Please enable JavaScript.
Coggle requires JavaScript to display documents.
Security+ - Coggle Diagram
Security+
Security operations
common security techniques to
computing resources
security implications of proper hardware,
software and data asset management
activities associated with
vulnerability management
security alerting + monitoring concepts + tools
enterprise capabilities to
enhance security
implement and maintain
identity and access management
automation and orchestration
incident response activities
data sources to support investigation
Management and oversight
effective security governance
risk management process
processes - 3-party risk assessment
and management
effective security compliance
types and purposes of audits
and assessments
Threats, vulnerabilities and mitigations
threat actors and motivations
threat actors
attributes of actors
motivation
threat vectors and attack surfaces
(thuật toán đe doạ và môi trường tấn công)
technical
Message-based (email, SMS, IM)
Image-based
File-based
Voice call
human (social engineering)
Phising, vishing, smishing, misinformation/disinformation,
impersonation/ brand impersonation, pretexting, business email compromise, watering hole, typosquatting (URL hijacking)
attack surfaces
removable device
vulnerable software
unsupported systems and applications
unsecure networks
open service ports
default credentials
supply chain (MSPs, vendors, suppiers)
types of vulnerabilities
vulnerabilities
Zero-day
Mobile device (side loading and jailbreaking)
side loading: install applications that don't appear on Application Store
jailbreaking (the same as root): supper user, can modify anything
Misconfiguration
Cryptographic
Supply chain
Cloud-specific
Virtualization
Hardware
web-based (SQLi, XSS)
OS - based
application (memory injection, buffer overflow, race conditions)
scenario - indicators of malicious activity.
malware attack
physical attacks
network attacks
application attacks
cryptographic attacks
password attacks
indicators
mitigation techniques
Segmentation
access control
application allow list
isolation
patching
encryption
monitoring
least privilege
config enforcement
decommissioning
hardening techniques
Security architecture
security implications of
different architecture models
security principles to
secure enterprise infrastructure
concepts and strategies
to protect data
resilience and recovery
in security architecture
General concepts
Types of security controls
Categories
Control types
Security concepts
CIA and non-repudiation
Authentication people
Authenticating systems
Authorization models
Gap analysis: compare the current state of
system with the desired state
Step 1: Define the desired state and understand the current state
Step 2: Compare the differences
Step 3: Action plan
Zero Trust
Physical security
Deception and disruption technology
Honeypot | honeynet | honeytoken
Change management processes
Business processes impacting security operation
Technical implications
Documentation and version control
Cryptographic solutions
PKI
Public key | Private Key | Key Escrow
Key components: Certificate authority (CA) | registration authority (RA) | certificate database | central directory | certificate management system | certificate policy
Encryption
Level
File
Volume
Database
Partition
Record
Full-disk
Transport/communication
asymmetric
symmetric
key exchange
algorithms
key length
Tools
Trusted platform module (TPM)
Hardware security module (HSM)
Secure enclave
Obfuscation (Steganography, tokenization, data masking)
Hashing, salting, digital signatures, key stretching
blockchain, open public ledger
Certificates