Cover image for CompTIA Security+: SY0-601 Certification Guide - Second Edition

CompTIA Security+: SY0-601 Certification Guide - Second Edition

Release Date: 2020/12/01
ISBN: 9781800564244
Topic:
0%
26
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Become well-versed with IT security essentials and exam objectives for CompTIA Security+ SY0-601 certification

Key Features

  • Written by Ian Neil, one of the world's top CompTIA Security+ trainers
  • Test your knowledge of security jargon and acronyms with self-assessment and realistic exam questions
  • Learn about cryptography, encryption, and security policies to deliver a robust infrastructure

Book Description

The CompTIA Security+ certification confirms that you have the fundamental knowledge required to perform core security functions and pursue a career in IT security. Authored by Ian Neil, a world-class CompTIA Security+ 601 trainer, this book is a best-in-class study guide that fully covers the CompTIA Security+ 601 exam objectives.

Complete with self-assessment scenarios and realistic exam questions, this guide will help you master the core concepts to pass the exam the first time you take it. With the help of relevant examples, you'll learn about fundamental security concepts, from certificates and encryption to identity and access management (IAM). You'll then delve into the important domains of the exam, namely, cloud security, threats, attacks and vulnerabilities, technologies and tools, architecture and design, risk management, and cryptography and public key infrastructure (PKI). This book comes with over 600 practice questions with detailed explanations and includes two mock exams to help you test yourself.

By the end of this book, you will understand the application of core Security+ concepts in the real world and be ready to take the exam with confidence.

What you will learn

  • Get to grips with security fundamentals, from the CIA triad through to IAM
  • Explore cloud security and techniques used in penetration testing
  • Discover different authentication methods and troubleshoot security issues
  • Secure the devices and applications that are used by your company
  • Identify and protect against various types of malware and virus
  • Protect your environment against social engineering and advanced attacks
  • Understand and implement PKI concepts
  • Delve into secure application development, deployment, and automation concepts

Who this book is for

If you want to take and pass the CompTIA Security+ SY0-601 exam, even if you are not from an IT background, this book is for you. You'll find this guide useful if you want to become a qualified security professional. This book is also ideal for US Government and DOD personnel seeking this certification.

Table of Contents

  1. CompTIA Security+: SY0-601 Certification Guide
  2. Second Edition
  3. Why subscribe?
  4. Contributors
  5. About the author
  6. About the reviewers
  7. Packt is searching for authors like you
  8. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the color images
    5. Conventions used
    6. Get in touch
    7. Reviews
  9. Section 1: Security Aims and Objectives
  10. Chapter 1: Understanding Security Fundamentals
    1. Security Fundamentals
    2. CIA Triad Concept
    3. Least Privilege
    4. Defense in Depth Model
    5. Comparing Control Types
    6. Managerial Controls
    7. Operational Controls
    8. Technical Controls
    9. Deterrent Controls
    10. Detective Controls
    11. Corrective Controls
    12. Compensating Controls
    13. Preventative Controls
    14. Access Controls
    15. Discretionary Access Control
    16. Mandatory Access Control
    17. Role-Based Access Control
    18. Rule-Based Access Control
    19. Attribute-Based Access Control
    20. Group-Based Access Control
    21. Linux-Based Access Control
    22. Physical Security Controls
    23. Perimeter Security
    24. Building Security
    25. Device Protection
    26. Understanding Digital Forensics
    27. Five-Minute Practical
    28. Collection of Evidence
    29. Cloud Forensics
    30. Review Questions
  11. Chapter 2: Implementing Public Key Infrastructure
    1. PKI Concepts
    2. Certificate Hierarchy
    3. Certificate Trust
    4. Certificate Validity
    5. Certificate Management Concepts
    6. Types of Certificates
    7. Asymmetric and Symmetric Encryption
    8. Encryption Explained
    9. Digital Signatures Explained
    10. Cryptography Algorithms and Their Characteristics
    11. Symmetric Algorithms
    12. Asymmetric Algorithms
    13. Symmetric versus Asymmetric Analogy
    14. XOR Encryption
    15. Key Stretching Algorithms
    16. Cipher Modes
    17. Stream versus Block Cipher Analogy
    18. Modes of Operation
    19. Quantum Computing
    20. Blockchain and the Public Ledger
    21. Hashing and Data Integrity
    22. Comparing and Contrasting the Basic Concepts of Cryptography
    23. Asymmetric – PKI
    24. Symmetric Algorithm – Modes of Operation
    25. Hashing Algorithms
    26. Crypto Service Provider
    27. Crypto Module
    28. Protecting Data
    29. Basic Cryptographic Terminologies
    30. Obfuscation
    31. Pseudo-Random Number Generator
    32. Nonce
    33. Perfect Forward Secrecy
    34. Security through Obscurity
    35. Collision
    36. Steganography
    37. Homomorphic Encryption
    38. Diffusion
    39. Implementation Decisions
    40. Common Use Cases for Cryptography
    41. Supporting Confidentiality
    42. Supporting Integrity
    43. Supporting Non-Repudiation
    44. Supporting Obfuscation
    45. Low-Power Devices
    46. High Resiliency
    47. Supporting Authentication
    48. Resource versus Security Constraints
    49. Practical Exercises
    50. Practical Exercise 1 – Building a Certificate Server
    51. Practical Exercise 2 – Encrypting Data with EFS and Stealing Certificates
    52. Practical Exercise 3 – Revoking the EFS Certificate
    53. Review Questions
  12. Chapter 3: Investigating Identity and Access Management
    1. Understanding Identity and Access Management Concepts
    2. Identity Types
    3. Account Types
    4. Authentication Types
    5. Security Tokens and Devices
    6. Certification-Based Authentication
    7. Implementing Authentication and Authorization Solutions
    8. Authentication Management
    9. Authentication Protocols
    10. Authentication, Authorization, and Accounting (AAA) Servers
    11. Access Control Schemes
    12. Summarizing Authentication and Authorization Design Concepts
    13. Directory Services
    14. Cloud Versus On-Premises Authentication
    15. On-Premises
    16. In the Cloud
    17. Common Account Management Policies
    18. Account Creation
    19. Employees Moving Departments
    20. Account Recertification
    21. Account Maintenance
    22. Account Monitoring
    23. Security Information and Event Management
    24. Group-Based Access Control
    25. Practical Exercise – Password Policy
    26. Review Questions
  13. Chapter 4: Exploring Virtualization and Cloud Concepts
    1. Overview of Cloud Computing
    2. Implementing Different Cloud Deployment Models
    3. Understanding Cloud Service Models
    4. Infrastructure as a Service (IaaS)
    5. Software as a Service (SaaS)
    6. Platform as a Service (PaaS)
    7. Security as a Service (SECaaS)
    8. Anything as a Service (XaaS)
    9. Understanding Cloud Computing Concepts
    10. Understanding Cloud Storage Concepts
    11. Selecting Cloud Security Controls
    12. High Availability Access Zones
    13. Resource Policies
    14. Secret Management
    15. Integration and Auditing
    16. Storage
    17. Networks
    18. Compute
    19. Solutions
    20. Exploring the Virtual Network Environments
    21. Review Questions
  14. Section 2: Monitoring the Security Infrastructure
  15. Chapter 5: Monitoring, Scanning, and Penetration Testing
    1. Penetration Testing Concepts
    2. Rules of Engagement (ROE)
    3. Network Exploitation Techniques
    4. Passive and Active Reconnaissance
    5. Reconnaissance Tools
    6. Exercise Types
    7. Vulnerability Scanning Concepts
    8. Credentialed versus Non-Credentialed Scans
    9. Intrusive versus Non-Intrusive Vulnerability Scans
    10. Other Types of Scans That Can Be Performed
    11. Penetration Testing versus Vulnerability Scanning
    12. Syslog/Security Information and Event Management
    13. Security Orchestration, Automation, and Response
    14. Threat Hunting
    15. Practical Exercise – Running a Credentialed Vulnerability Scanner
    16. Review Questions
  16. Chapter 6: Understanding Secure and Insecure Protocols
    1. Introduction to Protocols
    2. Insecure Protocols and Their Use Cases
    3. Secure Protocols and Their Use Cases
    4. Additional Use Cases and Their Protocols
    5. Subscription Services and Their Protocols
    6. Routing and Its Protocols
    7. Switching and Its Protocols
    8. Active Directory (Directory Services) and Its Protocols
    9. Review Questions
  17. Chapter 7: Delving into Network and Security Concepts
    1. Installing and Configuring Network Components
    2. Firewall
    3. Network Address Translation Gateway
    4. Router
    5. Access Control List – Network Devices
    6. Switch
    7. Tap/Port Mirror
    8. Aggregation Switches
    9. Honeypot
    10. Proxy Server
    11. Jump Servers
    12. Load Balancer
    13. Remote Access Capabilities
    14. IPSec
    15. VPN Concentrator
    16. Split Tunneling
    17. Remote Support
    18. Secure Network Architecture Concepts
    19. Software-Defined Network
    20. Network Segmentation
    21. Intrusion Prevention System
    22. Intrusion Detection System
    23. Modes of Operation
    24. Sensor/Collector
    25. Monitoring Data
    26. Network Access Control
    27. The Domain Name System
    28. DNS Poisoning
    29. Network Reconnaissance and Discovery
    30. Exploitation Frameworks
    31. Forensic Tools
    32. IP Addressing
    33. IP Version 4
    34. Subnet Mask
    35. CIDR Mask
    36. DHCP
    37. IP Version 6 Addressing
    38. Review Questions
  18. Chapter 8: Securing Wireless and Mobile Solutions
    1. Implementing Wireless Security
    2. Wireless Access Point Controllers
    3. Securing Access to Your WAP
    4. Wireless Bandwidth/Band Selection
    5. Wireless Channels
    6. Wireless Antenna Types
    7. Wireless Coverage
    8. Wireless – Open System Authentication
    9. Wireless Encryption
    10. Wireless Captive Portals
    11. Wireless Attacks
    12. Wireless Authentication Protocols
    13. Deploying Mobile Devices Securely
    14. Mobile Device Management
    15. Bring Your Own Device
    16. Choose Your Own Device
    17. Corporate-Owned Personally-Enabled
    18. Mobile Device Connection Methods
    19. Mobile Device Management Concepts
    20. Device Management
    21. Device Protection
    22. Device Data
    23. Mobile Device Enforcement and Monitoring
    24. Review Questions
  19. Section 3: Protecting the Security Environment
  20. Chapter 9: Identifying Threats, Attacks, and Vulnerabilities
    1. Virus and Malware Attacks
    2. Social Engineering Attacks
    3. Threat Actors
    4. Advanced Attacks
    5. Password Attacks
    6. Physical Attacks
    7. On-Path Attacks
    8. Network Attacks
    9. Application/Programming Attacks
    10. Hijacking-Related Attacks
    11. Driver Manipulation
    12. Cryptographic Attacks
    13. Review Questions
  21. Chapter 10: Governance, Risk, and Compliance
    1. Risk Management Processes and Concepts
    2. Risk Types
    3. Risk Management Strategies
    4. Risk Analysis
    5. Calculating Loss
    6. Disasters
    7. Business Impact Analysis Concepts
    8. Threat Actors, Vectors, and Intelligence Concepts
    9. Threat Actors
    10. Attack Vectors
    11. Threat Intelligence Sources
    12. Research Sources
    13. The Importance of Policies for Organizational Security
    14. Personnel
    15. Diversity of Training Techniques
    16. Third-Party Risk Management
    17. Data
    18. Credential Policies
    19. Organizational Policies
    20. Regulations, Standards, and Legislation
    21. Key Frameworks
    22. Benchmarks/Secure Configuration Guides
    23. Privacy and Sensitive Data Concepts
    24. Organizational Consequences of Privacy Breaches
    25. Notifications of Breaches
    26. Data Types
    27. Privacy-Enhancing Technologies
    28. Data Roles and Responsibilities
    29. Information Life Cycle
    30. Impact Assessment
    31. Terms of Agreement
    32. Privacy Notice
    33. Review Questions
  22. Chapter 11: Managing Application Security
    1. Implementing Host or Application Security
    2. Boot Integrity
    3. Endpoint Protection
    4. Databases
    5. Application Security
    6. Hardening
    7. Full Disk Encryption (FDE)
    8. Self-Encrypting Drives (SEDs)
    9. Understanding the Security Implications of Embedded and Specialist Systems
    10. Internet of Things (IoT)
    11. Real-Time Operating System (RTOS)
    12. Multifunctional Printers (MFPs)
    13. Surveillance Systems
    14. System on a Chip (SoC)
    15. Heating, Ventilation, and Air Conditioning (HVAC)
    16. Specialized Devices
    17. Embedded Systems
    18. Supervisory Control and Data Acquisition (SCADA)
    19. Industrial Control System
    20. Communication Considerations
    21. Constraints
    22. Understanding Secure Application Development, Deployment, and Automation
    23. Software Diversity
    24. Elasticity
    25. Scalability
    26. Environment
    27. Automation/Scripting
    28. Provisioning and Deprovisioning
    29. Integrity Measurement
    30. Secure Coding Techniques
    31. Open Web Application Security Project (OWASP)
    32. Review Questions
  23. Chapter 12: Dealing with Incident Response Procedures
    1. Incident Response Procedures
    2. Disaster Recovery Exercises
    3. Attack Frameworks
    4. Stakeholder Management
    5. Continuity of Operations Planning (COOP)
    6. Utilizing Data Sources to Support Investigations
    7. Vulnerability Scan Output
    8. SIEM Dashboards
    9. Log Files
    10. Log Managers
    11. Journalctl
    12. Nxlog
    13. Bandwidth Monitors
    14. Metadata
    15. Network Monitoring
    16. Protocol Analyzer Output
    17. Knowing How to Apply Mitigation Techniques or Controls to Secure an Environment
    18. Application Approved List
    19. Application Block List/Deny List
    20. Quarantine
    21. Configuration Changes
    22. Isolation
    23. Containment
    24. Segmentation
    25. Security Orchestration, Automation, and Response (SOAR)
    26. Implementing Cybersecurity Resilience
    27. Redundancy
    28. Review Questions
  24. Section 4: Mock Tests
  25. Chapter 13: Mock Exam 1
  26. Mock Exam 1 Assessment
  27. Chapter 14: Mock Exam 2
  28. Mock Exam 2 Assessment
  29. Assessment
    1. Chapter 1 – Understanding Security Fundamentals
    2. Chapter 2 – Implementing Public Key Infrastructure
    3. Chapter 3 – Investigating Identity and Access Management
    4. Chapter 4 – Exploring Virtualization and Cloud Concepts
    5. Chapter 5 – Monitoring, Scanning, and Penetration Testing
    6. Chapter 6 – Understanding Secure and Insecure Protocols
    7. Chapter 7 – Delving into Network and Security Concepts
    8. Chapter 8 – Securing Wireless and Mobile Solutions
    9. Chapter 9 – Identifying Threats, Attacks, and Vulnerabilities
    10. Chapter 10 – Governance, Risk, and Compliance
    11. Chapter 11 – Managing Application Security
    12. Chapter 12 – Dealing with Incident Response Procedures
  30. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think
13.59.136.170