CompTIA A+ Core 2 | Domain 7: Security (28%) | Reading

CompTIA A+ Core 2 | Domain 7: Security (28%) | Reading

 


 

7.1 Security Fundamentals

 

What is Security?

Security protects:

  • Systems
  • Networks
  • Data
    from unauthorized access, damage, or theft.

 

CIA Triad (FOUNDATIONAL CONCEPT)

Principle

Description

Confidentiality

Data is private

Integrity

Data is not altered

Availability

Data is accessible

 

 


 

7.2 Types of Threats & Malware

 

Malware Types (MEMORIZE)

 

Virus

  • Attaches to files
  • Spreads when executed

 

Worm

  • Self-replicates across networks
  • No user action needed

 

Trojan

  • Disguised as legitimate software

 

 Ransomware

  • Locks data until payment

 

Spyware

  • Tracks user activity

 

Keylogger

  • Records keystrokes

 

Rootkit

  • Hides deep in OS

 


 

7.3 Social Engineering Attacks

 

Common Attacks

 

Phishing

  • Fake emails to steal data

 

Spear Phishing

  • Targeted phishing attack

 

 Impersonation

  • Pretending to be trusted person

 

Vishing

  • Voice phishing (phone calls)

 

Smishing

  • SMS phishing

 

Baiting

  • Leaving infected USB drives

 

Prevention:

  • Verify identity
  • Avoid suspicious links
  • User education

 

 


 

7.4 Authentication & Access Control

 

Authentication Factors

Type

Example

Something you know

Password

Something you have

Token

Something you are

Fingerprint

 

MFA (Multi-Factor Authentication)

  • Uses 2+ factors
  • Stronger security

 

Access Control Models

Model

Description

Least Privilege

Minimum access needed

Role-Based (RBAC)

Based on job role

 

 


 

7.5 Wireless Security

 

Encryption Types

Type

Security Level

WEP

Weak ❌

WPA

Better

WPA2

Strong ✅

WPA3

Strongest ✅

 

Best Practices:

  • Change default SSID
  • Use strong passwords
  • Disable SSID broadcast (optional)

 


 

7.6 Mobile Device Security

 

Key Features:

  • Screen lock
  • Biometrics
  • Remote wipe

 

Mobile Risks:

  • Lost/stolen devices
  • Unsecured apps

 

Protection:

  • Enable encryption
  • Use MDM (Mobile Device Management)

 


 

7.7 Physical Security

 

Controls:

  • Locks
  • Security cameras
  • Badge systems
  • Biometrics

 

Threats:

  • Tailgating
  • Theft

 


 

7.8 Data Security

 

Encryption

  • Protects data from unauthorized access

 

Data Types:

  • Data at rest
  • Data in transit
  • Data in use

 

Backup Methods:

Type

Description

Full

All data

Incremental

Changes since last backup

Differential

Changes since last full backup

 

 


 

7.9 Security Tools

 

Common Tools

Tool

Function

Antivirus

Detect/remove malware

Firewall

Filter traffic

Anti-malware

Advanced protection

 

OS Security Tools:

  • Windows Defender
  • BitLocker (encryption)

 


 

7.10 Password Security

 

Strong Password Rules:

  • 12+ characters
  • Mix of:
    • Uppercase
    • Lowercase
    • Numbers
    • Symbols

Weak Practices:

  • Reusing passwords
  • Sharing credentials

 

Best Practices:

  • Use password manager
  • Enable MFA

 


 

7.11 Security Best Practices

✔ Keep systems updated
✔ Install antivirus
✔ Use strong passwords
✔ Backup data regularly
✔ Educate users

 


 

7.12 Incident Response (EXAM IMPORTANT)

 

Steps:

  1. Identify incident
  2. Contain threat
  3. Eradicate threat
  4. Recover systems
  5. Document

 


 

7.13 Malware Removal Process

 

Steps:

  1. Identify malware
    2. Quarantine system
    3. Remove malware
    4. Update system
    5. Educate user

 


 

 7.14 Security Troubleshooting

 

Common Issues

 

 Slow System

  • Malware infection

 

Locked Account

  • Too many login attempts

 

 Unauthorized Access

  • Weak password

 

Infected System

  • Pop-ups, unknown apps

 


Videos: Security

2.1 – Security Measures

Physical Security title slide

Information technology includes important physical security controls. In this video, you’ll learn about barricades, access control vestibules, badge readers, video surveillance, and more.

Physical Access Security title slide

Most organizations will use many different methods of providing physical access. In this video, you’ll learn about key fobs, smart cards, mobile digital keys, biometrics, and more.

Logical Security title slide

We rely on many different logical security methods to protect our systems. In this video, you’ll learn about least privilege, access control lists (ACLs), zero trust, multifactor authentication, and more.

Authentication and Access title slide

The authentication process is critical for maintaining the security of our data. In this video, you’ll learn about security assertion markup language (SAML), single sign-on (SSO), just-in-time access, mobile device management (MDM), and more.

2.2 – Windows Security

Defender Antivirus title slide

Defender Antivirus is a fully-featured anti-virus application included with the Windows operating system. In this video, you’ll learn how to activate and deactivate Defender and how to keep the Defender signatures updated.

Windows Firewall title slide

The Windows Firewall provides built-in security technology to prevent any unwanted connections. In this video, you’ll learn how to enable and disable Windows Firewall, important configuration options, and additional firewall settings.

Windows Security Settings title slide

Windows includes a number of important security features. In this video, you’ll learn about Windows authentication, users and groups, login options, passwordless authentication, NTFS vs. Share permissions, and more.

Active Directory title slide

Active Directory is the foundation of most business networks. In this video, you’ll learn about Active Directory services, adding a device to a Windows Domain, adding Group Policies, configuring folder redirection, and more.

2.3 – Wireless Security

Wireless Encryption title slide

Our 802.11 wireless network standards include numerous security features. In this video, you’ll learn about wireless authentication, WPA2, WPA3, and AES encryption.

Authentication Methods title slide

Our enterprise networks can choose from many different authentication standards. In this video, you’ll learn about RADIUS (Remote Authentication Dial-in User Service), TACACS (Terminal Access Controller Access-Control System), and Kerberos.

2.4 – Malware

Malware title slide

Malware can be a significant security issue for any network. In this video, you’ll learn about trojan horses, rootkits, spyware, keyloggers, ransomware, and more.

Anti-malware Tools title slide

Security professionals have many tools available to combat malware. In this video, you’ll learn about the Windows Recovery Environment (WinRE), Endpoint Detection and Response (EDR), email gateways, software firewalls, and more.

2.5 – Social Engineering

Social Engineering title slide

Social Engineering can take many different forms. In this video, you’ll learn about phishing, shoulder surfing, tailgating, impersonation, and more.

Denial of Service title slide

A denial of service can cause significant outages and downtime. In this video, you’ll learn about denial of service attacks and distributed denial of service attacks.

On-Path Attacks title slide

Attackers have many different techniques to gain unauthorized access to information. In this video, you’ll learn about on-path attacks, ARP poisoning, and wireless evil twins.

Zero-Day Attacks title slide

A zero-day attack takes advantage of a previously-unknown vulnerability. In this video, you’ll learn about zero-day attacks and how organizations can react to a zero-day vulnerability.

Password Attacks title slide

Our passwords are often the only protection our applications have from an attacker. In this video, you’ll learn about password hashing, brute force attacks, and dictionary attacks.

Insider Threats title slide

Internal employees and contractors can be a significant threat to an organization’s security. In this video, you’ll learn how attackers take advantage of insider threats and ways to protect against this attack type.

SQL Injection Attacks title slide

A SQL injection can provide an attacker with access to everything in your database. In this video, you’ll learn how a SQL injection is constructed and you’ll see a live demonstration of a SQL injection on a vulnerable application.

Cross-site Scripting title slide

A cross-site scripting attack takes advantage of the trust associated with our browser. In this video, you’ll learn how a cross-site scripting attack can be carried out and you’ll see a live demonstration of an XSS attack against a vulnerable application.

Business Email Compromise title slide

A business email compromise is a challenging social engineering attack to protect against. In this video, you’ll learn how a BEC attack can be carried out and how to prevent a compromise from occurring.

Supply Chain Attacks title slide

A supply chain attack takes advantage of the trust we have for our vendors and partners. In this video, you’ll learn about identifying and preventing supply chain attacks from our service providers, hardware providers, and software providers.

Security Vulnerabilities title slide

Protecting against vulnerabilities is a constant challenge. In this video, you’ll learn about standard operating environments (SOE), unpatched systems, end of service life (EOSL), and more.

2.6 – Malware Removal

Removing Malware title slide

There are times when removing malware may be the best option available. In this video, you’ll learn about identifying malware, quarantining systems, remediating the malware, and other malware removal options.

2.7 – Security Best Practices

Security Best Practices title slide

It’s important to always follow best practices when securing a network. In this video, you’ll learn about data encryption options, password complexity, account disabling, locking the desktop, and much more.

2.8 – Mobile Device Security

Mobile Device Security title slide

Mobile device security includes a number of best practices specific to these unique platforms. In this video, you’ll learn about full device encryption, screen locks, configuration profiles, remote wipe, and more.

2.9 – Data Destruction

Data Destruction title slide

There may be circumstances where the destruction of a storage device is the best way to keep the data safe. In this video, you’ll learn about physical destruction options, formatting best practices, and the importance of a certificate of destruction.

2.10 – SOHO Networks

Securing a SOHO Network title slide

The security concerns of a SOHO (small office home office) network are very similar to those of a large corporate network. In this video, you’ll learn about default passwords, IP filtering, firmware updates, content filtering, and much more.

2.11 – Browser Security

Browser Security title slide

A browser is one of the most important application environments. In this video, you’ll learn about hash verification, browser patching, secure extensions, password managers, and more.

7.15 Exam Tips (CRITICAL)

✔ Memorize malware types
✔ Know social engineering attacks
✔ Understand MFA & authentication
✔ Know encryption basics
✔ Practice incident response steps

 


 

Quick Knowledge Check

 

  1. What does ransomware do?
    A. Speeds up PC
    B. Locks data
    C. Deletes OS
    D. Tracks location
  2. Phishing is what type of attack?
    A. Hardware
    B. Social engineering
    C. Physical
    D. Network
  3. Strongest wireless security?
    A. WEP
    B. WPA
    C. WPA2
    D. WPA3
  4. What is MFA?
    A. Multiple files
    B. Multi-factor authentication
    C. Memory function
    D. Firewall type
  5. What does firewall do?
    A. Store data
    B. Filter traffic
    C. Encrypt files
    D. Run apps

 


 

 Answers: 1-B, 2-B, 3-D, 4-B, 5-B