Comptia Security+

Module 1 / Security Threats and Controls

Security Controls

• Why is Security Important?
• Security Policy
• Security Controls
• Identification
• Authentication
• Authorization
• Basic Authorization Policies
• Accounting

Labs

• Hyper-V 

Threats and Attacks

• Vulnerability, Threat, and Risk
• Social Engineering
• Phishing
• Malware
• Trojans and Spyware
• Preventing Malware
• Anti-Virus Software
• Removing Malware

Labs

• Trojans and Malware Protection

Network Attacks

• Network Fundamentals
• Sniffers and Protocol Analysers
• ARP Attacks
• IP Spoofing and Hijacking
• Network Mappers and Port Scanners
• Denial of Service Attacks

Labs

• Network Vulnerabilities

Assessment Tools and Techniques

• Vulnerability Assessments and Pentests
• Security Assessment Techniques
• Vulnerability Scanners
• Honeypots and Honeynets

Labs

• Baseline Security Analyser

Module 2 / Cryptography and Access Control

Cryptography

• What is Cryptography?
• Uses of Cryptography
• Cryptographic Hash Functions
• Symmetric Encryption
• Asymmetric Encryption
• Asymmetric Ciphers
• Diffie-Hellman
• ECC and Quantum Cryptography
• Cryptographic Attacks
• Steganography

Labs

• Steganography

Public Key Infrastructure

• PKI and Certificates
• Certificate Authorities
• Implementing PKIKey Management
• Creating Keys Key Recovery Agents
• Key Status and Revocation
• Cryptographic Standards
• PGP / GPG

Labs

• Configuring Certificate Services

Password Authentication

• LAN Manager / NTLM
• Kerberos
• PAP and CHAP
• Password Protection
• Password Attacks

Labs

• Password Sniffing

Strong Authentication

• Token-based Authentication
• Biometric Authentication
• Common Access Card
• Extensible Authentication Protocol
• RADIUS and TACACS+Federation and Trusts
• Authorization and Account Management
• Privilege Policies
• Directory Services
• Lightweight Directory Access Protocol
• Windows Active Directory
• Creating and Managing User Accounts
• Managing Group Accounts
• Account Policy Enforcement
• User Rights, Permissions, and Access Reviews

Module 3 / Network Security

Secure Network Design

• Secure Network Topologies
• Demilitarized Zones
• Other Security Zones
• Network Device Exploitation
• Switches and VLANs
• Switch Vulnerabilities and Exploits
• Routers
• Network Address Translation
• Security Appliances and Applications

• Basic Firewalls
• Stateful Firewalls
• Proxies and Gateways
• Implementing a Firewall or Gateway

• Web and Email Security Gateways
• Intrusion Detection Systems
• IDS Analysis Engines
• Monitoring System Logs
• Wireless Network Security

• Wireless LANs
• WEP and WPA
• Wi-Fi Authentication
• Additional Wi-Fi Security Settings
• Wi-Fi Site Security
• VPN and Remote Access Security
• Remote Access
• Virtual Private Networks
• IPSec
• Remote Access Servers
• Remote Administration Tools
• Hardening Remote Access Infrastructure

Labs

• Configuring a VPN

Network Application Security

• Application Layer Security
• DHCP Security
• DNS Security
• SNMP Security
• Storage Area Network Security
• IPv4 versus IPv6Telephony

Labs

• Attacks Against DHCP and DNS

Module 4 / Host, Data, and Application Security

• Host Security
• Computer Hardening
• Host Security Management PlanOS Hardening
• Patch Management
• Network Access Control
• Implementing Network Access Control

Labs

• Network Access Protection

Data Security

• Data Handling
• Data Encryption
• Data Loss Prevention
• Backup Plans and Policies
• Backup Execution and Frequency
• Restoring Data and Verifying Backups
• Data Wiping and Disposal

Labs

• Data Leakage Prevention

Web Services Security

• Hyper Text Transport Protocol
• SSL / TLS
• Web Servers
• Load Balancers
• File Transfer

Labs

• HTTP and HTTPS

Web Application Security

• Web Application Technologies
• Web Application Databases
• Web Application Exploits
• Web Application Browser Exploits
• Secure Web Application Design
• Auditing Web Applications
• Web Browser Security

Labs

• Web Application Vulnerabilities

Virtualization and Cloud Security

• Virtualization Technologies
• Virtual Platform Applications
• Virtualization Best Practices
• Cloud Computing
• Risks of Cloud Computing

Module 5 / Operational Security

• Site Security
• Site Layout and Access
• Gateways and Locks
• Alarm Systems
• Surveillance
• Hardware Security
• Environmental Controls
• Hot and Cold Aisles
• RFI / EMI
• Fire Prevention and Suppression
• Mobile and Embedded Device Security
• Static Environments
• Mitigating Risk in Static Environments
• Mobile Device Security
• Mobile Device Management
• BYOD Concerns
• Mobile Application Security
• Bluetooth and NFC
• Risk Management
• Business Continuity Concepts
• Risk Calculation
• Risk Mitigation
• Integration with Third Parties
• Service Level Agreements
• Change and Configuration Management
• Disaster Recovery
• Disaster Recovery Planning
• IT Contingency Planning
• Clusters and Sites
• Incident Response and Forensics
• Incident Response Procedures
• Preparation
• Detection, and Analysis
• Containment
• Eradication, and Recovery
• Forensic Procedures
• Collection of Evidence
• Handling and Analysing Evidence