Workday HCM Demo New Batches Starting from Tuesday... 01-11-2016
Search Course Here




Live Chat
Support
Security +  Online Training

Security +

overview

Security+ validates knowledge of systems security, network infrastructure, access control, assessments and audits, cryptography and organizational security. It is an international, vendor-neutral security certification that is taught at colleges, universities and commercial training centers around the world.
prerequisties
  • All attendees should have a basic knowledge of system security.
Duration
Online
  • It is a 16 days program and extends up to 2hrs each.
  • The format is 40% theory, 60% Hands-on.

Corporate
  • It is a 4 days program and extends up to 8hrs each.
  • The format is 40% theory, 60% Hands-on.
Classroom
    Private Classroom arranged on request and minimum attendies for batch is 4.
course content

    Domain 1: Systems Security

    • Overview of Systems Security Threats
      • Privilege escalation
      • Virus
      • Worm
      • Trojan
      • Spyware
      • Spam
      • Adware
      • Rootkits
      • Botnets
      • Logic bomb
    • Security risks pertaining to system hardware and peripherals
      • BIOS
      • USB devices
      • Cell phones
      • Removable storage
      • Network attached storage
    • Implementing OS hardening practices and procedures to achieve workstation and server security
      • Hotfixes
      • Service packs
      • Patches
      • Patch management
      • Group policies
      • Security templates
      • Configuration baselines
    • Procedures to establish Application Security
      • ActiveX
      • Java
      • Scripting
      • Browser
      • Buffer overflows
      • Cookies
      • SMTP open relays
      • Instant messaging
      • P2P
      • Input validation
      • Cross-site scripting (XSS)
    • Implementing security applications
      • HIDS
      • Personal software firewalls
      • Antivirus
      • Anti-spam
      • Popup blockers
    • Virtualization Technology: purpose and application

    Domain 2: Network Infrastructure

    • Ports & Protocols: Threats and Mitigation Techniques
      • Antiquated protocols
      • TCP/IP hijacking
      • Null sessions
      • Spoofing
      • Man-in-the-middle
      • Replay
      • DOS
      • DDOS
      • Domain Name Kiting
      • DNS poisoning
      • ARP poisoning
    • Network design elements and components
      • DMZ
      • VLAN
      • NAT
      • Network interconnections
      • NAC
      • Subnetting
      • Telephony
    • Network Security Tools
      • NIDS
      • NIPS
      • Firewalls
      • Proxy servers
      • Honeypot
      • Internet content filters
      • Protocol analyzers
    • Using Network Security Tools
      • NIDS
      • Firewalls
      • Proxy servers
      • Internet content filters
      • Protocol analyzers
    • Vulnerabilities and Mitigations of Network Devices
      • Privilege escalation
      • Weak passwords
      • Back doors
      • Default accounts
      • DOS
    • Vulnerabilities and Mitigations of Transmission Media
      • Vampire taps
    • Vulnerabilities and Mitigations of wireless Networking
      • Data emanation
      • War driving
      • SSID broadcast
      • Blue jacking
      • Bluesnarfing
      • Rogue access points
      • Weak encryption

    Domain 3: Access Control

    • Industry Best Practices for access control methods
      • Implicit deny
      • Least privilege
      • Separation of duties
      • Job rotation
    • Common Access Control Models
      • MAC
      • DAC
      • Role & Rule based access control
    • Organizing Users and Computers: Security Groups, Rights & Privileges.
    • Security controls to file and print resources
    • Logical Access Control Methods: Defining and Implementing
      • ACL
      • Group policies
      • Password policy
      • Domain password policy
      • User names and passwords
      • Time of day restrictions
      • Account expiration
      • Logical tokens
    • Authentication models and components
      • One, two and three-factor authentication
      • Single sign-on
    • Deploying Authentication Models and components
      • Biometric reader
      • RADIUS
      • RAS
      • LDAP
      • Remote access policies
      • Remote authentication
      • VPN
      • Kerberos
      • CHAP
      • PAP
      • Mutual
      • 802.1x
      • TACACS
    • Difference between Identification and Authentication (Identity Proofing)
    • Physical Access Security Methods
      • Physical access logs/lists
      • Hardware locks
      • Physical access control – ID badges
      • Door access systems
      • Man-trap
      • Physical tokens
      • Video surveillance – camera types and positioning

