HAPPY BOOKSGIVING
Use code BOOKSGIVING during checkout to save 40%-55% on books and eBooks. Shop now.
Register your product to gain access to bonus material or receive a coupon.
CompTIA Security+ SY0-601 Exam Cram Premium Edition and Practice Test
The exciting new CompTIA Security+ SY0-601 Exam Cram Premium Edition and Practice Test is a digital-only certification preparation product combining an eBook with enhanced Pearson IT Certification Practice Test. The Premium Edition eBook and Practice Test contains the following items:
Download the sample pages (includes Chapter 7)
Introduction . . . . . . . . . . . . . . . . . . . . . . xxviiPart I: Attacks, Threats, and Vulnerabilities 1CHAPTER 1: Social Engineering Techniques.. . . . . . . . . . . . . . . . 3 The Social Engineer.. . . . . . . . . . . . . . . . . . 4 Phishing and Related Attacks.. . . . . . . . . . . . . . . 6 Principles of Influence (Reasons for Effectiveness). . . . . . . . 10 What Next?.. . . . . . . . . . . . . . . . . . . . . 14CHAPTER 2: Attack Basics.. . . . . . . . . . . . . . . . . . . . . . 15 Malware. . . . . . . . . . . . . . . . . . . . . . . 16 Physical Attacks.. . . . . . . . . . . . . . . . . . . . 26 Adversarial Artificial Intelligence (AI).. . . . . . . . . . . . 27 Password Attacks. . . . . . . . . . . . . . . . . . . . 28 Downgrade Attacks.. . . . . . . . . . . . . . . . . . . 31 What Next?.. . . . . . . . . . . . . . . . . . . . . 34CHAPTER 3: Application Attacks.. . . . . . . . . . . . . . . . . . . . 35 Race Conditions.. . . . . . . . . . . . . . . . . . . . 36 Improper Software Handling.. . . . . . . . . . . . . . . 37 Resource Exhaustion.. . . . . . . . . . . . . . . . . . 37 Overflows.. . . . . . . . . . . . . . . . . . . . . . 38 Code Injections. . . . . . . . . . . . . . . . . . . . 39 Driver Manipulation.. . . . . . . . . . . . . . . . . . 40 Request Forgeries.. . . . . . . . . . . . . . . . . . . 41 Directory Traversal.. . . . . . . . . . . . . . . . . . . 44 Replay Attack.. . . . . . . . . . . . . . . . . . . . . 45 Secure Sockets Layer (SSL) Stripping.. . . . . . . . . . . . 45 Application Programming Interface (API) Attacks.. . . . . . . . 47 Pass-the-Hash Attack. . . . . . . . . . . . . . . . . . 49 What Next?.. . . . . . . . . . . . . . . . . . . . . 52CHAPTER 4: Network Attacks.. . . . . . . . . . . . . . . . . . . . . 53 Wireless. . . . . . . . . . . . . . . . . . . . . . . 54 On-Path Attack. . . . . . . . . . . . . . . . . . . . 58 Layer 2 Attacks. . . . . . . . . . . . . . . . . . . . 59 Domain Name System (DNS) Attacks.. . . . . . . . . . . . 62 Denial of Service. . . . . . . . . . . . . . . . . . . . 64 Malicious Code and Script Execution.. . . . . . . . . . . . 68 What Next?.. . . . . . . . . . . . . . . . . . . . . 71CHAPTER 5: Threat Actors, Vectors, and Intelligence Sources. . . . . . . . . . 73 Threat Actor Attributes.. . . . . . . . . . . . . . . . . 74 Threat Actor Types.. . . . . . . . . . . . . . . . . . . 75 Vectors.. . . . . . . . . . . . . . . . . . . . . . . 80 Threat Intelligence and Research Sources.. . . . . . . . . . . 81 What Next?.. . . . . . . . . . . . . . . . . . . . . 87CHAPTER 6: Vulnerabilities.. . . . . . . . . . . . . . . . . . . . . . 89 Cloud-Based vs. On-Premises. . . . . . . . . . . . . . . 90 Zero-Day. . . . . . . . . . . . . . . . . . . . . . 90 Weak Configurations. . . . . . . . . . . . . . . . . . 91 Third-Party Risks.. . . . . . . . . . . . . . . . . . . 95 Impacts.. . . . . . . . . . . . . . . . . . . . . . . 96 What Next?.. . . . . . . . . . . . . . . . . . . . . 98CHAPTER 7: Security Assessment Techniques.. . . . . . . . . . . . . . . 99 Vulnerability Scans.. . . . . . . . . . . . . . . . . . . 100 Threat Assessment.. . . . . . . . . . . . . . . . . . . 103 What Next?.. . . . . . . . . . . . . . . . . . . . . 110CHAPTER 8: Penetration Testing Techniques.. . . . . . . . . . . . . . . . 111 Testing Methodology. . . . . . . . . . . . . . . . . . 112 Team Exercises.. . . . . . . . . . . . . . . . . . . . 118 What Next?.. . . . . . . . . . . . . . . . . . . . . 120Part II: Architecture and Design 121CHAPTER 9: Enterprise Security Concepts.. . . . . . . . . . . . . . . . . 123 Configuration Management.. . . . . . . . . . . . . . . . 124 Data Confidentiality.. . . . . . . . . . . . . . . . . . 126 Deception and Disruption.. . . . . . . . . . . . . . . . 139 What Next?.. . . . . . . . . . . . . . . . . . . . . 143CHAPTER 10: Virtualization and Cloud Computing.. . . . . . . . . . . . . . 145 Virtualization.. . . . . . . . . . . . . . . . . . . . . 145 On-Premises vs. Off-Premises. . . . . . . . . . . . . . . 154 Cloud Models. . . . . . . . . . . . . . . . . . . . . 155 What Next?.. . . . . . . . . . . . . . . . . . . . . 164CHAPTER 11: Secure Application Development, Deployment, and Automation.. . . . 165 Application Environment.. . . . . . . . . . . . . . . . . 166 Integrity Measurement.. . . . . . . . . . . . . . . . . 168 Change Management and Version Control.. . . . . . . . . . . 169 Secure Coding Techniques.. . . . . . . . . . . . . . . . 170 Automation and Scripting.. . . . . . . . . . . . . . . . 180 Scalability and Elasticity. . . . . . . . . . . . . . . . . 184 What Next?.. . . . . . . . . . . . . . . . . . . . . 187CHAPTER 12: Authentication and Authorization Design. . . . . . . . . . . . . 189 Identification and Authentication, Authorization, and Accounting (AAA).. . . . . . . . . . . . . . . . . . . 189 Multifactor Authentication.. . . . . . . . . . . . . . . . 190 Single Sign-on.. . . . . . . . . . . . . . . . . . . . 192 Authentication Technologies. . . . . . . . . . . . . . . . 195 What Next?.. . . . . . . . . . . . . . . . . . . . . 204CHAPTER 13: Cybersecurity Resilience.. . . . . . . . . . . . . . . . . . 205 Redundancy.. . . . . . . . . . . . . . . . . . . . . 205 Backups.. . . . . . . . . . . . . . . . . . . . . . . 214 Defense in Depth.. . . . . . . . . . . . . . . . . . . 221 What Next?.. . . . . . . . . . . . . . . . . . . . . 224CHAPTER 14: Embedded and Specialized Systems. . . . . . . . . . . . . . 225 Embedded Systems.. . . . . . . . . . . . . . . . . . . 225 SCADA and ICS. . . . . . . . . . . . . . . . . . . . 227 Smart Devices and IoT.. . . . . . . . . . . . . . . . . 229 What Next?.. . . . . . . . . . . . . . . . . . . . . 238CHAPTER 15: Physical Security Controls.. . . . . . . . . . . . . . . . . . 239 Perimeter Security.. . . . . . . . . . . . . . . . . . . 239 Internal Security.. . . . . . . . . . . . . . . . . . . . 243 Equipment Security. . . . . . . . . . . . . . . . . . . 246 Environmental Controls.. . . . . . . . . . . . . . . . . 249 Secure Data Destruction.. . . . . . . . . . . . . . . . . 255 What Next?.. . . . . . . . . . . . . . . . . . . . . 259CHAPTER 16: Cryptographic Concepts. . . . . . . . . . . . . . . . . . . 261 Cryptosystems.. . . . . . . . . . . . . . . . . . . . 262 Use of Proven Technologies and Implementation.. . . . . . . . 272 Steganography.. . . . . . . . . . . . . . . . . . . . 273 Cryptography Use Cases.. . . . . . . . . . . . . . . . . 274 Cryptography Constraints.. . . . . . . . . . . . . . . . 276 What Next?.. . . . . . . . . . . . . . . . . . . . . 277Part III: Implementation 279CHAPTER 17: Secure Protocols.. . . . . . . . . . . . . . . . . . . . . 281 Secure Web Protocols.. . . . . . . . . . . . . . . . . . 282 Secure File Transfer Protocols.. . . . . . . . . . . . . . . 286 Secure Email Protocols.. . . . . . . . . . . . . . . . . 287 Secure Internet Protocols. . . . . . . . . . . . . . . . . 288 Secure Protocol Use Cases.. . . . . . . . . . . . . . . . 293 What Next?.. . . . . . . . . . . . . . . . . . . . . 305CHAPTER 18: Host and Application Security Solutions.. . . . . . . . . . . . . 307 Endpoint Protection.. . . . . . . . . . . . . . . . . . 308 Firewalls and HIPS/HIDS Solutions.. . . . . . . . . . . 308 Anti-Malware and Other Host Protections. . . . . . . . . 310 Application Security.. . . . . . . . . . . . . . . . . . 318 Hardware and Firmware Security.. . . . . . . . . . . . . . 322 Operating System Security.. . . . . . . . . . . . . . . . 330 What Next?.. . . . . . . . . . . . . . . . . . . . . 338CHAPTER 19: Secure Network Design.. . . . . . . . . . . . . . . . . . . 339 Network Devices and Segmentation.. . . . . . . . . . . . . 340 Security Devices and Boundaries. . . . . . . . . . . . . . 347 What Next?.. . . . . . . . . . . . . . . . . . . . . 369CHAPTER 20: Wireless Security Settings.. . . . . . . . . . . . . . . . . . 371 Access Methods.. . . . . . . . . . . . . . . . . . . . 372 Wireless Cryptographic Protocols.. . . . . . . . . . . . . . 373 Authentication Protocols.. . . . . . . . . . . . . . . . . 377 Wireless Access Installations. . . . . . . . . . . . . . . . 379 What Next?.. . . . . . . . . . . . . . . . . . . . . 387CHAPTER 21: Secure Mobile Solutions. . . . . . . . . . . . . . . . . . . 389 Communication Methods. . . . . . . . . . . . . . . . . 389 Mobile Device Management Concepts. . . . . . . . . . . . 393 Enforcement and Monitoring.. . . . . . . . . . . . . . . 405 Deployment Models.. . . . . . . . . . . . . . . . . . 412 What Next?.. . . . . . . . . . . . . . . . . . . . . 420CHAPTER 22: Cloud Cybersecurity Solutions.. . . . . . . . . . . . . . . . 421 Cloud Workloads.. . . . . . . . . . . . . . . . . . . 422 Third-Party Cloud Security Solutions.. . . . . . . . . . . . 428 What Next?.. . . . . . . . . . . . . . . . . . . . . 431CHAPTER 23: Identity and Account Management Controls.. . . . . . . . . . . 433 Account Types.. . . . . . . . . . . . . . . . . . . . 433 Account Management.. . . . . . . . . . . . . . . . . . 435 Account Policy Enforcement.. . . . . . . . . . . . . . . 441 What Next?.. . . . . . . . . . . . . . . . . . . . . 448CHAPTER 24: Authentication and Authorization Solutions.. . . . . . . . . . . . 449 Authentication.. . . . . . . . . . . . . . . . . . . . 450 Access Control.. . . . . . . . . . . . . . . . . . . . 466 What Next?.. . . . . . . . . . . . . . . . . . . . . 472CHAPTER 25: Public Key Infrastructure.. . . . . . . . . . . . . . . . . . 473 What Next?.. . . . . . . . . . . . . . . . . . . . . 489Part IV: Operations and Incident Response 491CHAPTER 26: Organizational Security.. . . . . . . . . . . . . . . . . . . 493 Shell and Script Environments.. . . . . . . . . . . . . . . 494 Network Reconnaissance and Discovery. . . . . . . . . . . . 496 Packet Capture and Replay. . . . . . . . . . . . . . . . 502 Password Crackers.. . . . . . . . . . . . . . . . . . . 504 Forensics and Data Sanitization.. . . . . . . . . . . . . . 505 What Next?.. . . . . . . . . . . . . . . . . . . . . 508CHAPTER 27: Incident Response.. . . . . . . . . . . . . . . . . . . . . 509 Attack Frameworks.. . . . . . . . . . . . . . . . . . . 509 Incident Response Plan.. . . . . . . . . . . . . . . . . 512 Incident Response Process.. . . . . . . . . . . . . . . . 517 Continuity and Recovery Plans.. . . . . . . . . . . . . . . 522 What Next?.. . . . . . . . . . . . . . . . . . . . . 528CHAPTER 28: Incident Investigation. . . . . . . . . . . . . . . . . . . . 529 SIEM Dashboards. . . . . . . . . . . . . . . . . . . 530 Logging. . . . . . . . . . . . . . . . . . . . . . . 531 Network Activity. . . . . . . . . . . . . . . . . . . . 536 What Next?.. . . . . . . . . . . . . . . . . . . . . 539CHAPTER 29: Incident Mitigation.. . . . . . . . . . . . . . . . . . . . . 541 Containment and Eradication.. . . . . . . . . . . . . . . 541 What Next?.. . . . . . . . . . . . . . . . . . . . . 549CHAPTER 30: Digital Forensics.. . . . . . . . . . . . . . . . . . . . . 551 Data Breach Notifications.. . . . . . . . . . . . . . . . 552 Strategic Intelligence/Counterintelligence Gathering. . . . . . . 554 Track Person-hours.. . . . . . . . . . . . . . . . . . . 555 Order of Volatility. . . . . . . . . . . . . . . . . . . 555 Chain of Custody.. . . . . . . . . . . . . . . . . . . 556 Data Acquisition.. . . . . . . . . . . . . . . . . . . . 559 Capture System Images.. . . . . . . . . . . . . . . 560 Capture Network Traffic and Logs.. . . . . . . . . . . 560 Capture Video and Photographs.. . . . . . . . . . . . 561 Record Time Offset.. . . . . . . . . . . . . . . . 562 Take Hashes. . . . . . . . . . . . . . . . . . . 562 Capture Screenshots.. . . . . . . . . . . . . . . . 563 Collect Witness Interviews. . . . . . . . . . . . . . 563 What Next?.. . . . . . . . . . . . . . . . . . . . . 565Part V: Governance, Risk, and Compliance 567CHAPTER 31: Control Types.. . . . . . . . . . . . . . . . . . . . . . 569 Nature of Controls.. . . . . . . . . . . . . . . . . . . 570 Functional Use of Controls.. . . . . . . . . . . . . . . . 570 Compensating Controls.. . . . . . . . . . . . . . . . . 572 What Next?.. . . . . . . . . . . . . . . . . . . . . 574CHAPTER 32: Regulations, Standards, and Frameworks.. . . . . . . . . . . . 575 Industry-Standard Frameworks and Reference Architectures. . . . . 575 Benchmarks and Secure Configuration Guides.. . . . . . . . . 579 What Next?.. . . . . . . . . . . . . . . . . . . . . 581CHAPTER 33: Organizational Security Policies.. . . . . . . . . . . . . . . . 583 Policy Framework.. . . . . . . . . . . . . . . . . . . 583 Human Resource Management Policies.. . . . . . . . . . . . 584 Third-Party Risk Management.. . . . . . . . . . . . . . . 592 What Next?.. . . . . . . . . . . . . . . . . . . . . 596CHAPTER 34: Risk Management.. . . . . . . . . . . . . . . . . . . . . 597 Risk Analysis. . . . . . . . . . . . . . . . . . . . . 598 Risk Assessment.. . . . . . . . . . . . . . . . . . . . 602 Business Impact Analysis.. . . . . . . . . . . . . . . . . 606 What Next?.. . . . . . . . . . . . . . . . . . . . . 612CHAPTER 35: Sensitive Data and Privacy.. . . . . . . . . . . . . . . . . . 613 Sensitive Data Protection. . . . . . . . . . . . . . . . . 613 Privacy Impact Assessment.. . . . . . . . . . . . . . . . 621 What Next?.. . . . . . . . . . . . . . . . . . . . . 623Glossary of Essential Terms and Components.. . . . . . . . . . . . 625
9780136798675, TOC, 10/9/2020
We've made every effort to ensure the accuracy of this book and its companion content. Any errors that have been confirmed since this book was published can be downloaded below.
Download the errata (231 KB .doc)
Download replacement Figure 13-1 (78 KB .png)