Video description
CompTIA® Security+ Video Course
SY0-201
Classroom Training from the Expert
30+ hours of personal video training from leading security expert Shon Harris
The fast, powerful way to prepare for your Security+ exam!
Get all the hands-on training you need to pass the tough CompTIA Security+ exam, get certified, and move forward in your IT security career! In this easy-to-use video, the world’s #1 information security trainer walks you through every skill and concept you’ll need to master. This video contains over 30 full hours of videos adapted from Shon Harris’s legendary five-day Security+ boot camps–including realistic labs, scenarios, case studies, and animations designed to build and test your knowledge in real-world settings!
Comprehensive coverage of all six Security+ domains of knowledge:
. Systems Security
. Network Infrastructure
. Access Control
. Assessment and Audits
. Cryptography
. Organizational Security
About the Shon Harris Security Series
This video is part of a complete library of books, online services, and videos designed to help security professionals enhance their skills and prepare for their certification exams. Every product in this series reflects Shon Harris’s unsurpassed experience in teaching IT security professionals.
Category: Security
System Requirements
OPERATING SYSTEM: Windows 2000, XP, or Vista; Mac OS X 10.4 (Tiger) or later
MULTIMEDIA: DVD drive; 1024 x 768 or higher display; sound card with speakers
COMPUTER: 500MHz or higher CPU; 128MB RAM or more
Table of contents
-
Course Introduction
- Introduction 00:06:59
-
Domain 1 – Systems Security
- Systems Security 00:01:06
- Security+ Placement 00:00:42
- Security+ and DoD 8570 Mandate 00:01:25
- Privilege Escalation 00:01:55
- Agenda 11 00:01:57
- Boot Sector Invasion 00:00:36
- Few Other Types 00:00:46
- How Do They Work? 00:01:27
- More Malware 00:02:16
- Blended Malware 00:02:11
- A Back Orifice Attack! 00:00:59
- NetBus 00:00:40
- Hoaxes 00:00:56
- Agenda 12 00:01:02
- Signature Scanning 00:00:58
- Monitoring Activities 00:00:56
- Monitoring for Changes 00:01:21
- More Bad Stuff 00:04:36
- Circumventing Access Controls 00:01:17
- Attacks 00:00:51
- TOC/TOU Examples 00:00:38
- Attack Type – Race Condition 00:01:50
- Attacking Through Applications 00:03:53
- How a Buffer Overflow Works 00:01:39
- Watching Network Traffic 00:01:23
- Traffic Analysis 00:01:07
- Functionally Two Different Types of Rootkits 00:01:19
- Examples of Trojaned Files 00:00:48
- Exploitation 00:02:10
- Trojans (2) 00:02:07
- Types of Trojan 00:01:56
- Back Orifice 2000 00:00:54
- Sub7 00:01:22
- Defenses to Trojan 00:01:39
- Backdoor 00:01:30
- How “Netcat†Works as a Backdoor 00:00:54
- VNC – Virtual Network Computing 00:01:22
- Backdoor Defenses 00:02:10
- Rootkit 00:01:26
- Popular Rootkits 00:00:44
- Unix Rootkit Prevention 00:04:21
- Windows Rootkit Prevention 00:01:08
- Botnet 00:01:35
- Show Me the Money! 00:01:12
- Botnet (2) 00:02:08
- Another Common Attack 00:01:02
- Identity Theft 00:01:19
- Fake Login Tools 00:00:42
- How Do These Attacks Work? 00:00:33
- Attempts to Get Your Credentials 00:01:02
- Instructional Emails 00:01:26
- Knowing What You Are Disposing of Is Important 00:01:18
- Other Examples 00:00:46
- Another Danger to Be Aware of… Spyware 00:02:07
- Is Someone Watching You? 00:02:11
- What Does This Have to Do with My Computer? 00:01:17
- Sometimes You Know that Software Is Installing on Your System 00:02:54
- Provide the Hackers with Tools 00:02:09
- Common Web Server Flaws 00:01:08
- Improper Data Validation 00:01:59
- Uniform Resource Locator (URL) 00:02:00
- Directory Traversal 00:01:04
- Buffer Overflow 00:00:57
- Cross-Site Scripting Attack 00:01:51
- Common SQL Injection Attack 00:01:30
- Attacking Mis-configurations 00:01:12
- CGI Information 00:00:44
- Logging Activities 00:00:43
- Are ALL Patches Applied? 00:00:39
- Instant Messaging 00:03:02
- Browser 00:04:07
- P2P 00:03:21
- P2P Security 00:01:06
- P2P Networks – Common Attacks 00:00:52
- Hardware Security 00:08:26
- Removable Media 00:01:08
- Magnetic Media 00:03:17
- Optical Media 00:01:53
- Electronic Media 00:01:16
- Memory Cards 00:01:27
- Memory Card Characteristics 00:00:35
- USB Devices 00:04:27
- Data Leakage Prevention 00:02:17
- NAS 00:03:45
- Security Templates 00:04:36
- Security Suite Components 00:06:10
- Security Best Practices – Summary 00:04:49
- Security Suite Components 00:03:06
- Personal Firewall 00:00:58
- Personal Firewall Features 00:02:08
- Antivirus 00:03:02
- Anti-spam 00:11:35
- Popup Blockers 00:01:08
- Security Suite 00:01:00
- Security Suite Components 00:01:16
- Virtualization Technology 00:00:49
- Virtual Machine 00:05:48
- VMWare 00:01:31
