COMPTIA Security+ (SY0-401) The COMPTIA Security+ certification is the foundation level security certification and is often used as a way to demonstrate security knowledge and skills comparable to someone with 18+ months in Information Security. Widely recognized as an assessment of vendor-neutral skills and knowledge revolving around basic security essentials, the Security+ meets the DOD 8570.1 Level 2 requirements. The Security+ class will include a thorough discussion of exam-related topics and knowledge areas required to pass the SY0-401 exam.
- Network Security: This topic examines the essentials of telecommunications and networking with a focus on securing the environment. Protocols, network devices and common network attacks and countermeasures are addressed and discussed. Network security is 20% of the overall exam score.
- Compliance and Operational Security: Beginning with a focus on risk management, this domain follows the development of policy through understanding risks. Risk assessment, analysis and mitigation techniques are explored to bring the corporate environment into compliant with legal and industry standards. Investigative techniques and procedures necessary to conduct incident response are included as well as business continuity and disaster recovery.
- Threats and Vulnerabilities: This section expands upon some of the network attacks discussed earlier and looks at threat patterns, both past and present. Historical attacks up to the most recent credible threats are included with analysis of the data breaches most recently in the news. By looking at past compromises, we can learn to better protect ourselves against future threats.
- Application, Data and Host Security: This section focuses on those elements where the true vulnerabilities exist—our software. Traditionally software has been designed with a functional baseline in mind, with security as an afterthought. Today’s environment requires that we approach the software development life cycle with an eye on security at each step along the way. Examination of database exploits and weaknesses, including mitigation techniques, as well as an introduction to technical management of software development projects complete this domain.
- Access Control and Identity Management: This section includes the exploration of the IAAA (Identification, Authentication, Authorization and Accounting) of access control. Though an identity is easy to claim, authentication requires proof through something the user knows, has or is. Biometrics, token devices, smart cards and cryptographic keys are ways in which users prove their identity. Following authenticity, users should be granted access to resources based on solid security principles like need-to-know and principle-of-least-privilege. Auditing/Accountability complete this process and are necessary to map an action to a subject. RADIUS and other AAA servers can be used to provide these services for secure remote access.
- Cryptography: This domain examines the security services provided by cryptography and how symmetric and asymmetric techniques are used in a networked environment to our data and provide non-repudiation for network activity. IPSEC, SSL and other cryptographic frameworks are discussed and common everyday uses of cryptography are explored.
The COMPTIA Security+ will validate an individual’s security understanding and readiness to participate on a team of information security specialists. Our five day certification class will keep you focused and motivated to learn and understand the materials you need to obtain the Security+ credential.