1 / 49

Comptia Security+

Eckel Technology Consultants. Comptia Security+. Introduction. Netlearn IT training and Consulting LLC. Specializing in : Comptia Training Novell Suse Linux Training Linux Consulting Citrix Xenserver Consulting. Partners. Citrix Comptia Novell Phd Virtual Backup Solutions Vmware

mosesk
Télécharger la présentation

Comptia Security+

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Eckel Technology Consultants Comptia Security+

  2. Introduction • Netlearn IT training and Consulting LLC. • Specializing in : • Comptia Training • Novell Suse Linux Training • Linux Consulting • Citrix Xenserver Consulting

  3. Partners • Citrix • Comptia • Novell • Phd Virtual Backup Solutions • Vmware • Symantec

  4. Contact Information • Kevin Eckel • sales@netlearnit.com • 1239 Bower Hill Rd. • Pittsburgh PA 15243 • Phone 412-401-6852 • Fax 412-894-9012

  5. The Exam SY0-201 • Time: 90 minutes • Number of Questions: 100 • Passing Score: 750 /1000 • Some Beta Questions which do not count towards your score • Exam Format: Multiple choice where you chose the best answer (radio buttons) or multiple correct answers ( square )

  6. Tested Material Breakdown • Network Security 21% • Compliance and Operational Security 18% • Threats and Vulnerabilities 21% • Application, Data and Host Security 16% • Access Control 13% • Cryptography 11%

  7. Objectives • Network Security • Network Devices • Firewalls • Routers • Switches • Load Balancers • Proxies • Web Security Gateways • VPN Concentrators • NIDS and NIPS ( Behavior, signature and anamoly, Heuristic ) • Protocol Analyzers • Spam filters • Web Application Filters • URL filtering

  8. Network Security Cont. • Implementation • Rule based • Vlans • ACLs • Port Security • Wireless • Flood Guards • Loop Protection • Implicit Deny • Log Analysis

  9. Network Security Cont. 2 • Network Design Elements • DMZ • Subnet • Vlan • Nat • Remote Access Control • NAC • Virtulization • Cloud Computing ( PAAS, SAAS, IAAS )

  10. Wireless • Wireless Protocols • WEP,WPA,WPA2,EAP,PEAP • Wireless Security • Mac Filtering • SSID • TKIP • CCMP • Antenna Placement • Power Level Controls

  11. Compliance and Operational Security • Control Types • Technical • Management • Operational • False Positives • Policies • Privacy • Acceptable Use • Security • Mandatory Vacations • Job Rotation • Separation of Duties • Least Privilege

  12. Risk Calculation • Likelihood • ALE • Impact • Quantitative VS Qualitative • Risk Management Procedures • Avoidance • Transference • Acceptance • Mitigation • Deterence

  13. Basic Forensics • Order of volatility • Capture System Image • Network Traffic and Logs • Capture Video • Record Time Offset • Take Hashes • Screenshots • Witness • Track People Hours and expense

  14. Forensics Cont. • Damage and Loss Control • Chain of Custody • Incident Response • Security Training • PII

  15. Risk Mitigation • Security Controls • Change Management • Incident Management • User Rights • Audits • Policies and Procedures • Incident Response Procedures

  16. Network Security Cont. 3 • Implementing Common Protocols • IPSEC • SNMP • SSH,SCP • DNS • TLS • HTTP,HTTPS,SSL • TCP/IP,IPv4,IPv6 • TFTP,FTP,SFTP,FTPS • NETBIOS

  17. Hardware Security • Bios • USB Devices • Cell Phones • Removeable Storage • NAS

  18. OS hardening • Hotfixes • Service Packs • Patches • Patch Management • Group Policies • Security Templates • Configuration Baselines

  19. Establishing Security

  20. Security Awareness Training • Security Policy training • PII • Data Classification • Compliance • User Habits • Password • Data Handling • Clean desk policies • Tailgating • Threat Awareness • Phlishing • Zero Day Attacks • Social Networking

  21. Business Continuity • Business Impact Analysis (BIA) • Single point of failure • Continuity of operations • Disaster Recovery • IT contingency planning • Succession Planning

  22. Environmental Controls • HVAC • Fire Suppression • EMI • Hot and Cold Aisles • Environmental monitoring • Temperature and humidity controls • Video Monitoring

  23. Execute disaster Recovery Plans • Backup/Backout contingency plans • Backup, execution and frequency • Redundancy and fault tolerance • Hardware • Raid • Cluster • Load balancing • HA • Cold site, hot site, warm site • Mean time to restore, mean time between failures, recovery time objectives and recovery point objectives.

  24. Pillars of Security • Confidentiality • Integrity • Availability

  25. Threats and Vulnerabilities • Types of malware • Adware • Virus • Worm • Spyware • Trojan • Rootkits • Backdoors • Logic Bomb • Botnets

  26. Types of attacks • Man in the middle • Ddos • Dos • Replay • Smurf • Spoofing • Spam • Phlishing

  27. Attacks Cont. • Spim • Vishing • Spear Phishing • Xmas Attack • Pharming • Privilege Escalation • Malicious Insider Threat • Dns Poisoning and Arp Poisoning • Transitive Access • Client Side Attacks

  28. Social Engineering Attacks • Shoulder surfing • Dumpster Diving • Tailgating • Impersonation • Hoaxes • Whaling • Vishing

  29. Wireless Attacks • Rogue Access Points • Interference • Evil Twin • War Driving • Bluejacking • Bluesnarfing • War Chalking • IV attack • Packet Sniffing

  30. Application Attacks • Cross Site scripting • SQL injection • LDAP • XML injection • Directory transversal/command injection • Buffer Overflow • Zero Day • Cookies • Malicous Add-ons • Session Hijacking • Header Manipulation

  31. Mitigation Techniques • Failsafe/secure • Logs • Event Logs • Audit Logs • Security • Access Logs

  32. Physical Security • Hardware Locks • Mantraps • Video Surveillance • Fencing • Proximity Readers • Access List

  33. Hardening • Disable Unnecessary Services • Protect Management Services • Password Protection • Disable Unnecessary Accounts

  34. Port Security • Mac filtering • 802.1x • Disable unused ports

  35. Security Posture • Initial Baseline Configuration • Continuous Security Monitoring • Remediation

  36. Reporting • Alarms • Alerts • Trends

  37. Correction vs Prevention • IDS vs IPS • Camera vs guard • Vulnerability scans • Tools • Protocol Analyzer • Sniffer • Vulnerability Scanner • Honey Pots • Honey Nets • Port Scanner

  38. Risk Calculation • Threat vs Likelihood

  39. Assessment Technique • Baseline Reporting • Code Review • Determine Attack Surface • Architecture Design Review • Penetration Testing • Vulnerability Testing • Black vs White vs Grey Box testing

  40. Application Data and Host Security • Fuzzing • Secure coding concepts • Error and exception handling • Input validation • Cross site scripting Prevention • Cross site request forgery • Application configuration baseline • Application hardening • Application Patch Mgmt

  41. Host Security • OS security and settings • Ant: • Virus • Spam • Spyware • Pop-ups • Host based firewalls • Patch mgmt

  42. Hardware Security • Cable locks • Safe • Locking cabinets • Host security baselining

  43. Mobile Devices • Screen lock • Strong Password • Device Encryption • Remote Wipe • Voice Encryption • GPS tracking

  44. Virtualization • Guest Operating Systems Isolated from each other and hypervisor • Each guest needs to be patched individually

  45. Data Security • Data Loss Prevention • Full Disk Encryption • Database • Removable media • Mobile files

  46. Hardware based Encryption • TPM • HSM • USB • Hard Drive • Cloud Computing

  47. Access Control and Identity management • Radius • TACACS+ • Kerberos • LDAP • XTACACS

  48. AuthenticationAuthorizationAuditing • Identification • Authentication • Multifactor Authentication

More Related