The skills and knowledge measured by this exam are derived from
an industry-wide and worldwide job task analysis and a survey to
validate the job task analysis. The survey results were used to
weight the test domains and ensure that the weightings are
representative of the job requirements.
This exam blueprint includes the test objectives and the
relative weightings. The table below lists the domains measured
by this examination and the extent to which they are represented
in the examination. Example topics and concepts are included to
clarify the test objectives and should not be construed as a
comprehensive list of all the content of this exam.
The CompTIA Security+ certification tests for security
knowledge mastery of an individual with two years on-the-job
networking experience, with emphasis on security.
The exam covers industry wide topics including communication
security, infrastructure security, cryptography, access control,
authentication, external attack and operational and organization
security.
CompTIA Security+ curricula are being taught at colleges,
universities and commercial training centers around the globe.
CompTIA Security+ is being used as an elective or
prerequisite to advanced vendor specific and vendor neutral
security certifications.
Security+ and Your Career
Theft and destruction of intellectual property takes place
despite the presence of firewalls, encryption and corporate
edicts. Neither technologies nor policies alone offer effective
information security. The IT industry must have a well-trained
work force to effectively combat hackers and decrease financial
losses.
The demand for skilled security professionals is growing
significantly. The technology community identifies Security+ as
the perfect way to validate your knowledge of information
security.
Arm Your Workforce with Security+ Certification
Neither technologies nor policies alone offer effective
protection against theft and destruction of intellectual
property. So, what's your defense?
Knowledge.
All industries need a trained and effective IT workforce to
combat hackers, attackers and security threats. Maintain the
integrity of your organization's communications, infrastructure
and operations. Certify your IT workforce today.
"It's vitally important for our professional consultants to
conform to industry standards. For that reason, we will require
CompTIA Security+ certification for all of our consultants, as
part of their MBOs."
- Jeff Recor, President, Olympus Security Group
Arm Your Resume with Security+ Certification
Olympus Security Group requires Security+ for all of their
consultants along with a growing number of companies and
agencies. Get your career on the fast track with CompTIA's
Security+ certification and establish your credibility as a
Security professional.
Security+ certification is recognized around the world as the
benchmark for foundation-level security professionals.
Incorporating a comprehensive range of security knowledge areas,
Security+ was developed with input from industry, government,
academia and front-line practitioners, so you can be assured of
its relevance.
1.1 Recognize and be able to differentiate and explain the
following access control models
MAC (Mandatory Access Control), DAC (Discretionary Access
Control), RBAC (Role Based Access Control)
1.2 Recognize and be able to differentiate and explain the
following methods of authentication
Kerberos, CHAP (Challenge Handshake Authentication Protocol),
Certificates, Username / Password
Tokens, Multi-factor, Mutual, Biometrics
1.3 Identify non-essential services and protocols and know what
actions to take to reduce the risks of those services and
protocols
1.4 Recognize the following attacks and specify the appropriate
actions to take to mitigate vulnerability and risk
DOS / DDOS (Denial of Service / Distributed Denial of Service),
Back Door , Spoofing, Man in the Middle
Replay, TCP/IP Hijacking, Weak Keys, Mathematical, Social
Engineering, Birthday, Password Guessing
Brute Force , Dictionary, Software Exploitation
1.5 Recognize the following types of malicious code and specify
the appropriate actions to take to mitigate vulnerability and
risk
Viruses, Trojan Horses, Logic Bombs, Worms
1.6 Understand the concept of and know how reduce the risks of
social engineering
1.7 Understand the concept and significance of auditing, logging
and system scanning
======================xxxxxxxxx================xxxxxxxxx==================
DOMAIN 2.0: Communication Security
2.1 Recognize and understand the administration of the following
types of remote access technologies
802.1x , VPN (Virtual Private Network), RADIUS (Remote
Authentication Dial-In User Service)
TACACS (Terminal Access Controller Access Control System), L2TP
/ PPTP (Layer Two Tunneling Protocol / Point to Point Tunneling
Protocol), SSH (Secure Shell)
IPSEC (Internet Protocol Security), Vulnerabilities
2.2 Recognize and understand the administration of the
following email security concepts
S/MIME (Secure Multipurpose Internet Mail Extensions)
PGP (Pretty Good Privacy) like technologies
Vulnerabilities
SPAM, Hoaxes
2.3 Recognize and understand the administration of the
following Internet security concepts
SSL / TLS (Secure Sockets Layer / Transport Layer Security)
HTTP/S (Hypertext Transfer Protocol / Hypertext Transfer
Protocol over Secure Sockets Layer)
Instant Messaging
Vulnerabilities, Packet Sniffing, Privacy
Vulnerabilities
Java Script, ActiveX, Buffer Overflows, Cookies, Signed Applets,
CGI (Common Gateway Interface)
SMTP (Simple Mail Transfer Protocol) Relay
2.4 Recognize and understand the administration of the
following directory security concepts
SSL / TLS (Secure Sockets Layer / Transport Layer Security)
LDAP (Lightweight Directory Access Protocol)
2.5 Recognize and understand the administration of the
following file transfer protocols and concepts
S/FTP (File Transfer Protocol), Blind FTP (File Transfer
Protocol) / Anonymous, File Sharing
Vulnerabilities - Packet Sniffing, 8.3 Naming Conventions
2.6 Recognize and understand the administration of the
following wireless technologies and concepts
WTLS (Wireless Transport Layer Security), 802.11 and 802.11x,
WEP / WAP (Wired Equivalent Privacy / Wireless Application
Protocol), Vulnerabilities, Site Surveys
======================xxxxxxxxx================xxxxxxxxx==================
3.1 Understand security concerns and concepts of the
following types of devices
Firewalls, Routers, Switches, Wireless, Modems, RAS (Remote
Access Server), Telecom / PBX (Private Branch Exchange), VPN
(Virtual Private Network), IDS (Intrusion Detection System),
Network Monitoring / Diagnostics, Workstations, Servers, Mobile
Devices,
3.2 Understand the security concerns for the following types of
media
Coaxial Cable, UTP / STP (Unshielded Twisted Pair / Shielded
Twisted Pair), Fiber Optic Cable
Removable Media, Tape, CD-R (Recordable Compact Disks), Hard
Drives, Diskettes
Flashcards, Smartcards
3.3 Understand the concepts behind the following kinds of
security topologies
Security Zones, DMZ (Demilitarized Zone), Intranet, Extranet,
VLANs (Virtual Local Area Network)
NAT (Network Address Translation), Tunneling
3.4 Differentiate the following types of intrusion detection,
be able to explain the concepts of each type, and understand the
implementation and configuration of each kind of intrusion
detection system
Network Based, Active Detection, Passive Detection, Host Based,
Active Detection, Passive Detection
Honey Pots, Incident Response
3.5 Understand the following concepts of security baselines,
be able to explain what a security baseline is, and understand
the implementation and configuration of each kind of intrusion
detection system
OS / NOS (Operating System / Network Operating System) Hardening
File System, Updates (Hotfixes, Service Packs, Patches), Network
Hardening, Updates (Firmware)
Configuration, Enabling and Disabling Services and Protocols,
Access Control Lists, Application Hardening, Updates (Hotfixes,
Service Packs, Patches), Web Servers, E-mail Servers, FTP (File
Transfer Protocol) Servers, DNS (Domain Name Service) Servers,
NNTP (Network News Transfer Protocol) Servers, File / Print
Servers, DHCP (Dynamic Host Configuration Protocol) Servers
Data Repositories, Directory Services, Databases
4.1 Be able to identify and explain the of the following
different kinds of cryptographic algorithms
Hashing, Symmetric, Asymmetric
4.2 Understand how cryptography addresses the following
security concepts
Confidentiality, Integrity, Digital Signatures, Authentication,
Non-Repudiation, Digital Signatures
Access Control
4.3 Understand and be able to explain the following concepts
of PKI (Public Key Infrastructure)
Certificates, Certificate Policies, Certificate Practice
Statements, Revocation, Trust Models
4.4 Identify and be able to differentiate different
cryptographic standards and protocols
4.5 Understand and be able to explain the following concepts
of Key Management and Certificate Lifecycles, Centralized vs.
Decentralized, Storage, Hardware vs. Software, Private Key
Protection
Escrow, Expiration, Revocation, Status Checking, Suspension,
Status Checking
Recovery, M-of-N Control (Of M appropriate individuals, N must
be present to authorize recovery)
Renewal, Destruction, Key Usage, Multiple Key Pairs (Single,
Dual)
DOMAIN 5.0: Operational/Organizational
Security
5.1 Understand the application of the following concepts of
physical security
Access Control, Physical Barriers, Biometrics, Social
Engineering, Environment, Wireless Cells
Location, Shielding, Fire Suppression
5.2 Understand the security implications of the following
topics of disaster recovery
Backups, Off Site Storage, Secure Recovery, Alternate Sites,
Disaster Recovery Plan
5.3 Understand the security implications of the following
topics of business continuity
Utilities, High Availability / Fault Tolerance, Backups
5.4 Understand the concepts and uses of the following types
of policies and procedures
Security Policy, Acceptable Use, Care, Privacy, Separation of
Duties, Need to Know
Password Management, SLAs (Service Level Agreements), Disposal /
Destruction
HR (Human Resources) Policy, Termination (Adding and revoking
passwords and privileges, etc.)
Hiring (Adding and revoking passwords and privileges, etc.),
Code of Ethics
Incident Response Policy
5.5 Explain the following concepts of privilege management
User / Group / Role Management, Single Sign-on, Centralized vs.
Decentralized
Auditing (Privilege, Usage, Escalation), MAC / DAC / RBAC
(Mandatory Access Control / Discretionary Access Control / Role
Based Access Control)
5.6 Understand the concepts of the following topics of
forensics
Chain of Custody, Preservation of Evidence, Collection of
Evidence
5.7 Understand and be able to explain the following concepts
of risk identification
Asset Identification, Risk Assessment, Identification,
Vulnerabilities
5.8 Understand the security relevance of the education and
training of end users, executives and human resources -
Communication, User Awareness, Education, On-line Resources
5.9 Understand and explain the following documentation
concepts
Standards and Guidelines, Systems Architecture, Change
Documentation
Logs and Inventories, Classification, Notification, Retention /
Storage, Destruction
Brand Names and
Trade Marks are the property of their respective holders and
are used for description purposes only.
