Security Essentials Objectives V1.0 TMP

From LPI Wiki
Jump to navigationJump to search

Introduction

This certificate covers a basic knowledge of IT security. The focus is the digital self-defense of an individual user. This includes a general understanding of main threats against individual computing systems, networks, services and identity as well as approaches to prevent and mitigate them.


Candidate Description

The Minimally Qualified Candidate

The Candidate has a basic understanding of common security threats of using computers, networks, connected devices and IT service on premise and in the cloud. The candidate understands common ways to prevent, mitigate and prevent attacks against their personal devices and data. Furthermore, the candidate is able to use encryption to secure data transferred through a network and stored on local storage media and in the cloud. The candidate is able to apply common security tools, protect private information and secure their identity. The candidate is able to take responsibility for securing their own devices and making use of IT services.


Version Information

These objectives are A DRAFT FOR version 1.0.0.


Translations of Objectives

The following translations of the objectives are available on this wiki:


Objectives

021 Security Concepts

021.1 Goals, Roles and Actors (weight: 1)

Weight

1

Description

The candidate should understand the importance of IT security. This includes an understanding of essential security goals as well as understanding various actors and roles in the field of IT security.

Key Knowledge Areas:

  • Understand common security goals (confidentiality, integrity and availability, non repudiation)
  • Understand common roles in security (hackers, crackers, script kiddies, black hat, white hat)
  • Understand common goals of security attacks (accessing, manipulating or deleting data, interrupting services, extorting ransom)
  • Awareness of industrial espionage

Partial list of the used files, terms and utilities:


021.2 Risk Assessment and Management (weight: 2)

Weight

2

Description

The candidate should know how to find and interpret relevant security information. This includes understanding the risk of a vulnerability and determining the need, urgency and appropriateness for a reaction.

Key Knowledge Areas:

  • Know common sources for security information
  • Understand security incident classification schema
  • Understand the concepts of Common Vulnerabilities and Exposures (CVE)
  • Understand the principles of penetration testing and IT forensics
  • Understand the major characteristics of untargeted security attacks and Advanced Persistent Threats (APT)
  • Understand the implications of zero-day security vulnerabilities
  • Understand the implications of security vulnerabilities that allow "remote execution" and "privilege escalation"
  • Awareness of Information Security Management Systems (ISMS) and Incident Response Plans and Teams

Partial list of the used files, terms and utilities:


021.3 Ethical Behavior (weight: 2)

Weight

2

Description

The candidate should understand the technical, financial and legal implications of their behavior when using digital infrastructure. This includes understanding the potential harm caused by using security tools. Furthermore, the candidate should understand common principles in copyright and privacy laws.

Key Knowledge Areas:

  • Understanding the implications of one’s actions on others
  • Understanding the principles of Responsible Disclosure and Full Disclosure
  • Understanding the principles of Bug Bounty programs
  • Handling information about security vulnerabilities and confidential information in a responsible way
  • Awareness of personal, financial, ecological and social implication of errors and outages in information technology
  • Awareness of legal implications of security scans and attacks, including liability and penal law

Partial list of the used files, terms and utilities:


022 Encryption

022.1 Cryptography Public Key Infrastructure (weight: 3)

Weight

3

Description

The candidate should understand the principle of symmetric and asymmetric encryption. Furthermore the candidate should understand how digital certificates are used to associate cryptographic keys with individual persons and organizations.

Key Knowledge Areas:

  • Understanding of the principles of symmetric, asymmetric and hybrid cryptography
  • Understanding of the principle of Perfect Forward Secrecy
  • Understanding of the principles of hash functions, ciphers and key exchange algorithms
  • Understanding of the differences between end-to-end encryption and transport encryption
  • Understanding of the principles of Public Key Infrastructures (PKI), Certificate Authorities and Trusted Root-CAs
  • Understanding of the principles X.509 certificates
  • Understanding of how X.509 certificates are requested and issued
  • Understanding of important X.509 fields (Subject, Issuer, Validity, Subject Alternative Name)
  • Awareness of Let’s Encrypt
  • Awareness of most important cryptographic algorithms (RSA, AES, MD5, SHA-256, Diffie–Hellman key exchange, Elliptic Curve Cryptography)

Partial list of the used files, terms and utilities:


022.2 Web Encryption (weight: 2)

Weight

2

Description

The candidate should understand the principle of HTTPS. This includes verifying the identity of existing websites and understanding common browser error messages.

Key Knowledge Areas:

  • Understanding of the major differences between plain text protocols and transport encryption
  • Understanding of the principle of HTTPS
  • Understanding of important fields in X.509 certificates for the use with HTTPS
  • Understanding of how X.509 certificates are associated with a specific web site
  • Understanding of the validity checks web browsers perform on X.509 certificates
  • Determining whether or not a website is encrypted, including common browser messages

Partial list of the used files, terms and utilities:


022.3 Email Encryption (weight: 2)

Weight

2

Description

The candidate should understand the principle of OpenGPG and S/MIME for email encryption. This includes handling one’s own and foreign OpenGPG keys and S/MIME certificates as well as sending and receiving encrypted emails.

Key Knowledge Areas:

  • Understanding of email encryption and email signatures
  • Understanding of OpenGPG
  • Understanding of S/MIME
  • Understanding of the role of OpenGPG key servers
  • Understanding of the role of certificates for S/MIME
  • Using Mozilla Firefox to send and receive encrypted email using OpenGPG and S/MIME

Partial list of the used files, terms and utilities:


022.4 Data Storage Encryption (weight: 2)

Weight

2

Description

The candidate should understand the principles of file encryption, storage media encryption. Furthermore, the candidate should be able to encrypt data stored on local storage devices and in the cloud.

Key Knowledge Areas:

  • Understanding of the principles of data, file and storage device encryption
  • Using VeraCrypt to store data in a container or an encrypted storage devices
  • Using Cryptomator to encrypt files stored in the cloud
  • Awareness of Bitlocker

Partial list of used files, terms and utilities:


023 Node, Device and Storage Security

023.1 Hardware Security (weight: 2)

Weight

2

Description

The candidate should understand security aspects of hardware. This includes understanding the various types of computer devices as well as their major components. Furthermore, the candidate should understand the security implications of various devices that interact with a computer.

Key Knowledge Areas:

  • Understanding of the functionality of major components of a computer
  • Understanding of the functionality of tablets, smartphones, smart tvs, routers, printers smart home, alarm, and IoT devices (light bulbs, thermostats, TVs, …)
  • Understanding of the security implications of physical access to a computer
  • Understanding of security implications of USB devices
  • Understanding of security implications of Bluetooth devices
  • Understanding of security implications of RFID devices
  • Awareness of Trusted Computing

Partial list of used files, terms and utilities:


023.2 Application Security (weight: 2)

Weight

2

Description

The candidate should understand the security aspects of software. This includes managing software updates, protecting software from remote access and understanding how to security install software.

Key Knowledge Areas:

  • Understanding of updates for firmware, operating systems and applications
  • Understanding of the concepts of local packet filters, endpoint firewalls and application layer firewalls
  • Understanding of various sources for applications and ways to securely procure and install software
  • Understanding of sources for mobile applications
  • Understanding of common security vulnerabilities in software (buffer overflows, SQL injections)

Partial list of used files, terms and utilities:


023.3 Malware (weight: 3)

Weight

3

Description

The candidate should understand the principle of various types of malware. This includes understanding of how they are installed on a device, what effects they cause and how to protect against malware.

Key Knowledge Areas:

  • Understanding of various types of malware (virus, ransomware, trojan horses, adware, cryptominers)
  • Understanding of various types of spying (file copy, keylogging, camera and microphone hijacking)
  • Awareness of the risk of data and address books copies
  • Understanding of the principle of rootkit and remote access
  • Understanding of keyloggers
  • Understanding of virus and malware scanners

Partial list of used files, terms and utilities:


023.4 Data Availability (weight: 2)

Weight

2

Description

The candidate should be able to ensure the availability of their data. This includes storing data in appropriate devices and services as well as creating backups.

Key Knowledge Areas:

  • Understanding of data access and sharing in the cloud
  • Awareness of the dependence on internet connection and the synchronization of data between cloud services and local storage
  • Creating and securely storing backups (full, differential, incremental backups, backup retention)
  • Understanding of the security implications of backups
  • Understanding of the security implications of cloud storage and shared access in the cloud


Partial list of used files, terms and utilities


024 Network and Service Security

024.1 Networks, Network Services and the Internet (weight: 4)

Weight

4

Description

The candidate should understand how devices are connected to a local network and which threats result from physical media access. Furthermore, candidates should be able to securely connect to a wireless network.

