nixfreak

Security+ SY0-601 Notes

Published on

Certification Notes

CompTIA Security Plus CY0-601

TERMS:

Mac Flooding: MAC flooding is when the hacker confuses the switch into flooding all frames to all ports. This allows the hacker to connect to any port on the switch and be able to receive all traffic on the network

ARP Poisoning: When a hacker "poisons" the ARP cache to redirect traffic to the attacker in able to get outside of the switch.

VLAN's: Segmenting networks so that network A can't talkt to network B.

C.I.A: Confidentiality, Integrity, Availability and accountability (Tenants of information security)

Due Care: Implementing the correct security control , i.e. backup's , antivirus, (Implementating an action)

Due Dilligance: Performing regular assessments and analyzing assessments.

Vulnerability: Weakness in a software or hardware

Exploit: Way to weaken or comprimise a system

GDPR: Policy enforced in Europe only (General Data Protection Regulation (GDPR) governs the protection and privacy of personal data)

User: is anyone who accesses and uses the resources within the organization. A user is affected by the security controls determined by the owner and put in place by the steward/custodian

Privileged User: User has been given extra privileges for administration tasks.

Security Officer: Is the liaison between management and the owner it the IT staff (custodian) Responsible for sure policies are being followed by educating everyone on their role within the organization.

O.S.I.N.T (Open source intelligence ) Free tools and API's to use in order to obtain information about a person(s) or organization.

Security Control: Identify any mechanism used to protect as asset with the the organization. (i.e. firewalls, AV, ACL)

Identifying types of policies

Standards: Policy that needs to be followed and typically covers a specific area of security.

Guidelines: Recommendations on how to follow security best practices

Procedures: (SOP) Stand Operating Procedure(s) Step-by-Step instructions showing how to configure a system or device.

Security Policies

■ Policies affecting users: - AUP (Acceptable Use Policy) - Lets users know what is acceptable use of its assets (i.e. Internet, email, laptops, modbile devices etc..) ■ Password - minimal password length, password history, password age, password complexity

■ Policies affecting Personal Management

  • NDA (non - disclosure agreement)
  • Onboarding (What happens with new employees)
  • Offboarding (What happens when an employee quits or gets terminated)
  • Continue education (College, training,)
  • AUP (Acceptable Use Policy)
  • Adverse actions (What happens when the user doesn't follow the rules)

■ Policies affecting Administrators - Asset Management - Change Control / Management Policy - Secure Disposal of Equipment Policy

Classification of Information

■ Top Secret: Highest classification level

■ Secret: Second Highest level

■ Confidential: Third Highest level

■ Unclassified: Regarded no harm to company and mostly ok for public view.

Privacy-Enhancing Technologies

■ Data minimization: First step to securing sensitive data is to minimize the amount of information you collect.

■ Data Masking: Technique used to protect confidential or private data, which involves replacing chars in the data with non relevant data.

■ Tokenization: When sensitive data is "traded" out or subsituted with nonrelevant data string known as a token. (Credit cards)

■ Anonymization: Data privacy technique taht involves removing personally identifying information from data so that the people being described in the data can remain anonymous.

■ Pseudo-anonymization: When personally identifying information located within fields of a database are replaced by pseudonym.

Data Roles and Responsibilities

A number of different roles interact with an organization’s data. For the Security+ exam, you should be familiar with the following data roles:

■   Data owner The data owner is typically the company owner, executive team, or department head who decides which data is considered an asset and how that data should be protected.

■   Data custodian/steward The custodian (aka steward) is the person who implements the security control based on the value of the asset determined by the owner. The custodian is the IT administrator who performs common tasks such as backups, configuring permissions, configuring firewalls, and hardening systems. Remember that the owner determines the controls needed, while the custodian actually secures the asset by implementing those controls.

■   Data privacy officer (DPO) The privacy officer, also known as the chief privacy officer (CPO), is responsible for developing policies that address employee personal data and customer personal data. The privacy policy should specify how personal data is to be handled and stored within the organization

## The different types of security

  • physical security
  • communication security
  • computer security
  • network security