CompTIA Security+ SY0-501 Cert Guide, 4th edition
Published by Pearson IT Certification (October 20, 2017) © 2018
- Dave Prowse Best-selling CompTIA author and expert trainer
eTextbook
- Available for purchase from all major ebook resellers, including InformIT.com.
- To request a review copy, click on the "Request a Review Copy" button.
- A print text (hardcover or paperback)Â
- Free shipping
- Also available for purchase as an ebook from all major ebook resellers, including InformIT.com
This is the most comprehensive core study tool for CompTIA's latest Security+ exam. Perfect for every candidate preparing for this challenging exam, its comprehensive coverage offers all the information and insight readers need to succeed. From start to finish, the book has been organized and edited to improve retention and help network and security professionals focus on areas where they need the most assistance.
This is the professional edition.
Academic Edition:
0789759128 | / 9780789759122 | CompTIA Security+ SYO-501 Cert Guide, Academic Edition |
- Case studies and hands-on video exercises in each chapter
- Three full practice tests based on the real Security + exam
- New! Video explanations of all answers in practice tests
- Memory tables, study strategies, tips, cautions, key terms, troubleshooting scenarios, last-minute review tearsheet, and more
Updated for SYO-501
There are plans to increase the amount of videos and simulations each from the current 31 to 40.
Introduction xxiv
Chapter 1 Introduction to Security 3
Foundation Topics 4
Security 101 4
   The CIA of Computer Security 4
   The Basics of Information Security 6
Think Like a Hacker 9
Threat Actor Types and Attributes 10
Chapter Review Activities 12
   Review Key Topics 12
   Define Key Terms 12
   Review Questions 13
   Answers and Explanations 15
Chapter 2 Computer Systems Security Part I 19
Foundation Topics 19
Malicious Software Types 19
   Viruses 20
   Worms 21
   Trojan Horses 22
   Ransomware 22
   Spyware 23
   Rootkits 24
   Spam 25
   Summary of Malware Threats 25
Delivery of Malware 26
   Via Software, Messaging, and Media 26
   Botnets and Zombies 28
   Active Interception 28
   Privilege Escalation 29
   Backdoors 29
   Logic Bombs 29
Preventing and Troubleshooting Malware 30
   Preventing and Troubleshooting Viruses 31
   Preventing and Troubleshooting Worms and Trojans 35
   Preventing and Troubleshooting Spyware 35
   Preventing and Troubleshooting Rootkits 38
   Preventing and Troubleshooting Spam 38
   You Can’t Save Every Computer from Malware! 40
   Summary of Malware Prevention Techniques 40
Chapter Summary 41
Chapter Review Activities 42
   Review Key Topics 42
   Define Key Terms 42
   Complete the Real-World Scenarios 43
   Review Questions 43
   Answers and Explanations 48
Chapter 3 Computer Systems Security Part II 53
Foundation Topics 53
Implementing Security Applications 53
   Personal Software Firewalls 53
   Host-Based Intrusion Detection Systems 55
   Pop-Up Blockers 57
   Data Loss Prevention Systems 59
Securing Computer Hardware and Peripherals 59
   Securing the BIOS 60
   Securing Storage Devices 62
       Removable Storage 62
       Network Attached Storage 63
       Whole Disk Encryption 64
       Hardware Security Modules 65
   Securing Wireless Peripherals 66
Securing Mobile Devices 66
   Malware 67
   Botnet Activity 68
   SIM Cloning and Carrier Unlocking 68
   Wireless Attacks 69
   Theft 70
   Application Security 71
   BYOD Concerns 74
Chapter Summary 78
Chapter Review Activities 79
   Review Key Topics 79
   Define Key Terms 79
   Complete the Real-World Scenarios 80
   Review Questions 80
   Answers and Explanations 83
Chapter 4 OS Hardening and Virtualization 89
Foundation Topics 89
Hardening Operating Systems 89
   Removing Unnecessary Applications and Services 90
   Windows Update, Patches, and Hotfixes 97
       Patches and Hotfixes 99
       Patch Management 101
   Group Policies, Security Templates, and Configuration Baselines 102
   Hardening File Systems and Hard Drives 105
Virtualization Technology 109
   Types of Virtualization and Their Purposes 110
   Hypervisor 111
   Securing Virtual Machines 113
Chapter Summary 115
Chapter Review Activities 117
   Review Key Topics 117
   Define Key Terms 118
   Complete the Real-World Scenarios 118
   Review Questions 118
   Answers and Explanations 122
Chapter 5 Application Security 127
Foundation Topics 127
Securing the Browser 127
   General Browser Security Procedures 129
       Implement Policies 129
       Train Your Users 133
       Use a Proxy and Content Filter 133
       Secure Against Malicious Code 135
   Web Browser Concerns and Security Methods 135
       Basic Browser Security 135
       Cookies 136
       LSOs 137
       Add-ons 137
       Advanced Browser Security 138
Securing Other Applications 140
Secure Programming 144
   Software Development Life Cycle 145
   Core SDLC and DevOps Principles 146
   Programming Testing Methods 149
       White-box and Black-box Testing 149
       Compile-Time Errors Versus Runtime Errors 150
       Input Validation 150
       Static and Dynamic Code Analysis 151
       Fuzz Testing 152
   Programming Vulnerabilities and Attacks 152
       Backdoors 153
       Memory/Buffer Vulnerabilities 153
       Arbitrary Code Execution/Remote Code Execution 155
       XSS and XSRF 155
       More Code Injection Examples 156
       Directory Traversal 158
       Zero Day Attack 158
Chapter Summary 160
Chapter Review Activities 161
   Review Key Topics 161
   Define Key Terms 162
   Complete the Real-World Scenarios 162
   Review Questions 162
   Answers and Explanations 167
Chapter 6 Network Design Elements 173
Foundation Topics 173
Network Design 173
   The OSI Model 173
   Network Devices 175
       Switch 175
       Bridge 178
       Router 178
   Network Address Translation, and Private Versus Public IP 180
   Network Zones and Interconnections 182
       LAN Versus WAN 182
       Internet 183
       Demilitarized Zone (DMZ) 183
       Intranets and Extranets 184
   Network Access Control (NAC) 185
   Subnetting 186
   Virtual Local Area Network (VLAN) 188
   Telephony 190
       Modems 190
       PBX Equipment 191
       VoIP 191
Cloud Security and Server Defense 192
   Cloud Computing 192
   Cloud Security 195
   Server Defense 198
       File Servers 198
       Network Controllers 199
       E-mail Servers 199
       Web Servers 200
       FTP Server 202
Chapter Summary 203
Chapter Review Activities 205
   Review Key Topics 205
   Define Key Terms 205
   Complete the Real-World Scenarios 205
   Review Questions 206
   Answers and Explanations 210
Chapter 7 Networking Protocols and Threats 217
Foundation Topics 217
Ports and Protocols 217
   Port Ranges, Inbound Versus Outbound, and Common Ports 217
   Protocols That Can Cause Anxiety on the Exam 225
Malicious Attacks 226
   DoS 226
   DDoS 229
   Sinkholes and Blackholes 230
   Spoofing 231
   Session Hijacking 232
   Replay 234
   Null Sessions 235
   Transitive Access and Client-Side Attacks 236
   DNS Poisoning and Other DNS Attacks 236
   ARP Poisoning 238
   Summary of Network Attacks 238
Chapter Summary 242
Chapter Review Activities 243
   Review Key Topics 243
   Define Key Terms 243
   Complete the Real-World Scenarios 243
   Review Questions 244
   Answers and Explanations 250
Chapter 8 Network Perimeter Security 255
Foundation Topics 256
Firewalls and Network Security 256
   Firewalls 256
   Proxy Servers 263
   Honeypots and Honeynets 266
   Data Loss Prevention (DLP) 267
NIDS Versus NIPS 268
   NIDS 268
   NIPS 269
   Summary of NIDS Versus NIPS 271
   The Protocol Analyzer’s Role in NIDS and NIPS 271
   Unified Threat Management 272
Chapter Summary 273
Chapter Review Activities 274
   Review Key Topics 274
   Define Key Terms 274
   Complete the Real-World Scenarios 274
   Review Questions 275
   Answers and Explanations 280
Chapter 9 Securing Network Media and Devices 285
Foundation Topics 285
Securing Wired Networks and Devices 285
   Network Device Vulnerabilities 285
       Default Accounts 286
       Weak Passwords 286
       Privilege Escalation 287
       Back Doors 288
       Network Attacks 289
       Other Network Device Considerations 289
   Cable Media Vulnerabilities 289
       Interference 290
       Crosstalk 291
       Data Emanation 292
       Tapping into Data and Conversations 293
Securing Wireless Networks 295
   Wireless Access Point Vulnerabilities 295
       The Administration Interface 295
       SSID Broadcast 296
       Rogue Access Points 296
       Evil Twin 297
       Weak Encryption 297
       Wi-Fi Protected Setup 299
       Ad Hoc Networks 299
       VPN over Open Wireless 300
   Wireless Access Point Security Strategies 300
   Wireless Transmission Vulnerabilities 304
   Bluetooth and Other Wireless Technology Vulnerabilities 305
       Bluejacking 306
       Bluesnarfing 306
       RFID and NFC 307
       More Wireless Technologies 308
Chapter Summary 310
Chapter Review Activities 312
   Review Key Topics 312
   Define Key Terms 312
   Complete the Real-World Scenarios 312
   Review Questions 313
   Answers and Explanations 317
Chapter 10 Physical Security and Authentication Models 321
Foundation Topics 322
Physical Security 322
   General Building and Server Room Security 323
   Door Access 324
   Biometric Readers 326
Authentication Models and Components 327
   Authentication Models 327
   Localized Authentication Technologies 329
       802.1X and EAP 330
       LDAP 333
       Kerberos and Mutual Authentication 334
       Remote Desktop Services 336
   Remote Authentication Technologies 337
       Remote Access Service 337
       Virtual Private Networks 340
       RADIUS Versus TACACS 343
Chapter Summary 345
Chapter Review Activities 346
   Review Key Topics 346
   Define Key Terms 347
   Complete the Real-World Scenarios 347
   Review Questions 347
   Answers and Explanations 355
Chapter 11 Access Control Methods and Models 361
Foundation Topic 361
Access Control Models Defined 361
   Discretionary Access Control 361
   Mandatory Access Control 363
   Role-Based Access Control (RBAC) 364
   Attribute-based Access Control (ABAC) 365
   Access Control Wise Practices 366
Rights, Permissions, and Policies 369
   Users, Groups, and Permissions 369
   Permission Inheritance and Propagation 374
   Moving and Copying Folders and Files 376
   Usernames and Passwords 376
   Policies 379
   User Account Control (UAC) 383
Chapter Summary 384
Chapter Review Activities 385
   Review Key Topics 385
   Define Key Terms 386
   Complete the Real-World Scenarios 386
   Review Questions 386
   Answers and Explanations 392
Chapter 12 Vulnerability and Risk Assessment 397
Foundation Topics 397
Conducting Risk Assessments 397
   Qualitative Risk Assessment 399
   Quantitative Risk Assessment 400
   Security Analysis Methodologies 402
   Security Controls 404
   Vulnerability Management 405
       Penetration Testing 407
       OVAL 408
       Additional Vulnerabilities 409
Assessing Vulnerability with Security Tools 410
   Network Mapping 411
   Vulnerability Scanning 412
   Network Sniffing 415
   Password Analysis 417
Chapter Summary 420
Chapter Review Activities 421
   Review Key Topics 421
   Define Key Terms 422
   Complete the Real-World Scenarios 422
   Review Questions 422
   Answers and Explanations 428
Chapter 13 Monitoring and Auditing 435
Foundation Topics 435
Monitoring Methodologies 435
   Signature-Based Monitoring 435
   Anomaly-Based Monitoring 436
   Behavior-Based Monitoring 436
Using Tools to Monitor Systems and Networks 437
   Performance Baselining 438
   Protocol Analyzers 440
       Wireshark 441
   SNMP 443
   Analytical Tools 445
   Use Static and Dynamic Tools 447
Conducting Audits 448
   Auditing Files 448
   Logging 451
   Log File Maintenance and Security 455
   Auditing System Security Settings 457
   SIEM 460
Chapter Summary 461
Chapter Review Activities 462
   Review Key Topics 462
   Define Key Terms 463
   Complete the Real-World Scenarios 463
   Review Questions 463
   Answers and Explanations 470
Chapter 14 Encryption and Hashing Concepts 477
Foundation Topics 477
Cryptography Concepts 477
   Symmetric Versus Asymmetric Key Algorithms 481
       Symmetric Key Algorithms 481
   Asymmetric Key Algorithms 483
   Public Key Cryptography 483
   Key Management 484
   Steganography 485
Encryption Algorithms 486
   DES and 3DES 486
   AES 487
   RC 488
   Blowfish and Twofish 489
   Summary of Symmetric Algorithms 489
   RSA 490
   Diffie-Hellman 491
   Elliptic Curve 492
   More Encryption Types 493
       One-Time Pad 493
       PGP 494
       Pseudorandom Number Generators 495
Hashing Basics 496
   Cryptographic Hash Functions 498
       MD5 498
       SHA 498
       RIPEMD and HMAC 499
   LANMAN, NTLM, and NTLMv2 500
       LANMAN 500
       NTLM and NTLMv2 501
   Hashing Attacks 502
       Pass the Hash 502
       Happy Birthday! 503
   Additional Password Hashing Concepts 503
Chapter Summary 505
Chapter Review Activities 507
   Review Key Topics 507
   Define Key Terms 507
   Complete the Real-World Scenarios 508
   Review Questions 508
   Answers and Explanations 515
Chapter 15 PKI and Encryption Protocols 521
Foundation Topics 521
Public Key Infrastructure 521
   Certificates 522
       SSL Certificate Types 522
       Single-Sided and Dual-Sided Certificates 523
       Certificate Chain of Trust 523
       Certificate Formats 523
   Certificate Authorities 525
   Web of Trust 529
Security Protocols 529
   S/MIME 530
   SSL/TLS 531
   SSH 532
   PPTP, L2TP, and IPsec 533
       PPTP 533
       L2TP 534
       IPsec 534
Chapter Summary 535
Chapter Review Activities 536
   Review Key Topics 536
   Define Key Terms 536
   Complete the Real-World Scenarios 537
   Review Questions 537
   Answers and Explanations 542
Chapter 16 Redundancy and Disaster Recovery 547
Foundation Topics 547
Redundancy Planning 547
   Redundant Power 549
   Redundant Power Supplies 551
   Uninterruptible Power Supplies 551
   Backup Generators 553
   Redundant Data 555
   Redundant Networking 558
   Redundant Servers 560
   Redundant Sites 561
   Redundant People 562
Disaster Recovery Planning and Procedures 562
   Data Backup 562
   DR Planning 567
Chapter Summary 571
Chapter Review Activities 572
   Review Key Topics 572
   Define Key Terms 572
   Complete the Real-World Scenarios 573
   Review Questions 573
   Answers and Explanations 577
Chapter 17 Social Engineering, User Education, and Facilities Security 583
Foundation Topics 583
Social Engineering 583
   Pretexting 584
   Malicious Insider 585
   Diversion Theft 586
   Phishing 586
   Hoaxes 587
   Shoulder Surfing 588
   Eavesdropping 588
   Dumpster Diving 588
   Baiting 589
   Piggybacking/Tailgating 589
   Watering Hole Attack 589
   Summary of Social Engineering Types 590
User Education 591
Facilities Security 593
   Fire Suppression 594
       Fire Extinguishers 594
       Sprinkler Systems 595
       Special Hazard Protection Systems 596
   HVAC 597
   Shielding 598
   Vehicles 600
Chapter Summary 602
Chapter Review Activities 603
   Review Key Topics 603
   Define Key Terms 603
   Complete the Real-World Scenarios 603
   Review Questions 604
   Answers and Explanations 608
Chapter 18 Policies and Procedures 613
Foundation Topics 614
Legislative and Organizational Policies 614
   Data Sensitivity and Classification of Information 615
   Personnel Security Policies 617
       Privacy Policies 618
       Acceptable Use 618
       Change Management 619
       Separation of Duties/Job Rotation 619
       Mandatory Vacations 620
       Onboarding and Offboarding 620
       Due Diligence 621
       Due Care 621
       Due Process 621
       User Education and Awareness Training 621
       Summary of Personnel Security Policies 622
   How to Deal with Vendors 623
   How to Dispose of Computers and Other IT Equipment Securely 625
Incident Response Procedures 627
IT Security Frameworks 633
Chapter Summary 635
Chapter Review Activities 636
   Review Key Topics 636
   Define Key Terms 636
   Complete the Real-World Scenarios 637
   Review Questions 637
   Answers and Explanations 641
Chapter 19 Taking the Real Exam 647
Getting Ready and the Exam Preparation Checklist 647
Tips for Taking the Real Exam 651
Beyond the CompTIA Security+ Certification 655
Practice Exam 1: SY0-501 657
Answers to Practice Exam 1 679
Answers with Explanations 680
Glossary 718
Â
Â
Elements Available Online
View Recommended Resources
Real-World Scenarios
Â
Â
9780789758996Â Â TOCÂ Â 9/19/2017
Â
David L. Prowse is an author, technologist, and technical trainer. He has penned a dozen books for Pearson Education, including the well-received CompTIA A+ Exam Cram. He also develops video content, including the CompTIA A+ LiveLessons video course. Over the past two decades he has taught CompTIA A+, Network+, and Security+ certification courses, both in the classroom and via the Internet. David has 20 years of experience in the IT field and loves to share that experience with his readers, watchers, and students.
He runs the website www.davidlprowse.com in support of his books and videos.
Need help? Get in touch