Security+ (Site Considerations)

 Site Considerations

Hot site: It is fully functional, and all the equipment and data are mirrored to the site. Failover is immediate, lasting minutes.

Warm Site: Has all of the equipment, but functional data needs to be restored from backups. Failover time is hours.

Cold Site: Empty building, you might have pre-configured routers, switches, & firewall on the shelf at the main site. Failover time is days.

CompTIA Network+ Subnetting Questions

 Subnetting Questions

Just add your name

ProProfs Exam Software

CompTIA Security+ - Directory Traversal Attack examples

 Directory Traversal Attack

CompTIA Security+ SQLi (SQL Injection) Attack examples

 SQLi (SQL Injection) Attack

CompTIA Security+ - XSS (Cross-site Scripting) examples

 XSS (Cross-site Scripting) Attacks

Safeguarding Web Traffic: The Role of Secure Web Gateways

 URL Filter & Content Filter

SWG stands for "Secure Web Gateway," which is a network security solution that acts as a checkpoint between users and the internet, filtering web traffic to protect organizations from malicious websites, malware, and other online threats by enforcing company policies and blocking access to inappropriate content, essentially safeguarding users from accessing unsafe internet traffic while ensuring compliance with regulations; it does this by inspecting web requests, utilizing features like URL filtering, application control, data loss prevention, and antivirus scanning. 

Key points about SWG:

• Function: An SWG analyzes incoming web traffic, identifying and blocking malicious websites, malware, phishing attempts, and other harmful content based on preset security policies. 

Features:

• URL filtering: Blocks access to specific websites based on their category (e.g., adult content, gambling, social media). 
• Application control: Restricts access to specific applications or protocols (e.g., limiting streaming services during work hours). 
• Anti-malware scanning: Scans web traffic for malware before it reaches the user's device. 
• HTTPS inspection: Decrypts and inspects encrypted traffic to identify threats within secure connections. 
• Data loss prevention (DLP): Monitors web traffic for sensitive data leaks 

Benefits:

• Enhanced security: Protects users from accessing malicious websites and downloading malware. 
• Compliance enforcement: Helps organizations adhere to data privacy and security regulations 
• Improved user productivity: Prevents distractions by restricting access to non-work-related websites 

Deployment options:

• On-premise: A physical appliance installed within the organization's network 
• Cloud-based: A service delivered through a cloud provider, allowing access from anywhere

This is covered in CompTIA Network+ and Security+.

Certificate Validation: Notes for the Security+ exam

 Checking the Validity of Certificates

On this exam, there are only 2 ways to check the validity of a certificate:

• CRL (Certificate Signing Request)
• OCSP (Online Certificate Status Protocol)

CRL

• You can use OCSP in case/instead.
• You have to download it from the CA (Certificate Authority), which is recommended twice daily.

OCSP

• Real-time
• Good, revoked, or unknown
• Public CA 
• Internet CA
• You can use a CRL in case/instead

If there is too much traffic to intermediate CA, then use stapling.

Answer for CRL in the question:

• OCSP

Answers for OCSP in the question:

• CRL
• Stapling

Reasons for revoking a certificate:

Employee leaves the organization

A system is decommissioned

A certificate is superseded

The private key is compromised

The certificate was issued fraudulently

Certificates that have expired do not need to be revoked.