Secure Infrastructure Specialist/Objectives
A+
editCore 1
edit1.0 Mobile Devices
edit1.1 Given a scenario, install and configure laptop hardware and components.
edit
|
|
1.2 Compare and contrast the display components of mobile devices.
edit
|
|
1.3 Given a scenario, set up and configure accessories and ports of mobile devices.
edit
|
|
1.4 Given a scenario, configure basic mobile-device network connectivity and application support.
edit
|
|
2.0 Networking
edit2.1 Compare and contrast Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports, protocols, and their purposes.
edit
|
|
2.2 Compare and contrast common networking hardware.
edit
|
|
2.3 Compare and contrast protocols for wireless networking.
edit
|
|
|
2.4 Summarize services provided by networked hosts.
edit
|
|
2.5 Given a scenario, install and configure basic wired/wireless small office/home office (SOHO) networks.
edit
|
2.6 Compare and contrast common network configuration concepts.
edit
|
|
2.7 Compare and contrast Internet connection types, network types, and their features.
edit
|
|
2.8 Given a scenario, use networking tools.
edit
|
|
3.0 Hardware
edit3.1 Explain basic cable types and their connectors, features, and purposes.
edit
|
|
3.2 Given a scenario, install the appropriate RAM.
edit
|
|
3.3 Given a scenario, select and install storage devices.
edit
|
|
|
3.4 Given a scenario, install and configure motherboards, central processing units (CPUs), and add-on cards.
edit
|
|
3.5 Given a scenario, install or replace the appropriate power supply.
edit
|
|
3.6 Given a scenario, deploy and configure multifunction devices/printers and settings.
edit
|
|
3.7 Given a scenario, install and replace printer consumables.
edit
|
|
4.0 Virtualization and Cloud Computing
edit4.1 Summarize cloud-computing concepts.
edit
|
|
4.2 Summarize aspects of client-side virtualization.
edit- Purpose of virtual machines
- Sandbox
- Test development
- Application virtualization
- Legacy software/OS
- Cross-platform virtualization
- Resource requirements
- Security requirements
5.0 Hardware and Network Troubleshooting
edit5.1 Given a scenario, apply the best practice methodology to resolve problems.
editAlways consider corporate policies, procedures, and impacts before implementing changes:
1. Identify the problem
- Gather information from the user, identify user changes, and, if applicable, perform backups before making changes
- Inquire regarding environmental or infrastructure changes
2. Establish a theory of probable cause (question the obvious)
- If necessary, conduct external or internal research based on symptoms
3. Test the theory to determine the cause
- Once the theory is confirmed, determine the next steps to resolve the problem
- If the theory is not confirmed, re-establish a new theory or escalate
4.Establish a plan of action to resolve the problem and implement the solution
- Refer to the vendor’s instructions for guidance
5.Verify full system functionality and, if applicable, implement preventive measures
6.Document the findings, actions, and outcomes
5.2 Given a scenario, troubleshoot problems related to motherboards, RAM, CPU, and power.
edit- Common symptoms
- Power-on self-test (POST) beeps
- Proprietary crash screens (blue screen of death [BSOD]/pinwheel)
- Black screen
- No power
- Sluggish performance
- Overheating
- Burning smell
- Intermittent shutdown
- Application crashes
- Grinding noise
- Capacitor swelling
- Inaccurate system date/time
5.3 Given a scenario, troubleshoot and diagnose problems with storage drives and RAID arrays.
edit- Common symptoms
- Light-emitting diode (LED) status indicators
- Grinding noises
- Clicking sounds
- Bootable device not found
- Data loss/corruption
- RAID failure
- Self-monitoring, Analysis, and Reporting Technology (S.M.A.R.T.) failure
- Extended read/write times
- Input/output operations per second (IOPS)
- Missing drives in OS
5.4 Given a scenario, troubleshoot video, projector, and display issues.
edit- Common symptoms
- Incorrect data source
- Physical cabling issues
- Burned-out bulb
- Fuzzy image
- Display burn-in
- Dead pixels
- Flashing screen
- Incorrect color display
- Audio issues
- Dim image
- Intermittent projector shutdown
5.5 Given a scenario, troubleshoot common issues with mobile devices.
edit- Common symptoms
- Poor battery health
- Swollen battery
- Broken screen
- Improper charging
- Poor/no connectivity
- Liquid damage
- Overheating
- Digitizer issues
- Physically damaged ports
- Malware
- Cursor drift/touch calibration
5.6 Given a scenario, troubleshoot and resolve printer issues.
edit- Common symptoms
- Lines down the printed pages
- Garbled print
- Toner not fusing to paper
- Paper jams
- Faded print
- Incorrect paper size
- Paper not feeding
- Multipage misfeed
- Multiple prints pending in queue
- Speckling on printed pages
- Double/echo images on the print
- Incorrect color settings
- Grinding noise
- Finishing issues
- Staple jams
- Hole punch
- Incorrect page orientation
5.7 Given a scenario, troubleshoot problems with wired and wireless networks.
edit- Common symptoms
- Intermittent wireless connectivity
- Slow network speeds
- Limited connectivity
- Jitter
- Poor Voice over Internet Protocol (VoIP) quality
- Port flapping
- High latency
- External interference
Core 2
edit1.0 Operating Systems
edit1.1 Identify basic features of Microsoft Windows editions.
edit
|
|
1.2 Given a scenario, use the appropriate Microsoft command-line tool.
edit
|
|
1.3 Given a scenario, use features and tools of the Microsoft Windows 10 operating system (OS).
edit
|
|
|
1.4 Given a scenario, use the appropriate Microsoft Windows 10 Control Panel utility.
edit
|
|
1.5 Given a scenario, use the appropriate Windows settings.
edit
|
|
1.6 Given a scenario, configure Microsoft Windows networking features on a client/desktop.
edit
|
|
1.7 Given a scenario, apply application installation and configuration concepts.
edit
|
|
1.8 Explain common OS types and their purposes.
edit
|
|
1.9 Given a scenario, perform OS installations and upgrades in a diverse OS environment.
edit
|
|
1.10 Identify common features and tools of the macOS/desktop OS.
edit
|
|
1.11 Identify common features and tools of the Linux client/desktop OS.
edit
|
|
2.0 Security
edit2.1 Summarize various security measures and their purposes.
edit
|
|
2.2 Compare and contrast wireless security protocols and authentication methods.
edit
|
|
2.3 Given a scenario, detect, remove, and prevent malware using the appropriate tools and methods.
edit
|
|
2.4 Explain common social-engineering attacks, threats, and vulnerabilities.
edit
|
|
2.5 Given a scenario, manage and configure basic security settings in the Microsoft Windows OS.
edit
|
|
2.6 Given a scenario, configure a workstation to meet best practices for security.
edit
|
|
2.7 Explain common methods for securing mobile and embedded devices.
edit
|
|
2.8 Given a scenario, use common data destruction and disposal methods
edit
|
|
2.9 Given a scenario, configure appropriate security settings on small office/home office (SOHO) wireless and wired networks.
edit
|
|
2.10 Given a scenario, install and configure browsers and relevant security settings.
edit
|
|
3.0 Software Troubleshooting
edit3.1 Given a scenario, troubleshoot common Windows OS problems.
edit
|
|
3.2 Given a scenario, troubleshoot common personal computer (PC) security issues.
edit- Common symptoms
- Unable to access the network
- Desktop alerts
- False alerts regarding antivirus protection
- Altered system or personal files
- Missing/renamed files
- Unwanted notifications within the OS
- OS update failures
- Browser-related symptoms
- Random/frequent pop-ups
- Certificate warnings
- Redirection
3.3 Given a scenario, use best practice procedures for malware removal.
edit- Investigate and verify malware symptoms
- Quarantine infected systems
- Disable System Restore in Windows
- Remediate infected systems
- Update anti-malware software
- Scanning and removal techniques (e.g., safe mode, preinstallation environment)
- Schedule scans and run updates
- Enable System Restore and create a restore point in Windows
- Educate the end user
3.4 Given a scenario, troubleshoot common mobile OS and application issues.
edit- Common symptoms
- Application fails to launch
- Application fails to close/crashes
- Application fails to update
- Slow to respond
- OS fails to update
- Battery life issues
- Randomly reboots
- Connectivity issues
- Bluetooth
- WiFi
- Near-field communication (NFC)
- AirDrop
- Screen does not autorotate
3.5 Given a scenario, troubleshoot common mobile OS and application security issues.
edit
|
|
4.0 Operational Procedures
edit4.1 Given a scenario, implement best practices associated with documentation and support systems information management.
