CompTIA Security+ SY0-701 Cert Guide

Häftad, Engelska, 2024

539 kr

Beställningsvara. Skickas inom 7-10 vardagar

Fri frakt för medlemmar vid köp för minst 249 kr.

Learn, prepare, and practice for CompTIA Security+ SY0-701 exam success with this Cert Guide from Pearson IT Certification, a leader in IT Certification learning.

CompTIA Security+ SY0-701 Cert Guide from Pearson IT Certification helps you prepare to succeed on the CompTIA Security+ SY0-701 exam by directly addressing the exam’s objectives as stated by CompTIA. Leading instructor and cybersecurity professional Lewis Heuermann shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills.

This complete study package includes

Complete coverage of the exam objectives and a test-preparation routine designed to help you pass the exams
Do I Know This Already? quizzes, which allow you to decide how much time you need to spend on each section
Chapter-ending Key Topic tables, which help you drill on key concepts you must know thoroughly
The powerful Pearson Test Prep Practice Test software, complete with hundreds of well-reviewed, exam-realistic questions, customization options, and detailed performance reports
An online, interactive Flash Cards application to help you drill on Key Terms by chapter
A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies
Study plan suggestions and templates to help you organize and optimize your study time

Well regarded for its level of detail, study plans, assessment features, and challenging review questions and exercises, this study guide helps you master the concepts and techniques that ensure your exam success.

This study guide helps you master all the topics on the CompTIA Security+ SY0-701 exam, deepening your knowledge of

General Security Concepts: Security controls, security concepts, change management process, cryptographic solutions
Threats, Vulnerabilities, and Mitigations: Threat actors and motivations, attack surfaces, types of vulnerabilities, indicators of malicious activity, mitigation techniques
Security Architecture: Security implications of architecture models, secure enterprise infrastructure, protect data, resilience and recovery in security architecture
Security Operations: Security techniques to computing resources, security implications, vulnerability management, monitoring concepts, enterprise capabilities to enhance security, access management, automation related to secure operations, incident response activities
Security Program Management and Oversight: Security governance, risk management, third-party risk assessment and management, security compliance, audits and assessments, security awareness practices

Produktinformation

Utgivningsdatum2024-09-10
Mått190 x 230 x 35 mm
Vikt1 299 g
FormatHäftad
SpråkEngelska
SerieCertification Guide
Antal sidor768
Upplaga1
FörlagPearson Education
ISBN9780138293086

Tillhör följande kategorier

It-certifieringar inom Data och it
Nätverk och kommunikation inom Data och it

Lewis Heuermann, CISSP, PMP, is a Navy submarine veteran and seasoned cybersecurity consultant who combines his extensive practical experience with deep academic insight to make cybersecurity accessible to all learners. His diverse background includes roles in systems and network engineering, network defense analysis, and cyber risk management. As a professor, he has developed and taught courses in cybersecurity and data analytics, utilizing tools like Python, SQL, Power BI, and Tableau. Lewis also holds several key IT certifications.

Introduction xxxixPart I: General Security ConceptsChapter 1 Comparing and Contrasting the Various Types of Controls 3“Do I Know This Already?” Quiz 3Foundation Topics 6Control Categories 6Technical Controls 6Managerial Controls 6Operational Controls 6Physical Controls 7Summary of Control Categories 7Control Types 8Preventive Controls 8Deterrent Controls 8Detective Controls 9Corrective Controls 9Compensating Controls 9Directive Controls 10Summary of Control Types 10Chapter Review Activities 11Chapter 2 Summarizing Fundamental Security Concepts 15“Do I Know This Already?” Quiz 15Foundation Topics 19Confidentiality, Integrity, and Availability (CIA) 19Non-repudiation 20Authentication, Authorization, and Accounting (AAA) 21Gap Analysis 22Zero Trust 22Physical Security 24Bollards/Barricades 24Access Control Vestibules 26Fencing 27Video Surveillance 28Security Guards 28Access Badges 29Lighting 30Sensors 30Deception and Disruption Technology 31Chapter Review Activities 32Chapter 3 Understanding Change Management’s Security Impact 37“Do I Know This Already?” Quiz 37Foundation Topics 41Business Processes Impacting Security Operations 41Approval Process 41Ownership 41Stakeholders 42Impact Analysis 42Test Results 42Backout Plan 42Maintenance Window 43Standard Operating Procedure 43Technical Implications 43Allow Lists 44Block Lists/Deny Lists 44Restricted Activities 44Downtime 45Service Restart 45Application Restart 46Legacy Applications 46Dependencies 46Documentation 47Updating Diagrams 47Updating Policies/Procedures 48Version Control 48Chapter Review Activities 49Chapter 4 Understanding the Importance of Using Appropriate Cryptographic Solutions 53“Do I Know This Already?” Quiz 53Foundation Topics 58Public Key Infrastructure (PKI) 58Public Key 58Private and Public Key 58Encryption 59Level 59Full Disk 59Partition 60File 60Volume 60Database 60Record 61Transport/Communication 61Encryption at Rest, in Transit/Motion, and in Processing 61Symmetric Versus Asymmetric Encryption 62Key Exchange 64Algorithms 65Key Length 66Tools 67Trusted Platform Module 67Hardware Security Module 68Key Management System 68Secure Enclave 69Obfuscation 70Steganography 70Audio Steganography 71Video Steganography 71Image Steganography 72Tokenization 72Data Masking 74Hashing 75Salting 76Digital Signatures 76Key Stretching 77Blockchain 78Open Public Ledger 78Certificates 79Certificate Authorities 79Certificate Revocation Lists 81Online Certificate Status Protocol (OCSP) 82Self-Signed 83Certificate-Signing Request 90Wildcard 90Chapter Review Activities 90Part II: Threats, Vulnerabilities, and MitigationsChapter 5 Comparing and Contrasting Common Threat Actors and Motivations 95“Do I Know This Already?” Quiz 95Foundation Topics 98Threat Actors 98Attributes of Actors 99Motivations 100War 101Chapter Review Activities 102Chapter 6 Understanding Common Threat Vectors and Attack Surfaces 105“Do I Know This Already?” Quiz 105Foundation Topics 109Message-Based 109Email 109Short Message Service (SMS) 109Instant Messaging (IM) 110Spam and Spam over Internet Messaging (SPIM) 110Image-Based 111File-Based 111Voice Call 111Removable Device 111Vulnerable Software 112Unsupported Systems and Applications 112Unsecure Networks 113Open Service Ports 114Default Credentials 115Supply Chain 116Human Vectors/Social Engineering 116Phishing 117Vishing 120Smishing 121Misinformation/Disinformation 121Impersonation 121Business Email Compromise (BEC) 122Pretexting 122Watering Hole Attack 122Brand Impersonation 123Typosquatting 123Chapter Review Activities 123Chapter 7 Understanding Various Types of Vulnerabilities 127“Do I Know This Already?” Quiz 127Foundation Topics 130Application 130Memory Injection 130Buffer Overflow 131Race Conditions 132Malicious Update 132Operating System (OS)–Based 133Web-Based 133Structured Query Language Injection (SQLi) Vulnerabilities 133Cross-Site Scripting (XSS) Vulnerabilities 134Hardware 134Firmware 134End-of-Life (EOL) 134Legacy 135Virtualization 135Virtual Machine (VM) Escape 135Resource Reuse 135Cloud Specific 136Other “Cloud”-Based Concerns 140Supply Chain 141Service Provider 141Hardware Provider 141Software Provider 142Cryptographic 142Misconfiguration 142Mobile Device 142Side Loading 143Jailbreaking 143Zero-Day Vulnerabilities 143Chapter Review Activities 145Chapter 8 Understanding Indicators of Malicious Activity 149“Do I Know This Already?” Quiz 149Foundation Topics 152Malware Attacks 152Ransomware 152Trojans 153Worms 154Spyware 154Bloatware 155Virus 155Keylogger 155You Can’t Save Every Computer from Malware! 156Logic Bomb 157Rootkit 157Physical Attacks 158Brute-Force Attacks 159Radio Frequency Identification (RFID) Cloning 159Environmental 159Network Attacks 160Distributed Denial-of-Service (DDoS) Attacks 160Domain Name System (DNS) Attacks 160Wireless Attacks 160On-Path Attacks 161Credential Replay 161Malicious Code 161Application Attacks 162Injection 162Buffer Overflow 162Replay 162Privilege Escalation 162Forgery 163Directory Traversal 163Cryptographic Attacks 163Downgrade 163Collision 163Birthday 164Password Attacks 164Password Spraying 165Brute-Force Attacks 165Indicators 165Account Lockout 166Concurrent Session Usage 166Blocked Content 166Impossible Travel 166Resource Consumption 166Resource Inaccessibility 166Out-of-Cycle Logging 167Published/Documented Indicators 167Missing Logs 167Chapter Review Activities 167Chapter 9 Understanding the Purpose of Mitigation Techniques Used to Secure the Enterprise 171“Do I Know This Already?” Quiz 171Foundation Topics 175Segmentation 175Access Control 175Access Control Lists (ACLs) 175Permissions 176Application Allow List 178Isolation 179Patching 180Encryption 181Monitoring 182Least Privilege 182Configuration Enforcement 182Decommissioning 183Hardening Techniques 183Encryption 183Installation of Endpoint Protection 184Host-Based Firewall 184Host-Based Intrusion Prevention System (HIPS) 184Disabling Ports/Protocols 184Default Password Changes 185Removal of Unnecessary Software 185Chapter Review Activities 185Part III: Security ArchitectureChapter 10 Comparing and Contrasting Security Implications of Different Architecture Models 189“Do I Know This Already?” Quiz 189Foundation Topics 193Architecture and Infrastructure Concepts 193Cloud 193Infrastructure as Code (IaC) 195Serverless 196Microservices 197Network Infrastructure 197On-premises 201Centralized Versus Decentralized 201Containerization 202Virtualization 206IoT 208Industrial Control Systems (ICS)/Supervisory Control and Data Acquisition (SCADA) 210Real-Time Operating System (RTOS) 213Embedded Systems 214High Availability 214Considerations 215Availability 215Resilience 215Cost 216Responsiveness 216Scalability 216Ease of Deployment 216Risk Transference 217Ease of Recovery 217Patch Availability 217Inability to Patch 218Power 218Compute 218Chapter Review Activities 219Chapter 11 Applying Security Principles to Secure Enterprise Infrastructure 223“Do I Know This Already?” Quiz 223Foundation Topics 226Infrastructure Considerations 226Device Placement 226Security Zones 226Attack Surface 227Connectivity 228Failure Modes 228Device Attribute 229Network Appliances 230Port Security 235Firewall Types 239Secure Communication/Access 249Virtual Private Network (VPN) 249Remote Access 251Tunneling 254Software-Defined Wide Area Network (SD-WAN) 265Secure Access Service Edge (SASE) 265Selection of Effective Controls 266Chapter Review Activities 266Chapter 12 Comparing and Contrasting Concepts and Strategies to Protect Data 271“Do I Know This Already?” Quiz 271Foundation Topics 274Data Types 274Data Classifications 275General Data Considerations 276Data States 276Data Sovereignty 278Geolocation 278Methods to Secure Data 279Geographic Restrictions 279Encryption 279Hashing 279Masking 281Tokenization 281Obfuscation 281Segmentation 281Permission Restrictions 282Chapter Review Activities 283Chapter 13 Understanding the Importance of Resilience and Recovery in Security Architecture 287“Do I Know This Already?” Quiz 287Foundation Topics 291High Availability 291Key Components 291Cloud Environments 291Site Considerations 292Platform Diversity 294Multi-Cloud System 294Continuity of Operations 294Capacity Planning 295Testing 296Tabletop Exercises 296Failover 297Simulations 298Parallel Processing 299Backups 299Power 301Uninterruptible Power Supply (UPS) 301Generators 301Chapter Review Activities 302Part IV: Security OperationsChapter 14 Applying Common Security Techniques to Computing Resources 305“Do I Know This Already?” Quiz 305Foundation Topics 309Secure Baselines 309Inventory Assessment 309Vulnerability Scanning 309Minimum Configuration Standards 310Documentation 310Deployment 310Ongoing Maintenance 311Hardening Targets 311Wireless Devices 315Mobile Solutions 318Mobile Device Management 318MDM Security Feature Concerns: Application and Content Management 320MDM Security Feature Concerns: Remote Wipe, Geofencing, Geolocation, Screen Locks, Passwords and PINs, and Full Device Encryption 322Deployment Models 325Secure Implementation of BYOD, CYOD, and COPE 326Connection Methods 328Secure Implementation Best Practices 330Wireless Security Settings 331Wi-Fi Protected Access 3 (WPA3) 332Remote Authentication Dial-In User Service (RADIUS) Federation 332Cryptographic Protocols 334Authentication Protocols 335Application Security 336Input Validations 337Secure Cookies 337Static Code Analysis 338Code Signing 339Sandboxing 340Monitoring 340Chapter Review Activities 341Chapter 15 Understanding the Security Implications of Hardware, Software, and Data Asset Management 345“Do I Know This Already?” Quiz 345Foundation Topics 348Acquisition/Procurement Process 348Assignment/Accounting 350Monitoring/Asset Tracking 350Inventory 351Enumeration 351Disposal/Decommissioning 351Sanitization 352Destruction 352Certification 353Data Retention 353Chapter Review Activities 354Chapter 16 Understanding Various Activities Associated with Vulnerability Management 357“Do I Know This Already?” Quiz 357Foundation Topics 360Identification Methods 360Vulnerability Scan 360Application Security 362Threat Feed 364Penetration Testing 366Responsible Disclosure Program 366System/Process Audit 367Analysis 367Confirmation 368Prioritize 368Common Vulnerability Scoring System (CVSS) 368Common Vulnerability Enumeration (CVE) 370Vulnerability Classification 370Exposure Factor 371Environmental Variables 372Industry/Organizational Impact 372Risk Tolerance 372Vulnerability Response and Remediation 374Patching 374Insurance 374Segmentation 374Compensating Controls 375Exceptions and Exemptions 375Validation of Remediation 376Rescanning 376Audit 376Verification 376Reporting 377Chapter Review Activities 378Chapter 17 Understanding Security Alerting and Monitoring Concepts and Tools 381“Do I Know This Already?” Quiz 381Foundation Topics 383Monitoring and Computing Resources 383Activities 386Log Aggregation 386Alerting 388Scanning 389Reporting 390Archiving 391Alert Response and Remediation/Validation 392Tools 392Security Content Automation Protocol (SCAP) 393Benchmarks 395Agents/Agentless 397Security Information and Event Management (SIEM) 397NetFlow 399Antivirus Software 400Data Loss Prevention (DLP) 401Simple Network Management Protocol (SNMP) Traps 401Vulnerability Scanners 403Chapter Review Activities 405Chapter 18 Modifying Enterprise Capabilities to Enhance Security 409“Do I Know This Already?” Quiz 409Foundation Topics 413Firewall 413Rules 414Access Lists 415Ports/Protocols 416Screened Subnet 417IDS/IPS 418Trends 419Signatures 419Web Filter 421Operating System Security 423Implementation of Secure Protocols 424DNS Filtering 427Email Security 427File Integrity Monitoring 429DLP 429Network Access Control (NAC) 430Endpoint Detection and Response (EDR)/Extended Detection and Response (XDR) 430User Behavior Analytics 431Chapter Review Activities 432Chapter 19 Implementing and Maintaining Identity and Access Management 435“Do I Know This Already?” Quiz 435Foundation Topics 439Provisioning/De-provisioning User Accounts 439Permission Assignments and Implications 439Identity Proofing 441Federation 441Single Sign-On (SSO) 443Lightweight Directory Access Protocol (LDAP) 443OAuth 444Security Assertion Markup Language 446Interoperability 448Attestation 449Access Controls 450Role-Based Access Control 450Rule-Based Access Control 451Mandatory Access Control 451Discretionary Access Control 452Attribute-Based Access Control (ABAC) 454Time-of-Day Restrictions 455Least Privilege 456Multifactor Authentication (MFA) 456Implementations 457Factors 459Password Concepts 461Password Best Practices 461Password Managers 464Passwordless 465Privileged Access Management Tools 465Just-in-Time Permissions 466Password Vaulting 466Ephemeral Credentials 466Chapter Review Activities 467Chapter 20 Understanding the Importance of Automation and Orchestration Related to Secure Operations 471“Do I Know This Already?” Quiz 471Foundation Topics 474Use Cases of Automation and Scripting 474User Provisioning 474Resource Provisioning 477Guard Rails 477Security Groups 477Ticket Creation and Escalation 477Continuous Integration and Testing 478Integrations and Application Programming Interfaces (APIs) 479Benefits 480Efficiency/Time Saving 480Enforcing Baselines 480Standard Infrastructure Configurations 481Scaling in a Secure Manner 481Employee Retention 481Reaction Time 482Workforce Multiplier 482Other Considerations 482Complexity 482Cost 483Single Point of Failure 483Technical Debt 483Ongoing Supportability 484Chapter Review Activities 485Chapter 21 Understanding Appropriate Incident Response Activities 489“Do I Know This Already?” Quiz 489Foundation Topics 493Process 493Preparation 494Detection 495Analysis 496Containment 496Eradication 496Recovery 497Lessons Learned 497Training 497Testing 498The Anatomy of a Tabletop Exercise 499The Intricacies of Simulation Exercises 499Mock Example of a Tabletop Exercise 500Root Cause Analysis 501Threat Hunting 502Digital Forensics 502Legal Hold 503Chain of Custody 503Acquisition 503Reporting 505Preservation 505E-Discovery 506Chapter Review Activities 506Chapter 22 Using Data Sources to Support an Investigation 509“Do I Know This Already?” Quiz 509Foundation Topics 512Log Data 512Firewall Logs 513Application Logs 513Endpoint Logs 515OS-Specific Security Logs 515IPS/IDS Logs 517Network Logs 518Metadata 518Data Sources 521Vulnerability Scans 522Automated Reports 522Dashboards 523Packet Captures 525Chapter Review Activities 525Part V: Security Program Management and OversightChapter 23 Summarizing Elements of Effective Security Governance 529“Do I Know This Already?” Quiz 529Foundation Topics 532Guidelines 532Policies 532Acceptable Use 533Information Security Policies 533Business Continuity 535Disaster Recovery 535Incident Response 535Software Development Lifecycle (SDLC) 536Change Management 536Standards 536Password Standards 537Access Control Standards 538Physical Security Standards 539Encryption Standards 539Procedures 541Change Management 541Onboarding and Offboarding 542Playbooks 542External Considerations 543Regulatory 543Legal 544Industry 544Local/Regional 544National 545Global 545Monitoring and Revision 545Types of Governance Structures 546Boards 546Committees 547Government Entities 547Centralized/Decentralized 548Roles and Responsibilities for Systems and Data 549Owners 549Controllers 550Processors 551Custodians/Stewards 552Chapter Review Activities 553Chapter 24 Understanding Elements of the Risk Management Process 557“Do I Know This Already?” Quiz 557Foundation Topics 561Risk Identification 561Risk Assessment 562Ad Hoc 562Recurring 562One-time 562Continuous 562Risk Analysis 563Qualitative Risk Assessment 565Quantitative Risk Assessment 565Probability 567Likelihood 569Exposure Factor 570Impact 571Risk Register 572Key Risk Indicators (KRIs) 572Risk Owners 572Risk Threshold 572Risk Tolerance 574Risk Appetite 574Expansionary 574Conservative 575Neutral 575Risk Management Strategies 575Risk Transfer 576Risk Acceptance 576Risk Avoidance 576Risk Mitigation 576Risk Reporting 577Business Impact Analysis 578Recovery Time Objective (RTO) 579Recovery Point Objective (RPO) 579Mean Time to Repair (MTTR) 579Mean Time Between Failures (MTBF) 580Chapter Review Activities 582Chapter 25 Understanding the Processes Associated with Third-Party Risk Assessment and Management 585“Do I Know This Already?” Quiz 585Foundation Topics 588Vendor Assessment 588Penetration Testing 589Right-to-Audit Clause 589Evidence of Internal Audits 590Independent Assessments 590Supply Chain Analysis 591Vendor Selection 591Due Diligence 592Conflict of Interest 592Agreement Types 593Vendor Monitoring 594Questionnaires 594Rules of Engagement 595Chapter Review Activities 595Chapter 26 Summarizing Elements of Effective Security Compliance 599“Do I Know This Already?” Quiz 599Foundation Topics 602Compliance Reporting 602Internal Reporting 603External Reporting 603Consequences of Non-compliance 603Fines 603Sanctions 604Reputational Damage 604Loss of License 604Contractual Impacts 605Compliance Monitoring 605Due Diligence/Care 605Attestation and Acknowledgment 607Internal and External 608Automation 608Privacy 609Legal Implications 609Data Subject 611Controller vs. Processor 611Ownership 612Data Inventory and Retention 612Right to Be Forgotten 613Chapter Review Activities 613Chapter 27 Understanding Types and Purposes of Audits and Assessments 617“Do I Know This Already?” Quiz 617Foundation Topics 620Attestation 620Internal 621External 622Penetration Testing 623Chapter Review Activities 628Chapter 28 Implementing Security Awareness Practices 631“Do I Know This Already?” Quiz 631Foundation Topics 634Phishing 634Anomalous Behavior Recognition 635User Guidance and Training 638Reporting and Monitoring 641Development 642Execution 642Chapter Review Activities 643Part VI: Final PreparationChapter 29 Final Preparation 647Hands-on Activities 647Suggested Plan for Final Review and Study 648Summary 648Appendix A Answers to the “Do I Know This Already?” Quizzes and Review Questions 649Online ElementsAppendix B Study PlannerGlossary of Key Terms 9780138293086 TOC 3/4/2024