Common knowledge points of CompTIA Security+ [Part 5]


#CompTIASecurity+ #firewall #proxy #protocol

SLA (Service Level Agreement): It defines a business agreement that provides customers with services and support.


BPA (Business Purchase Agreement): It defines how organizations will develop cooperative relations and an agreement on the expectations of each organization.


ISA (Interconnection Security Agreement): It is a commercial agreement dedicated to ensuring security between cooperative organizations.


MOU (Memorandum of Understanding): It is a non-legally binding commercial agreement that defines a common goal between cooperative entities that does not include direct monetary compensation.

ALE = ARO (Annualized Rate of Occurrence) x SLE (Single Loss Expectation)

SLE = AV (Asset Value) x EF (Exposure Factor)


RPO (Recovery Point Objective): The longest time an organization can afford to lose data unrecoverable.


RTO (Recovery Time Objective): The length of time to resume normal business operations and activities after an incident.


DRP (Disaster Recovery Plan): A strategy that describes and approves an organization's disaster recovery strategy.


BIA (Business Impact Analysis): A systematic activity used to identify organizational risks and determine the impact on ongoing mission-critical businesses and processes.


NDA (Non-Disclosure Agreement): It states that under the law, individuals cannot share certain sensitive information with outside parties.


PHI (Protected Health Information): It refers to any data collected by health care providers of health conditions, health care releases, or health care payments, and can be linked to individual data in view of US law.


SOP (Standard Operating Procedure): Standard Operating Procedure, which describes the standard operating procedures and requirements of an event in a unified format to guide and standardize daily work.


Smurf attack: It is a distributed denial-of-service attack in which a large number of Internet Control Message Protocol (ICMP) and the intended victim’s packet forgery source IP are broadcast to the IP broadcast address used by the computer network. By default, most devices on the network will respond to this by sending a reply to the source IP address. If the number of machines on the network receiving and responding to these packets is very large, the victim's computer will be full of traffic. This may make the victim's computer slow and unable to continue working.


Bluesnarfing: It is the unauthorized access of information from wireless devices via Bluetooth connections, usually between mobile phones, desktops, laptops, and PDAs.


Bluetooth hijacking: It refers to a tool that forcibly sends information to other devices via Bluetooth. It will first scan the Bluetooth-enabled devices and list related device information. For devices that turn on Bluetooth and set visible devices, you can send pre-set text, business cards, or pictures, and can be automatically sent at a certain time interval.


DNS poisoning: It is used to redirect users to fake pages managed by attackers.


DHCP exhaustion attack: It is carried out by using forged MAC addresses to broadcast DHCP requests. This can be easily caused by using attack tools such as gobbler. If enough requests are issued, a network attacker can exhaust the address space provided to the DHCP server within a period of time. As a result, when a legitimate user requests a DHCP IP address, they will also be rejected and therefore cannot access the network. DHCP exhaustion can be a pure denial of service (DoS) mechanism, or it can be used in conjunction with malicious forgery server attacks to forward information to malicious computers that are ready to intercept some information.


Dynamic Host Setting Protocol DHCP: It is a network protocol of a local area network. It works with UDP protocol. It has two main purposes: the first is for the internal network or network service providers to automatically assign IP addresses; the second is for users to use the intranet administrator as a means of central management of all computers.


DoS: It is the abbreviation of Denial of Service. Attacks that cause DoS are called DoS attacks, and their purpose is to make computers or networks unable to provide normal services. The most common DoS attacks are computer network bandwidth attacks and connectivity attacks.


DDOS (Distributed Denial Service): It is a large-scale and large-scale attack mode based on DOS. DOS is only an attack mode between stand-alone and stand-alone machines, while DDOS uses a batch of controlled zombie hosts to attack a server. The attack intensity and threat caused by the host is much more serious and more destructive than DOS.


Worm virus: It is a common computer virus. It uses the Internet to copy and spread, and the way of transmission is through the Internet and e-mail.


Logic bomb: The symptoms when it is triggered are similar to the effects of certain viruses, and will cause cascading disasters to society. Compared with viruses, it emphasizes the destructive effect itself, and the program that implements the destruction is not contagious. A logic bomb is a program, or any part of a program, which is hibernation until the program logic of a specific work is activated.


SYN flood: SYN flood is a denial of service attack, caused by the attacker sending a series of SYN requests to the target system. While the server is waiting for the final ACK packet that never arrives, the attacker continues to send more SYN packets. The arrival of each new SYN packet causes the server to temporarily maintain a new open port connection for a period of time. Once all available ports are used, the server cannot work normally.


NFC: It is short-range wireless communication. Simply put, the NFC function can turn a mobile phone into a bus card. The card is close to the mobile phone and can be inquired or recharged.


Common Knowledge Points of CompTIA Security+ [Part 1]

Common Knowledge Points of CompTIA Security+ [Part 2]

Common Knowledge Points of CompTIA Security+ [Part 3]

Common Knowledge Points of CompTIA Security+ [Part 4]

About

Launched in 2016 as 591Lab International and locally in China known as “WUQIUYAO Tech. Ltd” we are committed to offering our clients excellent experience on ISACA, PMI, Cisco and Huawei examination preparatory services. We focus strongly on popular exams, and exam preparations services. We provide our customers with the complete training needed to earn the best scores for their respective Management and IT career certifications. We have a huge list of satisfied customers with top grades to back up all the claims we make.

Quick Links

Contact

This material is not sponsored by, endorsed by, or affiliated with Cisco Systems, Inc & Huawei Technologies Co., Ltd. Cisco Certified Internetworking Engineer, the Cisco Systems logo and the CCIE™ logo are trademarks or registered trademarks of Cisco Systems, Inc. in the United States and certain other countries.Huawei Certified Internetwork Expert, the Huawei logo and the HCIE™ logo are trademarks or registered trademarks of Huawei Technologies Co., Ltd . in China and certain other countries All other trademarks are trademarks of their respective owners. 

© Copyright 591Lab 2020. All Rights Reserved.