Network segmentation
Network segmentation is a really important topic to understand for IT in general, but also for security. As we deploy resources in our networks, creating…
Tag: CompTIA Security+
Jump servers (aka bastion hosts)
One of the challenges with having network segmentation is that it not only prevents attackers from accessing private networks and private resources, but it also…
Bluesnarfing and Bluejacking
Studying for the Security+ exam? Here’s a quick and easy read for a topic covered in the exam objectives. What is bluesnarfing? If you were…
Biometrics techniques and concepts for authentication
We talked about how biometrics can be used for multifactor authentication in order to verify someone’s identity. Biometric authentication refers to something you are (as…
Key stretching concepts and algorithms
One of the best ways to make a password strong is to make it long. The longer the password is, the harder it is to…
Hashing use cases
In practice, what is hashing used for? How is it being used in the real world? Let’s take a look at a few common hashing…
Hash Tables, Rainbow Table Attacks, and Salts
As we talked about, applications that properly handle passwords don’t actually store the passwords themselves in databases, but instead, store hashes of passwords. That’s why…
Multifactor authentication (MFA) factors and attributes
Password-based authentication has been proven time and time again to be a vulnerable form of authentication. One of the best defenses is using Multifactor Authentication,…
Encrypted versus hashed passwords. What’s the difference?
As you study for the CompTIA Security+ exam, it’s important that you understand the differences between plaintext, encrypted, and hashed passwords. It’s common to hear…
What to know about vulnerability scans for the Security+ exam
Regularly auditing systems for potential vulnerabilities is an important part of securing an organization’s environments, systems, and applications. One of the ways that we can…