Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601), 3rd Edition

Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601), 3rd Edition

by Mike Meyers, Scott Jernigan
Released May 2021
Publisher(s): McGraw-Hill
ISBN: 9781260473704

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

An up-to-date CompTIA Security+ exam guide from training and exam preparation guru Mike Meyers

Take the latest version of the CompTIA Security+ exam (exam SY0-601) with confidence using the comprehensive information contained in this highly effective self-study resource. Like the test, the guide goes beyond knowledge application and is designed to ensure that security personnel anticipate security risks and guard against them.

In Mike Meyers’ CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601), the bestselling author and leading authority on CompTIA A+ certification brings his proven methodology to IT security. Mike covers all exam objectives in small, digestible modules that allow you to focus on individual skills as you move through a broad and complex set of skills and concepts. The book features hundreds of accurate practice questions as well as a toolbox of the author’s favorite network security related freeware/shareware.

  • Provides complete coverage of every objective for exam SY0-601
  • Online content includes 20+ lab simulations, video training, a PDF glossary, and 180 practice questions
  • Written by computer security and certification experts Mike Meyers and Scott Jernigan

Table of contents

  1. Cover
  2. About the Authors
  3. Title Page
  4. Copyright Page
  5. Dedication
  6. Contents at a Glance
  7. Contents
  8. Acknowledgments
  9. Introduction
  10. Chapter 1 Risk Management
    1. Module 1-1: Defining Risk
      1. Asset
      2. Likelihood
      3. Threat Actor
      4. Vulnerability and Threat
      5. Circling Back to the Risk Definition
      6. Vectors
      7. Threat Intelligence
    2. Module 1-2: Risk Management Concepts
      1. Infrastructure
      2. Security Controls
      3. Risk Management Frameworks
    3. Module 1-3: Security Controls
      1. Control Categories
      2. Control Types
    4. Module 1-4: Risk Assessment
      1. Risk Assessment Processes and Concepts
      2. Quantitative Risk Assessment
      3. Qualitative Risk Assessment
      4. Putting It All Together: Risk Analysis
      5. Risk Response
    5. Module 1-5: Business Impact Analysis
      1. BIA Basics
      2. Types of Impact
      3. Locating Critical Resources
      4. Calculating Impact
      5. Calculating Downtime
    6. Module 1-6: Data Security and Data Protection
      1. Organizing Data
      2. Legal and Compliance
      3. Data Destruction
      4. Privacy Breaches
    7. Module 1-7: Personnel Risk and Policies
      1. Hiring
      2. Onboarding
      3. Personnel Management Policies
      4. Training
      5. Policies
      6. User Habits
      7. Offboarding
    8. Module 1-8: Third-Party Risk and Policies
      1. Third-Party Risk Management
      2. Agreement Types
    9. Questions
    10. Answers
  11. Chapter 2 Cryptography
    1. Module 2-1: Cryptography Basics
      1. Essential Building Blocks
      2. Early Cryptography
      3. Cryptography Components
    2. Module 2-2: Cryptographic Methods
      1. Symmetric Cryptography
      2. Asymmetric Cryptography
      3. Hashing
      4. Limitations in Symmetric vs. Asymmetric Cryptography
      5. Hybrid Cryptography
      6. The Perfect Cryptosystem
    3. Module 2-3: Symmetric Cryptosystems
      1. DES
      2. 3DES
      3. AES
      4. Blowfish
      5. Twofish
      6. RC4
      7. Summary of Symmetric Algorithm Characteristics
    4. Module 2-4: Asymmetric Cryptosystems
      1. RSA
      2. Diffie-Hellman
      3. PGP/GPG
      4. ECC
      5. ElGamal
    5. Module 2-5: Hashing Algorithms
      1. Hashing Process
      2. MD5
      3. SHA
      4. RIPEMD
      5. HMAC
    6. Module 2-6: Digital Signatures and Certificates
      1. Digital Signatures
      2. Digital Certificates
    7. Module 2-7: Public Key Infrastructure
      1. Keys, Algorithms, and Standards
      2. PKI Services
      3. Digital Certificates and PKI Structure
      4. Key Safety
      5. Trust Models
    8. Module 2-8: Cryptographic Attacks
      1. Attack Strategies
      2. Attackable Data
      3. Attack Scenarios
      4. Defending Password Storage
      5. Other Attack Options
    9. Module 2-9: Other Cryptosystems
      1. Homomorphic Encryption
      2. Blockchain
      3. Quantum Cryptography
    10. Questions
    11. Answers
  12. Chapter 3 Identity and Account Management
