建议应试者应具有两年网络（侧重于网络安全）工作经验； 建议持有 CompTIA Network+ 认证，但并非必须的
CompTIA Security+ 认证是对通信安全、基础设施安全、密码系统操作安全以及通用安全概念等方面的知识进行考核。它是一种厂商中立的国际认证，在全球各大...
具有 9 个月的网络支持或者管理的经验，或者具有足够的 CompTIA A+ 认证课堂培训。
对具有娴熟网络支持专业技术的技术人员的需求不断增长，CompTIA...
目前英文的CompTIA Sever+的考试费用是：232美金.
答: 给女朋友睡前讲的笑话，都已经讲完了，可是怀孕了的女朋友就是想要听，有什么其他笑话吗？
答: 有情趣,有品味,懂生活,会生活.
答: 新版爱问知识人幽默与滑稽栏目组，联系人：鹿编学长。
大家还关注
确定举报此问题
举报原因(必选)：
广告或垃圾信息
激进时政或意识形态话题
不雅词句或人身攻击
侵犯他人隐私
其它违法和不良信息
报告，这不是个问题
报告原因(必选)：
这不是个问题
这个问题分类似乎错了
这个不是我熟悉的地区(朵朵妹妹)
(BeTTeR-T)
(小鸡飞翔)
第三方登录：這個頁面上的內容需要較新版本的 Adobe Flash Player。
想定期知道最新課程及優惠嗎？免費訂閱本中心的課程通訊！
CompTIA Security+ 國際認可證書課程
* 各政府部門可使用 P Card 付款&&
免費試睇：
首 3 小時，請致電與本中心職員預約。
免費重睇：
學員可於享用時期內於報讀地點不限次數地重看課堂錄影，從而可反覆重溫整個課程！
導師解答：
學員可於觀看某一課堂錄影後提出課堂直接相關的問題，課程導師會樂意為學員以單對單的形式解答！
享用時期：
8 星期 (可於報讀日至 4 星期內觀看整個課程，另加 4 星期備用時期)。進度由您控制，可快可慢。
課堂錄影導師：
課堂錄影隨時睇：
CompTIA (The Computing Technology Industry Association) 於 1982 年成立，擁有超過 2,000 個國際級機構成員，3,000 個學術和合作夥伴，覆蓋了整個信息通信技術 (ICT) 行業，故 CompTIA 已經成為技術生態系統的主要領導者之一。
CompTIA Security+ 認證是一套中立的 (Vendor Neutral) 國際認證系統，它能確認您於 I.T. Security 的認識與各項資訊科技安全的技能，包括：
各種網絡 (Network)
(Endpoint) 安全系統
各種密碼演算法
(Cryptography) 的應用
身份 (Identification) 及生物 (Biometrics)
安全危機的辨識 (Security
Risk Identification) 與化解
(Mitigation) 方法
網絡存取控制系統 (Network
Access Control System) 的應用
安全結構設備 (Security
Infrastructure Devices)
CompTIA Security+ 認證？
因其中立的特性，通常成為資訊科技安全領域人士首先考取的認證。
全球 25 萬人持有。
根據美國勞工統計局 (Bureau of Labor Statistics) 及知名人力資源網站
的統計資料顯示，擁有 CompTIA Security+ 認證的資訊安全分析專家 (Information Security Analyst) 的年薪介乎於 US$49,000 與 US$97,000 之間。另外，具備資訊科技安全技能的 Network / System Administrator 的年薪介乎於 US$39,000 與 US$83,000 之間。
領先而中立的認證，會經常被全球各地的國際級機構認可並被設定為必要的入職條件。例如 Apple, Dell, HP, IBM, Intel 等機構的資訊安全相關職位 (例如 Information Security Officer) 均要求入職者持有 CompTIA Security+ 認證。
為進修 Cisco CCNP Security, Juniper JNCIS-SEC, Check Point CCSE, CISA, CISSP 等等更高級的專業認證作基礎而必要的準備。
CompTIA 已公佈考生必須通過以下 1 個 CompTIA Security+ 相關科目的考試，便可獲發 CompTIA Security+ 國際認可證書：
本中心為 CompTIA 指定的考試試場。報考時請致電本中心，登記欲報考之科目、考試日期及時間 (最快可即日報考)。臨考試前考生須出示身份證及繳付考試費。
考試編號 SY0-401 考試費為 HK$2,560。
考試題目由澳洲考試中心傳送到你要應考的電腦，考試時以電腦作答。所有考試題目均為英文，而大多數的考試題目為選擇題。作答完成後會立即出現你的分數，結果即考即知！考試不合格便可重新報考，不限次數。欲知道作答時間、題目總數、合格分數等詳細考試資料，可瀏覽本中心網頁 &&。
SY0-401 CompTIA Security+ (24 Hours)
1. Risk Measurement and Weighing
1.1 Risk Assessment
1.2 Computing Risk Assessment and Risk Calculations
1.3 Quantitative vs. Qualitative Risk Assessment
1.4 Risk – related Terminology
1.5 Acting on Your Risk Assessment
1.6 A Case Study of Acting and Reacting to Risks
1.7 Cloud Computing Risks
1.8 Virtualization Risks
1.9 Developing Policies, Standards, and Guidelines
1.10 Implementing Policies
1.11 Incorporating Standards
1.12 Following Guidelines
1.13 Business Policies to Implement
1.14 Separation of Duties Policies
1.15 Privacy Policies
1.16 Acceptable Use Policies
1.17 Job Rotation
1.18 Least Privilege
1.19 Succession Planning
1.20 Control Types and False Positives/Negatives
1.21 Business Impact Analysis (BIA)
1.22 Identifying Critical Systems and Components
1.23 Formulating Business Continuity Plans
1.24 High Availability (HA)
1.25 Redundancy
1.26 Fault Tolerance (FT)
1.27 Redundant Array of Independent Disks
1.28 Disaster Recovery
1.29 Disaster Recovery Planning
2. Monitoring and Diagnosing Networks
2.1 Network Monitors
2.2 Monitoring System Log files
2.3 Understanding Hardening
2.4 Working with Services
2.5 Protecting Management Interfaces and Applications
2.6 Software
2.7 Patches
2.8 Account Control
2.9 File System choices
2.10 Securing the Network
