LearnKey Training

Security+ (SY0-401) Course - Retiring July 2018

Security+ (SY0-401) Course - Retiring July 2018

Back to Product Page


Security+ (SY0-401) Course - Retiring July 2018

7 Sessions -
19 Hours of Interactive Training

In LearnKey's Security+ course students will develop their understanding of network administration by gaining this CompTIA certification. Students will develop an understanding of network administration and will learn how to secure and manage all facets of a network from CPU cycles to software used by individuals or across a network. Security+ is the next level to attain certification for every IT network administrator.

Benefits
  • Get prepared for exam SY0-401
  • Put your skills to the test with hundreds of Pre/Post-Test questions
  • View your online courseware anytime anywhere

About The Author
Tom Carpenter is a trainer, consultant and author specializing in networking technologies and Microsoft solutions. Tom has written more than 15 books on topics ranging from Windows Server to wireless networking. He has trained more than 30,000 IT professionals since 1997 in face-to-face training classes and he has taught more than 60,000 through webinars and online training programs. He holds certifications with Microsoft, CompTIA and CWNP and is the current CTO for CWNP - the premiere 802.11 wireless administration certification program. With more than 20 years experience in the IT industry, Tom brings a wealth of experience to any training program.

Session 1

Section A: Introduction

  • Security Knowledge
  • Knowledge Domains
  • Exam Prerequisites
  • Take the Exam
  • Exam Preparation Tips

Section B: Principles and Concepts

  • CIA - Confidentiality
  • CIA - Integrity
  • CIA - Availability
  • AAA
  • Authentication
  • Authentication Factors
  • Authorization
  • Accounting
  • CHAP
  • Identification
  • Least Privilege
  • Attack Surface
  • Defense in Depth
  • Threats and Risks
  • Types of Attackers
  • Safety Controls

Section C: Assessment Tools

  • Vulnerabilities
  • Threats
  • Risks
  • Assessment Techniques
  • Assessment Tools
  • Protocol Analyzer

Section D: Risk Mitigation

  • Risk Mitigation Process
  • Quantitative vs. Qualitative
  • ALE
  • Failure Realities
  • Risk Response
  • Risk Mitigation Strategies
  • Threat Vector

Section E: Incident Response

  • Incident Response Policy
  • Incident Response Policy Contents
  • Preparation
  • Incident Identification
  • Containment
  • Eradication
  • Recovery and Reconstitution Procedures
  • Follow-Up
  • Additional Considerations

Section F: Security Policies

  • Common Security Policies
  • Acceptable Use Policy
  • Due Care Policy
  • Privacy
  • Separation of Duties
  • Need to Know
  • Password Management
  • Service Level Agreement
  • Disposal and Destruction
  • Additional Policy Concerns
  • SANS.ORG Policy Project

Section G: Security Awareness Training

  • Education
  • Communication
  • User Awareness Training
  • Types of Training
  • User Behaviors
  • Threat Awareness

Session 2

Section A: Risk Management Best Practices

  • Business Continuity Concepts
  • Threats to Continuity
  • Business Impact Analysis
  • Operations Continuity
  • Disaster Recovery
  • Remove Single Points of Failure
  • IT Contingency Plan
  • Continuity Documentation
  • Continuity of Operations
  • Succession Plan
  • Fault Tolerance

Section B: Network Infrastructure Devices

  • Ethernet Switch
  • Ports
  • Ethernet Speeds
  • PoE Switches
  • Management Methods
  • Multilayer Switches
  • Routers
  • Routing Tables
  • IPv4 Entries
  • How Routing Works
  • Static Routing
  • Dynamic Routing
  • Secure Configuration

Section C: Network Services

  • Connection Points
  • Unified Threat Management
  • Resolve Computer Names
  • DNS Server Role
  • Configure DNS Zone
  • Create a DNS Host Record

Section D: VLAN and Network Design

  • Subnetting
  • Network Perimeters
  • DMZ
  • VLAN Defined
  • VLAN Example
  • VLAN Tagging
  • VLAN Trunk Example
  • Layered Security
  • Network Access Control
  • Telephony

Section E: TCP/IP Networking

  • TCP/IP Suite
  • TCP/IP Architecture
  • IPv4
  • IPv4 Addressing
  • IPv4 Address Classes
  • IPv4 Address Types
  • IPv4 Reserved Addresses
  • IPv4 Subnetting
  • IPv6
  • IPv6 Addressing
  • Transmission Methods
  • OSI Model
  • OSI vs. TCP/IP
  • OSI Protocols

