Home :: CompTIA Certifications :: Computer Courseware :: Security+

CompTIA Security+ Study Guide

1-4239-1393-0 © 2007 Publish date: February 22, 2006 652 pages

Study Guide + Exam Prep Software: <="style23 style1">................$59.00.....................

 

CBT Planet brings you the Security+ study guide to help you master the material you need to know to successfully pass your CompTIA Security+ certification exam.

This exam prep course has earned a 4.9/5.0 rating in overall quality by ProCert Labs and it shows! You'll love the comprehensive and logical flow of the content along with the fact that it closely follows the exam objectives. By using the Security+ courseware, you will understand the field of network security and gain inside knowledge about how security relates to other areas of information technology.

The CompTIA Security+ study guide gives you additional, broad-based knowledge that can be used for further studies in various specialized security fields. It can be used to further your studies or as a general introduction to the security field. No matter how you use the Security+ courseware, you'll conclude the course ready to pass your exam. As an added bonus, we've included the CertBlaster exam prep software to ensure your success in the exam room.

CBT Planet's wide selection of computer training books contains versatile training courses that can be used on their own or as supplemental materials with other courses. You'll be pleased with the results you gain by following the seventeen units in this book.

Courseware Objectives

You'll learn about security terminology, the purpose and goals of network security policies, and security threats. You will appreciate the need for authentication and learn about authentication devices such as Kerberos, tokens, CHAP, digital certificates, mutual authentication, biometrics, and multi-factor authentication.

The Security+ study guide cover types of attacks and malicious codes, countermeasures and best practices for prevention of attacks and malicious codes. It also talks about e-mail vulnerabilities and safeguarding against them, along with discussing the benefits of PGP and S/MIME.

You'll learn about remote access, authentication protocols, and tunneling technologies. The training guide teaches about web security, HTTPS as it relates to SSL, and JavaScript, Cookies, Buffer Overflow, ActiveX, Applets, and SMTP.

You will understand centralized enterprise directory services such as LDAP and their benefits over traditional authentication systems, FTP vulnerabilities, alternatives instead of working with FTP, and threats from unmonitored file shares.

Other topics in this coursewareInclude wireless and instant messaging security issues, WTLS and IEEE 802.11x vulnerabilities, naming conventions, packet switching, and site surveys. You'll learn the roles of routers, switches, and firewall technology, and understand VPN and RAS technologies, intrusion detection systems, and how to monitor networks.

Security+ Study Guide Contents

Unit 1 covers security overview

• Network security
• Security threats
• Secure network strategies
• Windows Server 2003 server access control

Unit 2 discusses authentication

• Authentication overview
• Kerberos
• Challenge Handshake Authentication Protocol (CHAP)
• Digital certificates
• Security tokens
• Biometrics

Unit 3 covers attacks and malicious code

• Denial of service (DoS) attacks
• Man-in-the-middle attacks
• Spoofing
• Replays
• TCP session hijacking
• Social engineering
• Attacks on encrypted data
• Software exploitation

Unit 4 discusses remote access

• How to secure remote communications
• Authentication
• Virtual private networks (VPNs)
• Telecommuting vulnerabilities

Unit 5 covers email

• Secure email and encryption
• PGP and S/MIME encryption
• Email vulnerabilities

Unit 6 discusses web security

• SSL and TLS protocols
• Web tools vulnerabilities
• Configuring security for Internet Explorer

Unit 7 covers directory and file transfer services

• Directory services
• File transfer services
• File sharing

Unit 8 goes over Wireless and instant messaging

• IEEE 802.11
• WAP 1.x and WAP 2.0
• Wired equivalent privacy
• Instant messaging

Unit 9 covers network devices

• Firewalls
• Routers
• Switches
• Telecom, cable modems, and wireless devices
• How to secure remote access
• Intrusion detection systems
• Network monitoring

Unit 10 covers transmission and storage media

• Transmission media
• Storage media

Unit 11 goes over network security topologies

• Security topologies
• Network Address Translation
• Tunneling
• Virtual Local Area Networks

Unit 12 covers intrusion detection

• Intrusion detection systems (IDS)
• Network-based IDS and host-based IDS
• Active and passive detection
• Honeypots
• Incident response

Unit 13 covers security baselines

• OS/NOS hardening
• Network hardening
• Application hardening
• Workstations and servers

Unit 14 covers cryptography

• Cryptography concepts
• Public Key Infrastructure
• Key management and life cycle
• Setting up certificate servers

Unit 15 goes over physical security

• Access control
• Environment

Unit 16 discusses disaster recovery and business continuity

• Disaster recovery
• Business continuity
• Policies and procedures
• Privilege management

Unit 17 talks about computer forensics and advanced topics

• Computer forensics overview
• Risk identification
• Education and training
• Auditing
• Documentation

Appendix A the Security + certification exam objectives map