CompTIA Security+ Certification Training (SY0-401)

List Price: $695.00
Sale Price: $495.00
Item Number: CT-SEC+
Configuration: -online

* denotes required field

Media Content*
CompTIA Security+ (SY0-401)
Our reputation speaks for itself! See what others are saying... Testimonials

Have questions about the exam? Click Here
Package Includes:

  • 12 Months Online Access featuring ondemand instructor-led classroom sessions with full audio, video and demonstration components
  • Printable Courseware
  • Certificate of Completion
  • Demonstrations where the instructor brings the Physical and Software Components to Life
  • Focused on practical solutions to real-world development problems
  • Self Assessment Unit Review Quizzes
  • Free 1 Year Upgrade Policy
  • Certificate of Completion
  • Certification Pass Guaranteed
  • Mobile Access via iPhones and iPads for video access only

Instructor: Kenneth Mayer - CCSI, MCT, CCNT, CCNP, CCDA

Ken Mayer is a Microsoft Certified Trainer as well as a Certified Ethical Hacker Trainer and Security consultant. He started his career in computer technology in 1980s. He has offered a wide variety of IT training and high level consulting projects for Fortune 500 companies across the United States and Western Europe. He has achieved the Certified Cisco Systems Instructor certification. The CCSI certification involved a two-day lab and observation event held on Cisco's Paris, France Facility. This gave Ken the accreditation to be able to deliver Cisco Authorized Courses as a CCSI. He has taught the full line of Cisco CCNA, CCDA, CCNP, CCDP and CCIP course curriculums, including Cisco's security appliances such as PIX and IDS.


Course Features:

*Features are subject to change based on course

Course Outline TXT
Course Introduction
Course Introduction
Lesson 01 - Security Fundamentals
Topic A: The Information Security Cycle
What Is Information Security?
What to Protect
Goals of Security
A Vulnerability
Types of Controls
The Security Management Process
Topic B: Information Security Controls
The CIA Triad
Authentication Factors
Access Control
Access Control Models
Accounting and Auditing
Common Security Practices
Implicit Deny
Least Privilege
Separation of Duties
Job Rotation
Mandatory Vacation
Time of Day Restrictions
Privilege Management
Topic C: Authentication Methods
User Name/Password Authentication
Keystroke Authentication
Multi-factor Authentication
Mutual Authentication
Topic D: Cryptography Fundamentals
Encryption and Decryption
Cipher Types
Encryption and Security Goals
Demo - Exploring Public Key Cryptography
Demo - Sharing a Secret Message with Steganography
A Key
Hashing Encryption
Hashing Encryption Algorithms
Demo - Calculating Hashes
Symmetric Encryption
Symmetric Encryption Algorithms
Asymmetric Encryption
Asymmetric Encryption Techniques
Key Exchange
Digital Signatures
Cipher Suites
Session Keys
Key Stretching
Topic E: Security Policy Fundamentals
A Security Policy
Security Policy Components
Common Security Policy Types
Group Policy
Security Document Categories
Change Management
Documentation Handling Measures
Lesson 01 Review
Lesson 02 - Identifying Security Threats and Vulnerabilities
Topic A: Social Engineering
Social Engineering Attacks
Social Engineering Effectiveness
Types of Social Engineering
Hackers and Attackers
Categories of Attackers
Topic B: Malware
Malicious Code Attacks
Demo - Installing Antivirus Software
Demo - Scanning Your System for Spyware
Trojan Horses
Logic Bombs
Polymorphic Malware
Armored Viruses
Topic C: Software-Based Threats
Software Attacks
Password Attacks
Types of Password Attacks
Backdoor Attacks
Application Attacks
Types of Application Attacks
Demo - Managing Application Security
Topic D: Network-Based Threats
TCP/IP Basics
Port Scanning Attacks
Eavesdropping Attacks
Man-in-the-Middle Attacks
Replay Attacks
Social Network Attacks
DoS Attacks
DDoS Attacks
Types of DoS Attacks
Session Hijacking
P2P Attacks
ARP Poisoning
Transitive Access Attacks
DNS Vulnerabilities
Topic E: Wireless Threats and Vulnerabilities
Wireless Security
Demo - Configuring a Wireless Access Point
Demo - Configuring a Wireless Client
Rogue Access Points
Evil Twins
Near Field Communication
War Driving and War Chalking
IV Attacks
Packet Sniffing
Wireless Replay Attacks
Sinkhole Attacks
WEP and WPA Attacks
WPS Attacks
Topic F: Physical Threats and Vulnerabilities
Physical Security
Physical Security Threats and Vulnerabilities
Hardware Attacks
Environmental Threats and Vulnerabilities
Lesson 02 Review
Lesson 03 - Managing Data, Application, and Host Security
Topic A: Manage Data Security
Layered Security
Defense in Depth
What Is Data Security?
Data Security Vulnerabilities
Data Storage Methods
Data Encryption Methods
Hardware-Based Encryption Devices
Types of Hardware-Based Encryption Devices
Data States
Permissions and Access Control Lists
Handling Big Data
Data Policies
Guidelines for Managing Data Security
Demo - Managing Data Security
Topic B: Manage Application Security
What Is Application Security?
Patch Management
Application Security Methods
Input Validation
Input Validation Vulnerabilities
Client-Side and Server-Side Validation
Error and Exception Handling
Cross-Site Attack Prevention Methods
Web Browser Security
Demo - Configuring a Web Browser
Guidelines for Establishing Web Browser Security
NoSQL Databases
Database Security
Guidelines for Managing Application Security
Topic C: Manage Device and Host Security
Demo - Hardening a Server
Operating System Security
Operating System Security Settings
Security Baselines
Software Updates
Application Blacklisting and Whitelisting
Demo - Implementing Auditing
Anti-malware Software
Types of Anti-malware Software
Virtualization Security Techniques
Hardware Security Controls
Non-standard Hosts
Security Controls for Non-standard Hosts
Strong Passwords
Guidelines for Establishing Device and Host Security
Topic D: Manage Mobile Security
Mobile Device Types
Mobile Device Vulnerabilities
Mobile Device Security Controls
Mobile Application Security Controls
BYOD Controls
Guidelines for Managing Mobile Security
Lesson 03 Review
Lesson 04 - Implementing Network Security
Topic A: Configure Security Parameters on Network Devices and Technologies
Network Components
Network Devices
Demo - Configuring Firewall Parameters
Network Analysis Tools
Demo - Configuring a Network Intrusion Detection System
Wireless IDS
Types of Network Monitoring Systems
VPN Concentrator
Web Security Gateways
Topic B: Network Design Elements and Components
Remote Access
Telephony Components
Cloud Computing
Cloud Computing Deployment Models
Cloud Computing Service Types
Topic C: Implement Networking Protocols and Services
OSI Model
OSI Model and Security
Demo - Securing Network Traffic Using IP Security
Fibre Channel
File Transfer Protocols
Ports and Port Ranges
Demo - Installing an IIS Web Server
Topic D: Apply Secure Network Administration Principles
Rule-Based Management
Network Administration Security Methods
Unified Threat Management
Guidelines for Applying Network Security Administration Principles

