CompTIA Security+
A collection of notes taken while studying for the Security+ certification.
Introduction
Welcome to Security+. Let's grind this out before its graduation day. Challenges Sophisticated A...
Unit 1
Sophisticated Attacks
Complex attacks that are difficult to detect and thwart. Sophisticated attacks use common interne...
Proliferation of Attack Software
A wide variety of attack tools that are freely available on the Internet, making any reasonably k...
Attack Scale and Velocity
Modern attacks spread very quickly, up to millions of computers in a matter of minutes or even da...
Unit 2
Threat Actors
We need to create profiles of the different types of attacks we see. Historically, cybersecurity ...
General Attack Strategies
What are the most common methods attackers use to conduct an exploit? Attack Strategy Descript...
General Defense Strategies
What are the common methods organizations use to defend their systems from attacks? Methodolog...
Attack Surfaces
All the points at which a malicious actor could try to exploit a vulnerability. Any location or m...
Social Engineering
Use Loki's tactics to convince unsuspecting users to provide sensitive data or to violate securit...
Malware
Software that serves a malicious purpose, typically installed without the user's consent (or know...
Unit 3
Overview of Cryptography
The process of writing or solving messages using a secret code. This would be the proper definit...
Asymmetric Encryption
Where encryption and decryption are handled by two different keys. A user will generate a keypai...
Stream Ciphers
A symmetric encryption method that encrypts data one bit at a time. The stream cipher is based o...
Block Ciphers
A symmetric encryption algorithm that encrypts data in set chunks, with varying chunk sizes. Com...
Blockchain
A unique and increasingly popular implementation of cryptography that was developed in 2008. Blo...
Cryptographic Attacks
There is no such thing as a sure thing when it comes to protecting data stored on computer system...
GNU Privacy Guard
An encryption tool that encrypts emails, digitally signs them, and also encrypts documents. GPG ...
Unit 4
Smart Card Authentication
The usage of plastic cards (similar to credit cards) to store and use encrypted authentication in...
Linux Group Commands
Manage group accounts and group membership in the Linux operating system. Command Functio...
Network Federation
The notion that a network needs to be accessible to more than just a well-defined group of employ...
Unit 5
NAC Agents
How can devices connect to a network that has a robust access control configuration? NAC doesn't...
NAC Process
A terribly complicated four-step process that requires forethought when implementing network acce...
Implementing Switch Security
Learn what to look out for when hardening a switch.