PROTOCOL / PACKET ANALYZERS

 WIRESHARK / TCPDUMP

Wireshark: this is a free download that operates in a GUI format. The sniffer, winpcap, captures the traffic, and Wireshark is used to analyze it. 

With Wireshark, you can capture specific protocols or IP addresses. Many different options allowing you to view protocols and flags, and the direction of the data stream. 

With Linux, you can use a command-line protocol analyzer, tcpdump. If the capture is saved as a .pcap file it can then be imported into Wireshark making it easier to read. 

Specific ports can be port mirrored to capture that traffic. The NIC (Network Interface card) will need to have promiscuous mode enabled. On a Linux system, the can be enabled with the following command: "ifconfig eth0 promisc".

DNS Troubleshooting & Penetration Testing Tools

 NSLOOKUP, DIG, DNSENUM

Nslookup is a DNS command-line troubleshooting tool. A penetration tester or hacker could use this tool to attempt a complete zone transfer. The example would include a command such as "set type=any".

Dig is a DNS command-line troubleshooting tool also. Both an attacker or a pentester could use this to attempt to perform a complete zone transfer. An example of this (dig axfr [domain name})

DNSENUM is a command-line tool used to enumerate domain DNS records and determine IP address ranges in use.

International Organization for Standardization (ISO) 27001/27002/27701/31000

ISO 27001/27002/27017/27701/31000

27001 - Provides requirements for an information security system. This lets other organizations know that your company meets security standards.

27002 - Classifies security controls

27017 - Guidelines for information security controls for cloud services

27701 - Focuses on personal data and privacy

31000 - Standards related to risk management, also referred to as ISO 31K

PCI DSS (Payment Card Industry Data Security Standard)

 Requirements for PCI DSS compliance

1. Install and maintain a firewall configuration to protect cardholder data

2. Do not use vendor-supplied defaults for system passwords and other security parameters

3. Protect stored cardholder data

4. Encrypt transmission of cardholder data across open, public networks

5. Use and regularly update anti-virus software or programs

6. Develop and maintain secure systems and applications

7. Restrict access to cardholder data by business need-to-know

8. Assign a unique ID to each person with computer access

9. Restrict physical access to cardholder data

10. Track and monitor all access to network resources and cardholder data

11. Regularly test security systems and processes

12. Maintain a policy that addresses information security for employees and contractors

GDPR ( General Data Protextion Regulation)

 GDPR - Things to know for the exam

The General Data Protection Regulation regulates the protection of personal data for residents of the European Union.

The GDPR outlines the roles and responsibilities of data controllers and data processors.

The data controller is responsible for the protection of privacy & website user rights.

The data protection officer (DPO) can act as an advocate for care & use of customer information.

A data protection officer is responsible for ensuring the organization is complying with all relevant laws.

The data controller (sometimes referred to as the data owner) is responsible for how the data may be used.

A data processor uses and manipulates the data on behalf of the data controller. 

Password Policy

PASSWORD POLICY

The recommended minimum password length is 14 characters. With the advancement of CPU processing power & RAM, 8 character passwords are no longer recommended. 

To make a password strong avoid using words found in the dictionary or part of the username. Use at least 3 of the following four:
Uppercase letters (26 A through Z)
Lowercase letters (26 a through z)
Numbers (10 numbers 0-9)
Special characters (32 characters, like !, @, #, %, &, and *)

If you use an 8 character password with only lowercase letters, it is calculated as 26^8, or 208827064576 (208 billion) possibilities. Making the password 10 lowercase letters changes it to 141 trillion possibilities. 

With a desktop computer and a high-end graphics card, there are password-cracking tools capable of testing 20 billion passwords per second. An attacker could break the 10 character password in two hours.

Using the combination possibilities of utilizing all four character types will equal 94 characters. Change your password to 14 characters and use a combination of all four character types  (94^14) and the possibilities are mind-blowing, a little over 4 septillions. 

Password length: To make brute force attacks more difficult, enforce minimum length. 

Password history: A password history setting in Group Policy can be enabled for 24 passwords. The user would not be able to use their favorite password until 24 different passwords have been used. This needs to be enabled along with Password Minimum Age. If the user is using the same password after the Maximum Password Age (Password expiration) then Password History is not enabled.

Password Minimum Age: The default setting in Group Policy is 0, meaning the user could change their passwords multiple times on the same day to get back to their favorite password. The administrator would receive multiple password reset alerts. 

Passwordless Authentication Setup using SSH Commands

 Passwordless Authentication

This only requires three steps. Here are the steps in order:

1. ssh-keygen -t rsa

2. Ssh-copy-id -I ~/.ssh/id_rsa.pub user@server

3. Ssh root@server

CompTIA A+ Questions

 Here are CompTIA A+ Questions, more to be added daily

CompTIA Security+ Questions

We will add new questions each day

IPv4 Subnetting Videos

 Video 1. Intro to IPv4 Subnetting

Video 2.  Converting Dotted Decimal to Binary

Video 3. Subnetting Rules

Video 4. Basic Subnetting Part 1

Video 5. Basic Subnetting Part 2.