SlideShare une entreprise Scribd logo

Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)

C
chhoup
Technologie
1  sur  18
Télécharger pour lire hors ligne
Expert Reference Series of White Papers Ten New Topics on Security+ 2011 (SY0-301) (Domain 1.0: Network Security) 1-800-COURSES www.globalknowledge.com
Ten New Topics on Security+ 2011 (SY0-301) Domain 1.0: Network Security) James Michael Stewart, CISSP, ISSAP, SSCP, CEI, CEH, CPTE, QSA, QISP, Security+, Network+ Introduction It has been about three years since the last revision of the CompTIA Security+ exam back in 2008. In early sum- mer of 2011, the latest version, SY0-301, was released. This revamped exam focuses more on risk, operational security, and mobile device security. It also clearly emphasizes security in three main areas: application, data, and host. In preparing to take the SY0-301 exam, you should pay special attention to the new topics and issues added to this latest revision. The first domain in the updated exam is Network Security, and the topics tested in this domain include: 1.1 Explain the security function and purpose of network devices and technology. 1.2 Apply and implement secure network administration principles 1.3 Distinguish and differentiate network design elements and compounds 1.4 Implement and use common protocols 1.5 Identify commonly used default network ports 1.6 Implement wireless network in a secure manner Note: The number in parenthesis after each topic is the official objective sub-domain reference for SY0-301 as defined by CompTIA. Please see the official objectives list in the Appendix at the end of this paper, or visit www. comptia.org for a complete accounting of the objectives. To help you prepare, let’s look at ten new and important topics in the Network Security domain of the exam. 1. Web Security Gateways (1.1) A Web security gateway is a Web proxy server with a Web application firewall along with several other poten- tial features, such as anti-virus, content filtering, keyword matching, striping of cookies, blocking of client-side execution agents, etc. Some Web security gateways even include some non-Web specific features such as IM filtering, SPAM filtering, e-mail oversight, spoofing prevention, and blocking file sharing services. 2. Load Balancers (1.1) A load balancer is used to spread or distribute work load over multiple systems or devices. While commonly used in relation to servers, the concept can also be applied to hard drives, CPUs, or network segments. Load Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 2
balancers can assist in optimizing network capacity utilization, reducing overloading, increase throughput, minimize latency and response time, and reduce bottlenecks. Load balancing can take advantage of a variety of techniques or technologies, including random choice, round robin, load monitoring, and preferencing. A load balancer can be implemented in either software or hardware. 3. Flood Guards and Loop Protection (1.2) A flood guard detects denial of service (DoS) levels of traffic and interrupts the flow of the unwanted activity. A flood guard works to prevent flooding attacks from reaching an internal network. Loop protection is the technology used to prevent redundant network loops that might support infinite trans- mission of frames or packets. Switches and bridges often support Spanning Tree Protocol (STP) that provides protection against layer 2 loops. The IP protocol itself includes a loop protection feature, commonly known as the Time To Live (TTL). This decrementing counter decreases by one just before a router transmits a packet onto yet another subnet. When this value reaches 0, a router will no longer forward the packet; instead, it sends back an Internet Control Message Protocol (ICMP) Type 11 Timeout Exceeded response to the sender. This effectively prevents infinite transmissions, although it does not necessarily directly prevent loops. 4. Cloud Computing (1.3) Cloud computing refers to resources and services made accessible over Internet connections or other forms of data pathways. Cloud computing allows data and services to be hosted elsewhere instead of on local hardware. Cloud computing consists of several variations, including Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). SaaS provides access to applications and data services (such as Google Docs); PaaS provides access to virtualized OS environments (such as Amazon Web Services); and IaaS provides access to large scale services or solutions (such as GoGrid). 5. FTPS and SFTP (1.4/1.5) File Transfer Protocol (FTP) is a well-known but inherently insecure protocol for file transfers. Two alternatives or variations of FTP that offer security through encrypted authentication and data transfer are File Transfer Protocol Secure (FTPS) and Secure File Transfer Protocol (SFTP). FTPS is protected using SSL or TLS and operates over TCP ports 989 and 990. SFTP is protected using SSH and operates over TCP port 22, as does every SSH-protected protocol. 6. IPv4 vs IPv6 (1.4) IPv4 was defined in 1981 in RFC 791, and is currently the most widely used OSI Layer 3 Networking layer pro- tocol. IPv4 uses a 32 bit address divided into 5 classes, three of which (A, B, and C) are used mainly for public addresses. Class D is used for multicasting. Class E is reserved. IPv6 was designed as the replacement for IPv4, and was finalized in 1998 in RFC 2460. IPv6 uses a 128 bit ad- dress. While similar in function, IPv6 is not backward compatible with IPv4; thus, specialized translation gate- Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 3
ways are required to link networks using the different versions. Additionally, IPSec is an integral part of IPv6, while it is just an optional add-on for IPv4. 7. Wireless Networking Standards: WEP, WPA, WPA2 (1.6) There is a significant increase in the amount and level of wireless content on the new Sec+ SY0-301 exam. Four of my top 10 new issues are focusing on various aspects of new wireless content. The standards of wireless networking for authentication and encryption range from completely open and insecure to potentially reliably secure. The original 802.11 specification allowed for open system authentication (OSA) [which means neither authentication nor encryption], and the optional wireless equivalent privacy (WEP) [which is no better than OSA, as it is now crackable in 60 seconds]. The 802.11i amendment paved the way for WiFi Protected Access (WPA) and later WPA2 as alternatives to WEP. WPA resolved many of the problems with WEP; however, recent advances in cryptography attacks and compu- tational capabilities have revealed attacks that can crack WPA encryption in as little as four hours in specific circumstances. The WPA2 variation uses Advanced Encryption Standard (AES) as the main encryption protocol, and as of mid- 2011, no attacks are known to compromise AES encryption. However, even with unassailable encryption, WPA2 still has a vulnerability if a poor preshared key (PSK) is selected or weak enterprise authentication is leveraged via 802.1x/EAP. 8. Wireless Authentication Technologies: EAP, PEAP, LEAP (1.6) Extensible Authentication Protocol (EAP) was first deployed as an alternative extension to point to point protocol (PPP) as a future proofing/supporting mechanism. Over time, EAP has made many additional forms of authentication possible and allowed many of these forms to be used on a wider number of devices. In relation to wireless, EAP is used by WPA and WPA2 to support EAP-TLS, EAP-PSK, EAP-MD5, LEAP, and PEAP. EAP-TLS supports encrypted authentication tunneling over TLS. EAP-PSK supports secured mutual authentication using preshared keys. EAP-MD5 offers only hash-protected password exchanges and is considered a deprecated legacy variation. Lightweight Extensible Authentication Protocol (LEAP) is a Cisco proprietary protocol. LEAP is considered weak and is not recommended for use. It has been supplanted by Protected Extensible Authentication Protocol (PEAP). PEAP is a more secure variation of the EAP-TLS concept created by Cisco, Microsoft, and RSA. 9. Wireless Security: MAC filtering, TKIP, CCMP (1.6) Wireless security involves many aspects, some of which were on the previous exam. However, at least 3 addi- tional topics appear on the new exam. MAC filtering ignores all wireless interfaces except those on a white list as identified by MAC address. This can also be inverted on some base stations to be a black list to ignore known Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 4
