Information Technology (IT) Training

REQUEST INFORMATION

CompTIA Security+ Program 

PROGRAM

CompTIA Security+ Certification Preparation Training (Online or Oncampus)

IT CATALOG

NEW EDUCARE INSTITUTE OF HEALTHCARE

PROGRAM DURATION

CompTIA Security +

5 to 7 DAYS

  • Identify strategies developed by cyber adversaries to attack networks and hosts and the countermeasures deployed to defend them.
  • Understand the principles of organizational security and the elements of effective security policies.
  • Know the technologies and uses of cryptographic standards and products.
  • Install and configure network- and host-based security technologies.
  • Describe how wireless and remote access security is enforced.
  • Describe the standards and products used to enforce security on web and communications technologies.
  • Identify strategies for ensuring business continuity, fault tolerance, and disaster recovery.
  • Summarize application and coding vulnerabilities and identify development and deployment methods designed to mitigate them.

COURSE OUTCOME

PROGRAM CURRICULUM

CompTIA Security +

TOPICS

Module 1 Threats, Attacks, and Vulnerabilities

Module 3 Architecture and Design 1

Module 5 Risk Management

Module 2 Identity and Access Management

Module 4 Architecture and Design 2

CompTIA Security+

Certification
Preparation Training


Program Duration: 5 o 7 Days


Program Description:  This course will teach you the fundamental principles of installing and configuring cybersecurity controls and participating in incident response and risk mitigation. This course prepares the student for the CompTIA Security+ certification exam.

COMPTIA SECURITY+

COURSE OUTLINE

Module 1

Threats, Attacks, and Vulnerabilities


Unit 1.1 Topic:

Indicators of Compromise 

  • Why is Security Important?
  • Security Policy
  • Threat Actor Types
  • The Kill Chain
  • Social Engineering Phishing
  • Malware Types
  • Trojans and Spyware
  • Open Source Intelligence

Unit 1.1 Topics for Self-study:

Live Labs

  • Application Data - Establish Host Security
  • Social Engineering Reconnaissance

CompTIA Exam Domain Objectives:

1.1 Given a scenario, analyze indicators of compromise and determine the type of malware

  • Viruses
  • Crypto-malware
  • Ransomware
  • Worm
  • Trojan
  • Rootkit
  • Keylogger
  • Adware
  • Spyware
  • Bots
  • RAT
  • Logic bomb
  • Backdoor

1.2 Compare and contrast types of attacks

  • Social engineering
  • Phishing
  • Spear phishing
  • Whaling
  • Vishing
  • Tailgating
  • Impersonation
  • Dumpster diving
  • Shoulder surfing
  • Hoax
  • Watering hole attack
  • Principles
    • Reasons for effectiveness:
      • Authority
      • Intimidation
      • Consensus
      • Scarcity
      • Familiarity
      • Trust
      • Urgency

1.3 Explain threat actor types and attributes

  • Types of actors
    • Script kiddies
    • Hacktivist
    • Organized crime, Nation states / APT
    • Insiders
    • Competitors
  • Attributes of actors
    • Internal / external
    • Level of sophistication
    • Resources / funding
    • Intent / motivation
  • Use of Open Source Intelligence

2.3 Given a scenario, troubleshoot common security issues
Personnel issues (Social engineering)


Unit 1.2: Topic

Critical Security Controls 

  • Security Control Types
  • Defense in Depth
  • Frameworks and Compliance
  • Vulnerability Scanning and Pen Tests
  • Security Assessment Techniques
  • Pen Testing Concepts
  • Vulnerability Scanning Concepts
  • Exploit Frameworks


Unit 1.2 Topics for Self-study:

Live Labs

  • Scanning and Remediating Vulnerabilities with OpenVAS


CompTIA Exam Domain Objectives:
1.4 Explain penetration testing concepts

  • Active reconnaissance
  • Passive reconnaissance
  • Pivot
  • Initial exploitation
  • Persistence
  • Escalation of privilege
  • Black box
  • White box
  • Gray box
  • Pen testing vs. vulnerability scanning

