Muutke küpsiste eelistusi

E-raamat: CompTIA Security+ All-in-One Exam Guide, Sixth Edition (Exam SY0-601)

4.24/5 (63 hinnangut Goodreads-ist)
,
  • Formaat: EPUB+DRM
  • Ilmumisaeg: 09-Apr-2021
  • Kirjastus: McGraw-Hill Education
  • Keel: eng
  • ISBN-13: 9781260464016
Teised raamatud teemal:
  • Formaat - EPUB+DRM
  • Hind: 56,16 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
CompTIA Security+ All-in-One Exam Guide, Sixth Edition (Exam SY0-601)Suurem pilt
  • Formaat: EPUB+DRM
  • Ilmumisaeg: 09-Apr-2021
  • Kirjastus: McGraw-Hill Education
  • Keel: eng
  • ISBN-13: 9781260464016
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.

This fully updated study guide covers every topic on the current version of the CompTIA Security+ exam

Take the latest version of the CompTIA Security+ exam with complete confidence using the detailed information contained in this highly effective self-study system. Written by two leading information security experts, this authoritative guide addresses the skills required for securing a network and managing risk and enables you to become CompTIA certified.

CompTIA Security+ All-in-One Exam Guide, Sixth Edition (Exam SY0-601) covers all exam domains and features 200 accurate practice questions. To aid in study, the book features learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. All questions mirror those on the live exam in tone, format, and content. Beyond fully preparing you for the challenging exam, the book also serves as a valuable on-the-job reference for IT professionals.

  • Provides 100% coverage of every objective on exam SY0-601
  • Online content includes performance-based question simulations and 200 multiple-choice practice questions
  • Written by a team of experienced IT security educators

Preface xii
Acknowledgments xiii
Introduction xiv
Objective Map: Exam SYO-601 1(2)
Part I Threats, Attacks, and Vulnerabilities
Chapter 1 Social Engineering Techniques
3(18)
Social Engineering Methods
3(2)
Tools
5(1)
Phishing
5(1)
Smishing
5(1)
Vishing
6(1)
Spam
6(1)
Spam over Instant Messaging (SPIM)
7(1)
Spear Phishing
7(1)
Dumpster Diving
7(1)
Shoulder Surfing
8(1)
Pharming
8(1)
Tailgating
8(1)
Eliciting Information
9(1)
Whaling
9(1)
Prepending
9(1)
Identity Fraud
9(1)
Invoice Scams
10(1)
Credential Harvesting
10(1)
Reconnaissance
11(1)
Hoax
11(1)
Impersonation
12(1)
Third-Party Authorization
12(1)
Contractors/Outside Parties
12(1)
Online Attacks
12(1)
Defenses
12(1)
Watering Hole Attack
13(1)
Typosquatting
13(1)
Pretexting
13(1)
Influence Campaigns
14(1)
Principles (Reasons for Effectiveness)
14(2)
Authority
15(1)
Intimidation
15(1)
Consensus
15(1)
Scarcity
15(1)
Familiarity
15(1)
Trust
16(1)
Urgency
16(1)
Defenses
16(1)
Chapter Review
17(4)
Questions
17(2)
Answers
19(2)
Chapter 2 Type of Attack Indicators
21(18)
Malware
22(6)
Ransomware
22(1)
Trojans
22(1)
Worms
23(1)
Potentially Unwanted Programs
24(1)
Fileless Viruses
24(1)
Command and Control
24(1)
Bots
24(1)
Crypto-malware
25(1)
Logic Bombs
25(1)
Spyware
26(1)
Keyloggers
26(1)
Remote-Access Trojans (RATs)
26(1)
Rootkit
27(1)
Backdoors
28(1)
Password Attacks
28(3)
Spraying
28(1)
Dictionary
29(1)
Brute Force
29(1)
Rainbow Tables
30(1)
Plaintext/Unencrypted
30(1)
Physical Attacks
31(1)
Malicious Universal Serial Bus (USB) Cable
31(1)
Malicious Flash Drives
31(1)
Card Cloning
31(1)
Skimming
32(1)
Adversarial Artificial Intelligence (AI)
32(1)
Tainted Training Data for Machine Learning (ML)
33(1)
Security of Machine Learning Algorithms
33(1)
Supply-Chain Attacks
33(1)
Cloud-Based vs. On-Premises Attacks
33(1)
Cryptographic Attacks
34(1)
Birthday
34(1)
Collision
34(1)
Downgrade
34(1)
Chapter Review
35(4)
Questions
35(3)
Answers
38(1)
Chapter 3 Application Attack Indicators
39(18)
Privilege Escalation
39(1)
Cross-Site Scripting
40(1)
Injection Attacks
41(2)
Structured Query Language (SQL)
41(1)
Dynamic-Link Library (DLL)
42(1)
Lightweight Directory Access Protocol (LDAP)
42(1)
Extensible Markup Language (XML)
43(1)
Pointer/Object Dereference
43(1)
Directory Traversal
43(1)
Buffer Overflow
44(1)
Race Condition
45(1)
Time of Check/Time of Use
46(1)
Improper Error Handling
46(1)
Improper Input Handling
46(1)
Replay Attacks
47(1)
Session Replay
47(1)
Integer Overflow
48(1)
Request Forgery
48(1)
Server-Side Request Forgery
48(1)
Cross-Site Request Forgery
49(1)
Application Programming Interface (API) Attacks
49(1)
Resource Exhaustion
50(1)
Memory Leak
50(1)
Secure Sockets Layer (SSL) Stripping
50(1)
Driver Manipulation
51(1)
Shimming
51(1)
Refactoring
51(1)
Pass the Hash
51(1)
Chapter Review
52(5)
Questions
52(2)
Answers
54(3)
Chapter 4 Network Attack Indicators
57(20)
Wireless
57(5)
Evil Twin
57(1)
Rogue Access Point
57(1)
Bluesnarfing
58(1)
Bluejacking
58(1)
Disassociation
59(1)
Jamming
60(1)
Radio Frequency Identification (RFID)
60(1)
Near Field Communication (NFC)
61(1)
Initialization Vector (IV)
61(1)
On-path Attack
62(1)
Layer 2 Attacks
63(1)
Address Resolution Protocol (ARP) Poisoning
63(1)
Media Access Control (MAC) Flooding
64(1)
MAC Cloning
64(1)
Domain Name System (DNS)
64(4)
Domain Hijacking
64(1)
DNS Poisoning
65(2)
Universal Resource Locator (URL) Redirection
67(1)
Domain Reputation
67(1)
Distributed Denial-of-Service (DDoS)
68(4)
Network
69(2)
Application
71(1)
Operational Technology (OT)
71(1)
Malicious Code and Script Execution
72(1)
PowerShell
72(1)
Python
72(1)
Bash
72(1)
Macros
73(1)
Visual Basic for Applications (VBA)
73(1)
Chapter Review
73(4)
Questions
74(2)
Answers
76(1)
Chapter 5 Threat Actors, Vectors, and Intelligence Sources
77(22)
Actors and Threats
77(6)
Advanced Persistent Threats (APTs)
78(1)
Insider Threats
79(1)
State Actors
80(1)
Hacktivists
81(1)
Script Kiddies
81(1)
Criminal Syndicates
81(1)
Hackers
82(1)
Shadow IT
83(1)
Competitors
83(1)
Attributes of Actors
83(1)
Internal/External
83(1)
Level of Sophistication/Capability
83(1)
Resources/Funding
84(1)
Intent/Motivation
84(1)
Vectors
84(2)
Direct Access
85(1)
Wireless
85(1)
E-mail
85(1)
Supply Chain
85(1)
Social Media
86(1)
Removable Media
86(1)
Cloud
86(1)
Threat Intelligence Sources
86(6)
Open Source Intelligence (OSINT)
87(1)
Closed/Proprietary
87(1)
Vulnerability Databases
88(1)
Public/Private Information Sharing Centers
88(1)
Dark Web
89(1)
Indicators of Compromise
89(1)
Automated Indicator Sharing (AIS)
90(1)
Structured Threat Information Expression (STIX) / Trusted Automated Exchange of Intelligence Information (TAXII)
90(1)
Predictive Analysis
91(1)
Threat Maps
91(1)
File/Code Repositories
91(1)
Research Sources
92(3)
Vendor Websites
93(1)
Vulnerability Feeds
93(1)
Conferences
93(1)
Academic Journals
93(1)
Requests for Comment (RFCs)
94(1)
Local Industry Groups
94(1)
Social Media
94(1)
Threat Feeds
95(1)
Adversary Tactics, Techniques, and Procedures (TTPs)
95(1)
Chapter Review
95(4)
Questions
96(2)
Answers
98(1)
Chapter 6 Vulnerabilities
99(16)
Cloud-based vs. On-premises Vulnerabilities
99(1)
Zero Day
100(1)
Weak Configurations
100(3)
Open Permissions
100(1)
Unsecure Root Accounts
101(1)
Errors
101(1)
Weak Encryption
101(1)
Unsecure Protocols
102(1)
Default Settings
102(1)
Open Ports and Services
102(1)
Third-Party Risks
103(3)
Vendor Management
103(2)
Supply Chain
105(1)
Outsourced Code Development
105(1)
Data Storage
105(1)
Improper or Weak Patch Management
106(1)
Firmware
106(1)
Operating System (OS)
106(1)
Applications
107(1)
Legacy Platforms
107(1)
Impacts
107(3)
Data Loss
108(1)
Data Breaches
108(1)
Data Exfiltration
108(1)
Identity Theft
108(1)
Financial
109(1)
Reputation
109(1)
Availability Loss
110(1)
Chapter Review
110(5)
Questions
111(2)
Answers
113(2)
Chapter 7 Security Assessments
115(14)
Threat Hunting
115(2)
Intelligence Fusion
116(1)
Threat Feeds
116(1)
Advisories and Bulletins
116(1)
Maneuver
117(1)
Vulnerability Scans
117(4)
False Positives
117(1)
False Negatives
118(1)
Log Reviews
118(1)
Credentialed vs. Non-Credentialed
118(1)
Intrusive vs. Non-Intrusive
119(1)
Application
119(1)
Web Application
119(1)
Network
119(1)
Common Vulnerabilities and Exposures (CVE)/ Common Vulnerability Scoring System (CVSS)
120(1)
Configuration Review
120(1)
Syslog/Security Information and Event Management (SIEM)
121(2)
Review Reports
121(1)
Packet Capture
121(1)
Data Inputs
122(1)
User Behavior Analysis
122(1)
Sentiment Analysis
122(1)
Security Monitoring
123(1)
Log Aggregation
123(1)
Log Collectors
123(1)
Security Orchestration, Automation, and Response (SOAR)
123(1)
Chapter Review
124(5)
Questions
124(2)
Answers
126(3)
Chapter 8 Penetration Testing
129(16)
Penetration Testing
129(6)
Known Environment
131(1)
Unknown Environment
131(1)
Partially Known Environment
131(1)
Rules of Engagement
132(1)
Lateral Movement
132(1)
Privilege Escalation
133(1)
Persistence
133(1)
Cleanup
134(1)
Bug Bounty
134(1)
Pivoting
134(1)
Passive and Active Reconnaissance