malicious systems. Unfortunately, spoofing MAC addresses is quite simple and an easy way around this “secu- rity” feature. Temporal Key Integrity Protocol (TKIP) was the initial replacement for WEP and allowed for greater security while still operating on existing/legacy hardware. TKIP is implemented under WPA. However, TKIP is no longer considered secure and should be replaced by WPA2. Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) replaces both WEP and WPA (TKIP) as implemented by WPA2. CCMP uses 128 bit AES encryption. WPA2’s CCMP is the most secure current wireless standard with no known attacks against the encryption. 10. Wireless Installation: Antenna Placement, Power Level Controls (1.6) When deploying a wireless access point, it is important to consider several installation issues. Two of these includ- ed on the new Sec+ exam are antenna placement and power level controls. Proper antenna type, strength, and orientation are needed to optimize valid authorized connections while minimizing unauthorized external connec- tions. Wireless signals are affected by interference, distance, and obstructions. Thus, it is important to perform a site survey to confirm usability of the wireless signal. Antennas can include omni-directional, parabolic, and Yagi. Once antenna placement and orientation are optimized, additional configurations might require manipulation of the power level controls. This adjustment alters the electronic strength of the antenna by varying the power used by the antenna. Power levels are usually pre-set by manufactures for typical optimal performance, but customization of these levels might be desired or essential, based on the facility and use of alternate antennas. Conclusion The Security+ 2011 (SY0-301) exam has been significantly updated. Well over 60 new topics have been added to the latest version of this exam. In the first topical domain: Network Security, there are at least 10 important new or updated topics that you need to focus on as you prepare for the exam. While you can self-study using the official CompTIA objectives list as a guide, you would benefit greatly by attending an up-to-date Security+ 2011 (SY0-301) training course. This way, you will have access to the latest exam study materials and the exper- tise of a highly qualified instructor. Through direct interaction with the instructor, as well as classmates, you are sure to be well-versed in these top 10 new Security+ topics, as well as all of the other relevant materials, on this new and challenging exam. Learn More Learn more about how you can improve productivity, enhance efficiency, and sharpen your competitive edge through training. Security+ Prep Course (SYO-301) Security+ Certification Boot Camp (SYO-301) Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 5
Visit www.globalknowledge.com or call 1-800-COURSES (1-800-268-7737) to speak with a Global Knowledge training advisor. About the Author James Michael Stewart has been working with computers and technology for over twenty-five years, focus- ing on security, certification, and various operating systems. Recently, Michael has been teaching job skill and certification courses, such as CISSP, CEH, and Security+. He is the primary author on the CISSP Study Guide 5th Edition, Security+ 2011 Review Guide, and Network Security, Firewalls, and VPNs. Michael has also contributed to many other CISSP and Security+ focused materials, including exam preparation guides, practice exams, DVD video instruction, and courseware. In addition, Michael has co-authored numerous books on other security and Microsoft certification, and admin- istration topics. He has developed certification courseware and training materials as well as presented these materials in the classroom. Michael holds numerous certifications, including CISSP, ISSAP, SSCP, CEI, CEH, CPTE, QSA, QISP, Security+, and Network+. Michael graduated in 1992 from the University of Texas at Austin with a bachelor’s degree in Philosophy. Despite his degree, his computer knowledge is self-acquired, based on seat-of the-pants hands-on “street smarts” experience. You can reach Michael by e-mail at michael@impactonline.com. Appendix A The chart below showcases the new SY0-301 objectives provided by CompTIA (see www.comptia.org) as compared to the previous objectives for s (2008 version). The comparison table focuses on new topics, terms, or phrases covered on the 2011 SYO 301 exam. SY0-301 2011 Objectives SY0-201 2008 Domain 1.0: Network Security 1.1 Explain the security function and purpose of network devices and technologies · Firewalls 1.5, 2.3, 2.4, 4.6 · Routers · Switches · Load Balancers · Proxies 2.3, 2.4 · Web security gateways · VPN concentrators 3.7 · NIDS and NIPS (Behavior based, signature based, anomaly based, heuristic) 2.3, 2.4 · Protocol analyzers 2.3, 2.4, 4.2, 4.4 · Sniffers 2.3, 2.4, 4.2, 4.4 · Spam filter, all-in-one security appliances 1.1, 1.5 · Web application firewall vs. network firewall 1.5, 2.3, 2.4, 4.6 · URL filtering, content inspection, malware inspection 2.3, 2.4 Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 6
1.2 Apply and implement secure network administration principles · Rule-based management 3.2 · Firewall rules 1.5, 2.3, 2.4, 4.6 · VLAN management 2.2 · Secure router configuration · Access control lists 3.5 · Port Security 2.1, 4.2 · 802.1x 3.7 · Flood guards · Loop protection · Implicit deny 3.1 · Prevent network bridging by network separation · Log analysis 3.9, 4.6 1.3 Distinguish and differentiate network design elements and compounds · DMZ 2.2 · Subnetting 2.2 · VLAN 2.2 · NAT 2.2 · Remote Access 3.7 · Telephony 2.2 · NAC 2.2 · Virtualization 1.6 · Cloud Computing - Platform as a Service - Software as a Service - Infrastructure as a Service 1.4 Implement and use common protocols · IPSec 5.4 · SNMP 2.1, 5.4 · SSH 5.4 · DNS 4.6, 5.4 · TLS 5.4 · SSL 5.4 · TCP/IP 5.4 · FTPS · HTTPS 5.4 · SFTP Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 7
· SCP · ICMP 5.4 · IPv4 vs. IPv6 1.5 Identify commonly used default network ports · FTP 2.1 · SFTP 2.1 · FTPS · TFTP 2.1 · TELNET 2.1, 5.4 · HTTP 2.1, 5.4 · HTTPS 2.1, 5.4 · SCP · SSH 2.1, 5.4 · NetBIOS 1.6 Implement wireless network in a secure manner · WPA · WPA2 · WEP · EAP 5.3 · PEAP · LEAP · MAC filter · SSID broadcast 2.7 · TKIP 5.3 · CCMP · Antenna Placement · Power level controls Domain 2.0: Compliance and Operational Security 2.1 Explain risk related concepts · Control types - Technical - Management - Operational · False positives · Importance of policies in reducing risk 6.4 - Privacy policy - Acceptable use Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 8
- Security policy - Mandatory vacations - Job rotation - Separation of duties - Least privilege · Risk calculation 4.1 - Likelihood - ALE - Impact · Quantitative vs. qualitative · Risk-avoidance, transference, acceptance, mitigation, deterrence · Risks associated to Cloud Computing and Virtualization 2.2 Carry out appropriate risk mitigation strategies · Implement security controls based on risk · Change management 6.4 · Incident management · User rights and permissions reviews 4.7 · Perform routine audits 4.7 · Implement policies and procedures to prevent data loss or theft 1.3, 4.7, 6.4 2.3 Execute appropriate incident response procedures · Basic forensic procedures 6.3 - Order of volatility - Capture system image - Network traffic and logs - Capture video - Record time offset - Take hashes - Screenshots - Witnesses - Track man hours and expense · Damage and loss control 6.3 · Chain of custody 6.3 · Incident response: first responder 6.3 2.4 Explain the importance of security related awareness and training · Security policy training and procedures 6.4, 6.6 · Personally identifiable information · Information classification: Sensitivity of data (hard or soft) 6.4 Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 9
