< All CompTIA Security+ Notes

Raul | CompTIA Security+ | Module 2

By: Raul Pop | Related Course: CompTIA Security+ | Published: May 28, 2017 | Modified: May 28, 2017
Join Cybrary

NotepadAppropriate Risk Mitigation

Change Management

Incident management

User rights and Permissions Reviews

Perform Routine Audits

Enforce Policies to prevent Data Loss of theft

Data loss Prevention


NotepadBasic Forensic Procedures

-Order of volatility


Network cache,virtual memory

Hard drivers,flash drivers

CD Coms ,DVD Coms


-Capture System Image

Take has of original media

Capture image

Take hash of image


-Network Logs

See traffic network,logs

Record time off set

Capture Screen Shot

Collect Review Witnesses

Capture video

Track man hows and expenses

Chain of custody

Big data analysis


NotepadControl Types

Control Types

-Control is what we put in place a component to implement and enforce the security requirements of the organization

Deterrent controls-discourage potential attackers

Preventive controls-avoid incident from occurring

Detective controls- identify incidents

Compensating controls-alternative controls

Technical controls-password,encryption smart cards

Administrative controls-policies,procedures

NotepadGoals of Security








-Access controls

-Steganography=>least significant bit



-Digital Signatures


-Non reputation




-Fault tolerance








-Escape Plans


-Escape Routes

-Testing Controls



NotepadImportance of Security

A policy is a high leveled statement dictated by management. It is simply a set of rules management will put these rules together and we call it a policy. Whatever the policy addresses is how we name the policy. So if we say security policy; this policy is addressing how rules that govern security for the organization.


The security policies are broken down into procedures for users to carry out their activities within their environment

NotepadImportance of Security Awareness

Tail gating

Personally Owned devices

Phishing attacks

Social Engineering

Zero Day exploits(upgrade the device)

Social network/Peer to peer

-data leakage (sn)

-controls could be lading(p2p)

-what is on the other side.(sn)

-data confidentiality(sn)

-accidentally disclose information(sn)


As a continuation of our discussion on the Importance of Security, we look at why security awareness training is essential for both the technical professional and the end user.

For example, if there is a policy in place that users are constantly breaching, a security or IT professional must be able to identify this and training users on what the policy is, why a give procedure is in place, what they subject themselves and the company to by the explore they engage it and how they can still achieve what they need with proper guidance on how to do that in a safe and secure manner.

NotepadIncident Response Procedures

Incident Response Procedures


-Incident Identification

-Escalation and notification

-Mitigating Steps

-Lessons learned


-Recovery Procedures

-First Responder

-Data breach

-Damage and loss control



NotepadPhysical Security and Environemental

HVAC(heating, ventilation and air conditioning)

-independent power source

-positive air pressure

-protect intake vents

-emergency cut offs


Fire suppression

-reduce the oxygen,fuel,heat


EMI Shielding(Electromagnetic Interface)

-cables with pairs

-coax cable

-twisted pairs cable


Cold tiles and hot tiles

-arrange the servers 


Environmental monitoring

-air monitor

-water monitor




Physical Security

-Hardware locks

-Man traps

-Video Surveilance


-Access lists

-Proper lighting




-Proximity readers(Card readers ID)



NotepadRisk Management Best Practice

BIA-Business Impact Analysis

-Identify critical systems and components


-Ensure multiple people


Remove Single Point of failure

Risk asessement 

NotepadRisk Related

Control could be hardware or software to implement and enforce  a policy.It is a solution we put in place to implement and enforce the policy.

Control types:


-Management(Policies,Procedures,best practices)

-Operational(Procedures,Standards,best practices)


If you are lax or tight controls it becomes:

-False Positives

-False Negatives


Importance of Policies to reduce list:

-Privacy policy

-Acceptable use Policy

-Security Policy

-Mandatory Vacation

-Job rotation

-Separation of duties

-least Privileges

NotepadRisk Related

Risk Calculation

-MTTR -Mean Time to Repair

include the time fix and test

-MTBF- Mean Time Between Failure

how long will be used this device and then failure to repair

-MTTF- Mean Time to Failure

the device which you are using and its failure and dont repair


Analyzed loss expectancy

ALE- Annualized Loss Expectancy(SLE x ARO)

SLE- Single Loss Expectancy

ARO- Annualized Rate of Occurrence


Risk calculations

Quantitative analysis->numeric values

Qualitative analysis->experience,subjective



-Threat factors



Risk Response

-Mitagate->Put controls in place

-Transfer->Buy insurance

-Avoidance->Back out

-Deterrence->Deter threats

-Acceptance->Accept risks


Risk with cloud computing


-Availability-Server availability,backups

-Control in other people’s hands


Risk with virtualization

Orphan VM

VM Escape

Prohibited Software

Best practices and standards


Malicious person can attack the hyper visor through virtual machine then host PC


RTO-Recovery Time Objective

-measure of time with which we can recover a device that is down


RPO-Recovery Point Objective

do a recovery point,you must give a point at which you want to recover something.



NotepadSecurity Implications of Integrating

On boarding/Off boarding business Partners

Social media networks and applications

Interoperability Agreements

Service Level Agreements

Business Partner Agreements

Memorandum of Agreement

Interconnection Security Agreement



NotepadSecurity Implications of Integrating Systems (part 2)

Privacy considerations

Risk awareness

Unauthorized data sharing

Data ownership

Data backups

Follow Security policies and Procedures

Preview agreement requirements to verify compliance

-Performance standards


NotepadThe Principle of Least Privilege

The principle of least privilege that our users get only the exact permissions they need to get their job done.

Separation of duties dictates that critical job functions be broken down into multiple roles.We don’t want one person alone carrying out critical job functions from the start to the finish.You need to watch for collusion to ensure that people work to those tasks do not rub their minds together to defeat the principles


< All CompTIA Security+ Notes
Join Cybrary

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?