CompTIA Security Training Course

Provided by

Enquire about this course


SKU: 4538

Format: Training Course

  • Tests your skills and knowledge to install and configure systems to secure devices, applications and networks.
  • Learn how to troubleshoot security events and incidents.
  • Train without the travel with our instructor-led online or classroom/online combination courses giving you all the benefits of classroom study without the hassle, uncertainty and cost of travel.
  • The classroom/online courses offer you the option to attend in person or online, if circumstances change.
  • Successful completion of the course and included exam leads to the CompTIA Security+ certification.


  • Training course outline

    CompTIA Security+ is an internationally recognised qualification that demonstrates that individuals have the knowledge required to identify security risks, participate in risk mitigation activities, and deliver infrastructure, application, and operational security.

    It also confirms that the holder can apply security controls to maintain confidentiality, integrity and availability, identify appropriate technologies, troubleshoot security incidents, and operate with an awareness of applicable policies, laws and regulations.

    CompTIA Security+ course benefits

    Globally recognised course

    Globally recognised qualification by employers in over 147 countries.

    Gain a popular qualification

    Strong demand for qualified information security professionals.

    Advance your career

    Enhanced career advancement in an existing organisation.

    Boost your potential

    Higher salaries and remuneration.

    Who should attend this course?

    IT professionals who wish to build on their existing knowledge of IT networks and develop a career as an information security professional. It is also suitable for existing information security professionals who wish to gain an industry-recognised qualification.

    Your Learning Path

    Find out how the CompTIA Security+ Training Course will help you start or enhance your knowledge and career.

    This course is an essential component of the following learning path:

  • Cyber Security roles


  • ×

    Course details

    What does this course cover?

  • Identify network attack strategies and defences.
  • Understand the principles of organisational security and the elements of effective security policies.
  • Know the technologies and uses of cryptographic standards and products.
  • Identify network- and host-based security technologies and practices.
  • Describe how wireless and remote access security is enforced.
  • Describe the standards and products used to enforce security on web and communications technologies.
  • Identify strategies for ensuring business continuity, fault tolerance, and disaster recovery.
  • Summarise application and coding vulnerabilities and identify development and deployment methods designed to mitigate them.


  • Percentages indicate approximate weight given to each topic in the exam.

    View full course content

    Module 1 / Threats, Attacks, and Vulnerabilities
  • Indicators of Compromise

  • Why is Security Important?
  • Security Policy
  • Threat Actor Types
  • The Kill Chain
  • Social Engineering
  • Phishing
  • Malware Types
  • Trojans and Spyware
  • Open Source Intelligence

  • Labs:

  • VM Orientation
  • Malware Types

  • Critical Security Controls

  • Security Control Types
  • Defence in Depth
  • Frameworks and Compliance
  • Vulnerability Assessments and Pen tests
  • Security Assessment Techniques
  • Pen Testing Concepts
  • Vulnerability Scanning Concepts
  • Exploit Frameworks

  • Labs:

  • Using Vulnerability Assessment Tools

  • Security Posture Assessment Tools

  • Topology Discovery
  • Service Discovery
  • Packet Capture & Packet Capture Tools
  • Remote Access Trojans
  • Honeypots and Honeynets

  • Labs:

  • Using Network Scanning Tools 1
  • Using Network Scanning Tools 2
  • Using Steganography Tools

  • Incident Response:

  • Incident Response Procedures
  • Preparation Phase
  • Identification Phase
  • Containment Phase
  • Eradication and Recovery Phases


  • Module 2 / Identity and Access Management
  • Cryptography

  • Uses of Cryptography
  • Cryptographic Terminology and Ciphers
  • Cryptographic Products
  • Hashing Algorithms
  • Symmetric Algorithms
  • Asymmetric Algorithms
  • Diffie-Hellman and Elliptic Curve
  • Transport Encryption
  • Cryptographic Attacks

  • Labs:

  • Implementing Public Key Infrastructure

  • Public Key Infrastructure (PKI)

  • PKI Standards
  • Digital Certificates
  • Certificate Authorities
  • Types of Certificate
  • Implementing PKI
  • Storing and Distributing Keys
  • Key Status and Revocation
  • PKI Trust Models
  • PGP / GPG

  • Labs:

  • Deploying Certificates and Implementing Key Recovery

  • Identification and Authentication:

  • Access Control Systems
  • Identification
  • Authentication
  • LAN Manager / NTL
  • Kerberos
  • PAP, CHAP, and MS-CHAP
  • Password Attacks
  • Token-based Authentication
  • Biometric Authentication
  • Common Access Card

  • Labs:

  • Using Password Cracking Tools

  • Identity and Access Services:

  • Authorization
  • Directory Services
  • RADIUS and TACACS+
  • Federation and Trusts
  • Federated Identity Protocols

  • Account Management:

  • Formal Access Control Models
  • Account Types
  • Windows Active Directory
  • Creating and Managing Accounts
  • Account Policy Enforcement
  • Credential Management Policies
  • Account Restrictions
  • Accounting and Auditing

  • Labs:

  • Using Account Management Tools

  • Module 3 / Architecture and Design (1)
  • Secure Network Design

  • Network Zones and Segments
  • Subnetting
  • Switching Infrastructure
  • Switching Attacks and Hardening
  • Endpoint Security
  • Network Access Control
  • Routing Infrastructure
  • Network Address Translation
  • Software Defined Networking

  • Labs:

  • Implementing a Secure Network Design

  • Firewalls and Load Balancers:

  • Basic Firewalls
  • Stateful Firewalls
  • Implementing a Firewall or Gateway
  • Web Application Firewalls
  • Proxies and Gateways
  • Denial of Service Attacks
  • Load Balancers

  • Labs:

  • Implementing a Firewall

  • IDS and SIEM:

  • Intrusion Detection Systems
  • Configuring IDS
  • Log Review and SIEM
  • Data Loss Prevention
  • Malware and Intrusion Response

  • Labs:

  • Using an Intrusion Detection System

  • Secure Wireless Access:

  • Wireless LANs
  • WEP and WPA
  • Wi-Fi Authentication
  • Extensible Authentication Protocol
  • Additional Wi-Fi Security Settings
  • Wi-Fi Site Security
  • Personal Area Networks

  • Physical Security Controls:

  • Site Layout and Access
  • Gateways and Locks
  • Alarm Systems
  • Surveillance
  • Hardware Security
  • Environmental Controls


  • Module 4 / Architecture and Design (2)
  • Secure Protocols and Services

  • DHCP Security
  • DNS Security
  • Network Management Protocols
  • HTTP and Web Servers
  • SSL / TSL and HTTPS
  • Web Security Gateways
  • Email Services
  • S/MIME
  • File Transfer
  • Voice and Video Services (VoIP and VTC)

  • Labs:

  • Implementing Secure Network Addressing Services
  • Configuring a Secure Email Service

  • Secure Remote Access:

  • Remote Access Architecture
  • Virtual Private Networks
  • IPSec
  • Remote Access Servers
  • Remote Administration Tools
  • Hardening Remote Access Infrastructure

  • Labs:

  • Implementing a Virtual Private Network

  • Secure Systems Design:

  • Trusted Computing
  • Hardware / Firmware Security
  • Peripheral Device Security
  • Secure Configurations
  • OS Hardening
  • Patch Management
  • Embedded Systems
  • Security for Embedded Systems

  • Secure Mobile Device Services

  • Mobile Device Deployments
  • Mobile Connection Methods
  • Mobile Access Control Systems
  • Enforcement and Monitoring

  • Secure Virtualization and Cloud Services

  • Virtualization Technologies
  • Virtualization Security Best Practices
  • Cloud Computing
  • Cloud Security Best Practices


  • Module 5 / Risk Management
  • Forensics:

  • Forensic Procedures
  • Collecting Evidence
  • Capturing System Images
  • Handling and Analysing Evidence

  • Labs:

  • Using Forensic Tools

  • Disaster Recovery and Resiliency:

  • Continuity of Operations Plans
  • Disaster Recovery Planning
  • Resiliency Strategies
  • Recovery Sites
  • Backup Plans and Policies
  • Resiliency and Automation Strategies

  • Risk Management:

  • Business Impact Analysis
  • Identification of Critical Systems
  • Risk Assessment
  • Risk Mitigation

  • Secure Application Development:

  • Application Vulnerabilities
  • Application Exploits
  • Web Browser Exploits
  • Secure Application Design
  • Secure Coding Concepts
  • Auditing Applications
  • Secure DevOps

  • Labs:

  • Identifying a Man-in-the-Browser Attack

  • Organizational Security:

  • Corporate Security Policy
  • Personnel Management Policies
  • Interoperability Agreements
  • Data Roles
  • Data Sensitivity Labelling and Handling
  • Data Wiping and Disposal
  • Privacy and Employee Conduct Policies
  • Security Policy Training


  • What’s included in this course?

  • Full course materials;
  • A professional training venue;
  • Final exam preparation with example practice questions; and
  • A certificate of attendance.


  • What equipment should I bring?

    Our course materials are provided as a PDF with comments enabled. You should bring a laptop or tablet with you should you wish to make notes.

    Course duration and times

    5 days
    Course locations:
    Birmingham, Edinburgh, Leeds, London and Manchester.

    How to book

    Once purchased one of our team will contact you to finalise your booking arrangements and confirm a suitable date and location for your course.

    Alternatively, you can call us on 0333 800 7000 to make your booking.

    CPD/CPE points

    This course

    Enquire

    Start date Location / delivery
    24 Aug 2021 United Kingdom Book now

    Related article

    The CISSP exam is now updated to reflect the most pertinent issues facing today’s cybersecurity professionals, along with the best practices for mi...