IT Security/Threats/Threat Mitigation
< IT Security | Threats
This lesson covers threat mitigation.
Objectives and Skills
editObjectives and skills for the threat mitigation portion of Security+ certification include:[1]
- Analyze a scenario and select the appropriate type of mitigation and deterrent techniques.
- Monitoring system logs
- Event logs
- Audit logs
- Security logs
- Access logs
- Hardening
- Disabling unnecessary services
- Protecting management interfaces and applications
- Password protection
- Disabling unnecessary accounts
- Network security
- MAC limiting and filtering
- 802.1x
- Disabling unused interfaces and unused application service ports
- Rogue machine detection
- Security posture
- Initial baseline configuration
- Continuous security monitoring
- Remediation
- Reporting
- Alarms
- Alerts
- Trends
- Detection controls vs. prevention controls
- Intrusion Detection Systems (IDS) vs. Intrusion Prevention Systems (IPS)
- Camera vs. guard
- Monitoring system logs
Readings
editMultimedia
edit- YouTube: Monitoring System Logs - CompTIA Security+ SY0-401: 3.6
- YouTube: Operating System Hardening - CompTIA Security+ SY0-401: 3.6
- YouTube: Physical Port Security - CompTIA Security+ SY0-401: 3.6
- YouTube: Security Posture - CompTIA Security+ SY0-401: 3.6
- YouTube: Reporting - CompTIA Security+ SY0-401: 3.6
- YouTube: Detection vs. Prevention - CompTIA Security+ SY0-401: 3.6