Comptia Security+, Security, Technology

Comptia Security+ (SY0-501) Study Notes

I am working my way through the online course “Cert Prep: CompTIA Security+” by Michael Chapple. This is available on Lynda and LinkedIn Learning. These are my study notes- Section 1 – Threats, Attacks and Vulnerabilities 1.1 Malware 1.2 Understanding Attackers 1.3 Understanding Attack Types 1.4 Application Attacks 1.5 Vulnerability Scanning and Penetration Testing 1.6 Impact of Vulnerabilities   Section…

Continue Reading
Comptia Security+, Security, Technology

Security+ Course – 3.3 Security Network Design

1. Security Zones Standard Network Zones A network can be split up into different security zones. typically a boarder firewall will have 3 interfaces connecting to these different zones: Connection to the internet Connection to the internal network Connection to the DMZ (Demilitiarised Zone).  This contains the public facing services (email servers, web servers). IF these get compromised the firewall…

Continue Reading
Comptia Security+, Security, Technology

Security+ Course – 3.2 User Training

1. Security Education There are 2 important components of security training programs. Security training: this provides users with the knowledge they need to protect the organisations security Security Awareness:  Keeps the lessons learned at the front of the users mind. EG: posters, email reminders etc… Security Training Methods instruction in onsite classes as part of new staff induction or orientation…

Continue Reading
Comptia Security+, Security, Technology

Security+ Course – 3.1 Security Design

1. Legislative and Regulatory Compliance Compliance Obligations There are 4 main types: Criminal law: deter and punish acts detrimental to society (murder, theft, hacking etc…). This can result in jail time Civil law: designed to resolve disputes between civilians, organisations etc… This cannot result in jail time Administrative law:  Facilitate effective government by allowing agencies to carry out their duties.…

Continue Reading
Comptia Security+

Security+ Course – 2.11 Securing Protocols

2.11.1 TLS & SSL Digital certificates allow for the secure exchange of public keys over otherwise untrusted networks. Types of encryption Symmetric Encryption: The same key is used for encryption and decryption. The issue with this method is that the key must shared to with the sender and receiver. Asymmetric Encryption (Public key): The recipient generates two keys. The public…

Continue Reading
Comptia Security+

Security+ Course – 2.10 Mobile Device Security

2.10.1 Mobile Connection Methods Cellular Networks Available in most urban and suburban areas 1 single tower can cover distances of up to 20 miles Rated according to the generation of services WIFI Networks These cover shorter distances with greater bandwidth. Satellite Communications This works almost anywhere but is expensive and slow. Near File Communications (NFC) This covers distances measures in…

Continue Reading
Comptia Security+

Security+ Course – 2.9 Host Security

2.9.1 – Operating System Security Security Settings There are many OS security settings. You should establish a baseline for OS security settings that are used in your environment. One of these might be removing users from the local administrators group. This can be done using Group Policy. Patch Management Applying patches is critical to avoid known vulnerabilities being exploited. You can…

Continue Reading
Comptia Security+

Security+ Course – 2.8 Personnel Security

2.8.1 Personnel Security Your security programs should be built upon a solid policy foundation. Personnel security programs should be built upon educating employees about these policies and their individual roles in protecting the enterprise. As part of this program you should have explicit procedures that describe how you will handle violations to the security policy. This could involve management, cybersecurity…

Continue Reading
Comptia Security+

Security+ Course – 2.7 Security Troubleshooting

2.7.1 Troubleshooting Authentication and Authorisation The use of unencrypted credentials is one of the most serious authentication security issues found on systems today. There is no excuse for this. Anyone eavesdropping on the network can intercept and view these plain text credentials. You can encrypt credentials at the application level by replacing protocols that run in cleartext with secure alternatives…

Continue Reading
Comptia Security+

Security+ Course – 2.6 Security Assessment Tools

2.6.1 Protocol Analysers Protocol Analysers allow administrators to peer into the packets travelling on a network and inspect them in deep detail. This is very useful when trying to troubleshoot network issues or investigate security incidents. Wireshark intercepts traffic and converts that binary traffic into human-readable format. This makes it easy to identify what traffic is crossing your network, how…

Continue Reading