2.11 Security Posture
2.12 Continuous Security Monitoring
2.13 Security Audits
2.14 Setting a Remediation Policy
2.15 Reporting Security Issues
2.16 Differentiating between Detection Controls and Prevention Controls
3. Security Devices and Infrastructure
3.1 TCP/IP Protocol Suite
3.2 OSI Relevance
3.3 Working with the TCP/IP Suite
3.4 The Application Layer
3.5 The Host-to-Host or Transport Layer
3.6 The Internet Layer
3.7 The Network Access Layer
3.8 IPv4 and IPv6
3.9 Concept of Encapsulation
3.10 Working with Protocols and Services
3.11 Well Known TCP and UDP Ports
3.12 TCP Three-Way Handshake
3.13 Application Programming Interface
3.14 Other Protocols to Know
3.15 Designing a Secure Network
3.16 Understanding the Various Network Infrastructure Devices
3.17 Firewalls
3.18 Concepts of Intrusion Detection Systems
3.19 IDS vs. IPS
3.20 Working with a Network-Based IDS
3.21 Implementing a Passive Response
3.22 Implementing an Active Response
3.23 Working with a Host-Based IDS
3.24 Working with NIPSs
3.25 Protocol Analyzers
3.26 Spam Filters
3.27 UTM Security Appliances
3.28 URL Filters
3.29 Content Inspection
3.30 Malware Inspection
3.31 Web Application Firewall vs. Network Firewall
3.32 Application-Aware Devices
4. Access Control, Authentication, and Authorization
4.1 Understanding Access Control Basics
4.2 Single Factor Authentication and Authorization
4.3 Multifactor Authentication
4.4 Layered Security and Defense in Depth
4.5 Network Access Control (Network Admission Control)
4.6 Tokens
4.7 Federations
4.8 Transitive Access Problem
4.9 Authentication Issues to Consider
4.10 Multifactor Authentication and Real World Security scenario
4.11 Authentication Protocols
4.12 Account and Password Policies in an Enterprise
4.13 Remote Authentication Dial-In User Service (RADIUS) Protocol
4.14 TACACS/TACACS+/XTACACS
4.15 VLAN Management
4.16 Understanding Authentication Services
4.17 Understanding Access Control
4.18 Mandatory Access Control
4.19 Discretionary Access Control
4.20 Role-Based Access Control
4.21 Rule-Based Access Control
4.22 Access Control Best Practice
4.23 Separation of Duties
4.24 Time of Day Access Control
4.25 User Access Review
4.26 Access Control by using Smartcards
4.27 Access Control Lists
4.28 Switch Port Security
4.29 Working with 802.1X
4.30 Flood Guards and Loop Protection
4.31 Preventing Network Bridging
4.32 Log Analysis
4.33 Trusted Operating System
4.34 Secure Router Configuration
5. Wireless Network Security
5.1 Working with Wireless Systems
5.2 IEEE 802.11- Wireless Protocols
5.3 WEP/WAP/WPA/WPA2
5.4 Concepts of Wireless Devices
5.5 Wireless Access Points
5.6 MAC Filtering on Wireless Networks
5.7 Captive Portals
5.8 Extensible Authentication Protocol
5.9 Wireless Network Vulnerabilities
5.10 Wireless Site Survey and War Driving
5.11 Wireless Attack Analogy
6. Secure Cloud Computing
6.1 Working with Cloud Computing
6.2 Introduction to Software-as-a-Service (SaaS)
6.3 Introduction to Platform-as-a-Service (PaaS)
6.4 Introduction to Infrastructure-as-a-Service (IaaS)
6.5 Distinction between Public Cloud and Private Cloud
6.6 More about Community Cloud and Hybrid Cloud
6.7 A Brief look on Virtualization
6.8 Snapshots
6.9 Patch Compatibility
6.10 Host Availability/Elasticity
6.11 Security Control Testing
6.12 Sandboxing
6.13 Security and Cloud Computing
6.14 Cloud Storage
7. Host, Data, and Application Security
7.1 Introduction to Application Hardening
7.2 Database the relevant technologies
7.3 Not only SQL (NoSQL)
7.4 Big Data
7.5 Storage Area Network (SAN)
7.6 Application Fuzzing
7.7 Secure Coding
7.8 Open Web Application Security Project (OWASP)
7.9 CERT Secure Coding Standards
7.10 Application Configuration Baselining
7.11 Operating System Patch Management
7.12 Application Patch Management
7.13 Host Security
7.14 Host Software Baselining
7.15 Hardening Web Servers
7.16 Hardening Email Servers
7.17 Hardening FTP Servers
7.18 Hardening DNS Servers
7.19 Hardening DHCP Services
7.20 Protecting Data Through Fault Tolerance
7.22 Clustering and Load Balancing
7.23 Application Security
7.24 Best Practices for Security
7.25 Hardware-Based Encryption Devices
8. Cryptography
8.1 Introduction to Cryptography
8.2 Historical Cryptography
8.3 Modern Cryptography
8.4 Symmetric Algorithms
8.5 Asymmetric Algorithms
8.6 Hashing Algorithms
8.7 Rainbow Tables and Salt
8.8 Key Stretching
8.9 Cryptanalysis Methods
8.10 Wi-Fi Encryption
8.11 Utilizing Cryptographic Systems
8.12 Confidentiality and Encryption Strength
8.13 Integrity
8.14 Digital Signatures
8.15 Authentication
8.16 Nonrepudiation
8.17 Features of a Certification Authority
8.18 Concepts of Cryptography Standards and Protocols
8.19 Public-Key Infrastructure X.509/Public-Key Cryptography Standards
8.20 X.509
8.21 SSL and TLS
8.22 Certificate Management Protocols
8.23 Secure Multipurpose Internet Mail Extensions
8.24 Secure Electronic Transaction (SET)
8.25 Secure Shell
8.26 Pretty Good Privacy
8.27 HTTPS and SHTTP
8.28 Internet Protocol Security (IPsec)
8.29 Using Public Key Infrastructure
8.30 Using a Certification Authority
8.31 Registration Authority
8.32 Implementing Certificates
8.33 Certificate Policies
8.34 Certificate Practice Statements
8.35 Certificate Revocation Process
8.36 Concepts of Trust Models
9. Vulnerabilities and Threats
9.1 About Malware
9.2 Surviving Viruses
9.3 Symptoms of a Virus Infection
9.4 How Viruses Work
9.5 Virus Types
9.6 Managing Spam to Avoid Viruses
9.7 Antivirus Software
9.8 Attack Types
9.9 Identifying Denial-of-Service and Distributed Denial-of-Service Attacks
9.10 Attack Tools
9.11 Spoofing Attacks
9.12 Pharming Attacks
9.13 Phishing, Spear Phishing, and Vishing
9.14 Xmas Attack
9.15 Man-in-the-Middle Attacks
9.16 Replay Attacks
9.17 Smurf Attacks
9.18 Password Attacks
9.19 Privilege Escalation
9.20 Malicious Insider Threats
9.21 Transitive Access
9.22 Client-Side Attacks
9.23 Typo Squatting
9.24 Watering Hole Attack
9.25 Identifying Types of Application Attacks
9.26 Cross-Site Scripting and Forgery
9.27 SQL Injection
9.28 LDAP Injection
9.29 XML Injection
9.30 Directory Traversal and Command Injection
9.31 Buffer Overflow
9.32 Integer Overflow
9.33 Zero-Day Exploits
9.34 Cookies and Attachments
9.35 Locally Shared Objects and Flash Cookies
9.36 Tracking Cookie
9.37 Malicious Browser Add-Ons
9.38 Session Hijacking
9.39 Header Manipulation
9.40 Arbitrary Code and Remote Code Execution
9.41 Interpreting Assessment Results
9.42 Working with Vulnerability Scanners
9.43 Working with a Port Scanner
9.44 Banner Grabbing
10. Physical Security and Environmental Control
10.1 Introduction to Social Engineering
10.2 Types of Social Engineering Attacks
10.3 Concepts of Physical Security
10.4 Hardware Locks and Security
10.5 Mantraps
10.6 Video Surveillance
10.7 Understanding Environmental Controls
& 法律課程
& 英文課程
?&IPA 拼音： ?
& 普通話課程
& 西班牙語文課程
& 中醫課程
& 攝影課程
& 風水命理課程
這個頁面上的內容需要較新版本的 Adobe Flash Player。