- Approaches to Application Virtualization 00:03:18
- Domain 1 Review 00:00:39
-
Domain 2 – Network Infrastructure
- Network Infrastructure 00:00:40
- Agenda 1 00:03:09
- Networking Communications 00:00:40
- An Older Model 00:01:40
- Data Encapsulation 00:02:02
- Application Layer 00:00:25
- OSI – Application Layer 00:02:08
- Presentation Layer 00:01:21
- OSI – Presentation Layer 00:01:16
- OSI – Session Layer 00:01:00
- Client/Server Model 00:00:56
- Client/Server Session Layer 00:01:15
- Transport Layer 00:01:52
- Transport Layer Analogy 00:01:07
- OSI – Network Layer 00:00:56
- Here to There 00:01:06
- Network Layer 00:00:44
- OSI – Data Link 00:01:49
- Data Link 00:02:05
- Sublayers 00:01:58
- OSI – Physical Layer 00:01:33
- Layers Working Together 00:06:22
- Devices Work at Different Layers 00:02:17
- Types of Networks 00:01:27
- Network Topologies – Physical Layer 00:00:37
- Topology Type – Bus 00:00:52
- Topology Type – Ring 00:01:46
- Topology Type – Star 00:00:55
- Network Topologies – Mesh 00:01:49
- Summary of Topologies 00:01:11
- Agenda 2 00:01:10
- Media Access 00:00:53
- One Goal of Media Access Technologies 00:00:42
- Collision Domain 00:00:58
- Back Off, Buddy 00:01:30
- Carrier Sense Multiple Access 00:01:11
- CSMA/Collision Avoidance (CSMA/CA) 00:01:24
- Media Access Technologies – Ethernet 00:02:09
- Media Access Technologies – Token Passing 00:02:55
- Token’s Role 00:00:46
- Other Technologies 00:01:07
- Media Access Technologies – Polling 00:01:02
- Agenda 3 00:01:39
- Cabling Types – Twisted Pair 00:01:29
- Cable Types 00:00:56
- Multimode versus Single Mode 00:01:12
- Signal and Cable Issues 00:00:52
- Signaling Issues 00:01:04
- Transmission Types – Analog and Digital 00:01:53
- Transmission Types – Synchronous 00:00:57
- Asynchronous 00:00:42
- Transmission Types 00:02:08
- Cabling Issues – Plenum-Rated 00:01:57
- Transmission Types – Number of Receivers 00:02:30
- Internet Group Management Protocol 00:00:54
- Multicasting 00:00:52
- Network Technologies 00:01:14
- Extranet 00:00:42
- Network Technologies (Cont.) 00:01:14
- EDI Evolution 00:00:38
- Networking Devices 00:01:50
- Network Device – Hub 00:00:48
- Networking Device – Bridge 00:01:26
- Forwarding Table Example 00:01:21
- Network Devices – Switch 00:00:55
- Virtual LAN 00:01:24
- VLAN 00:00:53
- Interfaces and VLANs 00:02:14
- Sniffers 00:03:13
- Networking Devices – Router 00:02:14
- Hops 00:00:56
- Routers 00:00:49
- Bridges Compared to Routers 00:01:29
- Network Devices – Gateway 00:00:54
- Agenda 4 00:02:09
- Client Ports 00:01:34
- Conceptual Use of Ports 00:00:47
- TCP/IP Suite 00:01:09
- UDP versus TCP 00:02:29
- TCP Segment 00:00:50
- SYN Flood 00:03:29
- Teardrop Attack 00:02:05
- Source Routing 00:01:03
- Source Routing Types 00:00:52
- IP Address Ranges 00:02:56
- IPv6 00:02:25
- Protocols 00:00:11
- Protocols – ARP 00:01:09
- IP to MAC Mapping 00:00:50
- How ARP Works 00:01:27
- ARP Poisoning 00:01:13
- ICMP Packets 00:01:22
- A Way Hackers Use ICMP 00:01:19
- Ping Steps 00:01:30
- Protocols – SNMP 00:00:49
- SNMP in Action 00:03:20
- SNMP 00:01:48
- SNMP Output 00:00:58
- POP3 and SMTP 00:00:47
- Protocols – SMTP 00:00:33
- Mail Relay 00:02:00
- Protocols – FTP, TFTP, Telnet 00:02:36
- Protocols – RARP and BootP 00:01:18
- DHCP – Dynamic Host Configuration Protocol 00:01:04
- Agenda 5 00:01:49
- Network Configurations 00:01:07
- DMZ Configurations 00:01:05
- Firewall Comparisons 00:00:44
- Network Devices – Firewalls 00:02:25
- Packet Filtering Firewall 00:01:56
- Packet Filtering Firewall Weaknesses 00:00:57
- Packet Filtering 00:00:35
- Rule Set Example 00:01:22
- Firewall Types – Proxy Firewalls 00:01:50
- Firewall Types – Circuit-Level Proxy Firewall 00:02:17
- Firewall Types – Application-Layer Proxy 00:03:30
- Application-Layer Proxy Advantages 00:00:44
- Application-Layer Proxy Disadvantages 00:01:01
- Dedicated Proxy Servers 00:00:57
- Firewall Types – Stateful 00:05:06
- Compare 00:03:35
- Firewall Types – Kernel Proxies 00:01:31
- Firewall Based VPN Devices 00:00:51
- Best Practices 00:02:58
- Firewall Placement 00:01:18
- Packet Filtering (Cont.) 00:00:36
- Screened Host 00:01:14
- Firewall Architecture Types – Multi- or Dual-Homed 00:01:24
- Screened Subnet 00:02:25
- Agenda 6 00:00:47
- Dial-Up Protocol – SLIP 00:00:46
- Dial-Up Protocol – PPP 00:01:01
- PPP 00:00:51
- PPP versus SLIP 00:01:31
- Authentication Protocols – PAP 00:00:45
- Authentication Protocols – CHAP 00:02:15
- Authentication Protocol – EAP 00:01:24
- Data Inspection 00:03:44
- Virtual Private Network Technologies 00:00:16
- What Is a Tunneling Protocol? 00:01:01
- Analogy 00:01:01
- Examples 00:00:58
- Tunneling Protocols – PPTP 00:01:08
- Tunneling Protocols – L2TP 00:02:35
- L2TP Encapsulation 00:00:30
- Tunneling Protocols – IPSec 00:00:48
- IPSec Basic Features 00:03:55
- IPSec Modes 00:00:35
- Security Associations (SAs) 00:04:01
- Combining Sas 00:02:42
- Agenda 7 00:01:20
- Layer 3 at Layer 2 00:00:59
- MPLS 00:01:09
- Multiprotocol Label Switching 00:01:13
- Quality of Service (QoS) 00:01:48
- QoS Services 00:00:49
- Autonomous Systems 00:02:04
- Routing Protocols 00:02:16
- Routing 00:01:51
- Routing Protocols (Cont.) 00:02:04
- OSPF 00:01:22
- IGRP 00:00:40
- BGP 00:02:39
- Routing Protocol Attacks 00:00:54
- Metropolitan Area Network Technologies 00:01:23
- FDDI 00:00:49
- SONET Rings 00:01:17
- MAN Technologies – SONET 00:00:34
- Connecting Networks 00:01:30
- Network Services 00:01:33
- DNS Server Structure 00:01:14
- Name Resolving Steps 00:03:32
- Split DNS 00:01:02
- Host Name Resolution Attacks 00:03:37
- Network Service – NAT 00:03:26
- PAT 00:01:00
- NIS 00:00:43
- Storing Data 00:00:45
- NIS+ Authentication 00:00:38
- Agenda 8 00:01:10
- PSTN 00:00:58
- Circuit Switching 00:00:41
- Steps of Connections 00:00:45
- Multiplexing 00:01:40
- Types of Multiplexing 00:00:53
- TDM Process 00:00:23
- Statistical Time Division Multiplexing 00:01:21
- FDM 00:01:25
- Packet Switching 00:02:28
- Circuit versus Packet Switching 00:01:24
- WAN Technologies – Packet Switched 00:00:17
- WAN Technologies – X.25 00:00:54
- X.25 00:01:09
- WAN Technologies – Frame Relay 00:01:47
- WAN Example 00:00:44
- Frame Relay 00:02:26
- WAN Technologies – ATM 00:01:21
- Cell Switching 00:00:46
- Wide Area Network Technologies 00:01:02
- WAN Technologies – ISDN 00:01:10
- On-Demand 00:00:26
- ISDN Service Types 00:00:34
- WAN Technologies – DSL 00:02:38
- WAN Technologies – Cable Modem 00:01:37
- Cable Modems 00:01:26
- Satellites 00:00:39
- Hybrid Connection 00:00:52
- Satellite Coverage 00:00:40
- Network Perimeter Security 00:01:03
- Complexity only Increases 00:01:04
- A Layered Approach 00:00:37
- Agenda 9 00:00:44
- PSTN (Cont.) 00:01:54
- Private Branch Exchange 00:01:50
- PBX Vulnerabilities 00:01:33
- PBX Best Practices 00:01:44
- IP Telephony 00:03:00
- IP Telephony Components 00:00:36
- Media Gateways 00:01:51
- IP Telephony Issues 00:01:15
- Telephony Protection Mechanisms 00:00:36
- Telephony Security 00:02:39
- IP Telephony with Wireless 00:00:32
- IP Phones Security 00:02:13
- Mobile Technology Generations 00:01:55
- Mobile Phone Security 00:01:23
- Mobile Device Security 00:01:22
- Cell Phone 00:02:40
- Agenda 10 00:00:25
- Wireless Technologies – Access Point 00:01:54
- Wireless Frequencies 00:01:10
- Alphabet Soup of Standards 00:06:01
- Spread Spectrum 00:05:50
- OFDM 00:00:42
- Where Does Spread Spectrum Work? 00:02:10
- 802.11n 00:01:09
- Wireless Technologies – Access Point (Cont.) 00:01:01
- Architectures 00:00:46
- Wireless Technologies – Service Set ID 00:01:46
- Authenticating to an AP 00:01:03
- 802.11 Authentication 00:02:27
- Wireless Technologies – WEP 00:01:58
- Wireless Technologies – More WEP Woes 00:02:41
- Lack of Integrity 00:01:45
- Frequency Management 00:01:19
- 802.11 Security Solutions 00:04:12
- 802.1x 00:01:20
- 802.1x Authentication 00:05:08
- Types of 802.11 Security 00:01:22
- IEEE 802.11i Standard 00:02:07
- Wireless EAP 00:05:50
- Wireless Technologies – Common Attacks 00:05:20
- Wireless Technologies – War Driving 00:01:59
- NetStumbler Example 00:00:44
- Warchalking 00:01:33
- Countermeasures 00:04:56
- Wireless Attacks 00:02:10
- Wormhole Attack 00:00:48
- Wireless Technologies – WAP 00:00:44
- Wireless Technologies – WTLS 00:01:31
- i-mode 00:00:36
- Bluetooth 00:01:01
- Vampire Tap 00:01:53
- Tapping 00:00:41
- Fiber Tapping 00:01:20
- Domain Name Kiting 00:00:58
- Null Session 00:01:15
- Sniffers (Cont.) 00:03:09
- Packet Sniffer 00:01:20
- Packet Sniffer – Uses 00:00:48
- Spoofing Attacks 00:00:40
- E-mail Spoofing 00:01:25
- Spoofing – Instructional E-mails 00:01:00
- Email Spoofing – Common Messages 00:00:38
- Countermeasures (Cont.) 00:01:38
- Authentication and Encryption 00:00:47
- IP Spoofing 00:00:56
- Header Components 00:00:45
- Man-in-the-Middle 00:01:51
- Man-in-the-Middle Attack 00:00:23
- Replay Attack 00:01:00
- Countermeasures (Cont.) 00:01:46
- Session Hijacking 00:01:47
- Programs For Session Hijacking 00:00:32
- TCP/IP Hijacking 00:00:41
- Sequence Numbers 00:01:08
- Finding TCP Sequence Numbers 00:01:05
- SYN, SYN/ACK, ACK and ISN 00:00:27
- Denial of Service 00:01:46
- Reasons for DoS Attacks 00:00:33
- TCP Handshake 00:03:32
- SYN Flood (Cont.) 00:01:03
- TCP 00:00:37
- SYN Attacks Defense 00:02:07
- UDP Floods 00:01:21
- DDoS 00:01:45
- DDoS – Example 00:01:19
- DDoS Countermeasures 00:02:10
- Subnetting 00:01:55
- Network Access Control (NAC) 00:02:12
