Posted filed under CompTIA Security+.

In this cram guide, we would like to give you some short tips on what to study for the Security+ exam to ensure a great score. It is organized by the same criteria that CompTIA organizes the actual exam and is therefore comprehensive, covering many of the specialized points that you will encounter while taking the exam.

 

Topic 1: General Security Concepts

  • Your ability to understand the CIA triangle (Confidentiality, Integrity, and Availability) will help you in many questions that are indirectly related to the triangle on the exam. Remember that confidentiality refers to the idea that information should remain only accessible to those who are meant to access it; integrity is the concept that information should remain in the same form as it was originally intended (i.e. not maliciously changed); availability refers to the idea that information should be accessible (think Denial of Service)

 

Topic 2: Communication Security

  • Remote Access Technologies include PPP (widely used for dial-up TCP/IP access), PPTP (tunneled PPP), RADIUS (UDP-based), TACACS+ (similar to radius, but TCP-based and Cisco proprietary)
  • L2TP operates on the Data-Link layer; IPSec operates over Network layer and has two protocols: AH and ESP

 

Topic 3: Infrastructure Security

  • Make sure you know some basic networking concepts and hardware:
    • Cladding is the glass insulator in fiber optic cabling
    • STP cabling is said to be shielded against EMI, or electric interference
  • Also, for the Security+ exam, an understanding of the types of firewalls is essential:
    • Packet filtering: Works by examining headers
    • Circuit-level gateway: Maintains state information (connection-based)
    • Application-level gateway: Examines each packet coming in for content
    • Proxy server: Special application-level gateway that ensures no direct connection between an un-trusted and trusted network
    • ACL is the list that defines the rules that a packet filtering firewall follows

 

Topic 4: Basics of Cryptography

  • The work factor of an algorithm refers to the amount of resources and time it takes for the algorithm to operate
  • A key is the value that can encrypt or decrypt text
  • Public-key or asymmetric algorithms are more scalable and easier to manage than symmetric or secret key algorithms, but they require more overhead and are slower
  • End-to-End encryption refers to the idea that packets are encrypted at the source and decrypted at the destination

 

Topic 5: Organizational Security

  • Business Continuity Planning refers to continuing normal day-to-day operations after a disaster
  • Disaster Recovery Planning refers to fixing the problems a disaster causes
  • Backup types that you should know for the exam:
    • Full: The information is backed up in entirety
    • Differential: Only the data changed since the last full backup is backed up
    • Incremental: Only the data changed since the last full or incremental backup is backed up
  • The greatest amount of time that a system can withstand being un-operational is called the MTD or maximum tolerable downtime
  • Risk analysis is the practice of assessing which threats are relevant and pressing

 

Topic 6: Tables & Charts

 

Cryptographic Algorithms and Protocols

Name Type Algorithm Size Strength Replaced By
DES Symmetric Block cipher 64 bit (56 + 8 parity) Very weak 3DES
3DES Symmetric Block cipher 192 bit (168 bit + 24 parity) Moderate AES
AES Symmetric Rijndael Block cipher Variable (128, 192, 256) Strong N/A
RC5 Symmetric RSA Block mode cipher Variable (up to 2048) Very Strong N/A
RSA Asymmetric Key transport 512 Strong N/A
Diffie-Hellman Asymmetric Key exchange N/A Moderate El Gamal
El Gamal Asymmetric Key exchange N/A Very Strong N/A
MD5 Hash (Digest) Rivest MD5 Block Hash 512 bit block processing/ 128 bit digest Strong MD6, et. Al.
SHA-1 Hash Rivest SHA Hash 512-bit processing/160 bit digest Very Strong N/A
HMAC Hash Keyed Digest Variable Very Strong N/A

 

 

 

 

Source by: <www.proprofs.com>

 To Become Certified For CompTIA Security+ Please Visit This Link ;

 

 

Trackbacks/Pingbacks

  1.  gvk biosciences
  2.  DMPK Studies