O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Mike Meyers' CompTIA Security+ Certification Passport, Fifth Edition (Exam SY0-501), 5th Edition

Book Description

This quick review, cram-style study guide offers 100% coverage of every topic on the latest version of the CompTIA Security+ exam

This powerful exam preparation resource presents an accelerated review of the pertinent technology and covers all objectives for the CompTIA Security+ exam (exam SY0-501). Written in the proven Passport format developed by training expert Mike Meyers, the book enables you to focus on specific topics, determine areas of need, and tailor an effective course for study.

Mike Meyers’ CompTIA Security+ Certification Passport, Fifth Edition (Exam SY0-501) features accurate practice exam questions and in-depth answer explanations as well as end-of-chapter bulleted summaries that reinforce salient points. Throughout, “Exam Tips” highlight important topics, “Local Lingo” notes define need-to-know terms, “Travel Advisories” alert you to potential pitfalls, and “Travel Assistance” icons specify resources for further information.

• Provides complete coverage of every objective on exam SY0-501
• Electronic content includes 200 practice questions and a secured book PDF
• Written by a pair of security experts and edited by certification guru Mike Meyers

Table of Contents

  1. Cover Page
  2. Title Page
  3. Copyright Page
  4. Dedication
  5. Contents
  6. Acknowledgments
  7. Check-In
  8. I Mission Assurance
    1. 1 Organizational Security and Compliance
      1. Objective 1.01 Explain Risk Management Processes and Concepts
        1. Risk Control Types
          1. Administrative
          2. Technical
          3. Physical
        2. Risk Assessment
          1. Asset Identification
          2. Risk Analysis
          3. Risk Likelihood and Impact
          4. Solutions and Countermeasures
        3. Risk Register
        4. Risk Management Options
        5. False Positives and Negatives
        6. Using Organizational Policies to Reduce Risk
          1. Security Policies
          2. Network Security Policies
          3. Human Resources Policies
      2. Objective 1.02 Implement Appropriate Risk Mitigation Strategies
        1. Change Management Policy
        2. Incident Management and Response Policy
        3. Perform Routine Audits
        4. Develop Standard Operating Procedures
        5. User Rights and Permissions Reviews
        6. Data Loss Prevention and Regulatory Compliance
      3. Objective 1.03 Integrate with Third Parties
        1. Interoperability Agreements
          1. Service Level Agreements
          2. Business Partnership Agreements
          3. Memorandums of Agreement/Understanding
          4. Interconnection Security Agreement
        2. Privacy Considerations
        3. Risk Awareness
        4. Unauthorized Data Sharing
        5. Data Ownerships
        6. Data Backup
        7. Verification of Adherence
        8. CHECKPOINT
        9. REVIEW QUESTIONS
        10. REVIEW ANSWERS
    2. 2 Security Training and Incident Response
      1. Objective 2.01 Explain the Importance of Security-Related Awareness and Training
        1. Effective Security Training and Awareness
          1. Onboarding
          2. Nondisclosure Agreements
          3. Awareness Training
          4. Continual Education
          5. Threat Awareness
          6. Recurring Training
          7. Security Metrics
        2. Data and Documentation Policies
          1. Standards and Guidelines
          2. Data Retention Policy
          3. Hardware Disposal and Data Destruction Policy
          4. IT Documentation
        3. Best Practices for User Habits
          1. Password Policy
          2. Clean Desk Policy
          3. Personally Owned Devices
          4. Workstation Locking and Access Tailgating
          5. Data Handling
          6. Instant Messaging
          7. P2P Applications
          8. Social Networking/Media
          9. Compliance with Laws, Regulations, Best Practices, and Standards
      2. Objective 2.02 Analyze and Differentiate Among Types of Social Engineering Attacks
        1. Phishing
        2. Whaling
        3. Shoulder Surfing
        4. Tailgating
        5. Pharming
        6. Spim
