The CompTIA Security+ Certification is a vendor neutral credential. The CompTIA Security+ exam is an internationally recognized validation of foundation-level security skills and knowledge,and is used by organizations and security professionals around the globe.
The CompTIA Security+ exam will certify that the successful candidate has the knowledge and skills required to identify risk, to participate in risk mitigation activities, and to provide infrastructure, application, information, and operational security. In addition, the successful candidate will apply security controls to maintain confidentiality, integrity, and availability, identify appropriate technologies and products, troubleshoot security events and incidents, and operate with an awareness of applicable policies, laws, and regulations.
1.0 Network Security
1.1 Implement security configuration parameters on network devices and other technologies.
Web security gateways
NIDS and NIPS
1. Behavior based
2. Signature based
3. Anomaly based
UTM security appliances
1. URL filter
2. Content inspection
3. Malware inspection
Web application firewall vs. network firewall
Application aware devices
1.2 Given a scenario, use secure network administration principles.
Secure router configuration
Access control lists
Unified Threat Management
1.3 Explain network design elements and components.
Platform as a Service
Software as a Service
Infrastructure as a Service
Layered security / Defense in depth
1.4 Given a scenario, implement common protocols and services.
1.5 Given a scenario, troubleshoot security issues related to wireless networking.
Disable SSID broadcast
Power level controls
VPN (over open wireless)
2.0 Compliance and Operational Security
2.1 Explain the importance of risk related concepts.