0%

Book Description

Fully updated computer security essentials—quality approved by CompTIA

Learn IT security fundamentals while getting complete coverage of the objectives for the latest release of CompTIA Security+ certification exam SY0-501. This thoroughly revised, full-color textbook discusses communication, infrastructure, operational security, attack prevention, disaster recovery, computer forensics, and much more. Written by a pair of highly respected security educators, Principles of Computer Security: CompTIA Security+® and Beyond, Fifth Edition (Exam SY0-501) will help you pass the exam and become a CompTIA certified computer security expert.

Find out how to:

•Ensure operational, organizational, and physical security

•Use cryptography and public key infrastructures (PKIs)

•Secure remote access, wireless networks, and virtual private networks (VPNs)

•Authenticate users and lock down mobile devices

•Harden network devices, operating systems, and applications

•Prevent network attacks, such as denial of service, spoofing, hijacking, and password guessing

•Combat viruses, worms, Trojan horses, and rootkits

•Manage e-mail, instant messaging, and web security

•Explore secure software development requirements

•Implement disaster recovery and business continuity measures

•Handle computer forensics and incident response

•Understand legal, ethical, and privacy issues

Online content includes:

•Test engine that provides full-length practice exams and customized quizzes by chapter or exam objective

•200 practice exam questions

Each chapter includes:

•Learning objectives

•Real-world examples

•Try This! and Cross Check exercises

•Tech Tips, Notes, and Warnings

•Exam Tips

•End-of-chapter quizzes and lab projects



Table of Contents

  1. Cover
  2. Title Page
  3. Copyright Page
  4. About the Authors
  5. Dedication
  6. Acknowledgments
  7. About this Book
  8. CompTIA Approved Quality Curriculum
  9. Contents at a Glance
  10. Contents
  11. Foreword
  12. Preface
  13. Introduction
  14. Instructor Web Site
  15. Chapter 1 Introduction and Security Trends
    1. The Computer Security Problem
      1. Definition of Computer Security
      2. Historical Security Incidents
      3. The Current Threat Environment
      4. Ukraine Electric Grid
      5. Ransomware
    2. Threats to Security
      1. Viruses and Worms
      2. Intruders
      3. Insiders
      4. Criminal Organizations
      5. Nation-States, Terrorists, and Information Warfare
      6. Brand-Name Attacks
    3. Attributes of Actors
      1. Internal/External
      2. Level of Sophistication
      3. Resources/Funding
      4. Intent/Motivation
    4. Security Trends
    5. Targets and Attacks
      1. Specific Target
      2. Opportunistic Target
      3. Minimizing Possible Avenues of Attack
    6. Approaches to Computer Security
      1. Cyberattack Kill Chain
      2. Threat Intelligence
      3. Open Source Intelligence
    7. Ethics
    8. Additional References
    9. Chapter 1 Review
  16. Chapter 2 General Security Concepts
    1. Basic Security Terminology
      1. Security Basics
      2. Security Tenets
      3. Security Approaches
      4. Security Principles
    2. Security Models
      1. Confidentiality Models
      2. Integrity Models
    3. Additional References
    4. Chapter 2 Review
  17. Chapter 3 Operational and Organizational Security
    1. Policies, Procedures, Standards, and Guidelines
      1. Security Policies
      2. Change Management Policy
      3. Data Policies
      4. Password and Account Policies
      5. Human Resources Policies
      6. Due Care and Due Diligence
      7. Due Process
      8. Incident Response Policies and Procedures
    2. Security Awareness and Training
      1. Security Policy Training and Procedures
      2. Role-Based Training
      3. Continuing Education
      4. Compliance with Laws, Best Practices, and Standards
      5. User Habits
      6. Training Metrics and Compliance
    3. Standard Operating Procedure
    4. Interoperability Agreements
      1. Service Level Agreements
      2. Business Partnership Agreement
      3. Memorandum of Understanding
      4. Interconnection Security Agreement
      5. NDA
    5. The Security Perimeter
    6. Chapter 3 Review
  18. Chapter 4 The Role of People in Security
    1. People—A Security Problem
      1. Social Engineering
      2. Tools
      3. Poor Security Practices
    2. People as a Security Tool
      1. Security Awareness
      2. Security Policy Training and Procedures
    3. Chapter 4 Review
  19. Chapter 5 Cryptography
    1. Cryptography in Practice
      1. Fundamental Methods
      2. Comparative Strengths and Performance of Algorithms
    2. Cryptographic Objectives
      1. Diffusion
      2. Confusion
      3. Obfuscation
      4. Perfect Forward Secrecy
      5. Security Through Obscurity
    3. Historical Perspectives
      1. Algorithms
      2. Substitution Ciphers
      3. One-Time Pads
      4. Key Management
      5. Random Numbers
    4. Hashing Functions
      1. Message Digest
      2. SHA
      3. RIPEMD
      4. Hashing Summary
    5. Symmetric Encryption
      1. DES
      2. 3DES
      3. AES
      4. CAST
      5. RC
      6. Blowfish
      7. Twofish
      8. IDEA
      9. Cipher Modes
      10. Block vs. Stream
      11. Symmetric Encryption Summary
    6. Asymmetric Encryption
      1. Diffie-Hellman
      2. RSA Algorithm
      3. ElGamal
      4. ECC
      5. Asymmetric Encryption Summary
      6. Symmetric vs. Asymmetric
    7. Quantum Cryptography
    8. For More Information
    9. Chapter 5 Review
  20. Chapter 6 Applied Cryptography
    1. Cryptography Use
      1. Confidentiality
      2. Integrity
      3. Authentication
      4. Nonrepudiation
      5. Digital Signatures
      6. Digital Rights Management
      7. Cryptographic Applications
      8. Use of Proven Technologies
    2. Cipher Suites
      1. Secret Algorithms
      2. Key Exchange
      3. Key Escrow
