Enquire about this course
Tests your skills and knowledge to install and configure systems to secure devices, applications and networks. Learn how to troubleshoot security events and incidents.
Format: Training Course
Train without the travel with our instructor-led online or classroom/online combination courses giving you all the benefits of classroom study without the hassle, uncertainty and cost of travel. The classroom/online courses offer you the option to attend in person or online, if circumstances change. Successful completion of the course and included exam leads to the CompTIA Security+ certification.
Training course outline
CompTIA Security+ is an internationally recognised qualification that demonstrates that individuals have the knowledge required to identify security risks, participate in risk mitigation activities, and deliver infrastructure, application, and operational security.
It also confirms that the holder can apply security controls to maintain confidentiality, integrity and availability, identify appropriate technologies, troubleshoot security incidents, and operate with an awareness of applicable policies, laws and regulations.
CompTIA Security+ course benefits
Globally recognised course
Globally recognised qualification by employers in over 147 countries.
Gain a popular qualification
Strong demand for qualified information security professionals.
Advance your career
Enhanced career advancement in an existing organisation.
Boost your potential
Higher salaries and remuneration.
Who should attend this course?
IT professionals who wish to build on their existing knowledge of IT networks and develop a career as an information security professional. It is also suitable for existing information security professionals who wish to gain an industry-recognised qualification.
Your Learning Path
Find out how the CompTIA Security+ Training Course will help you start or enhance your knowledge and career.
This course is an essential component of the following learning path:
Cyber Security roles
What does this course cover?
Identify network attack strategies and defences. Understand the principles of organisational security and the elements of effective security policies. Know the technologies and uses of cryptographic standards and products. Identify network- and host-based security technologies and practices. Describe how wireless and remote access security is enforced. Describe the standards and products used to enforce security on web and communications technologies. Identify strategies for ensuring business continuity, fault tolerance, and disaster recovery. Summarise application and coding vulnerabilities and identify development and deployment methods designed to mitigate them.
Percentages indicate approximate weight given to each topic in the exam.
View full course content
Module 1 / Threats, Attacks, and Vulnerabilities
Indicators of Compromise
Why is Security Important? Security Policy Threat Actor Types The Kill Chain Social Engineering Phishing Malware Types Trojans and Spyware Open Source Intelligence
VM Orientation Malware Types
Critical Security Controls
Security Control Types Defence in Depth Frameworks and Compliance Vulnerability Assessments and Pen tests Security Assessment Techniques Pen Testing Concepts Vulnerability Scanning Concepts Exploit Frameworks
Using Vulnerability Assessment Tools
Security Posture Assessment Tools
Topology Discovery Service Discovery Packet Capture & Packet Capture Tools Remote Access Trojans Honeypots and Honeynets
Using Network Scanning Tools 1 Using Network Scanning Tools 2 Using Steganography Tools
Incident Response Procedures Preparation Phase Identification Phase Containment Phase Eradication and Recovery Phases
Module 2 / Identity and Access Management Cryptography
Uses of Cryptography Cryptographic Terminology and Ciphers Cryptographic Products Hashing Algorithms Symmetric Algorithms Asymmetric Algorithms Diffie-Hellman and Elliptic Curve Transport Encryption Cryptographic Attacks
Implementing Public Key Infrastructure
Public Key Infrastructure (PKI)
PKI Standards Digital Certificates Certificate Authorities Types of Certificate Implementing PKI Storing and Distributing Keys Key Status and Revocation PKI Trust Models PGP / GPG
Deploying Certificates and Implementing Key Recovery
Identification and Authentication:
Access Control Systems Identification Authentication LAN Manager / NTL Kerberos PAP, CHAP, and MS-CHAP Password Attacks Token-based Authentication Biometric Authentication Common Access Card
Using Password Cracking Tools
Identity and Access Services:
Authorization Directory Services RADIUS and TACACS+ Federation and Trusts Federated Identity Protocols
Formal Access Control Models Account Types Windows Active Directory Creating and Managing Accounts Account Policy Enforcement Credential Management Policies Account Restrictions Accounting and Auditing
Using Account Management Tools
Module 3 / Architecture and Design (1)
Secure Network Design
Network Zones and Segments Subnetting Switching Infrastructure Switching Attacks and Hardening Endpoint Security Network Access Control Routing Infrastructure Network Address Translation Software Defined Networking
Implementing a Secure Network Design
Firewalls and Load Balancers:
Basic Firewalls Stateful Firewalls Implementing a Firewall or Gateway Web Application Firewalls Proxies and Gateways Denial of Service Attacks Load Balancers
Implementing a Firewall
IDS and SIEM:
Intrusion Detection Systems Configuring IDS Log Review and SIEM Data Loss Prevention Malware and Intrusion Response
Using an Intrusion Detection System
Secure Wireless Access:
Wireless LANs WEP and WPA Wi-Fi Authentication Extensible Authentication Protocol Additional Wi-Fi Security Settings Wi-Fi Site Security Personal Area Networks
Physical Security Controls:
Site Layout and Access Gateways and Locks Alarm Systems Surveillance Hardware Security Environmental Controls
Module 4 / Architecture and Design (2)
Secure Protocols and Services
DHCP Security DNS Security Network Management Protocols HTTP and Web Servers SSL / TSL and HTTPS Web Security Gateways Email Services S/MIME File Transfer Voice and Video Services (VoIP and VTC)
Implementing Secure Network Addressing Services Configuring a Secure Email Service
Secure Remote Access:
Remote Access Architecture Virtual Private Networks IPSec Remote Access Servers Remote Administration Tools Hardening Remote Access Infrastructure
Implementing a Virtual Private Network
Secure Systems Design:
Trusted Computing Hardware / Firmware Security Peripheral Device Security Secure Configurations OS Hardening Patch Management Embedded Systems Security for Embedded Systems
Secure Mobile Device Services
Mobile Device Deployments Mobile Connection Methods Mobile Access Control Systems Enforcement and Monitoring
Secure Virtualization and Cloud Services
Virtualization Technologies Virtualization Security Best Practices Cloud Computing Cloud Security Best Practices
Module 5 / Risk Management
Forensic Procedures Collecting Evidence Capturing System Images Handling and Analysing Evidence
Using Forensic Tools
Disaster Recovery and Resiliency:
Continuity of Operations Plans Disaster Recovery Planning Resiliency Strategies Recovery Sites Backup Plans and Policies Resiliency and Automation Strategies
Business Impact Analysis Identification of Critical Systems Risk Assessment Risk Mitigation
Secure Application Development:
Application Vulnerabilities Application Exploits Web Browser Exploits Secure Application Design Secure Coding Concepts Auditing Applications Secure DevOps
Identifying a Man-in-the-Browser Attack
Corporate Security Policy Personnel Management Policies Interoperability Agreements Data Roles Data Sensitivity Labelling and Handling Data Wiping and Disposal Privacy and Employee Conduct Policies Security Policy Training
What’s included in this course?
Full course materials; A professional training venue; Final exam preparation with example practice questions; and A certificate of attendance.
What equipment should I bring?
Our course materials are provided as a PDF with comments enabled. You should bring a laptop or tablet with you should you wish to make notes.
Course duration and times
Birmingham, Edinburgh, Leeds, London and Manchester.
How to book
Once purchased one of our team will contact you to finalise your booking arrangements and confirm a suitable date and location for your course.
Alternatively, you can call us on 0333 800 7000 to make your booking.