CompTIA Network+ / Security+
| Course Length: |
10 days |
| Certifications: |
CompTIA Network+
CompTIA Security+ |
| Number of Exams: |
2 |
|
|
|
Certified Instructor
Includes all course materials
|
CompTIA Network+ (Exam N10-009) validates the core skills necessary to establish, maintain, troubleshoot and secure networks in any environment, preparing you for a rewarding career in networking and cybersecurity.
CompTIA Security+ (Exam SY0-701) is the primary course you will need to take if your job responsibilities include securing network services, network devices, and network traffic. It is also the main course you will take to prepare for the CompTIA Security+ examination. In this course, you'll build on your knowledge and professional experience with computer hardware, operating systems, and networks as you acquire the specific skills required to implement basic security services on any type of computer network.
Network+ certification
CompTIA Network+ (Exam N10-009) validates the core skills necessary to establish, maintain, troubleshoot and secure networks in any environment, preparing you for a rewarding career in networking and cybersecurity.
The Premier Early Career Networking Certification
Gain a wide range of technical and hands-on skills required of today’s early-career network administrators.
Exclusively Validates Vendor Neutral Network Management Knowledge
CompTIA Network+ is the only certification on the market that covers the core skills necessary to support networks in any environment.
Network+ is Approved for DoD 8140.03
CompTIA Network+ shows what you can do, not just what you know for the work roles of Technical Support Specialist, Network Operations Specialist and Systems Administrator.
What Skills Will You Learn?
Networking Concepts
Explain basic networking concepts, including the OSI model, network appliances, applications, cloud concepts, connectivity options and more.
Network Implementations
Understand routing technologies and important factors of physical installations; configure switching technologies and wireless devices.
Network Operations
Monitor and optimize networks to ensure business continuity.
Network Security
Understand security concepts and network attacks to harden networks against threats.
Network Troubleshooting
Explain the troubleshooting methodology and address common issues related to networking, including cable, connectivity, and software problems.
The CompTIA Network+ certification exam will certify the successful candidate has the knowledge and skills required to:
- Establish network connectivity by deploying wired and wireless devices.
- Explain the purpose of documentation and maintain network documentation.
- Configure common network services.
- Explain basic data-center, cloud, and virtual-networking concepts.
- Monitor network activity and troubleshoot performance and availability issues.
- Implement network security hardening techniques.
- Manage, configure, and troubleshoot network infrastructure.
1.0 Networking Concepts
Explain concepts related to the Open Systems Interconnection (OSI) reference model.
- Layer 1 - Physical
- Layer 2 - Data link
- Layer 3 - Network
- Layer 4 - Transport
- Layer 5 - Session
- Layer 6 - Presentation
- Layer 7 - Application
Compare and contrast networking appliances, applications, and functions.
- Physical and virtual appliances
- Applications
- Functions
Summarize cloud concepts and connectivity options.
- Network functions virtualization (NFV)
- Virtual private cloud (VPC)
- Network security groups
- Network security lists
- Cloud gateways
- Cloud connectivity options
- Deployment models
- Service models
- Scalability
- Elasticity
- Multitenancy
Explain common networking ports, protocols, services, and traffic types.
- Internet Protocol (IP) types
- Traffic types
Compare and contrast transmission media and transceivers.
- Wireless
- Wired
- Transceivers
- Connector types
Compare and contrast network topologies, architectures, and types.
- Mesh
- Hybrid
- Star/hub and spoke
- Spine and leaf
- Point to point
- Three-tier hierarchical model
- Collapsed core
- Traffic flows
Given a scenario, use appropriate IPv4 network addressing.
- Public vs. private
- Subnetting
- IPv4 address classes
Summarize evolving use cases for modern network environments.
- Software-defined network (SDN) and software-defined wide area network (SD-WAN)
- Virtual Extensible Local Area Network (VXLAN)
- Zero trust architecture (ZTA)
- Secure Access Secure Edge (SASE)/Security Service Edge (SSE)
- Infrastructure as code (IaC)
- IPv6 addressing
2.0 Network Implementation
Explain characteristics of routing technologies.
- Static routing
- Dynamic routing
- Route selection
- Address translation
- First Hop Redundancy Protocol (FHRP)
- Virtual IP (VIP)
- Subinterfaces
Given a scenario, configure switching technologies and features.
- Virtual Local Area Network (VLAN)
- Interface configuration
- Spanning tree
- Maximum transmission unit (MTU)
Given a scenario, select and configure wireless devices and technologies.
- Channels
- Frequency options
- Service set identifier (SSID)
- Network types
- Encryption
- Guest networks
- Authentication
- Antennas
- Autonomous vs. lightweight access point
Explain important factors of physical installations.
- Important installation implications
- Power
- Environmental factors
3.0 Network Operations
Explain the purpose of organizational processes and procedures.
- Documentation
- Life-cycle management
- Change management
- Configuration management
Given a scenario, use network monitoring technologies.
Explain disaster recovery (DR) concepts.
- DR metrics
- DR sites
- High-availability approaches
- Testing
Given a scenario, implement IPv4 and IPv6 network services.
- Dynamic addressing
- Name resolution
- Time protocols
Compare and contrast network access and management methods.
- Site-to-site VPN
- Client-to-site VPN
- Connection methods
- Jump box/host
- In-band vs. out-of-band management
4.0 Network Security
Explain the importance of basic network security concepts.
- Logical security
- Physical security
- Deception technologies
- Common security terminology
- Audits and regulatory compliance
- Network segmentation enforcement
Summarize various types of attacks and their impact to the network.
- Denial-of-service (DoS)/ distributed denial-of-service (DDoS)
- VLAN hopping
- Media Access Control (MAC) flooding
- Address Resolution Protocol (ARP) poisoning
- ARP spoofing
- DNS poisoning
- DNS spoofing
- Rogue devices and services
- Evil twin
- On-path attack
- Social engineering
- Malware
Given a scenario, apply network security features, defense techniques, and solutions.
- Device hardening
- Network access control (NAC)
- Key management
- Security rules
- Zones
5.0 Network Troubleshooting
Explain the troubleshooting methodology.
- Identify the problem
- Establish a theory of probable cause
- Test the theory to determine the cause
- Establish a plan of action to resolve the problem and identify potential effects
- Implement the solution or escalate as necessary
- Verify full system functionality and implement preventive measures if applicable
- Document findings, actions, outcomes, and lessons learned throughout the process
Given a scenario, troubleshoot common cabling and physical interface issues.
- Cable issues
- Interface issues
- Hardware issues
Given a scenario, troubleshoot common issues with network services.
- Switching issues
- Route selection
- Address pool exhaustion
- Incorrect default gateway
- Incorrect IP address
- Incorrect subnet mask
Given a scenario, troubleshoot common performance issues.
- Congestion/contention
- Bottlenecking
- Bandwidth
- Latency
- Packet loss
- Jitter
- Wireless
Given a scenario, use the appropriate tool or protocol to solve networking issues.
- Software tools
- Hardware tools
[ back to top ]
Security+ certification
CompTIA Security+ (SY0-701) is a global certification that validates the baseline skills necessary to perform core security functions and pursue an IT security career.
Open the Door to Your Cybersecurity Career
Launch a successful cybersecurity career
Develop a core foundation of essential skills, paving the way for a fulfilling career. More job roles use Security+ for baseline cybersecurity skills than any other certification in the industry.
Assess on-the-job skills
Security+ is the most widely adopted ISO/ANSI-accredited early career cybersecurity certification on the market with hands-on, performance-based questions on the certification exam. These practical questions assess your ability to effectively problem solve in real-life situations and demonstrate your expertise to potential employers immediately.
Embrace the latest trends
Understand and use the most recent advancements in cybersecurity technology, terms, techniques, and tools. By acquiring early career skills in the latest trends such as automation, zero trust, risk analysis, operational technology, and IoT, you will be well-equipped to excel in the ever-evolving cybersecurity landscape.
Exam SY0-701
The new CompTIA Security+ represents the latest and greatest in cybersecurity, covering the most in-demand skills related to current threats, automation, zero trust, IoT, risk - and more. Once certified, you'll understand the core skills needed to succeed on the job - and employers will notice too. The Security+ exam verifies you have the knowledge and skills required to:
- Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions.
- Monitor and secure hybrid environments, including cloud, mobile, Internet of Things (IoT), and operational technology.
- Operate with an awareness of applicable regulations and policies, including principles of governance, risk, and compliance.
- Identify, analyze, and respond to security events and incidents.
CompTIA Security+ is compliant with ISO 17024 standards and approved by the U.S. DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.
What Skills Will You Learn?
General Security Concepts
Includes key cybersecurity terminology and concepts up front to provide a foundation for security controls discussed throughout the exam.
Threats, Vulnerabilities & Mitigations
Focuses on responding to common threats, cyberattacks, vulnerabilities, and security incidents and appropriate mitigation techniques to monitor and secure hybrid environments.
Security Architecture
Includes security implications of different architecture models, principles of securing enterprise infrastructure, and strategies to protect data.
Security Operations
Includes applying and enhancing security and vulnerability management techniques, as well as security implications of proper hardware, software, and data management.
Security Program Management & Oversight
Updated to better reflect the reporting and communication skills required for Security+ job roles relating to governance, risk management, compliance, assessment, and security awareness.
Jobs You Can Land With CompTIA Security+
- Cloud Penetration Tester
- Network Security Operations
- Penetration Tester
- Network Security Analyst
- Web App Penetration Tester
- Security Architect
Course Content
1.0 General Security Concepts
Compare and contrast various types of security controls.
Summarize fundamental security concepts.
- Confidentiality, Integrity, and Availability (CIA)
- Non-repudiation
- Authentication, Authorization, and Accounting (AAA)
- Gap analysis
- Zero Trust
- Physical security
- Deception and disruption technology
Explain the importance of change management processes and the impact to security.
- Business processes impacting security operation
- Technical implications
- Documentation
- Version control
Explain the importance of using appropriate cryptographic solutions.
- Public key infrastructure (PKI)
- Encryption
- Tools
- Obfuscation
- Steganography
- Tokenization
- Data masking
- Hashing
- Salting
- Digital signatures
- Key stretching
- Blockchain
- Open public ledger
- Certificates
2.0 Threats, Vulnerabilities, and Mitigations
Compare and contrast common threat actors and motivations.
- Threat actors
- Attributes of actors
- Motivations
Explain common threat vectors and attack surfaces.
- Message-based
- Email
- Short Message Service (SMS)
- Instant messaging (IM)
- Image-based
- File-based
- Voice call
- Removable device
- Vulnerable software
- Unsupported systems and applications
- Unsecure networks
- Open service ports
- Default credentials
- Supply chain
- Human vectors/social engineering
Explain various types of vulnerabilities.
- Application
- Operating system (OS)-based
- Web-based
- Hardware
- Virtualization
- Cloud-specific
- Supply chain
- Cryptographic
- Misconfiguration
- Mobile device
- Zero-day
Given a scenario, analyze indicators of malicious activity.
- Malware attacks
- Physical attacks
- Network attacks
- Application attacks
- Cryptographic attacks
- Password attacks
- Indicators
Explain the purpose of mitigation techniques used to secure the enterprise.
- Segmentation
- Access control
- Application allow list
- Isolation
- Patching
- Encryption
- Monitoring
- Least privilege
- Configuration enforcement
- Decommissioning
- Hardening techniques
3.0 Security Architecture
Compare and contrast security implications of different architecture models.
- Architecture and infrastructure concepts
- Considerations
Given a scenario, apply security principles to secure enterprise infrastructure.
- Infrastructure considerations
- Secure communication/access
- Selection of effective controls
Compare and contrast concepts and strategies to protect data.
- Data types
- Data classifications
- General data considerations
- Methods to secure data
Explain the importance of resilience and recovery in security architecture.
- High availability
- Site considerations
- Platform diversity
- Multi-cloud systems
- Continuity of operations
- Capacity planning
- Testing
- Backups
- Power
4.0 Security Operations
Given a scenario, apply common security techniques to computing resources.
- Secure baselines
- Hardening targets
- Wireless devices
- Mobile solutions
- Wireless security settings
- Application security
- Sandboxing
- Monitoring
Explain the security implications of proper hardware, software, and data asset management.
- Acquisition/procurement process
- Assignment/accounting
- Monitoring/asset tracking
- Disposal/decommissioning
Explain various activities associated with vulnerability management.
- Identification methods
- Analysis
- Vulnerability response and remediation
- Validation of remediation
- Reporting
Explain security alerting and monitoring concepts and tools.
- Monitoring computing resources
- Activities
- Tools
Given a scenario, modify enterprise capabilities to enhance security.
- Firewall
- IDS/IPS
- Web filter
- Operating system security
- Implementation of secure protocols
- DNS filtering
- Email security
- File integrity monitoring
- DLP
- Network access control (NAC)
- Endpoint detection and response (EDR)/extended detection and response (XDR)
- User behavior analytics
Given a scenario, implement and maintain identity and access management.
- Provisioning/de-provisioning user accounts
- Permission assignments and implications
- Identity proofing
- Federation
- Single sign-on (SSO)
- Interoperability
- Attestation
- Access controls
- Multifactor authentication
- Password concepts
- Privileged access management tools
Explain the importance of automation and orchestration related to secure operations.
- Use cases of automation and scripting
- Benefits
- Other considerations
Explain appropriate incident response activities.
- Process
- Training
- Testing
- Root cause analysis
- Threat hunting
- Digital forensics
Given a scenario, use data sources to support an investigation.
5.0 Security Program Management and Oversight
Summarize elements of effective security governance.
- Guidelines
- Policies
- Standards
- Procedures
- External considerations
- Monitoring and revision
- Types of governance structures
- Roles and responsibilities for systems and data
Explain elements of the risk management process.
- Risk identification
- Risk assessment
- Risk analysis
- Risk register
- Risk tolerance
- Risk appetite
- Risk management strategies
- Risk reporting
- Business impact analysis
Explain the processes associated with third-party risk assessment and management.
- Vendor assessment
- Vendor selection
- Agreement types
- Vendor monitoring
- Questionnaires
- Rules of engagement
Summarize elements of effective security compliance.
- Compliance reporting
- Consequences of non-compliance
- Compliance monitoring
- Privacy
Explain types and purposes of audits and assessments.
- Attestation
- Internal
- External
- Penetration testing
Given a scenario, implement security awareness practices.
- Phishing
- Anomalous behavior recognition
- User guidance and training
- Reporting and monitoring
- Development
- Execution
[ back to top ]
MCSEClasses.com is your best choice for CompTIA Network Security,
CompTIA Network Security training,
CompTIA Network Security certification,
CompTIA Network Security certification boot camp,
CompTIA Network Security boot camp,
CompTIA Network Security certification training,
CompTIA Network Security boot camp training,
CompTIA Network Security boot camp certification,
CompTIA Network Security certification course,
CompTIA Network Security course,
training CompTIA Network Security,
certification CompTIA Network Security,
boot camp CompTIA Network Security,
certification CompTIA Network Security boot camp,
certification CompTIA Network Security training,
boot camp CompTIA Network Security training,
certification CompTIA Network Security course.
|
