Comptia Security+

Focus on Training
Course summary
5 days
1,199 GBP excl. VAT
Open / Scheduled

Course description

Comptia Security+

This 5-day course is intended for those wishing to qualify with CompTIA Security+ Certification. Security+ is foundation-level certification designed for IT administrators with 2 years' experience whose job role is focused on system security. The CompTIA Security+ exam will certify that the successful candidate has the knowledge and skills required to identify risk, to participate in risk mitigation activities, and to provide infrastructure, application, information, and operational security. In addition, the successful candidate will apply security controls to maintain confidentiality, integrity, and availability, identify appropriate technologies and products, troubleshoot security events and incidents, and operate with an awareness of applicable policies, laws, and regulations. CompTIA Security+ SyllabusCertification:The contents of this training material were created for the CompTIA Security+ Certification SY0-401 exam covering the 2014 Edition Security+ certification exam objectives.

Suitability - Who should attend?

Ideally, you should have successfully completed the 'CompTIA Network+ Support Skills' course and have around 24 months' experience of networking support or IT administration. It is not necessary that you pass the Network+ exam before completing Security+ certification, but it is recommended.

Regardless of whether you have passed Network+, it is recommended that you have the following skills and knowledge before starting this course:

  • Know the function and basic features of the components of a PC.
  • Use Windows to create and manage files and use basic administrative features (Explorer, Control Panel and Management Consoles).
  • Know basic network terminology and functions (such as OSI Model, Topology, Ethernet, TCP/IP, switches, routers).
  • Understand TCP/IP addressing, core protocols, and troubleshooting tools

Training Course Content

Module 1 / Security Threats and Controls

Security Controls

  • Why is Security Important?
  • Security Policy
  • Security Controls
  • Identification
  • Authentication
  • Authorization
  • Basic Authorization Policies
  • Accounting


  • Hyper-V 

Threats and Attacks

  • Vulnerability, Threat, and Risk
  • Social Engineering
  • Phishing
  • Malware
  • Trojans and Spyware
  • Preventing Malware
  • Anti-Virus Software
  • Removing Malware


  • Trojans and Malware Protection

Network Attacks

  • Network Fundamentals
  • Sniffers and Protocol Analysers
  • ARP Attacks
  • IP Spoofing and Hijacking
  • Network Mappers and Port Scanners
  • Denial of Service Attacks


  • Network Vulnerabilities

Assessment Tools and Techniques

  • Vulnerability Assessments and Pentests
  • Security Assessment Techniques
  • Vulnerability Scanners
  • Honeypots and Honeynets


  • Baseline Security Analyser

Module 2 / Cryptography and Access Control


  • What is Cryptography?
  • Uses of Cryptography
  • Cryptographic Hash Functions
  • Symmetric Encryption
  • Asymmetric Encryption
  • Asymmetric Ciphers
  • Diffie-Hellman
  • ECC and Quantum Cryptography
  • Cryptographic Attacks
  • Steganography


  • Steganography

Public Key Infrastructure

  • PKI and Certificates
  • Certificate Authorities
  • Implementing PKIKey Management
  • Creating Keys Key Recovery Agents
  • Key Status and Revocation
  • Cryptographic Standards
  • PGP / GPG


  • Configuring Certificate Services

Password Authentication

  • LAN Manager / NTLM
  • Kerberos
  • PAP and CHAP
  • Password Protection
  • Password Attacks


  • Password Sniffing

Strong Authentication

  • Token-based Authentication
  • Biometric Authentication
  • Common Access Card
  • Extensible Authentication Protocol
  • RADIUS and TACACS+Federation and Trusts
  • Authorization and Account Management
  • Privilege Policies
  • Directory Services
  • Lightweight Directory Access Protocol
  • Windows Active Directory
  • Creating and Managing User Accounts
  • Managing Group Accounts
  • Account Policy Enforcement
  • User Rights, Permissions, and Access Reviews

Module 3 / Network Security

Secure Network Design

  • Secure Network Topologies
  • Demilitarized Zones
  • Other Security Zones
  • Network Device Exploitation
  • Switches and VLANs
  • Switch Vulnerabilities and Exploits
  • Routers
  • Network Address Translation
  • Security Appliances and Applications


