Exam Objectives

CompTIA Security+ is a worldwide certification that establishes the fundamental knowledge required to perform core security functions and pursue an IT security career. CompTIA Security+ Certification Guide is a best-in-class exam study guide that covers all of CompTIA Security+ 501 exam objectives. 

In this chapter we will look at a number of security fundamentals, some of these will be expanded upon in later chapters. For the exam you will need to know all of the information in this book as the exam is fairly tricky. 

Conducting Risk Analysis

Implementing Security Policies and Procedures

In this chapter we will look at different frameworks and guides and how to best dispose of data, we will start off look at frameworks and reference architecture and guides.

We will cover the following exam objectives in this chapter:

• Explain use cases and purpose for frameworks, beast practice sand secure configuration guides: Industry-standard frameworks and reference architectures—regulatory—non-regulatory—national versus international—industry-specific frameworks. Benchmarks/secure configuration guides—platform/vendor-specific guides—web server—operating system—application server—network infrastructure devices. General purpose guides—vendor diversity—control diversity—administrative—technical—user training

• Given a scenario, carry out data security and privacy Practices: Data destruction and media sanitization—burning—shredding—pulping—pulverizing—degaussing—purging – wiping. Data sensitivity labelling and handling—confidential—private—public—proprietary—PII—PHI. Data roles—owner—steward/custodian—privacy officer. Data retention—legal and compliance

Delving into Identity and Access Management

In this chapter we will look at different types of authentication and how to dispose of data, we will first look at identify and access management concepts.

We will cover the following exam objectives in this chapter:

• Compare and contrast identify and access management concepts: Identification, authentication, authorization and accounting (AAA). Multifactor authentication—something you are—something you have—something you know—Somewhere you are—something you do. ; Federation—single sign-on—transitive trust

• Given a scenario, install and configure identity and access services: LDAP—Kerberos—TACACS+—CHAP—PAP—MSCHAP—RADIUS—SAML—OpenID Connect—OAUTH —Shibboleth—Secure token—NTLM

• Given a scenario, implement identity and access management controls: Biometric factors—fingerprint scanner—retinal scanner—Iris scanner—voice recognition—facial recognition—false acceptance rate—false rejection rate—crossover error rate. Tokens—hardware—software—HOTP/TOTP. Certificate-based authentication—PIV/CAC/smart card—IEEE 802.1x

• Given a scenario, differentiate common account management practices: Account types—user account—shared and generic accounts/credentials—guest accounts—service accounts—privileged accounts—permission auditing and review—usage auditing and review—time-of-day restrictions—re-certification—standard naming convention—account maintenance—group-based access control—location-based policies. Account policy enforcement—credential management—group policy—password complexity—expiration—recovery—disablement—lockout—password history—password reuse—password length

Chapter04 Delving into Identity and Access Management Part 2

Understanding Network Components

In this chapter we are going to look at networking components and how they could affect the Security of your network, we will look at firewalls, switches and routers. We will start by look at the OSI Reference model that was created to improve communications between devices.

We will cover the following exam objectives in this chapter:

• Install and configure network components, both hardware—and software-based, to support organizational security: Firewall—ACL—application-based versus network-based—stateful versus stateless—implicit deny. VPN concentrator—remote access versus site-to-site—IPSec—tunnel mode—transport mode—AH—ESP—split tunnel versus full tunnel—TLS—always-on VPN. NIPS/NIDS—signature-based—heuristic/behavioral—anomaly—inline versus passive—in-band vs. out-of-band—rules—analytics—false positive—false negative. Router—ACLs—antispoofing. switch—port security—layer 2 versus layer 3—loop prevention—flood guard. Proxy—forward and reverse proxy—transparent—application/multipurpose. Load balancer—scheduling—affinity—round-robin—active-passive—active-active—virtual IPs. Access point—SSID—MAC filtering—signal strength—band selection/width—antenna types and placement—fat versus thin—controller-based versus standalone. SIEM—aggregation—correlation—automated alerting and triggers—time synchronization—event deduplication—logs/WORM. DLP—USB blocking—cloud-based—e-mail. NAC—Dissolvable versus permanent—host health checks—agent versus agentless. Mail gateway—spam filter—DLP—encryption. Bridge, SSL/TLS accelerators, SSL decryptors, media gateway. Hardware security module

