Security+ Certification/Threats and Vulnerabilities
Threats and Vulnerabilities
Analyze and differentiate among types of malware
↑Jump back a sectionAnalyze and differentiate among types of attacks
|
|
|
Analyze and differentiate among types of mitigation and deterrent techniques
Manual bypassing of electronic controls
- Failsafe/secure vs. failopen
Monitoring system logs
- Event logs
- Audit logs
- Security logs
- Access logs
Physical security
- Hardware locks
- Mantraps
- Video surveillance
- Fencing
- Proximity readers
- Access list
Hardening
- Disabling unnecessary services
- Protecting management interfaces and applications
- Password protection
- Disabling unnecessary accounts
Port security
- MAC limiting and filtering
- 802.1x
- Disabling unused ports
Security posture
- Initial baseline configuration
- Continuous security monitoring
- remediation
Reporting
- Alarms
- Alerts
- Trends
Detection controls vs. prevention controls
- IDS vs. IPS
- Camera vs. guard
Implement assessment tools and techniques to discover security threats and vulnerabilities
Vulnerability scanning and interpret results Tools
- Protocol analyzer
- Sniffer
- Vulnerability scanner
- Honeypots
- Honeynets
- Port scanner
Risk calculations
- Threat vs. likelihood
Assessment types
- Risk
- Threat
- Vulnerability
Assessment technique
- Baseline reporting
- Code review
- Determine attack surface
- Architecture
- Design reviews
Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning
- Penetration testing
- Verify a threat exists
- Bypass security controls
- Actively test security controls
- Exploiting vulnerabilities
- Vulnerability scanning
- Passively testing security controls
- Indentify vulnerability
- Indentify lack of security controls
- Indentify common misconfiguration
- Black box
- White box
- Gray box