Académique Documents
Professionnel Documents
Culture Documents
Chapter 01
I.
Define the following; list the source and/or page # of the definition: (12 points)
I.
Information security:
Information security is the act of protecting information from unauthorized
access. It usually includes an in-depth plan on how to secure data, computers, and
networks.
Source: Prowse, David L. CompTIA Security+ SY0-401 Approved Cert Guide,
Academic Edition, Page No. 469
II.
Confidentiality:
Confidentiality is the preventing the disclosure of information to unauthorized
persons.
Source: Prowse, David L. CompTIA Security+ SY0-401 Approved Cert Guide,
Academic Edition, Page No. 465
III.
Integrity:
Integrity means that authorization is necessary before data can be modified.
Source: Prowse, David L. CompTIA Security+ SY0-401 Approved Cert Guide,
Academic Edition, Page No. 469
IV.
Availability:
Availability means data is obtainable regardless of how information is stored,
accessed, or protected.
Source: Prowse, David L. CompTIA Security+ SY0-401 Approved Cert Guide,
Academic Edition, Page No. 463
V.
Authentication:
Authentication means a persons identity is confirmed. Authentication is the
verification of a persons identity.
Source: Prowse, David L. CompTIA Security+ SY0-401 Approved Cert Guide,
Academic Edition, Page No. 463
VI.
Authorization:
Authorization, when a user is granted access to specific resources after
authentication is complete.
Source: Prowse, David L. CompTIA Security+ SY0-401 Approved Cert Guide,
Academic Edition, Page No. 463
VII.
Accounting:
Accounting the tracking of data, computer usage, and network resources. Often it
means logging, auditing, and monitoring of the data and resources.
Source: Prowse, David L. CompTIA Security+ SY0-401 Approved Cert Guide,
Academic Edition, Page No. 462
VIII.
Non-repudiation:
Non-repudiation, the idea of ensuring that a person or group cannot refute the
validity of your proof against them.
IX.
Defense in depth
Defense in depth, the building up and layering of security measures that protect
data from inception, on through storage and network transfer, and lastly to final
disposal.
Source: Prowse, David L. CompTIA Security+ SY0-401 Approved Cert Guide,
Academic Edition, Page No. 466
X.
XI.
Ethical hacking:
Ethical hacker is an expert at breaking into systems and can attack systems on
behalf of the systems owner and with the owners consent. The ethical hacker
uses penetration testing and intrusion testing to attempt to gain access to a target
network or system.
Source: Prowse, David L. CompTIA Security+ SY0-401 Approved Cert Guide,
Academic Edition, Page No. 7
XII.
XIII.
Malicious Software
Malicious software known as malware, this includes computer viruses, worms,
Trojan horses, spyware, rootkits, adware, and other types of unwanted software.
Everyone has heard of a scenario in which a users computer was compromised to
some extent due to malicious software.
Source: Prowse, David L. CompTIA Security+ SY0-401 Approved Cert Guide,
Academic Edition, Page No. 5
XIV.
Unauthorized access:
Unauthorized access means access to computer resources and data without
consent of the owner. It might include approaching the system, trespassing,
communicating, storing and retrieving data, intercepting data, or any other
methods that would interfere with a computers normal work. Access to data must
be controlled to ensure privacy. Improper administrative access falls into this
category as well.
XV.
System failure
System failure means computer crashes or individual application failure. This can
happen due to several reasons, including user error, malicious activity, or
hardware failure.
Source: Prowse, David L. CompTIA Security+ SY0-401 Approved Cert Guide,
Academic Edition, Page No. 5
XVI.
Social engineering:
Social engineering, the act of manipulating users into revealing confidential
information or performing other actions detrimental to the user. Almost everyone
gets e-mails nowadays from unknown entities making false claims or asking for
personal information (or money!); this is one example of social engineering.
Source: Prowse, David L. CompTIA Security+ SY0-401 Approved Cert Guide,
Academic Edition, Page No. 5
XVII.
XVIII.
XIX.
XX.
User Awareness:
User awareness means the wiser the user, the less chance of security breaches.
Employee training and education, easily accessible and understandable policies,
security awareness e-mails, and online security resources all help to provide user
awareness.
Source: Prowse, David L. CompTIA Security+ SY0-401 Approved Cert Guide,
Academic Edition, Page No. 5
XXI.
Anti-malware software:
Anti-malware protects a computer from the various forms of malware and, if
necessary, detects and removes them. Types include antivirus and anti-spyware
XXII.
