book

CompTIA® Security+® SY0-701 Certification Guide - Third Edition

Name: CompTIA® Security+® SY0-701 Certification Guide - Third Edition
Author: Ian Neil
ISBN: 9781835461532

by Ian Neil

January 2024

Beginner

634 pages

15h 49m

English

Packt Publishing

Read now

Unlock full access

CompTIA® Security+® SY0-701 Certification Guide
Third EditionContributorsAbout the AuthorAbout the Reviewers
Preface
Who This Book Is ForWhat This Book CoversDomain 1: General Security ConceptsDomain 2: Threats, Vulnerabilities, and MitigationsDomain 3: Security ArchitectureDomain 4: Security OperationsDomain 5: Security Program Management and OversightHow to Use This BookEnd of Chapter Self-Assessment QuestionsAdditional Online ResourcesDownload the Color ImagesConventions UsedGet in TouchReviews
Domain 1: General Security Concepts
Chapter 1: Compare and contrast various types of security controls
IntroductionControl CategoriesTechnical ControlsManagerial ControlsOperational ControlsPhysical ControlsControl TypesSummaryExam Objectives 1.1Chapter Review Questions
Chapter 2: Summarize fundamental security concepts
IntroductionConfidentiality, Integrity, and AvailabilityNon-RepudiationAuthentication, Authorization, and AccountingGap AnalysisZero TrustThe Data PlanePhysical SecurityDeception and Disruption TechnologySummaryExam Objectives 1.2Chapter Review Questions
Chapter 3: Explain the importance of change management processes and the impact to security
IntroductionChange ManagementTechnical ImplicationsDocumentationVersion ControlSummaryExam Objectives 1.3Chapter Review Questions
Chapter 4: Explain the importance of using appropriate cryptographic solutions
IntroductionPublic Key Infrastructure (PKI)EncryptionToolsObfuscationHashingSaltingDigital SignaturesKey StretchingBlockchainOpen Public LedgerCertificatesSummaryExam Objectives 1.4Chapter Review Questions
Domain 2: Threats, Vulnerabilities, and Mitigations
Chapter 5: Compare and contrast common threat actors and motivations
IntroductionThreat ActorsAttributes of ActorsMotivationsSummaryExam Objectives 2.1Chapter Review Questions
Chapter 6: Explain common threat vectors and attack surfaces
IntroductionMessage-BasedImage-BasedFile-BasedVoice CallRemovable DeviceVulnerable SoftwareUnsupported Systems and ApplicationsUnsecure NetworksOpen Service PortsDefault CredentialsSupply ChainHuman Vectors/Social EngineeringSummaryExam Objectives 2.2Chapter Review Questions

Chapter 7: Explain various types of vulnerabilities
IntroductionApplication VulnerabilitiesOperating System (OS)-Based VulnerabilitiesWeb-Based VulnerabilitiesHardware VulnerabilitiesVirtualization VulnerabilitiesCloud-Specific VulnerabilitiesSupply Chain VulnerabilitiesCryptographic VulnerabilitiesMisconfiguration VulnerabilitiesMobile Device VulnerabilitiesZero-Day VulnerabilitiesSummaryExam Objective 2.3Chapter Review Questions
Chapter 8: Given a scenario, analyze indicators of malicious activity
IntroductionMalware AttacksPotentially Unwanted Programs (PUPs)RansomwareTrojansRemote Access TrojansWormsSpywareBloatwareVirusesPolymorphic VirusesKeyloggersLogic BombsRootkitsMalware InspectionPhysical AttacksPhysical Brute ForceRadio Frequency Identification (RFID) CloningEnvironmentalNetwork AttacksPivotingDistributed Denial-of-Service (DDoS)ARP PoisoningDomain Name System (DNS) attacksWireless AttacksOn-pathCredential ReplayMalicious CodeApplication AttacksInjection AttackBuffer OverflowPrivilege EscalationForgery AttacksDirectory TraversalCryptographic AttacksDowngrade AttacksCollisionBirthdayPass-the-Hash AttackPassword AttacksIndicators of AttackSummaryExam Objectives 2.4Chapter Review Questions
Chapter 9: Explain the purpose of mitigation techniques used to secure the enterprise
IntroductionSegmentationAccess ControlApplication Allow ListApplication Block ListIsolationPatchingEncryptionMonitoringLeast PrivilegeConfiguration EnforcementDecommissioningHardening TechniquesSummaryExam Objectives 2.5Chapter Review Questions
Domain 3: Security Architecture
Chapter 10: Compare and contrast security implications of different architecture models
IntroductionSecuring the NetworkSecuring the ServersSecuring the HostsArchitecture and Infrastructure ConceptsCloud ComputingResponsibility MatrixHybrid ConsiderationsInfrastructure as Code (IaC)ServerlessMicroservicesNetwork InfrastructurePhysical IsolationLogical SegmentationSoftware-Defined Networking (SDN)On-PremisesCentralized versus DecentralizedContainerizationVirtualizationIoTIndustrial Control Systems (ICS) / Supervisory Control and Data Acquisition (SCADA)Real-Time Operating System (RTOS)Embedded SystemsHigh AvailabilityConsiderations for Your InfrastructureSummaryExam Objectives 3.1Chapter Review Questions
Chapter 11: Given a scenario, apply security principles to secure enterprise infrastructure
IntroductionInfrastructure ConsiderationsDevice PlacementSecurity ZonesAttack SurfaceConnectivityFailure ModesDevice AttributeNetwork AppliancesPort SecurityFirewall TypesSecure Communication/AccessVirtual Private Network (VPN)Remote AccessTunnelingSoftware-Defined Wide Area NetworkSecure Access Service EdgeSelection of Effective ControlsSummaryExam Objectives 3.2Chapter Review Questions
Chapter 12: Compare and contrast concepts and strategies to protect data
IntroductionData TypesData ClassificationsGeneral Data ConsiderationsMethods to Secure DataSummaryExam Objectives 3.3Chapter Review Questions
Chapter 13: Explain the importance of resilience and recovery in security architecture
IntroductionHigh AvailabilityLoad Balancer ConfigurationsClusteringSite ConsiderationsCloud Data ReplicationData SovereigntyPlatform DiversityMulti-Cloud SystemsContinuity of OperationsCapacity PlanningTestingBackupsImportant Backup FeaturesPowerSummaryExam Objectives 3.4Chapter Review Questions
Domain 4: Security Operations
Chapter 14: Given a scenario, apply common security techniques to computing resources
IntroductionSecure BaselinesEstablishDeployMaintainHardening TargetsWireless DevicesMobile SolutionsMobile Device ManagementDeployment ModelsConnection MethodsMobile Solutions – Other FactorsWireless Security SettingsWi-Fi Protected Access 3AAA/Remote Authentication Dial-In User Service (RADIUS)Cryptographic ProtocolsAuthentication ProtocolsApplication SecuritySandboxingMonitoringSummaryExam Objectives 4.1Chapter Review Questions
Chapter 15: Explain the security implications of proper hardware, software, and data asset management
IntroductionAcquisition/Procurement ProcessAssignment/AccountingMonitoring/Asset TrackingDisposal/DecommissioningSummaryExam Objective 4.2Chapter Review Questions
Chapter 16: Explain various activities associated with vulnerability management
IntroductionIdentification MethodsVulnerability ScansSecurity Content Automation ProtocolApplication SecurityThreat FeedsOSINTInformation-Sharing OrganizationsThe Dark WebPenetration TestingResponsible Disclosure ProgramSystem/Process AuditAnalysisConfirmationPrioritizationVulnerability Response and RemediationPatchingInsuranceSegmentationValidation of RemediationRescanningAuditVerificationReportingSummaryExam Objective 4.3Chapter Review Questions
Chapter 17: Explain security alerting and monitoring concepts and tools
IntroductionMonitoring Computing ResourcesActivitiesAlert Response and Remediation/ValidationToolsSecurity Content Automation Protocol (SCAP)BenchmarksAgents/AgentlessSecurity Information and Event Management (SIEM)AntivirusData Loss Prevention (DLP)Simple Network Management Protocol (SNMP) TrapsNetFlowVulnerability ScannersSummaryExam Objectives 4.4Chapter Review Questions
Chapter 18: Given a scenario, modify enterprise capabilities to enhance security
IntroductionFirewallFirewall TypesRulesAccess Control ListZonesIDSs/IPSsIDS/IPS SignaturesWeb FilteringOperating System SecuritySELinuxThe Implementation of Secure ProtocolsEmail SecurityFile Integrity MonitoringData Loss Prevention (DLP)Network Access Control (NAC)Endpoint Detection and Response, and Extended Detection and ResponseUser Behavior AnalyticsSummaryExam Objectives 4.5Chapter Review Questions
Chapter 19: Given a scenario, implement and maintain identity and access management
IntroductionProvisioning User AccountsActive Directory (Directory Services)New User AccountsKerberosLinuxDeprovisioning User AccountsPermission Assignments and ImplicationsIdentity ProofingFederationSingle Sign-On (SSO)InteroperabilityAttestationAccess ControlsMandatory Access Control (MAC)Role-Based Access Control (RBAC)Attribute-Based Access Control (ABAC)Discretionary-Based Access Control (DAC)Time-of-Day RestrictionsLeast PrivilegeMulti-Factor AuthenticationBiometric AuthenticationHard AuthenticationSoft AuthenticationFactors of AuthenticationTokensPassword ConceptsPassword ManagersPasswordlessPrivileged Access Management (PAM)PAM ToolsSummaryExam Objective 4.6Chapter Review Questions
Chapter 20: Explain the importance of automation and orchestration related to secure operations
IntroductionSecurity Orchestration, Automation, and Response (SOAR)Use Cases of Automation and ScriptingBenefitsOther ConsiderationsSummaryExam Objectives 4.7Chapter Review Questions
Chapter 21: Explain appropriate incident response activities
IntroductionProcessAttack FrameworksMITRE ATT&CK FrameworkCyber Kill ChainThe Diamond Model of Intrusion AnalysisTrainingTestingRoot Cause AnalysisThreat HuntingDigital ForensicsLegal HoldChain of CustodySummaryExam Objectives 4.8Chapter Review Questions
Chapter 22: Given a scenario, use data sources to support an investigation
IntroductionLog DataData SourcesPacket CapturesSummaryExam Objectives 4.9Chapter Review Questions
Domain 5: Security Program Management and Oversight
Chapter 23: Summarize elements of effective security governance
IntroductionGuidelinesPoliciesSoftware Development Life CycleStandardsPassword StandardsAccess Control StandardsPhysical Security StandardsProceduresExternal ConsiderationsMonitoring and RevisionTypes of Governance StructuresRoles and Responsibilities for Systems and DataSummaryExam Objectives 5.1Chapter Review Questions
Chapter 24: Explain elements of the risk management process
IntroductionRisk IdentificationRisk AssessmentRisk AnalysisCalculating Equipment LossRisk RegisterRisk ToleranceRisk AppetiteRisk Management StrategiesRisk ReportingBusiness Impact AnalysisSummaryExam Objectives 5.2Chapter Review Questions
Chapter 25: Explain the processes associated with third-party risk assessment and management
IntroductionVendor AssessmentVendor SelectionAgreement TypesVendor MonitoringQuestionnairesRules of EngagementSummaryExam Objectives 5.3Chapter Review Questions
Chapter 26: Summarize elements of effective security compliance
IntroductionCompliance ReportingConsequences of Non-ComplianceCompliance MonitoringPrivacy – RegulationsPrivacy – DataSummaryExam Objectives 5.4Chapter Review Questions
Chapter 27: Explain types and purposes of audits and assessments
IntroductionAttestationInternalExternalPenetration TestingReconnaissanceSummaryExam Objectives 5.5Chapter Review Questions
Chapter 28: Given a scenario, implement security awareness practices
IntroductionPhishingAnomalous Behavior RecognitionUser Guidance and TrainingReporting and MonitoringEffectivenessDevelopmentExecutionSummaryExam Objectives 5.6Chapter Review Questions
Chapter 29: Accessing the online practice resources
Troubleshooting TipsPractice Resources – A Quick TourA Clean, Simple Cert Practice ExperiencePractice QuestionsFlashcardsShare Feedback
Solutions
Chapter 1: Compare and contrast various types of security controlsChapter 2: Summarize fundamental security conceptsChapter 3: Explain the importance of change management processes and the impact to securityChapter 4: Explain the importance of using appropriate cryptographic solutionsChapter 5: Compare and contrast common threat actors and motivationsChapter 6: Explain common threat vectors and attack surfacesChapter 7: Explain various types of vulnerabilitiesChapter 8: Given a scenario, analyze indicators of malicious activityChapter 9: Explain the purpose of mitigation techniques used to secure the enterpriseChapter 10: Compare and contrast security implications of different architecture modelsChapter 11: Given a scenario, apply security principles to secure enterprise infrastructureChapter 12: Compare and contrast concepts and strategies to protect dataChapter 13: Explain the importance of resilience and recovery in security architectureChapter 14: Given a scenario, apply common security techniques to computing resourcesChapter 15: Explain the security implications of proper hardware, software, and data asset managementChapter 16: Explain various activities associated with vulnerability managementChapter 17: Explain security alerting and monitoring concepts and toolsChapter 18: Given a scenario, modify enterprise capabilities to enhance securityChapter 19: Given a scenario, implement and maintain identity and access managementChapter 20: Explain the importance of automation and orchestration related to secure operationsChapter 21: Explain appropriate incident response activitiesChapter 22: Given a scenario, use data sources to support an investigationChapter 23: Summarize elements of effective security governanceChapter 24: Explain elements of the risk management processChapter 25: Explain the processes associated with third-party risk assessment and managementChapter 26: Summarize elements of effective security complianceChapter 27: Explain types and purposes of audits and assessmentsChapter 28: Given a scenario, implement security awareness practices
Appendix
IPsec Security Association (SA)Phase 1: Establishing the Secure ChannelPhase 2: Establishing the IPsec TunnelExample Scenario
Why subscribe?
Other Books You May EnjoyShare Your Thoughts
Coupon Code for CompTIA Security+ Exam Vouchers

Content preview from CompTIA® Security+® SY0-701 Certification Guide - Third Edition

Domain 5: Security Program Management and Oversight

The fifth and final domain of the CompTIA Security+ SY0-701 certification covers security program management and oversight.

You’ll get an overview of the elements of effective security governance, looking at the guidelines, policies, standards, and procedures needed for effective security governance. You will also look at the related external considerations such as regulatory bodies, the monitoring and revision of policies, and different governing structures.

This section will discuss risk identification, assessment, analysis, and tolerance along with risk management policies and reporting and conducting business impact analysis. It will also cover the security risks associated with utilizing ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

CompTIA PenTest+ PT0-002 Cert Guide, 2nd Edition

Publisher Resources

ISBN: 9781835461532

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

CompTIA® Security+® SY0-701 Certification Guide - Third Edition

by Ian Neil

Domain 5: Security Program Management and Oversight

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.