5/5

CompTIA Security+ Training Program

5/5

CompTIA Security+ Training Program

Get enrolled for CompTIA Security+ certification training in Dubai from IP Rulers. The CompTIA Security+ certification is a vendor-neutral credential. The CompTIA Security+ exam is an internationally recognized validation of foundation-level security skills and knowledge, and is used by organizations and security professionals around the globe.

The CompTIA Security+ is a globally recognized certification, validating an individual’s fundamental security knowledge and skills. The first goal of the course is to make you a good IT security tech and, in the process, make sure you are ready to pass the CompTIA Security+ exam.

The CompTIA Security+ exam will certify the successful candidate has the knowledge and skills required to install and configure systems to secure applications, networks, and devices; perform threat analysis and respond with appropriate mitigation techniques; participate in risk mitigation activities; and operate with an awareness of applicable policies, laws, and regulations. The successful candidate will perform these tasks to support the principles of confidentiality, integrity, and availability.

CompTIA Security+ is accredited by ANSI to show compliance with the ISO 17024 Standard and, as such, the exam objectives undergo regular reviews and updates. CompTIA exams result from subject matter expert workshops and industry-wide survey results regarding the skills and knowledge required of an IT professional

Required exam:  CompTIA Security+ SY0-501

 
Target Audience:

This course is designed for anyone seeking Cyber Security certification. Specifically, it is recommended that you have the following skills and knowledge before starting this course:

  • Know the function and basic features of the components of a PC.
  • Use Windows Server to create and manage files and use basic administrative features (Explorer, Control Panel, Server Manager, and Management Consoles).
  • Operate the Linux OS using basic command-line tools.
  • Know basic network terminology and functions (such as OSI Model, Topology, Ethernet, Wi-Fi, switches, routers).
  • Understand TCP/IP addressing, core protocols, and troubleshooting tools
 
Prerequisite:

The CompTIA Security+ certification is aimed at an IT security professional who Specifically, it is recommended that you have the following skills and knowledge before starting this course:

  • Know the function and basic features of the components of a PC.
  • Use Windows Server to create and manage files and use basic administrative features (Explorer, Control Panel, Server Manager, and Management Consoles).
  • Operate the Linux OS using basic command-line tools.
  • Know basic network terminology and functions (such as OSI Model, Topology, Ethernet, Wi-Fi, switches, routers).
  • Understand TCP/IP addressing, core protocols, and troubleshooting tools

  • This course will teach you the fundamental principles of installing and configuring cybersecurity controls and participating in incident response and risk mitigation.

    Study of the course can also help to build the prerequisites to study more advanced IT security qualifications, including CompTIA Cybersecurity Analyst (CSA)+, CompTIA Advanced Security Practitioner (CASP), and ISC’s CISSP (Certified Information Systems Security Professional).

    On course completion, you will be able to:
    • Identify network attack strategies and defenses.
    • Understand the principles of organizational security and the elements of effective security policies.
    • Know the technologies and uses of cryptographic standards and products.
    • Identify network- and host-based security technologies and practices.
    • Describe how wireless and remote access security is enforced.
    • Describe the standards and products used to enforce security on web and communications technologies.
    • Identify strategies for ensuring business continuity, fault tolerance, and disaster recovery.
    • Summarize application and coding vulnerabilities and identify development and deployment methods designed to mitigate them.

Babu Varghese

Senior Cloud & Security Specialist

MCSE,RHCE,CCNP,CEH,CSA,CCSE,F5-CTS, AWS & Azure

Certified instructor with 20+ years of experience in the field of cloud and cybersecurity. Proven success in leveraging educational theories and methodologies to design, develop, and deliver successful training programs and integrate instructional technology to provide onsite and virtual training. Babu has helped IPRULERS in setting the bar for cloud and cyber security training and helping thousands of engineers to obtain their own certifications. He excels in corporate training and has excellent interpersonal skills that make him stand out. Babu has proven his knowledge and skills in delivering training for the Microsoft, Amazon, f5, Check Point, EC-Council, CompTIA & Cisco etc.

Duration

40 Hours

Modules

6

Skill Level

Beginner

Language

English

Certificate

Yes

Mode

Online/Offline

ENQUIRE NOW

Share :

Course Curriculam

1.1 Given a scenario, analyze indicators of compromise and determine the type of malware.
  • Viruses
  • Crypto malware
  • Ransomware
  • Worm
  • Trojan
  • Rootkit
  • Keylogger
  • Adware
  • Spyware
  • Bots
  • RAT
  • Logic bomb
  • Backdoor
 
1.2 Compare and contrast types of attacks
  • Social engineering
  • Application/service attacks
  • Wireless attacks
  • Cryptographic attacks
 
1.3 Explain threat actor types and attributes.
  • Types of actors
  • Attributes of actors
  • Use of open-source intelligence
 
1.4 Explain penetration testing concepts.
  • Active reconnaissance
  • Passive reconnaissance
  • Pivot
  • Initial exploitation
  • Persistence
  • Escalation of privilege
  • Black box
  • White box
  • Gray box
  • Penetration testing vs. vulnerability scanning
  • Explain vulnerability scanning concepts.
  • Passively test security controls
  • Identify vulnerability
  • Identify lack of security controls
  • Identify common misconfigurations
  • Intrusive vs. non-intrusive
  • Credentialed vs. non-credentialed
  • False positive
  • Explain the impact associated with types of vulnerabilities.
  • Race conditions
  • Vulnerabilities due to:
  • Improper input handling
  • Improper error handling
  • Misconfiguration/weak configuration
  • Default configuration
  • Resource exhaustion
  • Untrained users
  • Improperly configured accounts
  • Vulnerable business processes
  • Weak cipher suites and implementations
  • Memory/buffer vulnerability
  • System sprawl/undocumented assets
  • Architecture/design weaknesses
  • New threats/zero day
  • Improper certificate and key management
2.1 Install and configure network components, both hardware and software-based, to    support organizational security.
  • Firewall
  • VPN concentrator
  • NIPS/NIDS
  • Router
  • ​Switch
  • Proxy
  • Load balancer
  • Access point
  • SIEM
  • DLP
  • NAC
  • Mail gateway
  • Bridge
  • SSL/TLS accelerators
  • SSL decryptors
  • Media gateway
  • Hardware security module
 
2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization
  • Protocol analyzer
  • Network scanners
  • Wireless scanners/cracker
  • Password cracker
  • Vulnerability scanner
  • Configuration compliance scanner
  • Exploitation frameworks
  • Data sanitization tools
  • Steganography tools
  • Honeypot
  • Backup utilities
  • Banner grabbing
  • Passive vs. active
  • Command line tools
 
2.3 Given a scenario, troubleshoot common security issues.
  • Unencrypted credentials/clear text
  • Logs and events anomalies
  • Permission issues
  • Access violations
  • Certificate issues
  • Data exfiltration
  • Misconfigured devices
  • Weak security configurations
  • Personnel issues
  • Unauthorized software
  • Baseline deviation
  • License compliance violation (availability/integrity)
  • Asset management
  • Authentication issues
 
2.4 Given a scenario, analyze and interpret output from security technologies.
  • HIDS/HIPS
  • Antivirus
  • File integrity check
  • Host-based firewall
  • Application whitelisting
  • Removable media control
  • Advanced malware tools
  • Patch management tools
  • UTM
  • DLP
  • Data execution prevention
  • Web application firewall
 
2.5 Given a scenario, deploy mobile devices securely.
  • Connection methods
  • Mobile device management concepts
  • Enforcement and monitoring for:
  • Deployment models
 
2.6 Given a scenario, implement secure protocols.
  • Protocols
  • Use cases
3.1Explain use cases and purpose for frameworks, best practices and secure configuration guides.
  • Industry-standard frameworks and reference architectures
  • Benchmarks/secure configuration guides
  • Defense-in-depth/layered security
 
3.2 Given a scenario, implement secure network architecture concepts.
  • Zones/topologies
  • Segregation/segmentation/isolation
  • Tunneling/VPN
  • Security device/technology placement
  • SDN
 
3.3 Given a scenario, implement secure systems design.
  • Hardware/firmware security
  • Operating systems
  • Peripherals
 
3.4 Explain the importance of secure staging deployment concepts.
  • Sandboxing
  • Environment
  • Secure baseline
  • Integrity measurement
 
3.5 Explain the security implications of embedded systems.
  • SCADA/ICS
  • Smart devices/IoT
  • HVAC
  • SoC
  • RTOS
  • Printers/MFDs
  • Camera systems
  • Special purpose
 
3.6 Summarize secure application development and deployment concepts
  • Development life-cycle models
  • Secure DevOps
  • Version control and change management
  • Provisioning and deprovisioning
  • Secure coding techniques
  • Code quality and testing
  • Compiled vs. runtime code
 
3.7 Summarize cloud and virtualization concepts.
  • Hypervisor
  • VM sprawl avoidance
  • VM escape protection
  • Cloud storage
  • Cloud deployment models
  • On-premise vs. hosted vs. cloud
  • VDI/VDE
  • Cloud access security broker
  • Security as a Service
 
3.8 Explain how resiliency and automation strategies reduce risk.
  • Automation/scripting
  • Templates
  • Master image
  • Non-persistence
  • Elasticity
  • Scalability
  • Distributive allocation
  • Redundancy
  • Fault tolerance
  • High availability
  • RAID
 
3.9 Explain the importance of physical security controls
  • Lighting
  • Signs
  • Fencing/gate/cage
  • Security guards
  • Alarms
  • Safe
  • Secure cabinets/enclosures
  • Protected distribution/Protected cabling
  • Airgap
  • Mantrap
  • Faraday cage
  • Lock types
  • Biometrics
  • Barricades/bollards
  • Tokens/cards
  • Environmental controls
  • Cable locks
  • Screen filters
  • Cameras
  • Motion detection
  • Logs
  • Infrared detection
  • Key management
4.1 Compare and contrast identity and access management concepts
  • Identification, authentication, authorization and accounting (AAA)
  • Multifactor authentication
  • Federation
  • Single sign-on
  • Transitive trust
 
4.2 Given a scenario, install and configure identity and access services.
  • LDAP
  • Kerberos
  • TACACS+
  • CHAP
  • PAP
  • MSCHAP
  • RADIUS
  • SAML
  • OpenID Connect
  • OAUTH
  • Shibboleth
  • Secure token
  • NTLM
 
4.3 Given a scenario, implement identity and access management controls.
  • Access control models
  • Physical access control
  • Biometric factors
  • Tokens
  • Certificate-based authentication
  • File system security
  • Database security
 
4.4 Given a scenario, differentiate common account management practices.
  • Account types
  • General Concepts
  • Account policy enforcement
5.1 Explain the importance of policies, plans and procedures related to organizational security
  • Standard operating procedure
  • Agreement types
  • Personnel management
  • General security policies
 
5.2 Summarize business impact analysis concepts.
  • RTO/RPO
  • MTBF
  • MTTR
  • Mission-essential functions
  • Identification of critical systems
  • Single point of failure
  • Impact
  • Privacy impact assessment
  • Privacy threshold assessment
 
5.3 Explain risk management processes and concepts.
  • Threat assessment
  • Risk assessment
  • Change management
 
5.4 Given a scenario, follow incident response procedures.
  • Incident response plan
  • Incident response process
 
5.5 Summarize basic concepts of forensics.
  • Order of volatility
  • Chain of custody
  • Legal hold
  • Data acquisition
  • Preservation
  • Recovery
  • Strategic intelligence/ counterintelligence gathering
  • Track man-hours
 
5.6 Explain disaster recovery and continuity of operation concepts.
  • Recovery sites
  • Order of restoration
  • Backup concepts
  • Geographic considerations
  • Continuity of operation planning
 
5.7 Compare and contrast various types of controls.
  • Deterrent
  • Preventive
  • Detective
  • Corrective
  • Compensating
  • Technical
  • Administrative
  • Physical
 
5.8 Given a scenario, carry out data security and privacy practices.
  • Data destruction and media sanitization
  • Data sensitivity labeling and handling
  • Data roles
  • Data retention
  • Legal and compliance
6.1 Compare and contrast basic concepts of cryptography.
  • Symmetric algorithms
  • Modes of operation
  • Asymmetric algorithms
  • Hashing
  • Salt, IV, nonce
  • Elliptic curve
  • Weak/deprecated algorithms
  • Key exchange
  • Digital signatures
  • Diffusion
  • Confusion
  • Collision
  • Steganography
  • Obfuscation
  • Stream vs. block
  • Key strength
  • Session keys
  • Ephemeral key
  • Secret algorithm
  • Data-in-transit
  • Data-at-rest
  • Data-in-use
  • Random/pseudo-random number generation
  • Key stretching
  • Implementation vs. algorithm selection
  • Perfect forward secrecy
  • Security through obscurity
  • Common use cases
 
6.2 Explain cryptography algorithms and their basic characteristics.
  • Symmetric algorithms
  • Cipher modes
  • Asymmetric algorithms
  • Hashing algorithms
  • Key stretching algorithms
  • Obfuscation
 
6.3 Given a scenario, install and configure wireless security settings.
  • Cryptographic protocols
  • Authentication protocols
  • Methods
 
6.4 Given a scenario, implement public key infrastructure
  • Components
  • Concepts
  • Types of certificates
  • Certificate formats

Download Course Brochure

For More details please download our brochure here.

DOWNLOAD

OUR STUDENT SUCCESS
STORIES

“Mr. Gigi Vikraman has been very supportive and amazing person. His way of teaching is completely a different style than others where the one who get in depth knowledge about the products. If anyone dream the lucky number, I recommend Gigi.”

Dileep NR

CCIE Collaboration

“It was a great journey with IP Rulers for learning CCNP Enterprise. From the best guidance of Gigi Vikraman Sir, he is very helpful with exceptional teaching skill and he even make every complex topic very easy to understand which is really amazing. Thanks a lot.”

Akhil PJ

CCNP Enterprise

“This was one of the best Network training I have ever attended. The Institute, materials & facilitation was excellent. I recommend this training & Institute to all Network engineers who interested in seeing real progress in their professional carrier.
Thank you again IP Rulers.”

Priji Soman

CCNP Enterprise

Enquire Now

We are here to provide you with comprehensive assistance regarding all the details related to the courses and any other inquiries you may have. Please feel free to reach out to us for guidance and support.

    IP Rulers resolve to be just that – to be crowned as the Rulers in the field of Network and Security.

    Site Map

    Help

    Contact Info

    • + 971 43346660
      +971 559454771
    • training@iprulers.com
    • Wasl Business Central, Office No : 201, 27th Street, Sheikh Rashid Road, Port Saeed, Deira, Dubai, UAE

    Copyright © 2023. All Right reserved to IP Rulers

    Scroll to Top
    ×