Security+ Certification/Assessments & Audits

4.1 Conduct risk assessments and implement risk mitigation edit

4.2 Carry out vulnerability assessment using common tools edit

  • Port scanners
  • Vulnerability scanners
  • Protocol analyzers

  • OVAL
  • Password crackers
  • Network mappers

4.3 Explain the proper use of penetration testing versus vulnerability scanning edit

4.4 Use monitoring tools on systems and networks and detect security-related anomalies edit

  • Performance monitor
  • Systems monitor
  • Performance baseline
  • Protocol analyzers

4.5 Compare and contrast various types of monitoring methodologies edit

  • Behavior-based
  • Signature-based
  • Anomaly-based

4.6 Execute proper logging procedures and evaluate the results edit

  • Security application
  • DNS
  • System
  • Performance

  • Access
  • Firewall
  • Antivirus

4.7 Conduct periodic audits of system security settings edit

  • User access and rights review
  • Storage and retention policies
  • Group policies