CompTIA Security+ SY0-601 Exam Cram Premium Edition and Practice Test
The exciting new CompTIA Security+ SY0-601 Exam Cram Premium Edition and Practice Test is a digital-only certification preparation product combining an eBook with enhanced Pearson IT Certification Practice Test. The Premium Edition eBook and Practice Test contains the following items:
The CompTIA Security+ SY0-601 Exam Cram Premium Edition Practice Test, including four full practice exams and enhanced practice test features PDF, EPUB, and Mobi/Kindle formats of the CompTIA Security+ SY0-601 Exam Cram from Pearson IT Certification, which are accessible via your PC, tablet, and smartphone
About the Premium Edition Practice Test This Premium Edition contains an enhanced version of the Pearson Test Prep practice test software with four full practice exams. This integrated learning package
Allows you to focus on individual topic areas or take complete, timed exams Includes direct links from each question to detailed tutorials to help you understand the concepts behind the questions Provides unique sets of exam-realistic practice questions Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most
Pearson Test Prep online system requirements Browsers: Chrome version 73 and above; Safari version 12 and above; Microsoft Edge 44 and above. Devices: Desktop and laptop computers, tablets running on Android v8.0 and iOS v13, smartphones with a minimum screen size of 4.7". Internet access required. Pearson Test Prep offline system requirements Windows 10, Windows 8.1; Microsoft .NET Framework 4.5 Client; Pentium-class 1 GHz processor (or equivalent); 512 MB RAM; 650 MB disk space plus 50 MB for each downloaded practice exam; access to the Internet to register and download exam databases
About the Premium Edition eBook CompTIA Security+ SY0-601 Exam Cram, Sixth Edition, is the perfect study guide to help you pass the newly updated version of the CompTIA Security+ exam. It provides coverage and practice questions for every exam topic. Extensive prep tools include quizzes, Exam Alerts, and our essential last-minute review Cram Sheet. The powerful Pearson Test Prep practice software provides real-time practice and feedback with two complete exams.
Covers the critical information you'll need to know to score higher on your Security+ SY0-601 exam!
Assess the different types of threats, attacks, and vulnerabilities organizations face Understand security concepts across traditional, cloud, mobile, and IoT environments Explain and implement security controls across multiple environments Identify, analyze, and respond to operational needs and security incidents Understand and explain the relevance of concepts related to governance, risk, and compliance
Introduction . . . . . . . . . . . . . . . . . . . . . . xxvii
Part I: Attacks, Threats, and Vulnerabilities 1 CHAPTER 1: Social
Engineering Techniques.. . . . . . . . . . . . . . . . 3 The Social
Engineer.. . . . . . . . . . . . . . . . . . 4 Phishing and Related
Attacks.. . . . . . . . . . . . . . . 6 Principles of Influence
(Reasons for Effectiveness). . . . . . . . 10 What Next?.. . . . . . .
. . . . . . . . . . . . . . 14 CHAPTER 2: Attack Basics.. . . . . . . . .
. . . . . . . . . . . . . 15 Malware. . . . . . . . . . . . . . . . .
. . . . . . 16 Physical Attacks.. . . . . . . . . . . . . . . . . . .
. 26 Adversarial Artificial Intelligence (AI).. . . . . . . . . . . .
27 Password Attacks. . . . . . . . . . . . . . . . . . . . 28
Downgrade Attacks.. . . . . . . . . . . . . . . . . . . 31 What
Next?.. . . . . . . . . . . . . . . . . . . . . 34 CHAPTER 3: Application
Attacks.. . . . . . . . . . . . . . . . . . . . 35 Race Conditions.. .
. . . . . . . . . . . . . . . . . . 36 Improper Software Handling.. .
. . . . . . . . . . . . . 37 Resource Exhaustion.. . . . . . . . . . .
. . . . . . . 37 Overflows.. . . . . . . . . . . . . . . . . . . . . .
38 Code Injections. . . . . . . . . . . . . . . . . . . . 39
Driver Manipulation.. . . . . . . . . . . . . . . . . . 40 Request
Forgeries.. . . . . . . . . . . . . . . . . . . 41 Directory
Traversal.. . . . . . . . . . . . . . . . . . . 44 Replay Attack.. . .
. . . . . . . . . . . . . . . . . . 45 Secure Sockets Layer (SSL)
Stripping.. . . . . . . . . . . . 45 Application Programming Interface
(API) Attacks.. . . . . . . . 47 Pass-the-Hash Attack. . . . . . . . .
. . . . . . . . . 49 What Next?.. . . . . . . . . . . . . . . . . . .
. . 52 CHAPTER 4: Network Attacks.. . . . . . . . . . . . . . . . . . . .
. 53 Wireless. . . . . . . . . . . . . . . . . . . . . . . 54
On-Path Attack. . . . . . . . . . . . . . . . . . . . 58 Layer 2
Attacks. . . . . . . . . . . . . . . . . . . . 59 Domain Name System
(DNS) Attacks.. . . . . . . . . . . . 62 Denial of Service. . . . . .
. . . . . . . . . . . . . . 64 Malicious Code and Script Execution.. .
. . . . . . . . . . 68 What Next?.. . . . . . . . . . . . . . . . . .
. . . 71 CHAPTER 5: Threat Actors, Vectors, and Intelligence Sources. . .
. . . . . . . 73 Threat Actor Attributes.. . . . . . . . . . . . . . .
. . 74 Threat Actor Types.. . . . . . . . . . . . . . . . . . . 75
Vectors.. . . . . . . . . . . . . . . . . . . . . . . 80 Threat
Intelligence and Research Sources.. . . . . . . . . . . 81 What
Next?.. . . . . . . . . . . . . . . . . . . . . 87 CHAPTER 6:
Vulnerabilities.. . . . . . . . . . . . . . . . . . . . . . 89
Cloud-Based vs. On-Premises. . . . . . . . . . . . . . . 90 Zero-Day.
. . . . . . . . . . . . . . . . . . . . . 90 Weak Configurations. . .
. . . . . . . . . . . . . . . 91 Third-Party Risks.. . . . . . . . . .
. . . . . . . . . 95 Impacts.. . . . . . . . . . . . . . . . . . . . .
. . 96 What Next?.. . . . . . . . . . . . . . . . . . . . . 98
CHAPTER 7: Security Assessment Techniques.. . . . . . . . . . . . . . . 99
Vulnerability Scans.. . . . . . . . . . . . . . . . . . . 100
Threat Assessment.. . . . . . . . . . . . . . . . . . . 103 What
Next?.. . . . . . . . . . . . . . . . . . . . . 110 CHAPTER 8: Penetration
Testing Techniques.. . . . . . . . . . . . . . . . 111 Testing
Methodology. . . . . . . . . . . . . . . . . . 112 Team Exercises.. .
. . . . . . . . . . . . . . . . . . 118 What Next?.. . . . . . . . . .
. . . . . . . . . . . 120 Part II: Architecture and Design 121 CHAPTER
9: Enterprise Security Concepts.. . . . . . . . . . . . . . . . . 123
Configuration Management.. . . . . . . . . . . . . . . . 124 Data
Confidentiality.. . . . . . . . . . . . . . . . . . 126 Deception and
Disruption.. . . . . . . . . . . . . . . . 139 What Next?.. . . . . .
. . . . . . . . . . . . . . . 143 CHAPTER 10: Virtualization and Cloud
Computing.. . . . . . . . . . . . . . 145 Virtualization.. . . . . . .
. . . . . . . . . . . . . . 145 On-Premises vs. Off-Premises. . . . .
. . . . . . . . . . 154 Cloud Models. . . . . . . . . . . . . . . . .
. . . . 155 What Next?.. . . . . . . . . . . . . . . . . . . . . 164
CHAPTER 11: Secure Application Development, Deployment, and Automation.. . .
. 165 Application Environment.. . . . . . . . . . . . . . . . . 166
Integrity Measurement.. . . . . . . . . . . . . . . . . 168 Change
Management and Version Control.. . . . . . . . . . . 169 Secure Coding
Techniques.. . . . . . . . . . . . . . . . 170 Automation and
Scripting.. . . . . . . . . . . . . . . . 180 Scalability and
Elasticity. . . . . . . . . . . . . . . . . 184 What Next?.. . . . . .
. . . . . . . . . . . . . . . 187 CHAPTER 12: Authentication and
Authorization Design. . . . . . . . . . . . . 189 Identification and
Authentication, Authorization, and Accounting (AAA).. . . . . . . . .
. . . . . . . . . . 189 Multifactor Authentication.. . . . . . . . . .
. . . . . . 190 Single Sign-on.. . . . . . . . . . . . . . . . . . . .
192 Authentication Technologies. . . . . . . . . . . . . . . . 195
What Next?.. . . . . . . . . . . . . . . . . . . . . 204 CHAPTER 13:
Cybersecurity Resilience.. . . . . . . . . . . . . . . . . . 205
Redundancy.. . . . . . . . . . . . . . . . . . . . . 205 Backups.. . .
. . . . . . . . . . . . . . . . . . . . 214 Defense in Depth.. . . . .
. . . . . . . . . . . . . . 221 What Next?.. . . . . . . . . . . . . .
. . . . . . . 224 CHAPTER 14: Embedded and Specialized Systems. . . . . .
. . . . . . . . 225 Embedded Systems.. . . . . . . . . . . . . . . . .
. . 225 SCADA and ICS. . . . . . . . . . . . . . . . . . . . 227
Smart Devices and IoT.. . . . . . . . . . . . . . . . . 229 What
Next?.. . . . . . . . . . . . . . . . . . . . . 238 CHAPTER 15: Physical
Security Controls.. . . . . . . . . . . . . . . . . . 239 Perimeter
Security.. . . . . . . . . . . . . . . . . . . 239 Internal Security..
. . . . . . . . . . . . . . . . . . . 243 Equipment Security. . . . .
. . . . . . . . . . . . . . 246 Environmental Controls.. . . . . . . .
. . . . . . . . . 249 Secure Data Destruction.. . . . . . . . . . . .
. . . . . 255 What Next?.. . . . . . . . . . . . . . . . . . . . . 259
CHAPTER 16: Cryptographic Concepts. . . . . . . . . . . . . . . . . . .
261 Cryptosystems.. . . . . . . . . . . . . . . . . . . . 262
Use of Proven Technologies and Implementation.. . . . . . . . 272
Steganography.. . . . . . . . . . . . . . . . . . . . 273 Cryptography
Use Cases.. . . . . . . . . . . . . . . . . 274 Cryptography
Constraints.. . . . . . . . . . . . . . . . 276 What Next?.. . . . . .
. . . . . . . . . . . . . . . 277 Part III: Implementation 279 CHAPTER
17: Secure Protocols.. . . . . . . . . . . . . . . . . . . . . 281
Secure Web Protocols.. . . . . . . . . . . . . . . . . . 282 Secure
File Transfer Protocols.. . . . . . . . . . . . . . . 286 Secure Email
Protocols.. . . . . . . . . . . . . . . . . 287 Secure Internet
Protocols. . . . . . . . . . . . . . . . . 288 Secure Protocol Use
Cases.. . . . . . . . . . . . . . . . 293 What Next?.. . . . . . . . .
. . . . . . . . . . . . 305 CHAPTER 18: Host and Application Security
Solutions.. . . . . . . . . . . . . 307 Endpoint Protection.. . . . .
. . . . . . . . . . . . . 308 Firewalls and HIPS/HIDS Solutions.. . .
. . . . . . . . 308 Anti-Malware and Other Host Protections. . . . . .
. . . 310 Application Security.. . . . . . . . . . . . . . . . . . 318
Hardware and Firmware Security.. . . . . . . . . . . . . . 322
Operating System Security.. . . . . . . . . . . . . . . . 330 What
Next?.. . . . . . . . . . . . . . . . . . . . . 338 CHAPTER 19: Secure
Network Design.. . . . . . . . . . . . . . . . . . . 339 Network
Devices and Segmentation.. . . . . . . . . . . . . 340 Security
Devices and Boundaries. . . . . . . . . . . . . . 347 What Next?.. . .
. . . . . . . . . . . . . . . . . . 369 CHAPTER 20: Wireless Security
Settings.. . . . . . . . . . . . . . . . . . 371 Access Methods.. . .
. . . . . . . . . . . . . . . . . 372 Wireless Cryptographic
Protocols.. . . . . . . . . . . . . . 373 Authentication Protocols.. .
. . . . . . . . . . . . . . . 377 Wireless Access Installations. . . .
. . . . . . . . . . . . 379 What Next?.. . . . . . . . . . . . . . . .
. . . . . 387 CHAPTER 21: Secure Mobile Solutions. . . . . . . . . . . . .
. . . . . . 389 Communication Methods. . . . . . . . . . . . . . . . .
389 Mobile Device Management Concepts. . . . . . . . . . . . 393
Enforcement and Monitoring.. . . . . . . . . . . . . . . 405
Deployment Models.. . . . . . . . . . . . . . . . . . 412 What Next?..
. . . . . . . . . . . . . . . . . . . . 420 CHAPTER 22: Cloud
Cybersecurity Solutions.. . . . . . . . . . . . . . . . 421 Cloud
Workloads.. . . . . . . . . . . . . . . . . . . 422 Third-Party Cloud
Security Solutions.. . . . . . . . . . . . 428 What Next?.. . . . . .
. . . . . . . . . . . . . . . 431 CHAPTER 23: Identity and Account
Management Controls.. . . . . . . . . . . 433 Account Types.. . . . .
. . . . . . . . . . . . . . . 433 Account Management.. . . . . . . . .
. . . . . . . . . 435 Account Policy Enforcement.. . . . . . . . . . .
. . . . 441 What Next?.. . . . . . . . . . . . . . . . . . . . . 448
CHAPTER 24: Authentication and Authorization Solutions.. . . . . . . . . . .
. 449 Authentication.. . . . . . . . . . . . . . . . . . . . 450
Access Control.. . . . . . . . . . . . . . . . . . . . 466 What
Next?.. . . . . . . . . . . . . . . . . . . . . 472 CHAPTER 25: Public Key
Infrastructure.. . . . . . . . . . . . . . . . . . 473 What Next?.. .
. . . . . . . . . . . . . . . . . . . 489 Part IV: Operations and Incident
Response 491 CHAPTER 26: Organizational Security.. . . . . . . . . . . . .
. . . . . . 493 Shell and Script Environments.. . . . . . . . . . . .
. . . 494 Network Reconnaissance and Discovery. . . . . . . . . . . .
496 Packet Capture and Replay. . . . . . . . . . . . . . . . 502
Password Crackers.. . . . . . . . . . . . . . . . . . . 504
Forensics and Data Sanitization.. . . . . . . . . . . . . . 505 What
Next?.. . . . . . . . . . . . . . . . . . . . . 508 CHAPTER 27: Incident
Response.. . . . . . . . . . . . . . . . . . . . . 509 Attack
Frameworks.. . . . . . . . . . . . . . . . . . . 509 Incident Response
Plan.. . . . . . . . . . . . . . . . . 512 Incident Response Process..
. . . . . . . . . . . . . . . 517 Continuity and Recovery Plans.. . .
. . . . . . . . . . . . 522 What Next?.. . . . . . . . . . . . . . . .
. . . . . 528 CHAPTER 28: Incident Investigation. . . . . . . . . . . . .
. . . . . . . 529 SIEM Dashboards. . . . . . . . . . . . . . . . . . .
