4.3 Modify enterprise capabilities
📘CompTIA Security+ (SY0-701)
1. Secure Protocols
In any enterprise network, data constantly moves between computers, servers, and devices. Secure protocols are rules for sending data safely, so attackers cannot easily read or change the information.
Here’s what you need to know:
Key Secure Protocols
| Protocol | Use | Security Feature |
|---|---|---|
| HTTPS (Hypertext Transfer Protocol Secure) | Secures websites | Uses TLS/SSL encryption so that web traffic is private. |
| SSH (Secure Shell) | Remote administration | Encrypts commands sent to servers, replacing older insecure protocols like Telnet. |
| SFTP (Secure File Transfer Protocol) | Secure file transfers | Encrypts files during transfer, unlike FTP which sends data in clear text. |
| FTPS | File transfer with SSL/TLS | Similar to SFTP but adds encryption to traditional FTP. |
| TLS/SSL | Encryption for data in transit | Ensures email, web, or other protocols are encrypted. Example: HTTPS uses TLS. |
| SNMPv3 | Device management | Secures network monitoring, encrypts data, and adds authentication (v1 and v2 are insecure). |
| IPsec | Network-level encryption | Protects data between networks, often used in VPNs. |
| DNS over HTTPS (DoH) / DNS over TLS (DoT) | Secures DNS requests | Encrypts domain name lookups to prevent attackers from seeing which websites users visit. |
| SMTPS / IMAPS / POP3S | Secure email protocols | Encrypts email in transit to prevent eavesdropping. |
Important Exam Points
- Use encryption whenever possible—unencrypted protocols like HTTP, FTP, Telnet are vulnerable.
- Recognize which protocols replace insecure versions (SSH vs Telnet, SFTP vs FTP, HTTPS vs HTTP).
- Know the difference between data in transit (moving between devices) and data at rest (stored on disk). Secure protocols protect data in transit.
2. DNS Filtering
DNS (Domain Name System) is like the internet’s phone book: it converts domain names (like example.com) into IP addresses that computers can understand.
DNS filtering is a security measure that blocks access to malicious websites or domains before the user even connects to them.
How it Works
- A user requests
example.com. - The DNS filter checks the domain against a blocklist of dangerous or inappropriate sites.
- If the domain is safe, the user proceeds; if not, access is blocked or redirected.
Types of DNS Filtering
- Security filtering: Blocks malware, phishing, ransomware sites.
- Content filtering: Blocks sites by category (e.g., adult content, social media) for compliance.
- Policy-based filtering: Blocks specific domains based on company policies.
Benefits for an Enterprise
- Stops malware before it reaches users’ devices.
- Reduces phishing attacks.
- Helps enforce company internet usage policies.
- Works even for devices without antivirus installed.
Examples of DNS Filtering
- Enterprise-level DNS filters like Cisco Umbrella, Cloudflare Gateway, or internal DNS solutions.
- Blocking
badsite.comto prevent ransomware download.
Exam Tips
- Remember the secure protocol replacements:
- HTTPS instead of HTTP
- SFTP instead of FTP
- SSH instead of Telnet
- SNMPv3 instead of SNMPv1/2
- DNS filtering is proactive—it blocks threats at the DNS level, even before malware reaches a device.
- TLS and SSL are about encryption—know that TLS is the newer, safer version of SSL.
- Know the difference between protocol-level security (SSH, HTTPS) and network-level or enterprise-wide security (DNS filtering).
✅ Summary in simple terms:
- Secure protocols = rules for safe communication (encrypts data, prevents eavesdropping).
- DNS filtering = a “gatekeeper” for internet requests that blocks bad or unsafe sites before they reach users.
These two tools are key enterprise security measures. Protocols secure your data in transit, while DNS filtering prevents users from accessing dangerous content. Both are tested in SY0-701 under enterprise capabilities.