· Data labeling, handling and disposal · Compliance with laws, best practices and standards 6.4 · User habits - Password behaviors - Data handling - Clean desk policies - Prevent tailgating - Personally owned devices · Threat awareness 1.1, 2.1 - New viruses - Phishing attacks - Zero days exploits · Use of social networking and P2P 1.4 2.5 Compare and contrast aspects of business continuity · Business impact analysis · Removing single points of failure 6.1 · Business continuity planning and testing · Continuity of operations · Disaster recovery 6.2 · IT contingency planning · Succession planning 2.6 Explain the impact and proper use of environmental controls · HVAC 6.5 · Fire suppression 6.5 · EMI shielding 6.5 · Hot and cold aisles · Environmental monitoring · Temperature and humidity controls · Video monitoring 2.7 Execute disaster recovery plans and procedures · Backup / backout contingency plans or policies 6.2 · Backups, execution and frequency 6.2 · Redundancy and fault tolerance 6.1 - Hardware - RAID - Clustering - Load balancing Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 10
- Servers · High availability · Cold site, hot site, warm site 6.1 · Mean time to restore, mean time between failures, recovery time objectives and recovery point objectives 2.8 Exemplify the concepts of confidentiality, integrity and availability (CIA) 5.1 Domain 3.0 Threats and Vulnerabilities 3.1 Analyze and differentiate among types of malware · Adware 1.1 · Virus 1.1 · Worms 1.1 · Spyware 1.1 · Trojan 1.1 · Rootkits 1.1 · Backdoors 2.5 · Logic bomb 1.1 · Botnets 1.1 3.2 Analyze and differentiate among types of attacks · Man-in-the-middle 2.1 · DDoS 2.1 · DoS 2.1 · Replay 2.1 · Smurf attack · Spoofing 2.1 · Spam 1.1 · Phishing 6.6 · Spim · Vishing · Spear phishing · Xmas attack · Pharming · Privilege escalation 1.1, 2.5 · Malicious insider threat · DNS poisoning and ARP poisoning 2.1 · Transitive access · Client-side attacks Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 11
3.3 Analyze and differentiate among types of social engineering attacks · Shoulder surfing 6.6 · Dumpster diving 6.6 · Tailgating · Impersonation · Hoaxes 6.6 · Whaling · Vishing 3.4 Analyze and differentiate among types of wireless attacks · Rogue access points 2.7 · Interference · Evil twin · War driving 2.7 · Bluejacking 2.7 · Bluesnarfing 2.7 · War chalking · IV attack · Packet sniffing 3.5 Analyze and differentiate among types of application attacks · Cross-site scripting 1.4 · SQL injection · LDAP injection · XML injection · Directory traversal/command injection · Buffer overflow 1.4 · Zero day · Cookies and attachments 1.4 · Malicious add-ons · Session hijacking 2.1 · Header manipulation 3.6 Analyze and differentiate among types of mitigation and deterrent techniques · Manual bypassing of electronic controls - Failsafe/secure vs. failopen · Monitoring system logs 3.9, 4.6 - Event logs - Audit logs - Security logs Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 12
- Access logs · Physical security 3.9 - Hardware locks - Mantraps - Video surveillance - Fencing - Proximity readers - Access list · Hardening 1.3 - Disabling unnecessary services - Protecting management interfaces and applications - Password protection - Disabling unnecessary accounts · Port security 1.1, 4.2 - MAC limiting and filtering - 802.1x - Disabling unused ports · Security posture - Initial baseline configuration 1.3, 4.4 - Continuous security monitoring - remediation · Reporting - Alarms - Alerts - Trends · Detection controls vs. prevention controls - IDS vs. IPS - Camera vs. guard 3.7 Implement assessment tools and techniques to discover security threats and vulnerabilities · Vulnerability scanning and interpret results 4.2, 4.3, 4.4 · Tools 2.3, 4.2, 4.4 - Protocol analyzer - Sniffer - Vulnerability scanner - Honeypots - Honeynets Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 13
- Port scanner · Risk calculations - Threat vs. likelihood · Assessment types 4.1 - Risk - Threat - Vulnerability · Assessment technique 4.4 - Baseline reporting - Code review - Determine attack surface - Architecture - Design reviews 3.8 Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning · Penetration testing 4.3 - Verify a threat exists - Bypass security controls - Actively test security controls - Exploiting vulnerabilities · Vulnerability scanning 4.2, 4.3 - Passively testing security controls - Indentify vulnerability - Indentify lack of security controls - Indentify common misconfiguration · Black box · White box · Gray box Domain 4.0 Application, Data and Host Security 4.1 Explain the importance of application security · Fuzzing · Secure coding concepts - Error and exception handling - Input validation · Cross-site scripting prevention 1.4 · Cross-site Request Forgery (XSRF) prevention · Application configuration baseline (proper settings) 1.3, 4.4 Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 14
· Application hardening · Application patch management 1.3 4.2 Carry out appropriate procedures to establish host security · Operating system security and settings 1.3 · Anti-malware 1.5 - Anti-virus - Anti-spam - Anti-spyware - Pop-up blockers - Host-based firewalls · Patch management 1.3 · Hardware security 3.9 - Cable locks - Safe - Locking cabinets · Host software baselining · Mobile devices - Screen lock - Strong password - Device encryption - Remote wipe/sanitation - Voice encryption - GPS tracking · Virtualization 4.3 Explain the importance of data security · Data Loss Prevention (DLP) · Data encryption 5.1 - Full disk - Database - Individual files - Removable media - Mobile devices · Hardware based encryption devices 5.1 - TPM - HSM - USB encryption - Hard drive Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 15
· Cloud computing Domain 5.0 Access Control and Identity Management 5.1 Explain the function and purpose of authentication services · RADIUS 3.7 · TACACS 3.7 · TACACS+ 3.7 · Kerberos 3.7 · LDAP 3.7 · XTACACS 3.7 5.2 Explain the fundamental concepts and best practices related to authentication, authorization and access control · Identification vs. authentication 3.8 · Authentication (single factor) and authorization · Multifactor authentication · Biometrics 3.7 · Tokens 3.5, 3.9 · Common access card · Personal identification verification card · Smart card 3.5, 3.6, 3.7 · Least privilege 3.1 · Separation of duties 3.1 · Single sign on 3.6 · ACLs 3.5 · Access control all of obj 3 · Mandatory access control 3.2 · Discretionary access control 3.2 · Role/rule-based access control 3.2 · Implicit deny 3.1 · Time of day restrictions 3.5 · Trusted OS · Mandatory vacations 6.4 · Job rotation 3.1 5.3 Implement appropriate security controls when performing account management · Mitigates issues associated with users with multiple account/roles · Account policy enforcement 3.5 - Password complexity - Expiration Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 16
- Recovery - Length - Disablement - Lockout · Group based privileges 3.3 · User assigned privileges 3.3 Domain 6.0 Cryptography 6.1 Summarize general cryptography concepts · Symmetric vs. asymmetric 5.1 · Fundamental differences and encryption methods - Block vs. stream · Transport encryption · Non-repudiation 5.1 · Hashing 5.2 · Key escrow 5.5 · Steganography 5.1 · Digital signatures 5.1 · Use of proven technologies · Elliptic curve and quantum cryptography 5.3 6.2 Use and apply appropriate cryptographic tools and products · WEP vs. WPA/WPA2 and preshared key · MD5 5.2 · SHA 5.2 · RIPEMD · AES 5.3 · DES 5.3 · 3DES 5.3 · HMAC · RSA 5.3 · RC4 · One-time-pads 5.3 · CHAP 3.7 · PAP 3.7 · NTLM 5.2 · NTLMv2 5.2 · Blowfish · PGP/GPG 5.3 Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 17
· Whole disk encryption · TwoFish · Comparative strengths of algorithms · Use of algorithms with transport encryption 5.4 - SSL - TLS - IPSec - SSH - HTTPS 6.3 Explain the core concepts of public key infrastructure · Certificate authorities and digital certificates 5.1, 5.5, 5.6 - CA - CRLs · PKI 5.1, 5.5, 5.6 · Recovery agent 5.5, 5.6 · Public key 5.5, 5.6 · Private key 5.5, 5.6 · Registration 5.5, 5.6 · Key escrow 5.5, 5.6 · Trust models 5.5 6.4 Implement PKI, certificate management and associated components · Certificate authorities and digital certificates 5.1, 5.5, 5.6 - CA - CRLs · PKI 5.1, 5.5, 5.6 · Recovery agent 5.5, 5.6 · Public key 5.5, 5.6 · Private keys 5.5, 5.6 · Registration 5.5, 5.6 · Key escrow 5.5, 5.6 · Trust models 5.5 Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 18

Recommandé

I psec cisco
I psec ciscoI psec cisco
I psec ciscoDeepak296
 
Cns unit4
Cns unit4Cns unit4
Cns unit4PRADEEPJ30
 
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...Dr. Amarjeet Singh
 
Wireless Security
Wireless SecurityWireless Security
Wireless SecurityUniversità Degli Studi Di Salerno
 
Chapter 11
Chapter 11Chapter 11
Chapter 11cclay3
 
DEH-DoSv6: A defendable security model against IPv6 extension headers denial ...
DEH-DoSv6: A defendable security model against IPv6 extension headers denial ...DEH-DoSv6: A defendable security model against IPv6 extension headers denial ...
DEH-DoSv6: A defendable security model against IPv6 extension headers denial ...journalBEEI
 
Lecture 5 ip security
Lecture 5 ip securityLecture 5 ip security
Lecture 5 ip securityrajakhurram
 
Chapter 1 overview
Chapter 1 overviewChapter 1 overview
Chapter 1 overviewali raza
 

Recommandé

I psec cisco
I psec ciscoI psec cisco
I psec ciscoDeepak296
 
Cns unit4
Cns unit4Cns unit4
Cns unit4PRADEEPJ30
 
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...Dr. Amarjeet Singh
 
Wireless Security
Wireless SecurityWireless Security
Wireless SecurityUniversità Degli Studi Di Salerno
 
Chapter 11
Chapter 11Chapter 11
Chapter 11cclay3
 
DEH-DoSv6: A defendable security model against IPv6 extension headers denial ...
DEH-DoSv6: A defendable security model against IPv6 extension headers denial ...DEH-DoSv6: A defendable security model against IPv6 extension headers denial ...
DEH-DoSv6: A defendable security model against IPv6 extension headers denial ...journalBEEI
 
Lecture 5 ip security
Lecture 5 ip securityLecture 5 ip security
Lecture 5 ip securityrajakhurram
 
Chapter 1 overview
Chapter 1 overviewChapter 1 overview
Chapter 1 overviewali raza
 
CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11Irsandi Hasan
 
Logger Forwarding Connector for NNMi 7.3.0.7837.0 Configuration Guide
Logger Forwarding Connector for NNMi 7.3.0.7837.0 Configuration Guide Logger Forwarding Connector for NNMi 7.3.0.7837.0 Configuration Guide
Logger Forwarding Connector for NNMi 7.3.0.7837.0 Configuration Guide Protect724manoj
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
 
Throughput Analysis of IEEE WLAN "802.11 ac" Under WEP, WPA, and WPA2 Securit...
Throughput Analysis of IEEE WLAN "802.11 ac" Under WEP, WPA, and WPA2 Securit...Throughput Analysis of IEEE WLAN "802.11 ac" Under WEP, WPA, and WPA2 Securit...
Throughput Analysis of IEEE WLAN "802.11 ac" Under WEP, WPA, and WPA2 Securit...CSCJournals
 
IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols NetProtocol Xpert
 
Deploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CXDeploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CXCisco Canada
 
college assignment on Applications of ipsec
college assignment on Applications of ipsec college assignment on Applications of ipsec
college assignment on Applications of ipsec bigchill29
 
IS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email SecurityIS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email SecuritySarthak Patel
 
CCNP Security-Firewall
CCNP Security-FirewallCCNP Security-Firewall
CCNP Security-Firewallmohannadalhanahnah
 
Ip security
Ip security Ip security
Ip security Dr.K.Sreenivas Rao
 
Cisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherCisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherLancope, Inc.
 
MIT EmTech TR35 India 2011
MIT EmTech TR35 India 2011MIT EmTech TR35 India 2011
MIT EmTech TR35 India 2011manav416
 
Security Delivery Platform: Best practices
Security Delivery Platform: Best practicesSecurity Delivery Platform: Best practices
Security Delivery Platform: Best practicesMihajlo Prerad
 
Meraki powered services bell
Meraki powered services bellMeraki powered services bell
Meraki powered services bellCisco Canada
 
IP Security
IP SecurityIP Security
IP SecurityAmbo University
 
V6 v4-threats
V6 v4-threatsV6 v4-threats
V6 v4-threatsHaris Padinharethil
 
Cisco asa cx firwewall
Cisco asa cx firwewallCisco asa cx firwewall
Cisco asa cx firwewallAnwesh Dixit
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentationMuhammad Zia
 
Wireless LAN security
Wireless LAN securityWireless LAN security
Wireless LAN securityRajan Kumar
 
Wlan security
Wlan securityWlan security
Wlan securityUpasona Roy
 
Captcha
CaptchaCaptcha
CaptchaVruti Surani
 
Topics in network security
Topics in network securityTopics in network security
Topics in network securityNasir Bhutta
 

Contenu connexe

Tendances

CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11Irsandi Hasan
 
Logger Forwarding Connector for NNMi 7.3.0.7837.0 Configuration Guide
Logger Forwarding Connector for NNMi 7.3.0.7837.0 Configuration Guide Logger Forwarding Connector for NNMi 7.3.0.7837.0 Configuration Guide
Logger Forwarding Connector for NNMi 7.3.0.7837.0 Configuration Guide Protect724manoj
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
 
Throughput Analysis of IEEE WLAN "802.11 ac" Under WEP, WPA, and WPA2 Securit...
Throughput Analysis of IEEE WLAN "802.11 ac" Under WEP, WPA, and WPA2 Securit...Throughput Analysis of IEEE WLAN "802.11 ac" Under WEP, WPA, and WPA2 Securit...
Throughput Analysis of IEEE WLAN "802.11 ac" Under WEP, WPA, and WPA2 Securit...CSCJournals
 
IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols NetProtocol Xpert
 
Deploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CXDeploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CXCisco Canada
 
college assignment on Applications of ipsec
college assignment on Applications of ipsec college assignment on Applications of ipsec
college assignment on Applications of ipsec bigchill29
 
IS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email SecurityIS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email SecuritySarthak Patel
 
Cisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherCisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherLancope, Inc.
 
MIT EmTech TR35 India 2011
MIT EmTech TR35 India 2011MIT EmTech TR35 India 2011
MIT EmTech TR35 India 2011manav416
 
Security Delivery Platform: Best practices
Security Delivery Platform: Best practicesSecurity Delivery Platform: Best practices
Security Delivery Platform: Best practicesMihajlo Prerad
 
Meraki powered services bell
Meraki powered services bellMeraki powered services bell
Meraki powered services bellCisco Canada
 
Cisco asa cx firwewall
Cisco asa cx firwewallCisco asa cx firwewall
Cisco asa cx firwewallAnwesh Dixit
 

Tendances (17)

CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11
 
Logger Forwarding Connector for NNMi 7.3.0.7837.0 Configuration Guide
Logger Forwarding Connector for NNMi 7.3.0.7837.0 Configuration Guide Logger Forwarding Connector for NNMi 7.3.0.7837.0 Configuration Guide
Logger Forwarding Connector for NNMi 7.3.0.7837.0 Configuration Guide
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
 
Throughput Analysis of IEEE WLAN "802.11 ac" Under WEP, WPA, and WPA2 Securit...
Throughput Analysis of IEEE WLAN "802.11 ac" Under WEP, WPA, and WPA2 Securit...Throughput Analysis of IEEE WLAN "802.11 ac" Under WEP, WPA, and WPA2 Securit...
Throughput Analysis of IEEE WLAN "802.11 ac" Under WEP, WPA, and WPA2 Securit...
 
IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols
 
Deploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CXDeploying Next Generation Firewalling with ASA - CX
Deploying Next Generation Firewalling with ASA - CX
 
college assignment on Applications of ipsec
college assignment on Applications of ipsec college assignment on Applications of ipsec
college assignment on Applications of ipsec
 
IS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email SecurityIS Unit 8_IP Security and Email Security
IS Unit 8_IP Security and Email Security
 
CCNP Security-Firewall
CCNP Security-FirewallCCNP Security-Firewall
CCNP Security-Firewall
 
Ip security
Ip security Ip security
Ip security
 
Cisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherCisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better Together
 
MIT EmTech TR35 India 2011
MIT EmTech TR35 India 2011MIT EmTech TR35 India 2011
MIT EmTech TR35 India 2011
 
Security Delivery Platform: Best practices
Security Delivery Platform: Best practicesSecurity Delivery Platform: Best practices
Security Delivery Platform: Best practices
 
Meraki powered services bell
Meraki powered services bellMeraki powered services bell
Meraki powered services bell
 
IP Security
IP SecurityIP Security
IP Security
 
V6 v4-threats
V6 v4-threatsV6 v4-threats
V6 v4-threats
 
Cisco asa cx firwewall
Cisco asa cx firwewallCisco asa cx firwewall
Cisco asa cx firwewall
 

En vedette

Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentationMuhammad Zia
 
Wireless LAN security
Wireless LAN securityWireless LAN security
Wireless LAN securityRajan Kumar
 
Topics in network security
Topics in network securityTopics in network security
Topics in network securityNasir Bhutta
 
W-LAN (Wireless Local Area Network)
W-LAN (Wireless Local Area Network)W-LAN (Wireless Local Area Network)
W-LAN (Wireless Local Area Network)Parvesh Taneja
 
DNS - Domain Name System
DNS - Domain Name SystemDNS - Domain Name System
DNS - Domain Name SystemPeter R. Egli
 
Rfid ppt 8th sem
Rfid ppt 8th semRfid ppt 8th sem
Rfid ppt 8th semAmit Ranjan
 

En vedette (13)

Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentation
 
Wireless LAN security
Wireless LAN securityWireless LAN security
Wireless LAN security
 
Wlan security
Wlan securityWlan security
Wlan security
 
Captcha
CaptchaCaptcha
Captcha
 
Topics in network security
Topics in network securityTopics in network security
Topics in network security
 
W-LAN (Wireless Local Area Network)
W-LAN (Wireless Local Area Network)W-LAN (Wireless Local Area Network)
W-LAN (Wireless Local Area Network)
 
Captcha
CaptchaCaptcha
Captcha
 
Domain name system
Domain name systemDomain name system
Domain name system
 
Dns ppt
Dns pptDns ppt
Dns ppt
 
DNS - Domain Name System
DNS - Domain Name SystemDNS - Domain Name System
DNS - Domain Name System
 
Computer network ppt
Computer network pptComputer network ppt
Computer network ppt
 
Rfid ppt 8th sem
Rfid ppt 8th semRfid ppt 8th sem
Rfid ppt 8th sem
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
 

Similaire à Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)

Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit DetectionComparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit DetectionCSCJournals
 
1 EAP and 802.1X are usually associated with aRADIUS server2To.pdf
1 EAP and 802.1X are usually associated with aRADIUS server2To.pdf1 EAP and 802.1X are usually associated with aRADIUS server2To.pdf
1 EAP and 802.1X are usually associated with aRADIUS server2To.pdfarjunenterprises1978
 
wireless lan security.ppt
wireless lan security.pptwireless lan security.ppt
wireless lan security.pptSagarBedarkar3
 
1.Architecture
1.Architecture1.Architecture
1.Architecturephanleson
 
Chapter 7 - Wireless Network Security.pptx
Chapter 7 - Wireless Network Security.pptxChapter 7 - Wireless Network Security.pptx
Chapter 7 - Wireless Network Security.pptxAmanuelZewdie4
 
Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Tra...
Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Tra...Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Tra...
Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Tra...Edureka!
 
Wireless network security
Wireless network securityWireless network security
Wireless network securityVishal Agarwal
 
A Deep Dive in the World of IT Networking (Part 2)
A Deep Dive in the World of IT Networking (Part 2)A Deep Dive in the World of IT Networking (Part 2)
A Deep Dive in the World of IT Networking (Part 2)Tuan Yang
 
A Review on security issues in WiMAX
A Review on security issues in WiMAXA Review on security issues in WiMAX
A Review on security issues in WiMAXEditor IJMTER
 
computer network NCC l4dc assingment
computer network NCC l4dc assingment computer network NCC l4dc assingment
computer network NCC l4dc assingment David Parker
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxronak56
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxdaniahendric
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxmakdul
 
Implementation of IPSec VPN on Cisco routers and Configuring it on ISP. (1)
Implementation of IPSec VPN on Cisco routers and Configuring it on ISP. (1)Implementation of IPSec VPN on Cisco routers and Configuring it on ISP. (1)
Implementation of IPSec VPN on Cisco routers and Configuring it on ISP. (1)Vanitha Joshi
 
Performance evaluation of network security protocols on open source and micro...
Performance evaluation of network security protocols on open source and micro...Performance evaluation of network security protocols on open source and micro...
Performance evaluation of network security protocols on open source and micro...Alexander Decker
 
Performance evaluation of network security protocols on open source and micro...
Performance evaluation of network security protocols on open source and micro...Performance evaluation of network security protocols on open source and micro...
Performance evaluation of network security protocols on open source and micro...Alexander Decker
 

Similaire à Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security) (20)

Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit DetectionComparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
 
lecture_5.pptx
lecture_5.pptxlecture_5.pptx
lecture_5.pptx
 
1 EAP and 802.1X are usually associated with aRADIUS server2To.pdf
1 EAP and 802.1X are usually associated with aRADIUS server2To.pdf1 EAP and 802.1X are usually associated with aRADIUS server2To.pdf
1 EAP and 802.1X are usually associated with aRADIUS server2To.pdf
 
wireless lan security.ppt
wireless lan security.pptwireless lan security.ppt
wireless lan security.ppt
 
1.Architecture
1.Architecture1.Architecture
1.Architecture
 
Chapter 7 - Wireless Network Security.pptx
Chapter 7 - Wireless Network Security.pptxChapter 7 - Wireless Network Security.pptx
Chapter 7 - Wireless Network Security.pptx
 
Unit 6
Unit 6Unit 6
Unit 6
 
Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Tra...
Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Tra...Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Tra...
Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Tra...
 
Matrix
MatrixMatrix
Matrix
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 
CompTIA Security Plus Overview
CompTIA Security Plus OverviewCompTIA Security Plus Overview
CompTIA Security Plus Overview
 
A Deep Dive in the World of IT Networking (Part 2)
A Deep Dive in the World of IT Networking (Part 2)A Deep Dive in the World of IT Networking (Part 2)
A Deep Dive in the World of IT Networking (Part 2)
 
A Review on security issues in WiMAX
A Review on security issues in WiMAXA Review on security issues in WiMAX
A Review on security issues in WiMAX
 
computer network NCC l4dc assingment
computer network NCC l4dc assingment computer network NCC l4dc assingment
computer network NCC l4dc assingment
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
 
Implementation of IPSec VPN on Cisco routers and Configuring it on ISP. (1)
Implementation of IPSec VPN on Cisco routers and Configuring it on ISP. (1)Implementation of IPSec VPN on Cisco routers and Configuring it on ISP. (1)
Implementation of IPSec VPN on Cisco routers and Configuring it on ISP. (1)
 
Performance evaluation of network security protocols on open source and micro...
Performance evaluation of network security protocols on open source and micro...Performance evaluation of network security protocols on open source and micro...
Performance evaluation of network security protocols on open source and micro...
 
Performance evaluation of network security protocols on open source and micro...
Performance evaluation of network security protocols on open source and micro...Performance evaluation of network security protocols on open source and micro...
Performance evaluation of network security protocols on open source and micro...
 

