SAP Courses In Toronto, SAP Courses in Mississauga, SAP Courses in Montreal, PMI Certification Courses in Montreal, SAP Courses in Ottawa, SAP Courses in Quebec, SAP Courses in Quebec
| Course Catalogue |
SAP Certification, SAP Toronto, SAP Training Montreal, SAP Training Quebec, SAP Jobs ERP Training Calgary, SAP College, Project Management Training Mississauga, SAP Courses Mississauga
PMP Certification, Project Management Training, SAP Courses In Toronto, SAP Classes In Toronto, SAP Courses in Mississauga, SAP Courses in Montreal, Learn SAP, SAP Courses in Ottawa
SAP Courses in Ottawa, SAP Colleges in Ottawa, Project Management in Ottawa, PMP Certification Training in Ottawa, SAP Courses In Toronto, SAP Training Edmonton
PMP Exam Training Mississauga, PMI Certification Course, SAP Training Quebec, SAP Mississauga, SAP Toronto, SAP Certification, SAP In Mississauga, SAP Training Toronto
SAP Courses In Mississauga, SAP Certification, SAP Mississauga, PMP Training, Project Management Training, PMP Exam Prep, Toronto SAP Jobs, SAP Training Mississauga, SAP Courses
Course Outline
Enrol
$999.00 USD
(Classroom Training)
(Classroom Training)
Code: 6003
40 Hours Course
Course Material Included: No
Course Material: $80.00 USD
40 Hours Course
Course Material Included: No
Course Material: $80.00 USD
Who Needs to Attend
This course is targeted toward an Information Technology (IT) professional who has networking and administrative skills in Windows-based TCP/IP networks and familiarity with other operating systems, such as NetWare, Macintosh, UNIX/Linux, and OS/2, who wants to: further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security Certification examination; or use Security as the foundation for advanced security certifications or career roles.
The typical IT job positions are: Senior Field Service Engineer, Network Technician, LAN Administrator, Windows Administrator, Network Security Specialist or Network Security Administrator.
Prerequisites
Although not a prerequisite, it is recommended that CompTIA Security+ candidates have at least two years of technical networking experience, with an emphasis on security. The CompTIA Network+ certification is also recommended.
CompTIA Security+
- Description
- What You Learn
- Course Outline
- Dates & Locations
The CompTIA Security+ certification (2008 version) designates knowledgeable professionals in the field of security, one of the fastest-growing fields in IT. Security threats are increasing in number and severity, and the gap between the need for security professionals and qualified IT personnel is the largest of any IT specialty, according to a 2008 CompTIA study. Even in a troubled economy, most businesses plan to maintain or increase their investment in security.
CompTIA Security+ is an international, vendor-neutral certification that proves competency in system security, network infrastructure, access control and organizational security. Major organizations that employ CompTIA Security+ certified staff include Booz Allen Hamilton, Hewlett-Packard, IBM, Motorola, Symantec, Telstra, Hitachi, Ricoh, Lockheed Martin, Unisys, Hilton Hotels Corp., General Mills, the U.S. Navy, Army, Air Force and Marines.
- Identify Security Threats
- Harden Internal Systems and Services
- Harden Internetwork Devices and Services
- Secure Network Communications
- Manage Public Key Infrastructure (PKI)
- Manage Certificates
- Enforce Organizational Security Policy
- Monitor the Security Infrastructure
1.0 Systems Security
1.1 Differentiate among various systems security threats.
Privilege escalation
Virus
Worm
Trojan
Spyware
Spam
Adware
Rootkits
Botnets
Logic bomb
1.2 Explain the security risks pertaining to system hardware and peripherals.
BIOS
USB devices
Cell phones
Removable storage
Network attached storage
1.3 Implement OS hardening practices, procedures to achieve workstation and server security.
Hotfixes
Service packs
Patches
Patch management
Group policies
Security templates
Configuration baselines
1.4 Carry out the appropriate procedures to establish application security.
ActiveX
Java
Scripting
Browser
Buffer overflows
Cookies
SMTP open relays
Instant messaging
P2P
Input validation
Cross-site scripting (XSS)
1.5 Implement security applications.
HIDS
Personal software firewalls
Antivirus
Anti-spam
1.6 Explain the purpose and application of virtualization technology.
2.0 Network Infrastructure
2.1 Differentiate between different ports & protocols, their respective threats & mitigation techniques.
Antiquated protocols
TCP/IP hijacking
Null sessions
Spoofing
Man-in-the-middle
Replay
DOS
DDOS
Domain Name Kiting
DNS poisoning
ARP poisoning
2.2 Distinguish between network design elements and components.
DMZ
VLAN
NAT
Network interconnections
NAC
Subnetting
Telephony
2.3 Determine the appropriate use of network security tools to facilitate network security.
NIDS
NIPS
Firewalls
Proxy servers
Honeypot
Internet content filters
Protocol analyzers
2.4 Apply the appropriate network tools to facilitate network security.
NIDS
Firewalls
Proxy servers
Internet content filters
Protocol analyzers
2.5 Explain the vulnerabilities and mitigations associated with network devices.
Privilege escalation
Weak passwords
Back doors
Default accounts
DOS
2.6 Explain the vulnerabilities and mitigations associated with various transmission media.
Vampire taps
2.7 Explain the vulnerabilities and implement mitigations associated with wireless networking.
Data emanation
War driving
SSID broadcast
Blue jacking
Bluesnarfing
Rogue access points
Weak encryption
3.0 Access Control
3.1 Identify and apply industry best practices for access control methods.
Implicit deny
Least privilege
Separation of duties
Job rotation
3.2 Explain common access control models and the differences between each.
MAC
DAC
Role & Rule based access control
3.3 Organize users & computers into appropriate security groups & roles while distinguishing between appropriate rights and privileges.
3.4 Apply appropriate security controls to file and print resources.
3.5 Compare and implement logical access control methods.
ACL
Group policies
Password policy
Domain password policy
User names and passwords
Time of day restrictions
Account expiration
Logical tokens
3.6 Summarize the various authentication models and identify the components of each.
One, two and three-factor authentication
Single sign-on
3.7 Deploy various authentication models and identify the components of each.
Biometric reader
RADIUS
RAS
CompTIA Security+ (2008 Edition) Exam Objectives 5 of 11
Copyright _2008 by the Computing Technology Industry Association. All rights reserved.
The CompTIA Security+ (2008 Edition) Exam Objectives are subject to change without notice.
LDAP
Remote access policies
Remote authentication
VPN
Kerberos
CHAP
PAP
Mutual
802.1x
TACACS
3.8 Explain the difference between identification and authentication (identity proofing).
3.9 Explain and apply physical access security methods.
Physical access logs/lists
Hardware locks
Physical access control – ID badges
Door access systems
Man-trap
Physical tokens
Video surveillance – camera types and positioning
4.0 Assessments & Audits
4.1 Conduct risk assessments and implement risk mitigation.
4.2 Carry out vulnerability assessments using common tools.
Port scanners
Vulnerability scanners
Protocol analyzers
OVAL
Password crackers
Network mappers
4.3 Within realm of vulnerability assessments, explain use of penetration testing vs. vulnerability scanning.
4.4 Use monitoring tools on systems and networks and detect security-related anomalies.
Performance monitor
Systems monitor
Performance baseline
Protocol analyzers
4.5 Compare and contrast various types of monitoring methodologies.
Behavior-based
Signature-based
Anomaly-based
4.6 Execute proper logging procedures and evaluate the results.
Security application
DNS
System
Performance
Access
Firewall
Antivirus
4.7 Conduct periodic audits of system security settings.
User access and rights review
Storage and retention policies
Group policies
5.0 Cryptography
5.1 Explain general cryptography concepts.
Key management
Steganography
Symmetric key
Asymmetric key
Confidentiality
Integrity and availability
Non-repudiation
Comparative strength of algorithms
Digital signatures
Whole disk encryption
Trusted Platform Module (TPM)
Single vs. Dual sided certificates
Use of proven technologies
5.2 Explain basic hashing concepts and map various algorithms to appropriate applications.
SHA
MD5
LANMAN
NTLM
5.3 Explain basic encryption concepts and map various algorithms to appropriate applications.
DES
3DES
RSA
PGP
Elliptic curve
AES
AES256
One time pad
Transmission encryption (WEP TKIP, etc)
5.4 Explain and implement protocols.
SSL/TLS
S/MIME
PPTP
HTTP vs. HTTPS vs. SHTTP
L2TP
IPSEC
SSH
5.5 Explain core concepts of public key cryptography.
Public Key Infrastructure (PKI)
Recovery agent
Public key
Private keys
Certificate Authority (CA)
Registration
Key escrow
Certificate Revocation List (CRL)
Trust models
5.6 Implement PKI and certificate management.
Public Key Infrastructure (PKI)
Recovery agent
Public key
Private keys
Certificate Authority (CA)
Registration
Key escrow
Certificate Revocation List (CRL)
6.0 Organizational Security
6.1 Explain redundancy planning and its components.
Hot site
Cold site
Warm site
Backup generator
Single point of failure
RAID
Spare parts
Redundant servers
Redundant ISP
UPS
Redundant connections
6.2 Implement disaster recovery procedures.
Planning
Disaster recovery exercises
Backup techniques and practices – storage
Schemes
Restoration
6.3 Differentiate between and execute appropriate incident response procedures.
Forensics
Chain of custody
First responders
Damage and loss control
6.4 Identify and explain applicable legislation and organizational policies.
Secure disposal of computers
Acceptable use policies
Password complexity
Change management
Classification of information
Mandatory vacations
Personally Identifiable Information (PII)
Due care
Due diligence
Due process
SLA
Security-related HR policy
User education and awareness training
6.5 Explain the importance of environmental controls.
Fire suppression
HVAC
Shielding
6.6 Explain the concept of and how to reduce the risks of social engineering.
Phishing
Hoaxes
Shoulder surfing
Dumpster diving
User education and awareness training
No classes are currently scheduled for this course. Please visit later.
Certifications Programs and Tracks
US/Canada Call: 1 877 711 7562/905 502 3477. International: Skype id - questlearnings
