Last modified on 13 August 2009, at 16:19

Security+ Certification/Assessments & Audits

4.1 Conduct risk assessments and implement risk mitigationEdit

4.2 Carry out vulnerability assessment using common toolsEdit

  • Port scanners
  • Vulnerability scanners
  • Protocol analyzers
  • OVAL
  • Password crackers
  • Network mappers

4.3 Explain the proper use of penetration testing versus vulnerability scanningEdit

4.4 Use monitoring tools on systems and networks and detect security-related anomaliesEdit

  • Performance monitor
  • Systems monitor
  • Performance baseline
  • Protocol analyzers

4.5 Compare and contrast various types of monitoring methodologiesEdit

  • Behavior-based
  • Signature-based
  • Anomaly-based

4.6 Execute proper logging procedures and evaluate the resultsEdit

  • Security application
  • DNS
  • System
  • Performance
  • Access
  • Firewall
  • Antivirus

4.7 Conduct periodic audits of system security settingsEdit

  • User access and rights review
  • Storage and retention policies
  • Group policies