530 Logging. . . . . . . . . . . . . . . . . . . . . . . 531
Network Activity. . . . . . . . . . . . . . . . . . . . 536 What
Next?.. . . . . . . . . . . . . . . . . . . . . 539 CHAPTER 29: Incident
Mitigation.. . . . . . . . . . . . . . . . . . . . . 541 Containment
and Eradication.. . . . . . . . . . . . . . . 541 What Next?.. . . . .
. . . . . . . . . . . . . . . . 549 CHAPTER 30: Digital Forensics.. . . .
. . . . . . . . . . . . . . . . . 551 Data Breach Notifications.. . .
. . . . . . . . . . . . . 552 Strategic
Intelligence/Counterintelligence Gathering. . . . . . . 554 Track
Person-hours.. . . . . . . . . . . . . . . . . . . 555 Order of
Volatility. . . . . . . . . . . . . . . . . . . 555 Chain of Custody..
. . . . . . . . . . . . . . . . . . 556 Data Acquisition.. . . . . . .
. . . . . . . . . . . . . 559 Capture System Images.. . . . . . . . .
. . . . . . 560 Capture Network Traffic and Logs.. . . . . . . . . . .
560 Capture Video and Photographs.. . . . . . . . . . . . 561
Record Time Offset.. . . . . . . . . . . . . . . . 562 Take Hashes. .
. . . . . . . . . . . . . . . . . 562 Capture Screenshots.. . . . . .
. . . . . . . . . . 563 Collect Witness Interviews. . . . . . . . . .
. . . . 563 What Next?.. . . . . . . . . . . . . . . . . . . . . 565
Part V: Governance, Risk, and Compliance 567 CHAPTER 31: Control Types..
. . . . . . . . . . . . . . . . . . . . . 569 Nature of Controls.. . .
. . . . . . . . . . . . . . . . 570 Functional Use of Controls.. . . .
. . . . . . . . . . . . 570 Compensating Controls.. . . . . . . . . .
. . . . . . . 572 What Next?.. . . . . . . . . . . . . . . . . . . . .
574 CHAPTER 32: Regulations, Standards, and Frameworks.. . . . . . . . . .
. . 575 Industry-Standard Frameworks and Reference Architectures. . .
. . 575 Benchmarks and Secure Configuration Guides.. . . . . . . . .
579 What Next?.. . . . . . . . . . . . . . . . . . . . . 581
CHAPTER 33: Organizational Security Policies.. . . . . . . . . . . . . . . .
583 Policy Framework.. . . . . . . . . . . . . . . . . . . 583
Human Resource Management Policies.. . . . . . . . . . . . 584
Third-Party Risk Management.. . . . . . . . . . . . . . . 592 What
Next?.. . . . . . . . . . . . . . . . . . . . . 596 CHAPTER 34: Risk
Management.. . . . . . . . . . . . . . . . . . . . . 597 Risk
Analysis. . . . . . . . . . . . . . . . . . . . . 598 Risk
Assessment.. . . . . . . . . . . . . . . . . . . . 602 Business Impact
Analysis.. . . . . . . . . . . . . . . . . 606 What Next?.. . . . . .
. . . . . . . . . . . . . . . 612 CHAPTER 35: Sensitive Data and Privacy..
. . . . . . . . . . . . . . . . . 613 Sensitive Data Protection. . . .
. . . . . . . . . . . . . 613 Privacy Impact Assessment.. . . . . . .
. . . . . . . . . 621 What Next?.. . . . . . . . . . . . . . . . . . .
. . 623 Glossary of Essential Terms and Components.. . . . . . . . . . . .
625
9780136798675, TOC, 10/9/2020
Marty M. Weiss has spent most of his career in information security and risk management, helping large organizations. Marty holds a bachelor of science degree in computer studies from the University of Maryland University College and an MBA from the Isenberg School of Management at the University of Massachusetts Amherst. He holds several certifications, including CISSP, CISA, and Security+. Marty has authored and coauthored more than a half-dozen books on information technology, many that have been described as riveting and Dostoevsky-esque in reviews by his mother. A Florida native, he now lives in New England.