edit
|
|
4.2 Explain basic change-management best practices.
edit
|
|
4.3 Given a scenario, implement workstation backup and recovery methods.
edit
|
|
4.4 Given a scenario, use common safety procedures.
edit
|
|
4.5 Summarize environmental impacts and local environmental controls.
edit- Material safety data sheet (MSDS)/documentation for handling and disposal
- Proper battery disposal
- Proper toner disposal
- Proper disposal of other devices and assets
- Temperature, humidity-level awareness, and proper ventilation
- Location/equipment placement
- Dust cleanup
- Compressed air/vacuums
- Power surges, under-voltage events, and power failures
- Battery backup
- Surge suppressor
4.6 Explain the importance of prohibited content/activity and privacy, licensing, and policy concepts.
edit
|
|
4.7 Given a scenario, use proper communication techniques and professionalism.
edit
|
|
4.8 Identify the basics of scripting.
edit- Script file types
- .bat
- .ps1
- .vbs
- .sh
- .js
- .py
- Use cases for scripting
- Basic automation
- Restarting machines
- Remapping network drives
- Installation of applications
- Automated backups
- Gathering of information/data
- Initiating updates
- Other considerations when using scripts
- Unintentionally introducing malware
- Inadvertently changing system settings
- Browser or system crashes due to mishandling of resources
4.9 Given a scenario, use remote access technologies.
edit- Methods/tools
- RDP
- VPN
- Virtual network computer (VNC)
- Secure Shell (SSH)
- Remote monitoring and management (RMM)
- Microsoft Remote Assistance (MSRA)
- Third-party tools
- Screen-sharing software
- Video-conferencing software
- File transfer software
- Desktop management software
- Security considerations of each access method
Network+
edit1.0 Networking Concepts
edit1.1 Explain concepts related to the Open Systems Interconnection (OSI) reference model.
edit- OSI model
- Layer 1 - Physical
- Layer 2 - Data link
- Layer 3 - Network
- Layer 4 - Transport
- Layer 5 - Session
- Layer 6 - Presentation
- Layer 7 - Application
1.2 Compare and contrast networking appliances, applications, and functions.
edit
|
|
1.3 Summarize cloud concepts and connectivity options.
edit
|
|
1.4 Explain common networking ports, protocols, services, and traffic types.
editProtocols | Ports |
---|---|
File Transfer Protocol (FTP) | 20/21 |
Secure File Transfer Protocol (SFTP) | 22 |
Secure Shell (SSH) | 22 |
Telnet | 23 |
Simple Mail Transfer Protocol (SMTP) | 25 |
Domain Name System (DNS) | 53 |
Dynamic Host Configuration Protocol (DHCP) | 67/68 |
Trivial File Transfer Protocol (TFTP) | 69 |
Hypertext Transfer Protocol (HTTP) | 80 |
Network Time Protocol (NTP) | 123 |
Simple Network Management Protocol (SNMP) | 161/162 |
Lightweight Directory Access Protocol (LDAP) | 389 |
Hypertext Transfer Protocol Secure (HTTPS) | 443 |
Server Message Block (SMB) | 445 |
Syslog | 514 |
Simple Mail Transfer Protocol Secure (SMTPS) | 587 |
Lightweight Directory Access Protocol over SSL (LDAPS) | 636 |
Structured Query Language (SQL) Server | 1433 |
Remote Desktop Protocol (RDP) | 3389 |
Session Initiation Protocol (SIP) | 5060/5061 |
- Internet Protocol (IP) types
- Internet Control Message Protocol (ICMP)
- Transmission Control Protocol (TCP)
- User Datagram Protocol (UDP)
- Generic Routing Encapsulation (GRE)
- Internet Protocol Security (IPSec)
- Authentication Header (AH)
- Encapsulating Security Payload (ESP)
- Internet Key Exchange (IKE)
- Traffic types
1.5 Compare and contrast transmission media and transceivers.
edit
|
|
1.6 Compare and contrast network topologies, architectures, and types.
edit
|
|
1.7 Given a scenario, use appropriate IPv4 network addressing.
edit
|
|
1.8 Summarize evolving use cases for modern network environments
edit
|
|
2.0 Network Implementation
edit2.1 Explain characteristics of routing technologies.
edit
|
|
2.2 Given a scenario, configure switching technologies and features.
edit
|
|
2.3 Given a scenario, select and configure wireless devices and technologies.
edit
|
|
2.4 Explain important factors of physical installations.
edit
|
|
3.0 Network Operations
edit3.1 Explain the purpose of organizational processes and procedures.
edit
|
|
3.2 Given a scenario, use network monitoring technologies.
edit
|
|
3.3 Explain disaster recovery (DR) concepts.
edit
|
|
3.4 Given a scenario, implement IPv4 and IPv6 network services.
edit
|
|
3.5 Compare and contrast network access and management methods.
edit- Site-to-site VPN
- Client-to-site VPN
- Clientless
- Split tunnel vs. full tunnel
- Connection methods
- SSH
- Graphical user interface (GUI)
- API
- Console
- Jump box/host
- In-band vs. out-of-band management
4.0 Network Security
edit4.1 Explain the importance of basic network security concepts.
edit
|
|
4.2 Summarize various types of attacks and their impact to the network.
edit
|
|
4.3 Given a scenario, apply network security features, defense techniques, and solutions.
edit
|
|
5.0 Network Troubleshooting
edit5.1 Explain the troubleshooting methodology.
edit
1. Identify the problem
2. Establish a theory of probable cause
|
3. Test the theory to determine the cause
4. Establish a plan of action to resolve the problem and identify potential effects 5. Implement the solution or escalate as necessary 6. Verify full system functionality and implement preventive measures if applicable 7. Document findings, actions, outcomes, and lessons learned throughout the process |
5.2 Given a scenario, troubleshoot common cabling and physical interface issues.
edit
|
|
5.3 Given a scenario, troubleshoot common issues with network services.
edit
|
|
5.4 Given a scenario, troubleshoot common performance issues.
edit
|
|
5.5 Given a scenario, use the appropriate tool or protocol to solve networking issues.
edit
|
|
Security+
edit1.0 General Security Concepts
edit1.1 Compare and contrast various types of security controls
edit
|
|
1.2 Summarize fundamental security concepts
edit
|
|
1.3 Explain the importance of change management processes and the impact to security.
edit
|
|
1.4 Explain the importance of using appropriate cryptographic solutions.
edit
|
|
2.0 Threats, Vulnerabilities, and Mitigations
edit2.1 Compare and contrast common threat actors and motivations.
edit
|
|
2.2 Explain common threat vectors and attack surfaces.
edit
|
|
2.3 Explain various types of vulnerabilities.
edit
|
|
2.4 Given a scenario, analyze indicators of malicious activity.
edit
|
|
2.5 Explain the purpose of mitigation techniques used to secure the enterprise.
edit
|
|
3.0 Security Architecture
edit3.1 Compare and contrast security implications of different architecture models.
edit
|
|
3.2 Given a scenario, apply security principles to secure enterprise infrastructure.
edit
|
|
3.3 Compare and contrast concepts and strategies to protect data.
edit
|
|
3.4 Explain the importance of resilience and recovery in security architecture.
edit
|
|
4.0 Security Operations
edit4.1 Given a scenario, apply common security techniques to computing resources.
edit
|
|
4.2 Explain the security implications of proper hardware, software, and data asset management.
edit
|
|
4.3 Explain various activities associated with vulnerability management.
edit
|
|
4.4 Explain security alerting and monitoring concepts and tools.
edit
|
|
4.5 Given a scenario, modify enterprise capabilities to enhance security.
edit
|
|
4.6 Given a scenario, implement and maintain identity and access management.
edit
|
|
4.7 Explain the importance of automation and orchestration related to secure operations.
edit
|
|
4.8 Explain appropriate incident response activities.
edit
|
|
4.9 Given a scenario, use data sources to support an investigation
edit
|
|
5.0 Security Program Management and Oversight
edit5.1 Summarize elements of effective security governance.
edit
|
|
5.2 Explain elements of the risk management process
edit
|
|
5.3 Explain the processes associated with third-party risk assessment and management.
edit
|
|
5.4 Summarize elements of effective security compliance.
edit
|
|
5.5 Explain types and purposes of audits and assessments.
edit
|
|
5.6 Given a scenario, implement security awareness practices.
edit
|
|