Skip to main content

CompTIA Security+

A collection of notes taken while studying for the Security+ certification.

Introduction

Welcome to Security+. Let's grind this out before its graduation day. Challenges Sophisticated A...

Unit 1

Sophisticated Attacks

Complex attacks that are difficult to detect and thwart. Sophisticated attacks use common interne...

Proliferation of Attack Software

A wide variety of attack tools that are freely available on the Internet, making any reasonably k...

Attack Scale and Velocity

Modern attacks spread very quickly, up to millions of computers in a matter of minutes or even da...

Unit 2

Threat Actors

We need to create profiles of the different types of attacks we see. Historically, cybersecurity ...

General Attack Strategies

What are the most common methods attackers use to conduct an exploit? Attack Strategy Descript...

General Defense Strategies

What are the common methods organizations use to defend their systems from attacks? Methodolog...

Attack Surfaces

All the points at which a malicious actor could try to exploit a vulnerability. Any location or m...

Social Engineering

Use Loki's tactics to convince unsuspecting users to provide sensitive data or to violate securit...

Malware

Software that serves a malicious purpose, typically installed without the user's consent (or know...

Unit 3

Overview of Cryptography

The process of writing or solving messages using a secret code. This would be the proper definit...

Asymmetric Encryption

Where encryption and decryption are handled by two different keys. A user will generate a keypai...

Stream Ciphers

A symmetric encryption method that encrypts data one bit at a time. The stream cipher is based o...

Block Ciphers

A symmetric encryption algorithm that encrypts data in set chunks, with varying chunk sizes. Com...

Blockchain

A unique and increasingly popular implementation of cryptography that was developed in 2008. Blo...

Cryptographic Attacks

There is no such thing as a sure thing when it comes to protecting data stored on computer system...

GNU Privacy Guard

An encryption tool that encrypts emails, digitally signs them, and also encrypts documents. GPG ...

Unit 4

Smart Card Authentication

The usage of plastic cards (similar to credit cards) to store and use encrypted authentication in...

Linux Group Commands

Manage group accounts and group membership in the Linux operating system. Command Functio...

Network Federation

The notion that a network needs to be accessible to more than just a well-defined group of employ...

Unit 5

NAC Agents

How can devices connect to a network that has a robust access control configuration? NAC doesn't...

NAC Process

A terribly complicated four-step process that requires forethought when implementing network acce...

Implementing Switch Security

Learn what to look out for when hardening a switch.  

Unit 6

Physical Security

Lock the aliens out! Physical security is the first line of defense when it comes to physical ac...

Reconnaissance

Spy on the infidels!  The goal of monitoring is to keep track of conditions on the network, iden...

Unit 7

Vulnerability Types

add one proton, electron, or neutron to every atom in your body? You need to: patch outdated ...

Vulnerability Scanning

who is the single guy from pyeongyang, north korea on steam Generally Good Ideas Look for: o...
Back to top