CompTIA Security+ Part 3: Infrastructure Security

In this course the learner is introduced to infrastructure security considerations. Security considerations for technologies including firewalls servers and mobile devices are covered. The learner is stepped through security issues surrounding cable and removable media. Security topologies including DMZs and VLANs are also taught. Finally participants learn about security baseline issues including OS/NOS hardening network hardening and application hardening.

This is primarily online training This is an online eLearning or CBT training program Contact Serebra Learning Corporation for more information

Duration: 8 hours Training Presented in: English

Audience

This curriculum is targeted at IT professionals who wish to gain CompTIA Security+ certification. Participants should have a minimum of two years networking experience and possess a thorough knowledge of TCP/IP. CompTIA recommended that the Security+ test candidate have the knowledge and skills equivalent of those tested for in the CompTIA A+ and Network+ certification exams. The following Thomson NETg courses provide the required prerequisite knowledge: A+ courses 13838-13844 and Network+ courses 14181-14183.

Objective

Upon completion of this course the student will be able to:

• identify features of a firewall.
• identify features of a packet filtering firewall.
• identify features of a stateful inspection firewall.
• identify security vulnerabilities of a coaxial cable.
• identify security vulnerabilities of an unshielded twisted pair (UTP) and a shielded twisted pair (STP) cable.
• identify security vulnerabilities of a fiber-optic cable.
• identify considerations when implementing perimeter security.
• identify features of a demiliratized zone (DMZ).
• sort features of an intranet and an extranet.
• identify guidelines for establishing security baselines.
• identify guidelines for operating system/Network Operating System (OS/NOS) hardening.
• identify guidelines for setting file system permissions.

Topics Include

Unit 1: Devices

• Identify features of a firewall.
• Identify features of a packet filtering firewall.
• Identify features of a stateful inspection firewall.
• Identify features of a proxy firewall.
• Identify features of a personal firewall.
• Identify security vulnerabilities of a router.
• Identify security vulnerabilities of a switch.
• Identify security vulnerabilities of a wireless access point (AP).
• Identify security vulnerabilities of a modem.
• Identify security vulnerabilities of a Remote Access Service (RAS).
• Identify security vulnerabilities of a telecom/private branch exchange (PBX) system.
• Identify security vulnerabilities of a virtual private network (VPN).
• Identify features of a network monitoring system.
• Identify security vulnerabilities of a workstation.
• Identify security vulnerabilities of a server.
• Identify security vulnerabilities of mobile devices.

Unit 2: Media-Based Security

• Identify security vulnerabilities of a coaxial cable.
• Identify security vulnerabilities of unshielded twisted pair (UTP) and shielded twisted pair (STP) cables.
• Identify security vulnerabilities of a fiber-optic cable.
• Identify security vulnerabilities of magnetic and optical media.
• Identify security vulnerabilities of solid state media.

Unit 3: Topologies and Intrusion Detection

• Identify considerations when implementing perimeter security.
• Identify features of a demiliratized zone (DMZ).
• Distinguish between an intranet and an extranet.
• Identify features of a virtual local area network (VLAN).
• Identify features of network address translation (NAT).
• Identify features and functions of tunneling.
• Identify features of Intrusion Detection Systems (IDSs).
• Identify features of a network-based intrusion detection system (NIDS).
• Identify features of a host-based intrusion detection system.
• Identify security issues associated with an Intrusion Detection System (IDS).
• Identify features of a honey pot.
• Identify features of an incident response policy.

Unit 4: Hardening Systems

• Identify guidelines for establishing security baselines.
• Identify guidelines for operating system/Network Operating System (OS/NOS) hardening.
• Identify guidelines for setting file system permissions.
• Identify features of operating system (OS) updates.
• Identify guidelines for network hardening.
• Identify guidelines for implementing filtering through Access Control Lists (ACLs).
• Identify guidelines for hardening a Web server.
• Identify guidelines for hardening an e-mail server.
• Identify guidelines for hardening a File Transfer Protocol (FTP) server.
• Identify guidelines for hardening a Domain Name Service (DNS) server.
• Identify guidelines for hardening a Network News Transfer Protocol (NNTP) server.
• Identify guidelines for hardening a file and print server.
• Identify guidelines for securing a Dynamic Host Configuration Protocol (DHCP) server.
• Identify guidelines for hardening a database server.

Duration

8 Hours

Minimum Requirements

The CDROM version of this course requires:

• At least a 486DX 33Mhz CPU.
• Microsoft Windows 3.1 or higher and a Microsoft compatible mouse.
• At least 8MB RAM.
• At least VGA graphics capability with a minimum 512K video RAM (1MB video RAM recommended).
• At least a double speed CDROM drive.
• An MPC compliant sound card with attached speakers or headphones is recommended (Currently only the CDROM version supports audio).

• At least a 486DX 33Mhz CPU.
• Microsoft Windows 3.1 or higher and a Microsoft compatible mouse.
• At least 8MB RAM and 22MB available hard disk space or file server space.
• At least VGA graphics capability with a minimum 512K video RAM (1MB video RAM recommended).

Media

CDROM

• CompTIA Security+ Part 1: Security Concepts
• CompTia Security+ Part 2: Communication Security
• CompTIA Security+ Part 4: Cryptography and Operational Security