CompTIA Security+ 701 Study Guide

CIA triad (Confidentiality, Integrity, Availability)

AAA Of Security

Authentication, Authorization, and Accounting

Checksums

Method to verify the integrity of data during transmission

Digital Signatures

Ensure Both Integrity of data during transaction

Server Redundancy

Involves using multiple servers in a load balanced or failover configuration so that if one is overloaded or fails, the other servers can take over the load to continue supporting your end users

Network Redundancy

Ensures that if one network path fails, the data can travel through another route

data redundancy

involves storing data in multiple places

Power Redundancy

involves using backup power sources, like generators and ups systems

Non-repudiation

provides undeniable proof in the world of digital transactions. Cant deny participation or authenticity of their actions

Syslog servers

used to aggregate logs from various network devices and systems so that system administrators can analyze them to detect patterns or anomalies in the organizations systems

Technical Controls

"technology", hardware, and software mechanisms that are implemented to manage and reduce risks

Managerial Controls

("Managing" things) also referred to administrative controls, involve the strategic planning and governance side of security

Operational Controls

Procedures and measures that are designed to protect data on a day to day basis. Are mainly governed by internal processes and human actions

Preventive

Proactive measures implemented to thwart potentical security threats or breaches

Deterrent Controls

Discourage potential attackers by making the effort seem less appealing or more challenging

Detective Controls

(detect) Monitor and alert organizations to malicious activities as they occur

Corrective Controls

Mitigate any potential damage and restore our systems to their normal state

Compensating Controls

Alternative measures that are implemented when primary security controls are not feasible or effective

Directive Controls

Guide, inform, or mandate actions. Often rooted in Policy.

gap analysis

Process of evaluating the differences between an organizations current performance and its desired performance

Zero Trust

Demands verification for every device, user, and transaction with the network

Data plane

Ensures policies are properly executed

honeypot

decoy systems to attract and deceive attackers

honeynets

network of decoy systems for observing complex attacks

honeyfiles

decoy files to detect unauthorized access or data breaches

(APT) Advanced Persistent Threat

Nation-state actor because of their long term persistence and stealth

Threat Vector

Means or pathway by which an attacker can gain unauthorized access to a computer or network

Vishing

Voice Phishing

(MDM) Mobile device management

Manages Phones, remote wipe, geolocation, installs certain apps Ex) jampf

Smishing

SMS phishing

Unsecure networks Vulnerabilities

MAC Address cloning, VLAN Hopping

Vulnerability in Bluetooth protocol

Blueborne -- vulnerabilities in bluetooth technology that can allow can attacher to take over devices

BlueSmack -- type of DoS attack that targets bluetooth enabled devices

Vestibules

Double-door System electronically controlled to allow only one door open at a time, prevents piggybacking

Bollards

short vertical posts, typically made of steel. In front of government buildings alot

Microwave Sensors

detect movement in an area by emitting microwave pulses and measuring their reflection off moving objects

Ultrasonic sensors

Measures the reflection of ultrasonic waves off moving objects

Piggy backing

Involves two people working together with one person who has legitimate access intentionally allows another person who doesnt have proper authorization to enter a secure area with them

Cipher locks

mechanical locks with numbers push buttons, requires a correct combination to open

Typosquating

URL Hijacking,, hoping somebody puts in the wrong url and goes to your cloned website

Watering hole

Hackers take over a specific website that is normally frequented by a person or company

Viruses

attach to clean files, (spread), and corrupt host files.

worms

Can replicate without any user interaction

Trojan

piece of malicious software that is disguised as a piece of harmless or desirable software

RAT

Remote Access Trojan or Remote Access Tool

Control Node

Computer responsible for managing and coordinating the activities of other nodes or devices within a network

Rootkit

Designed to gain administrative level control over a given computer system without being detected

shim

piece of sofware that is placed between two components and that intercepts the calls between those components and be used to redirect them

Logic Bomb

Malicious code that will only execute if certain conditions have been met

Data Controller

Entity responsible for determining data storage, collection, and usage purposes and methods

data steward

focuses on data quality and metadata, making sure its labeled correctly, usually working under the data owner

data custodian

managing the systems on which data assets are stored, including enforcing access controls, encryption, and backup measures

Privacy Officer

Deals with privacy data, HIPPA, (PII) Personally identifiable information, (SPI) Sensitive personal information, (PHI) Protected health information, ensuring compliance with legal and regulatory frameworks

Block Cipher

Breaks input data into fixed-size blocks before encryption

Symmetric Algorithm

DES (Data Encryption Standard), TRIPLE DES, IDEA, AES, Blowfish, Twofish, RC4, RC5, RC6

Asymmetric Algorithms

Diffie-Hellman- vulnerable to man in the middle attacks

RSA(Ron Rivest, Adi Shamir, Leonard Adleman)

Elliptic Curve Cryptography (ECC) - More efficient than RSA, commonly used on low power computing

Hash based message Authentication Protocol(HMAC)

checks message integrity and authenticity

Nonces

adds unique, often random numbers to password-based authentication processes

Wild Card Certificate

Allows multiple sub domains to use the same certificate

Journaling

The term 'Journaling' is defined as the ability to record all communications for use in the company retention or archiving policy.

SIEM (Security Information and Event Management)

A solution for real-time-or near time analysis of security alerts generated by network hardware and applications

(NAC) Network Access Controller

Used to protect networks from both known and unknown devices by scanning devices to assess their security status before granting access

Dynamic Code Anaylsis

Analyzes applications while they run

Static Code Analysis

A method of debugging and application by reviewing and examining its source code before running the program

Fuzzing

Inputs random data to provoke crashes or exceptions, helps uncover security flaws and weaknesses

Code Signing

confirms the software's author identity and integrity, utilizes digital signatures to verify code authenticity

(EAP) Extensible Authentication Protocol

Authentication framework supporting multiple methods, Provides common functions and negotiation of authentication Protocols

EAP-TTLS (Extensible Authentication Protocol-Tunneled Transport Layer Security)

Extends TLS support across platforms and requires server side certificates for security

(PEAP) Protected Extensible Authentication Protocol

Encapsulates EAP within an encrypted TLS Tunnel

(EAP-FAST)Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling

Uses a protected access credential and TLS tunnel

TLS (Transport Layer Security)

highly effective for ensuring data privacy, it can also have an unintended consequence for cybersecurity. By encrypting internet traffic, TLS not only renders data unreadable; it also does the same for malware and other threats

RADIUS (Remote Authentication Dial-In User Service)

offers authentication, authorization, and accounting services, widely used for secure access to network resources

(TACACS+) Terminal Access Controller Access-Control System Plus

separates authentication, authorization, and accounting functions. More granular control, encrypts the authentication process using TCP for enhanced security

Fault-resistant RAID

Protects against the loss of the array's data if a single disk fails (RAID 1 or RAID 5)

Fault-tolerant RAID

Protects against the loss of the array's data if a single component fails (RAID 1, RAID 5, RAID 6)

Disaster-tolerant RAID

Provides two independent zones with full access to the data (RAID 10)

Data Steward

A role focused on the quality of the data and associated metadata

Memorandum of Understanding (MOU)

A non-binding agreement between two or more organizations to detail an intended common line of action. Often referred to as a letter of intent.

hping

An open-source packet generator and analyzer for the TCP/IP protocol that is used for security auditing and testing of firewalls and networks

netstat

Utility that displays network connections for Transmission Control Protocol, routing tables, and a number of network interface and network protocol statistics

grep

A command-line utility for searching plain-text data sets for lines that match a regular expression or pattern

tracert/traceroute

A network diagnostic command for displaying possible routes and measuring transit delays of packets across an Internet Protocol network

6 Step Incident Response

1. Preparation

2. Identification

3. Containment

4. Eradication

5. Recovery

6. Lessons Learned

ISO 31000

An international standard for enterprise risk management that provides a universally recognized paradigm for practitioners and companies employing risk management processes to replace the myriad of existing standards, methodologies, and paradigms that differed between industries, subject matters, and regions

ISO 27002

An international standard that provides best practice recommendations on information security controls for use by those responsible for initiating, implementing, or maintaining information security management systems (ISMS)

Cybersecurity Framework (CSF)

A set of industry standards and best practices created by NIST to help organizations manage cybersecurity risks

Business Partnership Agreement (BPA)

Conducted between two business partners that establishes the conditions of their relationship. Can also include security requirements.

Interconnection Security Agreement (ISA)

An agreement for the owners and operators of the IT systems to document what technical requirements each organization must meet

Service Level Agreement (SLA)

An agreement concerned with the ability to support and respond to problems within a given timeframe and continuing to provide the agreed upon level of service to the user

Non-Disclosure Agreement (NDA)

Agreement between two parties that defines what data is considered confidential and cannot be shared outside of the relationship

Due Process

A legal term that refers to how an organization must respect and safeguard personnels rights. Protects citizens from their government and companies from lawsuits.

Recovery Time Objective (RTO)

The length of time it takes after an event to resume normal business operations and activities.

Towers of Hanoi

Three sets of backup tapes (like the grandfather-father-son) that are rotated in a more complex system

Internet Key Exchange (IKE)

Method used by IPSec to create a secure tunnel by encrypting the connection between authenticated peers

Layer 2 Tunneling Protocol (L2TP)

A connection between two or more computers or device that are not on the same private network. Usually paired with IPSec to provide security. Uses port 1701.

Secure Sockets Layer (SSL)/Transport Layer Security (TLS)

Cryptographic protocols that provide secure internet communications for web browsing, instant messaging, email, VoIP, and many other services.

Certificate Signing Request (CSR)

A specially formatted encrypted message that validates the information the CA requires to issue a digital certificate.

Which of these protocols use TLS to provide secure communication?

HTTPS, TFPS

You've hired a third-party to gather information about your company's servers and data. The third-party will not have direct access to your internal network but can gather information from any other source. Which of the following would BEST describe this approach?

Passive footprinting

Which of these protocols use TLS to provide secure communication?

HTTPS, FTPS

An IPS at your company has found a sharp increase in traffic from all-in-one printers. After researching, your security team has found a vulnerability associated with these devices that allows the device to be remotely controlled by a third-party. Which category would BEST describe these devices?

MFD (Multifunction Device)