Please enable JavaScript.
Coggle requires JavaScript to display documents.
SCOR-350-701 General Knowledge - Coggle Diagram
SCOR-350-701 General Knowledge
Security Concepts
Assets
Classification
Security Design Factors
Govenrment Classifications
Private-Sector Classifications
Criteria
Roles
Vulnerabilities
Countermeasures
Security Guarantees
Confidentiality
Encryption
Integrity
Cryptography - SHA 1 / 2
Availability
Fault Tolerence
Redundancy
Backups
Common Attacks
TCP/IP
Legacy TCP/IP
IP
MITM
Session Hijacking
Ip Address Spoofing
Dos / DDoS
Resource Exhaustion
ICMP
Reconnasaince
IMCP Unreachables
IMCP Mask Reply
ICMP redirects
ICMp Router Discovery
Fire walk / traceroute
ICMP Tunnelling
ICMP OS Fingerprinting
DoS
ICMP Flood
Smurf Attack
TCP
TCP SYN
Session Hijacking
Blind Spoofing
Non Blind Spoofing
TCP Reset
UDP
Checksum
No Sender Guarantee
SQL DoS
Resource Exhaustion
Attack Surface/Vectors
Reconnaissance
Access
MIM
Reflection and Amplicification
Spoofing
DHCP
DoS and DDoS
Network Application
Password Attacks
Brute Force
Dictionary
Password Guessing
Phishing
Tools
Cain and Abel
John The Ripper
ophCrack
L0phtCrack
DNS
Open Resolvers
Fasl Flux
Double Flux
Domain Generation Algorithms
DNS Tunnelling
Web Based
HTTP 302 Cusioning
Command Injections
SQL Injections
XSS
Stored
Reflected
Email
Attachment
Email Spoofing
Spam
An Open mail relay
Homoglyphs
Endpoint
Buffer Overflow
Malware
Reconnaissance
Access and Control
Social Engineering
Spear phishing
Whaling
Pharming
Watering Hole
Vishing
Smishing
Web Based Attacks
Scheme
Authority
Path
Query
Fragment
Encoded Character Map
%3c = <
%20 = (a space character)
%22 = “
%3a = :
%27 = ‘
%2e = .
%2f = /
%3e = >
%5c = \
Exploit & Root Kits
Privilege Escalation
Post Exploitation Phase
Angler Exploit Kit
Network Security Technology
Network Segmentation
Enterprise Campus
Enterprise Internet Edge
Enterprise WAN Edge
Enterprise Core
Intranet Data Center
Virtualisation
VLAN
VRF
Attack Continuum Defense
Before
During
After
Threat Info Standardization
TAXII
Application Layer Protocol
STIX
Structured Threat Information Expression
Format for Sharing Threat Info
Threat Intelligence Director
IDP vs IPS
Traditional Firewall
Packet Source/Dest
IPS
Packet Inspection
IDS
Anomaly Detection
Rule Based Detection
Reptuation Based Detection
Next Gen Firewall
Granular App Visibility & Control
IPS
Reputation based filtering
Enforce AUP
SSL/TLS Decryption
User/Group based Policies
Real-time Contextual Awareness
Intelligent Security Automation
Cisco IOS Zone-Based Policy Firewall
Email Content Security
Email Security Pipeline
Connection Acceptance
SMTP Conversation
Message Acceptance
Filtering and Delivery
Features
Block Blended Attachs
Control/Encrypt Mail
Email Authentication
Rapid Spam Capture
Reputation based filtering
Antivirus Checks
New Outbreak Defence
Black Advanced real-time Malware
Web Content Security
Features
Advanced Malware Protection
Web Reputation Filters
App Visibility and Control
SSL/TLS decryption
Insightful reporting
Secure Mobility
Filtering
Web Request from user
Traffic Reaches Firewall
WCCP Redirect to WSA
WSA checks policy
WSA replies Allow/Deny
Reuest sent to Web Server
Web Server replies to WSA
WSA scans response
WSA checks policies
WSA forwards if permitted to user
Threat Analytics
A Dashboard
Network Traffic Behaviours
Machine Learning
Anomoly Detection
Data Security Breaches
DNS
Name Resolution to IP
Blocks Malicious IP's
AAA
Authentication
Identify Users
Login/Password
Challenge/Response
Message Support
Encryption (Some protocols)
Authorization
Post Authentication Privileges
Attributes
Database
RADIUS
TACACS+
Attribute Values
Local on Device
Not Scalable
Centralised
LDAP
Accounting
Tracks Individuals ACtivities
Billing
Auditing
Reporting
User Identities
Times
Commands Used
Protocols
TACACS+
TCP Port 49
Separates AAA Individually
Encrypts Entire Packet Body
Leaves TACACS+ header
RADIUS
RFC 2865
UDP Ports
Current
1812 for Authetication
1813 for Accounting
Legacy
1645 for Authentication
1646 for Accounting
Identity Access management
Contextual network Attributes
User
User Class
Device
Posture
Benefits of CNA
Accurate Identification
Easy Device Provisioning
Centralized Policy management
Flexible Integration
IAM Policy Decisions
Endpoint Access Attempt
User Authentication Challenge
Authorisation policy Selection
Posture Compliance Checks
Change of Authorisation if posture ok)
New Authorization Policy
Endpoint provided Authorisation
VPN
Deployment Model
Site-to-Site
Remote Access
VPN Thick Client
SSL-Enabled Broswer
Underlying Technology
IPsec
SSL VPN
MPLS VPN
CIA
Confidentiality
Integrity
Authentication
Device Form Factors
Cloud
Hardware
Virrtual
Concerns
Data Privacy
Deploying Cisco Security
ASA Firewall
Firewpower Next-Gen Firewall
Email Content Security
Cisco Umbrella
AMP for Endpoints
Stealthwatch
Web Content Security
VPN
Site to Site
Topologies
Technologies
Remote Access
Deployment modes
Clientless SSL VPN
Full Client SSL
Full Client IPsec
Technologies
SSL (TLS/DTLS)
IPsec