Intellectual Point–Security + NotesSecurity + sy0 601•90 minutes•Combination of PBQ and MCQoPBQ–Performance based questions (Simulations)oMCQ–Multiple Choice Questions•Simulations weighted heavily (about 350 Points)•Total of 85 questions (approx.). 5 simulations, 80 multiple choices.•Total time -> 90 Min•About 1 min per question•Have good time management.•SOC–Security Operations Center•Soc Analyst•Passing Score–750/900•Cert valid for 3 years. Every 3 years you need 50 Continuing Education (CE) credits.•CompTIA Security+ is vendor neutral.3/12/2022Day 1, Morning Training•Confidentiality - making sure any unauthorized person should not be able to access or view thedata.•PII–Personally Identifiable Information•MFA–multi factor authentication•Encryption, Strong Access Control, MFA, Strong Passwords, physical security, shredding.•There is a lack of basic cyber hygiene.•Integrity of the data = means any unauthorized person should not be able to change/alter thedata.•Hashing allows you to maintain integrity.oThe dog is brown.▪MD5 Hash -e3c5b52e58182dfff6e7e2364e84c44coThe dog is yellow.▪MD5 Hash -6391db89007a17e75e6a55ab3e784b24
Hashes are different, meaning the original password/phrase has changed and thedata integrity is compromised.•Hash is a unique representation of a value, message, file, or data.•Passwords in your system are always hashed.•Evidence is stored in the form of logs.oLogs don’t lie.•CIA TriadoConfidentiality, Integrity, Availability.•SIEM tool–Security Information and Event Management–collects the logs, indexes them,correlates and allows you to search on those logs and get alerts.SPLUNK•Non–repudiation–proof of origin. Cannot deny having done something.•Understanding Core Security GoalsoConfidentiality▪Encryption▪Access controls▪Steganography–Data hidden in pictures (Osama bin Laden used this).oIntegrityoAvailability▪Redundancy▪Fault Tolerance▪Updating/Patching•Confidentiality controlsoLeast privilege▪Give users only the permission they need to preform there duties.oNeed to knowoSeparation of duties•Integrity ControlsoHashingoDigital signaturesoBackupsoVersion controls•Availability controlsoRedundance▪Multiple or backup systems designed for immediate or quick recoveryoFault tolerance▪Systems that continue to function after components fail.oPatch management▪Application of software updates with minimal service disruption.•Air Gap–not physically connected to any network.•Research Log4J–vulnerability out this year (Level 10 of scale 1-10).•Information Security Roles and ResponsibilityoOverall responsibility▪Chief Security Officer (CSO)
▪Chief Information Security Officer (CISO)–Top role in Cybersecurity.oManagerialoTechnical▪Information Systems Security Officer (ISSO)oNon-technicaloDue care/liability•Information Security Business Units•How do you ingest and bring in threat intelligence data to look for indicators of compromise(IOC) to be able to prevent various of threats–use TAXIIoTAXII, Trusted automated exchange of indicator informationoSTIX, Structured threat information exchange•Hypervisor, software that allows you to create and mange virtual machines.
Upload your study docs or become a
Course Hero member to access this document
Upload your study docs or become a
Course Hero member to access this document
End of preview. Want to read all 31 pages?
Upload your study docs or become a
Course Hero member to access this document
Term
Fall
Professor
Alfredo Perez
Tags
IP address, Transport Layer Security
