BOOK & EBOOK SALE
Buy 2, save 50% when you use discount code SUNSHINE during checkout. Shop now.
Also available in other formats.
Register your product to gain access to bonus material or receive a coupon.
CompTIA Security+ SY0-601 Exam Cram Premium Edition and Practice Test
The exciting new CompTIA Security+ SY0-601 Exam Cram Premium Edition and Practice Test is a digital-only certification preparation product combining an eBook with enhanced Pearson IT Certification Practice Test. The Premium Edition eBook and Practice Test contains the following items:
Download the sample pages (includes Chapter 7)
Introduction . . . . . . . . . . . . . . . . . . . . . . xxviiPart I: Attacks, Threats, and Vulnerabilities 1CHAPTER 1: Social Engineering Techniques.. . . . . . . . . . . . . . . . 3 The Social Engineer.. . . . . . . . . . . . . . . . . . 4 Phishing and Related Attacks.. . . . . . . . . . . . . . . 6 Principles of Influence (Reasons for Effectiveness). . . . . . . . 10 What Next?.. . . . . . . . . . . . . . . . . . . . . 14CHAPTER 2: Attack Basics.. . . . . . . . . . . . . . . . . . . . . . 15 Malware. . . . . . . . . . . . . . . . . . . . . . . 16 Physical Attacks.. . . . . . . . . . . . . . . . . . . . 26 Adversarial Artificial Intelligence (AI).. . . . . . . . . . . . 27 Password Attacks. . . . . . . . . . . . . . . . . . . . 28 Downgrade Attacks.. . . . . . . . . . . . . . . . . . . 31 What Next?.. . . . . . . . . . . . . . . . . . . . . 34CHAPTER 3: Application Attacks.. . . . . . . . . . . . . . . . . . . . 35 Race Conditions.. . . . . . . . . . . . . . . . . . . . 36 Improper Software Handling.. . . . . . . . . . . . . . . 37 Resource Exhaustion.. . . . . . . . . . . . . . . . . . 37 Overflows.. . . . . . . . . . . . . . . . . . . . . . 38 Code Injections. . . . . . . . . . . . . . . . . . . . 39 Driver Manipulation.. . . . . . . . . . . . . . . . . . 40 Request Forgeries.. . . . . . . . . . . . . . . . . . . 41 Directory Traversal.. . . . . . . . . . . . . . . . . . . 44 Replay Attack.. . . . . . . . . . . . . . . . . . . . . 45 Secure Sockets Layer (SSL) Stripping.. . . . . . . . . . . . 45 Application Programming Interface (API) Attacks.. . . . . . . . 47 Pass-the-Hash Attack. . . . . . . . . . . . . . . . . . 49 What Next?.. . . . . . . . . . . . . . . . . . . . . 52CHAPTER 4: Network Attacks.. . . . . . . . . . . . . . . . . . . . . 53 Wireless. . . . . . . . . . . . . . . . . . . . . . . 54 On-Path Attack. . . . . . . . . . . . . . . . . . . . 58 Layer 2 Attacks. . . . . . . . . . . . . . . . . . . . 59 Domain Name System (DNS) Attacks.. . . . . . . . . . . . 62 Denial of Service. . . . . . . . . . . . . . . . . . . . 64 Malicious Code and Script Execution.. . . . . . . . . . . . 68 What Next?.. . . . . . . . . . . . . . . . . . . . . 71CHAPTER 5: Threat Actors, Vectors, and Intelligence Sources. . . . . . . . . . 73 Threat Actor Attributes.. . . . . . . . . . . . . . . . . 74 Threat Actor Types.. . . . . . . . . . . . . . . . . . . 75 Vectors.. . . . . . . . . . . . . . . . . . . . . . . 80 Threat Intelligence and Research Sources.. . . . . . . . . . . 81 What Next?.. . . . . . . . . . . . . . . . . . . . . 87CHAPTER 6: Vulnerabilities.. . . . . . . . . . . . . . . . . . . . . . 89 Cloud-Based vs. On-Premises. . . . . . . . . . . . . . . 90 Zero-Day. . . . . . . . . . . . . . . . . . . . . . 90 Weak Configurations. . . . . . . . . . . . . . . . . . 91 Third-Party Risks.. . . . . . . . . . . . . . . . . . . 95 Impacts.. . . . . . . . . . . . . . . . . . . . . . . 96 What Next?.. . . . . . . . . . . . . . . . . . . . . 98CHAPTER 7: Security Assessment Techniques.. . . . . . . . . . . . . . . 99 Vulnerability Scans.. . . . . . . . . . . . . . . . . . . 100 Threat Assessment.. . . . . . . . . . . . . . . . . . . 103 What Next?.. . . . . . . . . . . . . . . . . . . . . 110CHAPTER 8: Penetration Testing Techniques.. . . . . . . . . . . . . . . . 111 Testing Methodology. . . . . . . . . . . . . . . . . . 112 Team Exercises.. . . . . . . . . . . . . . . . . . . . 118 What Next?.. . . . . . . . . . . . . . . . . . . . . 120Part II: Architecture and Design 121CHAPTER 9: Enterprise Security Concepts.. . . . . . . . . . . . . . . . . 123 Configuration Management.. . . . . . . . . . . . . . . . 124 Data Confidentiality.. . . . . . . . . . . . . . . . . . 126 Deception and Disruption.. . . . . . . . . . . . . . . . 139 What Next?.. . . . . . . . . . . . . . . . . . . . . 143CHAPTER 10: Virtualization and Cloud Computing.. . . . . . . . . . . . . . 145 Virtualization.. . . . . . . . . . . . . . . . . . . . . 145 On-Premises vs. Off-Premises. . . . . . . . . . . . . . . 154 Cloud Models. . . . . . . . . . . . . . . . . . . . . 155 What Next?.. . . . . . . . . . . . . . . . . . . . . 164CHAPTER 11: Secure Application Development, Deployment, and Automation.. . . . 165 Application Environment.. . . . . . . . . . . . . . . . . 166 Integrity Measurement.. . . . . . . . . . . . . . . . . 168 Change Management and Version Control.. . . . . . . . . . . 169 Secure Coding Techniques.. . . . . . . . . . . . . . . . 170 Automation and Scripting.. . . . . . . . . . . . . . . . 180 Scalability and Elasticity. . . . . . . . . . . . . . . . . 184 What Next?.. . . . . . . . . . . . . . . . . . . . . 187CHAPTER 12: Authentication and Authorization Design. . . . . . . . . . . . . 189 Identification and Authentication, Authorization, and Accounting (AAA).. . . . . . . . . . . . . . . . . . . 189 Multifactor Authentication.. . . . . . . . . . . . . . . . 190 Single Sign-on.. . . . . . . . . . . . . . . . . . . . 192 Authentication Technologies. . . . . . . . . . . . . . . . 195 What Next?.. . . . . . . . . . . . . . . . . . . . . 204CHAPTER 13: Cybersecurity Resilience.. . . . . . . . . . . . . . . . . . 205 Redundancy.. . . . . . . . . . . . . . . . . . . . . 205 Backups.. . . . . . . . . . . . . . . . . . . . . . . 214 Defense in Depth.. . . . . . . . . . . . . . . . . . . 221 What Next?.. . . . . . . . . . . . . . . . . . . . . 224CHAPTER 14: Embedded and Specialized Systems. . . . . . . . . . . . . . 225 Embedded Systems.. . . . . . . . . . . . . . . . . . . 225 SCADA and ICS. . . . . . . . . . . . . . . . . . . . 227 Smart Devices and IoT.. . . . . . . . . . . . . . . . . 229 What Next?.. . . . . . . . . . . . . . . . . . . . . 238CHAPTER 15: Physical Security Controls.. . . . . . . . . . . . . . . . . . 239 Perimeter Security.. . . . . . . . . . . . . . . . . . . 239 Internal Security.. . . . . . . . . . . . . . . . . . . . 243 Equipment Security. . . . . . . . . . . . . . . . . . . 246 Environmental Controls.. . . . . . . . . . . . . . . . . 249 Secure Data Destruction.. . . . . . . . . . . . . . . . . 255 What Next?.. . . . . . . . . . . . . . . . . . . . . 259CHAPTER 16: Cryptographic Concepts. . . . . . . . . . . . . . . . . . . 261 Cryptosystems.. . . . . . . . . . . . . . . . . . . . 262 Use of Proven Technologies and Implementation.. . . . . . . . 272 Steganography.. . . . . . . . . . . . . . . . . . . . 273 Cryptography Use Cases.. . . . . . . . . . . . . . . . . 274 Cryptography Constraints.. . . . . . . . . . . . . . . . 276 What Next?.. . . . . . . . . . . . . . . . . . . . . 277Part III: Implementation 279CHAPTER 17: Secure Protocols.. . . . . . . . . . . . . . . . . . . . . 281 Secure Web Protocols.. . . . . . . . . . . . . . . . . . 282 Secure File Transfer Protocols.. . . . . . . . . . . . . . . 286 Secure Email Protocols.. . . . . . . . . . . . . . . . . 287 Secure Internet Protocols. . . . . . . . . . . . . . . . . 288 Secure Protocol Use Cases.. . . . . . . . . . . . . . . . 293 What Next?.. . . . . . . . . . . . . . . . . . . . . 305CHAPTER 18: Host and Application Security Solutions.. . . . . . . . . . . . . 307 Endpoint Protection.. . . . . . . . . . . . . . . . . . 308 Firewalls and HIPS/HIDS Solutions.. . . . . . . . . . . 308 Anti-Malware and Other Host Protections. . . . . . . . . 310 Application Security.. . . . . . . . . . . . . . . . . . 318 Hardware and Firmware Security.. . . . . . . . . . . . . . 322 Operating System Security.. . . . . . . . . . . . . . . . 330 What Next?.. . . . . . . . . . . . . . . . . . . . . 338CHAPTER 19: Secure Network Design.. . . . . . . . . . . . . . . . . . . 339 Network Devices and Segmentation.. . . . . . . . . . . . . 340 Security Devices and Boundaries. . . . . . . . . . . . . . 347 What Next?.. . . . . . . . . . . . . . . . . . . . . 369CHAPTER 20: Wireless Security Settings.. . . . . . . . . . . . . . . . . . 371 Access Methods.. . . . . . . . . . . . . . . . . . . . 372 Wireless Cryptographic Protocols.. . . . . . . . . . . . . . 373 Authentication Protocols.. . . . . . . . . . . . . . . . . 377 Wireless Access Installations. . . . . . . . . . . . . . . . 379 What Next?.. . . . . . . . . . . . . . . . . . . . . 387CHAPTER 21: Secure Mobile Solutions. . . . . . . . . . . . . . . . . . . 389 Communication Methods. . . . . . . . . . . . . . . . . 389 Mobile Device Management Concepts. . . . . . . . . . . . 393 Enforcement and Monitoring.. . . . . . . . . . . . . . . 405 Deployment Models.. . . . . . . . . . . . . . . . . . 412 What Next?.. . . . . . . . . . . . . . . . . . . . . 420CHAPTER 22: Cloud Cybersecurity Solutions.. . . . . . . . . . . . . . . . 421 Cloud Workloads.. . . . . . . . . . . . . . . . . . . 422 Third-Party Cloud Security Solutions.. . . . . . . . . . . . 428 What Next?.. . . . . . . . . . . . . . . . . . . . . 431CHAPTER 23: Identity and Account Management Controls.. . . . . . . . . . . 433 Account Types.. . . . . . . . . . . . . . . . . . . . 433 Account Management.. . . . . . . . . . . . . . . . . . 435 Account Policy Enforcement.. . . . . . . . . . . . . . . 441 What Next?.. . . . . . . . . . . . . . . . . . . . . 448CHAPTER 24: Authentication and Authorization Solutions.. . . . . . . . . . . . 449 Authentication.. . . . . . . . . . . . . . . . . . . . 450 Access Control.. . . . . . . . . . . . . . . . . . . . 466 What Next?.. . . . . . . . . . . . . . . . . . . . . 472CHAPTER 25: Public Key Infrastructure.. . . . . . . . . . . . . . . . . . 473 What Next?.. . . . . . . . . . . . . . . . . . . . . 489Part IV: Operations and Incident Response 491CHAPTER 26: Organizational Security.. . . . . . . . . . . . . . . . . . . 493 Shell and Script Environments.. . . . . . . . . . . . . . . 494 Network Reconnaissance and Discovery. . . . . . . . . . . . 496 Packet Capture and Replay. . . . . . . . . . . . . . . . 502 Password Crackers.. . . . . . . . . . . . . . . . . . . 504 Forensics and Data Sanitization.. . . . . . . . . . . . . . 505 What Next?.. . . . . . . . . . . . . . . . . . . . . 508CHAPTER 27: Incident Response.. . . . . . . . . . . . . . . . . . . . . 509 Attack Frameworks.. . . . . . . . . . . . . . . . . . . 509 Incident Response Plan.. . . . . . . . . . . . . . . . . 512 Incident Response Process.. . . . . . . . . . . . . . . . 517 Continuity and Recovery Plans.. . . . . . . . . . . . . . . 522 What Next?.. . . . . . . . . . . . . . . . . . . . . 528CHAPTER 28: Incident Investigation. . . . . . . . . . . . . . . . . . . . 529 SIEM Dashboards. . . . . . . . . . . . . . . . . . . 530 Logging. . . . . . . . . . . . . . . . . . . . . . . 531 Network Activity. . . . . . . . . . . . . . . . . . . . 536 What Next?.. . . . . . . . . . . . . . . . . . . . . 539CHAPTER 29: Incident Mitigation.. . . . . . . . . . . . . . . . . . . . . 541 Containment and Eradication.. . . . . . . . . . . . . . . 541 What Next?.. . . . . . . . . . . . . . . . . . . . . 549CHAPTER 30: Digital Forensics.. . . . . . . . . . . . . . . . . . . . . 551 Data Breach Notifications.. . . . . . . . . . . . . . . . 552 Strategic Intelligence/Counterintelligence Gathering. . . . . . . 554 Track Person-hours.. . . . . . . . . . . . . . . . . . . 555 Order of Volatility. . . . . . . . . . . . . . . . . . . 555 Chain of Custody.. . . . . . . . . . . . . . . . . . . 556 Data Acquisition.. . . . . . . . . . . . . . . . . . . . 559 Capture System Images.. . . . . . . . . . . . . . . 560 Capture Network Traffic and Logs.. . . . . . . . . . . 560 Capture Video and Photographs.. . . . . . . . . . . . 561 Record Time Offset.. . . . . . . . . . . . . . . . 562 Take Hashes. . . . . . . . . . . . . . . . . . . 562 Capture Screenshots.. . . . . . . . . . . . . . . . 563 Collect Witness Interviews. . . . . . . . . . . . . . 563 What Next?.. . . . . . . . . . . . . . . . . . . . . 565Part V: Governance, Risk, and Compliance 567CHAPTER 31: Control Types.. . . . . . . . . . . . . . . . . . . . . . 569 Nature of Controls.. . . . . . . . . . . . . . . . . . . 570 Functional Use of Controls.. . . . . . . . . . . . . . . . 570 Compensating Controls.. . . . . . . . . . . . . . . . . 572 What Next?.. . . . . . . . . . . . . . . . . . . . . 574CHAPTER 32: Regulations, Standards, and Frameworks.. . . . . . . . . . . . 575 Industry-Standard Frameworks and Reference Architectures. . . . . 575 Benchmarks and Secure Configuration Guides.. . . . . . . . . 579 What Next?.. . . . . . . . . . . . . . . . . . . . . 581CHAPTER 33: Organizational Security Policies.. . . . . . . . . . . . . . . . 583 Policy Framework.. . . . . . . . . . . . . . . . . . . 583 Human Resource Management Policies.. . . . . . . . . . . . 584 Third-Party Risk Management.. . . . . . . . . . . . . . . 592 What Next?.. . . . . . . . . . . . . . . . . . . . . 596CHAPTER 34: Risk Management.. . . . . . . . . . . . . . . . . . . . . 597 Risk Analysis. . . . . . . . . . . . . . . . . . . . . 598 Risk Assessment.. . . . . . . . . . . . . . . . . . . . 602 Business Impact Analysis.. . . . . . . . . . . . . . . . . 606 What Next?.. . . . . . . . . . . . . . . . . . . . . 612CHAPTER 35: Sensitive Data and Privacy.. . . . . . . . . . . . . . . . . . 613 Sensitive Data Protection. . . . . . . . . . . . . . . . . 613 Privacy Impact Assessment.. . . . . . . . . . . . . . . . 621 What Next?.. . . . . . . . . . . . . . . . . . . . . 623Glossary of Essential Terms and Components.. . . . . . . . . . . . 625
9780136798675, TOC, 10/9/2020