Security Essentials Objectives V1.0: Difference between revisions

From LPI Wiki
Jump to navigationJump to search
← Older edit
Mmarco (talk | contribs)
6 edits
No edit summary
 
(121 intermediate revisions by 2 users not shown)
Line 2: Line 2:
==Introduction==
==Introduction==


This certificate covers a basic knowledge of IT security. The focus is the digital self-defense of an individual user. This includes a general understanding of major threats against individual computing systems, networks, services and identity as well as approaches to prevent and mitigate them.
This certificate covers a basic knowledge of IT security. The focus is the digital self-defense for an individual user. This includes a general understanding of the common security threats against individual computing systems, networks, services and identity as well as approaches to prevent and mitigate them.


<br />
<br />
Line 10: Line 10:
===The Minimally Qualified Candidate===
===The Minimally Qualified Candidate===


The Candidate has a basic understanding of the major security threats of using computers, networks, connected devices and IT service on premise and in the cloud. The candidate understands common ways to prevent, mitigate and prevent attacks against their personal devices and data. Furthermore, the candidate is able to use encryption to secure data transferred through a network and stored on local storage media and in the cloud. The candidate is able to apply common security tools, protect private information and secure their identity. The candidate is able to take responsibility for securing their own devices and making use of IT services.
The candidate has a basic understanding of common security threats of using computers, networks, connected devices, and IT services on premises and in the cloud. The candidate understands common ways to prevent and mitigate attacks against their personal devices and data. Furthermore, the candidate is able to use encryption to secure data transferred through a network and stored on storage devices and in the cloud. The candidate is able to apply common security best practices, protect private information, and secure their identity. The candidate is able to securely use IT services and to take responsibility for securing their personal computing devices, applications, accounts, and online profiles.


<br />
<br />
Line 16: Line 16:
==Version Information==
==Version Information==


These objectives are '''A DRAFT FOR''' version 1.0.0.
These objectives are version 1.0.0.


<br />
<br />
Line 56: Line 56:
| style="background:#eaeaea" |
| style="background:#eaeaea" |


The candidate should understand the importance of IT security. This includes an understanding of essential security goals as well as understanding various actors and roles in the field of IT security.
The candidate should understand the importance of IT security. This includes understanding of essential security goals as well as understanding various actors and roles in the field of IT security.


|}
|}
Line 62: Line 62:
'''Key Knowledge Areas:'''
'''Key Knowledge Areas:'''


* Understand common security goals (confidentiality, integrity and availability, non repudiation)
* Understanding of the importance of IT security


* Understand common roles in security (hackers, crackers, black hat, white hat)
* Understanding of common security goals


* Awareness of industrial espionage
* Understanding of common roles in security


'''Partial list of the used files, terms and utilities:'''
* Understanding of common goals of attacks against IT systems and devices
 
* Understanding of the concept of attribution and related issues
 
'''Partial list of the used files, terms, and utilities:'''
 
* Confidentiality, integrity, availability, non-repudiation
 
* Hackers, crackers, script kiddies
 
* Black hat and white hat hackers
 
* Accessing, manipulating or deleting data
 
* Interrupting services, extorting ransom
 
* Industrial espionage


<br />
<br />
Line 87: Line 103:
| style="background:#eaeaea" |
| style="background:#eaeaea" |


The candidate should know how to find and interpret relevant security information. This includes understanding the risk of a vulnerability and determining the need, urgency and appropriateness for a reaction.
The candidate should understand how to find and interpret relevant security information. This includes understanding the risk of a security vulnerability and determining the need and urgency for a reaction.


|}
|}
Line 95: Line 111:
* Know common sources for security information
* Know common sources for security information


* Understand security incident classification schema
* Understanding of security incident classification schema and important types of security vulnerabilities
 
* Understanding of the concepts of security assessments and IT forensics
 
* Awareness of Information Security Management Systems (ISMS) and Information Security Incident Response Plans and Teams
 
'''Partial list of the used files, terms, and utilities:'''
 
* Common Vulnerabilities and Exposures (CVE)
 
* CVE ID
 
* Computer Emergency Response Team (CERT)
 
* Penetration testing


* Understand the concepts of Common Vulnerabilities and Exposures (CVE)
* Untargeted attacks and Advanced Persistent Threats (APT)


'''Partial list of the used files, terms and utilities:'''
* Zero-day security vulnerabilities
 
* Remote execution and explication of security vulnerabilities
 
* Privilege escalation due to security vulnerabilities


<br />
<br />


====<span style="color:navy">021.3 Ethical Behaviour (weight: 2)</span>====
====<span style="color:navy">021.3 Ethical Behavior (weight: 2)</span>====


{|
{|
Line 118: Line 152:
| style="background:#eaeaea" |
| style="background:#eaeaea" |


The candidates should understand the implications of their behavior when using digital infrastructure. This includes understanding the potential harm caused by using security tools. Furthermore, the candidate should understand common principles in copyright and privacy laws.
The candidate should understand the technical, financial, and legal implications of their behavior when using digital infrastructure. This includes understanding the potential harm caused by using security tools. Furthermore, the candidate should understand common concepts in copyright and privacy laws.


|}
|}
Line 124: Line 158:
'''Key Knowledge Areas:'''
'''Key Knowledge Areas:'''


* Understanding the implications of one’s actions on others
* Understanding the implications for others of actions taken related to security
 
* Handling information about security vulnerabilities responsibly
 
* Handling confidential information responsibly
 
* Awareness of personal, financial, ecological, and social implication of errors and outages in information technology services
 
* Awareness of legal implications of security scans, assessments, and attacks
 
'''Partial list of the used files, terms, and utilities:'''
 
* Responsible Disclosure and Full Disclosure


* Handling of personal and confidential information in a responsible way
* Bug Bounty programs


* Awareness of legal implications
* Public and private law


'''Partial list of the used files, terms and utilities:'''
* Penal law, privacy law, copyright law
 
* Liability, financial compensation claims


<br />
<br />
Line 136: Line 184:
===''022 Encryption''===
===''022 Encryption''===


====<span style="color:navy">022.1 Cryptography Public Key Infrastructure (weight: 3)</span>====
====<span style="color:navy">022.1 Cryptography and Public Key Infrastructure (weight: 3)</span>====


{|
{|
Line 151: Line 199:
| style="background:#eaeaea" |
| style="background:#eaeaea" |


The candidate should understand the principle of symmetric and asymmetric encryption. Furthermore candidates should understand how digital certificates are used to associate cryptographic keys with individual persons and organizations.
The candidate should understand the concepts of symmetric and asymmetric encryption as well as other types of commonly used cryptographic algorithms. Furthermore, the candidate should understand how digital certificates are used to associate cryptographic keys with individual persons and organizations.


|}
|}
Line 157: Line 205:
'''Key Knowledge Areas:'''
'''Key Knowledge Areas:'''


* Understanding of the principles of symmetric, asymmetric and hybrid cryptography
* Understanding of the concepts of symmetric, asymmetric, and hybrid cryptography


* Understanding of the principle of Perfect Forward Secrecy
* Understanding of the concept of Perfect Forward Secrecy


* Understanding of the principle of hash functions
* Understanding of the concepts of hash functions, ciphers, and key exchange algorithms


* Awareness of most important cryptographic algorithms
* Understanding of the differences between end-to-end encryption and transport encryption


* Understanding of the principle of digital certificates
* Understanding of the concepts of Public Key Infrastructures (PKI), Certificate Authorities, and Trusted Root-CAs


* Understanding of how certificates are associated with a subject and an issuer
* Understanding of the concepts X.509 certificates


* Understanding of the role of Certificate Authorities
* Understanding of how X.509 certificates are requested and issued
 
* Awareness of certificate revocation


* Awareness of Let’s Encrypt
* Awareness of Let’s Encrypt


'''Partial list of the used files, terms and utilities:'''
* Awareness of important cryptographic algorithms
 
'''Partial list of the used files, terms, and utilities:'''
 
* Public Key Infrastructures (PKI)
 
* Certificate Authorities
 
* Trusted Root-CAs
 
* Certificate Signing Requests (CSR) and certificates
 
* X.509 certificate fields: Subject, Issuer, Validity
 
* RSA, AES, MD5, SHA-256, Diffie–Hellman key exchange, Elliptic Curve Cryptography


<br />
<br />
Line 192: Line 256:
| style="background:#eaeaea" |
| style="background:#eaeaea" |


The candidate should understand the principle of HTTPS. This includes verifying the identity of existing websites and understanding common browser error messages.
The candidate should understand the concepts of HTTPS. This includes verifying the identity of web servers and understanding common browser error messages related to security.


|}
|}
Line 200: Line 264:
* Understanding of the major differences between plain text protocols and transport encryption
* Understanding of the major differences between plain text protocols and transport encryption


* Understanding of the principle of HTTPS
* Understanding of the concepts of HTTPS


* Understanding of important fields in X.509 certificates for the use with HTTPS
* Understanding of important fields in X.509 certificates for the use with HTTPS
* Understanding of how X.509 certificates are associated with a specific web site
* Understanding of the validity checks web browsers perform on X.509 certificates


* Determining whether or not a website is encrypted, including common browser messages
* Determining whether or not a website is encrypted, including common browser messages


* Awareness of SSL Labs Server Test
'''Partial list of the used files, terms, and utilities:'''
 
* HTTPS, TLS, SSL


'''Partial list of the used files, terms and utilities:'''
* X.509 certificate fields: subject, Validity, subjectAltName


<br />
<br />
Line 227: Line 297:
| style="background:#eaeaea" |
| style="background:#eaeaea" |


The candidate should understand the principle of GPG for email encryption. This includes handling one’s own and foreign GPG keys and sending and receiving encrypted emails.
The candidate should understand the concepts of OpenPGP and S/MIME for email encryption. This includes handling OpenPGP keys and S/MIME certificates as well as sending and receiving encrypted emails.


|}
|}
Line 233: Line 303:
'''Key Knowledge Areas:'''
'''Key Knowledge Areas:'''


* Understanding of the principle of GPG
* Understanding of email encryption and email signatures
 
* Understanding of OpenPGP
 
* Understanding of S/MIME
 
* Understanding of the role of OpenPGP key servers


* Understanding of the role of key servers
* Understanding of the role of certificates for S/MIME


* Using GPG for Email encryption (using Enigmail and Thunderbird on Windows, Linux or OS X)
* Understanding of how PGP keys and S/MIME certificates are associated with an email address


'''Partial list of the used files, terms and utilities:'''
* Using Mozilla Thunderbird to send and receive encrypted email using OpenPGP and S/MIME
 
'''Partial list of the used files, terms, and utilities:'''
 
* GnuPGP, GPG keys, key servers
 
* S/MIME and S/MIME certificates


<br />
<br />
Line 258: Line 340:
| style="background:#eaeaea" |
| style="background:#eaeaea" |


The candidate should understand the principles of data, file and storage device be able to encrypt data stored on local storage devices and in the cloud.
The candidate should understand the concepts of file encryption and storage device encryption. Furthermore, the candidate should be able to encrypt data stored on local storage devices and in the cloud.


|}
|}
Line 264: Line 346:
'''Key Knowledge Areas:'''
'''Key Knowledge Areas:'''


