CompTIA Security+ Training

• 1.1 Implement security configuration parameters on network devices and other technologies.
  • Firewalls
  • Routers
  • Switches
  • Load balancers
  • Proxies
  • Web security gateways
  • VPN concentrators
  • NIDS and NIPS
    • Behavior-based
    • Signature-based
    • Anomaly-based
    • Heuristic
  • Protocol analyzers
  • Spam filter
  • UTM security appliances
    • URL filter
    • Content inspection
    • Malware inspection
  • Web application firewall vs. network firewall
  • Application aware devices
    • Firewalls
    • IPS
    • IDS
    • Proxies
• 1.2 Given a scenario, use secure network administration principles
  • Rule-based management
  • Firewall rules
  • VLAN management
  • Secure router configuration
  • Access control lists
  • Port security
  • 802.1x
  • Flood guards
  • Loop protection
  • Implicit deny
  • Network separation
  • Log analysis
  • Unified threat management
• 1.3 Explain network design elements and components.
  • DMZ
  • Subnetting
  • VLAN
  • NAT
  • Remote access
  • Telephony
  • NAC
  • Virtualization
  • Cloud computing
    • PaaS
    • SaaS
    • IaaS
    • Private
    • Public
    • Hybrid
    • Community
• 1.4 Given a scenario, implement common protocols and services.
  • Protocols
    • IPsec
    • SNMP
    • SSH
    • DNS
    • TLS
    • SSL
    • TCP/IP
    • FTPS
    • HTTPS
    • SCP
    • ICMP
    • IPv4
    • IPv6
    • iSCSI
    • Fibre Channel
    • FCoE
    • FTP
    • SFTP
    • TFTP
    • TELNET
    • HTTP
    • NetBIOS
  • Ports
    • 21
    • 22
    • 25
    • 53
    • 80
    • 110
    • 139
    • 143
    • 443
    • 3389
  • OSI relevance
• 1.5 Given a scenario, troubleshoot security issues related to wireless networking.
  • WPA
  • WPA2
  • WEP
  • EAP
  • PEAP
  • LEAP
  • MAC filter
  • Disable SSID broadcast
  • TKIP
  • CCMP
  • Antenna placement
  • Power level controls
  • Captive portals
  • Antenna types
  • Site surveys
  • VPN (over open wireless)

For more information, contact one of our course advisors

• 2.1 Explain the importance of risk related concepts.
  • Control types
    • Technical
    • Management
    • Operational
  • False positives
  • False negatives
  • Importance of policies in reducing risk
    • Privacy policy
    • Acceptable use
    • Security policy
    • Mandatory vacations
    • Job rotation
    • Separation of duties
    • Least privilege
  • Risk calculation
    • Likelihood
    • ALE
    • Impact
    • SLE
    • ARO
    • MTTR
    • MTTF
    • MTBF
  • Quantitative vs. qualitative
  • Vulnerabilities
  • Threat vectors
  • Probability/threat likelihood
  • Risk avoidance, transference, acceptance, mitigation, deterrence
  • Risks associated with cloud computing and virtualization
  • Recovery time objective and recovery point objective
• 2.2 Summarize the security implications of integrating systems and data with third parties.
  • On-boarding/off-boarding business partners
  • Social media networks and/or applications
  • Interoperability agreements
    • SLA
    • BPA
    • MOU
    • ISA
  • Privacy considerations
  • Risk awareness
  • Unauthorized data sharing
  • Data ownership
  • Data backups
  • Follow security policy and procedures
  • Review agreement requirements to verify compliance and performance standards
• 2.3 Given a scenario, implement appropriate risk mitigation strategies.
  • Change management
  • Incident management
  • User rights and permissions reviews
  • Perform routine audits
  • Enforce policies and procedures to prevent data loss or theft
  • Enforce technology controls
    • Data Loss Prevention (DLP)
• 2.4 Given a scenario, implement basic forensic procedures.
  • Order of volatility
  • Capture system image
  • Network traffic and logs
  • Capture video
  • Record time offset
  • Take hashes
  • Screenshots
  • Witnesses
  • Track man hours and expense
  • Chain of custody
  • Big Data analysis
• 2.5 Summarize common incident response procedures.
  • Preparation
  • Incident identification
  • Escalation and notification
  • Escalation and notification
  • Lessons learned
  • Reporting
  • Recovery/reconstitution procedures
  • First responder
  • Incident isolation
    • Quarantine
    • Device removal
  • Data breach
  • Damage and loss control
• 2.6 Explain the importance of security related awareness and training.
  • Security policy training and procedures
  • Role-based training
  • Personally identifiable information
  • Information classification
    • High
    • Medium
    • Low
    • Confidential
    • Private
    • Public
  • Data labeling, handling and disposal
  • Compliance with laws, best practices and standards
  • User habits
    • Password behaviors
    • Data handling
    • Clean desk policies
    • Prevent tailgating
    • Personally owned devices
  • New threats and new security trends/alerts
    • New viruses
    • Phishing attacks
    • Zero-day exploits
  • Use of social networking and P2P
  • Follow up and gather training metrics to validate compliance and security posture
• 2.7 Compare and contrast physical security and environmental controls.
  • Environmental controls
    • HVAC
    • Fire suppression
    • EMI shielding
    • Hot and cold aisles
    • Environmental monitoring
    • Temperature and humidity controls
  • Physical security
    • Hardware locks
    • Mantraps
    • Video surveillance
    • Fencing
    • Proximity readers
    • Access list
    • Proper lighting
    • Signs
    • Guards
    • Barricades
    • Biometrics
    • Protected distribution (cabling)
    • Alarms
    • Motion detection
  • Control types
    • Deterrent
    • Preventive
    • Detective
    • Compensating
    • Technical
    • Administrative
• 2.8 Summarize risk management best practices.
  • Business continuity concepts
    • Business impact analysis
    • Identification of critical systems and components
    • Removing single points of failure
    • Business continuity planning and testing
    • Risk assessment
    • Continuity of operations
    • Disaster recovery
    • IT contingency planning
    • Succession planning
    • High availability
    • Redundancy
    • Tabletop exercises
  • Fault tolerance
    • Hardware
    • RAID
    • Clustering
    • Load balancing
    • Servers
  • Disaster recovery concepts
    • Backup plans/policies
    • Backup execution/frequency
    • Cold site
    • Hot site
    • Warm site
• 2.9 Given a scenario, select the appropriate control to meet the goals of security.
  • Confidentiality
    • Encryption
    • Access controls
    • Steganography
  • Integrity
    • Hashing
    • Digital signatures
    • Certificates
    • Non-repudiation
  • Availability
    • Redundancy
    • Fault tolerance
    • Patching
  • Safety
    • Fencing
    • Lighting
    • Locks
    • CCTV
    • Escape plans
    • Drills
    • Escape routes
    • Testing controls

For more information, contact one of our course advisors

• 3.1 Explain types of malware.
  • Adware
  • Virus
  • Spyware
  • Trojan
  • Rootkits
  • Backdoors
  • Logic bomb
  • Botnets
  • Ransomware
  • Polymorphic malware
  • Armored virus
• 3.2 Summarize various types of attacks.
  • Man-in-the-middle
  • DDoS
  • DoS
  • Replay
  • Smurf attack
  • Spoofing
  • Spam
  • Phishing
  • Spim
  • Vishing
  • Spear phishing
  • Xmas attack
  • Pharming
  • Privilege escalation
  • Malicious insider threat
  • DNS poisoning and ARP poisoning
  • Transitive access
  • Client-side attacks
  • Password attacks
    • Brute force
    • Dictionary attacks
    • Hybrid
    • Birthday attacks
    • Rainbow tables
  • Typo squatting/URL hijacking
  • Watering hole attack
• 3.3 Summarize social engineering attacks and the associated effectiveness with each attack.
  • Shoulder surfing
  • Dumpster diving
  • Tailgating
  • Impersonation
  • Hoaxes
  • Whaling
  • Vishing
  • Principles (reasons for effectiveness)
    • Authority
    • Intimidation
    • Consensus/social proof
    • Scarcity
    • Urgency
    • Familiarity/liking
    • Trust
• 3.4 Explain types of wireless attacks.
  • Rogue access points
  • Jamming/interference
  • Evil twin
  • War driving
  • Bluejacking
  • Bluesnarfing
  • War chalking
  • IV attack
  • Packet sniffing
  • Near field communication
  • Replay attacks
  • WEP/WPA attacks
  • WPS attacks
• 3.5 Explain types of application attacks.
  • Cross-site scripting
  • SQL injection
  • LDAP injection
  • XML injection
  • Directory traversal/command injection
  • Buffer overflow
  • Integer overflow
  • Zero-day
  • Cookies and attachments
  • Locally Shared Objects (LSOs)
  • Flash cookies
  • Malicious add-ons
  • Session hijacking
  • Header manipulation
  • Arbitrary code execution/remote code execution
• 3.6 Analyze a scenario and select the appropriate type of mitigation and deterrent techniques.
  • Monitoring system logs
    • Event logs
    • Audit logs
    • Security logs
    • Access logs
  • Hardening
    • Disabling unnecessary services
    • Protecting management interfaces and applications
    • Password protection
    • Disabling unnecessary accounts
  • Network security
    • MAC limiting and filtering
    • 802.1x
    • Disabling unused interfaces and unused application service ports
    • Rogue machine detection
  • Security posture
    • Initial baseline configuration
    • Continuous security monitoring
    • Remediation
  • Reporting
    • Alarms
    • Alerts
    • Trends
  • Detection controls vs. prevention controls
    • IDS vs. IPS
    • Camera vs. guard
• 3.7 Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities.
  • Interpret results of security assessment tools
  • Tools
    • Protocol analyzer
    • Vulnerability scanner
    • Honeypots
    • Honeynets
    • Port scanner
    • Passive vs. active tools
    • Banner grabbing
  • Risk calculations
    • Threat vs. likelihood
  • Assessment types
    • Risk
    • Threat
    • Vulnerability
  • Assessment technique
    • Baseline reporting
    • Code review
    • Determine attack surface
    • Review architecture
    • Review designs
• 3.8 Explain the proper use of penetration testing versus vulnerability scanning.
  • Penetration testing
    • Verify a threat exists
    • Bypass security controls
    • Actively test security controls
    • Exploiting vulnerabilities
  • Vulnerability scanning
    • Passively testing security controls
    • Identify vulnerability
    • Identify lack of security controls
    • Identify common misconfigurations
    • Intrusive vs. non-intrusive
    • Credentialed vs. non-credentialed
    • False positive
  • Black box
  • White box
  • Gray box

For more information, contact one of our course advisors

• 4.1 Explain the importance of application security controls and techniques.
  • Fuzzing
  • Secure coding concepts
    • Error and exception handling
    • Input validation
  • Cross-site scripting prevention
  • Cross-site Request Forgery (XSRF) prevention
  • Application configuration baseline (proper settings)
  • Application hardening
  • Application patch management
  • NoSQL databases vs. SQL databases
  • Server-side vs. client-side validation
• 4.2 Summarize mobile security concepts and technologies.
  • Device security
    • Full device encryption
    • Remote wiping
    • Lockout
    • Screen locks
    • GPS
    • Application control
    • Storage segmentation
    • Asset tracking
    • Inventory control
    • Mobile device management
    • Device access control
    • Removable storage
    • Disabling unused features
  • Application security
    • Key management
    • Credential management
    • Authentication
    • Geo-tagging
    • Encryption
    • Application whitelisting
    • Transitive trust/authentication
  • BYOD concerns
    • Data ownership
    • Support ownership
    • Patch management
    • Antivirus management
    • Forensics
    • Privacy
    • On-boarding/off-boarding
    • Adherence to corporate policies
    • User acceptance
    • Architecture/infrastructure considerations
    • Legal concerns
    • Acceptable use policy
    • On-board camera/video
• 4.3 Given a scenario, select the appropriate solution to establish host security.
  • Operating system security and settings
  • OS hardening
  • Anti-malware
    • Antivirus
    • Anti-spam
    • Anti-spyware
    • Pop-up blockers
  • Patch management
  • Whitelisting vs. blacklisting applications
  • Trusted OS
  • Host-based firewalls
  • Host-based intrusion detection
  • Hardware security
    • Cable locks
    • Safe
    • Locking cabinets
  • Host software baselining
  • Virtualization
    • Snapshots
    • Patch compatibility
    • Host availability/elasticity
    • Mismatched channels
• 4.4 Given a scenario, troubleshoot and resolve common copper cable issues.
  • Shorts
  • Opens
  • Incorrect termination (mismatched standards)
    • Straight-through
    • Crossover
  • Cross-talk
    • Near end
    • Far end
  • EMI/RFI
  • Distance limitations
  • Attenuation/Db loss
  • Bad connector
  • Bad wiring
  • Split pairs
  • Tx/Rx reverse
  • Cable placement
  • Bad SFP/GBIC - cable or transceiver
• 4.5 Given a scenario, troubleshoot and resolve common fiber cable issues.
  • Attenuation/Db loss
  • SFP/GBIC - cable mismatch
  • Bad SFP/GBIC - cable or transceiver
  • Wavelength mismatch
  • Fiber type mismatch
  • Dirty connectors
  • Connector mismatch
  • Bend radius limitations
  • Distance limitations
• 4.6 Given a scenario, troubleshoot and resolve common network issues.
  • Incorrect IP configuration/default gateway
  • Broadcast storms/switching loop
  • Duplicate IP
  • Speed and duplex mismatch
  • End-to-end connectivity
  • Incorrect VLAN assignment
  • Hardware failure
  • Misconfigured DHCP
  • Misconfigured DNS
  • Incorrect interface/interface misconfiguration
  • Cable placement
  • Interface errors
  • Simultaneous wired/wireless connections
  • Discovering neighboring devices/nodes
  • Power failure/power anomalies
  • MTU/MTU black hole
  • Missing IP routes
  • NIC teaming misconfiguration
    • Active-active vs. active-passive
    • Multicast vs. broadcast
• 4.7 Given a scenario, troubleshoot and resolve common security issues.
  • Misconfigured firewall
  • Misconfigured ACLs/applications
  • Malware
  • DoS
  • Open/closed ports
  • ICMP related issues
    • Ping of death
    • Unreachable default gateway
  • Unpatched firmware/OSs
  • Malicious users
    • Trusted
    • Untrusted users
    • Packet sniffing
  • Authentication issues
    • TACACS/RADIUS misconfigurations
    • Default passwords/settings
  • Improper access/backdoor access
  • ARP issues
  • Banner grabbing/OUI
  • Domain/local group configurations
  • Jamming
• 4.8 Given a scenario, troubleshoot and resolve common WAN issues.
  • Loss of Internet connectivity
  • Interface errors
  • Split horizon
  • DNS issues
  • Interference
  • Router configurations
  • Customer premise equipment
    • Smart jack/NIU
    • Demarc
    • Loopback
    • CSU/DSU
    • Copper line drivers/repeaters
  • Company security policy
    • Throttling
    • Blocking
    • Fair access policy/utilization limits
  • Satellite issues
    • Latency

For more information, contact one of our course advisors

• 5.1 Compare and contrast the function and purpose of authentication services.
  • RADIUS
  • TACACS+
  • Kerberos
  • LDAP
  • XTACACS
  • SAML
  • Secure LDAP
• 5.2 Given a scenario, select the appropriate authentication, authorization or access control.
  • Identification vs. authentication vs. authorization
  • Authorization
    • Least privilege
    • Separation of duties
    • ACLs
    • Mandatory access
    • Discretionary access
    • Rule-based access control
    • Role-based access control
    • Time of day restrictions
  • Authentication
    • Tokens
    • Common access card
    • Smart card
    • Multifactor authentication
    • TOTP
    • HOTP
    • CHAP
    • PAP
    • Single sign-on
    • Access control
    • Implicit deny
    • Trusted OS
  • Authentication factors
    • Something you are
    • Something you have
    • Something you know
    • Somewhere you are
    • Something you do
  • Identification
    • Biometrics
    • Personal identification verification card
    • Username
  • Federation
  • Transitive trust/authentication
• 5.3 Install and configure security controls when performing account management, based on best practices.
  • Mitigate issues associated with users with multiple account/roles and/or shared accounts
  • Account policy enforcement
    • Credential management
    • Group policy
    • Password complexity
    • Expiration
    • Recovery
    • Disablement
    • Lockout
    • Password history
    • Password reuse
    • Password length
    • Generic account prohibition
  • Group based privileges
  • User assigned privileges
  • User access reviews
  • Continuous monitoring

For more information, contact one of our course advisors

• 6.1 Given a scenario, utilize general cryptography concepts.
  • Symmetric vs. asymmetric
  • Session keys
  • In-band vs. out-of-band key exchange
  • Fundamental differences and encryption methods
    • Block vs. stream
  • Transport encryption
  • Non-repudiation
  • Key escrow
  • Steganography
  • Digital signatures
  • Use of proven technologies
  • Elliptic curve and quantum cryptography
  • Ephemeral key
  • Perfect forward secrecy
• 6.2 Given a scenario, use appropriate cryptographic methods.
  • WEP vs. WPA/WPA2 and preshared key
  • MD5
  • SHA
  • RIPEMD
  • AES
  • DES
  • 3DES
  • HMAC
  • RSA
  • Diffie-Hellman
  • RC4
  • NTLM
  • NTLMv2
  • Blowfish
  • PGP/GPG
  • TwoFish
  • DHE
  • ECDHE
  • CHAP
  • PAP
  • Comparative strengths and performance of algorithms
  • Use of algorithms/protocols with transport encryption
    • SSL
    • TLS
    • IPSec
    • SSH
    • HTTPS
  • Cipher suites
    • Strong vs. weak ciphers
  • Key stretching
    • PBKDF2
    • Bcrypt
• 6.3 Given a scenario, use appropriate PKI, certificate management and associated components.
  • Certificate authorities and digital certificates
    • CA
    • CRLs
    • OCSP
    • CSR
  • PKI
  • Recovery agent
  • Public key
  • Private key
  • Registration
  • Key escrow
  • Trust models

For more information, contact one of our course advisors

• CompTIA Security+ SY0-401

For more information, contact one of our course advisors

Achieving a CompTIA Network+ qualification will unlock a number of doors for you within the IT industry, with salaries for those that hold a Network+ certification averaging at £22,500.

The roles that you will be qualified for are as follows:

• IT Support
• Computer Service Technician
• Small Office IT maintenance
• Technical Support
• Field Service Technician

For more information, contact one of our course advisors