Comptia Security+, Security, Technology

Comptia Security+ (SY0-501) Study Notes

I am working my way through the online course “Cert Prep: CompTIA Security+” by Michael Chapple. This is available on Lynda and LinkedIn Learning. These are my study notes- Section 1 – Threats, Attacks and Vulnerabilities 1.1 Malware 1.2 Understanding Attackers 1.3 Understanding Attack Types 1.4 Application Attacks 1.5 Vulnerability Scanning and Penetration Testing 1.6 Impact of Vulnerabilities   Section…

Continue Reading
Comptia Security+, Security, Technology

Security+ Course – 3.3 Security Network Design

1. Security Zones Standard Network Zones A network can be split up into different security zones. typically a boarder firewall will have 3 interfaces connecting to these different zones: Connection to the internet Connection to the internal network Connection to the DMZ (Demilitiarised Zone).  This contains the public facing services (email servers, web servers). IF these get compromised the firewall…

Continue Reading
Comptia Security+, Security, Technology

Security+ Course – 3.2 User Training

1. Security Education There are 2 important components of security training programs. Security training: this provides users with the knowledge they need to protect the organisations security Security Awareness:  Keeps the lessons learned at the front of the users mind. EG: posters, email reminders etc… Security Training Methods instruction in onsite classes as part of new staff induction or orientation…

Continue Reading
Comptia Security+, Security, Technology

Security+ Course – 3.1 Security Design

1. Legislative and Regulatory Compliance Compliance Obligations There are 4 main types: Criminal law: deter and punish acts detrimental to society (murder, theft, hacking etc…). This can result in jail time Civil law: designed to resolve disputes between civilians, organisations etc… This cannot result in jail time Administrative law:  Facilitate effective government by allowing agencies to carry out their duties.…

Continue Reading