        7. Vishing
        8. Spam
        9. Hoaxes
      3. Objective 2.03 Execute Appropriate Incident Response Procedures
        1. Preparation
        2. Incident Identification
        3. First Responders
        4. Incident Containment
        5. Damage and Loss Control
          1. Data Breaches
        6. Escalation Policy
        7. Reporting and Notification
        8. Mitigation and Recovery Steps
        9. Lessons Learned
      4. Objective 2.04 Implement Basic Forensic Procedures
        1. Data Acquisition and Preservation
          1. Order of Volatility
          2. Capture a System Image
          3. Network and System Logs
          4. Time Offsets
          5. Use Hashing to Protect Evidence Integrity
          6. Take Screenshots
          7. Capture Video
          8. Chain of Custody
          9. Interview Witnesses
          10. Track Resources Expended
          11. Big Data Analysis
        2. CHECKPOINT
        3. REVIEW QUESTIONS
        4. REVIEW ANSWERS
    3. 3 Business Continuity and Disaster Recovery
      1. Objective 3.01 Explain Concepts of Business Continuity and Disaster Recovery
        1. Select the Appropriate Control to Meet the Goals of Security
        2. Types of Disasters
          1. Natural
          2. Human Error and Sabotage
          3. Network and Hacking Attacks
          4. Viruses
        3. Recovery Plans
          1. Disaster Recovery Team
          2. Risk Analysis
          3. Business Impact Analysis
          4. Privacy Impact Assessment
          5. Disaster Recovery and IT Contingency Plans
          6. Documentation
          7. Testing
          8. After-Action Reporting
      2. Objective 3.02 Execute Disaster Recovery and Continuity of Operations Plans and Procedures
        1. High Availability and Redundancy Planning
          1. Service Levels
          2. Reliability Factors
          3. Spare Equipment Redundancy
          4. Alternate Site Redundancy
          5. Alternate Business Practices
        2. Fault Tolerance
          1. Hard Drives
          2. Power Supplies
          3. Network Interface Cards
          4. CPU
          5. Uninterruptible Power Supply
          6. Backups
          7. Planning
          8. Backup Hardware
          9. Backup Types
          10. Media Rotation and Retention
          11. Backup Documentation
          12. Restoration
          13. Offsite Storage
          14. Online Backup
      3. Objective 3.03 Explain the Impact and Proper Use of Environmental Controls
        1. Facility Construction Issues
          1. Location Planning
          2. Facility Construction
          3. Computer Room Construction
        2. Environmental Issues
          1. Temperature
          2. Humidity
          3. Ventilation
          4. Monitoring
          5. Electrical Power
        3. Cable Shielding
          1. Coaxial
          2. Twisted Pair
          3. Fiber Optic
          4. Wireless Networks and Cells
        4. Fire Suppression
          1. Water
          2. Chemical-Based Fire Suppression
        5. CHECKPOINT
        6. REVIEW QUESTIONS
        7. REVIEW ANSWERS
  9. II Cryptography and PKI
    1. 4 Cryptography and Encryption Basics
      1. Objective 4.01 Utilize the Concepts of Cryptography
        1. Information Assurance
          1. Confidentiality
          2. Integrity
          3. Authentication
          4. Nonrepudiation
          5. Obfuscation
        2. Algorithms
          1. Symmetric Keys
          2. Asymmetric Keys
          3. In-Band/Out-of-Band Key Exchange
          4. Ephemeral Keys
          5. Perfect Forward Secrecy
          6. Random/Pseudo-Random Numbers and Inputs
        3. Steganography
        4. Digital Signatures
        5. Basic Hashing Concepts
        6. Message Digest Hashing
          1. Message Digest 5 (MD5)
        7. Secure Hash Algorithm (SHA)
        8. RIPEMD
        9. HMAC
      2. Objective 4.02 Use and Apply Appropriate Cryptographic Tools and Products
        1. Symmetric Encryption Algorithms
          1. DES and 3DES
          2. AES
          3. Blowfish
          4. Twofish
          5. IDEA
          6. RC4
        2. Asymmetric Encryption Algorithms
          1. RSA
          2. Elliptic Curve Cryptography
          3. Diffie–Hellman
          4. DSA
