0%

Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.

This fully updated study guide covers every topic on the current version of the CompTIA Security+ exam

Take the latest version of the CompTIA Security+ exam with complete confidence using the detailed information contained in this highly effective self-study system. Written by two leading information security experts, this authoritative guide addresses the skills required for securing a network and managing risk and enables you to become CompTIA certified.

CompTIA Security+ All-in-One Exam Guide, Sixth Edition (Exam SY0-601) covers all exam domains and features 200 accurate practice questions. To aid in study, the book features learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. All questions mirror those on the live exam in tone, format, and content. Beyond fully preparing you for the challenging exam, the book also serves as a valuable on-the-job reference for IT professionals.

  • Provides 100% coverage of every objective on exam SY0-601
  • Online content includes performance-based question simulations and 200 multiple-choice practice questions
  • Written by a team of experienced IT security educators

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright Page
  4. Dedication
  5. About the Authors
  6. Contents
  7. Preface
  8. Acknowledgments
  9. Introduction
  10. Objective Map: Exam SY0-601
  11. Part I Threats, Attacks, and Vulnerabilities
    1. Chapter 1 Social Engineering Techniques
    2. Social Engineering Methods
    3. Tools
    4. Phishing
    5. Smishing
    6. Vishing
    7. Spam
    8. Spam over Instant Messaging (SPIM)
    9. Spear Phishing
    10. Dumpster Diving
    11. Shoulder Surfing
    12. Pharming
    13. Tailgating
    14. Eliciting Information
    15. Whaling
    16. Prepending
    17. Identity Fraud
    18. Invoice Scams
    19. Credential Harvesting
    20. Reconnaissance
    21. Hoax
    22. Impersonation
    23. Third-Party Authorization
    24. Contractors/Outside Parties
    25. Online Attacks
    26. Defenses
    27. Watering Hole Attack
    28. Typosquatting
    29. Pretexting
    30. Influence Campaigns
    31. Principles (Reasons for Effectiveness)
    32. Authority
    33. Intimidation
    34. Consensus
    35. Scarcity
    36. Familiarity
    37. Trust
    38. Urgency
    39. Defenses
    40. Chapter Review
    41. Questions
    42. Answers
    43. Chapter 2 Type of Attack Indicators
    44. Malware
    45. Ransomware
    46. Trojans
    47. Worms
    48. Potentially Unwanted Programs
    49. Fileless Viruses
    50. Command and Control
    51. Bots
    52. Crypto-malware
    53. Logic Bombs
    54. Spyware
    55. Keyloggers
    56. Remote-Access Trojans (RATs)
    57. Rootkit
    58. Backdoors
    59. Password Attacks
    60. Spraying
    61. Dictionary
    62. Brute Force
    63. Rainbow Tables
    64. Plaintext/Unencrypted
    65. Physical Attacks
    66. Malicious Universal Serial Bus (USB) Cable
    67. Malicious Flash Drives
    68. Card Cloning
    69. Skimming
    70. Adversarial Artificial Intelligence (AI)
    71. Tainted Training Data for Machine Learning (ML)
    72. Security of Machine Learning Algorithms
    73. Supply-Chain Attacks
    74. Cloud-Based vs. On-Premises Attacks
    75. Cryptographic Attacks
    76. Birthday
    77. Collision
    78. Downgrade
    79. Chapter Review
    80. Questions
    81. Answers
    82. Chapter 3 Application Attack Indicators
    83. Privilege Escalation
    84. Cross-Site Scripting
    85. Injection Attacks
    86. Structured Query Language (SQL)
    87. Dynamic-Link Library (DLL)
    88. Lightweight Directory Access Protocol (LDAP)
    89. Extensible Markup Language (XML)
    90. Pointer/Object Dereference
    91. Directory Traversal
    92. Buffer Overflow
    93. Race Condition
    94. Time of Check/Time of Use
    95. Improper Error Handling
    96. Improper Input Handling
    97. Replay Attacks
    98. Session Replay
    99. Integer Overflow
    100. Request Forgery
    101. Server-Side Request Forgery
    102. Cross-Site Request Forgery
    103. Application Programming Interface (API) Attacks
    104. Resource Exhaustion
    105. Memory Leak
    106. Secure Sockets Layer (SSL) Stripping
    107. Driver Manipulation
    108. Shimming
    109. Refactoring
    110. Pass the Hash
    111. Chapter Review
    112. Questions
    113. Answers
    114. Chapter 4 Network Attack Indicators
    115. Wireless
    116. Evil Twin
    117. Rogue Access Point
    118. Bluesnarfing
    119. Bluejacking
    120. Disassociation
    121. Jamming
    122. Radio Frequency Identification (RFID)
    123. Near Field Communication (NFC)
    124. Initialization Vector (IV)
    125. On-path Attack
    126. Layer 2 Attacks
    127. Address Resolution Protocol (ARP) Poisoning
    128. Media Access Control (MAC) Flooding
    129. MAC Cloning
    130. Domain Name System (DNS)
    131. Domain Hijacking
    132. DNS Poisoning
    133. Universal Resource Locator (URL) Redirection
    134. Domain Reputation
    135. Distributed Denial-of-Service (DDoS)
    136. Network
    137. Application
    138. Operational Technology (OT)
    139. Malicious Code and Script Execution
    140. PowerShell
    141. Python
    142. Bash
    143. Macros
    144. Visual Basic for Applications (VBA)
    145. Chapter Review
    146. Questions
    147. Answers
    148. Chapter 5 Threat Actors, Vectors, and Intelligence Sources
    149. Actors and Threats
    150. Advanced Persistent Threats (APTs)
    151. Insider Threats
    152. State Actors
    153. Hacktivists
    154. Script Kiddies
    155. Criminal Syndicates
    156. Hackers
    157. Shadow IT
    158. Competitors
    159. Attributes of Actors
    160. Internal/External
    161. Level of Sophistication/Capability
    162. Resources/Funding
    163. Intent/Motivation
    164. Vectors
    165. Direct Access
    166. Wireless
    167. E-mail
    168. Supply Chain
    169. Social Media
    170. Removable Media
    171. Cloud
    172. Threat Intelligence Sources
    173. Open Source Intelligence (OSINT)
    174. Closed/Proprietary
    175. Vulnerability Databases
    176. Public/Private Information Sharing Centers
    177. Dark Web
    178. Indicators of Compromise
    179. Automated Indicator Sharing (AIS)
    180. Structured Threat Information Expression (STIX) / Trusted Automated Exchange of Intelligence Information (TAXII)
    181. Predictive Analysis
    182. Threat Maps
    183. File/Code Repositories
    184. Research Sources
    185. Vendor Websites
    186. Vulnerability Feeds
    187. Conferences
    188. Academic Journals
    189. Requests for Comment (RFCs)
    190. Local Industry Groups
    191. Social Media
    192. Threat Feeds
    193. Adversary Tactics, Techniques, and Procedures (TTPs)
    194. Chapter Review
    195. Questions
    196. Answers
    197. Chapter 6 Vulnerabilities
    198. Cloud-based vs. On-premises Vulnerabilities
    199. Zero Day
    200. Weak Configurations
    201. Open Permissions
    202. Unsecure Root Accounts
    203. Errors
    204. Weak Encryption
    205. Unsecure Protocols
    206. Default Settings
    207. Open Ports and Services
    208. Third-Party Risks
    209. Vendor Management
    210. Supply Chain
    211. Outsourced Code Development
    212. Data Storage
    213. Improper or Weak Patch Management
    214. Firmware
    215. Operating System (OS)
    216. Applications
    217. Legacy Platforms
    218. Impacts
    219. Data Loss
    220. Data Breaches
    221. Data Exfiltration
    222. Identity Theft
    223. Financial
    224. Reputation
    225. Availability Loss
    226. Chapter Review
    227. Questions
    228. Answers
    229. Chapter 7 Security Assessments
    230. Threat Hunting
    231. Intelligence Fusion
    232. Threat Feeds
    233. Advisories and Bulletins
    234. Maneuver
    235. Vulnerability Scans
    236. False Positives
    237. False Negatives
    238. Log Reviews
    239. Credentialed vs. Non-Credentialed
    240. Intrusive vs. Non-Intrusive
    241. Application
    242. Web Application
    243. Network
    244. Common Vulnerabilities and Exposures (CVE)/Common Vulnerability Scoring System (CVSS)
    245. Configuration Review
    246. Syslog/Security Information and Event Management (SIEM)
    247. Review Reports
    248. Packet Capture
    249. Data Inputs
    250. User Behavior Analysis
    251. Sentiment Analysis
    252. Security Monitoring
    253. Log Aggregation
    254. Log Collectors
    255. Security Orchestration, Automation, and Response (SOAR)
    256. Chapter Review
    257. Questions
    258. Answers
    259. Chapter 8 Penetration Testing
    260. Penetration Testing
    261. Known Environment
    262. Unknown Environment
    263. Partially Known Environment
    264. Rules of Engagement
    265. Lateral Movement
    266. Privilege Escalation
    267. Persistence
    268. Cleanup
    269. Bug Bounty
    270. Pivoting
    271. Passive and Active Reconnaissance
    272. Drones
    273. War Flying
    274. War Driving
    275. Footprinting
    276. OSINT
    277. Exercise Types
    278. Red Team
    279. Blue Team
    280. White Team
    281. Purple Team
    282. Chapter Review
    283. Questions
    284. Answers
  12. Part II Architecture and Design
    1. Chapter 9 Enterprise Security Architecture
    2. Configuration Management
    3. Diagrams
    4. Baseline Configuration
    5. Standard Naming Conventions
    6. Internet Protocol (IP) Schema
    7. Data Sovereignty
    8. Data Protection
    9. Data Loss Prevention (DLP)
    10. Masking
    11. Encryption
    12. At Rest
    13. In Transit/Motion
    14. In Processing
    15. Tokenization
    16. Rights Management
    17. Geographical Considerations
    18. Response and Recovery Controls
    19. Secure Sockets Layer (SSL)/Transport Layer Security (TLS) Inspection
    20. Hashing
    21. API Considerations
    22. Site Resiliency
    23. Hot Sites
    24. Warm Sites
    25. Cold Sites
    26. Deception and Disruption
    27. Honeypots
    28. Honeyfiles
    29. Honeynets
    30. Fake Telemetry
    31. DNS Sinkhole
    32. Chapter Review
    33. Questions
    34. Answers
    35. Chapter 10 Virtualization and Cloud Security
    36. Cloud Models
    37. Infrastructure as a Service (IaaS)
    38. Platform as a Service (PaaS)
    39. Software as a Service (SaaS)
    40. Anything as a Service (XaaS)
    41. Level of Control in the Hosting Models
    42. Public
    43. Community
    44. Private
    45. Hybrid
    46. Cloud Service Providers
    47. Managed Service Provider (MSP) / Managed Security Service Provider (MSSP)
    48. On-Premises vs. Off-Premises
    49. Fog Computing
    50. Edge Computing
    51. Thin Client
    52. Containers
    53. Microservices/API
    54. Infrastructure as Code
    55. Software-Defined Networking (SDN)
    56. Software-Defined Visibility (SDV)
    57. Serverless Architecture
    58. Services Integration
    59. Resource Policies
    60. Transit Gateway
    61. Virtualization
    62. Type I
    63. Type II
    64. Virtual Machine (VM) Sprawl Avoidance
    65. VM Escape Protection
    66. Chapter Review
    67. Questions
    68. Answers
    69. Chapter 11 Secure Application Development, Deployment, and Automation Concepts
    70. Environment
    71. Development
    72. Test
    73. Staging
    74. Production
    75. Quality Assurance (QA)
    76. Provisioning and Deprovisioning
    77. Integrity Measurement
    78. Secure Coding Techniques
    79. Normalization
    80. Stored Procedures
    81. Obfuscation/Camouflage
    82. Code Reuse and Dead Code
    83. Server-Side vs. Client-Side Execution and Validation
    84. Memory Management
    85. Use of Third-Party Libraries and Software Development Kits (SDKs)
    86. Data Exposure
    87. Open Web Application Security Project (OWASP)
    88. Software Diversity
    89. Compilers
    90. Binaries
    91. Automation/Scripting
    92. Automated Courses of Action
    93. Continuous Monitoring
    94. Continuous Validation
    95. Continuous Integration
    96. Continuous Delivery
    97. Continuous Deployment
    98. Elasticity
    99. Scalability
    100. Version Control
    101. Chapter Review
    102. Questions
    103. Answers
    104. Chapter 12 Authentication and Authorization
    105. Authentication Methods
    106. Directory Services
    107. Federation
    108. Attestation
    109. Technologies
    110. Smart Card Authentication
    111. Biometrics
    112. Fingerprint
    113. Retina
    114. Iris
    115. Facial
    116. Voice
    117. Vein
    118. Gait Analysis
    119. Efficacy Rates
    120. False Acceptance
    121. False Rejection
    122. Crossover Error Rate
    123. Multifactor Authentication (MFA) Factors and Attributes
    124. Factors
    125. Attributes
    126. Authentication, Authorization, and Accounting (AAA)
    127. Cloud vs. On-premises Requirements
    128. Chapter Review
    129. Questions
    130. Answers
    131. Chapter 13 Cybersecurity Resilience
    132. Redundancy
    133. Geographic Dispersal
    134. Disk
    135. Network
    136. Power
    137. Replication
    138. Storage Area Network (SAN)
    139. VM
    140. On-premises vs. Cloud
    141. Backup Types
    142. Full
    143. Incremental
    144. Snapshot
    145. Differential
    146. Tape
    147. Disk
    148. Copy
    149. Network Attached Storage (NAS)
    150. Storage Area Network (SAN)
    151. Cloud
    152. Image
    153. Online vs. Offline
    154. Distance Considerations
    155. Nonpersistence
    156. Revert to Known State