Dernier

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...apidays
 

Dernier (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 

Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)

  • 1. Expert Reference Series of White Papers Ten New Topics on Security+ 2011 (SY0-301) (Domain 1.0: Network Security) 1-800-COURSES www.globalknowledge.com
  • 2. Ten New Topics on Security+ 2011 (SY0-301) Domain 1.0: Network Security) James Michael Stewart, CISSP, ISSAP, SSCP, CEI, CEH, CPTE, QSA, QISP, Security+, Network+ Introduction It has been about three years since the last revision of the CompTIA Security+ exam back in 2008. In early sum- mer of 2011, the latest version, SY0-301, was released. This revamped exam focuses more on risk, operational security, and mobile device security. It also clearly emphasizes security in three main areas: application, data, and host. In preparing to take the SY0-301 exam, you should pay special attention to the new topics and issues added to this latest revision. The first domain in the updated exam is Network Security, and the topics tested in this domain include: 1.1 Explain the security function and purpose of network devices and technology. 1.2 Apply and implement secure network administration principles 1.3 Distinguish and differentiate network design elements and compounds 1.4 Implement and use common protocols 1.5 Identify commonly used default network ports 1.6 Implement wireless network in a secure manner Note: The number in parenthesis after each topic is the official objective sub-domain reference for SY0-301 as defined by CompTIA. Please see the official objectives list in the Appendix at the end of this paper, or visit www. comptia.org for a complete accounting of the objectives. To help you prepare, let’s look at ten new and important topics in the Network Security domain of the exam. 1. Web Security Gateways (1.1) A Web security gateway is a Web proxy server with a Web application firewall along with several other poten- tial features, such as anti-virus, content filtering, keyword matching, striping of cookies, blocking of client-side execution agents, etc. Some Web security gateways even include some non-Web specific features such as IM filtering, SPAM filtering, e-mail oversight, spoofing prevention, and blocking file sharing services. 2. Load Balancers (1.1) A load balancer is used to spread or distribute work load over multiple systems or devices. While commonly used in relation to servers, the concept can also be applied to hard drives, CPUs, or network segments. Load Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 2
  • 3. balancers can assist in optimizing network capacity utilization, reducing overloading, increase throughput, minimize latency and response time, and reduce bottlenecks. Load balancing can take advantage of a variety of techniques or technologies, including random choice, round robin, load monitoring, and preferencing. A load balancer can be implemented in either software or hardware. 3. Flood Guards and Loop Protection (1.2) A flood guard detects denial of service (DoS) levels of traffic and interrupts the flow of the unwanted activity. A flood guard works to prevent flooding attacks from reaching an internal network. Loop protection is the technology used to prevent redundant network loops that might support infinite trans- mission of frames or packets. Switches and bridges often support Spanning Tree Protocol (STP) that provides protection against layer 2 loops. The IP protocol itself includes a loop protection feature, commonly known as the Time To Live (TTL). This decrementing counter decreases by one just before a router transmits a packet onto yet another subnet. When this value reaches 0, a router will no longer forward the packet; instead, it sends back an Internet Control Message Protocol (ICMP) Type 11 Timeout Exceeded response to the sender. This effectively prevents infinite transmissions, although it does not necessarily directly prevent loops. 4. Cloud Computing (1.3) Cloud computing refers to resources and services made accessible over Internet connections or other forms of data pathways. Cloud computing allows data and services to be hosted elsewhere instead of on local hardware. Cloud computing consists of several variations, including Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). SaaS provides access to applications and data services (such as Google Docs); PaaS provides access to virtualized OS environments (such as Amazon Web Services); and IaaS provides access to large scale services or solutions (such as GoGrid). 5. FTPS and SFTP (1.4/1.5) File Transfer Protocol (FTP) is a well-known but inherently insecure protocol for file transfers. Two alternatives or variations of FTP that offer security through encrypted authentication and data transfer are File Transfer Protocol Secure (FTPS) and Secure File Transfer Protocol (SFTP). FTPS is protected using SSL or TLS and operates over TCP ports 989 and 990. SFTP is protected using SSH and operates over TCP port 22, as does every SSH-protected protocol. 6. IPv4 vs IPv6 (1.4) IPv4 was defined in 1981 in RFC 791, and is currently the most widely used OSI Layer 3 Networking layer pro- tocol. IPv4 uses a 32 bit address divided into 5 classes, three of which (A, B, and C) are used mainly for public addresses. Class D is used for multicasting. Class E is reserved. IPv6 was designed as the replacement for IPv4, and was finalized in 1998 in RFC 2460. IPv6 uses a 128 bit ad- dress. While similar in function, IPv6 is not backward compatible with IPv4; thus, specialized translation gate- Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 3
  • 4. ways are required to link networks using the different versions. Additionally, IPSec is an integral part of IPv6, while it is just an optional add-on for IPv4. 7. Wireless Networking Standards: WEP, WPA, WPA2 (1.6) There is a significant increase in the amount and level of wireless content on the new Sec+ SY0-301 exam. Four of my top 10 new issues are focusing on various aspects of new wireless content. The standards of wireless networking for authentication and encryption range from completely open and insecure to potentially reliably secure. The original 802.11 specification allowed for open system authentication (OSA) [which means neither authentication nor encryption], and the optional wireless equivalent privacy (WEP) [which is no better than OSA, as it is now crackable in 60 seconds]. The 802.11i amendment paved the way for WiFi Protected Access (WPA) and later WPA2 as alternatives to WEP. WPA resolved many of the problems with WEP; however, recent advances in cryptography attacks and compu- tational capabilities have revealed attacks that can crack WPA encryption in as little as four hours in specific circumstances. The WPA2 variation uses Advanced Encryption Standard (AES) as the main encryption protocol, and as of mid- 2011, no attacks are known to compromise AES encryption. However, even with unassailable encryption, WPA2 still has a vulnerability if a poor preshared key (PSK) is selected or weak enterprise authentication is leveraged via 802.1x/EAP. 8. Wireless Authentication Technologies: EAP, PEAP, LEAP (1.6) Extensible Authentication Protocol (EAP) was first deployed as an alternative extension to point to point protocol (PPP) as a future proofing/supporting mechanism. Over time, EAP has made many additional forms of authentication possible and allowed many of these forms to be used on a wider number of devices. In relation to wireless, EAP is used by WPA and WPA2 to support EAP-TLS, EAP-PSK, EAP-MD5, LEAP, and PEAP. EAP-TLS supports encrypted authentication tunneling over TLS. EAP-PSK supports secured mutual authentication using preshared keys. EAP-MD5 offers only hash-protected password exchanges and is considered a deprecated legacy variation. Lightweight Extensible Authentication Protocol (LEAP) is a Cisco proprietary protocol. LEAP is considered weak and is not recommended for use. It has been supplanted by Protected Extensible Authentication Protocol (PEAP). PEAP is a more secure variation of the EAP-TLS concept created by Cisco, Microsoft, and RSA. 9. Wireless Security: MAC filtering, TKIP, CCMP (1.6) Wireless security involves many aspects, some of which were on the previous exam. However, at least 3 addi- tional topics appear on the new exam. MAC filtering ignores all wireless interfaces except those on a white list as identified by MAC address. This can also be inverted on some base stations to be a black list to ignore known Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 4
