CompTIA Security+ (SY0-061)

Jetzt loslegen. Gratis!
oder registrieren mit Ihrer E-Mail-Adresse
CompTIA Security+ (SY0-061) von Mind Map: CompTIA Security+ (SY0-061)

1. Risk Management

1.1. Risk Management Concepts

1.1.1. Risk Vector Definition The specific trick or method they use to break into a computer system or network Mission-Critical IT systems Payment processing Human resources Emergency systems Sensitive data Do we know what we have and where it is? 3rd Party Access Contractors

1.1.2. Physical Risk Vectors Access control vestibules (Mantraps) Server Room Access Limit USB bootable devices

1.1.3. Risk Management Frameworks (RMFs) Definition a guidebook that businesses use to identify/manage risk Center for internet Security (CIS) Publishes CyberSecurity best practices NIST Risk Management Framework (RMF)/ CyberSecurity Framework (CSF) CyberSecurity Risk Management Lifecycle International Organization for Standardization/Interneral Electrotechnical Commision (ISO/IEC) 27001/27002/27701/31000 IT system and informaton security NIST Special Publication (SP) 800-30, Rev.1 Guide for Conducting Risk Assessments

1.1.4. Finanacial RMFs Statment on Standards for Attestation Engagements System and Organization Controls (SSAE SOC2) Financial Statment integrity Internal Controls Type I and Type II

1.1.5. Data privacy Regualtaions and Standards Genderal Data Protection Rtulation (GDPR) Protects EU citizens private data Health Insuracne Protability and Accountability Act (HIPAA) Protects American patient medical information Payment Card Industy Data Security Standard (PCI DSS) Protects cardholder information

1.1.6. Types of Security Policies Acceptable use policy (AUP) E-mail, social media, Web browsing Resource access policies App or file access Account policies Account hardening Data retention policies Often dictated by regulations Change Control policies Access management policies

1.2. Security Controls

1.2.1. Security Controls Solution that mitigates threat Malware scanner mitigates malware infractions Implemented differently based on platfrom/vendor/user Network infrastructure devices

1.2.2. Security Control Categories Managerial/administrative What should be done? Employee background checks Operational How often must we do it? Periodic review of security policies Technical How exactly will we do it? Firewall rule confiugration Physical Access control vestibule (ManTrap) Detective Log analysis Corrective Patching known vulnerabilities Derrent Device logon warning banners Compensating Alternative choice Security Control

1.2.3. Cloud Security Control Documents Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM)

1.2.4. Security Control Documents Payment Card Industry Data Secuity Standard (PCI DSS) Security controls must be in place to be compliant

1.2.5. Risk Example Risk Theft of online banking credentals Attack Vector Spoofed email message with link to spoofed web site tricking an end user Mitigation trhough Security controls User secuity awareness Antvirus Software Spam Filters