Muutke küpsiste eelistusi

E-raamat: CompTIA Security+ SY0-601 Cert Guide

4.33/5 (6 hinnangut Goodreads-ist)
, ,
  • Formaat: 1216 pages
  • Sari: Certification Guide
  • Ilmumisaeg: 05-Jul-2021
  • Kirjastus: Pearson IT Certification
  • Keel: eng
  • ISBN-13: 9780136770251
Teised raamatud teemal:
  • Formaat - PDF+DRM
  • Hind: 35,09 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
CompTIA Security+ SY0-601 Cert GuideSuurem pilt
  • Formaat: 1216 pages
  • Sari: Certification Guide
  • Ilmumisaeg: 05-Jul-2021
  • Kirjastus: Pearson IT Certification
  • Keel: eng
  • ISBN-13: 9780136770251
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

CompTIA Security+ SY0-601 Cert Guide is a best-of-breed exam study guide. This book shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics. 


The book presents you with an organized test-preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending chapter review activities help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan. 


The companion website contains the powerful Pearson Test Prep practice test software, complete with hundreds of exam-realistic questions. The assessment software offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. 


Learn, prepare, and practice for CompTIA Security+ SY0-601 exam success with this CompTIA approved Cert Guide from Pearson IT Certification, a leader in IT certification learning and a CompTIA Authorized Platinum Partner.

  • Master CompTIA Security+ SY0-601 exam topics
  • Assess your knowledge with chapter-ending quizzes
  • Review key concepts with exam preparation tasks
  • Practice with realistic exam questions



CompTIA Security+ SY0-601 Cert Guide is a best-of-breed exam study guide. This book shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.


 

The book presents you with an organized test-preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending chapter review activities help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.



 
The companion website contains the powerful Pearson Test Prep practice test software, complete with hundreds of exam-realistic questions. The assessment software offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most.



 
Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this CompTIA approved study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.