1.5 Explain vulnerability scanning concepts

  • Passively test security controls
  • Identify vulnerability
  • Identify lack of security controls
  • Identify common misconfigurations
  • Intrusive vs. non-intrusive
  • Credentialed vs. non-credentialed
  • False positive

2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization

  • Vulnerability scanner
  • Configuration compliance scanner
  • Exploitation frameworks
  • Passive vs. active

3.1 Explain use cases and purpose for frameworks, best practices and secure configuration guides

  • Industry-standard frameworks and reference architectures
    • Regulatory
    • Non-regulatory
    • National vs. international
    • Industry-specific frameworks
  • Benchmarks / secure configuration guides
    • Platform / vendor-specific guides
      • Web server
      • Operating system
      • Application server
      • Network infrastructure devices General purpose guides
  • Defense-in-depth / layered security
    • Vendor diversity
    • Control diversity
      • Administrative
      • Technical User training

5.3 Explain risk management processes and concepts

  • Testing
    • Penetration testing authorization
    • Vulnerability testing authorization

5.7 Compare and contrast various types of controls

  • Deterrent
  • Preventive
  • Detective
  • Corrective
  • Compensating
  • Technical
  • Administrative
  • Physical

Unit 1.3 Topic:

Security Posture Assessment Tools 

  • Topology Discovery
  • Service Discovery
  • Packet Capture
  • Packet Capture Tools
  • Remote Access Trojans
  • Honeypots and Honeynets

Unit 1.2 Topics for Self-study:

Live Labs

  • Network Vulnerabilities Part 1

CompTIA Exam Domain Objectives:
2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization

  • Protocol analyzer
  • Network scanners
    • Rogue system detection,
    • Network mapping
  • Wireless scanners / cracker
  • Steganography tools
  • Honeypot
  • Banner grabbing
  • Command line tools
    • ping
    • netstat
    • tracert
    • nslookup / dig
    • arp
    • ipconfig / ip / ifconfig
    • tcpdump
    • Nmap
    • netcat

Unit 1.4 Topic:

Incident Response

  • Incident Response Procedures
  • Preparation Phase
  • Identification Phase
  • Containment Phase
  • Eradication and Recovery Phases

CompTIA Exam Domain Objectives
5.4 Given a scenario, follow incident response procedures

  • Incident response plan
    • Documented incident types / category definitions
    • Roles and responsibilities
    • Reporting requirements / escalation
    • Cyber incident response teams
    • Exercise
  • Incident response process
    • Preparation
    • Identification
    • Containment
    • Eradication
    • Recovery
    • Lessons learned


Module 3

Architecture and Design 1  


Unit 3.1 Topic:
Secure Network Design

  • Network Zones and Segments
  • Subnetting
  • Switching Infrastructure
  • Switching Attacks and Hardening
  • Endpoint Security
  • Network Access Control
  • Routing Infrastructure
  • Network Address Translation
  • Software Defined Networking

Unit 3.1 Topics for Self-study:
Live Labs

  • NAT and OpenSSH

CompTIA Exam Domain Objectives
1.2 Compare and contrast types of attacks

  • Application / service attacks {Man-in-the-middle • ARP poisoning • MAC spoofing • IP spoofing}

1.6 Explain the impact associated with types of vulnerabilities

  • Architecture / design weaknesses

2.1 Install and configure network components, both hardware- and software-based, to support organizational security

  • Router (ACLs, Anti-spoofing) • Switch (Port security, Layer 2 vs. Layer 3, Loop prevention, Flood guard) • NAC (Dissolvable vs. permanent, Host health checks, Agent vs. agentless) • Bridge

2.6 Given a scenario, implement secure protocols

  • Use cases {Routing and switching}

3.2 Given a scenario, implement secure network architecture concepts

  • Zones / topologies {DMZ • Extranet • Intranet • Wireless • Guest • Honeynets • NAT • Ad hoc} • Segregation / segmentation / isolation {Physical • Logical (VLAN) • Virtualization • Air gaps} • Security device / technology placement {Aggregation switches} • SDN