Key Knowledge Areas:

  • Understanding of the principles behind IP networks and the Internet
  • Understanding of the principles behind MAC and link-layer addresses, IP addresses, protocols and ports
  • Understanding of the principles behind routing and network providers
  • Understanding of the various types of network media (wired, WiFi and cellular)
  • Understanding of the principles of the Domain Name System (DNS)
  • Understanding of the principle of cloud computing

Partial list of used files, terms and utilities:

  • IPv4, IPv6
  • TCP, UDP, ICMP
  • Default Router


024.2 Network and Internet Security (weight: 3)

Weight

3

Description

The candidate should understand the principle of the Internet and routed networks. This includes understanding how connections to cloud services are established and understanding common threats against services on the Internet.

Key Knowledge Areas:

  • Understanding of the implications of media / link layer access
  • Understanding of the risk of unencrypted / Public WiFi
  • Understanding and using of WiFi security and encryption
  • Understanding of the principle of traffic interception
  • Understanding of the concept of Man in the Middle attacks
  • Understanding of the principle of DoS and DDoS attacks
  • Understanding of the principle of botnets
  • Understanding of the principle of packet filtering

Partial list of the used files, terms and utilities:


024.3 Network Encryption and Anonymity (weight: 3)

Weight

3

Description

The candidate should understand the principle of virtual private networks. This includes using a VPN provider to encrypt transmitted data. Candidates should understand about the anonymity of the Internet and TOR.

Key Knowledge Areas:

  • Understanding of virtual private networks
  • Understanding of the role of a VPN provider
  • Understanding of the principles of end-to-end encryption
  • Awareness of TOR and the Darknet
  • Awareness of crypto currencies and their anonymity aspects

Partial list of used files, terms and utilities:


025 Identity and Privacy

025.1 Identity and Authentication (weight: 3)

Weight

3

Description

The candidate should understand various concepts on how to prove their identity when using services on the internet. This includes using a password manager and multi factor authentication as well as being aware of common threats against individual identities.

Key Knowledge Areas:

  • Understanding of the principles of authentication, authorization and accounting
  • Understanding of the characteristics of secure password (length, special characters, change frequencies, complexity)
  • Using a password manager (keepass2)
  • Understanding of the differences between online and offline password managers
  • Understanding of the principle of security questions and account recovery tools
  • Understanding of the principle of multifactor factor authentication, including common factors
  • Understanding of the principle of single sign on (SSO) and social media logins
  • Understanding of the role of email accounts for IT security
  • Monitoring own accounts for password leaks (Search engine alerts for own usernames, password leak checkers)
  • Understand how passwords are stored (hashing and salting)
  • Understand common attacks against passwords (brute force attacks, directory attacks, rainbow tables)
  • Understanding of the security aspects of online banking and credit cards

Partial list of used files, terms and utilities:


025.2 Information Confidentiality and Secure Communication (weight: 2)

Weight

2

Description

The candidate should be able to keep confidential information as well as communication contents secret. This includes recognizing attempts of Phishing and social engineering, as well as using secret and safe ways of communication.

Key Knowledge Areas:

  • Understanding of Phishing
  • Understanding of Social Engineering
  • Understanding the principles of email spam filters
  • Understanding the principle of scamming and scareware
  • Handling of received email attachments
  • Sharing information securely and responsibly using email cloud shares and messaging services
  • Using encrypted instant messaging
  • Understanding the implications of data leaks
  • Understanding the concepts and risks of identity theft

Partial list of the used files, terms and utilities:


025.3 Privacy Protection (weight: 2)

Weight

2

Description

The candidate should understand the importance of the confidentiality of personal information. This includes managing privacy settings in various services as well as being aware of common threats against personal information.

Key Knowledge Areas:

  • Understanding of the importance of personal information
  • Understanding of the concepts of information gathering and profiling
  • Understanding of how personal information can be used for a malicious purpose (e.g. stalking or cybermobbing)
  • Understanding of the principle of cookies and tracking
  • Using an Ad Blocker
  • Configuring profile privacy settings on social media platforms and online services
  • Managing contacts and privacy settings on social networks
  • Understanding of the risk of publishing personal information
  • Understanding of the rights regarding information about own personal information (such as GDPR for companies based in Europe)

Partial list of the used files, terms and utilities:


Retrieved from "https://wiki.lpi.org/w/index.php?title=Security_Essentials_Objectives_V1.0_TMP&oldid=5636"