Shopping Cart | Contact Us | 1-855-668-5858

Security +

Our comprehensive training package includes all the resources you will need to master the CompTIA Security+ material and ace the exam. All learning styles are facilitated.

Let IP3, Inc. take your IT career one step further and help you to become Security+™ certified with our self-paced online training course. We make it easier than ever, because we have engineered a solution which allows you to receive the most comprehensive preparation for the exam, while still working with your schedule and not busting your educational budget. Our programs are a step above the rest because we cover every angle with our training. No matter what your time constraints, budget restrictions, or learning style IP3 has a solution and a choice for you. Reaching your goal doesn’t mean you have to take the same path as everyone else. At IP3, Inc. ALL paths lead to the same goal—-Your Security+™ certification!

IP3’s instructor-led prerecorded peer interactive podcasts are available at our training website, and provides comprehensive and in-depth self-study materials that cover the 5 domains of the Security+™ curriculum.  Each domain is broken down into 2, 1-2 hour prerecorded discussion sessions and 1-2 hour review sessions. You are not just listening to a lecture but a recording of domain discussions between our expert instructors and other learners just like you. Through this approach we maximize a near-live experience, just as if you were in the discussion yourself. You will be able to watch the instructor’s slides and hear the discussion between your peers. You can benefit your learning experience by having the option to play, and replay as many times as you wish, when your schedule allows..

You will have access to our training website and download full sessions to your desktop. Our training programs give you the option of receiving an Apple iPod Touch or Apple iPad, preloaded with all 5 domains to take your learning one step further. This option allows to study when it fits your on-the-go schedule. Whether you are reviewing individual domain topics for the first time, or reviewing before your exam, this educational tool will launch your training to the next level. Take our program with you when you are flying, at lunch, or on a long car ride. It really allows you to learn anytime, anywhere!

The podcasts of the review sessions cover practice test questions on each domain. These practice test questions are the key to passing your exam. Our certified and welled trained instructors cover test taking skills and how to shuffle your way through the answers to find the most probably, and likely correct response. No matter the difficulty, they demonstrate how to apply your knowledge of the subject matter to give you the confidence in the answer that you choose. Everyone knows “practice makes perfect” and by thoroughly reviewing practice test questions you can become comfortable with the exam format and gain the self-assurance to successfully pass the exam.

No other Security+™ training gives you the most educational value for your training budget.

What You’ll Learn

Security+™ is a vendor-neutral globally recognized validation that a candidate has mastered security job-task skills equivalent to a networking professional with two years of practical networking experience with emphasis on security. Domains included in the Security+™ exam are: General Security Concepts, Communications Security, Infrastructure Security, Basics of Cryptography and Operational/Organizational Security.

Domain 1.0 – General Security Concepts (30%)

1.1 Recognize and be able to differentiate and explain the following access control models

  • MAC (Mandatory Access Control)
  • DAC (Discretionary Access Control)
  • RBAC (Role Based Access Control)
1.2 Recognize and be able to differentiate and explain the following methods of authentication

  • Kerberos
  • CHAP (Challenge Handshake Authentication Protocol Certificates
  • Username / Password
  • Tokens
  • Multi-factor
  • Mutual
  • Biometrics
1.3 Identify non-essential services and protocols and know what actions to take to reduce the risks of those services and protocols
1.4 Recognize the following attacks and specify the appropriate actions to take to mitigate vulnerability and risk

  • DOS / DDOS (Denial of Service / Distributed Denial of Service)
  • Back Door
  • Spoofing
  • Man in the Middle
  • Replay
  • TCP/IP Hijacking
  • Weak Keys
  • Mathematical
  • Social Engineering
  • Birthday
  • Password Guessing
  • Brute Force
  • Dictionary
  • Software Exploitation

 

1.5 Recognize the following types of malicious code and specify the appropriate actions to take to mitigate vulnerability and risk

  • Viruses
  • Trojan Horses
  • Logic Bombs
  • Worms
1.6 Understand the concept of and know how to reduce the risks of social engineering
1.7 Understand the concept and significance of auditing, logging and system scanning
Domain 2.0 – Communication Security - 20%
2.1 Recognize and understand the administration of the following types of remote access technologies802.1x

  • VPN (Virtual Private Network)RADIUS (Remote Authentication Dial-In User Service)
  • TACACS (Terminal Access Controller Access Control System)L2TP / PPTP (Layer Two Tunneling Protocol / Point to Point Tunneling Protocol)
  • SSH (Secure Shell)IPSEC (Internet Protocol Security)
  • Vulnerabilities2.6 Recognize and understand the administration of the following wireless technologies and conceptsWTLS (Wireless Transport Layer Security)
  • 802.11 and 802.11xWEP / WAP (Wired Equivalent Privacy / Wireless Application Protocol)VulnerabilitiesSite Surveys
2.2 Recognize and understand the administration of the following email security concepts

  • S/MIME (Secure Multipurpose Internet Mail Extensions)
    PGP (Pretty Good Privacy) like technologies
  • Vulnerabilities
  • SPAM
  • Hoaxes
2.3 Recognize and understand the administration of the following Internet security concepts

  • SSL / TLS (Secure Sockets Layer / Transport Layer Security)
  • HTTP/S (Hypertext Transfer Protocol / Hypertext Transfer Protocol over Secure Sockets Layer)
  • Instant Messaging
  • VulnerabilitiesPacket Sniffing
  • Privacy
  • Vulnerabilities
  • Java ScriptActiveX
  • Buffer Overflows
  • CookiesSigned Applets
  • CGI (Common Gateway Interface)
  • SMTP (Simple Mail Transfer Protocol) Relay
2.4 Recognize and understand the administration of the following directory security concepts

  • SSL / TLS (Secure Sockets Layer / Transport Layer Security)
  • LDAP (Lightweight Directory Access Protocol)
2.5 Recognize and understand the administration of the following file transfer protocols and concepts

  • S/FTP (File Transfer Protocol)
    Blind FTP (File Transfer Protocol) / Anonymous File Sharing
  • Vulnerabilities
  • Packet Sniffing
Domain 3.0 Infrastructure Security – 20%
3.1 Understand security concerns and concepts of the following types of devices

  • Firewalls
  • Routers
  • Switches
  • WirelessModems
  • RAS (Remote Access Server)
  • Telecom / PBX (Private Branch Exchange)VPN (Virtual Private Network)
  • IDS (Intrusion Detection System)
  • Network Monitoring / Diagnostics
  • Workstations
  • Servers
  • Mobile Devices
3.2 Understand the security concerns for the following types of media

  • Coaxial Cable
  • UTP / STP (Unshielded Twisted Pair / Shielded Twisted Pair)
  • Fiber Optic Cable
  • Removable Media
  • Tape
  • CD-R (Recordable Compact Disks)Hard Drives
  • Diskettes
  • Flashcards
  • Smartcards
3.3 Understand the concepts behind the following kinds of Security Topologies

  • Security Zones
  • DMZ (Demilitarized Zone)Intranet
  • Extranet
  • VLANs (Virtual Local Area Network)
  • NAT (Network Address Translation)
  • Tunneling
3.4 Differentiate the following types of intrusion detection, be able to explain the concepts of each type, and understand the implementation and configuration of each kind of intrusion detection system.Network Based

  • Active Detection
  • Passive Detection

Host Based

  • Active Detection
  • Passive Detection
  • Honey Pots
  • Incident Response
3.5 Understand the following concepts of Security Baselines, be able to explain what a Security Baseline is, and understand the implementation and configuration of each kind of intrusion detection system

  • OS / NOS (Operating System / Network Operating System) Hardening
  • File System
  • Updates (Hotfixes, Service Packs, Patches)
  • Network Hardening
  • Updates (Firmware) Configuration
  • Enabling and Disabling Services and Protocols
  • Access Control Lists
  • Application Hardening
  • Updates (Hotfixes, Service Packs, Patches)Web Servers
  • E-mail Servers
  • FTP (File Transfer Protocol) Servers
  • DNS (Domain Name Service) Servers
  • NNTP (Network News Transfer Protocol) ServersFile / Print Servers
  • DHCP (Dynamic Host Configuration Protocol) Servers
  • Data Repositories
  • Directory Services
  • Databases
Domain 4.0 Basics of Cryptography – 15%
4.1 Be able to identify and explain each of the following different kinds of cryptographic algorithms

  • Hashing
  • Symmetric
  • Asymmetric
4.2 Understand how cryptography addresses the following security concepts

  • Confidentiality
  • Integrity
  • Digital Signatures
  • Authentication
  • Non-Repudiation
  • Digital Signatures
  • Access Control
4.3 Understand and be able to explain the following concepts of PKI (Public Key Infrastructure)

  • Certificates
  • Certificate Policies
  • Certificate Practice Statements
  • Revocation
  • Trust Models
4.4 Identify and be able to differentiate different cryptographic standards and protocols
4.5 Understand and be able to explain the following concepts of Key Management and Certificate Lifecycles

  • Centralized vs. Decentralized
  • Storage
  • Hardware vs. Software
  • Private Key Protection
  • Escrow
  • Expiration
  • Revocation
  • Status Checking
  • Suspension
  • Status Checking
  • Recovery
  • M-of-N Control (Of M appropriate individuals, N must be present to authorize recovery)
  • Renewal
  • Destruction
  • Key Usage
  • Multiple Key Pairs (Single, Dual)
Domain 5.0 Operational / Organizational Security – 15%
5.1 Understand the application of the following concepts of physical security

  • Access Control
  • Physical Barriers
  • Biometrics
  • Social Engineering
  • Environment
  • Wireless Cells
  • Location
  • Shielding
  • Fire Suppression
5.2 Understand the security implications of the following topics of disaster recovery

  • Backups
  • Off Site Storage
  • Secure Recovery
  • Alternate Sites
  • Disaster Recovery Plan
5.3 Understand the security implications of the following topics of business continuity

  • Utilities
  • High Availability / Fault Tolerance
  • Backups
5.4 Understand the concepts and uses of the following types of policies and procedures

  • Security Policy
  • Acceptable Use
  • Due Care
  • Privacy
  • Separation of Duties
  • Need to Know
  • Password Management
  • SLAs (Service Level Agreements)
  • Disposal / Destruction
  • HR (Human Resources) Policy
  • Termination (Adding and revoking passwords and privileges, etc.)
  • Hiring (Adding and revoking passwords and privileges, etc.)
  • Code of Ethics
  • Incident Response Policy
5.5 Explain the following concepts of privilege management

  • User / Group / Role Management
  • Single Sign-on
  • Centralized vs. Decentralized
  • Auditing (Privilege, Usage, Escalation)
  • MAC / DAC / RBAC (Mandatory Access Control / Discretionary Access Control / Role Based Access Control)
5.6 Understand the concepts of the following topics of forensics

  • Chain of Custody
  • Preservation of Evidence
  • Collection of Evidence
5.7 Understand and be able to explain the following concepts of risk identification

  • Asset Identification
  • Risk Assessment
  • Threat Identification
  • Vulnerabilities
5.8 Understand the security relevance of the education and training of end users, executives and human resources

  • Communication
  • User Awareness
  • Education
  • On-line Resources
5.9 Understand and explain the following documentation concepts

  • Standards and Guidelines
  • Systems Architecture
  • Change Documentation
  • Logs and Inventories
  • Classification
  • Notification
  • Retention / Storage
  • Destruction
BUY NOW


Security Blog

Understanding Risk - A 5-step risk management strategy

So, what is risk? What does it mean? We can define risk as the possibility that bad, unplanned or unexpected things happen. It implies,...

A Dike and Three Dutch Boys…is this enough?

…Applying a triad methodology for risk management.

Similar to the Dutch boys and their dike, securing the barrier between your IT infrastructure and the rest...

Business Continuity – it’s not just for the big boys who can afford the big toys

For anyone with roots along the Gulf Coast - if have learned anything through the years, it’s that the impacts of weather can frequently...