Muutke küpsiste eelistusi

E-raamat: Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601)

4.00/5 (38 hinnangut Goodreads-ist)
,
  • Formaat: PDF+DRM
  • Ilmumisaeg: 07-May-2021
  • Kirjastus: McGraw-Hill Education
  • Keel: eng
  • ISBN-13: 9781260473704
Teised raamatud teemal:
  • Formaat - PDF+DRM
  • Hind: 37,44 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601)Suurem pilt
  • Formaat: PDF+DRM
  • Ilmumisaeg: 07-May-2021
  • Kirjastus: McGraw-Hill Education
  • Keel: eng
  • ISBN-13: 9781260473704
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

An up-to-date CompTIA Security+ exam guide from training and exam preparation guru Mike Meyers

Take the latest version of the CompTIA Security+ exam (exam SY0-601) with confidence using the comprehensive information contained in this highly effective self-study resource. Like the test, the guide goes beyond knowledge application and is designed to ensure that security personnel anticipate security risks and guard against them. 

In Mike Meyers’ CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601), the bestselling author and leading authority on CompTIA A+ certification brings his proven methodology to IT security. Mike covers all exam objectives in small, digestible modules that allow you to focus on individual skills as you move through a broad and complex set of skills and concepts. The book features hundreds of accurate practice questions as well as a toolbox of the author’s favorite network security related freeware/shareware.

  • Provides complete coverage of every objective for exam SY0-601
  • Online content includes 20+ lab simulations, video training, a PDF glossary, and 180 practice questions
  • Written by computer security and certification experts Mike Meyers and Scott Jernigan


Acknowledgments xix
Introduction xxi
Chapter 1 Risk Management
1(76)
Module 1-1 Defining Risk
2(14)
Asset
2(1)
Likelihood
3(1)
Threat Actor
3(2)
Vulnerability and Threat
5(1)
Circling Back to the Risk Definition
6(1)
Vectors
6(1)
Threat Intelligence
7(9)
Module 1-2 Risk Management Concepts
16(9)
Infrastructure
16(2)
Security Controls
18(1)
Risk Management Frameworks
18(7)
Module 1-3 Security Controls
25(2)
Control Categories
25(1)
Control Types
25(2)
Module 1-4 Risk Assessment
27(13)
Risk Assessment Processes and Concepts
28(5)
Quantitative Risk Assessment
33(3)
Qualitative Risk Assessment
36(1)
Putting It All Together: Risk Analysis
37(1)
Risk Response
38(2)
Module 1-5 Business Impact Analysis
40(7)
BIA Basics
41(2)
Types of Impact
43(2)
Locating Critical Resources
45(1)
Calculating Impact
45(1)
Calculating Downtime
46(1)
Module 1-6 Data Security and Data Protection
47(13)
Organizing Data
48(3)
Legal and Compliance
51(5)
Data Destruction
56(2)
Privacy Breaches
58(2)
Module 1-7 Personnel Risk and Policies
60(8)
Hiring
60(1)
Onboarding
60(1)
Personnel Management Policies
61(2)
Training
63(2)
Policies
65(1)
User Habits
65(2)
Offboarding
67(1)
Module 1-8 Third-Party Risk and Policies
68(9)
Third-Party Risk Management
68(3)
Agreement Types
71(3)
Questions
74(2)
Answers
76(1)
Chapter 2 Cryptography
77(76)
Module 2-1 Cryptography Basics
78(12)
Essential Building Blocks
78(3)
Early Cryptography
81(4)
Cryptography Components
85(5)
Module 2-2 Cryptographic Methods
90(8)
Symmetric Cryptography
90(3)
Asymmetric Cryptography
93(1)
Hashing
94(2)
Limitations in Symmetric vs. Asymmetric Cryptography
96(1)
Hybrid Cryptography
97(1)
The Perfect Cryptosystem
97(1)
Module 2-3 Symmetric Cryptosystems
98(5)
DES
98(3)
3DES
101(1)
AES
101(1)
Blowfish
102(1)
Twofish
102(1)
RC4
102(1)
Summary of Symmetric Algorithm Characteristics
102(1)
Module 2-4 Asymmetric Cryptosystems
103(4)
RSA
103(2)
Diffie-Hellman
105(1)
PGP/GPG
106(1)
ECC
106(1)
ElGamal
106(1)
Module 2-5 Hashing Algorithms
107(3)
Hashing Process
107(2)
MD5
109(1)
SHA
109(1)
RIPEMD
110(1)
HMAC
110(1)
Module 2-6 Digital Signatures and Certificates
110(10)
Digital Signatures
111(2)
Digital Certificates
113(7)
Module 2-7 Public Key Infrastructure
120(13)
Keys, Algorithms, and Standards
121(2)
PKI Services
123(1)
Digital Certificates and PKI Structure
124(7)
Key Safety
131(1)
Trust Models
132(1)
Module 2-8 Cryptographic Attacks
133(15)
Attack Strategies
133(2)
Attackable Data
135(2)
Attack Scenarios
137(8)
Defending Password Storage
145(1)
Other Attack Options
146(2)
Module 2-9 Other Cryptosystems
148(5)
Homomorphic Encryption
149(1)
Blockchain
149(1)
Quantum Cryptography
150(1)
Questions
150(2)
Answers
152(1)
Chapter 3 Identity and Account Management
153(64)
Module 3-1 Understanding Authentication
155(12)
Identification and AAA
155(1)
Identification and Authentication
156(6)
Authorization
162(2)
Accounting
164(1)
Trust
165(2)
Module 3-2 Authentication Methods and Access Controls
167(15)
Authentication Methods
168(7)
Biometrics
175(4)
Authorization and Access Control Schemes/Models
179(3)
Module 3-3 Account Management
182(19)
User Accounts
183(7)
Account Policies
190(9)
Account Administration
199(2)
Module 3-4 Point-to-Point Authentication
201(4)
PAP
202(1)
CHAP/MS-CHAP
202(1)
Remote Access Connection and Authentication Services
203(2)
Module 3-5 Network Authentication
205(6)
The Challenge of LAN Access Management
205(2)
Microsoft Networking
207(3)
LDAP and Secure LDAP
210(1)
Module 3-6 Identity Management Systems
211(6)
Trust
212(1)
Shared Authentication Schemes
213(1)
Questions
214(2)
Answers
216(1)
Chapter 4 Tools of the Trade
217(50)
Module 4-1 Operating System Utilities
217(20)
Network Reconnaissance and Discovery
218(13)
File Manipulation
231(4)
Shell and Script Environments
235(2)
Module 4-2 Network Scanners
237(9)
Scanning Methods
239(1)
Scanning Targets
239(1)
Scanner Types
239(7)
Module 4-3 Protocol Analyzers
246(6)
Why Protocol Analyze?
247(1)
Wireshark
248(3)
tcpdump
251(1)
Module 4-4 Monitoring Networks
252(15)
Exploring Log Files
253(4)
Centralizing Log Files
257(2)
Security Information and Event Management
259(3)
Log File Management
262(1)
Questions
263(1)
Answers
264(3)
Chapter 5 Securing Individual Systems
267(60)
Module 5-1 Types of System Attacks
269(10)
Attacking Applications
270(6)
Driver Manipulation
276(1)
Malicious Code or Script Execution
277(2)
Module 5-2 Malware
279(9)
Virus
280(1)
Cryptomalware/Ransomware
281(1)
Worm
282(1)
Trojan Horse
283(1)
Potentially Unwanted Programs
283(2)
Bots/Botnets
285(1)
Logic Bomb
286(1)
Keylogger
286(1)
RAT
287(1)
Rootkit
288(1)
Backdoor
288(1)
Module 5-3 Cybersecurity Resilience
288(12)
Non-persistence
289(6)
Redundancy
295(5)
Diversity
300(1)
Module 5-4 Securing Hardware
300(10)
Physical Attacks
301(2)
Securing the Systems
303(2)
Securing Boot Integrity
305(5)
Module 5-5 Securing Endpoints
310(11)
Hardening Operating Systems
310(7)
Anti-malware
317(2)
Data Execution Prevention
319(1)
File Integrity Monitors
319(1)
Data Loss Prevention
320(1)
Module 5-6 System Recycling
321(6)
Clear
321(2)
Purge
323(1)
Destroy
324(1)
Questions
324(2)
Answers
326(1)
Chapter 6 The Basic LAN
327(44)
Module 6-1 Layer 2 LAN Attacks
327(7)
ARP Poisoning
328(2)
Man-in-the-Middle Attacks
330(2)
MAC Flooding
332(1)
MAC Cloning
333(1)
Module 6-2 Organizing LANs
334(9)
Configuration Management
335(3)
Network Segmentation
338(4)
Load Balancing
342(1)
Module 6-3 Implementing Secure Network Designs
343(14)
Securing the LAN
343(4)
Internet Connection Firewalls
347(7)
Securing Servers
354(3)
Module 6-4 Virtual Private Networks
357(5)
How VPNs Work
358(2)
Early VPNs
360(1)
IPsec VPNs
360(1)
TLS VPNs
361(1)
Module 6-5 Network-Based Intrusion Detection/Prevention
362(9)
Detection vs. Prevention
362(1)
Detecting Attacks
362(2)
Configuring Network-Based IDS/IPS
364(2)
Monitoring NIDS/NIPS
366(1)
Endpoint Detection and Response
367(1)
Questions
367(2)
Answers
369(2)
Chapter 7 Securing Wireless LANs
371(30)
Module 7-1 Networking with 802.11
371(9)
Wireless Cryptographic Protocols
372(5)
Wireless Authentication Protocols
377(3)
Module 7-2 Attacking 802.11
380(9)
Wireless Survey/Stumbler
380(1)
Packet Capture
381(1)
Attack Tools
381(1)
Rogue Access Point
382(1)
Jamming
383(2)
Packet Sniffing
385(1)
Deauthentication Attack
385(1)
Near-Field Communication
386(1)
Replay Attacks
387(1)
WEP/WPA Attacks
387(1)
WPS Attacks
388(1)
Wireless Peripherals
388(1)
Module 7-3 Securing 802.11
389(12)
Installation Considerations
389(4)
Wireless Configuration
393(4)
Security Posture Assessment
397(1)
Questions
398(2)
Answers
400(1)
Chapter 8 Securing Public Servers
401(34)
Module 8-1 Attacking and Defending Public Servers
401(5)
Distributed Denial-of-Service
402(2)
Route Security
404(1)
Quality of Service
404(1)
Monitoring Services
404(2)
Module 8-2 Visualization Security
406(8)
Visualization Architecture
407(3)
Containers
410(1)
Visualization Risks
411(1)
Using Visualization for Security
412(2)
Module 8-3 Cloud Deployment
414(12)
Let's Talk Amazon
416(3)
Cloud Deployment Models
419(3)
Cloud Architecture Models
422(2)
Cloud Growing Pains
424(2)
Module 8-4 Securing the Cloud
426(9)
Cloud Security Controls
426(6)
Unique Cloud Security Solutions
432(1)
Questions
432(2)
Answers
434(1)
Chapter 9 Securing Dedicated Systems
435(44)
Module 9-1 Embedded, Specialized, and Mobile Systems
436(12)
Embedded Systems
436(3)
SCADA/ICS
439(1)
Internet of Things
440(1)
Specialized Systems
441(6)
Mobile Systems
447(1)
Module 9-2 Connecting to Dedicated Systems
448(5)
Common Communication Technologies
448(3)
IoT-Specific Communication Technologies
451(2)
Module 9-3 Security Constraints for Dedicated Systems
453(3)
Hardware
453(1)
Programming
453(2)
Connectivity
455(1)
Module 9-4 Implementing Secure Mobile Solutions
456(23)
Mobile Device Management
458(1)
Deployment Models
459(3)
Inventory Control and Asset Tracking
462(4)
Application Management and Security
466(1)
Encryption and Authentication
467(1)
Enforcement and Monitoring for Device Security
468(7)
Questions
475(2)
Answers
477(2)
Chapter 10 Physical Security
479(24)
Module 10-1 Physical Security Controls
479(15)
Passive Defensive Systems and Perimeter Controls
480(8)
Active Alert Systems
488(1)
Manned Defensive Systems
489(5)
Module 10-2 Environmental Controls
494(9)
EMI and RFI Shielding
494(1)
Fire Suppression
495(3)
HVAC
498(1)
Temperature and Humidity Controls
498(1)
Hot and Cold Aisles
499(1)
Environmental Monitoring
500(1)
Questions
500(2)
Answers
502(1)
Chapter 11 Secure Protocols and Applications
503(54)
Module 11-1 Secure Internet Protocols
504(5)
DNS Security
505(1)
SNMP
506(1)
SSH
507(1)
FTP
508(1)
SRTP
509(1)
Module 11-2 Secure Web and E-mail
509(8)
HTTP
509(1)
HTTPS
510(3)
E-mail
513(4)
Module 11-3 Web Application Attacks
517(9)
Injection Attacks
517(3)
Hijacking and Related Attacks
520(3)
Other Web Application Attacks
523(3)
Module 11-4 Application Security
526(16)
Development
527(8)
Code Quality and Testing
535(2)
Staging
537(1)
Production
537(1)
Quality Assurance
538(1)
Getting Organized
538(4)
Module 11-5 Certificates in Security
542(15)
Certificate Concepts and Components
542(1)
PKI Concepts
542(3)
Online vs. Offline CA
545(2)
PKI TLS Scenario
547(1)
Types of Certificates
548(4)
Certificate Formats
552(2)
Key Escrow
554(1)
Questions
554(2)
Answers
556(1)
Chapter 12 Testing Infrastructure
557(44)
Module 12-1 Vulnerability Impact
557(6)
Device/Hardware Vulnerabilities
558(1)
Configuration Vulnerabilities
559(3)
Management/Design Vulnerabilities
562(1)
Module 12-2 Social Engineering
563(14)
Social Engineering Goals
564(3)
Principles
567(3)
Types of Attacks
570(7)
Module 12-3 Artificial Intelligence
577(2)
Understanding Artificial Intelligence
577(1)
Machine Learning Essentials
577(1)
OSINT
578(1)
Adversarial Artificial Intelligence
579(1)
Module 12-4 Security Assessment
579(11)
Threat Hunting
580(1)
Vulnerability Scans
581(3)
Penetration Testing
584(6)
Module 12-5 Assessment Tools
590(11)
Protocol Analyzer
591(1)
Network Scanner
591(2)
Vulnerability Scanner
593(1)
Configuration Compliance Scanner
594(1)
Penetration Testing with Metasploit
594(1)
Specific Tools Mentioned by CompTIA
595(1)
Interpreting Security Assessment Tool Results
596(1)
Questions
597(2)
Answers
599(2)
Chapter 13 Dealing with Incidents
601(60)
Module 13-1 Incident Response
601(19)
Incident Response Concepts
602(2)
Incident Response Procedures
604(13)
Scenarios: Mitigation During and After an Incident
617(3)
Module 13-2 Digital Forensics
620(17)
Digital Forensics Concepts
620(3)
Data Volatility
623(4)
Critical Forensics Practices
627(5)
Data Acquisition
632(3)
Analyzing Evidence
635(2)
Module 13-3 Continuity of Operations and Disaster Recovery
637(24)
Risk Management Best Practices
637(4)
Contingency Planning and Resilience
641(2)
Functional Recovery Plans
643(2)
Backup and Restore Plans and Policies
645(12)
Questions
657(2)
Answers
659(2)
Appendix A Exam Objective Map
661(38)
ExamSYO-601
661(38)
Appendix B About the Online Content
699(4)
System Requirements
699(1)
Your Total Seminars Training Hub Account
699(1)
Privacy Notice
699(1)
Single User License Terms and Conditions
699(2)
Total Tester Online
701(1)
Other Book Resources
701(1)
Video Training from Mike Meyers
701(1)
Total Sim Simulations
702(1)
Mike's Cool Tools
702(1)
Technical Support
702(1)
Glossary 703(66)
Index 769
Michael Meyers, MCP, CompTIA A+, CompTIA Network+, CompTIA Security+ (Houston, TX), is one of the industry's leading authorities on CompTIA certification. He is the president and founder and Total Seminars, LLC, a major provider of PC and network repair seminars for thousands of organizations including IBM, Lucent Technologies, GE, the FBI, the FAA and the United Nations. Mike is the best-selling author of the A+ Certification All-in-One Exam Guide.





Scott Jernigan (Houston, TX) is Editor in Chief for Total Seminars. Jernigan holds a Master of Arts degree in Medieval History, and after leaving academics, Jernigan began a career in IT, working as an instructor, editor, and writer. Mr. Jernigan has edited and contributed to dozens of books on computer literacy, hardware, operating systems, networking, and certification. His is the author of Computer LiteracyYour Ticket to IC3 Certification, and is the co-author of the bestselling CompTIA A+ Certification All-in-One Exam Guide, and the Mike Meyers A+ Guide to Managing and Troubleshooting PCs textbook (both with Mike Meyers). He has taught computer classes all over the United States, including stints at the United Nations in New York and the FBI Academy in Quantico.
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97812604737042e.html
Märksõnad: