Font size:

Schedule our instructor led classroom training at your convenience and never miss another lecture or fall behind. You are in complete control. We invited the Best CompTIA Security+ Certified Trainers in the industry to help us develop the ultimate training and certification program which includes everything you will need to fully prepare for and pass the most recent certification exam.

The CompTIA Security+ (SY0-401) certification establishes knowledgeable professionals in the field of corporate security, one of the fastest-growing fields in IT. Even in a troubled economy, most businesses plan to at least maintain or optimally increase their investment in IT security. CompTIA Security+ is an international, vendor-neutral certification that demonstrates competency in network infrastructure, system security, organizational security and access control. Major organizations that enlist CompTIA Security+ certified professionals include Hewlett- Packard, IBM, Motorola, Hilton Hotels Corp., General Mills, Symantec, Lockheed Martin, Unisys, Hitachi, Ricoh, the U.S. Navy, Army, Air Force and Marines.

Although not a prerequisite, it is recommended that CompTIA Security+ candidates have at least two years of technical networking experience, with an emphasis on security. The CompTIA Network+ certification is also recommended.

  • 12 Months Online Access featuring ondemand instructor-led classroom sessions with full audio, video and demonstration components
  • Printable Courseware
  • Certificate of Completion
  • Demonstrations where the instructor brings the Physical and Software Components to Life
  • Focused on practical solutions to real-world development problems
  • Self Assessment Unit Review Quizzes
  • Free 1 Year Upgrade Policy
  • Certificate of Completion
Instructor: Kenneth Mayer - CCSI, MCT, CCNT, CCNP, CCDA
Ken Mayer is a Microsoft Certified Trainer as well as a Certified Ethical Hacker Trainer and Security consultant. He started his career in computer technology in 1980s. He has offered a wide variety of IT training and high level consulting projects for Fortune 500 companies across the United States and Western Europe. He has achieved the Certified Cisco Systems Instructor certification. The CCSI certification involved a two-day lab and observation event held on Cisco's Paris, France Facility. This gave Ken the accreditation to be able to deliver Cisco Authorized Courses as a CCSI. He has taught the full line of Cisco CCNA, CCDA, CCNP, CCDP and CCIP course curriculums, including Cisco's security appliances such as PIX and IDS.

Course Introduction
Course Introduction
Lesson 01 - Security Fundamentals
Topic A: The Information Security Cycle
What Is Information Security?
What to Protect
Goals of Security
A Vulnerability
Types of Controls
The Security Management Process 
Topic B: Information Security Controls
The CIA Triad
Authentication Factors
Access Control
Access Control Models
Accounting and Auditing
Common Security Practices
Implicit Deny
Least Privilege
Separation of Duties
Job Rotation
Mandatory Vacation
Time of Day Restrictions
Privilege Management 
Topic C: Authentication Methods
User Name/Password Authentication
Keystroke Authentication
Multi-factor Authentication
Mutual Authentication 
Topic D: Cryptography Fundamentals
Encryption and Decryption
Cipher Types
Encryption and Security Goals
Demo - Exploring Public Key Cryptography
Demo - Sharing a Secret Message with Steganography
A Key
Hashing Encryption
Hashing Encryption Algorithms
Demo - Calculating Hashes
Symmetric Encryption
Symmetric Encryption Algorithms
Asymmetric Encryption
Asymmetric Encryption Techniques
Key Exchange
Digital Signatures
Cipher Suites
Session Keys
Key Stretching 
Topic E: Security Policy Fundamentals
A Security Policy
Security Policy Components
Common Security Policy Types
Group Policy
Security Document Categories
Change Management
Documentation Handling Measures
Lesson 01 Review 
Lesson 02 - Identifying Security Threats and Vulnerabilities
Topic A: Social Engineering
Social Engineering Attacks
Social Engineering Effectiveness
Types of Social Engineering
Hackers and Attackers
Categories of Attackers 
Topic B: Malware
Malicious Code Attacks
Demo - Installing Antivirus Software
Demo - Scanning Your System for Spyware
Trojan Horses
Logic Bombs
Polymorphic Malware
Armored Viruses 
Topic C: Software-Based Threats
Software Attacks
Password Attacks
Types of Password Attacks
Backdoor Attacks
Application Attacks
Types of Application Attacks
Demo - Managing Application Security 
Topic D: Network-Based Threats
TCP/IP Basics
Port Scanning Attacks
Eavesdropping Attacks
Man-in-the-Middle Attacks
Replay Attacks
Social Network Attacks
DoS Attacks
DDoS Attacks
Types of DoS Attacks
Session Hijacking
P2P Attacks
ARP Poisoning
Transitive Access Attacks
DNS Vulnerabilities 
Topic E: Wireless Threats and Vulnerabilities
Wireless Security
Demo - Configuring a Wireless Access Point
Demo - Configuring a Wireless Client
Rogue Access Points
Evil Twins
Near Field Communication
War Driving and War Chalking
IV Attacks
Packet Sniffing
Wireless Replay Attacks
Sinkhole Attacks
WEP and WPA Attacks
WPS Attacks 
Topic F: Physical Threats and Vulnerabilities
Physical Security
Physical Security Threats and Vulnerabilities
Hardware Attacks
Environmental Threats and Vulnerabilities
Lesson 02 Review 
Lesson 03 - Managing Data, Application, and Host Security
Topic A: Manage Data Security
Layered Security
Defense in Depth
What Is Data Security?
Data Security Vulnerabilities
Data Storage Methods
Data Encryption Methods
Hardware-Based Encryption Devices
Types of Hardware-Based Encryption Devices
Data States
Permissions and Access Control Lists
Handling Big Data
Data Policies
Guidelines for Managing Data Security
Demo - Managing Data Security 
Topic B: Manage Application Security
What Is Application Security?
Patch Management
Application Security Methods
Input Validation
Input Validation Vulnerabilities
Client-Side and Server-Side Validation
Error and Exception Handling
Cross-Site Attack Prevention Methods
Web Browser Security
Demo - Configuring a Web Browser
Guidelines for Establishing Web Browser Security
NoSQL Databases
Database Security
Guidelines for Managing Application Security 
Topic C: Manage Device and Host Security
Demo - Hardening a Server
Operating System Security
Operating System Security Settings
Security Baselines
Software Updates
Application Blacklisting and Whitelisting
Demo - Implementing Auditing
Anti-malware Software
Types of Anti-malware Software
Virtualization Security Techniques
Hardware Security Controls
Non-standard Hosts
Security Controls for Non-standard Hosts
Strong Passwords
Guidelines for Establishing Device and Host Security 
Topic D: Manage Mobile Security
Mobile Device Types
Mobile Device Vulnerabilities
Mobile Device Security Controls
Mobile Application Security Controls
BYOD Controls
Guidelines for Managing Mobile Security
Lesson 03 Review 
Lesson 04 - Implementing Network Security
Topic A: Configure Security Parameters on Network Devices and Technologies
Network Components
Network Devices
Demo - Configuring Firewall Parameters
Network Analysis Tools
Demo - Configuring a Network Intrusion Detection System
Wireless IDS
Types of Network Monitoring Systems
VPN Concentrator
Web Security Gateways 
Topic B: Network Design Elements and Components
Remote Access
Telephony Components
Cloud Computing
Cloud Computing Deployment Models
Cloud Computing Service Types 
Topic C: Implement Networking Protocols and Services
OSI Model
OSI Model and Security
Demo - Securing Network Traffic Using IP Security
Fibre Channel
File Transfer Protocols
Ports and Port Ranges
Demo - Installing an IIS Web Server 
Topic D: Apply Secure Network Administration Principles
Rule-Based Management
Network Administration Security Methods
Unified Threat Management
Guidelines for Applying Network Security Administration Principles

Topic E: Secure Wireless Traffic
Wireless Networks
Wireless Antenna Types
802.11 Standards
Wireless Security Protocols
VPNs and Open Wireless
Wireless Security Methods
Captive Portals
Site Surveys
Guidelines for Securing Wireless Traffic
Demo - Securing Wireless Traffic
Lesson 04 Review 

Lesson 05 - Implementing Access Control, Authentication, and Account Management
Topic A: Access Control and Authentication Services
Directory Services
Common Directory Services
Demo - Backing Up Active Directory
Remote Access Methods
Remote Access Protocols
Guidelines for Securing Remote Access
Topic B: Implement Account Management Security Controls
Identity Management
Account Management
Account Privileges
Account Policy
Multiple Accounts
Shared Accounts
Account Federation
Account Management Security Controls
Demo - Account Management Security Controls
Credential Management
Group Policy
Guidelines for Implementing Account Management Security Controls
Lesson 05 Review 
Lesson 06 - Managing Certificates
Topic A: Install a CA Hierarchy
Digital Certificates
Certificate Authentication
PKI Components
CA Hierarchies
The Root CA
Public and Private Roots
Subordinate CAs
Offline Root CAs
CA Hierarchy Design Options
Demo - Installing a Certificate Authority 
Topic B: Enroll Certificates
The Certificate Enrollment Process
Demo - Enrolling for Certificates
The Certificate Life Cycle
Certificate Life Cycle Management 
Topic C: Secure Network Traffic by Using Certificates
The SSL Enrollment Process 
Topic D: Renew Certificates
Certificate Renewal 
Topic E: Back Up and Restore Certificates and Private Keys
Private Key Protection Methods
Key Escrow
Private Key Restoration Methods
The Private Key Replacement Process 
Topic F: Revoke Certificates
Certificate Revocation
Demo - Revoking Certificates
Lesson 06 Review 
Lesson 07 - Implementing Compliance and Operational Security
Topic A: Physical Security
Physical Security Controls
Physical Security Control Types
Environmental Exposures
Environmental Controls
Environmental Monitoring Safety 
Topic B: Legal Compliance
Compliance Laws and Regulations
Legal Requirements
Types of Legal Requirements
Forensic Requirements 
Topic C: Security Awareness and Training
Security Policy Awareness
Role-Based Training
Classification of Information
The Employee Education Process
User Security Responsibilities 
Validation of Training Effectiveness 
Topic D: Integrate Systems and Data with Third Parties
Business Partners
Social Media Networks and Applications
Interoperability Agreements
Risk Awareness
Data Sharing and Backups
Guidelines for Securely Integrating Systems and Data with Third Parties
Lesson 07 Review 
Lesson 08 - Risk Management
Topic A: Risk Analysis
Risk Management
Security Assessment Types
Risk Types
Components of Risk Analysis
Phases of Risk Analysis
Risk Analysis Methods
Risk Calculation
Risk Response Strategies
Risk Mitigation and Control Types 
Topic B: Implement Vulnerability Assessment Tools and Techniques
Vulnerability Assessment Techniques
Vulnerability Assessment Tools 
Topic C: Scan for Vulnerabilities
The Hacking Process
Ethical Hacking
Vulnerability Scanning and Penetration Testing
Types of Vulnerability Scans
Demo - Scanning for Port Vulnerabilities
Demo - Scanning for Password Vulnerabilities
Box Testing Methods
Security Utilities 
Topic D: Mitigation and Deterrent Techniques
Security Posture
Demo - Capturing Network Data
Detection Controls and Prevention Controls
Risk Mitigation Strategies
Types of Mitigation and Deterrent Techniques
Failsafe, Failsecure, and Failopen
Lesson 08 Review 
Lesson 09 - Troubleshooting and Managing Security Incidents
Topic A: Respond to Security Incidents
Security Incident Management
Computer Crime
First Responders
Chain of Custody
Computer Forensics
Order of Volatility
Basic Forensic Process
Basic Forensic Response Procedures for IT
Big Data Analysis
Guidelines for Responding to Security Incidents 
Topic B: Recover from a Security Incident
Basic Incident Recovery Process
Damage Assessment
Recovery Methods
An Incident Report
Guidelines for Recovering from a Security Incident
Lesson 09 Review 
Lesson 10 - Business Continuity and Disaster Recovery Planning
Topic A: Business Continuity
Continuity of Operations Plan
Alternate Sites
IT Contingency Planning
Succession Planning
Business Continuity Testing Methods 
Topic B: Plan for Disaster Recovery
Fault Tolerance
Redundancy Measures
Demo - Creating a RAID Array Through Software
High Availability
Disaster Recovery Testing and Maintenance
Guidelines for Planning for Disaster Recovery 
Topic C: Execute DRPs and Procedures
The Disaster Recovery Process
Recovery Team
Secure Recovery
Backup Types and Recovery Plans
A Backout Contingency Plan
Secure Backups
Backup Storage Locations
Guidelines for Executing DRPs and Procedures
Lesson 10 Review
Course Closure 

Register Now
CompTIA Security+ Certification Training (SY0-401) Online course
  • Course ID:
  • Duration:
    12 months
  • Price: