CompTIA Security+ Training & Certification

If a career in cybersecurity is your goal, CompTIA Security+ certification is the ideal starting point. Security Plus training is known for its vendor-neutral technology approach, and it provides entry-level infosec knowledge applicable across operating systems and platforms and gives prospective cybersecurity professionals the edge when it comes to landing their new IT roles in Maryland, DC, VA, and beyond.

In today's ever-changing environment, it has become an absolute must to implement and maintain security technologies and policies. This Security+ training course takes the first step in teaching you to implement and monitor security on networks and computer systems and respond to security incidents appropriately, making your skillset valuable to organizations of all sizes and industries.

Security+ certification satisfies DOD 8570 IAT Level II and IAM Level I

Our Security+ class includes access to iLabs, provided by InfoSec Learning LLC

Enroll today, by selecting a class' date, to the right

"Excellent training institution. Instructors are very knowledgeable of their course topics. Shaun is especially helpful in finding the right course and coordinating certification exam retakes."

Alejandro Ordaz Security+ Student

This CompTIA Security+ training is part of the collect and operate, operate and maintain, securely provision, and the analyze NICE cybersecurity workforce category. It will help prepare you to work in the cyber operational planning, systems analysis, systems administration, systems architecture, or threat analysis NICE cybersecurity workforce framework specialty area.

Why Take Security+ Training in Maryland?

Security+ certification is a baseline standard for assessing an individual's understanding of IT security. Created and administered by CompTIA, this certification is recognized worldwide and is a starting point for anyone looking to build a cyber security-based career. TrainACE is a Platinum Partner to CompTIA and offers high-quality training for Security+, preparing students to pass the CompTIA security certification training and official Certification.

Businesses of all sizes know the importance of information and IT security and have continued to invest as such. This investment is evidenced by the fact that many government employees in Information Assurance (IA) positions, and any contractors who serve certain IA functions, are now required to have a CompTIA Security+ certification. This requirement was put into effect as part of the aforementioned DoD-8570 directive and most directly applied to entry and mid-level IT personnel.

At TrainACE, our CompTIA Security+ training courses are taught by certified IT security professionals in Maryland, Virginia, or DC with a minimum of 3 years of teaching experience. Our instructors are also required to have IT security and cybersecurity experience along with additional supplementary certifications and continued education in the industry. All classes are 40 hours long and available in multiple attendance methods, including daytime, evening, or weekend schedules.

Signup today for our convenient 5-day Security Plus boot camp!

What You Need to Know Before Taking Security+ Training

There are no specific Security+ prerequisites to take the Security+ exam, but candidates with little or no IT experience will find this certification very hard to pass.

This vendor-neutral Security Plus training course is designed for network and security administrators and those with similar job functions who have two years of experience with general networking and basic security knowledge.

Previous certification training in courses such as CompTIA A+, Cisco CCNA, or CompTIA Network+ will improve your chances of passing this mid-level exam.

This Security Plus Bootcamp is appropriate for:

• Network Administrators
• Security Administrators
• Information Assurance Professionals
• DoD 8570 Compliance Skills & Concepts

What Are the Benefits of CompTIA Security+ Certification in DC?

The CompTIA Security+ certification is one that is recognized and accepted worldwide. It's a basic certification, often one of the first several IT professionals earn, but it is well-respected within the industry. Obtaining your Security Plus certification has many benefits, including:

• No prerequisites or work experience required – Because the CompTIA Security + certification is an early cybersecurity certificate, it's ideal for those individuals with little or no previous IT experience. However, it is suggested that individuals take CompTIA A+ and Network+ before this course.
• Vendor-neutral – Security+ is a vendor-neutral certification. That means that it doesn't focus on the security and technology of a specific vendor. Instead, it includes common elements of cybersecurity and provides general knowledge and skills.
• Preparation for future certifications - As a foundational credential, the Security Plus certification lays the groundwork for passing more advanced certification exams. Whether you plan to pursue the CompTIA Advanced Security Practitioner (CASP+), CompTIA PenTest+, or another cybersecurity certification, Security+ ensures that you have a solid understanding of the fundamental skills needed to tackle higher-level certifications.
• Better job opportunities – The CompTIA Security+ certification provides individuals with an advantage in today's job market. With the certification, professionals are qualified for a variety of IT roles. Areas like Compliance and Operational Security, Cryptography, Data and Host Security, Access Control and Identity Management, and Threats and Vulnerabilities, are all ideal locations for Security + certified employees.
• Higher earning potential – IT professionals with the Security+ credential typically earn more than their non-certified coworkers. While there are several factors that determine salaries, by having this certification, you can expect to earn an ample income.
• Meets DoD requirements – The CompTIA Security+ certification satisfies the US Department of Defense 8570 standard. That means certified individuals are eligible to apply for Technical level two and Management level one positions.
• Proves knowledge and skills – In the course of preparing for the exam, you will learn many things about cybersecurity. Moreover, you will learn skills and knowledge that will help you become a greater security professional. This is why hiring managers always look for professionals with this CompTIA certification. The certification is proof of your expertise and skills in the job field.

