CompTIA Security+: SY0-601 Certification Guide: Complete Coverage of the New CompTIA Security+ (SY0-601) Exam to Help You Pass on the First Attempt, 2nd Edition

Cover
Exam Vouchers
FM
Copyright
Contributors
Table of Contents
Preface
Objectives for the CompTIA Security+ 601 exam
Section 1: Security Aims and Objectives
Chapter 1: Enterprise Governance
	Security Fundamentals
		CIA Triad Concept
		Least Privilege
		Defense in Depth Model
	Comparing Control Types
		Managerial Controls
		Operational Controls
		Technical Controls
		Deterrent Controls
		Detective Controls
		Corrective Controls
		Compensating Controls
		Preventative Controls
		Access Controls
		Discretionary Access Control
		Mandatory Access Control
		Role-Based Access Control
		Rule-Based Access Control
		Attribute-Based Access Control
		Group-Based Access Control
		Linux-Based Access Control
	Physical Security Controls
		Perimeter Security
		Building Security
		Device Protection
	Understanding Digital Forensics
		Five-Minute Practical
		Collection of Evidence
		Cloud Forensics
	Review Questions
Chapter 2: Implementing Public Key Infrastructure
	PKI Concepts
		Certificate Hierarchy
		Certificate Trust
		Certificate Validity
		Certificate Management Concepts
		Types of Certificates
	Asymmetric and Symmetric Encryption
		Encryption Explained
		Digital Signatures Explained
		Cryptography Algorithms and Their Characteristics
		Symmetric Algorithms
		Asymmetric Algorithms
		Symmetric versus Asymmetric Analogy
		Lightweight Cryptography
		XOR Encryption
	Key Stretching Algorithms
	Salting Passwords
	Cipher Modes
		Stream versus Block Cipher Analogy
		Modes of Operation
	Quantum Computing
	Blockchain and the Public Ledger
	Hashing and Data Integrity
	Comparing and Contrasting the Basic Concepts of Cryptography
		Asymmetric – PKI
		Symmetric Algorithm – Modes of Operation
		Hashing Algorithms
		Crypto Service Provider
		Crypto Module
		Data Protection
	Basic Cryptographic Terminologies
		Obfuscation
		Pseudo-Random Number Generator
		Nonce
		Perfect Forward Secrecy
		Security through Obscurity
		Collision
		Steganography
		Homomorphic Encryption
		Diffusion
		Implementation Decisions
	Common Use Cases for Cryptography
		Supporting Confidentiality
		Supporting Integrity
		Supporting Non-Repudiation
		Supporting Obfuscation
		Low-Power Devices
		High Resiliency
		Supporting Authentication
		Resource versus Security Constraints
	Practical Exercises
		Practical Exercise 1 – Building a Certificate Server
		Practical Exercise 2 – Encrypting Data with EFS and Stealing Certificates
		Practical Exercise 3 – Revoking the EFS Certificate
	Review Questions
3
Chapter 3: Investigating Identity and Access Management
	Understanding Identity and Access Management Concepts
	Identity Types
	Account Types
	Authentication Types
		Security Tokens and Devices
		Certificate-Based Authentication
	Implementing Authentication and Authorization Solutions
		Authentication Management
		Authentication Protocols
		Authentication, Authorization, and Accounting (AAA) Servers
		Access Control Schemes
	Summarizing Authentication and Authorization Design Concepts
		Directory Services
	Cloud versus On-Premises Authentication
		On-Premises
		In the Cloud
	Common Account Management Policies
		Account Creation
		Employees Moving Departments
		Account Recertification
		Account Maintenance
		Account Monitoring
		Security Information and Event Management
	Practical Exercise – Password Policy
	Review Questions
Chapter 4: Exploring Virtualization and Cloud Concepts
	Overview of Cloud Computing
	Implementing Different Cloud Deployment Models
	Understanding Cloud Service Models
		Infrastructure as a Service (IaaS)
		Software as a Service (SaaS)
		Platform as a Service (PaaS)
		Security as a Service (SECaaS)
		Anything as a Service (XaaS)
	Understanding Cloud Computing Concepts
	Understanding Cloud Storage Concepts
	Selecting Cloud Security Controls
		High Availability Access Zones
		Resource Policies
		Secret Management
		Integration and Auditing
		Storage
		Networks
		Compute
		Solutions
	Exploring the Virtual Network Environments
	Review Questions
Section 2: Monitoring the Security Infrastructure
Chapter 5: Monitoring, Scanning, and Penetration Testing
	Penetration Testing Concepts
		Rules of Engagement (ROE)
		Network Exploitation Techniques
	Passive and Active Reconnaissance
		Reconnaissance Tools
	Exercise Types
	Vulnerability Scanning Concepts
		Credentialed versus Non-Credentialed Scans
		Intrusive versus Non-Intrusive Vulnerability Scans
		Other Types of Scans That Can Be Performed
		Penetration Testing versus Vulnerability Scanning
	Syslog/Security Information and Event Management
	Security Orchestration, Automation, and Response
		Threat Hunting
	Review Questions
Chapter 6: Understanding Secure and Insecure Protocols
	Introduction to Protocols
	Insecure Protocols and Their Use Cases
	Secure Protocols and Their Use Cases
	Additional Use Cases and Their Protocols
		Subscription Services and Their Protocols
		Routing and Its Protocols
		Switching and Its Protocols
		Active Directory (Directory Services) and Its Protocols
	Review Questions
Chapter 7: Delving into Network and Security Concepts
	Installing and Configuring Network Components
		Firewall
		Network Address Translation Gateway
		Router
		Access Control List – Network Devices
		Switch
		Tap/Port Mirror
		Aggregation Switches
		Honeypot
		Honeyfile
		Fake Telemetry
		Proxy Server
		Jump Servers
		Load Balancer
	Remote Access Capabilities
		IPSec
		VPN Concentrator
		Split Tunneling
		Remote Support
	Secure Network Architecture Concepts
		Software-Defined Network
		Network Segmentation
		Intrusion Prevention System
		Intrusion Detection System
		Modes of Operation
		Sensor/Collector
		Monitoring Data
		Network Access Control
		Domain Name System
		DNS Poisoning
		DNS Sinkhole
	Network Reconnaissance and Discovery
		Exploitation Frameworks
	Forensic Tools
	IP Addressing
		IP Schema
		IP Version 4
		Subnet Mask
		CIDR Mask
		Network Address Allocation
		IP Version 6 Addressing
	Review Questions
Chapter 8: Securing Wireless and Mobile Solutions
	Implementing Wireless Security
	Wireless Access Point Controllers
		Securing Access to Your WAP
		Wireless Bandwidth/Band Selection
		Wireless Channels
		Wireless Antenna Types
		Wireless Coverage
		Wireless – Open System Authentication
		Wireless Encryption
		Wireless Captive Portals
		Wireless Attacks
		Wireless Authentication Protocols
	Deploying Mobile Devices Securely
		Mobile Device Management
		Bring Your Own Device
		Choose Your Own Device
		Corporate-Owned Personally-Enabled
	Mobile Device Connection Methods
		Mobile Device Management Concepts
		Device Management
		Device Protection
		Device Data
		Mobile Device Enforcement and Monitoring
	Review Questions
Section 3: Protecting the Security Environment
Chapter 9: Identifying Threats, Attacks, and Vulnerabilities
	Virus and Malware Attacks
	Social Engineering Attacks
	Threat Actors
	Advanced Attacks
		Password Attacks
		Physical Attacks
		On-Path Attacks
		Network Attacks
		Application/Programming Attacks
		Hijacking-Related Attacks
		Driver Manipulation
		Cryptographic Attacks
		Security Concerns with Various Type of Vulnerabilities
		Cloud vs. On-Premises Vulnerabilities
		Third-Party Risks
	Review Questions
Chapter 10: Governance, Risk, and Compliance
	Risk Management Processes and Concepts
		Risk Types
		Risk Management Strategies
		Risk Analysis
		Calculating Loss
		Disasters
		Business Impact Analysis Concepts
	Threat Actors, Vectors, and Intelligence Concepts
		Threat Actors
		Attack Vectors
		Threat Intelligence Sources
		Research Sources
	The Importance of Policies for Organizational Security
		Personnel
		Diversity of Training Techniques
		Third-Party Risk Management
		Data
		Credential Policies
		Organizational Policies
	Regulations, Standards, and Legislation
		Key Frameworks
		Benchmarks/Secure Configuration Guides
	Privacy and Sensitive Data Concepts
		Data Sovereignty
		Legal implications
		Geographic considerations
		Organizational Consequences of Privacy Breaches
		Notifications of Breaches
		Data Types
		Privacy-Enhancing Technologies
		Data Roles and Responsibilities
		Information Life Cycle
		Impact Assessment
		Terms of Agreement
		Privacy Notice
	Review Questions
Chapter 11: Managing Application Security
	Implementing Host or Application Security
		Boot Integrity
		Endpoint Protection
		Databases
		Application Security
		Hardening
		Full Disk Encryption (FDE)
		Self-Encrypting Drives (SEDs)
	Understanding the Security Implications of Embedded and Specialist Systems
		Internet of Things (IoT)
		Real-Time Operating System (RTOS)
		Multifunctional Printers (MFPs)
		Surveillance Systems
		System on a Chip (SoC)
		Heating, Ventilation, and Air Conditioning (HVAC)
		Specialized Devices
		Embedded Systems
		Supervisory Control and Data Acquisition (SCADA)
		Industrial Control System
		Communication Considerations
		Constraints
	Understanding Secure Application Development, Deployment, and Automation
		Software Diversity
		Elasticity
		Scalability
		Environment
		Automation/Scripting
		Provisioning and Deprovisioning
		Version Control
		Integrity Measurement
		Secure Coding Techniques
		Open Web Application Security Project (OWASP)
	Review Questions
Chapter 12: Dealing with Incident Response Procedures
	Incident Response Procedures
		Response and Recovery Controls
		Disaster Recovery Exercises
		Attack Frameworks
		Stakeholder Management
		Continuity of Operations Planning (COOP)
	Utilizing Data Sources to Support Investigations
		Vulnerability Scan Output
		SIEM Dashboards
		Log Files
		Log Managers
		journalctl
		NXLog
		Bandwidth Monitors
		Metadata
		Network Monitoring
		Protocol Analyzer Output
	Knowing How to Apply Mitigation Techniques or Controls to Secure an Environment
		Reconfigure Endpoint Security Solutions
		Application Approved List
		Application Block List/Deny List
		Quarantine
		Configuration Management
		Isolation
		Containment
		Segmentation
		Security Orchestration, Automation, and Response (SOAR)
	Implementing Cybersecurity Resilience
		Redundancy
	Review Questions
Section 4: Mock Tests
Chapter 13: Mock Exam 1
Mock Exam 1 Solutions
Chapter 14: Mock Exam 2
Mock Exam 2 Solutions
Chapter Review Solutions
Other Books You May Enjoy
Index