CCNA Security v1.

0 Mapping to CompTIA Security+ Objectives

Last updated August 11, 2009
CompTIA Security+ Objectives 1.0 1.1 1.2 1.3 Systems Security Differentiate among various systems security threats. Explain the security risks pertaining to system hardware and peripherals. Implement OS hardening practices and procedures to achieve workstation and server security. Carry out the appropriate procedures to establish application security. Implement security applications. Explain the purpose and application of virtualization technology. Network Infrastructure Differentiate between the different ports & protocols, their respective threats 6.1, 6.2, 6.3 and mitigation techniques. Distinguish between network design elements and components. 6.1, 6.2, 6.3, 6.4, 9.2 1.2, 5.1.2, 6.1 1.1, 1.2, 1.3 CCNA Security Content Areas

1.4 1.5 1.6 2.0 2.1

2.2 2.3

Determine the appropriate use of network security tools to facilitate network Ch 3, 4, 5, 6 security. Apply the appropriate network tools to facilitate network security. Explain the vulnerabilities and mitigations associated with network devices. Explain the vulnerabilities and mitigations associated with various transmission media. Explain the vulnerabilities and implement mitigations associated with wireless networking. Access Control Identify and apply industry best practices for access control methods. Explain common access control models and the differences between each. Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges. Apply appropriate security controls to file and print resources. Compare and implement logical access control methods. Summarize the various authentication models and identify the components of each. Deploy various authentication models and identify the components of each. Explain the difference between identification and authentication (identity proofing). Explain and apply physical access security methods. 2.1.1.3 3.1 6.4 Ch 3, 4, 5, 6 2.1, 2.4, 6.2

2.4 2.5 2.6

2.7

3.0 3.1 3.2 3.3

3.4 3.5 3.6

3.7 3.8

3.1, Ch 7, 8

3.9

2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.

Page 1 of 2

4.0 4.1 4.2 4.3

Assessments & Audits Conduct risk assessments and implement risk mitigation. Carry out vulnerability assessments using common tools. Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning. Use monitoring tools on systems and networks and detect security-related anomalies. Compare and contrast various types of monitoring methodologies. Execute proper logging procedures and evaluate the results. Conduct periodic audits of system security settings. Cryptography Explain general cryptography concepts. Explain basic hashing concepts and map various algorithms to appropriate applications. Explain basic encryption concepts and map various algorithms to appropriate applications. Explain and implement protocols. Explain core concepts of public key cryptography. Implement PKI and certificate management. Organizational Security Explain redundancy planning and its components. Implement disaster recovery procedures. Differentiate between and execute appropriate incident response procedures. Identify and explain applicable legislation and organizational policies. Explain the importance of environmental controls. Explain the concept of and how to reduce the risks of social engineering. 9.7.1, 9.7.2, 9.7.3, 9.7.4 9.5.2 9.5 Ch 7, 8 Ch 7, 8 9.1.2, 9.1.3, 9.4.1, 9.6.2 9.4.1 9.4.1

4.4

2.3, Ch 5

4.5 4.6 4.7 5.0 5.1 5.2

2.3, Ch 5 2.3 2.4

5.3

Ch 7, 8

5.4 5.5 5.6 6.0 6.1 6.2 6.3

Ch 7, 8 Ch 7, 8 Ch 7, 8

6.4 6.5 6.6

2009 Cisco Systems, Inc. All rights reserved. Cisco, the Cisco logo, Cisco Systems, CCNA, and Networking Academy are registered trademarks or trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0904R) 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 2 of 2