  • 5. malicious systems. Unfortunately, spoofing MAC addresses is quite simple and an easy way around this “secu- rity” feature. Temporal Key Integrity Protocol (TKIP) was the initial replacement for WEP and allowed for greater security while still operating on existing/legacy hardware. TKIP is implemented under WPA. However, TKIP is no longer considered secure and should be replaced by WPA2. Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) replaces both WEP and WPA (TKIP) as implemented by WPA2. CCMP uses 128 bit AES encryption. WPA2’s CCMP is the most secure current wireless standard with no known attacks against the encryption. 10. Wireless Installation: Antenna Placement, Power Level Controls (1.6) When deploying a wireless access point, it is important to consider several installation issues. Two of these includ- ed on the new Sec+ exam are antenna placement and power level controls. Proper antenna type, strength, and orientation are needed to optimize valid authorized connections while minimizing unauthorized external connec- tions. Wireless signals are affected by interference, distance, and obstructions. Thus, it is important to perform a site survey to confirm usability of the wireless signal. Antennas can include omni-directional, parabolic, and Yagi. Once antenna placement and orientation are optimized, additional configurations might require manipulation of the power level controls. This adjustment alters the electronic strength of the antenna by varying the power used by the antenna. Power levels are usually pre-set by manufactures for typical optimal performance, but customization of these levels might be desired or essential, based on the facility and use of alternate antennas. Conclusion The Security+ 2011 (SY0-301) exam has been significantly updated. Well over 60 new topics have been added to the latest version of this exam. In the first topical domain: Network Security, there are at least 10 important new or updated topics that you need to focus on as you prepare for the exam. While you can self-study using the official CompTIA objectives list as a guide, you would benefit greatly by attending an up-to-date Security+ 2011 (SY0-301) training course. This way, you will have access to the latest exam study materials and the exper- tise of a highly qualified instructor. Through direct interaction with the instructor, as well as classmates, you are sure to be well-versed in these top 10 new Security+ topics, as well as all of the other relevant materials, on this new and challenging exam. Learn More Learn more about how you can improve productivity, enhance efficiency, and sharpen your competitive edge through training. Security+ Prep Course (SYO-301) Security+ Certification Boot Camp (SYO-301) Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 5
  • 6. Visit www.globalknowledge.com or call 1-800-COURSES (1-800-268-7737) to speak with a Global Knowledge training advisor. About the Author James Michael Stewart has been working with computers and technology for over twenty-five years, focus- ing on security, certification, and various operating systems. Recently, Michael has been teaching job skill and certification courses, such as CISSP, CEH, and Security+. He is the primary author on the CISSP Study Guide 5th Edition, Security+ 2011 Review Guide, and Network Security, Firewalls, and VPNs. Michael has also contributed to many other CISSP and Security+ focused materials, including exam preparation guides, practice exams, DVD video instruction, and courseware. In addition, Michael has co-authored numerous books on other security and Microsoft certification, and admin- istration topics. He has developed certification courseware and training materials as well as presented these materials in the classroom. Michael holds numerous certifications, including CISSP, ISSAP, SSCP, CEI, CEH, CPTE, QSA, QISP, Security+, and Network+. Michael graduated in 1992 from the University of Texas at Austin with a bachelor’s degree in Philosophy. Despite his degree, his computer knowledge is self-acquired, based on seat-of the-pants hands-on “street smarts” experience. You can reach Michael by e-mail at michael@impactonline.com. Appendix A The chart below showcases the new SY0-301 objectives provided by CompTIA (see www.comptia.org) as compared to the previous objectives for s (2008 version). The comparison table focuses on new topics, terms, or phrases covered on the 2011 SYO 301 exam. SY0-301 2011 Objectives SY0-201 2008 Domain 1.0: Network Security 1.1 Explain the security function and purpose of network devices and technologies · Firewalls 1.5, 2.3, 2.4, 4.6 · Routers · Switches · Load Balancers · Proxies 2.3, 2.4 · Web security gateways · VPN concentrators 3.7 · NIDS and NIPS (Behavior based, signature based, anomaly based, heuristic) 2.3, 2.4 · Protocol analyzers 2.3, 2.4, 4.2, 4.4 · Sniffers 2.3, 2.4, 4.2, 4.4 · Spam filter, all-in-one security appliances 1.1, 1.5 · Web application firewall vs. network firewall 1.5, 2.3, 2.4, 4.6 · URL filtering, content inspection, malware inspection 2.3, 2.4 Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 6
  • 7. 1.2 Apply and implement secure network administration principles · Rule-based management 3.2 · Firewall rules 1.5, 2.3, 2.4, 4.6 · VLAN management 2.2 · Secure router configuration · Access control lists 3.5 · Port Security 2.1, 4.2 · 802.1x 3.7 · Flood guards · Loop protection · Implicit deny 3.1 · Prevent network bridging by network separation · Log analysis 3.9, 4.6 1.3 Distinguish and differentiate network design elements and compounds · DMZ 2.2 · Subnetting 2.2 · VLAN 2.2 · NAT 2.2 · Remote Access 3.7 · Telephony 2.2 · NAC 2.2 · Virtualization 1.6 · Cloud Computing - Platform as a Service - Software as a Service - Infrastructure as a Service 1.4 Implement and use common protocols · IPSec 5.4 · SNMP 2.1, 5.4 · SSH 5.4 · DNS 4.6, 5.4 · TLS 5.4 · SSL 5.4 · TCP/IP 5.4 · FTPS · HTTPS 5.4 · SFTP Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 7
  • 8. · SCP · ICMP 5.4 · IPv4 vs. IPv6 1.5 Identify commonly used default network ports · FTP 2.1 · SFTP 2.1 · FTPS · TFTP 2.1 · TELNET 2.1, 5.4 · HTTP 2.1, 5.4 · HTTPS 2.1, 5.4 · SCP · SSH 2.1, 5.4 · NetBIOS 1.6 Implement wireless network in a secure manner · WPA · WPA2 · WEP · EAP 5.3 · PEAP · LEAP · MAC filter · SSID broadcast 2.7 · TKIP 5.3 · CCMP · Antenna Placement · Power level controls Domain 2.0: Compliance and Operational Security 2.1 Explain risk related concepts · Control types - Technical - Management - Operational · False positives · Importance of policies in reducing risk 6.4 - Privacy policy - Acceptable use Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 8
  • 9. - Security policy - Mandatory vacations - Job rotation - Separation of duties - Least privilege · Risk calculation 4.1 - Likelihood - ALE - Impact · Quantitative vs. qualitative · Risk-avoidance, transference, acceptance, mitigation, deterrence · Risks associated to Cloud Computing and Virtualization 2.2 Carry out appropriate risk mitigation strategies · Implement security controls based on risk · Change management 6.4 · Incident management · User rights and permissions reviews 4.7 · Perform routine audits 4.7 · Implement policies and procedures to prevent data loss or theft 1.3, 4.7, 6.4 2.3 Execute appropriate incident response procedures · Basic forensic procedures 6.3 - Order of volatility - Capture system image - Network traffic and logs - Capture video - Record time offset - Take hashes - Screenshots - Witnesses - Track man hours and expense · Damage and loss control 6.3 · Chain of custody 6.3 · Incident response: first responder 6.3 2.4 Explain the importance of security related awareness and training · Security policy training and procedures 6.4, 6.6 · Personally identifiable information · Information classification: Sensitivity of data (hard or soft) 6.4 Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 9
