CompTIA Security + Cheat Sheet

In an era where the IT field is constantly evolving, the lifestyles of individuals, access to millions of users to the internet has also lead to several security challenges. The cyber-attacks are becoming more frequent, and breach of confidentiality and data has affected many users and organizations alike.

Cybersecurity has been a challenge, and its importance cannot be overlooked. Keeping in view this importance, Companies are now spending a heavy amount to ensure their cybersecurity. The demand for cybersecurity experts has been on the rise, and people looking to pursue a career in cybersecurity has a wide scope of career advancement and growth.

What is CompTIA Security+ Certification?

The CompTIA Security+ certification exam is considered a globally recognized certification taken by individuals to validate their knowledge and skills in IT security as well as general IT skills. On successful completion of this certification exam, the individuals are awarded certification for proving that the recipient is well conversant with network security and risk management

What Must You Know To Pass Security+?

A candidate needs to understand these main objectives of Security+ certification fully:

• Fully understand the principles of organizational security & the key essentials of effective security policies

• Identifying possible network attack strategies and their defense mechanisms

• Recognize the security technologies and uses of cryptographic standards and tools

• Know about network and host-based security technologies and its best practices

• Define how wireless and remote access security is ensured

• Describe the products and their standards used to implement security on the web and communication technologies

• Identify strategies for guaranteeing business continuity, error tolerance, and disaster recovery

If you have a firm hold of the key concepts and main objectives, it will benefit you in the long run while preparing for Security+ certification and consequently appearing and taking the exam.

This article is focused on creating a CompTIA Security+ Cheat Sheet that can be used as a guide book while preparing for the exam. Besides giving you overall knowhow of the key concepts and their functions, it will also be helpful to familiarize yourself with necessary keyword abbreviations such as MAC (Mandatory Access Control), FTP (File Transfer Protocol), SFTP (Secure File Transfer Protocol), etc.

Let’s go through the Cheat Sheet and familiarize yourself with the crux of the CompTIA Security+ certification exam.

CompTIA Security+ Key Concepts

Before going into further details, let’s go through the key features of this architecture.

Start your 30-day FREE TRIAL with InfoSecAcademy.io and start your Security+ certification journey today!

Symmetric – Performance

Algorithm	Cipher
Hieroglyphics (First Identified Cipher)	None
Scytale (Used by the Greeks in 400 BC)	Transposition
Caesar	Mono-Substitution
Vigenere	Poly-Substitution
Vernam (One Time Pad) – Used in the WW II	XOR
DES (Lucifer) (56 bits)	Block
3DES (2 keys of 112 bits & 3 keys of 168 bits)	Block
AES (Rijndael) (128, 192, 256 bits)	Block
Blowfish	Block
Twofish	Block
IDEA	Block
RC2	Block
RC4 (used by WEP and WPA)	Stream
RC5	Block
RC6	Block
CAST	Block
MARS	Block
Serpent	Block
Twofish	Block
E0 (used by Bluetooth)	Stream

Asymmetric (Public Key Cryptography) – Key Exchange

• Diffie-Hellman Key Exchange (DH)
• Digital Signature Algorithm (DSA)
• El Gamal Encryption Algorithm
• Elliptic Curve Cryptography (ECC)
• Rivest, Shamir & Alderman Encryption Algorithm (RSA)
• Knapsack - Defunct

Cryptography Goals	Achieved Through
Confidentiality	Asymmetric & Symmetric Encryption
Validity/Verification/ Accountability	Asymmetric Encryption, MAC/MIC, and Digital Signature
Integrity	Parity, Hashing, Checksum, and Check Digit
Non-Repudiation	Just Digital Signature

Hashing Algorithms – Integrity

• Secure Hash Algorithm (SHA) - Made by the US Government with 160-bit digest
• Message Digest Series Algorithm (MD) - Made by RSA with 128-bit digest
• Some of the others are HAVAL, WHIRLPOOL, Tiger

Symmetric vs. Asymmetric – Key Strength
Symmetric	Asymmetric
64-bit key strength	512-bit key strength
112-bit key strength	1792 bit key strength
128-bit key strength	2304 bit key strength

Remote Access

802.11, VPN, DUN (RADIUS, TACACS, TACACS+, SSL, Packet-level authorization via IPSec Layer3)

Access Control

MAC, DAC, and RBAC

Basic Network Security Devices

Firewalls

Packet Sifting (Layer3)

Proxy Service

Level of Circuit (Layer 3)

Level of Application (Layer 7)

State full Scrutiny (Layer 7)

Routers

Frontward packets between subnets RIP, IGRP, EIGRP, OSPF, BGP, EGP, IS-IS

Switches

Section broadcast networks

Ports

Port	Use
21	FTP – used in DMZ
22	SSH
23	Telnet
25	SMTP
49	TACACS
53	DNS
67 & 68	DHCP
80	HTTP
110	POP3
143	IMAP4
161	SNMP
389 & 636	LDAP
443	HTTPS / SSL
UDP 1701	L2TP
TCP 1723	PPTP

Certificate Lifecycle and Key Management

• Key Generation: Public key pair is generated and hosted by CA
• Identity Submission: The identity of the requesting entity is provided by itself
• Registration: The CA registers the request, and verification of the submission identity is done
• Certification: The CA digitally signs a certificate
• Distribution: CA publishes the previously generated certificate
• Usage: The receiving entity is licensed to use the certificate only for its intended use
• Revocation and expiration: If needed, the certificate can terminate or may be canceled earlier
• Renewal: A new key pair can be created, and the certificate is renewed if necessary
• Recovery: Recovery is possible if a verifying key is breached, but the holder is still valid
• Archive: Users and their certificates are stored in the archive

Enroll in our CompTIA Security+ Certification Training program to launch your career in the field of Information Security

Authentication

• Kerberos: It is a system based on tickets. Symmetric key KDC
• CHAP: Hashed values substitution
• For asymmetric key Certificates used with a PKI 
• Username & Password are common
• For a token-based approval, possession of token is required
• Biometric verification

Certificates

• X.509:
• Pubic key of the user
• A name recognized by the CA (Certificate Authority)
• The type of symmetric algorithm used for encryption

SSL

• The Secure Sockets Layer Protocol (SSL) contains two parts.
• First: The SSL Handshake Protocol creates a secure channel
• Second: The SSL Application Data Protocol is then used to exchange data over the channel. Six detailed steps are used in the handshaking process

ISAKMP

• To negotiate and deliver authenticated key material for security associations in a protected way, Internet Security Association and Key Management Protocol is utilized
• Peers confirmation
• Hazard management
• Creation and management of Security association
• Establishment and management of cryptographic key

Bell La-Padula Access Control Model

• SOAS
• Subjects
• Objects
• Access Modes
• Security Levels

Diffie-Hellman Algorithm

A secret interchange of key vis an insecure medium without any previous secrets.

Interference Detection

Active Responses

• Supplementary information is collected

• Environment is changed

• Action against the intruder is taken

IP Addresses

A Class	B Class	C Class
1 to 127	128 to 191	192 to 223
10.0.0.0	172.16.0.0 to 172.31.0.0	192.168.0.0
255.0.0.0	255.255.0.0	255.255.255.0

SQL

• Activities
• Objects
• Users

Attacks

Denial of Service (DOS)

• Smurf: It is based on the ICMP rebound reply
• Fraggle: An attack based on UDP packets like Smurf
• Ping Flood: Service is blocked through repeated pings
• SYN Flood: Repetitive SYN requests
• Land: Exploits TCP/IP lots through deceived SYNs
• Teardrop: An Attack with the usage of overlying, broken UDP packets that can’t be rearranged correctly
• Bonk: An attack related to port 53 with the use of fragmented UDP packets
• Boink: Attack like Bonk but on multiple ports

Backdoor

• Net-Bus, Back Orifice

Spoofing

• Deceiving process of showcasing data

Man in the Middle

• Capturing traffic between two different systems and using a third system playacting being one of the others

Replay attack

• Posting of captured data

TCP/IP Hijacking

• The state of a session is altered in such a way that intercepts authentic packets and allows a third-party host to enter false but acceptable packets.

Mathematical Attacks

• Key guessing: Password guessing, dictionary assaults, brute force, logons guessing, passwords

Malicious Code

• Viruses: Pollute systems and spread copies
• Trojan Horse: Seemingly useful applications holding disguised malicious code
• Logic Bombs: Get triggered at specific conditions
• Worms: Self-duplicating forms of other malicious codes
• Java and Active X control: Automatically executes when sent through email

Social Engineering

• Manipulating People: The most exposed point in a network

Read More: Who Needs CompTIA Security+ Certification?

 

Business Continuity Plan

• Risk and analysis
• Business influence study
• Strategic planning and moderation
• Training, awareness preservation, and audit
• Grouping of documentation and security

Virus

• Replication and stimulation mechanism
• Different purposes of virus

Integrity

Guaranteeing the receiver that a message has not been changed during transfer and confirms the sequence and numbering of data

PPTP

Just works over IP

Asymmetric Encryption Scheme

Encryption and decryption are dependent on both the sender and receiver through different keys. Encryption and authentication can happen without the involvement of private keys. On the disclosure of private key, the integrity of a cryptographic system is considered at stake

WTLS (Wireless Transport Layer Security)

It offers optimum privacy, data integrity, and authentication for handling devices in a wireless network environment. Authentication is fulfilled by file encryption using symmetric cryptography. Key distribution is considered the primary drawback of symmetric cryptography.

SYN

Flood A network attack that misuses TCP’s (Transmission Control Protocol) three-way handshake to load servers and reject access to authentic users. When a user digitally signs a document, an asymmetric algorithm is used to encrypt hash results.

Least Privilege

The best technique to stop IP spoofing attacks is through the application of access filtering to routers

MD5 (Message Digest 5)

A joint algorithm is used to verify the integrity of data from a remote user. It is done through the creation of a 128-bit hash from data input.

False Positive

Wrongly detecting approved access as an invasion or attack.

ICMP Quoting

A method in which fingerprinting technique relies on the fact that operating systems vacillate in the amount of information that is cited when ICMP (Internet Control Message Protocol) errors are faced

SSL

A protocol is commonly used for encrypting traffic between a web browser and a web server. It is available in 40 and 128 bit.

IPSec

A popular VPN (Virtual Private Network) protocol functioning at Layer 3 of the OSI (Open Systems Interconnect) model.

Digital Signatures

It provides authentication and non-repudiation but not privacy.

DAC (Discretionary Access Control)

It only depends on the individuality of the user or process. Every object is owned by someone who has full control over it. These are the access controls that are created and managed by the data owner.

MAC

The right to use controls based on security labels related to each data item and user. It uses different security levels to organize users and data.

Kerberos

Facilities of time harmonization for users and servers.

Malformed MIME (Multipurpose Internet Mail Extensions)

A header can crash an email server

Passive Detection

Examining log files after the initiation of an attack. Strong encryption is considered the best protection against man in the middle attacks. While making a disaster recovery plan, Authorization Systems recognized in a formal risk analysis process should be included

Certificate Policy

A PKI (Public Key Infrastructure) document that works as the medium on which mutual interoperability standards and mutual assurance criteria are based industry-wise.

Buffer Overflow

It directs more traffic to a node than expected.

Differential

Only modified files are copied by backup methods since the last full backup.

FTP Bounce

An attack is normally used to create a connection between the FTP server and another computer.

Network-Based IDS

A system intended for an internal network that will scrutinize all packets for known signature attacks.

Ping of Death Attack

To crash a target computer, a network attack method is used that utilizes ICMP (Internet Control Message Protocol) and wrongly formatted MTUs (Maximum Transmission Unit).

SSO

The verification issues of multiple usernames and passwords are addressed.

PKI (Public Key Infrastructure)

The best technical solution for minimizing the threat of a “man in the middle” attack.

AES

Rijndael based standard encryption algorithm

Misuse Detection

Tracking of people trying to access unauthorized web sites by the Management 

Hosting

Included in an SLA (Service Level Agreement) to make sure the availability of server-based resources instead of assured server performance levels.

SSL

Operates at the session layer using an asymmetric key 

Common Criteria

The de-facto security assessment criteria of Information Technology for the international public

Crime Scene Technician

Tagging, bagging, and enlisting of evidence

Extranet

It allows a business to conduct with one another securely. For the protection of confidentiality, integrity, and availability (CIA), monitoring access to information systems and associated networks is necessary

Dual Key Pair

Using distinct key pairs to separate confidentiality services from integrity services to support non-repudiation

Single Loss Expectancy - SLE

Cost of a single loss when it occurs. Making estimates on the number of finances the company could lose if a risk happened one time in the future.

Non-repudiation

It is usually used to evade the sender or the receiver from denying that a particular communication has occurred between them

Confidentiality

The data security in case of unauthorized access or disclosure

Firewall

It is used to allow access to employees of the company to DL FTP

SYN Attack

It exploits in the handshaking

Audit Log

A collection of information that includes login, file access, other activities, and actual or attempted genuine and unauthorized violations.

