CompTIA Security+ SY0-601备考笔记(英文笔记)

**引言:**这是一篇完全基于Mike Chapple在In Learning上发布的视频课的笔记,本篇即第一节课的笔记记录,主要是对于考试内容,考试规则的一些介绍。对于部分第一次出现的专业名词,例如propagation mechanism(传播机制), payload(有效载荷), vulnerability(漏洞)等,使用了中文标注释义便于对照记忆,但是由于SY0-601采用了纯英文考试形式,所以应当放弃Google translate以及视频中的中文字幕,使用纯英文学习。Take pains, and be perfect!

推荐工具:

  1. DAVID SEIDL - COMPTIA SECURITY+ PRACTICE TESTS
  2. Mike Chapple, David Seidl - CompTIA Security+ Study Guide
  3. https://www.oxfordlearnersdictionaries.com/

Q:为什么没有更新白帽子讲Web安全的笔记?
A:一直都在看这本书,但是其中内容较为浓缩,涉及对于网络协议、JavaScript、溢出、SQL、不同种类攻击的理解,每学一点都要查阅大量资料,笔记目前看来非常不完善、逻辑较为混乱、内容质量较低,故打算日后一并更新。

Security+ exam introduction

  • Duration: 90mins

  • Examine content:

    • attacks, threat, vulnerabilities(漏洞);

      account for 24% ;

      8 objectives

      • Compare and contrast social engineering tech:Spam(邮件诈骗)、fishing attacks

      • Determine the type of attack(malware(恶意软件):

        Need to understand the propagation(传播) methods;

        Need to understand payloads(有效载荷,即核心恶意代码) used by various types of malicious code

        • Viruses: spread through human action;

        • Worms: spread by themselves;

        • Trojan Horses: pose as beneficial software

        • etc.

      • Analyze application attacks

        Analyze indicators associated with application attacks when I am given a scenario.

        Need to understand injection, XSS attacks, directory to reversal(目录遍历), buffer overflows(缓冲区溢出), request forgery(Cross-Site Request Forgery 跨站请求伪造,CSRF)

      • Analyze network attacks

        Analyze how to dive into the indicators associated with network attacks.

        Need to understand network attacks:

        • Man in the middle

        • Man in the browser

        • Domain Name System(DNS) related attacks

        • DDoS

        • Layer2

      • Explain threat actors, vectors, and intelligence(情报,即CIA的I) source

        • Script kiddies

        • Hacktivists

        • Organized crime

        • Nation-state

        • Insiders

        • Competitors

      • Types of vulnerabilities

        • weak configuration

        • Third-party risks

        • Improper patch management

        • Legacy platform

      • Understand Security assessment techniques

        • Threat hunting

        • Security information and event management systems

        • Vulnerability scanning

          include credentialed scan,none-credentialed, intrusive scan, none-intrusive scan.

      • Explain the proper use of penetration testing 渗透测试

        • Active reconnaissance (侦察)

        • passive reconnaissance

        • pivoting 中转攻击

        • escalation of privilege

        • Understand differences between

          • Black box

          • White box

          • Grey box

    • Architecture and design;

      account for 21%; 8 objectives

      • Explain enterprise security concepts.

        • Configuration management

        • Data sovereignty(主权)

        • site resiliency

        • deception (欺骗技术,例如诱饵系统、蜜罐)and disruption (干扰技术)tech

      • Summarize the virtualization and cloud computing concepts

        • Hypervisor types

        • VM sprawl and VM escape avoidance

        • Cloud computing tech

        • Deployment models

      • Summarize secure application development and deployment concepts

        • Development lifecycle models

        • Secure DevOps environment

        • Version control

        • Change management

        • Understand secure provisoning and de-provisioning of resources

        • Secure coding tech and code quality assurance

      • Summarize authentication and authorization design concepts

        • Authentication techs

          • The use of biometrics

          • Deploying mutifactor authentication

      • How cybersecurity resilience strategies reduce risk

        • The use of security controls to increase:

          • Elasticity

          • Scalability

          • Redundancy (冗余)

