This blog is here to help those preparing for CompTIA exams. This is designed to help the exam candidate to understand the concepts, rather than trust a brain dump.
CompTIA Security+ Exam Notes
Saturday, November 28, 2020
Blue, Red, White, & Purple Teams explained
Friday, November 27, 2020
DNS Record Types to know for the exam
DNS RECORD TYPES
Make sure you know the following DNA record types for this exam and how they are used:
A: host (IPv4). Maps the name to an IPv4 address.
AAAA: host (IPv6) Maps the name to an IPv6 address.
CNAME: (Canonical Name): Alias. Example: Sites that use www as the hostname of a webserver might call it something different internally such as Dallwebserver1.
MX: Mail Exchanger. This is used for an email server.
NS: Name Server. Provides a list of the authoritative DNS servers responsible for the domain that you are trying to query.
PTR: Pointer. This is a reverse record, it resolves IPv4 or IPv6 addresses to domain names.
SOA: Start of Authority. Keeps track of all of the DNS changes to help with replication.
TXT: Text. Stores descriptive information about the domain in a text format.
SPF: Sender Policy Framework. This helps prevent spammers from sending emails from your domain, using the email addresses of your email servers.
Thursday, November 26, 2020
What is HSTS?
HSTS
HSTS (HTTP Strict Transport Security)
This is enabled on the webserver. It is designed to prevent downgrade attacks such as SSL stripping and Man-in-the-Middle attacks. Even if the user enters HTTP into the URL the connection will either be blocked or if configured on the webserver it will automatically connect using HTTPS.
Tuesday, November 24, 2020
WIRELESS AUTHENTICATION METHODS
WIRELESS AUTHENTICATION METHODS
These
authenticate the device only. These devices do not use TLS as this is only used
with certificates. Do not use a username only a password (PSK).
· Built on RC4 – uses a
24-bit IV – PSK (Pre-Shared Key)
· Prone to IV (Initialization
Vector) attack
WPA
(Wi-Fi Protected Access)
· Built on RC4 – uses
TKIP (Temporal Key Integrity Protocol)
· Personal Mode (PSK) or
Enterprise Mode (with RADIUS)
· The PSK is prone to
brute force attacks
WPA2
(Wi-Fi Protected Access 2)
· Built on AES – uses
CCMP
· Personal Mode (PSK) or
Enterprise Mode (with RADIUS)
· The PSK is prone to brute
force attacks
· AES replaced RC4, CCMP
replaced TKIP
WPA3
(Wi-Fi Protected Access 3)
- Built on GCMP-256 (Galois/Counter Mode Protocol)
- Replaces PSK with SAE (Simultaneous Authentication of Equals)
WPS
(Wi-Fi Protected Setup)
- Connection normally used with a pushbutton
- If there is no push button, use the 8-digit PIN on the bottom of the AP
- Prone to a brute force attack, can be broken in less than 11,000 attempt
- Tools used for cracking WPS: Reaver, Wifite, Wash
The following
authenticate the user and require certificates. When using certificates you
must use TLS.
Enterprise Mode / 802.1x Authentication
- Using this method requires a RADIUS server
- Authentication can be accomplished with a username & password, smart card, or token
- Authentication is used against an enterprise directory service / AAA server / RADIUS
- 802.1x requires a Supplicant, Authenticator, and Authentication server (AAA / RADIUS)
EAP-TLS
(Extensible Authentication Protocol-Transport Layer Security)
- Certificates required on both the server and wireless device (Supplicant)
- Provides mutual authentication
- Authenticates the user – uses an enterprise directory service
EAP-TTLS
(Extensible Authentication Protocol – Tunneled Transport Layer Security)
- Certificate on the server only
- Authenticates the user - uses an enterprise directory service
- End-to-end protection of authentication credentials
PEAP
(Protected Extensible Authentication Protocol)
- Certificate on the server only
- Uses TLS
- Authenticates the user – uses an enterprise directory service
- End-to-end protection of authentication credentials
The following
authenticate the user and do not use certificates
LEAP
(Lightweight Extensible Authentication Protocol)
- Does not require certificates
- Replaced with EAP-FAST
EAP-FAST
(Flexible Authentication via Secure Tunneling)
- Does not use certificates
- Replaced LEAP
The following
is RADIUS federation
Multiple
organizations allow access to one another’s users
Uses
the native 802.1x client (Supplicant)
Each
organization has a RADIUS server and joins a mesh