Unit 3.2 Topic:
Firewalls and Load Balancers

  • Basic Firewalls
  • Stateful Firewalls
  • Implementing a Firewall or Gateway
  • Web Application Firewalls
  • Proxies and Gateways
  • Denial of Service Attacks
  • Load Balancers

Unit 3.2 Topics for Self-study:
Live Labs

  • Firewall Rule Based Management
  • Firewalls and Evasion
  • Network Vulnerabilities Part 2

CompTIA Exam Domain Objectives
1.2 Compare and contrast types of attacks

  • Application / service attacks {DoS • DDoS • Amplification}

1.6 Explain the impact associated with types of vulnerabilities

  • Resource exhaustion

2.1 Install and configure network components, both hardware- and software-based, to support organizational security


  • Firewall
    • ACL
    • Application-based vs. network-based
    • Stateful vs. stateless, Implicit deny
  • Proxy
    • Forward and reverse proxy
    • Transparent
    • Application / multipurpose
  • Load balancer
    • Scheduling [Affinity, Round-robin]
    • Active-Passive
    • Active-Active, Virtual IPs

2.3 Given a scenario, troubleshoot common security issues

  • Misconfigured devices (Firewall, Content filter)

2.4 Given a scenario, analyze and interpret output from security technologies

  • Host-based firewall • Web Application Firewall

3.2 Given a scenario, implement secure network architecture concepts

  • Security device / technology placement
    • Filters
    • Proxies
    • Firewalls
    • Load balancers
    • DDoS mitigator

Unit 3.3 Topic:
IDS and SIEM


  • Intrusion Detection Systems
  • Configuring IDS
  • Log Review and SIEM
  • Data Loss Prevention
  • Malware and Intrusion Response

Unit 3.3 Topics for Self-study:
Live Labs

  • Configuring IDS and Honeypots

CompTIA Exam Domain Objectives
2.1 Install and configure network components, both hardware- and software-based, to support organizational security

  • NIPS / NIDS
    • Signature-based, Heuristic / behavioral, Anomaly
    • Inline vs. passive
    • In-band vs. out-of-band
    • Rules
    • Analytics
      • False positive
      • False negative
  • SIEM
    • Aggregation
    • Correlation
    • Automated alerting and triggers
    • Time synchronization
    • Event deduplication
    • Logs / WORM
  • DLP
    • USB blocking
    • Cloud-based
    • Email

2.3 Given a scenario, troubleshoot common security issues

  • Logs and events anomalies • Data exfiltration

2.4 Given a scenario, analyze and interpret output from security technologies

  • HIDS / HIPS • Antivirus • File integrity check • Advanced malware tools • UTM • DLP

3.2 Given a scenario, implement secure network architecture concepts

  • Security device / technologyplacement
    • Sensors
    • Collectors
    • Correlation engines
    • Taps and port mirror

Unit 3.4 Topic:
Secure Wireless Access 

  • Wireless LANs
  • WEP and WPA
  • Wi-Fi Authentication
  • Extensible Authentication Protocol
  • Additional Wi-Fi Security Settings
  • Wi-Fi Site Security
  • Personal Area Networks

CompTIA Exam Domain Objectives
1.2 Compare and contrast types of attacks

  • Wireless attacks {Replay • IV • Evil twin • Rogue AP • Jamming • WPS • Bluejacking • Bluesnarfing • RFID • NFC • Disassociation}

2.1 Install and configure network components, both hardware- and software-based, to support organizational security

  • Access point (SSID, MAC filtering, Signal strength, Band selection / width, Antenna types and placement, Fat vs. thin, Controller-based vs. standalone)

2.3 Given a scenario, troubleshoot common security issues

  • Misconfigured devices
    • Access points

6.3 Given a scenario, install and configure wireless security settings

  • Cryptographic protocols
    • {WPA • WPA2 • CCMP • TKIP}
  • Authentication protocols
    • {EAP • PEAP • EAP-FAST • EAP-TLS • EAP-TTLS • IEEE 802.1X • RADIUS Federation}
  • Methods
    • {PSK vs. Enterprise vs. Open • WPS • Captive portals}

