AM

Secplus_8e_Mod02_PPT

Module Overview

  • Title: CompTIA Security+ Guide to Network Security Fundamentals, 8th Edition

  • Author: Mark Ciampa

  • Focus: Understanding pervasive attack surfaces and controls in network security

Module Objectives

  • By the end of the module, you should be able to:

    • Define social engineering and list types of attacks.

    • List different types of physical defenses.

    • Describe controls for protecting data.

Social Engineering Attacks

  • Definition: A method used to elicit information or convince a user to act in a way that compromises security.

    • Always involves deception and manipulation.

    • Utilizes human vectors as the attack surface.

Human Manipulation Techniques

  • Relies heavily on human psychology to gain trust:

    • Provide a compelling reason.

    • Project confidence.

    • Employ evasion and diversion.

    • Use humor to disarm.

Types of Social Engineering Attacks

Phishing Attacks

  • Phishing: Sending deceptive emails or web announcements to trick users.

    • Variations include:

      • Spear Phishing: Targeting specific individuals.

      • Whaling: Targeting senior executives.

      • Vishing: Voice phishing via phone calls.

      • Smishing: Phishing through SMS.

Business Email Compromise (BEC)

  • A phishing variant where requests for funds appear legitimate.

  • Considered a major cyber threat to organizations and consumers.

Impersonation and Redirection

  • Impersonation: Masquerading as a legitimate character to gain user trust.

    • Brand Impersonation: Using recognized brands to gain immediate trust.

  • Redirection: Directing users to fraudulent lookalike websites for profit.

    • Includes type squatting and pharming for traffic generation.

Misinformation and Misinformation Tactics

  • Misinformation: False information, while disinformation is false information with malicious intent.

    • Watering Hole Attacks: Targeting specific individuals by infecting common websites they visit.

    • Using methods like dumpster diving, Google dorking, and shoulder surfing to gather sensitive information.

Perimeter Defenses

  • Organizations may employ industrial camouflage to obscure buildings.

  • Essential components of perimeter defenses include:

    • Barriers (fences, bollards).

    • Security guards (two-person integrity for higher protection).

    • Sensors (infrared, microwave, ultrasonic).

    • Security buffers (mantraps, reception areas).

    • Locks (e.g., electronic locks).

Barriers

  • Fencing: A tall structure keeping out unauthorized personnel.

  • Bollards: Short posts preventing vehicle intrusion.

Security Guards

  • Patrol defined areas, monitor activities, and utilize video surveillance.

  • Drones (UAVs): Increasingly used for surveillance tasks.

Sensors

  • IR Sensors: Detect infrared; useful for property protection.

  • Microwave Sensors: Monitor larger areas like warehouses.

  • Ultrasonic Sensors: Measure object distance; less affected by airborne particles.

Security Buffers

  • Definition: Additional barriers to control access.

    • Mantrap: A controlled entrance area requiring credential checks.

Data Leakage Prevention

  • Measures to prevent sensitive data from escaping include:

    • Faraday Cage: Blocks electromagnetic signals from escaping.

    • Protected cable distribution systems.

Data Classifications

  • Types of Data:

    • Confidential: Highest sensitivity; restricted access.

    • Private: Medium confidentiality; need-to-know access.

    • Sensitive: Could cause harm if disclosed; restrictive access.

    • Critical: Essential for operations; stringent protection needed.

    • Public: No sensitivity; open for public access.

    • Restricted: Needs caution for usage in emails; not public.

Types of Data

  • Regulated Data: Governed by external rules.

  • Intellectual Property (IP): Protects creative works.

  • Trade Secret: Undisclosed enterprise data.

  • Financial Information: Pertains to monetary transactions.

Protecting Data

  • Factors for data management:

    • States of Data: In processing, in transit, at rest.

    • Geolocation: Identifies physical data location.

    • Data Sovereignty: Laws applicable to data based on collection location.

Data Security Methods

  • Techniques include:

    • Data Minimization: Limit data collection to essentials.

    • Data Masking: Concealing sensitive information.

    • Tokenization: Substituting sensitive data with non-sensitive equivalents.

    • Restrictions: Access limitations based on user roles.

    • Segmentation: Isolating sensitive data for better security.

Conclusion

  • Understanding social engineering, physical defenses, and data protection is crucial for network security competence.