Difference between revisions of "Security+ Essentials"

Revision as of 15:40, 27 February 2008

1. About Security+ Essentials
   
   
2. Mandatory, Discretionary, Role and Rule Based Access Control
   • An Overview of Access Control
   • Mandatory Access Control
   • Discretionary Access Control
   • Role Based Access Control
   • Rule Based Access Control
     
     
3. Authentication and Identity Verification
   • What is Authentication?
   • Username and Password
   • Challenge Handshake Authentication Protocol (CHAP)
   • Kerberos Authentication
   • Mutual Authentication
   • Certificates
   • Authentication using Tokens
   • Biometrics
     
     
4. An Overview of IT Security Threats and Attacks
   • TCP and UDP Based Denial of Service (DoS) Attacks
   • Distributed Denial of Service (DDoS) Attacks
   • Back Door Attacks
   • IP and DNS Spoofing Attacks
   • Man in the Middle Attacks
   • Replay Attacks
   • TCP/IP Hijacking
   • Mathematical Attacks
   • Password Guessing
   • Brute Force Password Attacks
   • Dictionary Password Attacks
   • Password Cracking
     
     
5. Software Exploitation, Malicious Code and Social Engineering
   • Software Exploitation
   • Malicious Code
   • Viruses
   • Trojan Horses
   • Logic Bombs
   • Worms
   • Social Engineering
     
     
6. Identifying Common and Nonessential TCP/IP Ports and Services
   • Understanding Ports and Services
   • Securing Ports and Services
   • Port Scanning
   • Primary TCP/IP Ports and Assignments
     
     
7. Understanding Communications Security
   • Remote Access
   • Virtual Private Network (VPN) Communications
   • Point-to-Point-Tunneling Protocol (PPTP)
   • Layer 2 Tunneling Protocol (L2TP)
   • Internet Protocol Security (IPSec)
   • 802.11x Wireless Connections
   • Dial-Up Access
   • Terminal Access Controller Access Control System (TACACS)
   • Remote Authentication Dial-In User Service (RADIUS)
   • Terminal Access Controller Access Control System Plus(TACACS+)
   • Secure Shell (SSH)
     
     
8. The Basics of Email and Web Security
   • Email Security
   • Pretty Good Privacy (PGP)
   • Secure Multipurpose Internet Mail Extension (S/MIME)
   • Dealing with Spam Email
   • Web Based Security (SSL and TLS)
     
     
9. IT Infrastructure Security
   • Understanding Firewalls
   • Packet-Filtering Firewalls
   • Proxy Service Firewalls
   • Stateful Inspection Firewalls
   • Routers
   • Switches
   • Wireless
   • DSL and Cable Modems
   • Remote Access Service (RAS)
   • Telecom/PBX
   • Virtual Private Networks (VPN)
   • Intrusion Detection Systems (IDSs)
   • Network Monitoring and Diagnostics
   • Simple Network Management Protocol (SNMP)
     
     
10. IT Media Security Basics
    • Cable Media
    • Coax Cable
    • Shielded and Unshielded Twisted Pair Cable (UTP/STP)
    • Fiber Optic Cable
    • Removable Storage Media
    • Hard Drives
    • Diskettes
    • Tape Storage
    • CD-R/DVD
    • Electronic Media
      
      
11. Network Security Topologies
    • DMZ
    • Internet
    • Intranet
    • Extranet
    • Virtual Local Area Network (VLAN)
    • Network Address Translation (NAT)
    • Tunneling
      
      
12. Intrusion Detection Systems
    • An Overview of Intrusion Detection Systems
    • IDS Architecture
    • Host-based Intrusion Detections Systems (HIDS)
    • Strengths of Host-based Intrusion Detection Systems
    • Weaknesses of Host-based Intrusion Detection Systems
    • Network-based Intrusion Detection Systems (NIDS)
    • Strengths of Network-based Intrusion Detection Systems
    • Weaknesses of Network-based Intrusion Detection Systems
    • Responding to Incidents
      
      
13. Security Baselines and Operating System, Network and Application Hardening