• Given a scenario, implement secure protocols: Protocols—DNSSEC—SSH—S/MIME—SRTP—LDAPS—FTPS—SFTP—SNMPv3—SSL/TLS—HTTPS—secure POP/IMAP. Use cases—voice and video—time synchronization—e-mail and web—file transfer—directory services—remote access—domain name resolution—routing and switching—network address allocation—subscription services

• Given a scenario, implement secure network architecture concepts: Zones/topologies—DMZ—extranet—intranet—wireless—guest—honeynets—NAT—Ad hoc. Segregation/segmentation/isolation—physical—logical (VLAN)—virtualization—air gaps. Tunnelling/VPN—Site-to-site—Remote access. Security device/technology placement—Sensors—collectors—correlation engines—filters—proxies—firewalls—VPN concentrators—SSL accelerators—load balancers—DDoS mitigator—aggregation switches—taps and port mirror. SDN

• Given a scenario, install and configure wireless security settings: Cryptographic protocols—WPA—WPA2—CCMP – TKIP. Authentication protocols—EAP—PEAP—EAP-FAST—EAP-TLS—EAP-TTLS—IEEE 802.1x—RADIUS federation. methods—PSK versus enterprise versus open—WPS—captive portals

Chapter05 Understanding Network Components Part 2

Understanding Cloud Models and Virtualization

In this chapter, we will be learning about the deployment and security issues of virtualization. We will get acquainted with the deployment and storage environments of the cloud models. We will also learn about different scenarios to learn when to use on-premises, hosted, and cloud environments.

We will cover the following exam objectives in this chapter:

• Summarize cloud and virtualization concepts: Hypervisor—Type I—Type II. Application cells/containers. VM sprawl avoidance—VM escape protection. Cloud storage—cloud deployment models—SaaS—PaaS—IaaS—private—public— hybrid—community. On-premises versus hosted versus cloud. VDI/VDE. Cloud access security broker. Security as a service.

• Explain how resiliency and automation strategies reduce risk: Elasticity—scalability—distributive allocation—redundancy—fault tolerance—high availability—RAID.

Managing Hosts and Applications Deployment Part 1

In this chapter, we are going to look at different mobile devices and their characteristics, and applications that run on those devices. In the Security+ exam, you need to know all of these aspects thoroughly, as this chapter is heavily tested. Let's first of all look at deploying mobile devices securely, followed by their management and security.

We will cover the following exam objectives in this chapter:

• Explain the impact associated with types of vulnerabilities: Pointer dereference—race conditions

• Given a scenario, deploy mobile devices securely: Connection methods—cellular—Wi-Fi—SATCOM—Bluetooth—NFC—ANT—infrared—USB. Mobile device management concepts—application management—content management—remote wipe—Geofencing—Geolocation—screen locks—push notification services—passwords and pins—biometrics—context-aware authentication. Containerization—storage segmentation—full device encryption. Enforcement and monitoring for: third-party app stores—rooting/jailbreaking—sideloading—custom firmware—carrier unlocking—firmware OTA updates—camera use—SMS/MMS—external media—USB OTG—recording microphone—GPS tagging—Wi-Fi direct/ad hoc—tethering—payment methods. Deployment models—BYOD—COPE—CYOD—corporate-owned—VDI

• Explain the security implications of embedded systems: SCADA/ICS—smart devices/IoT—wearable technology—home automation—HVAC—SoC—RTOS—printers/MFDs—camera systems. Special purpose—medical devices—vehicles—aircraft/UAV

• Summarize secure application development and deployment concepts: Development life cycle models—waterfall versus agile. Secure DevOps—security automation—continuous integration—baselining—immutable systems—infrastructure as code. Version control and change management. Provisioning and deprovisioning. Secure coding techniques—proper error handling—proper input validation—normalization—stored procedures—code signing—Encryption—obfuscation/camouflage—code reuse/dead code—Server-side vs. client-side—execution and validation—memory management—use of third-party libraries and SDKs—Data exposure. Code quality and testing—static code analyzers—dynamic analysis (for example, fuzzing)—stress testing—Sandboxing—model verification. Compiled versus runtime code

Chapter07 Managing Hosts and Applications Deployment Part 2

Protecting Against Attacks and Vulnerabilities Part 1

In this chapter, we are going to look at attacks and vulnerabilities. Each type of attack will have its own unique characteristics. This module is probably the most heavily tested module in the Security+ exam. This chapter needs to be thoroughly understood as sometimes those type of attack questions are very vague, so if you do not understand the concepts fully, you may not understand what is being asked. 

