CompTIA Security+: SY0-601 Certification Guide Pszów

The CompTIA Security+ certification validates the fundamental knowledge required to perform core security functions and pursue a career in IT security. Authored by Ian Neil, a world-class CompTIA certification trainer, this book is a best-in-class study guide that fully covers the CompTIA Security+ 601 exam objectives. Complete with chapter review questions, realistic mock exams, and worked solutions, this guide will help you master the core concepts to pass the exam the first time you take it. With the help of relevant examples, you'll learn fundamental security concepts from certificates and encryption to identity and access management (IAM). As you progress, you'll delve into the important domains of the exam, including cloud security, threats, attacks and vulnerabilities, technologies and tools, architecture and design, risk management, cryptography, and public key infrastructure (PKI). You can access extra practice materials, including flashcards, performance-based questions, practical labs, mock exams, key terms glossary, and exam tips on the author's website at securityplus.training. By the end of this Security+ book, you'll have gained the knowledge and understanding to take the CompTIA exam with confidence. Spis treści: CompTIA Security+: SY0-601 Certification Guide Second Edition Why subscribe? Contributors About the author About the reviewers Packt is searching for authors like you Preface Who this book is for What this book covers To get the most out of this book Download the color images Conventions used Get in touch Reviews Section 1: Security Aims and Objectives Chapter 1: Understanding Security Fundamentals Security Fundamentals CIA Triad Concept Least Privilege Defense in Depth Model Comparing Control Types Managerial Controls Operational Controls Technical Controls Deterrent Controls Detective Controls Corrective Controls Compensating Controls Preventative Controls Access Controls Discretionary Access Control Mandatory Access Control Role-Based Access Control Rule-Based Access Control Attribute-Based Access Control Group-Based Access Control Linux-Based Access Control Physical Security Controls Perimeter Security Building Security Device Protection Understanding Digital Forensics Five-Minute Practical Collection of Evidence Cloud Forensics Review Questions Chapter 2: Implementing Public Key Infrastructure PKI Concepts Certificate Hierarchy Certificate Trust Certificate Validity Certificate Management Concepts Types of Certificates Asymmetric and Symmetric Encryption Encryption Explained Digital Signatures Explained Cryptography Algorithms and Their Characteristics Symmetric Algorithms Asymmetric Algorithms Symmetric versus Asymmetric Analogy XOR Encryption Key Stretching Algorithms Cipher Modes Stream versus Block Cipher Analogy Modes of Operation Quantum Computing Blockchain and the Public Ledger Hashing and Data Integrity Comparing and Contrasting the Basic Concepts of Cryptography Asymmetric PKI Symmetric Algorithm Modes of Operation Hashing Algorithms Crypto Service Provider Crypto Module Protecting Data Basic Cryptographic Terminologies Obfuscation Pseudo-Random Number Generator Nonce Perfect Forward Secrecy Security through Obscurity Collision Steganography Homomorphic Encryption Diffusion Implementation Decisions Common Use Cases for Cryptography Supporting Confidentiality Supporting Integrity Supporting Non-Repudiation Supporting Obfuscation Low-Power Devices High Resiliency Supporting Authentication Resource versus Security Constraints Practical Exercises Practical Exercise 1 Building a Certificate Server Practical Exercise 2 Encrypting Data with EFS and Stealing Certificates Practical Exercise 3 Revoking the EFS Certificate Review Questions Chapter 3: Investigating Identity and Access Management Understanding Identity and Access Management Concepts Identity Types Account Types Authentication Types Security Tokens and Devices Certification-Based Authentication Implementing Authentication and Authorization Solutions Authentication Management Authentication Protocols Authentication, Authorization, and Accounting (AAA) Servers Access Control Schemes Summarizing Authentication and Authorization Design Concepts Directory Services Cloud Versus On-Premises Authentication On-Premises In the Cloud Common Account Management Policies Account Creation Employees Moving Departments Account Recertification Account Maintenance Account Monitoring Security Information and Event Management Group-Based Access Control Practical Exercise Password Policy Review Questions Chapter 4: Exploring Virtualization and Cloud Concepts Overview of Cloud Computing Implementing Different Cloud Deployment Models Understanding Cloud Service Models Infrastructure as a Service (IaaS) Software as a Service (SaaS) Platform as a Service (PaaS) Security as a Service (SECaaS) Anything as a Service (XaaS) Understanding Cloud Computing Concepts Understanding Cloud Storage Concepts Selecting Cloud Security Controls High Availability Access Zones Resource Policies Secret Management Integration and Auditing Storage Networks Compute Solutions Exploring the Virtual Network Environments Review Questions Section 2: Monitoring the Security Infrastructure Chapter 5: Monitoring, Scanning, and Penetration Testing Penetration Testing Concepts Rules of Engagement (ROE) Network Exploitation Techniques Passive and Active Reconnaissance Reconnaissance Tools Exercise Types Vulnerability Scanning Concepts Credentialed versus Non-Credentialed Scans Intrusive versus Non-Intrusive Vulnerability Scans Other Types of Scans That Can Be Performed Penetration Testing versus Vulnerability Scanning Syslog/Security