Topic E: Secure Wireless Traffic
Wireless Networks
Wireless Antenna Types
802.11 Standards
Wireless Security Protocols
VPNs and Open Wireless
Wireless Security Methods
Captive Portals
Site Surveys
Guidelines for Securing Wireless Traffic
Demo - Securing Wireless Traffic
Lesson 04 Review
Lesson 05 - Implementing Access Control, Authentication, and Account Management
Topic A: Access Control and Authentication Services
Directory Services
Common Directory Services
Demo - Backing Up Active Directory
Remote Access Methods
Remote Access Protocols
Guidelines for Securing Remote Access
Topic B: Implement Account Management Security Controls
Identity Management
Account Management
Account Privileges
Account Policy
Multiple Accounts
Shared Accounts
Account Federation
Account Management Security Controls
Demo - Account Management Security Controls
Credential Management
Group Policy
Guidelines for Implementing Account Management Security Controls
Lesson 05 Review
Lesson 06 - Managing Certificates
Topic A: Install a CA Hierarchy
Digital Certificates
Certificate Authentication
PKI Components
CA Hierarchies
The Root CA
Public and Private Roots
Subordinate CAs
Offline Root CAs
CA Hierarchy Design Options
Demo - Installing a Certificate Authority
Topic B: Enroll Certificates
The Certificate Enrollment Process
Demo - Enrolling for Certificates
The Certificate Life Cycle
Certificate Life Cycle Management
Topic C: Secure Network Traffic by Using Certificates
The SSL Enrollment Process
Topic D: Renew Certificates
Certificate Renewal
Topic E: Back Up and Restore Certificates and Private Keys
Private Key Protection Methods
Key Escrow
Private Key Restoration Methods
The Private Key Replacement Process
Topic F: Revoke Certificates
Certificate Revocation
Demo - Revoking Certificates
Lesson 06 Review
Lesson 07 - Implementing Compliance and Operational Security
Topic A: Physical Security
Physical Security Controls
Physical Security Control Types
Environmental Exposures
Environmental Controls
Environmental Monitoring Safety
Topic B: Legal Compliance
Compliance Laws and Regulations
Legal Requirements
Types of Legal Requirements
Forensic Requirements
Topic C: Security Awareness and Training
Security Policy Awareness
Role-Based Training
Classification of Information
The Employee Education Process
User Security Responsibilities
Validation of Training Effectiveness
Topic D: Integrate Systems and Data with Third Parties
Business Partners
Social Media Networks and Applications
Interoperability Agreements
Risk Awareness
Data Sharing and Backups
Guidelines for Securely Integrating Systems and Data with Third Parties
Lesson 07 Review
Lesson 08 - Risk Management
Topic A: Risk Analysis
Risk Management
Security Assessment Types
Risk Types
Components of Risk Analysis
Phases of Risk Analysis
Risk Analysis Methods
Risk Calculation
Risk Response Strategies
Risk Mitigation and Control Types
Topic B: Implement Vulnerability Assessment Tools and Techniques
Vulnerability Assessment Techniques
Vulnerability Assessment Tools
Topic C: Scan for Vulnerabilities
The Hacking Process
Ethical Hacking
Vulnerability Scanning and Penetration Testing
Types of Vulnerability Scans
Demo - Scanning for Port Vulnerabilities
Demo - Scanning for Password Vulnerabilities
Box Testing Methods
Security Utilities
Topic D: Mitigation and Deterrent Techniques
Security Posture
Demo - Capturing Network Data
Detection Controls and Prevention Controls
Risk Mitigation Strategies
Types of Mitigation and Deterrent Techniques
Failsafe, Failsecure, and Failopen
Lesson 08 Review
Lesson 09 - Troubleshooting and Managing Security Incidents
Topic A: Respond to Security Incidents
Security Incident Management
Computer Crime
First Responders
Chain of Custody
Computer Forensics
Order of Volatility
Basic Forensic Process
Basic Forensic Response Procedures for IT
Big Data Analysis
Guidelines for Responding to Security Incidents
Topic B: Recover from a Security Incident
Basic Incident Recovery Process
Damage Assessment
Recovery Methods
An Incident Report
Guidelines for Recovering from a Security Incident
Lesson 09 Review
Lesson 10 - Business Continuity and Disaster Recovery Planning
Topic A: Business Continuity
Continuity of Operations Plan
Alternate Sites
IT Contingency Planning
Succession Planning
Business Continuity Testing Methods
Topic B: Plan for Disaster Recovery
Fault Tolerance
Redundancy Measures
Demo - Creating a RAID Array Through Software
High Availability
Disaster Recovery Testing and Maintenance
Guidelines for Planning for Disaster Recovery
Topic C: Execute DRPs and Procedures
The Disaster Recovery Process
Recovery Team
Secure Recovery
Backup Types and Recovery Plans
A Backout Contingency Plan
Secure Backups
Backup Storage Locations
Guidelines for Executing DRPs and Procedures
Lesson 10 Review
Course Closure

Related Products

MCITP Training
Shopping Cart
Your cart is empty.

Our Reputation Speaks for Itself!

"I have worked with Career Academy in many different formats over the last 8 years. I have been an instructor in their products, a reseller, and a business partner. I have been continually impressed with Career Academy's professionalism, quality of products, and ethics. Their whole team works very hard on all fronts and treats their customers and partners with respect.

Career Academy is certainly one of the 'good guys' in the industry who can be trusted to do the right thing by all. "

Shon Harris
Logical Security
Author of Best Selling
"CISSP All-in-One Exam Guide"

"New Horizons of Columbus, Omaha, Memphis, Pittsburgh, Lincoln, Atlanta, Indianapolis, and Nashville's addition of Career Academy's VideoTrainer learning systems has given us the ability to offer our students an additional training venue. The Remote Mentored Learning capabilities offered by Career Academy have helped revolutionize our virtual training delivery worldwide.

Career Academy's Video Learning Solution through New Horizons Computer Learning Centers delivery gives our customers what they want, how they want and when they want with quality delivery."

Bob Outlaw
Director/General Manager
New Horizons of Omaha and Lincoln

  • See More...