Section F: Common Network Protocols

  • HTTP
  • HTTPS Connections
  • FTP, SFTP, and FTPS
  • IPSec
  • Secure Shell
  • SCP
  • Additional Protocols
  • ICMP

Section G: Protocol Ports

  • Port Numbers
  • Protocol Port Numbers
  • Angry Scanner

Session 3

Section A: Understanding Firewalls

  • Network Firewalls
  • Firewalls Defined
  • Packet Filtering Firewalls
  • Stateful Inspection Firewalls
  • Proxy Firewalls
  • Personal Firewalls
  • Web Security Gateways
  • Rules-Based Management
  • Windows Firewall Features
  • Windows Firewall Rules

Section B: Security-Related Network Tools

  • Spam
  • Spam Filtering
  • Application-Aware Devices
  • Protocol Analyzers
  • Install Wireshark
  • Create a Capture with Wireshark
  • Analyze a Capture
  • Further Analysis of a Capture
  • View Reports in Wireshark

Section C: Wireless Networking

  • Original 802.11
  • 802.11b and 802.11a
  • 802.11g
  • 802.11n
  • 802.11ac
  • Wireless Access Point
  • Wireless LAN Routers
  • Wireless Bridges
  • Wireless Repeaters
  • Wireless Controllers
  • Wireless Security Solutions
  • 802.1X and EAP
  • False Assurance of Wi-Fi Security
  • Cell Size Adjustment Myths

Section D: Application Servers

  • Web Applications Defined
  • Web App Implementations
  • Application Tiers
  • SharePoint Farms
  • Security Issues in Web Applications

Section E: Data and Database Servers

  • Data Storage Methods
  • Managing Shares
  • Database Servers
  • What is SQL?
  • SQL Versions
  • Select Statements
  • Select in Apps

Section F: Understanding Authentication

  • Authentication Defined
  • Credential Types
  • Weak Authentication Methods
  • Strong Authentication Methods
  • Passwords and Authentication
  • Other Authentication Credentials
  • Single Sign-On
  • Enterprise Trust
  • Access Control
  • Account Policy Enforcement
  • Additional Authorization Factors

Section G: Authentication Services

  • RADIUS Servers
  • User Directories
  • Active Directory
  • RADIUS Server Selection
  • TACACS and TACACS+
  • Additional Protocols

Session 4

Section A: Cryptography Basics

  • Cryptography Defined
  • Simple Encryption
  • Cryptography Concepts
  • Uses of Cryptography
  • Types of Encryption
  • Symmetric Encryption
  • Symmetric Algorithms
  • Symmetric Encryption in Action
  • Asymmetric Encryption
  • ECC and Quantum Cryptography
  • Steganography
  • Additional Cryptography Concepts

Section B: Cryptography Tools

  • Symmetric Ciphers
  • Asymmetric Ciphers
  • Hashing Algorithms
  • Authentication and Encryption
  • Algorithm Strengths
  • Data Encryption Options
  • Transport Encryption
  • Cipher Suites
  • CrypTool
  • Caesar Encryption

Section C: Public Key Infrastructure

  • PKI
  • PKI Trust Models
  • PKI Management
  • Setup and Initialization
  • Administration
  • Key Management
  • Administrative Responsibilities
  • User Certificates
  • Key Escrow and Recovery
  • Key Recovery Agent
  • Securing Web Server
  • Commercial Certificate
  • HTTPS Connections

Section D: Authentication and Cryptography Attacks

  • Password Attacks
  • Weak Authentication
  • Connect to FTP Server
  • Cryptography Attacks

Section E: Wired Network Attacks

  • DoS Attack
  • TCP Three-Way Handshake
  • Smurf Attack
  • Ping of Death Attacks
  • DDoS Attacks
  • DDoS Attack Protection
  • Xmas Attack
  • Man-in-the-Middle Attack
  • IP Address Spoofing
  • ARP Poisoning
  • Spoofing Attack
  • Replay Attack
  • TCP/IP Hijacking

Section F: Wireless Network Attacks

  • Inherent Wi-Fi Threats
  • Wi-Fi Attack Methods
  • Mobile Device Attack
  • Weak Wireless Security
  • Wireless Security Solutions
  • Enterprise Wireless Security

Session 5

Section A: Application Vulnerabilities

  • Buffer Overflow Defined
  • Buffer Overflow Dependencies
  • Cross-Site Scripting
  • Code Attacks
  • Web Server Exploits

Section B: Database Attacks

  • DBMS Vulnerabilities
  • DBMS Security
  • Additional Database Concerns
  • SQL Injection in OWASP
  • SQL Server Management Studio
  • Permission Management

Section C: Server Vulnerabilities

  • Transitive Access
  • Privilege Escalation
  • Client-Side Attacks
  • Escalation Batch File
  • Run Batch File

Section D: Malware Issues

  • Viruses Defined
  • Worms Defined
  • Types of Viruses
  • Indications of Viral Infection
  • Virus Phases
  • Trojan Horses Defined
  • Common Trojan Horse Programs
  • Additional Malware
  • Antimalware
  • Windows Defender

Section E: Social Engineering

  • What is Social Engineering?
  • Example Attacks
  • Dumpster Diving
  • Shoulder Surfing
  • Eavesdropping, Inside Attacks
  • Outside Attacks
  • Phishing Attacks
  • Whaling and Vishing
  • Identify Theft
  • Countermeasures

Section F: Additional Attacks

  • Spam and Spim
  • Malicious Insider Threat
  • Scanning Defined
  • Scanning Methods
  • Password Attacks
  • SHA-1 Hash Generator

Section G: Covering Tracks and Backdoors

  • Owning the Box
  • Rootkit Limitations
  • Backdoors
  • Install Telnet

Session 6

Section A: Detecting Attacks

  • Control Types
  • Log Analysis
  • Configure Audit Logs
  • Event Viewer
  • Set an Alert

Section B: Automated Detecting

  • Intrusion Monitoring Systems
  • Intrusion Detection Systems
  • IDS Intrusion Detection
  • Intrusion Prevention Systems
  • IDS States
  • Indications of Intrusion
  • IPS Implementations
  • IPS Responses
  • WIPS
  • WIPS Device Detection
  • Detection and Prevention Controls

Section C: Physical Security

  • Locks
  • Authentication
  • Security Personnel
  • Video Surveillance
  • Fasteners
  • Premises Access Control
  • Device and Cable Access
  • Control Types

Section D: Environmental Controls

  • Fire Suppression
  • Fire Extinguisher Ratings
  • Contents of a Fire Extinguisher
  • Fire Safety Guidelines
  • HVAC
  • Shielding
  • Monitoring Systems
  • NOC Controls

Section E: Secure Administration

  • Security Posture

Section F: Server Hardening

  • User Rights Assignment
  • Password Policy Baseline
  • Permissions Baselines
  • Application Rights Baseline
  • Service Management
  • Management Interfaces and Applications
  • Manage Access Control
  • Password Protection
  • Disabling Unnecessary Accounts

Section G: Network Interface Security

  • Port Security
  • Port Security Violation Modes
  • Port-Based Authentication
  • 802.1X Components
  • 802.1X Demonstrated
  • Typical 802.1X Deployment
  • Looping in Switched Networks
  • Spanning Tree Protocol
  • Preventing Bridging
  • Router Security

Session 7

Section A: Vulnerability Scan

  • Vulnerability Scanning
  • Scanning Tools
  • Penetration Testing
  • Vulnerability Scanner
  • Port Scanner
  • Port Scanner Results

Section B: Application Security

  • Application Security Methods
  • Preventing XSS
  • Validation Methods
  • NoSQL vs. SQL

Section C: Update and Patch Management

  • Patch Management
  • Microsoft Updates
  • Windows Update
  • Group Policy

Section D: Virtualization and Cloud Computing

  • Virtual Machine
  • Virtualization Solutions
  • Virtualization Risks
  • Virtualization Features
  • Cloud Computing
  • Third-Party Security
  • Interoperability Agreements

Section E: General Hardening and Forensics

  • OS Hardening
  • Group Policy Security
  • Application Control
  • Data Policies
  • Forensic Procedures

Section F: Static Devices

  • Static Environments
  • Security Methods
  • Firmware at Website

Section G: Mobile Security Concepts

  • The Situation
  • Mobile Device Protection
  • Mobile Device Management
  • Application Security
  • Bring Your Own Device
  • BYOD Concerns