*TechNotes* Security+
Comments
-
Webmaster Admin Posts: 10,292 AdminI just uploaded some new Security+ TechNotes:
www.techexams.net/technotes/securityplus/physical_security.shtml
Covers physical security aspects such as physical barriers, access controls, environmental security, shielding, and fire suppression.
Not one of my specialties... I hope you like it though! -
qsub Member Posts: 303Awesomeness, I ended up scheduling my security+ exam on September 2nd since I'm quite busy with working for money so I can goto school.
I will definitally go through these before I go for the exam, I might reschedule to an earlier exam date if I feel I'm absorbing the knowledge faster.
Good work on the technotes webmasterWorld Cup 2006 - Zidane - Never Forget. -
Karolina Member Posts: 4 ■□□□□□□□□□Hey Johan, thanks for your time and effort to help those of us following up behind you. I have found your TechNotes to be well written and more enjoyable reading then the format of most of the books I have gone through to date for all the exams I have written. Keep it up, I know I for one appreciate it!
-
qsub Member Posts: 303Hey Webmaster.
Just wanted to say, I read up to Malicious code on your technotes for security+ For a majority of the notes, I thought it was awesome. When comparing it to the syngress book, I get a easier understanding from your notes from the syngress book.
This might be because it's my first time around learning security. Anyways, I'll continue to read them while I'm at work
Keep up the good work!
Oh yeah, I had problems understanding the wireless security part in the Syngress book and even the CBT nuggets. It's a bit wierd for me because it seems like they use things later on that you learn.World Cup 2006 - Zidane - Never Forget. -
Webmaster Admin Posts: 10,292 AdminThanks for the kind words spfdzspfdz wrote:Oh yeah, I had problems understanding the wireless security part in the Syngress book and even the CBT Nuggets. It's a bit wierd for me because it seems like they use things later on that you learn.
-
qsub Member Posts: 303Webmaster wrote:Thanks for the kind words spfdzspfdz wrote:Oh yeah, I had problems understanding the wireless security part in the Syngress book and even the CBT Nuggets. It's a bit wierd for me because it seems like they use things later on that you learn.
Awesome. I'm looking forward to them
No rush though. Quality is time
Now that I've gone through a book, CBT nuggets, and half of LearnKey CBT's. It's not so hard.World Cup 2006 - Zidane - Never Forget. -
Webmaster Admin Posts: 10,292 AdminJust finished and uploaded some new TechNotes covering the following exam objectives:
5.7 Understand and be able to explain the following concepts of risk identification
- Asset Identification
- Vulnerabilities
- Threat Identification
- Risk Assessment
www.techexams.net/technotes/securityplus/risk_identification.shtml
Not a very long one, but like the exam objective says, you only need to understand the basic idea.
btw, there's no need to memorize the formulas in these TechNotes, but is is important to understand the basic concepts and terms. I didn't include an example because of that, let me know if you think I should anyway.
Johan -
qsub Member Posts: 303Awesome, I'll check these out this weekend. I'm up to IDS on the technotes now. I been busy with work and also reading the syngress guide.
I'll let ya know how it goes.World Cup 2006 - Zidane - Never Forget. -
Webmaster Admin Posts: 10,292 AdminI finished the remaining attacks for the Attacks TechNotes, which is now online:
www.techexams.net/technotes/securityplus/attacks.shtml
It covers the following exam objectives:
1.4 Recognize the following attacks and specify the appropriate actions to take to mitigate vulnerability and risk.
- Back Door
- Man in the Middle
- Replay
- TCP/IP Hijacking
- Weak Keys
- Mathematical
- Birthday
- Password Guessing
-- Brute Force
-- Dictionary
- Software Exploitation
(DOS / DDOS, Spoofing, and Social Engineering attacks, also part of exam objective 1.4, are covered in separate TechNotes.) -
Webmaster Admin Posts: 10,292 AdminI added new Security+ TechNotes, probably the longest I've wrote so far:
Internet Security
It covers all of the following exam objectives for the Security+ exam:
2.3 Recognize and under stand the administration of the following Internet security concepts
- SSL / TLS (Secure Sockets Layer / Transport Layer Security)
- HTTP/S (Hypertext Transfer Protocol over Secure Sockets Layer)
- Instant Messaging
-- Vulnerabilities
-- Packet Sniffing
-- Privacy
- Vulnerabilities
-- Java Script
-- ActiveX
-- Buffer Overflows
-- Cookies
-- Signed Applets
-- CGI (Common Gateway Interface)
2.5 Recognize and understand the administration of the following file transfer protocols and concepts
- S/FTP (File Transfer Protocol)
- Blind FTP (File Transfer Protocol) / Anonymous
3.3 Understand the concepts behind the following kinds of Security Topologies
-- Security Zones
-- Intranet
-- Extranet
Have fun reading and let me know if you have any comments/suggestions
Johan -
Webmaster Admin Posts: 10,292 AdminI'm closing in on the end... here's another one covering the following forensics related exam objectives:
5.6 Understand the concepts of the following topics of forensics
- Chain of Custody
- Preservation of Evidence
- Collection of Evidence
www.techexams.net/technotes/securityplus/computer_forensics.shtml
Happy reading -
seuss_ssues Member Posts: 629Johan,
I havent read all of your sec+ docs but i did read the one just posted on forensics. So the info im suggesting may have been covered elsewhere.
I just wanted to note from my studies and taking the exam that there were several things to do when an intrusion occurs:
1. make notes/pics of whats on the screen
2. disconnect the network cable, do not turn off the computer that could lose valuable evidence
3. do not allow personal into the server room except incident response teams
4. when making copies of the data be sure and check hashes to ensure that the information was copied exactly as it was on the compriy mised machine.
5. check your incident response policy on what all should be done
i seem to remember a question or 2 on my exam and the above data plus what you wrote should have been sufficient.
If anyone notices any errors in my suggestions plus dont be shy to correct me.
Anyway keep up the good work, in no time this guide will be as useful as your Net+ (which was more than sufficient to pass with)
seuss -
Webmaster Admin Posts: 10,292 Adminseuss_ssues wrote:I havent read all of your sec+ docs but i did read the one just posted on forensics. So the info im suggesting may have been covered elsewhere.
Thanks for the comments/suggestions though!
[Edit]Changed my mind on your suggestion, I'll add something about establishing a secure perimeter. Thanks again.[/edit] -
Webmaster Admin Posts: 10,292 AdminAdded some more TechNotes for the Security+ exam:
Network and Storage Media
It covers the following exam objectives:
3.2 Understand the security concerns for the following types of media
- Coaxial Cable
- UTP / STP (Unshielded Twisted Pair / Shielded Twisted Pair)
- Fiber Optic Cable
- Removable Media
- - Tape
- - CD-R (Recordable Compact Disks)
- - Hard Drives
- - Diskettes
- - Flashcards
- - Smartcards -
keatron Member Posts: 1,213 ■■■■■■□□□□Yeah I don't think I've ever seen anyone as dedicated to something as Johan is to this site and helping the people here.
-
Webmaster Admin Posts: 10,292 AdminThanks Keatron Your help behind the scenes is definitely a good motivator!
-
Webmaster Admin Posts: 10,292 AdminHere are some more new TechNotes:
Network Devices
It covers a whole bunch of exam objectives:
3.1 Understand security concerns and concepts of the following types of devices
- Firewalls
- Routers
- Switches
- Telecom / PBX (Private Branch Exchange)
- Network Monitoring / Diagnostics
- Mobile Devices
3.3 Understand the concepts behind the following kinds of Security Topologies
- Security Zones
- DMZ (Demilitarized Zone)
- VLANs (Virtual Local Area Network)
- NAT (Network Address Translation)
3.5 Understand the following concepts of Security Baselines, be able to explain what a Security Baseline is, and understand the implementation and configuration of each kind of system.
- Network Hardening
- - Updates (Firmware)
- - Configuration
- - - Enabling and Disabling Services and Protocols
- - - Access Control Lists
The following is a list of remaining TechNotes for this exam. I wrote most of it already, 'just' need to write it out completely and do some editing and fact-checking.
- Privilege management
- Remote Access Technologies (Radius, tacacs, l2tp, pptp, etc)
- OS and application hardening
- Basics of Cryptography
- PKI and Key Management
- Disaster Recovery and Business Continuity
- Security Policies and Procedures
- Education and Training
- Documentation
I'm pretty sure I will have the free PDF and the SE version available within a month or two. -
Travler Member Posts: 61 ■■□□□□□□□□How's the pdf and SE coming along? A coworker and I are finally getting our stuff together and are deciding which exams to take next. Your net+ SE helped me so much, that I think we may try sec+ before starting on the MS track.
-
Webmaster Admin Posts: 10,292 AdminSorry for the delayed answer, I didn't notice your reply before.
I put them away for while to get a fresh approach, and to write for some other exams, but I actually started on finishing the remaining TechNotes today, and I hope to finish them all before the end of this month, maybe a week or two later. The SE should follow a couple of weeks after that. Don't pin me down on it though... Although it does contribute to maintaining the site, the SE does not have a very high priority in my daily schedule because 'selling' study material is not our core business. Also, we are also considering to do a very 'special' special edition, which can influence the ETA. More on that soon.
I expect to have the Remote Access Technologies TechNotes online before the end of this week, and after that I'm going to try to release new TechNotes very frequently because as I mentioned earlier, I already done the bulk work for the remaining TechNotes. The last 10% (making sure it covers most of everything, proofreading, editing, formatting, converting to PDF, writing the questions for the SE, etc) takes longer than 10% of the total amount of time I spent on this.
Thanks for asking, and thank for your patience everyone -
Webmaster Admin Posts: 10,292 AdminI guess the ones who've been following this thread a bit longer know that when I say in a week, I'm not talking about 'earth weeks'
Remote Access Technologies
Covers remote access services, PPP, VPNs, tunneling, IPSec, SSH, L2TP, PPTP, 802.1x, RADIUS, and TACACS.
It covers all of the following exam objectives:
2.1 Recognize and understand the administration of the following types of remote access technologies:
- 802.1x
- VPN (Virtual Private Network)
- RADIUS (Remote Authentication Dial-In User Service)
- TACACS (Terminal Access Controller Access Control System)
- L2TP / PPTP (Layer Two Tunneling Protocol / Point to Point Tunneling Protocol)
- SSH (Secure Shell)
- IPSEC (Internet Protocol Security)
- Vulnerabilities
3.1 Understand security concerns and concepts of the following types of devices:
- Modems
- RAS (Remote Access Server)
- VPN (Virtual Private Network)
3.3 Understand the concepts behind the following kinds of Security Topologies
- Tunneling
Happy reading!
Next will be either Security Policy or Basics of Cryptography.
And thank to everyone who pm-ed me about future TechNotes, your interest will keep me motivated until I reach the last few lines of the PDF. -
Webmaster Admin Posts: 10,292 AdminThe thing is that I'm changing orbits all the time, so it would run out of sync in no time. I'm on Xartec btw. (I do own xartec.com, not a site yet though...). The time here is more dynamically and flexible because we don't have the 'boss' species.
-
Danman32 Member Posts: 1,243I'm glad you added the remote access technologies technote, and included ports and such. Neither Syngress or Sybex covers the protocol #'s used in AH and ESP, and I did get a question that required you to know them (though it may be one of those ungraded questions). I had to google to get a difinitive answer on this.
By the way, this may be splitting simantecs but I feel it could be important. ESP and AH use IP Protocols 50 and 51 respectively, not ports. Ports are used in IP protocols UDP and TCP. -
Webmaster Admin Posts: 10,292 AdminDanman32 wrote:By the way, this may be splitting simantecs but I feel it could be important. ESP and AH use IP Protocols 50 and 51 respectively, not ports. Ports are used in IP protocols UDP and TCP.
Part of the reason we wanted to cover IPSec well is that truly is a great protocol, but, and the same goes for SSL, I also found I got presented with some pretty detailed questions (almost in contrary to the rest of the exam) regarding those topics.
Also, based on the passing score, nr of questions, and "I passed"-scores, I'm pretty sure there are no unscored items.
Thanks for the feedback! -
frank3969 Member Posts: 2 ■□□□□□□□□□If you can add something into the notes of the topic, this would be really great.
...
Answer - UDP port 88 and TCP port 88 Kerberos traffic uses UDP/TCP protocol source and destination port 88.
http://technet.microsoft.com/en-us/library/8c6befda-a7c3-40bd-9760-f46255bc7077.aspx -
Webmaster Admin Posts: 10,292 AdminI appreciate the feedback, but be careful not to 'disclose' literally what was asked on 'your' exam. I base my TechNotes solely on the exam objectives, but on the other hand I'll gladly help to explain a topic you had on your exam and want to learn more about. And therefore appreciate feedback on my TechNotes. In this case, it's just a simple fact however (Isn't everything on a CompTIA exam? ) and although I'm obviously not consequent with it, I usually do add the ports for the protocols and service I describe, so I was kinda surprised to hear it's not in these TechNotes. It is however in the Well-known Ports quiz I wrote for the Security+ exam, so I'll expand the TechNotes accordingly.
My point is, and this goes for anyone and any of my notes, if you have something to suggest, don't tell me it's because you had it on your exam. Besides that I don't need that piece of info to determine whether something is within the scope of the exam/cert/my TechNotes, it kinda puts me in a position I don't what to be.
Anyway, thanks!
Johan -
bertieb Member Posts: 1,031 ■■■■■■□□□□These notes are great, really helps tie everything together from my other sources and cuts out the fluff.
I've not been here long, but I'm seriously impressed with these forums - the information is brilliant and everyone offers up really good, helpful advice.
Keep it upThe trouble with quotes on the internet is that you can never tell if they are genuine - Abraham Lincoln -
tnelson6429 Member Posts: 22 ■□□□□□□□□□THANK YOU!!!!!!!!!!!!!!!
Because of your details, coupled with the Sybex book I passed the 2nd time around. (I hadn't used them the 1st time around) You truly made an impact on my learning._________________
WIP: 6426A, 6421, 6425 all Server 2008 AD :study: -
pokey Member Posts: 1 ■□□□□□□□□□Is it just me.... or is anyone else having problems printing out the Security+ TechNotes with the "Printer-friendly" link? Whenever I try it, it gives me a "PAGE NOT FOUND" screen. Help!
Thanks and good luck to all!