CompTIA Security+ Study Guide | CompTIA Security+ Training

CompTIA Security+ Training

Upcoming Batches

13

Mar

Mon-Fri (20 Hours)

10 AM - 12 PM

$311.38

$389.21

01

Mar

Mon-Fri (20 Hours)

07 PM - 08 PM

$311.38

$389.21

11

Mar

Sat-Sun (20 Hours)

11 AM - 02 PM

$311.38

$389.21

Course Features

There will be 20 Hours of Online Live Instructor-led Classes. You will be learning from real time expert. We also provide 24/7 support for you. Registered people will have access to LMS (Learning Management System) where you can find useful material and recorded sessions.

*Conditions Apply


For Lab/Practical’s we have allotted duration of 10 Hours. We give access to our Data center through VPN access. Feel free to contact us if you have any doubts our team will help you out. We have good lab infrastructure at our location.

*Conditions Apply


For Project completion total of 5 Hours are given for the participants. Candidates have to pay attention and complete the work. Participants need to utilize this time and finish project on time.

*Conditions Apply


All registered candidates will have access to learning management system which in short is called as LMS. Here you will find useful stuff such as class recordings, which will help in your career. LMS access will expire after 5 Months, from the date of registration of online/self-paced course.


24x7 online support team is available to help you with any technical queries you may face during the course. All the queries are tracked as tickets and you will get a guaranteed response from a support engineer. If required, Live support is provided by the support team by accessing your machine remotely. This ensures that all your concern faced during labs and project work are clarified anytime.


Towards the end of this online course, you will be working on a project. Project will be reviewed by our expert panel. On completion of project you will get course completion certificate from Kernel Training. Feel free to contact us for any queries.

About CompTIA Security+ Training:

CompTIA security+ study guide for building skills in cyber security or IT security. Computer security provides protection to the computer systems from any kind of damages or theft of the hardware or software information on them. It includes control and manage physical access to the hardware and protecting against harm that come via network access, due to malpractice by operators, which causes due to, accidental, intentional or any deviation from secure procedure.

CompTIA security+ training assist you to prepare for the CompTIA security certification, which is globally valid. It’s a vendor neutral security skills and knowledge. Comptia security+ exam includes the essential principles for network security and risk management. We provide best Comptia security+ tutorial to learn this subject.

Why Learn CompTIA Security+ Training:

CompTIA security+ is vendor neutral certification which ensures your security skills. This course help you to learn about best security practices in the IT industry. KernelTraining CompTIA security+ training begins with basics of Network security, fundamentals of Threats and Vulnerabilities, wireless security, deep understanding of control and identity management. KernelTraining faculty will also teach you Cryptography concepts. COmpTIA Security+ certification help to boost your career

X
Upcoming Batches
X
Upcoming Batches

CompTIA security+ Tutorial Pre-requisites:

  • You need to have knowledge or experience in management of windows or Unix or Linux system.
  • Students, professionals need to be aware of TCP/IP concepts.

CompTIA Security+ Training course Targeted Audience:

  • Security ​Consultant
  • Security or ​Systems ​Administrator
  • Security Specialist/Administrator
  • Security managers
  • Network ​Administrator
  • Professionals who are looking for bright career.

CompTIA security+ Training Target:

  • Overview of network security
  • Basic concepts of compliance and operational security.
  • In depth understanding of threats and vulnerabilities.
  • Explanation of application, data and host security.
  • Understanding of access control and identity management concepts.
  • Explanation of Cryptography.

CompTIA Security+ Training Format:

Upon registering, you will part of our CompTIA security+ online training program. You will be allowed to take part in online classes. All sessions will be interactive and are led by instructor. You will also have access to practice lab by which you can develop as well as enhance your IT skills. By this real time solution you can learn various concepts. You will have access to LMS (Learning management system) which includes recorded sessions, CompTIA security plus study guide, lab manuals and many more.

CompTIA security+ certification, exam Details:

  • Exam Code: SY0-401
  • Number of questions: 90
  • Test Duration: 90 Minutes
  • Passing score: 750 ( 100-900 scale)
  • Test offered in Languages: English, Portuguese and Japanese
  • Types of questions: multiple choice and performance based.

COMPTIA Security+ Certification:

Kernel provides cyber security certifications course certification letter at the end of the course; it’s a professional document work as a proof to show that a potential job candidate has completed a course and is eligible for a particular job. You will receive after the completion of CompTIA security+ online classes. The certification consists of your grade/marks achieved according to the performance of the real-time live project you have done. The security+ CompTIA certification card will be labeled with course name, course duration along with a grade.

In case you have a low grade for the first time, you can have a complete assistance from kernel in finishing the project with help from our instructors. We are here to help you 24×7.

CompTIA security+ SY0-401 Course curriculum:

Module 1: Network Security

Goal set: In this module of CompTIA security+ online course, you need to understand about Firewalls, switches, routers, VLAN, WAP, remote access, NAC, virtualization, protocols, SSL, TCP/IP, HTTPS, TELNET, DNS and ports

Topics:

Goal set: 1.1 Implement security configuration parameters on network devices and other technologies

Firewalls, Routers, Switches, Load Balancers, Proxies, Web security gateways, VPN concentrators, NIDS and NIPS: Behavior based, Signature based, Anomaly based And Heuristic, Protocol analyzers, Spam filter, UTM security appliances : URL filter, Content inspection, Malware inspection, Web application firewall vs. network firewall, Application aware devices: Firewalls, IPS, IDS and Proxies.

1.2 Given a scenario, use secure network administration principles

Rule-based management, Firewall rules, VLAN management, Secure router configuration, Access control lists, Port Security, 802.1x, Flood guards, Loop protection, Implicit deny, Network separation, Log analysis, Unified Threat Management.

1.3 Explain network design elements and components

DMZ, Sub-netting, VLAN, NAT, Remote Access, Telephony, NAC, Virtualization, Cloud Computing, Platform as a Service, Software as a Service, Infrastructure as a Service, Private, Public, Hybrid, Community, Layered security / Defense in depth.

1.4 Given a scenario, implement common protocols and services

Protocols, IPSec, SNMP, SSH, DNS, TLS, SSL, TCP/IP, FTPS, HTTPS, SCP, ICMP, IPv4,IPv6,iSCSI,Fibre Channel, FCoE, FTP, SFTP, TFTP, TELNET, HTTP, NetBIOS, Ports, 21, 22,25, 53, 80, 110,139,143,443, 3389, OSI relevance

1.5 Given a scenario, troubleshoot security issues related to wireless networking

WPA,WPA2,WEP,EAP,PEAP,LEAP,MAC filter, Disable SSID broadcast, TKIP, CCMP, Antenna Placement, Power level controls, Captive portals, Antenna types, Site surveys, VPN (over open wireless).

Module 2: Compliance and Operational Security

Goal set: At the end of this module you need to understand about control types, risk calculation, change management, order of volatility, data breach, reporting, role based training, HVAC, disaster recovery, safety, integrity, availability.

Topics:

2.1 Explain the importance of risk related concepts

Control types, Technical, Management, Operational, False positives, False negatives, Importance of policies in reducing risk, Privacy policy, Acceptable use, Security policy, Mandatory vacations, J ob rotation, Separation of duties, Least privilege, Risk calculation, Likelihood, ALE, Impact, SLE, ARO,MTTR, MTTF, MTBF, Quantitative vs. qualitative, Vulnerabilities, Threat vectors, Probability / threat likelihood, Risk-avoidance, transference, acceptance, mitigation, deterrence, Risks associated with Cloud Computing and Virtualization, Recovery time objective and recovery point objective.

2.2 Summarize the security implications of integrating systems and data with third parties

On-boarding/off-boarding business partners, Social media networks and/or applications, Interoperability agreements, SLA, BPA, MOU, ISA, Privacy considerations, Risk awareness, Unauthorized data sharing, Data ownership, Data backups, Follow security policy and procedures, Review agreement requirements to verify compliance and performance, standard.

2.3 Given a scenario, implement appropriate risk mitigation strategies

Change management, Incident management, User rights and permissions reviews, Perform routine audits, Enforce policies and procedures to prevent data loss or theft, Enforce technology controls, Data Loss Prevention (DLP).

2.4 Given a scenario, implement basic forensic procedures

Order of volatility, Capture system image, Network traffic and logs, Capture video, Record time offset, Take hashes, Screenshots, Witnesses, Track man hours and expense, Chain of custody, Big Data analysis,

2.5 Summarize common incident response procedures

Preparation, Incident identification, Escalation and notification, Mitigation steps, Lessons learned, Reporting, Recovery/reconstitution procedures, First responder, Incident isolation,Quarantine, Device removal, Data breach, Damage and loss control.

2.6 Explain the importance of security related awareness and training

Security policy training and procedures, Role-based training, Personally identifiable information, Information classification, High, Medium, Low, Confidential, Private, Public, Data labeling, handling and disposal, Compliance with laws, best practices and standards, User habits, Password behaviors, Data handling, Clean desk policies, Prevent tailgating, Personally owned devices, New threats and new security trends/alerts, New viruses, Phishing attacks, Zero-day exploits, Use of social networking and P2P, Follow up and gather training metrics to validate compliance and security, posture.

2.7 Compare and contrast physical security and environmental controls

Environmental controls, HVAC, Fire suppression, EMI shielding, Hot and cold aisles, Environmental monitoring, Temperature and humidity controls, Physical security, Hardware locks, Mantraps, Video Surveillance, Fencing, Proximity readers, Access list, Proper lighting, Signs, Guards, Barricades, Biometrics, Protected distribution (cabling), Alarms, Motion detection, Control types,Deterrent,Preventive,Detective,Compensating,Technical,Administrative.

2.8 Summarize risk management best practices

Business continuity concepts, Business impact analysis, Identification of critical systems and components, Removing single points of failure, Business continuity planning and testing, Risk assessment, Continuity of operations, Disaster recovery, IT contingency planning, Succession planning, High availability, Redundancy, Tabletop exercises, Fault tolerance, Hardware, RAID, Clustering, Load balancing, Servers, Disaster recovery concepts, Backup plans/policies, Backup execution/frequency, Cold site, Hot site, Warm site

2.9 Given a scenario, select the appropriate control to meet the goals of security

Confidentiality, Encryption, Access controls, Steganography, Integrity, Hashing, Digital signatures, Certificates, Non-repudiation, Availability, Redundancy, Fault tolerance, Patching, Safety, Fencing, Lighting, Locks, CCTV, Escape plans, Drills, Escape routes, Testing controls3.0 Threats and Vulnerabilities.

Module 3: Threats and Vulnerabilities

Goal set: By the end of this module of  this CompTIA security+ Online training, How to get cyber security certification, you need to understand about Adware, Trojan, Dos, Spam, Phishing, shoulder surfing, Rogue access point, SQL injection, WPS attacks, monitoring system logs and reporting.

Topics:

3.1 Explain types of malware

Adware, Virus, Spyware, Trojan, Rootkits, Backdoors, Logic bomb, Botnets, Ransomware, Polymorphic malware, Armored virus

3.2 Summarize various types of attacks

Man-in-the-middle, DDoS, DoS, Replay, Smurf attack, Spoofing, Spam, Phishing, Spim, Vishing, Spear phishing, Xmas attack, Pharming, Privilege escalation, Malicious insider threat, DNS poisoning and ARP poisoning, Transitive access, Client-side attacks, Password attacks, Brute force, Dictionary attacks, Hybrid, Birthday attacks, Rainbow tables, Typo squatting/URL hijacking, Watering hole attack.

3.3 Summarize social engineering attacks and the associated effectiveness with each attack

Shoulder surfing, Dumpster diving, Tailgating, Impersonation, Hoaxes, Whaling, Vishing, Principles (reasons for effectiveness), Authority, Intimidation, Consensus/Social proof., Scarcity, Urgency, Familiarity/liking, Trust.

3.4 Explain types of wireless attacks

Rogue access points, Jamming/Interference, Evil twin, War driving, Bluejacking, Bluesnarfing, War chalking, IV attack, Packet sniffing, Near field communication, Replay attacks, WEP/WPA attacks, WPS attacks.

3.5 Explain types of application attacks

Cross-site scripting, SQL injection, LDAP injection, XML injection, Directory traversal/command injection, Buffer overflow, Integer overflow, Zero-day, Cookies and attachments, LSO (Locally Shared Objects),Flash Cookies, Malicious add-ons, Session hijacking, Header manipulation, Arbitrary code execution / remote code execution,

3.6 Analyze a scenario and select the appropriate type of mitigation and deterrent, techniques

Monitoring system logs, Event logs, Audit logs, Security logs, Access logs, Hardening, Disabling unnecessary services, Protecting management interfaces and applications, Password protection, Disabling unnecessary accounts, Network security, MAC limiting and filtering,802.1x,Disabling unused interfaces and unused application service ports. Rogue machine detection, Security posture, Initial baseline configuration, Continuous security monitoring, Remediation, Reporting, Alarms, Alerts, Trends, Detection controls vs. prevention controls, IDS vs. IPS, Camera vs. guard

3.7 Given a scenario, use appropriate tools and techniques to discover security, threats and vulnerabilities,

Interpret results of security assessment tools, Tools, Protocol analyzer, Vulnerability scanner, Honeypots, Honeynets, Port scanner, Passive vs. active tools, Banner grabbing, Risk calculations, Threat vs. likelihood, Assessment types, Risk, Threat, Vulnerability, Assessment technique, Baseline reporting, Code review, Determine attack surface, Review architecture, Review designs

3.8 Explain the proper use of penetration testing versus vulnerability scanning,

Penetration testing, Verify a threat exists, Bypass security controls, Actively test security controls, Exploiting vulnerabilities, Vulnerability scanning, Passively testing security controls, Identify vulnerability, Identify lack of security controls, Identify common mis-configurations, Intrusive vs. non-intrusive, Credentialed vs. non-credentialed, False positive, Black box, White box, Gray box.

Module 4: Application, Data and Host Security:

Goal set: In this module of CompTIA security +certification exam, you need to understand about Fuzzing, device security, application security, BYOD, patch management, data policies, and hardware security.

Topics:

4.1 Explain the importance of application security controls and techniques.,

Fuzzing, Secure coding concepts, Error and exception handling, Input validation, Cross-site scripting prevention, Cross-site Request Forgery (XSRF) prevention, Application configuration baseline (proper settings),Application hardening, Application patch management, NoSQL databases vs. SQL databases, Server-side vs. Client-side validation.

4.2 Summarize mobile security concepts and technologies

Device security, Full device encryption, Remote wiping, Lockout, Screen-locks, GPS, Application control, Storage segmentation, Asset tracking, Inventory control, Mobile device management, Device access control, Removable storage, Disabling unused features, Application security, Key management, Credential management, Authentication, Geo-tagging, Encryption, Application whitelisting, Transitive trust/authentication, BYOD concerns, Data ownership, Support ownership, Patch management, Antivirus management, Forensics, Privacy, On-boarding/off-boarding, Adherence to corporate policies, User acceptance, Architecture/infrastructure considerations, Legal concerns, Acceptable use policy, On-board camera/video.

4.3 Given a scenario, select the appropriate solution to establish host security

Operating system security and settings, OS hardening, Anti-malware, Antivirus, Anti-spam, Anti-spyware, Pop-up blockers, Patch management, White listing vs. black listing applications, Trusted OS, Host-based firewalls, Host-based intrusion detection, Hardware security, Cable locks, Safe, Locking cabinets, Host software base lining, Virtualization, Snapshots, Patch compatibility, Host availability/elasticity, Security control testing, Sandboxing.

4.4 Implement the appropriate controls to ensure data security

Cloud storage, SAN, Handling Big Data, Data encryption, Full disk, Database, Individual files ,Removable media, Mobile devices, Hardware based encryption devices, TPM, HSM, USB encryption, Hard drive Data in-transit, Data at-rest, Data in-use, Permissions/ACL, Datapolicies, Wiping, Disposing, Retention, Storage.

4.5 Compare and contrast alternative methods to mitigate security risks in static environments

Environments, SCADA, Embedded (Printer, Smart TV, HVAC control),Android. iOS, Mainframe, Game consoles, In-vehicle computing systems, Methods, Network segmentation, Security layers, Application firewalls, Manual updates, Firmware version control, Wrappers, Control redundancy and diversity.

Module 5: Access Control and Identity Management

Goal set: In this module you need to understand about LDAP, Radius, authorization, authentication, account policy enforcement, continuous monitoring, group based privileges.

Topics:

5.1 Compare and contrast the function and purpose of authentication services

RADIUS, TACACS+, Kerberos, LDAP, XTACACS, SAML, Secure LDAP.

5.2 Given a scenario, select the appropriate authentication, authorization or, access control

Identification vs. authentication vs. authorization, Authorization, Least privilege, Separation of duties, ACLs, Mandatory access, Discretionary access, Rule-based access control, Role-based access control, Time of day restrictions, Authentication, Tokens, Common access card, Smart card, Multifactor authentication, TOTP, HOTP, CHAP, PAP, Single sign-on, Access control, Implicit deny, Trusted OS, Authentication factors, Something you are, Something you have, Something you know, Somewhere you are, Something you do, Identification, Biometrics, Personal identification verification card, Username, Federation, Transitive trust/authentication,

5.3 Install and configure security controls when performing account management, based on best practices

Mitigate issues associated with users with multiple account/roles and/or,shared accounts, Account policy enforcement, Credential management, Group policy, Password complexity, Expiration, Recovery, Disablement, Lockout, Password history, Password reuse, Password length, Generic account prohibition, Group based privileges, User assigned privileges, User access reviews, Continuous monitoring,

Module 6: Cryptography

Goal set: At the end of this module of CompTIA security+ certification online training, you need to understand about session keys, SHA, MD5, hashing, Ephemeral key, recovery agent, public and private key, trust models, PKI.

Topics:

6.1 Given a scenario, utilize general cryptography concepts

Symmetric vs. asymmetric, Session keys, In-band vs. out-of-band key exchange, Fundamental differences and encryption methods, Block vs. stream, Transport encryption, Non-repudiation, Hashing, Key escrow, Steganography, Digital signatures, Use of proven technologies, Elliptic curve and quantum cryptography, Ephemeral key, Perfect forward secrecy,

6.2 Given a scenario, use appropriate cryptographic methods

WEP vs. WPA/WPA2 and pre-shared key,MD5,SHA, RIPEMD,AES,DES,3DES,HMAC,RSA,Diffie-Hellman,RC4,One-time pads,NTLM,NTLMv2,Blowfish,PGP/GPG,TwoFish,DHE,ECDHE,CHAP,PAP,Comparative strengths and performance of algorithms, Use of algorithms/protocols with transport encryption, SSL,TLS, IPSec, SSH,HTTPS, Cipher suites, Strong vs. weak ciphers, Key stretching,PBKDF2,Bcrypt,

6.3 Given a scenario, use appropriate PKI, certificate management and associated, components

Certificate authorities and digital certificates, CA, CRLs, OCSP, CSR,PKI, Recovery agent, Public key, Private key, Registration, Key escrow, Trust models

CompTIA security+ Demo Class Recording

Welcome, To CompTIA security+ training.

How it Works?

  1. This is a online CompTIA security+ training with Instructor led LIVE and Interactive Sessions.
  2. This CompTIA security+ course contains Practical Work involving Practical Hands-on, Lab Assignments, and Real World Case Studies. This practical work can be done at your own pace. Learn Oracle coherence online by expert. Our trainer may assist you on CompTIA security plus practice test.
  3. You will have access to 24×7 Technical Support. You can request for assistance for any problem you might face or for any clarifications you may require during the course. Take assistance of CompTIA security+ online tutorial. Our trainer may also help you in knowing compTIA security+ certification cost.
  4. At the end of the CompTIA security+ online course, you will have to work on a Project. You will receive a Grade and a Verifiable Certificate on the successful completion of this project.


 

Frequently Asked Question



Can I make a direct walk-in to the live class?

What are the payment Options?

Who are the instructor?

What is the duration of session?

What is the procedure to download session video.?

Can I opt for short term duration classes?

Can I opt to cancel and reschedule my Course?

How fast would I get access to the learning material after signing up for the course?

Do I have permission to download training videos?

Will i be working on project?

How is the practical done?

What if i miss or skip a session?

Will my queries be answered after the completion of Training?

What is the duration for the accessibility of materials after the course completion?

Do you provide any certification for the training enrolled by me?

WIll i have to make separate payment for Certification?

What if my Project is not cleared in 1st attempt?

What if my Certification exam is not cleared in 1st attempt?

Should i pay to re-attempt the project or certification?

What are the courses offered for a fresher graduate?



Course Reviews

Well presented

★★★★☆
4 5 1
Varied & interesting CompTIA Security+ course. Well presented by tutor.

Enjoyed the openness

★★★★★
5 5 1
Enjoyed the openness of conversation and discussion. Instructor made the CompTIA Security+ course interesting.

Very supportive

★★★★☆
4 5 1
Practical element was good. Very supportive instructor of KernelTraining.

Knowledgeable

★★★★★
5 5 1
KernelTraining instructor was very knowledgeable and, if he didn't know an answer, he would look it up and come back at a later date.

Very Good

★★★★☆
4 5 1
I found the CompTIA Security+ course very good and learnt a few things previously not known.

Course Reviews

4

5 ratings
  • 1 stars0
  • 2 stars0
  • 3 stars0
  • 4 stars0
  • 5 stars0

No Reviews found for this course.

Upcoming Batches

13

Mar

Mon-Fri (20 Hours)

10 AM - 12 PM

$311.38

$389.21

01

Mar

Mon-Fri (20 Hours)

07 PM - 08 PM

$311.38

$389.21

11

Mar

Sat-Sun (20 Hours)

11 AM - 02 PM

$311.38

$389.21

Course Features

There will be 20 Hours of Online Live Instructor-led Classes. You will be learning from real time expert. We also provide 24/7 support for you. Registered people will have access to LMS (Learning Management System) where you can find useful material and recorded sessions.

*Conditions Apply


For Lab/Practical’s we have allotted duration of 10 Hours. We give access to our Data center through VPN access. Feel free to contact us if you have any doubts our team will help you out. We have good lab infrastructure at our location.

*Conditions Apply


For Project completion total of 5 Hours are given for the participants. Candidates have to pay attention and complete the work. Participants need to utilize this time and finish project on time.

*Conditions Apply


All registered candidates will have access to learning management system which in short is called as LMS. Here you will find useful stuff such as class recordings, which will help in your career. LMS access will expire after 5 Months, from the date of registration of online/self-paced course.


24x7 online support team is available to help you with any technical queries you may face during the course. All the queries are tracked as tickets and you will get a guaranteed response from a support engineer. If required, Live support is provided by the support team by accessing your machine remotely. This ensures that all your concern faced during labs and project work are clarified anytime.


Towards the end of this online course, you will be working on a project. Project will be reviewed by our expert panel. On completion of project you will get course completion certificate from Kernel Training. Feel free to contact us for any queries.

Drop a Query

Recommended Courses

IoT Training

IoT Training

$474.35 $379.49 9586
IBM PowerHA Training

IBM PowerHA Training

$652.29 $521.84 3564
AWS certification

AWS Tutorial

$523.10 $418.49 9264
Shell Scripting Tutorial

Shell Scripting Tutorial

$281.22 $224.99 7863
Apache Solr Tutorial

Apache Solr Tutorial

$354.35 $283.49 720
Tableau Tutorial

Tableau Tutorial

$374.97 $299.99 9524
Advanced Java Tutorial

Advanced Java Tutorial

$224.97 $179.99 5051
MySQL Workbench Tutorial

MySQL DBA Training Self Paced

$214.68 $171.74 3421
DevOps Training

Devops Training Self Paced

$214.68 $171.74 3221