Securing individual systems

Malicious software is referred to as malware and includes various types including ransomware, fileless viruses, worms, keyloggers, and trojan horses. Infected computers that periodically contact command and control servers are called bots or zombies.

A lack of secure configurations for networks, devices, and hosts results in an increased attack surface. Default settings, especially credentials, should not be used. Deprecated security protocols such as WEP and SSL should also be avoided.

Staying up-to-date with the latest types of security attacks is form of attack mitigation. Keeping systems hardened helps protect against zero-day attacks. Software develops must adhere to secure coding practices to ensure deployed code does not contain s

Malicious actors can trick victims into installing malicious code such as driver shims. Software programming flaws related to memory allocation can result in security threats. Secure coding, patching, and user awareness go a long way in mitigating these t

Username and password authentication remains common, as do related dictionary and brute-force attacks. Account lockout threshold can mitigate password attacks other than password spraying attacks.

Distributed Denial of Service (DDoS) attacks use collections of infected bots, or zombies in a botnet, to flood victims hosts or networks. Bots periodically contact a malicious-user controlled command and control server.

Data availability, including through disk redundancy, is an aspect of IT security. There are various RAID levels that organize physical disks together to provide performance and/or fault tolerant benefits.

All IT solutions, in the end, run on hardware somewhere. Restricting physical access to IT hardware such as through locked server rooms and encryption of data at rest provide a layer of security.

In the enterprise, endpoint detection and response solutions report to a centralized SIEM solution when abnormal activity, including malware, is detected on hosts and devices. Intrusion detection and prevention systems (IDS/IPS) are the engine for this ty

Monitoring the network for intrusions is paramount to ensure a timely mitigation. This episode presents a monitoring scenario that requires the view to identify which type of attack took place.

RAID configurations can enhance the performance and availability of stored data, depending on the level of RAID used. In this demo, software RAID level 1 (disk mirroring) is configured in Linux.

Securing hosts properly should involve both a proactive and a reactive approach. This episode discusses what can be done about zero-day attacks.

CompTIA Security+ establishes the core knowledge required of any cybersecurity role and provides a jumping point to intermediate-level cybersecurity jobs. Security+ Lab incorporates best practices in hands-on trouble-shooting to ensure security professionals have practical security problem-solving skills. This Lab aids the CompTIA Security+ training set by providing several challenges specially crafted to convey the concept of Authentication Management and Access Control Schemes clearly and comprehensively.“AAA is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.”