Professional Documents
Culture Documents
Sy0 601 12
Sy0 601 12
Sy0 601 12
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 2
Syllabus Objectives Covered
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 3
Hardware Root of Trust
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 4
Boot Integrity
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 5
Drive Encryption
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 6
USB and Flash Drive Security
• BadUSB change the usb to be any accessory device attack by recording key strokes
• Exposes potential of malicious firmware
• Malicious USB cable --> hack & copy data
• Malicious flash drive
• Sheep dip
• Is Sandbox system for testing new/suspect devices
• Isolated from production network/data
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 7
Third-party Risk Management
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 8
End of Life Systems and Lack of Vendor Support
• Support lifecycles
• End of life (EOL) ---> has spare parts
• Product is no longer sold to new customers
• Availability of spares and updates is reduced
• End of service life (EOSL) --> no parts or software
• Product is no longer supported
• Lack of vendor support
• Abandonware too much problems
• Software and peripherals/devices
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 9
Organizational Security Agreements
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 10
Topic 12B
Implement Endpoint Security
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 11
Syllabus Objectives Covered
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 12
Host Hardening --> secure configuration
sED
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 13
Baseline Configuration and Registry Settings
compare baseline
• OS/host role
• Network appliance, server, client,
…
• Configuration baseline template
• Registry settings and group policy
objects (GPOs)
• Malicious registry changes
• Baseline deviation reporting
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 14
Patch Management
• All types of OS, application, and firmware code potentially contains
vulnerabilities proper patching
• Patch management essential for mitigating these vulnerabilities as they are
discovered
critical
• Update policies and schedule
• Apply all latest – auto-update
• Only apply specific patches
• Third-party patches
• Scheduling updates
• Managing unpatchable systems
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 15
Endpoint Protection
• Antivirus (A-V)/anti-malware
• Signature-based detection of all malware/PUP types update
• Host-based intrusion detection/prevention (HIDS/HIPS)
• File integrity monitoring and log/network traffic scanning SFC utility
• Prevention products can block processes or network connections
• Endpoint Protection Platform (EPP)
• Consolidate agents for multiple functions
• Combine A-V, HIDS, host firewall, content filtering, encryption, …
• Data loss prevention (DLP)
• Block copy or transfer of confidential data
• Endpoint protection deployment
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 16
Next-Generation Endpoint Protection
Microsoft XDR
• Endpoint detection and response (EDR)
• Visibility and containment rather than preventing malware execution machine
learning /AI
• User and entity behavior analytics driven by cloud-hosted machine learning
• Next-generation firewall integration
• Use endpoint detection to alter network firewall policies
• Block fileless threats and covert channels
• Prevent lateral movement
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 17
Antivirus Response on access scanning --> prevention system, when code is executed
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 18
Topic 12C
Explain Embedded System Security Implications
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 19
Syllabus Objectives Covered
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 20
Embedded Systems
• Computer system with dedicated function
• Static environment
• Cost, power, and compute constraints
• Single-purpose devices with no overhead for additional security
computing
• Crypto, authentication, and implied trust constraints
• Limited resource for cryptographic implementation
• No root of trust --> physical parameter
• Perimeter security
• Network and range constraints
• Power constrains range
• Emphasize low data rates, but minimize latency
4G 5G
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 21
Logic Controllers for Embedded Systems
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 22
Embedded Systems Communications Considerations
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 23
Industrial Control Systems (1)
--> human safety
• Availability, integrity, confidentiality (AIC triad) --> imbedded system --> workflow by
• Workflow and process automation automation
• Industrial control systems (ICSs)
• Plant devices and embedded PLCs
• OT network
• Electromechanical components and sensors
• Human machine interface (HMI)
• Data historian
• Supervisory Control and Data Acquisition (SCADA)
• Runs on PCs to gather data and perform monitoring
• Manage large-scale, multiple site installations over WAN communications
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 24
Industrial Control Systems (2)
ICS/SCADA Applications:
• Energy
• Power generation and distribution
• Industrial
• Mining and refining raw materials
• Fabrication and manufacturing
• Creating components and assembling them into products
• Logistics
• Moving things
• Facilities
• Site and building management systems
• Heating, ventilation, and air conditioning (HVAC)
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 25
Internet of Things
COMMUNOCATION
Machine to Machine (M2M) communication and IoT network THROUGH MACHINE E.G
includes: WASHING MACHINE
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 26
Specialized Systems for Facility Automation
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 27
Specialized Systems in IT
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 28
Specialized Systems for Vehicles and Drones
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 29
Specialized Systems for Medical Devices
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 30
Security for Embedded Systems
• Network segmentation
• Strictly restrict access to OT networks
• Increased monitoring for SCADA hosts
• Wrappers
• Use IPSec for authentication and integrity and confidentiality
• Firmware code control
• Supply chain risks
• Inability to patch
• Inadequate vendor support
• Time-consuming patch procedures
• Inability to schedule downtime
CompTIA Security+ Lesson 12 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org 32