\documentclass[10pt,a4paper]{article} % Packages \usepackage{fancyhdr} % For header and footer \usepackage{multicol} % Allows multicols in tables \usepackage{tabularx} % Intelligent column widths \usepackage{tabulary} % Used in header and footer \usepackage{hhline} % Border under tables \usepackage{graphicx} % For images \usepackage{xcolor} % For hex colours %\usepackage[utf8x]{inputenc} % For unicode character support \usepackage[T1]{fontenc} % Without this we get weird character replacements \usepackage{colortbl} % For coloured tables \usepackage{setspace} % For line height \usepackage{lastpage} % Needed for total page number \usepackage{seqsplit} % Splits long words. %\usepackage{opensans} % Can't make this work so far. Shame. Would be lovely. \usepackage[normalem]{ulem} % For underlining links % Most of the following are not required for the majority % of cheat sheets but are needed for some symbol support. \usepackage{amsmath} % Symbols \usepackage{MnSymbol} % Symbols \usepackage{wasysym} % Symbols %\usepackage[english,german,french,spanish,italian]{babel} % Languages % Document Info \author{sokoctopus (sokoctopus)} \pdfinfo{ /Title (security-601-exam.pdf) /Creator (Cheatography) /Author (sokoctopus (sokoctopus)) /Subject (Security+ 601 Exam Cheat Sheet) } % Lengths and widths \addtolength{\textwidth}{6cm} \addtolength{\textheight}{-1cm} \addtolength{\hoffset}{-3cm} \addtolength{\voffset}{-2cm} \setlength{\tabcolsep}{0.2cm} % Space between columns \setlength{\headsep}{-12pt} % Reduce space between header and content \setlength{\headheight}{85pt} % If less, LaTeX automatically increases it \renewcommand{\footrulewidth}{0pt} % Remove footer line \renewcommand{\headrulewidth}{0pt} % Remove header line \renewcommand{\seqinsert}{\ifmmode\allowbreak\else\-\fi} % Hyphens in seqsplit % This two commands together give roughly % the right line height in the tables \renewcommand{\arraystretch}{1.3} \onehalfspacing % Commands \newcommand{\SetRowColor}[1]{\noalign{\gdef\RowColorName{#1}}\rowcolor{\RowColorName}} % Shortcut for row colour \newcommand{\mymulticolumn}[3]{\multicolumn{#1}{>{\columncolor{\RowColorName}}#2}{#3}} % For coloured multi-cols \newcolumntype{x}[1]{>{\raggedright}p{#1}} % New column types for ragged-right paragraph columns \newcommand{\tn}{\tabularnewline} % Required as custom column type in use % Font and Colours \definecolor{HeadBackground}{HTML}{333333} \definecolor{FootBackground}{HTML}{666666} \definecolor{TextColor}{HTML}{333333} \definecolor{DarkBackground}{HTML}{D93921} \definecolor{LightBackground}{HTML}{FCF2F1} \renewcommand{\familydefault}{\sfdefault} \color{TextColor} % Header and Footer \pagestyle{fancy} \fancyhead{} % Set header to blank \fancyfoot{} % Set footer to blank \fancyhead[L]{ \noindent \begin{multicols}{3} \begin{tabulary}{5.8cm}{C} \SetRowColor{DarkBackground} \vspace{-7pt} {\parbox{\dimexpr\textwidth-2\fboxsep\relax}{\noindent \hspace*{-6pt}\includegraphics[width=5.8cm]{/web/www.cheatography.com/public/images/cheatography_logo.pdf}} } \end{tabulary} \columnbreak \begin{tabulary}{11cm}{L} \vspace{-2pt}\large{\bf{\textcolor{DarkBackground}{\textrm{Security+ 601 Exam Cheat Sheet}}}} \\ \normalsize{by \textcolor{DarkBackground}{sokoctopus (sokoctopus)} via \textcolor{DarkBackground}{\uline{cheatography.com/178232/cs/37168/}}} \end{tabulary} \end{multicols}} \fancyfoot[L]{ \footnotesize \noindent \begin{multicols}{3} \begin{tabulary}{5.8cm}{LL} \SetRowColor{FootBackground} \mymulticolumn{2}{p{5.377cm}}{\bf\textcolor{white}{Cheatographer}} \\ \vspace{-2pt}sokoctopus (sokoctopus) \\ \uline{cheatography.com/sokoctopus} \\ \end{tabulary} \vfill \columnbreak \begin{tabulary}{5.8cm}{L} \SetRowColor{FootBackground} \mymulticolumn{1}{p{5.377cm}}{\bf\textcolor{white}{Cheat Sheet}} \\ \vspace{-2pt}Published 25th March, 2023.\\ Updated 25th March, 2023.\\ Page {\thepage} of \pageref{LastPage}. \end{tabulary} \vfill \columnbreak \begin{tabulary}{5.8cm}{L} \SetRowColor{FootBackground} \mymulticolumn{1}{p{5.377cm}}{\bf\textcolor{white}{Sponsor}} \\ \SetRowColor{white} \vspace{-5pt} %\includegraphics[width=48px,height=48px]{dave.jpeg} Measure your website readability!\\ www.readability-score.com \end{tabulary} \end{multicols}} \begin{document} \raggedright \raggedcolumns % Set font size to small. Switch to any value % from this page to resize cheat sheet text: % www.emerson.emory.edu/services/latex/latex_169.html \footnotesize % Small font. \begin{multicols*}{2} \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Acronyms}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{3DES} \tn % Row Count 1 (+ 1) % Row 1 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{AI} \tn % Row Count 2 (+ 1) % Row 2 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{ASLR} \tn % Row Count 3 (+ 1) % Row 3 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{BIA} \tn % Row Count 4 (+ 1) % Row 4 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{CAR} \tn % Row Count 5 (+ 1) % Row 5 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{CFB} \tn % Row Count 6 (+ 1) % Row 6 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{COPE} \tn % Row Count 7 (+ 1) % Row 7 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{CSR} \tn % Row Count 8 (+ 1) % Row 8 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{DAC} \tn % Row Count 9 (+ 1) % Row 9 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{DKIM} \tn % Row Count 10 (+ 1) % Row 10 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{DPO} \tn % Row Count 11 (+ 1) % Row 11 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{ECDSA} \tn % Row Count 12 (+ 1) % Row 12 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{ESP} \tn % Row Count 13 (+ 1) % Row 13 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{FTPS} \tn % Row Count 14 (+ 1) % Row 14 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{HA} \tn % Row Count 15 (+ 1) % Row 15 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{HTML} \tn % Row Count 16 (+ 1) % Row 16 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{IDEA} \tn % Row Count 17 (+ 1) % Row 17 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{IMAP4} \tn % Row Count 18 (+ 1) % Row 18 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{IRP} \tn % Row Count 19 (+ 1) % Row 19 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{KDC} \tn % Row Count 20 (+ 1) % Row 20 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{MAM} \tn % Row Count 21 (+ 1) % Row 21 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{MFP} \tn % Row Count 22 (+ 1) % Row 22 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{MSP} \tn % Row Count 23 (+ 1) % Row 23 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{NDA} \tn % Row Count 24 (+ 1) % Row 24 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{NIST} \tn % Row Count 25 (+ 1) % Row 25 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{OAI} \tn % Row Count 26 (+ 1) % Row 26 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{P12} \tn % Row Count 27 (+ 1) % Row 27 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{PBX} \tn % Row Count 28 (+ 1) % Row 28 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{PFS} \tn % Row Count 29 (+ 1) % Row 29 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{PoC} \tn % Row Count 30 (+ 1) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Acronyms (cont)}} \tn % Row 30 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{QA} \tn % Row Count 1 (+ 1) % Row 31 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{RAT} \tn % Row Count 2 (+ 1) % Row 32 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{RSA} \tn % Row Count 3 (+ 1) % Row 33 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{SAML} \tn % Row Count 4 (+ 1) % Row 34 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{SDP} \tn % Row Count 5 (+ 1) % Row 35 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{SIP} \tn % Row Count 6 (+ 1) % Row 36 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{SOAR} \tn % Row Count 7 (+ 1) % Row 37 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{SSD} \tn % Row Count 8 (+ 1) % Row 38 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{TACACS+} \tn % Row Count 9 (+ 1) % Row 39 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{UAT} \tn % Row Count 10 (+ 1) % Row 40 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{USB} \tn % Row Count 11 (+ 1) % Row 41 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{VLSM} \tn % Row Count 12 (+ 1) % Row 42 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{WEP} \tn % Row Count 13 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{POST EXAM BRAIN DUMP}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{{\bf{PBQs}}} \tn % Row Count 1 (+ 1) % Row 1 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{Know how to configure a RADIUS server, WiFi server, and a client machine with PKI, WPA2 and current best security practices} \tn % Row Count 4 (+ 3) % Row 2 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{Be familiar with the linux kernel and how to identify how attacks are taken out on there} \tn % Row Count 6 (+ 2) % Row 3 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{what security measures can be taken ons pecific network devices to enhance security} \tn % Row Count 8 (+ 2) % Row 4 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{What tech can be applied to different network devices (web server, database, domain controller))} \tn % Row Count 10 (+ 2) % Row 5 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{Review attack types and their indicators} \tn % Row Count 11 (+ 1) % Row 6 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{{\bf{General}}} \tn % Row Count 12 (+ 1) % Row 7 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{Port numbers and their protocols, only common ones are mentioned and just review them. It can make some of the other questions easier as well.} \tn % Row Count 15 (+ 3) % Row 8 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{different methods of "preventative" and the like, what physical security measures are the most effective} \tn % Row Count 18 (+ 3) % Row 9 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{differences between SOAR and SIEM, Other acronyms to review: CVSS,LDAP, SPI, SoC, API} \tn % Row Count 20 (+ 2) % Row 10 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{CASB, other cloud computing concepts (what it takes to move an organization to the cloud, availibility, BCP, edge and fog computing))} \tn % Row Count 23 (+ 3) % Row 11 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{review linux kernel for directory traversals, CSFR,} \tn % Row Count 25 (+ 2) % Row 12 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{Tip: when taking the exam, flag questions that are worded weirdly and go back to them later and try to rewrite the question yourself. This is what I had to do for like 8 questions} \tn % Row Count 29 (+ 4) % Row 13 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{Best cryptography practices and types to use based on specific scenarios, understand how PKI and PSK works, Tokenization vs hashes} \tn % Row Count 32 (+ 3) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{POST EXAM BRAIN DUMP (cont)}} \tn % Row 14 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{Tip: most "scenarios" seemed to start with "\_\_\_\_\_ works at \_\_\_\_\_ organization and is \seqsplit{updating/removing/hardening"}, so familiarize yourself with business related terms} \tn % Row Count 4 (+ 4) % Row 15 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{Review GDPR, ISO, NIST, the diamond intrustion analysis method, and Diffe} \tn % Row Count 6 (+ 2) % Row 16 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{Best practices for implementing secure work from home networks and remote desktop accessing} \tn % Row Count 8 (+ 2) \hhline{>{\arrayrulecolor{DarkBackground}}-} \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{My final score was 759 the second time I took it, 723 the first \newline {\bf{DISCLAIMER}}: This is not a word for word description of the exam and every exam is different \newline \{\{link="https://free-braindumps.com/comptia/free-sy0-601-braindumps.html"\}\}Braindumps.com This website has some "very very similar" questions as to what I had on this exam} \tn \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{6.8 cm} x{1.2 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{Exam Objectives}} \tn % Row 0 \SetRowColor{LightBackground} Attacks, Threats, and Vulnerabilities (24\%) & \seqsplit{1.1-1.8} \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} Architechture (21\%) & \seqsplit{2.1-2.8} \tn % Row Count 4 (+ 2) % Row 2 \SetRowColor{LightBackground} Implementation (25\%) & \seqsplit{3.1-3.9} \tn % Row Count 6 (+ 2) % Row 3 \SetRowColor{white} Operations and Incident Response (16\%) & \seqsplit{4.1-4.5} \tn % Row Count 8 (+ 2) % Row 4 \SetRowColor{LightBackground} Governance, Risk, and Compliance (14\%) & \seqsplit{5.1-5.6} \tn % Row Count 10 (+ 2) \hhline{>{\arrayrulecolor{DarkBackground}}--} \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{36 Objective Tasks, each with various subsections.} \tn \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{1.1-1.8: Threats, Attacks, Vulnerabilities}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{} \tn % Row Count 0 (+ 0) \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{3.12 cm} x{4.88 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{1.1 SE Attacks}} \tn % Row 0 \SetRowColor{LightBackground} Phishing & a way to trick people into giving up sensitive info, usually through fake links. prevent with email \tn % Row Count 5 (+ 5) % Row 1 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{filtering} \tn % Row Count 6 (+ 1) % Row 2 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Smishing} \tn % Row Count 7 (+ 1) % Row 3 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Vishing} \tn % Row Count 8 (+ 1) % Row 4 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Spam/SPIM} \tn % Row Count 9 (+ 1) % Row 5 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Spear phishing} \tn % Row Count 10 (+ 1) % Row 6 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Whaling} \tn % Row Count 11 (+ 1) % Row 7 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Prepending} \tn % Row Count 12 (+ 1) % Row 8 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Reconnaissance} \tn % Row Count 13 (+ 1) % Row 9 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Watering Hole Attack} \tn % Row Count 14 (+ 1) % Row 10 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Influence Campaigns} \tn % Row Count 15 (+ 1) % Row 11 \SetRowColor{white} Reasons of Effectiveness & authority, intimidation, consensus, scarcity, familiarity, trust, urgency \tn % Row Count 19 (+ 4) \hhline{>{\arrayrulecolor{DarkBackground}}--} \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{ac\}\}Terms without Definitions \newline dumpster diving, shoulder surfing, pharming, tailgating, eliciting information, identity fraud, invoice scams, credential harvesting, impersonation, hoax, typo squatting, pretexting,} \tn \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{3.344 cm} x{1.9 cm} x{2.356 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{1.2 Analyze Attack Indicators}} \tn % Row 0 \SetRowColor{LightBackground} \{\{width=26\}\}{\bf{Malware}} & \seqsplit{Ransomware} & \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} & Trojan & \tn % Row Count 3 (+ 1) % Row 2 \SetRowColor{LightBackground} & Worm & \tn % Row Count 4 (+ 1) % Row 3 \SetRowColor{white} & PUPs & \tn % Row Count 5 (+ 1) % Row 4 \SetRowColor{LightBackground} & Logic Bomb & \tn % Row Count 6 (+ 1) % Row 5 \SetRowColor{white} & RAT & \tn % Row Count 7 (+ 1) % Row 6 \SetRowColor{LightBackground} & Rootkit & \tn % Row Count 8 (+ 1) % Row 7 \SetRowColor{white} & \seqsplit{cryptomalware} & \tn % Row Count 10 (+ 2) % Row 8 \SetRowColor{LightBackground} {\bf{Pass Attacks}} & spraying & \tn % Row Count 11 (+ 1) % Row 9 \SetRowColor{white} & \seqsplit{dictionary} & \tn % Row Count 12 (+ 1) % Row 10 \SetRowColor{LightBackground} & brute force & online v offline \tn % Row Count 14 (+ 2) % Row 11 \SetRowColor{white} & Rainbow Table & \tn % Row Count 16 (+ 2) % Row 12 \SetRowColor{LightBackground} {\bf{Physical}} & skimming & \tn % Row Count 17 (+ 1) % Row 13 \SetRowColor{white} {\bf{AI}} & Training Data & \tn % Row Count 19 (+ 2) % Row 14 \SetRowColor{LightBackground} {\bf{Cryptographic}} & birthday & \tn % Row Count 20 (+ 1) % Row 15 \SetRowColor{white} & collision & \tn % Row Count 21 (+ 1) % Row 16 \SetRowColor{LightBackground} & downgrade & \tn % Row Count 22 (+ 1) % Row 17 \SetRowColor{white} \mymulticolumn{3}{x{8.4cm}}{{\bf{Cloud-based v. on prem}}} \tn % Row Count 23 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}---} \SetRowColor{LightBackground} \mymulticolumn{3}{x{8.4cm}}{\{\{ac\}\} Terms w/o Definitions \newline Malware: fileless virus, command and control, bots, spyware, keyloggers, backdoor \newline Password Attacks: plain text, unencrypted \newline Physical Attacks: USB, malicious flash drive, card cloning} \tn \hhline{>{\arrayrulecolor{DarkBackground}}---} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{p{0.8 cm} p{0.8 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{1.3 Indicators of App Attacks}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{width=30\}\}Privilege Escalation} \tn % Row Count 1 (+ 1) % Row 1 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{XSS} \tn % Row Count 2 (+ 1) % Row 2 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Injections} \tn % Row Count 3 (+ 1) % Row 3 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Pointer/object Dereference} \tn % Row Count 4 (+ 1) % Row 4 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Buffer Overflows} \tn % Row Count 5 (+ 1) % Row 5 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Error Handling} \tn % Row Count 6 (+ 1) % Row 6 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Race Conditions} \tn % Row Count 7 (+ 1) % Row 7 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Imprope Input Handling} \tn % Row Count 8 (+ 1) % Row 8 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Replay Attack} \tn % Row Count 9 (+ 1) % Row 9 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Integer Overflow} \tn % Row Count 10 (+ 1) % Row 10 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Request Forgeries} \tn % Row Count 11 (+ 1) % Row 11 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{API Attacks} \tn % Row Count 12 (+ 1) % Row 12 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{SSL Stripping} \tn % Row Count 13 (+ 1) % Row 13 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Driver Manipulation} \tn % Row Count 14 (+ 1) % Row 14 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Pass the Hash} \tn % Row Count 15 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}--} \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{ac\}\}Terms w/o Definitions \newline resource exhaustion, memory leak} \tn \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{3.496 cm} x{3.344 cm} p{0.76 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{1.4 Network Attacks}} \tn % Row 0 \SetRowColor{LightBackground} \{\{width=30\}\}{\bf{Wireless}} & Evil Twin & \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} & Rougue Access Point & \tn % Row Count 4 (+ 2) % Row 2 \SetRowColor{LightBackground} & Bluesnarfing & \tn % Row Count 5 (+ 1) % Row 3 \SetRowColor{white} & Bluejacking & \tn % Row Count 6 (+ 1) % Row 4 \SetRowColor{LightBackground} & Disassociation & \tn % Row Count 7 (+ 1) % Row 5 \SetRowColor{white} & RFID & \tn % Row Count 8 (+ 1) % Row 6 \SetRowColor{LightBackground} & NFC & \tn % Row Count 9 (+ 1) % Row 7 \SetRowColor{white} & IV & \tn % Row Count 10 (+ 1) % Row 8 \SetRowColor{LightBackground} \mymulticolumn{3}{x{8.4cm}}{{\bf{On-path}}} \tn % Row Count 11 (+ 1) % Row 9 \SetRowColor{white} {\bf{Layer 2}} & ARP poisoning & \tn % Row Count 12 (+ 1) % Row 10 \SetRowColor{LightBackground} & MAC poisoning & \tn % Row Count 13 (+ 1) % Row 11 \SetRowColor{white} \mymulticolumn{3}{x{8.4cm}}{{\bf{DNS Poisoning}}} \tn % Row Count 14 (+ 1) % Row 12 \SetRowColor{LightBackground} {\bf{DDoS}} & OT, Network, App & \tn % Row Count 15 (+ 1) % Row 13 \SetRowColor{white} {\bf{Malicious Code}} & VBA & \tn % Row Count 16 (+ 1) % Row 14 \SetRowColor{LightBackground} & PS, Python, Bash & \tn % Row Count 17 (+ 1) % Row 15 \SetRowColor{white} & Macros & \tn % Row Count 18 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}---} \SetRowColor{LightBackground} \mymulticolumn{3}{x{8.4cm}}{\{\{ac\}\}Terms w/o Definition \newline MAC cloning, domain hijacking, URL redirection, domain reputation} \tn \hhline{>{\arrayrulecolor{DarkBackground}}---} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{3.496 cm} x{3.344 cm} p{0.76 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{1.5 Threat Vectors}} \tn % Row 0 \SetRowColor{LightBackground} \{\{width=30\}\}{\bf{Actors and Threats}} & APT & \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} & Auth Hackers & \tn % Row Count 3 (+ 1) % Row 2 \SetRowColor{LightBackground} & Unauth Hackers & \tn % Row Count 4 (+ 1) % Row 3 \SetRowColor{white} & Semi-auth & \tn % Row Count 5 (+ 1) % Row 4 \SetRowColor{LightBackground} & Shadow IT & \tn % Row Count 6 (+ 1) % Row 5 \SetRowColor{white} {\bf{Attributes of Actors}} & Internal or external threats, level of \seqsplit{experience/capability}, resources, funding, intent & \tn % Row Count 12 (+ 6) % Row 6 \SetRowColor{LightBackground} {\bf{Vectors}} & Direct access, wireless, email, supply chain, social media, cloud, removable media & \tn % Row Count 17 (+ 5) % Row 7 \SetRowColor{white} {\bf{Threat Intel Sources}} & OSINT & \tn % Row Count 19 (+ 2) % Row 8 \SetRowColor{LightBackground} & Proprietary & \tn % Row Count 20 (+ 1) % Row 9 \SetRowColor{white} & CVE Databases & \tn % Row Count 21 (+ 1) % Row 10 \SetRowColor{LightBackground} & AIS & \tn % Row Count 22 (+ 1) % Row 11 \SetRowColor{white} {\bf{Research Sources}} & Conferences, academic journals, RFC, local industry, social media, threat feeds & \tn % Row Count 27 (+ 5) % Row 12 \SetRowColor{LightBackground} & TTP & \tn % Row Count 28 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}---} \SetRowColor{LightBackground} \mymulticolumn{3}{x{8.4cm}}{\{\{ac\}\}Terms w/o Definitions \newline insider threats, state actors, hacktivists, script kiddies, criminal syndicates \newline dark web, IoC, sharing centers, predictive analysis, threat maps, code repos} \tn \hhline{>{\arrayrulecolor{DarkBackground}}---} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{2.96 cm} x{5.04 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{1.6 Security Concerns}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{width=30\}\}There are security concerns with each of the sections below. The concerns depend on industry, implementation, and time, along with other factors. The objective is to explain the security concerns associated with everything below} \tn % Row Count 5 (+ 5) % Row 1 \SetRowColor{white} Cloud based v on prem & {\bf{Cloud}}- can be hacked, default must be changed, availability {\bf{On-prem}}- physical, can be stolen, human errors \tn % Row Count 10 (+ 5) % Row 2 \SetRowColor{LightBackground} General Concerns & open permissions, unsecure root accounts, errors, weak encryption, unsecure protocols, default settings, open ports and services \tn % Row Count 16 (+ 6) % Row 3 \SetRowColor{white} Thirs Party Risks & vendor management, supply chain, outsourced code, data storage \tn % Row Count 19 (+ 3) % Row 4 \SetRowColor{LightBackground} Impacts of Bad Security & data \seqsplit{loss/breaches/exfiltration}, identity theft, financial, reputation, availability loss \tn % Row Count 23 (+ 4) \hhline{>{\arrayrulecolor{DarkBackground}}--} \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{ac\}\}Terms w/o Definition \newline zero-day, patch management, legacy platforms} \tn \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{3.268 cm} x{3.572 cm} p{0.76 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{1.7 Techniques}} \tn % Row 0 \SetRowColor{LightBackground} \{\{width=30\}\}{\bf{Threat Hunting}} & Intel fusion & \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} & threat feeds & \tn % Row Count 3 (+ 1) % Row 2 \SetRowColor{LightBackground} & manuever & \tn % Row Count 4 (+ 1) % Row 3 \SetRowColor{white} {\bf{Vulnerability Scans}} & non/credentialed & \tn % Row Count 6 (+ 2) % Row 4 \SetRowColor{LightBackground} & non/intrusive & \tn % Row Count 7 (+ 1) % Row 5 \SetRowColor{white} & application & \tn % Row Count 8 (+ 1) % Row 6 \SetRowColor{LightBackground} & CVE & \tn % Row Count 9 (+ 1) % Row 7 \SetRowColor{white} & Config review & \tn % Row Count 10 (+ 1) % Row 8 \SetRowColor{LightBackground} {\bf{SIEM}} & Security info and event management & \tn % Row Count 12 (+ 2) % Row 9 \SetRowColor{white} & Packet Capture, review reports, data inputs & \tn % Row Count 15 (+ 3) % Row 10 \SetRowColor{LightBackground} & User behavior analysis & \tn % Row Count 17 (+ 2) % Row 11 \SetRowColor{white} & sentiment analysis & \tn % Row Count 18 (+ 1) % Row 12 \SetRowColor{LightBackground} & security monitoring & \tn % Row Count 20 (+ 2) % Row 13 \SetRowColor{white} & log collectors & \tn % Row Count 21 (+ 1) % Row 14 \SetRowColor{LightBackground} {\bf{SOAR}} & Security, orchestration, automation, and response & \tn % Row Count 24 (+ 3) \hhline{>{\arrayrulecolor{DarkBackground}}---} \SetRowColor{LightBackground} \mymulticolumn{3}{x{8.4cm}}{\{\{ac\}\} Terms w/o Definition \newline false positives/negatives, log reviews, web application, network} \tn \hhline{>{\arrayrulecolor{DarkBackground}}---} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{3.52 cm} x{4.48 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{1.8 Pen Test Techniques}} \tn % Row 0 \SetRowColor{LightBackground} \{\{width=30\}\}Passive/Active Recon & drones, war flying/driving, footprinting, OSINT \tn % Row Count 3 (+ 3) % Row 1 \SetRowColor{white} Exercise Types & red, blue, white, or purple team \tn % Row Count 5 (+ 2) % Row 2 \SetRowColor{LightBackground} Pen Testing & un/known environment, partially known environment, lateral movement, privilege escalation, cleanup, bug bounty, pivoting \tn % Row Count 11 (+ 6) \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{2.1-2.8: Architecture and Design}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{} \tn % Row Count 0 (+ 0) \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{2.4 cm} x{5.6 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{2.1 Sec Conference}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{width=30\}\}EXplain the importance of security concepts in an enterprise environment} \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} Config Management & diagrams, baseline \tn % Row Count 4 (+ 2) % Row 2 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Data soverignty} \tn % Row Count 5 (+ 1) % Row 3 \SetRowColor{white} Data Protection & DLP, masking, encryption, at rest, in motion, in processing \tn % Row Count 8 (+ 3) % Row 4 \SetRowColor{LightBackground} & tokenization \tn % Row Count 9 (+ 1) % Row 5 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Geography} \tn % Row Count 10 (+ 1) % Row 6 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{SSL transport} \tn % Row Count 11 (+ 1) % Row 7 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{API} \tn % Row Count 12 (+ 1) % Row 8 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Site resiliency (hot, warm, cold))} \tn % Row Count 13 (+ 1) % Row 9 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Honeypots/flies/nets} \tn % Row Count 14 (+ 1) % Row 10 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{DNS Sinkhole} \tn % Row Count 15 (+ 1) % Row 11 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Fake telemetry} \tn % Row Count 16 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{3.04 cm} x{4.96 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{2.2 Cloud Concepts}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{width=30\}\}Acronyms to review: IaaS, PaaS, SaaS, XaaS, CSP, MSP/MSSP, API, SDN, SDV, VM, SIAM} \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} Fog computing & cloud that is close to IoT data, midpoint, distributed cloud architecture, extends the cloud, distribute data and processing \tn % Row Count 8 (+ 6) % Row 2 \SetRowColor{LightBackground} & no latency, no bandwidth reqs, miminzes security concerns \tn % Row Count 11 (+ 3) % Row 3 \SetRowColor{white} Edge computing & IoT systems, edge server, close to the use, process the data on the device, increased internet speed \tn % Row Count 16 (+ 5) % Row 4 \SetRowColor{LightBackground} Thin client & basic app usage, runs on remote server, VDI, local device, minimal operating system on the client, big network requirement \tn % Row Count 22 (+ 6) % Row 5 \SetRowColor{white} Containers & Standardized, physical infrastructure with one OS with container software, isolated process, image, standardized and lightweight, secure \tn % Row Count 28 (+ 6) % Row 6 \SetRowColor{LightBackground} Monolithic & client database code, one big application, codebase is so large it is hard to do maintinence, not as fast \tn % Row Count 33 (+ 5) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{x{3.04 cm} x{4.96 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{2.2 Cloud Concepts (cont)}} \tn % Row 7 \SetRowColor{LightBackground} & Microservices and APIs are the more effecient version of monolithic \tn % Row Count 3 (+ 3) % Row 8 \SetRowColor{white} \seqsplit{Microservices/APIs} & API gateway manages communication through gateway to different microservices that leads to a data base, the API is the "glue", scalable, resilient, security and compliance \tn % Row Count 11 (+ 8) % Row 9 \SetRowColor{LightBackground} Serverless architechture & FaaS, applications are remote and autonomous, removes the OS, it is a stateless compute container, event triggered (available as needed), third party \tn % Row Count 18 (+ 7) % Row 10 \SetRowColor{white} Transit Gateway & VPC, public cloud that has resources, VPC is controlled by the transit gateway aka "cloud router," connects through VPN to VPCs \tn % Row Count 24 (+ 6) % Row 11 \SetRowColor{LightBackground} Virtualization & one physical piece of hardware, runs different OSs on one deviceVm sprwal avoidance \tn % Row Count 28 (+ 4) % Row 12 \SetRowColor{white} & vm escape protection \tn % Row Count 29 (+ 1) % Row 13 \SetRowColor{LightBackground} {\emph{Virtualization Security}} & avoid VM sprawl because noo one knows where VMs live, detail provisioning so everyone knows where it is (track), VM is self-contained \tn % Row Count 35 (+ 6) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{x{3.04 cm} x{4.96 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{2.2 Cloud Concepts (cont)}} \tn % Row 14 \SetRowColor{LightBackground} & VM escape attack type can control host \tn % Row Count 2 (+ 2) % Row 15 \SetRowColor{white} HaaS/IaaS & outsourcing equipment, must manage internally \tn % Row Count 4 (+ 2) % Row 16 \SetRowColor{LightBackground} SaaS & easier and on-demand \tn % Row Count 5 (+ 1) % Row 17 \SetRowColor{white} PaaS & middle ground, no HVAC, no maintenance team, no direct control, building blocks \tn % Row Count 9 (+ 4) % Row 18 \SetRowColor{LightBackground} Cloud Design & elasticity, on-demand, global access, \tn % Row Count 11 (+ 2) % Row 19 \SetRowColor{white} Data Protection & resource policies, \tn % Row Count 12 (+ 1) % Row 20 \SetRowColor{LightBackground} SIAM & most providers are different, SIAM integrates diverse providers for a unified view \tn % Row Count 16 (+ 4) % Row 21 \SetRowColor{white} IaaC & can be deployed at will, describes app instances in code, \tn % Row Count 19 (+ 3) % Row 22 \SetRowColor{LightBackground} SDN & central mngmt, vendor neutral, no human intervention, Agile, directly programmable \tn % Row Count 23 (+ 4) % Row 23 \SetRowColor{white} & to secure, use Internal firewall to connect all servers, use an IPS between internet and internal net, devices are software based \tn % Row Count 29 (+ 6) % Row 24 \SetRowColor{LightBackground} SDV & must see traffic to secure data, monitoring, SIEM, firewalls are able to be implemented \tn % Row Count 33 (+ 4) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{x{3.04 cm} x{4.96 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{2.2 Cloud Concepts (cont)}} \tn % Row 25 \SetRowColor{LightBackground} & data is encapsulated and encrypted \tn % Row Count 2 (+ 2) \hhline{>{\arrayrulecolor{DarkBackground}}--} \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{ac\}\} Terms w/o Definitions: \newline public, community, hybrid, infrastructure as code, on prem v off prem, service integration, multisourcing, control pane (config), data plane (performing)} \tn \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{2.32 cm} x{5.68 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{2.3 App Dev/Deploy}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{width=30\}\}Must be able to summarize these concepts} \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{De/Provisioning} \tn % Row Count 3 (+ 1) % Row 2 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{QA} \tn % Row Count 4 (+ 1) % Row 3 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Integrity Measurement} \tn % Row Count 5 (+ 1) % Row 4 \SetRowColor{LightBackground} Secure Coding & normalization, stored procedures \tn % Row Count 7 (+ 2) % Row 5 \SetRowColor{white} & obfuscation/camoflauge \tn % Row Count 8 (+ 1) % Row 6 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Server v Client Side} \tn % Row Count 9 (+ 1) % Row 7 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{OWASP} \tn % Row Count 10 (+ 1) % Row 8 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Compiler v Binary} \tn % Row Count 11 (+ 1) % Row 9 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Elasticity} \tn % Row Count 12 (+ 1) % Row 10 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Scalability} \tn % Row Count 13 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}--} \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{ac\}\} Terms w/o Definitions: \newline memory management, version control,} \tn \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{3.68 cm} x{4.32 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{2.4 Authen. and Author.