CompTIA^® Security+ Exam Notes : Given A Scenario,Troubleshooting Common Security Issues

2. Technologies and Tools

2.3 Given a scenario, troubleshoot common security issues

Whether required or not, several services are installed by default. Disabling the services that are not required will ensure better security for the system.

Scenario: You have recently productionized a web server after several internal checks. In the process of testing the server, you have created several sample files on the server. What should you do with such files when the server is put in production environment?

Solution: It is important that any extraneous files are removed from the server before making it available in production environment. Any such files may lead to security loop holes in ways that are not easily predictable.

Scenario: You are a network admin for an organization, and need to monitor the network traffic. What needs to be performed for monitoring the network traffic?

Solution: Your NIC card must be in promiscuous mode to be able to examine all the network traffic.

Content Filter: Internet content filter is used to block specific types of information from being passed on to the user. Other options are devious and not correct.

Software Backout procedure is a term used for restoring the system or software in the event of any recent failure due to upgrade.

Standard is a mandatory element in the implementation of policies, where as guidelines and procedures are descriptive.

Confidentiality, Integrity, and Availability are the three main goals when it comes to information security.

• Confidentiality: Confidentiality means that the message retains its privacy. To make data confidential, the organization must work hard to make sure that it can be accessed only by authorized individuals
• Integrity: means that the message can't be altered without detection. Authorization is necessory before data can be modified in any way, this is done to protect the data's integrity.
• Availability: means that data is obtainable regardless of how information is stored,accessed, or protected. It also means that data should be available regardless of the malicious attack that might be perpetrated on it.

These three principles should be applied when dealing with the security of hardware, software, or communications.

• 1. Threats, Attacks and Vulnerabilities
  • 1.1 Given a scenario, analyze and determine the type of malware
  • 1.2 Compare and contrast types of attacks
  • 1.3 Explain threat actor types and attributes
  • 1.4 Explain penetration testing concepts
  • 1.5 Explain vulnerability scanning concepts
  • 1.6 Explain the impact associated with types of vulnerabilities
• 2. Technologies and Tools
  • 2.1 Install and configure network components, both hardware and software-based, to support organizational security
  • 2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization
  • 2.3 Given a scenario, troubleshoot common security issues
  • 2.4 Given a scenario, analyze and interpret output from security technologies
  • 2.5 Given a scenario, deploy mobile devices securely
  • 2.6 Given a scenario, implement secure protocols
• 3. Architecture and Design
  • 3.1 Explain use cases and purpose for frameworks, best practices and secure configuration guides
  • 3.2 Given a scenario, implement secure network architecture concepts
  • 3.3 Given a scenario, implement secure systems design
  • 3.4 Summarize secure application development and deployment concepts
  • 3.5 Summarize cloud and virtualization concepts
  • 3.6 Explain how resiliency and automation strategies reduce risk
  • 3.7 Explain the importance of physical security controls
• 4. Identity and Access Management
  • 4.1 Compare and contrast identity and access management concepts
  • 4.2 Given a scenario, install and configure identity and access services
  • 4.3 Given a scenario, implement identity and access management controls
  • 4.4 Given a scenario, differentiate common account management practices
• 5. Risk Management
  • 5.1 Explain the importance of policies, plans and procedures related to organizational security
  • 5.2 Summarize business impact analysis concepts
  • 5.3 Explain risk management processes and concepts
  • 5.4 Explain disaster recovery and continuity of operations concepts
  • 5.5 Compare and contrast various types of controls
• 6. Cryptography and PKI
  • 6.1 Compare and contrast basic concepts of cryptography
  • 6.2 Explain cryptography algorithms and their basic characteristics
  • 6.3 Given a scenario, install and configure wireless security settings
  • 6.4 Given a scenario, implement public key infrastructure