Final Exam Review, Fall 2018

I compiled these by going through the slides and basically outline-formatting them. This is a structure to help guide you – it is not an all-inclusive guide.

If I make substantial updates to this guide, I will write about it on the #final_guide_changelog slack channel

Let’s use the #final_exam_prep slack channel for q & a about things on this guide.

Introduction to the class

Threat Modeling

Cryptography – Symmetric Encryption and Hashing

Cryptography – Supplemental

Cryptography – Asymmetric

Cryptography – Digital Certificates

Authentication and Passwords

Password Cracking

Vulnerability Scanning

Exploitation

Hardening

Physical Security

Human Element

Network Security Monitoring

Information Security in Organizations

Malware Analysis

XSS

SQLi

Security and Terrorism

Information Privacy

Number One Priorities if you are in charge of infosec in an organization

  1. Monitor first (NSM) <== most number 1
  2. Implement and manage patch management
  3. Implement and manage backup solution
  4. Remind yourself every day to not roll your own crypto (put picture of dvd john on your cubicle and in your wallet)