Security Fundamentals (MTA 98-367)

Description

Duration: 3 days

About this course

Security Fundamentals (MTA 98-367) address a wide spectrum of fundamental technical concepts, assess and validate core technical knowledge, and enhance technical credibility.

Audience Profile

Security Fundamentals (MTA 98-367) validates that a candidate has fundamental security knowledge and skills.

Learning Objectives

  • Understand security layers
  • Understand operating system security
  • Understand network security
  • Understand security software

Certification Exam

This Bootcamp is to be taken in preparation for the Security Fundamentals (MTA 98-367) Exam.

Prerequisites

Candidates are expected to have some hands-on experience with Windows Server, Windows-based networking, Active Directory, anti-malware products, firewalls, network topologies and devices, and network ports.

What’s included?

  • Authorized Courseware
  • Intensive Hands on Skills Development with an Experienced Subject Matter Expert
  • Hands-on practice on real Servers and extended lab support 1.800.482.3172
  • Examination Vouchers & Onsite Certification Testing- (excluding Adobe and PMP Boot Camps)
  • Academy Code of Honor: Test Pass Guarantee
  • Optional: Package for Hotel Accommodations, Lunch and Transportation

With several convenient training delivery methods offered, The Academy makes getting the training you need easy. Whether you prefer to learn in a classroom or an online live learning virtual environment, training videos hosted online, and private group classes hosted at your site. We offer expert instruction to individuals, government agencies, non-profits, and corporations. Our live classes, on-sites, and online training videos all feature certified instructors who teach a detailed curriculum and share their expertise and insights with trainees. No matter how you prefer to receive the training, you can count on The Academy for an engaging and effective learning experience.

Methods

  • Instructor Led (the best training format we offer)
  • Live Online Classroom – Online Instructor Led
  • Self-Paced Video

Speak to an Admissions Representative for complete details

StartFinishPublic PricePublic EnrollPrivate PricePrivate Enroll
11/29/202112/01/2021
12/20/202112/22/2021
01/10/202201/12/2022
01/31/202202/02/2022
02/21/202202/23/2022
03/14/202203/16/2022
04/04/202204/06/2022
04/25/202204/27/2022
05/16/202205/18/2022
06/06/202206/08/2022
06/27/202206/29/2022
07/18/202207/20/2022
08/08/202208/10/2022
08/29/202208/31/2021
09/19/202209/21/2022
10/10/202210/12/2022
10/31/202211/02/2022
11/21/202211/23/2022
12/12/202212/14/2022

Curriculum

1. Understand security layers

1.1. Understand core security principles

Confidentiality; integrity; availability; how threat and risk impact principles; principle of least privilege; social engineering; attack surface analysis; threat modelling

1.2. Understand physical security

Site security; computer security; removable devices and drives; access control; mobile device security; keyloggers

1.3. Understand Internet security

Browser security settings; secure websites

1.4. Understand wireless security

Advantages and disadvantages of specific security types; keys; service set identifiers (SSIDs); MAC filters

2. Understand operating system security

2.1. Understand user authentication

Multifactor authentication; physical and virtual smart cards; Remote Authentication Dial-In User Service (RADIUS); biometrics; use Run As to perform administrative tasks

2.2. Understand permissions

File system permissions; share permissions; registry; Active Directory; enable or disable inheritance; behavior when moving or copying files within the same disk or on another disk; multiple groups with different permissions; basic permissions and advanced permissions; take ownership; delegation; inheritance

2.3. Understand password policies

Password complexity; account lockout; password length; password history; time between password changes; enforce by using Group Policies; common attack methods; password reset procedures; protect domain user account passwords

2.4. Understand audit policies

Types of auditing; what can be audited; enable auditing; what to audit for specific
purposes; where to save audit information; how to secure audit information

2.5. Understand encryption

Encrypting file system (EFS); how EFS-encrypted folders impact moving/copying files; BitLocker (To Go); TPM; software-based encryption; MAIL encryption and signing and other uses; virtual private network (VPN); public key/private key; encryption algorithms; certificate properties; certificate services; PKI/certificate services infrastructure; token devices; lock down devices to run only trusted applications

2.6. Understand malware

Buffer overflow; viruses, polymorphic viruses; worms; Trojan horses; spyware; ransomware; adware; rootkits; backdoors; zero day attacks

3. Understand network security

3.1. Understand dedicated firewalls

Types of hardware firewalls and their characteristics; when to use a hardware firewall instead of a software firewall; stateful vs. stateless firewall inspection; Security Compliance Manager; security baselines

3.2. Understand network isolation

Routing; honeypot; perimeter networks; network address translation (NAT); VPN; IPsec; server and domain isolation

3.3. Understand protocol security

Protocol spoofing; IPsec; tunnelling; DNSsec; network sniffing; denial-of-service (DoS) attacks; common attack methods

4. Understand security software

4.1. Understand client protection

Antivirus; protect against unwanted software installations; User Account Control (UAC); keep client operating system and software updated; encrypt offline folders; software restriction policies; principle of least privilege

4.2. Understand email protection

Antispam, antivirus, spoofing, phishing, and pharming; client vs. server protection; Sender Policy Framework (SPF) records; PTR records

4.3. Understand server protection

Separation of services; hardening; keep servers updated; secure dynamic Domain Name System (DNS) updates; disable unsecure authentication protocols; Read-Only Domain Controllers (RODC)