        3. One-Time Pad
        4. Quantum Cryptography
        5. Implementing Encryption Protocols
          1. Wireless Encryption Protocol
          2. Pretty Good Privacy
          3. GNU Privacy Guard (GPG)
          4. S/MIME
          5. SSL and TLS
          6. HTTPS
          7. IPSec
          8. SSH
          9. Key Stretching
        6. Decision Making
          1. Data States
          2. Choosing and Implementing the Best Method
        7. CHECKPOINT
        8. REVIEW QUESTIONS
        9. REVIEW ANSWERS
    2. 5 Public Key Infrastructure
      1. Objective 5.01 Explain the Fundamentals of Public Key Infrastructure
        1. Digital Certificates
        2. Certificate Authorities
        3. Trust Models
          1. Web of Trust
          2. Third-Party (Single Authority) Trust
          3. Hierarchical Model
        4. Key Management and Storage
          1. Centralized vs. Decentralized Storage
          2. Key Storage and Protection
          3. Key Escrow
          4. Key Recovery
          5. Multiple Key Pairs
          6. Key History
      2. Objective 5.02 Implementing PKI Concepts to Promote Trust
        1. Certificate Life Cycle
          1. Certificate Requested, Issued, Published, and Received
          2. Certificate Suspension and Revocation
          3. Certificate Expiration
          4. Key Destruction
        2. Certificate Renewal
        3. CHECKPOINT
        4. REVIEW QUESTIONS
        5. REVIEW ANSWERS
  10. III Identity and Access Management
    1. 6 Access Control
      1. Objective 6.01 Explain the Fundamental Concepts and Best Practices Related to Authentication, Authorization, and Access Control
        1. Users and Resources
          1. Levels of Security
          2. Access Security Grouping
        2. Access Control Best Practices
          1. Separation of Duties
          2. Rotation of Job Duties
          3. Mandatory Vacations
          4. Implicit Deny
          5. Explicit Deny
          6. Least Privilege
        3. Access Control Models
          1. Mandatory Access Control
          2. Discretionary Access Control
          3. Role-Based Access Control
          4. Rule-Based Access Control
          5. Attribute-Based Access Control
      2. Objective 6.02 Implement Appropriate Security Controls When Performing Account Management
        1. Account Maintenance
          1. Using Appropriate Naming Conventions
          2. Limiting Logon Attempts
          3. Setting Account Expiry Dates
          4. Disabling Unused Accounts
          5. Setting Time Restrictions
          6. Setting Machine Restrictions
          7. Using Tokens
          8. Restricting Multiple/Shared/Guest/Generic Accounts
        2. User Access Reviews
        3. Credential Management
          1. Password Policies
          2. Domain Accounts and Single Sign-On
          3. Federation
        4. Security Roles and Privileges
          1. User
          2. Group
          3. Role
        5. File and Print Security Controls
          1. File and Print ACLs
      3. Objective 6.03 Analyze and Differentiate Among Types of Mitigation and Deterrent Techniques
        1. Physical Barriers
        2. Lighting
        3. Video Surveillance
        4. Locks
          1. Hardware Locks
        5. Man-Trap
        6. Security Guards
        7. Access Logs
        8. Personal Identification Verification Card
        9. Smart Card
        10. Common Access Card
        11. CHECKPOINT
        12. REVIEW QUESTIONS
        13. REVIEW ANSWERS
    2. 7 Authentication and Identity Management
      1. Objective 7.01 Explain the Fundamental Concepts and Best Practices Related to Authentication, Authorization, and Access Services
        1. Authentication Models
          1. Single-Factor Authentication
          2. Two-Factor Authentication
          3. Multifactor Authentication
          4. Single Sign-On
        2. Authentication Methods
          1. Remote Access Authentication
          2. Remote Access Applications
          3. Remote Access Protocols
          4. VPN Protocols
      2. Objective 7.02 Explain the Function and Purpose of Authentication Services
        1. PAP
        2. CHAP
        3. LANMAN
        4. NTLM and NTLMv2
        5. Extensible Authentication Protocol
        6. RADIUS
        7. LDAP
        8. SAML
        9. TACACS
        10. Kerberos
        11. OAuth and OpenID Connect
        12. 802.1X
        13. Certificates (Mutual Authentication)
        14. HOTP/TOTP
        15. Biometrics
        16. CHECKPOINT
        17. REVIEW QUESTIONS
        18. REVIEW ANSWERS
  11. IV Network Security
    1. 8 Securing Networks
      1. Objective 8.01 Implement Security Functionality on Network Devices and Other Technologies
        1. Firewalls
        2. Routers
        3. Switches
        4. Load Balancers
        5. Proxy Servers
        6. All-in-One Security Appliances
          1. Data Loss Prevention
          2. Malware Inspection
          3. Anti-spam Filter
          4. Content Filtering
          5. URL Filtering
        7. Security Information and Event Management
        8. Web Security Gateway
        9. Intrusion Detection and Prevention
          1. Active Detection
          2. Passive Detection
          3. Monitoring Methodologies
        10. Application-Aware Devices
        11. Protocol Analyzers
      2. Objective 8.02 Explain Network Design Elements and Compounds
        1. Security Zones
          1. DMZ
          2. Intranet
          3. Extranet
        2. Network Security Techniques
          1. NAC
          2. NAT
          3. Internal Network Addressing
          4. Subnetting
          5. VLAN
        3. Remote Access
          1. Modems
          2. VPN
          3. Telephony
          4. VoIP
          5. Media Gateway
        4. Virtualization
        5. Cloud Computing
          1. Everything as a Service
          2. Cloud Deployment
        6. CHECKPOINT
        7. REVIEW QUESTIONS
        8. REVIEW ANSWERS
    2. 9 Secure Network Administration
      1. Objective 9.01 Implement and Use Common Protocols
        1. TCP/IP
          1. IPv4
          2. IPv6
        2. ICMP
        3. HTTP and HTTPS
        4. Telnet
        5. SSH
          1. FTP
          2. TFTP
          3. FTPS and SFTP
          4. SCP
        6. DNS
        7. SNMP
        8. IPSec
        9. NetBIOS
        10. iSCSI
        11. Fibre Channel
        12. RTP
      2. Objective 9.02 Identify Commonly Used Default Network Ports
        1. TCP/IP Network Ports
      3. Objective 9.03 Analyze and Differentiate Among Types of Network Attacks
        1. Denial of Service
          1. Distributed Denial of Service
          2. Ping Attack
          3. SYN Flood
          4. DNS Amplification
          5. Flood Protection
        2. Back Door
        3. NULL Sessions
        4. Spoofing
        5. Smurf Attack
        6. TCP/IP Hijacking
        7. Man-in-the-Middle
        8. Replay
        9. Xmas Attack
        10. DNS Poisoning
        11. ARP Poisoning
        12. Domain Kiting
        13. Typosquatting
        14. Client-side Attacks
        15. Watering Hole Attack
        16. Zero-Day Attack
        17. Malicious Insider Threats
      4. Objective 9.04 Apply and Implement Secure Network Administration Principles
        1. Networking Device Configuration
          1. Firewall Administration
          2. Router Administration
          3. ACL Rules
        2. Network Separation
        3. Unified Threat Management
        4. Network Device Threats and Risks
          1. Weak Passwords
          2. Default Accounts
          3. Transitive Access and Privilege Escalation
          4. Network Loops
        5. Network Device Hardening
          1. Secure Remote Access
          2. Device Placement
          3. Disable Unused Services
          4. Employ DDoS Mitigation
          5. Firmware/OS Updates
          6. Log Files
        6. CHECKPOINT
        7. REVIEW QUESTIONS
        8. REVIEW ANSWERS
    3. 10 Securing Wireless Networks
      1. Objective 10.01 Implement Wireless Networks in a Secure Manner
        1. Wireless LAN Technologies
          1. Narrowband Technology
          2. Spread-Spectrum Technology
          3. Infrared Technology
        2. Wireless Access
          1. Site Surveys
          2. WLAN Topologies
        3. Wireless Protocols
          1. Wireless Access Protocol
          2. Bluetooth
          3. 802.11
        4. Securing Wireless Networks
        5. Access Point Security
        6. Service Set Identifier
        7. MAC Address Filtering
        8. Encryption
        9. WPA and WPA2 Security
        10. Wi-Fi Protected Setup
        11. 802.1X
        12. Wireless Authentication Protocols
          1. EAP
          2. LEAP
          3. PEAP
        13. VPN Wireless Access
        14. Personal Firewall
        15. Captive Portals
      2. Objective 10.02 Analyze and Differentiate Among Types of Wireless Attacks
        1. Data Emanation
        2. Jamming
        3. Bluetooth Vulnerabilities
        4. Near-Field Communication
        5. War Driving
        6. Access Points (Evil Twin)
        7. Deauthentication and Disassociation
        8. War Chalking
        9. Packet Sniffing and Eavesdropping
        10. Replay Attacks
        11. WPS Attacks
        12. WEP/WPA Attacks
          1. IV Attack
          2. TKIP Attack
          3. WPA2 Attacks
        13. CHECKPOINT
        14. REVIEW QUESTIONS
        15. REVIEW ANSWERS
  12. V Host, Application, and Data Security
    1. 11 Securing Host Systems
      1. Objective 11.01 Analyze and Differentiate Among Types of Malware
        1. Viruses
          1. Types of Viruses
          2. File Types That Commonly Carry Viruses
          3. Polymorphic Malware
          4. Metamorphic Malware
        2. Keyloggers
        3. Trojan Horses
          1. Remote Access Trojan
        4. Logic Bombs
        5. Worms
        6. Adware and Spyware
        7. Ransomware
        8. Rootkits
        9. Botnets
      2. Objective 11.02 Carry Out Appropriate Procedures to Establish Host Security
        1. Physical Hardware Security
          1. Supply Chain Risk
        2. Host Software Security Baseline
        3. Operating System Hardening
          1. Trusted Operating System
          2. Operating System Updates
          3. Patch Management
          4. BIOS and UEFI Security
          5. Services and OS Configuration
          6. File System Security
          7. System User Accounts and Password Threats
          8. Management Interface Security
          9. Host Internet Access
          10. Software Access and Privileges
          11. Peripherals
        4. Host Security Applications
          1. Whitelists or Blacklists
          2. Antivirus and Anti-spyware Software
          3. Virus Signature Files
          4. Anti-spam Software
          5. Host-Based Firewalls
          6. Web Browser Security
          7. Host-Based Intrusion Detection System
          8. Live Media
        5. Virtualization
          1. Hypervisors
          2. Virtualization Risks
      3. Objective 11.03 Understand Mobile Security Concepts and Technologies
        1. Mobile Device Security
          1. Securing Your Connection
        2. Deployment Models
          1. BYOD
          2. CYOD
          3. COPE
          4. Corporate-Owned
          5. VDI
        3. Deployment Concerns
          1. Ownership
          2. Security Management
          3. Legal
        4. Protection from Theft
          1. Password/Screen Lock/Lockout
          2. Biometrics
          3. GPS Tracking
          4. Remote Wipe
          5. Full Device Encryption
          6. Voice Encryption
        5. Protection from Users
          1. Mobile Camera Security
          2. Mobile Device Management
          3. Asset Control
          4. Push Notification Technologies
          5. Storage
          6. Data Containerization
        6. CHECKPOINT
        7. REVIEW QUESTIONS
        8. REVIEW ANSWERS
    2. 12 Securing Applications and Data
      1. Objective 12.01 Analyze and Differentiate Among Types of Attacks and Vulnerabilities
        1. Web Application Vulnerabilities
          1. JavaScript
          2. ActiveX
          3. Buffer Overflows
          4. Resource Exhaustion
          5. Privilege Escalation
          6. Hijacking
          7. HTML Attachments
          8. Malicious Add-Ons
          9. CGI Scripts
          10. Cross-Site Scripting
          11. Cross-Site Request Forgery (XSRF)
          12. Header Manipulation
          13. Injection
          14. Directory Traversal
          15. Arbitrary Code Execution
          16. Zero-Day Attacks
          17. Race Conditions
        2. Internet Server Vulnerabilities
          1. FTP Servers
          2. DNS Servers
          3. DHCP Servers
          4. Database Servers
          5. LDAP and Directory Services
          6. E-mail Servers
        3. General Considerations
      2. Objective 12.02 Explain the Importance of Application Security
        1. Development Life-Cycle Models
          1. Waterfall Method
          2. Agile Method
        2. Secure Coding Concepts
          1. Secure Development Operations
          2. Change Management
          3. Input Validation
          4. Escaping
          5. Code Testing and Verification
          6. Error and Exception Handling
          7. Transitive Access
          8. Server-Side vs. Client-Side Validation
          9. Cross-Site Scripting
          10. Cross-Site Request Forgery
          11. Code Reuse and Third-Party Libraries
          12. Secure Deployment
        3. NoSQL vs. SQL Databases
        4. Application Hardening
          1. Application Configuration Baseline
          2. Application Patch Management
      3. Objective 12.03 Explain the Importance of Data Security
        1. Data Loss Prevention
        2. Data Encryption
          1. Trusted Platform Module
          2. Hardware Security Module
          3. Full Disk Encryption
          4. Database Encryption
          5. Individual File Encryption
          6. Removable Media and Mobile Devices
          7. Data Destruction and Media Sanitization
        3. Cloud Storage
        4. Storage Area Networks
        5. Handling Big Data
        6. CHECKPOINT
        7. REVIEW QUESTIONS
        8. REVIEW ANSWERS
  13. VI Threats and Vulnerabilities
    1. 13 Monitoring for Security Threats
      1. Objective 13.01 Analyze, Interpret, and Troubleshoot Different Types of Mitigation and Deterrent Techniques
        1. Security Posture
        2. Detecting Security-Related Anomalies
          1. System and Performance Monitoring
          2. Protocol Analyzers
          3. Network Monitor
          4. Intrusion Detection and Intrusion Prevention Systems
          5. Bypass of Security Equipment
        3. Monitoring Logs
          1. System Logs
          2. Performance Logs
          3. Access Logs
          4. DNS Logs
          5. Firewall Logs
          6. Antivirus Logs
          7. Security Logging Applications
          8. Reports and Trend Monitoring
          9. Alarms and Notifications
        4. System Auditing
          1. System Baselines
          2. Auditing Event Logs
          3. User Access Rights Review
          4. Reviewing Audit Information
          5. Auditing the Administrators
          6. Storage and Retention Policies
        5. Hardening the System
          1. Disable Unnecessary Services
          2. Protect Management Interfaces and Applications
          3. Utilize Password Protection
          4. Disable Unnecessary Accounts
          5. Improve Baseline Configurations
          6. Ensure Systems Are Up to Date
          7. Implement User Training
        6. Network Security
          1. Limit and Filter MAC Addresses
          2. 802.1X
          3. Disable Unused Interfaces and Ports
          4. Rogue Machine Detection
        7. Mitigating Threats in Alternative Environments
        8. CHECKPOINT
        9. REVIEW QUESTIONS
        10. REVIEW ANSWERS
    2. 14 Vulnerability Assessments
      1. Objective 14.01 Implement Assessment Tools and Techniques to Discover Security Threats and Vulnerabilities
        1. Vulnerability Assessment Tools
          1. Banner Grabbing
          2. Network Mappers
          3. Port Scanners
          4. Vulnerability Scanners
          5. Protocol Analyzers
          6. Password Crackers
          7. Honeypots and Honeynets
          8. Other Command-Line Tools
          9. OVAL
          10. Application Code Assessments
      2. Objective 14.02 Implement Penetration Tests When Appropriate
        1. White, Black, and Gray Box Testing
          1. White Box Testing
          2. Black Box Testing
          3. Gray Box Testing
        2. CHECKPOINT
        3. REVIEW QUESTIONS
        4. REVIEW ANSWERS
  14. VII Appendixes
    1. A Career Flight Path
      1. CompTIA Security+ Exam Format
      2. CompTIA Security+ and Beyond
      3. Getting the Latest Information on the CompTIA Security+ Exam
    2. B About the Download
      1. System Requirements
      2. About Total Tester
        1. Installing and Running Total Tester
      3. Technical Support
  15. Index