Data backups:
Backups wont stop damage to data, but they can enable you to recover data after
an attack or other compromise, or system failure. From programs such as
Windows Backup and Restore and Bacula to enterprise-level programs such as
IBMs Tivoli and Symantecs Backup Exec, data backup is an important part of
security. Note that fault-tolerant methods such as RAID 1, 5, and 6 are good
preventative measures against hardware failure but might not offer protection
from data corruption or erasure.
Source: Prowse, David L. CompTIA Security+ SY0-401 Approved Cert Guide,
Academic Edition, Page No. 6
XXIII.
Encryption:
The act of changing information using an algorithm (known as a cipher) to make
that information unreadable to anyone except users who possess the proper key.
Examples of this include wireless sessions encrypted with Advanced Encryption
Standard (AES), web pages encrypted with HTTP Secure (HTTPS), and e-mails
encrypted with Secure/Multipurpose Internet Mail Extensions (S/MIME) or Pretty
Good Privacy (PGP).
Source: Prowse, David L. CompTIA Security+ SY0-401 Approved Cert Guide,
Academic Edition, Page No. 6
XXIV.
Data removal:
Data removal is proper data removal goes far beyond file deletion or the
formatting of digital media. The problem with file deletion/formatting is data
remanence, or the residue left behind, from which re-creation of files can be
accomplished by some less-than-reputable people with smart tools.
Source: Prowse, David L. CompTIA Security+ SY0-401 Approved Cert Guide,
Academic Edition, Page No. 6
XXV.
XXVI.
XXVII.
XXVIII.
http://www.urbandictionary.com/define.php?term=Types%20of
Elite hacker:
Elite hackers are the ones who first find out about vulnerabilities. Hacker is a term
commonly used to refer to an individual who secretly gains access into systems
and networks for the purpose of earning money. Some, however, practice the
creative art of hacking for the reason that they get a certain level of enthusiasm
from the test that they are being put into. During the early years, hackers were
considered to be as computer underground. The culture only progressed through
time and is now regarded as an open community.
Source: Prowse, David L. CompTIA Security+ SY0-401 Approved Cert Guide,
Academic Edition, Page No. 7
https://www.secpoint.com/what-is-an-elite-hacker.html
II.
Hands-On Activity. (8 points)
Download the CompTIA Security+ objectives, review and explain how the questions are
weighted by the domain.
The CompTIA Security+ certification is a vendor-neutral, internationally recognized credential
used by organizations and security professionals around the globe to validate foundation level
security skills and knowledge. Candidates are encouraged to use this document to help prepare
for CompTIA Security+ SY0-401, which measures necessary skills for IT security professionals.
Successful candidates will have the knowledge required to:
Identify risk
Participate in risk mitigation activities
Provide infrastructure, application, information and operational security
Apply security controls to maintain confidentiality, integrity and availability
Identify appropriate technologies and products
Troubleshoot security events and incidents
Operate with an awareness of applicable policies, laws and regulations
TEST DETAILS
Required exam
Number of questions
Types of questions
Length of test
% of Examination
20%
18%
20%
15%
15%
6.0 Cryptography
12%
Total
100%
SNMP
SSH
DNS
TLS
SSL
TCP/IP
o 21
o 22
o 25
o 53
o 80
o 110
o 139
o 143
o 443
o 3389
OSI relevance
Privacy considerations
Risk awareness
Unauthorized data sharing
Data ownership
Data backups
Follow security policy and procedures
Review agreement requirements to verify compliance and
performance standards
Role-based training
Personally identifiable information
Information classification
o
High o
Medium o
Low
o
o
Confidential
Private o
Public
Control types
o Deterrent
o Preventive
o Detective
o Compensating
o Technical
o Administrative
2.9 Given a scenario, select the appropriate control to meet the goals of security.
Confidentiality o Encryption o Access controls o Steganography
Integrity
o Hashing
o Digital signatures Certificates
o Non-repudiation
Availability
o Redundancy
o
o
Adware
Virus
Spyware
Trojan
Rootkits
Backdoors
Logic bomb
Botnets
Ransomware
Polymorphic malware
Armored virus
3.2 Summarize various types of attacks.
Man-in-the-middle
DDoS
DoS
Replay
Smurf attack
Spoofing
Spam
Phishing
Spim
Vishing
Spear phishing
Xmas attack
Pharming
Privilege escalation
Transitive access
Client-side attacks
Password attacks
o Brute force
o Dictionary attacks
Escape routes
Hybrid
Birthday attacks
Rainbow tables
Typo squatting/URL hijacking
Watering hole attack
o
o
o
3.3 Summarize social engineering attacks and the associated effectiveness with
each attack.
Shoulder surfing
Dumpster diving
Tailgating
Impersonation
Hoaxes
Whaling
Vishing
Jamming/Interference
Evil twin
War driving
Bluejacking
Bluesnarfing
War chalking
IV attack
Packet sniffing
Replay attacks
WEP/WPA attacks
WPS attacks
3.5 Explain types of application attacks.
Cross-site scripting
SQL injection
LDAP injection
XML injection
Buffer overflow
Integer overflow
Zero-day
Cookies and attachments
LSO (Locally Shared Objects)
Flash Cookies
Malicious add-ons
Session hijacking
Header manipulation
Arbitrary code execution / remote code execution
3.6 Analyze a scenario and select the appropriate type of mitigation and deterrent
techniques.
Hardening
o Disabling unnecessary services
o Protecting management interfaces and
applications
o Password protection
o Disabling unnecessary accounts
Network security
o MAC limiting and filtering
o 802.1x Disabling unused
interfaces and unused application
service port sue machine
detection
o Security posture
o Initial baseline configuration
o Continuous security monitoring
o Remediation
Reporting
o Alarms
o Alerts
o Trends
Vulnerability scanner
Honeypots
Honeynets
Port scanner
Passive vs. active tools
Banner grabbing
Risk calculations
o Threat vs. likelihood
Assessment types
o Risk
o Threat
o Vulnerability
Assessment technique
o Baseline reporting
o Code review
o Determine attack surface
o Review architecture
o Review designs
o
o
o
o
o
o
3.8 Explain the proper use of penetration testing versus vulnerability scanning.
Penetration testing
o Verify a threat exists
o Bypass security controls
o Actively test security controls
o Exploiting vulnerabilities
Vulnerability scanning
o Passively testing security controls
o Identify vulnerability
o Identify lack of security controls
o Identify common misconfigurations
o Intrusive vs. non-intrusive
o Credentialed vs. non-credentialed
o False positive
Black box
White box
Gray box
Input validation
Cross-site scripting prevention
Cross-site Request Forgery (XSRF) prevention
Application configuration baseline (proper settings)
Application hardening
Application patch management
NoSQL databases vs. SQL databases
Server-side vs. Client-side validation
o
Anti-malware
o Antivirus
o Anti-spam
o Anti-spyware
o Pop-up blockers
Patch management
White listing vs. black listing applications
Trusted OS
Host-based firewalls
Host-based intrusion detection
Hardware security
o Cable locks
o Safe
o Locking cabinets
Host software baselining
Virtualization
o Snapshots
o Patch compatibility
o Host availability/elasticity
o Security control testing
o Sandboxing
4.5 Compare and contrast alternative methods to mitigate security risks in static
environments.
Environments
o SCADA
o Embedded (Printer, Smart TV, HVAC control)
o Android
o iOS
o Mainframe
o Game consoles
o In-vehicle computing systems
Methods
o Network segmentation
o Security layers
o Application firewalls
o Manual updates
o Firmware version control
o Wrappers
o Control redundancy and diversity
Identification o Biometrics
o Personal identification verification card
o Username
Federation
Transitive trust/authentication
5.3 Install and configure security controls when performing account management,
based on best practices.
Mitigate issues associated with users with multiple account/roles
and/or shared accounts
Account policy enforcement o Credential management o Group
policy o Password complexity o Expiration o Recovery o
Disablement o Lockout o Password history o Password reuse o
Password length o Generic account prohibition
Group based privileges
User assigned privileges
User access reviews
Continuous monitoring
6.0 Cryptography
6.1 Given a scenario, utilize general cryptography concepts.
Symmetric vs. asymmetric
Session keys
In-band vs. out-of-band key exchange
Fundamental differences and encryption methods o Block vs.
stream
Transport encryption
Non-repudiation
Hashing
Key escrow
Steganography
Digital signatures
Use of proven technologies
Elliptic curve and quantum cryptography
Ephemeral key
Perfect forward secrecy
Cipher suites
o Strong vs. weak ciphers
Key stretching
o PBKDF2
o Bcrypt
6.3 Given a scenario, use appropriate PKI, certificate management and associated
components.
SECURITY+ ACRONYMS
Router
Firewall
Access point
Switch
IDS/IPS
Server
Content filter
Client
Mobile device
VPN concentrator
All in one appliance
Enterprise security managers / SIEM suite
Load balancer
Spare parts/hardware
Keyboards, mice
Network cables
Monitors
Tools
WiFi analyzers
Software
Backtrack
Proxy server
Kali/BackTrack
Virtualization software
Virtualized appliances
Wireshark
TCPdump NMAP
OpenVAS
Metasploit
Backorifice
Cain & Abel
John the Ripper
PF Sense
Security Onion
Roo
Any UTM
Other
Source Forge