    157. Last Known-Good Configuration
    158. Live Boot Media
    159. High Availability
    160. Scalability
    161. Restoration Order
    162. Diversity
    163. Technologies
    164. Vendors
    165. Crypto
    166. Controls
    167. Chapter Review
    168. Questions
    169. Answers
    170. Chapter 14 Embedded and Specialized Systems
    171. Embedded Systems
    172. Raspberry Pi
    173. Field Programmable Gate Arrays (FPGAs)
    174. Arduino
    175. Supervisory Control and Data Acquisition (SCADA) / Industrial Control System (ICS)
    176. Facilities
    177. Industrial
    178. Manufacturing
    179. Energy
    180. Logistics
    181. Internet of Things (IoT)
    182. Sensors
    183. Smart Devices
    184. Wearables
    185. Facility Automation
    186. Weak Defaults
    187. Specialized Systems
    188. Medical Systems
    189. Vehicle Systems
    190. Aircraft Systems
    191. Smart Meters
    192. Voice over IP (VoIP)
    193. Heating, Ventilation, Air Conditioning (HVAC)
    194. Drones
    195. Multifunction Printers (MFPs)
    196. Real-time Operating Systems (RTOSs)
    197. Surveillance Systems
    198. System on a Chip (SoC)
    199. Communication Considerations
    200. 5G
    201. Narrow-Band Radio
    202. Baseband Radio
    203. Subscriber Identity Module (SIM) Cards
    204. Zigbee
    205. Constraints
    206. Power
    207. Compute
    208. Network
    209. Cryptographic Functions
    210. Inability to Patch
    211. Authentication
    212. Range
    213. Cost
    214. Implied Trust
    215. Chapter Review
    216. Questions
    217. Answers
    218. Chapter 15 Physical Security Controls
    219. Bollards/Barricades
    220. Access Control Vestibules
    221. Badges
    222. Alarms
    223. Signage
    224. Cameras
    225. Motion Recognition
    226. Object Detection
    227. Closed-Circuit Television (CCTV)
    228. Industrial Camouflage
    229. Personnel
    230. Guards
    231. Robot Sentries
    232. Reception
    233. Two-Person Integrity/Control
    234. Locks
    235. Biometrics
    236. Electronic
    237. Physical
    238. Cable Locks
    239. USB Data Blocker
    240. Lighting
    241. Fencing
    242. Fire Suppression
    243. Sensors
    244. Motion Detection
    245. Noise Detection
    246. Proximity Reader
    247. Moisture Detection
    248. Cards
    249. Temperature
    250. Drones
    251. Visitor Logs
    252. Faraday Cages
    253. Air Gap
    254. Screened Subnet
    255. Protected Cable Distribution
    256. Secure Areas
    257. Air Gap
    258. Vault
    259. Safe
    260. Hot and Cold Aisles
    261. Secure Data Destruction
    262. Burning
    263. Shredding
    264. Pulping
    265. Pulverizing
    266. Degaussing
    267. Purging
    268. Third-Party Solutions
    269. Chapter Review
    270. Questions
    271. Answers
    272. Chapter 16 Cryptographic Concepts
    273. General Cryptographic Concepts
    274. Fundamental Methods
    275. Digital Signatures
    276. Key Length
    277. Key Stretching
    278. Salting
    279. Hashing
    280. Key Exchange
    281. Elliptic Curve Cryptography
    282. Perfect Forward Secrecy
    283. Quantum Cryptography
    284. Post-Quantum Era
    285. Ephemeral Keys
    286. Modes of Operation
    287. Authenticated
    288. Counter
    289. Unauthenticated
    290. Blockchain
    291. Cipher Suites
    292. Block
    293. Stream
    294. Symmetric vs. Asymmetric
    295. Lightweight Cryptography
    296. Steganography
    297. Homomorphic Encryption
    298. Common Use Cases
    299. Low-Power Devices
    300. Low-Latency Operations
    301. High-Resiliency Systems
    302. Support for Confidentiality
    303. Support for Integrity
    304. Support for Obfuscation
    305. Supporting Authentication
    306. Support for Nonrepudiation
    307. Limitations
    308. Speed
    309. Size
    310. Weak Keys
    311. Time
    312. Longevity
    313. Predictability
    314. Reuse
    315. Entropy
    316. Computational Overhead
    317. Resource vs. Security Constraints
    318. Weak/Deprecated Algorithms
    319. Chapter Review
    320. Questions
    321. Answers
  13. Part III Implementation
    1. Chapter 17 Secure Protocols
    2. Protocols
    3. Domain Name System Security Extensions (DNSSEC)
    4. SSH
    5. Secure/Multipurpose Internet Mail Extensions (S/MIME)
    6. Secure Real-time Transport Protocol (SRTP)
    7. Lightweight Directory Access Protocol over SSL (LDAPS)
    8. File Transfer Protocol, Secure (FTPS)
    9. SSH File Transfer Protocol (SFTP)
    10. Simple Network Management Protocol, Version 3 (SNMPv3)
    11. Hypertext Transfer Protocol over SSL/TLS (HTTPS)
    12. IPSec
    13. Post Office Protocol (POP) / Internet Message Access Protocol (IMAP)
    14. Use Cases
    15. Voice and Video
    16. Time Synchronization
    17. E-mail and Web
    18. File Transfer
    19. Directory Services
    20. Remote Access
    21. Domain Name Resolution
    22. Routing and Switching
    23. Network Address Allocation
    24. Subscription Services
    25. Chapter Review
    26. Questions
    27. Answers
    28. Chapter 18 Host and Application Security
    29. Endpoint Protection
    30. Antivirus
    31. Anti-Malware
    32. Endpoint Detection and Response (EDR)
    33. DLP
    34. Next-Generation Firewall (NGFW)
    35. Host-based Intrusion Detection System (HIDS)
    36. Host-based Intrusion Prevention System (HIPS)
    37. Host-based Firewall
    38. Boot Integrity
    39. Boot Security/Unified Extensible Firmware Interface (UEFI)
    40. Measured Boot
    41. Boot Attestation
    42. Database
    43. Tokenization
    44. Salting
    45. Hashing
    46. Application Security
    47. Input Validations
    48. Secure Cookies
    49. Hypertext Transfer Protocol (HTTP) Headers
    50. Code Signing
    51. Allow List
    52. Block List/Deny List
    53. Secure Coding Practices
    54. Static Code Analysis
    55. Dynamic Code Analysis
    56. Fuzzing
    57. Hardening
    58. Open Ports and Services
    59. Registry
    60. Disk Encryption
    61. OS
    62. Patch Management
    63. Third-Party Updates
    64. Auto-Update
    65. Self-Encrypting Drive (SED)/Full Disk Encryption (FDE)
    66. Opal
    67. Hardware Root of Trust
    68. Trusted Platform Module (TPM)
    69. Sandboxing
    70. Chapter Review
    71. Questions
    72. Answers
    73. Chapter 19 Secure Network Design
    74. Load Balancing
    75. Active/Active
    76. Active/Passive
    77. Scheduling
    78. Virtual IP
    79. Persistence
    80. Network Segmentation
    81. Virtual Local Area Network (VLAN)
    82. Screened Subnet (Previously Known as Demilitarized Zone)
    83. East-West Traffic
    84. Extranet
    85. Intranet
    86. Zero Trust
    87. Virtual Private Network (VPN)
    88. Always On
    89. Split Tunnel vs. Full Tunnel
    90. Remote Access vs. Site-to-Site
    91. IPSec
    92. SSL/TLS
    93. HTML5
    94. Layer 2 Tunneling Protocol (L2TP)
    95. DNS
    96. Network Access Control (NAC)
    97. Agent and Agentless
    98. Out-of-Band Management
    99. Port Security
    100. Broadcast Storm Prevention
    101. Bridge Protocol Data Unit (BPDU) Guard
    102. Loop Prevention
    103. Dynamic Host Configuration Protocol (DHCP) Snooping
    104. Media Access Control (MAC) Filtering
    105. Network Appliances
    106. Jump Servers
    107. Proxy Servers
    108. Network-based Intrusion Detection System (NIDS)/Network-based Intrusion Prevention System (NIPS)
    109. HSM
    110. Sensors
    111. Collectors
    112. Aggregators
    113. Firewalls
    114. Access Control List (ACL)
    115. Route Security
    116. Quality of Service (QoS)
    117. Implications of IPv6
    118. Port Spanning/Port Mirroring
    119. Port Taps
    120. Monitoring Services
    121. File Integrity Monitors
    122. Chapter Review
    123. Questions
    124. Answers
    125. Chapter 20 Wireless Security
    126. Cryptographic Protocols
    127. Wi-Fi Protected Access 2 (WPA2)
    128. Wi-Fi Protected Access 3 (WPA3)
    129. Counter Mode/CBC-MAC Protocol (CCMP)
    130. Simultaneous Authentication of Equals (SAE)
    131. Authentication Protocols
    132. Extensible Authentication Protocol (EAP)
    133. Protected Extensible Authentication Protocol (PEAP)
    134. EAP-FAST
    135. EAP-TLS
    136. EAP-TTLS
    137. IEEE 802.1X
    138. Remote Authentication Dial-in User Service (RADIUS) Federation
    139. Methods
    140. Pre-shared Key (PSK) vs. Enterprise vs. Open
    141. Wi-Fi Protected Setup (WPS)
    142. Captive Portals
    143. Installation Considerations
    144. Site Surveys
    145. Heat Maps
    146. Wi-Fi Analyzers
    147. Channel Overlays
    148. Wireless Access Point (WAP) Placement
    149. Controller and Access Point Security
    150. Chapter Review
    151. Questions
    152. Answers
    153. Chapter 21 Secure Mobile Solutions
    154. Connection Methods and Receivers
    155. Cellular
    156. Wi-Fi
    157. Bluetooth
    158. NFC
    159. Infrared
    160. USB
    161. Point-to-Point
    162. Point-to-Multipoint
    163. Global Positioning System (GPS)
    164. RFID
    165. Mobile Device Management (MDM)
    166. Application Management
    167. Content Management
    168. Remote Wipe
    169. Geofencing
    170. Geolocation
    171. Screen Locks
    172. Push Notification Services
    173. Passwords and PINs
    174. Biometrics
    175. Context-Aware Authentication
    176. Containerization
    177. Storage Segmentation
    178. Full Device Encryption
    179. Mobile Devices
    180. MicroSD Hardware Security Module (HSM)
    181. MDM/Unified Endpoint Management (UEM)
    182. Mobile Application Management (MAM)
    183. SEAndroid
    184. Enforcement and Monitoring
    185. Third-Party Application Stores
    186. Rooting/Jailbreaking
    187. Sideloading
    188. Custom Firmware
    189. Carrier Unlocking
    190. Firmware OTA Updates
    191. Camera Use
    192. SMS/Multimedia Message Service (MMS)/Rich Communication Services (RCS)
    193. External Media
    194. USB On-The-Go (USB OTG)
    195. Recording Microphone
    196. GPS Tagging
    197. Wi-Fi Direct/Ad Hoc
    198. Tethering
    199. Hotspot
    200. Payment Methods
    201. Deployment Models
    202. Bring Your Own Device (BYOD)
    203. Corporate-Owned, Personally Enabled (COPE)
    204. Choose Your Own Device (CYOD)
    205. Corporate-Owned
    206. Virtual Desktop Infrastructure (VDI)
    207. Chapter Review
    208. Questions
    209. Answers
    210. Chapter 22 Implementing Cloud Security
    211. Cloud Security Controls
    212. High Availability Across Zones
    213. Resource Policies
    214. Secrets Management
    215. Integration and Auditing
    216. Storage
    217. Network
    218. Compute
    219. Solutions
    220. CASB
    221. Application Security
    222. Next-Generation Secure Web Gateway (SWG)
    223. Firewall Considerations in a Cloud Environment
    224. Cloud-Native Controls vs. Third-Party Solutions
    225. Chapter Review
    226. Questions
    227. Answers
    228. Chapter 23 Identity and Account Management Controls
    229. Identity
    230. Identity Provider (IdP)
    231. Attributes
    232. Certificates
    233. Tokens
    234. SSH Keys
    235. Smart Cards
    236. Account Types
    237. User Account
    238. Shared and Generic Accounts/Credentials
    239. Guest Accounts
    240. Service Accounts
    241. Account Policies
    242. Password Complexity
    243. Password History
    244. Password Reuse
    245. Time of Day
    246. Network Location
    247. Geofencing
    248. Geotagging
    249. Geolocation
    250. Time-based Logins
    251. Access Policies
    252. Account Permissions
    253. Account Audits
    254. Impossible Travel Time/Risky Login
    255. Lockout
    256. Disablement
    257. Chapter Review
    258. Questions
    259. Answers
    260. Chapter 24 Implement Authentication and Authorization
    261. Authentication Management
    262. Password Keys
    263. Password Vaults
    264. TPM
    265. HSM
    266. Knowledge-based Authentication
    267. Authentication
    268. EAP
    269. Challenge-Handshake Authentication Protocol (CHAP)
    270. Password Authentication Protocol (PAP)
    271. 802.1X
    272. RADIUS
    273. Single Sign-On (SSO)
    274. Security Assertion Markup Language (SAML)
    275. Terminal Access Controller Access Control System Plus (TACACS+)
    276. OAuth
    277. OpenID
    278. Kerberos
    279. Access Control Schemes
    280. Attribute-Based Access Control (ABAC)
    281. Role-Based Access Control
    282. Rule-Based Access Control
    283. MAC
    284. Discretionary Access Control (DAC)
    285. Conditional Access
    286. Privileged Access Management
    287. File System Permissions
    288. Chapter Review
    289. Questions
    290. Answers
    291. Chapter 25 Public Key Infrastructure
    292. Public Key Infrastructure (PKI)
    293. Key Management
    294. Certificate Authority (CA)
    295. Intermediate CA
    296. Registration Authority (RA)
    297. Certificate Revocation List (CRL)
    298. Certificate Attributes
    299. Online Certificate Status Protocol (OCSP)
    300. Certificate Signing Request (CSR)
    301. CN
    302. Subject Alternative Name (SAN)
    303. Expiration
    304. Types of Certificates
    305. Wildcard Certificates
    306. Subject Alternative NameSAN
    307. Code-Signing Certificates
    308. Self-Signed Certificates
    309. Machine/Computer
    310. E-mail
    311. User
    312. Root
    313. Domain Validation
    314. Extended Validation
