Security+ Certification/Threats and Vulnerabilities

From Wikibooks, open books for an open world
Jump to: navigation, search

Threats and Vulnerabilities[edit]

Analyze and differentiate among types of malware[edit]

Analyze and differentiate among types of attacks[edit]

Analyze and differentiate among types of social engineering attacks[edit]

Analyze and differentiate among types of wireless attacks[edit]

Analyze and differentiate among types of application attacks[edit]

Analyze and differentiate among types of mitigation and deterrent techniques[edit]

Manual bypassing of electronic controls

  • Failsafe/secure vs. failopen

Monitoring system logs

  • Event logs
  • Audit logs
  • Security logs
  • Access logs

Physical security

  • Hardware locks
  • Mantraps
  • Video surveillance
  • Fencing
  • Proximity readers
  • Access list

Hardening

  • Disabling unnecessary services
  • Protecting management interfaces and applications
  • Password protection
  • Disabling unnecessary accounts

Port security

  • MAC limiting and filtering
  • 802.1x
  • Disabling unused ports

Security posture

  • Initial baseline configuration
  • Continuous security monitoring
  • remediation

Reporting

  • Alarms
  • Alerts
  • Trends

Detection controls vs. prevention controls

  • IDS vs. IPS
  • Camera vs. guard

Implement assessment tools and techniques to discover security threats and vulnerabilities[edit]

Vulnerability scanning and interpret results Tools

  • Protocol analyzer
  • Sniffer
  • Vulnerability scanner
  • Honeypots
  • Honeynets
  • Port scanner

Risk calculations

  • Threat vs. likelihood

Assessment types

  • Risk
  • Threat
  • Vulnerability

Assessment technique

  • Baseline reporting
  • Code review
  • Determine attack surface
  • Architecture
  • Design reviews

Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning[edit]

  • Penetration testing
    • Verify a threat exists
    • Bypass security controls
    • Actively test security controls
  • Exploiting vulnerabilities
    • Vulnerability scanning
    • Passively testing security controls
    • Indentify vulnerability
    • Indentify lack of security controls
    • Indentify common misconfiguration
  • Black box
  • White box
  • Gray box