Book description
NoneTable of contents
- Cover
- Title Page
- Copyright Page
- Dedication
- Contents
- Preface
- Acknowledgments
- Introduction
- Objective Map: Exam SY0-501
- Part I Threats, Attacks, and Vulnerabilities
- Chapter 1 Malware and Indicators of Compromise
- Malware
- Polymorphic Malware
- Viruses
- Crypto-malware
- Ransomware
- Worm
- Trojan
- Rootkit
- Keylogger
- Adware
- Spyware
- Bots
- RAT
- Logic Bomb
- Backdoor
- Indicators of Compromise
- Chapter Review
- Questions
- Answers
- Chapter 2 Attacks
- Social Engineering Methods
- Phishing
- Spear Phishing
- Whaling
- Vishing
- Tailgating
- Impersonation
- Dumpster Diving
- Shoulder Surfing
- Hoax
- Watering Hole Attack
- Social Engineering Principles
- Application/Service Attacks
- DoS
- DDoS
- Man-in-the-Middle
- Buffer Overflow
- Injection
- Cross-Site Scripting
- Cross-Site Request Forgery
- Privilege Escalation
- ARP Poisoning
- Amplification
- DNS Poisoning
- Domain Hijacking
- Man-in-the-Browser
- Zero Day
- Replay
- Pass the Hash
- Hijacking and Related Attacks
- Driver Manipulation
- Spoofing
- MAC Spoofing
- IP Address Spoofing
- Wireless Attacks
- Replay
- IV
- Evil Twin
- Rogue AP
- Jamming
- WPS
- Bluejacking
- Bluesnarfing
- RFID
- NFC
- Disassociation
- Cryptographic Attacks
- Birthday
- Known Plaintext/Ciphertext
- Password Attacks
- Rainbow Tables
- Dictionary
- Brute Force
- Hybrid Attack
- Collision
- Downgrade
- Replay
- Weak Implementations
- Chapter Review
- Questions
- Answers
- Chapter 3 Threat Actors
- Types of Actors
- Script Kiddies
- Hacktivists
- Organized Crime
- Nation States/APT
- Insiders
- Competitors
- Attributes of Actors
- Internal/External
- Level of Sophistication
- Resources/Funding
- Intent/Motivation
- Use of Open Source Intelligence
- Chapter Review
- Questions
- Answers
- Chapter 4 Vulnerability Scanning and Penetration Testing
- Penetration Testing Concepts
- Active Reconnaissance
- Passive Reconnaissance
- Pivot
- Initial Exploitation
- Persistence
- Escalation of Privilege
- Black Box
- White Box
- Gray Box
- Pen Testing vs. Vulnerability Scanning
- Vulnerability Scanning Concepts
- Passively Test Security Controls
- Identify Vulnerability
- Identify Lack of Security Controls
- Identify Common Misconfigurations
- Intrusive vs. Non-intrusive
- Credentialed vs. Non-credentialed
- False Positive
- Chapter Review
- Questions
- Answers
- Chapter 5 Vulnerabilities and Impacts
- Race Conditions
- System Vulnerabilities
- End-of-Life Systems
- Embedded Systems
- Lack of Vendor Support
- Improper Input Handling
- Improper Error Handling
- Misconfiguration/Weak Configuration
- Default Configuration
- Resource Exhaustion
- Untrained Users
- Improperly Configured Accounts
- Vulnerable Business Processes
- Weak Cipher Suites and Implementations
- Memory/Buffer Vulnerability
- Memory Leak
- Integer Overflow
- Buffer Overflow
- Pointer Dereference
- DLL Injection
- System Sprawl/Undocumented Assets
- Architecture/Design Weaknesses
- New Threats/Zero Day
- Improper Certificate and Key Management
- Chapter Review
- Questions
- Answers
- Part II Technologies and Tools
- Chapter 6 Network Components
- Firewall
- How Do Firewalls Work?
- Firewall Rules
- ACL
- Application-Based vs. Network-Based
- Stateful vs. Stateless
- Implicit Deny
- Secure Network Administration Principles
- Rule-Based Management
- VPN Concentrator
- Remote Access vs. Site-to-Site
- IPSec
- Split Tunnel vs. Full Tunnel
- TLS
- Always-on VPN
- NIPS/NIDS
- Signature-Based
- Heuristic/Behavioral
- Anomaly
- Inline vs. Passive
- In-Band vs. Out-of-Band
- Rules
- Analytics
- Router
- ACLs
- Antispoofing
- Switch
- Port Security
- Layer 2 vs. Layer 3
- Loop Prevention
- Flood Guard
- Proxy
- Forward and Reverse Proxy
- Transparent
- Application/Multipurpose
- Load Balancer
- Scheduling
- Active-Passive
- Active-Active
- Virtual IPs
- Access Point
- SSID
- MAC Filtering
- Signal Strength
- Band Selection/Width
- Antenna Types and Placement
- Fat vs. Thin
- Controller-Based vs. Standalone
- SIEM
- Aggregation
- Correlation
- Automated Alerting and Triggers
- Time Synchronization
- Event Deduplication
- Logs/WORM
- DLP
- USB Blocking
- Cloud-Based
- NAC
- Dissolvable vs. Permanent
- Host Health Checks
- Agent vs. Agentless
- Mail Gateway
- Spam Filter
- DLP
- Encryption
- Bridge
- SSL/TLS Accelerators
- SSL Decryptors
- Media Gateway
- Hardware Security Module
- Chapter Review
- Questions
- Answers
- Chapter 7 Security Tools and Technologies
- Protocol Analyzer
- Switched Port Analyzer
- Network Scanners
- Rogue System Detection
- Network Mapping
- Wireless Scanners/Cracker
- Password Cracker
- Vulnerability Scanner
- Configuration Compliance Scanner
- Exploitation Frameworks
- Data Sanitization Tools
- Steganography Tools
- Honeypot
- Backup Utilities
- Banner Grabbing
- Passive vs. Active
- Command-Line Tools
- ping
- netstat
- tracert
- nslookup/dig
- arp
- ipconfig/ip/ifconfig
- tcpdump
- nmap
- netcat
- Security Technologies
- HIDS/HIPS
- Antivirus
- File Integrity Check
- Host-Based Firewall
- Application Whitelisting
- Removable Media Control
- Advanced Malware Tools
- Patch Management Tools
- UTM
- DLP
- Data Execution Prevention
- Web Application Firewall
- Chapter Review
- Questions
- Answers
- Chapter 8 Troubleshooting Common Security Issues
- Unencrypted Credentials/Clear Text
- Logs and Events Anomalies
- Permission Issues
- Access Violations
- Certificate Issues
- Data Exfiltration
- Misconfigured Devices
- Firewall
- Content Filter
- Access Points
- Weak Security Configurations
- Personnel Issues
- Policy Violation
- Insider Threat
- Social Engineering
- Social Media
- Personal E-mail
- Unauthorized Software
- Baseline Deviation
- License Compliance Violation (Availability/Integrity)
- Asset Management
- Authentication Issues
- Chapter Review
- Questions
- Answers
- Chapter 9 Mobile Devices
- Connection Methods
- Cellular
- Wi-Fi
- SATCOM
- Bluetooth
- NFC
- ANT
- Infrared
- USB
- Mobile Device Management Concepts
- Application Management
- Content Management
- Remote Wipe
- Geofencing
- Geolocation
- Screen Locks
- Push Notification Services
- Passwords and Pins
- Biometrics
- Context-Aware Authentication
- Containerization
- Storage Segmentation
- Full Device Encryption
- Enforcement and Monitoring
- Third-Party App Stores
- Rooting/Jailbreaking
- Sideloading
- Custom Firmware
- Carrier Unlocking
- Firmware OTA Updates
- Camera Use
- SMS/MMS
- External Media
- USB OTG
- Recording Microphone
- GPS Tagging
- Wi-Fi Direct/Ad Hoc
- Tethering
- Payment Methods
- Deployment Models
- BYOD
- CYOD
- COPE
- Corporate-Owned
- VDI
- Chapter Review
- Questions
- Answers
- Chapter 10 Implementing Secure Protocols
- Secure Protocols
- DNSSEC
- SSH
- S/MIME
- SRTP
- LDAPS
- FTPS
- SFTP
- SNMPv3
- SSL/TLS
- HTTPS
- Secure POP/IMAP
- Use Cases
- Voice and Video
- Time Synchronization
- E-mail and Web
- File Transfer
- Directory Services
- Remote Access
- Domain Name Resolution
- Routing and Switching
- Network Address Allocation
- Subscription Services
- Chapter Review
- Questions
- Answers
- Part III Architecture and Design
- Chapter 11 Architecture Frameworks and Secure Network Architectures
- Industry-Standard Frameworks and Reference Architectures
- Regulatory
- Non-regulatory
- National vs. International
- Industry-Specific Frameworks
- Benchmarks/Secure Configuration Guides
- Platform/Vendor-Specific Guides
- General Purpose Guides
- Defense-in-Depth/Layered Security
- Vendor Diversity
- Control Diversity
- User Training
- Zones/Topologies
- DMZ
- Extranet
- Intranet
- Wireless
- Guest
- Honeynets
- NAT
- Ad Hoc
- Segregation/Segmentation/Isolation
- Physical
- Logical (VLAN)
- Virtualization
- Air Gaps
- Tunneling/VPN
- Site-to-Site
- Remote Access
- Security Device/Technology Placement
- Sensors
- Collectors
- Correlation Engines
- Filters
- Proxies
- Firewalls
- VPN Concentrators
- SSL Accelerators
- Load Balancers
- DDoS Mitigator
- Aggregation Switches
- Taps and Port Mirror
- SDN
- Chapter Review
- Questions
- Answers
- Chapter 12 Secure Systems Design and Deployment
- Hardware/Firmware Security
- FDE/SED
- TPM
- HSM
- UEFI/BIOS
- Secure Boot and Attestation
- Supply Chain
- Hardware Root of Trust
- EMI/EMP
- Operating Systems
- Types
- Patch Management
- Disabling Unnecessary Ports and Services
- Least Functionality
- Secure Configurations
- Trusted Operating System
- Application Whitelisting/Blacklisting
- Disable Default Accounts/Passwords
- Peripherals
- Wireless Keyboards
- Wireless Mice
- Displays
- Wi-Fi-Enabled MicroSD Cards
- Printers/MFDs
- External Storage Devices
- Digital Cameras
- Sandboxing
- Environment
- Development
- Test
- Staging
- Production
- Secure Baseline
- Integrity Measurement
- Chapter Review
- Questions
- Answers
- Chapter 13 Embedded Systems
- SCADA/ICS
- Smart Devices/IoT
- Wearable Technology
- Home Automation
- HVAC
- SoC
- RTOS
- Printers/MFDs
- Camera Systems
- Special Purpose
- Medical Devices
- Vehicles
- Aircraft/UAV
- Chapter Review
- Questions
- Answers
- Chapter 14 Application Development and Deployment
- Development Lifecycle Models
- Waterfall vs. Agile
- Secure DevOps
- Security Automation
- Continuous Integration
- Baselining
- Immutable Systems
- Infrastructure as Code
- Version Control and Change Management
- Provisioning and Deprovisioning
- Secure Coding Techniques
- Proper Error Handling
- Proper Input Validation
- Normalization
- Stored Procedures
- Code Signing
- Encryption
- Obfuscation/Camouflage
- Code Reuse/Dead Code
- Server-Side vs. Client-Side Execution and Validation
- Memory Management
- Use of Third-Party Libraries and SDKs
- Data Exposure
- Code Quality and Testing
- Static Code Analyzers
- Dynamic Analysis (e.g., Fuzzing)
- Stress Testing
- Sandboxing
- Model Verification
- Compiled vs. Runtime Code
- Chapter Review
- Questions
- Answers
- Chapter 15 Cloud and Virtualization
- Hypervisor
- Type I
- Type II
- Application Cells/Containers
- VM Sprawl Avoidance
- VM Escape Protection
- Cloud Storage
- Cloud Deployment Models
- SaaS
- PaaS
- IaaS
- Private
- Public
- Hybrid
- Community
- On-Premise vs. Hosted vs. Cloud
- VDI/VDE
- Cloud Access Security Broker
- Security as a Service
- Chapter Review
- Questions
- Answers
- Chapter 16 Resiliency and Automation Strategies
- Automation/Scripting
- Automated Courses of Action
- Continuous Monitoring
- Configuration Validation
- Templates
- Master Image
- Non-persistence
- Snapshots
- Revert to Known State
- Rollback to Known Configuration
- Live Boot Media
- Elasticity
- Scalability
- Distributive Allocation
- Redundancy
- Fault Tolerance
- High Availability
- RAID
- Chapter Review
- Questions
- Answers
- Chapter 17 Physical Security Controls
- Lighting
- Signs
- Fencing/Gate/Cage
- Security Guards
- Alarms
- Safe
- Secure Cabinets/Enclosures
- Protected Distribution/Protected Cabling
- Airgap
- Mantrap
- Faraday Cages
- Lock Types
- Biometrics
- Barricades/Bollards
- Tokens/Cards
- Environmental Controls
- HVAC
- Hot and Cold Aisles
- Fire Suppression
- Cable Locks
- Screen Filters
- Cameras
- Motion Detection
- Logs
- Infrared Detection
- Key Management
- Chapter Review
- Questions
- Answers
- Part IV Identity and Access Management
- Chapter 18 Identity, Access, and Accounts
- Identification, Authentication, Authorization, and Accounting (AAA)
- Multifactor Authentication
- Something You Are
- Something You Have
- Something You Know
- Something You Do
- Somewhere You Are
- Federation
- Single Sign-on
- Transitive Trust
- Account Types
- User Account
- Shared and Generic Accounts/Credentials
- Guest Accounts
- Service Accounts
- Privileged Accounts
- General Concepts
- Least Privilege
- Onboarding/Offboarding
- Permission Auditing and Review
- Usage Auditing and Review
- Time-of-Day Restrictions
- Recertification
- Standard Naming Convention
- Account Maintenance
- Group-Based Access Control
- Location-Based Policies
- Account Policy Enforcement
- Credential Management
- Group Policy
- Password Complexity
- Expiration
- Recovery
- Disablement
- Lockout
- Password History
- Password Reuse
- Password Length
- Chapter Review
- Questions
- Answers
- Chapter 19 Identity and Access Services
- LDAP
- Kerberos
- TACACS+
- TACACS+ Authentication
- TACACS+ Authorization
- TACACS+ Accounting
- CHAP
- PAP
- MSCHAP
- RADIUS
- SAML
- OpenID Connect
- OAUTH
- Shibboleth
- Secure Token
- NTLM
- Chapter Review
- Questions
- Answers
- Chapter 20 Identity and Access Management Controls
- Access Control Models
- MAC
- DAC
- ABAC
- Role-Based Access Control
- Rule-Based Access Control
- Physical Access Control
- Proximity Cards
- Smart Cards
- Biometric Factors
- Fingerprint Scanner
- Retinal Scanner
- Iris Scanner
- Voice Recognition
- Facial Recognition
- False Positives and False Negatives
- False Acceptance Rate
- False Rejection Rate
- Crossover Error Rate
- Biometrics Calculation Example
- Tokens
- Hardware
- Software
- HOTP/TOTP
- Certificate-Based Authentication
- PIV/CAC/Smart Card
- IEEE 802.1x
- File System Security
- Database Security
- Chapter Review
- Questions
- Answers
- Part V Risk Management
- Chapter 21 Policies, Plans, and Procedures
- Standard Operating Procedure
- Agreement Types
- BPA
- SLA
- ISA
- MOU/MOA
- Personnel Management
- Mandatory Vacations
- Job Rotation
- Separation of Duties
- Clean Desk
- Background Checks
- Exit Interviews
- Role-Based Awareness Training
- NDA
- Onboarding
- Continuing Education
- Acceptable Use Policy/Rules of Behavior
- Adverse Actions
- General Security Policies
- Social Media Networks/Applications
- Personal E-mail
- Chapter Review
- Questions
- Answers
- Chapter 22 Risk Management and Business Impact Analysis
- Business Impact Analysis Concepts
- RTO/RPO
- MTBF
- MTTR
- Mission-Essential Functions
- Identification of Critical Systems
- Single Point of Failure
- Impact
- Privacy Impact Assessment
- Privacy Threshold Assessment
- Risk Management Concepts
- Threat Assessment
- Risk Assessment
- Change Management
- Security Controls
- Deterrent
- Preventive
- Detective
- Corrective
- Compensating
- Technical
- Administrative
- Physical
- Chapter Review
- Questions
- Answers
- Chapter 23 Incident Response, Disaster Recovery, and Continuity of Operations
- Incident Response Plan
- Documented Incident Types/Category Definitions
- Roles and Responsibilities
- Reporting Requirements/Escalation
- Cyber-Incident Response Teams
- Exercise
- Incident Response Process
- Preparation
- Identification
- Containment
- Eradication
- Recovery
- Lessons Learned
- Disaster Recovery
- Recovery Sites
- Hot Sites
- Warm Sites
- Cold Sites
- Order of Restoration
- Backup Concepts
- Differential
- Incremental
- Snapshots
- Full
- Geographic Considerations
- Off-Site Backups
- Distance
- Location Selection
- Legal Implications
- Data Sovereignty
- Continuity of Operation Planning
- Exercises/Tabletop
- After-Action Reports
- Failover
- Alternate Processing Sites
- Alternate Business Practices
- Chapter Review
- Questions
- Answers
- Chapter 24 Digital Forensics
- Order of Volatility
- Chain of Custody
- Legal Hold
- Data Acquisition
- Standards for Evidence
- Types of Evidence
- Three Rules Regarding Evidence
- Capture System Image
- Network Traffic and Logs
- Capture Video
- Record Time Offset
- Take Hashes
- Screenshots
- Witness Interviews
- Preservation
- Recovery
- Strategic Intelligence/Counterintelligence Gathering
- Active Logging
- Track Man-Hours
- Chapter Review
- Questions
- Answers
- Chapter 25 Data Security and Privacy Practices
- Data Destruction and Media Sanitization
- Burning
- Shredding
- Pulping
- Pulverizing
- Degaussing
- Purging
- Wiping
- Data Sensitivity Labeling and Handling
- Confidential
- Private
- Public
- Proprietary
- PII
- PHI
- Data Roles
- Owner
- Steward/Custodian
- Privacy Officer
- Data Retention
- Legal and Compliance
- Chapter Review
- Questions
- Answers
- Part VI Cryptography and Public Key Infrastructure
- Chapter 26 Cryptographic Concepts
- General Cryptographic Concepts
- Fundamental Methods
- Symmetric Algorithms
- Modes of Operation
- Asymmetric Algorithms
- Symmetric vs. Asymmetric
- Hashing
- Salt, IV, Nonce
- Elliptic Curve
- Weak/Deprecated Algorithms
- Key Exchange
- Cryptographic Objectives
- Digital Signatures
- Diffusion
- Confusion
- Collision
- Steganography
- Obfuscation
- Stream vs. Block
- Key Strength
- Session Keys
- Ephemeral Key
- Secret Algorithm
- Data-in-Transit
- Data-at-Rest
- Data-in-Use
- Random/Pseudo-Random Number Generation
- Key Stretching
- Implementation vs. Algorithm Selection
- Perfect Forward Secrecy
- Security Through Obscurity
- Common Use Cases
- Chapter Review
- Questions
- Answers
- Chapter 27 Cryptographic Algorithms
- Symmetric Algorithms
- DES
- 3DES
- AES
- RC4
- Blowfish/Twofish
- Cipher Modes
- CBC
- GCM
- ECB
- CTM/CTR
- Stream vs. Block
- Asymmetric Algorithms
- RSA
- DSA
- Diffie-Hellman
- Elliptic Curve
- PGP/GPG
- Hashing Algorithms
- MD5
- SHA
- HMAC
- RIPEMD
- Key Stretching Algorithms
- BCRYPT
- PBKDF2
- Obfuscation
- XOR
- ROT13
- Substitution Ciphers
- Chapter Review
- Questions
- Answers
- Chapter 28 Wireless Security
- Cryptographic Protocols
- WEP
- WPA
- WPA2
- CCMP
- TKIP
- Authentication Protocols
- EAP
- PEAP
- EAP-FAST
- EAP-TLS
- EAP-TTLS
- IEEE 802.1X
- RADIUS Federation
- Methods
- PSK vs. Enterprise vs. Open
- WPS
- Setting Up WPA2
- Captive Portals
- Chapter Review
- Questions
- Answers
- Chapter 29 Public Key Infrastructure
- PKI Components
- Certificate Authority
- Intermediate CA
- Revocation
- Suspension
- CSR
- Certificate
- Public Key
- Private Key
- Object Identifiers
- PKI Concepts
- Online vs. Offline CA
- Stapling
- Pinning
- Trust Model
- Key Escrow
- Certificate Chaining
- Types of Certificates
- Wildcard
- SAN
- Code Signing
- Self-Signed
- Machine/Computer
- User
- Root
- Domain Validation
- Extended Validation
- Certificate Formats
- DER
- PEM
- CER
- KEY
- PFX
- P12
- P7B
- Chapter Review
- Questions
- Answers
- Part VII Appendixes and Glossary
- Appendix A OSI Model and Internet Protocols
- Networking Frameworks and Protocols
- OSI Model
- Application Layer
- Presentation Layer
- Session Layer
- Transport Layer
- Network Layer
- Data Link Layer
- Physical Layer
- Internet Protocols
- TCP
- UDP
- IP
- Message Encapsulation
- Review
- Appendix B About the Download
- System Requirements
- Installing and Running Total Tester
- About Total Tester
- Technical Support
- Glossary
- Index
Product information
- Title: CompTIA Security+ All-in-One Exam Guide, Fifth Edition (Exam SY0-501), 5th Edition
- Author(s):
- Release date:
- Publisher(s): McGraw-Hill
- ISBN: None
You might also like
book
CompTIA Network+ All-In-One Exam Guide, 5th Edition (Exam N10-005), 5th Edition
Prepare for CompTIA Network+ Exam N10-005 with McGraw-Hill—a Gold-Level CompTIA Authorized Partner offering Authorized CompTIA Approved …
book
CompTIA Security+ Certification Practice Exams, Fourth Edition (Exam SY0-601), 4th Edition
This up-to-date study aid contains hundreds of accurate practice questions and detailed answer explanations CompTIA Security+™ …
book
CompTIA Security+ Study Guide, 7th Edition
Expert preparation covering 100% of Security+ exam SY0-501 objectives CompTIA Security+ Study Guide, Seventh Edition offers …
book
Mike Meyers CompTIA Security+ Certification Passport (Exam SY0-601), 6th Edition
Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, …