Introduction xliv
Part I Threats, Attacks, and Vulnerabilities
Chapter 1 Comparing and Contrasting Different Types of Social Engineering Techniques
3(26)
"Do I Know This Already?" Quiz
3(4)
Foundation Topics
7(1)
Social Engineering Fundamentals
7(2)
Phishing and Spear Phishing
9(3)
Smishing
12(1)
Vishing
12(1)
Spam and Spam over Internet Messaging (SPIM)
13(1)
Dumpster Diving
13(1)
Shoulder Surfing
14(1)
Pharming
14(1)
Piggybacking or Tailgating
15(1)
Eliciting Information
15(1)
Whaling
16(1)
Prepending
17(1)
Identity Fraud
17(1)
Invoice Scams
17(1)
Credential Harvesting
18(1)
Reconnaissance
18(1)
Hoaxes
19(1)
Impersonation or Pretexting
19(1)
Eavesdropping
19(1)
Baiting
20(1)
Watering Hole Attack
20(1)
Typo Squatting
20(1)
Influence Campaigns, Principles of Social Engineering, and Reasons for Effectiveness
21(1)
User Security Awareness Education
22(2)
Chapter Review Activities
24(1)
Review Key Topics
24(1)
Define Key Terms
25(1)
Review Questions
26(3)
Chapter 2 Analyzing Potential Indicators to Determine the Type of Attack
29(32)
"Do I Know This Already?" Quiz
29(4)
Foundation Topics
33(1)
Malicious Software (Malware)
33(1)
Ransomware and Cryptomalware
33(2)
Trojans
35(1)
Remote Access Trojans (RATs) and Rootkits
35(1)
Worms
36(1)
Fileless Virus
37(1)
Command and Control, Bots, and Botnets
37(2)
Logic Bombs
39(1)
Potentially Unwanted Programs (PUPs) and Spyware
40(2)
Keyloggers
42(1)
Backdoors
43(1)
Malware Delivery Mechanisms
43(2)
You Can't Save Every Computer from Malware!
45(1)
Password Attacks
45(1)
Dictionary-based and Brute-force Attacks
45(1)
Password Spraying
46(1)
Offline and Online Password Cracking
46(1)
Rainbow Tables
47(1)
Plaintext/Unencrypted
47(1)
Physical Attacks
48(1)
Malicious Flash Drives
48(1)
Malicious Universal Serial Bus (USB) Cables
48(1)
Card Cloning Attacks
48(1)
Skimming
49(1)
Adversarial Artificial Intelligence
50(1)
Tainted Training Data for Machine Learning
50(1)
Security of Machine Learning Algorithms
50(1)
Supply-Chain Attacks
51(1)
Cloud-based vs. On-premises Attacks
52(1)
Cloud Security Threats
52(2)
Cloud Computing Attacks
54(1)
Cryptographic Attacks
55(1)
Collision
55(1)
Birthday
56(1)
Downgrade
56(1)
Chapter Review Activities
57(1)
Review Key Topics
57(1)
Define Key Terms
58(1)
Review Questions
59(2)
Chapter 3 Analyzing Potential Indicators Associated with Application Attacks
61(110)
"Do I Know This Already?" Quiz
61(6)
Foundation Topics
67(1)
Privilege Escalation
67(1)
Cross-Site Scripting (XSS) Attacks
68(2)
Injection Attacks
70(1)
Structured Query Language (SQL) Injection Attacks
70(3)
SQL Injection Categories
73(1)
Dynamic Link Library (DLL) Injection Attacks
74(1)
Lightweight Directory Access Protocol (LDAP) Injection Attacks
74(1)
Extensible Markup Language (XML) Injection Attacks
74(1)
Pointer/Object Dereference
75(1)
Directory Traversal
76(1)
Buffer Overflows
77(1)
Arbitrary Code Execution/Remote Code Execution
78(1)
Race Conditions
79(1)
Error Handling
79(65)
File Servers
144(1)
Network Controllers
144(1)
Email Servers
145(1)
Web Servers
146(1)
FTP Server
147(2)
Zero-day Vulnerabilities
149(1)
Weak Configurations
150(5)
Third-party Risks
155(5)
Improper or Weak Patch Management
160(1)
Patches and Hotfixes
161(2)
Patch Management
163(2)
Legacy Platforms
165(1)
The Impact of Cybersecurity Attacks and Breaches
165(1)
Chapter Review Activities
166(1)
Review Key Topics
166(1)
Define Key Terms
167(1)
Review Questions
168(3)
Chapter 7 Summarizing the Techniques Used in Security Assessments
171(22)
"Do I Know This Already?" Quiz
171(4)
Foundation Topics
175(1)
Threat Hunting
175(2)
Security Advisories and Bulletin
177(3)
Vulnerability Scans
180(2)
Credentialed vs. Noncredentia
182(1)
Intrusive vs. Nonintrusive
182(1)
Common Vulnerability Scoring System (CVSS)
182(4)
Logs and Security Information and Event Management (SIEM)
186(2)
Security Orchestration, Automation, and Response (SOAR)
188(1)
Chapter Review Activities
189(1)
Review Key Topics
189(1)
Define Key Terms
190(1)
Review Questions
190(3)
Chapter 8 Understanding the Techniques Used in Penetration Testing
193(16)
"Do I Know This Already?" Quiz
193(4)
Foundation Topics
197(1)
Penetration Testing
197(5)
Bug Bounties vs. Penetration Testing
202(1)
Passive and Active Reconnaissance
203(2)
Exercise Types
205(1)
Chapter Review Activities
206(1)
Review Key Topics
206(1)
Define Key Terms
207(1)
Review Questions
207(2)
Part II Architecture and Design
Chapter 9 Understanding the Importance of Security Concepts in an Enterprise Environment
209(18)
"Do I Know This Already?" Quiz
209(4)
Foundation Topics
213(1)
Configuration Management
213(1)
Data Sovereignty and Data Protection
214(1)
Secure Sockets Layer (SSL)/Transport Layer Security (TLS) Inspection
215(1)
API Considerations
216(1)
Data Masking and Obfuscation
216(2)
Encryption at Rest, in Transit/Motion, and in Processing
218(1)
Hashing
218(1)
Rights Management
219(1)
Geographical Considerations
220(1)
Data Breach Response and Recovery Controls
220(1)
Site Resiliency
221(1)
Deception and Disruption
222(1)
Fake Telemetry
223(1)
DNS Sinkhole
223(1)
Chapter Review Activities
224(1)
Review Key Topics
224(1)
Define Key Terms
225(1)
Review Questions
225(2)
Chapter 10 Summarizing Visualization and Cloud Computing Concepts
227(26)
"Do I Know This Already?" Quiz
227(4)
Foundation Topics
231(1)
Cloud Models
231(1)
Public, Private, Hybrid, and Community Clouds
232(1)
Cloud Service Providers
233(1)
Cloud Architecture Components
234(1)
Fog and Edge Computing
234(1)
Thin Clients
235(1)
Containers
236(4)
Microservices and APIs
240(1)
Infrastructure as Code
241(2)
Serverless Architecture
243(3)
Services Integration
246(1)
Resource Policies
246(1)
Transit Gateway
246(1)
Virtual Machine (VM) Sprawl Avoidance and VM Escape Protection
247(1)
Understanding and Avoiding VM Sprawl
247(1)
Protecting Against VM Escape Attacks
248(2)
Chapter Review Activities
250(1)
Review Key Topics
250(1)
Define Key Terms
251(1)
Review Questions
251(2)
Chapter 11 Summarizing Secure Application Development, Deployment, and Automation Concepts
253(32)
"Do I Know This Already?" Quiz
253(4)
Foundation Topics
257(1)
Software Development Environments and Methodologies
257(3)
Application Provisioning and Deprovisioning
260(1)
Software Integrity Measurement
261(1)
Secure Coding Techniques
261(2)
Core SDLC and DevOps Principles
263(3)
Programming Testing Methods
266(1)
Compile-Time Errors vs. Runtime Errors
266(1)
Input Validation
267(2)
Static and Dynamic Code Analysis
269(1)
Fuzz Testing
269(1)
Programming Vulnerabilities and Attacks
270(1)
Testing for Backdoors
271(1)
Memory/Buffer Vulnerabilities
271(1)
XSS and XSRF
272(1)
More Code Injection Examples
273(1)
Directory Traversal
274(1)
Zero-Day Attack
275(1)
Open Web Application Security Project (OWASP)
276(2)
Software Diversity
278(1)
Automation/Scripting
278(1)
Elasticity and Scalability
279(1)
Chapter Review Activities
280(1)
Review Key Topics
280(1)
Define Key Terms
281(1)
Review Questions
281(4)
Chapter 12 Summarizing Authentication and Authorization Design Concepts
285(26)
"Do I Know This Already?" Quiz
285(4)
Foundation Topics
289(1)
Authentication Methods
289(2)
Directory Services
291(1)
Federations
292(2)
Attestation
294(1)
Authentication Methods and Technologies
295(1)
Time-Based One-Time Password (TOTP)
295(1)
HMAC-Based One-Time Password (HOTP)
295(1)
Short Message Service (SMS)
296(1)
Token Key
297(1)
Static Codes
298(1)
Authentication Applications
298(1)
Push Notifications
299(1)
Phone Call Authentication
299(1)
Smart Card Authentication
300(1)
Biometrics
300(1)
Fingerprints
300(1)
Retina
301(1)
Iris
301(1)
Facial
301(1)
Voice
302(1)
Vein
302(1)
Gait Analysis
302(1)
Efficacy Rates
302(1)
False Acceptance
303(1)
False Rejection
303(1)
Crossover Error Rate
304(1)
Multifactor Authentication (MFA) Factors and Attributes
304(2)
Authentication, Authorization, and Accounting (AAA)
306(1)
Cloud vs. On-premises Requirements
306(2)
Chapter Review Activities
308(1)
Review Key Topics
308(1)
Define Key Terms
308(1)
Review Questions
308(3)
Chapter 13 Implementing Cybersecurity Resilience
311(24)
"Do I Know This Already?" Quiz
311(4)
Foundation Topics
315(1)
Redundancy
315(1)
Geographic Dispersal
315(1)
Disk Redundancy
315(1)
Redundant Array of Inexpensive Disks
316(3)
Multipath
319(1)
Network Resilience
319(1)
Load Balancers
319(1)
Network Interface Card (NIC) Teaming
320(1)
Power Resilience
320(1)
Uninterruptible Power Supply (UPS)
320(1)
Generators
321(1)
Dual Supply
321(1)
Managed Power Distribution Units (PDUs)
322(1)
Replication
323(1)
Storage Area Network
323(1)
Virtual Machines
324(1)
On-premises vs. Cloud
325(1)
Backup Types
326(2)
Full Backup
328(1)
Differential Backup
328(1)
Incremental Backup
328(1)
Non-persistence
328(1)
High Availability
329(1)
Restoration Order
330(1)
Diversity
331(1)
Technologies
331(1)
Vendors
331(1)
Crypto
331(1)
Controls
332(1)
Chapter Review Activities
332(1)
Review Key Topics
332(1)
Define Key Terms
333(1)
Review Questions
333(2)
Chapter 14 Understanding the Security Implications of Embedded and Specialized Systems
335(32)
"Do I Know This Already?" Quiz
335(4)
Foundation Topics
339(1)
Embedded Systems
339(2)
Supervisory Control and Data Acquisition (SCADA)/Industrial Control Systems (ICS)
341(3)
Internet of Things (IoT)
344(2)
Specialized Systems
346(1)
Medical Systems
347(1)
Vehicles
347(1)
Aircraft
348(2)
Smart Meters
350(1)
Voice over IP (VoIP)
351(1)
Heating, Ventilation, and Air Conditioning (HVAC)
352(1)
Drones
353(1)
Multifunction Printers (MFP)
354(1)
Real-Time Operating Systems (RTOS)
355(1)
Surveillance Systems
355(1)
System on a Chip (SoC)
356(1)
Communication Considerations
357(1)
5G
357(1)
NarrowBand
358(1)
Baseband Radio
359(1)
Subscriber Identity Module (SIM) Cards
360(1)
Zigbee
360(1)
Embedded System Constraints
361(1)
Power
361(1)
Compute
361(1)
Network
362(1)
Crypto
362(1)
Inability to Patch
362(1)
Authentication
363(1)
Range
363(1)
Cost
363(1)
Implied Trust
363(1)
Chapter Review Activities
364(1)
Review Key Topics
364(1)
Define Key Terms
365(1)
Review Questions
365(2)
Chapter 15 Understanding the Importance of Physical Security Controls
367(24)
"Do I Know This Already?" Quiz
367(3)
Foundation Topics
370(1)
Bollards/Barricades
370(2)
Access Control Vestibules
372(1)
Badges
373(1)
Alarms
374(1)
Signage
374(1)
Cameras
375(1)
Closed-Circuit Television (CCTV)
376(1)
Industrial Camouflage
377(1)
Personnel
377(1)
Locks
378(1)
USB Data Blockers
379(1)
Lighting
380(1)
Fencing
380(1)
Fire Suppression
381(1)
Sensors
381(1)
Drones
382(1)
Visitor Logs
383(1)
Faraday Cages
383(1)
Air Gap
384(1)
Screened Subnet (Previously Known as Demilitarized Zone [ DMZ])
384(1)
Protected Cable Distribution
385(1)
Secure Areas
385(1)
Secure Data Destruction
386(1)
Chapter Review Activities
387(1)
Review Key Topics
387(1)
Define Key Terms
388(1)
Review Questions
389(2)
Chapter 16 Summarizing the Basics of Cryptographic Concepts
391(32)
"Do I Know This Already?" Quiz
391(4)
Foundation Topics
395(1)
Digital Signatures
395(1)
Key Length
396(1)
Key Stretching
397(1)
Salting
397(1)
Hashing
398(1)
Key Exchange
399(1)
Elliptic-Curve Cryptography
399(1)
Perfect Forward Secrecy
400(1)
Quantum
401(1)
Communications
401(1)
Computing
402(1)
Post-Quantum
402(1)
Ephemeral
403(1)
Modes of Operation
403(1)
Electronic Code Book Mode
404(1)
Cipher Block Chaining Mode
405(1)
Cipher Feedback Mode
406(1)
Output Feedback Mode
407(1)
Counter Mode
408(1)
Blockchain
409(1)
Cipher Suites
410(1)
Symmetric vs. Asymmetric Encryption
411(3)
Lightweight Cryptography
414(1)
Steganography
415(1)
Audio Steganography
415(1)
Video Steganography
416(1)
Image Steganography
416(1)
Homomorphic Encryption
417(1)
Common Use Cases
417(1)
Limitations
418(2)
Chapter Review Activities
420(1)
Review Key Topics
420(1)
Define Key Terms
421(1)
Review Questions
421(2)
Part III Implementation
Chapter 17 Implementing Secure Protocols
423(24)
"Do I Know This Already?" Quiz
423(3)
Foundation Topics
426(1)
Protocols
426(1)
Domain Name System Security Extensions
426(1)
SSH
427(1)
Secure/Multipurpose Internet Mail Extensions
428(2)
Secure Real-Time Transport Protocol
430(2)
Lightweight Directory Access Protocol over SSL
432(1)
File Transfer Protocol, Secure
432(2)
Secure (or SSH) File Transfer Protocol
434(1)
Simple Network Management Protocol Version 3
434(2)
Hypertext Transfer Protocol over SSL/TLS
436(1)
IPsec
437(1)
Authentication Header/Encapsulating Security Payloads
437(1)
Tunnel/Transport
438(1)
Post Office Protocol/Internet Message Access Protocol
438(1)
Use Cases
439(1)
Voice and Video
440(1)
Time Synchronization
440(1)
Email and Web
441(1)
File Transfer
441(1)
Directory Services
442(1)
Remote Access
442(1)
Domain Name Resolution
442(1)
Routing and Switching
443(1)
Network Address Allocation
443(1)
Subscription Services
444(1)
Chapter Review Activities
444(1)
Review Key Topics
444(1)
Define Key Terms
445(1)
Review Questions
445(2)
Chapter 18 Implementing Host or Application Security Solutions
447(36)
"Do I Know This Already?" Quiz
447(4)
Foundation Topics
451(1)
Endpoint Protection
451(1)
Antivirus
451(1)
Antimalware
452(1)
Endpoint Detection and Response
452(1)
Data Loss Prevention
453(1)
Next-Generation Firewall
453(1)
Host-based Intrusion Prevention System
454(2)
Host-based Intrusion Detection System
456(1)
Host-based Firewall
457(1)
Boot Integrity
458(1)
Boot Security/Unified Extensible Firmware Interface
459(1)
Measured Boot
459(1)
Boot Attestation
460(1)
Database
461(1)
Tokenization
461(1)
Salting
462(1)
Hashing
463(1)
Application Security
463(1)
Input Validations
464(1)
Secure Cookies
465(1)
Hypertext Transfer Protocol Headers
465(1)
End-to-End Headers
466(1)
Hop-by-Hop Headers
466(1)
Code Signing
466(1)
Allow List
467(1)
Block List/Deny List
467(1)
Secure Coding Practices
468(1)
Static Code Analysis
468(2)
Manual Code Review
470(1)
Dynamic Code Analysis
470(1)
Fuzzing
471(1)
Hardening
471(1)
Open Ports and Services
471(1)
Registry
472(1)
Disk Encryption
473(1)
Operating System
473(1)
Patch Management
474(1)
Self-Encrypting Drive/Full-Disk Encryption
475(1)
OPAL
476(1)
Hardware Root of Trust
476(1)
Trusted Platform Module
477(1)
Sandboxing
478(1)
Chapter Review Activities
479(1)
Review Key Topics
479(2)
Define Key Terms
481(1)
Review Questions
481(2)
Chapter 19 Implementing Secure Network Designs
483(64)
"Do I Know This Already?" Quiz
483(5)
Foundation Topics
488(1)
Load Balancing
488(1)
Active/Active
488(1)
Active/Passive
488(1)
Scheduling
488(1)
Virtual IP
488(1)
Persistence
489(1)
Network Segmentation
489(1)
Application-Based Segmentation and Microsegmentation
489(1)
Virtual Local Area Network
490(1)
Screened Subnet
491(1)
East-West Traffic
492(1)
Intranets and Extranets
492(2)
Zero Trust
494(1)
Virtual Private Network
494(2)
Remote Access vs. Site-to-Site
496(1)
IPsec
497(1)
IKEv1 Phase 1
498(3)
IKEv1 Phase 2
501(3)
IKEv2
504(1)
SSL/TLS
505(3)
HTML5
508(1)
Layer 2 Tunneling Protocol
508(1)
DNS
509(1)
Network Access Control
510(1)
Out-of-Band Management
510(1)
Port Security
511(1)
Broadcast Storm Prevention
512(1)
Bridge Protocol Data Unit Guard
512(1)
Loop Prevention
512(1)
Dynamic Host Configuration Protocol Snooping
512(1)
Media Access Control Filtering
513(1)
Network Appliances
513(1)
Jump Servers
514(1)
Proxy Servers
514(2)
Network-Based Intrusion Detection System/Network-Based Intrusion Prevention System
516(1)
NIDS
517(1)
NIPS
518(1)
Summary of NIDS vs. NIPS
519(1)
Signature-Based
520(1)
Heuristic/Behavior
521(1)
Anomaly
521(2)
Inline vs. Passive
523(1)
HSM
524(1)
Sensors
524(1)
Collectors
525(1)
Aggregators
526(1)
Firewalls
526(8)
Hardware vs. Software
534(1)
Appliance vs. Host-based vs. Virtual
534(1)
Access Control List
535(1)
Route Security
535(1)
Quality of Service
536(1)
Implications of IPv6
536(1)
Port Spanning/Port Mirroring
537(1)
Monitoring Services
538(1)
Performance Baselining
539(3)
File Integrity Monitors
542(1)
Chapter Review Activities
542(1)
Review Key Topics
542(1)
Define Key Terms
543(1)
Review Questions
544(3)
Chapter 20 Installing and Configuring Wireless Security Settings
547(20)
"Do I Know This Already?" Quiz
547(4)
Foundation Topics
551(1)
Cryptographic Protocols
551(1)
Wi-Fi Protected Access 2 (WPA2)
551(1)
Wi-Fi Protected Access 3 (WPA3)
551(1)
Counter-mode/CBC-MAC Protocol (CCMP)
552(1)
Simultaneous Authentication of Equals
552(1)
Wireless Cryptographic Protocol Summary
552(1)
Authentication Protocols
553(1)
802.1X and EAP
553(3)
IEEE 802.1x
556(1)
Remote Authentication Dial-In User Service (RADIUS) Federation
556(1)
Methods
557(1)
Wi-Fi Protected Setup
558(1)
Captive Portals
559(1)
Installation Considerations
559(3)
Controller and Access Point Security
562(1)
Wireless Access Point Vulnerabilities
563(1)
Chapter Review Activities
564(1)
Review Key Topics
564(1)
Define Key Terms
564(1)
Review Questions
565(2)
Chapter 21 Implementing Secure Mobile Solutions
567(28)
"Do I Know This Already?" Quiz
567(3)
Foundation Topics
570(1)
Connection Methods and Receivers
570(1)
RFID and NFC
571(1)
More Wireless Connection Methods and Receivers
572(1)
Secure Implementation Best Practices
573(1)
Mobile Device Management
574(2)
MDM Security Feature Concerns: Application and Content Management
576(2)
MDM Security Feature Concerns: Remote Wipe, Geofencing, Geolocation, Screen Locks, Passwords and PINs, Full Device Encryption
578(3)
Mobile Device Management Enforcement and Monitoring
581(4)
Mobile Devices
585(2)
MDM/Unified Endpoint Management
587(1)
SEAndroid
588(1)
Deployment Models
588(1)
Secure Implementation of BYOD, CYOD, and COPE
589(2)
Chapter Review Activities
591(1)
Review Key Topics
591(1)
Define Key Terms
592(1)
Review Questions
592(3)
Chapter 22 Applying Cybersecurity Solutions to the Cloud
595(24)
"Do I Know This Already?" Quiz
595(3)
Foundation Topics
598(1)
Cloud Security Controls
598(1)
Security Assessment in the Cloud
598(1)
Understanding the Different Cloud Security Threats
598(3)
Cloud Computing Attacks
601(2)
High Availability Across Zones
603(1)
Resource Policies
603(1)
Integration and Auditing
604(1)
Secrets Management
604(1)
Storage
605(1)
Permissions
605(1)
Encryption
605(1)
Replication
605(1)
High Availability
606(1)
Network
606(1)
Virtual Networks
606(1)
Public and Private Subnets
606(1)
Segmentation
607(1)
API Inspection and Integration
607(1)
Compute
607(1)
Security Groups
607(1)
Dynamic Resource Allocation
607(1)
Instance Awareness
608(1)
Virtual Private Cloud Endpoint
608(1)
Container Security
608(1)
Summary of Cloud Security Controls
609(2)
Solutions
611(1)
CASB
611(1)
Application Security
612(1)
Next-Generation Secure Web Gateway
613(1)
Firewall Considerations in a Cloud Environment
613(1)
Cost
613(1)
Need for Segmentation
613(1)
Open Systems Interconnection Layers
614(1)
Summary of Cybersecurity Solutions to the Cloud
614(1)
Cloud Native Controls vs. Third-Party Solutions
615(1)
Chapter Review Activities
615(1)
Review Key Topics
615(1)
Define Key Terms
616(1)
Review Questions
616(3)
Chapter 23 Implementing Identity and Account Management Controls
619(32)
"Do I Know This Already?" Quiz
619(4)
Foundation Topics
623(1)
Identity
623(1)
Identity Provider (IdP)
623(2)
Authentication
625(1)
Authentication by Knowledge
625(1)
Authentication by Ownership
625(1)
Authentication by Characteristic Attributes
625(1)
Certificates
626(1)
Tokens
627(1)
SSH Keys
628(1)
Smart Cards
629(1)
Account Types
629(4)
Account Policies
633(1)
Introduction to Identity and Access Management
633(1)
Phases of the Identity and Access Lifecycle
633(1)
Registration and Identity Validation
634(1)
Privileges Provisioning
635(1)
Access Review
635(1)
Access Revocation
635(1)
Password Management
636(1)
Password Creation
636(2)
Attribute-Based Access Control (ABAC)
638(2)
Rights, Permissions, and Policies
640(1)
Users, Groups, and Account Permissions
640(5)
Permission Inheritance and Propagation
645(2)
Chapter Review Activities
647(1)
Review Key Topics
647(1)
Define Key Terms
647(1)
Review Questions
648(3)
Chapter 24 Implementing Authentication and Authorization Solutions
651(34)
"Do I Know This Already?" Quiz
651(4)
Foundation Topics
655(1)
Authentication Management
655(1)
Password Keys
655(1)
Password Vaults
655(1)
Trusted Platform Module
656(1)
Hardware Security Modules
656(1)
Knowledge-Based Authentication
656(1)
Authentication/Authorization
657(2)
Security Assertion Markup Language
659(2)
OAuth
661(2)
OpenID and OpenID Connect
663(1)
802.1X and EAP
664(3)
LDAP
667(1)
Kerberos and Mutual Authentication
668(2)
Remote Authentication Technologies
670(1)
Remote Access Service
670(2)
RADIUS versus TACACS+
672(2)
Access Control Schemes
674(1)
Discretionary Access Control
674(2)
Mandatory Access Control
676(1)
Role-Based Access Control
677(1)
Attribute-Based Access Control
678(1)
Rule-Based Access Control
678(1)
Conditional Access
678(1)
Privileged Access Management
678(1)
Summary of Access Control Models
679(1)
Access Control Wise Practices
680(1)
Chapter Review Activities
681(1)
Review Key Topics
681(1)
Define Key Terms
682(1)
Review Questions
682(3)
Chapter 25 Implementing Public Key Infrastructure
685(18)
"Do I Know This Already?" Quiz
685(3)
Foundation Topics
688(1)
Public Key Infrastructure
688(1)
Key Management
688(1)
Certificate Authorities
689(2)
Certificate Attributes
691(2)
Subject Alternative Name
693(1)
Expiration
693(1)
Types of Certificates
694(1)
SSL Certificate Types
694(2)
Certificate Chaining
696(1)
Certificate Formats
697(1)
PKI Concepts
698(1)
Trust Model
698(1)
Certificate Pinning
698(1)
Stapling, Key Escrow, Certificate Chaining, Online vs. Offline CA
698(2)
Chapter Review Activities
700(1)
Review Key Topics
700(1)
Define Key Terms
700(1)
Review Questions
701(2)
Part IV Operations and Incident Response
Chapter 26 Using the Appropriate Tool to Assess Organizational Security
703(52)
"Do I Know This Already?" Quiz
703(4)
Foundation Topics
707(1)
Network Reconnaissance and Discovery
707(1)
tracert/traceroute
707(2)
nslookup/dig
709(1)
ipconfig/ifconfig
710(1)
nmap
711(3)
ping/pathping
714(3)
hping
717(1)
Nets Tat
718(2)
netcat
720(1)
IP Scanners
721(1)
arp
721(2)
route
723(1)
curl
724(1)
theHarvester
725(1)
sniper
726(1)
scanless
727(1)
dnsenum
728(2)
Nessus
730(1)
Cuckoo
731(1)
File Manipulation
732(1)
head
733(1)
tail
734(1)
cat
734(1)
grep
735(1)
chmod
736(1)
Logger
737(1)
Shell and Script Environments
738(1)
SSH
739(1)
PowerShell
740(1)
Python
741(1)
OpenSSL
741(1)
Packet Capture and Replay
742(1)
Tcpreplay
742(1)
Tcpdump
742(1)
Wireshark
743(1)
Forensics
744(1)
dd
744(1)
Memdump
745(1)
WinHex
746(1)
FTK Imager
747(1)
Autopsy
747(1)
Exploitation Frameworks
747(1)
Password Crackers
748(2)
Data Sanitization
750(1)
Chapter Review Activities
750(1)
Review Key Topics
750(2)
Define Key Terms
752(1)
Review Questions
752(3)
Chapter 27 Summarizing the Importance of Policies, Processes, and Procedures for Incident Response
755(26)
"Do I Know This Already?" Quiz
755(5)
Foundation Topics
760(1)
Incident Response Plans
760(1)
Incident Response Process
761(1)
Preparation
762(1)
Identification
763(1)
Containment
763(1)
Eradication
764(1)
Recovery
764(1)
Lessons Learned
764(1)
Exercises
765(1)
Tabletop
765(1)
Walkthroughs
766(1)
Simulations
766(1)
Attack Frameworks
767(1)
MITRE ATT&CK
767(1)
The Diamond Model of Intrusion Analysis
768(2)
Cyber Kill Chain
770(1)
Stakeholder Management
771(1)
Communication Plan
771(1)
Disaster Recovery Plan
772(1)
Business Continuity Plan
773(1)
Continuity of Operations Planning (COOP)
774(1)
Incident Response Team
775(1)
Retention Policies
776(1)
Chapter Review Activities
776(1)
Review Key Topics
776(1)
Define Key Terms
777(1)
Review Questions
778(3)
Chapter 28 Using Appropriate Data Sources to Support an Investigation
781(38)
"Do I Know This Already?" Quiz
781(4)
Foundation Topics
785(1)
Vulnerability Scan Output
785(1)
SIEM Dashboards
786(1)
Sensors
787(1)
Sensitivity
788(1)
Trends
788(1)
Alerts
788(1)
Correlation
788(1)
Log Files
789(1)
Network
790(1)
System
791(1)
Application
792(1)
Security
793(1)
Web
794(1)
DNS
795(1)
Authentication
796(1)
Dump Files
797(2)
VoIP and Call Managers
799(1)
Session Initiation Protocol Traffic
800(1)
syslog/rsyslog/syslog-ng
800(2)
journalctl
802(1)
NXLog
803(1)
Bandwidth Monitors
804(1)
Metadata
805(3)
Email
808(1)
Mobile
808(1)
Web
808(1)
File
809(1)
NetFlow/sFlow
809(1)
NetFlow
809(1)
sFlow
810(1)
IPFFX
811(2)
Protocol Analyzer Output
813(1)
Chapter Review Activities
814(1)
Review Key Topics
814(2)
Define Key Terms
816(1)
Review Questions
816(3)
Chapter 29 Applying Mitigation Techniques or Controls to Secure an Environment
819(18)
"Do I Know This Already?" Quiz
819(3)
Foundation Topics
822(1)
Reconfigure Endpoint Security Solutions
822(1)
Application Approved Lists
822(1)
Application Block List/Deny List
822(1)
Quarantine
823(1)
Configuration Changes
824(1)
Firewall Rules
825(1)
MDM
825(3)
Data Loss Prevention
828(1)
Content Filter/URL Filter
828(1)
Update or Revoke Certificates
829(1)
Isolation
830(1)
Containment
830(1)
Segmentation
831(1)
SOAR
832(1)
Runbooks
833(1)
Playbooks
834(1)
Chapter Review Activities
834(1)
Review Key Topics
834(1)
Define Key Terms
835(1)
Review Questions
835(2)
Chapter 30 Understanding the Key Aspects of Digital Forensics
837(76)
"Do I Know This Already?" Quiz
837(5)
Foundation Topics
842(1)
Documentation/Evidence
842(1)
Legal Hold
842(1)
Video
842(1)
Admissibility
843(1)
Chain of Custody
844(1)
Timelines of Sequence of Events
844(1)
Timestamps
844(1)
Time Offset
845(1)
Tags
845(1)
Reports
846(1)
Event Logs
846(1)
Interviews
846(1)
Acquisition
847(1)
Order of Volatility
848(1)
Disk
848(1)
Random-Access Memory
848(1)
Swap/Pagefile
849(1)
Operating System
850(1)
Device
850(1)
Firmware
851(1)
Snapshot
851(1)
Cache
852(48)
Diversity of Training Techniques
900(1)
User Education and Awareness Training
901(1)
Third-Party Risk Management
902(2)
Data Concepts
904(1)
Understanding Classification and Governance
904(2)
Data Retention
906(1)
Credential Policies
906(2)
Organizational Policies
908(1)
Change Management and Change Control
909(1)
Asset Management
909(1)
Chapter Review Activities
910(1)
Review Key Topics
910(1)
Define Key Terms
910(1)
Review Questions
911(2)
Chapter 34 Summarizing Risk Management Processes and Concepts
913(22)
"Do I Know This Already?" Quiz
913(4)
Foundation Topics
917(1)
Risk Types
917(1)
Risk Management Strategies
918(1)
Risk Analysis
919(2)
Qualitative Risk Assessment
921(1)
Quantitative Risk Assessment
922(2)
Disaster Analysis
924(2)
Business Impact Analysis
926(2)
Disaster Recovery Planning
928(2)
Chapter Review Activities
930(1)
Review Key Topics
930(1)
Define Key Terms
931(1)
Review Questions
931(4)
Chapter 35 Understanding Privacy and Sensitive Data Concepts in Relation to Security
935(18)
"Do I Know This Already?" Quiz
935(5)
Foundation Topics
940(1)
Organizational Consequences of Privacy and Data Breaches
940(1)
Notifications of Breaches
941(1)
Data Types and Asset Classification
941(2)
Personally Identifiable Information and Protected Health Information
943(1)
PII
943(1)
PHI
944(1)
Privacy Enhancing Technologies
944(1)
Roles and Responsibilities
945(2)
Information Lifecycle
947(1)
Impact Assessment
948(1)
Terms of Agreement
948(1)
Privacy Notice
949(1)
Chapter Review Activities
949(1)
Review Key Topics
949(1)
Define Key Terms
949(1)
Review Questions
950(3)
Part VI Final Preparation
Chapter 36 Final Preparation
953(70)
Hands-on Activities
953(1)
Suggested Plan for Final Review and Study
953(1)
Summary
954(1)
Glossary of Key Terms
955(68)
Appendix A Answers to the "Do I Know This Already?" Quizzes and Review Questions 1023(64)
Appendix B CompTIA Security+ (SYO-601) Cert Guide Exam Updates 1087(2)
Index 1089
Omar Santos is an active member of the cybersecurity community, where he leads several industry-wide initiatives. He is a best-selling author and trainer. Omar is the author of more than 20 books and video courses, as well as numerous white papers, articles, and security configuration guidelines and best practices. Omar is a principal engineer of the Cisco Product Security Incident Response Team (PSIRT), Security Research and Operations, where he mentors and leads engineers and incident managers during the investigation and resolution of cybersecurity vulnerabilities.

Omar co-leads the DEF CON Red Team Village, is the chair of the Common Security Advisory Framework (CSAF) technical committee, is the co-chair of the Forum of Incident Response and Security Teams (FIRST) Open Source Security working group, and has been the chair of several initiatives in the Industry Consortium for Advancement of Security on the Internet (ICASI). His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to increasing the security of their critical infrastructures. You can find additional information about Omar's current projects at h4cker.org and can follow Omar on Twitter @santosomar.

Ron Taylor has been in the information security field for more than 20 years working in various areas focusing on both offense and defense security roles. Ten of those years were spent in consulting. In 2008, he joined the Cisco Global Certification Team as an SME in information assurance. From there, he moved into a position with the Security Research and Operations group, where his focus was mostly on penetration testing of Cisco products and services. He was also involved in developing and presenting security training to internal development and test teams globally, and provided consulting support to many product teams as an SME on product security testing. His next role was incident manager for the Cisco Product Security Incident Response Team (PSIRT). Currently, Ron is a security architect specializing in the Cisco security product line. He has held a number of industry certifications, including GPEN, GWEB, GCIA, GCIH, GWAPT, RHCE, CCSP, CCNA, CISSP, PenTest+, and MCSE. Ron has also authored books and video courses, teaches, and is involved in organizing a number of cybersecurity conferences, including the BSides Raleigh, Texas Cyber Summit, Grayhat, and the Red Team Village at DEFCON.

Twitter: @Gu5G0rman



Linkedin: www.linkedin.com/in/-RonTaylor

Joseph Mlodzianowski is an information security aficionado and adventurer; he started multiple villages at RSA Conference, DEFCON, and BLACK HAT, among others, including founding the Red Team Village with the help of great friends. He has been in the information technology security field for more than 25 years working in infrastructure, security, networks, systems, design, offense, and defense. Joseph is currently an enterprise security architect of Cisco Managed Services. He spent more than 10 years in the Department of Defense as an operator, principal security network engineer, and SME designing and deploying complex technologies and supporting missions around the world in multiple theaters. He has consulted, investigated, and provided support for multiple federal agencies over the past 15 years. Joseph continues to contribute to content, reviews, and editing in the certification testing and curriculum process. He spent almost 15 years in the energy sector supporting refineries, pipelines, and chemical plants; specializing in industrial control networks; and building data centers. Joseph holds a broad range of certifications, including the Cisco CCIE, CNE, CSNA, CNSS-4012, CISSP, ITILv4, NSA IAM, NSA IEM, OIAC1180, FEMA IS-00317, ACMA, First Responder, Hazmat Certified, Member of Bexar County Sheriff's Office CERT, MCSE, and Certified Hacking Investigator. He also is a founding contributor to the CyManII | Cybersecurity Manufacturing Innovation Institute, a member of Messaging Malware Mobile Anti-Abuse Working Group (M3aawg.org), and founder of the Texas Cyber Summit and Grayhat Conferences. He believes in giving back to the community and supporting nonprofits.

Twitter: @Cedoxx Linkedin: www.linkedin.com/in/mlodzianowski/
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97801367702512e.html
Märksõnad: