book

CompTIA Security+ SY0-701 Cert Guide

by Lewis Heuermann

April 2024

Beginner to intermediate

814 pages

21h 54m

English

Pearson IT Certification

Read now

Unlock full access

Goals and MethodsWho Should Read This Book?CompTIA Security+ Exam TopicsCompanion WebsiteHow to Access the Pearson Test Prep (PTP) AppFigure Credits
“Do I Know This Already?” QuizFoundation TopicsControl CategoriesControl TypesChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsConfidentiality, Integrity, and Availability (CIA)Non-repudiationAuthentication, Authorization, and Accounting (AAA)Gap AnalysisZero TrustPhysical SecurityDeception and Disruption TechnologyChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsBusiness Processes Impacting Security OperationsTechnical ImplicationsDocumentationVersion ControlChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsPublic Key Infrastructure (PKI)EncryptionTransport/CommunicationSymmetric Versus Asymmetric EncryptionKey ExchangeAlgorithmsKey LengthToolsTrusted Platform ModuleHardware Security ModuleKey Management SystemSecure EnclaveObfuscationSteganographyHashingSaltingDigital SignaturesKey StretchingBlockchainOpen Public LedgerCertificatesChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsThreat ActorsAttributes of ActorsMotivationsWarChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsMessage-BasedImage-BasedFile-BasedVoice CallRemovable DeviceVulnerable SoftwareUnsupported Systems and ApplicationsUnsecure NetworksOpen Service PortsDefault CredentialsSupply ChainHuman Vectors/Social EngineeringChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsApplicationOperating System (OS)–BasedWeb-BasedHardwareVirtualizationCloud SpecificSupply ChainCryptographicMisconfigurationMobile DeviceZero-Day VulnerabilitiesChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsMalware AttacksPhysical AttacksNetwork AttacksApplication AttacksCryptographic AttacksPassword AttacksIndicatorsChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsSegmentationAccess ControlIsolationPatchingEncryptionMonitoringLeast PrivilegeConfiguration EnforcementDecommissioningHardening TechniquesChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsArchitecture and Infrastructure ConceptsConsiderationsChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsInfrastructure ConsiderationsSecure Communication/AccessSelection of Effective ControlsChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsData TypesData ClassificationsGeneral Data ConsiderationsMethods to Secure DataChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsHigh AvailabilitySite ConsiderationsPlatform DiversityMulti-Cloud SystemContinuity of OperationsCapacity PlanningTestingBackupsPowerChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsSecure BaselinesHardening TargetsWireless DevicesMobile SolutionsConnection MethodsWireless Security SettingsApplication SecuritySandboxingMonitoringChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsAcquisition/Procurement ProcessAssignment/AccountingMonitoring/Asset TrackingDisposal/DecommissioningChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsIdentification MethodsAnalysisVulnerability Response and RemediationValidation of RemediationReportingChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsMonitoring and Computing ResourcesActivitiesToolsChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsFirewallIDS/IPSWeb FilterOperating System SecurityImplementation of Secure ProtocolsDNS FilteringEmail SecurityFile Integrity MonitoringDLPNetwork Access Control (NAC)Endpoint Detection and Response (EDR)/Extended Detection and Response (XDR)User Behavior AnalyticsChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsProvisioning/De-provisioning User AccountsPermission Assignments and ImplicationsIdentity ProofingFederationSingle Sign-On (SSO)InteroperabilityAttestationAccess ControlsMultifactor Authentication (MFA)Password ConceptsPrivileged Access Management ToolsChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsUse Cases of Automation and ScriptingBenefitsOther ConsiderationsChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsProcessTrainingTestingRoot Cause AnalysisThreat HuntingDigital ForensicsChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsLog DataData SourcesChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsGuidelinesPoliciesStandardsProceduresExternal ConsiderationsMonitoring and RevisionTypes of Governance StructuresRoles and Responsibilities for Systems and DataChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsRisk IdentificationRisk AssessmentRisk AnalysisRisk RegisterRisk ToleranceRisk AppetiteRisk Management StrategiesRisk ReportingBusiness Impact AnalysisChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsVendor AssessmentVendor SelectionAgreement TypesVendor MonitoringQuestionnairesRules of EngagementChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsCompliance ReportingConsequences of Non-complianceCompliance MonitoringAttestation and AcknowledgmentPrivacyChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsAttestationInternalExternalPenetration TestingChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
“Do I Know This Already?” QuizFoundation TopicsPhishingAnomalous Behavior RecognitionUser Guidance and TrainingReporting and MonitoringDevelopmentExecutionChapter Review ActivitiesReview Key TopicsDefine Key TermsReview Questions
Hands-on ActivitiesSuggested Plan for Final Review and StudySummary

Content preview from CompTIA Security+ SY0-701 Cert Guide

Chapter 22 Using Data Sources to Support an Investigation

This chapter covers the following topics related to Objective 4.9 (Given a scenario, use data sources to support an investigation) of the CompTIA Security+ SY0-701 certification exam:

This chapter explores the various types of data sources that can be leveraged to support a cybersecurity investigation. It outlines the importance and utility of different kinds of log data, such as firewall logs, application logs, endpoint logs, and more. The chapter also explores other critical data sources, such as vulnerability scans, automated reports, dashboards, and packet captures. Each of these elements plays a vital role in painting a comprehensive picture during an investigation, ...