- NAC – Features and Benefits 00:00:57
- NAC Architecture 00:01:27
- Honeypot 00:02:05
- Honeypot – Types 00:01:32
- Honeypot (2) 00:00:51
- Honeynet 00:01:39
- Types of Honeypots 00:01:41
- Internet Content Filters 00:03:24
- Bluesnarfing 00:02:14
- Domain 2 Review 00:00:38
-
Domain 3 – Access Control
- Access Control 00:00:08
- Access Control 00:00:43
- Definitions 00:01:05
- Access Control Mechanism Examples 00:01:03
- Technical Controls 00:00:54
- Access Control Characteristics 00:03:25
- Preventive Controls 00:00:56
- Preventive – Administrative Controls 00:01:15
- Fake Login Pages Look Convincing 00:01:05
- Detective – Administrative Control 00:02:08
- Detective Examples 00:00:48
- Administrating Access Control 00:01:25
- OS, Application, Database 00:00:36
- Administrating Access Control 00:01:00
- Authorization Creep 00:00:59
- Accountability and Access Control 00:01:26
- Trusted Path 00:03:00
- Fake Login Pages Look Convincing 00:01:44
- Who Are You? 00:02:08
- Identification Issues 00:00:48
- Authentication Mechanisms Characteristics 00:00:44
- Strong Authentication 00:02:01
- Fraud Controls 00:02:40
- Internal Control Tool: Separation of Duties 00:01:14
- Authentication Mechanisms in Use Today 00:00:24
- Biometrics Technology 00:01:05
- Biometric Devices 00:00:27
- Example 00:01:12
- Verification Steps 00:01:33
- Why Use Biometrics? 00:00:38
- Biometric Type 00:01:44
- Iris Sampling 00:00:40
- Finger Scan 00:00:58
- Hand Geometry 00:00:39
- Facial Recognition 00:01:44
- Comparison 00:00:52
- Biometrics Verification 00:00:40
- Issues 00:01:02
- Biometrics Error Types 00:01:59
- Crossover Error Rate 00:01:45
- Biometric System Types 00:02:52
- Passwords 00:00:40
- Password Generators 00:00:55
- Password “Shoulds†00:03:31
- Password Attacks 00:01:05
- Attack Steps 00:02:50
- Many Tools to Break Your Password 00:00:53
- Rainbow Table 00:01:27
- Passwords Should NOT Contain… 00:01:26
- Countermeasures for Password Cracking 00:01:06
- Cognitive Passwords 00:00:47
- One-Time Password Authentication 00:01:36
- Synchronous Token 00:01:02
- One Type of Solution 00:02:34
- Synchronous Steps 00:00:48
- Challenge Response Authentication 00:04:17
- Asynchronous Token Device 00:00:35
- Asynchronous Steps 00:02:52
- Challenge Response Authentication 00:01:05
- Passphrase Authentication 00:01:30
- Key Protection 00:02:15
- Smart Card 00:00:56
- Characteristics 00:01:09
- Card Types 00:00:50
- Smart Card Attacks 00:01:34
- Software Attack 00:01:02
- Side Channel Attack 00:01:18
- Side Channel Data Collection 00:00:50
- Microprobing 00:00:53
- Identity Management 00:02:19
- How Are These Entities Controlled? 00:00:55
- Some Current Issues 00:01:22
- Management 00:03:01
- Typical Chaos 00:00:49
- Different Identities 00:01:45
- Identity Management Technologies 00:00:48
- Directory Component 00:01:17
- Enterprise Directory 00:00:48
- Directory Responsibilities 00:01:03
- Authoritative Sources 00:01:47
- Meta Directory 00:02:26
- Directory Interactions 00:01:46
- Web Access Management 00:01:27
- Web Access 00:05:09
- Password Management 00:02:21
- Legacy Single Sign-On 00:02:47
- Account Management Systems 00:02:23
- Provisioning Component 00:01:56
- Provisioning 00:01:59
- Not Just Computers 00:00:46
- Profile Update 00:01:29
- Working Together 00:03:28
- Enterprise Directory 00:01:00
- Identity Management Solution Components 00:00:36
- Right for Your Company 00:02:17
- Federated Identity 00:02:59
- Different Technologies 00:00:56
- Single Sign-on Technology 00:00:30
- Single Sign-on 00:01:50
- Directory Services as a Single Sign-on Technology 00:01:04
- Active Directory 00:00:57
- Security Domain 00:01:27
- Domains of Trust 00:00:34
- Domain Illustration 00:00:29
- Thin Clients 00:00:59
- Example 00:01:13
- Kerberos as a Single Sign-on Technology 00:00:52
- Kerberos Components Working Together 00:01:48
- Pieces and Parts 00:00:13
- More Components of Kerberos 00:00:32
- KDC Components 00:00:40
- Kerberos Steps 00:09:08
- Tickets 00:02:00
- Steps of Validation 00:01:16
- Kerberos Security 00:01:30
- Issues Pertaining to Kerberos 00:01:25
- Kerberos Issues 00:01:31
- SESAME as a Single Sign-on Technology 00:00:38
- SESAME Steps for Authentication 00:02:18
- Combo 00:01:22
- Models for Access 00:00:54
- Access Control Models 00:00:14
- Discretionary Access Control Model 00:00:46
- ACL Access 00:02:08
- Enforcing a DAC Policy 00:00:52
- Security Issues 00:01:20
- Mandatory Access Control Model 00:01:50
- MAC Enforcement Mechanism – Labels 00:02:06
- Formal Model 00:00:57
- Software and Hardware 00:00:58
- Software and Hardware Guards 00:01:09
- Where Are They Used? 00:00:44
- SELinux 00:00:31
- MAC versus DAC 00:01:14
- Role-Based Access Control 00:01:14
- RBAC Hierarchy 00:01:44
- RBAC and SoD 00:00:46
- Acquiring Rights and Permissions 00:00:47
- Rule-Based Access Control 00:02:30
- Access Control Matrix 00:01:37
- Capability Tables 00:00:34
- Temporal Access Control 00:00:54
- Access Control Administration 00:00:43
- Access Control Methods 00:00:36
- Centralized Approach 00:00:54
- Remote Centralized Administration 00:01:35
- RADIUS 00:00:39
- RADIUS Steps 00:00:55
- RADIUS Characteristics 00:01:17
- TACACS+ Characteristics 00:01:36
- Diameter Characteristics 00:02:27
- Diameter Protocol 00:01:01
- Mobile IP 00:01:36
- Diameter Architecture 00:01:41
- Two Pieces 00:01:09
- AVP 00:03:46
- Decentralized Access Control Administration 00:01:45
- Controlling Access to Sensitive Data 00:02:01
- Protecting Access to System Logs 00:02:05
- Accountability = Auditing Events 00:00:44
- Agenda 2 00:02:19
- IDS Steps 00:01:26
- Network IDS Sensors 00:02:00
- Host IDS 00:01:31
- Combination 00:01:38
- Types of IDSs 00:02:32
- Signature-Based Example 00:02:29
- Behavior-Based IDS 00:03:32
- Statistical Anomaly 00:01:05
- Statistical IDS 00:00:45
- Protocol Anomaly 00:01:45
- What Is a Protocol Anomaly? 00:01:30
- Protocol Anomaly Issues 00:00:48
- Traffic Anomaly 00:03:47
- IDS Response Mechanisms 00:01:10
- Responses to Attacks 00:01:37
- IDS Issues 00:01:55
- Intrusion Prevention System 00:02:19
- Differences 00:00:24
- Vulnerable IDS 00:00:47
- Trapping an Intruder 00:01:43
- Controlling Remote Access 00:10:39
- Remote Authentication 00:02:14
- Mutual Authentication 00:02:47
- Without Mutual Authentication 00:02:23
- Group Policies 00:01:55
- File and Print Resources 00:02:15
- File and Print Resources – Protection 00:02:07
- Physical Access Security 00:00:48
- Different Types of Threats 00:00:42
- Wake Up Call 00:00:35
- Not Just Hacking 00:00:37
- Number One Priority 00:01:19
- Physical Security Program Goals 00:01:41
- Planning Process 00:01:35
- Risk Assessment Needs to be Carried Out 00:01:04
- Deterrence Options 00:01:06
- Delay 00:00:19
- Layered Defense Model 00:00:49
- Detection 00:01:04
- Weak Link in the Chain 00:00:41
- Agenda 1 00:01:20
- Crime Prevention through Environmental Design 00:02:14
- CPTED Main Strategies 00:00:39
- Target Hardening 00:00:42
- Access Barriers 00:02:11
- Facility Construction 00:00:49
- Construction Materials 00:00:43
- Rebar Encased in Concrete 00:00:24
- Data Center 00:01:04
- Designing a Secure Site 00:01:24
- Door Types 00:01:51
- Window Types 00:01:13
- Sensitive Areas 00:01:00
- Security Zones 00:00:16
- Various Sensors 00:00:14
- Lock Types 00:01:47
- Entry Access Control 00:01:53
- Wireless Proximity Devices 00:00:49
- Device Types 00:00:42
- Piggybacking 00:00:49
- Entrance Protection 00:01:19
- Door Configurations 00:00:32
- External Boundary Protection 00:02:54
- Fencing Characteristics 00:00:42
- Fencing Issues 00:00:50
- Gates 00:01:40
- Lighting Issues 00:01:09
- Perimeter Security – Security Guards 00:00:42
- Guard Tasks 00:01:03
- Security Guards 00:01:57
- CCTV 00:04:27
- Agenda 2 00:01:00
- Intrusion Detection Characteristics 00:01:04
- Electro-Mechanical Sensors 00:01:12
- Volumetric Sensors 00:02:07
- Alarm Systems 00:00:45
- Securing Mobile Devices 00:02:08
- Agenda 3 00:00:27
- HVAC Attributes 00:01:38
- Environmental Considerations 00:01:01
- Who’s Got Gas? 00:01:04
- Documentation of Procedures 00:06:30
- Power Preventive Measures 00:01:46
- Device Protection 00:01:14
- Agenda 4 00:01:25
- Automatic Detector Mechanisms 00:02:18
- Fire Detection 00:01:34
- Fire Types 00:02:56
- Emergency Power Off Switch 00:01:09
- Fire Suppression Systems 00:04:24
- Fire Extinguishers 00:00:47
- Emergency Procedures 00:01:41
- Domain 3 Review 00:00:46
-
Domain 4 – Assessments and Audits
- Assessments and Audits 00:00:56
- Risk Management 00:00:56
- Why Is Risk Management Difficult? 00:01:24
- Necessary Level of Protection Is Different for Each Organization 00:00:56
- Security Team/Committee 00:01:42
- Risk Management Process 00:00:30
- Planning Stage – Team 00:01:05
- Planning Stage – Scope 00:02:04
- Planning Stage – Analysis Method 00:01:01
- Risk Management Tools 00:01:50
- Defining Acceptable Levels 00:02:24
- Acceptable Risk Level 00:00:52
- Collecting and Analyzing Data Methods 00:01:04
- What Is a Company Asset? 00:00:48
- Data Collection – Identify Assets 00:01:01
- Data Collection – Assigning Values 00:01:34
- Asset Value 00:01:03
- Data Collection – Identify Threats 00:01:20
- Data Collection – Calculate Risks 00:01:38
- Scenario Based – Qualitative 00:00:43
- Risk Approach 00:00:40
- Qualitative Analysis Steps 00:00:56
- Want Real Answers? 00:00:53
- Qualitative Risk Analysis Ratings 00:01:02
- Quantitative Analysis Steps 00:01:37
- How Often Will This Happen? 00:00:37