* Understanding of the principles of data, file and storage device encryption
* Understanding of the concepts of data, file, and storage device encryption
 
* Using VeraCrypt to store data in an encrypted container or an encrypted storage devices


* Using VeraCrypt to store data in a container or an encrypted storage devices
* Understanding the core features of BitLocker


* Using Cryptomator to encrypt files stored in the cloud  
* Using Cryptomator to encrypt files stored in file storage cloud services


* Awareness of Bitlocker
'''Partial list of used files, terms, and utilities:'''


'''Partial list of used files, terms and utilities:'''
* VeraCrypt
 
* BitLocker
 
* Cryptomator


<br />
<br />


===''023 Node, Device and Storage Security''===
===''023 Device and Storage Security''===


====<span style="color:navy">023.1 Hardware Security (weight: 2)</span>====
====<span style="color:navy">023.1 Hardware Security (weight: 2)</span>====
Line 293: Line 381:
| style="background:#eaeaea" |
| style="background:#eaeaea" |


The candidate should understand security aspects of hardware. This includes understanding the various types of computer devices as well as their major components. Furthermore, the candidate should understand the security implications of various devices that interact with a computer.
The candidate should understand security aspects of hardware. This includes understanding the various types of computer devices as well as their major components. Furthermore, the candidate should understand the security implications of various devices that interact with a computer as well as the security implications of physical access to a device.


|}
|}
Line 299: Line 387:
'''Key Knowledge Areas:'''
'''Key Knowledge Areas:'''


* Understanding of the functionality of major components of a computer
* Understanding of the major components of a computer


* Understanding of the functionality of tablets, smartphones, smart tvs, routers, printers smart home, alarm, and IoT devices (light bulbs, thermostats, TVs, …)
* Understanding of the smart devices and the Internet of Things (IoT)


* Understanding of the security implications of physical access to a computer
* Understanding of the security implications of physical access to a computer


* Understanding of security implications of USB devices
* Understanding of USB devices devices types, connections, and security aspects
 
* Understanding of Bluetooth devices types, connections, and security aspects
 
* Understanding of RFID devices types, connections, and security aspects
 
* Awareness of Trusted Computing
 
'''Partial list of used files, terms, and utilities:'''
 
* Processors, memory, storage, network adapters
 
* Tablets, smartphones, smart tvs, routers, printers smart home, alarm, IoT devices (e.g. light bulbs, thermostats, TVs)


* Understanding of security implications of Bluetooth devices
* USB


* Understanding of security implications of RFID devices
* Bluetooth


'''Partial list of used files, terms and utilities:'''
* RFID


<br />
<br />
Line 330: Line 430:
| style="background:#eaeaea" |
| style="background:#eaeaea" |


The candidate should understand the security aspects of software. This includes managing software updates, protecting software from remote access and understanding how to security install software.
The candidate should understand the security aspects of software. This includes securely installing software, managing software updates, and protecting software from unintended network connections.


|}
|}
Line 336: Line 436:
'''Key Knowledge Areas:'''
'''Key Knowledge Areas:'''


* Understanding of updates for firmware, operating systems and applications
* Understanding of common types of software


* Understanding of the concepts of local packet filters, endpoint firewalls and application layer firewalls
* Understanding of various sources for applications and ways to securely procure and install software


* Understanding of various sources for applications and ways to securely procure and install software
* Understanding of updates for firmware, operating systems, and applications


* Understanding of sources for mobile applications
* Understanding of sources for mobile applications


'''Partial list of used files, terms and utilities:'''
* Understanding of common security vulnerabilities in software
 
* Understanding of the concepts of local protective software
 
'''Partial list of used files, terms, and utilities:'''
 
* Firmware, operating systems, applications
 
* App stores
 
* Local packet filters, endpoint firewalls, application layer firewalls
 
* Buffer overflows, SQL injections


<br />
<br />
Line 363: Line 475:
| style="background:#eaeaea" |
| style="background:#eaeaea" |


The candidate should understand the principle of various types of malware. This includes understanding of how they are installed on a device, what effects they cause and how to protect against malware.
The candidate should understand the various types of malware. This includes understanding of how they are installed on a device, what effects they cause, and how to protect against malware.


|}
|}
Line 369: Line 481:
'''Key Knowledge Areas:'''
'''Key Knowledge Areas:'''


* Understanding of various types of malware (virus, ransomware, trojan horses, adware, cryptominers)
* Understanding of common types of malware  


* Understanding of various types of spying (file copy, keylogging, camera and microphone hijacking)
* Understanding of the concepts of rootkit and remote access


* Awareness of the risk of data and address books copies
* Understanding of virus and malware scanners


* Understanding of the principle of rootkit and remote access
* Awareness of the risk of malware used for spying, data exfiltration, and address books copies


* Understanding of keyloggers
'''Partial list of used files, terms, and utilities:'''


* Understanding of virus and malware scanners
* Viruses, ransomware, trojan malware, adware, cryptominers
 
* Backdoors and remote access


'''Partial list of used files, terms and utilities:'''
* File copying, keylogging, camera, microphone hijacking


<br />
<br />
Line 400: Line 514:
| style="background:#eaeaea" |
| style="background:#eaeaea" |


The candidate should be able to ensure the availability of their data. This includes storing data in appropriate devices and services as well as creating backups.
The candidate should understand how to ensure the availability of their data. This includes storing data on appropriate devices and services as well as creating backups.


|}
|}
Line 406: Line 520:
'''Key Knowledge Areas:'''
'''Key Knowledge Areas:'''


* Understanding of data access and sharing in the cloud
* Understanding of the importance of backups


