Course Description
You will implement and monitor security on networks, applications, and operating systems, and respond to security breaches.
Course Objectives
Upon successful completion of this course, students will be able to:
- Identify the fundamental concepts of computer security.
- Identify security threats and vulnerabilities.
- Examine network security.
- Manage application, data, and host security.
- Identify access control and account management security measures.
- Manage certificates.
- Identify compliance and operational security measures.
- Manage risk.
- Manage security incidents.
- Develop a BCP and DRP.
Who Should Attend?
This course is targeted toward the information technology (IT) professional who has networking and administrative skills in Windows®-based Transmission Control Protocol/Internet Protocol (TCP/IP) networks and familiarity with other operating systems, such as Mac OS® X, Unix, or Linux, and who wants to further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security+ Certification examination; or use Security+ as the foundation for advanced security certifications or career roles.
Course Length
5 days
Course Outline
Security Fundamentals
- The Information Security Cycle
- Information Security Controls
- Authentication Methods
- Cryptography Fundamentals
- Security Policy Fundamentals
Security Threats and Vulnerabilities
- Social Engineering
- Physical Threats and Vulnerabilities
- Network-Based Threats
- Wireless Threats and Vulnerabilities
- Software-Based Threats
Network Security
- Network Devices and Technologies
- Network Design Elements and Components
- Implement Networking Protocols
- Apply Network Security Administration Principles
- Secure Wireless Traffic
Managing Application, Data, and Host Security
- Establish Device/Host Security
- Application Security
- Data Security
- Mobile Security
Access Control, Authentication, and Account Management
- Access Control and Authentication Services
- Implement Account Management Security Controls
Managing Certificates
- Install a CA Hierarchy
- Enroll Certificates
- Secure Network Traffic by Using Certificates
- Renew Certificates
- Revoke Certificates
- Back Up and Restore Certificates and Private Keys
Compliance and Operational Security
- Physical Security
- Legal Compliance
- Security Awareness and Training
Risk Management
- Risk Analysis
- Implement Vulnerability Assessment Tools and Techniques
- Scan for Vulnerabilities
- Mitigation and Deterrent Techniques
Managing Security Incidents
- Respond to Security Incidents
- Recover from a Security Incident
Business Continuity and Disaster Recovery Planning
- Business Continuity
- Plan for Disaster Recovery
- Execute DRPs and Procedures
Mapping Course Content to the CompTIA® Security+® (Exam SY0-301) Objectives
Prerequisites
Basic Windows skills and a fundamental understanding of computer and networking concepts are required. Students can obtain this level of skill and knowledge by taking the following Element K courses: Introduction to Networks and the Internet and any one or more of the following:
- Introduction to Personal Computers: Using Windows 7
- Microsoft® Windows® 7: Level 1
CompTIA A+ and Network+ certifications, or equivalent knowledge, and six to nine months experience in networking, including experience configuring and managing TCP/IP, are strongly recommended. Students can obtain this level of skill and knowledge by taking any of the following courses:
- CompTIA® A+® Certification: A Comprehensive Approach for all 2009 Exam Objectives (Windows® 7)
- CompTIA® Network+® Certification (2009 Objectives)
Additional introductory courses or work experience in application development and programming or in network and operating system administration for any software platform or system are helpful but not required.
Exam
Students who wish to take the Security+ Certification exam must schedule and pay for the exam on their own through Pearson Vue (a Comptia testing partner).
Course Director
Patrick von Schlag
Mr. von Schlag has more than 25 years of real-world experience managing IT and business organizations. He has served as a consultant, facilitator, and instructor in support of more than 200 ITSM program deployments, with a focus on practical benefits. He holds all 11 ITIL 2011 certifications and runs an accredited learning consultancy focused on Making ITIL Work ™ in real organizations. His customer list includes The Walt Disney Company, Microsoft, Nike, Sears, US Marine Corps, US Army, US Air Force, 2nd and 5th Fleet US Navy, DISA, IRS, Federal Reserve, The Hartford, Citigroup, Amgen, Los Angeles County, Port of Long Beach, GDIT, Accenture, Serco, Deloitte, and hundreds of other market-leading companies.