CompTIA Security SY0-601 Domain 2

2. The latest version of Security+ SY0-601 have 5 Domains: Domain 1.0: Attacks, Threats, and Vulnerabilities (24%) Domain 2.0: Architecture and Design (21%) Domain 3.0: Implementation (25%) Domain 4.0: Operations and Incident Response (16%) Domain 5.0: Governance, Risk, and Compliance (14%) In this blog, we discuss the second domain 2: Architecture and Design. www.infosectrain.com | sales@infosectrain.com 01

3. DOMAIN 2 Architecture and Design A well-managed Information Security environment depends heavily on architecture and design. This domain will show you how to put security measures into effect and establish a safe working environment for your organization. The weightage of this domain is 21%. The subtopics covered in this domain are listed below 1. Importance of security concepts in an enterprise environment. 2. Virtualization and cloud computing concepts. 3. Secure application development, deployment, and automation concepts. 4. Authentication and authorization design concepts. 5. Implement cybersecurity resilience. 6. Security implications of embedded and specialized systems. 7. Importance of physical security controls. www.infosectrain.com | sales@infosectrain.com 02

4. 01 Importance of security concepts in an enterprise environment In this part, we will learn Configuration management and its subtopics Diagrams, Baseline Configuration, Standard naming conventions, Internet protocol schema. We cover Data sovereignty, Data protection, Geographical considerations, Response and recovery controls, SSL (Secure Sockets Layer)/ TLS (Transport Layer Security) inspection, API considerations, Site resiliency- Hot site- Cold site- Warm site, and we understand Deception and disruption concept • Honeypots • Honeyfiles • Honeynets • Fake Telemetry • DNS Sinkhole www.infosectrain.com | sales@infosectrain.com 03

5. 02 Virtualization and Cloud Computing Concepts The core premise behind cloud computing is that you’ll access and control your applications and data from any computer, everywhere in the world, while virtualization hides or abstracts the storage technique and location. To conduct a breach in a cloud, a hacker just requires a good Internet connection and a dictionary of obtained password hashes or SSH (Secure Shell) keys. A lack of supervision in cloud providers’ security processes can greatly raise a business’s danger. As a security expert, you should be able to analyze the dangers and weaknesses associated with cloud service and delivery models, as well as the virtualization technologies that support them. So in this part, we cover Cloud Service Models- Infrastructure as a Service (laaS), Software as a Service (SaaS), Platform as a Service (PaaS). We understand Virtualization Technologies concepts, VM Escape protection, VM Sprawl Avoidance, Cloud Security Controls, and we cover Infrastructure as Code. www.infosectrain.com | sales@infosectrain.com 04

6. 03 Secure Application Development, Deployment, and Automation Concepts Development (programming and scripting) is at the foundation of secure network administration and management, including automation techniques for durability, disaster recovery, and incident response. Along with your career, secure application development will become increasingly important. In this lesson, we will cover Secure Coding Techniques- Input validation, Normalization, and Output Encoding, Server-side and Client-side Validation, Data Exposure and Memory Management, Software development kit (SDK), Stored procedures. We understand what Automation is and what it provides? Scalability, Elasticity. We also cover a Secure Application Development Environment Development, Test, Staging, Production. In Automation/scripting we learn deeply Automated courses of action, Continuous Monitoring, Continuous Validation, Continuous Integration, Continuous Delivery, Continuous deployment. www.infosectrain.com | sales@infosectrain.com 05

7. 04 Authentication and authorization design concepts In this lesson, we will learn Authentication Methods, Biometrics concepts, Multi-Factor Authentication Factors, Authentication Attributes, we also cover AAA (Authentication, Authorization, and Accounting) and Cloud versus On-premises Requirements. In Authentication Methods, we cover Directory Services, Federation, Attestation, Smart Card Authentication, Authentication Technologies like- TOTP (Time-based One- time password), HOTP (HMAC-based one-time password), Short message service (SMS), Token key, Static codes, Authentication applications, Push notifications, Phone call. In Biometrics we learn how it works and about its various topics like Fingerprint, Retina, Iris, Facial, Voice, Vein, Gait analysis, Efficacy rates, False acceptance, False rejection, Crossover error rate. In the Authentication Factor, we learn some authentication factors which ensure that the account can only be used by the account user. The factors are Something you know, Something you have, Something you are. And in Authentication Attributes, we cover Somewhere you are, Something you can do, Something you exhibit, Someone you know. www.infosectrain.com | sales@infosectrain.com 06

8. 05 Implement cybersecurity resilience In this lesson, we learn how to secure the whole organization. The topics we cover inside this are Redundancy, Replication, Backup types, Non-persistence, High availability, Scalability, Restoration order, Diversity. Let’s see what sub-topics we will learn, in Redundancy we cover, Geographic dispersal, Disk, Redundant array of inexpensive disks (RAID) levels, Multipath, Network, Load balancers, Network interface card (NIC) teaming, Power, Uninterruptible power supply (UPS), Generator, Dual supply, Managed power distribution units (PDUs). Inside Replication, we learn Storage area networks and VM. In Backup, we understand types of backup like Full, Incremental, Snapshot, Differential, Tape, Disk, Copy, Network-attached storage (NAS), Storage area network, Cloud, Image, Online and offline, Offsite storage, Distance considerations. www.infosectrain.com | sales@infosectrain.com 07

9. 06 Security implications of embedded and specialized systems In this lesson, we learn Embedded systems, Specialized, Supervisory control and data acquisition (SCADA)/industrial control system (ICS), Supervisory control and data acquisition (SCADA)/industrial control system (ICS), Communication considerations, Constraints, Voice over IP (VoIP), Heating, ventilation, air conditioning (HVAC), Drones, Multifunction printer (MFP), Real-time operating system (RTOS), Surveillance systems, System on chip (SoC). In Embedded Systems we cover Raspberry Pi, Field-programmable gate array (FPGA), Arduino. In Specialized we cover Medical systems, Vehicles, Aircraft, Smart meters. Inside the Internet of Things (IoT) we learn about, Sensors, Smart devices, Wearables, Facility automation, Weak defaults. www.infosectrain.com | sales@infosectrain.com 08

10. 07 Importance of physical security controls In this lesson, we will learn about the importance of physical security. This part will clear your concepts on Bollards/barricades, Access control vestibules, Badges, Alarms, Signage, Cameras, USB data blocker, Lighting, Fencing, Fire suppression, Sensors, Drones, Visitor logs, Faraday cages, Air gap, Screened subnet (previously known as demilitarized zone), Protected cable distribution, Secure data destruction. Inside Sensors, we cover Motion detection, Noise detection, Proximity reader, Moisture detection, Cards, Temperature. We also cover secure data destruction sub-topics like Burning, Shredding, Pulping, Pulverizing, Degaussing, Third-party solutions. www.infosectrain.com | sales@infosectrain.com 09

11. www.infosectrain.com | sales@infosectrain.com