Last modified on 7 September 2012, at 14:06

Security+ Certification/Threats and Vulnerabilities

Threats and VulnerabilitiesEdit

Analyze and differentiate among types of malwareEdit

Analyze and differentiate among types of attacksEdit

Analyze and differentiate among types of social engineering attacksEdit

Analyze and differentiate among types of wireless attacksEdit

Analyze and differentiate among types of application attacksEdit

Analyze and differentiate among types of mitigation and deterrent techniquesEdit

Manual bypassing of electronic controls

  • Failsafe/secure vs. failopen

Monitoring system logs

  • Event logs
  • Audit logs
  • Security logs
  • Access logs

Physical security

  • Hardware locks
  • Mantraps
  • Video surveillance
  • Fencing
  • Proximity readers
  • Access list

Hardening

  • Disabling unnecessary services
  • Protecting management interfaces and applications
  • Password protection
  • Disabling unnecessary accounts

Port security

  • MAC limiting and filtering
  • 802.1x
  • Disabling unused ports

Security posture

  • Initial baseline configuration
  • Continuous security monitoring
  • remediation

Reporting

  • Alarms
  • Alerts
  • Trends

Detection controls vs. prevention controls

  • IDS vs. IPS
  • Camera vs. guard

Implement assessment tools and techniques to discover security threats and vulnerabilitiesEdit

Vulnerability scanning and interpret results Tools

  • Protocol analyzer
  • Sniffer
  • Vulnerability scanner
  • Honeypots
  • Honeynets
  • Port scanner

Risk calculations

  • Threat vs. likelihood

Assessment types

  • Risk
  • Threat
  • Vulnerability

Assessment technique

  • Baseline reporting
  • Code review
  • Determine attack surface
  • Architecture
  • Design reviews

Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanningEdit

  • Penetration testing
    • Verify a threat exists
    • Bypass security controls
    • Actively test security controls
  • Exploiting vulnerabilities
    • Vulnerability scanning
    • Passively testing security controls
    • Indentify vulnerability
    • Indentify lack of security controls
    • Indentify common misconfiguration
  • Black box
  • White box
  • Gray box