0%

This fully updated self-study guide offers 100% coverage of every objective on the CompTIA Security+ exam

With hundreds of practice exam questions, including difficult performance-based questions, CompTIA Security+™ Certification Study Guide, Fourth Edition covers what you need to know—and shows you how to prepare—for this challenging exam.

  • 100% complete coverage of all official objectives for exam SY0-601
  • Exam Watch notes call attention to information about, and potential pitfalls in, the exam
  • Inside the Exam sections in every chapter highlight key exam topics covered
  • Two-Minute Drills for quick review at the end of every chapter
  • Simulated exam questions—including performance-based questions—match the format, topics, and difficulty of the real exam
Covers all exam topics, including:
    Networking Basics and Terminology • Security Terminology • Security Policies and Standards • Types of Attacks • Vulnerabilities and Threats • Mitigating Security Threats • Implementing Host-Based Security • Securing the Network Infrastructure • Wireless Networking and Security • Authentication • Authorization and Access Control • Cryptography • Managing a Public Key Infrastructure • Physical Security • Application Attacks and Security • Virtualization and Cloud Security • Risk Analysis • Disaster Recovery and Business Continuity • Monitoring and Auditing • Security Assessments and Audits • Incident Response and Computer Forensics
Online Content Includes:
  • 50+ lab exercises and solutions in PDF format
  • Complete practice exams and quizzes customizable by domain or chapter
  • 4+ hours of video training from the author
  • 12+ performance-based question simulations
  • Glossary and Exam Readiness Checklist in PDF format

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright Page
  4. Dedication
  5. About the Author
  6. Contents at a Glance
  7. Contents
  8. Preface
  9. Acknowledgments
  10. Introduction
  11. 1 Networking Basics and Terminology
    1. Understanding Network Devices and Cabling
    2. Looking at Network Devices
    3. Understanding Network Cabling
    4. Exercise 1-1: Reviewing Networking Components
    5. Understanding TCP/IP
    6. Reviewing IP Addressing
    7. Exercise 1-2: Understanding Valid Addresses
    8. Understanding TCP/IP Protocols
    9. Exercise 1-3: Viewing Protocol Information with Wireshark
    10. Understanding Application Layer Protocols
    11. Understanding IPv6
    12. Exercise 1-4: Identifying Protocols in TCP/IP
    13. Network Security Best Practices
    14. Device Usage
    15. Cable and Protocol Usage
    16. Certification Summary
    17. Two-Minute Drill
    18. Q&A Self Test
    19. Self Test Answers
  12. 2 Introduction to Security Terminology
    1. Goals of Information Security
    2. Confidentiality
    3. Integrity
    4. Availability
    5. Accountability
    6. Exercise 2-1: CIA Scenarios
    7. Understanding Authentication and Authorization
    8. Identification and Authentication
    9. Authorization
    10. Understanding Security Principles and Terminology
    11. Types of Security
    12. Least Privilege, Separation of Duties, and Rotation of Duties
    13. Concept of Need to Know
    14. Layered Security and Diversity of Defense
    15. Due Care and Due Diligence
    16. Vulnerability and Exploit
    17. Threat Actors
    18. Threat Vectors
    19. Threat Intelligence Sources
    20. Research Sources
    21. Looking at Security Roles and Responsibilities
    22. System Owner and Data Owner
    23. Data Controller and Data Processor
    24. System Administrator
    25. User
    26. Privileged User
    27. Executive User
    28. Data Roles and Responsibilities
    29. Security Officer
    30. Exercise 2-2: Security Terminology
    31. Certification Summary
    32. Two-Minute Drill
    33. Q&A Self Test
    34. Self Test Answers
  13. 3 Security Policies and Standards
    1. Introduction to Security Policies
    2. Structure of a Policy
    3. Identifying Types of Policies
    4. General Security Policies
    5. Policies Affecting Users
    6. Policies Affecting Personnel Management
    7. Policies Affecting Administrators
    8. Exercise 3-1: Reviewing a Security Policy
    9. Policies Affecting Management
    10. Other Popular Policies
    11. Human Resources Policies
    12. Hiring Policy
    13. Termination Policy
    14. Mandatory Vacations
    15. Security-Related HR Policies
    16. Exercise 3-2: Creating a Security Policy
    17. User Education and Awareness
    18. General Training and Role-Based Training
    19. User Habits
    20. New Threats and Security Trends
    21. Use of Social Networks and P2P Programs
    22. Training Metrics and Follow-Up
    23. Exercise 3-3: Designing a Training Program
    24. Importance of Policies to Organization Security
    25. Privacy and Sensitive Data Concepts
    26. Regulations and Standards
    27. Regulations, Standards, and Legislation
    28. Frameworks and Security Guides
    29. Benchmark/Secure Configuration Guides
    30. Certification Summary
    31. Two-Minute Drill
    32. Q&A Self Test
    33. Self Test Answers
  14. 4 Types of Attacks
    1. Understanding Social Engineering
    2. Social Engineering Overview
    3. Popular Social Engineering Attacks
    4. Physical Attacks
    5. Adversarial Artificial Intelligence
    6. Supply-Chain Attacks
    7. Cloud-Based vs. On-Premises Attacks
    8. Reasons for Effectiveness
    9. Preventing Social Engineering Attacks
    10. Identifying Network Attacks
    11. Popular Network Attacks
    12. Exercise 4-1: DNS Poisoning After Exploit Using Kali Linux
    13. Exercise 4-2: Performing a Port Scan
    14. Other Network Attacks
    15. Malicious Code or Script Execution
    16. Preventing Network Attacks
    17. Looking at Password Attacks
    18. Types of Password Attacks
    19. Cryptographic Attacks and Concepts
    20. Online vs. Offline Attacks
    21. Other Password Attack Terms
    22. Preventing Password Attacks
    23. Certification Summary
    24. Two-Minute Drill
    25. Q&A Self Test
    26. Self Test Answers
  15. 5 Vulnerabilities and Threats
    1. Security Concerns with Vulnerabilities
    2. Reasons for Vulnerable Systems
    3. Understanding the Impact of Vulnerabilities
    4. Common Security Issues and Device Output
    5. Exercise 5-1: Removable Media Control
    6. Cloud-Based vs. On-Premises Vulnerabilities
    7. Identifying Physical Threats
    8. Snooping
    9. Theft and Loss of Assets
    10. Human Error
    11. Sabotage
    12. Looking at Malicious Software
    13. Privilege Escalation
    14. Viruses
    15. Other Malicious Software
    16. Protecting Against Malicious Software
    17. Threats Against Hardware
    18. BIOS Settings
    19. USB Devices
    20. Smart Phones and Tablets
    21. Exercise 5-2: Exploiting a Bluetooth Device
    22. Removable Storage
    23. Network Attached Storage
    24. PBX
    25. Security Risks with Embedded and Specialized Systems
    26. Certification Summary
    27. Two-Minute Drill
    28. Q&A Self Test
    29. Self Test Answers
  16. 6 Mitigating Security Threats
    1. Understanding Operating System Hardening
    2. Uninstall Unnecessary Software
    3. Disable Unnecessary Services
    4. Exercise 6-1: Disabling the Remote Desktop Services Service
    5. Protect Management Interfaces and Applications
    6. Disable Unnecessary Accounts
    7. Patch Management
    8. Password Protection
    9. Registry Hardening
    10. Disk Encryption
    11. System Hardening Procedures
    12. Network Security Hardening
    13. Exercise 6-2: Hardening a Network Switch
    14. Tools for System Hardening
    15. Exercise 6-3: Creating a Security Template
    16. Security Posture and Reporting
    17. Server Hardening Best Practices
    18. All Servers
    19. HTTP Servers
    20. DNS Servers
    21. Exercise 6-4: Limiting DNS Zone Transfers
    22. DHCP Servers
    23. SMTP Servers and FTP Servers
    24. Common Mitigation Strategies
    25. Certification Summary
    26. Two-Minute Drill
    27. Q&A Self Test
    28. Self Test Answers
  17. 7 Implementing Host-Based Security
    1. Host and Application Security Solutions
    2. Endpoint Protection
    3. Boot Integrity
    4. Database
    5. Implementing Host-Based Firewalls and HIDS
    6. Host-Based Firewalls
    7. Exercise 7-1: Configuring TCP Wrappers in Linux
    8. Host-Based IDS and Host-Based IPS
    9. Protecting Against Malware
    10. Patch Management
    11. Using Antivirus and Anti-Spam Software
    12. Spyware and Adware
    13. Phish Filters and Pop-Up Blockers
    14. Exercise 7-2: Manually Testing a Web Site for Phishing
    15. Practicing Good Habits
    16. Device Security and Data Security
    17. Hardware Security
    18. Mobile Device Security
    19. Data Security
    20. Exercise 7-3: Configuring Permissions in Windows 10
    21. Application Security and BYOD Concerns
    22. Secure System Design
    23. Secure Staging Deployment
    24. Certification Summary
    25. Two-Minute Drill
    26. Q&A Self Test
    27. Self Test Answers
  18. 8 Securing the Network Infrastructure
    1. Understanding Firewalls
    2. Firewalls
    3. Using IPTables as a Firewall
    4. Exercise 8-1: Configuring IPTables in Linux
    5. Using Firewall Features on a Home Router
    6. NAT and Ad Hoc Networking
    7. Proxy Servers
    8. Routers and ACLs
    9. Other Security Devices and Technologies
    10. Using Intrusion Detection Systems
    11. IDS Overview
    12. Exercise 8-2: Using Snort: A Network-Based IDS
    13. Deception and Disruption
    14. Protocol Analyzers
    15. Network Design and Administration Principles
    16. Network Segmentation
    17. Network Switches
    18. Network Address Translation
    19. Network Access Control
    20. Data Protection
    21. Data Sovereignty
    22. Mail Gateway
    23. Network Communication Encryption
    24. API Considerations
    25. Network Administration Principles
    26. Business Connectivity Considerations
    27. Placement of Security Devices and Network Appliances
    28. Configuration Management
    29. Securing Devices
    30. Certification Summary
    31. Two-Minute Drill
    32. Q&A Self Test
    33. Self Test Answers
  19. 9 Wireless Networking and Security
    1. Understanding Wireless Networking
    2. Standards
    3. Channels
    4. Antenna Types
    5. Authentication and Encryption
    6. Securing a Wireless Network
    7. Security Best Practices
    8. Vulnerabilities with Wireless Networks
    9. Exercise 9-1: Cracking WEP with Kali Linux
    10. Installation Considerations
    11. Configuring a Wireless Network
    12. Configuring the Access Point
    13. Configuring the Client
    14. Other Wireless Technologies
    15. Infrared
    16. Bluetooth
    17. Near Field Communication
    18. RFID
    19. Certification Summary
    20. Two-Minute Drill
    21. Q&A Self Test
    22. Self Test Answers
  20. 10 Authentication
    1. Identifying Authentication Models
    2. Authentication Terminology
    3. Authentication Methods and Technologies
    4. Multifactor Authentication Factors and Attributes
    5. Exercise 10-1: Configuring MFA in Outlook Web Mail
    6. Authentication Management
    7. Single Sign-On
    8. Cloud vs. On-Premises Requirements
    9. Authentication Protocols
    10. Windows Authentication Protocols
    11. Common Authentication Protocols
    12. Authentication Services
    13. Implementing Authentication
    14. User Accounts
    15. Tokens
    16. Looking at Biometrics
    17. Certificate-Based Authentication
    18. Claims-Based Authentication/Federation Services
    19. Certification Summary
    20. Two-Minute Drill
    21. Q&A Self Test
    22. Self Test Answers
  21. 11 Authorization and Access Control
    1. Introducing Access Control
    2. Types of Security Controls
    3. Implicit Deny
    4. Review of Security Principles/General Concepts
    5. Access Control Schemes
    6. Discretionary Access Control
    7. Mandatory Access Control
    8. Role-Based Access Control
    9. Exercise 11-1: Assigning a User the sysadmin Role
    10. Rule-Based Access Control
    11. Group-Based Access Control
    12. Attribute-Based Access Control
    13. Other Access Control Tools
    14. Implementing Access Control
    15. Identities
    16. Account Types
    17. Using Security Groups
    18. Exercise 11-2: Configuring Security Groups and Assigning Permissions
    19. Rights and Privileges
    20. Exercise 11-3: Modifying User Rights on a Windows System
    21. File System Security and Printer Security
    22. Access Control Lists
    23. Group Policies
    24. Exercise 11-4: Configuring Password Policies via Group Policies
    25. Database Security
    26. Exercise 11-5: Encrypting Sensitive Information in the Database
    27. Account Restrictions
    28. Account Policy Enforcement
    29. Monitoring Account Access
    30. Certification Summary
    31. Two-Minute Drill
    32. Q&A Self Test
    33. Self Test Answers
  22. 12 Introduction to Cryptography
    1. Introduction to Cryptography Services
    2. Understanding Cryptography
    3. Algorithms and Keys
    4. Exercise 12-1: Encrypting Data with the Caesar Cipher
    5. Other Cryptography Terms
