This chapter discusses core security concepts like the CIA triad of confidentiality, integrity and availability. It introduces risk concepts such as threats, vulnerabilities and risk mitigation. It covers different types of controls including technical, administrative and physical controls. The chapter also discusses virtualization topics such as hypervisors, snapshots and risks. Finally, it demonstrates some basic command line tools for Windows and Linux like ping, ipconfig and ifconfig.

1. Chapter 1
Mastering Security
Basics
CompTIA Security+
Get Certified Get Ahead
1

2. Introduction
• Understanding core security
goals
• Introducing basic risk concepts
• Understanding control types
• Implementing virtualization
• Using command-line tools

3. CIA Triad

4. Understanding
Core Security
Goals
• Confidentiality
• Encryption
• Access controls
• Steganography

5. Understanding
Core Security
Goals
• Integrity
• Hashing
• Digital signatures
• Certificates
• Non-repudiation

6. Understanding
Core Security
Goals
• Availability
• Redundancy
• Fault tolerance
• Patching

7. Introducing
Basic Risk
Concepts
• Threats
• Vulnerabilities
• Any weakness
• Risk is
• The likelihood that a threat will
exploit a vulnerability
• Risk mitigation
• Reduces the chances that a threat will
exploit a vulnerability by implementing
controls

8. Understanding
Control Types
Overview
• Technical controls use
technology.
• Administrative controls use
administrative or
management methods.
• Physical controls refer to
controls you can physically
touch.

9. Understanding
Control Types
• Technical controls
– Use technology to reduce
vulnerabilities
• Examples
– Encryption
– Antivirus software
– IDSs
– Firewalls
– Least privilege

10. Understanding
Control Types
• Administrative controls
– Use administrative or management
methods
• Examples
– Risk assessments
– Vulnerability assessments
– Penetration tests
– Awareness and training
– Configuration and change
management
– Contingency planning
– Media protection
– Physical and environmental
protection

11. Understanding
Control Types
• Physical Controls: Any
controls that you can
physically touch
• Examples
–Lighting
–Signs
–Fences
–Security guards

12. Control
Goals
Overview
• Preventive attempt to prevent an
incident from occurring.
• Detective controls attempt to detect
incidents after they have occurred.
• Corrective controls attempt to reverse
the impact of an incident.
• Deterrent controls attempt to
discourage individuals from causing an
incident.
• Compensating controls are alternative
controls used when a primary control
is not feasible.

13. Control Goals
• Preventive controls
• Attempt to prevent an incident from
occurring
• Hardening, training, guards, change
management, disabling accounts
• Detective controls
• Attempt to detect incidents after they
have occurred
• Log monitoring, trend analysis, security
audit, video surveillance, motion
detection

14. Comparing
Detection &
Prevention
• Detection controls
• Cannot predict when an incident will
occur
• Cannot prevent an incident
• Used after an incident
• Prevention controls
• Stop the incident before it occurs

15. Control Goals
• Corrective controls
– Attempt to reverse the impact of an
incident
– Active IDS, backups, system recovery
• Compensating
– Alternative controls used when a
primary control is not feasible
– TOTP instead of smart card

16. Control Goals
• Deterrent
• Attempt to discourage individuals
from causing an incident
• Cable locks, hardware locks
• Compare to prevention
• Deterrent encourages people to
decide not to take an undesirable
action
• Prevention stops them from
taking an undesirable action
• Security guard can be both

17. Implementing
Virtualization
• Terminology
–Hypervisor
–Host
–Guest
–Host elasticity
–Host scalability
One host appears as five
systems on a network

18. Comparing
Hypervisors
• Type I (bare-metal)
– Runs directly on hardware
– No host operating system required
• Type II
– Runs as software
within an
operating system

19. Application
Cell
Virtualization
• Runs services or applications
within isolated application cells
(or containers)
• Also called container
virtualization

20. Using
Virtualization
• Snapshots
– Copy of a VM at a moment in
time
– Can revert to a snapshot if
necessary
• VDI/VDE
– A user’s desktop
– Persistent VDE – keeps user
changes
– Non-persistent VDE – doesn’t
keep user changes

21. Risks
Associated
with
Virtualization
• VMs are files
– Can be copied
• VM escape
– Allows attacker to access
host from guest
• VM sprawl
– Uncontrolled VM creation
(not managed)
• Loss of confidentiality

22. Kali Linux
• Free Linux distribution
– Often used for penetration
testing and security auditing
– Can be installed on Windows
system (that supports Hyper-
V)
– Can be used to run Linux
commands on a Windows
system
– Free online labs
• Gcgapremium.com/501lab
s/
• May need to register on
site to access labs

23. Command-
Line Tools
• Windows
– Launch Command Prompt
– Launch Command Prompt (Admin)

24. Command-
Line Tools
• Linux
– Launch terminal
in Kali

25. Understanding
Switches &
Case
• Windows switches typically
use slash /
– ipconfig /?
• Linux systems typically use
dash –
– ifconfig -?
• Windows commands rarely
case sensitive
• Linux commands are case
sensitive

26. Commands
Demo
Ping
• Basic command to test
connectivity
– ping 192.168.1.1
• Firewalls and ICMP
• Checking DNS name resolution

27. Commands
Demo
• Ipconfig (Windows)
• ifconfig (Linux)
• IP (Linux)

28. Commands
• Netstat
• Tracert
• ARP

29. Chapter 1
Summary
• Understanding core
security goals
• Introducing basic risk
concepts
• Understanding control
types
• Implementing virtualization
• Using command-line tools
• Labs
http://gcgapremium.com/5
01labs/