Security+ (SY0-601) Cram Notes

Previous   Contents   Next

2. Compliance and Operational Security

2.4 Explain the importance of security related awareness and training

Given below are some of the widely known password guessing methods:

Dictionary: this is the method in which dictionary terms are used for guessing a password

Birthday: It takes advantage of probabilities, much like two people in a 50-person room shared the same birthday. With every person, the chances of two people having the same birth date increases. In the same way, when you start guessing the password, the chances of a hit keep increasing.

Brute force: In a Brute Force attack, muscle (in this case, CPU and/or network muscle) is applied to break through a particular security mechanism, rather than using particular intelligence or logic. "Brute force" is most commonly applied to password guessing, taking advantage of computer power available to an attacker, to try every possible password value, until the right one is found. In cryptography, a brute-force attack is an attempt to recover a cryptographic key or password by trying every possible combination until the correct one is found. How quickly this can be done depends on the size of the key, and the computing resources applied.

Rainbow tables: Rainbow tables are huge lists of keys or passwords. A password-guessing program uses these lists of keys or passwords rather than generating each key or password itself.

2.5 Compare and contrast aspects of business continuity

Any business continuity planning preferably include the following:

  • Redundant network connectivity

  • Clusering

  • Fault tolerance using Raid or similar technique

  • Facilities management

Disaster recovery plan is also called as business continuity plan or business process continuity plan. A DRP should include information security, asset security, and financial security plans.

SLA (Short for Service Level Agreement) is the formal negotiated document between two parties. It is a legal document that binds both the parties during the tenure of the agreement.

2.6 Explain the impact and proper use of environmental controls

There are primarily 5 classes of fire:

  • Class 'A' Fire: Involves ordinary combustible materials such as wood, cloth and paper. Most fires are of this class.

  • Class 'B' Fire: Involves flammable liquids or liquid flammable solids such as petrol, paraffin, paints, oils, greases and fat.

  • Class 'C' Fire: Involves gases. Gaseous fires should be extinguished only by isolating the supply. Extinguishing a gas fire before the supply is off may cause an explosion.

  • Class 'D' Fire: Involves burning metals. These should only be dealt with, by using special extinguishers, by personnel trained in the handling of combustible metals.

  • Class 'F' Fire: Involves flammable liquids (Deep Fat Fryers)

There are five types of extinguishers:

  • Water : Water is used with Class A fires.

  • Dry chemical :Regular dry chemical extinguishers have a sodium bicarbonate base and are effective on Class B and C fires.

  • Halon :Halon Extinguishers are best used on Class B or C fires.

  • Carbon dioxide : Carbon Dioxide Extinguishers are used primarily on Class C fires and are also effective on Class B fires.

  • Foam: Foam extinguishers are less commonly used.

Previous   Contents   Next

Copyright © Anand Software and Training Private Limited.