CompTIA Security+ SY0-501 Cert Guide, Academic Edition
Pearson IT Certification
978-0-7897-5912-2 (ISBN)
· Master the CompTIA Security+ SY0-501 exam topics
· Assess your knowledge with chapter-ending quizzes
· Reinforce your knowledge of key concepts with chapter review activities
· Practice with realistic exam questions online
· Includes complete video solutions to hands-on labs, plus interactive simulations on key exam topics
· Work through Flash Cards in Q&A and glossary term format
· Includes free access to the Premium Edition eBook
CompTIA Security+ SY0-501 Cert Guide, Academic Edition includes video solutions to the hands-on labs, practice tests, and interactive simulations that let the reader learn by doing. Best-selling author and expert instructor David L. Prowse shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.
The book presents you with an organized test-preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter review activities help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your approach to passing the exam.
The companion Academic Edition website contains the powerful Pearson Test Prep practice test engine, with three complete practice exams and hundreds of exam-realistic questions and free access to the Premium Edition eBook. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. Work through Flash Cards in Q&A and glossary term format to help reinforce your knowledge of key concepts and facts. The Academic Edition companion site also includes complete video solutions to hands-on labs in the book and interactive simulations on key exam topics to reinforce the learning by doing. Learn activities such as testing password strength, matching the type of malware with its definition, finding security issues in the network map, and disallowing a user to access the network on Saturday and Sunday.
Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this CompTIA study guide helps you master the concepts and techniques that will allow you to succeed on the exam the first time.
The CompTIA study guide helps you master all the topics on the Security+ exam, including
· Core computer system security
· OS hardening and virtualization
· Application security
· Network design elements and threats
· Perimeter security
· Network media and devices security
· Physical security and authentication models
· Access control
· Vulnerability and risk assessment
· Monitoring and auditing
· Cryptography, including PKI
· Redundancy and disaster recovery
· Policies and procedures
David L. Prowse is an author, technologist, and technical trainer. He has penned a dozen books for Pearson Education, including the well-received CompTIA A+ Exam Cram. He also develops video content, including the CompTIA A+ LiveLessons video course. Over the past two decades he has taught CompTIA A+, Network+, and Security+ certification courses, both in the classroom and via the Internet. David has 20 years of experience in the IT field and loves to share that experience with his readers, watchers, and students. He runs the website www.davidlprowse.com in support of his books and videos.
Introduction xxii
Chapter 1 Introduction to Security 2
Foundation Topics 3
Security 101 3
The CIA of Computer Security 3
The Basics of Information Security 4
Think Like a Hacker 6
Threat Actor Types and Attributes 7
Chapter Review Activities 9
Chapter 2 Computer Systems Security Part I 12
Foundation Topics 13
Malicious Software Types 13
Viruses 13
Worms 14
Trojan Horses 14
Ransomware 15
Spyware 15
Rootkits 16
Spam 16
Summary of Malware Threats 17
Delivery of Malware 17
Via Software, Messaging, and Media 18
