Security+ Certification/Assessments & Audits

4.1 Conduct risk assessments and implement risk mitigation

4.2 Carry out vulnerability assessment using common tools

  • Port scanners
  • Vulnerability scanners
  • Protocol analyzers
  • OVAL
  • Password crackers
  • Network mappers

4.3 Explain the proper use of penetration testing versus vulnerability scanning

4.4 Use monitoring tools on systems and networks and detect security-related anomalies

  • Performance monitor
  • Systems monitor
  • Performance baseline
  • Protocol analyzers

4.5 Compare and contrast various types of monitoring methodologies

  • Behavior-based
  • Signature-based
  • Anomaly-based

4.6 Execute proper logging procedures and evaluate the results

  • Security application
  • DNS
  • System
  • Performance
  • Access
  • Firewall
  • Antivirus

4.7 Conduct periodic audits of system security settings

  • User access and rights review
  • Storage and retention policies
  • Group policies
Last modified on 13 August 2009, at 16:19