  • 10. · Data labeling, handling and disposal · Compliance with laws, best practices and standards 6.4 · User habits - Password behaviors - Data handling - Clean desk policies - Prevent tailgating - Personally owned devices · Threat awareness 1.1, 2.1 - New viruses - Phishing attacks - Zero days exploits · Use of social networking and P2P 1.4 2.5 Compare and contrast aspects of business continuity · Business impact analysis · Removing single points of failure 6.1 · Business continuity planning and testing · Continuity of operations · Disaster recovery 6.2 · IT contingency planning · Succession planning 2.6 Explain the impact and proper use of environmental controls · HVAC 6.5 · Fire suppression 6.5 · EMI shielding 6.5 · Hot and cold aisles · Environmental monitoring · Temperature and humidity controls · Video monitoring 2.7 Execute disaster recovery plans and procedures · Backup / backout contingency plans or policies 6.2 · Backups, execution and frequency 6.2 · Redundancy and fault tolerance 6.1 - Hardware - RAID - Clustering - Load balancing Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 10
  • 11. - Servers · High availability · Cold site, hot site, warm site 6.1 · Mean time to restore, mean time between failures, recovery time objectives and recovery point objectives 2.8 Exemplify the concepts of confidentiality, integrity and availability (CIA) 5.1 Domain 3.0 Threats and Vulnerabilities 3.1 Analyze and differentiate among types of malware · Adware 1.1 · Virus 1.1 · Worms 1.1 · Spyware 1.1 · Trojan 1.1 · Rootkits 1.1 · Backdoors 2.5 · Logic bomb 1.1 · Botnets 1.1 3.2 Analyze and differentiate among types of attacks · Man-in-the-middle 2.1 · DDoS 2.1 · DoS 2.1 · Replay 2.1 · Smurf attack · Spoofing 2.1 · Spam 1.1 · Phishing 6.6 · Spim · Vishing · Spear phishing · Xmas attack · Pharming · Privilege escalation 1.1, 2.5 · Malicious insider threat · DNS poisoning and ARP poisoning 2.1 · Transitive access · Client-side attacks Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 11
  • 12. 3.3 Analyze and differentiate among types of social engineering attacks · Shoulder surfing 6.6 · Dumpster diving 6.6 · Tailgating · Impersonation · Hoaxes 6.6 · Whaling · Vishing 3.4 Analyze and differentiate among types of wireless attacks · Rogue access points 2.7 · Interference · Evil twin · War driving 2.7 · Bluejacking 2.7 · Bluesnarfing 2.7 · War chalking · IV attack · Packet sniffing 3.5 Analyze and differentiate among types of application attacks · Cross-site scripting 1.4 · SQL injection · LDAP injection · XML injection · Directory traversal/command injection · Buffer overflow 1.4 · Zero day · Cookies and attachments 1.4 · Malicious add-ons · Session hijacking 2.1 · Header manipulation 3.6 Analyze and differentiate among types of mitigation and deterrent techniques · Manual bypassing of electronic controls - Failsafe/secure vs. failopen · Monitoring system logs 3.9, 4.6 - Event logs - Audit logs - Security logs Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 12
  • 13. - Access logs · Physical security 3.9 - Hardware locks - Mantraps - Video surveillance - Fencing - Proximity readers - Access list · Hardening 1.3 - Disabling unnecessary services - Protecting management interfaces and applications - Password protection - Disabling unnecessary accounts · Port security 1.1, 4.2 - MAC limiting and filtering - 802.1x - Disabling unused ports · Security posture - Initial baseline configuration 1.3, 4.4 - Continuous security monitoring - remediation · Reporting - Alarms - Alerts - Trends · Detection controls vs. prevention controls - IDS vs. IPS - Camera vs. guard 3.7 Implement assessment tools and techniques to discover security threats and vulnerabilities · Vulnerability scanning and interpret results 4.2, 4.3, 4.4 · Tools 2.3, 4.2, 4.4 - Protocol analyzer - Sniffer - Vulnerability scanner - Honeypots - Honeynets Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 13
  • 14. - Port scanner · Risk calculations - Threat vs. likelihood · Assessment types 4.1 - Risk - Threat - Vulnerability · Assessment technique 4.4 - Baseline reporting - Code review - Determine attack surface - Architecture - Design reviews 3.8 Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning · Penetration testing 4.3 - Verify a threat exists - Bypass security controls - Actively test security controls - Exploiting vulnerabilities · Vulnerability scanning 4.2, 4.3 - Passively testing security controls - Indentify vulnerability - Indentify lack of security controls - Indentify common misconfiguration · Black box · White box · Gray box Domain 4.0 Application, Data and Host Security 4.1 Explain the importance of application security · Fuzzing · Secure coding concepts - Error and exception handling - Input validation · Cross-site scripting prevention 1.4 · Cross-site Request Forgery (XSRF) prevention · Application configuration baseline (proper settings) 1.3, 4.4 Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 14
  • 15. · Application hardening · Application patch management 1.3 4.2 Carry out appropriate procedures to establish host security · Operating system security and settings 1.3 · Anti-malware 1.5 - Anti-virus - Anti-spam - Anti-spyware - Pop-up blockers - Host-based firewalls · Patch management 1.3 · Hardware security 3.9 - Cable locks - Safe - Locking cabinets · Host software baselining · Mobile devices - Screen lock - Strong password - Device encryption - Remote wipe/sanitation - Voice encryption - GPS tracking · Virtualization 4.3 Explain the importance of data security · Data Loss Prevention (DLP) · Data encryption 5.1 - Full disk - Database - Individual files - Removable media - Mobile devices · Hardware based encryption devices 5.1 - TPM - HSM - USB encryption - Hard drive Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 15
  • 16. · Cloud computing Domain 5.0 Access Control and Identity Management 5.1 Explain the function and purpose of authentication services · RADIUS 3.7 · TACACS 3.7 · TACACS+ 3.7 · Kerberos 3.7 · LDAP 3.7 · XTACACS 3.7 5.2 Explain the fundamental concepts and best practices related to authentication, authorization and access control · Identification vs. authentication 3.8 · Authentication (single factor) and authorization · Multifactor authentication · Biometrics 3.7 · Tokens 3.5, 3.9 · Common access card · Personal identification verification card · Smart card 3.5, 3.6, 3.7 · Least privilege 3.1 · Separation of duties 3.1 · Single sign on 3.6 · ACLs 3.5 · Access control all of obj 3 · Mandatory access control 3.2 · Discretionary access control 3.2 · Role/rule-based access control 3.2 · Implicit deny 3.1 · Time of day restrictions 3.5 · Trusted OS · Mandatory vacations 6.4 · Job rotation 3.1 5.3 Implement appropriate security controls when performing account management · Mitigates issues associated with users with multiple account/roles · Account policy enforcement 3.5 - Password complexity - Expiration Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 16
  • 17. - Recovery - Length - Disablement - Lockout · Group based privileges 3.3 · User assigned privileges 3.3 Domain 6.0 Cryptography 6.1 Summarize general cryptography concepts · Symmetric vs. asymmetric 5.1 · Fundamental differences and encryption methods - Block vs. stream · Transport encryption · Non-repudiation 5.1 · Hashing 5.2 · Key escrow 5.5 · Steganography 5.1 · Digital signatures 5.1 · Use of proven technologies · Elliptic curve and quantum cryptography 5.3 6.2 Use and apply appropriate cryptographic tools and products · WEP vs. WPA/WPA2 and preshared key · MD5 5.2 · SHA 5.2 · RIPEMD · AES 5.3 · DES 5.3 · 3DES 5.3 · HMAC · RSA 5.3 · RC4 · One-time-pads 5.3 · CHAP 3.7 · PAP 3.7 · NTLM 5.2 · NTLMv2 5.2 · Blowfish · PGP/GPG 5.3 Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 17
  • 18. · Whole disk encryption · TwoFish · Comparative strengths of algorithms · Use of algorithms with transport encryption 5.4 - SSL - TLS - IPSec - SSH - HTTPS 6.3 Explain the core concepts of public key infrastructure · Certificate authorities and digital certificates 5.1, 5.5, 5.6 - CA - CRLs · PKI 5.1, 5.5, 5.6 · Recovery agent 5.5, 5.6 · Public key 5.5, 5.6 · Private key 5.5, 5.6 · Registration 5.5, 5.6 · Key escrow 5.5, 5.6 · Trust models 5.5 6.4 Implement PKI, certificate management and associated components · Certificate authorities and digital certificates 5.1, 5.5, 5.6 - CA - CRLs · PKI 5.1, 5.5, 5.6 · Recovery agent 5.5, 5.6 · Public key 5.5, 5.6 · Private keys 5.5, 5.6 · Registration 5.5, 5.6 · Key escrow 5.5, 5.6 · Trust models 5.5 Copyright ©2011 Global Knowledge Training LLC. All rights reserved. 18