    315. Certificate Formats
    316. KEY
    317. Distinguished Encoding Rules (DER)
    318. Privacy-Enhanced Mail (PEM)
    319. Personal Information Exchange (PFX)
    320. CER
    321. P12
    322. P7B
    323. Concepts
    324. Online vs. Offline CA
    325. Stapling
    326. Pinning
    327. Trust Model
    328. Key Escrow
    329. Certificate Chaining
    330. Chapter Review
    331. Questions
    332. Answers
  14. Part IV Operations and Incident Response
    1. Chapter 26 Tools/Assess Organizational Security
    2. Network Reconnaissance and Discovery
    3. tracert/traceroute
    4. nslookup/dig
    5. ipconfig/ifconfig
    6. nmap
    7. ping/pathping
    8. hping
    9. netstat
    10. netcat
    11. IP Scanners
    12. arp
    13. route
    14. curl
    15. theHarvester
    16. sn1per
    17. scanless
    18. dnsenum
    19. Nessus
    20. Cuckoo
    21. File Manipulation
    22. head
    23. tail
    24. cat
    25. grep
    26. chmod
    27. logger
    28. Shell and Script Environments
    29. SSH
    30. PowerShell
    31. Python
    32. OpenSSL
    33. Packet Capture and Replay
    34. Tcpreplay
    35. Tcpdump
    36. Wireshark
    37. Forensics
    38. dd
    39. memdump
    40. WinHex
    41. FTK Imager
    42. Autopsy
    43. Exploitation Frameworks
    44. Password Crackers
    45. Data Sanitization
    46. Chapter Review
    47. Questions
    48. Answers
    49. Chapter 27 Incident Response Policies, Processes, and Procedures
    50. Incident Response Plans
    51. Incident Response Process
    52. Preparation
    53. Identification
    54. Containment
    55. Eradication
    56. Recovery
    57. Lessons Learned
    58. Exercises
    59. Tabletop
    60. Walkthroughs
    61. Simulations
    62. Attack Frameworks
    63. MITRE ATT&CK
    64. The Diamond Model of Intrusion Analysis
    65. Cyber Kill Chain
    66. Stakeholder Management
    67. Communication Plan
    68. Disaster Recovery Plan
    69. Business Continuity Plan
    70. Continuity of Operation Planning (COOP)
    71. Incident Response Team
    72. Retention Policies
    73. Chapter Review
    74. Questions
    75. Answers
    76. Chapter 28 Investigations
    77. Vulnerability Scan Output
    78. SIEM Dashboards
    79. Sensor
    80. Sensitivity
    81. Trends
    82. Alerts
    83. Correlation
    84. Log Files
    85. Network
    86. System
    87. Application
    88. Security
    89. Web
    90. DNS
    91. Authentication
    92. Dump Files
    93. VoIP and Call Managers
    94. Session Initiation Protocol (SIP) Traffic
    95. Syslog/Rsyslog/Syslog-ng
    96. Journalctl
    97. NXLog
    98. Bandwidth Monitors
    99. Metadata
    100. E-Mail
    101. Mobile
    102. Web
    103. File
    104. NetFlow/sFlow
    105. IPFIX
    106. Protocol Analyzer Output
    107. Chapter Review
    108. Questions
    109. Answers
    110. Chapter 29 Mitigation Techniques and Controls
    111. Reconfigure Endpoint Security Solutions
    112. Application Approved List
    113. Application Blocklist/Deny List
    114. Quarantine
    115. Configuration Changes
    116. Firewall Rules
    117. MDM
    118. DLP
    119. Content Filter/URL Filter
    120. Update or Revoke Certificates
    121. Isolation
    122. Containment
    123. Segmentation
    124. Secure Orchestration, Automation, and Response (SOAR)
    125. Runbooks
    126. Playbooks
    127. Chapter Review
    128. Questions
    129. Answers
    130. Chapter 30 Digital Forensics
    131. Documentation/Evidence
    132. Legal Hold
    133. Video
    134. Admissibility
    135. Chain of Custody
    136. Timelines of Sequence of Events
    137. Tags
    138. Reports
    139. Event Logs
    140. Interviews
    141. Acquisition
    142. Order of Volatility
    143. Disk
    144. Random-Access Memory (RAM)
    145. Swap/Pagefile
    146. Operating System (OS)
    147. Device
    148. Firmware
    149. Snapshot
    150. Cache
    151. Network
    152. Artifacts
    153. On-premises vs. Cloud
    154. Right to Audit Clauses
    155. Regulatory/Jurisdiction
    156. Data Breach Notification Laws
    157. Integrity
    158. Hashing
    159. Checksums
    160. Provenance
    161. Preservation
    162. E-Discovery
    163. Data Recovery
    164. Nonrepudiation
    165. Strategic Intelligence/Counterintelligence
    166. Chapter Review
    167. Questions
    168. Answers
  15. Part V Governance, Risk, and Compliance
    1. Chapter 31 Security Controls
    2. Security Controls
    3. Categories
    4. Managerial
    5. Operational
