Book description
This fully updated self-study guide offers 100% coverage of every objective on the CompTIA Security+ exam
With hundreds of practice exam questions, including difficult performance-based questions, CompTIA Security+™ Certification Study Guide, Fourth Edition covers what you need to know—and shows you how to prepare—for this challenging exam.
- 100% complete coverage of all official objectives for exam SY0-601
- Exam Watch notes call attention to information about, and potential pitfalls in, the exam
- Inside the Exam sections in every chapter highlight key exam topics covered
- Two-Minute Drills for quick review at the end of every chapter
- Simulated exam questions—including performance-based questions—match the format, topics, and difficulty of the real exam
- Networking Basics and Terminology • Security Terminology • Security Policies and Standards • Types of Attacks • Vulnerabilities and Threats • Mitigating Security Threats • Implementing Host-Based Security • Securing the Network Infrastructure • Wireless Networking and Security • Authentication • Authorization and Access Control • Cryptography • Managing a Public Key Infrastructure • Physical Security • Application Attacks and Security • Virtualization and Cloud Security • Risk Analysis • Disaster Recovery and Business Continuity • Monitoring and Auditing • Security Assessments and Audits • Incident Response and Computer Forensics
- 50+ lab exercises and solutions in PDF format
- Complete practice exams and quizzes customizable by domain or chapter
- 4+ hours of video training from the author
- 12+ performance-based question simulations
- Glossary and Exam Readiness Checklist in PDF format
Table of contents
- Cover
- Title Page
- Copyright Page
- Dedication
- About the Author
- Contents at a Glance
- Contents
- Preface
- Acknowledgments
- Introduction
- 1 Networking Basics and Terminology
- 2 Introduction to Security Terminology
- 3 Security Policies and Standards
- 4 Types of Attacks
- 5 Vulnerabilities and Threats
- 6 Mitigating Security Threats
- 7 Implementing Host-Based Security
-
8 Securing the Network Infrastructure
- Understanding Firewalls
- Using Intrusion Detection Systems
-
Network Design and Administration Principles
- Network Segmentation
- Network Switches
- Network Address Translation
- Network Access Control
- Data Protection
- Data Sovereignty
- Mail Gateway
- Network Communication Encryption
- API Considerations
- Network Administration Principles
- Business Connectivity Considerations
- Placement of Security Devices and Network Appliances
- Configuration Management
- Securing Devices
- Certification Summary
- 9 Wireless Networking and Security
- 10 Authentication
-
11 Authorization and Access Control
- Introducing Access Control
- Access Control Schemes
-
Implementing Access Control
- Identities
- Account Types
- Using Security Groups
- Exercise 11-2: Configuring Security Groups and Assigning Permissions
- Rights and Privileges
- Exercise 11-3: Modifying User Rights on a Windows System
- File System Security and Printer Security
- Access Control Lists
- Group Policies
- Exercise 11-4: Configuring Password Policies via Group Policies
- Database Security
- Exercise 11-5: Encrypting Sensitive Information in the Database
- Account Restrictions
- Account Policy Enforcement
- Monitoring Account Access
- Certification Summary
- 12 Introduction to Cryptography
- 13 Managing a Public Key Infrastructure
- 14 Physical Security
-
15 Application Attacks and Security
-
Understanding Application Attacks
- Directory Traversal
- Exercise 15-1: Exploiting an IIS Web Server with Directory Traversal
- Injection Attacks
- Exercise 15-2: SQL Injection Attacks
- Buffer Overflow Attacks
- Cross-Site Scripting
- Cross-Site Request Forgery
- Pass the Hash
- Privilege Escalation
- SSL Stripping
- Driver Manipulation and Refactoring
- Other Application Attacks
- Why Application Vulnerabilities Exist
- Secure Application Development Concepts
- Implement Host and Application Security
- Certification Summary
-
Understanding Application Attacks
- 16 Virtualization and Cloud Security
- 17 Risk Analysis
- 18 Disaster Recovery and Business Continuity
- 19 Understanding Monitoring and Auditing
-
20 Security Assessments and Audits
- Understanding Types of Assessments
- Performing a Security Assessment
-
Performing a Penetration Test
- Considerations and Techniques Used in a Penetration Test
- Understanding the Hacking Process
- Exercise 20-2: Profiling an Organization
- Exercise 20-3: Using a Port Scanner
- Steps to Perform a Penetration Test
- Performing a Vulnerability Assessment
- Exercise 20-4: Performing a Vulnerability Scan with Nessus
- Tools Used to Assess Security
- Certification Summary
-
21 Incident Response and Computer Forensics
- Working with Evidence
-
Collecting Digital Evidence
- Understanding the Process
- Where to Find Evidence
- Tools Used
- Exercise 21-1: Using FTK Imager to Capture an Image of a Suspect’s Drive
- Exercise 21-2: Using FTK Imager to Create an Image of the Contents of Memory
- Exercise 21-3: Using FTK Imager to Locate Deleted Files
- Exercise 21-4: Using Autopsy to Investigate the Local Disk
- Exercise 21-5: Using FTK Imager to View File Headers
- Exercise 21-6: Performing Cell Phone Forensics
- Exercise 21-7: Looking at Exif Metadata
- On-Premises vs. Cloud
- Looking at Incident Response
- Certification Summary
- A About the Online Content
- Index
Product information
- Title: CompTIA Security+ Certification Study Guide, Fourth Edition (Exam SY0-601), 4th Edition
- Author(s):
- Release date: September 2021
- Publisher(s): McGraw-Hill
- ISBN: 9781260467949
You might also like
book
CompTIA Security+ Certification Practice Exams, Fourth Edition (Exam SY0-601), 4th Edition
This up-to-date study aid contains hundreds of accurate practice questions and detailed answer explanations CompTIA Security+™ …
book
CompTIA Server+ Certification All-in-One Exam Guide, Second Edition (Exam SK0-005), 2nd Edition
This exam-focused study guide contains complete coverage of every topic on the current edition of the …
book
CompTIA CySA+ Study Guide Exam CS0-002, 2nd Edition
This updated study guide by two security experts will help you prepare for the CompTIA CySA+ …
book
CompTIA PenTest+ Certification All-in-One Exam Guide, Second Edition (Exam PT0-002), 2nd Edition
This fully-updated guide delivers complete coverage of every topic on the current version of the CompTIA …