CompTIA A+ Net+ Security+ Certification Training

"The A+ classes were instructed in a professional, informative manner with attention given to all students (including myself) who required further explanation. The instructor presented himself and CED Solutions in the most impressive way possible. He is very knowledgeable in all subject matter, which I found very helpful. I will not hesitate to gain further CompTIA certifications from this instructor and this company."

-J Carr, Holly Springs, NC

Custom Training Quote

• Aug 17 - Aug 30, 2013
• Nov 09 - Nov 22, 2013

• Includes roundtrip airfare and lodging
  
  (Atlanta and Fort Lauderdale boot camps only)
• Hands-on instruction by a certified instructor
• Includes all course materials and practice exams
• Onsite Testing
• Breakfast and Lunch provided each day

Can't travel or you want to stay with your family or business. No problem! Stay in your own city and save the additional expenses of roundtrip airfare, lodging, transportation, and meals and receive the same great instruction live from our instructors in our Live Instructor-Led Remote Classroom Training.

Remote Classroom Training

Our Remote Classroom Training is a live class with students observing the instructor and listening through your computer speakers. You will see the instructor's computer, slides, notes, etc., just like in the classroom. You will be following along, doing work, labs, and individual assignments.

The CompTIA A+ (2009 Edition) certification is the one you need to take if your job responsibilities include entry-level computer service technician support duties and the support of computers running the Windows 9x, Windows 2000, and Windows XP operating systems. In this course, you'll build on your end-user background knowledge as you acquire the specific skills required to install, configure, upgrade, troubleshoot, and repair PC hardware components and systems. You will also learn the specific skills you need to install, maintain, and troubleshoot the Windows 9x, Windows 2000, and Windows XP operating systems.

The CompTIA Network+ (2009 Edition) certification ensures that the successful candidate has the important knowledge and skills necessary to manage, maintain, troubleshoot, install, operate and configure basic network infrastructure, describe networking technologies, basic design principles, and adhere to wiring standards and use testing tools.

Security+, a CompTIA Certification is the primary course you will need to take if your job responsibilities include securing network services, network devices, and network traffic. It is also the main course you will take to prepare for the CompTIA Security+ examination (exam number SY0-301). In this course, you'll build on your knowledge and professional experience with computer hardware, operating systems, and networks as you acquire the specific skills required to implement basic security services on any type of computer network.

• A+ Certification
• Network+ certification
• Security+ certification

A+ Certification

The CompTIA A+ certification is the starting point for a career in IT. The exam covers maintenance of PCs, mobile devices, laptops, operating systems and printers. In order to receive the CompTIA A+ certification, you must pass two exams:

CompTIA A+ 220-801 covers the fundamentals of computer technology, installation and configuration of PCs, laptops and related hardware, and basic networking.

CompTIA A+ 220-802 covers the skills required to install and configure PC operating systems, as well as configuring common features (e.g. network connectivity and email) for mobile operating systems Android and Apple iOS.

• CompTIA A+ 220-801
• CompTIA A+ 220-802

Jobs that use CompTIA A+

• Technical support specialist
• Field service technician
• IT support technician
• IT support administrator
• IT support specialist

Individuals in some non-technical roles such as student, sales personnel or small business office managers may also find the validation of skills associated with the CompTIA A+ credential to be valuable.

CompTIA A+ 220-801

The CompTIA A+ 220-801 examination measures necessary competencies for an entry-level IT professional with the equivalent knowledge of at least 12 months of hands-on experience in the lab or field. Successful candidates will have the knowledge required to assemble components based on customer requirements, install, configure and maintain devices, PCs and software for end users, understand the basics of networking and security/forensics, properly and safely diagnose, resolve and document common hardware and software issues while applying troubleshooting skills. Successful candidates will also provide appropriate customer support; understand the basics of virtualization, desktop imaging, and deployment.

