You are previewing CompTIA Security+ Review Guide: Exam SY0-401, 3rd Edition.
O'Reilly logo
CompTIA Security+ Review Guide: Exam SY0-401, 3rd Edition

Book Description

Focused review for the CompTIA Security+ certification exam

The CompTIA Security+ certification offers tremendous opportunities for IT professionals. For those who want to take their careers to the next level, CompTIA Security+ Review Guide: Exam SY0-401 is here to serve as a great resource for certification preparation. This concise, focused guide is easy to use and is organized by each exam objective for quick review and reinforcement of key topics. You'll find information on network security, compliance and operational security, and threats and vulnerabilities. Additionally, this indispensable resource delves into application, data, and host security, access control and identity management, and cryptography. Whether you're looking to achieve Security+ certification or simply get up to speed on key IT security concepts, this review guide brings together lessons on the most essential topics.

In addition to the content in the book, you'll have access to more than 100 practice exam questions, electronic flashcards, and a searchable glossary of key terms.

  • Serves as an essential review guide for Security+ certification exam

  • Split into six sections that cover the most essential topics for professionals interested in Security+ certification and other certifications

  • Features additional resources featured on companion website, including practice exam questions, electronic flashcards, and a glossary of key terms

  • More than 250,000 IT professionals have earned their Security+ certification since it was founded. Join the thousands who are excelling in their IT careers and get a head start on reviewing for one of the field's most sought after certifications.

    Table of Contents

    1. Cover
    2. Title Page
    3. Copyright
    4. Publisher's Note
    5. Dedication
    6. Acknowledgments
    7. About the Author
    8. Introduction
      1. Security+ Acronyms
    9. Chapter 1: Network Security
      1. 1.1 Implement security configuration parameters on network devices and other technologies
      2. 1.2 Given a scenario, use secure network administration principles
      3. 1.3 Explain network design elements and components
      4. 1.4 Given a scenario, implement common protocols and services
      5. 1.5 Given a scenario, troubleshoot security issues related to wireless networking
      6. Review Questions
    10. Chapter 2: Compliance and Operational Security
      1. 2.1 Explain the importance of risk-related concepts
      2. 2.2 Summarize the security implications of integrating systems and data with third parties
      3. 2.3 Given a scenario, implement appropriate risk-mitigation strategies
      4. 2.4 Given a scenario, implement basic forensic procedures
      5. 2.5 Summarize common incident response procedures
      6. 2.6 Explain the importance of security-related awareness and training
      7. 2.7 Compare and contrast physical security and environmental controls
      8. Control types
      9. 2.8 Summarize risk-management best practices
      10. 2.9 Given a scenario, select the appropriate control to meet the goals of security
      11. Review Questions
    11. Chapter 3: Threats and Vulnerabilities
      1. 3.1 Explain types of malware
      2. 3.2 Summarize various types of attacks
      3. 3.3 Summarize social engineering attacks and the associated effectiveness with each attack
      4. 3.4 Explain types of wireless attacks
      5. 3.5 Explain types of application attacks
      6. 3.6 Analyze a scenario and select the appropriate type of mitigation and deterrent techniques
      7. 3.7 Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities
      8. 3.8 Explain the proper use of penetration testing versus vulnerability scanning
      9. Review Questions
    12. Chapter 4: Application, Data, and Host Security
      1. 4.1 Explain the importance of application security controls and techniques
      2. 4.2 Summarize mobile security concepts and technologies
      3. 4.3 Given a scenario, select the appropriate solution to establish host security
      4. 4.4 Implement the appropriate controls to ensure data security
      5. 4.5 Compare and contrast alternative methods to mitigate security risks in static environments
      6. Review Questions
    13. Chapter 5: Access Control and Identity Management
      1. 5.1 Compare and contrast the function and purpose of authentication services.
      2. 5.2 Given a scenario, select the appropriate authentication, authorization, or access control.
      3. 5.3 Install and configure security controls when performing account management, based on best practices.
      4. Review Questions
    14. Chapter 6: Cryptography
      1. 6.1 Given a scenario, utilize general cryptography concepts
      2. 6.2 Given a scenario, use appropriate cryptographic methods
      3. 6.3 Given a scenario, use appropriate PKI, certificate management, and associated components
      4. Review Questions
    15. Appendix A: Answers to Review Questions
      1. Chapter 1: Network Security
      2. Chapter 2: Compliance and Operational Security
      3. Chapter 3: Threats and Vulnerabilities
      4. Chapter 4: Application, Data, and Host Security
      5. Chapter 5: Access Control and Identity Management
      6. Chapter 6: Cryptography
    16. Appendix B: About the Additional Study Tools
      1. Additional Study Tools
      2. System Requirements
      3. Using the Study Tools
      4. Troubleshooting
    17. Free Online Study Tools
    18. End User License Agreement