CompTIA Security+ Training

In this introduction video you will learn about what’s in the course, what areas of security are covered, and a little about your instructor.

• What Will We Be Doing?
• Who is Your Instructor?
• What Areas of Security Are Covered?
• How to Use This Course

In this video you will be introduced to the course scenario that you will work with throughout the course.

• Meet Globomantics Inc.
• Globomantics Security Challenges

In this video you will learn what security is and you will do a high level overview of the history of IT security.

• What is Security?
• Risk Management
• How Did We Get Here?
• Security Activities
• Organizational Security
• Network Security
• System Security
• Access Control
• Assessments and Audits
• Security in Layers

In this video you will learn to eliminate single points of failures by implementing fault tolerance and redundancy.

• Single Points of Failure
• Fault Tolerance
• Redundant Array of Inexpensive Disk (RAID)
• Heating Ventilation and Air Conditioning (HVAC)
• Fire Suppression
• Redundancy
• Server Redundancy
• Network Redundancy
• Redundant Sites
• Environmental Components

In this video you will learn to prepare a disaster recovery plan. Plus, you will work hands-on to implement your own disaster recovery program.

• Disaster Recovery Planning
• System & Data Backup & Restore - Types of Backup Jobs
• System & Data Backup & Restore - Rotation Schemes
• Disaster Recovery Exercise

In this video you will learn how to utilize forensics to protect the integrity of potential evidence of an IT security breach, as it’s being collected. Plus, you will work hands-on to implement incident response procedures when a network or system attack occurs, so that you are ready to take the appropriate actions before systems or data are compromised.

• Forensics
• Incident Response
• Chain of Custody
• Collection of Evidence

In this video you will learn how to combat several different types of social engineering attacks.

• Globomantics Scenario
• Social Engineering
• Social Engineering Tactics
• Phishing
• Hoaxes
• Dumpster Diving
• Tail Gating
• Shoulder Surfing
• User Education and Awareness

In this video you will learn how to create an IT security policy document that includes outlining a security policy for IT components, information and data.

• Globomantics Scenario
• Policies Overview
• Due Care, Due Diligence, and Due Process
• Security Controls
• IT Security Policy Components
• Regulatory Compliance
• Risk Management
• Separation of Duties
• Change Management
• Security Related HR Policies
• Management Involvement in IT Security

In this video you will learn how to identify the types of monitoring that your IT department has in place. Plus, you will learn the details of several different monitoring strategies so that you will be able to recommend the best monitoring system for your IT environment.

• Globomantics Scenario
• System Monitors
• Agent Based System Monitors
• Simple Network Management Protocol (SNMP) System Monitors
• Performance Monitoring
• Network Tools
• Port Scanner
• Protocol Analyzer
• Network Mapper
• Vulnerability Scanner
• Intrusion Detection System (IDS)
• Network-based vs. Host-based IDS
• Signature-based IDS vs. Anomaly-based IDS
• Passive vs. Reactive IDS
• Penetration Testing

In this video you will learn how to take advantage of logging and how to properly use the information in logs to benefit your company. Plus, you will learn how to continually audit user access and rights to assess the potential level of risk that is posed to the company by client computer useage.

• Globomantics Scenario
• Logging
• Logging and Log Management
• Centralized vs. Distributed Logging
• Log Rotation and Retention
• System Logs
• Application Logs
• Security Logs
• Auditing
• User Access and Rights Review
• Risk Assessment and Mitigation
• Logging Demonstration

In this video you will learn about the network design considerations you should examine when designing a network. Plus, you will discover how to utilize security zones to design different areas of your network with different security requirements.

• Globomantics Scenario
• N-Tier Architecture
• Network Access Control (NAC)
• Network Access Translation (NAT)
• Security Zones
• Demilitarized Zones (DMZ)
• Intranet
• Extranet
• VLAN

In this video you will learn about the different types of network cabling, the various speeds of different network cables, and the security implications as they apply to these network cables. Plus, you will discover the pros and cons of several different network devices and the differences between three different types of firewalls.

• Coaxial Cable
• Twisted Pair Cable
• Fiber Optic Cable
• Network Devices
• Hubs
• Switches
• Routers
• Modems and Remotes Access Server (RAS)
• Packet Filtering Firewalls
• Application Layer Firewalls
• Stateful Inspection Firewalls

In this video you will learn about different networking protocols, especially the most common networking protocol, TCP/IP. Plus, you will discover several different protocol exploits that can be used by hackers to take advantage of the weak points of your IT security.

• OSI 7 Layer Model
• Networking Protocols
• TCP/IP
• Globomantics Scenario
• Spoofing
• Man In The Middle (MITM)
• TCP/IP Hijacking
• Null Session
• Replay Attacks
• Denial of Service (DoS)
• Distributed Denial of Service (DDoS)
• DNS Poisoning

In this video you will learn how to secure private data on a public network using the different types of Virtual Private Networks. Plus, you will examine the various Remote Access Protocols, how they differ from each other, and different security issues that these protocols face.

• Virtual Private Network (VPN)
• Globomantics Scenario
• VPN Tunneling Protocols
• Point to Point Tunneling Protocol (PPTP)
• Layer 2 Tunneling Protocol (L2TP)
• Internet Protocol Security (IPSec)
• Tunneling Protocol Comparison
• Secure Shell (SSH)
• 802.1X

In this video you will learn about the different types of wireless protocols that allow wireless communication to occur. Plus, you will discover the several different wireless exploits used by hackers to take advantage of and use your own wireless network against your company.

