Title Page Ian Neil Copyright and Credits CompTIA Security+ Certification Guide Packt Upsell Why subscribe? Packt.com Contributor About the author Packt is searching for authors like you Preface Who this book is for What this book covers To get the most out of this book Download the color images Conventions used Get in touch Reviews Understanding Security Fundamentals CIA triad concept Identifying security controls Administrative controls Technical controls Physical controls Preventative controls Deterrent controls Detective controls Corrective controls Compensating controls Access controls Discretionary access control Least privilege Mandatory access control Linux permissions (not SELinux) Role-based access control Rule-based access control Attribute-based access control Group-based access Hashing and data integrity Hash practical Hash exercise Defense in depth model Review questions Answers and explanations Conducting Risk Analysis Risk management Importance of policy, plans, and procedures Standard operating procedures Agreement types Personnel management—policies and procedures Role—based awareness training General security policies Business impact analysis concepts Privacy threshold assessment/privacy impact assessment Mission—essential functions/identification of critical systems Example Supply chain risk assessment Example Business impact analysis concepts Calculating loss Example Risk procedures and concepts Threat assessment Threat actors Risk treatment Risk register Qualitative/quantitative risk analysis Review questions Answers and explanations Implementing Security Policies and Procedures Industry standard frameworks and reference architecture OSI reference model TCP/IP model Types of frameworks Benchmarks/secure configuration guides Policies and user guides Security configuration guides – web servers Network infrastructure device user guides General purpose guides Implementing data security and privacy practices Destroying data and sanitizing media  Data sensitivity labeling and handling Data retention – legal and compliance Data roles Practical – creating a baseline Review questions Answers and explanations Delving into Identity and Access Management Understanding identity and access management concepts Passwords Default/administrator password Passwords—group policy Password recovery Authentication factors Number of factor examples Transitive trust Federation services Shibboleth Single sign-on Installing and configuring identity and access services LDAP Kerberos Internet-based open source authentication Authentication, authorization, and accounting (AAA) servers Authentication Learning about Identity and access management controls Biometrics Security tokens and devices Certification-based authentication Port-based authentication Common account management practices Account types Account creation Employees moving departments Disabling an account Account recertification Account maintenance Account monitoring Security Information and Event Management Group based access control Credential management User account reviews Practical exercise – password policy Review questions Answers and explanations Understanding Network Components OSI – reference model Installing and configuring network components Firewall Router Access control list– network devices Intrusion-prevention system Intrusion-detection system Modes of detection Modes of operation Monitoring data Switch Layer 3 switch Proxy server Reverse proxy Remote access Virtual private network using L2TP/IPSec IPSec IPSec – handshake VPN concentrator Site-to-site VPN VPN always on versus on-demand SSL VPN Split tunnelling Load balancer Clustering Data-loss prevention Security information and event management Mail gateway Cloud-based email Media gateway Hardware security module Software-defined network Secure network architecture concepts Network address translation Port address translation Network access control (NAC) Honeypot Secure Socket Layer accelerators SSL/TLS decryptor Sensor/collector Tap/port mirror DDoS mitigator Segregation/segmentation/isolation Security device/technology placement DMZ device placement LAN device placement Aggregation switches Implementing secure protocols Use case File transfer – use case Remote access – use case Email – use case Name resolution – use case Hostname DNSSEC NETBIOS Web – use case Voice and video – use case Network address allocation – use case IP version 4 IP version 4 – lease process IP version 4 lease process – troubleshooting IP version 6 addressing Subscription services – use case Routing – use case Time synchronization – use case Directory services – use case Active Directory Switching – use case Simple network management protocol – use case Implementing wireless security Wireless access points – controllers Securing access to your wireless access point Wireless bandwidth/band selection Wireless channels Wireless antenna types and signal strength Wireless coverage Wireless encryption Wireless – open system authentication Wireless – WPS Wireless – captive portal Wireless attacks Wireless authentication protocols Review questions Answers and explanations Understanding Cloud Models and Virtualization Cloud computing Implementing different cloud deployment models Cloud service models Disk resiliency and redundancy Redundant array of independent disks Storage area network Understanding cloud storage concepts Exploring virtual networks Virtual desktop infrastructure VDE Heating, ventilation, and air-conditioning Network environments On-premises Hosted services Cloud-hosting services Practical exercise – is the cloud cost-effective? Review questions Answer and explanations Managing Hosts and Applications Deployment Deploying mobile devices securely Bring your own device Choose your own device Corporate-owned personally-enabled Virtual desktop infrastructure Mobile device connection methods Mobile device management concepts Accessing the device Device management Device protection Device data Mobile device enforcement and monitoring Industrial control system Supervisory control and data acquisition Mobile devices – security implications of embedded systems Special-purpose devices Secure application development and deployment concepts Development life cycle models – waterfall vs agile Waterfall Agile Agile versus waterfall DevOps Secure DevOps Secure coding techniques Code quality and testing Server-side versus client-side execution and validation Review questions Answers and explanations Protecting Against Attacks and Vulnerabilities Virus and malware attacks Social engineering attacks Common attacks Application/service attacks Programming attacks Example 1—JavaScript—creating a money variable Example 2—Javascript—setting the day of the month Hijacking related attacks Driver manipulation Cryptographic attacks Password attacks Wireless attacks Penetration testing Penetration testing techniques Vulnerability scanning concepts Credentialed versus non-credentialed scans Penetration testing versus vulnerability scanning Practical exercise—running a vulnerability scanner Review questions Answers and explanations Implementing Public Key Infrastructure Public key infrastructure concepts Certificate hierarchy Certificate trust Certificate validity Certificate management concepts Certificate types Asymmetric and symmetric encryption Encryption explained Digital signature explained Cryptography algorithms and their characteristics Symmetric algorithms Asymmetric algorithms Symmetric versus asymmetric analogy XOR encryption Key stretching algorithms Cipher modes Stream versus block cipher analogy Hashing and data integrity Comparing and contrasting basic concepts of cryptography Asymmetric – PKI Asymmetric – weak/depreciated algorithms Asymmetric – ephemeral keys Symmetric algorithm – modes of operation Symmetric encryption – stream versus block cipher Symmetric encryption – confusion Symmetric encryption – secret algorithm Symmetric – session keys Hashing algorithms Crypto service provider Crypto module Protecting data Basic cryptographic terminology Obfuscation Pseudo random number generator Nonce Perfect forward secrecy Security through obscurity Collision Steganography Diffusion Implementation versus algorithm Common use cases for cryptography Supporting confidentiality Supporting integrity Supporting non-repudiation Supporting obfuscation Low-power devices Low latency High resiliency Supporting authentication Resource versus security constraints Practical exercises Practical exercise 1 – building a certificate server Practical exercise 2—encrypting data with EFS and steal certificates Practical exercise 3 – revoking the EFS certificate Review questions Answers and explanations Responding to Security Incidents Incident response procedures Incident response process Understanding the basic concepts of forensics Five minute practical Software tools to assess the security posture of an organization Backup utilities Backup types Command-line tools Analyzing and interpreting output from security technologies Review questions Answers and explanations Managing Business Continuity Implementing secure systems design Hardware/firmware security Operating systems Securing IT systems Peripherals Importance of secure staging deployment concepts Troubleshooting common security issues Misconfigured devices Personnel issues Software issues Disaster recovery and continuity of operations concepts Review questions Answers and explanations Mock Exam 1 Mock Exam 2 Preparing for the CompTIA Security+ 501 Exam Tips on taking the exam Exam preparation Practical 1—drag and drop—attacks Practical 2—drag and drop—certificates Practical 3—drag and drop—ports/protocol Practical 4—drag and drop—authentication factors Practical 5—drag and drop—general Drag and drop—answers Linux information Acronyms Assessment Mock Exam 1 Mock Exam 2 Other Books You May Enjoy Leave a review - let other readers know what you think