Information and Event Management Security Orchestration, Automation, and Response Threat Hunting Practical Exercise Running a Credentialed Vulnerability Scanner Review Questions Chapter 6: Understanding Secure and Insecure Protocols Introduction to Protocols Insecure Protocols and Their Use Cases Secure Protocols and Their Use Cases Additional Use Cases and Their Protocols Subscription Services and Their Protocols Routing and Its Protocols Switching and Its Protocols Active Directory (Directory Services) and Its Protocols Review Questions Chapter 7: Delving into Network and Security Concepts Installing and Configuring Network Components Firewall Network Address Translation Gateway Router Access Control List Network Devices Switch Tap/Port Mirror Aggregation Switches Honeypot Proxy Server Jump Servers Load Balancer Remote Access Capabilities IPSec VPN Concentrator Split Tunneling Remote Support Secure Network Architecture Concepts Software-Defined Network Network Segmentation Intrusion Prevention System Intrusion Detection System Modes of Operation Sensor/Collector Monitoring Data Network Access Control The Domain Name System DNS Poisoning Network Reconnaissance and Discovery Exploitation Frameworks Forensic Tools IP Addressing IP Version 4 Subnet Mask CIDR Mask DHCP IP Version 6 Addressing Review Questions Chapter 8: Securing Wireless and Mobile Solutions Implementing Wireless Security Wireless Access Point Controllers Securing Access to Your WAP Wireless Bandwidth/Band Selection Wireless Channels Wireless Antenna Types Wireless Coverage Wireless Open System Authentication Wireless Encryption Wireless Captive Portals Wireless Attacks Wireless Authentication Protocols Deploying Mobile Devices Securely Mobile Device Management Bring Your Own Device Choose Your Own Device Corporate-Owned Personally-Enabled Mobile Device Connection Methods Mobile Device Management Concepts Device Management Device Protection Device Data Mobile Device Enforcement and Monitoring Review Questions Section 3: Protecting the Security Environment Chapter 9: Identifying Threats, Attacks, and Vulnerabilities Virus and Malware Attacks Social Engineering Attacks Threat Actors Advanced Attacks Password Attacks Physical Attacks On-Path Attacks Network Attacks Application/Programming Attacks Hijacking-Related Attacks Driver Manipulation Cryptographic Attacks Review Questions Chapter 10: Governance, Risk, and Compliance Risk Management Processes and Concepts Risk Types Risk Management Strategies Risk Analysis Calculating Loss Disasters Business Impact Analysis Concepts Threat Actors, Vectors, and Intelligence Concepts Threat Actors Attack Vectors Threat Intelligence Sources Research Sources The Importance of Policies for Organizational Security Personnel Diversity of Training Techniques Third-Party Risk Management Data Credential Policies Organizational Policies Regulations, Standards, and Legislation Key Frameworks Benchmarks/Secure Configuration Guides Privacy and Sensitive Data Concepts Organizational Consequences of Privacy Breaches Notifications of Breaches Data Types Privacy-Enhancing Technologies Data Roles and Responsibilities Information Life Cycle Impact Assessment Terms of Agreement Privacy Notice Review Questions Chapter 11: Managing Application Security Implementing Host or Application Security Boot Integrity Endpoint Protection Databases Application Security Hardening Full Disk Encryption (FDE) Self-Encrypting Drives (SEDs) Understanding the Security Implications of Embedded and Specialist Systems Internet of Things (IoT) Real-Time Operating System (RTOS) Multifunctional Printers (MFPs) Surveillance Systems System on a Chip (SoC) Heating, Ventilation, and Air Conditioning (HVAC) Specialized Devices Embedded Systems Supervisory Control and Data Acquisition (SCADA) Industrial Control System Communication Considerations Constraints Understanding Secure Application Development, Deployment, and Automation Software Diversity Elasticity Scalability Environment Automation/Scripting Provisioning and Deprovisioning Integrity Measurement Secure Coding Techniques Open Web Application Security Project (OWASP) Review Questions Chapter 12: Dealing with Incident Response Procedures Incident Response Procedures Disaster Recovery Exercises Attack Frameworks Stakeholder Management Continuity of Operations Planning (COOP) Utilizing Data Sources to Support Investigations Vulnerability Scan Output SIEM Dashboards Log Files Log Managers Journalctl Nxlog Bandwidth Monitors Metadata Network Monitoring Protocol Analyzer Output Knowing How to Apply Mitigation Techniques or Controls to Secure an Environment Application Approved List Application Block List/Deny List Quarantine Configuration Changes Isolation Containment Segmentation Security Orchestration, Automation, and Response (SOAR) Implementing Cybersecurity Resilience Redundancy Review Questions Section 4: Mock Tests Chapter 13: Mock Exam 1 Mock Exam 1 Assessment Chapter 14: Mock Exam 2 Mock Exam 2 Assessment Assessment Chapter 1 Understanding Security Fundamentals Chapter 2 Implementing Public Key Infrastructure Chapter 3 Investigating Identity and Access Management Chapter 4 Exploring Virtualization and Cloud Concepts Chapter 5 Monitoring, Scanning, and Penetration Testing Chapter 6 Understanding Secure and Insecure Protocols Chapter 7 Delving into Network and Security Concepts Chapter 8 Securing Wireless and Mobile Solutions Chapter 9 Identifying Threats, Attacks, and Vulnerabilities Chapter 10 Governance, Risk, and Compliance Chapter 11 Managing Application Security Chapter 12 Dealing with Incident Response Procedures Other Books You May Enjoy Leave a review - let other readers know what you think