• Wireless Communications Overview
• Wireless Access Points
• Wireless Transport Layer Security
• IEEE Wireless Standards
• Protecting Wireless Networks
• Passive and Active Attacks
• Wardriving
• Bluetooth Vulnerabilities and Protection
• Site Survey

In this video you will learn how to secure your system hardware, which will include focusing on how USB drives can be a critical security threat. Plus, you will work hands-on with a server baseline security checklist to prevent these hardware vulnerabilities.

• Securing BIOS
• Securing USB Devices
• Securing Directly Attached Storage
• Security Templates
• Configuration Baseline
• Hotfixes, Patches and Service Packs
• Patch Management
• System Hardening

In this video you will learn about the different types of malware that can attack your servers. Plus, you will discover the steps you can take to make sure you can keep these threats from adversely effecting your IT environment.

• Default Accounts and Passwords
• Password Strength
• Back Doors
• Privilege Escalation
• Malware
• Root Kits
• Trojan Horses
• Viruses
• Worms
• Spyware
• Spam
• Logic Bombs

In this video you will learn how to apply different security applications to your environment to improve your overall IT security.

• Globomantics Scenario
• Personal Software Firewalls
• Host-Based Intrusion Detection Systems
• Proxy Servers
• Honey Pots
• Virtualization Security Considerations

In this video you will learn how email works so that you can better understand how to secure your email messaging system. Plus, you will discover some email vulnerabilities and how you can address them in your own infrastructure.

• Background Vocabulary
• Globomantics Scenario
• E-Mail Overview
• E-Mail Protocols
• Multipurpose Internet Mail Extensions (MIME)
• Secure Multipurpose Internet Mail Extensions (S/MIME)
• Pretty Good Privacy (PGP)
• E-Mail Vulnerabilities: SMTP Open Relays and Human Behavior

In this video you will learn how to lock down your web servers to make sure they are secure when being deployed as public facing web servers.

• Web Server Security
• Building Secure Web Services
• Web Services Description Language (WSDL)
• Content Filters
• Browser Protocols
• Instant Messaging

In this video you will learn how to improve your IT security by utilizing various programming languages that can be used in specific situations. Plus, you will learn about different web vulnerabilities and how you can properly deal with these vulnerabilities in you IT environment.

• Globomantics Scenario
• Browser Vulnerabilities and Hardening
• Java
• Code Signing
• ActiveX
• Common Gateway Interface (CGI)
• Buffer Overflow
• Cross Site Scripting (XSS)
• Cookies

In this video you will learn how to securely access an FTP server. Plus, you will examine the various FTP vulnerabilities and how you can deal with these to securely transfer files within your organization.

• Globomantics Scenario
• File Transfer Protocol (FTP) Overview
• FTP Access
• FTP Authentication
• FTP Vulnerabilities
• Securing File Transfer

In this video you will walk through the steps you need to take to properly apply access controls to the resources in your server environment.

• Access Control Overview
• Classification of Information
• Mandatory Access Control (MAC)
• Discretionary Access Control (DAC)
• Role Base Access Control (RBAC)

In this video you will work hands-on to establish an access control model on your computer systems using logical access controls. Plus, you will examine how to secure your physical environment by implementing physical access controls.

• Logical Access Controls
• User Names and Passwords
• Logon Time Restrictions
• Account Expiration
• Group Policy
• Tokens
• Physical Access Controls
• Identification
• Physical Access Logs and Lists
• Man-Trap
• Door Access Systems
• Video Surveillance

In this video you will learn how the different types of authentication models can be applied to your server environment to bolster your security from an authentication standpoint.

• Identification vs. Authentication
• Multi-Tiered Authentication
• Single Sign-on
• Kerberos
• Mutual Authentication
• Lightweight Directory Access Protocol (LDAP)
• Terminal Access Control Access Control System (TACACS)
• Remote Access Dial In User Service (RADIUS)
• Password Authentication Protocol (PAP)
• Challenge Handshake Authentication Protocols (CHAP)

In this video you will learn the basic concepts of cryptographic algorithms and how encryption uses these technologies to provide security to your IT environment.

• Cryptography
• Ciphers
• Substitution Ciphers
• Transposition Cipher
• Block Ciphers
• Stream Ciphers
• Symmetric Keys
• Symmetric Key Algorithms
• Asymmetric Keys
• Asymmetric Key Algorithms
• Hashing
• Hashing Algorithms

In this video you will learn how to utilize cryptography to secure your IT environment. Plus, you will delve into the practice of steganography, which allows you to hide data in file so that people cannot detect that the extra data exists.

• Cryptographic Key Pair Usage
• X.509
• Digital Certificates
• Single vs. Dual Sided Certificates
• Digital Signatures
• Data Encryption
• Steganography

In this video you will learn about the building blocks of PKI and how you can use PKI to manage every aspect of digital certificates.

• Public Key Infrastructure (PKI)
• Trust Models
• Hierarchical Trust Model
• Certificate Revocation
• Key Management

In this video you will learn Paul’s inside tips and pointers on the exam certification process and other things you should consider before taking the exam.

• Exam Overview
• Exam Objectives
• Study Recommendations
• Exam Preparation

Reaching the end of the course does not mean the learning has to end! In this video you will discover the "next steps" for continuing your growth in the field of IT Security.

• What We Learned in the Course
• Follow Up
• We Value Your Opinion