© SYBEX Inc All Rights Reserved. CompTIA Security+ Study Guide (SY0-201) “Chapter 2: Identifying Potential Risks”
© SYBEX Inc All Rights Reserved. Chapter 2: Identifying Potential Risks Calculating Attack Strategies Recognizing Common Attacks Identifying TCP/IP Security Concerns Understanding Software Exploitation Understanding OVAL Surviving Malicious Code Understanding Social Engineering Auditing Processes and Files
© SYBEX Inc All Rights Reserved. Types of Attacks Access attack – someone who should not be able to wants to access your resources Modification and repudiation attack – someone wants to modify information in your systems Denial of Service (DoS) attack – an attempt to disrupt your network and services
© SYBEX Inc All Rights Reserved. Chapter 2: Identifying Potential Risks Calculating Attack Strategies Recognizing Common Attacks Identifying TCP/IP Security Concerns Understanding Software Exploitation Understanding OVAL Surviving Malicious Code Understanding Social Engineering Auditing Processes and Files
© SYBEX Inc All Rights Reserved. Recognizing Common Attacks Back Door Attacks Spoofing Attacks Man-in-the-Middle Attacks Replay Attacks Password Guessing Attacks Privilege Escalation
© SYBEX Inc All Rights Reserved. Chapter 2: Identifying Potential Risks Calculating Attack Strategies Recognizing Common Attacks Identifying TCP/IP Security Concerns Understanding Software Exploitation Understanding OVAL Surviving Malicious Code Understanding Social Engineering Auditing Processes and Files
© SYBEX Inc All Rights Reserved. Security Concerns and TCP/IP Overview of Protocol Suite –Application Layer –Host-to-host or Transport Layer –Internet Layer –Network Interface Layer Protocols and Services –Ports –TCP Three-way handshake –Application Interfaces
© SYBEX Inc All Rights Reserved. Security Concerns and TCP/IP (cont.) TCP/IP Attacks –Sniffing the Network –Scanning Ports –TCP attacks TCP SYN or TCP ACK Flood Attack TCP Sequence Number Attack TCP/IP Hijacking –UDP attacks ICMP Attacks Smurf Attacks ICMP Tunneling
© SYBEX Inc All Rights Reserved. Chapter 2: Identifying Potential Risks Calculating Attack Strategies Recognizing Common Attacks Identifying TCP/IP Security Concerns Understanding Software Exploitation Understanding OVAL Surviving Malicious Code Understanding Social Engineering Auditing Processes and Files
© SYBEX Inc All Rights Reserved. Software Exploitation Database exploitation Application exploitation exploitation Spyware Rootkits
© SYBEX Inc All Rights Reserved. Chapter 2: Identifying Potential Risks Calculating Attack Strategies Recognizing Common Attacks Identifying TCP/IP Security Concerns Understanding Software Exploitation Understanding OVAL Surviving Malicious Code Understanding Social Engineering Auditing Processes and Files
© SYBEX Inc All Rights Reserved. OVAL Open Vulnerability and Assessment Language A community written standard in XML to promote open and publicly available security content Consists of: –A language –An interpreter –A repository
© SYBEX Inc All Rights Reserved. Chapter 2: Identifying Potential Risks Calculating Attack Strategies Recognizing Common Attacks Identifying TCP/IP Security Concerns Understanding Software Exploitation Understanding OVAL Surviving Malicious Code Understanding Social Engineering Auditing Processes and Files
© SYBEX Inc All Rights Reserved. Surviving Malicious Code Viruses Trojan horses Logic Bombs Worms Antivirus software
© SYBEX Inc All Rights Reserved. Chapter 2: Identifying Potential Risks Calculating Attack Strategies Recognizing Common Attacks Identifying TCP/IP Security Concerns Understanding Software Exploitation Understanding OVAL Surviving Malicious Code Understanding Social Engineering Auditing Processes and Files
© SYBEX Inc All Rights Reserved. Social Engineering Social engineering is a process where an attacker attempts to acquire information about your network and system by talking to people in the organization. Preys on the trusting nature of people to breach security. Can be prevented through training and standard security policies.
© SYBEX Inc All Rights Reserved. Chapter 2: Identifying Potential Risks Calculating Attack Strategies Recognizing Common Attacks Identifying TCP/IP Security Concerns Understanding Software Exploitation Surviving Malicious Code Understanding Social Engineering Auditing Processes and Files
© SYBEX Inc All Rights Reserved. Auditing Processes and Files Security log files Security audit files Vulnerability scanner