book

CompTIA Security+ SY0-701 Cert Guide

by Lewis Heuermann

April 2024

Beginner to intermediate

814 pages

21h 54m

English

Pearson IT Certification

Read now

Unlock full access

Goals and MethodsWho Should Read This Book?CompTIA Security+ Exam TopicsCompanion WebsiteHow to Access the Pearson Test Prep (PTP) AppFigure Credits
“Do I Know This Already?” QuizFoundation TopicsControl CategoriesControl TypesChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsConfidentiality, Integrity, and Availability (CIA)Non-repudiationAuthentication, Authorization, and Accounting (AAA)Gap AnalysisZero TrustPhysical SecurityDeception and Disruption TechnologyChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsBusiness Processes Impacting Security OperationsTechnical ImplicationsDocumentationVersion ControlChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsPublic Key Infrastructure (PKI)EncryptionTransport/CommunicationSymmetric Versus Asymmetric EncryptionKey ExchangeAlgorithmsKey LengthToolsTrusted Platform ModuleHardware Security ModuleKey Management SystemSecure EnclaveObfuscationSteganographyHashingSaltingDigital SignaturesKey StretchingBlockchainOpen Public LedgerCertificatesChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsThreat ActorsAttributes of ActorsMotivationsWarChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsMessage-BasedImage-BasedFile-BasedVoice CallRemovable DeviceVulnerable SoftwareUnsupported Systems and ApplicationsUnsecure NetworksOpen Service PortsDefault CredentialsSupply ChainHuman Vectors/Social EngineeringChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsApplicationOperating System (OS)–BasedWeb-BasedHardwareVirtualizationCloud SpecificSupply ChainCryptographicMisconfigurationMobile DeviceZero-Day VulnerabilitiesChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsMalware AttacksPhysical AttacksNetwork AttacksApplication AttacksCryptographic AttacksPassword AttacksIndicatorsChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsSegmentationAccess ControlIsolationPatchingEncryptionMonitoringLeast PrivilegeConfiguration EnforcementDecommissioningHardening TechniquesChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsArchitecture and Infrastructure ConceptsConsiderationsChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsInfrastructure ConsiderationsSecure Communication/AccessSelection of Effective ControlsChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsData TypesData ClassificationsGeneral Data ConsiderationsMethods to Secure DataChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsHigh AvailabilitySite ConsiderationsPlatform DiversityMulti-Cloud SystemContinuity of OperationsCapacity PlanningTestingBackupsPowerChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsSecure BaselinesHardening TargetsWireless DevicesMobile SolutionsConnection MethodsWireless Security SettingsApplication SecuritySandboxingMonitoringChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsAcquisition/Procurement ProcessAssignment/AccountingMonitoring/Asset TrackingDisposal/DecommissioningChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsIdentification MethodsAnalysisVulnerability Response and RemediationValidation of RemediationReportingChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsMonitoring and Computing ResourcesActivitiesToolsChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsFirewallIDS/IPSWeb FilterOperating System SecurityImplementation of Secure ProtocolsDNS FilteringEmail SecurityFile Integrity MonitoringDLPNetwork Access Control (NAC)Endpoint Detection and Response (EDR)/Extended Detection and Response (XDR)User Behavior AnalyticsChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsProvisioning/De-provisioning User AccountsPermission Assignments and ImplicationsIdentity ProofingFederationSingle Sign-On (SSO)InteroperabilityAttestationAccess ControlsMultifactor Authentication (MFA)Password ConceptsPrivileged Access Management ToolsChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsUse Cases of Automation and ScriptingBenefitsOther ConsiderationsChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsProcessTrainingTestingRoot Cause AnalysisThreat HuntingDigital ForensicsChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsLog DataData SourcesChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsGuidelinesPoliciesStandardsProceduresExternal ConsiderationsMonitoring and RevisionTypes of Governance StructuresRoles and Responsibilities for Systems and DataChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsRisk IdentificationRisk AssessmentRisk AnalysisRisk RegisterRisk ToleranceRisk AppetiteRisk Management StrategiesRisk ReportingBusiness Impact AnalysisChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsVendor AssessmentVendor SelectionAgreement TypesVendor MonitoringQuestionnairesRules of EngagementChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsCompliance ReportingConsequences of Non-complianceCompliance MonitoringAttestation and AcknowledgmentPrivacyChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsAttestationInternalExternalPenetration TestingChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsPhishingAnomalous Behavior RecognitionUser Guidance and TrainingReporting and MonitoringDevelopmentExecutionChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
Hands-on ActivitiesSuggested Plan for Final Review and StudySummary

Content preview from CompTIA Security+ SY0-701 Cert Guide

Chapter 15 Understanding the Security Implications of Hardware, Software, and Data Asset Management

This chapter covers the following topics related to Objective 4.2 (Explain the security implications of proper hardware, software, and data asset management) of the CompTIA Security+ SY0-701 certification exam:

This chapter provides an overview of asset management with a focus on cybersecurity. It covers acquisition and third-party risk assessment, emphasizes the role of asset assignment and accountability, and concludes with asset disposal and decommissioning guidelines. Monitoring and classification strategies are also briefly explored, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Publisher Resources

ISBN: 9780138293215

CompTIA Security+ SY0-701 Cert Guide

by Lewis Heuermann

Chapter 15

Understanding the Security Implications of Hardware, Software, and Data Asset Management

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like