CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [8]
■ Protocol analyzers
■ OVAL
■ Password crackers
■ Network mappers
4.3 Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning.
4.4 Use monitoring tools on systems and networks, and detect security-related anomalies.
■ Performance monitor
■ Systems monitor
■ Performance baseline
■ Protocol analyzers
4.5 Compare and contrast various types of monitoring methodologies.
■ Behavior-based
■ Signature-based
■ Anomaly-based
4.6 Executer proper logging procedures and evaluate the results.
■ Security application
■ DNS
■ System
■ Performance
■ Access
■ Firewall
■ Antivirus
4.7 Conduct periodic audits of system security settings.
■ User access and rights review
■ Storage and retention policies
■ Group policies
5.0 Cryptography
5.1 Explain general cryptography concepts.
■ Key management
■ Steganography
■ Symmetric key
■ Asymmetric key
■ Confidentiality
■ Integrity and availability
■ Non-repudiation
■ Comparative strength of algorithms
■ Digital signatures
■ Whole disk encryption
■ Trusted Platform Module (TPM)
■ Single vs. Dual sided certificates
■ Use of proven technologies
5.2 Explain basic hashing concepts and map various algorithms to appropriate applications.
■ SHA
■ MD5
■ LANMAN
■ NTLM
5.3 Explain basic encryption concepts and map various algorithms to appropriate applications.
■ DES
■ 3DES
■ RSA
■ PGP
■ Elliptic curve
■ AES
■ AES256
■ One time pad
■ Transmission encryption (WEP TKIP, and so forth)
5.4 Explain and implement protocols.
■ SSL/TLS
■ S/MIME
■ PPTP
■ HTTP vs. HTTPS vs. SHTTP
■ L2TP
■ IPSEC
■ SSH
5.5 Explain core concepts of public key cryptography.
■ Public Key Infrastructure (PKI)
■ Recovery agent
■ Public key
■ Private keys
■ Certificate Authority (CA)
■ Registration
■ Key escrow
■ Certificate Revocation List (CRL)
■ Trust models
5.6 Implement PKI and certificate management.
■ Public Key Infrastructure (PKI)
■ Recovery agent
■ Public key
■ Private keys
■ Certificate Authority (CA)
■ Registration
■ Key escrow
■ Certificate Revocation List (CRL)
6.0 Organizational Security
6.1 Explain redundancy planning and its components.
■ Hot site
■ Cold site
■ Warm site
■ Backup generator
■ Single point of failure
■ RAID
■ Spare parts
■ Redundant servers
■ Redundant ISP
■ UPS
■ Redundant connections
6.2 Implement disaster recovery procedures.
■ Planning
■ Disaster exercises
■ Backup techniques and practices—storage
■ Schemes
■ Restoration
6.3 Differentiate between and execute appropriate incident response procedures.
■ Forensics
■ Chain of custody
■ First responders
■ Damage and loss control
■ Reporting—disclosure of
6.4 Identify and explain applicable legislation and organizational policies.
■ Secure disposal of computers
■ Acceptable use policies
■ Password complexity
■ Change management
■ Classification of information
■ Mandatory vacations
■ Personally Identifiable Information (PII)
■ Due care
■ Due diligence
■ Due process
■ SLA
■ Security-related HR policy
■ User education and awareness training
6.5 Explain the importance of environmental controls.
■ Fire suppression
■ HVAC
■ Shielding
6.6 Explain the concept of and how to reduce the risks of social engineering.
■ Phishing
■ Hoaxes
■ Shoulder surfing
■ Dumpster diving
■ User education and awareness training
Tips for Taking the Security+ Exam
Here are some general tips for taking your exam successfully:
■ Bring two forms of ID with you. One must be a photo ID, such as a driver’s license. The other can be a major credit card or a passport. Both forms must include a signature.
■ Arrive early at the exam center so you can relax and review your study materials, particularly tables and lists of exam-related information. After you are ready to enter the testing room, you will need to leave everything outside; you won’t be able to bring any materials into the testing area.
■ Read the questions carefully. Don’t be tempted