Latest News
  • Join CCNP Training Course & Get CCNA Absolutely FREE
  • Courses Available Both Online and Classroom
  • Best IT Networking Training Institute in Dubai

CompTIA Security+ Training Program

IP Rulers is offering Best CompTIA security training in Dubai with strong commitment and good endorsement.The CompTIA Security+ certification is a vendor-neutral credential. The CompTIA Security+ exam is an internationally recognized validation of foundation-level security skills and knowledge, and is used by organizations and security professionals around the globe.

The CompTIA Security+ is a globally recognized certification, validating an individual’s fundamental security knowledge and skills. The first goal of the course is to make you a good IT security tech and, in the process, make sure you are ready to pass the CompTIA Security+ exam.

The CompTIA Security+ exam will certify the successful candidate has the knowledge and skills required to install and configure systems to secure applications, networks, and devices; perform threat analysis and respond with appropriate mitigation techniques; participate in risk mitigation activities; and operate with an awareness of applicable policies, laws, and regulations. The successful candidate will perform these tasks to support the principles of confidentiality, integrity, and availability.

Course Details

CompTIA Security+ is accredited by ANSI to show compliance with the ISO 17024 Standard and, as such, the exam objectives undergo regular reviews and updates. CompTIA exams result from subject matter expert workshops and industry-wide survey results regarding the skills and knowledge required of an IT professional

Required exam:  CompTIA Security+ SY0-501

Target Audience:

This course is designed for anyone seeking Cyber Security certification. Specifically, it is recommended that you have the following skills and knowledge before starting this course:

  • Know the function and basic features of the components of a PC.
  • Use Windows Server to create and manage files and use basic administrative features (Explorer, Control Panel, Server Manager, and Management Consoles).
  • Operate the Linux OS using basic command-line tools.
  • Know basic network terminology and functions (such as OSI Model, Topology, Ethernet, Wi-Fi, switches, routers).
  • Understand TCP/IP addressing, core protocols, and troubleshooting tools

Prerequisite:

The CompTIA Security+ certification is aimed at an IT security professional who Specifically, it is recommended that you have the following skills and knowledge before starting this course:

  • Know the function and basic features of the components of a PC.
  • Use Windows Server to create and manage files and use basic administrative features (Explorer, Control Panel, Server Manager, and Management Consoles).
  • Operate the Linux OS using basic command-line tools.
  • Know basic network terminology and functions (such as OSI Model, Topology, Ethernet, Wi-Fi, switches, routers).
  • Understand TCP/IP addressing, core protocols, and troubleshooting tools

Course outline

CompTIA Security+ SY0-501

1.Threats, Attacks and Vulnerabilities                  21%

2.Technologies and Tools                                     22%

3.Architecture and Design                                    15%

4.Identity and Access Management                       16%

5.Risk Management                                              14%

6.Cryptography and PKI                                       12%

1.1 Given a scenario, analyze indicators of compromise and determine the type of malware.
  • Viruses
  • Crypto malware
  • Ransomware
  • Worm
  • Trojan
  • Rootkit
  • Keylogger
  • Adware
  • Spyware
  • Bots
  • RAT
  • Logic bomb
  • Backdoor
1.2 Compare and contrast types of attacks
  • Social engineering
  • Application/service attacks
  • Wireless attacks
  • Cryptographic attacks
1.3 Explain threat actor types and attributes.
  • Types of actors
  • Attributes of actors
  • Use of open-source intelligence
1.4 Explain penetration testing concepts.
  • Active reconnaissance
  • Passive reconnaissance
  • Pivot
  • Initial exploitation
  • Persistence
  • Escalation of privilege
  • Black box
  • White box
  • Gray box
  • Penetration testing vs. vulnerability scanning
  • Explain vulnerability scanning concepts.
  • Passively test security controls
  • Identify vulnerability
  • Identify lack of security controls
  • Identify common misconfigurations
  • Intrusive vs. non-intrusive
  • Credentialed vs. non-credentialed
  • False positive
  • Explain the impact associated with types of vulnerabilities.
  • Race conditions
  • Vulnerabilities due to:
  • Improper input handling
  • Improper error handling
  • Misconfiguration/weak configuration
  • Default configuration
  • Resource exhaustion
  • Untrained users
  • Improperly configured accounts
  • Vulnerable business processes
  • Weak cipher suites and implementations
  • Memory/buffer vulnerability
  • System sprawl/undocumented assets
  • Architecture/design weaknesses
  • New threats/zero day
  • Improper certificate and key management

2.1 Install and configure network components, both hardware and software-based, to    support organizational security.
  • Firewall
  • VPN concentrator
  • NIPS/NIDS
  • Router
  • ​Switch
  • Proxy
  • Load balancer
  • Access point
  • SIEM
  • DLP
  • NAC
  • Mail gateway
  • Bridge
  • SSL/TLS accelerators
  • SSL decryptors
  • Media gateway
  • Hardware security module
2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization
  • Protocol analyzer
  • Network scanners
  • Wireless scanners/cracker
  • Password cracker
  • Vulnerability scanner
  • Configuration compliance scanner
  • Exploitation frameworks
  • Data sanitization tools
  • Steganography tools
  • Honeypot
  • Backup utilities
  • Banner grabbing
  • Passive vs. active
  • Command line tools
2.3 Given a scenario, troubleshoot common security issues.
  • Unencrypted credentials/clear text
  • Logs and events anomalies
  • Permission issues
  • Access violations
  • Certificate issues
  • Data exfiltration
  • Misconfigured devices
  • Weak security configurations
  • Personnel issues
  • Unauthorized software
  • Baseline deviation
  • License compliance violation (availability/integrity)
  • Asset management
  • Authentication issues
2.4 Given a scenario, analyze and interpret output from security technologies.
  • HIDS/HIPS
  • Antivirus
  • File integrity check
  • Host-based firewall
  • Application whitelisting
  • Removable media control
  • Advanced malware tools
  • Patch management tools
  • UTM
  • DLP
  • Data execution prevention
  • Web application firewall
2.5 Given a scenario, deploy mobile devices securely.
  • Connection methods
  • Mobile device management concepts
  • Enforcement and monitoring for:
  • Deployment models
2.6 Given a scenario, implement secure protocols.
  • Protocols
  • Use cases

3.1Explain use cases and purpose for frameworks, best practices and secure configuration guides.
  • Industry-standard frameworks and reference architectures
  • Benchmarks/secure configuration guides
  • Defense-in-depth/layered security
3.2 Given a scenario, implement secure network architecture concepts.
  • Zones/topologies
  • Segregation/segmentation/isolation
  • Tunneling/VPN
  • Security device/technology placement
  • SDN
3.3 Given a scenario, implement secure systems design.
  • Hardware/firmware security
  • Operating systems
  • Peripherals
3.4 Explain the importance of secure staging deployment concepts.
  • Sandboxing
  • Environment
  • Secure baseline
  • Integrity measurement
3.5 Explain the security implications of embedded systems.
  • SCADA/ICS
  • Smart devices/IoT
  • HVAC
  • SoC
  • RTOS
  • Printers/MFDs
  • Camera systems
  • Special purpose
3.6 Summarize secure application development and deployment concepts
  • Development life-cycle models
  • Secure DevOps
  • Version control and change management
  • Provisioning and deprovisioning
  • Secure coding techniques
  • Code quality and testing
  • Compiled vs. runtime code
3.7 Summarize cloud and virtualization concepts.
  • Hypervisor
  • VM sprawl avoidance
  • VM escape protection
  • Cloud storage
  • Cloud deployment models
  • On-premise vs. hosted vs. cloud
  • VDI/VDE
  • Cloud access security broker
  • Security as a Service
3.8 Explain how resiliency and automation strategies reduce risk.
  • Automation/scripting
  • Templates
  • Master image
  • Non-persistence
  • Elasticity
  • Scalability
  • Distributive allocation
  • Redundancy
  • Fault tolerance
  • High availability
  • RAID
3.9 Explain the importance of physical security controls
  • Lighting
  • Signs
  • Fencing/gate/cage
  • Security guards
  • Alarms
  • Safe
  • Secure cabinets/enclosures
  • Protected distribution/Protected cabling
  • Airgap
  • Mantrap
  • Faraday cage
  • Lock types
  • Biometrics
  • Barricades/bollards
  • Tokens/cards
  • Environmental controls
  • Cable locks
  • Screen filters
  • Cameras
  • Motion detection
  • Logs
  • Infrared detection
  • Key management

4.1 Compare and contrast identity and access management concepts
  • Identification, authentication, authorization and accounting (AAA)
  • Multifactor authentication
  • Federation
  • Single sign-on
  • Transitive trust
4.2 Given a scenario, install and configure identity and access services.
  • LDAP
  • Kerberos
  • TACACS+
  • CHAP
  • PAP
  • MSCHAP
  • RADIUS
  • SAML
  • OpenID Connect
  • OAUTH
  • Shibboleth
  • Secure token
  • NTLM
4.3 Given a scenario, implement identity and access management controls.
  • Access control models
  • Physical access control
  • Biometric factors
  • Tokens
  • Certificate-based authentication
  • File system security
  • Database security
4.4 Given a scenario, differentiate common account management practices.
  • Account types
  • General Concepts
  • Account policy enforcement

