of businesses are fortifying their IT security game plan. With the monstrous amount of data that businesses are generating, storing and transmitting, it is important than ever to have robust security practices in place. This brings into light CompTIA Security+ certification course, which validates that the candidate is skilled enough to manage security and network threats.

A CompTIA Security+ certified professional can handle:

  • Cryptography
  • Network security
  • Security risks and threats
  • Operational and compliance security
  • Host, data and application security
  • Cloud, wireless and mobile security
  • Identity management and control

Did you know that experts with CompTIA Security+ certification earn an average salary of around $81,467 / annum. (source: itcareerfinder.com)


Course Objectives

CompTIA Security+ certification course covers all things network and security:

  • Network security
  • Security threats
  • Compliance security
  • Data and application security
  • Cryptography
  • Risk management
  • Mobile security

Prerequisites

Prior understanding of IT administration and security is recommended for candidates intending to take up this course.


Course Benefits


Post the completion of course, you will be able to manage:

  • Network security
  • Cryptography
  • Operational and compliance security
  • security risks and threats
  • Host, data and application security
  • Identity management and control
  • Cloud, wireless and mobile security

Security+ certified experts can work as:

  • Network administrator
  • Security engineer or architect
  • Security consultant

Curriculum


Threats, Attacks and Vulnerabilities

Overview

This section focuses on CompTIA’s Security+ certifications. It is recognized worldwide as a benchmark for information system security best practices and is intended for aspiring IT security professionals entering into security.

Determining Types of Malware

This section discusses several different types of malware. It explores virus variations such as boot sector, polymorphic, macro, stealth viruses and ransomware. At the end it covers how a worm is different from a virus.

Types of Attacks

This section covers numerous types of attacks such as phishing, spear phishing, whaling, vishing, tailgating, impersonation, dumpster diving, shoulder surfing, hoaxes, and watering hole attacks.

Threat Vector Types and Attributes

This section covers different types of threat actors and vectord used to execute an attack. It explains Attacks are not always a one size, sometimes they may incorporate many techniques.

Penetration Testing Concepts

This section discusses concepts associates with penetration testing. It explains different levels of tests such as black, grey and white box testing.

Vulnerability Scanning Concepts

This section explains the importance of understanding how penetration testing differs from a vulnerability scan. It demonstrates a vulnerability scan in a pen test.

Impact of Various Vulnerabilities

This section explains how improperly configured accounts can impact an organizations security. It also covers memory buffer vulnerabilities, architecture or design weaknesses, zero day attacks, improper certificate and key management.

Technologies and Tools

Hardware Software Organizational Security

This section focuses on how both hardware and software impact organizations security. It explains different firewalls and the importance of their configurations. It also covers VPN Concentrators, Network Intrusion/Prevention Systems, and routers.

Security Posture Assessment

This section explains software-based utilities that can assist in remaining compliant with an organizations security posture. It demonstrates several tools such as Wireshark, Nexpose and other wireless scanners. At the end it covers command line utilities to assist in both Windows and Nix-based systems.

Troubleshoot Common Security Issues

This section covers different issues one may have to troubleshoot. It explains protocols that send information in clear or plain text such as FTP, Telnet, PAP and HTTP. It also discusses the importance of logs, permissions, access violations and certificate issues.

Analyze and Interpret Outputs

This section demonstrates how to interpret the output of some commonly used tools. It covers tools such as Microsoft’s AppLocker followed with assorted malware utilities.

Deploy Mobile Security

This section discusses the importance of mobile security. It explains the potential vulnerabilities and weaknesses of mobile security and how to increase security while using these devices.

Implement Secure Protocols

This section explains the importance of secure protocols and the port numbers associated with these protocols for proper configuration and network analysis

Architecture and Design

Best Practices and Secure Config Guides

This sections explores common best practices and security configuration covered in the Security+ exam. It explains standard frameworks to secure specialized environments.

Secure Network Architecture Concepts

This section explains how the successful network designs can improve the overall network security.

Secure System Design

This section explains how the design of individual devices may add an additional layer of security.

Secure Staging Deployment Concepts

This section covers secure staging deployment concepts, what is sandboxing and why its important, environment types including Development-Test-Staging-Production and what is Integrity Measurement.

Security Implications of Embedded Systems

Ths section discusses the security implications of embedded systems. It explains how SCADA systems can be used to perform serious attacks.

Secure App Development and Deployment

This section explains the development and deployment of secure applications. It covers development life-cycle models like Waterfall and Agile, secure DevOps, version control, secure coding techniques, code quality and testing, and compiled vs. runtime code.

Cloud and Virtualization Concepts

This section introduces different cloud and virtualization concepts. It covers Hypervisors, Cloud Storage, and Cloud deployment models like IaaS, SaaS, and PaaS. At the end it explains cloud access security brokers, VM Sprawl avoidance, and VM escape protections

Resiliency and Automation to Reduce Risk

This section explains how to use automation and resiliency to reduce risk. It shows with the use of standard procedures and automated task the amount of common error through human fallibility can be reduced.

Importance of Physical Security

This section covers the importance of physical security controls. It explains how each layer of security adds complexity. It also discusses about Faraday cages, lock types, biometrics etc.

Identity and Access Management

Identity and Access Management Concepts

This section covers identity and access management concepts. It explains Identification, Authentication/Authorization/Accounting (AAA), and Multi-factor Authentication practices.

Identity and Access Services

This section covers litany of Identity and Access services. It explains services like LDAP, Kerberos, PAP/CHAP/MSCHAP, RADIUS/TACACS+, SAML, OpenID Connect, OATH, Shibboleth, and NTLM.

Identity and Access Management Controls

This section dive into common Identity and Access Management Controls covered in the Security+ exam. It covers access control models like MAC, DAC, RBAC, ABAC, physical access, certificate-based controls and biometric factors.

Account Management Practices

This section explores common account management practices. It covers the different account types like user accounts, service accounts and privileged accounts.

Risk Management

Policies

This section dive into Policies, Plans, and Procedures. It covers different agreement types like BPA, SLA, ISA, and MOU/MOA.

Impact Business Analysis

This section covers identifying critical systems, privacy threshold assessments, privacy impact assessments, and mission essential functions.

Risk Management Processes and Concepts

This section explains risk management processes and concepts, components of threat assessments, differences between internal and external assessments, risk assessment, ALE=SLE *ARO – quantitative assessment, plus risk response techniques (or strategies).

Incident Response Procedures

This section explains incident types with appropriate response process measures.

Basic Concepts of Forensics

This section covers the basics of computer forensics such as Order of Volatility, Chain of Custody, Data Acquisition and Strategic Intelligence Gathering.

Disaster Recovery and Business Continuity

This section discusses the options in recovery sites, protocol or order for restoration and plus backup concepts.

Data Security and Privacy

This section discusses the options in recovery sites, protocol or order for restoration and plus backup concepts.

Cryptography and PKI

Basic Concepts of Cryptography

This section covers the basic concepts of Cryptography. It explains symmetric/asymmetric algorithms, modes of operation, hashing and salting. It also discusses the science of hiding data, and working with principles of encryption.

Cryptography Algorithms Basics

This section covers what are cryptography algorithms, basic characteristics, different types of cypher text, encryption keys, block stream cyphers, symmetric asymmetric algorithms, cypher modes, hashing algorithms, key stretching algorithms, Hashing Collision, obfuscation, and substitution cyphers.

Wireless Security

This section explores wireless security for the Security+ exam. It covers cryptographic protocols like WEP, WPA/WPA2, TKIP and authentication protocols like EAP, PEAP, IEEE 802.1x, and RADIUS.

Public Key Infrastructure

This section discusses public key infrastructure. It explains the basic design of a Certificate Authority hierarchy. It also covers different levels of validation, certificate formats and how to structure a Certificate Authority depending on your organizations need.

Schedule & Fees


SELF PACED Online INSTRUCTOR LED CLASSROOM
Duration 1 Year 5 Days 5 Days
Course Material
Exam Voucher
Face Time With Instructor
Course Price $499 On Request On Request
Enroll Now Enquire Now Enquire Now

Course FAQ


Why should I take up this course?

Businesses all around the world are gripped by the rising cyberattacks and ransomware incidents, which is why we are witnessing stringent and tighter IT security concepts. With the gigantic amount of business data that we are producing and transmitting, it is highly imperative to have stringent IT security protocols in place. This brings us to CompTIA Security+ certification, which validates a candidate to be proficient in managing network and security threats.
CompTIA Security+ certified professionals are pro in managing:

  • Cryptograph
  • Network security
  • Security risks and threats
  • Operational and compliance security
  • Host, data and application security
  • Cloud, wireless and mobile security
  • Identity management and control

How Tech-Act will help?

Tech-Act is one of the leading names in the IT domain with decades of experience under its wings. We ensure that all the candidates receive their training from top certified trainers. Moreover, ComptTIA Security+ reflects an ideal learning structure to assist candidates learn the course in a seamless manner. The curriculum covers all the essential skills needed to become a pro in Security+. Most importantly, Tech-Act allows you to choose the pace of the course giving you the flexibility you want.

Who will train me?

As Tech-Act is one of the leading names in the IT landscape, we understand the essence of IT security, which is why we ensure to get onboard best-in-class IT security experts for CompTIA Security+ certification program. Tech-Act is an authorized and recognized learning solutions partners for CompTIA, Project Management Institute, Red Hat, EC Council and others. In addition, we are a Person Vue Authorized Test Center with both online and classroom facilities.

What will the course cover?

CompTIA Security+ course covers all things network and security:

  • Network security
  • Security threats
  • Compliance security
  • Data and application security
  • Cryptography
  • Risk management
  • Mobile security

What's the eligibility criteria?

Security+ course is best-suited for anyone, who wishes to work as an IT security consultant or is looking to polish his/her network security skills. Moreover, the course is perfect for anyone interested in cybersecurity. Basic knowledge about IT administration/security is suggested.

Testimonials



0

Your Cart