* Awareness of the dependence on internet connection and the synchronization of data between cloud services and local storage
* Understanding of common backup types and strategies


* Creating and securely storing backups (full, differential, incremental backups, backup retention)
* Understanding of the security implications of backups


'''Partial list of used files, terms and utilities'''
* Creating and securely storing backups
 
* Understanding of data storage, access, and sharing in cloud services
 
* Understanding of the security implications of cloud storage and shared access in the cloud
 
* Awareness of the dependence on Internet connection and the synchronization of data between cloud services and local storage
 
'''Partial list of used files, terms, and utilities'''
 
* Full, differential and incremental backups
 
* Backup retention
 
* File sharing cloud services


<br />
<br />
Line 418: Line 546:
===''024 Network and Service Security''===
===''024 Network and Service Security''===


====<span style="color:navy">024.1 Local Network Access Security (weight: 4)</span>====
====<span style="color:navy">024.1 Networks, Network Services and the Internet (weight: 4)</span>====


{|
{|
Line 433: Line 561:
| style="background:#eaeaea" |
| style="background:#eaeaea" |


The candidate should understand how devices are connected to a local network and and which threats result from physical media access. Furthermore, candidates should be able to securely connect to a wireless network.
The candidate should understand the concepts of computer networks and the Internet. This includes basic knowledge of various network media types, addressing, routing, and packet forwarding as well as understanding of the most important protocols used in the Internet.


|}
|}
Line 439: Line 567:
'''Key Knowledge Areas:'''
'''Key Knowledge Areas:'''


* Understanding of the principles behind IP networks and the internet
* Understanding of the various types of network media and network devices
 
* Understanding of the concepts of IP networks and the Internet
 
* Understanding of the concepts of routing and Internet Service Providers (ISPs)
 
* Understanding of the concepts of MAC and link-layer addresses, IP addresses, TCP and UDP ports, and DNS
 
* Understanding of the concepts of cloud computing
 
'''Partial list of used files, terms, and utilities:'''
 
* Wired networks, WiFi networks, cellular networks
 
* Switches, Routers, Access Points
 
* Default Router


* Understanding of the principles behind IP addresses and ports
* Internet Service Provider


* Understanding of the principles behind routing and network providers
* IPv4, IPv6


* Understanding of the various types of network media (wired and WiFi)
* TCP, UDP, ICMP, DHCP


* Understanding of the implications of media / link layer access
* DNS, DNS host names, forward DNS, reverse DNS


* Understanding of the concept of Man in the Middle attacks
* Cloud computing


* Understanding of the risk of unencrypted / Public WiFi
* Infrastructure as a Service (IaaS)


* Understanding and using of WiFi security and encryption
* Platform as a Service (PaaS)


'''Partial list of used files, terms and utilities:'''
* Software as a Service (SaaS)


<br />
<br />


====<span style="color:navy">024.2 Internet Security (weight: 2)</span>====
====<span style="color:navy">024.2 Network and Internet Security (weight: 3)</span>====


{|
{|
Line 466: Line 610:
'''Weight'''
'''Weight'''


| style="background:#eaeaea" | 2
| style="background:#eaeaea" | 3
|-
|-
| style="background:#dadada; padding-right:1em" |
| style="background:#dadada; padding-right:1em" |
Line 474: Line 618:
| style="background:#eaeaea" |
| style="background:#eaeaea" |


The candidate should understand the principle of the Internet and routed networks. This includes understanding how connections to cloud services are established and understanding common threats against services on the Internet.
The candidate should understand common security aspects of using networks and the Internet. This includes understanding of common security threats against networks and networked computers, approaches for mitigation, as well as the ability to securely connect to a wired or wireless network.


|}
|}
Line 480: Line 624:
'''Key Knowledge Areas:'''
'''Key Knowledge Areas:'''


* Understanding of the principles of the internet
* Understanding of the implications of link layer access
 
* Understanding of the risks and secure use of WiFi networks
 
* Understanding of the concepts of traffic interception
 
* Understanding of common security threats in the Internet along with approaches of mitigation
 
'''Partial list of the used files, terms, and utilities:'''
 
* Link layer


* Understanding of the principle of traffic interception
* Unencrypted and public WiFi


* Understanding of the principle of DoS and DDoS attacks
* WiFi security and encryption


* Understanding of the principle of botnets
* WEP, WPA, WPA2


* Understanding of the principle of clouds
* Traffic interception


'''Partial list of the used files, terms and utilities:'''
* Man in the Middle attacks
 
* DoS and DDoS attacks
 
* Botnets
 
* Packet filters


<br />
<br />
Line 509: Line 669:
| style="background:#eaeaea" |
| style="background:#eaeaea" |


The candidate should understand the principle of virtual private networks. This includes using a VPN provider to encrypt transmitted data. Candidates should understand about the anonymity of the Internet and TOR.
The candidate should understand the concepts of virtual private networks (VPN). This includes using a VPN provider to encrypt transmitted data. Candidates should understand recognition and anonymity concepts when using the Internet as well as anonymization tools, such as TOR.


|}
|}
Line 515: Line 675:
'''Key Knowledge Areas:'''
'''Key Knowledge Areas:'''


* Understanding of virtual private networks
* Understanding of virtual private networks (VPN)
 
* Understanding of the concepts of end-to-end encryption
 
* Understanding anonymity and recognition in the Internet
 
* Identification due to link layer addresses and IP addresses
 
* Understanding of the concepts of proxy servers
 
* Understanding of the concepts of TOR
 
* Awareness of the Darknet
 
* Awareness of cryptocurrencies and their anonymity aspects
 
'''Partial list of used files, terms, and utilities:'''
 
* Virtual Private Network (VPN)
 
