Secplus_8e_Mod02_PPT

Module Overview

• Title: CompTIA Security+ Guide to Network Security Fundamentals, 8th Edition

• Author: Mark Ciampa

• Focus: Understanding pervasive attack surfaces and controls in network security

Module Objectives

• By the end of the module, you should be able to:

  • Define social engineering and list types of attacks.

  • List different types of physical defenses.

  • Describe controls for protecting data.

Social Engineering Attacks

• Definition: A method used to elicit information or convince a user to act in a way that compromises security.

  • Always involves deception and manipulation.

  • Utilizes human vectors as the attack surface.

Human Manipulation Techniques

• Relies heavily on human psychology to gain trust:

  • Provide a compelling reason.

  • Project confidence.

  • Employ evasion and diversion.

  • Use humor to disarm.

Types of Social Engineering Attacks

Phishing Attacks

• Phishing: Sending deceptive emails or web announcements to trick users.

  • Variations include:

    • Spear Phishing: Targeting specific individuals.

    • Whaling: Targeting senior executives.

    • Vishing: Voice phishing via phone calls.

    • Smishing: Phishing through SMS.

Business Email Compromise (BEC)

• A phishing variant where requests for funds appear legitimate.

• Considered a major cyber threat to organizations and consumers.

Impersonation and Redirection

• Impersonation: Masquerading as a legitimate character to gain user trust.

  • Brand Impersonation: Using recognized brands to gain immediate trust.

• Redirection: Directing users to fraudulent lookalike websites for profit.

  • Includes type squatting and pharming for traffic generation.

Misinformation and Misinformation Tactics

• Misinformation: False information, while disinformation is false information with malicious intent.

  • Watering Hole Attacks: Targeting specific individuals by infecting common websites they visit.

  • Using methods like dumpster diving, Google dorking, and shoulder surfing to gather sensitive information.

Perimeter Defenses

• Organizations may employ industrial camouflage to obscure buildings.

• Essential components of perimeter defenses include:

  • Barriers (fences, bollards).

  • Security guards (two-person integrity for higher protection).

  • Sensors (infrared, microwave, ultrasonic).

  • Security buffers (mantraps, reception areas).

  • Locks (e.g., electronic locks).

Barriers

• Fencing: A tall structure keeping out unauthorized personnel.

• Bollards: Short posts preventing vehicle intrusion.

Security Guards

• Patrol defined areas, monitor activities, and utilize video surveillance.

• Drones (UAVs): Increasingly used for surveillance tasks.

Sensors

• IR Sensors: Detect infrared; useful for property protection.

• Microwave Sensors: Monitor larger areas like warehouses.

• Ultrasonic Sensors: Measure object distance; less affected by airborne particles.

Security Buffers

• Definition: Additional barriers to control access.

  • Mantrap: A controlled entrance area requiring credential checks.

Data Leakage Prevention

• Measures to prevent sensitive data from escaping include:

  • Faraday Cage: Blocks electromagnetic signals from escaping.

  • Protected cable distribution systems.

Data Classifications

• Types of Data:

  • Confidential: Highest sensitivity; restricted access.

  • Private: Medium confidentiality; need-to-know access.

  • Sensitive: Could cause harm if disclosed; restrictive access.

  • Critical: Essential for operations; stringent protection needed.

  • Public: No sensitivity; open for public access.

  • Restricted: Needs caution for usage in emails; not public.

Types of Data

• Regulated Data: Governed by external rules.

• Intellectual Property (IP): Protects creative works.

• Trade Secret: Undisclosed enterprise data.

• Financial Information: Pertains to monetary transactions.

Protecting Data

• Factors for data management:

  • States of Data: In processing, in transit, at rest.

  • Geolocation: Identifies physical data location.

  • Data Sovereignty: Laws applicable to data based on collection location.

Data Security Methods

• Techniques include:

  • Data Minimization: Limit data collection to essentials.

  • Data Masking: Concealing sensitive information.

  • Tokenization: Substituting sensitive data with non-sensitive equivalents.

  • Restrictions: Access limitations based on user roles.

  • Segmentation: Isolating sensitive data for better security.

Conclusion

• Understanding social engineering, physical defenses, and data protection is crucial for network security competence.