مدرک معتبر و بینالمللی CompTIA Security+ با محوریت مدیریت و سازماندهی اطلاعات است که کسب دانش مورد نیاز برای موفقیت در آزمون مربوطه، متقاضی را به شناخت و مهارتی کاربُردی برای پیشبینی، پیشگیری و رفع خطرات امنیتی برای موارد شخصی و تجاری خواهد رساند. این دورهی آموزشی سه بخشی بصورت فیلمهای جداگانه، مهمترین مباحث ایجاد و کنترل امنیت از جمله امنیت شبکه، امنیت عملیاتی، مقابله با تهدید و آسیبپذیری، کنترل دسترسی و مدیریت هویت و رمزنگاری را پوشش داده است.
محتوای آموزش:
1- مباحث مهم IT Security و انواع حملات
2- فرایندهای پیشگیرانه و پاکسازی
3- امنیت Network Device و مدیریت و طراحی Secure Network
4- پروتُکُلهای TCP/IP و امنیت پورت
5- اقدامات مورد نیاز در رابطه با حملات بر روی شبکههای وایرلس و تأمین نمودن و نگهداری از آنها
6- امنیت هاست، امنیت داده و تأمین برنامهها
7- تعیین/تأیید اعتبار، مجوزها و کنترل دسترسی
8- امنیت فیزیکی و محیطی
9- سرویسهای مربوط به Authentication
10- مدیریت اکانت کاربر و مدیریت خطرات
11- ارزیابی و آشکارسازی تهدیدات و آسیبپذیریها
12- جلوگیری و کاهش خطرات
13- فهرست گزارشات و پایشها
14- تجارت پیوسته و بازیابی (ریکاوری) بُحرانی
15- پاسخگویی در مقابل حوادث ناگهانی
16- آموزش کاربرها و مهندسی اجتماعی
17- راهکارها و ابزارهای رمزنگاری
18- موارد مهم مربوط به راهکارهای فرایند PKI
19- آماده شدن برای آزمون مدرک مربوطه
تاریخ انتشار: 27-12-2011
سطح: مبتدی
مدت زمان آموزش: بخش اول: 3 ساعت و 45 دقیقه / بخش دوم: 4 ساعت و 22 دقیقه / بخش سوم: 3 ساعت و 51 دقیقه
مدرس: Lisa Szpuna
فهرست کامل سرفصلها و عناوین آموزش (به همراه زمان دقیق آنها) :
[Part 1]
Getting Started with CompTIA Security+ Training - 00:06:09
Introduction - 00:33
About Your Instructor - 01:02
About This Course - 04:34
Introduction to IT Security - 00:07:47
Introduction - 01:01
What is IT Security? - 01:00
Key Terms You Should Know - 01:50
The Information Security Triad - CIA - 01:33
The AAA Protocol - 01:39
What We Covered - 00:44
Types of Attacks - 00:31:01
Introduction - 01:22
Spoofing/Poisoning - 01:46
Pharming - 01:32
Man-in-the-Middle - 01:31
Replay Attack - 01:46
Denial of Service (DoS) - 02:14
Distributed Denial of Service (DDoS) - 00:58
Smurf Attack - 01:11
Scanners and Sniffers - 02:40
Spam - 04:26
Phishing - 03:54
Privilege Escalation - 01:44
Transitive Access - 01:13
Client-side Attacks - 01:44
What We Covered - 03:00
Malware Prevention and Cleanup - 00:22:20
Introduction - 00:54
Malware - 01:21
Viruses - 03:43
Worms - 01:13
Trojans - 01:30
Spyware - 01:11
Adware and Pop-ups - 01:15
Rootkits - 01:19
Backdoors - 00:51
Logic Bombs - 01:13
Botnets - 00:54
Ransomware - 00:47
Malware Mitigation - 02:09
Malware Removal - 01:40
What We Covered - 02:20
Network Device Security - 00:41:04
Introduction - 01:11
Firewalls - 07:41
Routers - 03:32
Switches - 01:57
Load Balancers - 01:58
Proxies - 03:03
Web Security Gateways - 01:31
VPN Concentrators 01:14
Network-based Intrusion Detection Systems (NIDS) - 03:23
Network-based Intrusion Prevention Systems (NIPS) - 00:47
Kinds of NIDS and NIPS - 01:29
Other Security Appliances - 02:14
Protocol Analyzers/Sniffers - 01:55
Host-based Filtering Tools - 07:16
What We Covered - 01:53
Secure Network Administration - 00:21:36
Introduction - 01:01
Rule-based Management - 01:17
Access Control Lists (ACLs) - 01:26
Firewall Rules - 06:44
Secure Router Configuration - 02:28
Port Security - 02:27
Flood Guards 01:53
Network Separation and Network Bridging - 01:11
Log Analysis - 01:02
What We Covered - 02:07
Secure Network Design - 00:34:23
Introduction - 01:10
Security Zones - 02:42
DMZ (Demilitarized Zone) - 03:47
Subnetting 03:06
Virtual Local Area Network (VLAN) - 03:03
Network Address Translation (NAT) - 03:54
Remote Access - 02:29
Virtual Private Network (VPN) - 02:37
Telephony - 02:43
Network Access Control (NAC) - 01:09
Virtualization - 03:13
Cloud Computing - 02:14
What We Covered - 02:16
TCP/IP Protocols and Port Security - 00:26:19
Introduction - 01:41
TCP/IP - 03:04
FTP - 01:10
SSH and SCP - 00:47
Telnet - 00:29
SMTP - 00:38
DNS - 00:49
TFTP - 00:21
HTTP - 01:10
SFTP - 01:28
SNMP - 00:41
HTTPS - 01:46
FTPS - 00:41
SSL and TLS - 01:02
TCP - 02:02
UDP - 00:53
IP - 01:33
ICMP - 00:39
ARP - 00:56
TCP/IP Ports to Remember - 00:22
IPSec - 02:12
What We Covered - 01:55
Attacks on Wireless Networks - 00:16:17
Introduction - 01:27
Rogue Access Points - 01:10
Evil Twin - 01:29
Wardriving - 01:50
Warchalking - 01:39
IV Attack - 02:48
Packet Sniffing - 01:42
Attacks on Bluetooth - 01:09
Interference - 01:22
What We Covered - 01:41
Securing Wireless Networks - 00:19:02
Introduction - 02:10
IEEE 802.11x Wireless Standards - 01:14
WEP - 03:03
WPA and WPA2 - 01:08
TKIP - 00:39
CCMP - 00:40
WAP - 00:46
EAP, PEAP, and LEAP - 01:43
Securing Wireless Routers and Access Points Best Practices - 01:58
Change the SSID and Turn off SSID Broadcast - 01:28
Consider Using MAC Filtering - 01:08
Work with Antenna Placement and Power Level Controls - 01:01
What We Covered - 02:04
[Part 2]
Host Security - 00:24:30
Introduction - 01:54
Antimalware - 04:12
Host-based Firewalls - 01:15
Updates and Patch Management - 03:10
Disabling Unused Services - 01:15
Users and Accounts - 01:17
Virtualization - 01:17
Host Software Baselining - 01:23
Securing Servers - 01:21
Securing Mobile Devices - 05:08
What We Covered - 02:18
Securing Applications - 00:42:38
Introduction - 02:40
Cookies - 01:59
Session Hijacking - 01:03
Header Manipulation - 00:28
Cross-site Scripting (XSS) - 02:57
Cross-site Request Forgery (XSRF or CSRF) - 03:43
Injection Attacks - 01:40
Preventing Injection Attacks - 00:52
Buffer Overflow - 00:44
Java Applets and JavaScript - 01:27
ActiveX Controls - 01:03
Demo: Internet Explorer Security Settings - 15:39
Malicious Add-ons, Attachments, and Zero Day Exploits - 02:34
Secure Coding Concepts - 01:08
Fuzzing - 00:50
Application Hardening - 02:18
What We Covered - 01:33
Data Security - 00:15:26
Introduction - 01:54
Data Loss Protection (DLP) - 01:10
Individual Files/Folders Encryption - 01:32
Full Disk/Whole Disk Encryption - 00:57
Database Encryption - 00:59
Removable Media Encryption - 01:22
Mobile Device Encryption - 00:49
Trusted Platform Module (TPM) - 01:12
Hardware Security Module (HSM) - 00:37
USB Encryption - 00:37
Hard Drive Encryption - 00:22
Encryption Key Management - 01:22
Data in the Cloud - 01:14
What We Covered - 01:19
Authentication, Authorization, and Access Control - 00:26:30
Introduction - 02:11
Identification vs. Authentication - 01:42
Authentication and Authorization - 00:52
Something You Know, Something You Have, Something You Are - 04:39
Single Factor vs. Multifactor Authentication - 02:55
Types of Access Control - 04:48
Information Models - 02:31
Mandatory Vacations - 01:05
Job Rotation - 00:50
Separation of Duties - 00:50
Trusted OS - 01:07
What We Covered - 03:00
Physical and Environmental Security - 00:20:00
Introduction - 01:28
Physical Security - 00:51
Fencing and Mantraps - 01:02
Access Lists - 01:05
Proximity Readers - 01:37
Video Surveillance and Monitoring - 01:04
Hardware Locks - 00:57
HVAC Considerations - 01:25
Hot and Cold Aisles - 00:44
Environmental Monitoring and Controls - 01:17
Fire Suppression - 02:39
Power Systems - 02:05
Electromagnetic Emissions: Interference and Shielding - 02:19
What We Covered - 01:27
Authentication Services - 00:17:53
Introduction - 00:52
Introduction to Authentication Services - 01:43
RADIUS - 04:25
TACACS+ - 01:35
TACACS and XTACACS - 01:01
Kerberos - 03:48
LDAP - 03:02
What We Covered - 01:27
User Account Management - 00:21:46
Introduction - 01:12
Privilege Management - 02:46
Group Based Privileges - 03:20
User Account Policy - 05:18
Password Policies - 06:49
What We Covered - 02:21
Risk Management - 00:22:33
Introduction - 02:05
Risk Management Vocabulary - 02:03
Risk Management Steps - 04:01
Impact Analysis - 01:24
Risk Calculation - 06:00
Options for Handling Risk - 01:51
Control Types - 02:50
What We Covered - 02:19
Threat and Vulnerability Assessment and Detection - 00:25:49
Introduction - 01:27
Assessment Types - 01:08
Assessment Techniques - 07:06
Tools - 06:48
Vulnerability Scanning - 02:14
Penetration Testing - 01:53
Black, White, and Gray Box Testing - 02:18
What We Covered - 02:55
Risk Mitigation and Deterrence - 00:32:18
Introduction - 01:32
Security Posture - 02:34
Manual Bypassing of Electronic Controls - 02:13
Change Management - 03:19
Implement Security Controls Based on Risk - 01:26
Detection vs. Prevention Controls - 03:59
Hardening - 00:47
Perform Routine Audits - 05:00
Data Loss or Theft Prevention - 01:40
Security Policies - 01:30
Privacy Policies - 02:01
Acceptable Use Policies (AUP) - 00:55
Other Policies - 02:03
What We Covered - 03:19
Log Monitoring and Reporting - 00:13:24
Introduction - 01:03
Reporting - 03:05
Monitoring and Analyzing Logs - 02:28
Log Types - 01:34
Logs Management - 03:41
What We Covered - 01:33
[Part 3]
Business Continuity - 00:15:55
Introduction - 01:31
Business Continuity vs. Disaster Recovery - 01:15
Business Continuity Planning (BCP) and Testing - 04:04
Business Impact Analysis - 02:16
IT Contingency Planning - 01:52
Continuity of Operations - 01:08
Succession Planning - 01:42
What We Covered - 02:07
Disaster Recovery Planning - 00:31:07
Introduction - 01:38
Disaster Recovery Plan - 01:57
Service Level Agreement (SLA) - 02:34
Utilities - 00:32
Backup Types - 03:37
Backup Plans - 04:12
Backup Storage Options - 01:28
Recovering from Backups - 03:33
Backup and Recovery Considerations - 00:55
Redundancy - 01:45
Fault Tolerance - 00:41
RAID: Redundant Array of Independent Disks - 01:53
Load Balancing - 01:16
Clustering - 00:44
Alternative/Backup Sites - 01:41
What We Covered - 02:41
Incident Response - 00:15:34
Introduction - 01:21
Incident Response Plan - 03:30
Damage and Loss Control - 00:56
Chain of Custody - 02:00
First Responder - 01:01
Basic Forensic Procedures - 04:42
What We Covered - 02:04
User Education - 00:27:25
Introduction - 01:42
Security Policy Training and Procedures - 02:22
Threat Awareness - 00:53
Personally Identifiable Information (PII) - 01:57
Regulatory Compliance - 01:51
Social Networking - 03:58
Peer to Peer (P2P) File Sharing - 01:14
User Habits - 03:40
Information Classification - 04:27
Data Labeling, Handling, and Disposal - 02:40
What We Covered - 02:41
Social Engineering - 00:20:12
Introduction - 01:37
Social Engineering Overview - 02:48
Impersonation - 01:31
Tailgating - 02:14
Dumpster Diving - 01:20
Shoulder Surfing - 01:27
Phishing - 03:49
Hoaxes - 01:30
Reverse Social Engineering - 01:25
What We Covered - 02:31
Cryptography Concepts - 00:26:33
Introduction - 01:28
Cryptography Overview - 04:54
Symmetric vs. Asymmetric Encryption - 02:44
Digital Signatures - 00:37
Non-repudiation - 01:01
Encryption/Decryption Methods - 04:26
Cryptographic Hashing - 05:31
Transport Encryption - 01:05
Steganography - 01:14
Use of Proven Technologies - 01:42
What We Covered - 01:51
Cryptography Tools - 00:42:48
Introduction - 02:16
Symmetric Encryption - 07:40
Asymmetric Encryption - 04:03
Cryptographic Hashing - 06:35
Transport Encryption - 04:48
Wireless Encryption - 02:47
Other Encryption Tools - 08:33
Comparative Strengths of Algorithms - 03:11
What We Covered - 02:55
Public Key Infrastructure (PKI) Concepts - 00:15:14
Introduction - 01:13
Public Key Infrastructure (PKI) Overview - 02:09
Digital Certificates - 00:43
Certificate Authorities (CA) - 00:35
How PKI Works - 02:19
Registration Authorities - 01:02
Certificate Revocation Lists (CRL) - 01:40
Recovery Agents - 01:39
Key Escrow - 00:56
What We Covered - 02:58
PKI Implementatio - 00:18:06
Introduction - 01:18
Publicly Trusted Certificate Authorities - 01:54
Internal Certificate Authorities - 02:12
Working with Registration Authorities - 00:48
Key Management - 02:24
Certificate Management - 03:10
Trust Models - 04:24
What We Covered - 01:56
Preparing for Your CompTIA Security+ SY0-301 Certification Exam - 00:07:51
Introduction - 00:35
About the Exam - 01:58
Mapping Exam Objectives to this Course - 01:24
Studying for the Exam - 02:14
Test Day Tips - 01:40
Next Steps - 00:10:24
Introduction - 00:42
What We Have Covered in This Course - 02:24
My Favorite Supporting Resources - 00:59
Get Certified - 01:41
Continue Learning - 02:40
Join the Community - 01:58
نکات:
1- این آموزش به زبان انگلیسی است.
2- آموزش به صورت فیلمهای جداگانه برای هر فصل است.
3- فرمت فایلها MP4 است.
4- فایل های دانلودی قابلیت تعمیر با WinRAR در صورت دانلود ناقص را دارا می باشند.