IT Security/Threats/Threat Mitigation

This lesson covers threat mitigation.

Objectives and SkillsEdit

Objectives and skills for the threat mitigation portion of Security+ certification include:[1]

Analyze a scenario and select the appropriate type of mitigation and deterrent techniques.
  • Monitoring system logs
    • Event logs
    • Audit logs
    • Security logs
    • Access logs
  • Hardening
    • Disabling unnecessary services
    • Protecting management interfaces and applications
    • Password protection
    • Disabling unnecessary accounts
  • Network security
    • MAC limiting and filtering
    • 802.1x
    • Disabling unused interfaces and unused application service ports
    • Rogue machine detection
  • Security posture
    • Initial baseline configuration
    • Continuous security monitoring
    • Remediation
  • Reporting
    • Alarms
    • Alerts
    • Trends
  • Detection controls vs. prevention controls

ReadingsEdit

MultimediaEdit

  1. YouTube: Monitoring System Logs - CompTIA Security+ SY0-401: 3.6
  2. YouTube: Operating System Hardening - CompTIA Security+ SY0-401: 3.6
  3. YouTube: Physical Port Security - CompTIA Security+ SY0-401: 3.6
  4. YouTube: Security Posture - CompTIA Security+ SY0-401: 3.6
  5. YouTube: Reporting - CompTIA Security+ SY0-401: 3.6
  6. YouTube: Detection vs. Prevention - CompTIA Security+ SY0-401: 3.6

ActivitiesEdit

See AlsoEdit

ReferencesEdit