Omar Santos,
Ron Taylor,
Joseph Mlodzianowski
CompTIA Security+ SY0-601 Cert Guide
E-book Engels 2021 9780136770251
Verwachte levertijd ongeveer 9 werkdagen
Samenvatting
Learn, prepare, and practice for CompTIA Security+ SY0-601 exam success with this CompTIA Security+ SY0-601 Cert Guide from Pearson IT Certification, a leader in IT certification learning.
CompTIA Security+ SY0-601 Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. “Do I Know This Already?” quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.
CompTIA Security+ SY0-601 Cert Guide focuses specifically on the objectives for the CompTIA Security+ SY0-601 exam. Leading security experts Omar Santos, Ron Taylor, and Joseph Mlodzianowski share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.
This complete study package includes
* A test-preparation routine proven to help you pass the exams
* Do I Know This Already? quizzes, which allow you to decide how much time you need to spend on each section
* Chapter-ending exercises, which help you drill on key concepts you must know thoroughly
* An online interactive Flash Cards application to help you drill on Key Terms by chapter
* A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies
* Study plan suggestions and templates to help you organize and optimize your study time
Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that ensure your exam success.
This study guide helps you master all the topics on the CompTIA Security+ SY0-601 exam, including
* Cyber attacks, threats, and vulnerabilities
* Social engineering, wireless attacks, denial of service attacks
* Threat hunting and incident response
* Indicators of compromise and threat intelligence
* Cloud security concepts and cryptography
* Security assessments and penetration testing concepts
* Governance, risk management, and cyber resilience
* Authentication, Authorization, and Accounting (AAA)
* IoT and Industrial Control Systems (ICS) security
* Physical and administrative security controls
Specificaties
Lezersrecensies
Wees de eerste die een lezersrecensie schrijft!
Inhoudsopgave
Introduction xliv <br> Part I: Threats, Attacks, and Vulnerabilities <br> Chapter 1 Comparing and Contrasting Different Types of Social Engineering Techniques 3 <br>“Do I Know This Already?” Quiz 3 <br>Foundation Topics 7 <br>Social Engineering Fundamentals 7 <br> Phishing and Spear Phishing 9 <br> Smishing 12 <br> Vishing 12 <br> Spam and Spam over Internet Messaging (SPIM) 13 <br> Dumpster Diving 13 <br> Shoulder Surfing 14 <br> Pharming 14 <br> Piggybacking or Tailgating 15 <br> Eliciting Information 15 <br> Whaling 16 <br> Prepending 17 <br> Identity Fraud 17 <br> Invoice Scams 17 <br> Credential Harvesting 18 <br> Reconnaissance 18 <br> Hoaxes 19 <br> Impersonation or Pretexting 19 <br> Eavesdropping 19 <br> Baiting 20 <br> Watering Hole Attack 20 <br> Typo Squatting 20 <br> Influence Campaigns, Principles of Social Engineering, and Reasons for Effectiveness 21 <br>User Security Awareness Education 22 <br>Chapter Review Activities 24 <br> Chapter 2 Analyzing Potential Indicators to Determine the Type of Attack 29 <br>“Do I Know This Already?” Quiz 29 <br>Foundation Topics 33 <br>Malicious Software (Malware) 33 <br> Ransomware and Cryptomalware 33 <br> Trojans 35 <br> Remote Access Trojans (RATs) and Rootkits 35 <br> Worms 36 <br> Fileless Virus 37 <br> Command and Control, Bots, and Botnets 37 <br> Logic Bombs 39 <br> Potentially Unwanted Programs (PUPs) and Spyware 40 <br> Keyloggers 42 <br> Backdoors 43 <br> Malware Delivery Mechanisms 43 <br> You Can’t Save Every Computer from Malware! 45 <br>Password Attacks 45 <br> Dictionary-based and Brute-force Attacks 45 <br> Password Spraying 46 <br> Offline and Online Password Cracking 46 <br> Rainbow Tables 47 <br> Plaintext/Unencrypted 47 <br>Physical Attacks 48 <br> Malicious Flash Drives 48 <br> Malicious Universal Serial Bus (USB) Cables 48 <br> Card Cloning Attacks 48 <br> Skimming 49 <br>Adversarial Artificial Intelligence 50 <br> Tainted Training Data for Machine Learning 50 <br> Security of Machine Learning Algorithms 50 <br>Supply-Chain Attacks 51 <br>Cloud-based vs. On-premises Attacks 52 <br> Cloud Security Threats 52 <br> Cloud Computing Attacks 54 <br>Cryptographic Attacks 55 <br> Collision 55 <br> Birthday 56 <br> Downgrade 56 <br>Chapter Review Activities 57 <br> Chapter 3 Analyzing Potential Indicators Associated with Application Attacks 61 <br>“Do I Know This Already?” Quiz 61 <br>Foundation Topics 67 <br>Privilege Escalation 67 <br>Cross-Site Scripting (XSS) Attacks 68 <br>Injection Attacks 70 <br> Structured Query Language (SQL) Injection Attacks 70 <br> SQL Injection Categories 73 <br> Dynamic Link Library (DLL) Injection Attacks 74 <br> Lightweight Directory Access Protocol (LDAP) Injection Attacks 74 <br> Extensible Markup Language (XML) Injection Attacks 74 <br>Pointer/Object Dereference 75 <br>Directory Traversal 76 <br>Buffer Overflows 77 <br> Arbitrary Code Execution/Remote Code Execution 78 <br>Race Conditions 79 <br>Error Handling 79 <br>Improper Input Handling 80 <br> Compile-Time Errors vs. Runtime Errors 81 <br>Replay Attacks 82 <br>Request Forgeries 85 <br>Application Programming Interface (API) Attacks 86 <br>Resource Exhaustion 87 <br>Memory Leaks 88 <br>Secure Socket Layer (SSL) Stripping 88 <br>Driver Manipulation 89 <br>Pass the Hash 89 <br>Chapter Review Activities 90 <br> Chapter 4 Analyzing Potential Indicators Associated with Network Attacks 95 <br>“Do I Know This Already?” Quiz 95 <br>Foundation Topics 98 <br>Wireless Attacks 98 <br> Evil Twin Attacks 98 <br> Rogue Access Points 99 <br> Bluesnarfing Attacks 99 <br> Bluejacking Attacks 100 <br> Disassociation and Deauthentication Attacks 101 <br> Jamming Attacks 102 <br> Radio Frequency Identifier (RFID) Attacks 102 <br> Near-Field Communication (NFC) Attacks 102 <br> Initialization Vector (IV) Attacks 103 <br>On-Path Attacks 103 <br>Layer 2 Attacks 105 <br> Address Resolution Protocol (ARP) Poisoning Attacks 105 <br> Media Access Control (MAC) Flooding Attacks 106 <br> MAC Cloning Attacks 106 <br> Best Practices to Protect Against Layer 2 Attacks 106 <br>Domain Name System (DNS) Attacks 107 <br> Domain Hijacking Attacks 108 <br> DNS Poisoning Attacks 108 <br> Uniform Resource Locator (URL) Redirection Attacks 110 <br> Domain Reputation 110 <br>Distributed Denial-of-Service (DDoS) Attacks 111 <br>Malicious Code or Script Execution Attacks 113 <br>Chapter Review Activities 114 <br> Chapter 5 Understanding Different Threat Actors, Vectors, and Intelligence Sources 117 <br>“Do I Know This Already?” Quiz 117 <br>Foundation Topics 120 <br>Actors and Threats 120 <br>Attributes of Threat Actors 122 <br>Attack Vectors 122 <br>Threat Intelligence and Threat Intelligence Sources 123 <br> Structured Threat Information eXpression (STIX) and the Trusted Automated eXchange of Indicator Information (TAXII) 125 <br>Research Sources 127 <br> The MITRE ATT&CK Framework 128 <br>Chapter Review Activities 129 <br> Chapter 6 Understanding the Security Concerns Associated with Various Types of Vulnerabilities 133 <br>“Do I Know This Already?” Quiz 133 <br>Foundation Topics 137 <br>Cloud-based vs. On-premises Vulnerabilities 137 <br> Other “Cloud”-based Concerns 143 <br> Server Defense 144 <br>Zero-day Vulnerabilities 149 <br>Weak Configurations 150 <br>Third-party Risks 155 <br>Improper or Weak Patch Management 160 <br> Patches and Hotfixes 161 <br> Patch Management 163 <br>Legacy Platforms 165 <br>The Impact of Cybersecurity Attacks and Breaches 165 <br>Chapter Review Activities 166 <br> Chapter 7 Summarizing the Techniques Used in Security Assessments 171 <br>“Do I Know This Already?” Quiz 171 <br>Foundation Topics 175 <br>Threat Hunting 175 <br> Security Advisories and Bulletins 177 <br>Vulnerability Scans 180 <br> Credentialed vs. Noncredentialed 182 <br> Intrusive vs. Nonintrusive 182 <br> Common Vulnerability Scoring System (CVSS) 182 <br>Logs and Security Information and Event Management (SIEM) 186 <br>Security Orchestration, Automation, and Response (SOAR) 188 <br>Chapter Review Activities 189 <br> Chapter 8 Understanding the Techniques Used in Penetration Testing 193 <br>“Do I Know This Already?” Quiz 193 <br>Foundation Topics 197 <br>Penetration Testing 197 <br> Bug Bounties vs. Penetration Testing 202 <br>Passive and Active Reconnaissance 203 <br>Exercise Types 205 <br>Chapter Review Activities 206 <br> Part II: Architecture and Design<br>Chapter 9 Understanding the Importance of Security Concepts in an Enterprise Environment 209 <br>“Do I Know This Already?” Quiz 209 <br>Foundation Topics 213 <br>Configuration Management 213 <br>Data Sovereignty and Data Protection 214 <br> Secure Sockets Layer (SSL)/Transport Layer Security (TLS) Inspection 215 <br> API Considerations 216 <br> Data Masking and Obfuscation 216 <br> Encryption at Rest, in Transit/Motion, and in Processing 218 <br> Hashing 218 <br> Rights Management 219 <br> Geographical Considerations 220 <br> Data Breach Response and Recovery Controls 220 <br>Site Resiliency 221 <br>Deception and Disruption 222 <br> Fake Telemetry 223 <br> DNS Sinkhole 223 <br>Chapter Review Activities 224 <br> Chapter 10 Summarizing Virtualization and Cloud Computing Concepts 227 <br>“Do I Know This Already?” Quiz 227 <br>Foundation Topics 231 <br>Cloud Models 231 <br> Public, Private, Hybrid, and Community Clouds 232 <br>Cloud Service Providers 233 <br>Cloud Architecture Components 234 <br> Fog and Edge Computing 234 <br> Thin Clients 235 <br> Containers 236 <br> Microservices and APIs 240 <br> Infrastructure as Code 241 <br> Serverless Architecture 243 <br> Services Integration 246 <br> Resource Policies 246 <br> Transit Gateway 246 <br>Virtual Machine (VM) Sprawl Avoidance and VM Escape Protection 247 <br> Understanding and Avoiding VM Sprawl 247 <br> Protecting Against VM Escape Attacks 248 <br>Chapter Review Activities 250 <br> Chapter 11 Summarizing Secure Application Development, Deployment, and Automation Concepts 253 <br>“Do I Know This Already?” Quiz 253 <br>Foundation Topics 257 <br>Software Development Environments and Methodologies 257 <br>Application Provisioning and Deprovisioning 260 <br>Software Integrity Measurement 261 <br>Secure Coding Techniques 261 <br> Core SDLC and DevOps Principles 263 <br> Programming Testing Methods 266 <br> Programming Vulnerabilities and Attacks 270 <br>Open Web Application Security Project (OWASP) 276 <br>Software Diversity 278 <br>Automation/Scripting 278 <br>Elasticity and Scalability 279 <br>Chapter Review Activities 280 <br> Chapter 12 Summarizing Authentication and Authorization Design Concepts 285 <br>“Do I Know This Already?” Quiz 285 <br>Foundation Topics 289 <br>Authentication Methods 289 <br> Directory Services 291 <br> Federations 292 <br> Attestation 294 <br> Authentication Methods and Technologies 295 <br>Biometrics 300 <br> Fingerprints 300 <br> Retina 301 <br> Iris 301 <br> Facial 301 <br> Voice 302 <br> Vein 302 <br> Gait Analysis 302 <br> Efficacy Rates 302 <br> False Acceptance 303 <br> False Rejection 303 <br> Crossover Error Rate 304 <br>Multifactor Authentication (MFA) Factors and Attributes 304 <br>Authentication, Authorization, and Accounting (AAA) 306 <br>Cloud vs. On-premises Requirements 306 <br>Chapter Review Activities 308 <br> Chapter 13 Implementing Cybersecurity Resilience 311 <br>“Do I Know This Already?” Quiz 311 <br>Foundation Topics 315 <br>Redundancy 315 <br> Geographic Dispersal 315 <br> Disk Redundancy 315 <br> Network Resilience 319 <br> Power Resilience 320 <br>Replication 323 <br> Storage Area Network 323 <br> Virtual Machines 324 <br>On-premises vs. Cloud 325 <br>Backup Types 326 <br> Full Backup 328 <br> Differential Backup 328 <br> Incremental Backup 328 <br>Non-persistence 328 <br>High Availability 329 <br>Restoration Order 330 <br>Diversity 331 <br> Technologies 331 <br> Vendors 331 <br> Crypto 331 <br> Controls 332 <br>Chapter Review Activities 332 <br> Chapter 14 Understanding the Security Implications of Embedded and Specialized Systems 335 <br>“Do I Know This Already?” Quiz 335 <br>Foundation Topics 339 <br>Embedded Systems 339 <br>Supervisory Control and Data Acquisition (SCADA)/Industrial Control Systems (ICS) 341 <br>Internet of Things (IoT) 344 <br>Specialized Systems 346 <br> Medical Systems 347 <br> Vehicles 347 <br> Aircraft 348 <br> Smart Meters 350 <br>Voice over IP (VoIP) 351 <br>Heating, Ventilation, and Air Conditioning (HVAC) 352 <br>Drones 353 <br>Multifunction Printers (MFP) 354 <br>Real-Time Operating Systems (RTOS) 355 <br>Surveillance Systems 355 <br>System on a Chip (SoC) 356 <br>Communication Considerations 357 <br> 5G 357 <br> NarrowBand 358 <br> Baseband Radio 359 <br> Subscriber Identity Module (SIM) Cards 360 <br> Zigbee 360 <br>Embedded System Constraints 361 <br> Power 361 <br> Compute 361 <br> Network 362 <br> Crypto 362 <br> Inability to Patch 362 <br> Authentication 363 <br> Range 363 <br> Cost 363 <br> Implied Trust 363 <br>Chapter Review Activities 364 <br> Chapter 15 Understanding the Importance of Physical Security Controls 367 <br>“Do I Know This Already?” Quiz 367 <br>Foundation Topics 370 <br>Bollards/Barricades 370 <br>Access Control Vestibules 372 <br>Badges 373 <br>Alarms 374 <br>Signage 374 <br>Cameras 375 <br>Closed-Circuit Television (CCTV) 376 <br>Industrial Camouflage 377 <br>Personnel 377 <br>Locks 378 <br>USB Data Blockers 379 <br>Lighting 380 <br>Fencing 380 <br>Fire Suppression 381 <br>Sensors 381 <br>Drones 382 <br>Visitor Logs 383 <br>Faraday Cages 383 <br>Air Gap 384 <br>Screened Subnet (Previously Known as Demilitarized Zone [DMZ]) 384 <br>Protected Cable Distribution 385 <br>Secure Areas 385 <br>Secure Data Destruction 386 <br>Chapter Review Activities 387 <br> Chapter 16 Summarizing the Basics of Cryptographic Concepts 391 <br>“Do I Know This Already?” Quiz 391 <br>Foundation Topics 395 <br>Digital Signatures 395 <br>Key Length 396 <br>Key Stretching 397 <br>Salting 397 <br>Hashing 398 <br>Key Exchange 399 <br>Elliptic-Curve Cryptography 399 <br>Perfect Forward Secrecy 400 <br>Quantum 401 <br> Communications 401 <br> Computing 402 <br>Post-Quantum 402 <br>Ephemeral 403 <br>Modes of Operation 403 <br> Electronic Code Book Mode 404 <br> Cipher Block Chaining Mode 405 <br> Cipher Feedback Mode 406 <br> Output Feedback Mode 407 <br> Counter Mode 408 <br>Blockchain 409 <br>Cipher Suites 410 <br>Symmetric vs. Asymmetric Encryption 411 <br>Lightweight Cryptography 414 <br>Steganography 415 <br> Audio Steganography 415 <br> Video Steganography 416 <br> Image Steganography 416 <br>Homomorphic Encryption 417 <br>Common Use Cases 417 <br>Limitations 418 <br>Chapter Review Activities 420 <br> Part III: Implementation <br> Chapter 17 Implementing Secure Protocols 423 <br>“Do I Know This Already?” Quiz 423 <br>Foundation Topics 426 <br>Protocols 426 <br> Domain Name System Security Extensions 426 <br> SSH 427 <br> Secure/Multipurpose Internet Mail Extensions 428 <br> Secure Real-Time Transport Protocol 430 <br> Lightweight Directory Access Protocol over SSL 432 <br> File Transfer Protocol, Secure 432 <br> Secure (or SSH) File Transfer Protocol 434 <br> Simple Network Management Protocol Version 3 434 <br> Hypertext Transfer Protocol over SSL/TLS 436 <br> IPsec 437 <br> Post Office Protocol/Internet Message Access Protocol 438 <br>Use Cases 439 <br> Voice and Video 440 <br> Time Synchronization 440 <br> Email and Web 441 <br> File Transfer 441 <br> Directory Services 442 <br> Remote Access 442 <br> Domain Name Resolution 442 <br> Routing and Switching 443 <br> Network Address Allocation 443 <br> Subscription Services 444 <br>Chapter Review Activities 444 <br> Chapter 18 Implementing Host or Application Security Solutions 447 <br>“Do I Know This Already?” Quiz 447 <br>Foundation Topics 451 <br>Endpoint Protection 451 <br> Antivirus 451 <br>Antimalware 452 <br> Endpoint Detection and Response 452 <br> Data Loss Prevention 453 <br>Next-Generation Firewall 453 <br>Host-based Intrusion Prevention System 454 <br>Host-based Intrusion Detection System 456 <br>Host-based Firewall 457 <br>Boot Integrity 458 <br> Boot Security/Unified Extensible Firmware Interface 459 <br> Measured Boot 459 <br> Boot Attestation 460 <br>Database 461 <br> Tokenization 461 <br> Salting 462 <br> Hashing 463 <br>Application Security 463 <br> Input Validations 464 <br> Secure Cookies 465 <br> Hypertext Transfer Protocol Headers 465 <br> Code Signing 466 <br> Allow List 467 <br> Block List/Deny List 467 <br> Secure Coding Practices 468 <br> Static Code Analysis 468 <br> Manual Code Review 470 <br> Dynamic Code Analysis 470 <br> Fuzzing 471 <br>Hardening 471 <br> Open Ports and Services 471 <br> Registry 472 <br> Disk Encryption 473 <br> Operating System 473 <br> Patch Management 474 <br>Self-Encrypting Drive/Full-Disk Encryption 475 <br> OPAL 476 <br>Hardware Root of Trust 476 <br>Trusted Platform Module 477 <br>Sandboxing 478 <br>Chapter Review Activities 479 <br> Chapter 19 Implementing Secure Network Designs 483 <br>“Do I Know This Already?” Quiz 483 <br>Foundation Topics 488 <br>Load Balancing 488 <br> Active/Active 488 <br> Active/Passive 488 <br> Scheduling 488 <br> Virtual IP 488 <br> Persistence 489 <br>Network Segmentation 489 <br> Application-Based Segmentation and Microsegmentation 489 <br> Virtual Local Area Network 490 <br> Screened Subnet 491 <br> East-West Traffic 492 <br> Intranets and Extranets 492 <br> Zero Trust 494 <br>Virtual Private Network 494 <br> Remote Access vs. Site-to-Site 496 <br> IPsec 497 <br> SSL/TLS 505 <br> HTML5 508 <br> Layer 2 Tunneling Protocol 508 <br>DNS 509 <br>Network Access Control 510 <br>Out-of-Band Management 510 <br>Port Security 511 <br> Broadcast Storm Prevention 512 <br> Bridge Protocol Data Unit Guard 512 <br> Loop Prevention 512 <br> Dynamic Host Configuration Protocol Snooping 512 <br> Media Access Control Filtering 513 <br>Network Appliances 513 <br> Jump Servers 514 <br> Proxy Servers 514 <br> Network-Based Intrusion Detection System/Network-Based Intrusion <br> Prevention System 516 <br> Summary of NIDS vs. NIPS 519 <br> HSM 524 <br> Sensors 524 <br> Collectors 525 <br> Aggregators 526 <br> Firewalls 526 <br> Hardware vs. Software 534 <br> Appliance vs. Host-based vs. Virtual 534 <br>Access Control List 535 <br>Route Security 535 <br>Quality of Service 536 <br>Implications of IPv6 536 <br>Port Spanning/Port Mirroring 537 <br>Monitoring Services 538 <br> Performance Baselining 539 <br>File Integrity Monitors 542 <br>Chapter Review Activities 542 <br> Chapter 20 Installing and Configuring Wireless Security Settings 547 <br>“Do I Know This Already?” Quiz 547 <br>Foundation Topics 551 <br>Cryptographic Protocols 551 <br> Wi-Fi Protected Access 2 (WPA2) 551 <br> Wi-Fi Protected Access 3 (WPA3) 551 <br> Counter-mode/CBC-MAC Protocol (CCMP) 552 <br> Simultaneous Authentication of Equals 552 <br> Wireless Cryptographic Protocol Summary 552 <br>Authentication Protocols 553 <br> 802.1X and EAP 553 <br> IEEE 802.1x 556 <br> Remote Authentication Dial-In User Service (RADIUS) Federation 556 <br>Methods 557 <br> Wi-Fi Protected Setup 558 <br> Captive Portals 559 <br>Installation Considerations 559 <br> Controller and Access Point Security 562 <br> Wireless Access Point Vulnerabilities 563 <br>Chapter Review Activities 564 <br> Chapter 21 Implementing Secure Mobile Solutions 567 <br>“Do I Know This Already?” Quiz 567 <br>Foundation Topics 570 <br>Connection Methods and Receivers 570 <br> RFID and NFC 571 <br> More Wireless Connection Methods and Receivers 572 <br> Secure Implementation Best Practices 573 <br>Mobile Device Management 574 <br> MDM Security Feature Concerns: Application and Content Management 576 <br> MDM Security Feature Concerns: Remote Wipe, Geofencing, Geolocation, Screen Locks, Passwords and PINs, Full Device Encryption 578 <br>Mobile Device Management Enforcement and Monitoring 581 <br>Mobile Devices 585 <br> MDM/Unified Endpoint Management 587 <br> SEAndroid 588 <br>Deployment Models 588 <br> Secure Implementation of BYOD, CYOD, and COPE 589 <br>Chapter Review Activities 591 <br> Chapter 22 Applying Cybersecurity Solutions to the Cloud 595 <br>“Do I Know This Already?” Quiz 595 <br>Foundation Topics 598 <br>Cloud Security Controls 598 <br> Security Assessment in the Cloud 598 <br> Understanding the Different Cloud Security Threats 598 <br> Cloud Computing Attacks 601 <br> High Availability Across Zones 603 <br> Resource Policies 603 <br> Integration and Auditing 604 <br> Secrets Management 604 <br> Storage 605 <br> Network 606 <br> Compute 607 <br> Summary of Cloud Security Controls 609 <br>Solutions 611 <br> CASB 611 <br> Application Security 612 <br> Next-Generation Secure Web Gateway 613 <br> Firewall Considerations in a Cloud Environment 613 <br> Summary of Cybersecurity Solutions to the Cloud 614 <br>Cloud Native Controls vs. Third-Party Solutions 615 <br>Chapter Review Activities 615 <br> Chapter 23 Implementing Identity and Account Management Controls 619 <br>“Do I Know This Already?” Quiz 619 <br>Foundation Topics 623 <br>Identity 623 <br> Identity Provider (IdP) 623 <br> Authentication 625 <br> Certificates 626 <br> Tokens 627 <br> SSH Keys 628 <br> Smart Cards 629 <br>Account Types 629 <br>Account Policies 633 <br> Introduction to Identity and Access Management 633 <br> Attribute-Based Access Control (ABAC) 638 <br> Rights, Permissions, and Policies 640 <br> Permission Inheritance and Propagation 645 <br>Chapter Review Activities 647 <br> Chapter 24 Implementing Authentication and Authorization Solutions 651 <br>“Do I Know This Already?” Quiz 651 <br>Foundation Topics 655 <br>Authentication Management 655 <br> Password Keys 655 <br> Password Vaults 655 <br> Trusted Platform Module 656 <br> Hardware Security Modules 656 <br> Knowledge-Based Authentication 656 <br>Authentication/Authorization 657 <br> Security Assertion Markup Language 659 <br> OAuth 661 <br> OpenID and OpenID Connect 663 <br> Remote Authentication Technologies 670 <br>Access Control Schemes 674 <br> Discretionary Access Control 674 <br> Mandatory Access Control 676 <br> Role-Based Access Control 677 <br> Attribute-Based Access Control 678 <br> Rule-Based Access Control 678 <br> Conditional Access 678 <br> Privileged Access Management 678 <br> Summary of Access Control Models 679 <br> Access Control Wise Practices 680 <br>Chapter Review Activities 681 <br> Chapter 25 Implementing Public Key Infrastructure 685 <br>“Do I Know This Already?” Quiz 685 <br>Foundation Topics 688 <br>Public Key Infrastructure 688 <br> Key Management 688 <br> Certificate Authorities 689 <br> Certificate Attributes 691 <br> Subject Alternative Name 693 <br> Expiration 693 <br>Types of Certificates 694 <br> SSL Certificate Types 694 <br> Certificate Chaining 696 <br>Certificate Formats 697 <br>PKI Concepts 698 <br> Trust Model 698 <br> Certificate Pinning 698 <br> Stapling, Key Escrow, Certificate Chaining, Online vs. Offline CA 698 <br>Chapter Review Activities 700 <br> Part IV: Operations and Incident Response <br> Chapter 26 Using the Appropriate Tool to Assess Organizational Security 703 <br>“Do I Know This Already?” Quiz 703 <br>Foundation Topics 707 <br>Network Reconnaissance and Discovery 707 <br> tracert/traceroute 707 <br> nslookup/dig 709 <br> ipconfig/ifconfig 710 <br> nmap 711 <br> ping/pathping 714 <br> hping 717 <br> netstat 718 <br> netcat 720 <br> IP Scanners 721 <br> arp 721 <br> route 723 <br> curl 724 <br> theHarvester 725 <br> sn1per 726 <br> scanless 727 <br> dnsenum 728 <br> Nessus 730 <br> Cuckoo 731 <br>File Manipulation 732 <br> head 733 <br> tail 734 <br> cat 734 <br> grep 735 <br> chmod 736 <br> Logger 737 <br>Shell and Script Environments 738 <br> SSH 739 <br> PowerShell 740 <br> Python 741 <br> OpenSSL 741 <br>Packet Capture and Replay 742 <br> Tcpreplay 742 <br> Tcpdump 742 <br> Wireshark 743 <br>Forensics 744 <br> dd 744 <br> Memdump 745 <br> WinHex 746 <br> FTK Imager 747 <br> Autopsy 747 <br>Exploitation Frameworks 747 <br>Password Crackers 748 <br>Data Sanitization 750 <br>Chapter Review Activities 750 <br> Chapter 27 Summarizing the Importance of Policies, Processes, and Procedures for Incident Response 755 <br>“Do I Know This Already?” Quiz 755 <br>Foundation Topics 760 <br>Incident Response Plans 760 <br>Incident Response Process 761 <br> Preparation 762 <br> Identification 763 <br> Containment 763 <br> Eradication 764 <br> Recovery 764 <br> Lessons Learned 764 <br>Exercises 765 <br> Tabletop 765 <br> Walkthroughs 766 <br> Simulations 766 <br>Attack Frameworks 767 <br> MITRE ATT&CK 767 <br> The Diamond Model of Intrusion Analysis 768 <br> Cyber Kill Chain 770 <br>Stakeholder Management 771 <br>Communication Plan 771 <br>Disaster Recovery Plan 772 <br>Business Continuity Plan 773 <br>Continuity of Operations Planning (COOP) 774 <br>Incident Response Team 775 <br>Retention Policies 776 <br>Chapter Review Activities 776 <br> Chapter 28 Using Appropriate Data Sources to Support an Investigation 781 <br>“Do I Know This Already?” Quiz 781 <br>Foundation Topics 785 <br>Vulnerability Scan Output 785 <br>SIEM Dashboards 786 <br> Sensors 787 <br> Sensitivity 788 <br> Trends 788 <br> Alerts 788 <br> Correlation 788 <br>Log Files 789 <br> Network 790 <br> System 791 <br> Application 792 <br> Security 793 <br> Web 794 <br> DNS 795 <br> Authentication 796 <br> Dump Files 797 <br> VoIP and Call Managers 799 <br> Session Initiation Protocol Traffic 800 <br>syslog/rsyslog/syslog-ng 800 <br>journalctl 802 <br>NXLog 803 <br>Bandwidth Monitors 804 <br>Metadata 805 <br> Email 808 <br> Mobile 808 <br> Web 808 <br> File 809 <br>NetFlow/sFlow 809 <br> NetFlow 809 <br> sFlow 810 <br> IPFIX 811 <br>Protocol Analyzer Output 813 <br>Chapter Review Activities 814 <br> Chapter 29 Applying Mitigation Techniques or Controls to Secure an Environment 819 <br>“Do I Know This Already?” Quiz 819 <br>Foundation Topics 822 <br>Reconfigure Endpoint Security Solutions 822 <br> Application Approved Lists 822 <br> Application Block List/Deny List 822 <br> Quarantine 823 <br>Configuration Changes 824 <br> Firewall Rules 825 <br> MDM 825 <br> Data Loss Prevention 828 <br> Content Filter/URL Filter 828 <br> Update or Revoke Certificates 829 <br>Isolation 830 <br>Containment 830 <br>Segmentation 831 <br>SOAR 832 <br> Runbooks 833 <br> Playbooks 834 <br>Chapter Review Activities 834 <br> Chapter 30 Understanding the Key Aspects of Digital Forensics 837 <br>“Do I Know This Already?” Quiz 837 <br>Foundation Topics 842 <br>Documentation/Evidence 842 <br> Legal Hold 842 <br> Video 842 <br> Admissibility 843 <br> Chain of Custody 844 <br> Timelines of Sequence of Events 844 <br> Tags 845 <br> Reports 846 <br> Event Logs 846 <br> Interviews 846 <br>Acquisition 847 <br> Order of Volatility 848 <br> Disk 848 <br> Random-Access Memory 848 <br> Swap/Pagefile 849 <br> Operating System 850 <br> Device 850 <br> Firmware 851 <br> Snapshot 851 <br> Cache 852 <br> Network 852 <br> Artifacts 853 <br>On-premises vs. Cloud 853 <br> Right-to-Audit Clauses 854 <br> Regulatory/Jurisdiction 855 <br> Data Breach Notification Laws 855 <br>Integrity 856 <br> Hashing 856 <br> Checksums 857 <br> Provenance 857 <br>Preservation 858 <br>E-discovery 858 <br>Data Recovery 859 <br>Nonrepudiation 859 <br>Strategic Intelligence/Counterintelligence 860 <br>Chapter Review Activities 860 <br> Part V: Governance, Risk, and Compliance <br> Chapter 31 Comparing and Contrasting the Various Types of Controls 865 <br>“Do I Know This Already?” Quiz 865 <br>Foundation Topics 868 <br>Control Category 868 <br> Managerial Controls 868 <br> Operational Controls 868 <br> Technical Controls 868 <br> Summary of Control Categories 869 <br>Control Types 869 <br> Preventative Controls 869 <br> Detective Controls 869 <br> Corrective Controls 870 <br> Deterrent Controls 870 <br> Compensating Controls 871 <br> Physical Controls 871 <br> Summary of Control Types 872 <br>Chapter Review Activities 873 <br> Chapter 32 Understanding the Importance of Applicable Regulations, Standards, or Frameworks That Impact Organizational Security Posture 875 <br>“Do I Know This Already?” Quiz 875 <br>Foundation Topics 878 <br>Regulations, Standards, and Legislation 878 <br> General Data Protection Regulation 879 <br> National, Territory, or State Laws 879 <br> Payment Card Industry Data Security Standard (PCI DSS) 881 <br>Key Frameworks 881 <br>Benchmarks and Secure Configuration Guides 885 <br> Security Content Automation Protocol 885 <br>Chapter Review Activities 889 <br> Chapter 33 Understanding the Importance of Policies to Organizational Security 893 <br>“Do I Know This Already?” Quiz 894 <br>Foundation Topics 897 <br>Personnel Policies 897 <br> Privacy Policies 897 <br> Acceptable Use 898 <br> Separation of Duties/Job Rotation 898 <br> Mandatory Vacations 898 <br> Onboarding and Offboarding 899 <br> Personnel Security Policies 900 <br>Diversity of Training Techniques 900 <br> User Education and Awareness Training 901 <br>Third-Party Risk Management 902 <br>Data Concepts 904 <br> Understanding Classification and Governance 904 <br> Data Retention 906 <br>Credential Policies 906 <br>Organizational Policies 908 <br> Change Management and Change Control 909 <br> Asset Management 909 <br>Chapter Review Activities 910 <br> Chapter 34 Summarizing Risk Management Processes and Concepts 913 <br>“Do I Know This Already?” Quiz 913 <br>Foundation Topics 917 <br>Risk Types 917 <br>Risk Management Strategies 918 <br>Risk Analysis 919 <br> Qualitative Risk Assessment 921 <br> Quantitative Risk Assessment 922 <br>Disaster Analysis 924 <br>Business Impact Analysis 926 <br> Disaster Recovery Planning 928 <br>Chapter Review Activities 930 <br> Chapter 35 Understanding Privacy and Sensitive Data Concepts in Relation to Security 935 <br>“Do I Know This Already?” Quiz 935 <br>Foundation Topics 940 <br>Organizational Consequences of Privacy and Data Breaches 940 <br>Notifications of Breaches 941 <br>Data Types and Asset Classification 941 <br> Personally Identifiable Information and Protected Health Information 943 <br>Privacy Enhancing Technologies 944 <br>Roles and Responsibilities 945 <br>Information Lifecycle 947 <br>Impact Assessment 948 <br>Terms of Agreement 948 <br>Privacy Notice 949 <br>Chapter Review Activities 949 <br> Part VI: Final Preparation <br> Chapter 36 Final Preparation 953 <br>Hands-on Activities 953 <br>Suggested Plan for Final Review and Study 953 <br>Summary 954 <br> Glossary of Key Terms 955 <br> Appendix A Answers to the “Do I Know This Already?” Quizzes and Review Questions 1023 <br> Appendix B CompTIA Security+ (SY0-601) Cert Guide Exam Updates 1087 <br> <br> Online Elements:<br>Appendix C Study Planner <br>Glossary of Key Terms <br> <br> <br>9780136770312 TOC 6/19/2021 <br> <br> <br>
Rubrieken
- advisering
- algemeen management
- coaching en trainen
- communicatie en media
- economie
- financieel management
- inkoop en logistiek
- internet en social media
- it-management / ict
- juridisch
- leiderschap
- marketing
- mens en maatschappij
- non-profit
- ondernemen
- organisatiekunde
- personal finance
- personeelsmanagement
- persoonlijke effectiviteit
- projectmanagement
- psychologie
- reclame en verkoop
- strategisch management
- verandermanagement
- werk en loopbaan