Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Knowledge Net Comptia Security Plus Student Guide v1

    Încărcat de

    api-3722405
    243 vizualizări471 pagini
    KNOWLEDGENET is a registered trademark; and the K DESIGN and THE BEST OF A NEW BREED are trademarks of KnowledgeNet.com, Inc. All other trademarks are the property of their respective companies.

    Descriere originală:

    Drepturi de autor

    © Attribution Non-Commercial (BY-NC)

    Formate disponibile

    PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    KNOWLEDGENET is a registered trademark; and the K DESIGN and THE BEST OF A NEW BREED are trademarks of KnowledgeNet.com, Inc. All other trademarks are the property of their respective companies.

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    243 vizualizări471 pagini

    Knowledge Net Comptia Security Plus Student Guide v1

    Încărcat de

    api-3722405
    KNOWLEDGENET is a registered trademark; and the K DESIGN and THE BEST OF A NEW BREED are trademarks of KnowledgeNet.com, Inc. All other trademarks are the property of their respective companies.

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 471
    Security+ KnowledgeNet Security+ Student Guide Version 1.0 ©2003 KnowledgeNet.com, Inc. All Rights Reserved. KNOWLEDGENET isa registered trademark; and the K DESIGN and THE BEST OF A NEW BREED are trademarks ‘of KnowledgeNet com, Inc.All other trademarks are the property oftheir respective companies. MODULE 1 - HACKING, CRACKING, AND ATTACKS Objectives Outline LESSON 1: WHY SECURITY IS NECESSARY Why is Security Necessary? Structured Threats Unstructured Threats Internal Threats External Threats ‘Summary LESSON 2: RECONNAISSANCE TECHNIQUES Sniffing Ping Sweeps Port Sweeps Evasive Sweeps OS Identification Summary LESSON 3: ACCESS TECHNIQUES Replay Session Hijacking Marein-the-middle Backdoor Social Engineering Technology Exploitation Protocol Exploitation Top pe ome ‘SNMP SMTP OSiSystem Hacks Butfer Overflow Cookies Signed Applets, Weak keys Mathematical Birthday Password Attacks Brute Force Attacks Dictionary Attacks ‘Summary LESSON 4: DENIAL OF SERVICE ATTACKS 14 14 1:3 15 17 18 19 1-10 111 113 1-15 116 118 1.20 121 4-22 1-25 1.27 1.28 1.29 1.30 1.31 1.32 1.33 134 1.36 1.37 1.38 1-40 144 1-42 1.43 144 1.45 1.87 1.48 1-49 1.81 1.82 1-53 1.55 (Copyright © 2003, KnowledgeNet.com, In. Alights reserved KrowiedgeNet Networt Spoofing 1.87 SYN Floods 1-58 Distributed Denial of Service (OD0S) 1-89 Malicious Code 1-60 Viruses 1-61 Trojan 1-62 Worms 1-63 Logic Bombs 1-64 Summary 1-65 MODULE 2 - MITIGATION TECHNIQUES 24 Objectives 24 Outline 24 LESSON 1: AUTHENTICATION 23 Overview 25 One way / Mutual 26 Username / Password 27 CHAP / PAP 28 Kerberos 240 One Time Passwords at Token Cards 212 Digital Certificates 243 Biometrics 24 Mult-Factor 245 Summary 246 LESSON 2: AUTHORIZATION 249 Overview 221 Mandatory Access Control 222 Discretionary Access Control 2.23 Role-based Access Control 2.24 Information Models 2.25 CClark-Wilson Model 2.26 Bell La-Padula Model 227 Biba Integrity Mode! 2.28 ‘Summary 2:30 LESSON 3: ACCOUNTING 2:33 Overview 2.35 Logging 2.36 ‘System Scanning 3.37 Monitoring 2:38 ‘Summary 2:38 MODULE 3: HARDENING 34 Objectives 34 ii KrowleageNet Network Copyright © 2003, KnowledgeNet com, nc. Allright reserved, Outline at LESSON 1: NOS\OS HARDENING 33 Hardening - Overview 35 NOSIOS Hardening 36 Operating System Updates a7 Patching 38 Hot Fixes 39 Service Packs 3-10 Application Hardening 31 Web Servers, 312 Email Servers 343 FTP Servers 314 DNS Servers 345 NNTP Servers 346 File(Print Servers 347 DHCP Servers 348 Data Repositories 3419 Directory Services 3.20 Databases 321 ‘Summary 3.22 LESSON 2: FILTERS/FIREWALLS 3.25 Filters/Firewalls 3.27 Layer 3 fitering 3.28 Proxy Servers 3.29 Stateful Filtering 3:30 Hardening 331 Architecture 3.20 ‘Summary 3.32 LESSON 3: INTRUSION DETECTION SYSTEMS 3.35 Host-Based Intrusion Detection 3.37 Network-Based Intrusion Detection 3-38 ‘Summary 3.39 LESSON 4: ORGANIZATION 3-44 Introduction 3.43 Physical Security 344 ‘Access Control 3.46 Physical Barriers 3.47 Biometrics 3-48 Environmental Security 3.50 Wireless Cells, 351 Location 3.52 Shielding 3.53 Fire Suppression 354 Disaster Recovery 356 (Copyright © 2003, KnowledgeNet.com, In. Alights reserved KrowiedgeNet Networt Backups Off-Site Storage ‘Secure Recovery Alternate Sites Disaster Recovery Plan Business Continuity Utlities High Availabilty/Fault Tolerance Policy and Procedures Security Policy Users Security Handbook (RFC2504) Site Security Handbook (RFC2196) Acceptable Use Due Care Privacy ‘Separation of Duties Need to Know PasswordiCertifcate Management SLA Disposal/Destruction HR Policy Hiring Termination Code of Ethics Honey Pots/Honey Nets ‘Summary LESSON 5: FORENSICS Introduction Chain of Custody Preservation of Evidence Collection of Evidence Incident Response Summary MODULE 4 - INFRASTRUCTURE ACCESS POINTS Objectives Outline LESSON 1: LAYER 1 ACCESS POINTS Coaxial Cable Security Risks Associated with Coaxial Cable UTP and STP UTP and STP Pin Configuration Fiber Infrared Radio Frequency Microwave 3.87 3.58 3.59 3-60 361 3.62 3.63 3-64 3.66 3.67 3-68 3.69 3-70 371 3-73 374 3.75 3.76 3-78 378 3.79 3-80 381 3.82 3-83 3.84 3-87 3.89 3.91 3.92 3.93 3.04 3.95 4a 4 44 43 45 46 47 48 4.10 ant 42 413 KrowledgeNet Networks Copyright © 2003, KnowledgeNet com, nc. Allright reserved Modems ang ‘Summary 418 LESSON 2: LAYER 2 ACCESS POINTS 47 Hubs and Switches 418 Wireless Access Points 419 Summary 4.20 LESSON 3: LAYER 3 ACCESS POINTS 4-23 Routers, 4-24 Remote Access Servers, 4.28 Firewalls 426 ‘Summary 427 LESSON 4: LAYER 4 AND ABOVE 4.29 Proxy Servers 420 Workstations. 431 Servers 4-33 Removable Media 434 Tapes 4-38 CDR and DVD-R 4.36 Removable Hard Drives 437 Diskettes 4.38 Flashcards 439 ‘Smartcards 440 Summary Alt MODULE 5 - INFRASTRUCTURE PROTOCOLS 54 Objectives 54 Outiine 4 LESSON 1: REMOTE ACCESS 5-3 PPP 55 PPTP 56 IPSec 57 Telnet 58 Secure Shell 5.9 TACACS+ 510 RADIUS 511 Wireless 5-12 802.11% 5-13 Wired Equivalent Privacy (WEP) 514 Wireless Application Protocol (WAP) 515 802.1% 5416 wris 518 Extensible Authentication Protocol (EAP) 519 Lightweight EAP (LEAP) 5-20 (Copyright © 2003, KnowledgeNet.com, In. Alights reserved KrowiedgeNet Networt EAP Over LANs (EAPOL) ‘Summary LESSON 2: INTERNETWORK ACCESS E-mail MIME SIMIME PGP Technologies E-Mail Vulnerabilities SPAM Hoaxes SMTP Relay Web HTTP HTTPS ‘Secure Sockets Layer (SSL) Transport Layer Security (TLS) Instant Messaging Java Active X ‘Common Gateway Interface (CGI) 8.3 Naming Convention File Transfer File Transfer Protocol (FTP) SiFTP Anonymous FTP File Sharing Directory LDAP ‘Summary MODULE 6 - INFRASTRUCTURE TOPOLOGIES Objectives Outline LESSON 1: SECURITY ZONES Intranet Extranet DMZ Summary LESSON 2: VLANS LANs VLANs ‘Summary LESSON 3: NETWORK ADDRESS TRANSLATION 5.22 5.23 5-25 5.27 5.28 5.29 5-30 531 5.32 5.33 5.34 5.35 5.36 5.37 5-38 5.39 5-40 54 5-42 5-43 Bad 5-45; 5-46 5.48 5-49 5-50 552 5.53 6-4 et et 6-3 ea 66 67 6-9 ett 612 6-14 6-17 KrowledgeNet Networks Copyright © 2003, KnowledgeNet com, nc. Allright reserved Network Address Translation (NAT) 8 Port Address Translation (PAT) 6-19 ‘Summary 6-20 LESSON 4: TUNNELING 6-23 Tunneling 6-24 Internet Protocol Security (IPSec) 6-25 Basics of Cryptography 6.26 Hash Algorithms 6-28 Message Digest 5 (MDS) 6-29 ‘Secure Hash Algorithm 1 (SHA-1) 6-30 Hash Message Authentication Code (HMAC) 631 Encryption Algorithms 632 ‘Symmetric Encryption Algorithms 6-33 DES 6-34 DES 6-35 ‘Advanced Encryption Standard (AES) 6-36 Asymmetric Algorithms 637 RSA 6-38 DSA 6-40 Diffie-Hellman (DH) 6-41 Concepts of Cryptography 6-43 Integrity 6-44 Authentication of Endpoint 6-45 Data Integrity 6-46 Digital Signatures 6-47 Non-repudiation 6-48 Confidentiality 6-49 Public Key Cryptography 6-50 Digital Certificates 651 Certificate Authorities, 6-52 Trust Models, 6-53 Revocation 6-54 Certificate Policies 6-55 Certificate Practice Statement (CPS) 6-56 ‘Summary 657 LESSON 5: KEY MANAGEMENT/CERTIFICATION LIFECYCLE 6-61 Overview 6-63 Centralized versus Decentralized 6-64 Storage and Distribution 6-66 Escrow 6-68 Expiration 6-70 Revocation ert Suspension 6-72 Recovery 6-73 Renewal 6-75 Destruction 6-76 (Copyright © 2003, KnowledgeNet.com, In. Alights reserved KnowiedgeNet Nabors? Vil Key Usage ‘Summary MODULE 7 - INFRASTRUCTURE MANAGEMENT Objectives Outline LESSON 1: PRIVILEGE MANAGEMENT Overview UseriGroup/Role Management Single Sign-on Centralized versus Decentralized Auditing (privilege, usage, escalation) MACIDACIRBAC ‘Summary LESSON 2: RISK IDENTIFICATION Overview Asset Identification Risk Assessment Threat Identification Vulnerabilities ‘Summary LESSON 3: EDUCATION (TRAINING OF END USERS, EXECUTIVES, AND HUMAN RESOURCES) Overview ‘Communication User Awareness Training Online Resources ‘Summary LESSON 4: DOCUMENTATION Overview Standards and Guidelines, Systems Architecture Change Documentation Logs and Inventories Classification/Notification Retention/Storage/Destruction ‘Summary e77 6-78 7H 74 73 76 78 7-10 712 714 7-16 TAQ 724 722 724 7.28 727 7.28 7231 7-33 7.34 7.35 7.36 737 7.38 7-44 7-83 744 7-45; 7-46 787 7-88 7-49 7-50 vil KnowledgoNet Network+ Copyright © 2003, KnowledgeNet com, inc. Allighs reserved,

    S-ar putea să vă placă și