Here’s what you’ll learn in each video of the CompTIA Security+ Series:
Video 1 – “Introduction to the Security+ 2008 Series” – In this introductory movie you will find out about the six domains of the Security+ Exam, the Security+ certification and the information to be covered in this series.
Video 2 – “Evaluating Common Security Threats” – In this nugget you will get an overview of common security threats such as various forms of malware, spyware, adware, botnets and logic bombs. You will also learn about security risks to hardware and peripherals.
Video 3 – “Operating System Hardening” – You will really enjoy this nugget as you explore the procedures for hardening workstations and servers. Topics include: hotfixes, service packs, security templates, patches, and more.
Video 4 – “Application Security” – This nugget of the Security+ series covers methodologies for establishing application security. You will learn about Active X and Java, ****ies, instant messaging, P2P file-sharing, SMTP open relays, scripting, and XSS.
Video 5 – “Implementing Security Applications” – This nugget is a broad overview of functionality of the common application threat mitigation tools like HIDS, HIPS, personal firewalls, security suites, Antivirus, anti-spam. and pop-up blockers.
Video 6 – “Network Infrastructure Attacks (Part 1)” – This nugget will differentiate between the different ports and protocols, their threats and mitigation techniques. Concepts include: TCP/IP hijacking, Null sessions, Spoofing, Man-in-the-middle, Replay, DOS, DDOS, Domain Name Kiting, DNS poisoning, ARP poisoning, weak passwords, back doors, and default account vulnerability.
Video 7 – “Network Infrastructure Attacks (Part 2)” – This is a step-by-step exploration of DMZs, VLAN, NAT, Network interconnections, NAC, and subnetting.
Video 8 – “Network Design Elements and Components” – In this nugget, you will get an overview of security design elements and components.
Video 9 – “Network Security Tools” – This nugget presents the appropriate use and application of network security tools such as NIDS, NIPS, Firewalls, Proxy servers, Honeypot, Content filters, and Protocol analyzers.
Video 10 – “Wireless Network Security” – This very interesting nugget takes on the topic of wireless networking security including data emanation, war driving, SSID broadcast, Blue jacking, Bluesnarfing, Rogue access points and weak encryption.
Video 11 – “Access Control (Part 1)” – Probably one of the most vital aspects of network security is access control. This nuggets teaches you how to identify and apply industry best practices for access control methods. You explore common access control models like MAC, DAC, and RBAc as well as the differences between each. You’ll learn how to organize users and computers into appropriate security groups and roles, apply appropriate security controls to file and print resources, and compare logical access control methods.
Video 12 – “Access Control (Part 2)” – Taking up where Access Control Part 1 leaves off, this nugget presents various authentication models and identify the components of each – such as Biometric readers, RADIUS, TACACS, RAS, VPN, Kerberos, CHAP, 802.1x and much more. We also explore physical access security methods including tokens, surveillance, and man-traps.
Video 13 – “Assessments and Audits (Part 1)” – This nugget tackles the following topics: Port scanners, Vulnerability scanners, Protocol analyzers, OVAL, Password crackers, Network mappers, Performance monitor, Systems monitor, and Performance baselines.
Video 14 – “Assessments and Audits (Part 2)” – This nugget covers the various types of monitoring methodologies including Behavior-based, Signature-based, and Anomaly-based. You’ll learn about proper logging procedures and evaluation of DNS, System, Performance, Access, Firewall, and Antivirus. User access and rights review, storage and retention policies, and group policies are also covered.
Video 15 – “General Cryptography Concepts” – This nugget covers the fundamentals of cryptography including symmetric vs. asymmetric encryption. The security assurance model of C.I.A.N. is explored as well as comparative strength of algorithms.
Video 16 – “Cryptography Algorithms and Protocols” – This second nugget of the Cryptography domain lays out hashing concepts and algorithms like MD5 and SHA. Basic algorithms and encryption concepts are explored including: DES, 3DES, RSA, PGP, Elliptic curve (ECC), AES/AES256, One time pad, SSL/TLS, S/MIME, and PPTP/L2TP.
Video 17 – “Public Key Infrastructure (PKI)” – The final nugget of the Cryptography domain lays out the core concepts of a Public Key Infrastructure (PKI).
Video 18 – “Organizational Security (Part 1)” – This nugget explains redundancy planning and the components, implementation of disaster recovery procedures, and incident response procedures.
Video 19 – “Organizational Security (Part 2)” – A wide array of organizational security topics and terms are covered here including: Secure disposal of computers, Acceptable use policies, Password complexity, Change management, Classification of information, Mandatory vacations, Personally Identifiable Information (PII), Due care/diligence/process, SLA, Security-related HR policy, and User education and awareness training.
Video 20 – “Organizational Security (Part 3)” – The final nugget of the Security+ series lays out the importance of environmental controls like Fire suppression, HVAC, and Shielding. Social Engineering threats such as phishing, hoaxes, shoulder surfing, and dumpster diving are explored.