CompTia Security+ Part 2: Communication Security

Outline

1. Contents
2. Description
3. Audience
4. Prerequisites
5. Objectives
6. Topics Include
7. Duration
8. Minimum Requirements
9. Media

Description

This course covers cryptography and operational security. The course begins with an introduction to algorithms, and hashing. Then, participants are introduced to PKI, certificates, standards, and key management. Participants will also learn about physical security considerations, and how to deal with disaster recovery and business continuity. Guidelines for establishing security, HR, and incident response policies are taught. Finally, the learner will acquire a deeper understanding of their role in preserving and collection evidence and the management of documentation.

Audience

This curriculum is targeted at IT professionals who wish to gain CompTIA Security+ certification. Participants should have a minimum of two years networking experience and possess a thorough knowledge of TCP/IP. CompTIA recommended that the Security+ test candidate have the knowledge and skills equivalent of those tested for in the CompTIA A+ and Network+ certification exams. The following Thomson NETg courses provide the required prerequisite knowledge: A+ courses 13838-13844 and Network+ courses 14181-14183.

Prerequisites

(Currently no course prerequisite information)

Objective

Upon completion of this course, the student will be able to:

• identify features of encryption.
• identify types of symmetric encryption.
• identify features of asymmetric encryption.
• identify considerations for securing physical access to an area.
• identify considerations for securing an environment.
• identify considerations for making a backup.
• identify considerations for performing a forensic examination.
• identify considerations for preserving a chain of custody.
• identify guidelines for preserving evidence.

Topics Include

Unit 1: Cryptography, PKI, and Certificates

• Identify features of encryption.
• Identify types of symmetric encryption.
• Identify features of asymmetric encryption.
• Identify types of hashing technology.
• Identify features of digital signatures.
• Identify components of Public Key Infrastructure (PKI).
• Match X.509 standard certificate elements with their descriptions.
• Identify features of certificate polices and Certificate Practices Statements (CPSs).
• Identify reasons for certificate revocation.
• Match trust models with their features.
• Identify standards for Public Key Infrastructure (PKI).
• Sort features of centralized and decentralized key management.
Identify guidelines for key storage.
• Identify features of key escrow.
• Identify reasons for terminating the use of a certificate.
• Identify reasons for recovery and renewal of a key.
• Identify features of a multiple key pair.

Unit 2: Operational and Organizational Security

• Identify considerations for securing physical access to an area.
• Identify considerations for securing an environment.
• Identify considerations for making a backup.
• Identify considerations for secure recovery from a disaster.
• Identify considerations for creating a disaster recovery plan.
• Identify features of a business continuity plan.
• Identify considerations for substituting utility supply.
• Identify considerations for fault tolerance.
• Identify features of a security policy.
• Identify features of Service Level Agreements (SLAs).
• Identify considerations for the disposal and destruction of data and equipment.
• Identify considerations for creating a Human Resources (HR) policy that supports security.
• Identify considerations for planning an incident response policy.
• Identify considerations for user, group, and role privilege management.
• Identify features of single sign-on.
• Sort features of centrailzed and decentralized privilege management.

Unit 3: Forensics and Documentation

• Identify considerations for performing a forensic examination.
• Identify considerations for preserving a chain of custody.
• Identify guidelines for preserving evidence.
• Identify guidelines for collecting evidence.
• Identify considerations for identifying assets.
• Identify considerations for risk assessment.
• Identify considerations for identifying and preventing threats.
• Identify considerations for dealing with vulnerabilities.
• Identify methods for enhancing security through education.
• Identify considerations for creating documentation.
• Identify considerations for formulating classification and notification procedures.
• Identify considerations for formulating retention and destruction procedures.

Duration

8 Hours

Minimum Requirements

Minimum System Requirements: (Server)

• Microsoft NT 4.0 Server running Microsoft’s Internet Information Server (IIS) 4.0 (Service Pack 4 or newer)
• 200 MHz Pentium Processor Computer with a least 64 MB of RAM
• 15 MB of hard drive space per Audio Enhanced version
• 5 MB of hard drive space per Graphic Enhanced version
Minimum Playback Requirements: (Client)

• Netscape 4.064.X with JVM 1.1.5 or higher.
• Microsoft Internet Explorer 4.01 Service Pak 2 with latest JVM from Microsoft.
• 100 MHz Pentium Processor Computer with at least 16 MB of RAM
• Windows 95, 98, NT 4.0, 2000
• 800 X 600 monitor at 16 bit color depth
• Sound Card and Speakers

• Netscape 4.064.X with JVM 1.1.5 or higher.
• Microsoft Internet Explorer 4.01 Service Pak 2 with latest JVM from Microsoft.
• Pentium Processor Computer with at least 16 MB of RAM
• Windows 95, 98, NT 4.0, 2000
• 800 X 600 monitor

• Latest JVM from Microsoft
• 100 MHz Pentium Processor Computer with at least 16 MB of RAM
• Windows 95, 98, NT 4.0, 2000
• 800 X 600 monitor at 16 bit color depth
• Sound Card and Speakers (optional)
CDROM Playback Specifications

Pentium Processor 166 MHz Computer
Windows 95, 98, NT 4.0, 2000
800x600; 16bit color
16 MB of RAM
At least 5 MB of hard drive space
Note: QuickTime requires an additional 20MB on the first install
Double speed CDROM drive
16bit sound card with speakers

Media

© Copyright Serebra Learning Corp., 2002