Botnets and Zombies 19
Active Interception 19
Privilege Escalation 19
Backdoors 19
Logic Bombs 20
Preventing and Troubleshooting Malware 20
Preventing and Troubleshooting Viruses 20
Preventing and Troubleshooting Worms and Trojans 23
Preventing and Troubleshooting Spyware 24
Preventing and Troubleshooting Rootkits 25
Preventing and Troubleshooting Spam 26
You Can’t Save Every Computer from Malware! 27
Summary of Malware Prevention Techniques 27
Chapter Review Activities 29
Chapter 3 Computer Systems Security Part II 34
Foundation Topics 35
Implementing Security Applications 35
Personal Software Firewalls 35
Host-Based Intrusion Detection Systems 36
Pop-Up Blockers 38
Data Loss Prevention Systems 38
Securing Computer Hardware and Peripherals 39
Securing the BIOS 39
Securing Storage Devices 41
Removable Storage 41
Network Attached Storage 41
Whole Disk Encryption 42
Hardware Security Modules 43
Securing Wireless Peripherals 43
Securing Mobile Devices 44
Malware 44
Botnet Activity 45
SIM Cloning and Carrier Unlocking 45
Wireless Attacks 46
Theft 46
Application Security 47
BYOD Concerns 49
Chapter Review Activities 53
Chapter 4 OS Hardening and Virtualization 58
Foundation Topics 59
Hardening Operating Systems 59
Removing Unnecessary Applications and Services 59
Windows Update, Patches, and Hotfixes 65
Patches and Hotfixes 66
Patch Management 68
Group Policies, Security Templates, and Configuration Baselines 69
Hardening File Systems and Hard Drives 71
Virtualization Technology 74
Types of Virtualization and Their Purposes 74
Hypervisor 75
Securing Virtual Machines 76
Chapter Review Activities 79
Chapter 5 Application Security 86
Foundation Topics 87
Securing the Browser 87
General Browser Security Procedures 88
Implement Policies 88
Train Your Users 90
Use a Proxy and Content Filter 91
Secure Against Malicious Code 92
Web Browser Concerns and Security Methods 92
Basic Browser Security 92
Cookies 92
LSOs 93
Add-ons 94
Advanced Browser Security 94
Securing Other Applications 95
Secure Programming 99
Software Development Life Cycle 99
Core SDLC and DevOps Principles 100
Programming Testing Methods 102
White-box and Black-box Testing 102
Compile-Time Errors Versus Runtime Errors 102
Input Validation 103
Static and Dynamic Code Analysis 104
Fuzz Testing 104
Programming Vulnerabilities and Attacks 104
Backdoors 105
Memory/Buffer Vulnerabilities 105
Arbitrary Code Execution/Remote Code Execution 106
XSS and XSRF 107
More Code Injection Examples 107
Directory Traversal 109
Zero Day Attack 109
Chapter Review Activities 111
Chapter 6 Network Design Elements 118
Foundation Topics 119
Network Design 119
The OSI Model 119
Network Devices 120
Switch 120
Bridge 122
Router 122
Network Address Translation, and Private Versus Public IP 123
Network Zones and Interconnections 125
LAN Versus WAN 125
Internet 126
Demilitarized Zone (DMZ) 126
Intranets and Extranets 127
Network Access Control (NAC) 128
Subnetting 128
Virtual Local Area Network (VLAN) 130
Telephony 131
Modems 131
PBX Equipment 132
VoIP 132
Cloud Security and Server Defense 133
Cloud Computing 133
Cloud Security 135
Server Defense 137
File Servers 137
Network Controllers 137
E-mail Servers 138
Web Servers 139
FTP Server 140
Chapter Review Activities 142
Chapter 7 Networking Protocols and Threats 148
Foundation Topics 149
Ports and Protocols 149
Port Ranges, Inbound Versus Outbound, and Common Ports 149
Protocols That Can Cause Anxiety on the Exam 155
Malicious Attacks 155
DoS 155
DDoS 158
Sinkholes and Blackholes 158
Spoofing 159
Session Hijacking 159
Replay 161
Null Sessions 161
Transitive Access and Client-Side Attacks 162