Unit 3.5 Topic:
Physical Security Controls


  • Site Layout and Access
  • Gateways and Locks
  • Alarm Systems
  • Surveillance
  • Hardware Security
  • Environmental Controls

CompTIA Exam Domain Objectives
3.9 Explain the importance of physical security controls


  • Lighting
  • Signs
  • Fencing / gate / cage
  • Security guards
  • Alarms
  • Safe
  • Secure cabinets / enclosures
  • Protected distribution / Protected cabling
  • Air gap
  • Mantrap
  • Faraday cage
  • Lock types
  • Biometrics
  • Barricades / bollards
  • Tokens / cards
  • Environmental controls (HVAC, Hot and cold aisles, Fire suppression)
  • Cable locks
  • Screen filters
  • Cameras
  • Motion detection
  • Logs
  • Infrared detection
  • Key management



Module 2

Identity and Access Management


Unit 2.1 Topic: 

Cryptography

  • Uses of Cryptography
  • Cryptographic Terminology and Ciphers
  • Cryptographic Products
  • Hashing Algorithms
  • Symmetric Algorithms
  • Asymmetric Algorithms
  • Diffie-Hellman and Elliptic Curve
  • Transport Encryption
  • Cryptographic Attacks


Unit 2.1 Topics for Self-study:
Live Labs

  • Encryption and Hashing


CompTIA Exam Domain Objectives
1.2 Compare and contrast types of attacks

  • Cryptographic attacks {Birthday • Known plain text / cipher text • Collision • Downgrade • Replay • Weak implementations}

1.6 Explain the impact associated with types of vulnerabilities

  • Weak cipher suites and implementations

6.1 Compare and contrast basic concepts of cryptography

  • Symmetric algorithms • Modes of operation • Asymmetric algorithms • Hashing • Salt, IV, nonce • Elliptic curve • Weak / deprecated algorithms • Key exchange • Digital signatures • Diffusion • Confusion • Collision • Steganography • Obfuscation • Stream vs. block • Key strength • Session keys • Ephemeral key • Secret algorithm • Data-in-transit • Data-at-rest • Data-in-use • Random / pseudo-random number generation • Implementation vs. algorithm selection (Crypto service provider, Crypto modules) • Perfect Forward Secrecy • Security through obscurity • Common use cases (Low power devices, Low latency, High resiliency, Supporting confidentiality, Supporting integrity, Supporting obfuscation, Supporting authentication, Supporting non-repudiation, Resource vs. security constraints)

6.2 Explain cryptography algorithms and their basic characteristics

  • Symmetric algorithms (AES, DES, 3DES, RC4, Blowfish / Twofish) • Cipher modes (CBC, GCM, ECB, CTM, Stream vs. block) • Asymmetric algorithms (RSA, DSA, Diffie-Hellman [Groups, DHE, ECDHE], Elliptic curve) • Hashing algorithms (MD5, SHA, HMAC, RIPEMD) • Obfuscation (XOR, ROT13, Substitution ciphers)

Unit 2.2 Topic:
Public Key Infrastructure

  • PKI Standards
  • Digital Certificates
  • Certificate Authorities
  • Types of Certificate
  • Implementing PKI
  • Storing and Distributing Keys
  • Key Status and Revocation
  • PKI Trust Models
  • PGP / GPG

Unit 2.2 Topics for Self-study:
Live Labs

  • Understanding PKI Concepts
  • Managing Certificates

CompTIA Exam Domain Objectives
1.6 Explain the impact associated with types of vulnerabilities

  • Improper certificate and key management

2.1 Install and configure network components, both hardware- and software-based, to support organizational security

  • Hardware Security Module

6.2 Explain cryptography algorithms and their basic characteristics

  • Asymmetric algorithms (PGP / GPG)

6.4 Given a scenario, implement public key infrastructure

  • Components {CA • Intermediate CA • CRL • OCSP • CSR • Certificate • Public key • Private key • Object identifiers (OID)} • Concepts {Online vs. offline CA • Stapling • Pinning • Trust model • Key escrow • Certificate chaining} • Types of certificates {Wildcard • SAN • Code signing • Self-signed • Machine / computer • Email • User • Root • Domain validation • Extended validation} • Certificate formats {DER • PEM • PFX • CER • P12 • P7B}

Unit 2.3 Topic:
Identification and Authentication

  • Access Control Systems
  • Identification
  • Authentication
  • LAN Manager / NTLM
  • Kerberos
  • PAP, CHAP, and MS-CHAP
  • Password Attacks
  • Token-based Authentication
  • Biometric Authentication
  • Common Access Card

Unit 2.3 Topics for Self-study:
Live Labs

  • Password Cracking Tools

CompTIA Exam Domain Objectives
1.2 Compare and contrast types of attacks

  • Application / service attacks {Pass-the-Hash} • Cryptographic attacks {Rainbow tables • Dictionary • Brute force (Online vs. offline)}

2.2 Use appropriate software tools to assess security posture

  • Password cracker

2.3 Given a scenario, troubleshoot common security issues

  • Unencrypted credentials / clear text • Certificate / Authentication issues

4.1 Compare and contrast identity and access management concepts

  • Identification, authentication, authorization and accounting (AAA) • Multifactor authentication (Something you are, Something you have, Something you know, Somewhere you are, Something you do)

4.2 Given a scenario, install and configure identity and access services

  • Kerberos • CHAP • PAP • MS-CHAP • NTLM

4.3 Given a scenario, implement identity and access management controls

  • Physical access control (Proximity cards, Smart cards) • Biometric factors (Fingerprint scanner, Retinal scanner, Iris scanner, Voice recognition, Facial recognition, False acceptance rate, False rejection rate, Crossover error rate) • Tokens (Hardware, Software, HOTP / TOTP) • Certificate-based authentication (PIV / CAC / smart card, IEEE 802.1X)

6.1 Compare and contrast basic concepts of cryptography

  • Key stretching

6.2 Explain cryptography algorithms and their basic characteristics

  • Key stretching algorithms (BCRYPT, PBKDF2)

Unit 2.4 Topic:
Identity and Access Services


Unit 2.4 Topics for Self-study:
Live Labs

  • Configuring RADIUS
  • Implementing AD Federation Services

CompTIA Exam Domain Objectives
2.6 Given a scenario, implement secure protocols

  • Protocols {LDAPS} • Use cases {Directory services}

4.1 Compare and contrast identity and access management concepts

  • Federation • Single sign-on • Transitive trust

4.2 Given a scenario, install and configure identity and access services

  • LDAP • TACACS+ • RADIUS • SAML • OpenID Connect • OAuth • Shibboleth • Secure token

Unit 2.5 Topic:
Account Management

  • Formal Access
  • Control Models
  • Account Types
  • Windows Active Directory
  • Creating and Managing Accounts
  • Account Policy Enforcement
  • Credential Management Policies
  • Account Restrictions
  • Accounting and Auditing

CompTIA Exam Domain Objectives
1.6 Explain the impact associated with types of vulnerabilities

  • Improperly configured accounts

2.3 Given a scenario, troubleshoot common security issues

  • Permission issues • Access violations

4.3 Given a scenario, implement identity and access management controls

  • Access control models (MAC, DAC, ABAC, Role-based access control, Rule-based access control) • File system security • Database security

4.4 Given a scenario, differentiate common account management practices

  • Account types {User account • Shared and generic accounts / credentials • Guest accounts • Service accounts • Privileged accounts} • General Concepts {Least privilege • Onboarding / offboarding • Permission auditing and review • Usage auditing and review • Time-of-day restrictions • Recertification • Standard naming convention • Account maintenance • Group-based access control • Location-based policies} • Account policy enforcement {Credential management • Group policy • Password complexity • Expiration • Recovery • Disablement • Lockout • Password history • Password reuse • Password length}


Module 4

Architecture and Design 2 


Unit 4.1 Topic:
Secure Protocols and Services

  • DHCP Security
  • DNS Security
  • Network Management Protocols
  • HTTP and Web Servers
  • SSL / TSL and HTTPS
  • Web Security Gateways
  • Email Services
  • S/MIME
  • File Transfer
  • Voice and Video Services
  • VoIP

Unit 4.1 Topics for Self-study:
Live Labs

  • Implementing DNSSEC
  • Protocols and Services – SNMP

CompTIA Exam Domain Objectives
For CompTIA Security+
1.2 Compare and contrast types of attacks


  • Application / service attacks {DNS poisoning • Domain hijacking, Typosquatting}

2.1 Install and configure network components, both hardware- and software-based, to support organizational security


  • Mail gateway (Spam filter, DLP, Encryption) • SSL / TLS accelerators • SSL decryptors • Media gateway

2.6 Given a scenario, implement secure protocols

  • Protocols {DNSSEC • S/MIME • SRTP • FTPS • SFTP • SNMPv3 • SSL / TLS • HTTPS • Secure POP / IMAP} • Use cases {Voice and video • Time synchronization • Email and web • File transfer • Domain name resolution • Network address allocation • Subscription services}

3.2 Given a scenario, implement secure network architecture concepts

  • Security device / technology placement {SSL accelerators}

Unit 4.2 Topic:
Secure Remote Access


  • Remote Access Architecture
  • Virtual Private Networks
  • IPSec
  • Remote Access Servers 
  • Remote Administration Tools
  • Hardening Remote Access Infrastructure

Unit 4.2 Topics for Self-study:
Live Labs

  • Implementing a Network Policy Server

CompTIA Exam Domain Objectives
For CompTIA Security+
2.1 Install and configure network components, both hardware- and software-based, to support organizational security

  • VPN concentrator (Remote access vs. site-to-site, IPSec [Tunnel mode, Transport mode, AH, ESP], Split tunnel vs. full tunnel, TLS, Always-on VPN)

2.6 Given a scenario, implement secure protocols

  • Protocols {SSH} • Use cases {Remote access}

3.2 Given a scenario, implement secure network architecture concepts

  • Tunneling / VPN {Site-to-site • Remote access} • Security device / technology placement {VPN concentrators}

Unit 4.3 Topic:
Secure Systems Design

  • Trusted Computing
  • Hardware / Firmware Security
  • Peripheral Device Security
  • Secure Configurations
  • OS Hardening
  • Patch Management
  • Embedded Systems
  • Security for Embedded Systems

Unit 4.3 Topics for Self-study:
Live Labs

  • Data Encryption • Implement Patching using WSUS

CompTIA Exam Domain Objectives
For CompTIA Security+

1.6 Explain the impact associated with types of vulnerabilities

  • Vulnerabilities due to: End-of-life systems, Embedded systems, Lack of vendor support • Misconfiguration / weak configuration • Default configuration

2.3 Given a scenario, troubleshoot common security issues

  • Weak security configurations • Unauthorized software • Baseline deviation

2.4 Given a scenario, analyze and interpret output from security technologies

  • Application whitelisting • Removable media control • Patch management tools • Data execution prevention

3.3 Given a scenario, implement secure systems design

  • Hardware / firmware security {FDE / SED • TPM • HSM • UEFI / BIOS • Secure boot and attestation • Supply chain • Hardware root of trust • EMI / EMP} • Operating systems {Types (Network, Server, Workstation, Appliance, Kiosk, Mobile OS) • Patch management • Disabling unnecessary ports and services • Least functionality • Secure configurations • Trusted operating system • Application whitelisting / blacklisting • Disable default accounts / passwords} • Peripherals {Wireless keyboards • Wireless mice • Displays • Wi-Fi-enabled MicroSD cards • Printers / MFDs • External storage devices • Digital cameras}

3.5 Explain the security implications of embedded systems

  • SCADA / ICS • Smart devices / IoT (Wearable technology, Home automation) • HVAC • SoC • RTOS • Printers / MFDs • Camera systems • Special purpose (Medical devices, Vehicles, Aircraft / UAV)

Unit 4.4 Topic:
Mobile Device Services

  • Mobile Device Deployments
  • Mobile Connection Methods 
  • Mobile Access Control Systems 
  • Enforcement and Monitoring

CompTIA Exam Domain Objectives
For CompTIA Security+

2.5 Given a scenario, deploy mobile devices securely

  • Connection methods {Cellular • Wi-Fi • SATCOM • Bluetooth • NFC • ANT • Infrared • USB} • Mobile device management concepts {Application management • Content management • Remote wipe • Geofencing • Geolocation • Screen locks • Push notification services • Passwords and pins • Biometrics • Context-aware authentication • Containerization • Storage segmentation • Full device encryption} • Enforcement and monitoring {Third-party app stores • Rooting / jailbreaking • Sideloading • Custom firmware • Carrier unlocking • Firmware OTA updates • Camera use • SMS / MMS • External media • USB OTG • Recording microphone • GPS tagging • Wi-Fi direct / ad hoc • Tethering • Payment methods} • Deployment models {BYOD • COPE • CYOD • Corporate-owned • VDI}

Unit 4.5 Topic:
Secure Virtualization and Cloud Services

  • Virtualization Technologies • Virtualization Security Best Practices • Cloud Computing • Cloud Security Best Practices

CompTIA Exam Domain Objectives
For CompTIA Security+

1.6 Explain the impact associated with types of vulnerabilities

  • System sprawl / undocumented assets

3.7 Summarize cloud and virtualization concepts

  • Hypervisor (Type I, Type II, Application cells / containers) • VM sprawl avoidance • VM escape protection • Cloud storage • Cloud deployment models (SaaS, PaaS, IaaS, Private, Public, Hybrid, Community) • On-premise vs. hosted vs. cloud • VDI / VDE • Cloud access security broker • Security as a Service


Module 5

Risk Management 


Unit 5.1 Topic:

Forensics

  • Forensic Procedures
  • Collecting Evidence
  • Capturing System Images
  • Handling and Analyzing Evidence

Unit 5.1 Topics for Self-study:
Live Labs

  • Introduction to Digital Forensics

CompTIA Exam Domain Objectives
For CompTIA Security+

5.5 Summarize basic concepts of forensics

  • Order of volatility • Chain of custody • Legal hold • Data acquisition (Capture system image, Network traffic and logs, Capture video, Record time offset, Take hashes, Screenshots, Witness interviews) • Preservation • Recovery • Strategic intelligence / counterintelligence gathering (Active logging) • Track man-hours

Unit 5.2 Topic:

Disaster Recovery and Resiliency

  • Continuity of Operations Plans • Disaster Recovery Planning • Resiliency Strategies • Recovery Sites • Backup Plans and Policies • Resiliency and Automation Strategies


Unit 5.2 Topics for Self-study:
Live Labs

  • Backup and Recovery • Managing Local Storage and Virtual Hard Disks • Implementing Software RAID • Install and Configure Network Load Balancing


CompTIA Exam Domain Objectives
For CompTIA Security+

1.6 Explain the impact associated with types of vulnerabilities

  • Vulnerable business processes

2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization

  • Backup utilities

3.8 Explain how resiliency and automation strategies reduce risk

  • Automation / scripting (Automated courses of action, Continuous monitoring, Configuration validation) • Templates • Master image • Non-persistence (Snapshots, Revert to known state, Rollback to known configuration, Live boot media) • Elasticity • Scalability • Distributive allocation • Redundancy • Fault tolerance • High availability • RAID

5.6 Explain disaster recovery and continuity of operation concepts

  • Recovery sites (Hot site, Warm site, Cold site) • Order of restoration • Backup concepts (Differential, Incremental, Snapshots, Full) • Geographic considerations (Off-site backups, Distance, Location selection, Legal implications, Data sovereignty) • Continuity of operation planning (Exercises / tabletop, After-action reports, Failover, Alternate processing sites, Alternate business practices)


Unit 5.3 Topic:   

Risk Management

  • Business Impact Analysis
  • Identification of Critical Systems
  • Risk Assessment
  • Risk Mitigation

CompTIA Exam Domain Objectives
For CompTIA Security+


2.3 Given a scenario, troubleshoot common security issues

  • License compliance violation (availability / integrity) • Asset management

5.2 Summarize business impact analysis concepts

  • RTO / RPO • MTBF • MTTR • Mission-essential functions • Identification of critical systems • Single point of failure • Impact (Life, Property, Safety, Finance, Reputation) • Privacy impact assessment • Privacy threshold assessment

5.3 Explain risk management processes and concepts

  • Threat assessment {Environmental • Manmade • Internal vs. external} • Risk assessment {SLE • ALE • ARO • Asset value • Risk register • Likelihood of occurrence • Supply chain assessment • Impact • Quantitative • Qualitative • Risk response techniques (Accept, Transfer, Avoid, Mitigate) • Change management}


Unit 5.4 Topic:

Secure Application Development

  • Application Vulnerabilities
  • Application Exploits
  • Web Browser Exploits
  • Secure Application Design
  • Secure Coding Concepts
  • Auditing Applications
  • Secure DevOps

CompTIA Exam Domain Objectives
For CompTIA Security+

1.2 Compare and contrast types of attacks

  • Application / service attacks {Buffer overflow • Injection • Cross-site scripting • Cross-site request forgery • Privilege escalation • Man-in-the-browser • Zero day • Replay • Hijacking and related attacks (Clickjacking, Session hijacking, URL hijacking) • Driver manipulation (Shimming, Refactoring)}

1.6 Explain the impact associated with types of vulnerabilities

  • Race conditions • Improper input handling • Improper error handling • Memory / buffer vulnerability (Memory leak, Integer overflow, Buffer overflow, Pointer dereference, DLL injection) • New threats / zero day

3.4 Explain the importance of secure staging deployment concepts

  • Sandboxing • Environment (Development, Test, Staging, Production) • Secure baseline • Integrity measurement

3.6 Summarize secure application development and deployment concepts

  • Development lifecycle models (Waterfall vs. Agile) • Secure DevOps (Security automation, Continuous integration, Baselining, Immutable systems, Infrastructure as code) • Version control and change management • Provisioning and deprovisioning • Secure coding techniques (Proper error handling, Proper input validation, Normalization, Stored procedures, Code signing, Encryption, Obfuscation / camouflage, Code reuse / dead code, Server-side vs. client-side execution and validation, Memory management, Use of third-party libraries and SDKs, Data exposure) • Code quality and testing (Static code analyzers, Dynamic analysis / fuzzing, Stress testing, Sandboxing, Model verification) • Compiled vs. runtime code


Unit 5.5 Topic:

Organizational Security

  • Corporate Security Policy
  • Personnel Management Policies
  • Interoperability Agreements
  • Data Roles
  • Data Sensitivity Labeling and Handling
  • Data Wiping and Disposal
  • Privacy and Employee Conduct Policies
  • Security Policy Training


CompTIA Exam Domain Objectives
For CompTIA Security+


1.6 Explain the impact associated with types of vulnerabilities

  • Untrained users

2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization

  • Data sanitization tools

2.3 Given a scenario, troubleshoot common security issues

  • Personnel issues (Policy violation, Insider threat, Social media, Personal email)

5.1 Explain the importance of policies, plans, and procedures related to organizational security

  • Standard operating procedure • Agreement types {BPA • SLA • ISA • MOU / MOA} • Personnel management {Mandatory vacations • Job rotation • Separation of duties • Clean desk • Background checks • Exit interviews • Role-based awareness training (Data owner, System administrator, System owner, User, Privileged user, Executive user) • NDA • Onboarding • Continuing education • Acceptable use policy / rules of behavior • Adverse actions} • General security policies {Social media networks / applications • Personal email}

5.8 Given a scenario, carry out data security and privacy practices

  • Data destruction and media sanitization (Burning, Shredding, Pulping, Pulverizing, Degaussing, Purging, Wiping) • Data sensitivity labeling and handling (Confidential, Private, Public, Proprietary, PII, PHI) • Data roles (Owner, Steward / custodian, Privacy officer) • Data retention • Legal and compliance

Payment Plans Available

Learn Online or Campus