SEC+ preparation #1

INTRO

After finishing all of the books and making a short break it’s time to prepare for Sec+ certification.

I use Sec+ bootcamp at hackers-arise as first step. It’s a really good place to learn. Master OTW is professional and a really good teacher. I really enjoyed the books that I’ve red and did practice tasks.

The books that I’ve already finished are:

1. Linux Basics for Hackers

2. Network Basics for Hackers

3. Getting Started Becoming a Master Hacker

The knowledge that I’ve acquired is priceless. I really like the vision to the Cybersecurity world now, after finishing those books.

My plan was to first read these books to get the knowledge necessary for a decent understanding.

Preparation for the Sec+ is going to be easier after those books.

Let’s begin.

First lesson is a grasp about what I’m going to learn.

I’ll write blogs as a knowledge base for myself before taking exam.

Hope it’ll be interesting for readers to follow my cyber journey.

DOMAIN 1: General Security Concepts

Talking about security

If we talk about security we have 3 objectives:

1. Confidentiality

2. Integrity

3. Availability

   Or CIA as an acronym.

Usually we cannot optimize all 3 of them. When we try to optimize one, we loose the other.

Concepts

Obfuscation - attacker tries to keep away the understanding of what the attack is doing. It usually happens in really good attacks.

Domain 2: Threats, Vulnerabilities and Mitigations

• There are people who want to make as much money as they can while hacking. They’re called cyber criminals. Good example of this are ransomware attacks.

• Not all people are interested in money. They are called APT (Advanced Persistent Threat). Usually these are governments which are attacking. Their objectives are usually national secrets.

• Some of the Chinese hackers are seeking for intellectual property.

• Chinese also after the information about the public. Maybe it is a long term strategy, who knows.

Domain 3: Security Architecture

• Compare security implications of different architecture models.

  • What does your network look like?

  • Building LANs and systems.

• Apply security principles.

• On the exam they’ll ask - What would be the best architecture option for this scenario?

• Compare concepts and strategies to protect data.

• Explain the importance of recovery.

Concepts

Resilience - ability do withstand the attack. (one of the tactics is to have multiple websites. For example like Hackers-Arise does). Redundancy (more than 1) gives you resilience. Backups is also an option.

Domain 4: Security Operations

• Common security techniques.

• Vulnerability Management

• Security alerting tools and concepts. SIEM and stuff.

• Modifying enterprise capabilities to enhance security.

• Access Management

• Importance of automation.

• Incident response

• Data sources for investigation.

Domain 5: Security Program Management and Oversight

• How to maximize the efficiency of security in organization.

• Elements of effective security

• Elements of risk management process (usually it is more difficult topic, keep in mind)

• Types and purposes of audits. (audit is kind of a test for security)

  • There’s an industry of Cyber security auditors. It’s very lucrative career. If it’s your thing, it’s really nice career. You’ll probably work in a big organizations as a consultant.

• Implement security practices. (it’s an important topic)

  • Social engineering

  • Making aware the users about available scenarios.

  • Security awareness are organized every 6 months.

Outro

See you in the next lesson blog.