Objective:
This section contains six domain practice reviews related to the CompTIA ITF Practice Exam Domains:
The domain practices:
- Have 20 questions per domain review
- Are randomly generated
- Have no time limit
- Are not pass/fail
- Have a percentage score at the end of the session
- Recommend an 80% passing score.
Links:
Topics Discussed:
- Section 2.1: The Internet
- Section 2.4: Networking Standards and Protocols
- Section 2.5: Application Delivery
- Section 4.2: Data
- Section 4.3: Threats to Data
- Section 4.4: Security Concepts
- Section 4.5: Personal Data and Device Security
- Section 4.6: Corporate Data Security
Assignment:
- Access the TestOut Courseware through the provided link.
- Review Sections 2.1, 2.4, 2.5, 4.2, 4.3, 4.4, 4.5 and 4.6, and take the 20 question A.2.6 practice test. Your goal is to achieve a score of 80% or higher on the practice test.
- After you finish, you may review each question by selecting the Individual Responses option, then return to the relevant section in the course to review the instructional material.
- Retake the practice test after reviewing the material to make progress towards and achieve the 80% passing score before the end of day on Friday of this week.
- We will take a comprehensive practice test covering all six of the CompTIA Exam Objective Domains on Tuesday of next week. Use these six practice tests as your review resources to identify gaps in your knowledge, and re-read the relevant chapters to fill these gaps and prepare for Tuesday’s comprehensive practice test.
Assigned: February 13th, 2020
Teacher Pacing Due Date: February 14th, 2020
Objective
- Students will be able to encrypt and decrypt messages using the Caesar Cipher so they can develop a basic understanding of cryptography principles.
Links:
Topics Discussed:
- Cryptography
- Caesar Cipher
- Shift Cipher
- Keywords
Assignment:
- Follow along with the in-class demonstration to learn how the Caesar Cipher (also known as the Shift Cipher) works, and how you can use it to encode and decode text messages.
- Follow the Instructable to learn how keywords can be incorporated with this cipher to make it more difficult to decrypt.
- I have placed 8 encrypted messages around the perimeter of the room. Work together to decrypt them all! Submit a Google Doc to my Google Classroom page with the decrypted messages by the end of the day tomorrow.
- Some of the decrypted messages lead to treasure! The first to decode each message gets the goods!
- Remember, you may work together, but each student must submit their own original document to the Google Classroom page by tomorrow to receive credit for the lab. Don’t put more than one name on your document, and don’t submit someone else’s document as your own!
Assigned: January 21st, 2020
Due Date: January 22nd, 2020
Objective:
This section introduces you to basic security concepts, including authentication, authorization, accounting, and encryption. After finishing this section, you should be able to:
- Describe
the most common authentication types and when to use them.
- Explain
the purpose of multifactor authentication.
- Describe
various models for creating and maintaining access control lists.
- Explain
why access control frameworks need to keep track of who gains access to the system.
- Describe
the basics of data encryption.
Links:
Key Terms:
- Type 1 Authentication A type of authentication that requires the user to provide something that they know, such as a password or PIN.
- Type 2 Authentication A type of authentication that requires the user to provide something that they have, such as a key, fob, electronic chip, or smart card.
- Type 3 Authentication A type of authentication that requires the user to provide something that they are, such as a fingerprint, handprint, retinal pattern, face, or voice.
- Multifactor Authentication Authentication that requires two or more evidences of authentication, usually of different types.
- Single Sign-on A method of authenticating with one system to gain access to other related systems.
- Discretionary Access Control (DAC) A type of access control where a user has complete control over a resource, and also determines the permissions other users have to those resources.
- Role-based Access Control (RBAC) A type of access control that restricts access based on the user’s role in an organization.
- Mandatory Access Control (MAC) A type of access control that historically was associated with multilevel security and military systems and may use a security clearance to restrict access to resources. The security manager controls the security policy, and users aren’t able to override the policy.
- Accounting The process of keeping track of user activity while attached to a system.
- Logging The capturing and storing of computer and user events.
- Non-repudiation The ability to ensure that someone can’t deny that they performed a certain act.
- Caesar Cipher An early example of encryption used by Julius Caesar to send confidential military messages.
- Data at Rest Data in a persistent storage medium, such as a hard drive or optical disc.
- Data in Transit Data that are being transported from one device to another, whether by radio, electrical, or light signals.
Topics Discussed:
- What
are the most common and the most secure ways to authenticate a person to a
computer or a network?
- How
do information systems assign access control permissions to particular users?
- When
is it important to use different types of data encryption?
Assignment:
- Access the TestOut Courseware through the provided link.
- Study Section 4.4: Security Concepts, and achieve a score of 80% or higher on the 15 question Exam to complete the Section.
Assigned: January 16th, 2020
Teacher Pacing Due Date: January 17th, 2020
It's dangerous to go alone!
