آزمون بین المللی +Security
آزمون و کتب دوره امنیت گواهی نامه Security + ، دانش حرفه ای افراد در زمینه امنیت را تعیین می کند، و یکی از سریعترین زمینه های رو به رشد در IT می باشد.گواهی نامه بین المللی Security + ، مهارت و صلاحیت شما را در زمینه های زیر نشان می دهد : امنیت شبکه Comptia Security + ، نه تنها تضمین کننده دانش مفاهیم امنیتی، ابزارها و روشهای واکنش به رویدادهای امنیتی است، بلکه پیش بینی ریسکهای امنیتی و محافظت در برابر آنها را نیز از سوی کارکنان امنیتی تضمین می کند. مخاطبین نقشهای امنیتی، عبارتند از : مهندسین امنیت، مشاوران و متخصصین امنیتی، تکنسینهای تضمین کننده اطلاعات، مدیران امنیتی، مدیران سیستم و مدیران شبکه. سازمانهایی که کارکنان دارای گواهی Security + شرکت Comptia را استخدام می کنند، عبارتند از : سیستمهای اطلاعاتی هیتاچی ( ژاپن )، Trendmicro ( فیلیپین )، Lockheed Martin، وزارت امور خارجه ایالات متحده آمریکا، پیمانکاران دولت آمریکا مانند EDS و … می باشند. Security + Comptia یکی از گزینه های برای گواهی نامه های مورد نیاز وزارت دفاع ایالات متحده آمریکا برای کارکنان نظامی یا پیمانکاران نظامی درگیر در فعالیتهای تضمین کننده اطلاعات است. گواهی CompTIA Security+، مورد تایید سازمان بین المللی استاندارد سازی (ISO) و موسسه استانداردهای ملی آمریکا (ANSI) می باشد. گواهی CompTIA Security+ در حال حاضراز طریق برنامه های آموزشی مداوم CompTIA نگهداری می شود. مفاهیم عمومی امنیت موارد زیر می باشند Access Control MAC/DAC/RBAC – know the differences between Mandatory Access Control, Discretionary Access Control and Rule based Access Control. DO not configure Rule based with Role based Authentication Kerberos – a ticket based system CHAP – CHAP is more secure than PAP Certificates – know why certificates are used. A certificate authority in a PKI system with issue certificates to guarantee authenticity Username/Password – standard authentication method Tokens – RSA SecurID is an example. Remember that one time passwords can be used Multi-Factor – instead of one factor of authentication, you can have 2 or more like using username and passwords with a biometrics system Biometrics – hand scanning, retina scans and Smartcards for authentication Non-essential Services and Protocols – Disabling unnecessary systems / process / programs Attacks DOS/DDOS – a denial of service attack is when you attack a system to block usage from legitimate systems. The legitimate systems are given a denial of service. DDOS is the distributed form where the attack comes from multiple locations Back Door – a back door left in a program where the software creator (or hacker) sneaks in by Man in the Middle – a hacker can get in the middle of a session and eavesdrop of poison the conversation Replay – capturing data and replaying it for exploitation – like replaying a password to enter a system TCP/IP Hijacking – taking over a TCPIP session Weak Keys, Mathematical and Birthday attacks are all cytological attacks used to break ciphers Password Guessing – the act of guessing passwords to enter a system Brute Force – an onslaught attack that doesn’t stop until the password is . Will use any combination known to the password Dictionary – using a dictionary file to Software Exploitation – exploiting bugs and known flaws Social Engineering WLAN A wireless LAN is one in which a mobile user can connect to a local area network (LAN) through a wireless (radio) connection A standard, IEEE 802.11, specifies the technologies for wireless LANs The standard includes an encryption method, the Wired Equivalent Privacy algorithm Wi-Fi is the popular term for a high-frequency wireless local area network WLAN) Wi-Fi is specified in the 802.11b specification from the Institute of Electrical and Electronics Engineers (IEEE) and is part of a series of wireless specifications together with 802.11, 802.11a, and 802.11g All four standards use the Ethernet protocol and CSMA/CA (carrier sense multiple access with collision avoidance) for path sharing The 802.11b (Wi-Fi) operates in the 2.4 GHz range offering data speeds up to 11 megabits per second The modulation used in 802.11 has historically been phase-shift keying PSK) The modulation method selected for 802.11b is known as complementary code keying (CCK), which allows higher data speeds and is less susceptible to multipath-propagation interference Unless adequately protected, a Wi-Fi wireless LAN can be susceptible to access from the outside by unauthorized users, some of who have used the access as a free Internet connection The activity of locating and exploiting security-exposed wireless LANs is commonly known as war driving War driving is the act of locating and possibly exploiting connections to wireless local area networks while driving around a city or elsewhere. To do war driving, you need a vehicle, a computer (which can be a laptop), a wireless Ethernet card set to work in promiscuous mode, and some kind of an antenna which can be mounted on top of or positioned inside the car Companies that have a wireless LAN are urged to add security safeguards such as the Wired Equivalent Privacy (WEP) encryption standard, the setup and use of a virtual private network (VPN) or IPsec, and a firewall or DMZ Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b that is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is usually expected of a wired