Reid's Wiki
http://wiki.reidsherman.com/
2026-06-11T22:09:12+00:00Reid's Wiki
http://wiki.reidsherman.com/
http://wiki.reidsherman.com/_media/wiki:dokuwiki.svgtext/html2026-06-11T18:04:17+00:00reidjs (reidjs@undisclosed.example.com)networking_ports - created
http://wiki.reidsherman.com/networking_ports?rev=1781201057&do=diff
Network Ports
Port Network Process Protocol 20 ftp - data tcp 21 ftp - control tcp 22 ssh (secure shell) tcp 23 telnet tcp 25 smtp tcp 53 dns tcp & udp 80 http tcp 443 https tcp
udp is used for dns because it is faster, doesn't require the 3 way handshake that tcp requirestext/html2026-06-11T18:03:56+00:00reidjs (reidjs@undisclosed.example.com)comptia_security - [Networking]
http://wiki.reidsherman.com/comptia_security?rev=1781201036&do=diff
Security+ Exam
<https://www.professormesser.com/security-plus/sy0-701/sy0-701-video/sy0-701-comptia-security-plus-course/>
General Security Concepts
Security Controls
CIA Triad
non-repudiation
Authentication, Authorization, and Accounting
Gap Analysis
Zero Trust
Deception and Disruption
Change Management
Public Key Infrastructure
Encryption
Blockchain
Certificates
Threats, Vulnerabilities, Mitigation
Threat Actors
Threat Vectors
Incident Response
Phishing
Watering Hole Attackā¦text/html2026-06-11T18:03:09+00:00reidjs (reidjs@undisclosed.example.com)ports
http://wiki.reidsherman.com/ports?rev=1781200989&do=diff
Network Ports
Port Network Process Protocol 20 ftp - data tcp 21 ftp - control tcp 22 ssh (secure shell) tcp 23 telnet tcp 25 smtp tcp 53 dns tcp & udp 80 http tcp 443 https tcp
udp is used for dns because it is faster, doesn't require the 3 way handshake that tcp requirestext/html2026-06-11T17:56:18+00:00reidjs (reidjs@undisclosed.example.com)security_controls
http://wiki.reidsherman.com/security_controls?rev=1781200578&do=diff
Security Controls
Systems put in place to keep people from getting access to resources they shouldn't have access to.
Tracking whether or not the systems have been accessed
Preventative: limits access to the resource
Deterrent: disincentivizing people from accessing a resource through consequences, threats, warnings, etctext/html2026-06-11T17:51:26+00:00reidjs (reidjs@undisclosed.example.com)on_path_attack - created
http://wiki.reidsherman.com/on_path_attack?rev=1781200286&do=diff
On Path (Man in the Middle)
a malicious person positions themself between two communicating devices or systems. Allows the attacker to intercept all data being exchanged in real time without either party realizing it.text/html2026-06-09T23:50:18+00:00reidjs (reidjs@undisclosed.example.com)incident_response
http://wiki.reidsherman.com/incident_response?rev=1781049018&do=diff
Incident Response
Six steps
* 1. prepare: establish a formal incident response plan
* 2. identify: monitor network and system events, correlate alerts, and detect anaomalous behavior to confirm if a security incident has occurred
* 3. contain: isolate compromised systems to stop the attack from spreadingtext/html2026-06-09T23:46:00+00:00reidjs (reidjs@undisclosed.example.com)remote_access_trojan_rat
http://wiki.reidsherman.com/remote_access_trojan_rat?rev=1781048760&do=diff
Remote Access Trojan RAT
a type of malware that provides the attacker with administrative control and covert surveillance of the infected device
often used for keyloggingtext/html2026-06-09T23:45:54+00:00reidjs (reidjs@undisclosed.example.com)rat
http://wiki.reidsherman.com/rat?rev=1781048754&do=diff
remote_access_trojan_rattext/html2026-06-09T23:45:21+00:00reidjs (reidjs@undisclosed.example.com)list_of_security_plus_acronyms
http://wiki.reidsherman.com/list_of_security_plus_acronyms?rev=1781048721&do=diff
Key Security+ Acronyms and Definitions
<https://zerotomastery.io/cheatsheets/security-plus-cheat-sheet/>
AAA (Authentication, Authorization, and Accounting) - a security framework that ensures only authorized individuals are able to access resources.
ABAC (Attribute Based Access Control) - evaluates attributes to determine the access.text/html2026-06-09T23:42:29+00:00reidjs (reidjs@undisclosed.example.com)rootkit
http://wiki.reidsherman.com/rootkit?rev=1781048549&do=diff
Rootkit
Malware that hides in the kernel of the operating system
Very hard to find because it won't show up as a separate process
To mitigate, some UEFI BIOS options allow you to run in secure boot, where the cryptographic signature is compared to ensure integritytext/html2026-06-09T23:39:45+00:00reidjs (reidjs@undisclosed.example.com)logic_bomb - created
http://wiki.reidsherman.com/logic_bomb?rev=1781048385&do=diff
Logic Bomb
Malware that waits for a specific event, like a datetime, or a user to login, before activatingtext/html2026-06-09T20:52:38+00:00reidjs (reidjs@undisclosed.example.com)scada - created
http://wiki.reidsherman.com/scada?rev=1781038358&do=diff
SCADA (Supervisory Control and Data Acquisition)
a combination of software and hardware elements that lets industrial organizations monitor, gather, process, and control data in real-time. It acts as the central nervous system for manufacturing, utilities, and critical infrastructure, allowing operators to oversee complex operations from a central locationtext/html2026-06-09T20:11:47+00:00reidjs (reidjs@undisclosed.example.com)replay_attack - created
http://wiki.reidsherman.com/replay_attack?rev=1781035907&do=diff
Replay Attack
Cyber threat where an attacker intercepts a data transmission and maliciously resends or delays ittext/html2026-06-09T20:09:44+00:00reidjs (reidjs@undisclosed.example.com)race_conditions
http://wiki.reidsherman.com/race_conditions?rev=1781035784&do=diff
Race Condition
Occurs in a program when multiple threads or processes access shared data simultaneously and the final outcome depends on the unpredictable order that the scheduler executes themtext/html2026-06-09T20:07:51+00:00reidjs (reidjs@undisclosed.example.com)dns_poisoning
http://wiki.reidsherman.com/dns_poisoning?rev=1781035671&do=diff
DNS Poisoning
Also known as DNS Cache Poisoning or DNS Spoofing
Cyberattack where fraudulent data is injected into the DNS Cache, redirecting traffic from legit websites to frauds
read more:
<https://www.logicmonitor.com/deep-dive/dns-monitoring/dns-poisoning-attacks>text/html2026-06-09T19:12:08+00:00reidjs (reidjs@undisclosed.example.com)eap - created
http://wiki.reidsherman.com/eap?rev=1781032328&do=diff
Extensible Authentication Protocol
An authentication framework used in network and internet connectionstext/html2026-06-09T19:10:33+00:00reidjs (reidjs@undisclosed.example.com)802.1x
http://wiki.reidsherman.com/802.1x?rev=1781032233&do=diff
802.1x
International standard for port-based Network Access Control (NAC)
Forces devices to prove their identity before connecting to a wired or wireless network, preventing unauthorized accesstext/html2026-06-09T19:02:05+00:00reidjs (reidjs@undisclosed.example.com)dkim - created
http://wiki.reidsherman.com/dkim?rev=1781031725&do=diff
Domain Keys Identified Mail DKIM
Using a digital key to guarantee that an email was sent by you and was not altered in transittext/html2026-06-09T19:01:03+00:00reidjs (reidjs@undisclosed.example.com)spf - created
http://wiki.reidsherman.com/spf?rev=1781031663&do=diff
SPF Sender Policy Framework
Verifies who is allowed to send emails on behalf of a domaintext/html2026-06-09T18:58:23+00:00reidjs (reidjs@undisclosed.example.com)mttr - created
http://wiki.reidsherman.com/mttr?rev=1781031503&do=diff
MTTR Mean Time To Repair
Performance metric used in DevOps and IT to measure average time to troubleshoot, fix, repair systems