    Domain 4: Assessments & Audits

    • Conducting Risk Assessments and implement Risk Mitigation
    • Vulnerability Assessments through common tools
      • Port scanners
      • Vulnerability scanners
      • Protocol analyzers
      • OVAL
      • Password crackers
      • Network mappers
    • Penetration Testing versus Vulnerability Scanning
    • Using Monitoring Tools to detect security-related anomalies
      • Performance monitor
      • Systems monitor
      • Performance baseline
      • Protocol analyzers
    • Monitoring Methodologies
      • Behavior-based
      • Signature-based
      • Anomaly-based
    • Logging procedures and results evaluation
      • Security application
      • DNS
      • System
      • Performance
      • Access
      • Firewall
      • Antivirus
    • Periodic Audits of system security settings
      • User access and rights review
      • Storage and retention policies
      • Group policies

    Domain 5: Cryptography

    • Cryptography Concepts
      • Key management
      • Steganography
      • Symmetric key
      • Asymmetric key
      • Confidentiality
      • Integrity and availability
      • Non-repudiation
      • Comparative strength of algorithms
      • Digital signatures
      • Whole disk encryption
      • Trusted Platform Module (TPM)
      • Single vs. Dual sided certificates
      • Use of proven technologies
    • Hashing Concepts and Algorithms
      • SHA
      • MD5
      • LANMAN
      • NTLM
    • Encryption Concepts and Algorithms
      • DES
      • 3DES
      • RSA
      • PGP
      • Elliptic curve
      • AES
      • AES256
      • One time pad
      • Transmission encryption (WEP TKIP, etc)
    • Protocols: Definition and Implementation
      • SSL/TLS
      • S/MIME
      • PPTP
      • HTTP vs. HTTPS vs. SHTTP
      • L2TP
      • IPSEC
      • SSH
    • Public Key Cryptography
      • Public Key Infrastructure (PKI)
      • Recovery agent
      • Public key
      • Private keys
      • Certificate Authority (CA)
      • Registration
      • Key escrow
      • Certificate Revocation List (CRL)
      • Trust models
    • Implementing PKI and Certificate Management
      • Public Key Infrastructure (PKI)
      • Recovery agent
      • Public key
      • Private keys
      • Certificate Authority (CA)
      • Registration
      • Key escrow
      • Certificate Revocation List (CRL)

    Domain 6: Organizational Security

    • Redundancy Planning and its components
      • Hot site
      • Cold site
      • Warm site
      • Backup generator
      • Single point of failure
      • RAID
      • Spare parts
      • Redundant servers
      • Redundant ISP
      • UPS
      • Redundant connections
    • Implementing Disaster Recovery Procedures
      • Planning
      • Disaster recovery exercises
      • Backup techniques and practices – storage
      • Schemes
      • Restoration
    • Incident Response Procedures: Types and Implementation
      • Forensics
      • Chain of custody
      • First responders
      • Damage and loss control
      • Reporting – disclosure of
    • Applicable legislation and organizational policies
      • Secure disposal of computers
      • Acceptable use policies
      • Password complexity
      • Change management
      • Classification of information
      • Mandatory vacations
      • Personally Identifiable Information (PII)
      • Due care
      • Due diligence
      • Due process
      • SLA
      • Security-related HR policy
      • User education and awareness training
    • Environmental Controls
      • Fire suppression
      • HVAC
      • Shielding
    • Social Engineering: Concept of and how to reduce the risks
      • Phishing
      • Hoaxes
      • Shoulder surfing
      • Dumpster diving
      • User education and awareness training
Videos
Security + videos will be updated soon
To Watch More Videos Click Here

Flash News


AngularJS New Batch Start From 09th OCT & 10th OCT.


Hadoop Dev New Batch Start From 10th OCT & 11th OCT.


IBM COGNOS TM New Batch Start From 11th OCT & 12th OCT.


Informatica Dev New Batch Start From 12th OCT & 13th OCT.


Mean Stack New Batch Start 13th OCT & 14th OCT.

SAP BODS new Batch Starting From 14th OCT & 15th OCT.

SAP S/4 HANA New Batch Start From 15th OCT & 16th OCT
.

Tableau New Batch Start From 16th OCT & 17th OCT

PUBLIC DEMO

(1) Workday Technical Demo Training

Demo Schedule : 09:30A.M EST / 08:30A.M CST / 6:30A.M PST on 13th OCT & 07:00A.M IST on 14th OCT

(2) SAP MII Demo Training

Demo Schedule : 09:30A.M EST / 08:30A.M CST / 6:30A.M PST on 13th OCT & 07:00A.M IST on 14th OCT

SOLVE YOUR QUERIES ONLINE
Email :
Rediff Bol :
ecorptrainings@rediffmail.com
Google Talk :
ecorptrainings@gmail.com
MSN Messenger :
ecorptrainings@hotmail.com
Yahoo Messenger :
ecorptrainings@yahoo.com
Skype Talk :
ecorptrainings