    6. Symmetric Encryption
    7. Symmetric Encryption Concepts
    8. Symmetric Encryption Algorithms
    9. Exercise 12-2: Encrypting Data with the AES Algorithm
    10. Asymmetric Encryption
    11. Asymmetric Encryption Concepts
    12. Asymmetric Encryption Algorithms
    13. Quantum Cryptography
    14. In-Band vs. Out-of-Band Key Exchange
    15. Understanding Hashing
    16. Hashing Concepts
    17. Hashing Algorithms
    18. Exercise 12-3: Generating Hashes to Verify Integrity
    19. Identifying Encryption Uses
    20. Common Use Cases
    21. Understanding Limitations
    22. Encrypting Data
    23. Encrypting Communication
    24. Understanding Steganography
    25. Certification Summary
    26. Two-Minute Drill
    27. Q&A Self Test
    28. Self Test Answers
  23. 13 Managing a Public Key Infrastructure
    1. Introduction to Public Key Infrastructure
    2. Understanding PKI Terminology
    3. Certificate Authority and Registration Authority
    4. Repository
    5. Managing a Public Key Infrastructure
    6. Certificate Life Cycle
    7. Certificate Revocation Lists and OCSP
    8. Other PKI Terms
    9. Implementing a Public Key Infrastructure
    10. How SSL/TLS Works
    11. How Digital Signatures Work
    12. Creating a PKI
    13. Exercise 13-1: Installing a Certificate Authority
    14. Exercise 13-2: SSL-Enabling a Web Site
    15. Managing a PKI
    16. Certification Summary
    17. Two-Minute Drill
    18. Q&A Self Test
    19. Self Test Answers
  24. 14 Physical Security
    1. Choosing a Business Location
    2. Facility Concerns
    3. Lighting and Windows
    4. Doors, Windows, and Walls
    5. Safety Concerns
    6. Physical Access Controls
    7. Exercise 14-1: Gaining Access to a System with No Physical Security
    8. Fencing and Personnel
    9. Hardware Locks/Lock Types
    10. Access Systems
    11. Other Physical Security Controls
    12. Physical Access Lists and Logs
    13. Video Surveillance
    14. Types of Sensors
    15. Implementing Environmental Controls
    16. Understanding HVAC
    17. Shielding
    18. Fire Suppression
    19. Certification Summary
    20. Two-Minute Drill
    21. Q&A Self Test
    22. Self Test Answers
  25. 15 Application Attacks and Security
    1. Understanding Application Attacks
    2. Directory Traversal
    3. Exercise 15-1: Exploiting an IIS Web Server with Directory Traversal
    4. Injection Attacks
    5. Exercise 15-2: SQL Injection Attacks
    6. Buffer Overflow Attacks
    7. Cross-Site Scripting
    8. Cross-Site Request Forgery
    9. Pass the Hash
    10. Privilege Escalation
    11. SSL Stripping
    12. Driver Manipulation and Refactoring
    13. Other Application Attacks
    14. Why Application Vulnerabilities Exist
    15. Secure Application Development Concepts
    16. Secure Coding Concepts
    17. Application Environments
    18. Secure Coding Techniques
    19. Application Frameworks and Scripting
    20. Implement Host and Application Security
    21. Host Security
    22. Application Security
    23. Code Quality and Testing
    24. Certification Summary
    25. Two-Minute Drill
    26. Q&A Self Test
    27. Self Test Answers
  26. 16 Virtualization and Cloud Security
    1. Virtualization and Virtualization Security
    2. Introducing Virtualization
    3. Benefits to Virtualization
    4. Hypervisor
    5. Security Issues with Virtualization
    6. Cloud Computing Concepts
    7. Cloud Computing Overview
    8. Cloud Computing Considerations
    9. Resiliency and Automation
    10. Cloud Features
    11. Cybersecurity Solutions for the Cloud
    12. Cloud Security Controls
    13. Cloud Security Solutions
    14. Certification Summary
    15. Two-Minute Drill
    16. Q&A Self Test
    17. Self Test Answers
  27. 17 Risk Analysis
    1. Introduction to Risk Analysis
    2. Risk Analysis Overview
    3. Risk Analysis Process
    4. Tools to Help Analyze Risk
    5. Risk with Cloud Computing and Third Parties
    6. Risk Assessment Types
    7. Qualitative
    8. Exercise 17-1: Performing a Qualitative Risk Analysis
    9. Quantitative
    10. Exercise 17-2: Performing a Quantitative Risk Analysis
    11. Risk Mitigation Strategies
    12. Exercise 17-3: Identifying Mitigation Techniques
    13. Certification Summary
    14. Two-Minute Drill
    15. Q&A Self Test
    16. Self Test Answers
  28. 18 Disaster Recovery and Business Continuity
    1. Introduction to Business Continuity and Disaster Recovery
    2. Introduction to Business Continuity
    3. Understanding Disaster Recovery
    4. Backing Up and Restoring Data: Backup Concepts
    5. Backup Destination Media
    6. Security Considerations with Tapes
    7. Types of Backups
    8. Scheduling Backups
    9. Exercise 18-1: Backing Up and Restoring Data on a Windows Server
    10. Geographic Considerations
    11. Implementing Fault Tolerance
    12. Introducing Redundancy
    13. Nonpersistence and Diversity
    14. Understanding RAID
    15. Exercise 18-2: Configuring RAID 0 on a Windows System
    16. Exercise 18-3: Creating a Mirrored Volume on a Windows Server
    17. Exercise 18-4: Creating a RAID 5 Volume on a Windows Server
    18. Understanding High Availability
    19. Failover Clustering
    20. Network Load Balancing
    21. Redundant Hardware
    22. Certification Summary
    23. Two-Minute Drill
    24. Q&A Self Test
    25. Self Test Answers
  29. 19 Understanding Monitoring and Auditing
    1. Introduction to Monitoring
    2. Monitoring Tools
    3. Useful System Commands
    4. SNMP
    5. Performance Monitor
    6. Protocol Analyzer and Sniffer
    7. Exercise 19-1: Monitoring Network Traffic with Wireshark
    8. Understanding Syslog
    9. Security Information and Event Management
    10. Working with SOAR
    11. Implementing Logging and Auditing
    12. Understanding Auditing
    13. Exercise 19-2: Implementing Auditing in Windows
    14. Understanding Logging
    15. Exercise 19-3: Configuring Logging in IIS
    16. Exercise 19-4: Configuring Windows Firewall
    17. Popular Areas to Audit
    18. Certification Summary
    19. Two-Minute Drill
    20. Q&A Self Test
    21. Self Test Answers
  30. 20 Security Assessments and Audits
    1. Understanding Types of Assessments
    2. Assessment Types
    3. Assessment Techniques
    4. Performing a Security Assessment
    5. Threat Hunting
    6. Vulnerability Scans
    7. Exercise 20-1: Manually Searching CVE for Windows 10 Vulnerabilities
    8. Performing a Penetration Test
    9. Considerations and Techniques Used in a Penetration Test
    10. Understanding the Hacking Process
    11. Exercise 20-2: Profiling an Organization
    12. Exercise 20-3: Using a Port Scanner
    13. Steps to Perform a Penetration Test
    14. Performing a Vulnerability Assessment
    15. Exercise 20-4: Performing a Vulnerability Scan with Nessus
    16. Tools Used to Assess Security
    17. Fundamental Tools
    18. Network Reconnaissance and Discovery
    19. File Manipulation
    20. Shell and Script Environments
    21. Packet Capture and Replay
    22. Other Common Tools
    23. Certification Summary
    24. Two-Minute Drill
    25. Q&A Self Test
    26. Self Test Answers
  31. 21 Incident Response and Computer Forensics
    1. Working with Evidence
    2. Admissibility
    3. Types of Evidence
    4. Collecting Evidence
    5. Collecting Digital Evidence
    6. Understanding the Process
    7. Where to Find Evidence
    8. Tools Used
    9. Exercise 21-1: Using FTK Imager to Capture an Image of a Suspect’s Drive
    10. Exercise 21-2: Using FTK Imager to Create an Image of the Contents of Memory
    11. Exercise 21-3: Using FTK Imager to Locate Deleted Files
    12. Exercise 21-4: Using Autopsy to Investigate the Local Disk
    13. Exercise 21-5: Using FTK Imager to View File Headers
    14. Exercise 21-6: Performing Cell Phone Forensics
    15. Exercise 21-7: Looking at Exif Metadata
    16. On-Premises vs. Cloud
    17. Looking at Incident Response
    18. Incident Response Team
    19. Incident Response Plan
    20. Incident Response Process
    21. First Responders
    22. Damage and Loss Control
    23. Exercises
    24. Policies and Procedures for Incident Response
    25. Data Sources to Support an Investigation
    26. Mitigation Techniques as a Response to an Incident
    27. Certification Summary
    28. Two-Minute Drill
    29. Q&A Self Test
    30. Self Test Answers
  32. A About the Online Content
    1. System Requirements
    2. Your Total Seminars Training Hub Account
    3. Privacy Notice
    4. Single User License Terms and Conditions
    5. TotalTester Online
    6. Pre-Assessment Test
    7. Other Book Resources
    8. Performance-Based Questions
    9. Video Training from the Author
    10. Downloadable Content
    11. Technical Support
  33. Index
3.80.155.163