Course Description
The course consists of two volumes, with a study volume, containing indexed notes and review questions, and a companion volume, containing exam objectives mapping, exam information, practical labs, answers to review questions, and a comprehensive glossary.
Module 1 - Security Fundamentals
- Security Concepts
- Why is Security Important?
- Security Controls
- Identification and Authentication
- Authorization
- Accounting
- Threats
- Types and Sources of Threats
- Social Engineering
- Malware
- Preventing Virus Infection
- Network Vulnerabilities
- Network Fundamentals
- Network Attack Strategies
- Layer 2 Attacks
- IP Spoofing and Hijacking
- Denial of Service Attacks
- Application Layer Attacks
Module 2 – Network Security
- Penetration Testing
- Vulnerability Assessments and Penetration Tests
- Vulnerability Scanners
- Honeypots and Honeynets
- Secure Network Design
- Secure Network Topologies
- Network Device Exploitation
- Switches and VLANs
- Routers
- Security Appliances and Software
- Firewalls
- Proxy Servers and Gateways
- Intrusion Detection Systems
- Audit Logs
- Network Application Security
- DHCP Security
- DNS Security
- SNMP Security
Module 3 – Internet Security
- Cryptography
- What is Cryptography?
- Encryption Technologies
- Cryptographic Attacks
- Steganography
- Public Key Infrastructure
- What is PKI?
- Implementing PKI
- Cryptographic Standards
- Securing Web Services
- HTTP
- SSL / TLS
- Web Servers
- Securing Web Applications
- Web Browsers
- File Transfer
Module 4 – Access Control
- Authentication
- LAN Manager / NTLM
- Kerberos
- PAP and CHAP
- Password Management
- Policy
- Token-based Authentication
- Biometric Authentication
- Extensible Authentication Protocol (EAP)
- Authorization
- Privilege Policies
- Directory Services
- Lightweight Directory Access Protocol (LDAP)
- Operating System Security
- Computer Hardening
- OS Hardening
- Hardware and Software Updates
- Network Access Control
- Remote Access Security
- What is Remote Access?
- Remote Connectivity Protocols
- Remote
- Access Servers
- Remote Administration Tools
- Hardening Remote Access Infrastructure
- Wireless Access Security
- Wireless LAN Security
- Bluetooth
Module 5 - Organizational Security
- Site Security
- Physical Access Controls
- Environmental Security
- Mobile Device Security
- Telephony
- Disaster Recovery and Business Continuity
- Disaster Recovery Planning
- Business Continuity and Risk Management
- Fault Tolerance
- Backup Strategies
- Incident Response and Forensics
- Incident Response Policy
- Forensic Investigations
- Operational Security
- Corporate Security Policy
- Data Handling
- HR Policies
- Next Generation Networks
- Virtualization Defined
- Virtual Platform Applications
- Virtualization
- Security and Best Practice
- Cloud Computing
- IPv4 versus IPv6
The course consists of two volumes, with a study volume, containing indexed notes and review questions, and a companion volume, containing exam objectives mapping, exam information, practical labs, answers to review questions, and a comprehensive glossary.
Module 1 - Security Fundamentals
- Security Concepts
- Why is Security Important?
- Security Controls
- Identification and Authentication
- Authorization
- Accounting
- Threats
- Types and Sources of Threats
- Social Engineering
- Malware
- Preventing Virus Infection
- Network Vulnerabilities
- Network Fundamentals
- Network Attack Strategies
- Layer 2 Attacks
- IP Spoofing and Hijacking
- Denial of Service Attacks
- Application Layer Attacks
Module 2 – Network Security
- Penetration Testing
- Vulnerability Assessments and Penetration Tests
- Vulnerability Scanners
- Honeypots and Honeynets
- Secure Network Design
- Secure Network Topologies
- Network Device Exploitation
- Switches and VLANs
- Routers
- Security Appliances and Software
- Firewalls
- Proxy Servers and Gateways
- Intrusion Detection Systems
- Audit Logs
- Network Application Security
- DHCP Security
- DNS Security
- SNMP Security
Module 3 – Internet Security
- Cryptography
- What is Cryptography?
- Encryption Technologies
- Cryptographic Attacks
- Steganography
- Public Key Infrastructure
- What is PKI?
