You are previewing CompTIA® Security+™: Study Guide, Fifth Edition.
O'Reilly logo
CompTIA® Security+™: Study Guide, Fifth Edition

Book Description

This ebook does not provide access to the companion materials.

The preparation you need for the new CompTIA Security+ exam SY0-301

This top-selling study guide helps candidates prepare for exam SY0-301 and certification as a CompTIA Security+ administrator. Inside the new, CompTIA Authorized edition, you'll find complete coverage of all Security+ exam objectives, loads of real-world examples. The book covers key exam topics such as general security concepts, infrastructure security, the basics of cryptography, and much more.

  • Provides 100% coverage of all exam objectives for the new CompTIA Security+ exam SY0-301 including:
  • Covers key topics such as general security concepts, communication and infrastructure security, the basics of cryptography, operational security, and more
  • Offers practical examples and insights drawn from the real world

Obtain your Security+ certification and jump-start your career. It's possible with the kind of thorough preparation you'll receive from CompTIA Security+ Study Guide, 5th Edition.

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright
  4. Publisher's Note
  5. Dedication
  6. Acknowledgments
  7. About the Author
  8. Table of Exercises
  9. Foreword
  10. Introduction
    1. Assessment Test
    2. Answers to Assessment Test
  11. Chapter 1: Measuring and Weighing Risk
    1. Risk Assessment
    2. Developing Policies, Standards, and Guidelines
    3. Summary
    4. Exam Essentials
    5. Review Questions
    6. Answers to Review Questions
  12. Chapter 2: Infrastructure and Connectivity
    1. Mastering TCP/IP
    2. Distinguishing between Security Topologies
    3. Understanding Infrastructure Security
    4. Understanding the Different Network Infrastructure Devices
    5. Understanding Remote Access
    6. Summary
    7. Exam Essentials
    8. Review Questions
    9. Answers to Review Questions
  13. Chapter 3: Protecting Networks
    1. Monitoring and Diagnosing Networks
    2. Understanding Intrusion Detection Systems
    3. Understanding Protocol Analyzers
    4. Securing Workstations and Servers
    5. Securing Internet Connections
    6. Understanding Network Protocols
    7. Summary
    8. Exam Essentials
    9. Review Questions
    10. Answers to Review Questions
  14. Chapter 4: Threats and Vulnerabilities
    1. Understanding Software Exploitation
    2. Surviving Malicious Code
    3. Calculating Attack Strategies
    4. Recognizing Common Attacks
    5. Identifying TCP/IP Security Concerns
    6. Summary
    7. Exam Essentials
    8. Review Questions
    9. Answers to Review Questions
  15. Chapter 5: Access Control and Identity Management
    1. Access Control Basics
    2. Understanding Remote Access Connectivity
    3. Understanding Authentication Services
    4. Understanding Access Control
    5. Implementing Access Control Best Practices
    6. Summary
    7. Exam Essentials
    8. Review Questions
    9. Answers to Review Questions
  16. Chapter 6: Educating and Protecting the User
    1. Understanding Security Awareness and Training
    2. Classifying Information
    3. Information Access Controls
    4. Complying with Privacy and Security Regulations
    5. Understanding Social Engineering
    6. Summary
    7. Exam Essentials
    8. Review Questions
    9. Answers to Review Questions
  17. Chapter 7: Operating System and Application Security
    1. Hardening the Operating System
    2. Application Hardening
    3. Working with Data Repositories
    4. Host Security
    5. Mobile Devices
    6. Best Practices for Security
    7. Attack Types to Be Aware Of
    8. Summary
    9. Exam Essentials
    10. Review Questions
    11. Answers to Review Questions
  18. Chapter 8: Cryptography Basics
    1. An Overview of Cryptography
    2. Understanding Cryptographic Algorithms
    3. Using Cryptographic Systems
    4. Understanding Cryptography Standards and Protocols
    5. Summary
    6. Exam Essentials
    7. Review Questions
    8. Answers to Review Questions
  19. Chapter 9: Cryptography Implementation
    1. Using Public Key Infrastructure
    2. Preparing for Cryptographic Attacks
    3. Understanding Key Management and the Key Life Cycle
    4. Summary
    5. Exam Essentials
    6. Review Questions
    7. Answers to Review Questions
  20. Chapter 10: Physical and Hardware-Based Security
    1. Implementing Access Control
    2. Maintaining Environmental and Power Controls
    3. Fire Suppression
    4. Summary
    5. Exam Essentials
    6. Review Questions
    7. Answers to Review Questions
  21. Chapter 11: Security and Vulnerability in the Network
    1. Network Security Threats
    2. Secure Network Administration Principles
    3. Mitigation and Deterrent Techniques
    4. Summary
    5. Exam Essentials
    6. Review Questions
    7. Answers to Review Questions
  22. Chapter 12: Wireless Networking Security
    1. Working with Wireless Systems
    2. Understanding Mobile Devices
    3. Wireless Vulnerabilities to Know
    4. Summary
    5. Exam Essentials
    6. Review Questions
    7. Answers to Review Questions
  23. Chapter 13: Disaster Recovery and Incident Response
    1. Understanding Business Continuity
    2. Reinforcing Vendor Support
    3. Summary
    4. Exam Essentials
    5. Review Questions
    6. Answers to Review Questions
  24. Chapter 14: Security-Related Policies and Procedures
    1. Policies You Must Have
    2. Policies You Should Have
    3. Security Controls for Account Management
    4. Summary
    5. Exam Essentials
    6. Review Questions
    7. Answers to Review Questions
  25. Chapter 15: Security Administration
    1. Security Administrator's Troubleshooting Guide
    2. Getting Started
    3. Access Control Issues
    4. Accountability Concerns
    5. Auditing
    6. Authentication Schemes
    7. Backup Management
    8. Baselining Security
    9. Certificate Management
    10. Communications Security
    11. Directory Services Protection
    12. Disaster Planning
    13. Documenting Your Environment
    14. Email Issues
    15. File-Sharing Basics
    16. Working with IDSs and Honey Pots
    17. Incident Handling
    18. Internet Common Sense
    19. Key Management Conventions
    20. Preventing Common Malicious Events
    21. Managing Personnel
    22. Keeping Physical Security Meaningful
    23. Securing the Infrastructure
    24. Working with Security Zones
    25. Social Engineering Risks
    26. System Hardening Basics
    27. Securing the Wireless Environment
    28. Summary
  26. Appendix: About the Companion CD
    1. What You'll Find on the CD
    2. System Requirements
    3. Using the CD
    4. Troubleshooting
  27. Glossary
  28. Index
  29. End-User License Agreement
  30. What's on the CD
  31. Perf Card / Objectives Map