CompTIA Security+ (Exam SY0-401) Course 01 Security Fundamentals

Size: px

Start display at page:

Download "CompTIA Security+ (Exam SY0-401) Course 01 Security Fundamentals"

Phyllis Porter
6 years ago
Views:

1 CompTIA Security+ (Exam SY0-401) Course 01 Security Fundamentals This course contains copyrighted material used by permission of Logical Operations, Inc.

2 Slide 1 Course 01: Security Fundamentals The Information Security Cycle Information Security Controls Authentication Methods Cryptography Fundamentals Security Policy Fundamentals OV 1-1

3 Slide 2 Topic A: The Information Security Cycle What Is Information Security? What to Protect Goals of Security Risk Threats A Vulnerability Intrusions Attacks Controls Types of Controls The Security Management Process OV 1-2

4 Slide 3 What Is Information Security? Protection of available information or information resources. Necessary for a responsible individual or organization to secure confidential information. Minimize business risks and other consequences of losing crucial data. OV 1-3

5 Slide 4 What to Protect Data Resource Data Resource OV 1-4

6 Slide 5 Goals of Security Prevention Detection Recovery OV 1-5

7 Slide 6 Risk Likelihood: Rare Damage: Moderate Disgruntled Former Employees Threat of Improper Access OV 1-6

8 Slide 7 Threats Intentional or unintentional Information Security Threats Changes to Information Interruption of Services Interruption of Access Damage to Hardware Damage to Facilities OV 1-7

9 Slide 8 A Vulnerability Attacker Unsecured Router Information System OV 1-8

10 Slide 9 Intrusions OV 1-9

11 Slide 10 Attacks Physical Security Attacks Software-Based Attacks Social Engineering Attacks Web Application-Based Attacks Network-Based Attacks OV 1-10

12 Slide 11 Controls Controls are the countermeasures that you need to put in place to avoid, mitigate, or counteract security risks due to threats or attacks. Prevention Control Detection Control Correction Control OV 1-11

13 Slide 12 Types of Controls Prevention Detection Correction OV 1-12

14 Slide 13 The Security Management Process OV 1-13

15 Slide 14 Topic B: Information Security Controls The CIA Triad Non-repudiation Identification Authentication Authentication Factors Authorization Access Control Access Control Models Accounting and Auditing Common Security Practices Implicit Deny Least Privilege Separation of Duties Job Rotation Mandatory Vacation Time of Day Restrictions Privileged Management OV 1-14

16 Slide 15 The CIA Triad Availability OV 1-15

17 Slide 16 Non-repudiation OV 1-16

18 Slide 17 Identification OV 1-17

19 Slide 18 Authentication OV 1-18

20 Slide 19 Authentication Factors Something you are Fingerprints, handprints, or retinal patterns Something you have Key or ID card Something you know Password or PIN Somewhere you are or are not IP address or GPS Something you do Keystroke patterns Password OV 1-19

21 Slide 20 Authorization Determining the rights and privileges of a user or entity. Comes after identification and authentication. OV 1-20

22 Slide 21 Access Control Determining and assigning privileges to resources, objects, or data. Manages authorization. OV 1-21

23 Slide 22 Access Control Models Mandatory Access Control (MAC) Discretionary Access Control (DAC) Role-Based Access Control (RBAC) Rule-Based Access Control OV 1-22

24 Slide 23 Accounting and Auditing The process of tracking and recording system activities and resource access. Auditing: examine what was recorded. OV 1-23

25 Slide 24 Common Security Practices Implicit deny Least privilege Separation of duties Job rotation Mandatory vacation Time of day restrictions Privilege management OV 1-24

26 Slide 25 Implicit Deny Default Deny Read Access Granted Write Access Denied OV 1-25

27 Slide 26 Least Privilege Perform their jobs with fewer privileges User 1 User 4 Perform their jobs with more privileges User 2 Data Entry Clerks User 3 Financial Coordinators OV 1-26

28 Slide 27 Separation of Duties Backup Audit Restore OV 1-27

29 Slide 28 Job Rotation Backup Access Control Audit Firewall Restore OV 1-28

30 Slide 29 Mandatory Vacation OV 1-29

31 Slide 30 Time of Day Restrictions AM PM OV 1-30

32 Slide 31 Privilege Management Accounting/Auditing Authorization Access Control Administrator Authentication OV 1-31

33 Slide 32 Topic C: Authentication Methods User Name/Password Authentication Tokens Biometrics Geolocation Keystroke Authentication Multi-factor Authentication Mutual Authentication OV 1-32

34 Slide 33 User Name/Password Authentication Password User name OV 1-33

35 Slide 34 Tokens Unique Value PIN User Information Password OV 1-34

36 Slide 35 Biometrics Fingerprint scanner Retinal scanner Hand geometry scanner Voice-recognition software Facial-recognition software Fingerprint Scanner OV 1-35

37 Slide 36 Geolocation Where you are or are not. Determines physical location from IP address, MAC address, RFID, GPS coordinates, etc. Authentication requests from approved locations are granted. Authentication Approved Authentication Request Approved Locations Authentication Denied OV 1-36

38 Slide 37 Keystroke Authentication Keystroke Pattern Detector OV 1-37

39 Slide 38 Multi-factor Authentication Password ID Card OV 1-38

40 Slide 39 Mutual Authentication OV 1-39

41 Slide 40 Topic D: Cryptography Fundamentals Cryptography Encryption and Decryption Ciphers Cipher Types Encryption and Security Goals Steganography A Key Hashing Encryption Hashing Encryption Algorithms Symmetric Encryption Symmetric Encryption Algorithms Asymmetric Encryption Asymmetric Encryption Technologies Key Exchange Digital Signatures Cipher Suites Session Keys Key Stretching OV 1-40

Slide 41 Cryptography G7JDZL L539CZ AA9CZ1 ZPQ12G 93L12B LP7FFH 18ABHU UJ14A9 334FYO K71TYP CS3314 566HHX

42 Slide 41 Cryptography G7JDZL L539CZ AA9CZ1 ZPQ12G 93L12B LP7FFH 18ABHU UJ14A9 334FYO K71TYP CS HHX SAPRW1 SP563S 3F8Y0K PVF129 A7V8TT ADL10M N031M1 LAE3FB 1L598X RX0FYT LM2HU5 GT610A I5581Z QH1UNB 9JB70W OV 1-41

43 Slide 42 Encryption and Decryption Plaintext Encryption Ciphertext Ciphertext Decryption Plaintext OV 1-42

44 Slide 43 Ciphers Original Information Cipher Encrypted Information OV 1-43

45 Slide 44 Cipher Types Stream Cipher Plaintext Cipher Ciphertext Block Cipher Plaintext Block Cipher Ciphertext Block OV 1-44

46 Slide 45 Encryption and Security Goals Confidentiality Integrity Non-repudiation Authentication Access control OV 1-45

47 Slide 46 Steganography Steganographic techniques include: Hiding information in blocks. Hiding information within images. Invisibly altering the structure of a digital image. Vessel Image Steganographic Image Secret Data OV 1-46

48 Slide 47 A Key Original Information Cipher Encrypted Information = Two Letters Following OV 1-47

49 Slide 48 Hashing Encryption OV 1-48

50 Slide 49 Hashing Encryption Algorithms MD5 SHA NTLM versions 1 and 2 RIPEMD HMAC OV 1-49

51 Slide 50 Symmetric Encryption Encrypts Data Decrypts Data Same Key on Both Sides OV 1-50

52 Slide 51 Symmetric Encryption Algorithms DES 3DES AES Blowfish Twofish RC 4, 5, 6 OV 1-51

53 Slide 52 Asymmetric Encryption Public Key Encrypts Private Key Decrypts OV 1-52

54 Slide 53 Asymmetric Encryption Techniques RSA DH ECC DHE ECDHE OV 1-53

55 Slide 54 Key Exchange Sender Receiver For messages to be exchanged, the sender and receiver need the right cryptographic keys Symmetric cipher: Same key Asymmetric cipher: Each other s public key OV 1-54

56 Slide 55 Digital Signatures Hash Value of Signature Hash Value Matches OV 1-55

57 Slide 56 Cipher Suites Collections of symmetric and asymmetric encryption algorithms: Key exchange Bulk encryption Message authentication code Pseudorandom function Establish secure connections between hosts. Associated with TLS and SSL network protocols. Over 200 named cipher suites provide varying protection levels. Key Exchange Algorithm Bulk Encryption Algorithm Message Authentication Code Algorithm Pseudorandom Function Cypher Suite OV 1-56

58 Slide 57 Session Keys Single-Use Key Related Messages Sender Receiver Unrelated message requires a different key OV 1-57

59 Slide 58 Key Stretching Original Key Key Stretching Algorithm Enhanced Key Key stretching makes it harder to crack passwords and passphrases. OV 1-58

60 Slide 59 Topic E: Security Policy Fundamentals A Security Policy Security Policy Components Common Security Policy Types Group Policy Security Document Categories Change Management Documentation Handling Measures OV 1-59

61 Slide 60 A Security Policy Individual Policy Resources to Protect Formal Policy Statement Implementation Measures OV 1-60

62 Slide 61 Security Policy Components Policy statement Standards Guidelines Procedures OV 1-61

63 Slide 62 Common Security Policy Types AUP Privacy policy Audit policy Extranet policy Password policy Wireless standards policy Social media policy OV 1-62

64 Slide 63 Group Policy OV 1-63

65 Slide 64 Security Document Categories System architecture Change documentation Logs Inventories OV 1-64

66 Slide 65 Change Management OV 1-65

67 Slide 66 Documentation Handling Measures Classification Retention and Storage Disposal and Destruction OV 1-66

68 Slide 67 Course 01 Review: Security Fundamentals The Information Security Cycle Information Security Controls Authentication Methods Cryptography Fundamentals Security Policy Fundamentals OV 1-67

69 Slide 68 Reflective Questions 1. Which of the basic security concepts in this lesson were familiar to you, and which were new? 2. Can you describe some real-world situations where you used basic security techniques such as authentication, access control, and encryption, or made use of a security policy? OV 1-68

70 This course contains copyrighted material used by permission of Logical Operations, Inc.

71 Review Questions: 1. Which of the following is not a goal of security? A. Prevention B. Prosecution C. Detection D. Recovery 2. Which of the following could be described as a weakness in a system? A. Risk B. Threats C. 0-day D. Vulnerability 3. When looking at risk, you should consider the extent of damage that could be done along with what else? A. Likelihood B. Insurance C. Response teams D. Firewalls 4. A control is considered to be what? A. Keyboards B. Buttons on the mouse C. Countermeasure D. Social Engineering 5. Besides Prevention and Correction, what is the 3rd type of control? A. Detection B. Awareness C. Discouragement D. None of the above 6. In the CIA Triad, the I stands for what? A. Identification B. Integrity C. Information D. Inbound traffic

72 7. Using biometrics for authentication would be what type of authentication factor? A. Something you are B. Something you have C. Something you know D. Something you do 8. True or False: Using multi-factor authentication does not really help strengthen the process of authentication. A. True B. False 9. The owner of an object can determine the permissions to access that object. This is what type of access control model? A. MAC B. Role-based C. Rule-based D. DAC 10. Giving users just enough access/permissions to accomplish their job is known as what? A. Least Privilege B. Default - No Access C. Implicit Deny D. None of the above

73 Answer Key: 1. B Prosecution would be something sought after the security event occurred. 2. D A vulnerability is a weakness in a system, such as a flaw in a program, poor configuration, etc. 3. A We should evaluate risk based on the amount of damage (Single Loss Event) and the likelihood that this could occur. 4. C A control is a type of countermeasure used to reduce risk. 5. A Detection is the 3rd type of control. 6. B This is for Integrity, where the goal is to protect our information from accidental or malicious changes. 7. A This is the "something you are" authentication factor. 8. B False. Multi-factor authentication increases the strength of authentication, which in turn increases your security profile. 9. D This is known as Discretionary Access Control. 10. A This is the concept of Least Privilege, which also implies that if you don't have permission, then you should be denied access.

Protecting Information Assets - Week 10 - Identity Management and Access Control. MIS 5206 Protecting Information Assets

Protecting Information Assets - Week 10 - Identity Management and Access Control MIS5206 Week 10 Identity Management and Access Control Presentation Schedule Test Taking Tip Quiz Identity Management and