How to plan for network security that matches your technology infrastructure from top to bottom.
Security+ Certification is the primary course you will need to take if your job responsibilities include securing network services, network devices, and network traffic. It is also the main course you will take to prepare for the CompTIA Security+ examination. In this course, you will build on your knowledge and professional experience with computer hardware, operating systems, and networks as you acquire the specific skills required to implement basic security services on any type of computer network.
When you’re through, you’ll have a comprehensive, roadmap understanding of the network security architecture techniques and tactics that will take your organization into the future… safely.
Class Fee: |
$3,490 |
Time: |
72 hrs |
Learning Level: |
Entry |
Contact Hours: |
40 hr 1 wk + 32 hr pre-study & 2hr exam |
Prerequisites: |
Understanding of TCP/IP Protocols |
Credits: |
72 CPE / 3 CEU |
Method of Delivery: |
Residential (100% face-to-face) or Hybrid |
Instructor: |
TBD |
Method of Evaluation: |
95 % attendance 2. 100 % completion of Lab |
Grading: |
Pass = Attendance+ labs & quizzes Fail > 95% Attendance |
Sample Job Titles:
Contracting Officer (CO)
Contracting Officer Technical Representative (COTR)
Information Assurance (IA) Manager
Information Assurance (IA) Program Manager
Information Assurance (IA) Security Officer
Information Security Program Manager
Information Systems Security Manager (ISSM)
Information Systems Security Officer (ISSO)
Information Systems Security Operator
This accelerated class is taught using face to face modality or hybrid modality [excluding veterans using the Veterans Education benefits, can only attend in face to face classes. Class includes 72 hours of contact studies, labs, reading assignments and final exam - passing the final exam is a requirement for graduation.
Who Should Attend
IT professional who has networking and administrative skills in Windows-based TCP/IP networks and familiarity with other operating systems, such as NetWare, Macintosh, UNIX/Linux, and OS/2, who wants to: further a career in Information Technology by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security+ examination;
Network Security Administrators, Security Personnel, Auditors, and Consultants concerned with network security, and Consultants, as well as others seeking to tie together their organization’s discreet tactical advanced security solutions into a strategic information security framework.
KU Outcomes
- Students will be able to analyze system components and determine how they will interact in a composed system.
- Students will be able to analyze a system design and determine if the design will meet the system security requirements
Text Materials: quiz labs, SU free Practice tests and resources. Machines a Dual Core 4M Ram, 350 Gig drives, running MS OS, linux, and VMWare Workstation
Learning Objectives - 31 hrs lecture/ 9 hrs labs
Tips for taking the exam & SU Pre-class Study Techniques
1.0 Security Governance, Risk, and Compliance (Risk Management) 21%
2.0 CyberSecurity Threats, Attacks and Vulnerabilities 18%
3.0 Architecture and Design 21%
4.0 Identity and Access Management 16%
5.0 Cryptography and Public Key Infrastructure (PKI) 13%
6.0 CyberSecurity Technologies and Tools 11%
Note: Further information about the exam (e.g., # of questions, time, scoring) is included at the end of this document.
CompTIA Security+ Certification SY0-601 provides the basic knowledge needed to plan, implement, and maintain information security in a vendor-neutral format. This includes risk management, host and network security, authentication and access control systems, cryptography, and organizational security.
In our Instructor Led Security+ Course, you will learn to:
Proactively implement sound security protocols to mitigate security risks
Quickly respond to security issues
Proactively and retroactively identify where security breaches may have occurred
Architect and design a enterprise network, on-site or in the cloud, with security in mind
CLICK TO ROLL DOWN OUR CLASS SYLLABUS
Lesson Plan 51 hr lecture 21 labs/quizzes
1.0 Security Governance, Risk, and Compliance (Risk Management)
1.1 CyberSecurity Concepts
- Confidentiality, integrity, availability
- Business drivers for cybersecurity: risk, compliance
- Roles in CyberSecurity management
- Regulatory compliance overview
1.2 CyberSecurity Risk Management Concepts and Processes
- Threat and risk assessment
- Quantitative risk analysis
- Qualitative risk analysis
- Information classification
- Risk response choices
- Change management
1.3 Comparing and Contrasting CyberSecurity Controls
- Types of security controls - administrative, technical, physical
- CyberSecurity control intent
1.4 Policies, Standards, Procedures, and Administrative Controls for CyberSecurity
- General security policies
- Business agreement types
- Continuing education
- Acceptable use policy/rules of behavior
1.5 Data Media Storage Protection, Handling, and Disposal
- Data destruction and media sanitization
- Data sensitivity labeling and handling
- Data retention and disposal policies
- Personally Identifiable Information (PII)
- Protected Health Information (PHI)
- Roles in data management
1.6 CyberSecurity Incident Response Procedures
- Incident response planning and management
- Incident response process
- After action report (AAR)
1.7 Fundamentals of CyberSecurity Forensics
- Evidence chain of custody
- Evidence acquisition, preservation, and protection
- Order of volatility
- Legal hold
1.8 Measuring Risk through Business Impact Analysis (BIA)
- Threats to business continuity
- Identification of critical systems
- Measurements of downtime/outage impact
- Privacy impact assessment (PIA)
- Privacy threshold assessment (PTA)
1.9 Business Continuity and Disaster Recovery Concepts
- Types of backup – full, incremental, differential
- Methods of backup: removable media, electronic
- Geographic considerations for backups
- Alternate/recovery sites
- Recovery testing
2.0 CyberSecurity Threats, Attacks and Vulnerabilities
2.1 Identifying and Characterizing Threat Actors
Types of actors
2.2 Types of CyberSecurity Attacks
- Malware attacks
- Social engineering
- Application/service attacks
- Hijacking and related attacks
- Wireless attacks
- Cryptographic attacks
- Online vs. offline
2.3 Impact Associated with Types of Vulnerabilities
- End-of-life systems
- Embedded systems
- Lack of vendor support
- Race conditions
- Memory leaks
- System sprawl/undocumented assets
- Architecture/design weaknesses
- New threats/zero day
- Improper certificate and key management
2.4 Explaining Vulnerability Scanning and Penetration Testing Concepts
- Vulnerability and penetration testing objectives
- Active and passive reconnaissance
- Intrusive vs. non-intrusive
- Black box/White box/Gray box
- Credentialed vs. non-credentialed
- Target organization reconnaissance
- Network discovery and enumeration
- Port scanning and banner grabbing
- Vulnerability scanning
- Exploit scripts and exploit consoles
- False positives and false negatives
- Reporting results to management
3.0 Architecture and Design
3.1 Using CyberSecurity Frameworks and Configuration Baselines
- Benchmarks/secure configuration guides
- Defense-in-depth/layered security
3.2 Implementing Network CyberSecurity Architectures
- Zones/topologies
- Network address translation (NAT)/Port address translation (PAT)
- Segregation/segmentation/isolation
- Security device/technology placement
- Software Defined Networking (SDN)
3.3 Implementing Secure Systems Design
- Hardware/firmware security
- Operating systems
- Patch management
- System hardening
- Peripherals
3.4 Deploying Secure Staging Practices and Procedures
- Sandboxing
- Staging environments
- Secure baseline
- Integrity measurement
3.5 Addressing the Security Implications of Embedded Systems
- Supervisory control and data acquisition (SCADA)/Industrial Control System (ICS)
- Smart devices/Internet of Things (IoT)
3.6 Defining Secure Application Design, Development, and Deployment
- System development life-cycle (SDLC) models – waterfalls vs agile
- DevOps (Software Development/Software Operations)
- Secure DevOps (DevSecOps)
- Version control and change management
- Provisioning and deprovisioning
- Secure coding techniques
- Code quality and testing
- Programming model verification - Compiled vs. runtime code
3.7 Virtualization and Cloud Computing Security
- Hypervisors
- Application cells/containers
- Virtual desktop infrastructure (VDI)/Virtual desktop ethernet (VDE)
- Cloud deployment models
- Cloud service models
- Cloud access security broker (CASB)
3.8 Using Resiliency and Automation Strategies to Reduce Risk
- Automation/scripting
- Snapshots
- Savepoints
- Live boot media
- Redundant Array of Independent Disks (RAID)
3.9 Physical and Environmental Security Controls
- Fencing/gates/cages
- Barricades/bollards
- Security guards
- Lighting
- Cameras
- Motion detection
- Signs
- Alarms
- Safe and secure enclosures
- Mantrap
- Airgap
- Faraday cage
- Protected distribution/protected cabling
- Physical access control: Proximity cards, biometric factors, smart cards
- Cable locks
- Logs
- Environmental controls: HVAC, hot and cold aisles, fire suppression
4.0 Identity and Access Management
4.1 Identity and Access Control Management Concepts
- Access control concepts and architecture
- User authentication credentials
- Something you are
- Something you have
- Something you know
- Somewhere you are
- Multifactor authentication / Two-factor authentication (2FA)
- Two-way authentication
4.2 Installing and Configuring Authentication Protocols
- Single Sign-On (SSO): Kerberos, transitive trust,
- Federation: personal, business
- Password authentication protocol (PAP)
- Challenge handshake authentication protocol (CHAP)
- Extensible authentication protocol (EAP)
- Authentication, authorization, and accounting (AAA): RADIUS, TACACS+, Diameter
- IEEE 802.1x
- Lightweight directory access protocol (LDAP)
4.3 Implementing Access Control Management
- Discretionary access control (DAC)
- Attribute-based access control (ABAS)
- Role-based access control
- Rule-based access control
- Mandatory access control (MAC)/Trusted computing system
- File system security
- Database security
4.4 User Account and Identity Management Policies and Administration
- Account types
- Separation of duties
- Least privilege
- Privileged user account controls
- Onboarding/Offboarding
- Permission auditing and review
- Usage auditing and review
- Time-of-day restrictions
- Re-certification
- Account maintenance
- Group-based access control
- Location-based policies
5.0 Cryptography and Public Key Infrastructure (PKI)
5.1 Basic Concepts of Cryptography
- Cryptography concepts and terminology
- Encryption strength/work factor
- Deployment: data-in-transit/data-at-rest/data-in-use
- Session keys
- Secure key exchange
- Ephemeral key
- Perfect forward secrecy
- Digital signatures
5.2 Explaining Cryptography Algorithms and Their Basic Characteristics
- Symmetric algorithms
- Cipher modes
- Asymmetric algorithms
- Hashing algorithms
- Key stretching and salting
- Message authentication codes
5.3 Install and Configure Wireless Security Settings
- Wireless cryptographic protocols
- Network authentication protocols for wireless applications
5.4 Implement Public Key Infrastructure (PKI)
- Digital certificate components
- Types of certificates
- Certificate assignees
- Certificate formats (file types)
- Chain of trust/Trust anchors
- PKI architecture
- Root authority
- Certificate authorities (CA)
- Registration authorities (RA)
- Validation authorities (VA)
- Certificate revocation lists (CRL)
- Online certificate status protocol (OCSP)
5.5 Steganography
6.0 CyberSecurity Technologies and Tools
6.1 Install and Configure CyberSecurity Network Components
- Firewalls
- VPN technologies
- Routers
- Switches
- Proxy servers
- Load balancers
- Web security gateways
- Web application firewalls (WAF)
- Data loss prevention (DLP)
- E-mail guards and gateways
- Wireless access points (WAP)
- Network Intrusion Detection System (NIDS)/Network Intrusion Prevention System (NIPS)
- Security Information and Event Management (SIEM)
- Encryption devices
6.2 CyberSecurity Assessment Tools
- Protocol analyzer
- Network scanners
- Command line tools
6.3 Troubleshooting CyberSecurity Scenarios
- Unencrypted credentials/clear text
- Logs and events anomalies
- Permission issues
- Access violations
- Certificate issues
- Data exfiltration
- Misconfigured devices
- Firewalls
- Wireless access points
- Weak security configurations
- Personnel issues
6.4 Analyzing and Interpreting Output from CyberSecurity Technologies
- HIDS/HIPS
- Antivirus
- File integrity check
- Host-based firewall
- Application whitelisting/blacklisting
- Removable media control
- Advanced malware tools
- Patch management tools
- Unified Threat Management (UTM)
- Data Loss Prevention (DLP)
- Data execution prevention (DEP)
- Web application firewall
6.5 Implementing Secure Communications Protocols
- Secure protocols
- Secure Shell (SSH)
- Secure Socket Layer (SSL)/Transport Layer Security (TLS)
- Voice and video
- Time synchronization
- Email and web
- File transfer
- Directory services
- Remote access
- Domain name resolution/Domain name system (DNS)
- Routing and switching
6.6 Deploying Mobile Device Security
- Connection methods
- Mobile device management concepts
- Enforcement and monitoring
- Deployment models
Exam Version: CompTIA Security+ SY0-601
Exam Fee: $495 per exam attempt
Exam Location: You can take the exam on site last day of class - we are a mobile testing site
Time Allocated: 90 minutes per exam Exam Score Range: Scores range from 100-900 , Minimum Pass Score: 750
Number Of Questions: Not more than 90 questions per exam (usually 60-75 in recent months)
Exam format: Linear format; computer-based test (CBT) - multiple choice, multiple answer, performance-based
Prerequisites: You should have a basic understanding of operating systems and TCP/IP networking similar to that obtained from CompTIA Strata IT Fundamentals and Network+ or equivalent work experience. Network+ and A+ certifications are recommended by CompTIA, but not required Validation Period: Certification expires after 3 years, unless Continuing Professional Education (CPE) requirements and maintenance fees are met - contact www.comptia.org for more details Score Report : Delivered immediate on test completion
Lesson Plan 28hr lecture 12 hr labs/quizzes
Access Control - Policies, standards and procedures that define who users are, what they can do, which resources they can access, and what operations they can perform on a system.
Administration - Identification of information assets and documentation of policies, standards, procedures and guidelines that ensure confidentiality, integrity and availability.
Audit and Monitoring - Determining system implementation and access in accordance with defined IT criteria. Collecting information for identification of and response to security breaches or events.
Risk, Response and Recovery - The review, analysis and implementation processes essential to the identification, measurement and control of loss associated with uncertain events.
Lesson Plan Day5
Cryptography - The protection of information using techniques that ensure its integrity, confidentiality, authenticity and non-repudiation, and the recovery of encrypted information in its original form.
Data Communications - The network structure, transmission methods and techniques, transport formats and security measures used to operate both private and public communication networks.
Malicious Code - Countermeasures and prevention techniques for dealing with viruses, worms, logic bombs, Trojan horses and other related forms of intentionally created deviant code.
Grades - All students must ordinarily take all quizzes, labs, final exam and submit the class practical in order to be eligible for a Q/ISP, Q/IAP, Q/SSE, or Q/WP credential unless granted an exception in writing by the President. Know that Q/ISP classes draws quite the spectrum of students, including "those less comfortable," "those more comfortable," and those somewhere in between. However, what ultimately matters in this course is not so much where you end up relative to your classmates but where you end up relative to yourself in on Friday of class. The course is graded as a pass or fail solely on your attendance and participation. Those less comfortable and somewhere in between are not at a disadvantage vis-à-vis those more comfortable. Escalating labs help you prepare for real world scenarios. Each labs escalates upon itself, increasing in intensity, rising to the next level, while you’re mitigating the threat step by step
Books - No books are required for this course. However, you may want to supplement your preparation for or review of some lectures with self-assigned readings relevant to those lectures' content from either of the books below. The first is intended for those inexperienced in (or less comfortable with the idea of) hacking. The second is intended for those experienced in (or more comfortable with the idea of) hacking. Both are available at sites like Amazon.com. Both are avail at the SU Hacker Library. Realize that free, if not superior, resources can be found on the SU website.