TRAINING SECURITY+ COMPTIA

Training Keamanan Komputer

Training Cyber Security

COURSE DESCRIPTION

The CompTIA Security+ Certification is a vendor neutral credential. The CompTIA Security+ exam is an internationally recognized validation of foundation-level security skills and knowledge, and is used by organizations and security professionals around the globe.

The CompTIA Security+ exam will certify that the successful candidate has the knowledge and skills required to identify risk and participate in risk mitigation activities, provide infrastructure, application, operational and information security, apply security controls to maintain confidentiality, integrity and availability, identify appropriate technologies and products, and operate with an awareness of applicable policies, laws and regulations.

CompTIA Security+ is accredited by ANSI to show compliance with the ISO 17024 Standard and, as such, undergoes regular reviews and updates to the exam objectives. The following CompTIA Security+ objectives reflect the subject areas in this edition of this exam, and result from subject matter expert workshops and industry-wide survey results regarding the skills and knowledge required of an information security professional with two years of experience.

TARGET AUDIENCE

IT Specialist, InfoSec, Risk Manager/Analyst, Security architect, ISSO, Penetration Tester/Ethical Hacker

COURSE MODULES

Module 1:  Network Security

1.1 Explain the security function and purpose of network devices and

technologies

1.2 Apply and implement secure network administration principles

1.3 Distinguish and differentiate network design elements and components

1.4 Implement and use common protocols

1.5 Identify commonly used default network ports

1.6 Implement wireless network in a secure manner

Module 2 : Compliance and Operational Security

2.1 Explain risk related concepts

2.2 Carry out appropriate risk mitigation strategies

2.3 Execute appropriate incident response procedures

2.4 Explain the importance of security related awareness and training

2.5 Compare and contrast aspects of business continuity

2.6 Explain the impact and proper use of environmental controls

2.7 Execute disaster recovery plans and procedures

2.8 Exemplify the concepts of confidentiality, integrity and availability (CIA)

Module 3 : Threats and Vulnerabilities

3.1 Analyze and differentiate among types of malware

3.2 Analyze and differentiate among types of attacks

3.3 Analyze and differentiate among types of social engineering attacks

3.4 Analyze and differentiate among types of wireless attacks

3.5 Analyze and differentiate among types of application attacks

3.6 Analyze and differentiate among types of mitigation and deterrent techniques

3.7 Implement assessment tools and techniques to discover security threats and

vulnerabilities

3.8 Within the realm of vulnerability assessments, explain the proper use of

penetration testing versus vulnerability scanning

Module 4 : Application, Data and Host Security

4.1 Explain the importance of application security

4.2 Carry out appropriate procedures to establish host security

4.3 Explain the importance of data security

Module 5 : Access Control and Identity Management

5.1 Explain the function and purpose of authentication services

5.2 Explain the fundamental concepts and best practices related to

authentication,authorization and access control

5.3 Implement appropriate security controls when performing account

management

Module 6 : Cryptography

6.1 Summarize general cryptography concepts

6.2 Use and apply appropriate cryptographic tools and products

6.3 Explain the core concepts of public key infrastructure

6.4 Implement PKI, certificate management and associated components