Final Exam: Vulnerability Analyst

WHAT YOU WILL LEARN

• 

  Perform a targeted remote scan using nmap
  

  describe the dangers of file upload remote execution
  

  describe the zero-trust model for security
  

  describe the network security concerns for hybrid cloud models
  

  describe the principles that define a security architecture
  

  describe the challenges and deficiencies of traditional security architectures
  

  describe the placement and use of sniffing and ids sensors
  

  describe the use of encryption methods and best practices in implementing encryption
  

  configure a firewall to block untrusted egress
  

  configure a firewall to block all but a trust subnet
  

  describe information threats such as privacy breaches or data leaks
  

  describe approaches to secure coding practices
  

  describe industry standards and the application domains they apply to
  

  block an attacker after too many failed login attempts
  

  perform ids with snort
  

  describe metrics used to measure the effectiveness of incident tracking
  

  describe approaches to ips and how it differs from ids
  

  describe authentication threats and non-repudiation
  

  perform ids with snort using a sample ruleset
  

  describe methods of authentication and their best practices
  

  recognize examples of security misconfiguration threats
  

  configure an nginx http service to prevent insecure file access
  

  describe how incident tracking can be integrated into an organization
  

  describe options and deployment strategies for ips
  

  describe the life cycle of an attack and how it is tracked
  

  describe the process and potential security flaws in security architecture implementation
  

  describe the continuous monitoring approach to active incident tracking
  

  describe the challenges of a secure-first network design
  

  describe the tools and techniques used by intrusion detection systems
  

  describe the network forensic approach to computer networks
• 

  perform nmap scans using methods to evade ids detection
  

  describe a network design approach from a security mindset
  

  describe the threat of user account discovery and how it is carried out
  

  describe methods and tools that can be used to help secure software through automation and testing
  

  describe methods of authorization and access control
  

  configure a secure vpn client to connect to a vpn server
  

  differentiate between public and private keys and their ciphers
  

  describe authenticity and identity spoofing threats
  

  describe how to validate integrity and tampering threats
  

  describe practical approaches to secure coding practices
  

  describe common coding pitfalls that lead to security vulnerabilities
  

  describe the security benefit of reproducible builds
  

  use wireshark to inspect network packets
  

  describe methods used to discover vulnerabilities
  

  describe methods of brute force attacks and key sizes
  

  describe the zero-trust model
  

  block an attacker after failed login attempts
  

  use password security tools to enforce a strong password policy
  

  compare between public and private keys and their ciphers
  

  describe the categories of vulnerabilities using the stride model
  

  identify how incident tracking can be integrated into an organization
  

  describe methods of keeping login and authentication credentials secure
  

  configure a deny-first firewall using ufw
  

  use tools to scan for potential intrusions on a local system
  

  describe security concerns when adopting new technologies, coding languages, and platforms
  

  describe advantages and disadvantages of various approaches to ips
  

  handle security policy trade-offs in situations where solutions might not align with policy
  

  use the local /etc/hosts to block unwanted connections
  

  describe effective incident tracking practices
  

  describe some of the cyber-security regulations when it comes to tracking and responding to incidents