          • Fault tolerance

          • High availability

        • Importance of protecting discs, power, network

        • Replicating data across different geographical sites

        • Use of offsite backup techs

      • Explain the security implications of embedded and specialized systems

        • Security associated with industrial control systems

        • Smart devices, cameras, medical devices

        • Network segmentation, security layers, application firewalls, control redundancy and diversity

      • Physical security issues and how they related to Information security

        From control environment to fire exstinguisher

      • Summarize the basics of crytography

        • Understand encryption and decryption

        • Understand digital signatures

        • The use of symmetrical and asymmetrical encryption algorithm(对称和不对称加密算法)

        • Public key and private key

    • implementation(部署实现);

      account for 25%;

      9 objectives;

      • Able to implement secure protocols and services in a given scenario

        • Learn many acronyms of security tech(缩写)

          such as DNS, IPsec, HTTPS, TLS, SFTP, SMNP

        • Common network ports required to create firewall rules

      • Implement host or application security solutions in different scenarios

        • Endpoint protection techs

        • Database security

        • Application security techs

        • System hardening

        • Use of hardware security tools

          • Self-encrypting drives

          • Trusted platform modules

          • Hardware root of trust

      • Implement secure network designs (wired and wireless)

        • Learn about firewalls, routers, switches, proxies, VPN concentrators, etc.
      • Implement secure mobile solutions

      • Apply cybersecurity solutions into the Cloud

        • Cloud access security brokers (CASBs)

        • Secure web gateways

        • Firewalls

      • Implement identity and account management controls

    • Operations and incident response;

      account for 16%

      • Use approperiate tools to assess organizational security

      • Follow incident response procedures

      • Utilize appropriate data sources for an investigation

      • Basic forensic procedures

    • Governance(治理), risk, and compliance(合规性).

      Account for 14%;

      5 objectives;

      • How to compare and contrast security controls

      • Explain the importance of applicable regulations, standards or frameworks

      • Policies related to organizational security

      • Explain risk management processes and concepts

      • Explain privacy and sensitive data concepts

  • Type of questions:

    • multiple choice questions : 1 correct answer in 4 possible answers.

    • performance based questions: manipulate(操纵) objects on the screen.

  • Passing:

    • 900 out of 900, 750 passing
  • Other learning sources

  • 0
    点赞
  • 6
    收藏
    觉得还不错? 一键收藏
  • 1
    评论
### 回答1: CompTIA Security+ 601题库中包含大约90道题目,主要涵盖网络安全、加密技术、身份认证和访问控制、安全风险管理等方面的内容。这些内容都是职业IT人士应该掌握的基本知识点。 题目的种类包括单项选择题、多项选择题、填空题和实际案例分析题等。这些题目分的难度也不同,有的是非常基础的概念题,有的则涉及到具体的技术细节和复杂的安全防御措施。 作为一位想要在网络安全领域发展的职业IT人士,掌握CompTIA Security+ 601题库中的知识点是非常重要的。这些知识点可以帮助您了解各种网络安全威胁,以及如何制定和实施相应的安全策略和措施。 考试通过后,能够得到CompTIA Security+认证,这是一项被广泛认可的证书,在就业市场上会给您带来更多的机会。同时,这也是一项不断更新的考试,通过参加考试能够不断增强您的知识和技能,以及跟上网络安全技术的进展,提高您的竞争力和职业发展的倾向。 ### 回答2: CompTIA Security+ 601是一份网络安全证书,可以帮助个人和组织拥有相关技能和知识,以保护其网络免受各种威胁。该证书涵盖了网络安全的各个方面,包括网络攻击、漏洞、数据泄露、恶意软件等。 CompTIA Security+ 601考试考核的内容包括网络安全的基础知识、网络攻击和防御、身份验证和访问控制、加密技术和公钥基础设施、安全运维以及安全与合规等话题。该考试还包含实践性任务和情境问题,以便测评考生的解决问题能力。 通过CompTIA Security+ 601证书考试获得证书可以证明持有者具有网络安全的实际技能和知识,增强个人或组织的信誉度。此外,该证书还可以帮助个人获得更好的工作机会和更高的薪资待遇。 最后,CompTIA Security+ 601考试是一项要求考生必须精通网络安全知识的证书,考生需要通过扎实的学习和实际操作来掌握相关技能,以提高其网络安全能力。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值