135(2)
Drones
136(1)
War Flying
136(1)
War Driving
136(1)
Footprinting
137(1)
OSINT
137(1)
Exercise Types
137(2)
Red Team
138(1)
Blue Team
138(1)
White Team
138(1)
Purple Team
138(1)
Chapter Review
139(6)
Questions
139(2)
Answers
141(4)
Part II Architecture and Design
Chapter 9 Enterprise Security Architecture
145(14)
Configuration Management
145(2)
Diagrams
146(1)
Baseline Configuration
146(1)
Standard Naming Conventions
146(1)
Internet Protocol (IP) Schema
147(1)
Data Sovereignty
147(1)
Data Protection
148(3)
Data Loss Prevention (DLP)
148(1)
Masking
148(1)
Encryption
148(1)
At Rest
149(1)
In Transit/Motion
149(1)
In Processing
149(1)
Tokenization
150(1)
Rights Management
150(1)
Geographical Considerations
151(1)
Response and Recovery Controls
151(1)
Secure Sockets Layer (SSL)/Transport Layer Security (TLS) Inspection
151(1)
Hashing
152(1)
API Considerations
152(1)
Site Resiliency
153(1)
Hot Sites
153(1)
Warm Sites
153(1)
Cold Sites
153(1)
Deception and Disruption
154(1)
Honeypots
154(1)
Honeyfiles
154(1)
Honeynets
154(1)
Fake Telemetry
154(1)
DNS Sinkhole
155(1)
Chapter Review
155(4)
Questions
156(1)
Answers
157(2)
Chapter 10 Virtualization and Cloud Security
159(14)
Cloud Models
159(3)
Infrastructure as a Service (IaaS)
160(1)
Platform as a Service (PaaS)
160(1)
Software as a Service (SaaS)
160(1)
Anything as a Service (XaaS)
160(1)
Level of Control in the Hosting Models
160(1)
Public
160(1)
Community
161(1)
Private
161(1)
Hybrid
161(1)
Cloud Service Providers
162(1)
Managed Service Provider (MSP) / Managed Security Service Provider (MSSP)
162(1)
On-Premises vs. Off-Premises
162(1)
Fog Computing
163(1)
Edge Computing
163(1)
Thin Client
164(1)
Containers
164(1)
Microservices/API
165(1)
Infrastructure as Code
165(1)
Software-Defined Networking (SDN)
165(1)
Software-Defined Visibility (SDV)
166(1)
Serverless Architecture
166(1)
Services Integration
166(1)
Resource Policies
167(1)
Transit Gateway
167(1)
Virtualization
167(2)
Type I
168(1)
Type II
168(1)
Virtual Machine (VM) Sprawl Avoidance
168(1)
VM Escape Protection
168(1)
Chapter Review
169(4)
Questions
169(2)
Answers
171(2)
Chapter 11 Secure Application Development, Deployment, and Automation Concepts
173(16)
Environment
173(2)
Development
174(1)
Test
174(1)
Staging
174(1)
Production
174(1)
Quality Assurance (QA)
175(1)
Provisioning and Deprovisioning
175(1)
Integrity Measurement
175(1)
Secure Coding Techniques
176(4)
Normalization
176(1)
Stored Procedures
177(1)
Obfuscation/Camoufiage
178(1)
Code Reuse and Dead Code
178(1)
Server-Side vs. Client-Side Execution and Validation
179(1)
Memory Management
179(1)
Use of Third-Party Libraries and Software Development Kits (SDKs)
179(1)
Data Exposure
180(1)
Open Web Application Security Project (OWASP)
180(1)
Software Diversity
180(1)
Compilers
181(1)
Binaries
181(1)
Automation/Scripting
181(2)
Automated Courses of Action
182(1)
Continuous Monitoring
182(1)
Continuous Validation
182(1)
Continuous Integration
183(1)
Continuous Delivery
183(1)
Continuous Deployment
183(1)
Elasticity
183(1)
Scalability
184(1)
Version Control
184(1)
Chapter Review
184(5)
Questions
185(2)
Answers
187(2)
Chapter 12 Authentication and Authorization
189(18)
Authentication Methods
189(4)
Directory Services
189(1)
Federation
190(1)
Attestation
191(1)
Technologies
191(2)
Smart Card Authentication
193(1)
Biometrics
193(5)
Fingerprint
194(1)
Retina
194(1)
Iris
194(1)
Facial
195(1)
Voice
195(1)
Vein
195(1)
Gait Analysis
195(1)
Efficacy Rates
196(1)
False Acceptance
196(1)
False Rejection
197(1)
Crossover Error Rate
197(1)
Multifactor Authentication (MFA) Factors and Attributes
198(3)
Factors
199(1)
Attributes
200(1)
Authentication, Authorization, and Accounting (AAA)
201(1)
Cloud vs. On-premises Requirements
202(1)
Chapter Review
202(5)
Questions
202(2)
Answers
204(3)
Chapter 13 Cybersecurity Resilience
207(20)
Redundancy
207(6)
Geographic Dispersal
208(1)
Disk
208(2)
Network
210(1)
Power
211(2)
Replication
213(1)
Storage Area Network (SAN)
213(1)
V.M
213(1)
On-premises vs. Cloud
214(1)
Backup Types
214(5)
Full
215(1)
Incremental
215(1)
Snapshot
216(1)
Differential
216(1)
Tape
217(1)
Disk
217(1)
Copy
217(1)
Network Attached Storage (NAS)
217(1)
Storage Area Network (SAN)
217(1)
Cloud
218(1)
Image
218(1)
Online vs. Offline
218(1)
Distance Considerations
219(1)
Nonpersistence
219(1)
Revert to Known State
219(1)
Last Known-Good Configuration
220(1)
Live Boot Media
220(1)
High Availability
220(1)
Scalability
220(1)
Restoration Order
221(1)
Diversity
221(1)
Technologies
221(1)
Vendors
222(1)
Crypto
222(1)
Controls
222(1)
Chapter Review
222(5)
Questions
223(2)
Answers
225(2)
Chapter 14 Embedded and Specialized Systems
227(20)
Embedded Systems
227(2)
Raspberry Pi
228(1)
Field Programmable Gate Arrays (FPGAs)
228(1)
Arduino
228(1)
Supervisory Control and Data Acquisition (SCADA) / Industrial Control System (ICS)
229(2)
Facilities
230(1)
Industrial
230(1)
Manufacturing
230(1)
Energy
230(1)
Logistics
231(1)
Internet of Things (IoT)
231(2)
Sensors
231(1)
Smart Devices
231(1)
Wearables
232(1)
Facility Automation
232(1)
Weak Defaults
232(1)
Specialized Systems
233(2)
Medical Systems
233(1)
Vehicle Systems
234(1)
Aircraft Systems
234(1)
Smart Meters
235(1)
Voice over IP (VoIP)
235(1)
Heating, Ventilation, Air Conditioning (HVAC)
236(1)
Drones
236(1)
Multifunction Printers (MFPs)
236(1)
Real-time Operating Systems (RTOSs)
237(1)
Surveillance Systems
237(1)
System on a Chip (SoC)
238(1)
Communication Considerations
238(2)
5G
239(1)
Narrow-Band Radio
239(1)
Baseband Radio
239(1)
Subscriber Identity Module (SIM) Cards
239(1)
Zigbee
240(1)
Constraints
240(2)
Power
240(1)
Compute
240(1)
Network
241(1)
Cryptographic Functions
241(1)
Inability to Patch
241(1)
Authentication
241(1)
Range
242(1)
Cost
242(1)
Implied Trust
242(1)
Chapter Review
242(5)
Questions
243(2)
Answers
245(2)
Chapter 15 Physical Security Controls
247(24)
Bollards/Barricades
247(1)
Access Control Vestibules
248(1)
Badges
249(1)
Alarms
249(1)
Signage
249(1)
Cameras
250(1)
Motion Recognition
250(1)
Object Detection
250(1)
Closed-Circuit Television (CCTV)
250(1)
Industrial Camouflage
251(1)
Personnel
252(1)
Guards
252(1)
Robot Sentries
253(1)
Reception
253(1)
Two-Person Integrity/Control
253(1)
Locks
253(3)
Biometrics
254(1)
Electronic
255(1)
Physical
255(1)
Cable Locks
256(1)
USB Data Blocker
256(1)
Lighting
257(1)
Fencing
257(1)
Fire Suppression
257(3)
Sensors
260(2)
Motion Detection
260(1)
Noise Detection
260(1)
Proximity Reader
260(1)
Moisture Detection
261(1)
Cards
261(1)
Temperature
261(1)
Drones
262(1)
Visitor Logs
262(1)
Faraday Cages
262(1)
Air Gap
263(1)
Screened Subnet
263(1)
Protected Cable Distribution
264(1)
Secure Areas
264(2)
Air Gap
264(1)
Vault
264(1)
Safe
265(1)
Hot and Cold Aisles
265(1)
Secure Data Destruction
266(1)
Burning
266(1)
Shredding
266(1)
Pulping
266(1)
Pulverizing
266(1)
Degaussing
267(1)
Purging
267(1)
Third-Parry Solutions
267(1)
Chapter Review
267(4)
Questions
268(2)
Answers
270(1)
Chapter 16 Cryptographic Concepts
271(24)
General Cryptographic Concepts
271(1)
Fundamental Methods
272(1)
Digital Signatures
272(2)
Key Length
274(1)
Key Stretching
274(1)
Salting
274(1)
Hashing
275(1)
Key Exchange
276(1)
Elliptic Curve Cryptography
277(1)
Perfect Forward Secrecy
277(1)
Quantum Cryptography
278(1)
Post-Quantum Era
278(1)
Ephemeral Keys
279(1)
Modes of Operation
279(1)
Authenticated
279(1)
Counter
280(1)
Unauthenticated
280(1)
Blockchain
280(1)
Cipher Suites
281(1)
Block
281(1)
Stream
282(1)
Symmetric vs. Asymmetric
282(1)
Lightweight Cryptography
283(1)
Steganography
283(1)
Homomorphic Encryption
284(1)
Common Use Cases
285(1)
Low-Power Devices
285(1)
Low-Latency Operations
285(1)
High-Resiliency Systems
285(1)
Support for Confidentiality
285(1)
Support for Integrity
285(1)
Support for Obfuscation
285(1)
Supporting Authentication
286(1)
Support for Nonrepudiation
286(1)
Limitations
286(3)
Speed
286(1)
Size
287(1)
Weak Keys
287(1)
Time
287(1)
Longevity
287(1)
Predictability
288(1)
Reuse
288(1)
Entropy
288(1)
Computational Overhead
288(1)
Resource vs. Security Constraints
289(1)
Weak/Deprecated Algorithms
289(1)
Chapter Review
289(6)
Questions
290(1)
Answers
291(4)
Part III Implementation
Chapter 17 Secure Protocols
295(12)
Protocols
295(6)
Domain Name System Security Extensions (DNSSEC)
296(1)
SSH
296(1)
Secure/Multipurpose Internet Mail Extensions (S/MIME)
296(1)
Secure Real-time Transport Protocol (SRTP)
297(1)
Lightweight Directory Access Protocol over SSL (LDAPS)
297(1)
File Transfer Protocol, Secure (FTPS)
297(1)
SSH File Transfer Protocol (SFTP)
297(1)
Simple Network Management Protocol, Version 3 (SNMPv3)
298(1)
Hypertext Transfer Protocol over SSL/TLS (HTTPS)
298(1)
IPSec
298(2)
Post Office Protocol (POP) / Internet Message Access Protocol (IMAP)
300(1)
Use Cases
301(3)
Voice and Video
301(1)
Time Synchronization
302(1)
E-mail and Web
302(1)
File Transfer
302(1)
Directory Services
302(1)
Remote Access
302(1)
Domain Name Resolution
303(1)
Routing and Switching
303(1)
Network Address Allocation
303(1)
Subscription Services
303(1)
Chapter Review
304(3)
Questions
304(2)
Answers
306(1)
Chapter 18 Host and Application Security
307(22)
Endpoint Protection
307(7)
Antivirus
307(3)
Anti-Malware
310(1)
Endpoint Detection and Response (EDR)
311(1)
DLP
311(1)
Next-Generation Firewall (NGFW)
311(1)
Host-based Intrusion Detection System (HIDS)
311(1)
Host-based Intrusion Prevention System (HIPS)
312(1)
Host-based Firewall
312(2)
Boot Integrity
314(1)
Boot Security/Unified Extensible Firmware Interface (UEFI)
314(1)
Measured Boot
315(1)
Boot Attestation
315(1)
Database
315(1)
Tokenization
315(1)
Salting
316(1)
Hashing
316(1)
Application Security
316(4)
Input Validations
316(1)
Secure Cookies
317(1)
Hypertext Transfer Protocol (HTTP) Headers
317(1)
Code Signing
317(1)
Allow List
318(1)
Block List/Deny List
318(1)
Secure Coding Practices
318(1)
Static Code Analysis
319(1)
Dynamic Code Analysis
319(1)
Fuzzing
320(1)
Hardening
320(4)
Open Ports and Services
320(1)
Registry
321(1)
Disk Encryption
321(1)
O.S
321(1)
Patch Management
322(1)
Third-Party Updates
323(1)
Auto-Update
324(1)
Self-Encrypting Drive (SED)/Full Disk Encryption (FDE)
324(1)
Opal
324(1)
Hardware Root of Trust
324(1)
Trusted Platform Module (TPM)
325(1)
Sandboxing
325(1)
Chapter Review
325(4)
Questions
326(2)
Answers
328(1)
Chapter 19 Secure Network Design
329(34)
Load Balancing
329(2)
Active/Active
330(1)
Active/Passive
330(1)
Scheduling
330(1)
Virtual IP
331(1)
Persistence
331(1)
Network Segmentation
331(5)
Virtual Local Area Network (VLAN)
331(2)
Screened Subnet (Previously Known as Demilitarized Zone)
333(1)
East-West Traffic
334(1)
Extranet
335(1)
Intranet
335(1)
Zero Trust
336(1)
Virtual Private Network (VPN)
336(4)
Always On
337(1)
Split Tunnel vs. Full Tunnel
337(1)
Remote Access vs. Site-to-Site
337(1)
IPSec
338(1)
SSL/TLS
339(1)
HTML5
339(1)
Layer 2 Tunneling Protocol (L2TP)
339(1)
DNS
340(1)
Network Access Control (NAC)
340(2)
Agent and Agentless
341(1)
Out-of-Band Management
342(1)
Port Security
342(3)
Broadcast Storm Prevention
343(1)
Bridge Protocol Data Unit (BPDU) Guard
343(1)
Loop Prevention
343(1)
Dynamic Host Configuration Protocol (DHCP) Snooping
344(1)
Media Access Control (MAC) Filtering
344(1)
Network Appliances
345(10)
Jump Servers
345(1)
Proxy Servers
345(1)
Network-based Intrusion Detection System (NIDS)/Network-based Intrusion Prevention System (NIPS)
346(2)
HSM
348(1)
Sensors
349(1)
Collectors
349(1)
Aggregators
349(1)
Firewalls
350(5)
Access Control List (ACL)
355(1)
Route Security
355(1)
Quality of Service (QoS)
356(1)
Implications of IPv6
356(1)
Port Spanning/Port Mirroring
356(1)
Port Taps
357(1)
Monitoring Services
357(1)
File Integrity Monitors
357(1)
Chapter Review
358(5)
Questions
359(1)
Answers
360(3)
Chapter 20 Wireless Security
363(14)
Cryptographic Protocols
363(3)
Wi-Fi Protected Access 2 (WPA2)
364(1)
Wi-Fi Protected Access 3 (WPA3)
365(1)
Counter Mode/CBC-MAC Protocol (CCMP)
365(1)
Simultaneous Authentication of Equals (SAE)
366(1)
Authentication Protocols
366(2)
Extensible Authentication Protocol (EAP)
366(1)
Protected Extensible Authentication Protocol (PEAP)
366(1)
EAP-FAST
366(1)
EAP-TLS
367(1)
EAP-TTLS
367(1)
IEEE 802.IX
368(1)
Remote Authentication Dial-in User Service (RADIUS) Federation
368(1)
Methods
368(2)
Pre-shared Key (PSK) vs. Enterprise vs. Open
368(1)
Wi-Fi Protected Setup (WPS)
369(1)
Captive Portals
369(1)
Installation Considerations
370(3)
Site Surveys
370(1)
Heat Maps
371(1)
Wi-Fi Analyzers
371(1)
Channel Overlays
371(1)
Wireless Access Point (WAP) Placement
372(1)
Controller and Access Point Security
372(1)
Chapter Review
373(4)
Questions
373(2)
Answers
375(2)
Chapter 21 Secure Mobile Solutions
377(22)
Connection Methods and Receivers
377(5)
Cellular
378(1)
Wi-Fi
378(1)
Bluetooth
378(1)
NFC
379(1)
Infrared
379(1)
USB
380(1)
Point-to-Point
380(1)
Point-to-Multipoint
381(1)
Global Positioning System (GPS)
381(1)
RFID
381(1)
Mobile Device Management (MDM)
382(5)
Application Management
383(1)
Content Management
383(1)
Remote Wipe
383(1)
Geofencing
384(1)
Geolocation
384(1)
Screen Locks
384(1)
Push Notification Services
385(1)
Passwords and PINs
386(1)
Biometrics
386(1)
Context-Aware Authentication
386(1)
Containerization
386(1)
Storage Segmentation
387(1)
Full Device Encryption
387(1)
Mobile Devices
387(2)
MicroSD Hardware Security Module (HSM)
388(1)
MDM/Unified Endpoint Management (UEM)
388(1)
Mobile Application Management (MAM)
388(1)
SEAndroid
388(1)
Enforcement and Monitoring
389(4)
Third-Party Application Stores
389(1)
Rooting/Jailbreaking
389(1)
Sideloading
390(1)
Custom Firmware
390(1)
Carrier Unlocking
390(1)
Firmware OTA Updates
390(1)
Camera Use
390(1)
SMS/Multimedia Message Service (MMS)/Rich Communication Services (RCS)
391(1)
External Media
391(1)
USB On-The-Go (USB OTG)
391(1)
Recording Microphone
391(1)
GPS Tagging
392(1)
Wi-Fi Direct/Ad Hoc
392(1)
Tethering
392(1)
Hotspot
393(1)
Payment Methods
393(1)
Deployment Models
393(2)
Bring Your Own Device (BYOD)
394(1)
Corporate-Owned, Personally Enabled (COPE)
394(1)
Choose Your Own Device (CYOD)
394(1)
Corporate-Owned
394(1)
Virtual Desktop Infrastructure (VDI)
394(1)
Chapter Review
395(4)
Questions
395(2)
Answers
397(2)
Chapter 22 Implementing Cloud Security
399(14)
Cloud Security Controls
399(6)
High Availability Across Zones
399(1)
Resource Policies
400(1)
Secrets Management
400(1)
Integration and Auditing
401(1)
Storage
401(1)
Network
402(1)
Compute
403(2)
Solutions
405(3)
CASB
405(1)
Application Security
406(1)
Next-Generation Secure Web Gateway (SWG)
406(1)
Firewall Considerations in a Cloud Environment
406(2)
Cloud-Native Controls vs. Third-Party Solutions
408(1)
Chapter Review
408(5)
Questions
408(2)
Answers
410(3)
Chapter 23 Identity and Account Management Controls
413(18)
Identity
413(3)
Identity Provider (IdP)
413(1)
Attributes
414(1)
Certificates
414(1)
Tokens
414(2)
SSH Keys
416(1)
Smart Cards
416(1)
Account Types
416(3)
User Account
416(1)
Shared and Generic Accounts/Credentials
417(1)
Guest Accounts
418(1)
Service Accounts
418(1)
Account Policies
419(7)
Password Complexity
419(1)
Password History
420(1)
Password Reuse
420(1)
Time of Day
421(1)
Network Location
421(1)
Geofencing
421(1)
Geotagging
422(1)
Geolocation
422(1)
Time-based Logins
422(1)
Access Policies
422(2)
Account Permissions
424(1)
Account Audits
425(1)
Impossible Travel Time/Risky Login
425(1)
Lockout
425(1)
Disablement
426(1)
Chapter Review
426(5)
Questions
427(2)
Answers
429(2)
Chapter 24 Implement Authentication and Authorization
431(20)
Authentication Management
431(2)
Password Keys
431(1)
Password Vaults
432(1)
TPM
432(1)
HSM
432(1)
Knowledge-based Authentication
433(1)
Authentication
433(6)
EAP
433(1)
Challenge-Handshake Authentication Protocol (CHAP)
434(1)
Password Authentication Protocol (PAP)
435(1)
802. IX
435(1)
RADIUS
436(1)
Single Sign-On (SSO)
436(1)
Security Assertion Markup Language (SAML)
436(1)
Terminal Access Controller Access Control System Plus (TACACS+)
437(1)
OAuth
437(1)
OpenID
438(1)
Kerberos
438(1)
Access Control Schemes
439(7)
Attribute-Based Access Control (ABAC)
440(1)
Role-Based Access Control
441(1)
Rule-Based Access Control
441(1)
MAC
441(1)
Discretionary Access Control (DAC)
442(1)
Conditional Access
443(1)
Privileged Access Management
443(1)
File System Permissions
443(3)
Chapter Review
446(5)
Questions
446(2)
Answers
448(3)
Chapter 25 Public Key Infrastructure
451(30)
Public Key Infrastructure (PKI)
451(10)
Key Management
454(1)
Certificate Authority (CA)
454(1)
Intermediate CA
455(1)
Registration Authority (RA)
455(1)
Certificate Revocation List (CRL)
456(1)
Certificate Attributes
457(2)
Online Certificate Status Protocol (OCSP)
459(1)
Certificate Signing Request (CSR)
459(1)
C.N
460(1)
Subject Alternative Name (SAN)
460(1)
Expiration
461(1)
Types of Certificates
461(5)
Wildcard Certificates
462(1)
Subject Alternative NameSAN
463(1)
Code-Signing Certificates
463(1)
Self-Signed Certificates
464(1)
Machine/Computer
465(1)
E-mail
465(1)
User
465(1)
Root
465(1)
Domain Validation
465(1)
Extended Validation
466(1)
Certificate Formats
466(2)
KEY
466(1)
Distinguished Encoding Rules (DER)
466(1)
Privacy-Enhanced Mail (PEM)
467(1)
Personal Information Exchange (PFX)
467(1)
CER
467(1)
P12
467(1)
P7B
468(1)
Concepts
468(7)
Online vs. Offline CA
468(1)
Stapling
468(1)
Pinning
468(1)
Trust Model
469(5)
Key Escrow
474(1)
Certificate Chaining
475(1)
Chapter Review
475(6)
Questions
476(2)
Answers
478(3)
Part IV Operations and Incident Response
Chapter 26 Tools/Assess Organizational Security
481(22)
Network Reconnaissance and Discovery
481(10)
Tracert/traceroute
482(1)
Nslookup/dig
482(2)
Ipconfig/ifconfig
484(1)
Nmap
484(1)
Ping/pathping
485(1)
Hping
485(1)
Netstat
486(1)
Netcat
487(1)
Ip Scanners
487(1)
Arp
487(1)
Route
488(1)
Curl
488(1)
Theharvester
489(1)
Sniper
490(1)
Scanless
490(1)
Dnsenum
490(1)
Nessus
490(1)
Cuckoo
490(1)
File Manipulation
491(2)
Head
491(1)
Tail
491(1)
Cat
491(1)
Grep
492(1)
Chmod
492(1)
Logger
493(1)
Shell and Script Environments
493(2)
SSH
493(1)
PowerShell
493(1)
Python
494(1)
OpenSSL
494(1)
Packet Capture and Replay
495(1)
Tcpreplay
495(1)
Tcpdump
495(1)
Wireshark
495(1)
Forensics
496(2)
Dd
496(1)
Memdump
497(1)
WinHex
497(1)
FTK Imager
497(1)
Autopsy
497(1)
Exploitation Frameworks
498(1)
Password Crackers
498(1)
Data Sanitization
498(1)
Chapter Review
499(4)
Questions
499(2)
Answers
501(2)
Chapter 27 Incident Response Policies, Processes, and Procedures
503(16)
Incident Response Plans
503(1)
Incident Response Process
504(3)
Preparation
505(1)
Identification
505(1)
Containment
506(1)
Eradication
506(1)
Recovery
506(1)
Lessons Learned
506(1)
Exercises
507(1)
Tabletop
507(1)
Walkthroughs
507(1)
Simulations
508(1)
Attack Frameworks
508(2)
MITRE ATT&CK
508(1)
The Diamond Model of Intrusion Analysis
509(1)
Cyber Kill Chain
509(1)
Stakeholder Management
510(1)
Communication Plan
510(1)
Disaster Recovery Plan
511(1)
Business Continuity Plan
512(1)
Continuity of Operation Planning (COOP)
513(1)
Incident Response Team
513(1)
Retention Policies
514(1)
Chapter Review
515(4)
Questions
515(2)
Answers
517(2)
Chapter 28 Investigations
519(16)
Vulnerability Scan Output
519(1)
SIEM Dashboards
519(2)
Sensor
520(1)
Sensitivity
520(1)
Trends
520(1)
Alerts
521(1)
Correlation
521(1)
Log Files
521(3)
Network
522(1)
System
522(1)
Application
522(1)
Security
522(1)
Web
523(1)
DNS
523(1)
Authentication
523(1)
Dump Files
523(1)
VoIP and Call Managers
524(1)
Session Initiation Protocol (SIP) Traffic
524(1)
Syslog/Rsyslog/Syslog-ng
524(1)
Joumalctl
525(1)
NXLog
525(1)
Bandwidth Monitors
525(1)
Metadata
525(4)
E-Mail
526(2)
Mobile
528(1)
Web
528(1)
File
528(1)
NetFlow/sFlow
529(1)
IPFIX
530(1)
Protocol Analyzer Output
530(1)
Chapter Review
531(4)
Questions
531(2)
Answers
533(2)
Chapter 29 Mitigation Techniques and Controls
535(12)
Reconfigure Endpoint Security Solutions
535(2)
Application Approved List
536(1)
Application Blocklist/Deny List
536(1)
Quarantine
536(1)
Configuration Changes
537(3)
Firewall Rules
537(1)
MDM
538(1)
DLP
538(1)
Content Filter/URL Filter
539(1)
Update or Revoke Certificates
539(1)
Isolation
540(1)
Containment
540(1)
Segmentation
540(2)
Secure Orchestration, Automation, and Response (SOAR)
542(1)
Runbooks
542(1)
Playbooks
542(1)
Chapter Review
543(4)
Questions
543(2)
Answers
545(2)
Chapter 30 Digital Forensics
547(24)
Documentation/Evidence
547(7)
Legal Hold
548(1)
Video
548(1)
Admissibility
549(1)
Chain of Custody
550(1)
Timelines of Sequence of Events
551(2)
Tags
553(1)
Reports
553(1)
Event Logs
553(1)
Interviews
554(1)
Acquisition
554(4)
Order of Volatility
555(1)
Disk
556(1)
Random-Access Memory (RAM)
556(1)
Swap/Pagefile
556(1)
Operating System (OS)
556(1)
Device
556(1)
Firmware
557(1)
Snapshot
557(1)
Cache
557(1)
Network
557(1)
Artifacts
557(1)
On-premises vs. Cloud
558(1)
Right to Audit Clauses
558(1)
Regulatory/Jurisdiction
559(1)
Data Breach Notification Laws
559(1)
Integrity
559(2)
Hashing
559(1)
Checksums
560(1)
Provenance
560(1)
Preservation
561(1)
E-Discovery
561(1)
Data Recovery
562(1)
Nonrepudiation
562(1)
Strategic Intelligence/Counterintelligence
563(1)
Chapter Review
563(8)
Questions
564(2)
Answers
566(5)
Part V Governance, Risk, and Compliance
Chapter 31 Security Controls
571(8)
Security Controls
571(1)
Categories
572(1)
Managerial
572(1)
Operational
572(1)
Technical
572(1)
Control Types
573(2)
Preventative
573(1)
Detective
574(1)
Corrective
574(1)
Deterrent
574(1)
Compensating
574(1)
Physical
574(1)
Chapter Review
575(4)
Questions
575(2)
Answers
577(2)
Chapter 32 Regulations, Standards, and Frameworks
579(16)
Regulations, Standards, and Legislation
579(6)
General Data Protection Regulation (GDPR)
580(1)
National, Territory, or State Laws
581(2)
Payment Card Industry Data Security Standard (PCI DSS)
583(2)
Key Frameworks
585(3)
Center for Internet Security (CIS)
585(1)
National Institute of Standards and Technology (NIST) Risk Management Framework (RMF)/Cybersecurity Framework (CSF)
585(1)
