Security+

Security+ Part 2

First step in getting certified

My Study Approach

Since the last post, my study approach did not change. I would wake up and study for 30 minutes every weekday and one hour+ for the weekend. I still feel unsure about my progress and feel like I don’s fully understand everything. For this reason, I will write a post on each topic I had an issue with to research and write what I understood and learned. Due to time limitation, I have skipped chapter 12 and will add it in the future.

Issues

I have a problem understanding RAID

Mistakes

After studying the second chapters of Security+ below are my notes/mistakes:

1. differential backup captures the changes since the last full backup while the incremental backup captures the changes since the last backup.
2. Warm sites don’t have the live data
3. Air Gap prevents network connectivity
4. Mantrap is also called access control vestibules
5. MSP provide information technology as a service to their customers, and MSSP provides security monitoring, vulnerability management, incident response, and firewall management.
6. Hypvervisor I resides on top of the hardware but Hypervisor II runs as an app on top of an existing OS.
7. MFP(printer) has weak encryption as a security concern 8.HSK used to secure and manage hardware key and PKI tool in a very small form factor.
8. Geofencing used to create a boundary
9. PEAK authenticates using TLS tunnel. EAP-FAST focuses on reauthentication. EAP-TLS has a certificate management challenge, so EAP-TTLS extends it to remove the need to have a certificate to create a secure session.