We will cover the following exam objectives in this chapter:

• Given a scenario, analyze indicators of compromise and determine the type of malware: Viruses—crypto-malware—Ransomware—worm—Trojan—rootkit—keylogger—adware—spyware—bots—RAT—logic bomb—backdoor

• Comparing and contrasting types of attacks: Social engineering—phishing—spear phishing—whaling—vishing—tailgating—impersonation—dumpster diving—shoulder surfing—hoax—watering hole attack—principles (reasons for effectiveness)—authority—intimidation—consensus—scarcity—familiarity—trust—urgency. Application/service attacks—DoS—DDoS—man-in-the-middle—buffer overflow—injection—cross-site scripting—cross-site request forgery—privilege escalation—ARP poisoning—amplification—DNS poisoning—domain hijacking—man-in-the-browser—zero day—replay—pass the hash. Hijacking and related attacks—clickjacking—session hijacking—URL hijacking—typo squatting. Driver manipulation—shimming—refactoring. MAC spoofing—IP spoofing. Wireless attacks—Replay—IV—evil twin—Rogue AP—Jamming—WPS—Bluejacking—Bluesnarfing—disassociation—RFID—NFC. cryptographic attacks—birthday—known plain text/cipher text—dictionary—Brute force—rainbow tables—online versus offline—collision—downgrade—replay—weak implementations

• Explaining penetration testing concepts: Active reconnaissance—passive reconnaissance—pivot—initial exploitation—persistence—escalation of privilege—penetration testing versus vulnerability scanning—black box—white box—gray box

• Explaining vulnerability scanning concepts: Passively test security controls—identify vulnerability—identify lack of security controls—identify common misconfigurations—intrusive versus non-intrusive—credentialed versus non-credentialed—false positive

Chapter08 Protecting Against Attacks and Vulnerabilities Part 2

Implementing Public Key Infrastructure

Certificates are used for both encryption and authentication, and in this chapter, we are going to look at different encryption types and how certificates are issued and used. This is the most difficult module for students to understand, so we have focused on making the most difficult aspects seem easy. If you are going to be successful in the Security+ exam, you must know this module thoroughly. We will start with the Public Key Infrastructure (PKI), both the public and private keys. It is an asymmetric form of encryption.

We will cover the following exam objectives in this chapter:

• Comparing and contrasting basic concepts of cryptography: Symmetric algorithms—modes of operation—asymmetric algorithms—hashing—salt, IV, nonce—elliptic curve—weak/deprecated algorithms—key exchange—digital signatures—diffusion—confusion—collision—steganography—obfuscation—stream vs. block—key strength—session keys—ephemeral key—secret algorithm—data-in-transit—data-at-rest—data-in-use. Random/pseudo-random number generation—key stretching. Implementation vs. algorithm selection. Crypto service provider—Crypto modules. Perfect forward secrecy—security through obscurity. Common use cases—low power devices—low latency—high resiliency—supporting confidentiality—supporting integrity—supporting obfuscation—supporting authentication—supporting non-repudiation. Resource versus security constraint

• Explaining cryptography algorithms and their basic characteristics: Symmetric algorithms—AES—DES—3DES—RC4—Blowfish/Twofish. Cipher modes—CBC—GCM—ECB—CTR—stream versus block. Asymmetric algorithms—RSA—DSA—Diffie-Hellman—groups—DHE—ECDHE—elliptic curve—PGP/GPG—hashing algorithms—MD5—SHA1-HMAC – RIPEMD. Key stretching algorithms—BCRYPT—PBKDF2—obfuscation—XOR—ROT13—substitution ciphers

• Given a scenario, implement a public key infrastructure: Components—CA—intermediate CA—CRL—OCSP—CSR—certificate—public key—private key—Object Identifiers (OID). Concepts—online versus offline CA—stapling—pinning—trust model—key escrow—certificate chaining. Types of certificates—wildcard—SAN—code signing—self-signed—machine/computer—e-mail—user—root—domain validation—extended validation. Certificate formats—DER—PEM—PFX—CER—P12—P7B

Chapter09 Implementing Public Key Infrastructure Part 2