Veze, linkovi
Kompjuter biblioteka
Korpa
CompTIA Security+: SY0-601 Certification Guide - Second Edition

Zaštita i sigurnost Zaštita i sigurnost

CompTIA Security+: SY0-601 Certification Guide - Second Edition

Autor: Ian Neil
Broj strana: 516
ISBN broj: 9781800564244
Izdavač: PACKT PUBLISHING PACKT PUBLISHING
Godina izdanja: 2021.

Pregleda (30 dana / ukupno): 2365 / 3390

                 
Twitter   Facebook   Linkedin   Pinterest   Email
                 
Predlog za prevod

 

The CompTIA Security+ certification confirms that you have the fundamental knowledge required to perform core security functions and pursue a career in IT security. Authored by Ian Neil, a world-class CompTIA Security+ 601 trainer, this book is a best-in-class study guide that fully covers the CompTIA Security+ 601 exam objectives.

Complete with self-assessment scenarios and realistic exam questions, this guide will help you master the core concepts to pass the exam the first time you take it. With the help of relevant examples, you'll learn about fundamental security concepts, from certificates and encryption to identity and access management (IAM). You'll then delve into the important domains of the exam, namely, cloud security, threats, attacks and vulnerabilities, technologies and tools, architecture and design, risk management, and cryptography and public key infrastructure (PKI). This book comes with over 600 practice questions with detailed explanations and includes two mock exams to help you test yourself.

By the end of this book, you will understand the application of core Security+ concepts in the real world and be ready to take the exam with confidence.

Table of contents

CompTIA Security+: SY0-601 Certification Guide

Second Edition

 

Section 1: Security Aims and Objectives

Chapter 1: Understanding Security Fundamentals

  • Security Fundamentals
  • CIA Triad Concept
  • Least Privilege
  • Defense in Depth Model
  • Comparing Control Types
  • Managerial Controls
  • Operational Controls
  • Technical Controls
  • Deterrent Controls
  • Detective Controls
  • Corrective Controls
  • Compensating Controls
  • Preventative Controls
  • Access Controls
  • Discretionary Access Control
  • Mandatory Access Control
  • Role-Based Access Control
  • Rule-Based Access Control
  • Attribute-Based Access Control
  • Group-Based Access Control
  • Linux-Based Access Control
  • Physical Security Controls
  • Perimeter Security
  • Building Security
  • Device Protection
  • Understanding Digital Forensics
  • Five-Minute Practical
  • Collection of Evidence
  • Cloud Forensics
  • Review Questions

Chapter 2: Implementing Public Key Infrastructure

  • PKI Concepts
  • Certificate Hierarchy
  • Certificate Trust
  • Certificate Validity
  • Certificate Management Concepts
  • Types of Certificates
  • Asymmetric and Symmetric Encryption
  • Encryption Explained
  • Digital Signatures Explained
  • Cryptography Algorithms and Their Characteristics
  • Symmetric Algorithms
  • Asymmetric Algorithms
  • Symmetric versus Asymmetric Analogy
  • XOR Encryption
  • Key Stretching Algorithms
  • Cipher Modes
  • Stream versus Block Cipher Analogy
  • Modes of Operation
  • Quantum Computing
  • Blockchain and the Public Ledger
  • Hashing and Data Integrity
  • Comparing and Contrasting the Basic Concepts of Cryptography
  • Asymmetric – PKI
  • Symmetric Algorithm – Modes of Operation
  • Hashing Algorithms
  • Crypto Service Provider
  • Crypto Module
  • Protecting Data
  • Basic Cryptographic Terminologies
  • Obfuscation
  • Pseudo-Random Number Generator
  • Nonce
  • Perfect Forward Secrecy
  • Security through Obscurity
  • Collision
  • Steganography
  • Homomorphic Encryption
  • Diffusion
  • Implementation Decisions
  • Common Use Cases for Cryptography
  • Supporting Confidentiality
  • Supporting Integrity
  • Supporting Non-Repudiation
  • Supporting Obfuscation
  • Low-Power Devices
  • High Resiliency
  • Supporting Authentication
  • Resource versus Security Constraints
  • Practical Exercises
  • Practical Exercise 1 – Building a Certificate Server
  • Practical Exercise 2 – Encrypting Data with EFS and Stealing Certificates
  • Practical Exercise 3 – Revoking the EFS Certificate
  • Review Questions

