Boise CompTIA Security+ Certification Bootcamp

Understanding Core Security Goals
What is a Use Case
Ensure Confidentiality
Provide Integrity
Increase Availability
Basic Risk Concepts
Understanding Control Types
Technical Controls
Administrative Controls
Physical Controls
Control Goals
Implementing Virtualization
Comparing Hypervisors
Application Cell or Container Virtualization
Secure Network Architecture
Running Kali Linux in a VM
Using Command Line tools
Windows Command Line
Linux Terminal

Understanding Switches and Getting Help
Understanding Case
PING
Ipconfig, ipconfig and ip
Netstat
Tracert
Arp

Understanding Identity and Access Management
Exploring Authentication Concepts
Comparing Identification and AAA
Comparing Authentication Factors
Summarizing Identification Methods
Troubleshooting AAA Issues
Comparing Authentication Services
Kerberos
NTLM
LDAP and LDAPS
Single Sign-On
Managing Accounts
Least Privilege
Need to Know
Account types
Standard Naming Conventions
Disablement Policies
Recovering Accounts
Time-of-Day Restrictions
Location Based Policies
Account Maintenance
Comparing Access Control Models
Role-Based Access Control
Using Roles Based on Jobs
Documenting Roles
Establishing Access with Groups
Discretionary Access Control
SIDs and DACLs
The Owner Establishes Access
Beware of Trojans
Mandatory Access Control
Attribute-Based Access Control
End of Day Checklist
Review and Class Questions

Reviewing Basic Networking Concepts
Basic Network Protocols
Implementing Protocols for Use Cases
Understanding and Identifying Ports
Understanding Basic Network Devices
Switches
Routers
Bridge
Aggregation Switch
Firewalls
Implementing a Secure Network
Zones and Topologies
DMZ
Understanding NAT and PAT
Network Separation
Physical Isolation and Airgaps
Logical Separation
Layer 2 vs Layer 3
Isolating Traffic with a VLAN
Media Gateways
Proxy Servers
Unified Threat Management
Mail Gateways
Exploring Advanced Security Devices
IDSs and IPSs
SSL / TLS Accelerators, Decryptors
SDN
Honeypots and Honeynets
IEEE 802.1x Security
Securing Wireless Networks

Reviewing Wireless Basics
Network Architecture Zones
Wireless Cryptographic Protocols
WPA, WPA2, TKIP vs CCMP
PSK, Enterprise and Open Modes
Authentication Protocols
Captive Portals
Understanding Wireless Attacks
Disassociation Attacks
WPS and WPS Attacks
Rogue AP
Evil Twin
Jamming Attacks
IV Attacks
NFC Attacks
Bluetooth Attacks
Wireless Replay Attacks
RFID Attacks
Misconfigured Devices
Using VPNs for Remote Access
VPNs and VPN Concentrators
Remote Access VPN
IPSec and TLS Tunneling Protocols
Split Tunnel, Site-to-Site and Always-On VPNs
Network Access Control
Hosts Health Checks
Permanent vs Dissolvable
Identity and Access Services
End of Day Checklist
Class Review

Securing Hosts and Data
Secure Systems
Secure Staging and Deployment
Hardware and Firmware Security
Summarizing Cloud Concepts
As a Service Models
SaaS
PaaS
IaaS
Security Responsibility with Cloud Models
Cloud Deployment Models
Deploying Mobile Devices Securely
Deployment Models
Connection Methods
Mobile Device Management (MDM)
Mobile Device Enforcement Monitoring

Unauthorized Software
Hardware Control
Unauthorized Connections
Exploring Embedded Systems
Security Implications and Vulnerabilities
Comparing Embedded Systems
Protecting Data
Protecting Confidentiality with Encryption
Data Loss Prevention (DLP)
Removable Media
Data Exfiltration
Cloud-Based DLP
Understanding Threat Actors
Determining Malware Types
Viruses
Worms
Backdoors, Trojans, and RAT
Ransomware, Spyware, Adware, Bots, and Rootkits
Recognizing Common Attacks
Social Engineering
Impersonation
Shoulder Surfing, Hoaxes, and Tailgating
Dumpster Diving

Watering Hole Attacks
Attacks Via Email and Phone
SPAM
Phishing, Spear Phishing, Whaling, and Vishing
Blocking Malware and Other Attacks
Protecting Systems from Malware
Anti-Virus, DEP, Malware Tools, and Spam Filters
Educating Users
New Viruses, Phishing Attacks, and Zero-Day Exploits
Why Social Engineering Works
Authority
Intimidation
Consensus
Scarcity and Urgency
Familiarity and Trust
Comparing Common Attacks
DoS vs DDoS
Privilege Escalation
Spoofing
SYN Flood Attacks
Man-in-the-Middle Attacks
ARP Poisoning Attacks
DNS Attacks
DNS Poisoning
Pharming Attack
DDoS DNS Attack
Amplification Attacks
Password Attacks
Brute Force, Dictionary, Pass the Hash, Birthday, and Rainbow Table
Replay Attacks
Known Plain Text
Hijacking Attacks (MitM, Domain Hijacking, and Browser)
Memory Buffer Vulnerabilities
Memory Leak
Integer Overflow
Buffer Overflow
Pointer Deference
DLL Injection
Summarizing Secure Coding Concepts
Compiled vs Runtime Code
Proper Input Validation
Client-Side and Server-Side Input Validation
Other Input Validation Techniques
Avoiding Race Conditions
Proper Input Handling
Cryptographic Techniques
Code Reuse, SDKs, Code Obfuscation, and Quality Testing
Development Life-Cycle Models
Secure DevOps
Version Control and Change Management
Provisioning and Deprovisioning
Identifying Application Attacks
Web Servers
Database Concepts
Normalization
SQL Queries
Injection Attacks
Cross-Site Scripting
Cross-Site Request Forgery
Understanding Frameworks and Guides
End of Day Checklist
Class Review

Understanding Risk Management
Threats and Threat Assessments
Vulnerabilities
Risk Management
Risk Assessment
Risk Registers
Supply Chain Assessment
Comparing Scanning and Testing Tools
Checking for Vulnerabilities
Password Crackers
Network Scanners and Banner Grabbing
Vulnerability Scanning
Credentialed Vs Non-Credentialed
Configuration Compliance Scanner
Obtaining Authorization
Penetration Testing
Passive and Active Reconnaissance
Initial Exploitation
Escalation of Privilege
Pivoting and Persistence
White, Gray, and Black Box Testing
Intrusive Vs Non-Intrusive Testing
Passive Vs Active Tools
Exploitation Frameworks
Using Security Tools
Sniffing with a Protocol Analyzer
Command-Line Tools
Tcpdump
Nmap
Netcat
Monitoring Logs for Events and Anomalies
OS Logs, Firewall and Router Logs, Linux Logs, and Other Logs
Security Information and Event Management (SIEM)
Implementing Defense in-depth
Comparing Physical Security Controls
Using Signs
Comparing Door Lock Types
Cipher Locks, Cards, and Biometrics
Tailgating
Mantraps, Guards, Cameras, Alarms, Barricades, and Hardware Locks

Asset Management
Implementing Environmental Controls
Heating, Ventilation, and AC
Hot and Cold Aisles
Fire Suppression and Environmental Monitoring
Shielding
Protected Cabling
Protected Distribution of Cabling
Faraday Cage
Adding Redundancy and Fault Tolerance
Single Point of Failure
Disk Redundancies
Raid-0, 1, 5, 6, and 10
Server Redundancy and High Availability
Failover Clusters for High Availability
Load Balancers
Clustering Vs Load Balancing
Power Redundancies
Protecting Data with Backups
Comparing Backup Types
Full, Differential, and Incremental
Snapshots
Testing Backups
Protecting Backups
Backups and Geographical Considerations
Comparing Business Continuity Elements
Business Impact Analysis (BIA)
Impacts- Privacy and Threshold Assessments
Recovery Time Objective (RTO)
Recovery Point Objective (RPO)
Comparing MTBF and MTTR
Continuity of Operations Planning (COOP)
Recovery Sites
Order of Restoration
Disaster Recovery

Understanding Cryptography and PKI
Introducing Cryptography Concepts
Providing Integrity with Hashing
MD5, SHA, HMAC, and RIPEMD
Hashing Files
Hashing Passwords
Key Stretching
Hashing Messages
Using HMAC
Providing Confidentiality with Encryption
Encryption Terms
Block Vs Stream Cipher
Cipher Modes
Symmetric Encryption
AES, DES, 3DES, RC4, Blowfish and Twofish
Asymmetric Encryption
Certificates
RSA
Static Vs Ephemeral Keys
Elliptical Curve Cryptography
Diffie-Hellman
Steganography
Using Cryptographic Protocols
Protecting Email
Digital Signatures
Encrypting Email
SMIME, PGP, and GPG
Using VPNs for Remote Access
VPNs and VPN Concentrators
Remote Access VPN
IPSec and TLS Tunneling Protocols
Split Tunnel, Site-to-Site and Always-On VPNs
HTTPS Transport Encryption
SSL Vs TLS
Encrypting with TLS
Cipher Suites
Implementation Vs Algorithm Selection
Downgrade Attacks on Weak Implementations
Exploring PKI Components
Certificate Authorities, Chaining, and Trust Models
Registrations and CSRs
Revocation and Certificate Issues
Public Key Pinning
Key Escrow
Recovery Agents
Comparing Certificate Types
Certificate Formats
End of Day Checklist
Review

Exploring Security Policies
Personnel Management Policies
Acceptable Use Policy
Mandatory Vacations
Separation of Duties
Job Rotation
Background Check, NDA, Exit Interview, and Onboarding

Policy Violations, and Adverse Actions
Other General Security Policies
Agreement Types
Protecting Data
Information Classification
Data Sensitivity Labeling and Handling
Data Destruction and Media Sanitation
Data Retention Policies
PII and PHI
Legal and Compliance Issues
Data Roles and Responsibilities
Responding to Incidents
Incident Response Plan
Incident Response Process
Implementing Basic Forensic Procedures
Order of Volatility
Data Acquisition and Preservation of Evidence
Chain of Custody
Legal Hold
Recovery of Data
Active Logging for Intelligence Gathering
Track Man-Hours and Expense
Providing Training
Role-Based Awareness Training
Continuing Education
Training and Compliance Issues
Troubleshooting Personnel Issues
Test