The CompTIA Security Certification Exam Objectives are subject to change

The comptia security certification exam objectives

This preview shows page 8 - 11 out of 23 pages.

The CompTIA Security+ Certification Exam Objectives are subject to change without notice. 2.8 Summarize risk management best practices. Business continuity concepts o Business impact analysis o Identification of critical systems and components o Removing single points of failure o Business continuity planning and testing o Risk assessment o Continuity of operations o Disaster recovery o IT contingency planning o Succession planning o High availability o Redundancy o Tabletop exercises Fault tolerance o Hardware o RAID o Clustering o Load balancing o Servers Disaster recovery concepts o Backup plans/policies o Backup execution/frequency o Cold site o Hot site o Warm site 2.9 Given a scenario, select the appropriate control to meet the goals of security. Confidentiality o Encryption o Access controls o Steganography Integrity o Hashing o Digital signatures o Certificates o Non-repudiation Availability o Redundancy o Fault tolerance o Patching Safety o Fencing o Lighting o Locks o CCTV o Escape plans o Drills o Escape routes o Testing controls 3.0 Threats and Vulnerabilities 3.1 Explain types of malware.
Image of page 8
CompTIA Security+ Certification Exam Objectives v. 6 9 of 23 Copyright 2013 by the Computing Technology Industry Association. All rights reserved. The CompTIA Security+ Certification Exam Objectives are subject to change without notice. Adware Virus Spyware Trojan Rootkits Backdoors Logic bomb Botnets Ransomware Polymorphic malware Armored virus 3.2 Summarize various types of attacks. Man-in-the-middle DDoS DoS Replay Smurf attack Spoofing Spam Phishing Spim Vishing Spear phishing Xmas attack Pharming Privilege escalation Malicious insider threat DNS poisoning and ARP poisoning Transitive access Client-side attacks Password attacks o Brute force o Dictionary attacks o Hybrid o Birthday attacks o Rainbow tables Typo squatting/URL hijacking Watering hole attack 3.3 Summarize social engineering attacks and the associated effectiveness with each attack. Shoulder surfing Dumpster diving Tailgating Impersonation Hoaxes Whaling Vishing Principles (reasons for effectiveness) o Authority o Intimidation o Consensus/Social proof
Image of page 9
CompTIA Security+ Certification Exam Objectives v. 6 10 of 23 Copyright 2013 by the Computing Technology Industry Association. All rights reserved. The CompTIA Security+ Certification Exam Objectives are subject to change without notice. o Scarcity o Urgency o Familiarity/liking o Trust 3.4 Explain types of wireless attacks. Rogue access points Jamming/Interference Evil twin War driving Bluejacking Bluesnarfing War chalking IV attack Packet sniffing Near field communication Replay attacks WEP/WPA attacks WPS attacks 3.5 Explain types of application attacks.
Image of page 10
Image of page 11

You've reached the end of your free preview.

Want to read all 23 pages?

  • Summer '16
  • Computer Security, Certification Exam Objectives, Computing Technology Industry Association, CompTIA Security+ certification, Security+ Certification Exam

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask You can ask (will expire )
Answers in as fast as 15 minutes