Course Outline

1.0 PC Hardware

1.1 Configure and apply BIOS settings.

• Install firmware upgrades - flash BIOS
• BIOS component information
• BIOS configurations
• BIOS security (passwords, drive encryption: TPM, lo-jack)
• Use built-in diagnostics
• Monitoring

1.2 Differentiate between motherboard components, their purposes, and properties.

• Sizes
• Expansion slots
• RAM slots
• CPU sockets
• Chipsets
• Jumpers
• Power connections and types
• Fan connectors
• Front panel connectors
• Bus speeds

1.3 Compare and contrast RAM types and features.

• Types
• Single channel vs. dual channel vs. triple channel
• RAM compatibility and speed

1.4 Install and configure expansion cards.

• Sound cards
• Video cards
• Network cards
• Serial and parallel cards
• USB cards
• Firewire cards
• Storage cards
• Modem cards
• Wireless/cellular cards
• TV tuner cards
• Video capture cards
• Riser cards

1.5 Install and configure storage devices and use appropriate media.

• Optical drives
• Combo drives and burners
• Connection types
• USB
• Firewire
• eSATA
• Ethernet
• IDE configuration and setup (Master, Slave, Cable Select)
• SCSI IDs (0 - 15)
• Hard drives
• Solid state/flash drives
• RAID types
• Floppy drive
• Tape drive
• Media capacity

1.6 Differentiate among various CPU types and features and select the appropriate cooling method.

• Socket types
• Characteristics
• Cooling

1.7 Compare and contrast various connection interfaces and explain their purpose.

• Physical connections
• Connector types: A, B, mini, micro
• Serial
• Parallel
• VGA
• HDMI
• DVI
• Audio
• RJ-45
• RJ-11
• VGA vs. HDMI
• Speeds, distances and frequencies of wireless device connections

1.8 Install an appropriate power supply based on a given scenario.

• Connector types and their voltages
• Specifications
• Dual voltage options

1.9 Evaluate and select appropriate components for a custom configuration, to meet customer specifications or needs.

• Graphic / CAD / CAM design workstation
• Audio/Video editing workstation
• Virtualization workstation
• Gaming PC
• Home Theater PC
• Standard thick client
• Thin client
• Home Server PC

1.10 Given a scenario, evaluate types and features of display devices.

• Types
• Refresh rates
• Resolution
• Native resolution
• Brightness/lumens
• Analog vs. digital
• Privacy/antiglare filters
• Multiple displays

1.11 Identify connector types and associated cables.

• Display connector types
• Display cable types
• Device connectors and pin arrangements
• IDE
• EIDE
• Device cable types
• 68pin vs. 50pin vs. 25pin

1.12 Install and configure various peripheral devices.

• Input devices
• Multimedia devices
• Output devices

2.0 Networking

2.1 Identify types of network cables and connectors.

• Fiber
• Twisted Pair
• Coaxial

2.2 Categorize characteristics of connectors and cabling.

• Fiber
• Twisted pair
• Coaxial

2.3 Explain properties and characteristics of TCP/IP.

• IP class
• IPv4 vs. IPv6
• Public vs. private vs. APIPA
• Static vs. dynamic
• Client-side DNS
• DHCP
• Subnet mask
• Gateway

2.4 Explain common TCP and UDP ports, protocols, and their purpose.

• Ports
• Protocols
• TCP vs. UDP

2.5 Compare and contrast wireless networking standards and encryption types.

• Standards
• Encryption types

2.6 Install, configure, and deploy a SOHO wireless/wired router using appropriate settings.

• MAC filtering
• Channels (1 - 11)
• Port forwarding, port triggering
• SSID broadcast (on/off)
• Wireless encryption
• Firewall
• DHCP (on/off)
• DMZ
• NAT
• WPS
• Basic QoS

2.7 Compare and contrast Internet connection types and features.

• Cable
• DSL
• Dial-up
• Fiber
• Satellite
• ISDN
• Cellular (mobile hotspot)
• Line of sight wireless internet service
• WiMAX

2.8 Identify various types of networks.

• LAN
• WAN
• PAN
• MAN
• Topologies

2.9 Compare and contrast network devices, their functions, and features.

• Hub
• Switch
• Router
• Access point
• Bridge
• Modem
• NAS
• Firewall
• VoIP phones
• Internet appliance

2.10 Given a scenario, use appropriate networking tools.

• Crimper
• Multimeter
• Toner probe
• Cable tester
• Loopback plug
• Punchdown tool

3.0 Laptops

3.1 Install and configure laptop hardware and components.

• Expansion options
• Hardware/device replacement

3.2 Compare and contrast the components within the display of a laptop.

• Types
• Wi-Fi antenna connector/placement
• Inverter and its function
• Backlight

3.3 Compare and contrast laptop features.

• Special function keys
• Docking station vs. port replicator
• Physical laptop lock and cable lock

4.0 Printers

4.1 Explain the differences between the various printer types and summarize the associated imaging process.

• Laser
• Inkjet
• Thermal
• Impact

4.2 Given a scenario, install, and configure printers.

• Use appropriate printer drivers for a given operating system
• Print device sharing
• USB
• Parallel
• Serial
• Ethernet
• Bluetooth
• 802.11x
• Infrared (IR)
• Printer sharing

4.3 Given a scenario, perform printer maintenance.

• Laser
• Thermal
• Impact

5.0 Operational Procedures

5.1 Given a scenario, use appropriate safety procedures.

• ESD straps
• ESD mats
• Self-grounding
• Equipment grounding
• Personal safety
• Compliance with local government regulations

5.2 Explain environmental impacts and the purpose of environmental controls.

• MSDS documentation for handling and disposal
• Temperature, humidity level awareness and proper ventilation
• Power surges, brownouts, blackouts
• Protection from airborne particles
• Dust and debris
• Component handling and protection
• Compliance to local government regulations

5.3 Given a scenario, demonstrate proper communication and professionalism.

• Use proper language - avoid jargon, acronyms, slang when applicable
• Maintain a positive attitude
• Listen and do not interrupt the customer
• Be culturally sensitive
• Be on time (if late contact the customer)
• Avoid distractions
• Dealing with difficult customer or situation
• Set and meet expectations/timeline and communicate status with the customer
• Deal appropriately with customers confidential materials

5.4 Explain the fundamentals of dealing with prohibited content/activity.

• First response
• Use of documentation/documentation changes
• Chain of custody

[ back to top ]

CompTIA A+ 220-802

The CompTIA A+ 220-802 examination measures necessary competencies for an entry-level IT professional with the equivalent knowledge of at least 12 months of hands-on experience in the lab or field. Successful candidates will have the knowledge required to assemble components based on customer requirements, install, configure and maintain devices, PCs and software for end users, understand the basics of networking and security/forensics, properly and safely diagnose, resolve and document common hardware and software issues while applying troubleshooting skills. Successful candidates will also provide appropriate customer support; understand the basics of virtualization, desktop imaging, and deployment.

Course Outline

1.0 Operating Systems

1.1 Compare and contrast the features and requirements of various Microsoft Operating Systems.

• Windows XP Home, Windows XP Professional, Windows XP Media Center, Windows XP 64-bit Professional
• Windows Vista Home Basic, Windows Vista Home Premium, Windows Vista Business, Windows Vista Ultimate, Windows Vista Enterprise
• Windows 7 Starter, Windows 7 Home Premium, Windows 7 Professional, Windows 7 Ultimate, Windows 7 Enterprise
• Features
• Upgrade paths - differences between in place upgrades, compatibility tools, Windows upgrade OS advisor

1.2 Given a scenario, install, and configure the operating system using the most appropriate method.

• Boot methods
• Type of installations
• Partitioning
• File system types/formatting
• Load alternate third party drivers when necessary
• Workgroup vs. Domain setup
• Time/date/region/language settings
• Driver installation, software and windows updates
• Factory recovery partition

1.3 Given a scenario, use appropriate command line tools.

• Networking
• OS
• Recovery console

1.4 Given a scenario, use appropriate operating system features and tools.

• Administrative
• MSCONFIG
• Task Manager
• Disk management
• Other
• Run line utilities

1.5 Given a scenario, use Control Panel utilities (the items are organized by "classic view/large icons" in Windows).

• Common to all Microsoft Operating Systems
• Unique to Windows XP
• Unique to Vista
• Unique to Windows 7

1.6 Setup and configure Windows networking on a client/desktop.

• HomeGroup, file/print sharing
• WorkGroup vs. domain setup
• Network shares/mapping drives
• Establish networking connections
• Proxy settings
• Remote desktop
• Home vs. Work vs. Public network settings
• Firewall settings
• Configuring an alternative IP address in Windows
• Network card properties

1.7 Perform preventive maintenance procedures using appropriate tools.

• Best practices
• Tools

1.8 Explain the differences among basic OS security settings.

• User and groups
• NTFS vs. Share permissions
• Shared files and folders
• System files and folders
• User authentication

1.9 Explain the basics of client-side virtualization.

• Purpose of virtual machines
• Resource requirements
• Emulator requirements
• Security requirements
• Network requirements
• Hypervisor

2.0 Security

2.1 Apply and use common prevention methods.

• Physical security
• Digital security
• User education
• Principle of least privilege

2.2 Compare and contrast common security threats.

• Social engineering
• Malware
• Rootkits
• Phishing
• Shoulder surfing
• Spyware
• Viruses

2.3 Implement security best practices to secure a workstation.

• Setting strong passwords
• Requiring passwords
• Restricting user permissions
• Changing default user names
• Disabling guest account
• Screensaver required password
• Disable autorun

2.4 Given a scenario, use the appropriate data destruction/disposal method.

• Low level format vs. standard format
• Hard drive sanitation and sanitation methods
• Physical destruction

2.5 Given a scenario, secure a SOHO wireless network.

• Change default user-names and passwords
• Changing SSID
• Setting encryption
• Disabling SSID broadcast
• Enable MAC filtering
• Antenna and access point placement
• Radio power levels
• Assign static IP addresses

2.6 Given a scenario, secure a SOHO wired network.

• Change default usernames and passwords
• Enable MAC filtering
• Assign static IP addresses
• Disabling ports
• Physical security

3.0 Mobile Devices

3.1 Explain the basic features of mobile operating systems.

• Android 4.0.x vs. iOS 5.x

3.2 Establish basic network connectivity and configure email.

• Wireless / cellular data network (enable/disable)
• Bluetooth
• Email configuration
• POP3
• IMAP
• Port and SSL settings

3.3 Compare and contrast methods for securing mobile devices.

• Passcode locks
• Remote wipes
• Locator applications
• Remote backup applications
• Failed login attempts restrictions
• Antivirus
• Patching/OS updates

3.4 Compare and contrast hardware differences in regards to tablets and laptops.

• No field serviceable parts
• Typically not upgradeable
• Touch interface
• Solid state drives

3.5 Execute and configure mobile device synchronization.

• Types of data to synchronize
• Software requirements to install the application on the PC
• Connection types to enable synchronization

4.0 Troubleshooting

4.1 Given a scenario, explain the troubleshooting theory.

• Identify the problem
• Establish a theory of probable cause (question the obvious)
• Test the theory to determine cause
• Establish a plan of action to resolve the problem and implement the solution
• Verify full system functionality and if applicable implement preventive measures
• Document findings, actions and outcomes

4.2 Given a scenario, troubleshoot common problems related to motherboards, RAM, CPU and power with appropriate tools.

• Common symptoms
• Tools

4.3 Given a scenario, troubleshoot hard drives and RAID arrays with appropriate tools.

• Common symptoms
• Tools

4.4 Given a scenario, troubleshoot common video and display issues.

• Common symptoms

4.5 Given a scenario, troubleshoot wired and wireless networks with appropriate tools.

• Common symptoms
• Tools

4.6 Given a scenario, troubleshoot operating system problems with appropriate tools.

• Common symptoms
• Tools

4.7 Given a scenario, troubleshoot common security issues with appropriate tools and best practices.

• Common symptoms
• Tools
• Best practices for malware removal

4.8 Given a scenario, troubleshoot, and repair common laptop issues while adhering to the appropriate procedures.

• Common symptoms
• Disassembling processes for proper re-assembly

4.9 Given a scenario, troubleshoot printers with appropriate tools

• Common symptoms
• Tools

[ back to top ]

Network+ certification

The CompTIA Network+ (2009 Edition) certification is an internationally recognized validation of the technical knowledge required of foundation-level IT network practitioners.

The CompTIA Network+ (2009 Edition) certification ensures that the successful candidate has the important knowledge and skills necessary to manage, maintain, troubleshoot, install, operate and configure basic network infrastructure, describe networking technologies, basic design principles, and adhere to wiring standards and use testing tools.

The skills and knowledge measured by this examination were derived from an industry-wide job task analysis and validated through an industry-wide global survey in Q2 2008. The results of this survey were used in weighing the domains and ensuring that the weighting is representative of the relative importance of the content.

Course Content

Network Technologies

• Explain the function of common networking protocols
• Identify commonly used TCP and UDP default ports
• Identify the following address formats
• Given a scenario, evaluate the proper use of the following addressing technologies and addressing schemes
• Identify common IPv4 and IPv6 routing protocols
• Explain the purpose and properties of routing
• Compare the characteristics of wireless communication standards

Network Media and Topologies

• Categorize standard cable types and their properties
• Identify common connector types
• Identify common physical network topologies
• Given a scenario, differentiate and implement appropriate wiring standards
• Categorize WAN technology types and properties
• Categorize LAN technology types and properties
• Explain common logical network topologies and their characteristics
• Install components of wiring distribution

Network Devices

• Install, configure and differentiate between common network devices
• Identify the functions of specialized network devices
• Explain the advanced features of a switch
• Implement a basic wireless network

Network Management

• Explain the function of each layer of the OSI model
• Identify types of configuration management documentation
• Given a scenario, evaluate the network based on configuration management documentation
• Conduct network monitoring to identify performance and connectivity issues
• Explain different methods and rationales for network performance optimization
• Given a scenario, implement the following network troubleshooting methodology
• Given a scenario, troubleshoot common connectivity issues and select an appropriate solution

Network Tools

• Given a scenario, select the appropriate command line interface tool and interpret the output to verify functionality
• Explain the purpose of network scanners
• Given a scenario, utilize the appropriate hardware tools

Network Security

• Explain the function of hardware and software security devices
• Explain common features of a firewall
• Explain the methods of network access security
• Explain methods of user authentication
• Explain issues that affect device security
• Identify common security threats and mitigation techniques

[ back to top ]

Security+ certification

The CompTIA Security+ Certification (SY0-301 exam) is a vendor neutral credential. The CompTIA Security+ exam is an internationally recognized validation of foundation-level security skills and knowledge, and is used by organizations and security professionals around the globe.

CompTIA Security+ demonstrates competency in:

• Network security
• Compliance and operational security
• Threats and vulnerabilities
• Application, data and host security
• Access control and identity management
• Cryptography

CompTIA Security+ not only ensures that candidates will apply knowledge of security concepts, tools, and procedures to react to security incidents, it ensures that security personnel are anticipating security risks and guarding against them.

The CompTIA Security+ exam (SY0-301) will certify that the successful candidate has the knowledge and skills required to identify risk and participate in risk mitigation activities, provide infrastructure, application, operational and information security, apply security controls to maintain confidentiality, integrity and availability, identify appropriate technologies and products, and operate with an awareness of applicable policies, laws and regulations.

Target Student: This course is targeted toward an Information Technology (IT) professional who has networking and administrative skills in Windows-based TCP/IP networks and familiarity with other operating systems and to those who want to further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security+ Certification examination; or use Security+ as the foundation for advanced security certifications.

Prerequisites: CompTIA A+ and Network+ certifications, or equivalent knowledge. Experience in networking, including experience configuring and managing TCP/IP is helpful.