}} \tn % Row 0 \SetRowColor{LightBackground} \{\{width=30\}\}Authentication methods & directory services \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} & federation \tn % Row Count 3 (+ 1) % Row 2 \SetRowColor{LightBackground} & attestation \tn % Row Count 4 (+ 1) % Row 3 \SetRowColor{white} & TOTP, HOTP, SMS, token key, static codes, push notifications/phone calls \tn % Row Count 8 (+ 4) % Row 4 \SetRowColor{LightBackground} & smart cards \tn % Row Count 9 (+ 1) % Row 5 \SetRowColor{white} Biometrics & fingerprint, retina, iris, facial, voice, gait analysis, efficacy rates, fase acceptance/rejection, CER \tn % Row Count 14 (+ 5) % Row 6 \SetRowColor{LightBackground} MFA & Factors: something you know, have, or are \tn % Row Count 16 (+ 2) % Row 7 \SetRowColor{white} & Attributes: somewhere you are, something you can do or exhibit, someone you know \tn % Row Count 20 (+ 4) % Row 8 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{AAA} \tn % Row Count 21 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{2.8 cm} x{5.2 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{2.5 Cybersecurity}} \tn % Row 0 \SetRowColor{LightBackground} \{\{width=30\}\}Redundancy & RAID \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} & Load Balancers on a network \tn % Row Count 4 (+ 2) % Row 2 \SetRowColor{LightBackground} & UPS \tn % Row Count 5 (+ 1) % Row 3 \SetRowColor{white} Backup types & Full \tn % Row Count 6 (+ 1) % Row 4 \SetRowColor{LightBackground} & Incremental \tn % Row Count 7 (+ 1) % Row 5 \SetRowColor{white} & Snapshot \tn % Row Count 8 (+ 1) % Row 6 \SetRowColor{LightBackground} & Differential \tn % Row Count 9 (+ 1) % Row 7 \SetRowColor{white} & Tape \tn % Row Count 10 (+ 1) % Row 8 \SetRowColor{LightBackground} \seqsplit{Non-persistence} & revert to nkown state, last known good config, high availibility, restoration order \tn % Row Count 14 (+ 4) % Row 9 \SetRowColor{white} Diversity & tech, vendors, crypto, controls \tn % Row Count 16 (+ 2) \hhline{>{\arrayrulecolor{DarkBackground}}--} \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{ac\}\} Terms w/o Definitions: \newline generator, dual supply, managed power, PDUs, multipath, NIC, replication (SAN), disk, copy, NAS, cloud, image, online v offline, offsite storage} \tn \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{4 cm} x{4 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{2.6 Sec Implications}} \tn % Row 0 \SetRowColor{LightBackground} \{\{width=30\}\}Acronyms to Remember & {\bf{{\emph{REVIEW THEIR IMPLICATIONS AND SCENARIOS}}}} SCADA, IoT, VoIP, HVAC, MFP, RTOS, SoC, SIM cards \tn % Row Count 5 (+ 5) % Row 1 \SetRowColor{white} Embedded systems & arduino, raspberry pi, FPGA \tn % Row Count 7 (+ 2) % Row 2 \SetRowColor{LightBackground} SCADA/ICS & facilities, industrial, manufacturing, energy, logistics \tn % Row Count 10 (+ 3) % Row 3 \SetRowColor{white} IoT & sensors, smart devices, wearables, facility automation, weak defaults \tn % Row Count 14 (+ 4) % Row 4 \SetRowColor{LightBackground} specialized systems & medical \tn % Row Count 15 (+ 1) % Row 5 \SetRowColor{white} & vehicles, aircraft \tn % Row Count 16 (+ 1) % Row 6 \SetRowColor{LightBackground} & Smart Meters \tn % Row Count 17 (+ 1) % Row 7 \SetRowColor{white} Constraints for embedded and specialized systems & power, compute, network, crypto, inabilities to patch, authentication, range, cost, implied trust \tn % Row Count 22 (+ 5) \hhline{>{\arrayrulecolor{DarkBackground}}--} \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{ac\}\} Terms w/o Definitions: \newline drones, surveillance systems, 5G, narrow band} \tn \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{2.96 cm} x{5.04 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{2.7 Physical Sec}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{width=30\}\}Air Gap} \tn % Row Count 1 (+ 1) % Row 1 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Screened subnet (DMZ)} \tn % Row Count 2 (+ 1) % Row 2 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Secure Areas} \tn % Row Count 3 (+ 1) % Row 3 \SetRowColor{white} Secure Data destruction & burning, shredding, pulping, pulverizing, degaussing, third-party \tn % Row Count 6 (+ 3) % Row 4 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Faraday cages} \tn % Row Count 7 (+ 1) % Row 5 \SetRowColor{white} Sensors & motion, noise, proximity, moisture, cards, temp \tn % Row Count 9 (+ 2) \hhline{>{\arrayrulecolor{DarkBackground}}--} \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{ac\}\} Terms w/o Definitions: \newline bollards, AC vestibules, badges, alarms, signage, cameras, motion detection, CCTV, industrial camo, Personnel, Locks (biometric/physical), USB data blocker, fencing, lighting, fire suppression, drones, visitor logs} \tn \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{3.344 cm} x{3.496 cm} p{0.76 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{2.8 Cryptographic Concepts}} \tn % Row 0 \SetRowColor{LightBackground} \{\{width=30\}\}{\bf{Common Use Cases}} & Low Power devices & \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} & low latency & \tn % Row Count 3 (+ 1) % Row 2 \SetRowColor{LightBackground} & high resiliency & \tn % Row Count 4 (+ 1) % Row 3 \SetRowColor{white} & supporting confidentiality & \tn % Row Count 6 (+ 2) % Row 4 \SetRowColor{LightBackground} & supporting integrity & \tn % Row Count 8 (+ 2) % Row 5 \SetRowColor{white} & obfusacation support & \tn % Row Count 10 (+ 2) % Row 6 \SetRowColor{LightBackground} & non-repudation support & \tn % Row Count 12 (+ 2) % Row 7 \SetRowColor{white} {\bf{Blockchain}} & public ledgers & \tn % Row Count 13 (+ 1) % Row 8 \SetRowColor{LightBackground} {\bf{Limitations}} & speed, size, weak keys, time, longevity, predicability, reuse, resource and security constraints & \tn % Row Count 19 (+ 6) % Row 9 \SetRowColor{white} & entropy & \tn % Row Count 20 (+ 1) % Row 10 \SetRowColor{LightBackground} {\bf{Modes of Operation}} & Unauthenticated & \tn % Row Count 22 (+ 2) % Row 11 \SetRowColor{white} & Authenticated & \tn % Row Count 23 (+ 1) % Row 12 \SetRowColor{LightBackground} & Counter & \tn % Row Count 24 (+ 1) % Row 13 \SetRowColor{white} {\bf{Steganography}} & Audio & \tn % Row Count 25 (+ 1) % Row 14 \SetRowColor{LightBackground} & Video & \tn % Row Count 26 (+ 1) % Row 15 \SetRowColor{white} & Image & \tn % Row Count 27 (+ 1) % Row 16 \SetRowColor{LightBackground} {\bf{Quantum}} & communications & \tn % Row Count 28 (+ 1) % Row 17 \SetRowColor{white} & computing & \tn % Row Count 29 (+ 1) % Row 18 \SetRowColor{LightBackground} & Post-Quantum & \tn % Row Count 30 (+ 1) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{x{3.344 cm} x{3.496 cm} p{0.76 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{2.8 Cryptographic Concepts (cont)}} \tn % Row 19 \SetRowColor{LightBackground} {\bf{Other Concepts}} & digital signatures & \tn % Row Count 2 (+ 2) % Row 20 \SetRowColor{white} & key length & \tn % Row Count 3 (+ 1) % Row 21 \SetRowColor{LightBackground} & salting & \tn % Row Count 4 (+ 1) % Row 22 \SetRowColor{white} & hashing & \tn % Row Count 5 (+ 1) % Row 23 \SetRowColor{LightBackground} & key exchange & \tn % Row Count 6 (+ 1) % Row 24 \SetRowColor{white} & elliptic-curve & \tn % Row Count 7 (+ 1) % Row 25 \SetRowColor{LightBackground} & perfect forward secrecy & \tn % Row Count 9 (+ 2) \hhline{>{\arrayrulecolor{DarkBackground}}---} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{3.1-3.9: Implementation}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{} \tn % Row Count 0 (+ 0) \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{2.204 cm} x{2.66 cm} x{2.736 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{3.1 Implement Secure Protocols}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{3}{x{8.4cm}}{\{\{width=30\}\}Imlement secure protocols based on a scenario} \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} {\bf{Protocol}} & {\bf{Definition}} & {\bf{Use Cases}} \tn % Row Count 4 (+ 2) % Row 2 \SetRowColor{LightBackground} DNSSEC & Secure DNS, validates info and integrity through public key cryptography & sign DNS certificate \tn % Row Count 10 (+ 6) % Row 3 \SetRowColor{white} SSH & Secure shell provides encypted client-server terminal, replaced telnet/FTP & secure terminal communication \tn % Row Count 16 (+ 6) % Row 4 \SetRowColor{LightBackground} S/MIME & Used with email, \seqsplit{Secure/Multipurpose} Internet Mail Extensions, \seqsplit{public/private} key pair is required & PKI manages these keys \tn % Row Count 23 (+ 7) % Row 5 \SetRowColor{white} SRTP & Secure Real Time Protocol, keeps convos private, adds encyption, uses AES, uses Hash based message & ex: HMAC SHA1 \tn % Row Count 30 (+ 7) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{x{2.204 cm} x{2.66 cm} x{2.736 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{3.1 Implement Secure Protocols (cont)}} \tn % Row 6 \SetRowColor{LightBackground} LDAP & Lightweight Directory Access Protocol (X.500 written by International \seqsplit{Telecommunications} Union) & \tn % Row Count 7 (+ 7) % Row 7 \SetRowColor{white} & protocol for read/writing dir over an IP network, uses TCP/IP & ex: LDAP can access active directory \tn % Row Count 12 (+ 5) % Row 8 \SetRowColor{LightBackground} LDAPS & uses SSL, secure LDAP & \tn % Row Count 14 (+ 2) % Row 9 \SetRowColor{white} SASL & provides \seqsplit{authentication} using client \seqsplit{certifications} & \tn % Row Count 18 (+ 4) % Row 10 \SetRowColor{LightBackground} FTPS & uses SSL for encryption over FTP client & NOT THE SAME AS SFTP \tn % Row Count 21 (+ 3) % Row 11 \SetRowColor{white} SFTP & SSH FTP, SSH used for encryption, can ls dir, manipulate files & \tn % Row Count 26 (+ 5) % Row 12 \SetRowColor{LightBackground} POP/IMAP & Used with email, & Use a STARTTLS exntension to encrypt POP3 with SSL or use IMAP w/SSL \tn % Row Count 31 (+ 5) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{x{2.204 cm} x{2.66 cm} x{2.736 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{3.1 Implement Secure Protocols (cont)}} \tn % Row 13 \SetRowColor{LightBackground} NTP & no security, classic & used in DDoS as amplifiers \tn % Row Count 2 (+ 2) % Row 14 \SetRowColor{white} NTPSec & secure version of NTP & \tn % Row Count 4 (+ 2) % Row 15 \SetRowColor{LightBackground} SSL/TLS & Used with email, & always encypted with browser emails \tn % Row Count 7 (+ 3) % Row 16 \SetRowColor{white} & SSL (Secure Sockets Layer), TLS (Transport layer security) is the newer version of SSL) & \tn % Row Count 14 (+ 7) % Row 17 \SetRowColor{LightBackground} HTTPS & private key used on server, symmetric session key transferred using asymmetric encryption & most common form uses public key encryption \tn % Row Count 21 (+ 7) % Row 18 \SetRowColor{white} & & symmetric key gets used during communication \tn % Row Count 25 (+ 4) % Row 19 \SetRowColor{LightBackground} IPsec & OSI Layer 3, public internet, data IS encrypted, anti-replay with encryption & both tunnel ends are secure, very standardized \tn % Row Count 31 (+ 6) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{x{2.204 cm} x{2.66 cm} x{2.736 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{3.1 Implement Secure Protocols (cont)}} \tn % Row 20 \SetRowColor{LightBackground} & AH provides integrity, ESP provides encryption & \tn % Row Count 4 (+ 4) % Row 21 \SetRowColor{white} \mymulticolumn{3}{x{8.4cm}}{Tunneling} \tn % Row Count 5 (+ 1) % Row 22 \SetRowColor{LightBackground} \mymulticolumn{3}{x{8.4cm}}{ESP} \tn % Row Count 6 (+ 1) % Row 23 \SetRowColor{white} SNMPv3 & SSH encrypts tunnel communication, follows CIA & is asking \seqsplit{routers/switches} for info from web browser with HTTPS \tn % Row Count 11 (+ 5) % Row 24 \SetRowColor{LightBackground} DHCP & servers must be authorized in AD, no secure version of DHCP & \seqsplit{routing/switching} \tn % Row Count 16 (+ 5) % Row 25 \SetRowColor{white} & DHCP snooping, MAC spoofing,no built in security, rogue DHCP servers are a security issue but can be minimized through trusted interfaces on switches and only allowing distribution from trusted interfaces & \tn % Row Count 31 (+ 15) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{x{2.204 cm} x{2.66 cm} x{2.736 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{3.1 Implement Secure Protocols (cont)}} \tn % Row 26 \SetRowColor{LightBackground} & prevent DHCP client DoS starvation attacks with a limited number of MAC addys per interface & \tn % Row Count 7 (+ 7) % Row 27 \SetRowColor{white} Antivirus, Firewalls, animalware & auto updates, constant, always check for \seqsplit{encryption/integrity} checks to inform firewall \seqsplit{configurations} & \tn % Row Count 15 (+ 8) \hhline{>{\arrayrulecolor{DarkBackground}}---} \SetRowColor{LightBackground} \mymulticolumn{3}{x{8.4cm}}{\{\{ac\}\}{\bf{Use cases can include, voice and video, time sync, email, file transfer, directory services, routing and switching, DNR(Domain Name Resolution), Net address allocation, and subscriptions}}} \tn \hhline{>{\arrayrulecolor{DarkBackground}}---} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{2.584 cm} x{2.888 cm} x{2.128 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{3.2 Host/App Sec}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{3}{x{8.4cm}}{\{\{width=25\}\}Implement these based on a scenario} \tn % Row Count 1 (+ 1) % Row 1 \SetRowColor{white} \mymulticolumn{3}{x{8.4cm}}{Secure coding practices:} \tn % Row Count 2 (+ 1) % Row 2 \SetRowColor{LightBackground} {\bf{Type}} & {\bf{Scenario}} & {\bf{Solution}} \tn % Row Count 4 (+ 2) % Row 3 \SetRowColor{white} Endpoint Protection & trojans worms and viruses are stopped & Antivirus \tn % Row Count 7 (+ 3) % Row 4 \SetRowColor{LightBackground} & stops \seqsplit{spyware/ransomware/fileless} & \seqsplit{Antimalware} \tn % Row Count 10 (+ 3) % Row 5 \SetRowColor{white} & allows to detect a threat without or with signatures and can use behavioral analysis, can investigate and respond & EDR \tn % Row Count 18 (+ 8) % Row 6 \SetRowColor{LightBackground} & OSI app layer, can block/allow, examine encrypted data & NGFW \tn % Row Count 22 (+ 4) % Row 7 \SetRowColor{white} & HIDS uses log files to detect, HIPS can block known attacks and uses signatures, hashes, and behavioral analysis & HIPs/HIDS \tn % Row Count 30 (+ 8) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{x{2.584 cm} x{2.888 cm} x{2.128 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{3.2 Host/App Sec (cont)}} \tn % Row 8 \SetRowColor{LightBackground} & allow/block incoming or outgoing app traffic & Host-based firewall \tn % Row Count 3 (+ 3) % Row 9 \SetRowColor{white} Boot Integrity with Bootloader & BIOS, will use secure boot, protects the BIOS and public key to protect BIOS update with digital signature check, verifies boot laoder & UEFI \tn % Row Count 12 (+ 9) % Row 10 \SetRowColor{LightBackground} & device provides central management server with all bootloader info from chain of trust. The report will compare with trusted v not trusted & \seqsplit{Attestation} \tn % Row Count 22 (+ 10) % Row 11 \SetRowColor{white} Various Boot Levels (Chain of Trust) & not wanting to lose contact with a system, perfect to get in, rootkits work, UEFI & Secure Boot \tn % Row Count 28 (+ 6) % Row 12 \SetRowColor{LightBackground} & bootloader verifies signature of OS kernel & Trusted Boot \tn % Row Count 31 (+ 3) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{x{2.584 cm} x{2.888 cm} x{2.128 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{3.2 Host/App Sec (cont)}} \tn % Row 13 \SetRowColor{LightBackground} & allows us to measure if any changes occured, measurements stored in TPM as a hash from previous two processes & Measured Boot \tn % Row Count 8 (+ 8) % Row 14 \SetRowColor{white} Database & breaches can be expensive, compliance issues, continuity of business is important & \tn % Row Count 14 (+ 6) % Row 15 \SetRowColor{LightBackground} & replacing sensitive data like a SSN with a different, totally random number. ex: tap to pay, NOT HASHING OR ENCRYPTING & \seqsplit{Tokenization} \tn % Row Count 22 (+ 8) % Row 16 \SetRowColor{white} & adding random data to a hash to secure it further & Salting \tn % Row Count 26 (+ 4) % Row 17 \SetRowColor{LightBackground} & one way, ex: passwords, fixed length & Hashing \tn % Row Count 29 (+ 3) % Row 18 \SetRowColor{white} Application Security & occurs when info is going in, normalization & input \seqsplit{validations} \tn % Row Count 32 (+ 3) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{x{2.584 cm} x{2.888 cm} x{2.128 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{3.2 Host/App Sec (cont)}} \tn % Row 19 \SetRowColor{LightBackground} & info stored on computer from browsers, tracks temp info, \seqsplit{personalization}, session mangmt, sensitive info is NOT supposed to store info & cookies \tn % Row Count 9 (+ 9) % Row 20 \SetRowColor{white} & secure headers are added to web server configuration, restricts browsers, helps prevent XSS attacks & Headers \tn % Row Count 16 (+ 7) % Row 21 \SetRowColor{LightBackground} & app code is signed by developer, assymetric encryption, trusted CA signs developers public key & code signing \tn % Row Count 23 (+ 7) % Row 22 \SetRowColor{white} & SAST for static code analysis, can easily find \seqsplit{vulnerabilities(can} have false positives). & Static v Dynamic Code Analysis \tn % Row Count 29 (+ 6) % Row 23 \SetRowColor{LightBackground} & dynamic analysis, random data put into an app, time and CPU resource heavy, try CERTBFF, negative testing, attack type, & Fuzzing \tn % Row Count 37 (+ 8) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{x{2.584 cm} x{2.888 cm} x{2.128 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{3.2 Host/App Sec (cont)}} \tn % Row 24 \SetRowColor{LightBackground} Hardening & minimizing attack survace, removing all possible entry points, can be based on compliance, CIS, SANS, NIST & \tn % Row Count 8 (+ 8) % Row 25 \SetRowColor{white} & possible entry points, close all except required ports, used with NGFW, use nmap & Open Ports \tn % Row Count 14 (+ 6) % Row 26 \SetRowColor{LightBackground} & FDE, ex: Bitlocker, & Disk encryption \tn % Row Count 16 (+ 2) % Row 27 \SetRowColor{white} & system stability, security fixes, emergency used for zero day attacks & Patch management \tn % Row Count 21 (+ 5) % Row 28 \SetRowColor{LightBackground} TPM & trusted platform modules, used in junction with HSM & Secure Boot \tn % Row Count 25 (+ 4) \hhline{>{\arrayrulecolor{DarkBackground}}---} \SetRowColor{LightBackground} \mymulticolumn{3}{x{8.4cm}}{\{\{ac\}\} Terms w/o Definitions: \newline allow/block list, sandboxing, FDE, SED, Hardware root of trust, registry, auto update, third party services} \tn \hhline{>{\arrayrulecolor{DarkBackground}}---} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{1.8 cm} x{2.664 cm} x{1.44 cm} x{1.296 cm} } \SetRowColor{DarkBackground} \mymulticolumn{4}{x{8.4cm}}{\bf\textcolor{white}{3.3 Secure Net Design}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{4}{x{8.4cm}}{\{\{width=30\}\}Implement secure network designs based on scenarios} \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} {\bf{Design Type}} & {\bf{Terms}} & {\bf{Definition}} & {\bf{Scenarios}} \tn % Row Count 4 (+ 2) % Row 2 \SetRowColor{LightBackground} Load Balancing & active/active & & \tn % Row Count 6 (+ 2) % Row 3 \SetRowColor{white} & \seqsplit{passive/active} & & \tn % Row Count 7 (+ 1) % Row 4 \SetRowColor{LightBackground} & Virtual IP & & \tn % Row Count 8 (+ 1) % Row 5 \SetRowColor{white} \seqsplit{Segmentation} & VLAN & & \tn % Row Count 10 (+ 2) % Row 6 \SetRowColor{LightBackground} & DMZ & & \tn % Row Count 11 (+ 1) % Row 7 \SetRowColor{white} & Extra or Intranet & & \tn % Row Count 13 (+ 2) % Row 8 \SetRowColor{LightBackground} VPN & split tunnel v full tunnel & & \tn % Row Count 15 (+ 2) % Row 9 \SetRowColor{white} & SSL/TLS & & \tn % Row Count 16 (+ 1) % Row 10 \SetRowColor{LightBackground} & HTML5 & & \tn % Row Count 17 (+ 1) % Row 11 \SetRowColor{white} & L2TP & & \tn % Row Count 18 (+ 1) % Row 12 \SetRowColor{LightBackground} \mymulticolumn{4}{x{8.4cm}}{DNS} \tn % Row Count 19 (+ 1) % Row 13 \SetRowColor{white} Port Security & snooping & & \tn % Row Count 21 (+ 2) % Row 14 \SetRowColor{LightBackground} Network \seqsplit{Appliances} & jump servers & & \tn % Row Count 23 (+ 2) % Row 15 \SetRowColor{white} & forward proxy & & \tn % Row Count 24 (+ 1) % Row 16 \SetRowColor{LightBackground} & reverse proxy & & \tn % Row Count 25 (+ 1) % Row 17 \SetRowColor{white} & NIDS/NIPS & & \tn % Row Count 26 (+ 1) % Row 18 \SetRowColor{LightBackground} & HSM & & \tn % Row Count 27 (+ 1) % Row 19 \SetRowColor{white} & Aggregators & & \tn % Row Count 28 (+ 1) % Row 20 \SetRowColor{LightBackground} & Firewalls & & \tn % Row Count 29 (+ 1) % Row 21 \SetRowColor{white} & ACL & & \tn % Row Count 30 (+ 1) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{x{1.8 cm} x{2.664 cm} x{1.44 cm} x{1.296 cm} } \SetRowColor{DarkBackground} \mymulticolumn{4}{x{8.4cm}}{\bf\textcolor{white}{3.3 Secure Net Design (cont)}} \tn % Row 22 \SetRowColor{LightBackground} & App v host v virtual & & \tn % Row Count 2 (+ 2) % Row 23 \SetRowColor{white} \mymulticolumn{4}{x{8.4cm}}{Port Scanning} \tn % Row Count 3 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}----} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{3.04 cm} x{3.8 cm} p{0.76 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{3.4 Wireless Security}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{3}{x{8.4cm}}{\{\{width=30\}\}Remember to review how to install and configure wireless security settings} \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} {\bf{Cryptographic Protocols}} & WPA2 & \tn % Row Count 4 (+ 2) % Row 2 \SetRowColor{LightBackground} & WPA3 & \tn % Row Count 5 (+ 1) % Row 3 \SetRowColor{white} & CCMP & \tn % Row Count 6 (+ 1) % Row 4 \SetRowColor{LightBackground} & SAE & \tn % Row Count 7 (+ 1) % Row 5 \SetRowColor{white} {\bf{Authentication Tools}} & EAP & \tn % Row Count 9 (+ 2) % Row 6 \SetRowColor{LightBackground} & PEAP & \tn % Row Count 10 (+ 1) % Row 7 \SetRowColor{white} & EAP-FAST & \tn % Row Count 11 (+ 1) % Row 8 \SetRowColor{LightBackground} & EAP-TLS & \tn % Row Count 12 (+ 1) % Row 9 \SetRowColor{white} & EAP-TTLS & \tn % Row Count 13 (+ 1) % Row 10 \SetRowColor{LightBackground} & IEEE 802.1x & \tn % Row Count 14 (+ 1) % Row 11 \SetRowColor{white} & RADIUS & \tn % Row Count 15 (+ 1) % Row 12 \SetRowColor{LightBackground} {\bf{Methods}} & PSK, open, WPS, captive portals & \tn % Row Count 17 (+ 2) % Row 13 \SetRowColor{white} {\bf{Installations}} & site surveys, heat maps, WiFi analyzers, channel overlaps, WAP, ap security & \tn % Row Count 21 (+ 4) \hhline{>{\arrayrulecolor{DarkBackground}}---} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{3.36 cm} x{4.64 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{3.5 Mobile Solutions}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{width=30\}\}} \tn % Row Count 1 (+ 1) % Row 1 \SetRowColor{white} Connection Methods & cellular, wifi, bluetooth, infared, USB, PTP, GPS, RFID \tn % Row Count 4 (+ 3) % Row 2 \SetRowColor{LightBackground} & NFC \tn % Row Count 5 (+ 1) % Row 3 \SetRowColor{white} MDM & remote wipes, geofencing, geolocation, screen locks, push notifications, passowrds and pins \tn % Row Count 9 (+ 4) % Row 4 \SetRowColor{LightBackground} & application management \tn % Row Count 10 (+ 1) % Row 5 \SetRowColor{white} & content management \tn % Row Count 11 (+ 1) % Row 6 \SetRowColor{LightBackground} & Biometrics \tn % Row Count 12 (+ 1) % Row 7 \SetRowColor{white} & full device encryption \tn % Row Count 13 (+ 1) % Row 8 \SetRowColor{LightBackground} & containerization \tn % Row Count 14 (+ 1) % Row 9 \SetRowColor{white} & storage segmentation \tn % Row Count 15 (+ 1) % Row 10 \SetRowColor{LightBackground} Enforcement and monitoring... & monitor third parties \tn % Row Count 17 (+ 2) % Row 11 \SetRowColor{white} & rooting \tn % Row Count 18 (+ 1) % Row 12 \SetRowColor{LightBackground} & sideloading \tn % Row Count 19 (+ 1) % Row 13 \SetRowColor{white} & custom firmware \tn % Row Count 20 (+ 1) % Row 14 \SetRowColor{LightBackground} & OTA \tn % Row Count 21 (+ 1) % Row 15 \SetRowColor{white} & geotagging \tn % Row Count 22 (+ 1) % Row 16 \SetRowColor{LightBackground} & Hotspot \tn % Row Count 23 (+ 1) % Row 17 \SetRowColor{white} Deployment Models & BYOD, CYOD, COPE, VDI \tn % Row Count 25 (+ 2) \hhline{>{\arrayrulecolor{DarkBackground}}--} \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{ac\}\} Terms w/o Definitions: \newline context-aware authentication, carrier unlocking, UEM, MAM, Android, Camera use, SMS, external media, USB OTG, microphone, GPS} \tn \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{2.64 cm} x{5.36 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{3.6 Cloud Cybersecurity}} \tn % Row 0 \SetRowColor{LightBackground} \{\{width=30\}\}Controls & High availibility, resource policies, secrets management, auditing \tn % Row Count 3 (+ 3) % Row 1 \SetRowColor{white} Storage Controls & permissions, encryption, replication, high availibility \tn % Row Count 6 (+ 3) % Row 2 \SetRowColor{LightBackground} Network Controls & Virtual Networks \tn % Row Count 8 (+ 2) % Row 3 \SetRowColor{white} & Public/private subnets \tn % Row Count 9 (+ 1) % Row 4 \SetRowColor{LightBackground} & Segmentation \tn % Row Count 10 (+ 1) % Row 5 \SetRowColor{white} & API Inspection \tn % Row Count 11 (+ 1) % Row 6 \SetRowColor{LightBackground} Compute Controls & Sec groups, dynamic resource allocation, instance awareness, VPC endpoint, container security \tn % Row Count 15 (+ 4) % Row 7 \SetRowColor{white} Solutions & CASB, app security, SWG, Firewalls {\emph{consider for firewalls cost, segmentation}} \tn % Row Count 18 (+ 3) % Row 8 \SetRowColor{LightBackground} & Third party \tn % Row Count 19 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{3.12 cm} x{4.88 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{3.7 Account Management}} \tn % Row 0 \SetRowColor{LightBackground} \{\{width=30\}\}Identity Tools & IdP, Attributes, Certificates, Tokens, SSH Keys, Smart Cards \tn % Row Count 3 (+ 3) % Row 1 \SetRowColor{white} Account Types & user, shared, generic, guest, service \tn % Row Count 5 (+ 2) % Row 2 \SetRowColor{LightBackground} Account Policies & Password complexity, history, and reuse prohibiting \tn % Row Count 8 (+ 3) % Row 3 \SetRowColor{white} & Network location, geofencing, geotagging \tn % Row Count 10 (+ 2) % Row 4 \SetRowColor{LightBackground} & access policies, time based logins, account audits, permissions, lockout, disablement \tn % Row Count 14 (+ 4) \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{3.84 cm} x{4.16 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{3.8 Authen/Author Solutions}} \tn % Row 0 \SetRowColor{LightBackground} \{\{width=30\}\}Authentication management & keys, vaults \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} & TPM, HSM, knowledge-based \tn % Row Count 4 (+ 2) % Row 2 \SetRowColor{LightBackground} \seqsplit{Authentication/Authorization} & EAP, SHAP, PAP, RADIUS, 802.1x, SSO, SAML, TACACS+ \tn % Row Count 7 (+ 3) % Row 3 \SetRowColor{white} & Kerberos \tn % Row Count 8 (+ 1) % Row 4 \SetRowColor{LightBackground} Access Control Schemes & ABAC, MAC, DAC \tn % Row Count 10 (+ 2) % Row 5 \SetRowColor{white} & rule or role based, conditional, privilege access management \tn % Row Count 13 (+ 3) \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{2.304 cm} x{1.296 cm} x{2.304 cm} x{1.296 cm} } \SetRowColor{DarkBackground} \mymulticolumn{4}{x{8.4cm}}{\bf\textcolor{white}{3.9 PKI}} \tn % Row 0 \SetRowColor{LightBackground} \{\{width=25\}\}{\bf{PKI Types}} & {\bf{Definition}} & {\bf{Certificate Types}} & {\bf{Definition}} \tn % Row Count 3 (+ 3) % Row 1 \SetRowColor{white} Key Management & & Wildcard & \tn % Row Count 5 (+ 2) % Row 2 \SetRowColor{LightBackground} CA, RA, CRL, OCSP, CSR, CN & & Subject Alternative Names & \tn % Row Count 8 (+ 3) % Row 3 \SetRowColor{white} Expiration & & Code Signing & \tn % Row Count 9 (+ 1) % Row 4 \SetRowColor{LightBackground} & & Self Signed & \tn % Row Count 10 (+ 1) % Row 5 \SetRowColor{white} {\bf{Concepts}} & & Email, User, Root, Domain & \tn % Row Count 13 (+ 3) % Row 6 \SetRowColor{LightBackground} Online v Offline & & DER Format & \tn % Row Count 15 (+ 2) % Row 7 \SetRowColor{white} Stapling & & PEM Format & \tn % Row Count 16 (+ 1) % Row 8 \SetRowColor{LightBackground} Pinning & & PFX Format & \tn % Row Count 17 (+ 1) % Row 9 \SetRowColor{white} Trust Model & & P12 & \tn % Row Count 18 (+ 1) % Row 10 \SetRowColor{LightBackground} Key Escrow & & P7B & \tn % Row Count 19 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}----} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{4 cm} x{4 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{Recommended Resources}} \tn % Row 0 \SetRowColor{LightBackground} \{\{link="https://comptiacdn.azureedge.net/webcontent/docs/default-source/exam-objectives/comptia-security-sy0-601-exam-objectives-(2-0).pdf"\}\}Comptia Objectives List (Free)\{\{/link\}\} & \{\{link="https://amzn.to/3xuUOKz"\}\}Sec+ 691 Exam Cram (Book, \$40)\{\{/link\}\} \tn % Row Count 9 (+ 9) % Row 1 \SetRowColor{white} \{\{link="https://www.youtube.com/playlist?list=PLG49S3nxzAnkL2ulFS3132mOVKuzzBxA8"\}\}Professor Messer(Free, Videos)\{\{/link\}\} & \{\{link="https://amzn.to/3IdroWk"\}\}601 Get Certified Get Ahead (Book, \$40)\{\{/link\}\} \tn % Row Count 16 (+ 7) % Row 2 \SetRowColor{LightBackground} \{\{link="https://www.linkedin.com/learning/comptia-security-plus-sy0-601-cert-prep-1-threats-attacks-and-vulnerabilities"\}\}LinkedIn Learning (1st Month Free)\{\{/link\}\} & \{\{link="https://amzn.to/3XH7yZt"\}\}Official Comptia Study Tools (Books, \$50 USD)\{\{/link\}\} \tn % Row Count 25 (+ 9) % Row 3 \SetRowColor{white} \{\{link="https://apps.ankiweb.net/"\}\}Anki Learning Flashcards (Free)\{\{/link\}\} & Practice Tests! \tn % Row Count 29 (+ 4) % Row 4 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{see braindump} \tn % Row Count 30 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{4.1-4.5: Operations and Incident Response}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{} \tn % Row Count 0 (+ 0) \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{1.584 cm} x{2.664 cm} x{1.944 cm} x{1.008 cm} } \SetRowColor{DarkBackground} \mymulticolumn{4}{x{8.4cm}}{\bf\textcolor{white}{4.1 ToolUse}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{4}{x{8.4cm}}{\{\{width=25\}\}Organizational Security} \tn % Row Count 1 (+ 1) % Row 1 \SetRowColor{white} {\bf{Commands}} & {\bf{Function}} & {\bf{Tools}} & {\bf{Function}} \tn % Row Count 4 (+ 3) % Row 2 \SetRowColor{LightBackground} \seqsplit{`tracert`} & & \seqsplit{theHarvester} & \tn % Row Count 6 (+ 2) % Row 3 \SetRowColor{white} \seqsplit{`nslookup/dig`} & & sn1per & \tn % Row Count 8 (+ 2) % Row 4 \SetRowColor{LightBackground} `nmap` & & Nessus & \tn % Row Count 9 (+ 1) % Row 5 \SetRowColor{white} \seqsplit{`ipconfig/ifconfig`} & & Cuckoo & \tn % Row Count 12 (+ 3) % Row 6 \SetRowColor{LightBackground} `hping` & & FTK Imager & \tn % Row Count 13 (+ 1) % Row 7 \SetRowColor{white} \seqsplit{`netstat`} & & Win Hex & \tn % Row Count 15 (+ 2) % Row 8 \SetRowColor{LightBackground} \seqsplit{`netcat`} & & Autopsy & \tn % Row Count 16 (+ 1) % Row 9 \SetRowColor{white} `arp` & & Wireshark & \tn % Row Count 17 (+ 1) % Row 10 \SetRowColor{LightBackground} `route` & & Memdump & \tn % Row Count 18 (+ 1) % Row 11 \SetRowColor{white} `curl` & & \seqsplit{Powershell}, Python, SSH & \tn % Row Count 21 (+ 3) % Row 12 \SetRowColor{LightBackground} \seqsplit{`dnsenum`} & last one used for recon & Tcpdump & \tn % Row Count 23 (+ 2) % Row 13 \SetRowColor{white} `head` & used for file manipulation (FM) & Tcpreplay & \tn % Row Count 26 (+ 3) % Row 14 \SetRowColor{LightBackground} `tail` & FM & & \tn % Row Count 27 (+ 1) % Row 15 \SetRowColor{white} `cat` & FM & & \tn % Row Count 28 (+ 1) % Row 16 \SetRowColor{LightBackground} `grep` & FM & & \tn % Row Count 29 (+ 1) % Row 17 \SetRowColor{white} `chmod` & FM & & \tn % Row Count 30 (+ 1) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{x{1.584 cm} x{2.664 cm} x{1.944 cm} x{1.008 cm} } \SetRowColor{DarkBackground} \mymulticolumn{4}{x{8.4cm}}{\bf\textcolor{white}{4.1 ToolUse (cont)}} \tn % Row 18 \SetRowColor{LightBackground} \seqsplit{`logger`} & FM & & \tn % Row Count 1 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}----} \SetRowColor{LightBackground} \mymulticolumn{4}{x{8.4cm}}{\{\{ac\}\} Terms w/o Definitions:Data sanitization, dd, password crackers, indicent response, OpenSSL} \tn \hhline{>{\arrayrulecolor{DarkBackground}}----} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{4.16 cm} x{3.84 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{4.2 PPP}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{width=30\}\}Policies, Processes, and Procedures for IR} \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} IR Process & Preperation \tn % Row Count 3 (+ 1) % Row 2 \SetRowColor{LightBackground} & Identification \tn % Row Count 4 (+ 1) % Row 3 \SetRowColor{white} & Containment \tn % Row Count 5 (+ 1) % Row 4 \SetRowColor{LightBackground} & Eradication \tn % Row Count 6 (+ 1) % Row 5 \SetRowColor{white} & Recovery \tn % Row Count 7 (+ 1) % Row 6 \SetRowColor{LightBackground} & Lessons Learned \tn % Row Count 8 (+ 1) % Row 7 \SetRowColor{white} Attack Frameworks & MITRE ATT\&CK \tn % Row Count 9 (+ 1) % Row 8 \SetRowColor{LightBackground} & Cyber Kill Chain \tn % Row Count 10 (+ 1) % Row 9 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Stakeholder Management} \tn % Row Count 11 (+ 1) % Row 10 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Communication Plan} \tn % Row Count 12 (+ 1) % Row 11 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{DRP} \tn % Row Count 13 (+ 1) % Row 12 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{BCP} \tn % Row Count 14 (+ 1) % Row 13 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{COOP} \tn % Row Count 15 (+ 1) % Row 14 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Retention} \tn % Row Count 16 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}--} \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{ac\}\} Terms w/o Definitions:tabletop, walkthroughs, simulations, diamond model of intrusion analysis, irp} \tn \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{2.16 cm} x{5.84 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{4.3 Data Support}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{width=30\}\}Utilize appropriate data sources to support an investigation} \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} SIEM \seqsplit{Dashboards} & sensors, sensitivity, trends, alerts, correlation \tn % Row Count 4 (+ 2) % Row 2 \SetRowColor{LightBackground} Log Files & Network, system, app, security, web, DNS, authentication, dump files, VoIP, SIP \tn % Row Count 7 (+ 3) % Row 3 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{`syslog`} \tn % Row Count 8 (+ 1) % Row 4 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{journalctl} \tn % Row Count 9 (+ 1) % Row 5 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{NXLog} \tn % Row Count 10 (+ 1) % Row 6 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Bandwidth monitors} \tn % Row Count 11 (+ 1) % Row 7 \SetRowColor{white} Metadata & email, mobile, web, file \tn % Row Count 12 (+ 1) % Row 8 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{netflow} \tn % Row Count 13 (+ 1) % Row 9 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Protocol Analyzer} \tn % Row Count 14 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{2.72 cm} x{5.28 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{4.4 Mitigation}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{width=30\}\}Reconfiguring Endpoints} \tn % Row Count 1 (+ 1) % Row 1 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Quarantine} \tn % Row Count 2 (+ 1) % Row 2 \SetRowColor{LightBackground} \seqsplit{Configuration} changes & alter firewall, MDM, DLP, content filter, cert updates \tn % Row Count 5 (+ 3) % Row 3 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Isolation, Containment, Segmentation} \tn % Row Count 6 (+ 1) % Row 4 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{SOAR playbooks} \tn % Row Count 7 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{3.12 cm} x{4.88 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{4.5 Digital Forensics}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{width=30\}\}} \tn % Row Count 1 (+ 1) % Row 1 \SetRowColor{white} Documentation and Evidence & can include video, tags, reports, snapshots, time stamps, event logs, interviews, admissibility \tn % Row Count 5 (+ 4) % Row 2 \SetRowColor{LightBackground} & chain of custody \tn % Row Count 6 (+ 1) % Row 3 \SetRowColor{white} Acquisition & order of volatility \tn % Row Count 7 (+ 1) % Row 4 \SetRowColor{LightBackground} & use disks, RAM, OS, device type, firmware, snapshots, caches, networks, artifacts \tn % Row Count 11 (+ 4) % Row 5 \SetRowColor{white} Integrity & Hashing, checksums, and provenance \tn % Row Count 13 (+ 2) % Row 6 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Preservation is crucial} \tn % Row Count 14 (+ 1) % Row 7 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Non-repudation} \tn % Row Count 15 (+ 1) % Row 8 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{Counterintelligence} \tn % Row Count 16 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}--} \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{ac\}\} Terms w/o Definitions: \newline on prem v cloud, right to audi, data breaches} \tn \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{5.1-5.6:Governance, Risk, and Compliance}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{} \tn % Row Count 0 (+ 0) \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{2 cm} x{6 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{5.1 Types of Controls}} \tn % Row 0 \SetRowColor{LightBackground} Control Types & preventive, detective, corrective, deterrent, compensating, physical \tn % Row Count 3 (+ 3) % Row 1 \SetRowColor{white} \seqsplit{Categories} & manegerial, operational, technical \tn % Row Count 5 (+ 2) \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{2.584 cm} x{4.256 cm} p{0.76 cm} } \SetRowColor{DarkBackground} \mymulticolumn{3}{x{8.4cm}}{\bf\textcolor{white}{5.2 Regulations}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{3}{x{8.4cm}}{\{\{width=30\}\} Importance of applicaible regulations, standards, or frameworks that impact organizational security posture} \tn % Row Count 3 (+ 3) % Row 1 \SetRowColor{white} {\bf{Legislation}} & GDPR & \tn % Row Count 5 (+ 2) % Row 2 \SetRowColor{LightBackground} & \seqsplit{National/territory/state} laws & \tn % Row Count 7 (+ 2) % Row 3 \SetRowColor{white} & PCI DSS & \tn % Row Count 8 (+ 1) % Row 4 \SetRowColor{LightBackground} & HIPAA & \tn % Row Count 9 (+ 1) % Row 5 \SetRowColor{white} {\bf{Frameworks}} & CIS & \tn % Row Count 11 (+ 2) % Row 6 \SetRowColor{LightBackground} & NIST & \tn % Row Count 12 (+ 1) % Row 7 \SetRowColor{white} & RMF/CSF & \tn % Row Count 13 (+ 1) % Row 8 \SetRowColor{LightBackground} & ISO & \tn % Row Count 14 (+ 1) % Row 9 \SetRowColor{white} & Cloud & \tn % Row Count 15 (+ 1) % Row 10 \SetRowColor{LightBackground} & SSAE & \tn % Row Count 16 (+ 1) % Row 11 \SetRowColor{white} Guides & OS & \tn % Row Count 17 (+ 1) % Row 12 \SetRowColor{LightBackground} & Web server & \tn % Row Count 18 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}---} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{3.92 cm} x{4.08 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{5.3 Policies}} \tn % Row 0 \SetRowColor{LightBackground} \{\{width=30\}\}Personnel & Abide by AUP, job rotations, mandatory vacations, sepereation of duties \tn % Row Count 4 (+ 4) % Row 1 \SetRowColor{white} & least privilege \tn % Row Count 5 (+ 1) % Row 2 \SetRowColor{LightBackground} & clean desk, background checks, NDAs, social media analysis, Onboarding, Offboarding, User Training/Role based training \tn % Row Count 11 (+ 6) % Row 3 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Diverse Training} \tn % Row Count 12 (+ 1) % Row 4 \SetRowColor{LightBackground} Third Party Risk Management & vendors, supply chain, business partners, SLA, MOU, MSA, BPA, EOL, EOSL \tn % Row Count 16 (+ 4) % Row 5 \SetRowColor{white} Data & Classification \tn % Row Count 17 (+ 1) % Row 6 \SetRowColor{LightBackground} & Governance \tn % Row Count 18 (+ 1) % Row 7 \SetRowColor{white} & Retention \tn % Row Count 19 (+ 1) % Row 8 \SetRowColor{LightBackground} Credential Policies in reference to... & personnel, third party, devices, service accounts, admins \tn % Row Count 22 (+ 3) % Row 9 \SetRowColor{white} Organizational Policies & Change management and control \tn % Row Count 24 (+ 2) % Row 10 \SetRowColor{LightBackground} & Asset Management \tn % Row Count 25 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{3.04 cm} x{4.96 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{5.4 Risk Management}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{2}{x{8.4cm}}{\{\{width=30\}\}Acronyms: RTO, RPO, MTTR, MTBF, DRP, SLE, ALE, IP, ARO} \tn % Row Count 2 (+ 2) % Row 1 \SetRowColor{white} Risk types include... & external, internal, legacy systems, multiparty, IP theft, and software compliance \tn % Row Count 6 (+ 4) % Row 2 \SetRowColor{LightBackground} Risk Management Stategies & Acceptance, Avoidance, Transference, Mitigation \tn % Row Count 8 (+ 2) % Row 3 \SetRowColor{white} Risk Analysis & Control assesments \tn % Row Count 9 (+ 1) % Row 4 \SetRowColor{LightBackground} & inherent risk \tn % Row Count 10 (+ 1) % Row 5 \SetRowColor{white} & residual risk \tn % Row Count 11 (+ 1) % Row 6 \SetRowColor{LightBackground} & control risk \tn % Row Count 12 (+ 1) % Row 7 \SetRowColor{white} & Qualitative v Quantitative risk \tn % Row Count 14 (+ 2) % Row 8 \SetRowColor{LightBackground} & Likelihood of occurence \tn % Row Count 15 (+ 1) % Row 9 \SetRowColor{white} & Asset Values \tn % Row Count 16 (+ 1) % Row 10 \SetRowColor{LightBackground} & SLE, ALE, ARO \tn % Row Count 17 (+ 1) % Row 11 \SetRowColor{white} Business Impact Analysis & RTO, RPO, MTTR, MTBF, DRp \tn % Row Count 19 (+ 2) % Row 12 \SetRowColor{LightBackground} & site risk assessment \tn % Row Count 20 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{4 cm} x{4 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{5.5 Data Security}} \tn % Row 0 \SetRowColor{LightBackground} \{\{width=30\}\}Consequences to an org when data breaches occur & reputation is damaged, identity theft, fines, IP theft \tn % Row Count 3 (+ 3) % Row 1 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Notifications} \tn % Row Count 4 (+ 1) % Row 2 \SetRowColor{LightBackground} Data Types & Public \tn % Row Count 5 (+ 1) % Row 3 \SetRowColor{white} & Private \tn % Row Count 6 (+ 1) % Row 4 \SetRowColor{LightBackground} & Sensitive \tn % Row Count 7 (+ 1) % Row 5 \SetRowColor{white} & Confidential \tn % Row Count 8 (+ 1) % Row 6 \SetRowColor{LightBackground} & Proprietary \tn % Row Count 9 (+ 1) % Row 7 \SetRowColor{white} & PII \tn % Row Count 10 (+ 1) % Row 8 \SetRowColor{LightBackground} & Health, Govt, Customer \tn % Row Count 12 (+ 2) % Row 9 \SetRowColor{white} & Financial \tn % Row Count 13 (+ 1) % Row 10 \SetRowColor{LightBackground} Privacy Enhancing Technologies & Data minimization \tn % Row Count 15 (+ 2) % Row 11 \SetRowColor{white} & Data masking \tn % Row Count 16 (+ 1) % Row 12 \SetRowColor{LightBackground} & tokenization \tn % Row Count 17 (+ 1) % Row 13 \SetRowColor{white} & anonyminity \tn % Row Count 18 (+ 1) % Row 14 \SetRowColor{LightBackground} Roles and their Responsibilities & Data owners \tn % Row Count 20 (+ 2) % Row 15 \SetRowColor{white} & Data controller \tn % Row Count 21 (+ 1) % Row 16 \SetRowColor{LightBackground} & DPO \tn % Row Count 22 (+ 1) % Row 17 \SetRowColor{white} \mymulticolumn{2}{x{8.4cm}}{Info Life Cycle} \tn % Row Count 23 (+ 1) % Row 18 \SetRowColor{LightBackground} Terms of Agreement & Privacy Notices \tn % Row Count 24 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Network Design}} \tn \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{{\bf{Conduct a risk assessment}}: The first step in designing a secure network is to assess the risks to the network and the assets it protects. This includes identifying potential threats, vulnerabilities, and the impact of a security breach. Based on the risk assessment, the security requirements can be identified, and the security design can be developed. \newline % Row Count 8 (+ 8) {\bf{Use layered security}}: A layered security approach involves implementing multiple layers of defense to protect the network from different types of threats. This includes using firewalls, intrusion detection and prevention systems, antivirus software, encryption, and access controls. \newline % Row Count 14 (+ 6) {\bf{Secure network infrastructure}}: The network infrastructure should be secured by implementing strong passwords, disabling unnecessary services, updating firmware and software, and restricting access to critical network devices. Network devices should also be physically secured to prevent unauthorized access. \newline % Row Count 21 (+ 7) {\bf{Implement access controls}}: Access controls should be implemented to restrict access to sensitive information and resources. This includes user authentication, authorization, and accounting (AAA), role-based access control, and network segmentation. \newline % Row Count 27 (+ 6) Encrypt sensitive data: Sensitive data should be encrypted both in transit and at rest. This includes using secure protocols such as HTTPS, SSH, and VPNs for data transmission and encryption tools such as BitLocker, VeraCrypt, or LUKS for data storage. \newline % Row Count 33 (+ 6) } \tn \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Network Design (cont)}} \tn \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{{\bf{Train employees}}: Security awareness training should be provided to all employees to educate them on security best practices and to reduce the risk of human error. \newline % Row Count 4 (+ 4) {\bf{Monitor and test the network}}: Regular monitoring and testing should be conducted to identify and remediate security vulnerabilities. This includes using network monitoring tools, conducting penetration testing, and reviewing audit logs.% Row Count 9 (+ 5) } \tn \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Encryption and Keys}} \tn % Row 0 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{{\bf{Public vs Private Key}}} \tn % Row Count 1 (+ 1) % Row 1 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{{\bf{Public Key}}: A public key is a part of the asymmetric encryption algorithm and is made available to anyone who wants to communicate with the owner of the key. It is used to encrypt data, digital signature verification, and establish secure communication channels. The public key can be freely distributed as it does not contain sensitive information. {\bf{Private Key}}: A private key, on the other hand, is the other half of the asymmetric encryption algorithm and is kept secret by the owner of the key. It is used to decrypt data, generate digital signatures, and establish secure communication channels. The private key must be kept secure as it contains sensitive information that must not be disclosed to anyone else.} \tn % Row Count 16 (+ 15) % Row 2 \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{{\bf{Asymmetric Keys vs Symmetric Keys}}} \tn % Row Count 17 (+ 1) % Row 3 \SetRowColor{white} \mymulticolumn{1}{x{8.4cm}}{{\bf{Symmetric Key}}: A symmetric key encryption system uses the same secret key to both encrypt and decrypt the data. The sender and receiver must have the same secret key to communicate securely. The symmetric key encryption system is faster than the asymmetric key encryption system, and it is typically used for bulk data encryption. {\bf{Asymmetric Key}}: An asymmetric key encryption system uses two keys, a public key, and a private key. The public key is used to encrypt the data, and the private key is used to decrypt it. Anyone can have access to the public key, but the private key is kept secret by the owner. Asymmetric key encryption is slower than symmetric key encryption but provides better security and is typically used for digital signatures, secure key exchange, and establishing secure communication channels. {\bf{The main difference between symmetric and asymmetric key encryption is that symmetric key encryption uses the same key to encrypt and decrypt data, while asymmetric key encryption uses two different keys for encryption and decryption. The symmetric key encryption system is faster, while the asymmetric key encryption system is more secure.}}} \tn % Row Count 41 (+ 24) \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{x{4 cm} x{4 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{PBQ Notes from Youtube}} \tn % Row 0 \SetRowColor{LightBackground} \{\{link="https://www.youtube.com/watch?v=Fb7RQ7-ccCo"\}\}Firewalls and Proxy PBQ & allow web traffic, disallow all traffic from specific IP, ensure implicit deny, port 53 is DNS, \tn % Row Count 5 (+ 5) % Row 1 \SetRowColor{white} & IDS alert, supposed to be denied on ACL, given diagram. 443 default port for https, NAT, NAPT firewall in use \tn % Row Count 11 (+ 6) % Row 2 \SetRowColor{LightBackground} \{\{link="https://www.youtube.com/watch?v=5IazBA0IfAI"\}\}3.3 PBQ & tcp port 22, new inbound rule wizards, use custom, rule can be named SFTP, most groups use third party for FTP, \tn % Row Count 17 (+ 6) % Row 3 \SetRowColor{white} \{\{link="https://www.youtube.com/watch?v=7KRWmYkMOII"\}\}PBQ Vincent Humble & multifactor auth characteristis, payload, trojan with keylogger \tn % Row Count 21 (+ 4) % Row 4 \SetRowColor{LightBackground} & cryptographic scenario: \{\{link="https://www.encryptionconsulting.com/education-center/what-is-rsa/"\}\}RSA, \tn % Row Count 27 (+ 6) % Row 5 \SetRowColor{white} & hash \{\{fa-arrow-right\}\} private key encryption \{\{fa-arrow-right\}\} to create dig sig \{\{fa-arrow-right\}\} alice then attatches DS to og message to deliver to bob (SHE FORGOT TO ENCRYPT THIS)\{\{fa-arrow-right\}\} bob then decrypts og message w/ DS using Alice's {\bf{public}} key \{\{fa-arrow-right\}\} resulting in the has of the og message \{\{fa-arrow-right\}\} bob performs hash comparison \{\{fa-arrow-right\}\} the hashes do not match \{\{fa-arrow-right\}\} no trust \tn % Row Count 50 (+ 23) \end{tabularx} \par\addvspace{1.3em} \vfill \columnbreak \begin{tabularx}{8.4cm}{x{4 cm} x{4 cm} } \SetRowColor{DarkBackground} \mymulticolumn{2}{x{8.4cm}}{\bf\textcolor{white}{PBQ Notes from Youtube (cont)}} \tn % Row 6 \SetRowColor{LightBackground} Other Vincent Humble Videos & 601-P1: blowfish cipher, Bcrypt? can lengthen and strengthen keys, longer the key, the longer a file is confidential, \tn % Row Count 6 (+ 6) % Row 7 \SetRowColor{white} & 601-P2: Sim cloning, elliptic curve cryptography, geo requirement for data centers 100 miles?, hybrid, DLP, GPS and WiFi, nonrep \& accountibility, \tn % Row Count 14 (+ 8) % Row 8 \SetRowColor{LightBackground} & 601-P3: \tn % Row Count 15 (+ 1) \hhline{>{\arrayrulecolor{DarkBackground}}--} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Cyber Kill Chain}} \tn \SetRowColor{LightBackground} \mymulticolumn{1}{p{8.4cm}}{\vspace{1px}\centerline{\includegraphics[width=5.1cm]{/web/www.cheatography.com/public/uploads/sokoctopus_1677717457_cyber_kill_chain.png}}} \tn \hhline{>{\arrayrulecolor{DarkBackground}}-} \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{Alt text: the cyber kil chain, 8 steps} \tn \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Cloud vs On Premises}} \tn \SetRowColor{LightBackground} \mymulticolumn{1}{p{8.4cm}}{\vspace{1px}\centerline{\includegraphics[width=5.1cm]{/web/www.cheatography.com/public/uploads/sokoctopus_1677698023_On-Cloud-vs-On-Premise.jpg}}} \tn \hhline{>{\arrayrulecolor{DarkBackground}}-} \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{Alt text: On cloud vs On premises \newline \newline Note: This is a VERY strong theme throughout all of the objectives for this exam} \tn \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Encryption (Image)}} \tn \SetRowColor{LightBackground} \mymulticolumn{1}{p{8.4cm}}{\vspace{1px}\centerline{\includegraphics[width=5.1cm]{/web/www.cheatography.com/public/uploads/sokoctopus_1677713497_Computer-and-Networks-Network-Security-Diagrams-EFS-Operation.png}}} \tn \hhline{>{\arrayrulecolor{DarkBackground}}-} \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{Alt text: encryption process \newline Data preparation, Key generation, Encryption algorithm, transmission of data, decryption} \tn \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{DiD}} \tn \SetRowColor{LightBackground} \mymulticolumn{1}{p{8.4cm}}{\vspace{1px}\centerline{\includegraphics[width=5.1cm]{/web/www.cheatography.com/public/uploads/sokoctopus_1679425963_figure-2_defense-in-depthframework_kudelski-1024x731.jpg}}} \tn \hhline{>{\arrayrulecolor{DarkBackground}}-} \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{Alt Text: Defense in depth methods} \tn \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{DNS Tunneling}} \tn \SetRowColor{LightBackground} \mymulticolumn{1}{p{8.4cm}}{\vspace{1px}\centerline{\includegraphics[width=5.1cm]{/web/www.cheatography.com/public/uploads/sokoctopus_1679426125_dns-tunneling-technique-l.jpg}}} \tn \hhline{>{\arrayrulecolor{DarkBackground}}-} \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{Alt Text: DNS tunneling techniques} \tn \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{Virtualization vs Containerization}} \tn \SetRowColor{LightBackground} \mymulticolumn{1}{p{8.4cm}}{\vspace{1px}\centerline{\includegraphics[width=5.1cm]{/web/www.cheatography.com/public/uploads/sokoctopus_1678234513_Screenshot 2023-03-07 191441.png}}} \tn \hhline{>{\arrayrulecolor{DarkBackground}}-} \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{Alt text: virtualization vs containerization screenshot from Professor Messer Video} \tn \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} \begin{tabularx}{8.4cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{8.4cm}}{\bf\textcolor{white}{"As a Service"}} \tn \SetRowColor{LightBackground} \mymulticolumn{1}{p{8.4cm}}{\vspace{1px}\centerline{\includegraphics[width=5.1cm]{/web/www.cheatography.com/public/uploads/sokoctopus_1678234164_Screenshot 2023-03-07 190853.png}}} \tn \hhline{>{\arrayrulecolor{DarkBackground}}-} \SetRowColor{LightBackground} \mymulticolumn{1}{x{8.4cm}}{Alt text: Cloud services and how they differ from one another} \tn \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} % That's all folks \end{multicols*} \end{document}