CompTIA Security+ Part 1

Ch 1 - Today’s Security Professional

Cybersecurity Objectives (CIA)

• Confidentiality
• Integrity
• Availability

Threats (DAD)

• Disclosure
• Alteration
• Denial

Types of Risk

• Financial
• Reputational
• Strategic
• Operational

Security Control Categories

• Technical
• Operational
• Managerial

Security Control Types

• Preventative
• Detective
• Corrective
• Deterrent
• Physical
• Compensating

Data Protection

• At rest
• In motion
• In processing

Encryption

Data Loss Prevention (DLP)

• Host-based vs. Network
• Pattern matching vs. Watermarking

Data Minimization

• Hashing
• Tokenization
• Masking

Ch 2 - Cybersecurity Threat Landscape

Classifying Cybersecurity Threats

• Internal vs. External
• Level of Sophistication/Capability
• Resources/Funding
• Intent/Motivation

White, Grey, and Black-Hat Hackers

Threat Actors

• Script Kiddies
• Hacktivists
• Criminal Syndicates
• Advanced Persistent Threats (APT)
• Insiders
• Competitors

Threat Vectors

• Email and Social Media
• Direct Access
• Wireless Networks
• Removable Media
• Cloud
• Third-Party / Supply Chain

Open Source Threat Data and Intelligence

• Senki.org
• AT&T Open Threat Exchange
• MISP Threat Sharing Project
• Threatfeeds.io
• Government Sites:
• US Cybersecurity and Infrastructure Security Agency
• Department of Defense Cyber Crime Center
• CISA Automated Indicator Sharing
• CISA Information Sharing and Analysis Organizations
• Vendor Sites:
• Microsoft Threat Intelligence Blog
• Cisco Security
• Public Sources:
• SANS Internet Storm Center
• VirusShare
• Spamhaus

Proprietary and Closed-Source

Assessing Threat Intelligence

• Timely?
• Accurate?
• Relevant?

Threat Indicator Management and Exchange

• Structured Threat Information eXpression (STIX)
• Trusted Automated eXchange of Indicator Information (TAXII) Protocol
• Open Indicators of Compromise (OpenIOC)

Public and Private Information Sharing and Analysis Centers (ISAC)

Ch 3 - Malicious Code

Types of Malware (not mutually exclusive)

• Ransomware
• Trojans
• Worms
• Rootkits
• Backdoors
• Bots
• Keyloggers
• Logic Bombs
• Viruses
• Fileless Viruses
• Spyware
• Potentially Unwanted Programs (PUPs)

Malicious Code

Adversarial Artificial Intelligence

Ch 4 - Social Engineering, Physical, and Password Attacks

Social Engineering

• Authority
• Intimidation
• Consensus
• Scarcity
• Familiarity
• Trust
• Urgency

Techniques

• Phishing
• Credential Harvesting
• Website Attacks
• Spam
• In-Person
• Identity Fraud and Impersonation
• Reconnaissance and Impersonation
• Influence Campaigns

Online Password Attacks

• Brute-Force Attacks
• Password Spraying
• Dictionary Attacks

Offline

• Rainbow Tables
• Password Crackers

Physical Attacks

• Malicious Flash Drives + USB Cables
• Card Cloning
• Supply Chain Attacks

Ch 5 - Security Assessment and Testing

Vulnerability Management

• Identifying Scan Targets
• Determining Scan Frequency
• Configuring Vulnerability Scans
• Scanner Maintenance
• Vulnerability Scanning Tools
• Reviewing and Interpreting Scan Results

Security Vulnerabilities

• Patch Management
• Legacy Platforms
• Weak Configurations
• Error Messages
• Insecure Protocols
• Weak Encryption

Penetration Testing

• Adopting the Hacker Mindset
• Reasons for Pen Testing
• Benefits of Pen Testing
• Pen Test Types
• Rules of Engagement
• Reconnaissance
• Running the Test
• Cleaning Up

Ch 6 - Secure Coding

Software Development Phases

1. Planning
2. Requirements
3. Design
4. Development
5. Testing and Integration
6. Training and Transition
7. Ongoing Operations and Maintenance
8. Disposition

Software Development Models

• Waterfall
• Spiral
• Agile

DevOps

Continues Integration and Continuous Deployment

Open Web Application Security Project (OWASP) Proactive Controls

• Define Security Requirements
• Leverage Security Frameworks and Libraries
• Secure Database Access
• Encode and Escape Data
• Validate All Inputs
• Implement Digital Identity
• Enforce Access Controls
• Protect Data Everywhere
• Implement Security Logging and Monitoring
• Handle All Errors and Exceptions

API Security

Code Review Models

• Pair Programming
• Over-the-Shoulder
• Pass-Around Code Reviews
• Tool-Assisted Reviews
• Fagan Inspection

Software Security Testing

• Static Analysis
• Dynamic Analysis
• Fuzzing

Injection Vulnerabilities

• SQL Injection (Blind Content-Based vs. Timing Based)
• Other Code Injection Attacks
• Command Injection

Exploiting Authentication Vulnerabilities

• Password Authentication
• Session Attacks

Exploiting Authorization Vulnerabilities

• Insecure Direct Object References
• Directory Traversal
• File Inclusion
• Privilege Escalation

Exploiting Web Application Vulnerabilities

• Reflected Cross-Site Scripting
• Stored/Persistent XSS
• Cross-Site Request Forgery
• Server-Side REquest Forgery

Application Security Controls

• Input Validation
• Web Application Firewalls
• Database Security
• Code Security
• Code Signing
• Repositories and Version Control

Secure Coding Practices

• Source Code Comments
• Error Handling
• Avoid Hard-Coded Credentials
• Memory Management
• Race Conditions
• Unprotected APIs
• Driver Manipulation

Ch 7 - Cryptography and the Public Key Infrastructure

Goals of Cryptography

• Confidentiality
• Integrity
• Authentication
• Nonrepudiation

Block vs. Stream Ciphers

Hashing

Symmetric Cryptography

• Data Encryption Standard
• Triple DES
• Advanced Encryption Standard
• Symmetric Key Management

Asymmetric Cryptography

• RSA: Rivest, Shamir, Adleman
• Elliptic Curves

Hash Functions

• Secure Hash Algorithm
• MD5

Digital Signatures

• Hashed Message Authentication Code
• Digital Signature Standard

Public Key Infrastructure

• Digital Certificates
• Certificate Authorities

Cryptographic Attacks

• Brute Force
• Frequency Analysis
• Known Plain Text
• Chosen Plain Text
• Related Key Attack
• Birthday Attack
• Downgrade Attack
• Rainbow Tables
• Exploiting Weak Keys
• Human Error

Quantum Computing

Ch 8 - Identity and Access Management

Identity

• Usernames
• Certificates
• Tokens
• SSH Keys
• Smartcards

Authentication and Authorization

• Extensible Authentication Protocol
• Challenge Handshake Authentication Protocol
• Remote Authentication Dial-in User Service
• Terminal Access Controller Access Control System Plus
• Kerberos

Single Sign-On

Federation

Directory Services

Authentication Methods

• Multifactor Authentication
• One-Time Passwords
• Biometrics
• Knowledge-Based Authentication

Accounts

• Account Types
• Policies and Controls

Access Control Schemes

• Filesystem Permissions

Ch 9 - Resilience and Physical Security

Building Cybersecurity Resilience

• Storage Resiliency: Backups and Replication

Response and Recovery Controls

Physical Security Controls

• Site Security

Related:

CompTIA Security+ part 2

Cybersecurity Enrichment Activities

Training the Trainers- CYB 110 as a Dual Credit HS Course