CompTIA Sec+ Flashcards

0.0(0)
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/895

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

896 Terms

1
New cards

CIA Triad

Confidentiality, Integrity, Availability

2
New cards

Confidentiality

Keeps information private and protected from unauthorized access.

3
New cards

Social Engineering

Users accidentally disclosing too much information - Greatest threat to Confidentiality

4
New cards

Sniffing

Capturing data on the network using a packet or protocol analyzer

5
New cards

How to stop sniffing

Encrypt data

6
New cards

Media Reuse

If there is sensitive information on a drive and we want to reuse the drive, we need to scrub information

7
New cards

Integrity

The accuracy and consistency of data, ensuring that it remains unaltered during storage and transmission.

8
New cards

Hashe

used to verify data integrity by producing a unique fixed-size output from variable-sized input

9
New cards

MACS (Message Authentication Codes)

  • Provides reasonable authenticity and integrity

  • Not strong enough to be non-repudiation

    • Due to usage of symmetric key

10
New cards

Digital Signatures

  • Can detect both malicious and accidental modifications

  • Requires overhead

  • Provides true non-repudiation

    • Stronger than MACS due to usage of asymmetric keys

11
New cards

Availability

the assurance that systems and data are accessible when needed, ensuring continuous operation and reducing downtime.

12
New cards

How to provide availability

  • Redundancy

  • Content Delivery Networks

  • Data Dispersion

13
New cards

How to take down systems (aka stop availability)

DoS, DDoS, Disasters

14
New cards

Non-repudiation

  • Person-Based Authenticity + Integrity

  • Accomplished through digital signatures

  • Provides assurance of the origin of a message and the contents have not been modified

15
New cards

What does non-repudiation accomplish

Provides assurance of the origin of a message and the contents have not been modified

16
New cards

Access Control

Identification, Authentication

Authorization

17
New cards

DAC (Discretionary Access Control)

  • Most windows systems

  • Security of an object is at the discretion of the objects owner

  • Access is granted through an ACL (Access Control List)

  • Commonly implemented in commercial products and all client-based system

  • Identity Based

18
New cards

19
New cards

How are security labels and categories defined?

By the organization

20
New cards

RBAC (Role-Based Access Control)

  • Access is granted based on roles within an organization

  • Users are assigned roles with predefined permissions

  • Enforces least privilege by restricting access to job-related tasks

  • Scalable for large organizations

21
New cards

Roles group permissions (For RBAC)

  • Simplifies management

22
New cards

Security Controls

  • Implementation or enforcement of the CIA triad for a system or data asset

  • Controls are divided into four categories

23
New cards

Technical Controls

  • Control implemented as a system

    • Hardware, software, firmware

  • May also be called logical security controls

  • Executed by computer systems (instead of people)

  • Implemented with technology

24
New cards

Operational Controls

  • Implemented by people, rather than system

  • Focused on the day to day procedures of an organization

  • Focused on managing risk

25
New cards

Examples of Technical Controls

  • Firewalls

  • Encryption

  • IDS

26
New cards

Examples of operational controls

  • Configuration management

  • Systems backups

  • Patch management

27
New cards

Managerial Controls

  • Provides oversight of the information system

28
New cards

Examples of managerial controls

  • Organizational security policy

  • Risk assessments

  • Security awareness training

29
New cards

Physical Controls

Deter, detect, and prevent unauthorized access, theft, damage, or destruction of material assets

30
New cards

Examples of physical security controls

  • Data backups

  • Firewalls

  • Asset Management

31
New cards

Preventive Controls

  • Proactive

  • Stop attack (even temporarily)

32
New cards

Examples of preventive security controls

  • Encryption

  • Firewalls

  • AV Software

33
New cards

Deterrent controls

  • Proactive

  • Discourage attacks

34
New cards

Examples of deterrent controls

  • Warning signs

  • Lighting

  • Fencing/Bollards

35
New cards

Corrective Controls

  • Reactive

  • Recovering data from backup copies

  • Applying software updates and patches to fix vulnerabilities

  • Developing and implementing IRPs to respond to and recover from security incidents

  • Activating and executing DRPs to restore operations after a major incident

36
New cards

Detective controls

  • Reactive

  • Helps indicate a compromise to the system

37
New cards

Example of detective controls

  • Log monitoring

  • Security audits

  • CCTV

  • IDS

  • Vulnerability scanning

38
New cards

Compensating Controls

  • Primary control is not available or is not providing enough security

39
New cards

Example of compensating controls

  • Backup power systems

  • MFA

  • Application Sandboxing

  • Network Segmentation

40
New cards

Directive Controls

  • Managerial controls that come from leadership

  • Implemented through policies and procedures

41
New cards

Example of directive controlsd

  • IRP

  • AUP

42
New cards

Purpose of Functional controls

Gap analysis

43
New cards

Functional Controls

Preventive, detective, corrective, deterrent, compensating, directive

44
New cards

Gap analysis

  • Where you are

  • Skills needed to get where you’re going

  • Where you need to be

45
New cards

Security controls

Technical, operational, managerial, physical

46
New cards

Security Zones

  • Grouping different security levels into different areas or zones

  • As you go farther into the system, the less trusted the zone is

47
New cards

Movement between security zones

  • Interfaces between zones have some type of access control to restrict movement between zones

    • Like biometric and guard stations

    • Or firewalls

48
New cards

Median Security Zone

  • Between the internet and internal network

  • Called DMZ

    • Demilitarized Zone

49
New cards

Zones of Trust (Security Zones)

  • Untrusted - External Firewall - Semi Trusted - Internal Firewall - Trusted

50
New cards

Internet accessible servers

  • Placed in DMZ

  • Called bastion hosts

  • Placed in between the internet and internal network

51
New cards

Zero trust

  • Assumes there is no inherent trust

  • Each independent entity must authenticate individually before access is allowed

52
New cards

How to implement zero trust

break down our network into smaller and easier to manage planes (Control and data plane)

53
New cards

Data Plane

  • Processing of packets, frames and network data

  • Where actual security function happens

    • Encryption, NAT, filtering, etc

54
New cards

Control Plane

  • Where administrative functions are performed

    • Controls how data is allowed to move through the data plane

55
New cards

How is the control plane set up?

  • Policies and rules

  • Routing tables

  • NAT tables

56
New cards

NAT Tables

  • Tracks IP addresses and port number reassignments

  • Helps the router determine what to do with incoming packets

  • Within a router or NAT-Enabled Device

57
New cards

NAT-Enabled Device

  • DSL Modem and WIFI Routers

58
New cards

Policy Enforcement Points (PEP)

  • The guard for trust zones that host one or more enterprise resources

  • Enables, monitors, and eventually terminates connections between subjects and resources

59
New cards

Examples of Policy Enforcement Points (PEP)

  • CASB

  • APs

  • VPNs

60
New cards

Policy Decision Point (PDP)

  • Combines with PEP and a policy administrator

  • Any system where policy created

  • Adaptive identities

61
New cards

Example of PDP systems where policy is created

  • RADIUS

  • Network Policy Servers

62
New cards

Adaptive identities can be used based on (from PDP)

  • Location

  • IP addresses

  • Other criteria to indicate needs for additional security

63
New cards

Policy Information Point (PIP)

  • Integration with active directory

  • So RADIUS can forward requests or use the active directory

    • To determine user rights and permissions

64
New cards

PIP consists of

  • Identity

  • Credential and Access Management (ICAM)

  • Endpoint Detection and Response (EDR)

  • Security Analytics

  • Data Security Systems

65
New cards

Site layout and access

  • Layers of security

  • Zones with different security controls/access levels

  • ID badges

  • Barriers and access points

  • Fencing

66
New cards

Types of Locks

  • Conventional

  • Deadbolt

  • Electronic

  • Smart card

  • Biometric

  • Multifactor

67
New cards

Turnstiles/Mantraps

  • Two doors to enter

  • Can’t have both doors open at the same time

68
New cards

Fail-Secure

will lockdown all data inside

69
New cards

Fail-safe

Changes to a secure state in case of a failure, error, or unexpected conditions

70
New cards

Alarm Systems

  • Circuit

  • Motion

  • Duress

71
New cards

Circuit Alarm System

  • Open or closed

  • Detect intrusion through a barrier

72
New cards

Motion Alarm System

  • Radar infrared

  • Detect intrusion in a space

73
New cards

Duress Alarm System

  • Fixed or mobile

74
New cards

Surveillance

  • Guard dogs

  • Security guards

  • Video/CCTV

  • Lighting

  • Physical access logs

  • Staff

75
New cards

Hardware Security

  • Lockable cabinets

  • Device locks

  • Safes

  • Protected distribution

76
New cards

Environmental Controls

  • Site location

    • Accessibility

    • Utilities

    • Known hazards

  • Building control

77
New cards

Building Controls

  • Dust

  • Temperature/humidity (HVAC)

78
New cards

HVAC for computer systems

  • Hot and Cold Aisles

    • Optimize airflow

    • Place servers back to back

    • Hot aisle / cold aisle

    • Do not allow contamination of cooled air by warmed air

79
New cards

Radio Frequency Interference (RFI)

  • Power cabling, motors, microwaves

  • Competing devices (multiple access points, Bluetooth)

  • Can cause data errors in wireless communications

80
New cards

Electromagnetic Interference (EMI)

  • Equipment or cabling in close proximity to the noise source

  • Fiber Optic Cabling best because light is not as susceptible to interference

81
New cards

Fire Prevention

  • Regular inspection

  • Control ignition sources and flammable material

  • Fire doors

82
New cards

Fire Detection

Smoke/flame detectors/alarms

83
New cards

Fire emergency procedures

  • Escape/Evacuation plan

  • Escape routes

  • Drills

84
New cards

Fire Suppression

  • Personal fire extinguishers

  • Sprinklers

85
New cards

What type of fire extinguisher do we want (3 types - A, B, C)

Type C

86
New cards

Types of sprinklers

  • Dry pipe

    • After the alarm, there is a period of time till water is released

  • Pre-action

    • Releases water immediately but will only activate if the plastic tab holding everything back melts

    • Gives a degree of protection to false positives

  • Halon

    • Suppressed fires quickly

    • Kills people though 💀

    • Outlawed because of its effect on the environment

  • Clean Agent

    • Release CO2 or some other chemical

87
New cards

Baseline Configuration

  • Minimum acceptable security configuration

  • Changes should be prevented without

    • Proper authorization and as a result of the change management process

88
New cards

Change Management

  • prevents new vulnerabilities from being introduced to a stable environment

89
New cards

Process of Change Management

  • Owner of system or data submits change request

  • Request is evaluated by CCB for risk and cost/benefit analysis

  • Change is approved or denied

  • If approved change is tested in an environment isolated from product

  • Change is scheduled

    • Backout/rollback plans are created

  • Change is rolled out

  • Owner manages change and ensures everything is working thereafter

  • Maintenance is schedule

  • SOPs are updated

90
New cards

CCB

Change control board

91
New cards

SOPs

Standard operating procedures

92
New cards

Restricted Activities

  • Authorization for scope change is limited very specifically for items described in the scope document

  • Changes that are required to implement the change may need to be added to the scope of work

  • Change control processes should document the next steps

93
New cards

Implications of Change Control

  • System/service downtime

  • Restarts of systems or applications

  • Legacy applications may fail

  • Dependent services may not be available

94
New cards

Updating Documentation

  • Make sure that versioning, revisions, updates, upgrades are added to 

    • Network diagrams

    • Support documentation

    • Policies and procedures

95
New cards

PAIN

Privacy, Authenticity, Integrity, Non-Repudiation

96
New cards

P in PAIN

Prevents unauthorized disclosure of information

97
New cards

A in PAIN

Verifies the claimed identity

98
New cards

I in PAIN

Detects modification or corruption

99
New cards

N in PAIN

  • Combines authenticity and Integrity

  • Sender cannot dispute having sent a message nor its contents

100
New cards

Cipher Text Equation

Plain Text + Initialization Vector + Algorithm (aka Cipher) + Key