ورود به حساب

نام کاربری گذرواژه

گذرواژه را فراموش کردید؟ کلیک کنید

حساب کاربری ندارید؟ ساخت حساب

ساخت حساب کاربری

نام نام کاربری ایمیل شماره موبایل گذرواژه

برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید


09117307688
09117179751

در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید

دسترسی نامحدود

برای کاربرانی که ثبت نام کرده اند

ضمانت بازگشت وجه

درصورت عدم همخوانی توضیحات با کتاب

پشتیبانی

از ساعت 7 صبح تا 10 شب

دانلود کتاب CompTIA Security Get Certified Get Ahead

دانلود کتاب امنیت CompTIA گواهینامه دریافت کنید

CompTIA Security Get Certified Get Ahead

مشخصات کتاب

CompTIA Security Get Certified Get Ahead

ویرایش:  
نویسندگان:   
سری:  
ISBN (شابک) : 9798748708180 
ناشر:  
سال نشر:  
تعداد صفحات: [1166] 
زبان: English 
فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود) 
حجم فایل: 7 Mb

قیمت کتاب (تومان) : 32,000



ثبت امتیاز به این کتاب

میانگین امتیاز به این کتاب :
       تعداد امتیاز دهندگان : 9


در صورت تبدیل فایل کتاب CompTIA Security Get Certified Get Ahead به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.

توجه داشته باشید کتاب امنیت CompTIA گواهینامه دریافت کنید نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.


توضیحاتی در مورد کتاب امنیت CompTIA گواهینامه دریافت کنید

اولین بار را بگذرانید. راهنمای تحصیلی CompTIA Security دریافت گواهینامه دریافت پیش‌دستی SY0-601، به‌روزرسانی‌ای برای پرفروش‌ترین راهنماهای مطالعه SY0-201، SY0-301، SY0-401 و SY0-501 است که به هزاران خواننده کمک کرده است در اولین امتحان موفق شوند. زمانی که آن را گرفتند منابع آنلاین رایگان خریداران به منابع آنلاین رایگان دسترسی دارند، از جمله: سؤالات آزمایشی اضافی با استفاده از موتور آزمایش آنلاین از طریق مرورگر شما آزمایشگاه های آنلاین (از جمله آزمایشگاهی برای ایجاد یک USB قابل بوت برای بوت شدن در لینوکس) موارد اضافی قابل بارگیری این کتاب همه SY0 را پوشش می دهد. اهداف -601 و شامل همان عناصری است که خوانندگان در نسخه‌های قبلی درباره آن‌ها غوغا می‌کردند. هر یک از یازده فصل موضوعات را به شیوه ای آسان برای درک ارائه می کند و شامل نمونه های واقعی از اصول امنیتی در عمل است. نویسنده از بسیاری از تشبیهات و توضیحاتی استفاده می کند که در کلاس درس بیان کرده است و به صدها دانش آموز کمک کرده است تا بر محتوای امنیتی تسلط پیدا کنند. نسخه شومیز شامل یک فهرست جامع است که به شما کمک می کند مفاهیم امنیتی مرتبط را پیدا کنید. به عنوان مثال، اگر به دنبال CSRF هستید، ورودی فهرست دقیقاً به شما می گوید که آن را در چه صفحه ای پیدا کنید: CSRF (جعل درخواست بین سایتی) 265 نسخه Kindle شامل یک تابع جستجو است که به شما امکان می دهد هر کلمه ای را در کتاب پیدا کنید. . با استفاده از این کتاب، موضوعات امنیتی مهم و مرتبط برای آزمون امنیت را بدون بارگذاری بیش از حد با جزئیات غیر ضروری، درک خواهید کرد. علاوه بر این، هر فصل شامل یک بخش جامع بررسی موضوع امتحان است تا به شما کمک کند روی موارد مهم تمرکز کنید. بیش از 300 سوال تست عملی واقع گرایانه با توضیحات عمیق به شما کمک می کند درک و آمادگی خود را برای امتحان آزمایش کنید. راهنمای مطالعه شامل یک پیش آزمون ۷۵ سوالی، یک پس آزمون ۷۵ سوالی و سوالات تست تمرینی در پایان هر فصل است. هر سوال تست تمرینی شامل توضیح مفصلی است که به شما کمک می کند تا متوجه شوید که چرا پاسخ های صحیح صحیح هستند و چرا پاسخ های نادرست نادرست هستند. شما همچنین به منابع آنلاین رایگان از جمله آزمایشگاه ها و سوالات آزمون تمرینی اضافی دسترسی خواهید داشت. با استفاده از این منابع، در اولین باری که امتحان می‌کنید، آماده شرکت و قبولی در آن خواهید بود. اگر قصد دارید هر یک از گواهینامه های امنیتی پیشرفته را دنبال کنید، این راهنما به شما کمک می کند پایه ای محکم از دانش امنیتی ایجاد کنید. این مطالب را یاد بگیرید و برای امتحانات دیگر یک قدم جلوتر خواهید بود. این راهنمای مطالعه SY0-601 برای هر متخصص فناوری اطلاعات یا امنیت است که علاقه مند به پیشرفت در زمینه خود است و برای هر کسی که در تلاش برای تسلط بر مبانی امنیت سیستم های فناوری اطلاعات است، خواندن آن ضروری است. نویسنده کتاب را با پست های وبلاگ در اینجا تکمیل می کند: http://blogs.getcertifiedgetahead.com/.


توضیحاتی درمورد کتاب به خارجی

Pass the First Time. The CompTIA Security+ Get Certified Get Ahead SY0-601 Study Guide is an update to the top-selling SY0-201, SY0-301, SY0-401, and SY0-501 study guides, which have helped thousands of readers pass the exam the first time they took it. Free Online Resources Buyers have access to free online resources, including: Additional practice test questions using an online testing engine via your browser Online labs (including a lab to create a bootable USB to boot into Linux) Downloadable extras This book covers all of the SY0-601 objectives and includes the same elements readers raved about in the previous versions. Each of the eleven chapters presents topics in an easy-to-understand manner and includes real-world examples of security principles in action. The author uses many of the same analogies and explanations that he honed in the classroom that have helped hundreds of students master the Security+ content. The paperback copy includes a comprehensive index that helps you find relevant Security+ concepts. As an example, if you're looking for CSRF, the index entry tells you exactly what page to find it on: CSRF (Cross-site request forgery) 265 The Kindle edition includes a search function allowing you to find any word in the book. With this book, you'll understand the important and relevant security topics for the Security+ exam without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive Exam Topic Review section to help you focus on what's important. Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The study guide includes a 75 question pre-test, a 75 question post-test, and practice test questions at the end of every chapter. Each practice test question includes a detailed explanation helping you understand why the correct answers are correct and why the incorrect answers are incorrect. You'll also have access to free online resources including labs and additional practice test questions. Using these resources, you'll be ready to take and pass the exam the first time you take it. If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you'll be a step ahead for other exams. This SY0-601 study guide is for any IT or security professional interested in advancing in their field and a must-read for anyone striving to master the basics of IT systems security. The author supplements the book with blog posts here: http://blogs.getcertifiedgetahead.com/.



فهرست مطالب

Dedication
Acknowledgments
About the Author
Table of Contents
Introduction
Who This Book Is For
About This Book
Appendixes
How to Use This Book
Conventions
Remember This
Vendor Neutral
Free Online Resources
Additional Web Resources
Assumptions
Set a Goal
About the Exam
Passing Score
Exam Prerequisites
Beta Questions
Exam Format
Question Types
	Multiple Choice
	Performance-Based Questions
	Question Complexity
	Practice Test Questions Strategy
Exam Test Provider
Voucher Code for 10 Percent Off
Exam Domains
Objective to Chapter Map
	1.0 Threats, Attacks and Vulnerabilities
	2.0 Architecture and Design
	3.0 Implementation
	4.0 Operations and Incident Response
	5.0 Governance, Risk, and Compliance
Recertification Requirements
601 Pre-Assessment Exam
Pre-Assessment Exam Answers
Chapter 1 Mastering Security Basics
Understanding Core Security Goals
What Is a Use Case?
Ensure Confidentiality
	Encryption
	Access Controls
Provide Integrity
Increase Availability
	Redundancy and Fault Tolerance
	Scalability and Elasticity
	Patching
	Understanding Resiliency
Resource Versus Security Constraints
Introducing Basic Risk Concepts
Understanding Security Controls
Managerial Controls
Operational Controls
Technical Controls
Control Types
	Preventive Controls
	Detective Controls
	Corrective and Recovery Controls
	Physical Controls
	Deterrent Controls
	Compensating Controls
	Response Controls
Combining Control Categories and Types
Using Command-Line Tools
Network Reconnaissance and Discovery
Ping
	Using Ping to Check Name Resolution
	Beware of Firewalls
	Using Ping to Assess Organizational Security
hping
Ipconfig and ifconfig
Netstat
Tracert and traceroute
Pathping
Arp
Linux and LAMP
	cat Command
	grep Command
	head Command
	tail Command
	logger Command
	journalctl Command
	chmod Command
Understanding Logs
Windows Logs
Network Logs
Centralized Logging Methods
	SIEM Systems
	Syslog
Linux Logs
Chapter 1 Exam Topic Review
Chapter 1 Practice Questions
Chapter 1 Practice Question Answers
Chapter 2 Understanding Identity and Access Management
Exploring Authentication Management
Comparing Identification and AAA
Comparing Authentication Factors
	Something You Know
	Something You Have
	Something You Are
	Two-Factor and Multifactor Authentication
	Authentication Attributes
Authentication Log Files
Managing Accounts
Credential Policies and Account Types
Privileged Access Management
Require Administrators to Use Two Accounts
Prohibiting Shared and Generic Accounts
Disablement Policies
Time-Based Logins
Account Audits
Comparing Authentication Services
Single Sign-On
Kerberos
SSO and a Federation
SAML
SAML and Authorization
OAuth
OpenID and OpenID Connection
Comparing Access Control Schemes
Role-Based Access Control
	Using Roles Based on Jobs and Functions
	Documenting Roles with a Matrix
	Establishing Access with Group-Based Privileges
Rule-Based Access Control
Discretionary Access Control
	Filesystem Permissions
	SIDs and DACLs
	The Owner Establishes Access
	Mandatory Access Control
	Labels and Lattice
	Establishing Access
Attribute-Based Access Control
Conditional Access
Chapter 2 Exam Topic Review
Chapter 2 Practice Questions
Chapter 2 Practice Question Answers
Chapter 3 Exploring Network Technologies and Tools
Reviewing Basic Networking Concepts
Basic Networking Protocols
Implementing Protocols for Use Cases
	Voice and Video Use Case
	File Transfer Use Case
	Email and Web Use Cases
	Directory Services and LDAPS
	Remote Access Use Case
	OpenSSH
	Time Synchronization Use Case
	Network Address Allocation Use Case
	Domain Name Resolution Use Case
	Subscription Services Use Case
	Quality of Service
Understanding Basic Network Devices
Switches
	Security Benefit of a Switch
	Port Security
	Broadcast Storm and Loop Prevention
	Bridge Protocol Data Unit Guard
Routers
	Routers and ACLs
	Deny Implicit Deny
	The Route Command and Route Security
Firewalls
	Host-Based Firewalls
	Software Versus Hardware Firewalls
	Stateless Firewall Rules
	Stateful Versus Stateless
	Web Application Firewall
	Next-Generation Firewall
Implementing Network Designs
Intranet Versus Extranet
Screened Subnet
	Network Address Translation Gateway
	Physical Isolation and Air Gaps
	Logical Separation and Segmentation
	Isolating Traffic with a VLAN
	East-West Traffic
	Zero Trust
Network Appliances
Proxy Servers
	Caching Content for Performance
	Transparent Proxy Versus Non-transparent Proxy
	Reverse Proxy
Unified Threat Management
Jump Server
Security Implications of IPv6
Summarizing Routing and Switching Use Cases
Chapter 3 Exam Topic Review
Chapter 3 Practice Questions
Chapter 3 Practice Question Answers
Chapter 4 Securing Your Network
Exploring Advanced Security Devices
Understanding IDSs and IPSs
	HIDS
	NIDS
	Sensor and Collector Placement
	Detection Methods
	Data Sources and Trends
	Reporting Based on Rules
	False Positives Versus False Negatives
IPS Versus IDS—Inline Versus Passive
Honeypots
Honeynets
Honeyfile
Fake Telemetry
Securing Wireless Networks
Reviewing Wireless Basics
	Band Selection and Channel Overlaps
	Access Point SSID
	Enable MAC Filtering
Site Surveys and Footprinting
Wireless Access Point Placement
Wireless Cryptographic Protocols
	WPA2 and CCMP
	Open, PSK, and Enterprise Modes
	WPA3 and Simultaneous Authentication of Equals
Authentication Protocols
IEEE 802.1X Security
Controller and Access Point Security
Captive Portals
Understanding Wireless Attacks
Disassociation Attacks
Wi-Fi Protected Setup
Rogue Access Point
Evil Twin
Jamming Attacks
IV Attacks
Near Field Communication Attacks
RFID Attacks
Bluetooth Attacks
Wireless Replay Attacks
War Driving and War Flying
Using VPNs for Remote Access
VPNs and VPN Appliances
Remote Access VPN
	IPsec as a Tunneling Protocol
	SSL/TLS as a Tunneling Protocol
	Split Tunnel Versus Full Tunnel
	Site-to-Site VPNs
	Always-On VPN
	L2TP as a Tunneling Protocol
	HTML5 VPN Portal
Network Access Control
	Host Health Checks
	Agent Versus Agentless NAC
Authentication and Authorization Methods
	PAP
	CHAP
	RADIUS
	TACACS+
	AAA Protocols
Chapter 4 Exam Topic Review
Chapter 4 Practice Questions
Chapter 4 Practice Question Answers
Chapter 5 Securing Hosts and Data
Summarize Virtualization Concepts
Thin Clients and Virtual Desktop Infrastructure
Containers
VM Escape Protection
VM Sprawl Avoidance
Replication
Snapshots
Non-Persistence
Implementing Secure Systems
Endpoint Security
Hardening Systems
Configuration Management
Secure Baseline and Integrity Measurements
Using Master Images for Baseline Configurations
Patch Management
Change Management Policy
Application Approved Lists and Block Lists
Application Programming Interfaces
Microservices and APIs
FDE and SED
Boot Integrity
	Boot Security and UEFI
	Trusted Platform Module
	Hardware Security Module
Protecting Data
Data Loss Prevention
	Rights Management
	Removable Media
	Data Exfiltration
	Protecting Confidentiality with Encryption
	Database Security
Summarizing Cloud Concepts
Software as a Service
Platform as a Service
Infrastructure as a Service
Anything as a Service
Cloud Deployment Models
Managed Security Service Provider
Cloud Service Provider Responsibilities
Cloud Security Controls
On-Premises Versus Off-Premises
	On-Premises
	Off-Premises
Cloud Access Security Broker
Cloud-Based DLP
Next-Generation Secure Web Gateway
Firewall Considerations
Infrastructure as Code
Edge and Fog Computing
Cloud Security Alliance
Deploying Mobile Devices Securely
Deployment Models
Connection Methods and Receivers
Mobile Device Management
Mobile Device Enforcement and Monitoring
	Unauthorized Software
	Messaging Services
	Hardware Control
	Unauthorized Connections
SEAndroid
Exploring Embedded Systems
Understanding Internet of Things
ICS and SCADA Systems
IoT and Embedded Systems
Security Implications of Embedded Systems
Embedded System Constraints
Communication Considerations
Chapter 5 Exam Topic Review
Chapter 5 Practice Questions
Chapter 5 Practice Question Answers
Chapter 6 Comparing Threats, Vulnerabilities, and Common Attacks
Understanding Threat Actors
Attack Vectors
Shadow IT
Determining Malware Types
Viruses
Worms
Logic Bombs
Backdoors
Trojans
Remote Access Trojan
Keyloggers
Spyware
Rootkit
Bots and Botnets
Command and Control
Ransomware and Cryptomalware
Potentially Unwanted Programs
Fileless Virus
Potential Indicators of a Malware Attack
Recognizing Common Attacks
Social Engineering
	Impersonation
	Shoulder Surfing
	Tricking Users with Hoaxes
	Tailgating and Access Control Vestibules
	Dumpster Diving
	Zero-Day Vulnerabilities
	Watering Hole Attacks
	Typo Squatting
	Eliciting Information
	Pretexting and Prepending
	Identity Theft and Identity Fraud
	Invoice Scams
	Credential Harvesting
	Reconnaissance
	Influence Campaigns
Attacks via Email and Phone
	Spam
	Spam over Internet Messaging
	Phishing
	Spear Phishing
	Whaling
	Vishing
	Smishing
One Click Lets Them In
Blocking Malware and Other Attacks
Spam Filters
Antivirus and Anti-Malware Software
	Signature-Based Detection
	Heuristic-Based Detection
	File Integrity Monitors
	Cuckoo Sandbox
Why Social Engineering Works
	Authority
	Intimidation
	Consensus
	Scarcity
	Urgency
	Familiarity
	Trust
Threat Intelligence Sources
Research Sources
Chapter 6 Exam Topic Review
Chapter 6 Practice Questions
Chapter 6 Practice Question Answers
Chapter 7 Protecting Against Advanced Attacks
Understanding Attack Frameworks
Cyber Kill Chain
Diamond Model of Intrusion Analysis
MITRE ATT&CK
Identifying Network Attacks
DoS Versus DDoS
SYN Flood Attacks
Spoofing
On-Path Attacks
Secure Sockets Layer Stripping
Layer 2 Attacks
	ARP Poisoning Attacks
	MAC Flooding
	MAC Cloning
DNS Attacks
	DNS Poisoning Attacks
	Pharming Attack
	URL Redirection
	Domain Hijacking
	Domain Reputation
	DNS Sinkhole
	DNS Log Files
Replay Attacks and Session Replays
Summarizing Secure Coding Concepts
OWASP
Code Reuse and Dead Code
Third-Party Libraries and SDKs
Input Validation
	Client-Side and Server-Side Input Validation
	Other Input Validation Techniques
Avoiding Race Conditions
Proper Error Handling
Code Obfuscation and Camouflage
Software Diversity
	Outsourced Code Development
	Data Exposure
	HTTP Headers
	Secure Cookie
	Code Signing
Analyzing and Reviewing Code
Software Version Control
Secure Development Environment
Database Concepts
	Normalization
	SQL Queries
Provisioning and Deprovisioning
Integrity Measurement
Web Server Logs
Using Scripting for Automation
Identifying Malicious Code and Scripts
PowerShell
Bash
Python
Macros
Visual Basic for Applications (VBA)
OpenSSL
SSH
Identifying Application Attacks
Zero-Day Attacks
Memory Vulnerabilities
	Memory Leak
	Buffer Overflows and Buffer Overflow Attacks
	Integer Overflow
	Pointer/Object Dereference
Other Injection Attacks
	Dynamic Link Library Injection
	Lightweight Directory Access Protocol Injection
	Extensible Markup Language Injection
Directory Traversal
Cross-Site Scripting
Cross-Site Request Forgery
Server-Side Request Forgeries
Client-Side Request Forgeries
Driver Manipulation
Artificial Intelligence and Machine Learning
	AI and ML in Cybersecurity
	Adversarial Artificial Intelligence
	Tainted Data for Machine Learning
	Security of Machine Learning Algorithms
Chapter 7 Exam Topic Review
Chapter 7 Practice Questions
Chapter 7 Practice Question Answers
Chapter 8 Using Risk Management Tools
Understanding Risk Management
Threats
Risk Types
Vulnerabilities
Risk Management Strategies
	Risk Assessment Types
	Risk Analysis
	Supply Chain Risks
Threat Hunting
Comparing Scanning and Testing Tools
Checking for Vulnerabilities
	Password Crackers
	Network Scanners
	Vulnerability Scanning
	Credentialed Versus Non-Credentialed
	Configuration Review
Penetration Testing
	Rules of Engagement
	Reconnaissance
	Footprinting Versus Fingerprinting
	Initial Exploitation
	Persistence
	Lateral Movement
	Privilege Escalation
	Pivoting
	Known, Unknown, and Partially Known Testing Environments
	Cleanup
Bug Bounty Programs
Intrusive Versus Non-Intrusive Testing
Exercise Types
Capturing Network Traffic
Packet Capture and Replay
Tcpreplay and Tcpdump
NetFlow, sFlow, and IPFIX
Understanding Frameworks and Standards
Key Frameworks
Risk Management Framework
Reference Architecture
Exploitation Frameworks
Benchmarks and Configuration Guides
Chapter 8 Exam Topic Review
Chapter 8 Practice Questions
Chapter 8 Practice Question Answers
Chapter 9 Implementing Controls to Protect Assets
Comparing Physical Security Controls
Securing Door Access with Cards
Comparing Locks
	Physical Locks
	Physical Cipher Locks
	Biometric Locks
	Cable Locks
Increasing Security with Personnel
Monitoring Areas with Cameras
Sensors
Fencing, Lighting, and Alarms
Securing Access with Barricades
Using Signage
Drones
Asset Management
Implementing Diversity
Creating Secure Areas
	Air Gap
	Vaults
	Faraday Cage
	Safes
Hot and Cold Aisles
Physical Attacks
	Malicious Universal Serial Bus (USB) Cable
	Malicious Flash Drive
	Card Skimming and Card Cloning
Fire Suppression
Protected Cable Distribution
Adding Redundancy and Fault Tolerance
Single Point of Failure
Disk Redundancies
	RAID-0
	RAID-1
	RAID-5 and RAID-6
	RAID-10
	Disk Multipath
Server Redundancy and High Availability
	Active/Active Load Balancers
	Active/Passive Load Balancers
NIC Teaming
Power Redundancies
Protecting Data with Backups
Backup Media
Online Versus Offline Backups
Comparing Backup Types
	Full Backups
	Restoring a Full Backup
	Differential Backups
	Order of Restoration for a Full/Differential Backup Set
	Incremental Backups
	Order of Restoration for a Full/Incremental Backup Set
	Choosing Full/Incremental or Full/Differential
	Snapshot and Image Backups
	Copy Backup
	Testing Backups
Backups and Geographic Considerations
Comparing Business Continuity Elements
Business Impact Analysis Concepts
	Site Risk Assessment
	Impact
	Recovery Time Objective
	Recovery Point Objective
	Comparing MTBF and MTTR
Continuity of Operations Planning
	Site Resiliency
	Restoration Order
Disaster Recovery
Testing Plans with Exercises
Chapter 9 Exam Topic Review
Chapter 9 Practice Questions
Chapter 9 Practice Question Answers
Chapter 10 Understanding Cryptography and PKI
Introducing Cryptography Concepts
Providing Integrity with Hashing
Hash Versus Checksum
MD5
Secure Hash Algorithms
HMAC
Hashing Files
Hashing Messages
Using HMAC
Hashing Passwords
Understanding Hash Collisions
Understanding Password Attacks
Dictionary Attacks
Brute Force Attacks
Spraying Attacks
Pass the Hash Attacks
Birthday Attacks
Rainbow Table Attacks
Salting Passwords
Key Stretching
Providing Confidentiality with Encryption
Symmetric Encryption
Block Versus Stream Ciphers
Common Symmetric Algorithms
	AES
	3DES
	Blowfish and Twofish
Asymmetric Encryption
	Key Exchange
	The Rayburn Box
Certificates
Ephemeral Keys
Elliptic Curve Cryptography
Quantum Computing
	Quantum Cryptography
	Post-Quantum Cryptography
Lightweight Cryptography
Homomorphic Encryption
Key Length
Modes of Operation
Steganography
	Audio Steganography
	Image Steganography
	Video Steganography
Using Cryptographic Protocols
Protecting Email
	Signing Email with Digital Signatures
	Encrypting Email
	S/MIME
HTTPS Transport Encryption
	TLS Versus SSL
	Encrypting HTTPS Traffic with TLS
	Downgrade Attacks on Weak Implementations
Blockchain
Crypto Diversity
Identifying Limitations
	Resource Versus Security Constraints
	Speed and Time
	Size and Computational Overhead
	Entropy
	Predictability
	Weak Keys
	Longevity
	Reuse
Plaintext Attack
Common Use Cases
Exploring PKI Components
Certificate Authority
Certificate Trust Models
Registration Authority and CSRs
Online Versus Offline CAs
Updating and Revoking Certificates
Certificate Revocation List
Validating a Certificate
Public Key Pinning
Key Escrow
Key Management
Comparing Certificate Types
Comparing Certificate Formats
Chapter 10 Exam Topic Review
Chapter 10 Practice Questions
Chapter 10 Practice Question Answers
Chapter 11 Implementing Policies to Mitigate Risks
Exploring Security Policies
Personnel Policies
	Acceptable Use Policy
	Mandatory Vacations
	Separation of Duties
	Least Privilege
	Job Rotation
	Clean Desk Space
	Background Check
	Onboarding
	Offboarding
	Non-Disclosure Agreement
	Social Media Analysis
	Third-Party Risk Management
	Terms of Agreement
	Measurement Systems Analysis
Incident Response Policies
Incident Response Plan
	Communication Plan
	Data Breach Responses
	Stakeholder Management
Incident Response Process
Understanding SOAR
	Playbooks
	Runbooks
Understanding Digital Forensics
Key Aspects of Digital Forensics
	Admissibility of Documentation and Evidence
	On-Premises Versus Cloud Concerns
Acquisition and Preservation
	Order of Volatility
	Data Acquisition
	Forensic Tools
	Electronic Discovery
	Data Recovery
Strategic Intelligence and Counterintelligence
Protecting Data
Classifying Data Types
PII and Health Information
Impact Assessment
Data Governance
Privacy Enhancing Technologies
	Data Masking
	Anonymization
	Pseudo-Anonymization
	Tokenization
Data Retention Policies
Data Sanitization
Training Users
Computer-Based Training
Phishing Campaigns
Phishing Simulations
Gamification
Capture the Flag
Role-Based Awareness Training
Chapter 11 Exam Topic Review
Chapter 11 Practice Questions
Chapter 11 Practice Question Answers
Post-Assessment Questions
Post-Assessment Answers




نظرات کاربران

تمامی حقوق معنوی و مادی وبسایت متعلق به اینترنشنال لایبرری می باشد
نماد اعتماد الکترونیکی