Time-on-Task: 60 hours
Courses may be completed in as little as a few short weeks, or up to 6 months.
Your success throughout your online course experience will be represented digitally within a badge. The badge will show your employers and professional network your qualifications as well as course materials you mastered.
This course prepares you to sit for the certification exam.
This course provides students with the basic knowledge and skills necessary to become an IT security professional. This course is designed to fully prepare students to sit for and pass the CompTIA S+ certification exam. Students will gain the knowledge and skills necessary to identify risk and participate in risk mitigation activities as well as provide infrastructure, application, operational and information security. They will also acquire the knowledge necessary to apply security controls to maintain confidentiality, integrity and availability, as well as how to identify appropriate technologies and products. Finally, students will gain an awareness of applicable policies, laws and regulations with regard to IT security.
- Describe common risks, vulnerabilities and controls.
- Explain the triple constraint of information security.
- Analyze and differentiate between types of malware and attacks.
- Identify risks for common system hardware and peripherals.
- Describe principles of software, data and host security.
- Implement OS hardening procedures.
- Identify common types of programming attacks.
- Implement secure browsing practices.
- Describe security vulnerabilities unique to virtualized environments.
- Explain the purpose and vulnerabilities of common network devices.
- Identify and secure common ports and protocols.
- Describe security concerns unique to cloud computing environments.
- Identify IDS and IPS solutions for host and network defense.
- Describe the differences between identification, authentication and authorization in Access Control.
- Identify various methods for access authentication.
- Implement logical access control methods.
- Distinguish between discretionary, mandatory, rule-based and role-based access control implementations.
- Identify various types of risk management strategies (transfer, accept, mitigate, eliminate).
- Distinguish between management, technical and operational controls.
- Calculate risk using subjective and objective measures.
- Implement compliance audits for common security controls.
- Explain the difference between penetration testing and vulnerability scanning.
- Distinguish between symmetric and asymmetric forms of encryption.
- Explain the use of public-key/private-key pairs to encrypt and decrypt a secure message.
- Identify common security protocols (SSH, SSL, IPSec).
- Explain basic hashing concepts.
- Distinguish between types of tickets, keys and certificate authorities in a PKI.
- Distinguish between business continuity and disaster recovery objectives and timeframes.
- Implement common backup rotation cycles.
- Identify various types of redundant hardware and backup sites.
- Recognize various types of environmental control solutions.
- Identify RAID configurations for common availability and redundancy requirements.