  • Basic Firewalls
  • Stateful Firewalls
  • Proxies and Gateways
  • Implementing a Firewall or Gateway
  • Web and Email Security Gateways
  • Intrusion Detection Systems
  • IDS Analysis Engines
  • Monitoring System Logs
  • Wireless Network Security


  • Wireless LANs
  • WEP and WPA
  • Wi-Fi Authentication
  • Additional Wi-Fi Security Settings
  • Wi-Fi Site Security
  • VPN and Remote Access Security
  • Remote Access
  • Virtual Private Networks
  • IPSec
  • Remote Access Servers
  • Remote Administration Tools
  • Hardening Remote Access Infrastructure


  • Configuring a VPN

Network Application Security

  • Application Layer Security
  • DHCP Security
  • DNS Security
  • SNMP Security
  • Storage Area Network Security
  • IPv4 versus IPv6Telephony


  • Attacks Against DHCP and DNS

Module 4 / Host, Data, and Application Security

  • Host Security
  • Computer Hardening
  • Host Security Management PlanOS Hardening
  • Patch Management
  • Network Access Control
  • Implementing Network Access Control


  • Network Access Protection

Data Security

  • Data Handling
  • Data Encryption
  • Data Loss Prevention
  • Backup Plans and Policies
  • Backup Execution and Frequency
  • Restoring Data and Verifying Backups
  • Data Wiping and Disposal


  • Data Leakage Prevention

Web Services Security

  • Hyper Text Transport Protocol
  • SSL / TLS
  • Web Servers
  • Load Balancers
  • File Transfer


  • HTTP and HTTPS

Web Application Security

  • Web Application Technologies
  • Web Application Databases
  • Web Application Exploits
  • Web Application Browser Exploits
  • Secure Web Application Design
  • Auditing Web Applications
  • Web Browser Security


  • Web Application Vulnerabilities

Virtualization and Cloud Security

  • Virtualization Technologies
  • Virtual Platform Applications
  • Virtualization Best Practices
  • Cloud Computing
  • Risks of Cloud Computing

Module 5 / Operational Security

  • Site Security
  • Site Layout and Access
  • Gateways and Locks
  • Alarm Systems
  • Surveillance
  • Hardware Security
  • Environmental Controls
  • Hot and Cold Aisles
  • RFI / EMI
  • Fire Prevention and Suppression
  • Mobile and Embedded Device Security
  • Static Environments
  • Mitigating Risk in Static Environments
  • Mobile Device Security
  • Mobile Device Management
  • BYOD Concerns
  • Mobile Application Security
  • Bluetooth and NFC
  • Risk Management
  • Business Continuity Concepts
  • Risk Calculation
  • Risk Mitigation
  • Integration with Third Parties
  • Service Level Agreements
  • Change and Configuration Management
  • Disaster Recovery
  • Disaster Recovery Planning
  • IT Contingency Planning
  • Clusters and Sites
  • Incident Response and Forensics
  • Incident Response Procedures
  • Preparation
  • Detection, and Analysis
  • Containment
  • Eradication, and Recovery
  • Forensic Procedures
  • Collection of Evidence
  • Handling and Analysing Evidence

About provider

Focus on Training

Focus on Training: Best Practice Skills from the Specialists

Focus on Training is a professional training company specialising in offering accredited Project Management and IT programmes. With over 10,000 courses offered in over 100 locations throughout the United Kingdom, Focus is a premier training provider. All programmes can be booked online...

Read more and show all courses with this provider

Request info

Fill out your details to find out more about Comptia Security+.

  Contact the provider

  Get more information

  Register your interest

Contact info

Focus on Training

Olympus House, Werrington Centre
PE4 6NA Peterborough

 Show phone number

Request information

Find out more about this Comptia Security+ course - simply fill out your details:

U.K. L&D Report: 2018 - Benchmark Your Workplace Learning Strategy

Are you curious about the L&D strategies of some of the U.K.'s top companies?

Find out what they're up to in findcourses.co.uk's second annual U.K. L&D Report!


Learn more

Find a course for you!

  Read the course
 summary on this page

 Fill in your details and Request information

 Receive all the info you need

Find more courses here