This chapter covers the first objective of Domain 4.0 Security Program Management and Oversight of the CompTIA Security+ 701 exam and will teach you how to fortify computing resources against relentless cyber threats.

Early sections will examine secure baselines, their deployment and maintenance methods, and review methods to harden our network devices against attacks. We’ll also consider the planning and installation of wireless networks and mobile device management, including different models and security methods, and explore the processes of effective application security, sandboxing, and monitoring.

This chapter will give you an overview of applying common security techniques to computing resources. This will enable you to answer all exam questions related to exam objective 4.1, Given a scenario, apply common security techniques to computing resources on your certification exam.

Note

A full breakdown of Exam Objective 4.1 will be provided at the...

As technology continues to advance, so do the tactics of malicious actors seeking vulnerabilities to exploit. Whether it’s safeguarding sensitive information, preserving operational continuity, or upholding user trust, the application of common security techniques to computing resources is paramount.

A security baseline is the foundational set of security configurations and practices that establish a secure starting point for computing resources. They provide a standardized framework for configuring and managing computing resources. The following sections will consider each of the three phases of a secure baseline: establish, deploy, and maintain.

Establish

A security baseline is a predefined set of configurations and best practices meticulously designed to create a resilient and secure foundation for computing resources. Implemented secure baselines offer a reliable starting point from which to harden targets against potential vulnerabilities. Let...

Wireless devices have transformed the way we connect and communicate, and make access to networks easier and more mobile, but they also pose increased security challenges. Effective deployment and optimization require careful consideration of installation factors, site surveys that identify and rectify issues, and heat maps to visualize network performance. When deploying a wireless network, consider the following information:

• Site Survey: Conducting site surveys is an essential step in optimizing wireless network performance. These surveys involve a comprehensive analysis of the environment, which includes identification of sources of interference, such as load-bearing walls, cordless phones, microwaves, elevators, metal frames, metal doors, and radio waves. A site survey will help to determine the best places to install the wireless access points that users connect to.
• Heat Maps: A heat map is a valuable tool in the hands of a network administrator when...

In today’s interconnected world, mobile devices have become ubiquitous as they play a pivotal role in both personal and professional spheres. With the increasing reliance on mobile solutions, the need for robust security measures to protect sensitive data and resources has never been greater. The following sections will explore common security techniques that can be applied to mobile solutions, beginning with mobile device management.

Mobile Device Management

A Mobile Device Management (MDM) solution provides centralized control and maintenance of mobile devices to ensure strict adherence to the security protocols established by an organization and empowers IT administrators to oversee, configure, and safeguard mobile devices from a remote location.

Among its primary responsibilities, MDM is set up by the IT staff to enforce security guidelines such as encryption, password prerequisites, and application whitelisting. These measures guarantee that all...

In the corporate world, wireless technology is an integral part of daily operations. Its frequent use is driven by the need for flexibility and mobility, in order to allow employees to work from various locations within the office and remotely. This versatility boosts productivity and collaboration.

However, with the convenience of wireless technology comes the risk of security breaches. Cyber threats, including unauthorized access and data interception, pose significant dangers to corporate networks. Consequently, the importance of robust wireless security measures cannot be overstated.

In the following sections, we will review four key concepts related to wireless security settings, starting with Wi-Fi Protected Access 3 (WPA3).

Wi-Fi Protected Access 3

WPA3 was released in 2018 to address the weaknesses in WPA2. WPA3 primarily relies on Simultaneous Authentication of Equals (SAE) for key establishment and encryption compared to WPA2’...

In addition to networks and devices, we also need to ensure the applications are secure. The software we rely on is vulnerable to breaches, putting sensitive data at risk. There are several key features of application security, including the following:

• Input validation: Input validation ensures that all data, (whether entered via a web page or a wizard), complies with predefined rules, formats, and permissible ranges. Imagine filling out a web form swiftly, only to mistakenly place your zip code in the wrong field. Input validation steps in like a helpful guide, promptly detecting and highlighting such errors in a vivid red, signaling that certain parameters require correction. Once these inaccuracies are rectified, the form will graciously accept and process the submission. But input validation’s role extends far beyond the user interface. Input validation protects against attacks such as SQL injection, buffer overflow, and integer overflow attacks...

Sandboxing an application means isolating it from the network for testing, patching, or complete malware inspection. We can create an isolated virtual machine by using containers such as Docker or a third-party tool such as Cuckoo, which is the leading open source sandbox for automated malware inspection. Most modern web browsers (including Google Chrome, Mozilla Firefox, and Microsoft Edge) use sandboxes to isolate individual browser tabs or processes. If one tab or website contains malicious code, it is confined to that sandbox and cannot affect the entire browser or computer.

Secure coding extends its role to detection and response through enhanced monitoring. Using logging and alerting systems, systems responsible for monitoring can detect threats and malicious activity. Enhanced monitoring enables security analysts to act swiftly on the detailed information provided. Commercial applications such as SolarWinds Security Event Manager and Splunk offer robust monitoring and alerting solutions for businesses to help them detect and respond to potential security threats. They use methods such as data collection, real-time analysis, and alerts.

Splunk, in particular, performs several key tasks as part of this solution. These are described in Table 14.1:

The rest of the chapter is locked

You have been reading a chapter from

CompTIA Security+ SY0-701 Certification Guide - Third Edition

Published in: Jan 2024Publisher: PacktISBN-13: 9781835461532

© 2024 Packt Publishing Limited All Rights Reserved

Author (1)

Ian Neil

Ian Neil is one of the world's top trainers of Security+. He is able to break down information into manageable chunks so that people with no background knowledge can gain the skills required to become certified. He has recently worked for the US Army in Europe and designed a Security+ course that catered to people from all backgrounds (not just IT professionals), with an extremely successful pass rate. He is an MCT, MCSE, A+, Network+, Security+, CASP, and RESILIA practitioner that has worked with high-end training providers over the past 23 years and was one of the first technical trainers to train Microsoft internal staff when they opened their Bucharest Office in 2006.
Read more about Ian Neil

Personalised recommendations for you

Based on your interests and search pattern

Attacking and Exploiting Modern Web Applications

Attacking and Exploiting Modern Web Attacks will help you understand how to identify attack surfaces and detect vulnerabilities. This book takes a hands-on approach to implementation and associated methodologies and equips you with the knowledge and skills needed to effectively combat web attacks.

BookAug 2023338 pages

Automotive Cybersecurity Engineering Handbook

This Automotive Cybersecurity Engineering Handbook untangles the complexities of building secure automotive products and helps you to comply with cybersecurity standards. It provides practical tools, tips, and techniques coupled with real-world examples to enable you to create cyber-resilient automotive products with ease.

BookOct 2023392 pages

Official Google Cloud Certified Professional Cloud Security Engineer Exam Guide

This book will help you to design, develop, and operate security controls on Google Cloud as well as discover best practices for relevant security domains, including identity and access management, network, and data.

BookAug 2023496 pages

Cloud Penetration Testing for Red Teamers

The advent of cloud networks and the AWS, Azure, and GCP platforms has revolutionized how companies of all sizes in all industries do business online. This book will help you meet the emerging demand for pentesting as it guides you through the tools, techniques, and security measures used by pentesters and red teamers in the 2020s and beyond.

BookNov 2023298 pages

ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide

ISACA Certified in Risk and Information Systems Control (CRISC®) Certification Guide is an enterprise IT risk management professional’s dream. With its in-depth approach and various self-assessment exercises, this book arms you with knowledge of every single aspect of the certification, and is a fantastic career companion after you’re certified.

BookSep 2023316 pages

Burp Suite Cookbook

Burp Suite is an immensely powerful and popular tool for web application security testing. This book provides a collection of recipes that address vulnerabilities in web applications and APIs. It offers guidance on how to configure Burp Suite, make the most of its tools, and explore into its extensions.

BookOct 2023450 pages

Building and Automating Penetration Testing Labs in the Cloud

This hands-on guide will help you design and build a variety of penetration testing labs that mimic modern cloud environments running on AWS, Azure, and GCP. In addition to these, you will explore a number of practical strategies on how to manage the complexity, cost, and security risks involved when setting up vulnerable cloud lab environments.

BookOct 2023562 pages

Ethical Hacking Workshop

As cyber-attacks grow and APT groups advance their skillset, you need to be able to protect your enterprise against cyber-attacks. In order to limit your attack surface, you need to ensure that you leverage the same skills and tools that an adversary may use to hack your environment and discover the security gaps. This book will teach you how to think like a hacker, use state-of-the-art hacking tools, and protect yourself and your organizaiton.

BookOct 2023220 pages

Windows Forensics Analyst Field Guide

This book contains step-by-step processes to guide you in any investigation related to Windows OS. You’ll find out how to acquire evidence using multiple tools as well as examine and analyze the collected artifacts, while discovering multiple techniques used in real-world forensic incidents.

BookOct 2023318 pages

Implementing DevSecOps Practices

This book is a comprehensive, hands-on guide for individuals new to DevSecOps who want to implement DevSecOps practices successfully and efficiently. With its help, you’ll be able to shift security toward the left, enabling you to merge security into coding in no time.

BookDec 2023258 pages