Skip to content

Instantly share code, notes, and snippets.

@agussman

agussman/SecurityPlus.MD

Last active October 25, 2021 23:54
Show Gist options
  • Save agussman/43b579fe1543c5c3f4addbe4be02192e to your computer and use it in GitHub Desktop.
Save agussman/43b579fe1543c5c3f4addbe4be02192e to your computer and use it in GitHub Desktop.
Download ZIP
CompTIA Security+ SY0-401 & SY0-501 Notes
Raw
SecurityPlus.MD

This to learn/review

  • Mandatory Access Control (MAC) vs Discrtionary Access Control (DAC)

  • RADIUS / Diameter / TACACS

  • TPM, HSM http://blogs.getcertifiedgetahead.com/tpm-hsm-hardware-encryption-devices/

  • Signing vs Encrypting?

  • Packet Headers

  • SSL? Relationship to CA?

  • Are CAs used for encryption? Or just verification?

  • SSLs - https://www.digicert.com/ssl-cryptography.htm

  • Know "Know/Have/Are" wrt authentication

  • UTM?

  • ACL? What gets ACLs?

  • 802.1x goes on Switches?

    • can be compromised by MAC spoofing

  • NIPS on UTM

  • What gets DLP? Router, mail, database, not web?

  • Raid X / mirrored / Striped / speed or redundancy or both

  • VLAN OSI layer?

  • Use what encryption for what? eg elliptical curve for mobile

  • Loss (ALE = SLE * annual???)

  • Nessus? Credential scans?

  • IPS? Fails in a secure manner

  • WAF?

  • Windows Security Tools

  • Rainbow Tables

SmartCard Reader = CAC Proximity Card = Datacard

Test Structure

  • Scenario
  • Multiple Choice
    • ~2m each
    • mark for review
    • read bottom up
  • Go with your gut/ don't change it unless you have a reason

OSI Layers

  • Please Do Not Throw Sausage Pizza Away
  • Lowest Address is Network ID (.0)
  • Highest Address Broadcast ID (.255)
  • For exam, all subnetting will be Class C
  • 200.10.10.10 with a subnet mast of 255?

Homework for Day #1: HOMEWORK!

  • Chapters 1, 2, and 4: Multiple Choice Questions
  • Chapters 1, 2, and 4: Statement/Questions (p 108)
  • Ports (p 107)
  • [optional] Chapters 1, 2, and 4: Review slides

Scenarios

Types of attack Pharming Tailgating

People In A Class Eat Real Food

Cryptography - p 91

  • DES (Data Encryption Standard)
    • Symmetric
    • Block, 64-bit
    • 56-bit keys
    • weak, small block sizes
  • 3DES
    • Symmetric
    • Block, 64-bit
    • 168-bit keys
  • Blowfish
    • Symmetric
    • Block, 64-bit
    • 1->148 bit keys
  • Two-fish
    • Symmetric
    • Block, 128-bit
    • 256-bit keys
  • AES (Advanced Encryption Standard)
    • Symmetric
    • Block, 128-bit
    • 128/192/256 bit keys
    • "AES256 most mathematically secure" for a file, US Gov adopted
  • RC4
    • Symmetric
    • Streaming
    • 40 to 2,048-bit key
    • Used in:
      • SSL/TLS
      • WEP (secure wireless networks)
      • TKIP (used w/ WPA)
  • RC5
    • Symmetric
    • Block
  • One Time Pad
    • Symmetric
    • Block?
    • input-length key
    • "unbreakable"
  • RSA
    • Asymmetric
  • Diffie-Hellman
    • Asymmetric
    • secure key exchange, use w/ SSH
  • ECC (Elliptical Curve Cryptography)
    • Asymmetric
    • portable devices, stronger encryption with shorter key lengths
    • DH-ECC allows for secure key exchange
  • PGP (Pretty Good Privacy)
    • Asymmetric
    • emails, peer-to-peer requires public key trust

PBKDF2 (Password Based Key Derivation Function 2) WPA WPA2 disk encryption

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment