WIXLIB

Helpdesk Certification Training CourseHelpdesk Support Specialist (HSP)Course Number:Course Length:Number of Exams:Certifications:#MDTS-10510 days1Security PlusThe Helpdesk Specialist course is 100% hands-on training. This course prepares students with Helpdeskskillset that allows them to perform successfully on the job. The focus is to provide students with hands-ontraining.These courses assume you are familiar with using personal computers, mouse and keyboard (basic typingskills are recommended). You should be comfortable in the Windows environment and be able to useWindows to manage information on your computer. Specifically, you should be able to launch and closeprograms, navigate to information stored on the computer and manage files and folders.HELPDESK SUPPORT SPECIALISTMD Tech Solutions Helpdesk Support Specialist course is 100% hands-on training. In this course, the student learnshow to take calls, fix user’s systems issues, install and configure printers and more. This course will provide you withthe skillset to take on a career as a Helpdesk Support Specialist. to become a Helpdesk Specialist, you must firstobtain a Security IAT Level II certification or higher. During this training, we will offer CompTIA Security . TheSecurity Certification is a Worldwide Trusted Certification to validate Fundamental Skills and Knowledge of VendorNeutral IT Security. The Cert Training is an additional Week Per Course.Course OutlineAgendaCourse Overview Introductionso Instructoro StudentsCourse Overviewo Breakso RulesVideoo Phone Callso Helpdesk CallsLab (User Administration)Revert Computer back to NewResumesInterviewingCapture a Snapshot of laptop Run Microsoft UpdateUninstall Virus Protection

Install McAfeeo Schedule ScanInstall Printerso Troubleshoot Printer IssuesRename ComputerAdd Computer to DomainWorking as a Team (Project)ResumesInterviewingTCP/IP and Cabling Networkingo IP Addresso DHCPo DNSPort Securityo Initialo Clear ErrdisableActive Directoryo Create New Accounto Reset Password and Account Lockouto Enable and Disable User Accounto Move User to Disable Account Groupo Group PolicyCablingo Types of Cableso Wiring (Crossover, Straight Through )ResumesInterviewingReview Helpdesk Reporting Tools RemedyService NowTake Service CallDifficult CustomerResolve Computer IssueHow to get 5-star customer satisfaction ratingsResumesInterviewingHands On Lab Hands on Support Desk Calls and ResolutionsResumesInterviewing

Security Plus1.0 Network Security1.1 Implement security configuration parameters on network devices and other technologies. FirewallsRoutersSwitchesLoad BalancersProxiesWeb security gatewaysVPN concentratorsNIDS and NIPSProtocol analyzersSpam filterUTM security appliancesWeb application firewall vs. network firewall Applicationaware devices1.2 Given a scenario, use secure network administration principles. Rule-based managementFirewall rulesVLAN managementSecure router configurationAccess control listsPort Security802.1xFlood guardsLoop protectionImplicit denyNetwork separationLog analysisUnified Threat Management1.3 Explain network design elements and components. DMZSubnettingVLANNATRemote AccessTelephonyNACVirtualizationCloud ComputingLayered security / Defense in depth1.4 Given a scenario, implement common protocols and services. ProtocolsPorts

OSI relevance1.5 Given a scenario, troubleshoot security issues related to wireless networking. WPAWPA2WEPEAPPEAPLEAPMAC filterDisable SSID broadcastTKIPCCMPAntenna PlacementPower level controlsCaptive portalsAntenna typesSite surveysVPN (over open wireless)2.0 Compliance and Operational Security2.1 Explain the importance of risk related concepts. Control typesFalse positivesFalse negativesImportance of policies in reducing riskRisk calculationQuantitative vs. qualitativeVulnerabilitiesThreat vectorsProbability / threat likelihoodRisk-avoidance, transference, acceptance, mitigation, deterrenceRisks associated with Cloud Computing and VirtualizationRecovery time objective and recovery point objective2.2 Summarize the security implications of integrating systems and data with third parties. On-boarding/off-boarding business partnersSocial media networks and/or applicationsInteroperability agreementsPrivacy considerationsRisk awarenessUnauthorized data sharingData ownershipData backupsFollow security policy and proceduresReview agreement requirements to verify compliance and performance standards2.3 Given a scenario, implement appropriate risk mitigation strategies.

Change managementIncident managementUser rights and permissions reviewsPerform routine auditsEnforce policies and procedures to prevent data loss or theftEnforce technology controls2.4 Given a scenario, implement basic forensic procedures. Order of volatilityCapture system imageNetwork traffic and logsCapture videoRecord time offsetTake hashesScreenshotsWitnessesTrack man hours and expenseChain of custodyBig Data analysis2.5 Summarize common incident response procedures. PreparationIncident identificationEscalation and notificationMitigation stepsLessons learnedReportingRecovery/reconstitution proceduresFirst responderIncident isolationData breachDamage and loss control2.6 Explain the importance of security related awareness and training. Security policy training and proceduresRole-based trainingPersonally identifiable informationInformation classificationData labeling, handling and disposalCompliance with laws, best practices and standardsUser habitsNew threats and new security trends/alertsUse of social networking and P2PFollow up and gather training metrics to validate compliance and security posture2.7 Compare and contrast physical security and environmental controls. Environmental controlsPhysical securityControl types

2.8 Summarize risk management best practices. Business continuity conceptsFault toleranceDisaster recovery concepts2.9 Given a scenario, select the appropriate control to meet the goals of y3.0 Threats and Vulnerabilities3.1 Explain types of malware. AdwareVirusSpywareTrojanRootkitsBackdoorsLogic bombBotnetsRansomwarePolymorphic malwareArmored virus3.2 Summarize various types of attacks. Man-in-the-middleDDoSDoSReplaySmurf attackSpoofingSpamPhishingSpimVishingSpear phishingXmas attackPharmingPrivilege escalationMalicious insider threatDNS poisoning and ARP poisoningTransitive accessClient-side attacksPassword attacksTypo squatting/URL hijackingWatering hole attack

3.3 Summarize social engineering attacks and the associated effectiveness with each attack. Shoulder surfingDumpster rinciples (reasons for effectiveness)3.4 Explain types of wireless attacks. Rogue access pointsJamming/InterferenceEvil twinWar drivingBluejackingBluesnarfingWar chalkingIV attackPacket sniffingNear field communicationReplay attacksWEP/WPA attacksWPS attacks3.5 Explain types of application attacks. Cross-site scriptingSQL injectionLDAP injectionXML injectionDirectory traversal/command injectionBuffer overflowInteger overflowZero-dayCookies and attachmentsLSO (Locally Shared Objects)Flash CookiesMalicious add-onsSession hijackingHeader manipulationArbitrary code execution / remote code execution3.6 Analyze a scenario and select the appropriate type of mitigation and deterrent techniques. Monitoring system logsHardeningNetwork securitySecurity postureReportingDetection controls vs. prevention controls

3.7 Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities. Interpret results of security assessment toolsToolsRisk calculationsAssessment typesAssessment technique3.8 Explain the proper use of penetration testing versus vulnerability scanning. Penetration testingVulnerability scanningBlack boxWhite boxGray box4.0 Application, Data and Host Security4.1 Explain the importance of application security controls and techniques. FuzzingSecure coding conceptsCross-site scripting preventionCross-site Request Forgery (XSRF) preventionApplication configuration baseline (proper settings)Application hardeningApplication patch managementNoSQL databases vs. SQL databasesServer-side vs. Client-side validation4.2 Summarize mobile security concepts and technologies. Device securityApplication securityBYOD concerns4.3 Given a scenario, select the appropriate solution to establish host security. Operating system security and settingsOS hardeningAnti-malwarePatch managementWhite listing vs. black listing applicationsTrusted OSHost-based firewallsHost-based intrusion detectionHardware securityHost software baseliningVirtualization4.4 Implement the appropriate controls to ensure data security. Cloud storage

SAN Handling Big DataData encryptionHardware based encryption devicesData in-transit, Data at-rest, Data in-usePermissions/ACLData policies4.5 Compare and contrast alternative methods to mitigate security risks in static environments. EnvironmentsMethods5.0 Access Control and Identity Management5.1 Compare and contrast the function and purpose of authentication services. RADIUSTACACS KerberosLDAPXTACACSSAMLSecure LDAP5.2 Given a scenario, select the appropriate authentication, authorization or access control. Identification vs. authentication vs. tion factorsIdentificationFederationTransitive trust/authentication5.3 Install and configure security controls when performing account management, based on best practices. Mitigate issues associated with users with multiple account/roles and/or shared accountsAccount policy enforcementGroup based privilegesUser assigned privilegesUser access reviewsContinuous monitoring6.0 Cryptography6.1 Given a scenario, utilize general cryptography concepts. Symmetric vs. asymmetricSession keysIn-band vs. out-of-band key exchangeFundamental differences and encryption methods

Transport encryptionNon-repudiationHashingKey escrowSteganographyDigital signaturesUse of proven technologiesElliptic curve and quantum cryptographyEphemeral keyPerfect forward secrecy6.2 Given a scenario, use appropriate cryptographic methods. WEP vs. WPA/WPA2 and preshared ne-time PComparative strengths and performance of algorithmsUse of algorithms/protocols with transport encryptionCipher suitesKey stretching6.3 Given a scenario, use appropriate PKI, certificate management and associated components. Certificate authorities and digital certificatesPKIRecovery agentPublic keyPrivate keyRegistrationKey escrowTrust models

MD Tech Solutions Helpdesk Support Specialist course is 100% hands-on training. In this course, the student learns how to take calls, fix user's systems issues, install and configure printers and more. This course will provide you with the skillset to take on a career as a Helpdesk Support Specialist. to become a Helpdesk Specialist, you must .