CompTIA Security+ Exam Notes

CompTIA Security+ Exam Notes
Let Us Help You Pass

Thursday, August 12, 2021

PROTOCOL / PACKET ANALYZERS

 WIRESHARK / TCPDUMP

Wireshark is a free download in GUI format. The sniffer winpcap captures the traffic, and Wireshark analyzes it. 

With Wireshark, you can capture specific protocols or IP addresses. It also offers many different options for viewing protocols, flags, and the direction of the data stream. 

With Linux, you can use a command-line protocol analyzer, tcpdump. If the capture is saved as a .pcap file, it can be imported into Wireshark, making it easier to read. 

Specific ports can be port mirrored to capture that traffic. The NIC (Network Interface card) must have promiscuous mode enabled. On a Linux system, this can be enabled with the following command: "ifconfig eth0 promisc".

Posted by at No comments:
Labels: , , , ,

Sunday, August 8, 2021

DNS Troubleshooting & Penetration Testing Tools

 NSLOOKUP, DIG, DNSENUM

Nslookup is a DNS command-line troubleshooting tool. A penetration tester or hacker could use this tool to attempt a complete zone transfer. The example would include a command such as "set type=any."

Dig is also a DNS command-line troubleshooting tool. Both an attacker and a pentester could use this to attempt to perform a complete zone transfer. An example of this (dig axfr [domain name})

DNSENUM is a command-line tool used to enumerate domain DNS records and determine IP address ranges in use.
Posted by at No comments:
Labels: , ,

Friday, August 6, 2021

International Organization for Standardization (ISO) 27001/27002/27701/31000

ISO 27001/27002/27017/27701/31000


27001 - Provides requirements for an information security system. This lets other organizations know that your company meets security standards.

27002 - Classifies security controls

27017 - Guidelines for information security controls for cloud services

27701 - Focuses on personal data and privacy

31000 - Standards related to risk management, also referred to as ISO 31K

Posted by at No comments:
Labels: , , ,

Thursday, August 5, 2021

PCI DSS (Payment Card Industry Data Security Standard)

 Requirements for PCI DSS compliance

1. Install and maintain a firewall configuration to protect cardholder data
2. Do not use vendor-supplied defaults for system passwords and other security parameters
3. Protect stored cardholder data
4. Encrypt transmission of cardholder data across open, public networks
5. Use and regularly update anti-virus software or programs
6. Develop and maintain secure systems and applications
7. Restrict access to cardholder data by business need-to-know
8. Assign a unique ID to each person with computer access
9. Restrict physical access to cardholder data
10. Track and monitor all access to network resources and cardholder data
11. Regularly test security systems and processes
12. Maintain a policy that addresses information security for employees and contractors

Posted by at No comments:
Labels: ,

GDPR ( General Data Protextion Regulation)

 GDPR - Things to know for the exam

The General Data Protection Regulation regulates the protection of personal data for residents of the European Union.

The GDPR outlines the roles and responsibilities of data controllers and data processors.

The data controller is responsible for protecting privacy & website user rights.

The data protection officer (DPO) can advocate for the care and use of customer information.

A data protection officer ensures the organization complies with all relevant laws.

The data controller (sometimes called the data owner) is responsible for the data's use.

A data processor uses and manipulates the data on behalf of the data controller.



Posted by at No comments:
Labels: , , , , , ,
Subscribe to: Posts (Atom)