This course is designed to provide students and professionals with knowledge of the CyberSecurity principles and techniques employed in securing information and networks, as well as architectures for providing highly available and dependable services. CyberSecurity certification is highly recognized around the world and server as entry point for IT Specialist to move in to areas such as Incident Response Analyst, Security Engineering, Information Assurance Technician (IAT). An important aspect of securing information is to understand the scenario fully and be able to identify critical assets, requirements and business processes. To this end, the course covers security and strategies as well as information policies for the securing of all information.
It is expected that, by the end of the course, students/professional will be able to complete a brief security assessment of an organization, identifying critical assets and processes; identify and implement a Security Policy and Information Policy; evaluate the security risks presented by computer networks; describe data encryption suitable for encrypting. Explaining the role of firewalls in securing a network; identify the specify network components required for a highly available and dependable network and authentication mechanisms.
The course will, in general, consist of taught lectures during the specified period and lab-based, hands-on exercises. Students/professionals will be expected to complete additional, self-paced learning outside the taught portion of the course to become familiar with the technologies introduced. Some practical exercises will be completed in a virtualised environment, to enable students use certain security tools safely.
After the completion of this course a level of competence in the following skills should be achieved.
|Information Technology||Gathering, preparing and presenting information in document form on secure and dependable technologies.|
|Problem Solving||Delivering a practical solution to a real-world problem. Dealing with a combination of routine and non-routine tasks or problems.|
|Research||Use of a variety of information sources and additional learning required to deliver a cutting edge and appropriate solution.|
|Presentation||Oral presentation and group work in an organised debate.|
|Interpersonal||Obtaining knowledge and data on a scenario from those involved in its design and maintenance.|
|Team Work||An appreciation of the team required to deliver a solution such as that proposed in the assessment. Producing a presentation in a team to present for a debate.|
1. Knowledge in Networking, or
2. 1+ years of experience in the field with College Degree/High School Diploma
3. Recommend that candidates have some background in Windows Operating System and familiar with personal computers.
Security Domain Covered
- Security Overview & Administration Principles
- Network Security
- Threats and Vulnerabilities
- Network and Components devices
- Understanding Authentication Protocols
- Incident Response
Exam and certification requirements
- Registration: Students must register for and schedule a time to take the
- CompTIA certification exam at a center.
- Required Exams · You need to pass one Exam SYO-501
- Exam Format · Multiple Choice, drag-and-drop, simulation
- 90 minutes
- 90 questions
- Passing Score · 720 out of 1000
- One Exam fee
After the completion of this course a level of competence in the following skills should be achieved
|Define Security Terminology||Explain the purpose and goals of Network security policies and outline various Security Threats|
|Authentication||Understand the need for authentication and development of authentication devices. Kerberos, CHAP, Digital certificates, Tokens, Biometrics, and multi-factor authentication|
|Attacks Detection||Identify major types of attacks and malicious codes that affect the CIA of networks. Discuss business impact of security along with counter measures and best practices used to prevent or mitigate the effect of attacks and malicious codes.|
|Remote Access||Understanding the concepts and best practices for remote access, including most used authentication protocols _802.1x, Radius and TACACS+) and tunnelling technologies ( PPTP, IPSEC and Secure Shell).|
|Analysing Email Vulnerabilities||Understanding email Vulnerabilities and how to safe guard against them and benefits of PGP and S/MIME|
|Web Security||Identifying web security issues SSl/TLC protocols, HTTPS as it relates top SSL, Java Script, Buffer overflow, cookies, SMTP most commonly exploited by attackers.|
|LADP Configuration||LADP services used in a centralized enterprise directory infrastructure. FTP Vulnerabilities and the risk of posed to network by unmonitored file shares applications.|
|Wireless Attacks||Explanation of 802.11x vulnerabilities, naming conventions and site surveys|
|Network Devices||Identify the roles of major networking devices, including routers, switches and firewall technology. Explain VPN technologies, discuss IDS and network monitoring|
|Security Baselines||Best practices for Operating system, File system, Network work station and server hardening practices.|
|Cryptography||Basic concepts of digital signatures, and PKI certificates, policies and procedures surrounding them|
|Disaster Recovery||Outline critical process of DR planning along with procedures and policies an organization should employ to reduce the impact of disasters.|
|Computer Forensics||Understand the rules of evidence gathering, the detection and prosecution of network- related damage and crime and discuss risk and identification, education and documentation.|