CompTIA Security+ (SY0-601): Automation

The automation of multiple steps in a deployment process

Orchestration is the automation of the automations

Continuous Integration/Continuous Deployment 4 Stages:

Development
Testing/Integration
Staging
Production

Code is constantly written & merged to central repository
Devs can work seamlessly without stepping on each other’s toes
Helps ensure the app builds correctly & doesn’t introduce new issues

Continuous integration detects and resolves development conflicts early and often

Focuses on automated testing of code in order to get it ready for release
Automate the testing process
Automate the release process

Goes through all tests, requirements, and validations to get ready for staging/deployment
Can involve packaging build into .exe or .iso

Automatically deploy to production
No human integration or manual checks
Could be deployed into cloud environment

Continuous deployment focuses on automated testing and release of code in order to get it into the production environment more quickly

Can deploy everything for staging, and then bring into production

An organizational culture shift that combines software development and systems operations by referring to the practice of integrating the two disciplines within a company

Operations and developers can build, test, and release software faster and more reliably

A combination of software development, security operations, and systems operations by integrating each discipline with the others

DevSecOps utilizes a shift-left mindset
• Integrate security from the beginning
• Test during and after development
• Automate compliance checks

Infrastructure as Code:
A provisioning architecture in which deployment of resources is performed by scripted automation and orchestration

IaC allows for the use of scripted approaches to provisioning infrastructure in the cloud

Snowflake System:
Any system that is different in its configuration compared to a standard template within an infrastructure as code architecture
Lack of consistency leads to security issues and inefficiencies in support

A property of IaC that an automation or orchestration action always produces the same result, regardless of the component’s previous state

IaC uses carefully developed and tested scripts and orchestration runbooks to generate consistent builds

Artificial Intelligence:
The science of creating machines with the ability to develop problem solving and analysis strategies without significant human direction or intervention

Machine Learning:
A component of AI that enables a machine to develop strategies for solving a task given a labeled dataset where features have been manually identified but without further explicit instructions

Machine learning is only as good as the datasets used to train it

Artificial Neural Network:
An architecture of input, hidden, and output layers that can perform algorithmic analysis of a dataset to achieve outcome objectives

A machine learning system adjusts its neural network to reduce errors and optimize objectives

A refinement of machine learning that enables a machine to develop strategies for solving a task given a labeled dataset and without further explicit instructions

Deep learning uses complex classes of knowledge defined in relation to simpler classes of knowledge to make more informed determinations about an environment

Machine learning can interpret big data to identify the invisible

Attacker will add their own fake telemetry to convince AI that malware is benign

Software-Defined Visibility:
You must see traffic to secure the data
React & respond

Dynamic deployments include security & network visibility devices
NGFW, SIEM, WAF

Data is encapsulated & encrypted

SDV can provide visibility to traffic flows
Identify & react to threats

Check for a particular event, then react

Automatically validate a configuration before going live

Perform ongoing automated checks