You are previewing CompTIA Security+ All-in-One Exam Guide (Exam SY0-401), 4th Edition.
O'Reilly logo
CompTIA Security+ All-in-One Exam Guide (Exam SY0-401), 4th Edition

Book Description

Get complete coverage of all objectives included on the latest release of the CompTIA Security+ exam from this comprehensive resource. Cowritten by leading information security experts, this authoritative guide fully addresses the skills required for securing a network and managing risk. You'll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass CompTIA Security+ exam SY0-401, this definitive volume also serves as an essential on-the-job reference.

COVERS ALL EXAM DOMAINS, INCLUDING:

Network security
Compliance and operational security
Threats and vulnerabilities
Application, data, and host security
Access control and identity management
Cryptography

ELECTRONIC CONTENT INCLUDESl

  • 200 practice exam questions
  • Test engine that provides practice exams or quizzes that can be customized by chapter or exam objective
  • PDF copy of the book

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright Page
  4. About the Authors
  5. Dedication
  6. Contents at a Glance
  7. Contents
  8. Preface
  9. Acknowledgments
  10. Introduction
  11. Part I Network Security
    1. Chapter 1 Network Device Configuration
      1. Network Devices
        1. Firewalls
        2. Routers
        3. Switches
        4. Load Balancers
        5. Proxies
        6. Web Security Gateways
        7. VPN Concentrators
        8. Intrusion Detection Systems
        9. Intrusion Prevention Systems
        10. Protocol Analyzers
        11. Spam Filter
        12. UTM Security Appliances
        13. Web Application Firewall vs. Network Firewall
        14. Application-aware Devices
      2. Chapter Review
        1. Questions
        2. Answers
    2. Chapter 2 Secure Network Administration
      1. Secure Network Administration Principles
        1. Rule-based Management
        2. Firewall Rules
        3. VLAN Management
        4. Secure Router Configuration
        5. Access Control Lists
        6. Port Security
        7. 802.1x
        8. Flood Guards
        9. Loop Protection
        10. Implicit Deny
        11. Network Separation
        12. Log Analysis
        13. Unified Threat Management
      2. Chapter Review
        1. Questions
        2. Answers
    3. Chapter 3 Secure Network Design
      1. Network Design Elements and Components
        1. DMZ Security Zones
        2. Subnetting
        3. VLAN
        4. NAT
        5. Remote Access
        6. Telephony
        7. Network Access Control (NAC)
        8. Virtualization
        9. Cloud Computing
        10. Layered Security/Defense in Depth
      2. Protocols
        1. IPsec
        2. SNMP
        3. SSH
        4. DNS
        5. TLS
        6. SSL
        7. TCP/IP
        8. FTP
        9. FTPS
        10. SFTP
        11. TFTP
        12. HTTP
        13. HTTPS
        14. SCP
        15. ICMP
        16. IPv4
        17. IPv6
        18. iSCSI
        19. Fibre Channel
        20. FCoE
        21. Telnet
        22. NetBIOS
      3. Ports
      4. OSI Relevance
      5. Chapter Review
        1. Questions
        2. Answers
    4. Chapter 4 Secure Wireless Networking
      1. Wireless Networking
        1. SSID
        2. WEP
        3. WPA
        4. TKIP
        5. WPA2
        6. EAP
        7. PEAP
        8. LEAP
        9. CCMP
      2. Wireless Operations
        1. MAC Filter
        2. Antenna Placement
        3. Power Level Controls
        4. Antenna Types
        5. Captive Portals
        6. Site Surveys
        7. VPN (Over Open Wireless)
      3. Chapter Review
        1. Questions
        2. Answers
  12. Part II Compliance and Operational Security
    1. Chapter 5 Risk Concepts
      1. An Overview of Risk Management
        1. Key Terms for Understanding Risk Management
        2. Control Types
        3. False Positives
        4. False Negatives
        5. Importance of Policies in Reducing Risk
        6. Qualitative Risk Assessment
        7. Quantitative Risk Assessment
        8. Risk Calculation
        9. Quantitative vs. Qualitative
        10. Vulnerabilities
        11. Threat Vectors
        12. Probability/Threat Likelihood
        13. Risk Avoidance, Transference, Acceptance, Mitigation, Deterrence
      2. The Cloud
        1. Risks Associated with Cloud Computing and Virtualization
        2. Virtualization
        3. Recovery Time Objective and Recovery Point Objective
      3. Chapter Review
        1. Questions
        2. Answers
    2. Chapter 6 System Integration Processes
      1. System-Level Processes
        1. On-boarding/Off-boarding Business Partners
        2. Social Media Networks
      2. Interoperability Agreements
        1. Privacy Considerations
        2. Risk Awareness
        3. Data Issues
        4. Policies and Procedures
        5. Agreements
      3. Chapter Review
        1. Questions
        2. Answers
    3. Chapter 7 Risk Management
      1. Risk Mitigation Strategies
        1. Change Management
        2. Incident Management
        3. User Rights and Permissions Reviews
        4. Perform Routine Audits
        5. Data Loss or Theft
        6. Technology Controls
      2. Risk Management Best Practices
        1. Business Continuity Concepts
        2. Fault Tolerance
        3. Disaster Recovery Concepts
      3. Chapter Review
        1. Questions
        2. Answers
    4. Chapter 8 Digital Forensics and Incident Response
      1. Forensic Procedures
        1. Collection
        2. Examination
        3. Analysis
        4. Reporting
      2. Incident Response Procedures
        1. Preparation
        2. Incident Identification
        3. Escalation and Notification
        4. Mitigation Steps
        5. Lessons Learned
        6. Reporting
        7. Recovery/Reconstitution Procedures
        8. Incident Isolation
        9. Data Breach
        10. Damage and Loss Control
      3. Chapter Review
        1. Questions
        2. Answers
    5. Chapter 9 Security Awareness and Training
      1. Security Awareness and Training
        1. Security Policy Training and Procedures
        2. Role-based Training
        3. Personally Identifiable Information
        4. Information Classification
        5. Data Labeling, Handling, and Disposal
        6. Compliance with Laws, Best Practices, and Standards
        7. User Habits
      2. New Threats and Security Trends/Alerts
        1. New Viruses
        2. Phishing Attacks
        3. Zero-day Exploits
      3. Social Networking and P2P
      4. Training Metrics and Compliance
      5. Chapter Review
        1. Questions
        2. Answers
    6. Chapter 10 Physical Security and Environmental Controls
      1. Environmental Controls
        1. HVAC
        2. Fire Suppression
        3. EMI Shielding
        4. Hot and Cold Aisles
        5. Environmental Monitoring
        6. Temperature and Humidity Controls
      2. Physical Security
        1. Hardware Locks
        2. Mantraps
        3. Video Surveillance
        4. Fencing
        5. Proximity Readers
        6. Access List
        7. Proper Lighting
        8. Signs
        9. Guards
        10. Barricades
        11. Biometrics
        12. Protected Distribution (Cabling)
        13. Alarms
        14. Motion Detection
      3. Control Types
      4. Chapter Review
        1. Questions
        2. Answers
    7. Chapter 11 Security Controls
      1. Confidentiality
      2. Integrity
      3. Availability
      4. Safety
        1. Fencing
        2. Lighting
        3. Locks
        4. CCTV
        5. Escape Routes
        6. Escape Plans
        7. Drills
        8. Testing Controls
      5. Chapter Review
        1. Questions
        2. Answers
  13. Part III Threats and Vulnerabilities
    1. Chapter 12 Attacks and Malware
      1. Malware
        1. Adware
        2. Virus
        3. Worms
        4. Spyware
        5. Trojan
        6. Rootkits
        7. Backdoors
        8. Logic Bomb
        9. Botnets
        10. Ransomware
        11. Polymorphic Malware
        12. Armored Virus
      2. Attack Methods
        1. Man-in-the-Middle
        2. Denial-of-Service
        3. Distributed Denial-of-Service
        4. Replay
        5. Spoofing
        6. Spam
        7. Spim
        8. Phishing
        9. Spear Phishing
        10. Vishing
        11. Xmas Attack
        12. Pharming
        13. Privilege Escalation
        14. Malicious Insider Threat
        15. Cache Poisoning
        16. TCP/IP Hijacking
        17. Transitive Access
        18. Client-side Attacks
        19. Password Attacks
        20. Typo Squatting/URL Hijacking
        21. Watering Hole Attack
      3. Chapter Review
        1. Questions
        2. Answers
    2. Chapter 13 Social Engineering
      1. Social Engineering Methods
        1. Shoulder Surfing
        2. Dumpster Diving
        3. Tailgating
        4. Impersonation
        5. Hoaxes
        6. Whaling
        7. Vishing
      2. Social Engineering Principles
        1. Tools
      3. Chapter Review
        1. Questions
        2. Answers
    3. Chapter 14 Application and Wireless Attacks
      1. Wireless Attacks
        1. Rogue Access Points
        2. Jamming/Interference
        3. Evil Twin
        4. War Dialing and War Driving
        5. Bluetooth Attacks
        6. Packet Sniffing
        7. Near Field Communication
        8. Replay Attacks
        9. IV Attack
        10. WEP/WPA Attacks
        11. WPS Attacks
      2. Application Attacks
        1. Cross-site Scripting
        2. Injections
        3. Directory Traversal/Command Injection
        4. Buffer Overflow
        5. Integer Overflow
        6. Zero-day
        7. Cookies and Attachments
        8. Locally Shared Objects
        9. Malicious Add-ons
        10. Session Hijacking
        11. Client-side Attacks
        12. Arbitrary/Remote Code Execution
      3. Chapter Review
        1. Questions
        2. Answers
    4. Chapter 15 Mitigation Techniques
      1. Monitoring System Logs
        1. Common Logs
        2. Periodic Audits of Security Settings
      2. System Hardening
        1. Disabling Unused Interfaces and Unused Application Service Ports
        2. Protecting Management Interfaces and Applications
        3. Password Protection
        4. Disabling Unused Accounts
      3. Network Security
        1. Network Software Updates
        2. Network Device Configuration
        3. 802.1x
        4. MAC Limiting and Filtering
        5. Disabling Unused Interfaces and Unused Application Service Ports
        6. Rogue Machine Detection
      4. Security Posture
        1. Initial Baseline Configuration
        2. Updates (aka Hotfixes, Service Packs, and Patches)
        3. Continuous Security Monitoring
        4. Remediation
      5. Reporting
      6. Detection Controls vs. Prevention Controls
      7. Chapter Review
        1. Questions
        2. Answers
    5. Chapter 16 Threat and Vulnerability Discovery
      1. Interpret Results of Security Assessment Tools
        1. Tools
      2. Risk Calculations
        1. Threat vs. Likelihood
      3. Assessment Types
        1. Risk
        2. Threat
        3. Vulnerability
      4. Assessment Technique
        1. Baseline Reporting
        2. Code Review
        3. Determine Attack Surface
        4. Review Architecture
        5. Review Designs
      5. Penetration Testing
        1. Verify a Threat Exists
        2. Bypass Security Controls
        3. Actively Test Security Controls
        4. Exploiting Vulnerabilities
      6. Vulnerability Scanning
        1. Passively Testing Security Controls
        2. Identify Vulnerability
        3. Identify Lack of Security Controls
        4. Identify Common Misconfigurations
        5. Intrusive vs. Non-intrusive
        6. Credentialed vs. Non-credentialed
        7. False Positive
      7. Testing
        1. Black Box
        2. White Box
        3. Gray Box
      8. Chapter Review
        1. Questions
        2. Answers
  14. Part IV Application, Data, and Host Security
    1. Chapter 17 Application Security Controls
      1. Secure Coding Concepts
        1. Error and Exception Handling
        2. Input Validation
        3. Fuzzing
        4. Cross-site Scripting Prevention
        5. Cross-site Request Forgery
      2. Application Hardening
        1. Application Configuration Baseline
        2. Application Patch Management
        3. NoSQL Databases vs. SQL Databases
        4. Server-side vs. Client-side Validation
      3. Chapter Review
        1. Questions
        2. Answers
    2. Chapter 18 Mobile Device Security
      1. Device Security
        1. Full Device Encryption
        2. Remote Wiping
        3. Lockout
        4. Screen-locks
        5. GPS
        6. Application Control
        7. Storage Segmentation
        8. Asset Control
        9. Mobile Device Management
        10. Device Access Control
        11. Removable Storage
        12. Disabling Unused Features
      2. Mobile Application Security
        1. Key and Credential Management
        2. Authentication
        3. Geo-tagging
        4. Application Whitelisting
        5. Encryption
        6. Transitive Trust/Authentication
      3. BYOD Concerns
        1. Data Ownership
        2. Support Ownership
        3. Patch Management
        4. Antivirus Management
        5. Forensics
        6. Privacy
        7. On-boarding/Off-boarding
        8. Adherence to Corporate Policies
        9. User Acceptance
        10. Architecture/Infrastructure Considerations
        11. Legal Concerns
        12. Acceptable Use Policy
        13. On-board Camera/Video
      4. Chapter Review
        1. Questions
        2. Answers
    3. Chapter 19 Host-based Security
      1. Host Security
        1. Operating System Security and Settings
        2. OS Hardening
        3. Anti-malware
        4. Patch Management
        5. Whitelisting vs. Blacklisting Applications
        6. Trusted OS
        7. Host-based Firewalls
        8. Host-based Intrusion Detection
        9. Hardware Security
        10. Host Software Baselining
        11. Virtualization
      2. Host-based Security Controls
        1. Cloud Storage
        2. SAN
        3. Handling Big Data
        4. Data Encryption
        5. Hardware-based Encryption Devices
        6. Data Security
        7. Permissions/ACL
        8. Data Policies
      3. Chapter Review
        1. Questions
        2. Answers
    4. Chapter 20 Securing Alternative Environments
      1. Alternative Environments
        1. SCADA
        2. Embedded Systems
        3. Phones and Mobile Devices
        4. Mainframe
        5. Game Consoles
        6. In-vehicle Computing Systems
      2. Methods
        1. Network Segmentation
        2. Security Layers
        3. Application Firewalls
        4. Manual Updates
        5. Firmware Version Control
        6. Wrappers
        7. Control Redundancy and Diversity
      3. Chapter Review
        1. Questions
        2. Answers
  15. Part V Access Control and Identity Management
    1. Chapter 21 Access Control and Authentication
      1. Authentication Services
        1. RADIUS
        2. TACACS+
        3. Common Remote Access Ports
        4. Kerberos
        5. LDAP
        6. Secure LDAP
        7. SAML
      2. Authorization
        1. Least Privilege
        2. Separation of Duties
        3. Access Control
        4. Job Rotation
        5. Time of Day Restrictions
      3. Authentication
        1. Biometrics
        2. Username
        3. Smart Card
        4. Common Access Card
        5. Personal Identity Verification Card
        6. Multifactor Authentication
        7. HOTP
        8. TOTP
        9. CHAP
        10. PAP
        11. EAP
        12. Implicit Deny
        13. Trusted OS
      4. Authentication Factors
        1. Identification
      5. Vulnerabilities
        1. Federation
        2. Transitive Trust/Authentication
      6. Chapter Review
        1. Questions
        2. Answers
    2. Chapter 22 Account Management
      1. User, Group, and Role Management
        1. User
        2. Groups
        3. Multiple Roles
        4. Account Policy Enforcement
        5. Credential Management
        6. Group Policy
      2. Password Policies
        1. Domain Password Policy
        2. Password Attacks
      3. Account Auditing
      4. Chapter Review
        1. Questions
        2. Answers
  16. Part VI Cryptography
    1. Chapter 23 Cryptographic Concepts
      1. General Cryptographic Concepts
        1. Symmetric
        2. Public Key or Asymmetric
        3. Symmetric vs. Asymmetric
        4. Session Keys
        5. Key Exchange
        6. Fundamental Methods
        7. Block vs. Stream
        8. Elliptic Curve
        9. Quantum Cryptography
        10. Hashing
        11. Ephemeral Keys
      2. Cryptographic Objectives
        1. Perfect Forward Secrecy
        2. Transport Encryption
        3. Non-repudiation
        4. Key Escrow
        5. Steganography
        6. Digital Signatures
      3. Use of Proven Technologies
      4. Chapter Review
        1. Questions
        2. Answers
    2. Chapter 24 Cryptographic Methods
      1. Hashing
        1. MD5
        2. SHA
        3. RIPEMD
      2. Symmetric Encryption
        1. DES
        2. 3DES
        3. AES
        4. RC4
        5. Blowfish
        6. Twofish
      3. Asymmetric Encryption
        1. RSA
        2. Diffie-Hellman
        3. ECC
      4. Cryptographic Applications
        1. PGP
        2. GnuPG/GPG
        3. PAP/CHAP
        4. NT LAN Manager
        5. Wireless
        6. One-time Pads
        7. Comparative Strengths and Performance of Algorithms
        8. Use of Algorithms/Protocols with Transport Encryption
        9. Cipher Suites
        10. Key Stretching
      5. The Basics of Public Key Infrastructures
      6. Certificate Authorities
      7. Registration Authorities
        1. Trust and Certificate Verification
        2. Digital Certificates
        3. Certificate Attributes
      8. Certificate Lifecycles
        1. Registration and Generation
        2. CSR
        3. Renewal
        4. Revocation
        5. Suspension
        6. Key Destruction
        7. Private Key Protection
        8. Key Recovery
        9. Key Escrow
        10. Public Certificate Authorities
      9. Trust Models
        1. Hierarchical Trust Model
        2. Walking the Certificate Path
        3. Peer-to-Peer Model
        4. Hybrid Trust Model
      10. Chapter Review
        1. Questions
        2. Answers
  17. Part VII Appendixes and Glossary
    1. Appendix A OSI Model and Internet Protocols
      1. Networking Frameworks and Protocols
      2. OSI Model
        1. Application Layer
        2. Presentation Layer
        3. Session Layer
        4. Transport Layer
        5. Network Layer
        6. Data Link Layer
        7. Physical Layer
      3. Internet Protocols
        1. TCP
        2. UDP
        3. IP
        4. Message Encapsulation
      4. Review
    2. Appendix B About the Download
      1. System Requirements
      2. Downloading Total Tester Premium Practice Exam Software
      3. Total Tester Premium Practice Exam Software
      4. Installing and Running Total Tester Premium Practice Exam Software
      5. Technical Support
  18. Glossary
  19. Index