Comptia Security+ 501

CompTIA Security+ 501

CompTIA Security+

SY0-501

Instructor: Ron Woerner, CISSP, CISM

CompTIA Security+ Domain 2 – Technologies & Tools

2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization

Cybrary Instructor: Ron Woerner 1 CompTIA Security+ 501

2.2 Security Assessment Tools

● Protocol analyzer ● Data sanitization tools ● Network scanners ● Steganography tools ● Vulnerability scanner ● Honeypot ● Exploitation frameworks ● Backup utilities ● Configuration ● Banner grabbing compliance scanner ● Passive vs. active ● Command line tools

Protocol Analyzers

● Aka Packet Sniffers ● Gathering packet-level information on a network ● Examples: Wireshark TCPDump

Cybrary Instructor: Ron Woerner 2 CompTIA Security+ 501

Wireshark

Network scanners / mappers

● Knowing what’s on your network ● Network enumeration

Cybrary Instructor: Ron Woerner 3 CompTIA Security+ 501

Network scanners

Nmap / ZenMap

Cybrary Instructor: Ron Woerner 4 CompTIA Security+ 501

Network scanners

Fing (iOS & Android)

Vulnerability scanner

● Software utility that scans a range of IP addresses and tests for the presence of known vulnerabilities in software configuration and accessible services ● Relies upon a database of known vulnerabilities

Cybrary Instructor: Ron Woerner 5 CompTIA Security+ 501

Vulnerability Scanners

Examples: ● Nessus (Tenable) ● OpenVAS: Linux ● Nexpose Community Edition: Scan web applications, databases, and virtual environments, ● Qualys FreeScan: Checks for hidden malware and SSL issues, among other network vulnerabilities

OWASP ZAP

● ZAP - Zed Application Proxy ● Discovers security vulnerabilities in web applications

Cybrary Instructor: Ron Woerner 6 CompTIA Security+ 501

Exploitation Frameworks

● Platforms used for penetration testing and risk assessments ● Frameworks contains a set of exploits for known vulnerabilities ● Examples: Metasploit, Canvas, and Core Impact ● Browser Exploitation Framework (BeEF) – pen testing tool for exploiting web vulnerabilities

Kali Linux

• Kali Linux is a Debian-derived Linux distribution, designed for digital forensics and penetration testing. • Kali Linux is preinstalled with numerous penetration-testing programs. • Kali Linux can be run from a hard disk, live CD, or live USB. It is a supported platform of the Metasploit Project's Metasploit Framework, a tool for developing and executing security exploits.

Cybrary Instructor: Ron Woerner 7 CompTIA Security+ 501

Social Engineering Toolkit (SET)

Cybrary Instructor: Ron Woerner 8 CompTIA Security+ 501

Wireless Scanners

● Gather information about Wi-Fi networks ● Detect access points (rogue or valid) ● Break encryption keys

Examples: ● Aerodump ● Kismet/KisMAC ● Netstumbler ● Vistumber ● inSSIDer

Cybrary Instructor: Ron Woerner 9 CompTIA Security+ 501

Configuration compliance

● Microsoft Baseline Security Analyzer (MBSA): A software vulnerability scanner to analyze targeted Microsoft systems, to detect whether software security patches or baseline configuration settings are missing ● Center for Internet Security (CIS) ● Nessus (Also vulnerability scanning)

Banner Grabbing

● A technique to identify operating systems, applications and services on a system ● Narrows vulnerability searches

● Netcat ○ Free download for Windows and Linux ○ Read & Write TCP & UDP network connections ○ Run from the command line

Cybrary Instructor: Ron Woerner 10 CompTIA Security+ 501

Password Crackers

● Used to disclose passwords and assess password strength ● Online password-cracking tools enable you to type in the hash and get the password returned in plain text ● Examples: ○ Brutus ○ Cain and Able ○ John the Ripper ○ THC Hydra

Honeypots / Honeynets

Use: ● Systems or networks exposed to capture malicious activity ● Gather investigation evidence ● Study attack strategies

Separated from any business network

http://www.honeyd.org/

Cybrary Instructor: Ron Woerner 11 CompTIA Security+ 501

Steganography

● Means “hidden writing” – hiding messages, often in other media, so that unintended recipients are not even aware of any message ● Approaches: ○ Least significant bit insertion ○ Masking and filtering ○ Algorithms and transformations ● Common steganography tools include: ○ OpenPuff ○ Camouflage ○ Steghide ○ rSteg

Data Sanitization Tools

● Sanitization – the process of removing contents from a device or media

● Examples: ○ DBAN ○ BCWipe ○ Cryptographic erase (CE)

Cybrary Instructor: Ron Woerner 12 CompTIA Security+ 501

Command Line Tools

● man ● ping ● netstat ● tracert ● nslookup/dig ● arp ● ipconfig/ip/ifconfig ● tcpdump ● nmap ● netcat

Command Line Tools

SysInternals Suite • Autoruns • Process Explorer

Video: Mark Russinovich, Malware Hunting

Ron Woerner, 2017

Cybrary Instructor: Ron Woerner 13 CompTIA Security+ 501

Exam Preparation

Also known as packet sniffers, these tools help you troubleshoot network issues by gathering packet-level information across the network?

A. Vulnerability scanners B. Exploitation frameworks C. Configuration compliance D. Protocol analyzers

Exam Preparation

Alex is conduct forensics of a phishing email. She knows the IP address of the originating email server. What command would show Alex the compete path to that IP address?

A. ping B. tracert C. netstat D. nslookup

Cybrary Instructor: Ron Woerner 14 CompTIA Security+ 501

Security+ Lab Guide

In this exercise, you will learn how to use the following tools: • Nmap / ZenMap • Wireshark

Security+ Lab Guide

In this exercise, you will learn how to use the following password cracking tools: • Cain & Abel • PWDump • LMHash • Detecting Rootkits

Cybrary Instructor: Ron Woerner 15 CompTIA Security+ 501

Security+ Lab Guide

CompTIA Security+ Domain 2 – Technologies & Tools

2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization

Cybrary Instructor: Ron Woerner 16