Book description
This is a practical certification guide covering all the exam topics in an easy-to-follow manner backed with mock tests and self-assesment scenarios for better preparation.
Key Features
- Learn cryptography and various cryptography algorithms for real-world implementations
- Discover security policies, plans, and procedures to protect your security infrastructure
- Written by Ian Neil, one of the world's top CompTIA Security+ (SY0-501) trainer
Book Description
CompTIA Security+ is a worldwide certification that establishes the fundamental knowledge required to perform core security functions and pursue an IT security career. CompTIA Security+ Certification Guide is a best-in-class exam study guide that covers all of CompTIA Security+ 501 exam objectives. It is authored by Ian Neil, who is a world-class trainer of CompTIA Security+ 501. Packed with self-assessment scenarios and realistic exam questions, this guide will help you master the core concepts to succeed in the exam the first time you take it.
Using relevant examples, you will learn all the important security fundamentals from Certificates and Encryption to Identity and Access Management concepts. You will then dive into the important domains of the exam; namely, threats, attacks and vulnerabilities, technologies and tools, architecture and design, risk management, and cryptography and Public Key Infrastructure (PKI).
This book comes with over 600 practice questions with detailed explanation that is at the exam level and also includes two mock exams to help you with your study plan. This guide will ensure that encryption and certificates are made easy for you.
What you will learn
- Get to grips with security fundamentals from Certificates and Encryption to Identity and Access Management
- Secure devices and applications that are used by your company
- Identify the different types of malware and virus and take appropriate actions to protect against them
- Protect your environment against social engineering and advanced attacks
- Implement PKI concepts
- Learn about secure coding techniques, quality control, and testing
- Troubleshoot common security issues
Who this book is for
This book is designed for anyone who is seeking to pass the CompTIA Security+ SY0-501 exam. It is a stepping stone for anyone who wants to become a security professional or move into cyber security. This certification guide assumes no prior knowledge of the product.
Publisher resources
Table of contents
- Title Page
- Copyright and Credits
- Packt Upsell
- Contributor
- Preface
-
Understanding Security Fundamentals
- CIA triad concept
- Identifying security controls
- Hashing and data integrity
- Defense in depth model
- Review questions
- Answers and explanations
-
Conducting Risk Analysis
- Risk management
- Importance of policy, plans, and procedures
- Role—based awareness training
- Business impact analysis concepts
- Privacy threshold assessment/privacy impact assessment
- Supply chain risk assessment
- Business impact analysis concepts
- Risk procedures and concepts
- Risk register
- Qualitative/quantitative risk analysis
- Review questions
- Answers and explanations
- Implementing Security Policies and Procedures
- Delving into Identity and Access Management
-
Understanding Network Components
- OSI – reference model
- Installing and configuring network components
- Security information and event management
- Secure network architecture concepts
-
Implementing secure protocols
-
Use case
- File transfer – use case
- Remote access – use case
- Email – use case
- Name resolution – use case
- Web – use case
- Voice and video – use case
- Network address allocation – use case
- Subscription services – use case
- Routing – use case
- Time synchronization – use case
- Directory services – use case
- Switching – use case
- Simple network management protocol – use case
-
Use case
- Implementing wireless security
- Wireless bandwidth/band selection
- Wireless channels
- Wireless antenna types and signal strength
- Wireless coverage
- Wireless encryption
- Review questions
- Answers and explanations
-
Understanding Cloud Models and Virtualization
- Cloud computing
- Implementing different cloud deployment models
- Cloud service models
- Disk resiliency and redundancy
- Storage area network
- Understanding cloud storage concepts
- Exploring virtual networks
- Heating, ventilation, and air-conditioning
- Network environments
- Practical exercise – is the cloud cost-effective?
- Review questions
- Answer and explanations
-
Managing Hosts and Applications Deployment
- Deploying mobile devices securely
- Mobile device management concepts
- Device management
- Device protection
- Device data
- Mobile device enforcement and monitoring
- Industrial control system
- Mobile devices – security implications of embedded systems
- Special-purpose devices
- Secure application development and deployment concepts
- Development life cycle models – waterfall vs agile
- DevOps
- Server-side versus client-side execution and validation
- Review questions
- Answers and explanations
-
Protecting Against Attacks and Vulnerabilities
- Virus and malware attacks
- Social engineering attacks
- Common attacks
- Programming attacks
- Hijacking related attacks
- Driver manipulation
- Cryptographic attacks
- Password attacks
- Wireless attacks
- Penetration testing
- Vulnerability scanning concepts
- Credentialed versus non-credentialed scans
- Penetration testing versus vulnerability scanning
- Practical exercise—running a vulnerability scanner
- Review questions
- Answers and explanations
-
Implementing Public Key Infrastructure
- Public key infrastructure concepts
- Asymmetric and symmetric encryption
- Symmetric algorithms
- Asymmetric algorithms
- Symmetric versus asymmetric analogy
- Key stretching algorithms
- Cipher modes
- Hashing and data integrity
- Comparing and contrasting basic concepts of cryptography
- Basic cryptographic terminology
- Common use cases for cryptography
- Practical exercises
- Review questions
- Answers and explanations
- Responding to Security Incidents
- Managing Business Continuity
- Mock Exam 1
- Mock Exam 2
-
Preparing for the CompTIA Security+ 501 Exam
- Tips on taking the exam
- Exam preparation
- Practical 1—drag and drop—attacks
- Practical 2—drag and drop—certificates
- Practical 3—drag and drop—ports/protocol
- Practical 4—drag and drop—authentication factors
- Practical 5—drag and drop—general
- Drag and drop—answers
- Linux information
- Acronyms
- Assessment
- Other Books You May Enjoy
Product information
- Title: CompTIA Security+ Certification Guide
- Author(s):
- Release date: September 2018
- Publisher(s): Packt Publishing
- ISBN: 9781789348019
You might also like
book
CompTIA Security+ Review Guide, 4th Edition
Consolidate your knowledge base with critical Security+ review CompTIA Security+ Review Guide, Fourth Edition, is the …
video
CompTIA Cybersecurity Analyst CySA+ (CS0-001)
Over 21 hours of deep-dive training covering every objective in the CompTIA Cybersecurity Analyst CySA+ (CS0-001) …
book
Principles of Computer Security: CompTIA Security+ and Beyond, Fifth Edition, 5th Edition
Fully updated computer security essentials—quality approved by CompTIA Learn IT security fundamentals while getting complete coverage …
book
Python Crash Course, 2nd Edition
This is the second edition of the best selling Python book in the world. Python Crash …