Comptia Security Eckel Technology Consultants Introduction Netlearn IT
- Slides: 49
Comptia Security+ Eckel Technology Consultants
Introduction Netlearn IT training and Consulting LLC. Specializing in : Comptia Training Novell Suse Linux Training Linux Consulting Citrix Xenserver Consulting
Partners Citrix Comptia Novell Phd Virtual Backup Solutions Vmware Symantec
Contact Information Kevin Eckel sales@netlearnit. com 1239 Bower Hill Rd. Pittsburgh PA 15243 Phone 412 -401 -6852 Fax 412 -894 -9012
The Exam SY 0 -201 Time: 90 minutes Number of Questions: 100 Passing Score: 750 /1000 Some Beta Questions which do not count towards your score Exam Format: Multiple choice where you chose the best answer (radio buttons) or multiple correct answers ( square )
Tested Material Breakdown Network Security 21% Compliance and Operational Security 18% Threats and Vulnerabilities 21% Application, Data and Host Security 16% Access Control 13% Cryptography 11%
Objectives Network Security Network Devices Firewalls Routers Switches Load Balancers Proxies Web Security Gateways VPN Concentrators NIDS and NIPS ( Behavior, signature and anamoly, Heuristic ) Protocol Analyzers Spam filters Web Application Filters URL filtering
Network Security Cont. Implementation Rule based Vlans ACLs Port Security Wireless Flood Guards Loop Protection Implicit Deny Log Analysis
Network Security Cont. 2 Network Design Elements DMZ Subnet Vlan Nat Remote Access Control NAC Virtulization Cloud Computing ( PAAS, SAAS, IAAS )
Wireless Wireless Protocols WEP, WPA 2, EAP, PEAP Wireless Security Mac Filtering SSID TKIP CCMP Antenna Placement Power Level Controls
Compliance and Operational Security Control Types Technical Management Operational False Positives Policies Privacy Acceptable Use Security Mandatory Vacations Job Rotation Separation of Duties Least Privilege
Risk Calculation Likelihood ALE Impact Quantitative VS Qualitative Risk Management Procedures Avoidance Transference Acceptance Mitigation Deterence
Basic Forensics Order of volatility Capture System Image Network Traffic and Logs Capture Video Record Time Offset Take Hashes Screenshots Witness Track People Hours and expense
Forensics Cont. Damage and Loss Control Chain of Custody Incident Response Security Training PII
Risk Mitigation Security Controls Change Management Incident Management User Rights Audits Policies and Procedures Incident Response Procedures
Network Security Cont. 3 Implementing Common Protocols IPSEC SNMP SSH, SCP DNS TLS HTTP, HTTPS, SSL TCP/IP, IPv 4, IPv 6 TFTP, SFTP, FTPS NETBIOS
Hardware Security Bios USB Devices Cell Phones Removeable Storage NAS
OS hardening Hotfixes Service Packs Patches Patch Management Group Policies Security Templates Configuration Baselines
Establishing Security
Security Awareness Training Security Policy training PII Data Classification Compliance User Habits Password Data Handling Clean desk policies Tailgating Threat Awareness Phlishing Zero Day Attacks Social Networking
Business Continuity Business Impact Analysis (BIA) Single point of failure Continuity of operations Disaster Recovery IT contingency planning Succession Planning
Environmental Controls HVAC Fire Suppression EMI Hot and Cold Aisles Environmental monitoring Temperature and humidity controls Video Monitoring
Execute disaster Recovery Plans Backup/Backout contingency plans Backup, execution and frequency Redundancy and fault tolerance Hardware Raid Cluster Load balancing HA Cold site, hot site, warm site Mean time to restore, mean time between failures, recovery time objectives and recovery point objectives.
Pillars of Security Confidentiality Integrity Availability
Threats and Vulnerabilities Types of malware Adware Virus Worm Spyware Trojan Rootkits Backdoors Logic Bomb Botnets
Types of attacks Man in the middle Ddos Dos Replay Smurf Spoofing Spam Phlishing
Attacks Cont. Spim Vishing Spear Phishing Xmas Attack Pharming Privilege Escalation Malicious Insider Threat Dns Poisoning and Arp Poisoning Transitive Access Client Side Attacks
Social Engineering Attacks Shoulder surfing Dumpster Diving Tailgating Impersonation Hoaxes Whaling Vishing
Wireless Attacks Rogue Access Points Interference Evil Twin War Driving Bluejacking Bluesnarfing War Chalking IV attack Packet Sniffing
Application Attacks Cross Site scripting SQL injection LDAP XML injection Directory transversal/command injection Buffer Overflow Zero Day Cookies Malicous Add-ons Session Hijacking Header Manipulation
Mitigation Techniques • • Failsafe/secure Logs – – Event Logs Audit Logs Security Access Logs
Physical Security • • • Hardware Locks Mantraps Video Surveillance Fencing Proximity Readers Access List
Hardening • • Disable Unnecessary Services Protect Management Services Password Protection Disable Unnecessary Accounts
Port Security • • • Mac filtering 802. 1 x Disable unused ports
Security Posture • • • Initial Baseline Configuration Continuous Security Monitoring Remediation
Reporting • • • Alarms Alerts Trends
Correction vs Prevention • • IDS vs IPS Camera vs guard Vulnerability scans Tools – – – Protocol Analyzer Sniffer Vulnerability Scanner Honey Pots Honey Nets Port Scanner
Risk Calculation • Threat vs Likelihood
Assessment Technique • • Baseline Reporting Code Review Determine Attack Surface Architecture Design Review Penetration Testing Vulnerability Testing Black vs White vs Grey Box testing
Application Data and Host Security • • • Fuzzing Secure coding concepts Error and exception handling Input validation Cross site scripting Prevention Cross site request forgery Application configuration baseline Application hardening Application Patch Mgmt
Host Security • • OS security and settings Ant: • • Host based firewalls Patch mgmt – – Virus Spam Spyware Pop-ups
Hardware Security • • • Cable locks Safe Locking cabinets • Host security baselining
Mobile Devices – – – Screen lock Strong Password Device Encryption Remote Wipe Voice Encryption GPS tracking
Virtualization • • Guest Operating Systems Isolated from each other and hypervisor Each guest needs to be patched individually
Data Security • Data Loss Prevention – – Full Disk Encryption Database Removable media Mobile files
Hardware based Encryption • • • TPM HSM USB Hard Drive Cloud Computing
Access Control and Identity management • • • Radius TACACS+ Kerberos LDAP XTACACS
Authentication Authorization Auditing • • • Identification Authentication Multifactor Authentication
- Private secruity
- Keystone technology consultants
- Osi security architecture in hindi
- Security guide to network security fundamentals
- Wireless security in cryptography
- Explain about visa international security mode
- Electronic mail security in network security
- Nstissc security model in information security
- E commerce security meaning
- Building security software
- Security guide to network security fundamentals
- Security guide to network security fundamentals
- Defense technology security administration
- Julia timeit
- Modern data architecture consultants
- Christian capital campaign consultants
- Disability management consultants
- Hospitality integrated solutions
- Humuza consultants
- Lymphocytes normal range
- Writing center gvsu
- Pavalascu risk consultants
- First up consultants
- First up consultants
- Ecm education consultants
- Daniel cheung aviation tax
- Baringa logo
- Nec managing director
- Arete consultants pvt ltd
- Knowledge management consultants
- Global marketing consultants
- Society of risk management consultants
- Odc license consultants
- Protech consultants pvt ltd
- Ulster hospital neurology consultants
- Hs consultants
- First up consultants
- Fiducia management consultants
- Human performance consultants
- Business partner consultants limited
- First up consultants
- Barking spider australia
- Sogreah
- Habib risk consultants
- Doug hansen
- Bray v ford
- Australian contaminated land consultants association
- Estoy lista
- Society of risk management consultants
- Exim international trade consultants