.

City College of San Francisco
CNIT 120
Security + Guide Network Security Fundamentals

 

TextBook:

CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide

 

CNIT 120 Syllabus

Syllabus and Table of Contents

CompTIA Security +

Chapter 1
Mastering Security Basics

                Understanding Core Security Goals
                Confidentially
                Encryption
                Integrity
                Availability
                Introducing Basic Risk Concepts
                Comparing Identification, Authentication, and Authorization
                Verifying Identities with identity Proofing
                Comparing Authentication Factors
                Dual-Factor and Multifactor Authentication
                Summarizing Identification Methods
                Comparing Authentication Services
                Single Sign-on
                Authentication RAS Clients
                AAA Protocols

Chapter 2
Exploring Control Types and Methods

                Understanding Control Types
                Control Implementation Methods
                Control Goals
                Combining Control Types and Goals
                Comparing Physical Security Controls
                Implementing Logical Access Controls
                Group Policy
                Managing Accounts
                Credential management
                Comparing Access Control Models
                Role-Based Access Control
                Using Roles Based on Job and Functions
                Rule-Bases Access Control
                Mandatory Access Control

Chapter 3
Understanding Basic network Security

                Reviewing Basic Network Concepts
                Protocols
                Common TCP/IP Protocols
                Understanding DNS
                Understanding and Identifying Ports
                Understanding Basic Network Devices
                Hub
                Switch
                Router
                Firewall
                Network Separation
                Protecting the Network Perimeter
                DMZ
                Identifying OSI Relevance
                Understanding the Layers

Chapter 4
Securing Your Network

                Understanding IDS and IPSs
                Detection Methods
                Honeypots and Honeynets
                Securing Wireless Networks
                Reviewing Wireless Basics
                WAPS and Wireless Routers
                Security Protocols
                Hot Spots and Isolation Mode
                Other Security Concerns
                War Driving
                Rogue Access Points
                Evil Twins
                Jamming and Interference
                Near Field Communication Attacks
                Bluetooth Wireless
                Exploring Remote Access
                Telephony
                Dial-Up RAS
                VPNs and VPN Concentrators
                Connecting via Remote Access

Chapter 5
Securing Hosts and Data

                Implementing Host Security
                OS and Application Hardening
                Using Baselines
                Trusted OS
                Understanding Virtualization
                Implementing Patch Management
                Mitigating Risk in Static Environments
                Securing Mobile Devices
                Application Security
                Protecting Data
                Comparing Data Categories
                Protecting Confidentiality with Encryption
                Software-Based Encryption
                Hardware-Based Encryption
                Understanding SANs
                Fiber Channel
                iSCSi
                FCoE
                Handing Big Data
                Understanding Cloud-Computing

Chapter 6
Understanding Malware and Social Engineering

                Understanding Malware Types
                Viruses
                Ransomware
                Rootkits
                Spyware
                Adware
                Recognizing Common Attacks
                Social Engineering
              Recognizing Other Attacks
              Blocking Malware and Other Attacks
              Protecting Systems with Anti-Malware Software
              Educating Users

Chapter 7
Identifying Advanced Attacks

             Comparing Common Attacks
             Spoofing
             Man in the Middle Attacks
             Replay Attacks
             Password Attacks
             DNS Attacks
             ARP Poisoning Attacks
             Zero-Day Attacks
             Web Browser Concerns
           Understanding Secure Coding Concepts
           Identifying Application Attacks
           Buffer Overflows and Buffer Overflow Attacks
           SQL Queries and SQL Injection Attacks
           NoSQL Queries and SQL Injection Attacks

Chapter 8
Managing Risk

             Identifying Risk
             Threats and Threat Vectors
             Vulnerabilities
             Risk management
            Checking for Vulnerabilities
             Anatomy of an Attack
             Vulnerability Assessment
             Credentialed Versus Noncredentialed
             Intrusive Versus Nonintrusive Testing
             Identifying Security Tools
             Sniffing with a Protocol Analyzer
             Monitoring Events with Logs

Chapter 9
Preparing for Business Continuity

              Adding Redundancy
              Single Point of Failure
              Disk Redundancies
              Server Redundancy
              Power Redundancies
              Protecting Data with Backups
              Comparing Backup Types
              Testing Backups
              Comparing Business Continuity Elements
              Business Impact Analysis
              Continuity of Operations
              Hot Site
              Disaster Recovery
              Implementing Environmental Controls
              Heating, Ventilation, and Air Conditioning
              Fire Suppression
              Environmental Monitoring

Chapter 10
Understanding Cryptography

             Introducing Cryptography Concepts
             Providing Integrity with Hashing
             Providing Confidentiality with Encryption
             Symmetric Encryption
             Asymmetric Encryption
             Certificates
             RSA
             Diffie-Hellam
             Steganography
             Using Cryptographic Protocols
             Protecting Email
             Transport Encryption
             Encrypting HTTPS Traffic with SSl or TLS

Chapter 11
Exploring Operational Security

             Exploring Security Policies
             Personal Policies
             Account Management Policies
             Change Management Policy
             Data Policies
             Wiping Files
             Responding to Incidents
             Implementing Basic Forensic Procedures
             Raising Security Awareness 

Major Learning Outcome

A. Assess areas of security concern, recognize security risks and compare internal

and external tl;lreats to data and services.

B. Compare and contrast the different methods for securing shared resources.

C. Evaluate various anti-virus software programs, and compare to software and

hardware firewalls.

D. Classify types of firewalls, including Network Address Translation (NAT).

E. Choose appropriate wireless security procedures to address risks.

F. Develop a viable plan for disaster recovery including backed up data.