Security+

Content

1. Mitigating Threats

Core system maintenance

• Identifying common security threats
• Updating the operating system
• Managing software patches
• Installing service packs
• Determining whether you need to update your computer's BIOS
• Configuring Windows Firewall

Virus and spyware management

• Installing antivirus software
• Scanning your system for spyware
• Configuring Windows Mail to prevent spam

Browser security

• Managing pop-ups
• Managing cookie
• Managing scripting, Java, and ActiveX components
• Examining input validation, buffer overflows, and XSS

Social engineering threats

• Discussing social engineering
• Examining phishing

2. Cryptography

Symmetric cryptography

• Encrypting and decrypting data
• Calculating hashes
• Sharing a secret message with steganography

Public key cryptography

• Exploring public key cryptography
• Examining certificates
• Examining certificate trusts
• Comparing single- and dual-sided certificates
• Mapping algorithms to applications

3. Authentication Systems

Authentication

• Identifying the components of authentication
• Comparing one-, two-, and three-factor authentication
• Capturing passwords with a protocol analyzer
• Installing Active Directory Services
• Joining a domain

Hashing

• Hashing data
• Cracking passwords

Authentication systems

• Identifying the requirements of a secure authentication system
• Examining the components of Kerberos
• Examining null sessions
• Comparing authentication systems

4. Messaging Security

E-mail security

• Identifying the security risks of an e-mail system
• Configuring security on an e-mail server
• Digitally signing a message
• Sending an encrypted message

5. User and Role-Based Security

Security policies

• Creating a console to manage local security policies
• Using the GPMC
• Implementing domain GPOs
• Analyzing a Windows Vista computer's security

Securing file and print resources

• Creating users and groups based on security needs
• Securing file resources
• Securing printer resources

6. Public Key Infrastructure (PKI)

Key management and life cycle

• Understanding certificate life cycle and management

Setting up a certificate server

• Installing a stand-alone root certificate authority (CA)
• Installing an enterprise subordinate CA
• Implementing a file-based certificate request
• Managing your certificate server
• Side trip: Granting the log on locally right
• Requesting a user certificate
• Revoking a certificate
• Enabling the EFS recovery agent template
• Enrolling for a recovery agent certificate
• Enabling key archival
• Re-enrolling all certificates

Web server security with PKI

• Requesting and installing a web server certificate
• Enabling SSL for the certificate server web site
• Making a secure connection
• Requesting a client certificate via the web

7. Access Security

Biometric systems

• Identifying biometric authentication systems
• Installing a fingerprint reader
• Physical access security

Identifying the risks associated with physical access to systems

• Examining logging and surveillance best practices

Peripheral and component security

• Identifying the risks associated with common peripherals
• Mitigating security risks of peripherals

Storage device security

• Enabling file-based encryption
• Enabling whole disk encryption systems (optional)
• 8. Ports and Protocols
• TCP/IP review

Examining protocols in the TCP/IP suite

• Comparing IPv4 and IPv6 packets

Protocol-based attacks

• Preventing common protocol-based attacks
• Assessing your vulnerability to DDoS attacks
• Port scanning
• Checking ARP cache
• Examining spoofing attacks
• Examining replay and hijacking attacks
• Examining antiquated protocols

9. Network Security

Common network devices

• Examining switches and bridges
• Examining routers
• Examining NAT/PAT devices
• Examining firewalls and proxy servers
• Identifying inherent weaknesses in network devices
• Examining the ways to overcome device threats

Secure network topologies

• Comparing firewall-based secure topologies
• Identifying the benefits of NAC
• Examining the security enabled by VPNs

Browser-related network security

• Configuring the Phishing Filter
• Setting security zones
• Setting privacy options

Virtualization

• Exploring the benefits of virtualization technologies

10. Wireless Security

• Wi-Fi network securit
• Identifying wireless networking vulnerabilities
• Scanning for insecure access points
• Installing third-party router firmware
• Configuring basic router security
• Enabling transmission encryption

Non-PC wireless devices

• Identifying cell phone and PDA-related threats

11. Remote Access Security

Remote access

• Examining RADIUS and Diameter authentication
• Examining the role of LDAP in a remote access environment
• Examining TACACS+ authentication
• Examining how 802.1x adds security to your network
• Installing Network Policy and Access Services
• Configuring an NPS network policy
• Configuring NPS accounting

Virtual private networks

• Comparing VPN protocols
• Installing Routing and Remote Access Services
• Enabling a VPN

Configuring NPS to provide RADIUS authentication for your VPN

• Making a VPN connection

12. Auditing, Logging, and Monitoring

System logging

• Viewing event logs
• Discussing device and application logging

Server monitoring

• Monitoring with Performance Monitor
• Running a Data Collector Set
• Viewing a Data Collector Set report
• Considering auditing policies and practices

13. Vulnerability Testing

Risk and vulnerability assessment

• Analyzing risks
• Installing the MBSA
• Analyzing your system with the MBSA
• Downloading and installing OVAL
• Downloading an OVAL XML file
• Scanning with OVAL
• Downloading and installing Nessus
• Scanning with Nessus

IDS and IPS

• Discussing IDS characteristics
• Installing and monitoring with the Snort IDS
• Comparing HIDS and NIDS
• Examining the role and use of honeypots

Forensics

• Examining the forensics process
• 14. Organizational Security

Organizational policies

• Creating a security policy
• Creating a human resources policy
• Creating an incidence response and reporting policy
• Implementing change management

Education and training

• Identifying the need for user education and training
• Identifying education opportunities and method
• Disposal and destruction
• Deciding whether to destroy or dispose of IT equipment

15. Business Continuity

Redundancy planning

• Identifying the need for and appropriate use of redundancy
• Creating a disaster recovery plan

Backups

• Selecting backup schemes
• Backing up data
• Restoring data
• Identifying appropriate media rotation and storage plans

Environmental controls

• Examining environmental controls