Security+ Domain 2.0: Technologies and Tools, Chapter 8

  1. Security+ Certification
  2. Security+ SY0-601: Definitions and Catchwords
  3. Security+ Domain 1.0: Threats, Attacks and Vulnerabilities
  4. Security+ Domain 2.0: Technologies and Tools, Chapter 6
  5. Security+ Domain 2.0: Technologies and Tools, Chapter 7
  6. Security+ Domain 2.0: Technologies and Tools, Chapter 8
  7. Security+ Domain 2.0: Technologies and Tools, Chapter 9
  8. Security+ Domain 2.0: Technologies and Tools, Chapter 10
  9. Security+ Domain 2.0: Architecture and Design
  10. Security+ Domain 3.0: Secure Systems Design and Deployment: Chapter 12
  11. Security+ Domain 3.0: Implementation cont’d
  12. Security+ Domain 3.0: Architecture and Design: Chapter 13: Embedded Systems
  13. Security+ Domain 3.0: Architecture and Design: Chapter 14: Application Development
  14. Security+ Domain 3.0: Architecture and Design: Chapter 15: Cloud and Virtualization
  15. Security+ Domain 3.0: Architecture and Design: Chapter 16: Resiliency and Automation
  16. Security+ Domain 3.0: Architecture and Design: Chapter 17: Physical Security
  17. Security+ Domain 4.0: Identity and Access Management: Chapter 18
  18. Security+ Domain 4.0: Identity and Access Management: Chapter 19
  19. Security+ Domain 4.0: Identity and Access Management: Chapter 20
  20. Security+ Domain 5.0: Risk Management: Chapter 21
  21. Security+ Domain 5.0: Risk Management: Chapter 22
  22. Security+ : Sample Questions
  23. Security+ Domain 5.0: Risk Management: Chapter 23
  24. bastion.inf
  25. Security+ Domain 5.0: Risk Management: Chapter 24
  26. Security+ Domain 5.0: Risk Management: Chapter 25
  27. Security+ Domain 5.0: Risk Management: Chapter 26
  28. Security+ Domain 5.0: Risk Management: Chapter 27
  29. Security+ Domain 5.0: Risk Management: Chapter 28
  30. Security+ Domain 5.0: Risk Management: Chapter 29
  31. Security+: My Favorite Free Tools

Chapter 8: Troubleshooting Common Security Issues

Unencrypted Credentials

FTP (20,21) –> FTPS (SSL/TLS) or SFTP (SSH, 22)

HTTP (80) –> SHTTP or HTTPS (443)

Telnet (23) –> SSH

SNMPv1 –> SNMPv3

SNMP Proxy Agents:
https://www.dpstele.com/snmp/8things-you-need-to-know.php

Logs / Event Anomalies

Things that shouldn’t be happening.

Permission Issues

Failed logins!

Access Violations

Certificate Issues

Broken Chain of Trust

Data Exfiltration

Misconfigured Devices

Weak Security Configs

Consider the case of web servers, which have many, many configuration settings often scattered through many config files. One critical piece of configuration is SSL/TLS negotiation. Your site must use TLS 1.2 or later (if TLS 1.3 is more widely deployed by the time you read this). Anything less opens your site to a POODLE attack (Google this, I’m serious).

Here’s a link to a sweet Docker container that runs a POODLE-type attack against web servers you are well permissioned to test. Read the text of this page:

Personnel

Acceptable Use Policy

Policy violations

Insider Threat

Social Engineering

Social Media

Only be designated users

Property of company

Personal Email

MDM

Unauthorized Software / License Compliance

Asset Management

Authentication Issues