Chapter 3: Investigating Identity and Access Management

  • Understanding Identity and Access Management Concepts
  • Identity Types
  • Account Types
  • Authentication Types
  • Security Tokens and Devices
  • Certification-Based Authentication
  • Implementing Authentication and Authorization Solutions
  • Authentication Management
  • Authentication Protocols
  • Authentication, Authorization, and Accounting (AAA) Servers
  • Access Control Schemes
  • Summarizing Authentication and Authorization Design Concepts
  • Directory Services
  • Cloud Versus On-Premises Authentication
  • On-Premises
  • In the Cloud
  • Common Account Management Policies
  • Account Creation
  • Employees Moving Departments
  • Account Recertification
  • Account Maintenance
  • Account Monitoring
  • Security Information and Event Management
  • Group-Based Access Control
  • Practical Exercise – Password Policy
  • Review Questions

Chapter 4: Exploring Virtualization and Cloud Concepts

  • Overview of Cloud Computing
  • Implementing Different Cloud Deployment Models
  • Understanding Cloud Service Models
  • Infrastructure as a Service (IaaS)
  • Software as a Service (SaaS)
  • Platform as a Service (PaaS)
  • Security as a Service (SECaaS)
  • Anything as a Service (XaaS)
  • Understanding Cloud Computing Concepts
  • Understanding Cloud Storage Concepts
  • Selecting Cloud Security Controls
  • High Availability Access Zones
  • Resource Policies
  • Secret Management
  • Integration and Auditing
  • Storage
  • Networks
  • Compute
  • Solutions
  • Exploring the Virtual Network Environments
  • Review Questions

Section 2: Monitoring the Security Infrastructure

Chapter 5: Monitoring, Scanning, and Penetration Testing

  • Penetration Testing Concepts
  • Rules of Engagement (ROE)
  • Network Exploitation Techniques
  • Passive and Active Reconnaissance
  • Reconnaissance Tools
  • Exercise Types
  • Vulnerability Scanning Concepts
  • Credentialed versus Non-Credentialed Scans
  • Intrusive versus Non-Intrusive Vulnerability Scans
  • Other Types of Scans That Can Be Performed
  • Penetration Testing versus Vulnerability Scanning
  • Syslog/Security Information and Event Management
  • Security Orchestration, Automation, and Response
  • Threat Hunting
  • Practical Exercise – Running a Credentialed Vulnerability Scanner
  • Review Questions

Chapter 6: Understanding Secure and Insecure Protocols

  • Introduction to Protocols
  • Insecure Protocols and Their Use Cases
  • Secure Protocols and Their Use Cases
  • Additional Use Cases and Their Protocols
  • Subscription Services and Their Protocols
  • Routing and Its Protocols
  • Switching and Its Protocols
  • Active Directory (Directory Services) and Its Protocols
  • Review Questions

Chapter 7: Delving into Network and Security Concepts

  • Installing and Configuring Network Components
  • Firewall
  • Network Address Translation Gateway
  • Router
  • Access Control List – Network Devices
  • Switch
  • Tap/Port Mirror
  • Aggregation Switches
  • Honeypot
  • Proxy Server
  • Jump Servers
  • Load Balancer
  • Remote Access Capabilities
  • IPSec
  • VPN Concentrator
  • Split Tunneling
  • Remote Support
  • Secure Network Architecture Concepts
  • Software-Defined Network
  • Network Segmentation
  • Intrusion Prevention System
  • Intrusion Detection System
  • Modes of Operation
  • Sensor/Collector
  • Monitoring Data
  • Network Access Control
  • The Domain Name System
  • DNS Poisoning
  • Network Reconnaissance and Discovery
  • Exploitation Frameworks
  • Forensic Tools
  • IP Addressing
  • IP Version 4
  • Subnet Mask
  • CIDR Mask
  • DHCP
  • IP Version 6 Addressing
  • Review Questions

Chapter 8: Securing Wireless and Mobile Solutions

  • Implementing Wireless Security
  • Wireless Access Point Controllers
  • Securing Access to Your WAP
  • Wireless Bandwidth/Band Selection
  • Wireless Channels
  • Wireless Antenna Types
  • Wireless Coverage
  • Wireless – Open System Authentication
  • Wireless Encryption
  • Wireless Captive Portals
  • Wireless Attacks
  • Wireless Authentication Protocols
  • Deploying Mobile Devices Securely
  • Mobile Device Management
  • Bring Your Own Device
  • Choose Your Own Device
  • Corporate-Owned Personally-Enabled
  • Mobile Device Connection Methods
  • Mobile Device Management Concepts
  • Device Management
  • Device Protection
  • Device Data
  • Mobile Device Enforcement and Monitoring
  • Review Questions

Section 3: Protecting the Security Environment

Chapter 9: Identifying Threats, Attacks, and Vulnerabilities

  • Virus and Malware Attacks
  • Social Engineering Attacks
  • Threat Actors
  • Advanced Attacks
  • Password Attacks
  • Physical Attacks
  • On-Path Attacks
  • Network Attacks
  • Application/Programming Attacks
  • Hijacking-Related Attacks
  • Driver Manipulation
  • Cryptographic Attacks
  • Review Questions
  • Chapter 10: Governance, Risk, and Compliance
  • Risk Management Processes and Concepts
  • Risk Types
  • Risk Management Strategies
  • Risk Analysis
  • Calculating Loss
  • Disasters
  • Business Impact Analysis Concepts
  • Threat Actors, Vectors, and Intelligence Concepts
  • Threat Actors
  • Attack Vectors
  • Threat Intelligence Sources
  • Research Sources
  • The Importance of Policies for Organizational Security
  • Personnel
  • Diversity of Training Techniques
  • Third-Party Risk Management
  • Data
  • Credential Policies
  • Organizational Policies
  • Regulations, Standards, and Legislation
  • Key Frameworks
  • Benchmarks/Secure Configuration Guides
  • Privacy and Sensitive Data Concepts
  • Organizational Consequences of Privacy Breaches
  • Notifications of Breaches
  • Data Types
  • Privacy-Enhancing Technologies
  • Data Roles and Responsibilities
  • Information Life Cycle
  • Impact Assessment
  • Terms of Agreement
  • Privacy Notice
  • Review Questions

Chapter 11: Managing Application Security

  • Implementing Host or Application Security
  • Boot Integrity
  • Endpoint Protection
  • Databases
  • Application Security
  • Hardening
  • Full Disk Encryption (FDE)
  • Self-Encrypting Drives (SEDs)
  • Understanding the Security Implications of Embedded and Specialist Systems
  • Internet of Things (IoT)
  • Real-Time Operating System (RTOS)
  • Multifunctional Printers (MFPs)
  • Surveillance Systems
  • System on a Chip (SoC)
  • Heating, Ventilation, and Air Conditioning (HVAC)
  • Specialized Devices
  • Embedded Systems
  • Supervisory Control and Data Acquisition (SCADA)
  • Industrial Control System
  • Communication Considerations
  • Constraints
  • Understanding Secure Application Development, Deployment, and Automation
  • Software Diversity
  • Elasticity
  • Scalability
  • Environment
  • Automation/Scripting
  • Provisioning and Deprovisioning
  • Integrity Measurement
  • Secure Coding Techniques
  • Open Web Application Security Project (OWASP)
  • Review Questions

Chapter 12: Dealing with Incident Response Procedures

  • Incident Response Procedures
  • Disaster Recovery Exercises
  • Attack Frameworks
  • Stakeholder Management
  • Continuity of Operations Planning (COOP)
  • Utilizing Data Sources to Support Investigations
  • Vulnerability Scan Output
  • SIEM Dashboards
  • Log Files
  • Log Managers
  • Journalctl
  • Nxlog
  • Bandwidth Monitors
  • Metadata
  • Network Monitoring
  • Protocol Analyzer Output
  • Knowing How to Apply Mitigation Techniques or Controls to Secure an Environment
  • Application Approved List
  • Application Block List/Deny List
  • Quarantine
  • Configuration Changes
  • Isolation
  • Containment
  • Segmentation
  • Security Orchestration, Automation, and Response (SOAR)
  • Implementing Cybersecurity Resilience
  • Redundancy
  • Review Questions

Section 4: Mock Tests

Chapter 13: Mock Exam 1

  • Mock Exam 1 Assessment
  • Chapter 14: Mock Exam 2
  • Mock Exam 2 Assessment

Assessment

Chapter 1 – Understanding Security Fundamentals

Chapter 2 – Implementing Public Key Infrastructure

Chapter 3 – Investigating Identity and Access Management

Chapter 4 – Exploring Virtualization and Cloud Concepts

Chapter 5 – Monitoring, Scanning, and Penetration Testing

Chapter 6 – Understanding Secure and Insecure Protocols

Chapter 7 – Delving into Network and Security Concepts

Chapter 8 – Securing Wireless and Mobile Solutions

Chapter 9 – Identifying Threats, Attacks, and Vulnerabilities

Chapter 10 – Governance, Risk, and Compliance

Chapter 11 – Managing Application Security

Chapter 12 – Dealing with Incident Response Procedures

 

 

 

Komentari

• Dušan Todorovic
Knjiga koju verujem da većina želi da bude prevedena. Opasno potrebna.

• Nenad A
Odlična knjiga za početak Infosec karijere !!!

Ostavite komentar Ostavite komentar

 

Preporučujemo

Mobile Application Penetration Testing

Mobile Application Penetration Testing

Mastering Kali Linux for Advanced Penetration Testing - Third Edition

Mastering Kali Linux for Advanced Penetration Testing - Third Edition

Veze, linkovi
Linkedin Twitter Facebook
 
     
 
© Sva prava pridržana, Kompjuter biblioteka, Beograd, Obalskih radnika 4a, Telefon: +381 11 252 0 272