CompTIA Security+ Exam Notes

CompTIA Security+ Exam Notes
Let Us Help You Pass

Friday, September 2, 2022

Juice Jacking: Understanding the Threat of Public USB Charging

 Juice Jacking

Juice jacking is a type of cyber-attack that targets devices like smartphones and tablets when they are charged via public USB ports. Here's a detailed explanation:

What is Juice Jacking?
Juice jacking occurs when a malicious actor uses a compromised USB charging port or cable to either install malware on a device or steal data from it. This attack exploits the fact that USB cables can transfer both power and data.

How Does Juice Jacking Work?
When you plug your device into a public USB charging station, such as those found in airports, cafes, or other public places, you might unknowingly connect to a compromised port. The attacker can use this connection to:
  • Install Malware: Malicious software can be installed on your device, which can then be used to steal data, track your activities, or even take control of your device.
  • Steal Data: Sensitive information such as contacts, emails, photos, and passwords can be copied from your device without your knowledge.
Types of Juice Jacking Attacks:
  • Data Theft: The attacker copies data from your device while it is charging.
  • Malware Installation: The attacker installs malicious software on your device, which can then be used for various nefarious purposes.
Examples of Juice Jacking:
  • Public Charging Stations: Airports, hotels, and cafes often provide USB charging stations. These can be compromised by attackers to carry out juice-jacking attacks.
  • Infected USB Cables: Attackers can distribute infected USB cables that look like regular charging cables but are designed to steal data or install malware.
Repercussions of Juice Jacking:
  • Data Theft: Sensitive information can be stolen, leading to identity theft or financial loss.
  • Device Compromise: Malware can take control of your device, track your activities, or lock you out of your own device.
  • Privacy Invasion: Personal data and activities can be monitored without your consent.
Ways to Avoid Juice Jacking:
  • Use AC Power Outlets: Always prefer using an AC power outlet with your own charger and USB cable.
  • Carry a Power Bank: Use a portable power bank to charge your devices on the go.
  • Use a USB Data Blocker: A USB data blocker, also known as a "USB condom," prevents data transfer while allowing power to pass through.
  • Avoid Public USB Ports: Refrain from using public USB charging stations whenever possible.
  • Use Charging-Only Cables: These cables are designed to only transfer power and not data.
Conclusion:
Juice jacking is a real threat that can compromise your device and steal your data. By being aware of the risks and taking preventive measures, you can protect your devices from this type of cyber attack. Always be cautious when using public USB charging stations and consider using tools like USB data blockers to ensure your device's safety.

This is covered in CompTIA Security+.

Posted by at No comments:
Labels: , , , , , ,

Tuesday, March 15, 2022

Regulations and Standards

 

Regulations and Standards to know for the exam

     NIST RMF: Supply chain risks
ISO 27001: Organization meets the security standards
ISO 27002: Classifies security controls
ISO 27017 & 27018: Cloud security
ISO 27701: Personal data & privacy
ISO 31000 / 31K: Risk assessments
GDPR: European Union / International Standards
·         Data owners, data controllers, data processors, & data protection officer
·         Data owner: responsible for determining how the data may be used
·         Data controller: responsible for the protection of privacy & website user rights
·         Data Protection Officer: Independent advocate for care & use of customer information, & responsible for ensuring the organization is complying with relevant laws
PCI DSS:
·         Credit cards
·         Assign a unique ID to each person with computer access
·         Regularly test security systems and processes
SSAE SOC reports:
·         SOC 2 Type I: Assess system design on a specific date
·         SOC 2 Type 2: Identifies the effectiveness of security controls over a date range

Posted by at No comments:
Labels: , , , , ,

Thursday, January 13, 2022

2-Step verification

 2-Step Verification or Out-of-Band

This process is completed by generating a software token on a server and sending it to a user. The token can be sent via:

SMS (Short Message Service): The code is sent to a registered phone number

Email: The code is emailed to a registered email account

Push Notification: The code is sent to an authenticator app on a smartphone or PC. This is seamless. The user does not have to enter the code; just tap the notification. 

Phone call: The code is sent as an automated phone call (voice) to a registered phone number
Posted by at No comments:
Labels: , , , , , ,

Thursday, August 12, 2021

PROTOCOL / PACKET ANALYZERS

 WIRESHARK / TCPDUMP

Wireshark is a free download in GUI format. The sniffer winpcap captures the traffic, and Wireshark analyzes it. 

With Wireshark, you can capture specific protocols or IP addresses. It also offers many different options for viewing protocols, flags, and the direction of the data stream. 

With Linux, you can use a command-line protocol analyzer, tcpdump. If the capture is saved as a .pcap file, it can be imported into Wireshark, making it easier to read. 

Specific ports can be port mirrored to capture that traffic. The NIC (Network Interface card) must have promiscuous mode enabled. On a Linux system, this can be enabled with the following command: "ifconfig eth0 promisc".

Posted by at No comments:
Labels: , , , ,

Friday, August 6, 2021

International Organization for Standardization (ISO) 27001/27002/27701/31000

ISO 27001/27002/27017/27701/31000


27001 - Provides requirements for an information security system. This lets other organizations know that your company meets security standards.

27002 - Classifies security controls

27017 - Guidelines for information security controls for cloud services

27701 - Focuses on personal data and privacy

31000 - Standards related to risk management, also referred to as ISO 31K

Posted by at No comments:
Labels: , , ,

Thursday, August 5, 2021

PCI DSS (Payment Card Industry Data Security Standard)

 Requirements for PCI DSS compliance

1. Install and maintain a firewall configuration to protect cardholder data
2. Do not use vendor-supplied defaults for system passwords and other security parameters
3. Protect stored cardholder data
4. Encrypt transmission of cardholder data across open, public networks
5. Use and regularly update anti-virus software or programs
6. Develop and maintain secure systems and applications
7. Restrict access to cardholder data by business need-to-know
8. Assign a unique ID to each person with computer access
9. Restrict physical access to cardholder data
10. Track and monitor all access to network resources and cardholder data
11. Regularly test security systems and processes
12. Maintain a policy that addresses information security for employees and contractors

Posted by at No comments:
Labels: ,

GDPR ( General Data Protextion Regulation)

 GDPR - Things to know for the exam

The General Data Protection Regulation regulates the protection of personal data for residents of the European Union.

The GDPR outlines the roles and responsibilities of data controllers and data processors.

The data controller is responsible for protecting privacy & website user rights.

The data protection officer (DPO) can advocate for the care and use of customer information.

A data protection officer ensures the organization complies with all relevant laws.

The data controller (sometimes called the data owner) is responsible for the data's use.

A data processor uses and manipulates the data on behalf of the data controller.



Posted by at No comments:
Labels: , , , , , ,
Subscribe to: Posts (Atom)