0%

Fully updated computer security essentials—mapped to the CompTIA Security+ SY0-601 exam

Save 10% on any CompTIA exam voucher! Coupon code inside.

Learn IT security fundamentals while getting complete coverage of the objectives for the latest release of CompTIA Security+ certification exam SY0-601. This thoroughly revised, full-color textbook covers how to secure hardware, systems, and software. It addresses new threats and cloud environments, and provides additional coverage of governance, risk, compliance, and much more. Written by a team of highly respected security educators, Principles of Computer Security: CompTIA Security+™ and Beyond, Sixth Edition (Exam SY0-601) will help you become a CompTIA-certified computer security expert while also preparing you for a successful career.

Find out how to:

  • Ensure operational, organizational, and physical security
  • Use cryptography and public key infrastructures (PKIs)
  • Secure remote access, wireless networks, and virtual private networks (VPNs)
  • Authenticate users and lock down mobile devices
  • Harden network devices, operating systems, and applications
  • Prevent network attacks, such as denial of service, spoofing, hijacking, and password guessing
  • Combat viruses, worms, Trojan horses, and rootkits
  • Manage e-mail, instant messaging, and web security
  • Explore secure software development requirements
  • Implement disaster recovery and business continuity measures
  • Handle computer forensics and incident response
  • Understand legal, ethical, and privacy issues
Online content features:
  • Test engine that provides full-length practice exams and customized quizzes by chapter or exam objective
Each chapter includes:
  • Learning objectives
  • Real-world examples
  • Try This! and Cross Check exercises
  • Tech Tips, Notes, and Warnings
  • Exam Tips
  • End-of-chapter quizzes and lab projects

Table of Contents

  1. Cover
  2. About the Authors
  3. Title Page
  4. Copyright Page
  5. Acknowledgments
  6. About this Book
  7. Contents at a Glance
  8. Contents
  9. Foreword
  10. Preface
  11. Introduction
  12. Instructor Website
  13. Chapter 1 Introduction and Security Trends
    1. The Computer Security Problem
    2. Definition of Computer Security
    3. Historical Security Incidents
    4. The Current Threat Environment
    5. Infrastructure Attacks
    6. Ransomware
    7. Threats to Security
    8. Viruses and Worms
    9. Intruders
    10. Insiders
    11. Criminal Organizations
    12. Nation-States, Terrorists, and Information Warfare
    13. Brand-Name Attacks
    14. Attributes of Actors
    15. Internal/External
    16. Level of Sophistication
    17. Resources/Funding
    18. Intent/Motivation
    19. Security Trends
    20. Targets and Attacks
    21. Specific Target
    22. Opportunistic Target
    23. Minimizing Possible Avenues of Attack
    24. Approaches to Computer Security
    25. Cybersecurity Kill Chain
    26. Threat Intelligence
    27. Open Source Intelligence
    28. Ethics
    29. Additional References
    30. Chapter 1 Review
  14. Chapter 2 General Security Concepts
    1. Basic Security Terminology
    2. Security Basics
    3. Security Tenets
    4. Security Approaches
    5. Security Principles
    6. Formal Security Models
    7. Confidentiality Models
    8. Integrity Models
    9. Additional References
    10. Chapter 2 Review
  15. Chapter 3 Operational and Organizational Security
    1. Policies, Procedures, Standards, and Guidelines
    2. Organizational Policies
    3. Change Management Policy
    4. Change Control
    5. Asset Management
    6. Security Policies
    7. Data Policies
    8. Credential Policies
    9. Password and Account Policies
    10. Human Resources Policies
    11. Code of Ethics
    12. Job Rotation
    13. Separation of Duties
    14. Employee Hiring (Onboarding) and Promotions
    15. Retirement, Separation, or Termination (Offboarding)
    16. Exit Interviews
    17. Onboarding/Offboarding Business Partners
    18. Adverse Actions
    19. Mandatory Vacations
    20. Acceptable Use Policy
    21. Internet Usage Policy
    22. E-mail Usage Policy
    23. Social Media Analysis
    24. Clean Desk Policy
    25. Bring-Your-Own-Device (BYOD) Policy
    26. Privacy Policy
    27. Due Care and Due Diligence
    28. Due Process
    29. Incident Response Policies and Procedures
    30. Security Awareness and Training
    31. Diversity of Training Techniques
    32. Security Policy Training and Procedures
    33. User Training
    34. Role-Based Training
    35. Continuing Education
    36. Compliance with Laws, Best Practices, and Standards
    37. User Habits
    38. Training Metrics and Compliance
    39. Standard Operating Procedures
    40. Third-Party Risk Management
    41. Vendors
    42. Supply Chain
    43. Business Partners
    44. Interoperability Agreements
    45. Service Level Agreement (SLA)
    46. Memorandum of Understanding (MOU)
    47. Measurement Systems Analysis (MSA)
    48. Business Partnership Agreement (BPA)
    49. Interconnection Security Agreement (ISA)
    50. NDA
    51. End of Service Life (EOSL)
    52. End of Life (EOL)
    53. Chapter 3 Review
  16. Chapter 4 The Role of People in Security
    1. People—A Security Problem
    2. Social Engineering
    3. Tools
    4. Principles (Reasons for Effectiveness)
    5. Defenses
    6. Attacks
    7. Impersonation
    8. Phishing
    9. Smishing
    10. Vishing
    11. Spam
    12. Spam over Internet Messaging (SPIM)
    13. Spear Phishing
    14. Whaling
    15. Pharming
    16. Dumpster Diving
    17. Shoulder Surfing
    18. Tailgating/Piggybacking
    19. Eliciting Information
    20. Prepending
    21. Identity Fraud
    22. Invoice Scams
    23. Credential Harvesting
    24. Reverse Social Engineering
    25. Reconnaissance
    26. Hoax
    27. Watering Hole Attack
    28. Typo Squatting
    29. Influence Campaigns
    30. Poor Security Practices
    31. Password Selection
    32. Shoulder Surfing
    33. Piggybacking
    34. Dumpster Diving
    35. Installing Unauthorized Hardware and Software
    36. Data Handling
    37. Physical Access by Non-Employees
    38. Clean Desk Policies
    39. People as a Security Tool
    40. Security Awareness
    41. Security Policy Training and Procedures
    42. Chapter 4 Review
  17. Chapter 5 Cryptography
    1. Cryptography in Practice
    2. Fundamental Methods
    3. Comparative Strengths and Performance of Algorithms
    4. Key Length
    5. Cryptographic Objectives
    6. Diffusion
    7. Confusion
    8. Obfuscation
    9. Perfect Forward Secrecy
    10. Security Through Obscurity
    11. Historical Perspectives
    12. Algorithms
    13. Substitution Ciphers
    14. One-Time Pads
    15. Key Management
    16. Random Numbers
    17. Salting
    18. Hashing Functions
    19. Message Digest
    20. SHA
    21. RIPEMD
    22. Hashing Summary
    23. Symmetric Encryption
    24. DES
    25. 3DES
    26. AES
    27. CAST
    28. RC
    29. Blowfish
    30. Twofish
    31. IDEA
    32. ChaCha20
    33. Cipher Modes
    34. Authenticated Encryption with Associated Data (AEAD)
    35. Block vs. Stream
    36. Symmetric Encryption Summary
    37. Asymmetric Encryption
    38. Diffie-Hellman
    39. RSA Algorithm
    40. ElGamal
    41. ECC
    42. Asymmetric Encryption Summary
    43. Symmetric vs. Asymmetric
    44. Quantum Cryptography
    45. Post-Quantum
    46. Lightweight Cryptography
    47. Homomorphic Encryption
    48. For More Information
    49. Chapter 5 Review
  18. Chapter 6 Applied Cryptography
    1. Cryptography Use
    2. Confidentiality
    3. Integrity
    4. Authentication
    5. Nonrepudiation
    6. Digital Signatures
    7. Digital Rights Management
    8. Cryptographic Applications
    9. Use of Proven Technologies
    10. Cipher Suites
    11. Secret Algorithms
    12. Key Exchange
    13. Key Escrow
    14. Session Keys
    15. Ephemeral Keys
    16. Key Stretching
    17. Transport Encryption
    18. TLS v1.3
    19. Data in Transit/Motion
    20. Data at Rest
    21. Data in Use/Processing
    22. Implementation vs. Algorithm Selection
    23. Common Use Cases
    24. HMAC
    25. S/MIME
    26. IETF S/MIME History
    27. IETF S/MIME v3 Specifications
    28. PGP
    29. How PGP Works
    30. Steganography
    31. Secure Protocols
    32. DNSSEC
    33. SSH
    34. S/MIME
    35. SRTP
    36. LDAPS
    37. FTPS
    38. SFTP
    39. SNMPv3
    40. TLS
    41. HTTPS
    42. Secure POP/IMAP
    43. IPSec
    44. Secure Protocol Use Cases
    45. Voice and Video
    46. Time Synchronization
    47. E-mail and Web
    48. File Transfer
    49. Directory Services
    50. Remote Access
    51. Domain Name Resolution
    52. Routing and Switching
    53. Network Address Allocation
    54. Subscription Services
    55. Cryptographic Attacks
    56. Birthday
    57. Known Plaintext/Ciphertext
    58. Chosen Cipher Text Attack
    59. Weak Implementations
    60. Meet-in-the-Middle Attacks
    61. Replay
    62. Downgrade
    63. Collision
    64. Password Attacks
    65. Other Standards
    66. FIPS
    67. Common Criteria
    68. ISO/IEC 27002 (Formerly ISO 17799)
    69. Chapter 6 Review
  19. Chapter 7 Public Key Infrastructure
    1. The Basics of Public Key Infrastructures
    2. Certificate Authorities
    3. Registration Authorities
    4. Local Registration Authorities
    5. Public Certificate Authorities
    6. In-house Certificate Authorities
    7. Choosing Between a Public CA and an In-house CA
    8. Outsourced Certificate Authorities
    9. Online vs. Offline CA
    10. Stapling
    11. Pinning
    12. Trust Models
    13. Certificate Chaining
    14. Hierarchical Trust Model
    15. Peer-to-Peer Model
    16. Hybrid Trust Model
    17. Walking the Certificate Path
    18. Digital Certificates
    19. Certificate Classes
    20. Certificate Extensions
    21. Certificate Attributes
    22. Certificate Formats
    23. Certificate Lifecycles
    24. Registration and Generation
    25. CSR
    26. Renewal
    27. Suspension
    28. Certificate Revocation
    29. Key Destruction
    30. Certificate Repositories
    31. Sharing Key Stores
    32. Trust and Certificate Verification
    33. Centralized and Decentralized Infrastructures
    34. Hardware Security Modules
    35. Private Key Protection
    36. Key Recovery
    37. Key Escrow
    38. Certificate-Based Threats
    39. Stolen Certificates
    40. PKIX and PKCS
    41. PKIX Standards
    42. PKCS
    43. Why You Need to Know the PKIX and PKCS Standards
    44. ISAKMP
    45. CMP
    46. XKMS
    47. CEP
    48. Chapter 7 Review
  20. Chapter 8 Physical Security
    1. The Security Problem
    2. Physical Security Safeguards
    3. Walls and Guards
    4. Lights and Signage
    5. Physical Access Controls and Monitoring
    6. Electronic Access Control Systems
    7. Policies and Procedures
    8. Environmental Controls
    9. Hot and Cold Aisles
    10. Fire Suppression
    11. Water-Based Fire Suppression Systems
    12. Halon-Based Fire Suppression Systems
    13. Clean-Agent Fire Suppression Systems
    14. Handheld Fire Extinguishers
    15. Fire Detection Devices
    16. Electromagnetic Environment
    17. Power Protection
    18. UPS
    19. Backup Power and Cable Shielding
    20. Generator
    21. Dual Supply
    22. Managed Power Distribution Units (PDUs)
    23. Drones/UAVs
    24. Chapter 8 Review
  21. Chapter 9 Network Fundamentals
    1. Network Architectures
    2. Network Topology
    3. Wireless
    4. Ad Hoc
    5. Segregation/Segmentation/Isolation
    6. Physical Separation
    7. Enclaves
    8. Logical (VLAN)
    9. Virtualization
    10. Airgaps
    11. Zones and Conduits
    12. Zero Trust
    13. Security Zones
    14. DMZ
    15. Internet
    16. East-West Traffic
    17. Intranet
    18. Extranet
    19. Wireless
    20. Guest
    21. Honeynets
    22. Flat Networks
    23. Network Protocols
    24. Protocols
    25. Packets
    26. Internet Protocol
    27. IP Packets
    28. TCP vs. UDP
    29. ICMP
    30. IPv4 vs. IPv6
    31. Expanded Address Space
    32. Neighbor Discovery
    33. Benefits of IPv6
    34. Packet Delivery
    35. Ethernet
    36. Local Packet Delivery
    37. ARP Attacks
    38. Remote Packet Delivery
    39. IP Addresses and Subnetting
    40. Network Address Translation
    41. Inter-Networking
    42. MPLS
    43. Software-Defined Networking (SDN)
    44. Software-Defined Visibility (SDV)
    45. Quality of Service (QoS)
    46. Traffic Engineering
    47. Route Security
    48. For More Information
    49. Chapter 9 Review
  22. Chapter 10 Infrastructure Security
    1. Devices
    2. Workstations
    3. Servers
    4. Mobile Devices
    5. Device Security, Common Concerns
    6. Network-Attached Storage
    7. Removable Storage
    8. Virtualization
    9. Hypervisor
    10. Application Cells/Containers
    11. VM Sprawl Avoidance
    12. VM Escape Protection
    13. Snapshots
    14. Patch Compatibility
    15. Host Availability/Elasticity
    16. Security Control Testing
    17. Sandboxing
    18. Networking
    19. Network Interface Cards
    20. Hubs
    21. Bridges
    22. Switches
    23. Port Security
    24. Routers
    25. Security Devices
    26. Firewalls
    27. VPN Concentrator
    28. Wireless Devices
    29. Modems
    30. Telephony
    31. Intrusion Detection Systems
    32. Network Access Control
    33. Network Monitoring/Diagnostic
    34. Load Balancers
    35. Proxies
    36. Web Security Gateways
    37. Internet Content Filters
    38. Data Loss Prevention
    39. Unified Threat Management
    40. Security Device/Technology Placement
    41. Sensors
    42. Collectors
    43. TAPs and Port Mirror
    44. Correlation Engines
    45. Filters
    46. SSL Accelerators
    47. DDoS Mitigator
    48. Aggregation Switches
    49. Tunneling/VPN
    50. Site-to-Site
    51. Remote Access
    52. Storage Area Networks
    53. iSCSI
    54. Fibre Channel
    55. FCoE
    56. Media
    57. Coaxial Cable
    58. UTP/STP
    59. Fiber
    60. Unguided Media
    61. Removable Media
    62. Magnetic Media
    63. Optical Media
    64. Electronic Media
    65. Security Concerns for Transmission Media
    66. Physical Security Concerns
    67. Chapter 10 Review
  23. Chapter 11 Authentication and Remote Access
    1. User, Group, and Role Management
    2. User
    3. Shared and Generic Accounts/Credentials
    4. Guest Accounts
    5. Service Accounts
    6. Privileged Accounts
    7. Group
    8. Role
    9. Account Policies
    10. Account Policy Enforcement
    11. Domain Passwords
    12. Single Sign-On
    13. Credential Management
    14. Group Policy
    15. Standard Naming Convention
    16. Account Maintenance
    17. Usage Auditing and Review
    18. Account Audits
    19. Time-of-Day Restrictions
    20. Impossible Travel Time/Risky Login
    21. Account Expiration
    22. Privileged Access Management
    23. Authorization
    24. Access Control
    25. Security Controls and Permissions
    26. Access Control Lists (ACLs)