How Long Does Security Plus Training Take?

TrainACE's CompTIA Security+ training and certification course is a five-day deep dive into entry-level infosec knowledge. It will establish the fundamental knowledge that is necessary for any cybersecurity position. It provides a launching pad to entry-level and intermediate-level information security jobs.

How Hard is the CompTIA Security Plus Course?

How hard the course and Certification are is relative from person to person. Generally speaking, most IT professionals who are certified found the CompTIA Security+ SYO-601 certification exam fairly straightforward. With the right preparation, like that from TrainACE, you can obtain your Security+ certification.

Compared with other security certifications, only Security Plus has performance-based questions included. These questions assess your practical skills, not just your knowledge, placing more emphasis on the practical and hands-on ability to identify and address vulnerabilities, security threats, and attacks.

Therefore, to prepare well for the CompTIA Security+ certification exam, you should take TrainACE's training and certification course. Our course provides students with the knowledge, skills, and practical know-how to successfully pass the certification exam.

Security+ Exam and Certification Requirements:

Current exam number SY0-601

• Maximum of 90 questions
• Time Length 90 minutes
• Passing Score 750
• Format Multiple Choice and Performance-Based Questions

Candidates for Security+ certification must be able to:

• Assess the security posture of an enterprise and make recommendations for and implement appropriate cybersecurity solutions
• Monitor and secure hybrid environments
• Operate with an understanding of all applicable policies and laws
• Identify, analyze, and respond to security events and incidents

Note that CompTIA recently upgraded the exam from SY0-501 to SY0-601, so if you've been preparing using an older curriculum, you will want to check out the changes between Security+ SY0-501 and SY0-601 before you test

Who needs Security+ Certification in DC?

CompTIA Security+ Certification prepares students for roles in the following job types:

• Network Administrator
• Systems Administrator
• Security Administrator
• Junior IT Auditor/Penetration Tester
• Security Specialist
• Security Consultant
• Security Engineer
• Network Security Specialist
• Information Security Analyst
• Cyber Security Consultant
• IT Risk Analyst

What will I learn in this Security+ class?

Module 1 / Threats, Attacks, and Vulnerabilities

Indicators of Compromise

• Why is Security Important?
• Security Policy
• Threat Actor Types
• The Kill Chain
• Social Engineering
• Phishing
• Malware Types
• Trojans and Spyware
• Open Source Intelligence
• Labs (VM Orientation, Malware Types)

Critical Security Controls

• Security Control Types
• Defense in Depth
• Frameworks and Compliance
• Vulnerability Scanning and Pen Tests
• Security Assessment Techniques
• Pen Testing Concepts
• Vulnerability Scanning Concepts
• Exploit Frameworks
• Lab
• Using Vulnerability Assessment Tools

Security Posture Assessment Tools

• Topology Discovery
• Service Discovery
• Packet Capture
• Packet Capture Tools
• Remote Access Trojans
• Honeypots and Honeynets
• Labs
• Using Network Scanning Tools 1
• Using Network Scanning Tools 2
• Using Steganography Tools

Incident Response

• Incident Response Procedures
• Preparation Phase
• Identification Phase
• Containment Phase
• Eradication and Recovery Phases

Module 2 / Identity and Access Management

Cryptography

• Uses of Cryptography
• Cryptographic Terminology and Ciphers
• Cryptographic Products
• Hashing Algorithms
• Symmetric Algorithms
• Asymmetric Algorithms
• Diffie-Hellman and Elliptic Curve
• Transport Encryption
• Cryptographic Attacks
• Lab
• Implementing Public Key Infrastructure

Public Key Infrastructure

• PKI Standards
• Digital Certificates
• Certificate Authorities
• Types of Certificate
• Implementing PKI
• Storing and Distributing Keys
• Key Status and Revocation
• PKI Trust Models
• PGP / GPG
• Lab
• Deploying Certificates and Implementing Key Recovery

Identification and Authentication

• Access Control Systems
• Identification
• Authentication
• LAN Manager / NTLM
• Kerberos
• PAP, CHAP, and MS-CHAP
• Password Attacks
• Token-based Authentication
• Biometric Authentication
• Common Access Card
• Lab
• Using Password Cracking Tools

Identity and Access Services

• Authorization
• Directory Services
• RADIUS and TACACS+
• Federation and Trusts
• Federated Identity Protocols

Account Management

• Formal Access Control Models
• Account Types
• Windows Active Directory
• Creating and Managing Accounts
• Account Policy Enforcement
• Credential Management Policies
• Account Restrictions
• Accounting and Auditing
• Lab
• Using Account Management Tools

Module 3 / Architecture and Design (1)

Secure Network Design

• Network Zones and Segments
• Subnetting
• Switching Infrastructure
• Switching Attacks and Hardening
• Endpoint Security
• Network Access Control
• Routing Infrastructure
• Network Address Translation
• Software-Defined Networking
• Lab
• Implementing a Secure Network Design

Firewalls and Load Balancers

• Basic Firewalls
• Stateful Firewalls
• Implementing a Firewall or Gateway
• Web Application Firewalls
• Proxies and Gateways
• Denial of Service Attacks
• Load Balancers
• Lab
• Implementing a Firewall

IDS and SIEM

• Intrusion Detection Systems
• Configuring IDS
• Log Review and SIEM
• Data Loss Prevention
• Malware and Intrusion Response
• Lab
• Using an Intrusion Detection System

Secure Wireless Access

• Wireless LANs
• WEP and WPA
• Wi-Fi Authentication
• Extensible Authentication Protocol
• Additional Wi-Fi Security Settings
• Wi-Fi Site Security
• Personal Area Networks

Physical Security Controls

• Site Layout and Access
• Gateways and Locks
• Alarm Systems
• Surveillance
• Hardware Security
• Environmental Controls

Module 4 / Architecture and Design (2)

Secure Protocols and Services

• DHCP Security
• DNS Security
• Network Management Protocols
• HTTP and Web Servers
• SSL / TSL and HTTPS
• Web Security Gateways
• Email Services
• S/MIME
• File Transfer
• Voice and Video Services
• VoIP
• Labs
• Implementing Secure Network Addressing Services
• Configuring a Secure Email Service

Secure Remote Access

• Remote Access Architecture
• Virtual Private Networks
• IPSec
• Remote Access Servers
• Remote Administration Tools
• Hardening Remote Access Infrastructure
• Lab
• Implementing a Virtual Private Network

Secure Systems Design

• Trusted Computing
• Hardware / Firmware Security
• Peripheral Device Security
• Secure Configurations
• OS Hardening
• Patch Management
• Embedded Systems
• Security for Embedded Systems

Secure Mobile Device Services

• Mobile Device Deployments
• Mobile Connection Methods
• Mobile Access Control Systems
• Enforcement and Monitoring

Secure Virtualization and Cloud Services

• Virtualization Technologies
• Virtualization Security Best Practices
• Cloud Computing
• Cloud Security Best Practices

Module 5 / Risk Management

Forensics

• Forensic Procedures
• Collecting Evidence
• Capturing System Images
• Handling and Analyzing Evidence
• Lab
• Using Forensic Tools

Disaster Recovery and Resiliency

• Continuity of Operations Plans
• Disaster Recovery Planning
• Resiliency Strategies
• Recovery Sites
• Backup Plans and Policies
• Resiliency and Automation Strategies

Risk Management

• Business Impact Analysis
• Identification of Critical Systems
• Risk Assessment
• Risk Mitigation

Secure Application Development

• Application Vulnerabilities
• Application Exploits
• Web Browser Exploits
• Secure Application Design
• Secure Coding Concepts
• Auditing Applications
• Secure DevOps
• Lab
• Identifying a Man-in-the-Browser Attack

Organizational Security

• Corporate Security Policy
• Personnel Management Policies
• Interoperability Agreements
• Data Roles
• Data Sensitivity Labeling and Handling
• Data Wiping and Disposal
• Privacy and Employee Conduct Policies
• Security Policy Training