CompTIA Security+ Study

RDP Port

3389

Telnet Port

23

SSH Port

22

DNS Port

53

DHCP (server) Port

67

DHCP (client) Port

68

HTTP Port

80

HTTPS Port

443

LDAP Port

389

LDAPS Port

636

SMB Port

139

Kerberos Port

88

Strongest Encryption Algorithm

AES256

Strongest Hashing Algorithm

SHA256

• Data Spread Across All Drives

• Uses Striping

• Minimum drives required: 2

RAID 0

• Uses mirroring

• Minimum drives required: 2

• Good performance

• Excellent redundancy

RAID 1

• Uses striping and parity

• Minimum disks required: 3

• Good redundancy and performance

RAID 5

• Uses striping and mirroring

• Minimum drives required: 4

• Excellent redundancy

• Excellent performance

RAID 10

OSI Model

1. Physical

2. Data Link

3. Network

4. Transport

5. Session

6. Presentation

7. Application

UTF (Unified Threat Management)

Device usually deployed at network boundaries that usually involves:

• Firewall

• IDS/IPS

• Anti-malware

• URL filtering

• DLP

• VPN

NGFW (Next Generation Firewall)

All in one network security device that uses:

• Deep packet inspection

• IDS/IPS functions

• Faster and more capable than normal firewalls

Stateless Firewall

• Basically just a packet filter

• Looks at source IP, port, and protocol

Stateful firewall

• Dynamic packet filter

• Can make decisions about packets they are inspecting

• Save packet information in a state table for more context when making future security decisions

Honeypot

Systems intentionally configured to appear vulnerable

Honeyfile

An intentionally attractive file used for IDS

Honeytoken

Fake credentials or data that are not used but look appealing to attackers

Forward proxy server

• Client to server

• Accepts requests from the client and sends it to the server

• Can be used to allow access to server resources (ex Library database)

Reverse proxy server

• Server to client

• Used for load balancing and content caching

• Clients query a single system but have their traffic load spread to multiple systems

DLP (Data loss prevention)

Used to make sure data isn’t extracted or sent out of. a secure network

Bluejacking

An attack that involves sending unsolicited messages to bluetooth devices

Bluesnarfing

gaining unauthorized access to a bluetooth device

Sideloading

transferring files to a mobile device to install applications outside of the official app store

Jailbreaking

taking advantages of OS vulnerabilities to conduct privilege escalation and root the system

Extensible Authentication Protocol (EAP)

• commonly used wireless authentication framework

802.1X (NAC)

• Integrates with EAP

• Prevents access to the network until authentication is successful

• Uses an access database to check authentication (RADIUS, LDAP, TACAS+)

EAP-FAST

• EAP authentication through secure tunnelling

• Authentication server (AS) and supplicant share a secret credential

• Mutual Authentication through TLS tunnel

• Authentication credentials send over TLS tunnel

• Uses RADIUS server

PEAP

• Protected EAP

• Only server side certificates

EAP-TLS

• Client and server both need certificates

• Certificate based and mutual based wireless authentication

• Need PKI

EAP-TTLS

• EAP tunneled transport layer security

• Requires a single digital certificate

• Builds TLS tunnel with this certificate

• Any authentication method can be used over the tunnel

RADIUS Federation

Used when members of one organization want to authenticate to the network of another organization

LEAP

• Lightweight EAP

• Uses WEP keys for authentication

Incident Response Process

1. Preparation

2. Detection

3. Analysis

4. Containment

5. Eradication

6. Recovery

7. Lessons Learned

Forensic Order of Volatility

1. CPU Cache and Registers

2. Routing tables

3. System memory (RAM)

4. Temp files

5. Data on the hard disk

6. Remote logs

7. Backups

Typical Model of Governance

• Shareholders (elect)

• Board of directors (who appoint)

• CEO (who appoints)

• Management team (who manage)

• Employees

Centralized Governance

Top-Down Governance approach where central authority creates policy

Decentralized Governance

Bottom-up governance approach where individual units are delegated authority to achieve objectives. No higher ups enforcing policy.

Change Management Process

1. Request

2. Review

3. Approve/Reject

4. Test

5. Schedule/Implement

ISO 27001

Document that outlines control objectives & categories

ISO 27002

Document that describes the actual security controls

ISO 27701

Document that gives guidance on managing privacy controls

ISO 31000

Documents guidelines for risk management programs

Risk formula

Liklihood * Impact

SLE (single loss expectancy) formula

AV (asset value) * EF (exposure factor)

ARO (annual rate of occurance)

The percentage of how many times the attack could happen in one year

ALE (annual loss expectancy) formula

SLE * ARO

AAA

• Authentication

• Authorization

• Accounting

TPM (trusted plat form model)

This piece of hardware is used to validate secure boot processes

HSM (hardware security module)

This piece of hardware is used for encryption and key generation and validating digital signiatures