DNS Poisoning and Other DNS Attacks 162
ARP Poisoning 164
Summary of Network Attacks 164
Chapter Review Activities 167
Chapter 8 Network Perimeter Security 174
Foundation Topics 175
Firewalls and Network Security 175
Firewalls 175
Proxy Servers 179
Honeypots and Honeynets 181
Data Loss Prevention (DLP) 182
NIDS Versus NIPS 183
NIDS 183
NIPS 184
Summary of NIDS Versus NIPS 185
The Protocol Analyzer’s Role in NIDS and NIPS 185
Unified Threat Management 186
Chapter Review Activities 187
Chapter 9 Securing Network Media and Devices 194
Foundation Topics 195
Securing Wired Networks and Devices 195
Network Device Vulnerabilities 195
Default Accounts 195
Weak Passwords 195
Privilege Escalation 196
Back Doors 197
Network Attacks 197
Other Network Device Considerations 197
Cable Media Vulnerabilities 198
Interference 198
Crosstalk 199
Data Emanation 199
Tapping into Data and Conversations 200
Securing Wireless Networks 201
Wireless Access Point Vulnerabilities 202
The Administration Interface 202
SSID Broadcast 202
Rogue Access Points 202
Evil Twin 203
Weak Encryption 203
Wi-Fi Protected Setup 205
Ad Hoc Networks 205
VPN over Open Wireless 205
Wireless Access Point Security Strategies 205
Wireless Transmission Vulnerabilities 208
Bluetooth and Other Wireless Technology Vulnerabilities 209
Bluejacking 209
Bluesnarfing 210
RFID and NFC 210
More Wireless Technologies 210
Chapter Review Activities 212
Chapter 10 Physical Security and Authentication Models 218
Foundation Topics 219
Physical Security 219
General Building and Server Room Security 219
Door Access 220
Biometric Readers 221
Authentication Models and Components 222
Authentication Models 222
Localized Authentication Technologies 224
802.1X and EAP 224
LDAP 226
Kerberos and Mutual Authentication 227
Remote Desktop Services 229
Remote Authentication Technologies 230
Remote Access Service 230
Virtual Private Networks 231
RADIUS Versus TACACS 234
Chapter Review Activities 236
Chapter 11 Access Control Methods and Models 244
Foundation Topics 245
Access Control Models Defined 245
Discretionary Access Control 245
Mandatory Access Control 246
Role-Based Access Control (RBAC) 247
Attribute-based Access Control (ABAC) 248
Access Control Wise Practices 249
Rights, Permissions, and Policies 250
Users, Groups, and Permissions 251
Permission Inheritance and Propagation 255
Moving and Copying Folders and Files 256
Usernames and Passwords 256
Policies 258
User Account Control (UAC) 261
Chapter Review Activities 262
Chapter 12 Vulnerability and Risk Assessment 270
Foundation Topics 271
Conducting Risk Assessments 271
Qualitative Risk Assessment 272
Quantitative Risk Assessment 273
Security Analysis Methodologies 274
Security Controls 275
Vulnerability Management 276
Penetration Testing 277
OVAL 279
Additional Vulnerabilities 279
Assessing Vulnerability with Security Tools 280
Network Mapping 280
Vulnerability Scanning 282
Network Sniffing 283
Password Analysis 284
Chapter Review Activities 287
Chapter 13 Monitoring and Auditing 294
Foundation Topics 295
Monitoring Methodologies 295
Signature-Based Monitoring 295
Anomaly-Based Monitoring 295
Behavior-Based Monitoring 296
Using Tools to Monitor Systems and Networks 296
Performance Baselining 297
Protocol Analyzers 299
Wireshark 299
SNMP 301
Analytical Tools 302
Use Static and Dynamic Tools 304
Conducting Audits 304
Auditing Files 305
Logging 306
Log File Maintenance and Security 310
Auditing System Security Settings 311
SIEM 314
Chapter Review Activities 315
Chapter 14 Encryption and Hashing Concepts 322
Foundation Topics 323
Cryptography Concepts 323
Symmetric Versus Asymmetric Key Algorithms 326
Symmetric Key Algorithms 326
Asymmetric Key Algorithms 327
Public Key Cryptography 327
Key Management 328
Steganography 328
Encryption Algorithms 329
DES and 3DES 329
AES 329
RC 330
Blowfish and Twofish 331
Summary of Symmetric Algorithms 331
RSA 331
Diffie-Hellman 333
Elliptic Curve 333
More Encryption Types 334
One-Time Pad 334
PGP 335
Pseudorandom Number Generators 336
Hashing Basics 336
Cryptographic Hash Functions 337
MD5 338
SHA 338
RIPEMD and HMAC 338
LANMAN, NTLM, and NTLMv2 339
LANMAN 339
NTLM and NTLMv2 340
Hashing Attacks 341
Pass the Hash 341
Happy Birthday! 341
Additional Password Hashing Concepts 342
Chapter Review Activities 343
Chapter 15 PKI and Encryption Protocols 350
Foundation Topics 351
Public Key Infrastructure 351
Certificates 351
SSL Certificate Types 352
Single-Sided and Dual-Sided Certificates 352
Certificate Chain of Trust 352
Certificate Formats 352
Certificate Authorities 353
Web of Trust 356
Security Protocols 356
S/MIME 357
SSL/TLS 357
SSH 359
PPTP, L2TP, and IPsec 359
PPTP 359
L2TP 359
IPsec 360
Chapter Review Activities 361
Chapter 16 Redundancy and Disaster Recovery 368
Foundation Topics 369
Redundancy Planning 369
Redundant Power 370
Redundant Power Supplies 371
Uninterruptible Power Supplies 371
Backup Generators 372
Redundant Data 374
Redundant Networking 376
Redundant Servers 377
Redundant Sites 378
Redundant People 379
Disaster Recovery Planning and Procedures 379
Data Backup 379
DR Planning 382
Chapter Review Activities 385
Chapter 17 Social Engineering, User Education, and Facilities Security 390
Foundation Topics 391
Social Engineering 391
Pretexting 391
Malicious Insider 391
Diversion Theft 392
Phishing 392
Hoaxes 393
Shoulder Surfing 394
Eavesdropping 394
Dumpster Diving 394
Baiting 394
Piggybacking/Tailgating 394
Watering Hole Attack 395
Summary of Social Engineering Types 395
User Education 396
Facilities Security 398
Fire Suppression 398
Fire Extinguishers 398
Sprinkler Systems 399
Special Hazard Protection Systems 399
HVAC 400
Shielding 401
Vehicles 402
Chapter Review Activities 404
Chapter 18 Policies and Procedures 410
Foundation Topics 411
Legislative and Organizational Policies 411
Data Sensitivity and Classification of Information 411
Personnel Security Policies 413
Privacy Policies 414
Acceptable Use 414
Change Management 414
Separation of Duties/Job Rotation 415
Mandatory Vacations 415
Onboarding and Offboarding 415
Due Diligence 416
Due Care 416
Due Process 416
User Education and Awareness Training 416
Summary of Personnel Security Policies 417
How to Deal with Vendors 417
How to Dispose of Computers and Other IT Equipment Securely 419
Incident Response Procedures 420
IT Security Frameworks 424
Chapter Review Activities 426
Chapter 19 Taking the Real Exam 432
Getting Ready and the Exam Preparation Checklist 432
Tips for Taking the Real Exam 435
Beyond the CompTIA Security+ Certification 438
Practice Exam 1: SY0-501 440
Glossary 458
Elements Available Online
Appendix A: Answers to the Review Questions
Answers to Practice Exam 1
View Recommended Resources
Real-World Scenarios
Flash Cards
9780789759122 TOC 10/31/2017
Erscheint lt. Verlag | 21.12.2017 |
---|---|
Reihe/Serie | Certification Guide |
Verlagsort | Upper Saddle River |
Sprache | englisch |
Maße | 210 x 256 mm |
Gewicht | 1100 g |
Themenwelt | Informatik ► Office Programme ► Office |
Mathematik / Informatik ► Informatik ► Theorie / Studium | |
Informatik ► Weitere Themen ► Zertifizierung | |
ISBN-10 | 0-7897-5912-8 / 0789759128 |
ISBN-13 | 978-0-7897-5912-2 / 9780789759122 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |