The IT Cyber Security Professional with CompTIA Security+

Computer Technology Industry Association (CompTIA) Security+ training designates knowledgeable professionals in the field of IT security. As an international, vendor-neutral credential, CompTIA Security+ certification ensures successful students gain competency in network security, compliance and operational security, common/possible threats and vulnerabilities, application, data and host security, access control and identity management as well as cryptography. Earning CompTIA Security+ Certification signifies to employers that candidates will apply their knowledge of security concepts, tools and procedures to prevent security breaches, react accordingly to any security incidents and anticipate further security risks in order to effectively guard against them.

---

The IT Cyber Security Professional with CompTIA Security+ Program

The CompTIA Security+ course provides students with the basic knowledge and skills necessary to become an IT security professional. This course is designed to fully prepare students to sit for and pass the CompTIA Security+ certification exam. Students will gain the knowledge and skills necessary to identify risk and participate in risk mitigation activities as well as provide infrastructure, application, operational and information security. They will also acquire the knowledge necessary to apply security controls to maintain confidentiality, integrity and availability, as well as how to identify appropriate technologies and products. Finally, students will gain an awareness of applicable policies, laws and regulations with regard to IT security.

Program Objectives

At the conclusion of this program, students will be able to:

• Describe common risks, vulnerabilities and controls
• Explain the triple constraint of information security
• Analyze and differentiate between types of malware and attacks
• Identify risks for common system hardware and peripherals
• Describe principles of software, data and host security
• Implement OS hardening procedures
• Identify common types of programming attacks
• Implement secure browsing practices
• Describe security vulnerabilities unique to virtualized environments
• Explain the purpose and vulnerabilities of common network devices
• Identify and secure common ports and protocols
• Describe security concerns unique to cloud computing environments
• Identify IDS and IPS solutions for host and network defense
• Describe differences in Access Control identification, authentication and authorization
• Identify various methods for access authentication
• Implement logical access control methods
• Distinguish between discretionary, mandatory, rule- and role-based access control
• Identify various types of risk management strategies
• Distinguish between management, technical and operational controls
• Calculate risk using subjective and objective measures
• Implement compliance audits for common security controls
• Explain the difference between penetration testing and vulnerability scanning
• Distinguish between symmetric and asymmetric forms of encryption
• Explain the use of public-key/private-key pairs to encrypt and decrypt a secure message
• Identify common security protocols (SSH, SSL, IPSec)
• Explain basic hashing concepts
• Distinguish between types of tickets, keys and certificate authorities in a PKI
• Distinguish between business continuity and disaster recovery objectives & timeframes
• Implement common backup rotation cycles
• Identify various types of redundant hardware and backup sites
• Recognize various types of environmental control solutions
• Identify RAID configurations for common availability and redundancy requirements
• Analyze and distinguish between forms of social engineering
• Describe the principles of operational security
• Identify common personnel security policies
• Describe data reminisce and secure disposal practices
• Explain common CIRT roles and responsibilities
• Use Microsoft Office