CompTIA Security+ Review Guide

Exam SY0-501
Sofort lieferbar | Lieferzeit:3-5 Tage I
James Michael Stewart
880 g
236x187x43 mm

Introduction xxviiChapter 1 Threats, Attacks, and Vulnerabilities 11.1 Given a scenario, analyze indicators of compromise and determine the type of malware. 6Viruses 6Crypto-malware 7Ransomware 8Worm 8Trojan 8Rootkit 9Keylogger 10Adware 10Spyware 10Bots 11RAT 12Logic bomb 12Backdoor 13Exam Essentials 141.2 Compare and contrast types of attacks. 15Social engineering 15Application/service attacks 21Wireless attacks 45Cryptographic attacks 54Exam Essentials 631.3 Explain threat actor types and attributes. 69Types of actors 69Attributes of actors 72Use of open-source intelligence 73Exam Essentials 731.4 Explain penetration testing concepts. 74Active reconnaissance 75Passive reconnaissance 75Pivot 76Initial exploitation 76Persistence 77Escalation of privilege 77Black box 77White box 77Gray box 78Pen testing vs. vulnerability scanning 78Exam Essentials 811.5 Explain vulnerability scanning concepts. 82Passively test security controls 84Identify vulnerability 84Identify lack of security controls 84Identify common misconfigurations 85Intrusive vs. non-intrusive 85Credentialed vs. non-credentialed 85False positive 85Exam Essentials 861.6 Explain the impact associated with types of vulnerabilities. 87Race conditions 87Vulnerabilities due to: 88Improper input handling 89Improper error handling 89Misconfiguration/weak configuration 90Default configuration 90Resource exhaustion 91Untrained users 91Improperly configured accounts 91Vulnerable business processes 91Weak cipher suites and implementations 91Memory/buffer vulnerability 92System sprawl/undocumented assets 93Architecture/design weaknesses 94New threats/zero day 94Improper certificate and key management 95Exam Essentials 95Review Questions 98Chapter 2 Technologies and Tools 1032.1 Install and configure network components, both hardware- and software-based, to support organizational security. 110Firewall 110VPN concentrator 114NIPS/NIDS 118Router 125Switch 127Proxy 130Load balancer 131Access point 133SIEM 139DLP 142NAC 143Mail gateway 144Bridge 147SSL/TLS accelerators 147SSL decryptors 147Media gateway 147Hardware security module 148Exam Essentials 1482.2 Given a scenario, use appropriate software tools to assess the security posture of an organization. 152Protocol analyzer 152Network scanners 154Wireless scanners/cracker 155Password cracker 155Vulnerability scanner 156Configuration compliance scanner 157Exploitation frameworks 157Data sanitization tools 158Steganography tools 158Honeypot 158Backup utilities 159Banner grabbing 159Passive vs. active 160Command line tools 161Exam Essentials 1692.3 Given a scenario, troubleshoot common security issues. 170Unencrypted credentials/clear text 170Logs and events anomalies 171Permission issues 172Access violations 172Certificate issues 173Data exfiltration 173Misconfigured devices 174Weak security configurations 175Personnel issues 176Unauthorized software 177Baseline deviation 178xviii ContentsLicense compliance violation (availability/integrity) 178Asset management 178Authentication issues 179Exam Essentials 1792.4 Given a scenario, analyze and interpret output from security technologies. 180HIDS/HIPS 180Antivirus 181File integrity check 182Host-based firewall 183Application whitelisting 183Removable media control 184Advanced malware tools 185Patch management tools 186UTM 187DLP 187Data execution prevention 188Web application firewall 188Exam Essentials 1892.5 Given a scenario, deploy mobile devices securely. 190Connection methods 190Mobile device management concepts 193Enforcement and monitoring for: 201Deployment models 207Exam Essentials 2102.6 Given a scenario, implement secure protocols. 213Protocols 213Use cases 224Exam Essentials 231Review Questions 233Chapter 3 Architecture and Design 2373.1 Explain use cases and purpose for frameworks,best practices and secure configuration guides. 244Industry-standard frameworks and referencearchitectures 244Benchmarks/secure configuration guides 246Defense-in-depth/layered security 248Exam Essentials 2493.2 Given a scenario, implement secure networkarchitecture concepts. 249Zones/topologies 250Segregation/segmentation/isolation 255Tunneling/VPN 258Security device/technology placement 261SDN 265Exam Essentials 2663.3 Given a scenario, implement secure systems design. 268Hardware/firmware security 268Operating systems 272Peripherals 280Exam Essentials 2823.4 Explain the importance of secure stagingdeployment concepts. 284Sandboxing 284Environment 284Secure baseline 285Integrity measurement 288Exam Essentials 2883.5 Explain the security implications of embedded systems. 288SCADA/ICS 289Smart devices/IoT 290HVAC 293SoC 293RTOS 294Printers/MFDs 294Camera systems 294Special purpose 295Exam Essentials 2963.6 Summarize secure application development anddeployment concepts. 297Development life-cycle models 297Secure DevOps 300Version control and change management 302Provisioning and deprovisioning 303Secure coding techniques 303Code quality and testing 306Compiled vs. runtime code 308Exam Essentials 3093.7 Summarize cloud and virtualization concepts. 311Hypervisor 312VM sprawl avoidance 314VM escape protection 314Cloud storage 315Cloud deployment models 315On-premise vs. hosted vs. cloud 317VDI/VDE 317Cloud access security broker 317Security as a Service 317Exam Essentials 3183.8 Explain how resiliency and automation strategies reduce risk. 319Automation/scripting 319Templates 320Master image 320Non-persistence 320Elasticity 322Scalability 322Distributive allocation 322Redundancy 322Fault tolerance 323High availability 324RAID 326Exam Essentials 3263.9 Explain the importance of physical security controls. 328Lighting 329Signs 329Fencing/gate/cage 330Security guards 330Alarms 331Safe 333Secure cabinets/enclosures 333Protected distribution/Protected cabling 333Airgap 333Mantrap 333Faraday cage 334Lock types 335Biometrics 335Barricades/bollards 336Tokens/cards 336Environmental controls 336Cable locks 338Screen filters 338Cameras 339Contents xxiMotion detection 340Logs 340Infrared detection 340Key management 340Exam Essentials 341Review Questions 343Chapter 4 Identity and Access Management 3474.1 Compare and contrast identity and accessmanagement concepts. 350Identification, authentication, authorization and accounting (AAA) 350Multifactor authentication 352Federation 353Single sign-on 353Transitive trust 354Exam Essentials 3544.2 Given a scenario, install and configure identity and access services. 355LDAP 355Kerberos 355TACACS+ 357CHAP 358PAP 359MSCHAP 359RADIUS 360SAML 361OpenID Connect 362OAuth 362Shibboleth 362Secure token 362NTLM 363Exam Essentials 3644.3 Given a scenario, implement identity and access management controls. 365Access control models 365Physical access control 369Biometric factors 369Tokens 372Certificate-based authentication 374File system security 376Database security 376Exam Essentials 3804.4 Given a scenario, differentiate common account management practices. 382Account types 382General Concepts 384Account policy enforcement 387Exam Essentials 393Review Questions 395Chapter 5 Risk Management 3995.1 Explain the importance of policies, plans and procedures related to organizational security. 405Standard operating procedure 405Agreement types 405Personnel management 407General security policies 416Exam Essentials 4185.2 Summarize business impact analysis concepts. 420RTO/RPO 420MTBF 421MTTR 421Mission-essential functions 421Identification of critical systems 422Single point of failure 422Impact 422Privacy impact assessment 423Privacy threshold assessment 423Exam Essentials 4245.3 Explain risk management processes and concepts. 425Threat assessment 425Risk assessment 426Change management 434Exam Essentials 4345.4 Given a scenario, follow incident response procedures. 436Incident response plan 436Incident response process 438Exam Essentials 4415.5 Summarize basic concepts of forensics. 442Order of volatility 443Chain of custody 443Legal hold 444Data acquisition 444Contents xxiiiPreservation 447Recovery 447Strategic intelligence/counterintelligence gathering 447Track man-hours 448Exam Essentials 4485.6 Explain disaster recovery and continuity ofoperation concepts. 449Recovery sites 453Order of restoration 454Backup concepts 455Geographic considerations 456Continuity of operation planning 458Exam Essentials 4605.7 Compare and contrast various types of controls. 461Deterrent 461Preventive 462Detective 462Corrective 462Compensating 463Technical 463Administrative 463Physical 463Exam Essentials 4635.8 Given a scenario, carry out data security and privacy practices. 464Data destruction and media sanitization 464Data sensitivity labeling and handling 467Data roles 473Data retention 474Legal and compliance 474Exam Essentials 475Review Questions 476Chapter 6 Cryptography and PKI 4816.1 Compare and contrast basic concepts of cryptography. 486Symmetric algorithms 487Modes of operation 489Asymmetric algorithms 490Hashing 493Salt, IV, nonce 496Elliptic curve 496Weak/deprecated algorithms 497Key exchange 497Digital signatures 497Diffusion 499Confusion 499Collision 499Steganography 499Obfuscation 500Stream vs. block 500Key strength 501Session keys 501Ephemeral key 502Secret algorithm 502Data-in-transit 502Data-at-rest 502Data-in-use 503Random/pseudo-random number generation 503Key stretching 504Implementation vs. algorithm selection 504Perfect forward secrecy 505Security through obscurity 505Common use cases 505Exam Essentials 5096.2 Explain cryptography algorithms and their basic characteristics. 512Symmetric algorithms 513Cipher modes 515Asymmetric algorithms 516Hashing algorithms 519Key stretching algorithms 521Obfuscation 522Exam Essentials 5256.3 Given a scenario, install and configure wireless security settings. 527Cryptographic protocols 527Authentication protocols 529Methods 530Exam Essentials 5316.4 Given a scenario, implement public key infrastructure. 532Components 532Concepts 539Types of certificates 547Certificate formats 548Exam Essentials 549Review Questions 554Appendix Answers to Review Questions 559Chapter 1: Threats, Attacks, and Vulnerabilities 560Chapter 2: Technologies and Tools 561Chapter 3: Architecture and Design 564Chapter 4: Identity and Access Management 566Chapter 5: Risk Management 568Chapter 6: Cryptography and PKI 571Index 575
Consolidate your knowledge base with critical Security+ reviewCompTIA Security+ Review Guide, Fourth Edition, is the smart candidate's secret weapon for passing Exam SY0-501 with flying colors. You've worked through your study guide, but are you sure you're prepared? This book provides tight, concise reviews of all essential topics throughout each of the exam's six domains to help you reinforce what you know. Take the pre-assessment test to identify your weak areas while there is still time to review, and use your remaining prep time to turn weaknesses into strengths. The Sybex online learning environment gives you access to portable study aids, including electronic flashcards and a glossary of key terms, so you can review on the go. Hundreds of practice questions allow you to gauge your readiness, and give you a preview of the big day.Avoid exam-day surprises by reviewing with the makers of the test--this review guide is fully approved and endorsed by CompTIA, so you can be sure that it accurately reflects the latest version of the exam. The perfect companion to the CompTIA Security+ Study Guide, Seventh Edition, this review guide can be used with any study guide to help you:* Review the critical points of each exam topic area
* Ensure your understanding of how concepts translate into tasks
* Brush up on essential terminology, processes, and skills
* Test your readiness with hundreds of practice questionsYou've put in the time, gained hands-on experience, and now it's time to prove what you know. The CompTIA Security+ certification tells employers that you're the person they need to keep their data secure; with threats becoming more and more sophisticated, the demand for your skills will only continue to grow. Don't leave anything to chance on exam day--be absolutely sure you're prepared with the CompTIA Security+ Review Guide, Fourth Edition.