CompTIA Security+

CompTIA Security+ validates your commitment to security. Business owners across all industries want to hire professionals who can keep their networks secure. A CompTIA Security+ credential on your resume proves to employers your ability to keep their information safe from network security breaches.

Key benefits for becoming CompTIA Security+ certified: A solid credential that can be utilized in any industry. U.S. Dept. of Defense and Directive 8570: U.S. DOD employees or contractors engaged in work related to information security are required to be certified, as specified in a list of certifications included in the Directive 8570 manual, and CompTIA Security+ is one of the designated certifications. Healthcare industry and HIPAA (Health Insurance Portability and Accountability Act): This Congressional Act of 1996 requires that standards be met in the security and privacy of data in the healthcare industry.

One way that healthcare companies can demonstrate their compliance with the standards in this act is to verify certification of their network and information security staff. Financial industry and web-based attacks: The financial industry and its customers are vulnerable to attacks designed to gain access to personal account information. Those who provide network security are critical in this business, and the CompTIA Security+ certification is an assurance of baseline competency.

Validation of achievement in an industry-valued skill. All industries need trained security professionals to combat hackers and security threats. CompTIA Security+ shows employers you can maintain the integrity of their business communications, infrastructure and operations.Viable career path, leading to higher level positions. 74 percent of IT managers say a CompTIA certification is an important factor in considering an employee for a promotion.* *Measuring the Value of IT Certification, Kotler Marketing Group, 2003

• Security overview
• Introduction to network security
• Understanding security threats
• Creating a secure network strategy
• Windows 2000 server access control
• Authentication
• Introduction to authentication
• Kerberos
• Challenge Handshake Authentication Protocol
• Digital certificates
• Security tokens
• Biometrics
• Attacks and malicious code
• Denial of service attacks
• Man-in-the-middle attacks
• Spoofing
• Replays
• TCP session hijacking
• Social engineering
• Attacks against encrypted data
• Software exploitation
• Remote access
• Securing remote communications
• Authentication
• Telecommuting vulnerabilities
• Secure e-mail and encryption 0
• PGP and S/MIME encryption
• E-mail vulnerabilities
• Web security
• SSL/TLS protocol
• Instant messaging
• Vulnerabilities of Web tools
• Configuring Internet Explorer security
• Directory and file transfer services
• Introduction to directory services
• File transfer services
• File sharing
• Wireless and instant messaging
• IEEE 802.11
• WAP 1.x and WAP 2.0
• Wired equivalent privacy
• Instant messaging
• Network devices
• Understanding firewalls
• Routers
• Switches
• Telecom, cable modem, and wireless devices
• Securing remote access
• Intrusion detection systems
• Workstations and servers
• Transmission and storage media
• Transmission media
• Storage media
• Network security topologies
• Security topologies
• Network Address Translation
• Tunneling
• Virtual Local Area Networks
• Intrusion detection
• Intrusion detection systems
• Network-based and host-based IDS
• Active and passive detection
• Honeypots
• Incident response
• Security baselines
• OS/NOS hardening
• Network hardening
• Application hardening
• Cryptography
• Concepts of cryptography Topic B: Public Key Infrastructure (PKI)
• Key management and life cycle
• Setting up a certificate server
• Physical security
• Access control
• Environment
• Disaster recovery and business continuity
• Disaster recovery
• Business continuity
• Policies and procedures
• Privilege management
• Computer forensics and advanced topics
• Understanding computer forensics
• Risk identification
• Education and training
• Auditing
• Documentation