CompTIA Security+ SY0-201 with SY0-301, JK0-

018 update
Trainer: Michael J. Shannon | Videos: 26 | Time: 14 hrs
If you're lookin for a solid founda!ion in ne!"ork securi!y# !his Securi!y$ %ideo !rainin is for you&
I!'s also for you if you're an IT Manaer or 'I( and "an! !o e)!end your securi!y kno"lede. (r you're *re*arin for a hih+
le%el cer!ifica!ion. (r you're makin a career chane. (r you're "orkin in indus!ries o%erned ,y -I.//# S() or !he office
of -omeland Securi!y.
'or*ora!ions of!en ha%e !rou,le findin 0ualified a**lican!s !o fill !heir securi!y %acancies. This !rainin# "hich ma*s !o
'om*TI/'s 1e!"ork$ e)am# se*ara!es you from !he cro"d and increases your %alue !o any em*loyer.
'on%incin your IT manaer !ha! !he ne!"ork is secure# !ransla!es in!o 2o, securi!y.
Serie 1! CompTIA Security+ SY0-201 with SY0-301, JK0-018 update
1
Introduction to Security+ 2008
In this introductory nugget you will find out about the six domains of the Security+ Exam, the Security+ certification and the information to
be covered in this series.
2
Evaluating Common Security Threats
In this nugget you will get an overview of common security threats such as various forms of malware, spyware, adware, botnets and logic
bombs. You will also learn about security risks to hardware and peripherals.
3
Operating System ardening
You will really enoy this nugget as you explore the procedures for hardening workstations and servers. !opics include" hotfixes, service
packs, security templates, patches, and more.
!
"pplication Security
!his nugget of the Security+ series covers methodologies for establishing application security. You will learn about #ctive $ and %ava,
cookies, instant messaging, &'& file(sharing, S)!& open relays, scripting, and $SS.
#
Implementing Security "pplications
!his nugget is a broad overview of functionality of the common application threat mitigation tools like *I+S, *I&S, personal firewalls,
security suites, #ntivirus, anti(spam. and pop(up blockers.
$
%et&or' In(rastructure "ttac's )*art 1+
!his nugget will differentiate between the different ports and protocols, their threats and mitigation techni,ues. -oncepts include" !-&.I&
hiacking, /ull sessions, Spoofing, )an(in(the(middle, 0eplay, +1S, ++1S, +omain /ame 2iting, +/S poisoning, #0& poisoning, weak
passwords, back doors, and default account vulnerability.
,
%et&or' In(rastructure "ttac's )*art 2+
!his is a step(by(step exploration of +)3s, 45#/, /#!, /etwork interconnections, /#-, and subnetting.
8
%et&or' -esign Elements and Components
In this nugget, you will get an overview of security design elements and components.
.
%et&or' Security Tools
!his nugget presents the appropriate use and application of network security tools such as /I+S, /I&S, 6irewalls, &roxy servers, *oneypot,
-ontent filters, and &rotocol analy7ers.
10
/ireless %et&or' Security
!his very interesting nugget takes on the topic of wireless networking security including data emanation, war driving, SSI+ broadcast, 8lue
acking, 8luesnarfing, 0ogue access points and weak encryption.
11
"ccess Control )*art 1+
&robably one of the most vital aspects of network security is access control. !his nuggets teaches you how to identify and apply industry
best practices for access control methods. You explore common access control models like )#-, +#-, and 08#c as well as the differences
between each. You9ll learn how to organi7e users and computers into appropriate security groups and roles, apply appropriate security
controls to file and print resources, and compare logical access control methods.
12
"ccess Control )*art 2+
!aking up where #ccess -ontrol &art : leaves off, this nugget presents various authentication models and identifies the components of each
( such as 8iometric readers, 0#+I;S, !#-#-S, 0#S, 4&/, 2erberos, -*#&, <='.:x and much more. >e also explore physical access
security methods including tokens, surveillance, and man(traps.
13
"ssessments and "udits )*art 1+
!his nugget tackles the following topics" &ort scanners? 4ulnerability scanners? &rotocol analy7ers? 14#5? &assword crackers? /etwork
mappers? &erformance monitor? Systems monitor? and &erformance baselines.
1!
"ssessments and "udits )*art 2+
!his nugget covers the various types of monitoring methodologies including 8ehavior(based, Signature(based, and #nomaly(based. You9ll
learn about proper logging procedures and evaluation of +/S, System, &erformance, #ccess, 6irewall, and #ntivirus. ;ser access and
rights review, storage and retention policies, and group policies are also covered.
1#
0eneral Cryptography Concepts
!his nugget covers the fundamentals of cryptography including symmetric vs. asymmetric encryption. !he security assurance model of
-.I.#./. is explored as well as comparative strength of algorithms.
1$
Cryptography "lgorithms and *rotocols
!his second nugget of the -ryptography domain lays out hashing concepts and algorithms like )+@ and S*#. 8asic algorithms and
encryption concepts are explored including" +ES? A+ES? 0S#? &B&? Elliptic curve CE--D? #ES.#ES'@E? 1ne time pad? SS5.!5S?
S.)I)E? and &&!&.5'!&.
1,
*u1lic 2ey In(rastructure )*2I+
!he final nugget of the -ryptography domain lays out the core concepts of a &ublic 2ey Infrastructure C&2ID.
18
Organi3ational Security )*art 1+
!his nugget explains redundancy planning and the components, implementation of disaster recovery procedures, and incident response
procedures.
1.
Organi3ational Security )*art 2+
# wide array of organi7ational security topics and terms are covered here including" Secure disposal of computers? #cceptable( use
policies? &assword complexity? -hange management? -lassification of information? )andatory vacations? &ersonally Identifiable
Information C&IID? +ue care.diligence.process? S5#? Security(related *0 policy? and ;ser education and awareness training.
20
Organi3ational Security )*art 3+
!he final nugget of the Security+ series lays out the importance of environmental controls like 6ire suppression, *4#-, and Shielding.
Social Engineering threats such as phishing, hoaxes, shoulder surfing, and dumpster diving are explored.
21
%et&or' Security -omain 4pdate
!his first Security+ update /ugget deals with #ll(in(1ne security appliances, layer ' security, virtuali7ation and cloud computing, I&vF vs.
I&vE, and enhancements to wireless security.
22
Compliance and Operational Security -omain 4pdate
*ere you will learn about handling risk, basic forensics procedures, environmental controls, risks of virtuali7ation, and risks of cloud
computing.
23
Threats and 5ulnera1ilities -omain 4pdate
5et9s update threats and vulnerabilitiesG *ere we dive into &hishing, 4ishing, S&I), &harming, +/S and #0& poisoning, application
attacks, and assessment types and techni,ues.
2!
"pplication6 -ata6 and ost Security -omain 4pdate
Some new concepts of Security+ are explored including fu77ing, cross(site scripting C$SSD, $S06, mobile device security, and hardware(
based encryption devices.
2#
"ccess Control and Identity 7anagement -omain 4pdate
!his update is a deeper exploration of authentication, authori7ation, and accounting including some really cool demos of a firewall and a
### server.
2$
Cryptography -omain 4pdate
!he cryptography domain is updated here with additional cryptosystems including 0I&E)+, &B&, B&B, whole disk encryption, and
!wofish. You will investigate the SS5.!5S phases, &2I advanced topics, and finishing up with a review of acronyms.