LAN WEP seeks to establish protection to that offered by the wired network’s physical security measures by encrypting data transmitted over the WLAN Data encryption protects the vulnerable wireless link between clients and access points; once this measure has been taken, other typical LAN security mechanisms such as password protection, end-to-end encryption, virtual private networks (VPNs), and authentication can be put in place to ensure privacy A research group from the University of California at Berkeley recently published a report citing “major security flaws” in WEP that left WLANs using the protocol vulnerable to attacks (called wireless equivalent privacy attacks) The Wireless Ethernet Compatibility Alliance (WECA) claims that WEP – which is included in many networking products – was never intended to be the sole security mechanism for a WLAN, and that, in conjunction with traditional security practices, it is very effective ۸۰۲٫۱۱ ۸۰۲٫۱۱ is a family of specifications for wireless local area networks (WLANs) developed by a working group of the Institute of Electrical and Electronics Engineers IEEE) There are currently four specifications in the family: 802.11, 802.11a, 802.11b, and 802.11g All four use the Ethernet protocol and CSMA/CA (carrier sense multiple access with collision avoidance) for path sharing The most recently approved standard, 802.11g, offers wireless transmission over relatively short distances at up to 54 megabits per second (Mbps) compared with the 11 megabits per second of the 802.11b standard Like 802.11b, 802.11g operates in the 2.4 GHz range and is thus compatible with it AAA Authentication, authorization, and accounting (AAA) is a term for a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services These combined processes are considered important for effective network management and security As the first process, authentication provides a way of identifying a user, typically by having the user enter a valid user name and valid password before access is granted The process of authentication is based on each user having a unique set of criteria for gaining access The AAA server compares a user’s authentication credentials with other user credentials stored in a database If the credentials match, the user is granted access to the network If the credentials are at variance, authentication fails and network access is denied Authentication, authorization, and accounting services are often provided by a dedicated AAA server, a program that performs these functions A current standard by which network access servers interface with the AAA server is the Remote Authentication Dial-In User Service (RADIUS) or Tacacs PKI A PKI (public key infrastructure) enables users of a basically unsecure public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority The public key infrastructure provides for a digital certificate that can identify an individual or an organization and directory services that can store and, when necessary, revoke the certificates The public key infrastructure assumes the use of public key cryptography, which is the most common method on the Internet for authenticating a message sender or encrypting a message A public key infrastructure consists of A certificate authority (CA) that issues and verifies digital certificate. A certificate includes the public key or information about the public key A registration authority (RA) that acts as the verifier for the certificate authority before a digital certificate is issued to a requestor One or more directories where the certificates (with their public keys) are held A certificate management system Asymmetric and Symmetric Asymmetric cryptography is cryptography in which a pair of keys is used to encrypt and decrypt a message so that it arrives securely A user requests a public and private key pair A user who wants to send an encrypted message can get the intended recipient’s public key from a public administrator When the recipient gets the message, they decrypt it with their private key, which no one else should have access to This process is known as a public key infrastructure In symmetric cryptography, the same key is used for both encryption and decryption This approach is simpler but less secure since the key must be communicated to and known at both sender and receiver locations Malware Malware (for “malicious software”) is programming or files that are developed for the purpose of doing harm Malware includes computer viruses, worms, and Trojan horses A virus is a piece of programming code usually disguised as something else that causes some unexpected and usually undesirable event A virus is often designed so that it is automatically spread to other computer users Viruses can be transmitted as attachments to an e-mail note, as downloads, or be present on a diskette or CD The source of the e-mail note, downloaded file, or diskette you’ve received is often unaware of the virus Generally, there are three main classes of viruses File infectors System or boot-record infectors Macro viruses The best protection against a virus is to know the origin of each program or file you load into your computer or open from your e-mail program and mak |