Home Page Icon
Home Page
Table of Contents for
Cover
Close
Cover
by Greg White, Wm. Arthur Conklin, Chuck Cothren, Roger Davis, Dwayne Williams
CompTIA Security+ All-in-One Exam Guide (Exam SY0-401), 4th Edition
Title Page
About the Authors
Dedication
Contents at a Glance
Contents
Preface
Acknowledgments
Introduction
Part I Network Security
Chapter 1 Network Device Configuration
Network Devices
Firewalls
Routers
Switches
Load Balancers
Proxies
Web Security Gateways
VPN Concentrators
Intrusion Detection Systems
Intrusion Prevention Systems
Protocol Analyzers
Spam Filter
UTM Security Appliances
Web Application Firewall vs. Network Firewall
Application-aware Devices
Chapter Review
Questions
Answers
Chapter 2 Secure Network Administration
Secure Network Administration Principles
Rule-based Management
Firewall Rules
VLAN Management
Secure Router Configuration
Access Control Lists
Port Security
802.1x
Flood Guards
Loop Protection
Implicit Deny
Network Separation
Log Analysis
Unified Threat Management
Chapter Review
Questions
Answers
Chapter 3 Secure Network Design
Network Design Elements and Components
DMZ Security Zones
Subnetting
VLAN
NAT
Remote Access
Telephony
Network Access Control (NAC)
Virtualization
Cloud Computing
Layered Security/Defense in Depth
Protocols
IPsec
SNMP
SSH
DNS
TLS
SSL
TCP/IP
FTP
FTPS
SFTP
TFTP
HTTP
HTTPS
SCP
ICMP
IPv4
IPv6
iSCSI
Fibre Channel
FCoE
Telnet
NetBIOS
Ports
OSI Relevance
Chapter Review
Questions
Answers
Chapter 4 Secure Wireless Networking
Wireless Networking
SSID
WEP
WPA
TKIP
WPA2
EAP
PEAP
LEAP
CCMP
Wireless Operations
MAC Filter
Antenna Placement
Power Level Controls
Antenna Types
Captive Portals
Site Surveys
VPN (Over Open Wireless)
Chapter Review
Questions
Answers
Part II Compliance and Operational Security
Chapter 5 Risk Concepts
An Overview of Risk Management
Key Terms for Understanding Risk Management
Control Types
False Positives
False Negatives
Importance of Policies in Reducing Risk
Qualitative Risk Assessment
Quantitative Risk Assessment
Risk Calculation
Quantitative vs. Qualitative
Vulnerabilities
Threat Vectors
Probability/Threat Likelihood
Risk Avoidance, Transference, Acceptance, Mitigation, Deterrence
The Cloud
Risks Associated with Cloud Computing and Virtualization
Virtualization
Recovery Time Objective and Recovery Point Objective
Chapter Review
Questions
Answers
Chapter 6 System Integration Processes
System-Level Processes
On-boarding/Off-boarding Business Partners
Social Media Networks
Interoperability Agreements
Privacy Considerations
Risk Awareness
Data Issues
Policies and Procedures
Agreements
Chapter Review
Questions
Answers
Chapter 7 Risk Management
Risk Mitigation Strategies
Change Management
Incident Management
User Rights and Permissions Reviews
Perform Routine Audits
Data Loss or Theft
Technology Controls
Risk Management Best Practices
Business Continuity Concepts
Fault Tolerance
Disaster Recovery Concepts
Chapter Review
Questions
Answers
Chapter 8 Digital Forensics and Incident Response
Forensic Procedures
Collection
Examination
Analysis
Reporting
Incident Response Procedures
Preparation
Incident Identification
Escalation and Notification
Mitigation Steps
Lessons Learned
Reporting
Recovery/Reconstitution Procedures
Incident Isolation
Data Breach
Damage and Loss Control
Chapter Review
Questions
Answers
Chapter 9 Security Awareness and Training
Security Awareness and Training
Security Policy Training and Procedures
Role-based Training
Personally Identifiable Information
Information Classification
Data Labeling, Handling, and Disposal
Compliance with Laws, Best Practices, and Standards
User Habits
New Threats and Security Trends/Alerts
New Viruses
Phishing Attacks
Zero-day Exploits
Social Networking and P2P
Training Metrics and Compliance
Chapter Review
Questions
Answers
Chapter 10 Physical Security and Environmental Controls
Environmental Controls
HVAC
Fire Suppression
EMI Shielding
Hot and Cold Aisles
Environmental Monitoring
Temperature and Humidity Controls
Physical Security
Hardware Locks
Mantraps
Video Surveillance
Fencing
Proximity Readers
Access List
Proper Lighting
Signs
Guards
Barricades
Biometrics
Protected Distribution (Cabling)
Alarms
Motion Detection
Control Types
Chapter Review
Questions
Answers
Chapter 11 Security Controls
Confidentiality
Integrity
Availability
Safety
Fencing
Lighting
Locks
CCTV
Escape Routes
Escape Plans
Drills
Testing Controls
Chapter Review
Questions
Answers
Part III Threats and Vulnerabilities
Chapter 12 Attacks and Malware
Malware
Adware
Virus
Worms
Spyware
Trojan
Rootkits
Backdoors
Logic Bomb
Botnets
Ransomware
Polymorphic Malware
Armored Virus
Attack Methods
Man-in-the-Middle
Denial-of-Service
Distributed Denial-of-Service
Replay
Spoofing
Spam
Spim
Phishing
Spear Phishing
Vishing
Xmas Attack
Pharming
Privilege Escalation
Malicious Insider Threat
Cache Poisoning
TCP/IP Hijacking
Transitive Access
Client-side Attacks
Password Attacks
Typo Squatting/URL Hijacking
Watering Hole Attack
Chapter Review
Questions
Answers
Chapter 13 Social Engineering
Social Engineering Methods
Shoulder Surfing
Dumpster Diving
Tailgating
Impersonation
Hoaxes
Whaling
Vishing
Social Engineering Principles
Tools
Chapter Review
Questions
Answers
Chapter 14 Application and Wireless Attacks
Wireless Attacks
Rogue Access Points
Jamming/Interference
Evil Twin
War Dialing and War Driving
Bluetooth Attacks
Packet Sniffing
Near Field Communication
Replay Attacks
IV Attack
WEP/WPA Attacks
WPS Attacks
Application Attacks
Cross-site Scripting
Injections
Directory Traversal/Command Injection
Buffer Overflow
Integer Overflow
Zero-day
Cookies and Attachments
Locally Shared Objects
Malicious Add-ons
Session Hijacking
Client-side Attacks
Arbitrary/Remote Code Execution
Chapter Review
Questions
Answers
Chapter 15 Mitigation Techniques
Monitoring System Logs
Common Logs
Periodic Audits of Security Settings
System Hardening
Disabling Unused Interfaces and Unused Application Service Ports
Protecting Management Interfaces and Applications
Password Protection
Disabling Unused Accounts
Network Security
Network Software Updates
Network Device Configuration
802.1x
MAC Limiting and Filtering
Disabling Unused Interfaces and Unused Application Service Ports
Rogue Machine Detection
Security Posture
Initial Baseline Configuration
Updates (aka Hotfixes, Service Packs, and Patches)
Continuous Security Monitoring
Remediation
Reporting
Detection Controls vs. Prevention Controls
Chapter Review
Questions
Answers
Chapter 16 Threat and Vulnerability Discovery
Interpret Results of Security Assessment Tools
Tools
Risk Calculations
Threat vs. Likelihood
Assessment Types
Risk
Threat
Vulnerability
Assessment Technique
Baseline Reporting
Code Review
Determine Attack Surface
Review Architecture
Review Designs
Penetration Testing
Verify a Threat Exists
Bypass Security Controls
Actively Test Security Controls
Exploiting Vulnerabilities
Vulnerability Scanning
Passively Testing Security Controls
Identify Vulnerability
Identify Lack of Security Controls
Identify Common Misconfigurations
Intrusive vs. Non-intrusive
Credentialed vs. Non-credentialed
False Positive
Testing
Black Box
White Box
Gray Box
Chapter Review
Questions
Answers
Part IV Application, Data, and Host Security
Chapter 17 Application Security Controls
Secure Coding Concepts
Error and Exception Handling
Input Validation
Fuzzing
Cross-site Scripting Prevention
Cross-site Request Forgery
Application Hardening
Application Configuration Baseline
Application Patch Management
NoSQL Databases vs. SQL Databases
Server-side vs. Client-side Validation
Chapter Review
Questions
Answers
Chapter 18 Mobile Device Security
Device Security
Full Device Encryption
Remote Wiping
Lockout
Screen-locks
GPS
Application Control
Storage Segmentation
Asset Control
Mobile Device Management
Device Access Control
Removable Storage
Disabling Unused Features
Mobile Application Security
Key and Credential Management
Authentication
Geo-tagging
Application Whitelisting
Encryption
Transitive Trust/Authentication
BYOD Concerns
Data Ownership
Support Ownership
Patch Management
Antivirus Management
Forensics
Privacy
On-boarding/Off-boarding
Adherence to Corporate Policies
User Acceptance
Architecture/Infrastructure Considerations
Legal Concerns
Acceptable Use Policy
On-board Camera/Video
Chapter Review
Questions
Answers
Chapter 19 Host-based Security
Host Security
Operating System Security and Settings
OS Hardening
Anti-malware
Patch Management
Whitelisting vs. Blacklisting Applications
Trusted OS
Host-based Firewalls
Host-based Intrusion Detection
Hardware Security
Host Software Baselining
Virtualization
Host-based Security Controls
Cloud Storage
SAN
Handling Big Data
Data Encryption
Hardware-based Encryption Devices
Data Security
Permissions/ACL
Data Policies
Chapter Review
Questions
Answers
Chapter 20 Securing Alternative Environments
Alternative Environments
SCADA
Embedded Systems
Phones and Mobile Devices
Mainframe
Game Consoles
In-vehicle Computing Systems
Methods
Network Segmentation
Security Layers
Application Firewalls
Manual Updates
Firmware Version Control
Wrappers
Control Redundancy and Diversity
Chapter Review
Questions
Answers
Part V Access Control and Identity Management
Chapter 21 Access Control and Authentication
Authentication Services
RADIUS
TACACS+
Common Remote Access Ports
Kerberos
LDAP
Secure LDAP
SAML
Authorization
Least Privilege
Separation of Duties
Access Control
Job Rotation
Time of Day Restrictions
Authentication
Biometrics
Username
Smart Card
Common Access Card
Personal Identity Verification Card
Multifactor Authentication
HOTP
TOTP
CHAP
PAP
EAP
Implicit Deny
Trusted OS
Authentication Factors
Identification
Vulnerabilities
Federation
Transitive Trust/Authentication
Chapter Review
Questions
Answers
Chapter 22 Account Management
User, Group, and Role Management
User
Groups
Multiple Roles
Account Policy Enforcement
Credential Management
Group Policy
Password Policies
Domain Password Policy
Password Attacks
Account Auditing
Chapter Review
Questions
Answers
Part VI Cryptography
Chapter 23 Cryptographic Concepts
General Cryptographic Concepts
Symmetric
Public Key or Asymmetric
Symmetric vs. Asymmetric
Session Keys
Key Exchange
Fundamental Methods
Block vs. Stream
Elliptic Curve
Quantum Cryptography
Hashing
Ephemeral Keys
Cryptographic Objectives
Perfect Forward Secrecy
Transport Encryption
Non-repudiation
Key Escrow
Steganography
Digital Signatures
Use of Proven Technologies
Chapter Review
Questions
Answers
Chapter 24 Cryptographic Methods
Hashing
MD5
SHA
RIPEMD
Symmetric Encryption
DES
3DES
AES
RC4
Blowfish
Twofish
Asymmetric Encryption
RSA
Diffie-Hellman
ECC
Cryptographic Applications
PGP
GnuPG/GPG
PAP/CHAP
NT LAN Manager
Wireless
One-time Pads
Comparative Strengths and Performance of Algorithms
Use of Algorithms/Protocols with Transport Encryption
Cipher Suites
Key Stretching
The Basics of Public Key Infrastructures
Certificate Authorities
Registration Authorities
Trust and Certificate Verification
Digital Certificates
Certificate Attributes
Certificate Lifecycles
Registration and Generation
CSR
Renewal
Revocation
Suspension
Key Destruction
Private Key Protection
Key Recovery
Key Escrow
Public Certificate Authorities
Trust Models
Hierarchical Trust Model
Walking the Certificate Path
Peer-to-Peer Model
Hybrid Trust Model
Chapter Review
Questions
Answers
Part VII Appendixes and Glossary
Appendix A OSI Model and Internet Protocols
Networking Frameworks and Protocols
OSI Model
Application Layer
Presentation Layer
Session Layer
Transport Layer
Network Layer
Data Link Layer
Physical Layer
Internet Protocols
TCP
UDP
IP
Message Encapsulation
Review
Appendix B About the Download
System Requirements
Downloading Total Tester Premium Practice Exam Software
Total Tester Premium Practice Exam Software
Installing and Running Total Tester Premium Practice Exam Software
Technical Support
Glossary
Index
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Next
Next Chapter
Title Page
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset