CompTIA Network+ & Security+ Bundle

Network+ Outline

1.0 NETWORKING CONCEPTS

Explain the purposes and uses of ports and protocols.

• Protocols and ports
• Protocol types
• Connection-oriented vs. connectionless

Explain devices, applications, protocols and services at their appropriate OSI layers.

• Layer 1 - Physical
• Layer 2 - Data link
• Layer 3 - Network
• Layer 4 - Transport
• Layer 5 - Session
• Layer 6 - Presentation
• Layer 7 - Application

Explain the concepts and characteristics of routing and switching.

• Properties of network traffic
• Segmentation and interface properties
• Routing
• IPv6 concepts
• Performance concepts
• NAT/PAT
• Port forwarding
• Access control list
• Distributed switching
• Packet-switched vs. circuit-switched network
• Software-defined networking

Given a scenario, configure the appropriate IP addressing components.

• Private vs. public
• Loopback and reserved
• Default gateway
• Virtual IP
• Subnet mask
• Subnetting
• Address assignments

Compare and contrast the characteristics of network topologies, types and technologies.

• Wired topologies
• Wireless topologies
• Types
• Technologies that facilitate the Internet of Things (IoT)

Given a scenario, implement the appropriate wireless technologies and configurations.

• 802.11 standards
• Cellular
• Frequencies
• Speed and distance requirements
• Channel bandwidth
• Channel bonding
• MIMO/MU-MIMO
• Unidirectional/omnidirectional
• Site surveys

Summarize cloud concepts and their purposes.

• Types of services
• Cloud delivery models
• Connectivity methods
• Security implications/considerations
• Relationship between local and cloud resources

Explain the functions of network services.

• DNS service
• DHCP service
• NTP
• IPAM

2.0 INFRASTRUCTURE

Given a scenario, deploy the appropriate cabling solution.

• Media types
• Plenum vs. PVC
• Connector types
• Transceivers
• Termination points
• Copper cable standards
• Copper termination standards
• Ethernet deployment standards

Given a scenario, determine the appropriate placement of networking devices on a network and install/configure them.

• Firewall
• Router
• Switch
• Hub
• Bridge
• Modems
• Wireless access point
• Media converter
• Wireless range extender
• VoIP endpoint

Explain the purposes and use cases for advanced networking devices.

• Multilayer switch
• Wireless controller
• Load balancer
• IDS/IPS
• Proxy server
• VPN concentrator
• AAA/RADIUS server
• UTM appliance
• NGFW/Layer 7 firewall
• VoIP PBX
• VoIP gateway
• Content filter

Explain the purposes of virtualization and network storage technologies.

• Virtual networking components
• Network storage types
• Connection type
• Jumbo frame

Compare and contrast WAN technologies.

• Service type
• Transmission mediums
• Characteristics of service
• Termination

3.0 NETWORK OPERATIONS

Given a scenario, use appropriate documentation and diagrams to manage the network.

• Diagram symbols
• Standard operating procedures / work instructions
• Logical vs. physical diagrams
• Rack diagrams
• Change management documentation
• Wiring and port locations
• IDF/MDF documentation
• Labeling
• Network configuration and performance baselines
• Inventory management

Compare and contrast business continuity and disaster recovery concepts.

• Availability concepts
• Recovery
• MTTR
• MTBF
• SLA requirements

Explain common scanning, monitoring and patching processes and summarize their expected outputs.

• Processes
• Event management
• SNMP monitors
• Metrics

Given a scenario, use remote access methods.

• VPN
• RDP
• SSH
• VNC
• Telnet
• HTTPS/management URL
• Remote file access
• Out-of-band management

Identify policies and best practices.

• Privileged user agreement
• Password policy
• On-boarding/off-boarding procedures
• Licensing restrictions
• International export controls
• Data loss prevention
• Remote access policies
• Incident response policies
• BYOD
• AUP
• NDA
• System life cycle
• Safety procedures and policies

4.0 NETWORK SECURITY

Summarize the purposes of physical security devices.

• Detection
• Prevention

Explain authentication and access controls.

• Authorization, authentication and accounting
• Multifactor authentication
• Access control

Given a scenario, secure a basic wireless network.

• WPA
• WPA2
• TKIP-RC4
• CCMP-AES
• Authentication and authorization
• Geofencing

Summarize common networking attacks.

• DoS
• Social engineering
• Insider threat
• Logic bomb
• Rogue access point
• Evil twin
• War-driving
• Phishing
• Ransomware
• DNS poisoning
• ARP poisoning
• Spoofing
• Deauthentication
• Brute force
• VLAN hopping
• Man-in-the-middle
• Exploits vs. vulnerabilities

Given a scenario, implement network device hardening.

• Changing default credentials
• Avoiding common passwords
• Upgrading firmware
• Patching and updates
• File hashing
• Disabling unnecessary services
• Using secure protocols
• Generating new keys
• Disabling unused ports

Explain common mitigation techniques and their purposes.

• Signature management
• Device hardening
• Change native VLAN
• Switch port protection
• Network segmentation
• Privileged user account
• File integrity monitoring
• Role separation
• Restricting access via ACLs
• Honeypot/honeynet
• Penetration testing

5.0 NETWORK TROUBLESHOOTING AND TOOLS

Explain the network troubleshooting methodology.

• Identify the problem
• Establish a theory of probable cause
• Test the theory to determine the cause
• Establish a plan of action to resolve the problem and identify potential effects
• Implement the solution or escalate as necessary
• Verify full system functionality and, if applicable, implement preventive measures
• Document findings, actions, and outcomes

Given a scenario, use the appropriate tool.

• Hardware tools
• Software tools

Given a scenario, troubleshoot common wired connectivity and performance issues.

• Attenuation
• Latency
• Jitter
• Crosstalk
• EMI
• Open/short
• Incorrect pin-out
• Incorrect cable type
• Bad port
• Transceiver mismatch
• TX/RX reverse
• Duplex/speed mismatch
• Damaged cables
• Bent pins
• Bottlenecks
• VLAN mismatch
• Network connection LED status indicators

Given a scenario, troubleshoot common wireless connectivity and performance issues.

• Reflection
• Refraction
• Absorption
• Latency
• Jitter
• Attenuation
• Incorrect antenna type
• Interference
• Incorrect antenna placement
• Channel overlap
• Overcapacity
• Distance limitations
• Frequency mismatch
• Wrong SSID
• Wrong passphrase
• Security type mismatch
• Power levels
• Signal-to-noise ratio

Given a scenario, troubleshoot common network service issues.

• Names not resolving
• Incorrect gateway
• Incorrect netmask
• Duplicate IP addresses
• Duplicate MAC addresses
• Expired IP address
• Rogue DHCP server
• Untrusted SSL certificate
• Incorrect time
• Exhausted DHCP scope
• Blocked TCP/UDP ports
• Incorrect host-based firewall settings
• Incorrect ACL settings
• Unresponsive service
• Hardware failure

Security+ Outline

1.0 THREATS, ATTACKS AND VULNERABILITIES

1.1 Given a scenario, analyze indicators of compromise and determine the type of malware.

• Viruses
• Crypto-malware
• Ransomware
• Worm
• Trojan
• Rootkit
• Keylogger
• Adware
• Spyware
• Bots
• RAT
• Logic bomb
• Backdoor

1.2 Compare and contrast types of attacks

• Social engineering
• Application/service attacks
• Wireless attacks
• Cryptographic attacks

1.3 Explain threat actor types and attributes.

• Types of actors
• Attributes of actors
• Use of open-source intelligence

1.4 Explain penetration testing concepts.

• Active reconnaissance
• Passive reconnaissance
• Pivot
• Initial exploitation
• Persistence
• Escalation of privilege
• Black box
• White box
• Gray box
• Penetration testing vs. vulnerability scanning

1.5 Explain vulnerability scanning concepts.

• Passively test security controls
• Identify vulnerability
• Identify lack of security controls
• Identify common misconfigurations
• Intrusive vs. non-intrusive
• Credentialed vs. non-credentialed
• False positive

1.6 Explain the impact associated with types of vulnerabilities.

• Race conditions
• Vulnerabilities
• Improper input handling
• Improper error handling
• Misconfiguration/weak configuration
• Default configuration
• Resource exhaustion
• Untrained users
• Improperly configured accounts
• Vulnerable business processes
• Weak cipher suites and implementations
• Memory/buffer vulnerability
• System sprawl/undocumented assets
• Architecture/design weaknesses
• New threats/zero day
• Improper certificate and key management

2.0 TECHNOLOGIES AND TOOLS

2.1 Install and configure network components, both hardware- and software-based, to support organizational security.

• Firewall
• VPN concentrator
• NIPS/NIDS
• Router
• Switch
• Proxy
• Load balancer
• Access point
• SIEM
• DLP
• NAC
• Mail gateway
• Bridge
• SSL/TLS accelerators
• SSL decryptors
• Media gateway
• Hardware security module

2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization.

• Protocol analyzer
• Network scanners
• Wireless scanners/cracker
• Password cracker
• Vulnerability scanner
• Configuration compliance scanner
• Exploitation frameworks
• Data sanitization tools
• Steganography tools
• Honeypot
• Backup utilities
• Banner grabbing
• Passive vs. active
• Command line tools

2.3 Given a scenario, troubleshoot common security issues.

• Unencrypted credentials/clear text
• Logs and events anomalies
• Permission issues
• Access violations
• Certificate issues
• Data exfiltration
• Misconfigured devices
• Weak security configurations
• Personnel issues
• Unauthorized software
• Baseline deviation
• License compliance violation (availability/integrity)
• Asset management
• Authentication issues

2.4 Given a scenario, analyze and interpret output from security technologies.

• HIDS/HIPS
• Antivirus
• File integrity check
• Host-based firewall
• Application whitelisting
• Removable media control
• Advanced malware tools
• Patch management tools
• UTM
• DLP
• Data execution prevention
• Web application firewall

2.5 Given a scenario, deploy mobile devices securely.

• Connection methods
• Mobile device management concepts
• Enforcement and monitoring
• Deployment models

2.6 Given a scenario, implement secure protocols.

• Protocols
• Use cases

3.0 ARCHITECTURE AND DESIGN

3.1 Explain use cases and purpose for frameworks, best practices and secure configuration guides.

• Industry-standard frameworks and reference architectures
• Benchmarks/secure configuration guides
• Defense-in-depth/layered security

3.2 Given a scenario, implement secure network architecture concepts.

• Zones/topologies
• Segregation/segmentation/isolation
• Tunneling/VPN
• Security device/technology placement
• SDN

3.3 Given a scenario, implement secure systems design.

• Hardware/firmware security
• Operating systems
• Peripherals

3.4 Explain the importance of secure staging deployment concepts.

• Sandboxing
• Environment
• Secure baseline
• Integrity measurement

3.5 Explain the security implications of embedded systems.

• SCADA/ICS
• Smart devices/IoT
• HVAC
• SoC
• RTOS
• Printers/MFDs
• Camera systems
• Special purpose

3.6 Summarize secure application development and deployment concepts.

• Development life-cycle models
• Secure DevOps
• Version control and change management
• Provisioning and deprovisioning
• Secure coding techniques
• Code quality and testing
• Compiled vs. runtime code

3.7 Summarize cloud and virtualization concepts.

• Hypervisor
• VM sprawl avoidance
• VM escape protection
• Cloud storage
• Cloud deployment models
• On-premise vs. hosted vs. cloud
• VDI/VDE
• Cloud access security broker
• Security as a Service

3.8 Explain how resiliency and automation strategies reduce risk.

• Automation/scripting
• Templates
• Master image
• Non-persistence
• Elasticity
• Scalability
• Distributive allocation
• Redundancy
• Fault tolerance
• High availability

3.9 Explain the importance of physical security controls.

• Lighting
• Signs
• Fencing/gate/cage
• Security guards
• Alarms
• Safe
• Secure cabinets/enclosures
• Protected distribution/Protected cabling
• Airgap
• Mantrap
• Faraday cage
• Lock types
• Biometrics
• Barricades/bollards
• Tokens/cards
• Environmental controls
• Cable locks
• Screen filters
• Cameras
• Motion detection
• Logs
• Infrared detection
• Key management

4.0 IDENTITY AND ACCESS MANAGEMENT

4.1 Compare and contrast identity and access management concepts

• Identification, authentication, authorization and accounting (AAA)
• Multifactor authentication
• Federation
• Single sign-on
• Transitive trust

4.2 Given a scenario, install and configure identity and access services.

• LDAP
• Kerberos
• TACACS+
• CHAP
• PAP
• MSCHAP
• RADIUS
• SAML
• OpenID Connect
• OAUTH
• Shibboleth
• Secure token
• NTLM

4.3 Given a scenario, implement identity and access management controls.

• Access control models
• Physical access control
• Biometric factors
• Tokens
• Certificate-based authentication
• File system security
• Database security

4.4 Given a scenario, differentiate common account management practices.

• Account types
• General Concepts
• Account policy enforcement

5.0 RISK MANAGEMENT

5.1 Explain the importance of policies, plans and procedures related to organizational security.

• Standard operating procedure
• Agreement types
• Personnel management
• General security policies

5.2 Summarize business impact analysis concepts.

• RTO/RPO
• MTBF
• MTTR
• Mission-essential functions
• Identification of critical systems
• Single point of failure
• Impact
• Privacy impact assessment
• Privacy threshold assessment

5.3 Explain risk management processes and concepts.

• Threat assessment
• Risk assessment
• Change management

5.4 Given a scenario, follow incident response procedures.

• Incident response plan
• Incident response process

5.5 Summarize basic concepts of forensics.

• Order of volatility
• Chain of custody
• Legal hold
• Data acquisition
• Preservation
• Recovery
• Strategic intelligence/counterintelligence gathering
• Track man-hours

5.6 Explain disaster recovery and continuity of operation concepts.

• Recovery sites
• Order of restoration
• Backup concepts
• Geographic considerations
• Continuity of operation planning

5.7 Compare and contrast various types of controls.

• Deterrent
• Preventive
• Detective
• Corrective
• Compensating
• Technical
• Administrative
• Physical

5.8 Given a scenario, carry out data security and privacy practices.

• Data destruction and media sanitization
• Data sensitivity labeling and handling
• Data roles
• Data retention
• Legal and compliance

6.0 CRYPTOGRAPHY AND PKI

6.1 Compare and contrast basic concepts of cryptography.

• Symmetric algorithms
• Modes of operation
• Asymmetric algorithms
• Hashing
• Salt, IV, nonce
• Elliptic curve
• Weak/deprecated algorithms
• Key exchange
• Digital signatures
• Diffusion
• Confusion
• Collision
• Steganography
• Obfuscation
• Stream vs. block
• Key strength
• Session keys
• Ephemeral key
• Secret algorithm
• Data-in-transit
• Data-at-rest
• Data-in-use
• Random/pseudo-random number generation
• Key stretching
• Implementation vs. algorithm selection
• Perfect forward secrecy
• Security through obscurity
• Common use cases

6.2 Explain cryptography algorithms and their basic characteristics.

• Symmetric algorithms
• Cipher modes
• Asymmetric algorithms
• Hashing algorithms
• Key stretching algorithms
• Obfuscation

6.3 Given a scenario, install and configure wireless security settings.

• Cryptographic protocols
• Authentication protocols
• Methods

6.4 Given a scenario, implement public key infrastructure.

• Components
• Concepts
• Types of certificates
• Certificate formats