Skip to content

Latest commit

 

History

History
58 lines (50 loc) · 4.51 KB

unsorted.md

File metadata and controls

58 lines (50 loc) · 4.51 KB

uCertify

Aaron's note: I suspect that some of this material isn't on the Security+ exam, even though it is under the umbrella of uCertify's Security+ curriculum."

  • Metrics are the "best indication of the success of the program."
  • 802.1X "makes use of a supplicant, authenticator, and authentication server".
  • AES and TKIP are supported by the 802.11i standard.
  • DRP: Data recovery plan
  • "TEMPEST is a group of standards that refers to the investigations of conducted admissions from electrical and mechanical devices that may or may not compromise an organization."
    • "War-driving can be prevented by using TEMPEST-certified techniques. War-driving is when a person attempts to access a company's wireless network from a laptop within their vehicle."
  • Logging
    • "The System log file logs information pertaining to drivers, operating system files, the kernel, and so on..."
    • "The firewall log can help you find out whether files are being illegitimately copied to an external location."
    • Security log
      • "The Security log file shows any unauthorized changes to the resources that you decide to audit."
      • "The security log is the log file in Windows (found in the Event Viewer) that shows security violations or allowed access whether they succeeded or not; it works when auditing has been turned on."
    • "An audit trail is a collection of security log files, unauthorized security violations, and other logged information such as successful or failed logins."
  • RSA: "depends on the inability to factor large prime numbers"
  • "Signatures are the patterns that an IDS looks for when detecting attacks."
  • CRS is submitted to the certificate authority
  • Nonessential services
    • Not monitored as oftne
    • Often not configured correctly
  • "Message authentication code (MAC) is a short piece of information that authenticates the message in an attempt to guarantee the message's data integrity"
  • "AES, DES, RC4, and 3DES are all symmetric encryption algorithms."
  • Smurf: Occurs when a combination of IP spoofing and ICMP messages saturate a network.
  • "Proper external security testing should be conducted from outside the organization's security perimeter."
  • "MAC flooding sends many packets to a switch, each of which has a different source MAC address, in an attempt to use up the memory on the switch, changing the state of the switch to fail-open mode, which ultimately makes it function as a hub."
  • "Kiting is the practice of monopolizing domain names without paying for them. Newly registered domain names can be canceled with a full refund during an initial five-day window known as an AGP, or add grace period."
  • "WPA was created to fix core problems with WEP. WPA is designed to work with older wireless clients while implementing the 802.11i standard."
  • CASB: Cloud Access Security Broker "If there is a mix of on-premises infrastructure and cloud-provider infrastructure, a company might consider a cloud access security broker (CASB). A CASB is a software tool or service that acts as the gatekeeper between the two, allowing the company to extend the reach of its security policies beyond its internal infrastructure."
  • "TCP Wrapper is a host-based ACL program that provides protection against host name and host address spoofing in Linux and Unix environments."
  • "Footprinting occurs when network data is gathered to discover ways to intrude on the network."
  • "Routers operate at the Network layer (Layer 3) of the OSI networking model."
  • "Piggybacking is the act of gaining unauthorized access to a facility by using another user's access credentials."
  • "A collision attack combines brute force attacks, each with a different input, to produce the same hash value."
  • "A baseline defines the minimum level of security and performance of a system in an organization."
  • "Hyperlink spoofing, which is also referred to as Web spoofing, is used by an attacker to persuade the Internet browser to connect to a fake server that appears as a valid session. "
  • "You should implement every computer on the demilitarized zone (DMZ) as a bastion host because any system on the DMZ can be compromised."
  • "Data control language (DCL) implements security through access control and granular restrictions."

Wikipedia

  • "A bastion host is a special-purpose computer on a network specifically designed and configured to withstand attacks."

Other

  • SFC: System File Checker in Windows

CIDR - available hosts

  • /25 -- 2^32-25 - 2 = 126
  • /26 -- 2^32-26 - 2 = 62
  • /27 -- 2^32-27 - 2 = 30
  • /28 -- 2^32-28 - 2 = 14
  • /29 -- 2^32-29 - 2 = 6
  • /30 -- 2^32-30 - 2 = 2