- ARO Values and Their Meaning 00:03:27
- ALE Value Uses 00:00:48
- Relationships 00:00:29
- Calculate Risks – ALE Example 00:01:46
- Your Turn! 00:00:20
- ALE Calculation 00:00:56
- Can a Purely Quantitative Analysis Be Accomplished? 00:01:25
- Risk Types 00:00:39
- Examples of Types of Losses 00:00:35
- Delayed Loss 00:00:50
- Cost/Benefit Analysis 00:00:58
- Cost of a Countermeasure 00:01:21
- Cost/Benefit Analysis Countermeasure Criteria 00:02:55
- Calculating Cost/Benefit 00:01:01
- Controls 00:02:01
- Quantitative Analysis 00:02:09
- Qualitative Analysis Disadvantages 00:00:49
- Can You Get Rid of All Risk? 00:02:34
- Uncertainty Analysis 00:01:11
- Dealing with Risk 00:01:20
- Management’s Response to Identified Risks 00:01:51
- Risk Acceptance 00:01:42
- Risk Analysis Process Summary 00:01:08
- Remote Access Security 00:03:16
- Remote Access 00:01:31
- Administering Systems Remotely 00:01:36
- Facsimile Security 00:01:32
- Support Systems 00:01:24
- Agenda 6 00:00:58
- Testing for Vulnerabilities 00:01:05
- Vulnerability Assessments 00:00:15
- Security Testing Issues 00:02:07
- Vulnerability Scanning 00:00:48
- Basic Scanner 00:00:55
- Data Leakage – Keystroke Logging 00:00:58
- Password Cracking 00:02:10
- One of Many Tools 00:00:35
- War Dialing 00:00:39
- PhoneSweep 00:00:36
- Wardialing Output 00:00:27
- War Driving 00:00:40
- Wireless Reconnaissance Output 00:01:27
- Wireless Attacks 00:01:19
- Penetration Testing 00:02:52
- Testing Steps 00:01:19
- Testing Methodology 00:02:58
- Automated Pen Testing Tools Canvas Operation 00:01:00
- Penetration Testing 00:01:18
- Automated Pen Testing Tools Core Impact Operation 00:00:37
- Post-Testing and Assessment Steps 00:02:14
- Penetration Testing Variations 00:00:55
- Types of Testing 00:01:17
- Protection Mechanism – Honeypot 00:01:49
- Log Reviews 00:01:05
- Nmap 00:01:20
- Nmap – Options 00:00:51
- Nmap – Command line 00:00:46
- Nmap (2) 00:00:36
- Zenmap 00:00:20
- OVAL 00:04:37
- Network Performance Monitoring 00:01:17
- Network Monitoring 00:01:00
- Network Monitoring – Features 00:01:41
- System Monitoring 00:03:28
- Performance Baseline 00:01:23
- Establishing a Performance Baseline 00:01:21
- Monitoring Methodologies 00:00:04
- Signature Based Monitoring 00:00:49
- Behavior Based Monitoring 00:01:10
- Anomaly Based Monitoring 00:01:12
- Statistical Based Monitoring 00:00:35
- Log Management 00:03:04
- Logging Activities 00:01:19
- Log Reviews 00:01:49
- Security Logs 00:01:02
- Protecting Access to System Logs 00:01:00
- Accountability = Auditing Events 00:01:14
- Auditing 00:01:07
- Privilege Auditing 00:00:41
- Usage Auditing 00:00:46
- Escalation Auditing 00:00:43
- Retention and Storage 00:00:38
- Retention and Storage Policies 00:01:27
- Data Retention and Storage 00:02:02
- Resource Protection 00:00:52
- Library Maintenance 00:01:06
- Media Labels 00:01:19
- Software Escrow 00:01:27
- Weak Link 00:00:17
- Liabilities of Insecure Disposal of Information 00:00:24
- Devastating to the Company 00:01:17
- Safe Disposal 00:00:16
- Degaussing 00:00:27
- Zeroization 00:01:30
- Physical Destruction 00:00:20
- Remaining Data 00:00:25
- Why Not Just Delete the Files? 00:01:46
- Domain 4 Review 00:01:05
-
Domain 5 – Cryptography
- Cryptography 00:00:43
- Services Provided by Cryptography 00:01:13
- Cryptographic Definitions 00:01:15
- Cipher 00:01:36
- A Few More Definitions 00:01:09
- Need Some More Definitions? 00:01:24
- Symmetric Cryptography – Use of Secret Keys 00:01:23
- Scytale Cipher 00:01:03
- Substitution Ciphers 00:01:55
- Simple Substitution Cipher Atbash 00:01:19
- Simple Substitution Cipher Caesar Cipher 00:01:59
- Simple Substitution Cipher ROT13 00:01:33
- Historical Uses 00:01:14
- Polyalphabetic Cipher – Vigenere Cipher 00:02:50
- Enigma Machine 00:02:33
- U-Boats had Enigma Machines 00:03:11
- Historical Uses of Symmetric Cryptography – Running Key and Concealment 00:03:01
- Agenda 1 00:01:30
- Key and Algorithm Relationship 00:02:27
- Does Size Really Matter? 00:00:35
- Key Space 00:01:20
- Ways of Breaking Cryptosystems – Brute Force 00:01:53
- Brute Force Components 00:00:44
- Ways of Breaking Cryptosystems – Frequency Analysis 00:01:40
- Strength of a Cryptosystem 00:01:40
- Do You Know What You are Doing?
- Developing Cryptographic Solutions In-House
- Characteristics of Strong Algorithms
- Open or Closed More Secure?
- Agenda 2
- Type of Symmetric Cipher – Block Cipher
- S-Boxes Used in Block Ciphers
- Binary Mathematical Function 1
- Type of Symmetric Cipher – Stream Cipher
- Symmetric Characteristics
- Initialization Vectors
- Security Holes
- Strength of a Stream Cipher
- Let’s Dive in Deeper
- Out-of-Band Transmission
- Symmetric Key Management Issue
- Why?
