Rainer's virtual planet of technology interest

^                          

 

During my study I found some good links, which help in understanding the topics. They also could be used for further readings, when working on your certification preparation.

DOMAIN 1 - General Security Concepts

1.1 Access Control

  • 1.1.1    MAC / DAC / RBAC

1.2 Authentication

  • 1.2.1    Kerberos :                           External Link: http://www.windowsadvantage.com/tech_edge/05-15-00_kerberos.asp
  • 1.2.2    CHAP
  • 1.2.3    Certificates
  • 1.2.4    Username/Password
  • 1.2.5    Tokens
  • 1.2.6    Multi-Factor
  • 1.2.7    Mutual Authentication
  • 1.2.8    Biometrics

 

1.3 Non-essential Services and Protocols

1.4 Attacks

  • 1.4.1    DOS/DDOS
  • 1.4.2    Back Door
  • 1.4.3    Spoofing
  • 1.4.4    Man in the Middle
  • 1.4.5    Replay
  • 1.4.6    TCP/IP Hijacking
  • 1.4.7    Weak Keys
  • 1.4.8    Mathematical
  • 1.4.9    Social Engineering
  • 1.4.10  Birthday
  • 1.4.11  Password Guessing
    • 1.4.11.1    Brute Force
    • 1.4.11.2    Dictionary
  • 1.4.12   Software Exploitation

 

(officially not a part of the Exam objects, but very interesting)

1.5 Malicous Code

    • 1.5.1    Viruses
    • 1.5.2    Trojan Horses
    • 1.5.3    Logic Bombs
    • 1.5.4    Worms

1.6 Social Engineering

1.7 Auditing - Logging, system scanning

Domain 2 - Communication Security

2.1 Remote Access

  • 2.1.1    802.1x
  • 2.1.2    VPN
  • 2.1.3    RADIUS
  • 2.1.4    TACACS/+
  • 2.1.5    L2TP/PPTP
  • 2.1.6    SSH
  • 2.1.7    IPSEC
  • 2.1.8    Vulnerabilities

2.2 Email

  • 2.2.1    S/MIME
  • 2.2.2    PGP like technologies
  • 2.2.3    Vulnerabilities
    • 2.2.3.1    SPAM
    • 2.2.3.2    Hoaxes

2.3 Web

  • 2.3.1    SSL/TLS
  • 2.3.2    HTTP/S
  • 2.3.3    Instant Messaging
    • 2.3.3.1    Vulnerabilities
    • 2.3.3.2    8.3 Naming Convention
    • 2.3.3.3    Packet Sniffing
    • 2.3.3.4    Vulnerabilities

2.4 Directory - Recognition not administration

  • 2.4.1    SSL/TLLS
  • 2.4.2    LDAP
     

2.5 File Transfer

  • 2.5.1    S/FTP
  • 2.5.2    Blind FTP/Anonymous
  • 2.5.3    File sharing
  • 2.5.4    Vulnerabilities
    • 2.5.4.1    Packet Sniffing

2.6 Wireless 

  • 2.6.1    WTLS
  • 2.6.2    802.11x
  • 2.6.3    WEP/WAP
  • 2.6.4    Vulnerabilities
    • 2.6.4.1    Site Survey

DOMAIN 3 - Infrastructure

3.1 Devices

  • 3.1.1    Firewalls                                        External Link: www.robertgraham.com/pubs/firewall-seen.html
  • 3.1.2    Routers
  • 3.1.3    Switches
  • 3.1.4    Wireless
  • 3.1.5    Modems
  • 3.1.6    RAS
  • 3.1.7    Telecom/PBX
  • 3.1.8    VPN
  • 3.1.9    IDS                                               External Link: www.robertgraham.com/pubs/network-intrusion-detection.html
  • 3.1.10  Network Monitoring/Diagnostic
  • 3.1.11  Workstations
  • 3.1.12  Servers
  • 3.1.13  Mobile Devices

3.2 Media

  • 3.2.1    Coax
  • 3.2.2    UTP/STP
  • 3.2.3    Fiber
  • 3.2.4    Removable media
    • 3.2.4.1    Tape
    • 3.2.4.2    CDR
    • 3.2.4.3    Hard Drives
    • 3.2.4.4    Diskettes
    • 3.2.4.5    FlashCards
    • 3.2.4.6    SmartCards
    • 3.2.4.7    USB Sticks (not officially part of the Exam objects)

3.3 Security Topologies

  • 3.3.1    Security Zones
    • 3.3.1.1    DMZ
    • 3.3.1.2    Intranet
    • 3.3.1.3    Extranet
  • 3.3.2    VLANs
  • 3.3.3    NAT
  • 3.3.4    Tunneling

3.4 Intrusion Detection (Awareness, conceptual knowledge and understanding)

3.5 Security Baselines

  • 3.5.1    OS/NOS Hardening (Concepts and processes)
    • 3.5.1.1    File System
    • 3.5.1.2    Updates (Hotfixes, Service Packs, Patches)
  • 3.5.2    Network Hardening
    • 3.5.2.1    Updates (Firmware)
    • 3.5.2.1    Configuration
      • 3.5.2.2.1    Enabling and Disabling Services and Protocols
      • 3.5.2.2.2    Access control lists
  • 3.5.3    Application Hardening
    • 3.5.3.1    Update (Hotfixes, Service Packs, Patches)
    • 3.5.3.2    Web Servers
    • 3.5.3.3    Email Servers
    • 3.5.3.4    FTP Server
    • 3.5.3.5    DNS Servers
    • 3.5.3.6    NNTP Servers
    • 3.5.3.7    File/Print Servers
    • 3.5.3.8    DHCP Servers
    • 3.5.3.9    Data Repositories
      • 3.5.3.9.1     Directory Services
      • 3.5.3.9.2     Databases

Domain 4 -  Basics of Cryptography

4.1 Algorithms

  • 4.1.1    Hashing
  • 4.1.2    Symetric
  • 4.1.3    Asymetric

4.2 Concepts of using cryptography

  • 4.2.1    Confidentially
  • 4.2.2    Integrity
    • 4.2.2.1    Digital Signatures
  • 4.2.3    Authentication
  • 4.2.4    Non-Reputation
    • 4.2.4.1    Digital Signatures
  • 4.2.5    Access Control

4.3 PKI

  • 4.3.1   Certificates
    • 4.3.1.1    Certificate Policies
    • 4.3.1.2    Certificate Practice Statements
  • 4.3.2    Revocation
  • 4.3.3    Trust Models

4.4 Standards and Protocols

4.5 Key Management/Certificate Lifecycle

  • 4.5.1    Centralized vs. Decentralized
  • 4.5.2    Storage
    • 4.5.2.1    Hardware vs. Software
    • 4.5.2.2    Private Key Protection
  • 4.5.3    Escrow
  • 4.5.4    Expiraton
  • 4.5.5    Revocation
    • 4.5.5.1    Status Checking
  • 4.5.6    Suspension
    • 4.5.6.1    Status Checking
  • 4.5.7    Recovery
    • 4.5.7.1    M of N Control
  • 4.5.8    Renewal
  • 4.5.9    Destruction
  • 4.5.10  Key Usage
    • 4.5.10.1    Multiple Key Pairs (Single, Dual)

DOMAIN 5 - Operational/Organizational Security

5.1 Physical Security

  • 5.1.1    Access Control
    • 5.1.1.1    Physical Barriers
    • 5.1.1.2    Biometrics
  • 5.1.2    Social Engineering
  • 5.1.3    Environament
    • 5.1.3.1    Wireless Cells
    • 5.1.3.2    Location
    • 5.1.3.3    Shielding
    • 5.1.3.4    Fire Suppression

5.2 Disaster Recovery

  • 5.2.1    Backups
    • 5.2.1.1    Off Site Storage
  • 5.2.2    Security Policy
    • 5.2.2.1    Alternate Sites
  • 5.2.3    Disaster Recovery Plan

5.3 Business Continuity

  • 5.3.1    Utilities
  • 5.3.2    High Availability / Fault Tolerance
  • 5.3.3    Backups

5.4 Policy and Procedures

  • 5.4.1    Security Policy
    • 5.4.1.1    Acceptable Use  
    • 5.4.1.2    Due Care
    • 5.4.1.3    Privacy
    • 5.4.1.4    Separation of duties
    • 5.4.1.5    Need to know
    • 5.4.1.6    Password Management
    • 5.4.1.7    SLA
    • 5.4.1.8    Disposal / Destruction
    • 5.4.1.9    HR Policy
      • 5.4.1.9.1    Termination - Adding / revoking passwords, privileges, etc.
      • 5.4.1.9.2    Hiring - Adding / revoking passwords, priviledges, etc
      • 5.4.1.9.3    Code of Ethics
  • 5.4.2    Incident Response Policy

5.5 Privilege Management

  • 5.5.1    User/Group/Role Management
  • 5.5.2    Single Sign-on
  • 5.5.3    Centralized vs. Decentralized
  • 5.5.4    Autiding (Privilege, Usage, Escalation)
  • 5.5.5    MAC/DAC/RBAC

5.6 Forensics

  • 5.6.1    Chain of Custody
  • 5.6.2    Preservation of Evidence
  • 5.6.3    Collection of Evidence

5.7 Risk Identification

  • 5.7.1    Asset Identification
  • 5.7.2    Risk Assessment
  • 5.7;3    Threat Identification
  • 5.7.4    Vulnerabilities

5.8 Education - Training of end users, executives and HR

  • 5.8.1    Communication
  • 5.8.2    User Awareness
  • 5.8.3    Educatioin
  • 5.8.4    Online Resources

5.9 Documentation

  • 5.9.1    Standards and Guidelines
  • 5.9.2    Systems Architecture
  • 5.9.3    Change Documentation
  • 5.9.4    Logs and Inventories
  • 5.9.5    Classification
    • 5.9.5.1    Notification
  • 5.9.6    Retention / Storage
  • 5.9.7    Destruction