International Organization for Standardization (ISO) 27001/27002/27701/31000
586(1)
SSAESOC2TypeI/II
586(1)
Cloud Security Alliance
587(1)
Benchmarks and Secure Configuration Guides
588(2)
Platform/Vendor-Specific Guides
588(2)
Chapter Review
590(5)
Questions
590(2)
Answers
592(3)
Chapter 33 Organizational Policies
595(18)
Personnel
595(7)
Acceptable Use Policy
596(1)
Job Rotation
596(1)
Mandatory Vacation
597(1)
Separation of Duties
597(1)
Least Privilege
598(1)
Clean Desk Space
598(1)
Background Checks
598(1)
Nondisclosure Agreement (NDA)
599(1)
Social Media Analysis
599(1)
Onboarding
599(1)
Offboarding
600(1)
User Training
600(2)
Diversity of Training Techniques
602(1)
Third-Party Risk Management
602(3)
Vendors
602(1)
Supply Chain
602(1)
Business Partners
603(1)
Service Level Agreement (SLA)
603(1)
Memorandum of Understanding (MOU)
603(1)
Measurement Systems Analysis (MSA)
604(1)
Business Partnership Agreement (BPA)
604(1)
End of Life (EOL)
604(1)
End of Service Life (EOSL)
604(1)
NDA
605(1)
Data
605(1)
Classification
605(1)
Governance
605(1)
Retention
606(1)
Credential Policies
606(1)
Personnel
606(1)
Third Party
607(1)
Devices
607(1)
Service Accounts
607(1)
Administrator/Root Accounts
607(1)
Organizational Policies
607(2)
Change Management
608(1)
Change Control
608(1)
Asset Management
608(1)
Chapter Review
609(4)
Questions
609(3)
Answers
612(1)
Chapter 34 Risk Management
613(20)
Risk Types
613(2)
External
613(1)
Internal
613(1)
Legacy Systems
614(1)
Multiparty
614(1)
IP Theft
614(1)
Software Compliance/Licensing
615(1)
Risk Management Strategies
615(2)
Acceptance
616(1)
Avoidance
616(1)
Transference
616(1)
Mitigation
616(1)
Risk Analysis
617(7)
Risk Register
617(1)
Risk Matrix/Heat Map
617(1)
Risk Control Assessment
618(1)
Risk Control Self-Assessment
618(1)
Risk Awareness
618(1)
Inherent Risk
618(1)
Residual Risk
618(1)
Control Risk
619(1)
Risk Appetite
619(1)
Regulations That Affect Risk Posture
619(1)
Risk Assessment Types
620(1)
Likelihood of Occurrence
620(1)
Impact
621(1)
Asset Value
622(1)
Single-Loss Expectancy (SLE)
623(1)
Annualized Loss Expectancy (ALE)
623(1)
Annualized Rate of Occurrence (ARO)
623(1)
Disasters
624(1)
Environmental
624(1)
Person-made
624(1)
Internal vs. External
625(1)
Business Impact Analysis
625(3)
Recovery Time Objective (RTO)
625(1)
Recovery Point Objective (RPO)
625(1)
Mean Time to Repair (MTTR)
626(1)
Mean Time Between Failures (MTBF)
626(1)
Functional Recovery Plans
627(1)
Single Point of Failure
627(1)
Disaster Recovery Plan (DRP)
627(1)
Mission-Essential Functions
627(1)
Identification of Critical Systems
628(1)
Site Risk Assessment
628(1)
Chapter Review
628(5)
Questions
629(2)
Answers
631(2)
Chapter 35 Privacy
633(18)
Organizational Consequences of Privacy Breaches
633(2)
Reputation Damage
634(1)
Identity Theft
634(1)
Fines
634(1)
IP Theft
634(1)
Notifications of Breaches
635(1)
Escalation
635(1)
Public Notifications and Disclosures
635(1)
Data Types
635(4)
Classifications
636(2)
Personally Identifiable Information (PII)
638(1)
Privacy-Enhancing Technologies
639(2)
Data Minimization
640(1)
Data Masking
640(1)
Tokenization
640(1)
Anonymization
641(1)
Pseudo-Anonymization
641(1)
Roles and Responsibilities
641(2)
Data Owners
641(1)
Data Controller
642(1)
Data Processor
642(1)
Data Custodian/Steward
642(1)
Data Privacy Officer (DPO)
643(1)
Information Lifecycle
643(1)
Impact Assessment
643(1)
Terms of Agreement
644(1)
Privacy Notice
645(1)
Chapter Review
645(6)
Questions
646(2)
Answers
648(3)
Part VI Appendixes and Glossary
Appendix A OSI Model and Internet Protocols
651(10)
Appendix B About the Online Content
661(4)
Glossary 665(38)
Index 703
Wm. Arthur Conklin (Houston, TX), Security+, CISSP, is an Assistant Professor in the Information and Logistics Technology department at the University of Houston. In addition to his PhD, Mr. Conklin has a MBA from UTSA, and two graduate degrees in Electrical Engineering from the Naval Postgraduate School in Monterey, California. Dr. Conklins interests are information security, systems theory, and secure software design.





Greg White (San Antonio, TX), CompTIA Security+, CISSP, is an Associate Professor in the Department of Computer Science at the University of Texas at San Antonio. Dr. White is the Director of the Center for Infrastructure Assurance and Security at UTSA.
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97812604640166e.html
Märksõnad: