CompTIA Security+ Certification Study Guide, Fourth Edition (Exam SY0-601), 4th Edition

CompTIA Security+ Certification Study Guide, Fourth Edition (Exam SY0-601), 4th Edition

by Glen E. Clarke
Released September 2021
Publisher(s): McGraw-Hill
ISBN: 9781260467949

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

This fully updated self-study guide offers 100% coverage of every objective on the CompTIA Security+ exam

With hundreds of practice exam questions, including difficult performance-based questions, CompTIA Security+™ Certification Study Guide, Fourth Edition covers what you need to know—and shows you how to prepare—for this challenging exam.

  • 100% complete coverage of all official objectives for exam SY0-601
  • Exam Watch notes call attention to information about, and potential pitfalls in, the exam
  • Inside the Exam sections in every chapter highlight key exam topics covered
  • Two-Minute Drills for quick review at the end of every chapter
  • Simulated exam questions—including performance-based questions—match the format, topics, and difficulty of the real exam
Covers all exam topics, including:
    Networking Basics and Terminology • Security Terminology • Security Policies and Standards • Types of Attacks • Vulnerabilities and Threats • Mitigating Security Threats • Implementing Host-Based Security • Securing the Network Infrastructure • Wireless Networking and Security • Authentication • Authorization and Access Control • Cryptography • Managing a Public Key Infrastructure • Physical Security • Application Attacks and Security • Virtualization and Cloud Security • Risk Analysis • Disaster Recovery and Business Continuity • Monitoring and Auditing • Security Assessments and Audits • Incident Response and Computer Forensics
Online Content Includes:
  • 50+ lab exercises and solutions in PDF format
  • Complete practice exams and quizzes customizable by domain or chapter
  • 4+ hours of video training from the author
  • 12+ performance-based question simulations
  • Glossary and Exam Readiness Checklist in PDF format

