The CompTIA Security+ 2011 (SY0-301) exam has been significantly updatedand covers 60 new topics not present in the previous version of the exam. The first topical domain: Network Security, is ever evolving and this paper addresses 10 important topics that you need to focus on as you prepare for the exam.
It has been about three years since the last revision of the CompTIA Security+ exam back in 2008. In early summer of 2011, the latest version, SY0-301, was released. This revamped exam focuses more on risk, operational security, and mobile device security. It also clearly emphasizes security in three main areas: application, data, and host. In preparing to take the SY0-301 exam, you should pay special attention to the new topics and issues added to this latest revision.
The first domain in the updated exam is Network Security, and the topics tested in this domain include:
1.1 Explain the security function and purpose of network devices and technology. 1.2 Apply and implement secure network administration principles
1.3 Distinguish and differentiate network design elements and compounds
1.4 Implement and use common protocols
1.5 Identify commonly used default network ports
1.6 Implement wireless network in a secure manner
Note: The number in parenthesis after each topic is the official objective sub-domain reference for SY0-301 as defined by CompTIA. Please see the official objectives list in the Appendix at the end of this paper, or visit www. comptia.org for a complete accounting of the objectives.
To help you prepare, let's look at ten new and important topics in the Network Security domain of the exam.
A Web security gateway is a Web proxy server with a Web application firewall along with several other potential features, such as anti-virus, content filtering, keyword matching, striping of cookies, blocking of client-side execution agents, etc. Some Web security gateways even include some non-Web specific features such as IM filtering, SPAM filtering, e-mail oversight, spoofing prevention, and blocking file sharing services.
A load balancer is used to spread or distribute work load over multiple systems or devices. While commonly used in relation to servers, the concept can also be applied to hard drives, CPUs, or network segments. Load balancers can assist in optimizing network capacity utilization, reducing overloading, increase throughput, minimize latency and response time, and reduce bottlenecks. Load balancing can take advantage of a variety of techniques or technologies, including random choice, round robin, load monitoring, and preferencing. A load balancer can be implemented in either software or hardware.
A flood guard detects denial of service (DoS) levels of traffic and interrupts the flow of the unwanted activity. A flood guard works to prevent flooding attacks from reaching an internal network.
Loop protection is the technology used to prevent redundant network loops that might support infinite transmission of frames or packets. Switches and bridges often support Spanning Tree Protocol (STP) that provides protection against layer 2 loops. The IP protocol itself includes a loop protection feature, commonly known as the Time To Live (TTL). This decrementing counter decreases by one just before a router transmits a packet onto yet another subnet. When this value reaches 0, a router will no longer forward the packet; instead, it sends back an Internet Control Message Protocol (ICMP) Type 11 Timeout Exceeded response to the sender. This effectively prevents infinite transmissions, although it does not necessarily directly prevent loops.
Cloud computing refers to resources and services made accessible over Internet connections or other forms of data pathways. Cloud computing allows data and services to be hosted elsewhere instead of on local hardware. Cloud computing consists of several variations, including Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). SaaS provides access to applications and data services (such as Google Docs); PaaS provides access to virtualized OS environments (such as Amazon Web Services); and IaaS provides access to large scale services or solutions (such as GoGrid).
File Transfer Protocol (FTP) is a well-known but inherently insecure protocol for file transfers. Two alternatives or variations of FTP that offer security through encrypted authentication and data transfer are File Transfer Protocol Secure (FTPS) and Secure File Transfer Protocol (SFTP). FTPS is protected using SSL or TLS and operates over TCP ports 989 and 990. SFTP is protected using SSH and operates over TCP port 22, as does every SSH-protected protocol.
IPv4 was defined in 1981 in RFC 791, and is currently the most widely used OSI Layer 3 Networking layer protocol. IPv4 uses a 32 bit address divided into 5 classes, three of which (A, B, and C) are used mainly for public addresses. Class D is used for multicasting. Class E is reserved.
No comments:
Post a Comment