    6. Technical
    7. Control Types
    8. Preventative
    9. Detective
    10. Corrective
    11. Deterrent
    12. Compensating
    13. Physical
    14. Chapter Review
    15. Questions
    16. Answers
    17. Chapter 32 Regulations, Standards, and Frameworks
    18. Regulations, Standards, and Legislation
    19. General Data Protection Regulation (GDPR)
    20. National, Territory, or State Laws
    21. Payment Card Industry Data Security Standard (PCI DSS)
    22. Key Frameworks
    23. Center for Internet Security (CIS)
    24. National Institute of Standards and Technology (NIST) Risk Management Framework (RMF)/Cybersecurity Framework (CSF)
    25. International Organization for Standardization (ISO) 27001/27002/27701/31000
    26. SSAE SOC 2 Type I/II
    27. Cloud Security Alliance
    28. Benchmarks and Secure Configuration Guides
    29. Platform/Vendor-Specific Guides
    30. Chapter Review
    31. Questions
    32. Answers
    33. Chapter 33 Organizational Policies
    34. Personnel
    35. Acceptable Use Policy
    36. Job Rotation
    37. Mandatory Vacation
    38. Separation of Duties
    39. Least Privilege
    40. Clean Desk Space
    41. Background Checks
    42. Nondisclosure Agreement (NDA)
    43. Social Media Analysis
    44. Onboarding
    45. Offboarding
    46. User Training
    47. Diversity of Training Techniques
    48. Third-Party Risk Management
    49. Vendors
    50. Supply Chain
    51. Business Partners
    52. Service Level Agreement (SLA)
    53. Memorandum of Understanding (MOU)
    54. Measurement Systems Analysis (MSA)
    55. Business Partnership Agreement (BPA)
    56. End of Life (EOL)
    57. End of Service Life (EOSL)
    58. NDA
    59. Data
    60. Classification
    61. Governance
    62. Retention
    63. Credential Policies
    64. Personnel
    65. Third Party
    66. Devices
    67. Service Accounts
    68. Administrator/Root Accounts
    69. Organizational Policies
    70. Change Management
    71. Change Control
    72. Asset Management
    73. Chapter Review
    74. Questions
    75. Answers
    76. Chapter 34 Risk Management
    77. Risk Types
    78. External
    79. Internal
    80. Legacy Systems
    81. Multiparty
    82. IP Theft
    83. Software Compliance/Licensing
    84. Risk Management Strategies
    85. Acceptance
    86. Avoidance
    87. Transference
    88. Mitigation
    89. Risk Analysis
    90. Risk Register
    91. Risk Matrix/Heat Map
    92. Risk Control Assessment
    93. Risk Control Self-Assessment
    94. Risk Awareness
    95. Inherent Risk
    96. Residual Risk
    97. Control Risk
    98. Risk Appetite
    99. Regulations That Affect Risk Posture
    100. Risk Assessment Types
    101. Likelihood of Occurrence
    102. Impact
    103. Asset Value
    104. Single-Loss Expectancy (SLE)
    105. Annualized Loss Expectancy (ALE)
    106. Annualized Rate of Occurrence (ARO)
    107. Disasters
    108. Environmental
    109. Person-made
    110. Internal vs. External
    111. Business Impact Analysis
    112. Recovery Time Objective (RTO)
    113. Recovery Point Objective (RPO)
    114. Mean Time to Repair (MTTR)
    115. Mean Time Between Failures (MTBF)
    116. Functional Recovery Plans
    117. Single Point of Failure
    118. Disaster Recovery Plan (DRP)
    119. Mission-Essential Functions
    120. Identification of Critical Systems
    121. Site Risk Assessment
    122. Chapter Review
    123. Questions
    124. Answers
    125. Chapter 35 Privacy
    126. Organizational Consequences of Privacy Breaches
    127. Reputation Damage
    128. Identity Theft
    129. Fines
    130. IP Theft
    131. Notifications of Breaches
    132. Escalation
    133. Public Notifications and Disclosures
    134. Data Types
    135. Classifications
    136. Personally Identifiable Information (PII)
    137. Privacy-Enhancing Technologies
    138. Data Minimization
    139. Data Masking
    140. Tokenization
    141. Anonymization
    142. Pseudo-Anonymization
    143. Roles and Responsibilities
    144. Data Owners
    145. Data Controller
    146. Data Processor
    147. Data Custodian/Steward
    148. Data Privacy Officer (DPO)
    149. Information Lifecycle
    150. Impact Assessment
    151. Terms of Agreement
    152. Privacy Notice
    153. Chapter Review
    154. Questions
    155. Answers
  16. Part VI Appendixes and Glossary
    1. Appendix A OSI Model and Internet Protocols
    2. Appendix B About the Online Content
  17. Glossary
  18. Index
34.204.196.206