    1. Module 3-1: Understanding Authentication
      1. Identification and AAA
      2. Identification and Authentication
      3. Authorization
      4. Accounting
      5. Trust
    2. Module 3-2: Authentication Methods and Access Controls
      1. Authentication Methods
      2. Biometrics
      3. Authorization and Access Control Schemes/Models
    3. Module 3-3: Account Management
      1. User Accounts
      2. Account Policies
      3. Account Administration
    4. Module 3-4: Point-to-Point Authentication
      1. PAP
      2. CHAP/MS-CHAP
      3. Remote Access Connection and Authentication Services
    5. Module 3-5: Network Authentication
      1. The Challenge of LAN Access Management
      2. Microsoft Networking
      3. LDAP and Secure LDAP
    6. Module 3-6: Identity Management Systems
      1. Trust
      2. Shared Authentication Schemes
    7. Questions
    8. Answers
  13. Chapter 4 Tools of the Trade
    1. Module 4-1: Operating System Utilities
      1. Network Reconnaissance and Discovery
      2. File Manipulation
      3. Shell and Script Environments
    2. Module 4-2: Network Scanners
      1. Scanning Methods
      2. Scanning Targets
      3. Scanner Types
    3. Module 4-3: Protocol Analyzers
      1. Why Protocol Analyze?
      2. Wireshark
      3. tcpdump
    4. Module 4-4: Monitoring Networks
      1. Exploring Log Files
      2. Centralizing Log Files
      3. Security Information and Event Management
      4. Log File Management
    5. Questions
    6. Answers
  14. Chapter 5 Securing Individual Systems
    1. Module 5-1: Types of System Attacks
      1. Attacking Applications
      2. Driver Manipulation
      3. Malicious Code or Script Execution
    2. Module 5-2: Malware
      1. Virus
      2. Cryptomalware/Ransomware
      3. Worm
      4. Trojan Horse
      5. Potentially Unwanted Programs
      6. Bots/Botnets
      7. Logic Bomb
      8. Keylogger
      9. RAT
      10. Rootkit
      11. Backdoor
    3. Module 5-3: Cybersecurity Resilience
      1. Non-persistence
      2. Redundancy
      3. Diversity
    4. Module 5-4: Securing Hardware
      1. Physical Attacks
      2. Securing the Systems
      3. Securing Boot Integrity
    5. Module 5-5: Securing Endpoints
      1. Hardening Operating Systems
      2. Anti-malware
      3. Data Execution Prevention
      4. File Integrity Monitors
      5. Data Loss Prevention
    6. Module 5-6: System Recycling
      1. Clear
      2. Purge
      3. Destroy
    7. Questions
    8. Answers
  15. Chapter 6 The Basic LAN
    1. Module 6-1: Layer 2 LAN Attacks
      1. ARP Poisoning
      2. Man-in-the-Middle Attacks
      3. MAC Flooding
      4. MAC Cloning
    2. Module 6-2: Organizing LANs
      1. Configuration Management
      2. Network Segmentation
      3. Load Balancing
    3. Module 6-3: Implementing Secure Network Designs
      1. Securing the LAN
      2. Internet Connection Firewalls
      3. Securing Servers
    4. Module 6-4: Virtual Private Networks
      1. How VPNs Work
      2. Early VPNs
      3. IPsec VPNs
      4. TLS VPNs
    5. Module 6-5: Network-Based Intrusion Detection/Prevention
      1. Detection vs. Prevention
      2. Detecting Attacks
      3. Configuring Network-Based IDS/IPS
      4. Monitoring NIDS/NIPS
      5. Endpoint Detection and Response
    6. Questions
    7. Answers
  16. Chapter 7 Securing Wireless LANs
    1. Module 7-1: Networking with 802.11
      1. Wireless Cryptographic Protocols
      2. Wireless Authentication Protocols
    2. Module 7-2: Attacking 802.11
      1. Wireless Survey/Stumbler
      2. Packet Capture
      3. Attack Tools
      4. Rogue Access Point
      5. Jamming
      6. Packet Sniffing
      7. Deauthentication Attack
      8. Near-Field Communication
      9. Replay Attacks
      10. WEP/WPA Attacks
      11. WPS Attacks
      12. Wireless Peripherals
    3. Module 7-3: Securing 802.11
      1. Installation Considerations
      2. Wireless Configuration
      3. Security Posture Assessment
    4. Questions
    5. Answers
  17. Chapter 8 Securing Public Servers
    1. Module 8-1: Attacking and Defending Public Servers
      1. Distributed Denial-of-Service
      2. Route Security
      3. Quality of Service
      4. Monitoring Services
    2. Module 8-2: Virtualization Security
      1. Virtualization Architecture
      2. Containers
      3. Virtualization Risks
      4. Using Virtualization for Security
    3. Module 8-3: Cloud Deployment
      1. Let’s Talk Amazon
      2. Cloud Deployment Models
      3. Cloud Architecture Models
      4. Cloud Growing Pains
    4. Module 8-4: Securing the Cloud
      1. Cloud Security Controls
      2. Unique Cloud Security Solutions
    5. Questions
    6. Answers
  18. Chapter 9 Securing Dedicated Systems
    1. Module 9-1: Embedded, Specialized, and Mobile Systems
      1. Embedded Systems
      2. SCADA/ICS
      3. Internet of Things
      4. Specialized Systems
      5. Mobile Systems
    2. Module 9-2: Connecting to Dedicated Systems
      1. Common Communication Technologies
      2. IoT-Specific Communication Technologies
    3. Module 9-3: Security Constraints for Dedicated Systems
      1. Hardware
      2. Programming
      3. Connectivity
    4. Module 9-4: Implementing Secure Mobile Solutions
      1. Mobile Device Management
      2. Deployment Models
      3. Inventory Control and Asset Tracking
      4. Application Management and Security
      5. Encryption and Authentication
      6. Enforcement and Monitoring for Device Security
    5. Questions
    6. Answers
  19. Chapter 10 Physical Security
    1. Module 10-1: Physical Security Controls
      1. Passive Defensive Systems and Perimeter Controls
      2. Active Alert Systems
      3. Manned Defensive Systems
    2. Module 10-2: Environmental Controls
      1. EMI and RFI Shielding
      2. Fire Suppression
      3. HVAC
      4. Temperature and Humidity Controls
      5. Hot and Cold Aisles
      6. Environmental Monitoring
    3. Questions
    4. Answers
  20. Chapter 11 Secure Protocols and Applications
    1. Module 11-1: Secure Internet Protocols
      1. DNS Security
      2. SNMP
      3. SSH
      4. FTP
      5. SRTP
    2. Module 11-2: Secure Web and E-mail
      1. HTTP
      2. HTTPS
      3. E-mail
    3. Module 11-3: Web Application Attacks
      1. Injection Attacks
      2. Hijacking and Related Attacks
      3. Other Web Application Attacks
    4. Module 11-4: Application Security
      1. Development
      2. Code Quality and Testing
      3. Staging
      4. Production
      5. Quality Assurance
      6. Getting Organized
    5. Module 11-5: Certificates in Security
      1. Certificate Concepts and Components
      2. PKI Concepts
      3. Online vs. Offline CA
      4. PKI TLS Scenario
      5. Types of Certificates
      6. Certificate Formats
      7. Key Escrow
    6. Questions
    7. Answers
  21. Chapter 12 Testing Infrastructure
    1. Module 12-1: Vulnerability Impact
      1. Device/Hardware Vulnerabilities
      2. Configuration Vulnerabilities
      3. Management/Design Vulnerabilities
    2. Module 12-2: Social Engineering
      1. Social Engineering Goals
      2. Principles
      3. Types of Attacks
    3. Module 12-3: Artificial Intelligence
      1. Understanding Artificial Intelligence
      2. Machine Learning Essentials
      3. OSINT
      4. Adversarial Artificial Intelligence
    4. Module 12-4: Security Assessment
      1. Threat Hunting
      2. Vulnerability Scans
      3. Penetration Testing
    5. Module 12-5: Assessment Tools
      1. Protocol Analyzer
      2. Network Scanner
      3. Vulnerability Scanner
      4. Configuration Compliance Scanner
      5. Penetration Testing with Metasploit
      6. Specific Tools Mentioned by CompTIA
      7. Interpreting Security Assessment Tool Results
    6. Questions
    7. Answers
  22. Chapter 13 Dealing with Incidents
    1. Module 13-1: Incident Response
      1. Incident Response Concepts
      2. Incident Response Procedures
      3. Scenarios: Mitigation During and After an Incident
    2. Module 13-2: Digital Forensics
      1. Digital Forensics Concepts
      2. Data Volatility
      3. Critical Forensics Practices
      4. Data Acquisition
      5. Analyzing Evidence
    3. Module 13-3: Continuity of Operations and Disaster Recovery
      1. Risk Management Best Practices
      2. Contingency Planning and Resilience
      3. Functional Recovery Plans
      4. Backup and Restore Plans and Policies
    4. Questions
    5. Answers
  23. Appendix A Exam Objective Map
    1. Exam SY0-601
  24. Appendix B About the Online Content
    1. System Requirements
    2. Your Total Seminars Training Hub Account
      1. Privacy Notice
    3. Single User License Terms and Conditions
    4. TotalTester Online
    5. Other Book Resources
      1. Video Training from Mike Meyers
      2. TotalSim Simulations
      3. Mike’s Cool Tools
    6. Technical Support
  25. Glossary
  26. Index

Product information

  • Title: Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601), 3rd Edition
  • Author(s): Mike Meyers, Scott Jernigan
  • Release date: May 2021
  • Publisher(s): McGraw-Hill
  • ISBN: 9781260473704