Chapter 4. Assessments and Audits

CompTIA Security+ exam objectives covered in this chapter include the following:

  • 4.1 Conduct risk assessments and implement risk mitigation.

  • 4.2 Carry out vulnerability assessments using common tools.

    • Port scanners

    • Vulnerability scanners

    • Protocol analyzers

    • OVAL

    • Password crackers

    • Network mappers

  • 4.3 Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning.

  • 4.4 Use monitoring tools on systems and networks and detect security-related anomalies.

    • Performance monitor

    • Systems monitor

    • Performance baseline

    • Protocol analyzers

  • 4.5 Compare and contrast various types of monitoring methodologies.

    • Behavior-based

    • Signature-based

    • Anomaly-based

  • 4.6 Execute proper logging procedures ...

Get CompTIA Security+™: Review Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial