Details

CompTIA Security+ Review Guide


CompTIA Security+ Review Guide

Exam SY0-501
4. Aufl.

von: James Michael Stewart

20,99 €

Verlag: Sybex
Format: PDF
Veröffentl.: 04.12.2017
ISBN/EAN: 9781119416951
Sprache: englisch
Anzahl Seiten: 672

DRM-geschütztes eBook, Sie benötigen z.B. Adobe Digital Editions und eine Adobe ID zum Lesen.

Beschreibungen

Consolidate your knowledge base with critical Security+ review CompTIA Security+ Review Guide, Fourth Edition, is the smart candidate's secret weapon for passing Exam SY0-501 with flying colors. You've worked through your study guide, but are you sure you're prepared? This book provides tight, concise reviews of all essential topics throughout each of the exam's six domains to help you reinforce what you know. Take the pre-assessment test to identify your weak areas while there is still time to review, and use your remaining prep time to turn weaknesses into strengths. The Sybex online learning environment gives you access to portable study aids, including electronic flashcards and a glossary of key terms, so you can review on the go. Hundreds of practice questions allow you to gauge your readiness, and give you a preview of the big day. Avoid exam-day surprises by reviewing with the makers of the test—this review guide is fully approved and endorsed by CompTIA, so you can be sure that it accurately reflects the latest version of the exam. The perfect companion to the CompTIA Security+ Study Guide, Seventh Edition, this review guide can be used with any study guide to help you: Review the critical points of each exam topic area Ensure your understanding of how concepts translate into tasks Brush up on essential terminology, processes, and skills Test your readiness with hundreds of practice questions You've put in the time, gained hands-on experience, and now it's time to prove what you know. The CompTIA Security+ certification tells employers that you're the person they need to keep their data secure; with threats becoming more and more sophisticated, the demand for your skills will only continue to grow. Don't leave anything to chance on exam day—be absolutely sure you're prepared with the CompTIA Security+ Review Guide, Fourth Edition.
Introduction xxvii Chapter 1 Threats, Attacks, and Vulnerabilities 1 1.1 Given a scenario, analyze indicators of compromise and determine the type of malware. 6 Viruses 6 Crypto-malware 7 Ransomware 8 Worm 8 Trojan 8 Rootkit 9 Keylogger 10 Adware 10 Spyware 10 Bots 11 RAT 12 Logic bomb 12 Backdoor 13 Exam Essentials 14 1.2 Compare and contrast types of attacks. 15 Social engineering 15 Application/service attacks 21 Wireless attacks 45 Cryptographic attacks 54 Exam Essentials 63 1.3 Explain threat actor types and attributes. 69 Types of actors 69 Attributes of actors 72 Use of open-source intelligence 73 Exam Essentials 73 1.4 Explain penetration testing concepts. 74 Active reconnaissance 75 Passive reconnaissance 75 Pivot 76 Initial exploitation 76 Persistence 77 Escalation of privilege 77 Black box 77 White box 77 Gray box 78 Pen testing vs. vulnerability scanning 78 Exam Essentials 81 1.5 Explain vulnerability scanning concepts. 82 Passively test security controls 84 Identify vulnerability 84 Identify lack of security controls 84 Identify common misconfigurations 85 Intrusive vs. non-intrusive 85 Credentialed vs. non-credentialed 85 False positive 85 Exam Essentials 86 1.6 Explain the impact associated with types of vulnerabilities. 87 Race conditions 87 Vulnerabilities due to: 88 Improper input handling 89 Improper error handling 89 Misconfiguration/weak configuration 90 Default configuration 90 Resource exhaustion 91 Untrained users 91 Improperly configured accounts 91 Vulnerable business processes 91 Weak cipher suites and implementations 91 Memory/buffer vulnerability 92 System sprawl/undocumented assets 93 Architecture/design weaknesses 94 New threats/zero day 94 Improper certificate and key management 95 Exam Essentials 95 Review Questions 98 Chapter 2 Technologies and Tools 103 2.1 Install and configure network components, both hardware- and software-based, to support organizational security. 110 Firewall 110 VPN concentrator 114 NIPS/NIDS 118 Router 125 Switch 127 Proxy 130 Load balancer 131 Access point 133 SIEM 139 DLP 142 NAC 143 Mail gateway 144 Bridge 147 SSL/TLS accelerators 147 SSL decryptors 147 Media gateway 147 Hardware security module 148 Exam Essentials 148 2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization. 152 Protocol analyzer 152 Network scanners 154 Wireless scanners/cracker 155 Password cracker 155 Vulnerability scanner 156 Configuration compliance scanner 157 Exploitation frameworks 157 Data sanitization tools 158 Steganography tools 158 Honeypot 158 Backup utilities 159 Banner grabbing 159 Passive vs. active 160 Command line tools 161 Exam Essentials 169 2.3 Given a scenario, troubleshoot common security issues. 170 Unencrypted credentials/clear text 170 Logs and events anomalies 171 Permission issues 172 Access violations 172 Certificate issues 173 Data exfiltration 173 Misconfigured devices 174 Weak security configurations 175 Personnel issues 176 Unauthorized software 177 Baseline deviation 178 xviii Contents License compliance violation (availability/integrity) 178 Asset management 178 Authentication issues 179 Exam Essentials 179 2.4 Given a scenario, analyze and interpret output from security technologies. 180 HIDS/HIPS 180 Antivirus 181 File integrity check 182 Host-based firewall 183 Application whitelisting 183 Removable media control 184 Advanced malware tools 185 Patch management tools 186 UTM 187 DLP 187 Data execution prevention 188 Web application firewall 188 Exam Essentials 189 2.5 Given a scenario, deploy mobile devices securely. 190 Connection methods 190 Mobile device management concepts 193 Enforcement and monitoring for: 201 Deployment models 207 Exam Essentials 210 2.6 Given a scenario, implement secure protocols. 213 Protocols 213 Use cases 224 Exam Essentials 231 Review Questions 233 Chapter 3 Architecture and Design 237 3.1 Explain use cases and purpose for frameworks, best practices and secure configuration guides. 244 Industry-standard frameworks and reference architectures 244 Benchmarks/secure configuration guides 246 Defense-in-depth/layered security 248 Exam Essentials 249 3.2 Given a scenario, implement secure network architecture concepts. 249 Zones/topologies 250 Segregation/segmentation/isolation 255 Tunneling/VPN 258 Security device/technology placement 261 SDN 265 Exam Essentials 266 3.3 Given a scenario, implement secure systems design. 268 Hardware/firmware security 268 Operating systems 272 Peripherals 280 Exam Essentials 282 3.4 Explain the importance of secure staging deployment concepts. 284 Sandboxing 284 Environment 284 Secure baseline 285 Integrity measurement 288 Exam Essentials 288 3.5 Explain the security implications of embedded systems. 288 SCADA/ICS 289 Smart devices/IoT 290 HVAC 293 SoC 293 RTOS 294 Printers/MFDs 294 Camera systems 294 Special purpose 295 Exam Essentials 296 3.6 Summarize secure application development and deployment concepts. 297 Development life-cycle models 297 Secure DevOps 300 Version control and change management 302 Provisioning and deprovisioning 303 Secure coding techniques 303 Code quality and testing 306 Compiled vs. runtime code 308 Exam Essentials 309 3.7 Summarize cloud and virtualization concepts. 311 Hypervisor 312 VM sprawl avoidance 314 VM escape protection 314 Cloud storage 315 Cloud deployment models 315 On-premise vs. hosted vs. cloud 317 VDI/VDE 317 Cloud access security broker 317 Security as a Service 317 Exam Essentials 318 3.8 Explain how resiliency and automation strategies reduce risk. 319 Automation/scripting 319 Templates 320 Master image 320 Non-persistence 320 Elasticity 322 Scalability 322 Distributive allocation 322 Redundancy 322 Fault tolerance 323 High availability 324 RAID 326 Exam Essentials 326 3.9 Explain the importance of physical security controls. 328 Lighting 329 Signs 329 Fencing/gate/cage 330 Security guards 330 Alarms 331 Safe 333 Secure cabinets/enclosures 333 Protected distribution/Protected cabling 333 Airgap 333 Mantrap 333 Faraday cage 334 Lock types 335 Biometrics 335 Barricades/bollards 336 Tokens/cards 336 Environmental controls 336 Cable locks 338 Screen filters 338 Cameras 339 Contents xxi Motion detection 340 Logs 340 Infrared detection 340 Key management 340 Exam Essentials 341 Review Questions 343 Chapter 4 Identity and Access Management 347 4.1 Compare and contrast identity and access management concepts. 350 Identification, authentication, authorization and accounting (AAA) 350 Multifactor authentication 352 Federation 353 Single sign-on 353 Transitive trust 354 Exam Essentials 354 4.2 Given a scenario, install and configure identity and access services. 355 LDAP 355 Kerberos 355 TACACS+ 357 CHAP 358 PAP 359 MSCHAP 359 RADIUS 360 SAML 361 OpenID Connect 362 OAuth 362 Shibboleth 362 Secure token 362 NTLM 363 Exam Essentials 364 4.3 Given a scenario, implement identity and access management controls. 365 Access control models 365 Physical access control 369 Biometric factors 369 Tokens 372 Certificate-based authentication 374 File system security 376 Database security 376 Exam Essentials 380 4.4 Given a scenario, differentiate common account management practices. 382 Account types 382 General Concepts 384 Account policy enforcement 387 Exam Essentials 393 Review Questions 395 Chapter 5 Risk Management 399 5.1 Explain the importance of policies, plans and procedures related to organizational security. 405 Standard operating procedure 405 Agreement types 405 Personnel management 407 General security policies 416 Exam Essentials 418 5.2 Summarize business impact analysis concepts. 420 RTO/RPO 420 MTBF 421 MTTR 421 Mission-essential functions 421 Identification of critical systems 422 Single point of failure 422 Impact 422 Privacy impact assessment 423 Privacy threshold assessment 423 Exam Essentials 424 5.3 Explain risk management processes and concepts. 425 Threat assessment 425 Risk assessment 426 Change management 434 Exam Essentials 434 5.4 Given a scenario, follow incident response procedures. 436 Incident response plan 436 Incident response process 438 Exam Essentials 441 5.5 Summarize basic concepts of forensics. 442 Order of volatility 443 Chain of custody 443 Legal hold 444 Data acquisition 444 Contents xxiii Preservation 447 Recovery 447 Strategic intelligence/counterintelligence gathering 447 Track man-hours 448 Exam Essentials 448 5.6 Explain disaster recovery and continuity of operation concepts. 449 Recovery sites 453 Order of restoration 454 Backup concepts 455 Geographic considerations 456 Continuity of operation planning 458 Exam Essentials 460 5.7 Compare and contrast various types of controls. 461 Deterrent 461 Preventive 462 Detective 462 Corrective 462 Compensating 463 Technical 463 Administrative 463 Physical 463 Exam Essentials 463 5.8 Given a scenario, carry out data security and privacy practices. 464 Data destruction and media sanitization 464 Data sensitivity labeling and handling 467 Data roles 473 Data retention 474 Legal and compliance 474 Exam Essentials 475 Review Questions 476 Chapter 6 Cryptography and PKI 481 6.1 Compare and contrast basic concepts of cryptography. 486 Symmetric algorithms 487 Modes of operation 489 Asymmetric algorithms 490 Hashing 493 Salt, IV, nonce 496 Elliptic curve 496 Weak/deprecated algorithms 497 Key exchange 497 Digital signatures 497 Diffusion 499 Confusion 499 Collision 499 Steganography 499 Obfuscation 500 Stream vs. block 500 Key strength 501 Session keys 501 Ephemeral key 502 Secret algorithm 502 Data-in-transit 502 Data-at-rest 502 Data-in-use 503 Random/pseudo-random number generation 503 Key stretching 504 Implementation vs. algorithm selection 504 Perfect forward secrecy 505 Security through obscurity 505 Common use cases 505 Exam Essentials 509 6.2 Explain cryptography algorithms and their basic characteristics. 512 Symmetric algorithms 513 Cipher modes 515 Asymmetric algorithms 516 Hashing algorithms 519 Key stretching algorithms 521 Obfuscation 522 Exam Essentials 525 6.3 Given a scenario, install and configure wireless security settings. 527 Cryptographic protocols 527 Authentication protocols 529 Methods 530 Exam Essentials 531 6.4 Given a scenario, implement public key infrastructure. 532 Components 532 Concepts 539 Types of certificates 547 Certificate formats 548 Exam Essentials 549 Review Questions 554 Appendix Answers to Review Questions 559 Chapter 1: Threats, Attacks, and Vulnerabilities 560 Chapter 2: Technologies and Tools 561 Chapter 3: Architecture and Design 564 Chapter 4: Identity and Access Management 566 Chapter 5: Risk Management 568 Chapter 6: Cryptography and PKI 571 Index 575
James Michael Stewart, Security+, CISSP, CEH, CHFI, is a security expert, writer, trainer, and researcher for Impact Online (www.impactonline.com), an independent courseware development company. He provides IT instruction across the globe for various public and private organizations.
Covers 100% of exam objectives, including threats, attacks, and vulnerabilities; technologies and tools; architecture and design; identity and access management; risk management; cryptography and PKI; and much more... Includes interactive online learning environment and study tools with: + 2 custom practice exams + 300 electronic flashcards + Searchable key term glossary Tight, targeted review to help you pass CompTIA Security+ Exam SY0-501 CompTIA Security+ Review Guide, Fourth Edition, provides a concise and focused review, giving you a secret weapon for passing certification Exam SY0-501. Divided into six parts corresponding to the six domains covered on the exam, it systematically examines all the vital information you need to know. Reinforce your study with the exclusive Sybex online interactive learning environment, and because this guide is fully approved and endorsed by CompTIA, you can be confident that the content reflects the latest version of the exam. Review covers all 6 domain areas of the SY0-501 Exam: Threats, Attacks, and Vulnerabilities Technologies and Tools Architecture and Design Identity and Access Management Risk Management Cryptography and PKI Interactive learning environment Take your exam prep to the next level with Sybex's superior interactive online study tools. To access our learning environment, simply visit http://www.wiley.com/go/sybextestprep, type in your unique PIN and instantly gain a year of FREE access to: Test bank with 2 practice exams 300 electronic flashcards Comprehensive, searchable glossary in PDF format gives you instant access to the key terms so you are fully prepared ABOUT THE COMPTIA SECURITY+ CERTIFICATION The Security+ certification validates the knowledge and skills required to install and configure systems to secure applications, networks, and devices; perform threat analysis and respond with appropriate mitigation techniques; participate in risk mitigation activities; and operate with an awareness of applicable policies, laws, and regulations. CompTIA Security+ meets the ISO 17024 standard and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. It is also compliant with government regulations under Federal Information Security Management Act (FISMA). Visit https://certification.comptia.org/certifications/security for more information.

Diese Produkte könnten Sie auch interessieren:

CompTIA Security+ SY0-501 Review Guide
CompTIA Security+ SY0-501 Review Guide
von: James M. Stewart
EPUB ebook
85,99 €
CISSP Official (ISC)2 Practice Tests
CISSP Official (ISC)2 Practice Tests
von: Mike Chapple, David Seidl
EPUB ebook
27,99 €
CISSP Official (ISC)2 Practice Tests
CISSP Official (ISC)2 Practice Tests
von: Mike Chapple, David Seidl
PDF ebook
27,99 €