* Public VPN providers
 
* Organization-specific VPN (e.g. company or university VPNs)
 
* End-to-end encryption


* Understanding of the role of a VPN provider
* Transfer encryption


* Understanding the concepts of gateway packet filters
* Anonymity


* Awareness of TOR and the Darknet
* Proxy servers


* Awareness of crypto currencies and their anonymity aspects
* TOR


'''Partial list of used files, terms and utilities:'''
* Hidden service
 
* .onion
 
* Blockchain


<br />
<br />
Line 531: Line 719:
===''025 Identity and Privacy''===
===''025 Identity and Privacy''===


====<span style="color:navy">025.1 Identity (weight: 3)</span>====
====<span style="color:navy">025.1 Identity and Authentication (weight: 3)</span>====


{|
{|
Line 546: Line 734:
| style="background:#eaeaea" |
| style="background:#eaeaea" |


The candidate should understand various concepts on how to prove their identity when using services on the internet. This includes using a password manager and multi factor authentication as well as being aware of common threats against individual identities.
The candidate should understand common concepts on how to prove their identity when using online services. This includes using a password manager, multi-factor authentication, and single sign-on, as well as being aware of common security threats regarding individual identities.


|}
|}
Line 552: Line 740:
'''Key Knowledge Areas:'''
'''Key Knowledge Areas:'''


* Understanding of the characteristics of secure password (length, special characters, change frequencies, complexity)
* Understanding of the concepts of digital identities.
 
* Understanding of the concepts of authentication, authorization, and accounting


* Using a password manager (keepass2)
* Understanding of the characteristics of secure password (e.g. length, special characters, change frequencies, complexity)


* Understanding of the differences between online and offline password managers
* Using a password manager


* Understanding of the risks of traditional password memorization compared to password managers
* Understanding of the concepts of security questions and account recovery tools


* Understanding of the principle of security questions and account recovery tools
* Understanding of the concepts of multi-factor authentication (MFA), including common factors


* Understanding of the principle of multifactor factor authentication
* Understanding of the concepts of single sign-on (SSO) and social media logins


* Understanding of Phishing
* Understanding of the role of email accounts for IT security


* Understanding of Social Engineering
* Understanding of how passwords are stored in online services


* Understanding of the role of email accounts for IT security
* Understanding of common attacks against passwords


* Monitoring own accounts for password leaks (Search engine alerts for own usernames, password leak checkers)
* Monitoring personal accounts for password leaks (e.g. search engine alerts for usernames and password leak checkers)


* Understanding of the security aspects of online banking and credit cards
* Understanding of the security aspects of online banking and credit cards


'''Partial list of used files, terms and utilities:'''
'''Partial list of used files, terms, and utilities:'''
 
* Online and offline password managers
 
* keepass2
 
* Single sign-on (SSO)
 
* Two-factor authentication (2FA) and multi-factor authentication (MFA)
 
* One-time passwords (OTP), time-based one-time passwords (TOTP)
 
* Authenticator applications
 
* Password hashing and salting
 
* Brute force attacks, directory attacks, rainbow table attacks


<br />
<br />


====<span style="color:navy">025.2 Information Confidentiality and Trustworthiness (weight: 2)</span>====
====<span style="color:navy">025.2 Information Confidentiality and Secure Communication (weight: 2)</span>====


{|
{|
Line 593: Line 799:
| style="background:#eaeaea" |
| style="background:#eaeaea" |


The candidate should be able to judge the trustworthiness and correctness of information on the internet. This includes understanding how search engines work and rank their results, knowing common criteria for recognizing fake news, spam messages and scam.
The candidate should understand how to keep confidential information secret and ensure the confidentiality of digital communication. This includes recognizing attempts of phishing and social engineering, as well as using secure means of communication.


|}
|}
Line 599: Line 805:
'''Key Knowledge Areas:'''
'''Key Knowledge Areas:'''


* Understanding the principle of search engines and web index
* Understanding the implications and risks of data leaks and intercepted communication
 
* Understanding of phishing and social engineering and scamming
 
* Understanding the concepts of email spam filters


* Awareness of web archives
* Securely handling of received email attachments


* Recognition of fake news
* Sharing information securely and responsibly using email cloud shares and messaging services


* Distinguishing fake and real URLs
* Using encrypted instant messaging


* Understanding the principles of email spam filters
'''Partial list of the used files, terms, and utilities:'''


* Understanding the principle of scamming and scareware
* Phishing and social engineering


* Handling of received email attachments
* Identity theft


* Sharing information securely and responsibly using email cloud shares and messaging services
* Scamming and scareware
 
* Email spam, email spam filtering
 
* Non-disclosure agreements (NDA)


'''Partial list of the used files, terms and utilities:'''
* Information classification


<br />
<br />


====<span style="color:navy">025.3 Privacy Protection (weight: 3)</span>====
====<span style="color:navy">025.3 Privacy Protection (weight: 2)</span>====


{|
{|
Line 626: Line 840:
'''Weight'''
'''Weight'''


| style="background:#eaeaea" | 3
| style="background:#eaeaea" | 2
|-
|-
| style="background:#dadada; padding-right:1em" |
| style="background:#dadada; padding-right:1em" |
Line 634: Line 848:
| style="background:#eaeaea" |
| style="background:#eaeaea" |


The candidate should understand the importance of the confidentiality of personal information. This includes managing privacy settings in various services as well as being aware of common threats against personal information.
The candidate should understand the importance of the confidentiality of personal information. This includes managing privacy settings in various online services and social media as well as being aware of common security threats regarding personal information.


|}
|}
Line 642: Line 856:
* Understanding of the importance of personal information
* Understanding of the importance of personal information


