O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CompTIA Security+ Certification Study Guide, Third Edition (Exam SY0-501), 3rd Edition

Book Description

This fully updated, exam-focused study aid covers everything you need to know and shows you how to prepare for the CompTIA Security+ exam

Thoroughly revised to cover every objective on the latest version of the CompTIA Security+ exam (SY0-501), this powerful self-study resource offers more than 400 questions that accurately mirror those on the actual test. Authored by training and certification expert, Glen Clarke, the book provides in-depth explanations for both correct and incorrect answer choices.

CompTIA Security+ Certification Study Guide, Third Edition, offers three complete practice exams—one pre-assessment test and two final exams—intended to measure progress and prepare for the live test. Within the customizable test engine, questions may be organized by chapter and exam domain, allowing readers to focus on specific topics and tailor a highly effective course of study.

• Provides 100% coverage of all objectives on the CompTIA Security+ exam (SY0-501)
• Includes coverage of performance-based questions
• Electronic content includes training videos from the author, all 50 exercises from the book in a Lab Book PDF, a pre-assessment exam, 2 complete practice exams, Glossary, and a secured book PDF

Table of Contents

  1. Cover Page
  2. Title Page
  3. Copyright Page
  4. Dedication
  5. Contents at a Glance
  6. Contents
  7. Preface
  8. Acknowledgments
  9. Introduction
  10. Exam Readiness Checklist
  11. 1 Networking Basics and Terminology
    1. Understanding Network Devices and Cabling
      1. Looking at Network Devices
      2. Understanding Network Cabling
      3. Exercise 1-1: Reviewing Networking Components
    2. Understanding TCP/IP
      1. Reviewing IP Addressing
      2. Exercise 1-2: Understanding Valid Addresses
      3. Understanding TCP/IP Protocols
      4. Exercise 1-3: Viewing Protocol Information with Network Monitor
      5. Understanding Application Layer Protocols
      6. Understanding IPv6
      7. Exercise 1-4: Identifying Protocols in TCP/IP
    3. Network Security Best Practices
      1. Device Usage
      2. Cable and Protocol Usage
    4. Certification Summary
    5. ✓ Two-Minute Drill
    6. Q&A Self Test
      1. Self Test Answers
  12. 2 Introduction to Security Terminology
    1. Goals of Information Security
      1. Confidentiality
      2. Integrity
      3. Availability
      4. Accountability
      5. Exercise 2-1: CIA Scenarios
    2. Understanding Authentication and Authorization
      1. Identification and Authentication
      2. Authorization
    3. Understanding Security Principles and Terminology
      1. Types of Security
      2. Least Privilege, Separation of Duties, and Rotation of Duties
      3. Concept of Need to Know
      4. Layered Security and Diversity of Defense
      5. Due Care and Due Diligence
      6. Vulnerability and Exploit
      7. Threat Actors
    4. Looking at Security Roles
      1. System Owner and Data Owner
      2. System Administrator
      3. User
      4. Privileged User
      5. Executive User
      6. Data Roles
      7. Security Officer
      8. Exercise 2-2: Security Terminology
    5. Certification Summary
    6. ✓ Two-Minute Drill
    7. Q&A Self Test
      1. Self Test Answers
  13. 3 Security Policies and Standards
    1. Introduction to Security Policies
      1. Structure of a Policy
      2. Identifying Types of Policies
      3. Understanding Regulations and Standards
    2. General Security Policies
      1. Policies Affecting Users
      2. Policies Affecting Personnel Management
      3. Policies Affecting Administrators
      4. Exercise 3-1: Reviewing a Security Policy
      5. Policies Affecting Management
      6. Other Popular Policies
    3. Human Resources Policies
      1. Hiring Policy
      2. Termination Policy
      3. Mandatory Vacations
      4. Security-Related HR Policies
      5. Exercise 3-2: Creating a Security Policy
    4. User Education and Awareness
      1. General Training and Role-Based Training
      2. User Habits
      3. New Threats and Security Trends
      4. Use of Social Networks and P2P Programs
      5. Training Metrics and Follow-Up
      6. Exercise 3-3: Designing a Training Program
    5. Certification Summary
    6. ✓ Two-Minute Drill
    7. Q&A Self Test
      1. Self Test Answers
  14. 4 Types of Attacks
    1. Understanding Social Engineering
      1. Social Engineering Overview
      2. Popular Social Engineering Attacks
      3. Reasons for Effectiveness
      4. Preventing Social Engineering Attacks
    2. Identifying Network Attacks
      1. Popular Network Attacks
      2. Exercise 4-1: DNS Poisoning After Exploit Using Kali Linux
      3. Exercise 4-2: Performing a Port Scan
      4. Other Network Attacks
      5. Preventing Network Attacks
    3. Looking at Password Attacks
      1. Types of Password Attacks
      2. Exercise 4-3: Password Cracking with LC4
      3. Birthday Attacks, Rainbow Tables, and Known-Plaintext Attacks
      4. Online vs. Offline Attacks
      5. Other Password Attack Terms
      6. Preventing Password Attacks
    4. Understanding Application Attacks
      1. Popular Application Attacks
      2. Exercise 4-4: SQL Injection Attacks
      3. Exercise 4-5: Exploiting an IIS Web Server with Folder Traversal
      4. Other Application Attacks
      5. Preventing Application Attacks
    5. Certification Summary
    6. ✓ Two-Minute Drill
    7. Q&A Self Test
      1. Self Test Answers
  15. 5 System Security Threats
    1. Identifying Physical Threats
      1. Snooping
      2. Theft and Loss of Assets
      3. Human Error
      4. Sabotage
    2. Looking at Malicious Software
      1. Privilege Escalation
      2. Viruses
      3. Exercise 5-1: Looking at the NetBus Trojan Virus
      4. Other Malicious Software
      5. Protecting Against Malicious Software
    3. Threats Against Hardware
      1. BIOS Settings
      2. USB Devices
      3. Smart Phones and Tablets
      4. Exercise 5-2: Exploiting a Bluetooth Device
      5. Removable Storage
      6. Network Attached Storage
      7. PBX
    4. Certification Summary
    5. ✓ Two-Minute Drill
    6. Q&A Self Test
      1. Self Test Answers
  16. 6 Mitigating Security Threats
    1. Understanding Operating System Hardening
      1. Uninstall Unnecessary Software
      2. Disable Unnecessary Services
      3. Exercise 6-1: Disabling the Remote Desktop Services Service
      4. Protect Management Interfaces and Applications
      5. Disable Unnecessary Accounts
      6. Patch System
      7. Password Protection
    2. System Hardening Procedures
      1. Network Security Hardening
      2. Exercise 6-2: Hardening a Network Switch
      3. Tools for System Hardening
      4. Exercise 6-3: Creating a Security Template
      5. Security Posture and Reporting
    3. Establishing Application Security
      1. Secure Coding Concepts
      2. Secure Coding Techniques
      3. Application Hardening
    4. Server Hardening Best Practices
      1. All Servers
      2. HTTP Servers
      3. DNS Servers
      4. Exercise 6-4: Limiting DNS Zone Transfers
      5. DHCP Servers
      6. SMTP Servers and FTP Servers
      7. Mitigate Risks in Static Environments
    5. Common Security Issues and Device Output
      1. Troubleshooting Common Security Issues
      2. Analyzing and Interpreting Output from Security Technologies
      3. Exercise 6-5: Removable Media Control
      4. Frameworks and Security Guides
    6. Certification Summary
    7. ✓ Two-Minute Drill
    8. Q&A Self Test
      1. Self Test Answers
  17. 7 Implementing System Security
    1. Implementing Host-Based Firewalls and HIDS
      1. Host-Based Firewalls
      2. Exercise 7-1: Configuring TCP Wrappers in Linux
      3. Host-Based IDS and Host-Based IPS
    2. Protecting Against Malware
      1. Patch Management
      2. Using Antivirus and Anti-spam Software
      3. Spyware and Adware
      4. Phish Filters and Pop-up Blockers
      5. Exercise 7-2: Manually Testing a Web Site for Phishing
      6. Practicing Good Habits
    3. Device Security and Data Security
      1. Hardware Security
      2. Mobile Devices
      3. Data Security
      4. Exercise 7-3: Configuring Permissions in Windows 8
      5. Application Security and BYOD Concerns
      6. Secure System Design
      7. Secure Staging Deployment
    4. Understanding Virtualization and Cloud Computing
      1. Virtualization and Security
      2. Cloud Computing Overview
      3. Cloud Computing Considerations
      4. Resiliency and Automation
    5. Certification Summary
    6. ✓ Two-Minute Drill
    7. Q&A Self Test
      1. Self Test Answers
  18. 8 Securing the Network Infrastructure
    1. Understanding Firewalls
      1. Firewalls
      2. Using IPTables as a Firewall
      3. Exercise 8-1: Configuring IPTables in Linux
      4. Using Firewall Features on a Home Router
      5. NAT and Ad Hoc Networking
      6. Proxy Servers
      7. Routers and ACLs
      8. Other Security Devices and Technologies
    2. Using Intrusion Detection Systems
      1. IDS Overview
      2. Exercise 8-2: Using Snort: A Network-Based IDS
      3. Honeypots and Honeynets
      4. Protocol Analyzers
    3. Network Design and Administration Principles
      1. Subnetting and VLANs
      2. Network Switches
      3. Network Address Translation (NAT)
      4. Network Access Control (NAC)
      5. Data Loss Prevention (DLP)
      6. Mail Gateway
      7. Network Communication Encryption
      8. Network Administration Principles
      9. Security Device Placement
    4. Securing Devices
    5. Certification Summary
    6. ✓ Two-Minute Drill
    7. Q&A Self Test
      1. Self Test Answers
  19. 9 Wireless Networking and Security
    1. Understanding Wireless Networking
      1. Standards
      2. Channels
      3. Antenna Types
      4. Authentication and Encryption
    2. Securing a Wireless Network
      1. Security Best Practices
      2. Vulnerabilities with Wireless Networks
      3. Exercise 9-1: Cracking WEP with Kali Linux
      4. Perform a Site Survey
    3. Configuring a Wireless Network
      1. Configuring the Access Point
      2. Configuring the Client
    4. Other Wireless Technologies
      1. Infrared
      2. Bluetooth
      3. Near Field Communication
      4. RFID
    5. Certification Summary
    6. ✓ Two-Minute Drill
    7. Q&A Self Test
      1. Self Test Answers
  20. 10 Authentication
    1. Identifying Authentication Models
      1. Authentication Terminology
      2. Authentication Factors
      3. Single Sign-on
    2. Authentication Protocols
      1. Windows Authentication Protocols
      2. Remote Access Authentication
      3. Authentication Services
    3. Implementing Authentication
      1. User Accounts
      2. Tokens
      3. Looking at Biometrics
      4. Certificate-Based Authentication
      5. Claims-Based Authentication/Federation Services
    4. Certification Summary
    5. ✓ Two-Minute Drill
    6. Q&A Self Test
      1. Self Test Answers
  21. 11 Access Control
    1. Introducing Access Control
      1. Types of Security Controls
      2. Implicit Deny
      3. Review of Security Principles/General Concepts
    2. Access Control Models
      1. Discretionary Access Control
      2. Mandatory Access Control
      3. Role-Based Access Control
      4. Exercise 11-1: Assigning a User the sysadmin Role
      5. Rule-Based Access Control
      6. Group-Based Access Control
      7. Attribute-Based Access Control
    3. Implementing Access Control
      1. User Account Types
      2. Using Security Groups
      3. Exercise 11-2: Configuring Security Groups and Assigning Permissions
      4. Rights and Privileges
      5. Exercise 11-3: Modifying User Rights on a Windows System
      6. File System Security and Printer Security
      7. Access Control Lists (ACLs)
      8. Group Policies
      9. Exercise 11-4: Configuring Password Policies via Group Policies
      10. Database Security
      11. Exercise 11-5: Encrypting Sensitive Information in the Database
      12. Account Restrictions
      13. Account Policy Enforcement
      14. Monitoring Account Access
    4. Certification Summary
    5. ✓ Two-Minute Drill
    6. Q&A Self Test
      1. Self Test Answers
  22. 12 Introduction to Cryptography
    1. Introduction to Cryptography Services
      1. Understanding Cryptography
      2. Algorithms and Keys
      3. Exercise 12-1: Encrypting Data with the Caesar Cipher
      4. Other Cryptography Terms
    2. Symmetric Encryption
      1. Symmetric Encryption Concepts
      2. Symmetric Encryption Algorithms
      3. Exercise 12-2: Encrypting Data with the AES Algorithm
    3. Asymmetric Encryption
      1. Asymmetric Encryption Concepts
      2. Asymmetric Encryption Algorithms
      3. Quantum Cryptography
      4. In-Band vs. Out-of-Band Key Exchange
    4. Understanding Hashing
      1. Hashing Concepts
      2. Hashing Algorithms
      3. Exercise 12-3: Generating Hashes to Verify Integrity
    5. Identifying Encryption Uses
      1. Common Use Cases
      2. Encrypting Data
      3. Encrypting Communication
      4. Understanding Steganography
    6. Certification Summary
    7. ✓ Two-Minute Drill
    8. Q&A Self Test
      1. Self Test Answers
  23. 13 Managing a Public Key Infrastructure
    1. Introduction to Public Key Infrastructure
      1. Understanding PKI Terminology
      2. Certificate Authority and Registration Authority
      3. Repository
    2. Managing a Public Key Infrastructure
      1. Certificate Life Cycle
      2. Certificate Revocation Lists and OCSP
      3. Other PKI Terms
    3. Implementing a Public Key Infrastructure
      1. How SSL/TLS Works
      2. How Digital Signatures Work
      3. Creating a PKI
      4. Exercise 13-1: Installing a Certificate Authority
      5. Exercise 13-2: SSL-Enabling a Web Site
      6. Managing a PKI
    4. Certification Summary
    5. ✓ Two-Minute Drill
    6. Q&A Self Test
      1. Self Test Answers
  24. 14 Physical Security
    1. Choosing a Business Location
      1. Facility Concerns
      2. Lighting and Windows
      3. Doors, Windows, and Walls
      4. Safety Concerns
    2. Physical Access Controls
      1. Exercise 14-1: Erasing the Administrator Password with a Live DVD
      2. Fencing and Guards
      3. Hardware Locks/Lock Types
      4. Access Systems
      5. Other Security Controls
      6. Physical Access Lists and Logs
      7. Video Surveillance
    3. Implementing Environmental Controls
      1. Understanding HVAC
      2. Shielding
      3. Fire Suppression
    4. Certification Summary
    5. ✓ Two-Minute Drill
    6. Q&A Self Test
      1. Self Test Answers
  25. 15 Risk Analysis
    1. Introduction to Risk Analysis
      1. Risk Analysis Overview
      2. Risk Analysis Process
      3. Risk with Cloud Computing and Third Parties
    2. Types of Risk Analysis
      1. Qualitative
      2. Exercise 15-1: Performing a Qualitative Risk Analysis
      3. Quantitative
      4. Exercise 15-2: Performing a Quantitative Risk Analysis
    3. Risk Mitigation Strategies
      1. Exercise 15-3: Identifying Mitigation Techniques
    4. Certification Summary
    5. ✓ Two-Minute Drill
    6. Q&A Self Test
      1. Self Test Answers
  26. 16 Disaster Recovery and Business Continuity
    1. Introduction to Disaster Recovery and Business Continuity
      1. Introduction to Business Continuity
      2. Understanding Disaster Recovery
    2. Backing Up and Restoring Data (Backup Concepts)
      1. Security Considerations with Tapes
      2. Full, Incremental, and Differential Backups
      3. Scheduling Backups
      4. Backup Plan Example
      5. Exercise 16-1: Backing Up and Restoring Data on a Windows Server
      6. Geographic Considerations
    3. Implementing Fault Tolerance
      1. RAID 0
      2. RAID 1
      3. RAID 5
    4. Understanding High Availability
      1. Failover Clustering
      2. Network Load Balancing
      3. Redundant Hardware
    5. Certification Summary
    6. ✓ Two-Minute Drill
    7. Q&A Self Test
      1. Self Test Answers
  27. 17 Introduction to Computer Forensics and Incident Response
    1. Working with Evidence
      1. Types of Evidence
      2. Collecting Evidence
    2. Collecting Digital Evidence
      1. Understanding the Process
      2. Where to Find Evidence
      3. Tools Used
      4. Exercise 17-1: Using ProDiscover Basic for Forensics Analysis
      5. Exercise 17-2: Performing Cell Phone Forensics
      6. Exercise 17-3: Looking at Exif Metadata
    3. Looking at Incident Response
      1. Incident Response Team
      2. Incident Response Plan
      3. Incident Response Process
      4. First Responders
      5. Damage and Loss Control
    4. Certification Summary
    5. ✓ Two-Minute Drill
    6. Q&A Self Test
      1. Self Test Answers
  28. 18 Security Assessments and Audits
    1. Understanding Types of Assessments
      1. Assessment Types
      2. Assessment Techniques
    2. Performing a Security Assessment
      1. Performing a Penetration Test
      2. Exercise 18-1: Profiling an Organization
      3. Exercise 18-2: Using a Port Scanner
      4. Performing a Vulnerability Assessment
      5. Exercise 18-3: Performing a Vulnerability Scan with MBSA
    3. Certification Summary
    4. ✓ Two-Minute Drill
    5. Q&A Self Test
      1. Self Test Answers
  29. 19 Understanding Monitoring and Auditing
    1. Introduction to Monitoring
    2. Monitoring Tools
      1. Useful System Commands
      2. SNMP
      3. Performance Monitor
      4. Protocol Analyzer and Sniffer
      5. Exercise 19-1: Monitoring Network Traffic with Network Monitor
      6. Security Information and Event Management (SIEM)
    3. Implementing Logging and Auditing
      1. Understanding Auditing
      2. Exercise 19-2: Implementing Auditing in Windows
      3. Understanding Logging
      4. Exercise 19-3: Configuring Logging in IIS
      5. Exercise 19-4: Configuring Windows Firewall
      6. Popular Areas to Audit
    4. Certification Summary
    5. ✓ Two-Minute Drill
    6. Q&A Self Test
      1. Self Test Answers
  30. A About the Download
    1. System Requirements
    2. Total Tester Premium Practice Exam Software
      1. Installing and Running Total Tester
      2. Pre-assessment Test
    3. McGraw-Hill Professional Media Center Download
      1. Performance-Based Question Simulations
      2. Video Training from the Author
      3. Pre-assessment Exam in Total Tester: Analyzing Your Results
      4. Glossary
      5. Lab Book, Lab Solutions, and Lab Files
    4. Technical Support
      1. Total Seminars Technical Support
      2. McGraw-Hill Education Content Support
  31. Index