دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید
در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید
برای کاربرانی که ثبت نام کرده اند
درصورت عدم همخوانی توضیحات با کتاب
از ساعت 7 صبح تا 10 شب
ویرایش: [6 ed.] نویسندگان: Wm. Arthur Conklin, Greg White, Chuck Cothren, Roger Davis, Dwayne Williams سری: ISBN (شابک) : 1260474313, 9781260474312 ناشر: McGraw Hill سال نشر: 2021 تعداد صفحات: 1072 [1074] زبان: English فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود) حجم فایل: 105 Mb
در صورت تبدیل فایل کتاب Principles of Computer Security: CompTIA Security+ and Beyond (Exam SY0-601) به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب اصول امنیت کامپیوتر: CompTIA Security+ و فراتر از آن (Exam SY0-601) نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
موارد ضروری امنیت رایانه کاملاً بهروز شده—مطابق با آزمون CompTIA Security SY0-601
در هر کوپن امتحان CompTIA 10% صرفهجویی کنید! کد کوپن در داخل.
مبانی امنیت فناوری اطلاعات را بیاموزید و در عین حال پوشش کاملی از اهداف مربوط به آخرین نسخه آزمون گواهینامه CompTIA Security SY0-601 را دریافت کنید. این کتاب درسی کاملاً بازبینی شده و تمام رنگی نحوه ایمن سازی سخت افزار، سیستم ها و نرم افزار را پوشش می دهد. این تهدیدات جدید و محیطهای ابری را مورد توجه قرار میدهد و پوشش بیشتری از حاکمیت، ریسک، انطباق و موارد دیگر ارائه میکند. نوشته شده توسط تیمی از مربیان امنیت بسیار محترم، اصول امنیت کامپیوتر: CompTIA Security™ و فراتر از آن، نسخه ششم (Exam SY0-601) به شما کمک می کند تا در عین حال که در حال آماده سازی نیز هستید، یک متخصص امنیت کامپیوتر دارای گواهی CompTIA شوید. شما برای یک شغل موفق هستید.
چگونه می توانید:
Fully updated computer security essentials―mapped to the CompTIA Security+ SY0-601 exam
Save 10% on any CompTIA exam voucher! Coupon code inside.
Learn IT security fundamentals while getting complete coverage of the objectives for the latest release of CompTIA Security+ certification exam SY0-601. This thoroughly revised, full-color textbook covers how to secure hardware, systems, and software. It addresses new threats and cloud environments, and provides additional coverage of governance, risk, compliance, and much more. Written by a team of highly respected security educators, Principles of Computer Security: CompTIA Security+™ and Beyond, Sixth Edition (Exam SY0-601) will help you become a CompTIA-certified computer security expert while also preparing you for a successful career.
Find out how to:
Cover About the Authors Title Page Copyright Page Acknowledgments About this Book Contents at a Glance Contents Foreword Preface Introduction Instructor Website Chapter 1 Introduction and Security Trends The Computer Security Problem Definition of Computer Security Historical Security Incidents The Current Threat Environment Infrastructure Attacks Ransomware Threats to Security Viruses and Worms Intruders Insiders Criminal Organizations Nation-States, Terrorists, and Information Warfare Brand-Name Attacks Attributes of Actors Internal/External Level of Sophistication Resources/Funding Intent/Motivation Security Trends Targets and Attacks Specific Target Opportunistic Target Minimizing Possible Avenues of Attack Approaches to Computer Security Cybersecurity Kill Chain Threat Intelligence Open Source Intelligence Ethics Additional References Chapter 1 Review Chapter 2 General Security Concepts Basic Security Terminology Security Basics Security Tenets Security Approaches Security Principles Formal Security Models Confidentiality Models Integrity Models Additional References Chapter 2 Review Chapter 3 Operational and Organizational Security Policies, Procedures, Standards, and Guidelines Organizational Policies Change Management Policy Change Control Asset Management Security Policies Data Policies Credential Policies Password and Account Policies Human Resources Policies Code of Ethics Job Rotation Separation of Duties Employee Hiring (Onboarding) and Promotions Retirement, Separation, or Termination (Offboarding) Exit Interviews Onboarding/Offboarding Business Partners Adverse Actions Mandatory Vacations Acceptable Use Policy Internet Usage Policy E-mail Usage Policy Social Media Analysis Clean Desk Policy Bring-Your-Own-Device (BYOD) Policy Privacy Policy Due Care and Due Diligence Due Process Incident Response Policies and Procedures Security Awareness and Training Diversity of Training Techniques Security Policy Training and Procedures User Training Role-Based Training Continuing Education Compliance with Laws, Best Practices, and Standards User Habits Training Metrics and Compliance Standard Operating Procedures Third-Party Risk Management Vendors Supply Chain Business Partners Interoperability Agreements Service Level Agreement (SLA) Memorandum of Understanding (MOU) Measurement Systems Analysis (MSA) Business Partnership Agreement (BPA) Interconnection Security Agreement (ISA) NDA End of Service Life (EOSL) End of Life (EOL) Chapter 3 Review Chapter 4 The Role of People in Security People—A Security Problem Social Engineering Tools Principles (Reasons for Effectiveness) Defenses Attacks Impersonation Phishing Smishing Vishing Spam Spam over Internet Messaging (SPIM) Spear Phishing Whaling Pharming Dumpster Diving Shoulder Surfing Tailgating/Piggybacking Eliciting Information Prepending Identity Fraud Invoice Scams Credential Harvesting Reverse Social Engineering Reconnaissance Hoax Watering Hole Attack Typo Squatting Influence Campaigns Poor Security Practices Password Selection Shoulder Surfing Piggybacking Dumpster Diving Installing Unauthorized Hardware and Software Data Handling Physical Access by Non-Employees Clean Desk Policies People as a Security Tool Security Awareness Security Policy Training and Procedures Chapter 4 Review Chapter 5 Cryptography Cryptography in Practice Fundamental Methods Comparative Strengths and Performance of Algorithms Key Length Cryptographic Objectives Diffusion Confusion Obfuscation Perfect Forward Secrecy Security Through Obscurity Historical Perspectives Algorithms Substitution Ciphers One-Time Pads Key Management Random Numbers Salting Hashing Functions Message Digest SHA RIPEMD Hashing Summary Symmetric Encryption DES 3DES AES CAST RC Blowfish Twofish IDEA ChaCha20 Cipher Modes Authenticated Encryption with Associated Data (AEAD) Block vs. Stream Symmetric Encryption Summary Asymmetric Encryption Diffie-Hellman RSA Algorithm ElGamal ECC Asymmetric Encryption Summary Symmetric vs. Asymmetric Quantum Cryptography Post-Quantum Lightweight Cryptography Homomorphic Encryption For More Information Chapter 5 Review Chapter 6 Applied Cryptography Cryptography Use Confidentiality Integrity Authentication Nonrepudiation Digital Signatures Digital Rights Management Cryptographic Applications Use of Proven Technologies Cipher Suites Secret Algorithms Key Exchange Key Escrow Session Keys Ephemeral Keys Key Stretching Transport Encryption TLS v1.3 Data in Transit/Motion Data at Rest Data in Use/Processing Implementation vs. Algorithm Selection Common Use Cases HMAC S/MIME IETF S/MIME History IETF S/MIME v3 Specifications PGP How PGP Works Steganography Secure Protocols DNSSEC SSH S/MIME SRTP LDAPS FTPS SFTP SNMPv3 TLS HTTPS Secure POP/IMAP IPSec Secure Protocol Use Cases Voice and Video Time Synchronization E-mail and Web File Transfer Directory Services Remote Access Domain Name Resolution Routing and Switching Network Address Allocation Subscription Services Cryptographic Attacks Birthday Known Plaintext/Ciphertext Chosen Cipher Text Attack Weak Implementations Meet-in-the-Middle Attacks Replay Downgrade Collision Password Attacks Other Standards FIPS Common Criteria ISO/IEC 27002 (Formerly ISO 17799) Chapter 6 Review Chapter 7 Public Key Infrastructure The Basics of Public Key Infrastructures Certificate Authorities Registration Authorities Local Registration Authorities Public Certificate Authorities In-house Certificate Authorities Choosing Between a Public CA and an In-house CA Outsourced Certificate Authorities Online vs. Offline CA Stapling Pinning Trust Models Certificate Chaining Hierarchical Trust Model Peer-to-Peer Model Hybrid Trust Model Walking the Certificate Path Digital Certificates Certificate Classes Certificate Extensions Certificate Attributes Certificate Formats Certificate Lifecycles Registration and Generation CSR Renewal Suspension Certificate Revocation Key Destruction Certificate Repositories Sharing Key Stores Trust and Certificate Verification Centralized and Decentralized Infrastructures Hardware Security Modules Private Key Protection Key Recovery Key Escrow Certificate-Based Threats PKIX and PKCS PKIX Standards PKCS Why You Need to Know the PKIX and PKCS Standards Stolen Certificates ISAKMP CMP XKMS CEP Chapter 7 Review Chapter 8 Physical Security The Security Problem Physical Security Safeguards Walls and Guards Lights and Signage Physical Access Controls and Monitoring Electronic Access Control Systems Policies and Procedures Environmental Controls Hot and Cold Aisles Fire Suppression Water-Based Fire Suppression Systems Halon-Based Fire Suppression Systems Clean-Agent Fire Suppression Systems Handheld Fire Extinguishers Fire Detection Devices Electromagnetic Environment Power Protection UPS Backup Power and Cable Shielding Generator Dual Supply Managed Power Distribution Units (PDUs) Drones/UAVs Chapter 8 Review Chapter 9 Network Fundamentals Network Architectures Network Topology Wireless Ad Hoc Segregation/Segmentation/Isolation Physical Separation Enclaves Logical (VLAN) Virtualization Airgaps Zones and Conduits Zero Trust Security Zones DMZ Internet East-West Traffic Intranet Extranet Wireless Guest Honeynets Flat Networks Network Protocols Protocols Packets Internet Protocol IP Packets TCP vs. UDP ICMP IPv4 vs. IPv6 Expanded Address Space Neighbor Discovery Benefits of IPv6 Packet Delivery Ethernet Local Packet Delivery ARP Attacks Remote Packet Delivery IP Addresses and Subnetting Network Address Translation Inter-Networking MPLS Software-Defined Networking (SDN) Software-Defined Visibility (SDV) Quality of Service (QoS) Traffic Engineering Route Security For More Information Chapter 9 Review Chapter 10 Infrastructure Security Devices Workstations Servers Mobile Devices Device Security, Common Concerns Network-Attached Storage Removable Storage Virtualization Hypervisor Application Cells/Containers VM Sprawl Avoidance VM Escape Protection Snapshots Patch Compatibility Host Availability/Elasticity Security Control Testing Sandboxing Networking Network Interface Cards Hubs Bridges Switches Port Security Routers Security Devices Firewalls VPN Concentrator Wireless Devices Modems Telephony Intrusion Detection Systems Network Access Control Network Monitoring/Diagnostic Load Balancers Proxies Web Security Gateways Internet Content Filters Data Loss Prevention Unified Threat Management Security Device/Technology Placement Sensors Collectors TAPs and Port Mirror Correlation Engines Filters SSL Accelerators DDoS Mitigator Aggregation Switches Tunneling/VPN Site-to-Site Remote Access Storage Area Networks iSCSI Fibre Channel FCoE Media Coaxial Cable UTP/STP Fiber Unguided Media Removable Media Magnetic Media Optical Media Electronic Media Security Concerns for Transmission Media Physical Security Concerns Chapter 10 Review Chapter 11 Authentication and Remote Access User, Group, and Role Management User Shared and Generic Accounts/Credentials Guest Accounts Service Accounts Privileged Accounts Group Role Account Policies Account Policy Enforcement Domain Passwords Single Sign-On Credential Management Group Policy Standard Naming Convention Account Maintenance Usage Auditing and Review Account Audits Time-of-Day Restrictions Impossible Travel Time/Risky Login Account Expiration Privileged Access Management Authorization Access Control Security Controls and Permissions Access Control Lists (ACLs) Mandatory Access Control (MAC) Discretionary Access Control (DAC) Role-Based Access Control (RBAC) Rule-Based Access Control Attribute-Based Access Control (ABAC) Conditional Access Identity Identity Provider (IdP) Identity Attributes Certificates Identity Tokens SSH Keys Smart Cards Authentication Methods Authentication Directory Services Federation Attestation Transitive Trust Technologies Biometric Factors Fingerprint Scanner Retinal Scanner Iris Scanner Voice Recognition Facial Recognition Vein Gait Analysis Biometric Efficacy Rates False Positives and False Negatives False Acceptance Rate False Rejection Rate Crossover Error Rate Biometrics Calculation Example Multifactor Authentication Factors Attributes Remote Access IEEE 802.1X LDAP RADIUS TACACS+ Authentication Protocols FTP/FTPS/SFTP VPNs Vulnerabilities of Remote Access Methods Preventing Data Loss or Theft Database Security Cloud vs. On-premises Requirements Connection Summary For More Information Chapter 11 Review Chapter 12 Wireless Security and Mobile Devices Connection Methods and Receivers Cellular Wi-Fi Bluetooth NFC Infrared USB Point-to-Point Point-to-Multipoint Global Positioning System (GPS) RFID SATCOM Wireless Protocols 802.11: Individual Standards WEP Current Security Methods Authentication Protocols Wireless Systems Configuration Access Point SSID Fat vs. Thin Controller Based vs. Standalone Signal Strength Band Selection/Width Antenna Types and Placement Power-Level Controls Wi-Fi Analyzers Channel Overlays Wireless Access Point (WAP) Placement Site Surveys Heat Maps Controller and Access Point Security MAC Filtering Captive Portals Securing Public Wi-Fi Wireless Attacks Attacking 802.11 Replay IV Evil Twin Rogue AP Jamming Bluetooth Attacks Bluejacking Bluesnarfing Bluebugging RFID Disassociation Mobile Device Management Concepts Application Management Full Device Encryption (FDE) Content Management Remote Wipe Geofencing Geolocation Geo-Tagging Screen Locks Push Notification Services Passwords and PINs Biometrics Context-Aware Authentication Containerization Storage Segmentation Asset Control Device Access Control Removable Storage Disabling Unused Features Mobile Application Security Application Control Key and Credential Management Authentication Application Whitelisting Encryption Transitive Trust/Authentication Mobile Devices MicroSD Hardware Security Module (HSM) MDM/Unified Endpoint Management (UEM) Mobile Application Management (MAM) SEAndroid/SELinux Policies for Enforcement and Monitoring Third-party App Stores Rooting/Jailbreaking Sideloading Custom Firmware Carrier Unlocking Firmware OTA Updates Camera Use SMS/MMS/RCS External Media USB On-The-Go (USB OTG) Recording Microphone GPS Tagging Wi-Fi Direct/Ad Hoc Tethering Hotspot Payment Methods Deployment Models CYOD COPE Corporate-Owned BYOD Virtual Desktop Infrastructure (VDI) Chapter 12 Review Chapter 13 Intrusion Detection Systems and Network Security History of Intrusion Detection Systems IDS Overview IDS Models Signatures False Positives and False Negatives Network-Based IDSs Advantages of a NIDS Disadvantages of a NIDS Active vs. Passive NIDSs NIDS Tools Host-Based IDSs Advantages of HIDSs Disadvantages of HIDSs Active vs. Passive HIDSs Resurgence and Advancement of HIDSs Intrusion Prevention Systems Network Security Monitoring Deception and Disruption Technologies Honeypots and Honeynets Honeyfiles/Honeyrecords Fake Telemetry DNS Sinkhole Analytics SIEM SIEM Dashboards Sensors Sensitivity Trends Alerts Correlation Aggregation Automated Alerting and Triggers Time Synchronization Event Deduplication Logs/WORM DLP USB Blocking Cloud-Based DLP E-mail Tools Protocol Analyzer Network Placement In-Band vs. Out-of-Band NIDS/NIPS Switched Port Analyzer Port Scanner Passive vs. Active Tools Banner Grabbing Indicators of Compromise Advanced Malware Tools For More Information Chapter 13 Review Chapter 14 System Hardening and Baselines Overview of Baselines Hardware/Firmware Security FDE/SED TPM Hardware Root of Trust HSM UEFI BIOS Measured Boot Secure Boot and Attestation Integrity Measurement Firmware Version Control EMI/EMP Supply Chain Operating System and Network Operating System Hardening Protection Rings OS Security OS Types Trusted Operating System Patch Management Disabling Unnecessary Ports and Services Secure Configurations Disable Default Accounts/Passwords Application Whitelisting/Blacklisting Sandboxing Secure Baseline Machine Hardening Hardening Microsoft Operating Systems Hardening UNIX- or Linux-Based Operating Systems Endpoint Protection Antivirus Anti-Malware Endpoint Detection and Response (EDR) DLP Next-Generation Firewall (NGFW) Host-based Intrusion Detection System (HIDS) Host-based Intrusion Prevention System (HIPS) Host-based Firewall Whitelisting vs. Blacklisting Applications AppLocker Hardware Security Network Hardening Software Updates Device Configuration Securing Management Interfaces VLAN Management Network Segmentation IPv4 vs. IPv6 Application Hardening Application Configuration Baseline Application Patches Patch Management Host Software Baselining Vulnerability Scanner Data-Based Security Controls Data Security Data Encryption Handling Big Data Cloud Storage Storage Area Network Permissions/ACL Environment Development Test Staging Production Automation/Scripting Automated Courses of Action Continuous Monitoring Configuration Validation Templates Master Image Nonpersistence Wrappers Elasticity Scalability Distributive Allocation Alternative Environments Alternative Environment Methods Peripherals Phones and Mobile Devices Embedded Systems Camera Systems Game Consoles Mainframes SCADA/ICS HVAC Smart Devices/IoT Special-Purpose Systems Industry-Standard Frameworks and Reference Architectures Regulatory Nonregulatory National vs. International Industry-Specific Frameworks Benchmarks/Secure Configuration Guides Platform/Vendor-Specific Guides General-Purpose Guides For More Information Chapter 14 Review Chapter 15 Types of Attacks and Malicious Software Avenues of Attack Minimizing Possible Avenues of Attack Malicious Code Malware Ransomware Trojans Worms Viruses Polymorphic Malware Potentially Unwanted Programs Command and Control Botnets Crypto-Malware Logic Bombs Spyware Adware Keyloggers Remote-Access Trojans (RATs) Rootkit Backdoors and Trapdoors Application-Level Attacks Malware Defenses Attacking Computer Systems and Networks Denial-of-Service Attacks Social Engineering Sniffing Spoofing MAC Spoofing TCP/IP Hijacking Man-in-the-Middle Attacks Man-in-the-Browser Replay Attacks Transitive Access Scanning Attacks Attacks on Encryption Address System Attacks Cache Poisoning Amplification Domain Hijacking Pass-the-Hash Attacks Software Exploitation Client-Side Attacks Driver Manipulation Advanced Persistent Threat Password Attacks Password Guessing Poor Password Choices Spraying Dictionary Attack Brute Force Attack Rainbow Tables Plaintext/Unencrypted Chapter 15 Review Chapter 16 Security Tools and Techniques Network Reconnaissance and Discovery Tools tracert/traceroute nslookup/dig ipconfig/ifconfig nmap ping/pathping hping netstat netcat (nc) IP Scanners arp route curl theHarvester sn1per scanless dnsenum Nessus Cuckoo File Manipulation Tools head tail cat grep chmod logger Shell and Script Environments SSH PowerShell Python OpenSSL Packet Capture and Replay Tools tcpreplay tcpdump Wireshark Forensic Tools dd memdump WinHex FTK Imager Autopsy Tool Suites Metasploit Kali Parrot OS Security Onion Social-Engineering Toolkit Cobalt Strike Core Impact Burp Suite Penetration Testing Penetration Testing Authorization Reconnaissance Passive vs. Active Tools Pivoting Initial Exploitation Persistence Escalation of Privilege Vulnerability Testing Vulnerability Scanning Concepts False Positives False Negatives Log Reviews Credentialed vs. Non-Credentialed Intrusive vs. Non-Intrusive Applications Web Applications Network Common Vulnerabilities and Exposures (CVE)/Common Vulnerability Scoring System (CVSS) Configuration Review System Testing Auditing Performing Routine Audits Vulnerabilities Cloud-based vs. On-premises Vulnerabilities Zero Day Weak Configurations Open Permissions Unsecure Root Accounts Errors Weak Encryption Unsecure Protocols Default Settings Open Ports and Services Improper or Weak Patch Management Chapter 16 Review Chapter 17 Web Components, E-mail, and Instant Messaging Current Web Components and Concerns Web Protocols Encryption (SSL and TLS) How TLS Works The Web (HTTP and HTTPS) HTTPS Everywhere HTTP Strict Transport Security Directory Services (DAP and LDAP) File Transfer (FTP and SFTP) Vulnerabilities Code-Based Vulnerabilities Java JavaScript Securing the Browser Server-Side Scripts Cookies Browser Plug-Ins Malicious Add-Ons Code Signing Application-Based Weaknesses Session Hijacking Client-Side Attacks Web 2.0 and Security How E-mail Works E-mail Structure MIME Security of E-mail Spam Malicious Code Hoax E-mails Mail Gateway Spam Filter Mail Relaying Greylisting Spam URI Real-time Block Lists Sender Policy Framework (SPF) Sender ID Framework DomainKeys Identified Mail DLP Mail Encryption S/MIME PGP Instant Messaging Modern Instant Messaging Systems Chapter 17 Review Chapter 18 Cloud Computing Cloud Computing Cloud Characteristics Cloud Computing Service Models Level of Control in the Hosting Models Services Integration Cloud Types Private Public Hybrid Community On-premises vs. Hosted vs. Cloud Cloud Service Providers Transit Gateway Cloud Security Controls High Availability Across Zones Resource Policies Secrets Management Integration and Auditing Storage Network Compute Security as a Service Managed Security Service Provider (MSSP) Cloud Security Solutions Cloud Access Security Broker (CASB) Application Security Firewall Considerations in a Cloud Environment Cloud-native Controls vs. Third-party Solutions Virtualization Type I Type II Virtual Machine (VM) Sprawl Avoidance VM Escape Protection VDI/VDE Fog Computing Edge Computing Thin Client Containers Microservices/API Serverless Architecture Chapter 18 Review Chapter 19 Secure Software Development The Software Engineering Process Process Models Secure Development Lifecycle Environments Secure Coding Concepts Error and Exception Handling Input and Output Validation Normalization Bug Tracking Application Attacks Cross-Site Scripting Injections Directory Traversal/Command Injection Buffer Overflow Integer Overflow Cross-Site Request Forgery Zero Day Attachments Locally Shared Objects Client-Side Attacks Arbitrary/Remote Code Execution Open Vulnerability and Assessment Language Application Hardening Application Configuration Baseline Application Patch Management NoSQL Databases vs. SQL Databases Server-Side vs. Client-Side Validation Code Signing Encryption Obfuscation/Camouflage Code Reuse/Dead Code Memory Management Use of Third-Party Libraries and SDKs Data Exposure Code Quality and Testing Static Code Analyzers Dynamic Analysis (Fuzzing) Stress Testing Sandboxing Model Verification Compiled Code vs. Runtime Code Software Diversity Compiler Binary Secure DevOps Automation/Scripting Continuous Monitoring Continuous Validation Continuous Integration Continuous Delivery Continuous Deployment Infrastructure as Code Elasticity Scalability Version Control and Change Management Baselining Immutable Systems Provisioning and Deprovisioning Integrity Measurement For More Information Chapter 19 Review Chapter 20 Risk Management An Overview of Risk Management Example of Risk Management at the International Banking Level Risk Management Vocabulary What Is Risk Management? Risk Management Culture Risk Response Techniques Risk Management Frameworks Security Controls Categories Control Types Business Risks Examples of Business Risks Examples of Technology Risks Business Impact Analysis Mission-Essential Functions Identification of Critical Systems Single Point of Failure Impact Third-party Risks Vendor Management Supply Chain Outsourced Code Development Data Storage Risk Mitigation Strategies Change Management Incident Management User Rights and Permissions Reviews Data Loss or Theft Risk Management Models General Risk Management Model Software Engineering Institute Model NIST Risk Models Model Application Risk Assessment Qualitatively Assessing Risk Risk Matrix/Heat Map Quantitatively Assessing Risk Adding Objectivity to a Qualitative Assessment Risk Calculation Qualitative vs. Quantitative Risk Assessment Tools Cost-Effectiveness Modeling Risk Management Best Practices System Vulnerabilities Threat Vectors Probability/Threat Likelihood Risks Associated with Cloud Computing and Virtualization Additional References Chapter 20 Review Chapter 21 Business Continuity, Disaster Recovery, and Change Management Business Continuity Business Continuity Plans Business Impact Analysis Identification of Critical Systems and Components Removing Single Points of Failure Risk Assessment Succession Planning After-Action Reports Failover Backups Alternative Sites Order of Restoration Utilities Secure Recovery Continuity of Operations Planning (COOP) Disaster Recovery Disaster Recovery Plans/Process Categories of Business Functions IT Contingency Planning Test, Exercise, and Rehearse Recovery Time Objective and Recovery Point Objective Why Change Management? The Key Concept: Separation of Duties Elements of Change Management Implementing Change Management Backout Plan The Purpose of a Change Control Board Code Integrity The Capability Maturity Model Integration Environment Development Test Staging Production Secure Baseline Sandboxing Integrity Measurement Chapter 21 Review Chapter 22 Incident Response Foundations of Incident Response Incident Management Goals of Incident Response Attack Frameworks Anatomy of an Attack Cyber Kill Chain MITRE ATT&CK The Diamond Model of Intrusion Analysis Threat Intelligence Threat Hunting Security Orchestration, Automation, and Response (SOAR) Incident Response Process Preparation Incident Response Plan Incident Identification/Detection Identification Initial Response Containment/Incident Isolation Strategy Formulation Investigation Eradication Recovery Reporting Lessons Learned Incident Response Team Exercises Tabletop Walkthroughs Simulations Stakeholder Management Communication Plan Data Sources Log Files Network System Application Security Web DNS Authentication Dump Files VoIP and Call Managers Session Initiation Protocol (SIP) Traffic Syslog/Rsyslog/Syslog-ng Journalctl NXLog Bandwidth Monitors NetFlow/sFlow Metadata Data Collection Models Collection Inventory Matrix Collection Management Framework Standards and Best Practices State of Compromise NIST Department of Justice Indicators of Compromise Security Measure Implementation Making Security Measurable Retention Policies For More Information Chapter 22 Review Chapter 23 Computer Forensics Evidence Types of Evidence Standards for Evidence Three Rules Regarding Evidence Chain of Custody Tags Forensic Process Data Recovery Acquiring Evidence Identifying Evidence Protecting Evidence Transporting Evidence Storing Evidence Conducting the Investigation Message Digest and Hash Analysis Timelines of Sequence of Events Provenance Recovery Strategic Intelligence/Counterintelligence Gathering Active Logging Track Man-Hours Reports Host Forensics Filesystems Artifacts Swap/Pagefile Firmware Snapshot Cache Windows Metadata Linux Metadata Timestamps Device Forensics Network Forensics Legal Hold E-discovery Big Data Cloud Right to Audit Clauses Regulatory/Jurisdiction Chapter 23 Review Chapter 24 Legal Issues and Ethics Cybercrime U.S. Law Enforcement Encryption Debate Common Internet Crime Schemes Sources of Laws Computer Trespass Convention on Cybercrime Significant U.S. Laws Payment Card Industry Data Security Standard (PCI DSS) Import/Export Encryption Restrictions Digital Signature Laws Digital Rights Management Ethics Chapter 24 Review Chapter 25 Privacy Data Handling Organizational Consequences of Privacy Breaches Reputation Damage Identity Theft Fines IP Theft Data Sensitivity Labeling and Handling Public Private Sensitive Confidential Critical Proprietary Personally Identifiable Information (PII) Data Roles Data Owner Data Controller Data Processor Data Custodian/Steward Data Privacy Officer Data Destruction and Media Sanitization Data/Information Lifecycle Burning Shredding Pulping Pulverizing Degaussing Purging Wiping U.S. Privacy Laws Fair Information Practice Principles (FIPPs) Privacy Act of 1974 Freedom of Information Act (FOIA) Family Education Records and Privacy Act (FERPA) U.S. Computer Fraud and Abuse Act (CFAA) U.S. Children’s Online Privacy Protection Act (COPPA) Video Privacy Protection Act (VPPA) Health Insurance Portability and Accountability Act (HIPAA) Gramm-Leach-Bliley Act (GLBA) California Senate Bill 1386 (SB 1386) U.S. Banking Rules and Regulations Payment Card Industry Data Security Standard (PCI DSS) Fair Credit Reporting Act (FCRA) Fair and Accurate Credit Transactions Act (FACTA) International Privacy Laws OECD Fair Information Practices European Laws Canadian Law Asian Laws Privacy-Enhancing Technologies Data Minimization Data Masking Tokenization Anonymization Pseudo-Anonymization Privacy Policies Terms of Agreement Privacy Notice Privacy Impact Assessment Web Privacy Issues Cookies Privacy in Practice User Actions Data Breaches For More Information Chapter 25 Review Appendix A CompTIA Security+ Exam Objectives: SY0-601 Appendix B About the Online Content System Requirements Your Total Seminars Training Hub Account Privacy Notice Single User License Terms and Conditions TotalTester Online Technical Support Glossary Index