×
Send Message Request Information

Certified Information Systems Security Professional Certificate Program with Externship


Program includes National Certification & an Externship Opportunity


The IT Cyber Security Professional with CompTIA Security+

Computer Technology Industry Association (CompTIA) Security+ training designates knowledgeable professionals in the field of IT security. As an international, vendor-neutral credential, CompTIA Security+ certification ensures successful students gain competency in network security, compliance and operational security, common/possible threats and vulnerabilities, application, data and host security, access control and identity management as well as cryptography. Earning CompTIA Security+ Certification signifies to employers that candidates will apply their knowledge of security concepts, tools and procedures to prevent security breaches, react accordingly to any security incidents and anticipate further security risks in order to effectively guard against them. 

The IT Cyber Security Professional with CompTIA Security+ Program 

The CompTIA Security+ course provides students with the basic knowledge and skills necessary to become an IT security professional.This course is designed to fully prepare students to sit for and pass the CompTIA Security+ certification exam. Students will gain the knowledge and skills necessary to identify risk and participate in risk mitigation activities as well as provide infrastructure, application, operational and information security. They will also acquire the knowledge necessary to apply security controls to maintain confidentiality, integrity and availability, as well a show to identify appropriate technologies and products. Finally, students will gain an awareness of applicable policies, laws and regulations with regard to IT security.

Program Objectives

At the conclusion of this program, students will be able to :

  • Describe common risks, vulnerabilities and controls
  • Explain the triple constraint of information security
  • Analyze and differentiate between types of malware and attacks
  • Identify risks for common system hardware and peripherals
  • Describe principles of software, data and host security
  • Implement OS hardening procedures
  • Identify common types of programming attacks
  • Implement secure browsing practices
  • Describe security vulnerabilities unique to virtualized environments
  • Explain the purpose and vulnerabilities of common network devices
  • Identify and secure common ports and protocols
  • Describe security concerns unique to cloud computing environments
  • Identify IDS and IPS solutions for host and network defense
  • Describe differences in Access Control identification, authentication and authorization
  • Identify various methods for access authentication
  • Implement logical access control methods
  • Distinguish between discretionary, mandatory, rule- and role-based access control
  • Identify various types of risk management strategies
  • Distinguish between management, technical and operational controls
  • Calculate risk using subjective and objective measures
  • Implement compliance audits for common security controls
  • Explain the difference between penetration testing and vulnerability scanning
  • Distinguish between symmetric and asymmetric forms of encryption
  • Explain the use of public-key/private-key pairs to encrypt and decrypt a secure message
  • Identify common security protocols (SSH, SSL, IPSec)
  • Explain basic hashing concepts
  • Distinguish between types of tickets, keys and certificate authorities in a PKI
  • Distinguish between business continuity and disaster recovery objectives & timeframes
  • Implement common backup rotation cycles
  • Identify various types of redundant hardware and backup sites
  • Recognize various types of environmental control solutions
  • Identify RAID configurations for common availability and redundancy requirements
  • Analyze and distinguish between forms of social engineering
  • Describe the principles of operational security
  • Identify common personnel security policies
  • Describe data reminisce and secure disposal practices
  • Explain common CIRT roles and responsibilities
  • Use Microsoft Office

INTRODUCTION TO COMPUTER SECURITY

  • Explain the triple constraint of information security
  • Describe common risks, vulnerabilities, and controls
  • Differentiate between types of malware and attacks
  • Identify risks for common system hardware and peripherals
  • Explain common botnet uses for profit and attack

SOFTWARE SECURITY

  • Implement OS hardening procedures
  • Identify common types of programming attacks
  • Describe principles of software, data, and host security
  • Describe security vulnerabilities unique to virtualized environments
  • Implement secure browsing practices

NETWORK SECURITY

  • Explain the purpose and vulnerabilities of common network devices
  • Describe security concerns unique to cloud computing environments
  • Identify common ports and protocols
  • Identify IDS and IPS solutions for host and network defense
  • Describe vulnerabilities present in mobile and wireless data transport

ACCESS CONTROL

  • Describe the differences between identification, authentication, and authorization in access control
  • Identify various methods for access authentication
  • Implement logical access control methods
  • Distinguish between discretionary, mandatory, rule-based, and role-based access control implementations

AUDITING, VULNERABILITY, AND RISK ASSESSMENT

  • Identify various types of risk management strategies
  • Distinguish between management, technical, and operational controls
  • Explain the difference between penetration testing and vulnerability scanning
  • Calculate risk using subjective and objective measures
  • Implement compliance audits for common security controls
  • Explain the role of vulnerability management in discovering and mitigating security threats

ENCRYPTION AND PKI

  • Distinguish between symmetric and asymmetric forms of encryption
  • Explain the use of public and private key pairs to encrypt and decrypt a secure message
  • Identify common security protocols
  • Explain basic hashing concepts
  • Distinguish between types of tickets, keys, and certificate authorities in a PKI

DISASTER RECOVERY AND BUSINESS CONTINUITY

  • Distinguish between business continuity and disaster recovery objectives / timeframes
  • Implement common backup rotation cycles
  • Identify common security protocols
  • Identify various types of redundant hardware and backup sites
  • Recognize various types of environmental control solutions
  • Identify RAID configurations for common availability and redundancy requirements

ORGANIZATIONAL POLICIES AND PROCEDURES

  • Distinguish between forms of social engineering
  • Describe the principles of operational security
  • Identify common personnel security policies
  • Describe data remanence and secure disposal practices
  • Explain common CIRT roles and responsibilities

Note: This program can be completed in 6 months. However, students will have online access to this program for a 24-month period.

Education and National Certifications

  • Students should have or be pursuing a high school diploma or GED.
  • There is National Certification exams that are available to students who successfully complete this program:
    • Certified Information Systems Security Professional (CISSP)
    • IMPORTANT: In addition to this training program, earning certification requires the following:
      • 5 years of security work experience: You must be able to show proof of five paid full-time years of work experience in at least two of the eight CISSP CBK (Common Body of Knowledge) domains, which are Security and Risk Management, Asset Security, Security Engineering, Communications and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, and Software Development Security.
      • Get endorsed to become a CISSP: Once you complete the CISSP exam, you'll have to subscribe to the (ISC)2 Code of Ethics and complete an endorsement form to become a CISSP. The endorsement form must be signed by another (ISC)2 certified professional who verifies your professional work experience. You must submit the completed form within nine months of passing your exam to become fully certified, because passing the exam doesn't automatically grant you certification status.

National Certification

Upon successful completion of this Auburn University program, students would be eligible to sit for the Certified Information Systems Security Professional (CISSP)exam. Students who complete this program are encouraged to complete the externship option with their program. Students who complete this program can and do sit for the national certification exam and are qualified, eligible and prepared to do so.Auburn University works with each student to complete the exam application and register the student to take their national certification exam.

Externship / Hands on Training / Practicum 

Although not a requirement, once students complete the program, they have the ability to participate in an externship and/or hands on practicum so as to practice the skills necessary to perform the job requirements of a professional in this field. Students will be assisted with completing a resume and/or other requirements necessary to work in this field.  All students who complete this program are eligible to participate in an externship and will be placed with a participating organization near their location.  Auburn University works with national organizations and has the ability to place students in externship opportunities nationwide.

Note: No refunds can be issued after the start date published in your Financial Award document.