CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [7]
1.0 Systems Security
1.1 Differentiate among various systems security threats.
■ Privilege escalation
■ Virus
■ Worm
■ Trojan
■ Spyware
■ Spam
■ Adware
■ Rootkits
■ Botnets
■ Logic bomb
1.2 Explain the security risks pertaining to system hardware and peripherals.
■ BIOS
■ USB devices
■ Cell phones
■ Removable storage
■ Network attached storage
1.3 Implement OS hardening practices and procedures to achieve workstation and server security.
■ Hot fixes
■ Service packs
■ Patches
■ Patch management
■ Group policies
■ Security templates
■ Configuration baselines
1.4 Carry out the appropriate procedures to establish application security.
■ ActiveX
■ Java
■ Scripting
■ Browser
■ Buffer overflows
■ Cookies
■ SMTP open relays
■ Instant messaging
■ P2P
■ Input validation
■ Cross-site scripting (XSS)
1.5 Implement security applications.
■ HIDS
■ Personal software firewalls
■ Antivirus
■ Anti-spam
■ Popup blockers
1.6 Explain the purpose and application of virtualization technology.
2.0 Network Infrastructure
2.1 Differentiate between the different ports & protocols, their respective threats and mitigation techniques.
■ Antiquated protocols
■ TCP/IP hijacking
■ Null sessions
■ Spoofing
■ Man-in-the-middle
■ Replay
■ DoS
■ DDoS
■ Domain Name Kiting
■ DNS poisoning
■ ARP Poisoning
2.2 Distinguish between network design elements and components.
■ DMZ
■ VLAN
■ NAT
■ Network interconnections
■ NAC
■ Subnetting
■ Telephony
2.3 Determine the appropriate use of network security tools to facilitate network security.
■ NIDS
■ NIPS
■ Firewalls
■ Proxy servers
■ Honeypot
■ Internet content filters
■ Protocol analyzers
2.4 Apply the appropriate network tools to facilitate network security.
■ NIDS
■ Firewalls
■ Proxy servers
■ Internet content filters
■ Protocol analyzers
2.5 Explain the vulnerabilities and mitigations associated with network devices.
■ Privilege escalation
■ Weak passwords
■ Back doors
■ Default accounts
■ DoS
2.6 Explain the vulnerabilities and mitigations associated with various transmission media.
■ Vampire taps
2.7 Explain the vulnerabilities and implement mitigations associated with wireless networking.
■ Data emanation
■ War driving
■ SSID broadcast
■ Blue jacking
■ Bluesnarfing
■ Rogue access points
■ Weak encryption
3.0 Access Control
3.1 Identify and apply industry best practices for access control methods.
■ Implicit deny
■ Least privilege
■ Separation of duties
■ Job rotation
3.2 Explain common access control models and the differences between each.
■ MAC
■ DAC
■ Role & Rule based access control
3.3 Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges.
3.4 Apply appropriate security controls to file and print resources.
3.5 Compare and implement logical access control methods.
■ ACL
■ Group policies
■ Password policy
■ Domain password policy
■ User names and passwords
■ Time of day restrictions
■ Account expiration
■ Logical tokens
3.6 Summarize the various authentication models and identify the components of each.
■ One, two and three-factor authentication
■ Single sign-on
3.7 Deploy various authentication models and identify the components of each.
■ Biometric reader
■ RADIUS
■ RAS
■ LDAP
■ Remote access policies
■ Remote authentication
■ VPN
■ Kerberos
■ CHAP
■ PAP
■ Mutual
■ 802.1x
■ TACACS
3.8 Explain the difference between identification and authentication (identity proofing).
3.9 Explain and apply physical access security methods.
■ Physical access logs/lists
■ Hardware locks
■ Physical access control—ID badges
■ Door access systems
■ Man-trap
■ Physical tokens
■ Video surveillance—camera types and positioning
4.0 Assessments & Audits
4.1 Conduct risk assessments and implement risk mitigation.
4.2 Carry out vulnerability assessments using common tools.
■ Port scanners
■