5.1 Explain the importance of policies, plans and procedures related to organizational security
  • Standard operating procedure
  • Agreement types
  • Personnel management
  • General security policies
5.2 Summarize business impact analysis concepts.
  • RTO/RPO
  • MTBF
  • MTTR
  • Mission-essential functions
  • Identification of critical systems
  • Single point of failure
  • Impact
  • Privacy impact assessment
  • Privacy threshold assessment
5.3 Explain risk management processes and concepts.
  • Threat assessment
  • Risk assessment
  • Change management
5.4 Given a scenario, follow incident response procedures.
  • Incident response plan
  • Incident response process
5.5 Summarize basic concepts of forensics.
  • Order of volatility
  • Chain of custody
  • Legal hold
  • Data acquisition
  • Preservation
  • Recovery
  • Strategic intelligence/ counterintelligence gathering
  • Track man-hours
5.6 Explain disaster recovery and continuity of operation concepts.
  • Recovery sites
  • Order of restoration
  • Backup concepts
  • Geographic considerations
  • Continuity of operation planning
5.7 Compare and contrast various types of controls.
  • Deterrent
  • Preventive
  • Detective
  • Corrective
  • Compensating
  • Technical
  • Administrative
  • Physical
5.8 Given a scenario, carry out data security and privacy practices.
  • Data destruction and media sanitization
  • Data sensitivity labeling and handling
  • Data roles
  • Data retention
  • Legal and compliance

6.1 Compare and contrast basic concepts of cryptography.
  • Symmetric algorithms
  • Modes of operation
  • Asymmetric algorithms
  • Hashing
  • Salt, IV, nonce
  • Elliptic curve
  • Weak/deprecated algorithms
  • Key exchange
  • Digital signatures
  • Diffusion
  • Confusion
  • Collision
  • Steganography
  • Obfuscation
  • Stream vs. block
  • Key strength
  • Session keys
  • Ephemeral key
  • Secret algorithm
  • Data-in-transit
  • Data-at-rest
  • Data-in-use
  • Random/pseudo-random number generation
  • Key stretching
  • Implementation vs. algorithm selection
  • Perfect forward secrecy
  • Security through obscurity
  • Common use cases
6.2 Explain cryptography algorithms and their basic characteristics.
  • Symmetric algorithms
  • Cipher modes
  • Asymmetric algorithms
  • Hashing algorithms
  • Key stretching algorithms
  • Obfuscation
6.3 Given a scenario, install and configure wireless security settings.
  • Cryptographic protocols
  • Authentication protocols
  • Methods
6.4 Given a scenario, implement public key infrastructure
  • Components
  • Concepts
  • Types of certificates
  • Certificate formats

Trainer's Profile

IP Rulers is managed by an expert team of trainers with over 12 years’ experience in the industry and in hands-on training.
All the trainers have multiple certifications in their respective areas of interest.
Individual trainers’ profiles can be provided upon request by email, along with demos and LinkedIn profiles.
Online and classroom demos are also available upon request.

Training Schedule

CompTIA Security+

Batch

Weekdays (Sun - Thu)

Weekend (Fri- Sat)

Mode

Classroom / Online

Classroom / Online

Hours

40 Hours

40 Hours

Duration

1 Month

2 Month

Date

Course

Training Type

Batch

Register

6 Jun 2021

CompTIA Security+

Classroom / Online

Weekdays (Sun-Thu)

4 Jun 2021

CompTIA Security+

Classroom / Online

Weekdays (Sun-Thu)

Benefits

This course will teach you the fundamental principles of installing and configuring cybersecurity controls and participating in incident response and risk mitigation.

Study of the course can also help to build the prerequisites to study more advanced IT security qualifications, including CompTIA Cybersecurity Analyst (CSA)+, CompTIA Advanced Security Practitioner (CASP), and ISC’s CISSP (Certified Information Systems Security Professional).
<h4>On course completion, you will be able to:</h4>
<h6>Identify network attack strategies and defenses.</h6>
<h6>Understand the principles of organizational security and the elements of effective security policies.</h6>
<h6>Know the technologies and uses of cryptographic standards and products.</h6>
<h6>Identify network- and host-based security technologies and practices.</h6>
<h6>Describe how wireless and remote access security is enforced.</h6>
<h6>Describe the standards and products used to enforce security on web and communications technologies.</h6>
<h6>Identify strategies for ensuring business continuity, fault tolerance, and disaster recovery.</h6>
<h6>Summarize application and coding vulnerabilities and identify development and deployment methods designed to mitigate them.</h6>

Testimonial

Open chat