VLAN

It was designed to reduce broadcast traffic. However, it is also helpful in decreasing the probability of having information compromised

Active detection

IDS systems may close unsure connections or even shut down the server or service

CRL and OCSP

To maintain access to servers in a network, these two common methods are used while using a public key infrastructure 

IPSec

For data integrity, it provides the Authentication Header (AH), while for data privacy, Encapsulation Security Payload (ESP) is provided.

TCP SYN scan

It is a method used to examine what ports are listening and then perform a two-way handshake.

NAT (Network Address Translation)

It can be accomplished with static IP. It also hides NAT (Network Address Translation) and PAT (Port Address Translation)

Due care

It is the set of policies and processes planned to minimize the chance of damage or injury

Business Impact Analysis

It is used to attain formal agreement on maximum tolerable downtime. Moreover, recording change levels and revision information is beneficial for disaster recovery.

Single Servers

Targets of attacks regularly because they hold credentials for several systems and users

Multi-Factor Authentication

It may be a requirement in case a stored key and remembered password is not strong enough, and extra layers of security are needed.

VPN Drawback

A firewall is not capable of reviewing encrypted traffic

Man Trap

The physical access control most effectively protects against physical sponging

CRL

Certificates that have been disabled before their scheduled expiration.

Logging

Used for record-keeping of system usage

Security Controls

It may become flaws in a system unless they are satisfactorily tested.

RBAC

Access control results are based on responsibilities that an individual user or process possess

ROOT

The initiation of the LDAP directory is known as root.

SSLv3.0 (Secure Sockets Layer version 3.0)

It is used to improve the skills to force client-side authentication via digital certificates virus. Replication mechanism, activation method, and objective Hashed passwords are prone to “man in the middle” attacks

SSL (The Secure Sockets Layer)

• It is the protocol that uses both asymmetric and symmetric key exchange.
• Asymmetric keys are used for the SSL handshake. During the handshake process, the master key, encrypted with the receiver public, moves from the client to the Server.
• The client and server create their unique session keys with the use of the master key.
• The session keys encrypt and decrypt data to maintain the balance of the session.
• The exchange of symmetric keys happens during the exchange of the cipher specification, or encryption level.

CRL (Certificate Revocation List)

A query that gets a response in near real-time. Does not pledge that new data is being returned.

Multi-Homed Firewall

• If the firewall is breached, only the systems in the DMZ (The main purpose of digital certificates is to fix a public key to the entity that holds the matching private key)
• The length of the asymmetric hash is the necessary factor that affects the lifespan of a public key certificate and its allied keys
• In pursuance to obtain a certificate from a trusted CA (Certificate Authority), the user is required to present proof of identity and a public key
• The amount of time an attack may take to crack the password is directly proportional to the keyspace and complexity of a password

WAP (Wireless Application Protocol)

A programming model based on client, gateway, and original server.

DDoS (Distributed Denial of Service)

• It is most typically accomplished through multiple servers or routers controlling and overwhelming the bandwidth of a specific server or router.
• Throughout the digital signature process, the method of hashing provides a medium to validate what security requirement needs data integrity

MD5

A mutual algorithm used to validate the integrity of data from a remote user through the creation of a 128-bit hash from a data input is MD5.

Extranet:

• It enables two businesses to perform securely with each other
• To preserve the CIA, controlling access to information systems and related networks is essential

Dual Key Pair:

Using discrete key pairs to isolate confidentiality services from integrity services to back non-repudiation

Single Loss Expectancy (SLE):

The cost of an individual loss as it happens while compiling estimates of the amount of money the organization could lose if a similar risk occurred in the future.

Non-repudiation:

It is generally used to stop either the sender or the receiver from rejecting that any particular communication has happened between them

Confidentiality:

The protection of data against illegal access or revelation

Firewall:

To give access to employees in the company to DL FTP

SYN Attack:

• Exploits in the handshaking process
• During the digital signature process, hashing is a method that provides a way to verify what security requirement needs data integrity
• File encryption with the usage of symmetric cryptography fulfills what security requirement needs authentication
• CHAP (Challenge Handshake Authentication Protocol) is used to determine what authentication protocol could be used to encrypt passwords 
• When User A applies to the CA (Certificate Authority) for a certificate requesting permission to initiate the communication with User B, User A should supply the CA (Certificate Authority) with a public key
• Demilitarized Zone are uncovered
• MD5 (Message Digest 5) is a common algorithm that is used to confirm the integrity of data from a remote user through the creation of a 128-bit hash from data input.