- Implementing PKI
- Cryptographic Standards
- Securing Web Services
- HTTP
- SSL / TLS
- Web Servers
- Securing Web Applications
- Web Browsers
- File Transfer
Module 4 – Access Control
- Authentication
- LAN Manager / NTLM
- Kerberos
- PAP and CHAP
- Password Management
- Policy
- Token-based Authentication
- Biometric Authentication
- Extensible Authentication Protocol (EAP)
- Authorization
- Privilege Policies
- Directory Services
- Lightweight Directory Access Protocol (LDAP)
- Operating System Security
- Computer Hardening
- OS Hardening
- Hardware and Software Updates
- Network Access Control
- Remote Access Security
- What is Remote Access?
- Remote Connectivity Protocols
- Remote
- Access Servers
- Remote Administration Tools
- Hardening Remote Access Infrastructure
- Wireless Access Security
- Wireless LAN Security
- Bluetooth
Module 5 - Organizational Security
- Site Security
- Physical Access Controls
- Environmental Security
- Mobile Device Security
- Telephony
- Disaster Recovery and Business Continuity
- Disaster Recovery Planning
- Business Continuity and Risk Management
- Fault Tolerance
- Backup Strategies
- Incident Response and Forensics
- Incident Response Policy
- Forensic Investigations
- Operational Security
- Corporate Security Policy
- Data Handling
- HR Policies
- Next Generation Networks
- Virtualization Defined
- Virtual Platform Applications
- Virtualization
- Security and Best Practice
- Cloud Computing
- IPv4 versus IPv6
Agenda
The course consists of two volumes, with a study volume, containing indexed notes and review questions, and a companion volume, containing exam objectives mapping, exam information, practical labs, answers to review questions, and a comprehensive glossary.
Module 1 - Security Fundamentals
- Security Concepts
- Why is Security Important?
- Security Controls
- Identification and Authentication
- Authorization
- Accounting
- Threats
- Types and Sources of Threats
- Social Engineering
- Malware
- Preventing Virus Infection
- Network Vulnerabilities
- Network Fundamentals
- Network Attack Strategies
- Layer 2 Attacks
- IP Spoofing and Hijacking
- Denial of Service Attacks
- Application Layer Attacks
Module 2 – Network Security
- Penetration Testing
- Vulnerability Assessments and Penetration Tests
- Vulnerability Scanners
- Honeypots and Honeynets
- Secure Network Design
- Secure Network Topologies
- Network Device Exploitation
- Switches and VLANs
- Routers
- Security Appliances and Software
- Firewalls
- Proxy Servers and Gateways
- Intrusion Detection Systems
- Audit Logs
- Network Application Security
- DHCP Security
- DNS Security
- SNMP Security
Module 3 – Internet Security
- Cryptography
- What is Cryptography?
- Encryption Technologies
- Cryptographic Attacks
- Steganography
- Public Key Infrastructure
- What is PKI?
- Implementing PKI
- Cryptographic Standards
- Securing Web Services
- HTTP
- SSL / TLS
- Web Servers
- Securing Web Applications
- Web Browsers
- File Transfer
Module 4 – Access Control
- Authentication
- LAN Manager / NTLM
- Kerberos
- PAP and CHAP
- Password Management
- Policy
- Token-based Authentication
- Biometric Authentication
- Extensible Authentication Protocol (EAP)
- Authorization
- Privilege Policies
- Directory Services
- Lightweight Directory Access Protocol (LDAP)
- Operating System Security
- Computer Hardening
- OS Hardening
- Hardware and Software Updates
- Network Access Control
- Remote Access Security
- What is Remote Access?
- Remote Connectivity Protocols
- Remote
- Access Servers
- Remote Administration Tools
- Hardening Remote Access Infrastructure
- Wireless Access Security
- Wireless LAN Security
- Bluetooth
Module 5 - Organizational Security
- Site Security
- Physical Access Controls
- Environmental Security
- Mobile Device Security
- Telephony
- Disaster Recovery and Business Continuity
- Disaster Recovery Planning
- Business Continuity and Risk Management
- Fault Tolerance
- Backup Strategies
- Incident Response and Forensics
- Incident Response Policy
- Forensic Investigations
- Operational Security
- Corporate Security Policy
- Data Handling
- HR Policies
- Next Generation Networks
- Virtualization Defined
- Virtual Platform Applications
- Virtualization
- Security and Best Practice
- Cloud Computing
- IPv4 versus IPv6