What you'll learn

You will learn techniques and methodologies used to successfully configure, execute, construct and troubleshoot network security in order to ensure the threat of viruses, worms, Trojans and improper configuration is minimized or negated. Upon completing this Security+ Boot Camp, you will have learned valuable knowledge and skills, including the ability to:

• Administer, configure, design and troubleshoot network security
• Minimize the threat of external attacks and viruses with successful countermeasures
• Implement general security services on various computer networks
• Harden networks and operating systems
• Execute essential security technologies — TCP/IP firewalls and VPN
• And much more!

Meets 8570.1 requirements

Attention DoD Information Assurance workers! This boot camp provides certification towards government security requirements. This includes the U.S. Department of Defense Directive 8570.1 mandate that department employees or contractors engaged in work related to information security be required to certify. The directive specifies CompTIA Security+ as a choice for Information Assurance Technician Level II and Information Assurance Manager I.

Authorized training partner

Infosec is an authorized training partner of CompTIA, and our training has won awards from CompTIA, including the CompTIA Outstanding Partner Award. Infosec instructors have years of industry experience and have authored two of the top network security and ethical hacking books.

Start learning immediately

• Immediate access to Infosec Skills — including a bonus boot camp prep course — from the minute you enroll to 90 days after your boot camp
• Five days of expert, live Security+ training
• 90-day extended access to all boot camp video replays and materials
• Unlimited Security+ practice exam attempts
• Security+ exam voucher
• Learn by doing with hundreds of additional hands-on courses and labs
• 100% Satisfaction Guarantee
• Exam Pass Guarantee (online students)

Security+ training schedule

Infosec’s Security+ training is more than just a boot camp. We support you before, during and after your live training to ensure you’re fully prepared for your exam — and get certified on your first attempt.

1. Before your Bootcamp

Start learning now. You’ll get immediate access to all the content in Infosec Skills, including an in-depth Security+ prep course, the moment you enroll. Prepare for your live boot camp, uncover your knowledge gaps and maximize your training experience.

2. During Bootcamp

• Day 1

  1.1 Indicators of compromise

  • Why is security important?
  • Security policy
  • Threat actor types
  • The kill chain
  • Social engineering
  • Phishing
  • Malware types
  • Trojans and spyware
  • Open source intelligence

  1.2 Critical security controls

  • Security control types
  • Defense in depth
  • Frameworks and compliance
  • Vulnerability scanning and pentests
  • Security assessment techniques
  • Pentesting concepts
  • Vulnerability scanning concepts
  • Exploitation frameworks

  1.3 Security posture assessment tools

  • Topology discovery
  • Service discovery
  • Packet capture
  • Packet capture tools
  • Remote access Trojans
  • Honeypots and honeynets

  1.4 Incident response

  • Incident response procedures
  • Preparation phase
  • Identification phase
  • Containment phase
  • Eradication and recovery phases

  Day 2

  2.1 Cryptography

  • Uses of cryptography
  • Cryptographic terminology and ciphers
  • Cryptographic products
  • Hashing algorithms
  • Symmetric algorithms
  • Asymmetric algorithms
  • Diffie-Hellman and elliptic curve
  • Transport encryption
  • Cryptographic attacks

  2.2 Public key infrastructure

  • PKI standards
  • Digital certificates
  • Certificate authorities
  • Types of certificate
  • Implementing PKI
  • Storing and distributing keys
  • Key status and revocation
  • PKI trust models
  • PGP/GPG

  2.3 Identification and authentication

  • Access Control systems
  • Identification
  • Authentication
  • LAN manager/NTLM
  • Kerberos
  • PAP, CHAP and MS-CHAP
  • Password attacks
  • Token-based authentication
  • Biometric authentication
  • Common access card

  2.4 Identity and access services

  • Authorization
  • Directory services
  • Radius and TACACS+
  • Federation and trusts
  • Federated identity protocols

  2.5 Account management

  • Formal access control models
  • Account types
  • Windows active directory
  • Creating and managing accounts
  • Account policy enforcement
  • Credential management policies
  • Account restrictions
  • Accounting and auditing

  Day 3

  3.1 Secure network design

  • Network zones and segments
  • Subnetting
  • Switching infrastructure
  • Switching attacks and hardening
  • Endpoint security
  • Network access control
  • Routing infrastructure
  • Network address translation
  • Software defined networking

  3.2 Firewalls and load balancers

  • Basic firewalls
  • Stateful firewalls
  • Implementing a firewall or gateway
  • Web application firewalls
  • Proxies and gateways
  • Denial-of-service attacks
  • Load balancers

  3.3 IDS and SIEM

  • Intrusion detection systems
  • Configuring IDS
  • Log review and SIEM
  • Data loss prevention
  • Malware and intrusion response

  3.4 Secure wireless access

  • Wireless LANs
  • WEP and WPA
  • Wi-Fi authentication
  • Extensible authentication protocol
  • Additional Wi-Fi security settings
  • Wi-Fi site security
  • Personal area networks

  3.5 Physical security controls

  • Site layout and access
  • Gateways and locks
  • Alarm systems
  • Surveillance
  • Hardware security
  • Environmental controls

  4.1 Secure protocols and services

  • DHCP security
  • DNS security
  • Network management protocols
  • Http and web servers
  • SSL / TLS and HTTPS
  • Web security gateways
  • Email services
  • S/mime
  • File transfer
  • Voice and video services
  • Voice over IP (VOIP)

  4.2 Secure remote access

  • Remote access architecture
  • Virtual private networks
  • IPSEC and IKE
  • Remote access servers
  • Remote administration tools
  • Hardening remote access infrastructure

  4.3 Secure systems design

  • Trusted computing
  • Hardware / firmware security
  • Peripheral device security
  • Secure configurations
  • OS hardening
  • Patch management
  • Embedded systems
  • Security for embedded systems

  4.4 Secure mobile device services

  • Mobile device deployments
  • Mobile connection methods
  • Mobile access control systems
  • Enforcement and monitoring

  4.5 Secure virtualization and cloud services

  • Virtualization technologies
  • Virtualization security best practices
  • Cloud computing
  • Cloud security best practices

  5.1 Forensics

  • Forensic procedures
  • Collecting evidence
  • Capturing system images
  • Handling and analyzing evidence

  5.2 Disaster recovery and resiliency

  • Continuity of operations planning
  • Disaster recovery planning
  • Resiliency strategies
  • Recovery sites
  • Backup plans and policies
  • Resiliency and automation strategies

  5.3 Risk management

  • Business impact analysis
  • Identification of critical systems
  • Risk assessment
  • Risk mitigation

  5.4 Secure application development

  • Application vulnerabilities
  • Application exploits
  • Web browser exploits
  • Secure application design
  • Secure coding concepts
  • Auditing applications
  • Secure DevOps

  5.5 Organizational security

  • Corporate security policy
  • Personnel management policies
  • Interoperability agreements
  • Data roles
  • Data sensitivity labeling and handling
  • Data wiping and disposal
  • Privacy and employee conduct policies
  • Security policy training

  Day 5

  • SY0-501 overview
  • Infosec’s Security+ exam cram
  • Take the SY0-501 exam

3. After Your BootCamp

Your Infosec Skills access extends 90 days past your boot camp, so you can take additional time to prepare for your Security+ exam, get a head start on your next certification goal or start earning CPEs.