CompTIA

ITD-4133 - Secure Network

(OKU-ITD-4133.AEW1)
Lessons
Lab
TestPrep
AI Tutor (Add-on)
Instructor-Led (Add-on)
Get A Free Trial

Skills You’ll Get

Get the support you need. Enroll in our Instructor-Led Course.

Download Course Outline

1

Today's Security Professional

  • Cybersecurity Objectives
  • Data Breach Risks
  • Implementing Security Controls
  • Data Protection
  • Summary
  • Exam Essentials
2

Cybersecurity Threat Landscape

  • Exploring Cybersecurity Threats
  • Threat Data and Intelligence
  • Summary
  • Exam Essentials
3

Malicious Code

  • Malware
  • Summary
  • Exam Essentials
4

Social Engineering and Password Attacks

  • Social Engineering and Human Vectors
  • Password Attacks
  • Summary
  • Exam Essentials
5

Security Assessment and Testing

  • Vulnerability Management
  • Vulnerability Classification
  • Penetration Testing
  • Audits and Assessments
  • Vulnerability Life Cycle
  • Summary
  • Exam Essentials
6

Application Security

  • Software Assurance Best Practices
  • Designing and Coding for Security
  • Software Security Testing
  • Injection Vulnerabilities
  • Exploiting Authentication Vulnerabilities
  • Exploiting Authorization Vulnerabilities
  • Exploiting Web Application Vulnerabilities
  • Application Security Controls
  • Secure Coding Practices
  • Automation and Orchestration
  • Summary
  • Exam Essentials
7

Cryptography and the PKI

  • An Overview of Cryptography
  • Goals of Cryptography
  • Cryptographic Concepts
  • Modern Cryptography
  • Symmetric Cryptography
  • Asymmetric Cryptography
  • Hash Functions
  • Digital Signatures
  • Public Key Infrastructure
  • Asymmetric Key Management
  • Cryptographic Attacks
  • Emerging Issues in Cryptography
  • Summary
  • Exam Essentials
8

Identity and Access Management

  • Identity
  • Authentication and Authorization
  • Authentication Methods
  • Accounts
  • Access Control Schemes
  • Summary
  • Exam Essentials
9

Resilience and Physical Security

  • Resilience and Recovery in Security Architectures
  • Response and Recovery Controls
  • Physical Security Controls
  • Summary
  • Exam Essentials
10

Cloud and Virtualization Security

  • Exploring the Cloud
  • Virtualization
  • Cloud Infrastructure Components
  • Cloud Security Issues
  • Hardening Cloud Infrastructure
  • Summary
  • Exam Essentials
11

Endpoint Security

  • Operating System Vulnerabilities
  • Hardware Vulnerabilities
  • Protecting Endpoints
  • Hardening Techniques
  • Operating System Hardening
  • Securing Embedded and Specialized Systems
  • Asset Management
  • Summary
  • Exam Essentials
12

Network Security

  • Designing Secure Networks
  • Secure Protocols
  • Network Attacks
  • Summary
  • Exam Essentials
13

Wireless and Mobile Security

  • Building Secure Wireless Networks
  • Managing Secure Mobile Devices
  • Summary
  • Exam Essentials
14

Monitoring and Incident Response

  • Incident Response
  • Incident Response Data and Tools
  • Mitigation and Recovery
  • Summary
  • Exam Essentials
15

Digital Forensics

  • Digital Forensic Concepts
  • Conducting Digital Forensics
  • Reporting
  • Digital Forensics and Intelligence
  • Summary
  • Exam Essentials
16

Security Governance and Compliance

  • Security Governance
  • Understanding Policy Documents
  • Change Management
  • Personnel Management
  • Third-Party Risk Management
  • Complying with Laws and Regulations
  • Adopting Standard Frameworks
  • Security Awareness and Training
  • Summary
  • Exam Essentials
17

Risk Management and Privacy

  • Analyzing Risk
  • Managing Risk
  • Risk Tracking
  • Disaster Recovery Planning
  • Privacy
  • Summary
  • Exam Essentials
18

Basics of Information Security

  • Why Information Security
  • What Is Information Security
  • Goals
  • Methods
  • Tools
  • Beyond Confidentiality Integrity Availability (CIA)
  • Responsibility of Information Security
  • Perspective of Information Security
19

Threat Paradigm

  • Threat Paradigm
  • Attackers or Threat Agents
  • Threat Motivation
  • Threat Impact
  • Types of Attacks
20

Information Security Controls

  • Information Security Controls
  • Examples of Information Security Controls
21

Decoding Policies, Standards, Procedures, & Guidelines

  • Documents Hierarchy
  • Policy
  • Standards
  • Procedures and Guidelines
  • Document Format
  • Decoding Policies and Standards
22

Network Security Design

  • Network Security Design Principles
  • Defense in Depth
  • Security Zones and Network Segmentation
  • Secure Remote Access
  • Secure Third Party Access
  • Least Privilege
  • Segregation of Duties
  • Encryption
  • High Availability
  • Network Access Control (NAC)
  • Security of Test Environment
23

Know Your Assets

  • Identifying Assets
  • Different Types of Assets
  • Asset Responsibility
  • Asset Valuation
  • Asset Classification/Rating Review
  • Audit Requirement
24

Implementing Network Security

  • Introducing Assets to Production Environment
  • Pre-Production Check List
  • Best Practices for Network Design
  • Best Practices for Firewall
  • Best Practices for Routers and Switches
  • Best Practices for VPN
  • Best Practices for Wireless Networks
25

Secure Change Management

  • Change Management
  • Secure Change Management Process
  • Audit Requirements
26

Vulnerability and Risk Management

  • Vulnerability and Risk Management
  • Common Vulnerabilities Found in the Network Environment
  • Vulnerability and Risk Management Process
  • Handling Zero Day
  • Audit Requirements
27

Access Control

  • Introduction
  • Identification
  • Authentication
  • Authorization
  • Accounting
  • Access Control Policies and Procedures
  • Access Control Implementation
  • User Registration and De-Registration
  • Password Management
  • Asset Classification
  • Access Provisioning
  • Network Admission Control (NAC)
  • Privilege User Access Management
  • Remote Access Management
  • Third Party Access Management
  • User Access Review
  • Audit Requirements
28

Capacity Management

  • Capacity Management
  • Documented Policies and Procedures
  • Capacity Management Process
  • Audit Requirements
29

Log Management

  • Logging
  • Log Management Process and Documentation
  • Log Generation
  • Log Transmission
  • Log Storage
  • Log Analysis
  • Log Disposal
  • Audit Requirements
30

Network Monitoring

  • Monitoring
  • Physical, Environmental, and Content Monitoring
  • System Monitoring Standards and Procedures
  • Traffic Monitoring
  • Device Monitoring
  • Log Monitoring - Security Information and Event Management
  • Audit Requirements
31

Information Security Audit

  • Information Security Audit
  • Audit Management from the Auditor's Side
  • Audit Management from the Auditee's Side
32

Technical Compliance Audit

  • Technical Compliance Audit
  • Technical Compliance Audit from the Auditor's Point of View
  • Technical Compliance Audit from the Auditee's Point of View
  • Good Practices to Avoid Compliance Findings
33

Penetration Testing

  • Penetration Testing (Pen Test)
  • Stages of Penetration Testing
  • Pen Testing vs. Vulnerability Assessment
  • Pen Testing from the Auditee's Point
  • Good Practices to Avoid Vulnerabilities
A

Appendix

  • Appendix 1: Vulnerability Management Sheet
  • Appendix 2: Risk Management Sheet
  • Appendix 3: Sample Compliance Task List
  • Appendix 4: Risk Acceptance Form

1

Malicious Code

  • Examining Spyware
  • Analyzing Malware Using VirusTotal
2

Social Engineering and Password Attacks

  • Using Social Engineering Techniques to Plan an Attack
  • Cracking a Linux Password Using John the Ripper
  • Cracking Passwords
3

Security Assessment and Testing

  • Scan for Vulnerabilities Using Nikto
  • Conducting Vulnerability Scanning Using Nessus
  • Consulting a Vulnerability Database
  • Gathering Site Information
4

Application Security

  • Fuzzing Using OWASP ZAP
  • Performing SQL Injection in DVWA
  • Exploiting LFI and RFI Vulnerabilities
  • Conducting a Cross-Site Request Forgery Attack
  • Performing an XSS Attack in DVWA
  • Examining Application Vulnerabilities
  • Exploiting an Overflow Vulnerability
  • Exploiting a TOCTOU Vulnerability
5

Cryptography and the PKI

  • Using Symmetric Encryption
  • Creating Asymmetric Key Pairs
  • Creating File Hashes
  • Examining PKI Certificates
6

Identity and Access Management

  • Installing a RADIUS Server
  • Examining Kerberos Settings
  • Enforcing Password Policies
  • Using the chmod Command
  • Creating Linux Users and Groups
7

Cloud and Virtualization Security

  • Detecting Virtualization
8

Network Security

  • Capturing Credentials On-path
  • Launching a DoS Attack
9

Wireless and Mobile Security

  • Securing a Wi-Fi Hotspot
10

Monitoring and Incident Response

  • Examining MITRE ATT&CK
  • Viewing Linux Event Logs
  • Viewing Windows Event Logs
11

Digital Forensics

  • Completing the Chain of Custody
  • Using FTK Imager
  • Analyzing Forensic Case with Autopsy
12

Threat Paradigm

  • Creating a RAT
  • Analyzing the WannaCry Ransomware Attack
  • Examining Spyware
  • Conducting Vulnerability Scanning Using Nessus
  • Capturing Packets Using Wireshark
  • Performing an MITM Attack
  • Cracking Passwords Using Cain and Abel
  • Using Rainbow Tables for Cracking Passwords
  • Configuring WPA/WPA2/WPA3 for Personal and Enterprise Use
  • Performing ARP Spoofing
  • Configuring a Wireless AP
  • Analyzing Malware Using VirusTotal
  • Performing a Phishing Attack Using a SET
  • Detecting Rootkits
  • Simulating a DDoS Attack
13

Information Security Controls

  • Configuring IPSec
  • Configuring a Windows Firewall
  • Implementing Physical Security
  • Performing Symmetric and Asymmetric Encryption
  • Observing an SHA-256-Generated Hash Value
  • Observing an MD5-Generated Hash Value
14

Network Security Design

  • Enabling an ACL
15

Implementing Network Security

  • Configuring a Router
  • Configuring AAA for Device Access Control
16

Access Control

  • Implementing MFA on Mobile Devices

Any questions?
Check out the FAQs

Still have unanswered questions and need to get in touch?

Contact Us Now

Related Courses

All Courses
We use cookies for improving site experience and analytics. Learn More