CompTIA has updated the requirements for the CASP exam. They have added some equipment and vendor specific products. The CASP exam is going to cover a lot of advanced security topics. Exam candidates will need to have basic knowledge of vendor specific tools and technologies as well as common protocols which includes IPv4, IPv6, and TCP.
Security professionals will need to know about TCP flags. The TCP flags occupy a one-byte field in the 20-byte TCP header. There are at least six flags you should have a basic understanding of for the exam; these include URG, ACK, PUSH, RST, SYN, FIN. A basic definition of the flags are listed here:
URG – Used when the Urgent pointer field is significant
ACK – Indicates that the Acknowledgment field is significant
PSH – Push function
RST – Reset the connection
SYN – Synchronize sequence numbers
FIN – Completion of the session
This knowledge may be required for the CompTIA CASP Certification Exam and will be helpful for CEHv7. One way to remember these flags is the easy mnemonic below:
Unskilled – URG
Attackers – ACK
Pester – PSH
Real – RST
Security – SYN
Folks – FIN
Understanding the function of each TCP flag is an essential skill for security professionals. Knowledge of the flags is useful for analyzing performance problems and for techniques such as port scanning. I hope this small tip helps you as you move toward your next certification.