    27. Mandatory Access Control (MAC)
    28. Discretionary Access Control (DAC)
    29. Role-Based Access Control (RBAC)
    30. Rule-Based Access Control
    31. Attribute-Based Access Control (ABAC)
    32. Conditional Access
    33. Identity
    34. Identity Provider (IdP)
    35. Identity Attributes
    36. Certificates
    37. Identity Tokens
    38. SSH Keys
    39. Smart Cards
    40. Authentication Methods
    41. Authentication
    42. Directory Services
    43. Federation
    44. Attestation
    45. Transitive Trust
    46. Technologies
    47. Biometric Factors
    48. Fingerprint Scanner
    49. Retinal Scanner
    50. Iris Scanner
    51. Voice Recognition
    52. Facial Recognition
    53. Vein
    54. Gait Analysis
    55. Biometric Efficacy Rates
    56. False Positives and False Negatives
    57. False Acceptance Rate
    58. False Rejection Rate
    59. Crossover Error Rate
    60. Biometrics Calculation Example
    61. Multifactor Authentication
    62. Factors
    63. Attributes
    64. Remote Access
    65. IEEE 802.1X
    66. LDAP
    67. RADIUS
    68. TACACS+
    69. Authentication Protocols
    70. FTP/FTPS/SFTP
    71. VPNs
    72. Vulnerabilities of Remote Access Methods
    73. Preventing Data Loss or Theft
    74. Database Security
    75. Cloud vs. On-premises Requirements
    76. Connection Summary
    77. For More Information
    78. Chapter 11 Review
  24. Chapter 12 Wireless Security and Mobile Devices
    1. Connection Methods and Receivers
    2. Cellular
    3. Wi-Fi
    4. Bluetooth
    5. NFC
    6. Infrared
    7. USB
    8. Point-to-Point
    9. Point-to-Multipoint
    10. Global Positioning System (GPS)
    11. RFID
    12. SATCOM
    13. Wireless Protocols
    14. 802.11: Individual Standards
    15. WEP
    16. Current Security Methods
    17. Authentication Protocols
    18. Wireless Systems Configuration
    19. Access Point
    20. SSID
    21. Fat vs. Thin
    22. Controller Based vs. Standalone
    23. Signal Strength
    24. Band Selection/Width
    25. Antenna Types and Placement
    26. Power-Level Controls
    27. Wi-Fi Analyzers
    28. Channel Overlays
    29. Wireless Access Point (WAP) Placement
    30. Site Surveys
    31. Heat Maps
    32. Controller and Access Point Security
    33. MAC Filtering
    34. Captive Portals
    35. Securing Public Wi-Fi
    36. Wireless Attacks
    37. Attacking 802.11
    38. Replay
    39. IV
    40. Evil Twin
    41. Rogue AP
    42. Jamming
    43. Bluetooth Attacks
    44. Bluejacking
    45. Bluesnarfing
    46. Bluebugging
    47. RFID
    48. Disassociation
    49. Mobile Device Management Concepts
    50. Application Management
    51. Full Device Encryption (FDE)
    52. Content Management
    53. Remote Wipe
    54. Geofencing
    55. Geolocation
    56. Geo-Tagging
    57. Screen Locks
    58. Push Notification Services
    59. Passwords and PINs
    60. Biometrics
    61. Context-Aware Authentication
    62. Containerization
    63. Storage Segmentation
    64. Asset Control
    65. Device Access Control
    66. Removable Storage
    67. Disabling Unused Features
    68. Mobile Application Security
    69. Application Control
    70. Key and Credential Management
    71. Authentication
    72. Application Whitelisting
    73. Encryption
    74. Transitive Trust/Authentication
    75. Mobile Devices
    76. MicroSD Hardware Security Module (HSM)
    77. MDM/Unified Endpoint Management (UEM)
    78. Mobile Application Management (MAM)
    79. SEAndroid/SELinux
    80. Policies for Enforcement and Monitoring
    81. Third-party App Stores
    82. Rooting/Jailbreaking
    83. Sideloading
    84. Custom Firmware
    85. Carrier Unlocking
    86. Firmware OTA Updates
    87. Camera Use
    88. SMS/MMS/RCS
    89. External Media
    90. USB On-The-Go (USB OTG)
    91. Recording Microphone
    92. GPS Tagging
    93. Wi-Fi Direct/Ad Hoc
    94. Tethering
    95. Hotspot
    96. Payment Methods
    97. Deployment Models
    98. CYOD
    99. COPE
    100. Corporate-Owned
    101. BYOD
    102. Virtual Desktop Infrastructure (VDI)
    103. Chapter 12 Review
  25. Chapter 13 Intrusion Detection Systems and Network Security
    1. History of Intrusion Detection Systems
    2. IDS Overview
    3. IDS Models
    4. Signatures
    5. False Positives and False Negatives
    6. Network-Based IDSs
    7. Advantages of a NIDS
    8. Disadvantages of a NIDS
    9. Active vs. Passive NIDSs
    10. NIDS Tools
    11. Host-Based IDSs
    12. Advantages of HIDSs
    13. Disadvantages of HIDSs
    14. Active vs. Passive HIDSs
    15. Resurgence and Advancement of HIDSs
    16. Intrusion Prevention Systems
    17. Network Security Monitoring
    18. Deception and Disruption Technologies
    19. Honeypots and Honeynets
    20. Honeyfiles/Honeyrecords
    21. Fake Telemetry
    22. DNS Sinkhole
    23. Analytics
    24. SIEM
    25. SIEM Dashboards
    26. Sensors
    27. Sensitivity
    28. Trends
    29. Alerts
    30. Correlation
    31. Aggregation
    32. Automated Alerting and Triggers
    33. Time Synchronization
    34. Event Deduplication
    35. Logs/WORM
    36. DLP
    37. USB Blocking
    38. Cloud-Based DLP
    39. E-mail
    40. Tools
    41. Protocol Analyzer
    42. Network Placement
    43. In-Band vs. Out-of-Band NIDS/NIPS
    44. Switched Port Analyzer
    45. Port Scanner
    46. Passive vs. Active Tools
    47. Banner Grabbing
    48. Indicators of Compromise
    49. Advanced Malware Tools
    50. For More Information
    51. Chapter 13 Review
  26. Chapter 14 System Hardening and Baselines
    1. Overview of Baselines
    2. Hardware/Firmware Security
    3. FDE/SED
    4. TPM
    5. Hardware Root of Trust
    6. HSM
    7. UEFI BIOS
    8. Measured Boot
    9. Secure Boot and Attestation
    10. Integrity Measurement
    11. Firmware Version Control
    12. EMI/EMP
    13. Supply Chain
    14. Operating System and Network Operating System Hardening
    15. Protection Rings
    16. OS Security
    17. OS Types
    18. Trusted Operating System
    19. Patch Management
    20. Disabling Unnecessary Ports and Services
    21. Secure Configurations
    22. Disable Default Accounts/Passwords
    23. Application Whitelisting/Blacklisting
    24. Sandboxing
    25. Secure Baseline
    26. Machine Hardening
    27. Hardening Microsoft Operating Systems
    28. Hardening UNIX- or Linux-Based Operating Systems
    29. Endpoint Protection
    30. Antivirus
    31. Anti-Malware
    32. Endpoint Detection and Response (EDR)
    33. DLP
    34. Next-Generation Firewall (NGFW)
    35. Host-based Intrusion Detection System (HIDS)
    36. Host-based Intrusion Prevention System (HIPS)
    37. Host-based Firewall
    38. Whitelisting vs. Blacklisting Applications
    39. AppLocker
    40. Hardware Security
    41. Network Hardening
    42. Software Updates
    43. Device Configuration
    44. Securing Management Interfaces
    45. VLAN Management
    46. Network Segmentation
    47. IPv4 vs. IPv6
    48. Application Hardening
    49. Application Configuration Baseline
    50. Application Patches
    51. Patch Management
    52. Host Software Baselining
    53. Vulnerability Scanner
    54. Data-Based Security Controls
    55. Data Security
    56. Data Encryption
    57. Handling Big Data
    58. Cloud Storage
    59. Storage Area Network
    60. Permissions/ACL
    61. Environment
    62. Development
    63. Test
    64. Staging
    65. Production
    66. Automation/Scripting
    67. Automated Courses of Action
    68. Continuous Monitoring
    69. Configuration Validation
    70. Templates
    71. Master Image
    72. Nonpersistence
    73. Wrappers
    74. Elasticity
    75. Scalability
    76. Distributive Allocation
    77. Alternative Environments
    78. Alternative Environment Methods
    79. Peripherals
    80. Phones and Mobile Devices
    81. Embedded Systems
    82. Camera Systems
    83. Game Consoles
    84. Mainframes
    85. SCADA/ICS
    86. HVAC
    87. Smart Devices/IoT
    88. Special-Purpose Systems
    89. Industry-Standard Frameworks and Reference Architectures
    90. Regulatory
    91. Nonregulatory
    92. National vs. International
    93. Industry-Specific Frameworks
    94. Benchmarks/Secure Configuration Guides
    95. Platform/Vendor-Specific Guides
    96. General-Purpose Guides
    97. For More Information
    98. Chapter 14 Review
  27. Chapter 15 Types of Attacks and Malicious Software
    1. Avenues of Attack
    2. Minimizing Possible Avenues of Attack
    3. Malicious Code
    4. Malware
    5. Ransomware
    6. Trojans
    7. Worms
    8. Viruses
    9. Polymorphic Malware
    10. Potentially Unwanted Programs
    11. Command and Control
    12. Botnets
    13. Crypto-Malware
    14. Logic Bombs
    15. Spyware
    16. Adware
    17. Keyloggers
    18. Remote-Access Trojans (RATs)
    19. Rootkit
    20. Backdoors and Trapdoors
    21. Application-Level Attacks
    22. Malware Defenses
    23. Attacking Computer Systems and Networks
    24. Denial-of-Service Attacks
    25. Social Engineering
    26. Sniffing
    27. Spoofing
    28. MAC Spoofing
    29. TCP/IP Hijacking
    30. Man-in-the-Middle Attacks
    31. Man-in-the-Browser
    32. Replay Attacks
    33. Transitive Access
    34. Scanning Attacks
    35. Attacks on Encryption
    36. Address System Attacks
    37. Cache Poisoning
    38. Amplification
    39. Domain Hijacking
    40. Pass-the-Hash Attacks
    41. Software Exploitation
    42. Client-Side Attacks
    43. Driver Manipulation
    44. Advanced Persistent Threat
    45. Password Attacks
    46. Password Guessing
    47. Poor Password Choices
    48. Spraying
    49. Dictionary Attack
    50. Brute Force Attack
    51. Rainbow Tables
    52. Plaintext/Unencrypted
    53. Chapter 15 Review
  28. Chapter 16 Security Tools and Techniques
    1. Network Reconnaissance and Discovery Tools
    2. tracert/traceroute
    3. nslookup/dig
    4. ipconfig/ifconfig
    5. nmap
    6. ping/pathping
    7. hping
    8. netstat
    9. netcat (nc)
    10. IP Scanners
    11. arp
    12. route
    13. curl
    14. theHarvester
    15. sn1per
    16. scanless
    17. dnsenum
    18. Nessus
    19. Cuckoo
    20. File Manipulation Tools
    21. head
    22. tail
    23. cat
    24. grep
    25. chmod
    26. logger
    27. Shell and Script Environments
    28. SSH
    29. PowerShell
    30. Python
    31. OpenSSL
    32. Packet Capture and Replay Tools
    33. tcpreplay
    34. tcpdump
    35. Wireshark
    36. Forensic Tools
    37. dd
    38. memdump
    39. WinHex
    40. FTK Imager
    41. Autopsy
    42. Tool Suites
    43. Metasploit
    44. Kali
    45. Parrot OS
    46. Security Onion
    47. Social-Engineering Toolkit
    48. Cobalt Strike
    49. Core Impact
    50. Burp Suite
    51. Penetration Testing
    52. Penetration Testing Authorization
    53. Reconnaissance
    54. Passive vs. Active Tools
    55. Pivoting
    56. Initial Exploitation
    57. Persistence
    58. Escalation of Privilege
    59. Vulnerability Testing
    60. Vulnerability Scanning Concepts
    61. False Positives
    62. False Negatives
    63. Log Reviews
    64. Credentialed vs. Non-Credentialed
    65. Intrusive vs. Non-Intrusive
    66. Applications
    67. Web Applications
    68. Network
    69. Common Vulnerabilities and Exposures (CVE)/Common Vulnerability Scoring System (CVSS)
    70. Configuration Review
    71. System Testing
    72. Auditing
    73. Performing Routine Audits
    74. Vulnerabilities
    75. Cloud-based vs. On-premises Vulnerabilities
    76. Zero Day
    77. Weak Configurations
    78. Open Permissions
    79. Unsecure Root Accounts
    80. Errors
    81. Weak Encryption
    82. Unsecure Protocols
    83. Default Settings
    84. Open Ports and Services
    85. Improper or Weak Patch Management
    86. Chapter 16 Review
  29. Chapter 17 Web Components, E-mail, and Instant Messaging
    1. Current Web Components and Concerns
    2. Web Protocols
    3. Encryption (SSL and TLS)
    4. How TLS Works
    5. The Web (HTTP and HTTPS)
    6. HTTPS Everywhere
    7. HTTP Strict Transport Security
    8. Directory Services (DAP and LDAP)
    9. File Transfer (FTP and SFTP)
    10. Vulnerabilities
    11. Code-Based Vulnerabilities
    12. Java
    13. JavaScript
    14. Securing the Browser
    15. Server-Side Scripts
    16. Cookies
    17. Browser Plug-Ins
    18. Malicious Add-Ons
    19. Code Signing
    20. Application-Based Weaknesses
    21. Session Hijacking
    22. Client-Side Attacks
    23. Web 2.0 and Security
    24. How E-mail Works
    25. E-mail Structure
    26. MIME
    27. Security of E-mail
    28. Spam
    29. Malicious Code
    30. Hoax E-mails
    31. Mail Gateway
    32. Spam Filter
    33. Mail Relaying
    34. Greylisting
    35. Spam URI Real-time Block Lists
    36. Sender Policy Framework (SPF)
    37. Sender ID Framework
    38. DomainKeys Identified Mail
    39. DLP
    40. Mail Encryption
    41. S/MIME
    42. PGP
    43. Instant Messaging
    44. Modern Instant Messaging Systems
    45. Chapter 17 Review
  30. Chapter 18 Cloud Computing
    1. Cloud Computing
    2. Cloud Characteristics
    3. Cloud Computing Service Models
    4. Level of Control in the Hosting Models
    5. Services Integration
    6. Cloud Types
    7. Private
    8. Public
    9. Hybrid
    10. Community
    11. On-premises vs. Hosted vs. Cloud
    12. Cloud Service Providers
    13. Transit Gateway
    14. Cloud Security Controls
    15. High Availability Across Zones
    16. Resource Policies
    17. Secrets Management
    18. Integration and Auditing
    19. Storage
    20. Network
    21. Compute
    22. Security as a Service
    23. Managed Security Service Provider (MSSP)
    24. Cloud Security Solutions
    25. Cloud Access Security Broker (CASB)
    26. Application Security
    27. Firewall Considerations in a Cloud Environment
    28. Cloud-native Controls vs. Third-party Solutions
    29. Virtualization
    30. Type I
    31. Type II
    32. Virtual Machine (VM) Sprawl Avoidance
    33. VM Escape Protection
    34. VDI/VDE
    35. Fog Computing
    36. Edge Computing
    37. Thin Client
    38. Containers
    39. Microservices/API
    40. Serverless Architecture
    41. Chapter 18 Review
  31. Chapter 19 Secure Software Development
    1. The Software Engineering Process
    2. Process Models
    3. Secure Development Lifecycle
    4. Environments
    5. Secure Coding Concepts
    6. Error and Exception Handling
    7. Input and Output Validation
    8. Normalization
    9. Bug Tracking
    10. Application Attacks
    11. Cross-Site Scripting
    12. Injections
    13. Directory Traversal/Command Injection
    14. Buffer Overflow
    15. Integer Overflow
    16. Cross-Site Request Forgery
    17. Zero Day
    18. Attachments
    19. Locally Shared Objects
    20. Client-Side Attacks
    21. Arbitrary/Remote Code Execution
    22. Open Vulnerability and Assessment Language
    23. Application Hardening
    24. Application Configuration Baseline
    25. Application Patch Management
    26. NoSQL Databases vs. SQL Databases
    27. Server-Side vs. Client-Side Validation
    28. Code Signing
    29. Encryption
    30. Obfuscation/Camouflage
    31. Code Reuse/Dead Code
    32. Memory Management
    33. Use of Third-Party Libraries and SDKs
    34. Data Exposure
    35. Code Quality and Testing
    36. Static Code Analyzers
    37. Dynamic Analysis (Fuzzing)
    38. Stress Testing
    39. Sandboxing
    40. Model Verification
    41. Compiled Code vs. Runtime Code
    42. Software Diversity
    43. Compiler
    44. Binary
    45. Secure DevOps
    46. Automation/Scripting
    47. Continuous Monitoring
    48. Continuous Validation
    49. Continuous Integration
    50. Continuous Delivery
    51. Continuous Deployment
    52. Infrastructure as Code
    53. Elasticity
    54. Scalability
    55. Version Control and Change Management
    56. Baselining
    57. Immutable Systems
    58. Provisioning and Deprovisioning
    59. Integrity Measurement
    60. For More Information
    61. Chapter 19 Review
  32. Chapter 20 Risk Management
    1. An Overview of Risk Management
    2. Example of Risk Management at the International Banking Level
    3. Risk Management Vocabulary
    4. What Is Risk Management?
    5. Risk Management Culture
    6. Risk Response Techniques
    7. Risk Management Frameworks
    8. Security Controls
    9. Categories
    10. Control Types
    11. Business Risks
    12. Examples of Business Risks
    13. Examples of Technology Risks
    14. Business Impact Analysis
    15. Mission-Essential Functions
    16. Identification of Critical Systems
    17. Single Point of Failure
    18. Impact
    19. Third-party Risks
    20. Vendor Management
    21. Supply Chain
    22. Outsourced Code Development
    23. Data Storage
    24. Risk Mitigation Strategies
    25. Change Management
    26. Incident Management
    27. User Rights and Permissions Reviews
    28. Data Loss or Theft
    29. Risk Management Models
    30. General Risk Management Model
    31. Software Engineering Institute Model
    32. NIST Risk Models
    33. Model Application
    34. Risk Assessment
    35. Qualitatively Assessing Risk
    36. Risk Matrix/Heat Map
    37. Quantitatively Assessing Risk
    38. Adding Objectivity to a Qualitative Assessment
    39. Risk Calculation
    40. Qualitative vs. Quantitative Risk Assessment
    41. Tools
    42. Cost-Effectiveness Modeling
    43. Risk Management Best Practices
    44. System Vulnerabilities
    45. Threat Vectors
    46. Probability/Threat Likelihood
    47. Risks Associated with Cloud Computing and Virtualization
    48. Additional References
    49. Chapter 20 Review
  33. Chapter 21 Business Continuity, Disaster Recovery, and Change Management
    1. Business Continuity
    2. Business Continuity Plans
    3. Business Impact Analysis
    4. Identification of Critical Systems and Components
    5. Removing Single Points of Failure
    6. Risk Assessment
    7. Succession Planning
    8. After-Action Reports
    9. Failover
    10. Backups
    11. Alternative Sites
    12. Order of Restoration
    13. Utilities
    14. Secure Recovery
    15. Continuity of Operations Planning (COOP)
    16. Disaster Recovery
    17. Disaster Recovery Plans/Process
    18. Categories of Business Functions
    19. IT Contingency Planning
    20. Test, Exercise, and Rehearse
    21. Recovery Time Objective and Recovery Point Objective
    22. Why Change Management?
    23. The Key Concept: Separation of Duties
    24. Elements of Change Management
    25. Implementing Change Management
    26. Backout Plan
    27. The Purpose of a Change Control Board
    28. Code Integrity
    29. The Capability Maturity Model Integration
    30. Environment
    31. Development
    32. Test
    33. Staging
    34. Production
    35. Secure Baseline
    36. Sandboxing
    37. Integrity Measurement
    38. Chapter 21 Review
  34. Chapter 22 Incident Response
    1. Foundations of Incident Response
    2. Incident Management
    3. Goals of Incident Response
    4. Attack Frameworks
    5. Anatomy of an Attack
    6. Cyber Kill Chain
    7. MITRE ATT&CK
    8. The Diamond Model of Intrusion Analysis
    9. Threat Intelligence
    10. Threat Hunting
    11. Security Orchestration, Automation, and Response (SOAR)
    12. Incident Response Process
    13. Preparation
    14. Incident Response Plan
    15. Incident Identification/Detection
    16. Identification
    17. Initial Response
    18. Containment/Incident Isolation
    19. Strategy Formulation
    20. Investigation
    21. Eradication
    22. Recovery
    23. Reporting