Table of contents

  1. Cover
  2. Title Page
  3. Copyright Page
  4. Dedication
  5. About the Author
  6. Contents at a Glance
  7. Contents
  8. Preface
  9. Acknowledgments
  10. Introduction
  11. 1 Networking Basics and Terminology
    1. Understanding Network Devices and Cabling
      1. Looking at Network Devices
      2. Understanding Network Cabling
      3. Exercise 1-1: Reviewing Networking Components
    2. Understanding TCP/IP
      1. Reviewing IP Addressing
      2. Exercise 1-2: Understanding Valid Addresses
      3. Understanding TCP/IP Protocols
      4. Exercise 1-3: Viewing Protocol Information with Wireshark
      5. Understanding Application Layer Protocols
      6. Understanding IPv6
      7. Exercise 1-4: Identifying Protocols in TCP/IP
    3. Network Security Best Practices
      1. Device Usage
      2. Cable and Protocol Usage
    4. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  12. 2 Introduction to Security Terminology
    1. Goals of Information Security
      1. Confidentiality
      2. Integrity
      3. Availability
      4. Accountability
      5. Exercise 2-1: CIA Scenarios
    2. Understanding Authentication and Authorization
      1. Identification and Authentication
      2. Authorization
    3. Understanding Security Principles and Terminology
      1. Types of Security
      2. Least Privilege, Separation of Duties, and Rotation of Duties
      3. Concept of Need to Know
      4. Layered Security and Diversity of Defense
      5. Due Care and Due Diligence
      6. Vulnerability and Exploit
      7. Threat Actors
      8. Threat Vectors
      9. Threat Intelligence Sources
      10. Research Sources
    4. Looking at Security Roles and Responsibilities
      1. System Owner and Data Owner
      2. Data Controller and Data Processor
      3. System Administrator
      4. User
      5. Privileged User
      6. Executive User
      7. Data Roles and Responsibilities
      8. Security Officer
      9. Exercise 2-2: Security Terminology
    5. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  13. 3 Security Policies and Standards
    1. Introduction to Security Policies
      1. Structure of a Policy
      2. Identifying Types of Policies
    2. General Security Policies
      1. Policies Affecting Users
      2. Policies Affecting Personnel Management
      3. Policies Affecting Administrators
      4. Exercise 3-1: Reviewing a Security Policy
      5. Policies Affecting Management
      6. Other Popular Policies
    3. Human Resources Policies
      1. Hiring Policy
      2. Termination Policy
      3. Mandatory Vacations
      4. Security-Related HR Policies
      5. Exercise 3-2: Creating a Security Policy
    4. User Education and Awareness
      1. General Training and Role-Based Training
      2. User Habits
      3. New Threats and Security Trends
      4. Use of Social Networks and P2P Programs
      5. Training Metrics and Follow-Up
      6. Exercise 3-3: Designing a Training Program
      7. Importance of Policies to Organization Security
      8. Privacy and Sensitive Data Concepts
    5. Regulations and Standards
      1. Regulations, Standards, and Legislation
      2. Frameworks and Security Guides
      3. Benchmark/Secure Configuration Guides
    6. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  14. 4 Types of Attacks
    1. Understanding Social Engineering
      1. Social Engineering Overview
      2. Popular Social Engineering Attacks
      3. Physical Attacks
      4. Adversarial Artificial Intelligence
      5. Supply-Chain Attacks
      6. Cloud-Based vs. On-Premises Attacks
      7. Reasons for Effectiveness
      8. Preventing Social Engineering Attacks
    2. Identifying Network Attacks
      1. Popular Network Attacks
      2. Exercise 4-1: DNS Poisoning After Exploit Using Kali Linux
      3. Exercise 4-2: Performing a Port Scan
      4. Other Network Attacks
      5. Malicious Code or Script Execution
      6. Preventing Network Attacks
    3. Looking at Password Attacks
      1. Types of Password Attacks
      2. Cryptographic Attacks and Concepts
      3. Online vs. Offline Attacks
      4. Other Password Attack Terms
      5. Preventing Password Attacks
      6. Certification Summary
      7. Two-Minute Drill
      8. Q&A Self Test
      9. Self Test Answers
  15. 5 Vulnerabilities and Threats
    1. Security Concerns with Vulnerabilities
      1. Reasons for Vulnerable Systems
      2. Understanding the Impact of Vulnerabilities
      3. Common Security Issues and Device Output
      4. Exercise 5-1: Removable Media Control
      5. Cloud-Based vs. On-Premises Vulnerabilities
    2. Identifying Physical Threats
      1. Snooping
      2. Theft and Loss of Assets
      3. Human Error
      4. Sabotage
    3. Looking at Malicious Software
      1. Privilege Escalation
      2. Viruses
      3. Other Malicious Software
      4. Protecting Against Malicious Software
    4. Threats Against Hardware
      1. BIOS Settings
      2. USB Devices
      3. Smart Phones and Tablets
      4. Exercise 5-2: Exploiting a Bluetooth Device
      5. Removable Storage
      6. Network Attached Storage
      7. PBX
      8. Security Risks with Embedded and Specialized Systems
    5. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  16. 6 Mitigating Security Threats
    1. Understanding Operating System Hardening
      1. Uninstall Unnecessary Software
      2. Disable Unnecessary Services
      3. Exercise 6-1: Disabling the Remote Desktop Services Service
      4. Protect Management Interfaces and Applications
      5. Disable Unnecessary Accounts
      6. Patch Management
      7. Password Protection
      8. Registry Hardening
      9. Disk Encryption
    2. System Hardening Procedures
      1. Network Security Hardening
      2. Exercise 6-2: Hardening a Network Switch
      3. Tools for System Hardening
      4. Exercise 6-3: Creating a Security Template
      5. Security Posture and Reporting
    3. Server Hardening Best Practices
      1. All Servers
      2. HTTP Servers
      3. DNS Servers
      4. Exercise 6-4: Limiting DNS Zone Transfers
      5. DHCP Servers
      6. SMTP Servers and FTP Servers
      7. Common Mitigation Strategies
    4. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  17. 7 Implementing Host-Based Security
    1. Host and Application Security Solutions
      1. Endpoint Protection
      2. Boot Integrity
      3. Database
    2. Implementing Host-Based Firewalls and HIDS
      1. Host-Based Firewalls
      2. Exercise 7-1: Configuring TCP Wrappers in Linux
      3. Host-Based IDS and Host-Based IPS
    3. Protecting Against Malware
      1. Patch Management
      2. Using Antivirus and Anti-Spam Software
      3. Spyware and Adware
      4. Phish Filters and Pop-Up Blockers
      5. Exercise 7-2: Manually Testing a Web Site for Phishing
      6. Practicing Good Habits
    4. Device Security and Data Security
      1. Hardware Security
      2. Mobile Device Security
      3. Data Security
      4. Exercise 7-3: Configuring Permissions in Windows 10
      5. Application Security and BYOD Concerns
      6. Secure System Design
      7. Secure Staging Deployment
    5. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  18. 8 Securing the Network Infrastructure
    1. Understanding Firewalls
      1. Firewalls
      2. Using IPTables as a Firewall
      3. Exercise 8-1: Configuring IPTables in Linux
      4. Using Firewall Features on a Home Router
      5. NAT and Ad Hoc Networking
      6. Proxy Servers
      7. Routers and ACLs
      8. Other Security Devices and Technologies
    2. Using Intrusion Detection Systems
      1. IDS Overview
      2. Exercise 8-2: Using Snort: A Network-Based IDS
      3. Deception and Disruption
      4. Protocol Analyzers
    3. Network Design and Administration Principles
      1. Network Segmentation
      2. Network Switches
      3. Network Address Translation
      4. Network Access Control
      5. Data Protection
      6. Data Sovereignty
      7. Mail Gateway
      8. Network Communication Encryption
      9. API Considerations
      10. Network Administration Principles
      11. Business Connectivity Considerations
      12. Placement of Security Devices and Network Appliances
      13. Configuration Management
    4. Securing Devices
    5. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  19. 9 Wireless Networking and Security
    1. Understanding Wireless Networking
      1. Standards
      2. Channels
      3. Antenna Types
      4. Authentication and Encryption
    2. Securing a Wireless Network
      1. Security Best Practices
      2. Vulnerabilities with Wireless Networks
      3. Exercise 9-1: Cracking WEP with Kali Linux
      4. Installation Considerations
    3. Configuring a Wireless Network
      1. Configuring the Access Point
      2. Configuring the Client
    4. Other Wireless Technologies
      1. Infrared
      2. Bluetooth
      3. Near Field Communication
      4. RFID
    5. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  20. 10 Authentication
    1. Identifying Authentication Models
      1. Authentication Terminology
      2. Authentication Methods and Technologies
      3. Multifactor Authentication Factors and Attributes
      4. Exercise 10-1: Configuring MFA in Outlook Web Mail
      5. Authentication Management
      6. Single Sign-On
      7. Cloud vs. On-Premises Requirements
    2. Authentication Protocols
      1. Windows Authentication Protocols
      2. Common Authentication Protocols
      3. Authentication Services
    3. Implementing Authentication
      1. User Accounts
      2. Tokens
      3. Looking at Biometrics
      4. Certificate-Based Authentication
      5. Claims-Based Authentication/Federation Services
    4. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  21. 11 Authorization and Access Control
    1. Introducing Access Control
      1. Types of Security Controls
      2. Implicit Deny
      3. Review of Security Principles/General Concepts
    2. Access Control Schemes
      1. Discretionary Access Control