- Asymmetric Cryptography
- Key Functions
- Public Key Cryptography Advantages
- Asymmetric Algorithm Disadvantages
- Confusing Names
- Symmetric versus Asymmetric
- Questions 1
- When to Use Which Key
- Using the Algorithm Types Together
- Encryption Steps
- Receiver’s Public Key Is Used to Encrypt the Symmetric Key
- Receiver’s Private Key Is Used to Decrypt the Symmetric Key
- Digital Envelope
- Secret versus Session Keys
- Asymmetric Algorithm – Diffie-Hellman
- Key Agreement Schemes
- Asymmetric Algorithm – RSA
- Factoring Large Numbers
- RSA Operations
- RSA Key Size
- El Gamal
- ECC
- ECC Benefits
- Asymmetric Mathematics
- Asymmetric Security
- Mathematics
- Symmetric Algorithms – DES
- Block Cipher
- Double DES
- Evolution of DES
- Modes of 3DES
- Encryption Modes
- Block Cipher Modes – CBC
- Different Modes of Block Ciphers – ECB
- Block Cipher Modes – CFB and OFB
- CFB and OFB Modes
- Counter Mode
- Modes Summary
- Symmetric Cipher – AES
- IDEA
- RC4
- RC5
- Agenda 3
- Hashing Steps
- Protecting the Integrity of Data
- Hashing Algorithms
- Data Integrity Mechanisms
- Hashing Strength
- Question 1
- More Protection in Data Integrity
- MAC
- HMAC – Sender
- HMAC – Receiver
- Another Look
- What Services
- Authentication Types
- MAC Using Block Ciphers
- Integrity?
- What Services?
- Question 2
- Digital Signatures
- One More Look 1
- U.S. Government Standard
- What Is…
- Zero Knowledge Proof
- Message Integrity Controls
- Security Issues in Hashing
- Example of a Birthday Attack
- Birthday Attack Issues
- Key Management
- Key Usage
- Cryptoperiod
- M-of-N
- Key Types
- Agenda 4
- PKI and Its Components
- PKI
- PKI Steps
- RA Roles
- CA
- Let’s Walk Through an Example
- Digital Certificates
- Certificate
- Signing the Certificate
- Verifying the Certificate
- Trusted CA’s
- Non-Trusted CA
- One More Look 2
- What Do You Do with a Certificate?
- Components of PKI, Repository, and CRLs
- Revoked?
- CRL Process
- Different Uses for Certificates
- Lifecycle of a Certificate
- Cross Certification
- PKI and Trust
- Agenda 5
- Historical Uses of Symmetric Cryptography – Vernam Cipher
- Binary Mathematical Function 2
- One-Time Pad in Action
- One-Time Pad Characteristics
- Steganography
- Digital Watermarking
- Link versus End-to-End Encryption
- End-to-End Encryption
- Encryption Location
- Email Standards
- You Decide
- Non-Hierarchical
- Secure Protocols
- SSL Connection Setup
- Example – SSL
- Validating Certificate
- Secure Protocols (Cont.)
- SSL and the OSI Model
- E-Commerce
- How Are You Doing?
- Hard the First Times Through
- Secure Email Standard
- Agenda 6
- IPSec Key Management
- IPSec Handshaking Process
- VPN Establishment
- SAs in Use
- Key Issues Within IPSec
- IPSec Configuration Options
- IPSec Is a Suite of Protocols
- AH and ESP Modes
- IPSec Modes of Operation
- VPN Establishment (Cont.)
- Review
- Questions 2
- Attack Types
- Attacks on Cryptosystems
- Known-Plaintext Attack
- Chosen-Plaintext Attack
- Chosen-Ciphertext Attack
- Adaptive Attacks
- Side Channel Attacks
- Trusted Platform Module (TPM)
- TPM
- Full Disk Encryption
- Putting It All Together
- SSH
- Authentication Methods Supported
- Network Protection
- Ciphers Provided
- Domain 5 Review
-
Domain 6 – Organizational Security
- Organizational Security
- Mainframe Days
- In the Good Old Days – Who Knew?
- Today’s Environment
- Security Definitions
- Vulnerabilities
- Examples of Some Vulnerabilities that Are Not Always Obvious
- Risk – What Does It Really Mean?
- Relationships
- Who Deals with Risk?
- Overall Business Risk
- Who?
- AIC Triad
- Availability
- Integrity
- Confidentiality
- Who Is Watching?
- Social Engineering
- What Security People Are Really Thinking
- Security Concepts
- Security?
- The Bad Guys Are Motivated
- If Not Obscurity – Then What?
- Common Open Standards
- Without Standards
- Logical and Physical Controls
- Are There Gaps?
- Understanding Drivers
- Not Always So Easy
- Different Types of Backups
- Backup Types
- Incremental Backup
- Incremental
- Differential Backup
- Backup Protection
- Agenda 3
- Mean Time Between Failure
- Single Point of Failure
- Redundant and Fault Tolerance
- Mirroring Data
- Disk Duplexing
- Redundant Array of Independent Disks
- Massive Array of Inactive Disks (MAID)
- Redundant Array of Independent Tapes (RAIT)
- Serial Advanced Technology Architecture
- SAN
- Fault Tolerance
- Redundancy Mechanism
- Some Threats to Computer Operations
- Trusted Recovery of Software
- After System Crash
- Security Concerns
- Needs for BCP
- Is Your Organization Prepared?
- Is Your Company Prepared?
- 9/11 Changed Mentalities About BCP
- Disaster Affected Many
- America Is Rebuilding
- Partial FEMA Disaster List for 2005
- DRP Focus
- BCP Focus
- Comparing the Two
- What Is the Purpose of a BCP?
- More Reasons to Have Plans in Place
- Framework
- BCP Is a Core Component of Every Security Program
- Steps of BCP Process
- Different BCP Model
- Documentation
- Documentation and Approval
- BCP Policy Outlines
- BCP Policy Sample
- Who Is In Charge and Who Can We Blame?
- What’s Needed In a Team?
- BCP Development Team
- Project Sizing
- Properly Determining Scope Is Important
- BCP Risk Analysis Steps
- BIA Steps
- Information from Different Sources
- Analysis
- Critical Functions
- Interdependencies
- Well, Of Course an Organization Knows How It Works!
- Business Silos
- Identifying Functions’ Resources
- Who Connects to Who?
- BIA Steps (Cont.)
- MTD
- Example
- MTD Definitions
- BIA Steps (Cont.)
- Thinking Outside of the Box What If…
- Biological Threats
- BIA Steps (Cont.)
- Potential Disasters
- Risk Approach
- Ranking by Risk Level
- Potential Losses
- Include All RISK Components
- What Have We Completed Up to Now?
- BIA Steps (Cont.)
- Alternate Business Process Procedures
- Business Process Reconstruction
- Recovery Strategies (Cont.)
- Facility Backups – Hot Site
- Facility Backups – Warm Site
- Facility Backups – Cold Site
- Compatibility Issues with Offsite Facility
- Tertiary Sites
- Subscription Costs
- Multiple Processing Centers
- Location, Location, Location
- Other Offsite Approaches
- Security Does Not Stop
- More Options
- Rolling Hot Site
- Recovery Strategies (Cont.)
- Supply and Technology Recovery
- VoIP
- Equipment Replacement
- What Items Need to Be Considered?
- Priorities
- Executive Succession Planning
- User Environment Recovery
- Co-Location
- Data Recovery
- Backup Redundancy
- Recovering Data
- Automated Backup Technologies
- Tape Vaulting
- Data Recovery (Cont.)
- Clustering for Fault Tolerance
- Disk or Database Shadowing
- Which Option to Use
- Cost Effective Measures
- Resources, Time, Solutions
- Determining Recovery Solutions
- Cost and Recovery Times
- BIA Steps (Cont.)
- Recovery Solutions
- Preventative Measures
- Reviewing Insurance
- Results from the BIA
- Now Ready to Develop the Plan
- Products That Can Help
- Plan Components
- External Groups
- Activation Phase
- Damage Assessment
- Notifying Personnel
- Plan Activation
- Emergency Response
- Recovery Procedures
- Documentation of Recovery Steps
- Reconstitution Phase
- Who Goes First?
- Disaster Hit – Now What?
- Termination of BCP
- Life Cycle
- Backup of the Backup Plan
- Types of Tests to Choose From
- Test Objectives
- Training Requirements
- Lessons Learned
- What Is Success?
- Out of Date?
- Keeping It Current
- Change Control
- Resulting Plan Should Contain…
- Phases of the BCP
- Why Incident Response?
- Incident Response Alarms
- Threats
- Incident Response Framework
- Preparation and Planning
- IRT – Incident Response Team
- Incident Response Team – Mission
- Incident Response Team – Objectives
- Incident Response Team – Priorities
- Incident Response Team – Liaisons
- Detection
- Chain of Custody (2)
- Poking Into Network Traffic
- Snort
- Containment
- Containment – Some Considerations
- Notification
- Investigation
- Rules of Evidence
- Acceptable Evidence
- Exclusionary Rules
- Evidence Recognition
- Evidence Discovery
- Search and Seizure
- Network Monitoring
- Reviewing System Logs
- Interviewing
- Terminating the Investigation
- Recovery
- Response
- Follow-Up
- Electronic Forensic
- Media Analysis Procedures
- Media Analysis – IACIS Framework
- Step 1 – Sterile Media
- Step 2 - Legal Software
- Step 3 - Physical Examination of the Evidence
- Step 4 - Avoid Altering the Evidence
- Step 5 - Capture Date/Time and CMOS (RTC/NVRAM) Information
- Step 6 - Create an Exact Image
- Step 7 - Logically Examine the Image
- Step 8 - Examine the Boot Record Data and User-Defined Files
- Step 9 - Recover and Examine All Deleted Files
- Step 10 - Create a Listing of All Files
- Step 11 - Examine Unallocated Space for Lost or Hidden Data
- Step 12 - Examine File Slack
- Step 13 - Examine All User Created Files
- Step 14 - Unlock and Examine Password-Protected Files
- Step 15 - Create Printouts of All of the Apparent Evidence
- Step 16 - Examine Executable Files and Run Applications
- Step 17 - Write the Forensic Analysis Report
- Components of Security Program
- A Layered Approach
- In Security, You Never Want Any Surprises
- Building Foundation
- Security Roadmap
- Functional and Assurance Requirements
- Building Foundation
- Most Organizations
- Silo Security Structure
- Islands of Security Needs and Tools
- Get Out of a Silo Approach
- Security Is a Process
- Approach to Security Management
- Result of Battling Management
- Industry Best Practices Standards
- Pieces and Parts
- Numbering
- New ISO Standards
- COBIT
- COBIT – Control Objectives
- Measurements
- Information Technology Infrastructure Library
- Security Governance
- Policy Framework
- Policy Approved – Now What?
- Issue-Specific Policies
- System-Specific Policies
- Standards
- Baseline
- Data Collection for Metrics
- Guidelines
- Procedures
- Tying Them Together
- Program Support
- Senior Management’s Role
- Security Roles
- Custodian
- Auditor
- Access
- Information Classification
- Data Leakage
- Do You Want to End Up In the News?
- Types of Classification Levels
- Data Protection Levels
- Classification Program Steps
- Information Classification Components
- Procedures and Guidelines
- Classification Levels
- Information Classification Criteria
- Criteria Example
- Or Not
- Information Owner Requirements
- Clearly Labeled
- Information Classification
- Employee Management
- Employee Position and Management
- Hiring and Firing Issues
- A Few More Items
- Unfriendly Termination
- Security Awareness and Training
- Training Characteristics
- Awareness
- Security Enforcement Issues
- PII
- Domain 6 Review
- Course Closure
Product information
- Title: CompTIA Security+ SY0-201 Video Course
- Author(s):
- Release date: June 2009
- Publisher(s): Pearson IT Certification
- ISBN: 9780789739964
You might also like
video
Virtualization, Networking, and Storage
Virtualization is central to modern communications. From cloud services to internal compute clusters, virtual machines and …
video
Network Engineering Fundamentals
Need a basic primer on networks? In this video, network designer and teacher Bruce Hartpence presents …
video
AWS Certified Cloud Practitioner Complete Video Course
7 Hours of Video Instruction Seven hours of video instruction covering the fundamentals of cloud computing; …
video
Learning Network Technology and Security Fundamentals
In this Network Technology and Security Fundamentals training course, expert author David Miller teaches you how …
