CompTIA Security+ Prep Course
5 Day Boot Camp
- Mitigating Threats
- Core system maintenance
- Identifying common security threats
- Updating the operating system
- Managing software patches
- Installing service packs
- Determining whether you need to update your computer’s BIOS
- Configuring Windows Firewall
- Virus and spyware management
- Installing antivirus software
- Scanning your system for spyware
- Configuring Windows Mail to prevent spam
- Browser security
- Managing pop-ups
- Managing cookies
- Managing scripting, Java, and ActiveX components
- Examining input validation, buffer overflows, and XSS
- Social engineering threats
- Discussing social engineering
- Examining phishing
- Cryptography
- Symmetric cryptography
- Encrypting and decrypting data
- Calculating hashes
- Sharing a secret message with steganography
- Public key cryptography
- Exploring public key cryptography
- Examining certificates
- Examining certificate trusts
- Comparing single- and dual-sided certificates
- Mapping algorithms to applications
- Authentication Systems
- Authentication
- Identifying the components of authentication
- Comparing one-, two-, and three-factor authentication
- Capturing passwords with a protocol analyzer
- Installing Active Directory Services
- Joining a domain
- Hashing
- Hashing data
- Cracking passwords
- Authentication systems
- Identifying the requirements of a secure authentication system
- Examining the components of Kerberos
- Examining null sessions
- Comparing authentication systems
- Messaging Security
- E-mail security
- Identifying the security risks of an e-mail system
- Configuring security on an e-mail server
- Digitally signing a message
- Sending an encrypted message
- Messaging and peer-to-peer security
- Identifying the security risks of messaging systems
- Configuring security on an IM server
- Configuring IM client security
- User and Role-Based Security
- Security policies
- Creating a console to manage local security policies
- Using the GPMC
- Implementing domain GPOs
- Analyzing a Windows Vista computer’s security
- Securing file and print resources
- Creating users and groups based on security needs
- Securing file resources
- Securing printer resources
- Public Key Infrastructure (PKI)
- Key management and life cycle
- Understanding certificate life cycle and management
- Setting up a certificate server
- Installing a stand-alone root certificate authority (CA)
- Installing an enterprise subordinate CA
- Implementing a file-based certificate request
- Managing your certificate server
- Side trip: Granting the log on locally right
- Requesting a user certificate
- Revoking a certificate
- Enabling the EFS recovery agent template
- Enrolling for a recovery agent certificate
- Enabling key archival
- Re-enrolling all certificates
- Web server security with PKI
- Requesting and installing a web server certificate
- Enabling SSL for the certificate server web site
- Making a secure connection
- Requesting a client certificate via the web
- Access Security
- Biometric systems
- Identifying biometric authentication systems
- Installing a fingerprint reader
- Physical access security
- Identifying the risks associated with physical access to systems
- Examining logging and surveillance best practices
- Peripheral and component security
- Identifying the risks associated with common peripherals
- Mitigating security risks of peripherals
- Storage device security
- Enabling file-based encryption
- Enabling whole disk encryption systems (optional)
- Ports and Protocols
- TCP/IP review
- Examining protocols in the TCP/IP suite
- Comparing IPv4 and IPv6 packets
- Protocol-based attacks
- Preventing common protocol-based attacks
- Assessing your vulnerability to DDoS attacks
- Port scanning
- Checking ARP cache
- Examining spoofing attacks
- Examining replay and hijacking attacks
- Examining antiquated protocols
- Network Security
- Common network devices
- Examining switches and bridges
- Examining routers
- Examining NAT/PAT devices
- Examining firewalls and proxy servers
- Identifying inherent weaknesses in network devices
- Examining the ways to overcome device threats
- Secure network topologies
- Comparing firewall-based secure topologies
- Identifying the benefits of NAC
- Examining the security enabled by VPNs
- Browser-related network security
- Configuring the Phishing Filter
- Setting security zones
- Setting privacy options
- Virtualization
- Exploring the benefits of virtualization technologies
- Wireless Security
- Wi-Fi network security
- Identifying wireless networking vulnerabilities
- Scanning for insecure access points
- Installing third-party router firmware
- Configuring basic router security
- Enabling transmission encryption
- Non-PC wireless devices
- Identifying cell phone and PDA-related threats
- Remote Access Security
- Remote access
- Examining RADIUS and Diameter authentication
- Examining the role of LDAP in a remote access environment
- Examining TACACS+ authentication
- Examining how 802.1x adds security to your network
- Installing Network Policy and Access Services
- Configuring an NPS network policy
- Configuring NPS accounting
- Virtual private networks
- Comparing VPN protocols
- Installing Routing and Remote Access Services
- Enabling a VPN
- Configuring NPS to provide RADIUS authentication for your VPN
- Making a VPN connection
- Auditing, Logging, and Monitoring
- System logging
- Viewing event logs
- Discussing device and application logging
- Server monitoring
- Monitoring with Performance Monitor
- Running a Data Collector Set
- Viewing a Data Collector Set report
- Considering auditing policies and practices
- Vulnerability Testing
- Risk and vulnerability assessment
- Analyzing risks
- Installing the MBSA
- Analyzing your system with the MBSA
- Downloading and installing OVAL
- Downloading an OVAL XML file
- Scanning with OVAL
- Downloading and installing Nessus
- Scanning with Nessus
- IDS and IPS
- Discussing IDS characteristics
- Installing and monitoring with the Snort IDS
- Comparing HIDS and NIDS
- Examining the role and use of honeypots
- Forensics
- Examining the forensics process
- Organizational Security
- Organizational policies
- Creating a security policy
- Creating a human resources policy
- Creating an incidence response and reporting policy
- Implementing change management
- Education and training
- Identifying the need for user education and training
- Identifying education opportunities and methods
- Disposal and destruction
- Deciding whether to destroy or dispose of IT equipment
- Business Continuity
- Redundancy planning
- Identifying the need for and appropriate use of redundancy
- Creating a disaster recovery plan
- Backups
- Selecting backup schemes
- Backing up data
- Restoring data
- Identifying appropriate media rotation and storage plans
- Environmental controls
- Examining environmental controls
This course is also available on our public schedule via Live Virtual Classroom:
Contact us here.