CySA+
  • CySA+ CS0-002 Exam Objectives
  • Threat Intelligence Cycle
  • Intelligence Sources
  • Security Intelligence Sharing
  • Threat Classification and Threat Actors
  • Threat Research and Indicators of Compromise
  • Attack Frameworks and The Cyber Kill Chain
  • Defining Threat Modeling and Threat Hunting
  • Vulnerability Identification and Validation
  • Vulnerability Scan Results and CVSS Scores
  • Nmap and Enumeration
  • Security Controls
  • Defense in Depth Security Baselines
  • Security Trend Analysis
  • Remediation Issues
  • Asset, Change, and Configuration Management
  • Software Development Lifecycle & Development Models
  • Software Assessment and Code Review
  • Mitigating Attack Types Part 1
  • Mitigating Attack Types Part 2
  • Mitigating Attack Types Part 3
  • Password Cracking and Hashing
  • Privilege Escalation & Man-in-the-Middle
  • Network Based IoCs
  • Host Based IoCs
  • Network Architecture and Segmentation
  • Network Traffic, Packet, and Protocol Analysis
  • Pentesting and Active Defense
  • Firewalls
  • URL Analysis & DNS in Malware
  • Network Access Control and Port Security
  • Identity and Access Management (IAM)
  • Web Application Scanners
  • SSL/TLS Digital Certificate Management
  • Mobile Threats
  • Email Threats and Mitigation
  • Data Loss Prevention (DLP)
  • Endpoint Security and Behavior Analysis
  • Hardware Assurance
  • Blackholes and Sinkholes
  • IoT, Embedded Systems & ICS/SCADA Threats
  • Log Analysis & Continuous Security Monitoring
  • SIEM and Event Correlation
  • Malware Analysis
  • Cloud Models and Service Threats
  • Cloud Automation and Other Cloud Threats
  • VDI, Containers, and Microservices
  • CI/CD, IaC, DevOps
  • AI and Machine Learning
  • Digital Forensics
  • Technical Controls for Securing Data
  • Non-Technical Controls for Securing Data
  • Security Policies and Procedures
  • Continuity Planning and Risk Assessment
  • Incident Response Phases and Communication
Powered by GitBook
On this page

SSL/TLS Digital Certificate Management

  • CA – Certificate Authority. Issues certificates

  • CA needs to be trusted by all parties involved

  • Root CA certificates pre-installed on devices

  • Use cases:

    • Verify identity.

    • Non-repudiation.

    • Electronic signatures

    • Encryption

  • Certmgr.msc in Windows

  • Sysinternals SigCheck

  • Certificate stores built into browsers

  • Certificate.transparency.dev

  • Special Certificate Types

    • SAN – Subject Alternative Name. Use same certificate for multiple services.

    • Wildcard Certificate – Covers subdomains

  • Certificate Management Tasks

    • Install, update, validate root certificates

    • Install update, revoke user and machine certificates

    • Manage self-signed certificates

    • Revoke untrusted certs ASAP

    • Check certificate status:

      • CRL (certificate revocation list)

      • OCSP (Online certificate status protocol)

    • Utilities: openssl (linux) and certutil (windows)

  • SSL and TLS

    • Widely used in security web traffic (HTTPS), but any protocol is supported

    • Certificate required on the server

    • SSL 3.0 became TLS 1.0

    • Only TLS is safe to use (1.2 or 1.3)

    • Careful with downgrade attacks

  • Certutil -store

    • Windows command to list certiifcates

  • Digicert ssl tools

PreviousWeb Application ScannersNextMobile Threats

Last updated 2 years ago