      4. Session Keys
      5. Ephemeral Keys
      6. Key Stretching
      7. Transport Encryption
      8. Data in Transit
      9. Data at Rest
      10. Data in Use
      11. Implementation vs. Algorithm Selection
      12. Common Use Cases
      13. HMAC
    3. S/MIME
      1. IETF S/MIME History
      2. IETF S/MIME v3 Specifications
    4. PGP
      1. How PGP Works
    5. HTTPS
    6. IPsec
    7. Steganography
    8. Secure Protocols
      1. DNSSEC
      2. SSH
      3. S/MIME
      4. SRTP
      5. LDAPS
      6. FTPS
      7. SFTP
      8. SNMPv3
      9. SSL/TLS
      10. HTTPS
      11. Secure POP/IMAP
    9. Secure Protocol Use Cases
      1. Voice and Video
      2. Time Synchronization
      3. E-mail and Web
      4. File Transfer
      5. Directory Services
      6. Remote Access
      7. Domain Name Resolution
      8. Routing and Switching
      9. Network Address Allocation
      10. Subscription Services
    10. Cryptographic Attacks
      1. Birthday
      2. Known Plaintext/Ciphertext
      3. Meet-in-the-Middle Attacks
      4. Password Attacks
      5. Collision
      6. Downgrade
      7. Replay
      8. Weak Implementations
    11. Other Standards
      1. FIPS
      2. Common Criteria
      3. ISO/IEC (Formerly ISO)
    12. Chapter 6 Review
  21. Chapter 7 Public Key Infrastructure
    1. The Basics of Public Key Infrastructures
    2. Certificate Authorities
      1. Registration Authorities
      2. Local Registration Authorities
      3. Public Certificate Authorities
      4. In-house Certificate Authorities
      5. Choosing Between a Public CA and an In-house CA
      6. Outsourced Certificate Authorities
      7. Online vs. Offline CA
      8. Stapling
      9. Pinning
    3. Trust Models
      1. Certificate Chaining
      2. Hierarchical Trust Model
      3. Peer-to-Peer Model
      4. Hybrid Trust Model
      5. Walking the Certificate Path
    4. Digital Certificates
      1. Certificate Classes
      2. Certificate Extensions
      3. Certificate Attributes
      4. Certificate Formats
    5. Certificate Lifecycles
      1. Registration and Generation
      2. CSR
      3. Renewal
      4. Suspension
      5. Revocation
      6. Key Destruction
    6. Certificate Repositories
      1. Sharing Key Stores
      2. Trust and Certificate Verification
    7. Centralized and Decentralized Infrastructures
      1. Hardware Security Modules
      2. Private Key Protection
      3. Key Recovery
      4. Key Escrow
    8. Certificate-Based Threats
      1. Stolen Certificates
    9. PKIX and PKCS
      1. PKIX Standards
      2. PKCS
      3. Why You Need to Know the PKIX and PKCS Standards
    10. ISAKMP
    11. CMP
    12. XKMS
    13. CEP
    14. Chapter 7 Review
  22. Chapter 8 Physical Security
    1. The Security Problem
    2. Physical Security Safeguards
      1. Walls and Guards
      2. Physical Access Controls and Monitoring
      3. Electronic Access Control Systems
      4. Policies and Procedures
    3. Environmental Controls
    4. Fire Suppression
      1. Water-Based Fire Suppression Systems
      2. Halon-Based Fire Suppression Systems
      3. Clean-Agent Fire Suppression Systems
      4. Handheld Fire Extinguishers
      5. Fire Detection Devices
    5. Electromagnetic Environment
    6. Power Protection
      1. UPS
      2. Backup Power and Cable Shielding
    7. Chapter 8 Review
  23. Chapter 9 Network Fundamentals
    1. Network Architectures
    2. Network Topology
      1. Wireless
      2. Ad Hoc
    3. Network Protocols
      1. Protocols
      2. Packets
    4. Internet Protocol
      1. IP Packets
      2. TCP vs. UDP
      3. ICMP
    5. IPv4 vs. IPv6
      1. Expanded Address Space
      2. Neighbor Discovery
      3. Benefits of IPv6
    6. Packet Delivery
      1. Ethernet
      2. Local Packet Delivery
      3. ARP Attacks
      4. Remote Packet Delivery
      5. IP Addresses and Subnetting
      6. Network Address Translation
    7. SDN
    8. Security Zones
      1. DMZ
      2. Internet
      3. Intranet
      4. Extranet
      5. Wireless
      6. Guest
      7. Honeynets
      8. Flat Networks
    9. Segregation/Segmentation/Isolation
      1. Physical
      2. Enclaves
      3. Logical (VLAN)
      4. Virtualization
      5. Airgaps
      6. Zones and Conduits
    10. Tunneling/VPN
      1. Site-to-Site
      2. Remote Access
    11. Security Device/Technology Placement
      1. Sensors
      2. Collectors
      3. Correlation Engines
      4. Filters
      5. Proxies
      6. Firewalls
      7. VPN Concentrators
      8. SSL Accelerators
      9. Load Balancers
      10. DDoS Mitigator
      11. Aggregation Switches
      12. TAPs and Port Mirror
    12. Storage Area Networks
      1. iSCSI
      2. Fibre Channel
      3. FCoE
    13. For More Information
    14. Chapter 9 Review
  24. Chapter 10 Infrastructure Security
    1. Devices
      1. Workstations
      2. Servers
      3. Mobile Devices
      4. Device Security, Common Concerns
      5. Network-Attached Storage
      6. Removable Storage
    2. Virtualization
      1. Hypervisor
      2. Application Cells/Containers
      3. VM Sprawl Avoidance
      4. VM Escape Protection
      5. Snapshots
      6. Patch Compatibility
      7. Host Availability/Elasticity
      8. Security Control Testing
      9. Sandboxing
    3. Networking
      1. Network Interface Cards
      2. Hubs
      3. Bridges
      4. Switches
      5. Routers
      6. Firewalls
      7. How Do Firewalls Work?
      8. Next-Generation Firewalls
      9. Web Application Firewalls vs. Network Firewalls
      10. Concentrators
      11. Wireless Devices
      12. Modems
      13. Telephony
      14. VPN Concentrator
    4. Security Devices
      1. Intrusion Detection Systems
      2. Network Access Control
      3. Network Monitoring/Diagnostic
      4. Load Balancers
      5. Proxies
      6. Web Security Gateways
      7. Internet Content Filters
      8. Data Loss Prevention
      9. Unified Threat Management
    5. Media
      1. Coaxial Cable
      2. UTP/STP
      3. Fiber
      4. Unguided Media
    6. Removable Media
      1. Magnetic Media
      2. Optical Media
      3. Electronic Media
    7. Security Concerns for Transmission Media
    8. Physical Security Concerns
    9. Cloud Computing
      1. Cloud Types
      2. Cloud Computing Service Models
    10. VDI/VDE
    11. On-premises vs. Hosted vs. Cloud
    12. Security as a Service
      1. Cloud Access Security Broker
    13. Chapter 10 Review
  25. Chapter 11 Authentication and Remote Access
    1. User, Group, and Role Management
      1. User
      2. Shared and Generic Accounts/Credentials
      3. Guest Accounts
      4. Service Accounts
      5. Privileged Accounts
      6. Group
      7. Role
    2. Domain Passwords
    3. Single Sign-On
    4. Security Controls and Permissions
      1. Access Control Lists
      2. Mandatory Access Control (MAC)
      3. Discretionary Access Control (DAC)
      4. Role-Based Access Control (RBAC)
      5. Rule-Based Access Control
      6. Attribute-Based Access Control (ABAC)
    5. Account Policies
      1. Account Policy Enforcement
      2. Credential Management
      3. Group Policy
      4. Standard Naming Convention
      5. Account Maintenance
      6. Usage Auditing and Review
      7. Time-of-Day Restrictions
      8. Account Expiration
    6. Preventing Data Loss or Theft
    7. The Remote Access Process
      1. Identification
      2. Authentication
      3. Multifactor Authentication
      4. Transitive Trust
      5. Biometric Factors
      6. Authorization
    8. Remote Access Methods
      1. IEEE 802.1X
      2. LDAP
      3. RADIUS
      4. TACACS+
      5. Authentication Protocols
      6. FTP/FTPS/SFTP
      7. VPNs
      8. Vulnerabilities of Remote Access Methods
    9. File System Security
    10. Database Security
    11. Connection Summary
    12. For More Information
    13. Chapter 11 Review
  26. Chapter 12 Wireless Security and Mobile Devices
    1. Introduction to Wireless Networking
    2. Mobile Phones
      1. Wireless Application Protocol
      2. 3G Mobile Networks
      3. 4G Mobile Networks
      4. SATCOM
    3. Bluetooth
      1. Bluetooth Attacks
    4. Near Field Communication
    5. Other Forms of Connection
      1. ANT
      2. Infrared
      3. USB
    6. IEEE 802.11 Series
      1. 802.11: Individual Standards
      2. Attacking 802.11
      3. WEP
      4. Current Security Methods
      5. Authentication Protocols
    7. Wireless Systems Configuration
      1. Access Point
      2. Fat vs. Thin
      3. Controller Based vs. Standalone
      4. SSID
      5. Signal Strength
      6. Band Selection/Width
      7. Antenna Types and Placement
      8. Power Level Controls
      9. Site Surveys
      10. MAC Filtering
      11. Captive Portals
      12. Securing Public Wi-Fi
    8. Wireless Attacks
      1. Replay
      2. IV
      3. Evil Twin
      4. Rogue AP
      5. Jamming
      6. Bluejacking
      7. Bluesnarfing
      8. Bluebugging
      9. RFID
      10. Disassociation
    9. Mobile Device Management Concepts
      1. Application Management
      2. Full Device Encryption (FDE)
      3. Content Management
      4. Remote Wipe
      5. Geofencing
      6. Geolocation
      7. Geo-Tagging
      8. Screen Locks
      9. Push Notification Services
      10. Passwords and Pins
      11. Biometrics
      12. Context-Aware Authentication
      13. Containerization
      14. Storage Segmentation
      15. Asset Control
      16. Device Access Control
      17. Removable Storage
      18. Disabling Unused Features
    10. Mobile Application Security
      1. Application Control
      2. Key and Credential Management
      3. Authentication
      4. Application Whitelisting
      5. Encryption
      6. Transitive Trust/Authentication
    11. Policies for Enforcement and Monitoring
      1. Third-Party App Stores
      2. Rooting/Jailbreaking
      3. Sideloading
      4. Custom Firmware
      5. Carrier Unlocking
      6. Firmware OTA Updates
      7. Camera Use
      8. SMS/MMS
      9. External Media
      10. USB OTG
      11. Recording Microphone
      12. GPS Tagging
      13. Wi-Fi Direct/Ad Hoc
      14. Tethering
      15. Payment Methods
    12. Deployment Models
      1. CYOD
      2. COPE
      3. Corporate Owned
      4. BYOD
      5. VDI
    13. Chapter 12 Review
  27. Chapter 13 Intrusion Detection Systems and Network Security
    1. History of Intrusion Detection Systems
    2. IDS Overview
      1. IDS Models
      2. Signatures
      3. False Positives and False Negatives
    3. Network-Based IDSs
      1. Advantages of an NIDS
      2. Disadvantages of an NIDS
      3. Active vs. Passive NIDSs
      4. NIDS Tools
    4. Host-Based IDSs
      1. Advantages of HIDSs
      2. Disadvantages of HIDSs
      3. Active vs. Passive HIDSs
      4. Resurgence and Advancement of HIDSs
    5. Intrusion Prevention Systems
    6. Network Security Monitoring
    7. Honeypots and Honeynets
      1. Analytics
    8. SIEM
      1. Aggregation
      2. Correlation
      3. Automated Alerting and Triggers
      4. Time Synchronization
      5. Event Deduplication
      6. Logs/WORM
    9. DLP
      1. USB Blocking
      2. Cloud-Based DLP
      3. E-mail
    10. Tools
      1. Protocol Analyzer
      2. Network Placement
      3. In-Band vs. Out-of-Band NIDS/NIPS
      4. Switched Port Analyzer
      5. Port Scanner
      6. Passive vs. Active Tools
      7. Banner Grabbing
    11. Indicators of Compromise
      1. Advanced Malware Tools
    12. For More Information
    13. Chapter 13 Review
  28. Chapter 14 System Hardening and Baselines
    1. Overview of Baselines
    2. Hardware/Firmware Security
      1. FDE/SED
      2. TPM
      3. Hardware Root of Trust
      4. HSM
      5. UEFI/BIOS
      6. Secure Boot and Attestation
      7. Integrity Measurement
      8. Firmware Version Control
      9. EMI/EMP
      10. Supply Chain
    3. Operating System and Network Operating System Hardening
      1. Protection Rings
      2. OS Security
      3. OS Types
      4. Trusted Operating System
      5. Patch Management
      6. Disabling Unnecessary Ports and Services
      7. Secure Configurations
      8. Disable Default Accounts/Passwords
      9. Application Whitelisting/Blacklisting
      10. Sandboxing
    4. Secure Baseline
      1. Machine Hardening
      2. Hardening Microsoft Operating Systems
      3. Hardening UNIX- or Linux-Based Operating Systems
      4. Antimalware
      5. Whitelisting vs. Blacklisting Applications
      6. AppLocker
      7. Host-Based Firewalls
      8. Hardware Security
    5. Network Hardening
      1. Software Updates
      2. Device Configuration
      3. Securing Management Interfaces
      4. VLAN Management
      5. Network Segmentation
      6. IPv4 vs. IPv6
    6. Application Hardening
      1. Application Configuration Baseline
      2. Application Patches
      3. Patch Management
      4. Host Software Baselining
      5. Vulnerability Scanner
    7. Data-Based Security Controls
      1. Data Security
      2. Data Encryption
      3. Handling Big Data
      4. Cloud Storage
      5. Storage Area Network
      6. Permissions/ACL
    8. Environment
      1. Development
      2. Test
      3. Staging
      4. Production
    9. Automation/Scripting
      1. Automated Courses of Action
      2. Continuous Monitoring
      3. Configuration Validation
      4. Templates
      5. Master Image
      6. Nonpersistence
      7. Wrappers
      8. Elasticity
      9. Scalability
      10. Distributive Allocation
    10. Alternative Environments
      1. Alternative Environment Methods
      2. Peripherals
      3. Phones and Mobile Devices
      4. Embedded Systems
      5. Camera Systems
      6. Game Consoles
      7. Mainframes
      8. SCADA/ICS
      9. HVAC
      10. Smart Devices/IoT
      11. Special-Purpose Systems
    11. Industry-Standard Frameworks and Reference Architectures
      1. Regulatory
      2. Non-regulatory
      3. National vs. International
      4. Industry-Specific Frameworks
    12. Benchmarks/Secure Configuration Guides
      1. Platform/Vendor-Specific Guides
      2. General-Purpose guides
    13. For More Information
    14. Chapter 14 Review
  29. Chapter 15 Types of Attacks and Malicious Software
    1. Avenues of Attack
      1. Minimizing Possible Avenues of Attack
    2. Malicious Code
      1. Viruses
      2. Worms
      3. Polymorphic Malware
      4. Trojan Horses
      5. RAT
      6. Rootkits
      7. Logic Bombs
      8. Spyware
      9. Adware
      10. Botnets
      11. Backdoors and Trapdoors
      12. Crypto-Malware
      13. Ransomware
      14. Malware Defenses
      15. Application-Level Attacks
    3. Attacking Computer Systems and Networks
      1. Denial-of-Service Attacks
      2. Social Engineering
      3. Null Sessions
      4. Sniffing
      5. Spoofing
      6. MAC Spoofing
      7. TCP/IP Hijacking
      8. Man-in-the-Middle Attacks
      9. Man-in-the-Browser
      10. Replay Attacks
      11. Transitive Access
      12. Spam
      13. Spim
      14. Phishing
      15. Spear Phishing
      16. Vishing
      17. Pharming
      18. Scanning Attacks
      19. Attacks on Encryption
      20. Address System Attacks
      21. Cache Poisoning
      22. Amplification
      23. Domain Hijacking
      24. Password Guessing
      25. Pass-the-Hash Attacks
      26. Software Exploitation
      27. Client-Side Attacks
      28. Driver Manipulation
    4. Advanced Persistent Threat
    5. Tools
      1. Metasploit
      2. BackTrack/Kali
      3. Social-Engineering Toolkit
      4. Cobalt Strike
      5. Core Impact
      6. Burp Suite
    6. Auditing
      1. Performing Routine Audits
    7. Chapter 15 Review
  30. Chapter 16 E-mail and Instant Messaging
    1. How E-mail Works
      1. E-mail Structure
      2. MIME
    2. Security of E-mail
      1. Spam
      2. Malicious Code
      3. Hoax E-mails
    3. Mail Gateway
      1. Spam Filter
      2. Mail Relaying
      3. Greylisting
      4. Spam URI Real-time Block Lists
      5. Sender Policy Framework (SPF)
      6. Sender ID Framework
      7. DomainKeys Identified Mail
      8. DLP
    4. Mail Encryption
      1. S/MIME
      2. PGP
    5. Instant Messaging
      1. Modern Instant Messaging Systems
    6. Chapter 16 Review
  31. Chapter 17 Web Components
    1. Current Web Components and Concerns
    2. Web Protocols
      1. Encryption (SSL and TLS)
      2. How SSL/TLS Works
      3. The Web (HTTP and HTTPS)
      4. HTTPS Everywhere
      5. HTTP Strict Transport Security
      6. Directory Services (DAP and LDAP)
      7. File Transfer (FTP and SFTP)
      8. Vulnerabilities
    3. Code-Based Vulnerabilities
      1. Buffer Overflows
      2. Java
      3. JavaScript
      4. ActiveX
      5. Securing the Browser
      6. CGI
      7. Server-Side Scripts
      8. Cookies
      9. Browser Plug-Ins
      10. Malicious Add-Ons
      11. Signed Applets
    4. Application-Based Weaknesses
      1. Session Hijacking
      2. Client-Side Attacks
      3. Web 2.0 and Security
    5. Chapter 17 Review
  32. Chapter 18 Secure Software Development
    1. The Software Engineering Process
      1. Process Models
      2. Secure Development Lifecycle
    2. Secure Coding Concepts
      1. Error and Exception Handling
      2. Input and Output Validation
      3. Normalization
      4. Bug Tracking
    3. Application Attacks
      1. Cross-Site Scripting
      2. Injections
      3. Directory Traversal/Command Injection
      4. Buffer Overflow
      5. Integer Overflow
      6. Cross-Site Request Forgery
      7. Zero Day
      8. Attachments
      9. Locally Shared Objects
      10. Client-Side Attacks
      11. Arbitrary/Remote Code Execution
      12. Open Vulnerability and Assessment Language
    4. Application Hardening
      1. Application Configuration Baseline
      2. Application Patch Management
      3. NoSQL Databases vs. SQL Databases
      4. Server-Side vs. Client-Side Validation
      5. Code Signing
      6. Encryption
      7. Obfuscation/Camouflage
      8. Code Reuse/Dead Code
      9. Memory Management
      10. Use of Third-Party Libraries and SDKs
      11. Data Exposure
    5. Code Quality and Testing
      1. Static Code Analyzers
      2. Dynamic Analysis (Fuzzing)
      3. Stress Testing
      4. Sandboxing
      5. Model Verification
    6. Compiled vs. Runtime Code
    7. Secure DevOps
      1. Security Automation
      2. Continuous Integration
      3. Baselining
      4. Immutable Systems
      5. Infrastructure as Code
    8. Version Control and Change Management
    9. Provisioning and Deprovisioning
    10. For More Information
    11. Chapter 18 Review
  33. Chapter 19 Business Continuity, Disaster Recovery, and Organizational Policies
    1. Disaster Recovery
      1. Disaster Recovery Plans/Process
      2. Categories of Business Functions
      3. IT Contingency Planning
      4. Test, Exercise, and Rehearse
      5. Recovery Time Objective and Recovery Point Objective
    2. Backups
      1. What Needs to Be Backed Up
      2. Strategies for Backups
      3. Full
      4. Differential
      5. Delta
      6. Snapshots
      7. Backup Frequency and Retention
      8. Storage of Backups
      9. Geographic Considerations
    3. Business Continuity
      1. Business Continuity Plans
      2. Business Impact Analysis
      3. Identification of Critical Systems and Components
      4. Removing Single Points of Failure
      5. Risk Assessment
      6. Succession Planning
      7. Continuity of Operations
      8. Exercises/Tabletop
      9. After-Action Reports
      10. Failover
      11. Alternative Sites
      12. Order of Restoration
      13. Utilities
      14. Secure Recovery
    4. Cloud Computing
    5. Redundancy
      1. Fault Tolerance
      2. High Availability
      3. Clustering
      4. Load Balancing
      5. Single Point of Failure
      6. Failure and Recovery Timing
      7. Backout Planning
      8. RAID
      9. Spare Parts and Redundancy
    6. Chapter 19 Review
  34. Chapter 20 Risk Management
    1. An Overview of Risk Management
      1. Example of Risk Management at the International Banking Level
      2. Risk Management Vocabulary
    2. What Is Risk Management?
      1. Risk Management Culture
      2. Risk Response Techniques
      3. Security Controls
    3. Business Risks
      1. Examples of Business Risks
      2. Examples of Technology Risks
      3. Business Impact Analysis
      4. Mission-Essential Functions
      5. Identification of Critical Systems
      6. Single Point of Failure
      7. Impact
    4. Risk Mitigation Strategies
      1. Change Management
      2. Incident Management
      3. User Rights and Permissions Reviews
      4. Data Loss or Theft
    5. Risk Management Models
      1. General Risk Management Model
      2. Software Engineering Institute Model
      3. NIST Risk Models
      4. Model Application
    6. Qualitatively Assessing Risk
    7. Quantitatively Assessing Risk
      1. Adding Objectivity to a Qualitative Assessment
      2. Risk Calculation
    8. Qualitative vs. Quantitative Risk Assessment
    9. Testing
      1. Penetration Testing Authorization
      2. Vulnerability Testing Authorization
      3. Vulnerability Scanning Concepts
      4. System Testing
      5. Penetration Testing
    10. Tools
      1. Cost-Effectiveness Modeling
    11. Risk Management Best Practices
      1. System Vulnerabilities
      2. Threat Vectors
      3. Probability/Threat Likelihood
      4. Risks Associated with Cloud Computing and Virtualization
    12. Chapter 20 Review
  35. Chapter 21 Change Management
    1. Why Change Management?
    2. The Key Concept: Separation of Duties
    3. Elements of Change Management
    4. Implementing Change Management
      1. Backout Plan
    5. The Purpose of a Change Control Board
      1. Code Integrity
    6. The Capability Maturity Model Integration
    7. Environment
      1. Development
      2. Test
      3. Staging
      4. Production
    8. Secure Baseline
    9. Sandboxing
    10. Integrity Measurement
    11. Chapter 21 Review
  36. Chapter 22 Incident Response
    1. Foundations of Incident Response
      1. Incident Management
      2. Goals of Incident Response
      3. Anatomy of an Attack
    2. Incident Response Process
      1. Preparation
      2. Incident Response Plan
      3. Incident Identification/Detection
      4. Identification
      5. Initial Response
      6. Containment/Incident Isolation
      7. Strategy Formulation
      8. Investigation
      9. Eradication
      10. Recovery
      11. Reporting
      12. Lessons Learned
    3. Standards and Best Practices
      1. State of Compromise
      2. NIST
      3. Department of Justice
      4. Indicators of Compromise
      5. Security Measure Implementation
      6. Making Security Measurable
    4. For More Information
    5. Chapter 22 Review
  37. Chapter 23 Computer Forensics
    1. Evidence
      1. Types of Evidence
      2. Standards for Evidence
      3. Three Rules Regarding Evidence
    2. Forensic Process
      1. Acquiring Evidence
      2. Identifying Evidence
      3. Protecting Evidence
      4. Transporting Evidence
      5. Storing Evidence
      6. Conducting the Investigation
    3. Analysis
      1. Recovery
      2. Strategic Intelligence/Counterintelligence Gathering
      3. Active Logging
      4. Track Man-Hours
    4. Chain of Custody
    5. Message Digest and Hash
    6. Host Forensics
      1. File Systems
      2. Windows Metadata
      3. Linux Metadata
    7. Device Forensics
    8. Network Forensics
    9. Legal Hold
    10. E-discovery
      1. Reference Model
      2. Big Data
      3. Cloud
    11. Chapter 23 Review
  38. Chapter 24 Legal Issues and Ethics
    1. Cybercrime
      1. Common Internet Crime Schemes
      2. Sources of Laws
      3. Computer Trespass
      4. Convention on Cybercrime
      5. Significant U.S. Laws
      6. Payment Card Industry Data Security Standard (PCI DSS)
      7. Import/Export Encryption Restrictions
      8. Digital Signature Laws
      9. Digital Rights Management
    2. Ethics
    3. Chapter 24 Review
  39. Chapter 25 Privacy
    1. Anonymity and Pseudonymity
    2. Data Sensitivity Labeling and Handling
      1. Confidential
      2. Private
      3. Public
      4. Proprietary
    3. Data Roles
      1. Owner
      2. Steward/Custodian
      3. Privacy Officer
    4. Data Destruction and Media Sanitization
      1. Burning
      2. Shredding
      3. Pulping
      4. Pulverizing
      5. Degaussing
      6. Purging
      7. Wiping
    5. Personally Identifiable Information (PII)
      1. Sensitive PII
      2. Notice, Choice, and Consent
    6. Fair Information Practice Principles (FIPPs)
    7. U.S. Privacy Laws
      1. Privacy Act of 1974
      2. Freedom of Information Act (FOIA)
      3. Family Education Records and Privacy Act (FERPA)
      4. U.S. Computer Fraud and Abuse Act (CFAA)
      5. U.S. Children’s Online Privacy Protection Act (COPPA)
      6. Video Privacy Protection Act (VPPA)
      7. Health Insurance Portability and Accountability Act (HIPAA)
      8. Gramm-Leach-Bliley Act (GLBA)
      9. California Senate Bill (SB)
      10. U.S. Banking Rules and Regulations
      11. Payment Card Industry Data Security Standard (PCI DSS)
      12. Fair Credit Reporting Act (FCRA)
      13. Fair and Accurate Credit Transactions Act (FACTA)
    8. International Privacy Laws
      1. OECD Fair Information Practices
      2. European Laws
      3. Canadian Law
      4. Asian Laws
    9. Privacy-Enhancing Technologies
    10. Privacy Policies
      1. Privacy Impact Assessment
    11. Web Privacy Issues
      1. Cookies
    12. Privacy in Practice
      1. User Actions
      2. Data Breaches
    13. For More Information
    14. Chapter 25 Review
  40. Appendix A CompTIA Security+ Exam Objectives: SY0-501
  41. Appendix B Command Line Tools
    1. nmap
    2. ping
    3. netstat
    4. tracert
    5. nslookup/dig
    6. ipconfig/ip/ifconfig
    7. tcpdump
    8. netcat
  42. Appendix C About the Online Content
    1. System Requirements
    2. About the Total Tester
      1. Installing and Running Total Tester for Desktop
      2. Total Tester Online
    3. Single User License Terms and Conditions
    4. Technical Support
  43. Glossary
  44. Index
3.235.46.191