Certification

Chapter 1 Objective 1.1 Scope Definition Regulations, Frameworks, and Standards Privacy: Ensure compliance with privacy laws (e.g., GDPR, HIPAA). Notes Security: Adhere to security standards (e.g., ISO/IEC 27001, NIST). Notes Rules of Engagement Exclusions Define what systems, networks, or data are off-limits. Example: Exclude the production environment to avoid disruptions. Test Cases Specify the scenarios and conditions under which the testing will occur. Example: Testing for SQL injection vulnerabilities in the login module....

Chapter 2 Objective 2.1 Active and Passive Reconnaissance Active Reconnaissance → Actively interacts with the target system or network to gather information. Methods: Port scanning, ping sweeps, banner grabbing, social engineering. Risks: High detection risk, potential legal issues. Importance: Provides detailed and actionable information about the target’s systems and vulnerabilities. Passive Reconnaissance → Gathers information about the target without directly interacting with the target system or network. Methods: OSINT, WHOIS lookup, DNS enumeration, social media monitoring, website analysis....

Chapter 3 Objective 3.1 Container Scans Purpose: Assess security of containerized applications and environments. Techniques: Sidecar Scans: Utilize a sidecar container to monitor and analyze the security of a main container. Example: A sidecar container running a security tool to check for vulnerabilities in a main application container. Application Scans Purpose: Identify vulnerabilities in applications at different stages of development and deployment. Techniques: Dynamic Application Security Testing (DAST): Test running applications for vulnerabilities by simulating attacks....

Chapter 4 Objective 4.1 Target Prioritization High-Value Asset Identification Definition: Determining which assets are most critical to the organization and thus warrant higher priority for security efforts. Examples: Financial databases Intellectual property repositories Critical infrastructure systems Purpose: Focus resources on protecting assets that, if compromised, would have the most significant impact on the organization. Descriptors and Metrics Common Vulnerability Scoring System (CVSS) Base Score: Definition: A numerical score that represents the severity of a vulnerability....

Chapter 5 Objective 5.1 Scheduled Tasks/Cron Jobs Function: Automating tasks to run at specified times. Use Case: Setting up periodic execution of malicious scripts or commands. Example: Creating a cron job to regularly execute a script that maintains a backdoor connection. Service Creation Function: Creating system services that run with elevated privileges. Use Case: Establishing persistence by installing malicious services. Example: Creating a Windows service that launches a reverse shell upon system startup....

Chapter 1 Objective 1.1 Security Program Documentation Policies → Formalized statements that define the organization’s position on an particular issue, its guiding principles & its overall intentions Establish the organization’s stance and expectations. Ex. A data protection policy might state that all employees must encrypt sensitive data before transmitting it over the internet Ex. Security Policy, Privacy Policy Procedures → Detailed, step-by-step instructions on how to perform specific tasks or operations Provide specific directions for performing tasks....

Chapter 2 Objective 2.1 Firewall → A firewall is a network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Placement: Perimeter Firewall: Positioned at the network boundary to filter traffic between internal and external networks. Internal Firewall: Placed within the network to segment and protect different network segments. Configuration: Rule Setting: Define rules to allow or block traffic based on IP addresses, ports, and protocols....

Chapter 3 Objective 3.1 Subject Access Control Subject access control involves defining and managing the permissions and access rights for different entities (subjects) in an IT environment, such as users, processes, devices, and services. User Access Control → User access control manages the permissions and access rights of individual users based on their roles and responsibilities. Objective: Ensure users have appropriate access based on their roles. Approach: Use role-based access control (RBAC) and attribute-based access control (ABAC)....

Chapter 4 Objective 4.1 Security Information and Event Management (SIEM) NOTES Event Parsing → Event parsing is the process of interpreting and normalizing raw event data from various sources into a consistent format. Scenario: An organization receives logs from various devices (e.g., firewalls, routers, servers). Action: Use a SIEM tool to parse and normalize these logs into a standardized format for easier analysis. Event Duplication → Event duplication occurs when identical or similar events are recorded multiple times, leading to redundant data and potential alert fatigue....

Chapter 1 Objective 1.1 Phishing → Practice of sending email to trick users to submit personal information or click a link Can be done to install malware, validate email address, get money Smishing → SMS Phishing Vishing → Phone Phishing → Phishing over Voice over IP (VoIP) Spam → Unwanted / Solicited Email SPIM → Unwanted messages over Instant Messaging Channels Spear Phishing → Phishing target on specific group of people or even a single user Mitigation → Use digital signatures Dumpster diving → Practice of searching through trash & recycling to gain info from discarded items Mitigation → Shredding or Burning Paper instead of throwing it away Shoulder surfing → Looking over shoulder of someone to gain information Mitigation → Use screen filters Pharming → Manipulates DNS server or client to redirect users to different websites Changes DNS entries on a local PC or on a trusted local DNS server Tailgating → Practice of one person following closely behind another person without showing credentials Mitigation → Access Control Vestibules (Mantraps) → Allows only single person to pass at a time Eliciting information → Act of getting information without asking for it directly Active Listening → Target is encouraged to keep talking Reflective Questioning → Repeat statements as a question & encourages to talk more False Statement → Give false info hoping that the target corrects it Bracketing → Try to get specific info by stating a specific number or range of numbers Whaling → Phishing targeted on high level executives Prepending → Add something to the beginning of something else....