    24. Lessons Learned
    25. Incident Response Team
    26. Exercises
    27. Tabletop
    28. Walkthroughs
    29. Simulations
    30. Stakeholder Management
    31. Communication Plan
    32. Data Sources
    33. Log Files
    34. Network
    35. System
    36. Application
    37. Security
    38. Web
    39. DNS
    40. Authentication
    41. Dump Files
    42. VoIP and Call Managers
    43. Session Initiation Protocol (SIP) Traffic
    44. Syslog/Rsyslog/Syslog-ng
    45. Journalctl
    46. NXLog
    47. Bandwidth Monitors
    48. NetFlow/sFlow
    49. Metadata
    50. Data Collection Models
    51. Collection Inventory Matrix
    52. Collection Management Framework
    53. Standards and Best Practices
    54. State of Compromise
    55. NIST
    56. Department of Justice
    57. Indicators of Compromise
    58. Security Measure Implementation
    59. Making Security Measurable
    60. Retention Policies
    61. For More Information
    62. Chapter 22 Review
  35. Chapter 23 Computer Forensics
    1. Evidence
    2. Types of Evidence
    3. Standards for Evidence
    4. Three Rules Regarding Evidence
    5. Chain of Custody
    6. Tags
    7. Forensic Process
    8. Data Recovery
    9. Acquiring Evidence
    10. Identifying Evidence
    11. Protecting Evidence
    12. Transporting Evidence
    13. Storing Evidence
    14. Conducting the Investigation
    15. Message Digest and Hash
    16. Analysis
    17. Timelines of Sequence of Events
    18. Provenance
    19. Recovery
    20. Strategic Intelligence/Counterintelligence Gathering
    21. Active Logging
    22. Track Man-Hours
    23. Reports
    24. Host Forensics
    25. Filesystems
    26. Artifacts
    27. Swap/Pagefile
    28. Firmware
    29. Snapshot
    30. Cache
    31. Windows Metadata
    32. Linux Metadata
    33. Timestamps
    34. Device Forensics
    35. Network Forensics
    36. Legal Hold
    37. E-discovery
    38. Big Data
    39. Cloud
    40. Right to Audit Clauses
    41. Regulatory/Jurisdiction
    42. Chapter 23 Review
  36. Chapter 24 Legal Issues and Ethics
    1. Cybercrime
    2. U.S. Law Enforcement Encryption Debate
    3. Common Internet Crime Schemes
    4. Sources of Laws
    5. Computer Trespass
    6. Convention on Cybercrime
    7. Significant U.S. Laws
    8. Payment Card Industry Data Security Standard (PCI DSS)
    9. Import/Export Encryption Restrictions
    10. Digital Signature Laws
    11. Digital Rights Management
    12. Ethics
    13. Chapter 24 Review
  37. Chapter 25 Privacy
    1. Data Handling
    2. Organizational Consequences of Privacy Breaches
    3. Reputation Damage
    4. Identity Theft
    5. Fines
    6. IP Theft
    7. Data Sensitivity Labeling and Handling
    8. Public
    9. Private
    10. Sensitive
    11. Confidential
    12. Critical
    13. Proprietary
    14. Personally Identifiable Information (PII)
    15. Data Roles
    16. Data Owner
    17. Data Controller
    18. Data Processor
    19. Data Custodian/Steward
    20. Data Privacy Officer
    21. Data Destruction and Media Sanitization
    22. Data/Information Lifecycle
    23. Burning
    24. Shredding
    25. Pulping
    26. Pulverizing
    27. Degaussing
    28. Purging
    29. Wiping
    30. U.S. Privacy Laws
    31. Fair Information Practice Principles (FIPPs)
    32. Privacy Act of 1974
    33. Freedom of Information Act (FOIA)
    34. Family Education Records and Privacy Act (FERPA)
    35. U.S. Computer Fraud and Abuse Act (CFAA)
    36. U.S. Children’s Online Privacy Protection Act (COPPA)
    37. Video Privacy Protection Act (VPPA)
    38. Health Insurance Portability and Accountability Act (HIPAA)
    39. Gramm-Leach-Bliley Act (GLBA)
    40. California Senate Bill 1386 (SB 1386)
    41. U.S. Banking Rules and Regulations
    42. Payment Card Industry Data Security Standard (PCI DSS)
    43. Fair Credit Reporting Act (FCRA)
    44. Fair and Accurate Credit Transactions Act (FACTA)
    45. International Privacy Laws
    46. OECD Fair Information Practices
    47. European Laws
    48. Canadian Law
    49. Asian Laws
    50. Privacy-Enhancing Technologies
    51. Data Minimization
    52. Data Masking
    53. Tokenization
    54. Anonymization
    55. Pseudo-Anonymization
    56. Privacy Policies
    57. Terms of Agreement
    58. Privacy Notice
    59. Privacy Impact Assessment
    60. Web Privacy Issues
    61. Cookies
    62. Privacy in Practice
    63. User Actions
    64. Data Breaches
    65. For More Information
    66. Chapter 25 Review
  38. Appendix A CompTIA Security+ Exam Objectives: SY0-601
  39. Appendix B About the Online Content
    1. System Requirements
    2. Your Total Seminars Training Hub Account
    3. Privacy Notice
    4. Single User License Terms and Conditions
    5. TotalTester Online
    6. Technical Support
  40. Glossary
  41. Index
3.238.235.181