O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CompTIA Security+ Certification Guide

Book Description

This is a practical certification guide covering all the exam topics in an easy-to-follow manner backed with mock tests and self-assesment scenarios for better preparation.

Key Features

  • Learn cryptography and various cryptography algorithms for real-world implementations
  • Discover security policies, plans, and procedures to protect your security infrastructure
  • Written by Ian Neil, one of the world's top CompTIA Security+ (SY0-501) trainer

Book Description

CompTIA Security+ is a worldwide certification that establishes the fundamental knowledge required to perform core security functions and pursue an IT security career. CompTIA Security+ Certification Guide is a best-in-class exam study guide that covers all of CompTIA Security+ 501 exam objectives. It is authored by Ian Neil, who is a world-class trainer of CompTIA Security+ 501. Packed with self-assessment scenarios and realistic exam questions, this guide will help you master the core concepts to succeed in the exam the first time you take it.

Using relevant examples, you will learn all the important security fundamentals from Certificates and Encryption to Identity and Access Management concepts. You will then dive into the important domains of the exam; namely, threats, attacks and vulnerabilities, technologies and tools, architecture and design, risk management, and cryptography and Public Key Infrastructure (PKI).

This book comes with over 600 practice questions with detailed explanation that is at the exam level and also includes two mock exams to help you with your study plan. This guide will ensure that encryption and certificates are made easy for you.

What you will learn

  • Get to grips with security fundamentals from Certificates and Encryption to Identity and Access Management
  • Secure devices and applications that are used by your company
  • Identify the different types of malware and virus and take appropriate actions to protect against them
  • Protect your environment against social engineering and advanced attacks
  • Implement PKI concepts
  • Learn about secure coding techniques, quality control, and testing
  • Troubleshoot common security issues

Who this book is for

This book is designed for anyone who is seeking to pass the CompTIA Security+ SY0-501 exam. It is a stepping stone for anyone who wants to become a security professional or move into cyber security. This certification guide assumes no prior knowledge of the product.

Table of Contents

  1. Title Page
    1. Ian Neil
  2. Copyright and Credits
    1. CompTIA Security+ Certification Guide
  3. Packt Upsell
    1. Why subscribe?
    2. Packt.com
  4. Contributor
    1. About the author
    2. Packt is searching for authors like you
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
      1. Download the color images
      2. Conventions used
    4. Get in touch
      1. Reviews
  6. Understanding Security Fundamentals
    1. CIA triad concept
    2. Identifying security controls
      1. Administrative controls
      2. Technical controls
      3. Physical controls
      4. Preventative controls
      5. Deterrent controls
      6. Detective controls
      7. Corrective controls
      8. Compensating controls
      9. Access controls
        1. Discretionary access control
        2. Least privilege
        3. Mandatory access control
        4. Linux permissions (not SELinux)
        5. Role-based access control
        6. Rule-based access control
        7. Attribute-based access control
        8. Group-based access
    3. Hashing and data integrity
      1. Hash practical
      2. Hash exercise
    4. Defense in depth model
    5. Review questions
    6. Answers and explanations
  7. Conducting Risk Analysis
    1. Risk management
    2. Importance of policy, plans, and procedures
      1. Standard operating procedures
        1. Agreement types
      2. Personnel management—policies and procedures
    3. Role—based awareness training
      1. General security policies
    4. Business impact analysis concepts
    5. Privacy threshold assessment/privacy impact assessment
      1. Mission—essential functions/identification of critical systems
      2. Example
    6. Supply chain risk assessment
      1. Example
    7. Business impact analysis concepts
      1. Calculating loss
      2. Example
    8. Risk procedures and concepts
      1. Threat assessment
        1. Threat actors
      2. Risk treatment
    9. Risk register
    10. Qualitative/quantitative risk analysis
    11. Review questions
    12. Answers and explanations
  8. Implementing Security Policies and Procedures
    1. Industry standard frameworks and reference architecture
      1. OSI reference model
      2. TCP/IP model
      3. Types of frameworks
      4. Benchmarks/secure configuration guides
    2. Policies and user guides
      1. Security configuration guides – web servers
      2. Network infrastructure device user guides
        1. General purpose guides
    3. Implementing data security and privacy practices
      1. Destroying data and sanitizing media 
      2. Data sensitivity labeling and handling
      3. Data retention – legal and compliance
      4. Data roles
    4. Practical – creating a baseline
    5. Review questions
      1. Answers and explanations
  9. Delving into Identity and Access Management
    1. Understanding identity and access management concepts
      1. Passwords
      2. Default/administrator password
      3. Passwords—group policy
      4. Password recovery
      5. Authentication factors
      6. Number of factor examples
      7. Transitive trust
      8. Federation services
      9. Shibboleth
      10. Single sign-on
    2. Installing and configuring identity and access services
      1. LDAP
      2. Kerberos
        1. Internet-based open source authentication
      3. Authentication, authorization, and accounting (AAA) servers
        1. Authentication
    3. Learning about Identity and access management controls
      1. Biometrics
      2. Security tokens and devices
      3. Certification-based authentication
        1. Port-based authentication
    4. Common account management practices
      1. Account types
      2. Account creation
      3. Employees moving departments
        1. Disabling an account
      4. Account recertification
      5. Account maintenance
      6. Account monitoring
      7. Security Information and Event Management
      8. Group based access control
      9. Credential management
        1. User account reviews
    5. Practical exercise – password policy
    6. Review questions
    7. Answers and explanations
  10. Understanding Network Components
    1. OSI – reference model
    2. Installing and configuring network components
      1. Firewall
      2. Router
        1. Access control list– network devices
        2. Intrusion-prevention system
        3. Intrusion-detection system
          1. Modes of detection
          2. Modes of operation
        4. Monitoring data
      3. Switch
        1. Layer 3 switch
      4. Proxy server
      5. Reverse proxy
      6. Remote access
      7. Virtual private network using L2TP/IPSec
      8. IPSec
        1. IPSec – handshake
      9. VPN concentrator
      10. Site-to-site VPN
      11. VPN always on versus on-demand
      12. SSL VPN
      13. Split tunnelling
      14. Load balancer
      15. Clustering
      16. Data-loss prevention
    3. Security information and event management
      1. Mail gateway
      2. Cloud-based email
      3. Media gateway
      4. Hardware security module
      5. Software-defined network
    4. Secure network architecture concepts
      1. Network address translation
      2. Port address translation
      3. Network access control (NAC)
      4. Honeypot
      5. Secure Socket Layer accelerators
      6. SSL/TLS decryptor
      7. Sensor/collector
      8. Tap/port mirror
      9. DDoS mitigator
      10. Segregation/segmentation/isolation
      11. Security device/technology placement
        1. DMZ device placement
        2. LAN device placement
      12. Aggregation switches
    5. Implementing secure protocols
      1. Use case
        1. File transfer – use case
        2. Remote access – use case
        3. Email – use case
        4. Name resolution – use case
          1. Hostname
          2. DNSSEC
          3. NETBIOS
        5. Web – use case
        6. Voice and video – use case
        7. Network address allocation – use case
          1. IP version 4
          2. IP version 4 – lease process
          3. IP version 4 lease process – troubleshooting
          4. IP version 6 addressing
        8. Subscription services – use case
        9. Routing – use case
        10. Time synchronization – use case
        11. Directory services – use case
          1. Active Directory
        12. Switching – use case
        13. Simple network management protocol – use case
    6. Implementing wireless security
      1. Wireless access points – controllers
      2. Securing access to your wireless access point
    7. Wireless bandwidth/band selection
    8. Wireless channels
    9. Wireless antenna types and signal strength
    10. Wireless coverage
    11. Wireless encryption
      1. Wireless – open system authentication
      2. Wireless – WPS
      3. Wireless – captive portal
      4. Wireless attacks
      5. Wireless authentication protocols
    12. Review questions
    13. Answers and explanations
  11. Understanding Cloud Models and Virtualization
    1. Cloud computing
    2. Implementing different cloud deployment models
    3. Cloud service models
    4. Disk resiliency and redundancy
      1. Redundant array of independent disks
    5. Storage area network
    6. Understanding cloud storage concepts
    7. Exploring virtual networks
      1. Virtual desktop infrastructure
      2. VDE
    8. Heating, ventilation, and air-conditioning
    9. Network environments
      1. On-premises
      2. Hosted services
      3. Cloud-hosting services
    10. Practical exercise – is the cloud cost-effective?
    11. Review questions
    12. Answer and explanations
  12. Managing Hosts and Applications Deployment
    1. Deploying mobile devices securely
      1. Bring your own device
      2. Choose your own device
      3. Corporate-owned personally-enabled
      4. Virtual desktop infrastructure
      5. Mobile device connection methods
    2. Mobile device management concepts
      1. Accessing the device
    3. Device management
    4. Device protection
    5. Device data
    6. Mobile device enforcement and monitoring
    7. Industrial control system
      1. Supervisory control and data acquisition
    8. Mobile devices – security implications of embedded systems
    9. Special-purpose devices
    10. Secure application development and deployment concepts
    11. Development life cycle models – waterfall vs agile
      1. Waterfall
      2. Agile
      3. Agile versus waterfall
    12. DevOps
      1. Secure DevOps
      2. Secure coding techniques
      3. Code quality and testing
    13. Server-side versus client-side execution and validation
    14. Review questions
    15. Answers and explanations
  13. Protecting Against Attacks and Vulnerabilities
    1. Virus and malware attacks
    2. Social engineering attacks
    3. Common attacks
      1. Application/service attacks
    4. Programming attacks
      1. Example 1—JavaScript—creating a money variable
      2. Example 2—Javascript—setting the day of the month
    5. Hijacking related attacks
    6. Driver manipulation
    7. Cryptographic attacks
    8. Password attacks
    9. Wireless attacks
    10. Penetration testing
      1. Penetration testing techniques
    11. Vulnerability scanning concepts
    12. Credentialed versus non-credentialed scans
    13. Penetration testing versus vulnerability scanning
    14. Practical exercise—running a vulnerability scanner
    15. Review questions
    16. Answers and explanations
  14. Implementing Public Key Infrastructure
    1. Public key infrastructure concepts
      1. Certificate hierarchy
      2. Certificate trust
      3. Certificate validity
      4. Certificate management concepts
      5. Certificate types
    2. Asymmetric and symmetric encryption
      1. Encryption explained
      2. Digital signature explained
      3. Cryptography algorithms and their characteristics
    3. Symmetric algorithms
    4. Asymmetric algorithms
    5. Symmetric versus asymmetric analogy
      1. XOR encryption
    6. Key stretching algorithms
    7. Cipher modes
      1. Stream versus block cipher analogy
    8. Hashing and data integrity
    9. Comparing and contrasting basic concepts of cryptography
      1. Asymmetric – PKI
        1. Asymmetric – weak/depreciated algorithms
        2. Asymmetric – ephemeral keys
      2. Symmetric algorithm – modes of operation
        1. Symmetric encryption – stream versus block cipher
        2. Symmetric encryption – confusion
        3. Symmetric encryption – secret algorithm
        4. Symmetric – session keys
      3. Hashing algorithms
      4. Crypto service provider
      5. Crypto module
      6. Protecting data
    10. Basic cryptographic terminology
      1. Obfuscation
      2. Pseudo random number generator
      3. Nonce
      4. Perfect forward secrecy
      5. Security through obscurity
      6. Collision
      7. Steganography
      8. Diffusion
      9. Implementation versus algorithm
    11. Common use cases for cryptography
      1. Supporting confidentiality
      2. Supporting integrity
      3. Supporting non-repudiation
      4. Supporting obfuscation
      5. Low-power devices
      6. Low latency
      7. High resiliency
      8. Supporting authentication
      9. Resource versus security constraints
    12. Practical exercises
      1. Practical exercise 1 – building a certificate server
      2. Practical exercise 2—encrypting data with EFS and steal certificates
      3. Practical exercise 3 – revoking the EFS certificate
    13. Review questions
    14. Answers and explanations
  15. Responding to Security Incidents
    1. Incident response procedures
      1. Incident response process
    2. Understanding the basic concepts of forensics
      1. Five minute practical
    3. Software tools to assess the security posture of an organization
      1. Backup utilities
      2. Backup types
      3. Command-line tools
      4. Analyzing and interpreting output from security technologies
    4. Review questions
    5. Answers and explanations
  16. Managing Business Continuity
    1. Implementing secure systems design
    2. Hardware/firmware security
      1. Operating systems
      2. Securing IT systems
      3. Peripherals
    3. Importance of secure staging deployment concepts
    4. Troubleshooting common security issues
      1. Misconfigured devices
      2. Personnel issues
      3. Software issues
    5. Disaster recovery and continuity of operations concepts
    6. Review questions
    7. Answers and explanations
  17. Mock Exam 1
  18. Mock Exam 2
  19. Preparing for the CompTIA Security+ 501 Exam
    1. Tips on taking the exam
    2. Exam preparation
    3. Practical 1—drag and drop—attacks
    4. Practical 2—drag and drop—certificates
    5. Practical 3—drag and drop—ports/protocol
    6. Practical 4—drag and drop—authentication factors
    7. Practical 5—drag and drop—general
    8. Drag and drop—answers
    9. Linux information
  20. Acronyms
  21. Assessment
    1. Mock Exam 1
    2. Mock Exam 2
  22. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think