CompTIA Security+ Certification,
Second
Edition
Topic-Level Outline
Days: 5
Prerequisites: CompTIA
A+ Certification: Core Hardware, 2003 Objectives, CompTIA A+ Certification: OS Technologies,
2003 Objectives and CompTIA Network+ Certification, 2005
Objectives, or equivalent
experience
Topic A:0 Introduction to network security
A-1: Discussing network security
Topic B:0 Understanding security threats
B-1: Identifying security threats
Topic C:0 Creating a secure network strategy
C-1: Discussing strategies to secure your network
Topic D:0 Windows Server 2003 server access control
D-1: Converting to an NTFS system
D-2: Ensuring data confidentiality
D-3: Making data available
D-4: Maintaining data integrity
D-5: Encrypting data
Unit 2: Authentication
Topic A:0 Introduction to authentication
A-1: Preventing the display of the last logon name
A-2: Using the Windows Server 2003 local password policy settings for length
A-3: Using the Windows Server 2003 local password policy settings for complexity
Topic B:0 Kerberos
B-1: Discussing Kerberos
Topic C:0 Challenge Handshake Authentication Protocol
C-1: Reviewing the Kerberos handshake
Topic D:0 Digital certificates
D-1: Discussing digital certificates
Topic E:0 Security tokens
E-1: Discussing tokens
Topic F:0 Biometrics
F-1: Understanding how biometrics work
Unit 3: Attacks and malicious code
Topic A:0 Denial of service attacks
A-1: Protecting against SYN flood attacks
A-2: Discussing DoS attacks
A-3: Scanning for zombies
A-4: Discussing DDoS attacks
Topic B:0 Man-in-the-middle attacks
B-1: Reviewing man-in-the-middle attacks
Topic C:0 Spoofing
C-1: Scanning IP addresses
C-2: Securing the DNS cache against pollution
C-3: Review of spoof attacks
Topic D:0 Replays
D-1: Discussing replays
Topic E:0 TCP session hijacking
E-1: Reviewing attacks
Topic F:0 Social engineering
F-1: Discussing social engineering
Topic G:0 Attacks against encrypted data
G-1: Decrypting encrypted passwords
G-2: Discussing attacks against encrypted data
Topic H:0 Software exploitation
H-1: Discussing viruses and Trojan horses
H-2: Using the AT command to start system processes
H-3: Understanding software exploitation
Unit 4: Remote access
Topic A:0 Securing remote communications
A-1: Reviewing communications mediums
Topic B:0 Authentication
B-1: Discussing IEEE 802.1X
B-2: Authenticating with a RADIUS server
B-3: Enabling dial-in access
B-4: Discussing authentication protocols
Topic C:0 Virtual private networks
C-1: Configuring a Windows Server 2003 VPN server
C-2: Understanding VPNs
C-3: Using PPTP to connect to a VPN server
C-4: Discussing tunneling protocols
Topic D:0 Telecommuting vulnerabilities
D-1: Configuring a remote access policy
Unit 5: E-mail
Topic A:0 Secure e-mail and encryption
A-1: Discussing encryption and hash functions
A-2: Discussing digital signatures and certificates
A-3: Understanding the encryption process
Topic B:0 PGP and S/MIME encryption
B-1: Discussing PGP
B-2: Comparing S/MIME and PGP
B-3: Installing and configuring PGP
B-4: Exporting and importing the public key
Topic C:0 E-mail vulnerabilities
C-1: Discussing e-mail vulnerabilities
Unit 6: Web security
Topic A:0 SSL/TLS protocol
A-1: Determining the browser’s cipher strength
A-2: Installing Ethereal to be able to analyze SSL packets
A-3: Configuring Ethereal and capturing a Web session
A-4: Reviewing decoded packets in plaintext
A-5: Analyzing an SSL session
A-6: Reviewing SSL and TLS
A-7: Viewing the SSL certificate
A-8: Discussing HTTPS
Topic B:0 Vulnerabilities of Web tools
B-1: Discussing JavaScript and ActiveX vulnerabilities
B-2: Discussing buffer overflow and cookie vulnerabilities
B-3: Reviewing signed applet and CGI vulnerabilities
B-4: Understanding SMTP relay vulnerabilities
Topic C:0 Configuring Internet Explorer security
C-1: Configuring and discussing security
C-2: Reviewing trusted sites
C-3: Configuring and discussing privacy settings
C-4: Reviewing cookies
C-5: Configuring and discussing advanced security settings
C-6: Reviewing advanced security settings
Unit 7: Directory and file transfer services
Topic A:0 Introduction to directory services
A-1: Understanding directory services
Topic B:0 File transfer services
B-1: Creating a new FTP site
B-2: Controlling access to the FTP site
B-3: Configuring FTP TCP/IP restrictions
B-4: Understanding file transfer services
Topic C:0 File sharing
C-1: Understanding file sharing
Unit 8: Wireless and instant messaging
Topic A:0 IEEE 802.11
A-1: Discussing IEEE 802.11 protocol
A-2: Creating a wireless network (demonstration only)
Topic B:0 WAP 1.x and WAP 2.0
B-1: Discussing WAP 1.x
B-2: Discussing WTLS protocol and WAP2.0
B-3: Controlling access to the WAP (demonstration only)
Topic C:0 Wired equivalent privacy
C-1: Generating a WEP key (demonstration only)
C-2: Understanding wired equivalent privacy
C-3: Performing a site survey (demonstration only)
C-4: Reviewing the wireless site survey
C-5: Resetting the WAP (demonstration only)
Topic D:0 Instant messaging
D-1: Discussing instant messaging
Unit 9: Network devices
Topic A:0 Understanding firewalls
A-1: Drafting a security policy
A-2: Designing the firewall to implement policy
Topic B:0 Routers
B-1: Discussing routers and gateways
Topic C:0 Switches
C-1: Understanding switches
Topic D:0 Telecom, cable modem, and wireless devices
D-1: Reviewing telecom, cable, and wireless security
Topic E:0 Securing remote access
E-1: Securing remote access devices
Topic F:0 Intrusion detection systems
F-1: Discussing IDS
Topic G:0 Network monitoring
G-1: Installing Microsoft Network Monitor
G-2: Using Network Monitor to sniff an FTP session
G-3: Reviewing Network Monitor
Unit 10: Transmission and storage media
Topic A:0 Transmission media
A-1: Discussing transmission media
A-2: Securing transmission media
Topic B:0 Storage media
B-1: Discussing storage media
Unit 11: Network security topologies
Topic A:0 Security topologies
A-1: Understanding security zones
Topic B:0 Network Address Translation
B-1: Discussing Network Address Translation
B-2: Configuring RRAS for NAT
B-3: Configuring the client for Internet access
B-4: Filtering outgoing traffic
B-5: Blocking local FTP access
Topic C:0 Tunneling
C-1: Reviewing VPN tunneling
Topic D:0 Virtual Local Area Networks
D-1: Discussing VLANs and trunking
Unit 12: Intrusion detection
Topic A:0 Intrusion detection systems
A-1: Detecting intrusion
Topic B:0 Network-based and host-based IDS
B-1: Discussing network-based IDS
B-2: Discussing host-based IDS
Topic C:0 Active and passive detection
C-1: Discussing active and passive detection
Topic D:0 Honeypots
D-1: Working with a honeypot
D-2: Working with SuperScan 3.0
Topic E:0 Incident response
E-1: Discussing incident response
Unit 13: Security baselines
Topic A:0 OS/NOS hardening
A-1: Using the Microsoft Baseline Security Analyzer
A-2: Discussing system hardening
A-3: Defining security templates in Windows Server 2003
A-4: Discussing file system security
Topic B:0 Network hardening
B-1: Discussing network hardening
B-2: Managing services and protocols with Windows Server 2003 security templates
B-3: Reviewing services and protocols
Topic C:0 Application hardening
C-1: Discussing Web, e-mail, and FTP server security
C-2: Discussing DNS and NNTP servers
C-3: Discussing file, print, and DHCP servers
C-4: Directory services
Topic D:0 Workstations and servers
D-1: Installing Windows Server 2003, service packs, and hotfixes
D-2: Protecting the system accounts database
D-3: Configuring passwords and other security settings
D-4: Configuring advanced network settings
D-5: Reviewing Windows Server 2003 security
Unit 14: Cryptography
Topic A:0 Concepts of cryptography
A-1: Understanding encryption algorithms
A-2: Understanding hashes, digital signatures, and certificates
Topic B:0 Public Key Infrastructure (PKI)
B-1: Understanding Public Key Infrastructure
Topic C:0 Key management and life cycle
C-1: Understanding certificate life cycle and management
Topic D:0 Setting up a certificate server
D-1: Installing a certificate server
D-2: Installing a client certificate
D-3: Administering a certificate server
D-4: Managing personal certificates
D-5: Managing certificate revocation
D-6: Setting up the certificate server
Unit 15: Physical security
Topic A:0 Access control
A-1: Discussing physical deterrents
A-2: Discussing biometrics
A-3: Discussing social engineering
Topic B:0 Environment
B-1: Discussing environment
Unit 16: Disaster recovery and business continuity
Topic A:0 Disaster recovery
A-1: Discussing the disaster recovery planning process
Topic B:0 Business continuity
B-1: Understanding business continuity
Topic C:0 Policies and procedures
C-1: Discussing the security policy
C-2: Discussing the human resources policy
C-3: Discussing incident response policy
Topic D:0 Privilege management
D-1: Discussing privilege management
Unit 17: Computer forensics and advanced topics
Topic A:0 Understanding computer forensics
A-1: Discussing the forensic process
Topic B:0 Risk identification
B-1: Discussing risk management
Topic C:0 Education and training
C-1: Discussing education and training
Topic D:0 Auditing
D-1: Understanding auditing
Topic E:0 Documentation
E-1: Discussing documentation
Appendix A: Certification exam objectives map
Topic A:0 Comprehensive exam objectives