Welcome to ONLC Training Centers


CompTIA Security+ Certification Training Course Outline

 (5 days)
Version SY0-501

*** WARNING: High Volume Class, Sign Up Early ***
Security+ is one of our most popular classes. A green flag beside a date on the right means that a session has met the minimum enrollment levels and is running. However, it is common for dates for this course to fill several weeks in advance. Even if a date has a green flag, you might not be able to get into that session if it is full. To avoid disappointment, it is best to register for this class at least three weeks in advance.

Overview
CompTIA Security+ is aimed at IT professionals with job roles such as security architect, security engineer, security consultant/specialist, information assurance technician, security administrator, systems administrator and network administrator.

Course Prerequisites
Students should meet the following criteria prior to taking the course:

Recommended that students have taken CompTIA Network+ certification course and exam, together with 24 months experience in networking support/IT administration
Know the function and basic features of the components of a PC
Use Windows Server to create and manage files and use basic administrative features (Explorer, Control Panel, Management Consoles, Command Line Tools)
Operate the Linux OS using basic command-line tools
Know basic network terminology and functions (such as OSI Model, Topology, Ethernet, Wi-Fi, switches, routers)
Understand TCP/IP addressing, core protocols, and troubleshooting tools

Exam Prep Software
All of our CompTIA classes include access to web-based practice exams. CompTIA certification exams are very rigorous and challenging. By studying after the class and using these practice exams, you will greatly improve your chances of passing the actual certification exam the first time. Exam prep software is included with all CompTIA classes delivered by ONLC Training Centers.

ONLC’s Exam Pass Guarantee
ONLC’s CompTIA certification classes come with an Exam Pass Guarantee. What that essentially means is that we want to make sure that everyone is taking advantage of the Practice Test that we are providing and achieve and 85% or better in Certification Mode prior to us releasing the initial exam voucher. The practice test is typically ordered on the first day of class and emailed to each student. Once you email us at exam@onlc.com with proof of the 85% or better, we will go ahead and release the exam voucher to you within 24 hours. Should you fail on the first attempt, we will then give you a second voucher (up to 3 vouchers total per exam). However, should you decide to not take the practice exam or to take the exam without first achieving the 85% in certification mode, the Exam Pass is null and void. Please read through our:
Exam Pass Guarantee

Additional Notes Regarding CompTIA Certification Exams
As with most professional IT certifications, many additional hours of study are required before the class (meeting the prerequisites) and after the class (reviewing exam objectives and practice questions). Expect to spend a significant number of hours studying outside of the class before you take a CompTIA or any other IT professional exam.

Course Outline

Module 1 / Threats, Attacks, and Vulnerabilities
Indicators of Compromise • Why is Security Important? • Security Policy • Threat Actor Types • The Kill Chain • Social Engineering • Phishing • Malware Types • Trojans and Spyware • Open Source Intelligence • Labs • VM Orientation • Malware Types

Critical Security Controls • Security Control Types • Defense in Depth • Frameworks and Compliance • Vulnerability Scanning and Pen Tests • Security Assessment Techniques • Pen Testing Concepts • Vulnerability Scanning Concepts • Exploit Frameworks • Lab • Using Vulnerability Assessment Tools

Security Posture Assessment Tools • Topology Discovery • Service Discovery • Packet Capture • Packet Capture Tools • Remote Access Trojans • Honeypots and Honeynets • Labs • Using Network Scanning Tools 1 • Using Network Scanning Tools 2 • Using Steganography Tools

Incident Response • Incident Response Procedures • Preparation Phase • Identification Phase • Containment Phase • Eradication and Recovery Phases

Module 2 / Identity and Access Management
Cryptography • Uses of Cryptography • Cryptographic Terminology and Ciphers • Cryptographic Products • Hashing Algorithms • Symmetric Algorithms • Asymmetric Algorithms • Diffie-Hellman and Elliptic Curve • Transport Encryption • Cryptographic Attacks • Lab • Implementing Public Key Infrastructure

Public Key Infrastructure • PKI Standards • Digital Certificates • Certificate Authorities • Types of Certificate • Implementing PKI • Storing and Distributing Keys • Key Status and Revocation • PKI Trust Models • PGP / GPG • Lab • Deploying Certificates and Implementing Key Recovery

Identification and Authentication • Access Control Systems • Identification • Authentication • LAN Manager / NTLM • Kerberos • PAP, CHAP, and MS-CHAP • Password Attacks • Token-based Authentication • Biometric Authentication • Common Access Card • Lab • Using Password Cracking Tools

Identity and Access Services • Authorization • Directory Services • RADIUS and TACACS+ • Federation and Trusts • Federated Identity Protocols

Account Management • Formal Access Control Models • Account Types • Windows Active Directory • Creating and Managing Accounts • Account Policy Enforcement • Credential Management Policies • Account Restrictions • Accounting and Auditing • Lab • Using Account Management Tools

Module 3 / Architecture and Design (1)
Secure Network Design • Network Zones and Segments • Subnetting • Switching Infrastructure • Switching Attacks and Hardening • Endpoint Security • Network Access Control • Routing Infrastructure • Network Address Translation • Software Defined Networking • Lab • Implementing a Secure Network Design

Firewalls and Load Balancers • Basic Firewalls • Stateful Firewalls • Implementing a Firewall or Gateway • Web Application Firewalls • Proxies and Gateways • Denial of Service Attacks • Load Balancers • Lab • Implementing a Firewall

IDS and SIEM • Intrusion Detection Systems • Configuring IDS • Log Review and SIEM • Data Loss Prevention • Malware and Intrusion Response • Lab • Using an Intrusion Detection System

Secure Wireless Access • Wireless LANs • WEP and WPA • Wi-Fi Authentication • Extensible Authentication Protocol • Additional Wi-Fi Security Settings • Wi-Fi Site Security • Personal Area Networks

Physical Security Controls • Site Layout and Access • Gateways and Locks • Alarm Systems • Surveillance • Hardware Security • Environmental Controls

Module 4 / Architecture and Design (2)
Secure Protocols and Services • DHCP Security • DNS Security • Network Management Protocols • HTTP and Web Servers • SSL / TSL and HTTPS • Web Security Gateways • Email Services • S/MIME • File Transfer • Voice and Video Services • VoIP • Labs • Implementing Secure Network Addressing Services • Configuring a Secure Email Service

Secure Remote Access • Remote Access Architecture • Virtual Private Networks • IPSec • Remote Access Servers • Remote Administration Tools • Hardening Remote Access Infrastructure • Lab • Implementing a Virtual Private Network

Secure Systems Design • Trusted Computing • Hardware / Firmware Security • Peripheral Device Security • Secure Configurations • OS Hardening • Patch Management • Embedded Systems • Security for Embedded Systems

Secure Mobile Device Services • Mobile Device Deployments • Mobile Connection Methods • Mobile Access Control Systems • Enforcement and Monitoring

Secure Virtualization and Cloud Services • Virtualization Technologies • Virtualization Security Best Practices • Cloud Computing • Cloud Security Best Practices

Module 5 / Risk Management
Forensics • Forensic Procedures • Collecting Evidence • Capturing System Images • Handling and Analyzing Evidence • Lab • Using Forensic Tools

Disaster Recovery and Resiliency • Continuity of Operations Plans • Disaster Recovery Planning • Resiliency Strategies • Recovery Sites • Backup Plans and Policies • Resiliency and Automation Strategies

Risk Management • Business Impact Analysis • Identification of Critical Systems • Risk Assessment • Risk Mitigation

Secure Application Development • Application Vulnerabilities • Application Exploits • Web Browser Exploits • Secure Application Design • Secure Coding Concepts • Auditing Applications • Secure DevOps • Lab • Identifying a Man-in-the-Browser Attack

Organizational Security • Corporate Security Policy • Personnel Management Policies • Interoperability Agreements • Data Roles • Data Sensitivity Labeling and Handling • Data Wiping and Disposal • Privacy and Employee Conduct Policies • Security Policy Training
View outline in Word

XSP501

Attend hands-on, instructor-led CompTIA Security+ Certification Training training classes at ONLC's more than 300 locations. Not near one of our locations? Attend these same live classes from your home/office PC via our Remote Classroom Instruction (RCI) technology.

For additional training options, check out our list of Security+ Courses and select the one that's right for you.

Microsoft Gold Partner
Class Dates
(click date for class times)
(click Enroll for locations)
More dates...

Fee:  $2495

Savings options:

 15 Day Pass
 CEA Tech Saver
Need a price quote?

Follow the link to our self-service price quote form to generate an email with a price quote.

Email Alert

Receive an email when this class is available as "Ready to Run" or "Early Notice" status.

Attend from your office or home

If you have high-speed internet and two computers you can likely take this class from your office or home.

Need a class for a group?

We can deliver this class for a private group at your location. Follow the link to request more information.

Attend computer classes from ONLC Training Centers Request a copy via mail

GENERAL INFO

Class Format
Class Policies
Student Reviews

Bookmark and Share


HAVE QUESTIONS?
First Name

Last Name

Company

Phone

Email

Location

Question/Comment



ONLC TRAINING CENTERS
800-288-8221
www.onlc.com