Course Content

1.0 Network Security

1.1 Explain the security function and purpose of network devices and technologies

• Firewalls
• Routers
• Switches
• Load Balancers
• Proxies
• Web security gateways
• VPN concentrators
• NIDS and NIPS (Behavior based, signature based, anomaly based, heuristic)
• Protocol analyzers
• Sniffers
• Spam filter, all-in-one security appliances
• Web application firewall vs. network firewall
• URL filtering, content inspection, malware inspection

1.2 Apply and implement secure network administration principles

• Rule-based management
• Firewall rules
• VLAN management
• Secure router configuration
• Access control lists
• Port Security
• 802.1x
• Flood guards
• Loop protection
• Implicit deny
• Prevent network bridging by network separation
• Log analysis

1.3 Distinguish and differentiate network design elements and compounds

• DMZ
• Subnetting
• VLAN
• NAT
• Remote Access
• Telephony
• NAC
• Virtualization
• Cloud Computing

1.4 Implement and use common protocols

• IPSec
• SNMP
• SSH
• DNS
• TLS
• SSL
• TCP/IP
• FTPS
• HTTPS
• SFTP
• SCP
• ICMP
• IPv4 vs. IPv6

1.5 Identify commonly used default network ports

• FTP
• SFTP
• FTPS
• TFTP
• TELNET
• HTTP
• HTTPS
• SCP
• SSH
• NetBIOS

1.6 Implement wireless network in a secure manner

• WPA
• WPA2
• WEP
• EAP
• PEAP
• LEAP
• MAC filter
• SSID broadcast
• TKIP
• CCMP
• Antenna Placement
• Power level controls

2.0 Compliance and Operational Security

2.1 Explain risk related concepts

• Control types
• False positives
• Importance of policies in reducing risk
• Quantitative vs. qualitative
• Risk-avoidance, transference, acceptance, mitigation, deterrence
• Risks associated to Cloud Computing and Virtualization

2.2 Carry out appropriate risk mitigation strategies

• Implement security controls based on risk
• Change management
• Incident management
• User rights and permissions reviews
• Perform routine audits
• Implement policies and procedures to prevent data loss or theft

2.3 Execute appropriate incident response procedures

• Basic forensic procedures
• Damage and loss control
• Chain of custody
• Incident response: first responder

2.4 Explain the importance of security related awareness and training

• Security policy training and procedures
• Personally identifiable information
• Information classification: Sensitivity of data (hard or soft)
• Data labeling, handling and disposal
• Compliance with laws, best practices and standards
• User habits
• Threat awareness
• Use of social networking and P2P

2.5 Compare and contrast aspects of business continuity

• Business impact analysis
• Removing single points of failure
• Business continuity planning and testing
• Continuity of operations
• Disaster recovery
• IT contingency planning
• Succession planning

2.6 Explain the impact and proper use of environmental controls

• HVAC
• Fire suppression
• EMI shielding
• Hot and cold aisles
• Environmental monitoring
• Temperature and humidity controls
• Video monitoring

2.7 Execute disaster recovery plans and procedures

• Backup / backout contingency plans or policies
• Backups, execution and frequency
• Redundancy and fault tolerance
• High availability
• Cold site, hot site, warm site
• Mean time to restore, mean time between failures, recovery time objectives and recovery point objectives

2.8 Exemplify the concepts of confidentiality, integrity and availability (CIA)

3.0 Threats and Vulnerabilities

3.1 Analyze and differentiate among types of malware

• Adware
• Virus
• Worms
• Spyware
• Trojan
• Rootkits
• Backdoors
• Logic bomb
• Botnets

3.2 Analyze and differentiate among types of attacks

• Man-in-the-middle
• DDoS
• DoS
• Replay
• Smurf attack
• Spoofing
• Spam
• Phishing
• Spim
• Vishing
• Spear phishing
• Xmas attack
• Pharming
• Privilege escalation
• Malicious insider threat
• DNS poisoning and ARP poisoning
• Transitive access
• Client-side attacks

3.3 Analyze and differentiate among types of social engineering attacks

• Shoulder surfing
• Dumpster diving
• Tailgating
• Impersonation
• Hoaxes
• Whaling
• Vishing

3.4 Analyze and differentiate among types of wireless attacks

• Rogue access points
• Interference
• Evil twin
• War driving
• Bluejacking
• Bluesnarfing
• War chalking
• IV attack
• Packet sniffing

3.5 Analyze and differentiate among types of application attacks

• Cross-site scripting
• SQL injection
• LDAP injection
• XML injection
• Directory traversal/command injection
• Buffer overflow
• Zero day
• Cookies and attachments
• Malicious add-ons
• Session hijacking
• Header manipulation

3.6 Analyze and differentiate among types of mitigation and deterrent techniques

• Manual bypassing of electronic controls
• Monitoring system logs
• Physical security
• Hardening
• Port security
• Security posture
• Reporting
• Detection controls vs. prevention controls

3.7 Implement assessment tools and techniques to discover security threats and vulnerabilities

• Vulnerability scanning and interpret results
• Tools
• Risk calculations
• Assessment types
• Assessment technique

3.8 Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning

• Penetration testing
• Vulnerability scanning
• Black box
• White box
• Gray box

4.0 Application, Data and Host Security

4.1 Explain the importance of application security

• Fuzzing
• Secure coding concepts
• Cross-site scripting prevention
• Cross-site Request Forgery (XSRF) prevention
• Application configuration baseline (proper settings)
• Application hardening
• Application patch management

4.2 Carry out appropriate procedures to establish host security

• Operating system security and settings
• Anti-malware
• Patch management
• Hardware security
• Host software baselining
• Mobile devices
• Virtualization

4.3 Explain the importance of data security

• Data Loss Prevention (DLP)
• Data encryption
• Hardware based encryption devices
• Cloud computing

5.0 Access Control and Identity Management

5.1 Explain the function and purpose of authentication services

• RADIUS
• TACACS
• TACACS+
• Kerberos
• LDAP
• XTACACS

5.2 Explain the fundamental concepts and best practices related to authentication, authorization and access control

• Identification vs. authentication
• Authentication (single factor) and authorization
• Multifactor authentication
• Biometrics
• Tokens
• Common access card
• Personal identification verification card
• Smart card
• Least privilege
• Separation of duties
• Single sign on
• ACLs
• Access control
• Mandatory access control
• Discretionary access control
• Role/rule-based access control
• Implicit deny
• Time of day restrictions
• Trusted OS
• Mandatory vacations
• Job rotation

5.3 Implement appropriate security controls when performing account management

• Mitigates issues associated with users with multiple account/roles
• Account policy enforcement
• Group based privileges
• User assigned privileges

6.0 Cryptography

6.1 Summarize general cryptography concepts

• Symmetric vs. asymmetric
• Fundamental differences and encryption methods
• Transport encryption
• Non-repudiation
• Hashing
• Key escrow
• Steganography
• Digital signatures
• Use of proven technologies
• Elliptic curve and quantum cryptography

6.2 Use and apply appropriate cryptographic tools and products

• WEP vs. WPA/WPA2 and preshared key
• MD5
• SHA
• RIPEMD
• AES
• DES
• 3DES
• HMAC
• RSA
• RC4
• One-time-pads
• CHAP
• PAP
• NTLM
• NTLMv2
• Blowfish
• PGP/GPG
• Whole disk encryption
• TwoFish
• Comparative strengths of algorithms
• Use of algorithms with transport encryption

6.3 Explain the core concepts of public key infrastructure

• Certificate authorities and digital certificates
• PKI
• Recovery agent
• Public key
• Private key
• Registration
• Key escrow
• Trust models

6.4 Implement PKI, certificate management and associated components

• Certificate authorities and digital certificates
• PKI
• Recovery agent
• Public key
• Private keys
• Registration
• Key escrow
• Trust models

[ back to top ]

CED Solutions is your best choice for CompTIA A+ Net+ Security+, CompTIA A+ Net+ Security+ training, CompTIA A+ Net+ Security+ certification, CompTIA A+ Net+ Security+ boot camp, CompTIA A+ Net+ Security+ certification training, CompTIA A+ Net+ Security+ certification course, CompTIA A+ Net+ Security+ course, CompTIA A+ Net+ Security+ class.