* Understanding of the concepts of information gathering and profiling
* Understanding of how personal information can be used for a malicious purpose


* Understanding of the principle of identity theft
* Understanding of the concepts of information gathering, profiling, and user tracking


* Understanding of the principle of stalking
* Managing profile privacy settings on social media platforms and online services


* Understanding of the principle of cybermobbing
* Understanding of the risk of publishing personal information


* Understanding of the principle of doxxing
* Understanding of the rights regarding personal information (e.g. GDPR)


* Understanding of the principle of fake profiles
'''Partial list of the used files, terms, and utilities:'''


* Understanding of the principle of cookies and tracking
* Stalking and cybermobbing


* Configuring profile privacy settings on social media platforms and online services
* HTTP cookies, browser fingerprinting, user tracking


* Managing contacts and privacy settings on social networks
* Script blockers and ad blockers in web browsers


* Understanding of the risk of publishing personal information
* Profiles in online services and social media


* Understanding of the rights regarding information about own personal information (such as GDPR for companies based in Europe)
* Contacts and privacy settings in social media


'''Partial list of the used files, terms and utilities:'''


<br />
<br />

Latest revision as of 14:04, 9 February 2023

Introduction

This certificate covers a basic knowledge of IT security. The focus is the digital self-defense for an individual user. This includes a general understanding of the common security threats against individual computing systems, networks, services and identity as well as approaches to prevent and mitigate them.


Candidate Description

The Minimally Qualified Candidate

The candidate has a basic understanding of common security threats of using computers, networks, connected devices, and IT services on premises and in the cloud. The candidate understands common ways to prevent and mitigate attacks against their personal devices and data. Furthermore, the candidate is able to use encryption to secure data transferred through a network and stored on storage devices and in the cloud. The candidate is able to apply common security best practices, protect private information, and secure their identity. The candidate is able to securely use IT services and to take responsibility for securing their personal computing devices, applications, accounts, and online profiles.


Version Information

These objectives are version 1.0.0.


Translations of Objectives

The following translations of the objectives are available on this wiki:


Objectives

021 Security Concepts

021.1 Goals, Roles and Actors (weight: 1)

Weight

1

Description

The candidate should understand the importance of IT security. This includes understanding of essential security goals as well as understanding various actors and roles in the field of IT security.

Key Knowledge Areas:

  • Understanding of the importance of IT security
  • Understanding of common security goals
  • Understanding of common roles in security
  • Understanding of common goals of attacks against IT systems and devices
  • Understanding of the concept of attribution and related issues

Partial list of the used files, terms, and utilities:

  • Confidentiality, integrity, availability, non-repudiation
  • Hackers, crackers, script kiddies
  • Black hat and white hat hackers
  • Accessing, manipulating or deleting data
  • Interrupting services, extorting ransom
  • Industrial espionage


021.2 Risk Assessment and Management (weight: 2)

Weight

2

Description

The candidate should understand how to find and interpret relevant security information. This includes understanding the risk of a security vulnerability and determining the need and urgency for a reaction.

Key Knowledge Areas:

  • Know common sources for security information
  • Understanding of security incident classification schema and important types of security vulnerabilities
  • Understanding of the concepts of security assessments and IT forensics
  • Awareness of Information Security Management Systems (ISMS) and Information Security Incident Response Plans and Teams

Partial list of the used files, terms, and utilities:

  • Common Vulnerabilities and Exposures (CVE)
  • CVE ID
  • Computer Emergency Response Team (CERT)
  • Penetration testing
  • Untargeted attacks and Advanced Persistent Threats (APT)
  • Zero-day security vulnerabilities
  • Remote execution and explication of security vulnerabilities
  • Privilege escalation due to security vulnerabilities


021.3 Ethical Behavior (weight: 2)

Weight

2

Description

The candidate should understand the technical, financial, and legal implications of their behavior when using digital infrastructure. This includes understanding the potential harm caused by using security tools. Furthermore, the candidate should understand common concepts in copyright and privacy laws.

Key Knowledge Areas:

  • Understanding the implications for others of actions taken related to security
  • Handling information about security vulnerabilities responsibly
  • Handling confidential information responsibly
  • Awareness of personal, financial, ecological, and social implication of errors and outages in information technology services
  • Awareness of legal implications of security scans, assessments, and attacks

Partial list of the used files, terms, and utilities:

  • Responsible Disclosure and Full Disclosure
  • Bug Bounty programs
  • Public and private law
  • Penal law, privacy law, copyright law
  • Liability, financial compensation claims


022 Encryption

022.1 Cryptography and Public Key Infrastructure (weight: 3)

Weight

3

Description

The candidate should understand the concepts of symmetric and asymmetric encryption as well as other types of commonly used cryptographic algorithms. Furthermore, the candidate should understand how digital certificates are used to associate cryptographic keys with individual persons and organizations.

Key Knowledge Areas:

  • Understanding of the concepts of symmetric, asymmetric, and hybrid cryptography
  • Understanding of the concept of Perfect Forward Secrecy
  • Understanding of the concepts of hash functions, ciphers, and key exchange algorithms
  • Understanding of the differences between end-to-end encryption and transport encryption
  • Understanding of the concepts of Public Key Infrastructures (PKI), Certificate Authorities, and Trusted Root-CAs
  • Understanding of the concepts X.509 certificates
  • Understanding of how X.509 certificates are requested and issued
  • Awareness of certificate revocation
  • Awareness of Let’s Encrypt
  • Awareness of important cryptographic algorithms

Partial list of the used files, terms, and utilities:

  • Public Key Infrastructures (PKI)
  • Certificate Authorities
  • Trusted Root-CAs
  • Certificate Signing Requests (CSR) and certificates
  • X.509 certificate fields: Subject, Issuer, Validity
  • RSA, AES, MD5, SHA-256, Diffie–Hellman key exchange, Elliptic Curve Cryptography


022.2 Web Encryption (weight: 2)

Weight

2

Description

The candidate should understand the concepts of HTTPS. This includes verifying the identity of web servers and understanding common browser error messages related to security.

Key Knowledge Areas:

  • Understanding of the major differences between plain text protocols and transport encryption
  • Understanding of the concepts of HTTPS
  • Understanding of important fields in X.509 certificates for the use with HTTPS
  • Understanding of how X.509 certificates are associated with a specific web site
  • Understanding of the validity checks web browsers perform on X.509 certificates
  • Determining whether or not a website is encrypted, including common browser messages

Partial list of the used files, terms, and utilities:

  • HTTPS, TLS, SSL
  • X.509 certificate fields: subject, Validity, subjectAltName


022.3 Email Encryption (weight: 2)

Weight

2

Description

The candidate should understand the concepts of OpenPGP and S/MIME for email encryption. This includes handling OpenPGP keys and S/MIME certificates as well as sending and receiving encrypted emails.

Key Knowledge Areas:

  • Understanding of email encryption and email signatures
  • Understanding of OpenPGP
  • Understanding of S/MIME
  • Understanding of the role of OpenPGP key servers
  • Understanding of the role of certificates for S/MIME
  • Understanding of how PGP keys and S/MIME certificates are associated with an email address
  • Using Mozilla Thunderbird to send and receive encrypted email using OpenPGP and S/MIME

Partial list of the used files, terms, and utilities:

  • GnuPGP, GPG keys, key servers
  • S/MIME and S/MIME certificates


022.4 Data Storage Encryption (weight: 2)

Weight

2

Description

The candidate should understand the concepts of file encryption and storage device encryption. Furthermore, the candidate should be able to encrypt data stored on local storage devices and in the cloud.

Key Knowledge Areas:

  • Understanding of the concepts of data, file, and storage device encryption
  • Using VeraCrypt to store data in an encrypted container or an encrypted storage devices
  • Understanding the core features of BitLocker
  • Using Cryptomator to encrypt files stored in file storage cloud services

Partial list of used files, terms, and utilities:

  • VeraCrypt
  • BitLocker
  • Cryptomator


023 Device and Storage Security

023.1 Hardware Security (weight: 2)

Weight

2

Description

The candidate should understand security aspects of hardware. This includes understanding the various types of computer devices as well as their major components. Furthermore, the candidate should understand the security implications of various devices that interact with a computer as well as the security implications of physical access to a device.

Key Knowledge Areas:

  • Understanding of the major components of a computer
  • Understanding of the smart devices and the Internet of Things (IoT)
  • Understanding of the security implications of physical access to a computer
  • Understanding of USB devices devices types, connections, and security aspects
  • Understanding of Bluetooth devices types, connections, and security aspects
  • Understanding of RFID devices types, connections, and security aspects
  • Awareness of Trusted Computing

Partial list of used files, terms, and utilities:

  • Processors, memory, storage, network adapters
  • Tablets, smartphones, smart tvs, routers, printers smart home, alarm, IoT devices (e.g. light bulbs, thermostats, TVs)
  • USB
  • Bluetooth
  • RFID


023.2 Application Security (weight: 2)

Weight

2

Description

The candidate should understand the security aspects of software. This includes securely installing software, managing software updates, and protecting software from unintended network connections.

Key Knowledge Areas:

  • Understanding of common types of software
  • Understanding of various sources for applications and ways to securely procure and install software
  • Understanding of updates for firmware, operating systems, and applications
  • Understanding of sources for mobile applications
  • Understanding of common security vulnerabilities in software
  • Understanding of the concepts of local protective software

Partial list of used files, terms, and utilities:

  • Firmware, operating systems, applications
  • App stores
  • Local packet filters, endpoint firewalls, application layer firewalls
  • Buffer overflows, SQL injections


023.3 Malware (weight: 3)

Weight

3

Description

The candidate should understand the various types of malware. This includes understanding of how they are installed on a device, what effects they cause, and how to protect against malware.

Key Knowledge Areas:

  • Understanding of common types of malware
  • Understanding of the concepts of rootkit and remote access
  • Understanding of virus and malware scanners
  • Awareness of the risk of malware used for spying, data exfiltration, and address books copies

Partial list of used files, terms, and utilities:

  • Viruses, ransomware, trojan malware, adware, cryptominers
  • Backdoors and remote access
  • File copying, keylogging, camera, microphone hijacking


023.4 Data Availability (weight: 2)

Weight

2

Description

The candidate should understand how to ensure the availability of their data. This includes storing data on appropriate devices and services as well as creating backups.

Key Knowledge Areas:

  • Understanding of the importance of backups
  • Understanding of common backup types and strategies
  • Understanding of the security implications of backups
  • Creating and securely storing backups
  • Understanding of data storage, access, and sharing in cloud services
  • Understanding of the security implications of cloud storage and shared access in the cloud
  • Awareness of the dependence on Internet connection and the synchronization of data between cloud services and local storage

Partial list of used files, terms, and utilities

  • Full, differential and incremental backups
  • Backup retention
  • File sharing cloud services


024 Network and Service Security

024.1 Networks, Network Services and the Internet (weight: 4)

Weight

4

Description

The candidate should understand the concepts of computer networks and the Internet. This includes basic knowledge of various network media types, addressing, routing, and packet forwarding as well as understanding of the most important protocols used in the Internet.

Key Knowledge Areas:

  • Understanding of the various types of network media and network devices
  • Understanding of the concepts of IP networks and the Internet
  • Understanding of the concepts of routing and Internet Service Providers (ISPs)
  • Understanding of the concepts of MAC and link-layer addresses, IP addresses, TCP and UDP ports, and DNS
  • Understanding of the concepts of cloud computing

Partial list of used files, terms, and utilities:

  • Wired networks, WiFi networks, cellular networks
  • Switches, Routers, Access Points
  • Default Router
  • Internet Service Provider
  • IPv4, IPv6
  • TCP, UDP, ICMP, DHCP
  • DNS, DNS host names, forward DNS, reverse DNS
  • Cloud computing
  • Infrastructure as a Service (IaaS)
  • Platform as a Service (PaaS)
  • Software as a Service (SaaS)


024.2 Network and Internet Security (weight: 3)

Weight

3

Description

The candidate should understand common security aspects of using networks and the Internet. This includes understanding of common security threats against networks and networked computers, approaches for mitigation, as well as the ability to securely connect to a wired or wireless network.

Key Knowledge Areas:

  • Understanding of the implications of link layer access
  • Understanding of the risks and secure use of WiFi networks
  • Understanding of the concepts of traffic interception
  • Understanding of common security threats in the Internet along with approaches of mitigation

Partial list of the used files, terms, and utilities:

  • Link layer
  • Unencrypted and public WiFi
  • WiFi security and encryption
  • WEP, WPA, WPA2
  • Traffic interception
  • Man in the Middle attacks
  • DoS and DDoS attacks
  • Botnets
  • Packet filters


024.3 Network Encryption and Anonymity (weight: 3)

Weight

3

Description

The candidate should understand the concepts of virtual private networks (VPN). This includes using a VPN provider to encrypt transmitted data. Candidates should understand recognition and anonymity concepts when using the Internet as well as anonymization tools, such as TOR.

Key Knowledge Areas:

  • Understanding of virtual private networks (VPN)
  • Understanding of the concepts of end-to-end encryption
  • Understanding anonymity and recognition in the Internet
  • Identification due to link layer addresses and IP addresses
  • Understanding of the concepts of proxy servers
  • Understanding of the concepts of TOR
  • Awareness of the Darknet
  • Awareness of cryptocurrencies and their anonymity aspects

Partial list of used files, terms, and utilities:

  • Virtual Private Network (VPN)
  • Public VPN providers
  • Organization-specific VPN (e.g. company or university VPNs)
  • End-to-end encryption
  • Transfer encryption
  • Anonymity
  • Proxy servers
  • TOR
  • Hidden service
  • .onion
  • Blockchain


025 Identity and Privacy

025.1 Identity and Authentication (weight: 3)

Weight

3

Description

The candidate should understand common concepts on how to prove their identity when using online services. This includes using a password manager, multi-factor authentication, and single sign-on, as well as being aware of common security threats regarding individual identities.

Key Knowledge Areas:

  • Understanding of the concepts of digital identities.
  • Understanding of the concepts of authentication, authorization, and accounting
  • Understanding of the characteristics of secure password (e.g. length, special characters, change frequencies, complexity)
  • Using a password manager
  • Understanding of the concepts of security questions and account recovery tools
  • Understanding of the concepts of multi-factor authentication (MFA), including common factors
  • Understanding of the concepts of single sign-on (SSO) and social media logins
  • Understanding of the role of email accounts for IT security
  • Understanding of how passwords are stored in online services
  • Understanding of common attacks against passwords
  • Monitoring personal accounts for password leaks (e.g. search engine alerts for usernames and password leak checkers)
  • Understanding of the security aspects of online banking and credit cards

Partial list of used files, terms, and utilities:

  • Online and offline password managers
  • keepass2
  • Single sign-on (SSO)
  • Two-factor authentication (2FA) and multi-factor authentication (MFA)
  • One-time passwords (OTP), time-based one-time passwords (TOTP)
  • Authenticator applications
  • Password hashing and salting
  • Brute force attacks, directory attacks, rainbow table attacks


025.2 Information Confidentiality and Secure Communication (weight: 2)

Weight

2

Description

The candidate should understand how to keep confidential information secret and ensure the confidentiality of digital communication. This includes recognizing attempts of phishing and social engineering, as well as using secure means of communication.

Key Knowledge Areas:

  • Understanding the implications and risks of data leaks and intercepted communication
  • Understanding of phishing and social engineering and scamming
  • Understanding the concepts of email spam filters
  • Securely handling of received email attachments
  • Sharing information securely and responsibly using email cloud shares and messaging services
  • Using encrypted instant messaging

Partial list of the used files, terms, and utilities:

  • Phishing and social engineering
  • Identity theft
  • Scamming and scareware
  • Email spam, email spam filtering
  • Non-disclosure agreements (NDA)
  • Information classification


025.3 Privacy Protection (weight: 2)

Weight

2

Description

The candidate should understand the importance of the confidentiality of personal information. This includes managing privacy settings in various online services and social media as well as being aware of common security threats regarding personal information.

Key Knowledge Areas:

  • Understanding of the importance of personal information
  • Understanding of how personal information can be used for a malicious purpose
  • Understanding of the concepts of information gathering, profiling, and user tracking
  • Managing profile privacy settings on social media platforms and online services
  • Understanding of the risk of publishing personal information
  • Understanding of the rights regarding personal information (e.g. GDPR)

Partial list of the used files, terms, and utilities:

  • Stalking and cybermobbing
  • HTTP cookies, browser fingerprinting, user tracking
  • Script blockers and ad blockers in web browsers
  • Profiles in online services and social media
  • Contacts and privacy settings in social media



Retrieved from "https://wiki.lpi.org/w/index.php?title=Security_Essentials_Objectives_V1.0&oldid=5716"