COMPTIA SEC+ CE CERT

Políticas, controles, amenazas…

GDPR Regulación de protección datos europea. Los fuerza a cumplir con los reglamentos que ellos Commented [A1]: FORENSICS
establecen.

1.2 CRITICAL

+Tipos de Controles de seguridad

1. Administrativos.
2. Técnicos.
3. Físicos.

Realizan:

1. Preventivos
2. Desanimen – Disuasiva.
3. Detecten.
4. Corrijan.
5. Compensen.

+Defense in depth – Defensa en profundidad

Perimetro – FW

APP y SERVERS – WAF, SSL

USRS – AV, AM

+Frameworks mas utilizados:

Nist cs framework

ISO 27001

Cobit

SABSa

Itil

+postura de seguridad: cuan preparados estamos para protegernos de una incidencia de seguridad
informática.

+ SP800 115

Ejecutar pruebas de seguridad

Testing, examining, interviewing.

Information Security Commented [A2]: 20/08/2019

=The protection of available information or information resources from unauthorized Access,

attack, theft, or data damage.

Goals of information Security

 Prevention
 Detection
 Recovery

Risk/Riesgo

=A concept that indicates exposure to the chance of damage or loss, and signifies the likelihood of
a hazard or dangerous threat.

Vulnerabilities

=Any condition that leaves a device open to harm.

Threats/Amenazas

Any event or action that could potentially cause damage to an asset.

 Changes to information
 Interruption of Services
 Interruption of Access

Attacks

A technique used to exploit a vulnerability in an application or physical computer system without

the authorization to do so.

Controls

Countermeasures that you need to put in place to avoid, mitigate, or counteract security risk due
to threats and attack.

Type of control

 Prevention Control: Help to prevent a threat or attack from exposing.

 Detection Control: Help to discover if a threat or vulnerability.
 Correction Control: Help to mitigate.
The Security Management Process

Monitoring Identification

Implementation

The CIA Triad

The three principles of security control and management: Confidentiality, Integrity, Availability.

Integrity

Confidentiality Availability

COnfidencialidad: Keeping information and communications private and protected from

unauthorized acces.

Integrity: Keeping organizational info accurate, free of errors, and free from unauthorized
modifications.

Availability: Ensuring that computer syste…

Non-Repudiation

NR: Ensuring that the party that sent a transmission of created data remains associated with the
data and cannot deny sending or creating the data.

Accountability

Determining who to hold responsible for a particular activity or event.

Identification

The process by which a claim is made about the nature of a particular entity.

Authentication

A method of validating a particular entity’s or individual’s unique credentials.

Authentication Factors

 Something you are:

o Fingerprints, handprints, retinal parents.
 Something you have
o Key or ID Card
 Something you know
o Password or PIN
 Somewhere you are or are not
o IP address or GPS location
 Something you do
o Keystroke patterns or tracing picture passwords.

Authorization

The process that determine what rights and privilege a particular entity has.

Access Control

Process that determining and assigning privileges to resources, objects and data.

Accounting and Auditing

Accounting: The process of tracking and recording system activities and resources access.

Auditing: The portion of accounting that entails security professionals examining logs of what was
recorded.

Principle of Least Privilege.

The principle that establishes that users and software should have the minimal level of access that
is necessary for them to perform the duties required of them.
Privilege Management

PrivManag: The use of authentication and authorization mechanism to provide centralized and
decentralized administration of user and group of users.

SSO: An aspect of privilege management that provides users with one-time authentication to
multiple resources, servers, or sites.

Passwords

Tokens

Physical or virtual objects that store authentication information. Common examples: smart cards,
ID Badgers, data packets.

Biometrics

Authentication schemes based on the identification of individuals by their physical characteristics.

 Fingerprint scanners
 Retinal Scanners
 Hand geometry scanners
 Voice-recognition software
 Facial-Recognition software.

Geolocation

The process of identifying the geographic position.

Keystrokes Authentication

An auth process that relies on detailed information describing exactly when a key is pressed and
released as someone types information into a computer or other electronic device.

Multi-factor Authentication

An authentication scheme that requires validation of two or more distinct authentication factors.

Used to minimized the risk.

Mutual Authentication

A security mechanism that requires that each party in communication verifies the identity of every
other party in the communication.

Cryptography

The science of hiding information, mostly commonly by encoding and decoding a secret code used
to send messages.
Encryption and decryption

Encryption: A security technique that converts data from plaintext form into coded (or ciphertext)
form so that only authorized parties with the necessary decryption information can decode and
read the data.

Plaintext: Unencrypted data that is meant to be encrypted before transmission, or the result of
decrypting encrypted data.

Ciphertext: Encode, unreadable data.

Decryption: A cryptographic technique that converts ciphertext to plaintext.

Cleartext: Unencrypted, readable data that is not meant to be encrypted.

Plaintext Encryption Ciphertext

Ciphertext Decryption Plaintext

Encryption and security goals.

 Confidentiality
 Integrity
 Non-repudiation
 Authentication

Ciphers

Ciphers: An algorithm used to encrypt or decrypt data.

Enciphering: process of translating plaintext to ciphertext.

Deciphering: process of translating ciphertext to plaintext.

A key

A specific piece of information that is used in conjunction with an algorithm to perform encryption
and decryption.

Llaves diferentes crean diferentes cifrados.

Symmetric Encryption

A two-way encryption scheme in which encryption and decryption are both performed by the
same key (shared key encryption).

Identifying Security Threats Commented [A3]: 22/08/2019

Hacker and Attackers: Individuals who have the skills to gain access to computer systems through
unauthorized or unapproved means.

Cracker: An individual who breaks encryption codes, defeats software copies protections, or
specializes in breaking into systems.

White Hat: A hacker who discovers and exposes security flaws in applications and operating
systems with an organizations consent so that they can be fixed before they become widespread
problems.

Black hat: a hacker who discovers and exposes security vulnerabilities without…

Threat actors: An entity that is partially or wholly responsible for an incident that affects or
potentially affects an organizations security. Also referred to as malicious actor.

23/8/2019

+MDM: Mobile Device Management protection of mobile devices.

Microsoft Security Software Development

Three concepts of Cybersecurity

1. Availability
2. Confidentiality
3. Integrity