      2. Mandatory Access Control
      3. Role-Based Access Control
      4. Exercise 11-1: Assigning a User the sysadmin Role
      5. Rule-Based Access Control
      6. Group-Based Access Control
      7. Attribute-Based Access Control
      8. Other Access Control Tools
    3. Implementing Access Control
      1. Identities
      2. Account Types
      3. Using Security Groups
      4. Exercise 11-2: Configuring Security Groups and Assigning Permissions
      5. Rights and Privileges
      6. Exercise 11-3: Modifying User Rights on a Windows System
      7. File System Security and Printer Security
      8. Access Control Lists
      9. Group Policies
      10. Exercise 11-4: Configuring Password Policies via Group Policies
      11. Database Security
      12. Exercise 11-5: Encrypting Sensitive Information in the Database
      13. Account Restrictions
      14. Account Policy Enforcement
      15. Monitoring Account Access
    4. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  22. 12 Introduction to Cryptography
    1. Introduction to Cryptography Services
      1. Understanding Cryptography
      2. Algorithms and Keys
      3. Exercise 12-1: Encrypting Data with the Caesar Cipher
      4. Other Cryptography Terms
    2. Symmetric Encryption
      1. Symmetric Encryption Concepts
      2. Symmetric Encryption Algorithms
      3. Exercise 12-2: Encrypting Data with the AES Algorithm
    3. Asymmetric Encryption
      1. Asymmetric Encryption Concepts
      2. Asymmetric Encryption Algorithms
      3. Quantum Cryptography
      4. In-Band vs. Out-of-Band Key Exchange
    4. Understanding Hashing
      1. Hashing Concepts
      2. Hashing Algorithms
      3. Exercise 12-3: Generating Hashes to Verify Integrity
    5. Identifying Encryption Uses
      1. Common Use Cases
      2. Understanding Limitations
      3. Encrypting Data
      4. Encrypting Communication
      5. Understanding Steganography
    6. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  23. 13 Managing a Public Key Infrastructure
    1. Introduction to Public Key Infrastructure
      1. Understanding PKI Terminology
      2. Certificate Authority and Registration Authority
      3. Repository
    2. Managing a Public Key Infrastructure
      1. Certificate Life Cycle
      2. Certificate Revocation Lists and OCSP
      3. Other PKI Terms
    3. Implementing a Public Key Infrastructure
      1. How SSL/TLS Works
      2. How Digital Signatures Work
      3. Creating a PKI
      4. Exercise 13-1: Installing a Certificate Authority
      5. Exercise 13-2: SSL-Enabling a Web Site
      6. Managing a PKI
    4. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  24. 14 Physical Security
    1. Choosing a Business Location
      1. Facility Concerns
      2. Lighting and Windows
      3. Doors, Windows, and Walls
      4. Safety Concerns
    2. Physical Access Controls
      1. Exercise 14-1: Gaining Access to a System with No Physical Security
      2. Fencing and Personnel
      3. Hardware Locks/Lock Types
      4. Access Systems
      5. Other Physical Security Controls
      6. Physical Access Lists and Logs
      7. Video Surveillance
      8. Types of Sensors
    3. Implementing Environmental Controls
      1. Understanding HVAC
      2. Shielding
      3. Fire Suppression
    4. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  25. 15 Application Attacks and Security
    1. Understanding Application Attacks
      1. Directory Traversal
      2. Exercise 15-1: Exploiting an IIS Web Server with Directory Traversal
      3. Injection Attacks
      4. Exercise 15-2: SQL Injection Attacks
      5. Buffer Overflow Attacks
      6. Cross-Site Scripting
      7. Cross-Site Request Forgery
      8. Pass the Hash
      9. Privilege Escalation
      10. SSL Stripping
      11. Driver Manipulation and Refactoring
      12. Other Application Attacks
      13. Why Application Vulnerabilities Exist
    2. Secure Application Development Concepts
      1. Secure Coding Concepts
      2. Application Environments
      3. Secure Coding Techniques
      4. Application Frameworks and Scripting
    3. Implement Host and Application Security
      1. Host Security
      2. Application Security
      3. Code Quality and Testing
    4. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  26. 16 Virtualization and Cloud Security
    1. Virtualization and Virtualization Security
      1. Introducing Virtualization
      2. Benefits to Virtualization
      3. Hypervisor
      4. Security Issues with Virtualization
    2. Cloud Computing Concepts
      1. Cloud Computing Overview
      2. Cloud Computing Considerations
      3. Resiliency and Automation
      4. Cloud Features
    3. Cybersecurity Solutions for the Cloud
      1. Cloud Security Controls
      2. Cloud Security Solutions
    4. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  27. 17 Risk Analysis
    1. Introduction to Risk Analysis
      1. Risk Analysis Overview
      2. Risk Analysis Process
      3. Tools to Help Analyze Risk
      4. Risk with Cloud Computing and Third Parties
    2. Risk Assessment Types
      1. Qualitative
      2. Exercise 17-1: Performing a Qualitative Risk Analysis
      3. Quantitative
      4. Exercise 17-2: Performing a Quantitative Risk Analysis
    3. Risk Mitigation Strategies
      1. Exercise 17-3: Identifying Mitigation Techniques
    4. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  28. 18 Disaster Recovery and Business Continuity
    1. Introduction to Business Continuity and Disaster Recovery
      1. Introduction to Business Continuity
      2. Understanding Disaster Recovery
    2. Backing Up and Restoring Data: Backup Concepts
      1. Backup Destination Media
      2. Security Considerations with Tapes
      3. Types of Backups
      4. Scheduling Backups
      5. Exercise 18-1: Backing Up and Restoring Data on a Windows Server
      6. Geographic Considerations
    3. Implementing Fault Tolerance
      1. Introducing Redundancy
      2. Nonpersistence and Diversity
      3. Understanding RAID
      4. Exercise 18-2: Configuring RAID 0 on a Windows System
      5. Exercise 18-3: Creating a Mirrored Volume on a Windows Server
      6. Exercise 18-4: Creating a RAID 5 Volume on a Windows Server
    4. Understanding High Availability
      1. Failover Clustering
      2. Network Load Balancing
      3. Redundant Hardware
    5. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  29. 19 Understanding Monitoring and Auditing
    1. Introduction to Monitoring
    2. Monitoring Tools
      1. Useful System Commands
      2. SNMP
      3. Performance Monitor
      4. Protocol Analyzer and Sniffer
      5. Exercise 19-1: Monitoring Network Traffic with Wireshark
      6. Understanding Syslog
      7. Security Information and Event Management
      8. Working with SOAR
    3. Implementing Logging and Auditing
      1. Understanding Auditing
      2. Exercise 19-2: Implementing Auditing in Windows
      3. Understanding Logging
      4. Exercise 19-3: Configuring Logging in IIS
      5. Exercise 19-4: Configuring Windows Firewall
      6. Popular Areas to Audit
    4. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  30. 20 Security Assessments and Audits
    1. Understanding Types of Assessments
      1. Assessment Types
      2. Assessment Techniques
    2. Performing a Security Assessment
      1. Threat Hunting
      2. Vulnerability Scans
      3. Exercise 20-1: Manually Searching CVE for Windows 10 Vulnerabilities
    3. Performing a Penetration Test
      1. Considerations and Techniques Used in a Penetration Test
      2. Understanding the Hacking Process
      3. Exercise 20-2: Profiling an Organization
      4. Exercise 20-3: Using a Port Scanner
      5. Steps to Perform a Penetration Test
      6. Performing a Vulnerability Assessment
      7. Exercise 20-4: Performing a Vulnerability Scan with Nessus
    4. Tools Used to Assess Security
      1. Fundamental Tools
      2. Network Reconnaissance and Discovery
      3. File Manipulation
      4. Shell and Script Environments
      5. Packet Capture and Replay
      6. Other Common Tools
    5. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  31. 21 Incident Response and Computer Forensics
    1. Working with Evidence
      1. Admissibility
      2. Types of Evidence
      3. Collecting Evidence
    2. Collecting Digital Evidence
      1. Understanding the Process
      2. Where to Find Evidence
      3. Tools Used
      4. Exercise 21-1: Using FTK Imager to Capture an Image of a Suspect’s Drive
      5. Exercise 21-2: Using FTK Imager to Create an Image of the Contents of Memory
      6. Exercise 21-3: Using FTK Imager to Locate Deleted Files
      7. Exercise 21-4: Using Autopsy to Investigate the Local Disk
      8. Exercise 21-5: Using FTK Imager to View File Headers
      9. Exercise 21-6: Performing Cell Phone Forensics
      10. Exercise 21-7: Looking at Exif Metadata
      11. On-Premises vs. Cloud
    3. Looking at Incident Response
      1. Incident Response Team
      2. Incident Response Plan
      3. Incident Response Process
      4. First Responders
      5. Damage and Loss Control
      6. Exercises
      7. Policies and Procedures for Incident Response
      8. Data Sources to Support an Investigation
      9. Mitigation Techniques as a Response to an Incident
    4. Certification Summary
      1. Two-Minute Drill
      2. Q&A Self Test
      3. Self Test Answers
  32. A About the Online Content
    1. System Requirements
    2. Your Total Seminars Training Hub Account
      1. Privacy Notice
    3. Single User License Terms and Conditions
    4. TotalTester Online
      1. Pre-Assessment Test
    5. Other Book Resources
      1. Performance-Based Questions
      2. Video Training from the Author
      3. Downloadable Content
    6. Technical Support
  33. Index

Product information

  • Title: CompTIA Security+ Certification Study Guide, Fourth Edition (Exam SY0-601), 4th Edition
  • Author(s): Glen E. Clarke
  • Release date: September 2021
  • Publisher(s): McGraw-Hill
  • ISBN: 9781260467949