Lewis Heuermann

CompTIA Security+ SY0-701 Cert Guide

Name: CompTIA Security+ SY0-701 Cert Guide
Price: 56.99 EUR
Availability: InStock
ISBN: 978-0-13-829308-6

- Taschenbuch ausgewählt
- eBook
Sprache:Englisch

56,99 €

inkl. gesetzl. MwSt., Versandkostenfrei

Lieferung nach Hause

Beschreibung

Produktdetails

Einband

Taschenbuch

Erscheinungsdatum

28.09.2024

Verlag

Pearson Education Limited

Seitenzahl

768

Maße (L/B/H)

23,5/19,5/4,1 cm

Gewicht

1436 g

Auflage

Sprache

Englisch

ISBN

978-0-13-829308-6

Kundinnen und Kunden meinen

0 Bewertungen

Verfassen Sie die erste Bewertung zu diesem Artikel

Helfen Sie anderen Kund*innen durch Ihre Meinung

Kurze Frage zu unserer Seite

Vielen Dank für dein Feedback

Wir nutzen dein Feedback, um unsere Produktseiten zu verbessern. Bitte habe Verständnis, dass wir dir keine Rückmeldung geben können. Falls du Kontakt mit uns aufnehmen möchtest, kannst du dich aber gerne an unseren Kund*innenservice wenden.

zum Kundenservice

Introduction xxxix

Part I: General Security Concepts

Chapter 1 Comparing and Contrasting the Various Types of Controls 3

Do I Know This Already? Quiz 3

Foundation Topics 6

Control Categories 6

Technical Controls 6

Managerial Controls 6

Operational Controls 6

Physical Controls 7

Summary of Control Categories 7

Control Types 8

Preventive Controls 8

Deterrent Controls 8

Detective Controls 9

Corrective Controls 9

Compensating Controls 9

Directive Controls 10

Summary of Control Types 10

Chapter Review Activities 11

Chapter 2 Summarizing Fundamental Security Concepts 15

Do I Know This Already? Quiz 15

Foundation Topics 19

Confidentiality, Integrity, and Availability (CIA) 19

Non-repudiation 20

Authentication, Authorization, and Accounting (AAA) 21

Gap Analysis 22

Zero Trust 22

Physical Security 24

Bollards/Barricades 24

Access Control Vestibules 26

Fencing 27

Video Surveillance 28

Security Guards 28

Access Badges 29

Lighting 30

Sensors 30

Deception and Disruption Technology 31

Chapter Review Activities 32

Chapter 3 Understanding Change Managements Security Impact 37

Do I Know This Already? Quiz 37

Foundation Topics 41

Business Processes Impacting Security Operations 41

Approval Process 41

Ownership 41

Stakeholders 42

Impact Analysis 42

Test Results 42

Backout Plan 42

Maintenance Window 43

Standard Operating Procedure 43

Technical Implications 43

Allow Lists 44

Block Lists/Deny Lists 44

Restricted Activities 44

Downtime 45

Service Restart 45

Application Restart 46

Legacy Applications 46

Dependencies 46

Documentation 47

Updating Diagrams 47

Updating Policies/Procedures 48

Version Control 48

Chapter Review Activities 49

Chapter 4 Understanding the Importance of Using Appropriate Cryptographic Solutions 53

Do I Know This Already? Quiz 53

Foundation Topics 58

Public Key Infrastructure (PKI) 58

Public Key 58

Private and Public Key 58

Encryption 59

Level 59

Full Disk 59

Partition 60

File 60

Volume 60

Database 60

Record 61

Transport/Communication 61

Encryption at Rest, in Transit/Motion, and in Processing 61

Symmetric Versus Asymmetric Encryption 62

Key Exchange 64

Algorithms 65

Key Length 66

Tools 67

Trusted Platform Module 67

Hardware Security Module 68

Key Management System 68

Secure Enclave 69

Obfuscation 70

Steganography 70

Audio Steganography 71

Video Steganography 71

Image Steganography 72

Tokenization 72

Data Masking 74

Hashing 75

Salting 76

Digital Signatures 76

Key Stretching 77

Blockchain 78

Open Public Ledger 78

Certificates 79

Certificate Authorities 79

Certificate Revocation Lists 81

Online Certificate Status Protocol (OCSP) 82

Self-Signed 83

Certificate-Signing Request 90

Wildcard 90

Chapter Review Activities 90

Part II: Threats, Vulnerabilities, and Mitigations

Chapter 5 Comparing and Contrasting Common Threat Actors and Motivations 95

Do I Know This Already? Quiz 95

Foundation Topics 98

Threat Actors 98

Attributes of Actors 99

Motivations 100

War 101

Chapter Review Activities 102

Chapter 6 Understanding Common Threat Vectors and Attack Surfaces 105

Do I Know This Already? Quiz 105

Foundation Topics 109

Message-Based 109

Email 109

Short Message Service (SMS) 109

Instant Messaging (IM) 110

Spam and Spam over Internet Messaging (SPIM) 110

Image-Based 111

File-Based 111

Voice Call 111

Removable Device 111

Vulnerable Software 112

Unsupported Systems and Applications 112

Unsecure Networks 113

Open Service Ports 114

Default Credentials 115

Supply Chain 116

Human Vectors/Social Engineering 116

Phishing 117

Vishing 120

Smishing 121

Misinformation/Disinformation 121

Impersonation 121

Business Email Compromise (BEC) 122

Pretexting 122

Watering Hole Attack 122

Brand Impersonation 123

Typosquatting 123

Chapter Review Activities 123

Chapter 7 Understanding Various Types of Vulnerabilities 127

Do I Know This Already? Quiz 127

Foundation Topics 130

Application 130

Memory Injection 130

Buffer Overflow 131

Race Conditions 132

Malicious Update 132

Operating System (OS)Based 133

Web-Based 133

Structured Query Language Injection (SQLi) Vulnerabilities 133

Cross-Site Scripting (XSS) Vulnerabilities 134

Hardware 134

Firmware 134

End-of-Life (EOL) 134

Legacy 135

Virtualization 135

Virtual Machine (VM) Escape 135

Resource Reuse 135

Cloud Specific 136

Other Cloud-Based Concerns 140

Supply Chain 141

Service Provider 141

Hardware Provider 141

Software Provider 142

Cryptographic 142

Misconfiguration 142

Mobile Device 142

Side Loading 143

Jailbreaking 143

Zero-Day Vulnerabilities 143

Chapter Review Activities 145

Chapter 8 Understanding Indicators of Malicious Activity 149

Do I Know This Already? Quiz 149

Foundation Topics 152

Malware Attacks 152

Ransomware 152

Trojans 153

Worms 154

Spyware 154

Bloatware 155

Virus 155

Keylogger 155

You Cant Save Every Computer from Malware! 156

Logic Bomb 157

Rootkit 157

Physical Attacks 158

Brute-Force Attacks 159

Radio Frequency Identification (RFID) Cloning 159

Environmental 159

Network Attacks 160

Distributed Denial-of-Service (DDoS) Attacks 160

Domain Name System (DNS) Attacks 160

Wireless Attacks 160

On-Path Attacks 161

Credential Replay 161

Malicious Code 161

Application Attacks 162

Injection 162

Buffer Overflow 162

Replay 162

Privilege Escalation 162

Forgery 163

Directory Traversal 163

Cryptographic Attacks 163

Downgrade 163

Collision 163

Birthday 164

Password Attacks 164

Password Spraying 165

Brute-Force Attacks 165

Indicators 165

Account Lockout 166

Concurrent Session Usage 166

Blocked Content 166

Impossible Travel 166

Resource Consumption 166

Resource Inaccessibility 166

Out-of-Cycle Logging 167

Published/Documented Indicators 167

Missing Logs 167

Chapter Review Activities 167

Chapter 9 Understanding the Purpose of Mitigation Techniques Used to Secure the Enterprise 171

Do I Know This Already? Quiz 171

Foundation Topics 175

Segmentation 175

Access Control 175

Access Control Lists (ACLs) 175

Permissions 176

Application Allow List 178

Isolation 179

Patching 180

Encryption 181

Monitoring 182

Least Privilege 182

Configuration Enforcement 182

Decommissioning 183

Hardening Techniques 183

Encryption 183

Installation of Endpoint Protection 184

Host-Based Firewall 184

Host-Based Intrusion Prevention System (HIPS) 184

Disabling Ports/Protocols 184

Default Password Changes 185

Removal of Unnecessary Software 185

Chapter Review Activities 185

Part III: Security Architecture

Chapter 10 Comparing and Contrasting Security Implications of Different Architecture Models 189

Do I Know This Already? Quiz 189

Foundation Topics 193

Architecture and Infrastructure Concepts 193

Cloud 193

Infrastructure as Code (IaC) 195

Serverless 196

Microservices 197

Network Infrastructure 197

On-premises 201

Centralized Versus Decentralized 201

Containerization 202

Virtualization 206

IoT 208

Industrial Control Systems (ICS)/Supervisory Control and Data Acquisition (SCADA) 210

Real-Time Operating System (RTOS) 213

Embedded Systems 214

High Availability 214

Considerations 215

Availability 215

Resilience 215

Cost 216

Responsiveness 216

Scalability 216

Ease of Deployment 216

Risk Transference 217

Ease of Recovery 217

Patch Availability 217

Inability to Patch 218

Power 218

Compute 218

Chapter Review Activities 219

Chapter 11 Applying Security Principles to Secure Enterprise Infrastructure 223

Do I Know This Already? Quiz 223

Foundation Topics 226

Infrastructure Considerations 226

Device Placement 226

Security Zones 226

Attack Surface 227

Connectivity 228

Failure Modes 228

Device Attribute 229

Network Appliances 230

Port Security 235

Firewall Types 239

Secure Communication/Access 249

Virtual Private Network (VPN) 249

Remote Access 251

Tunneling 254

Software-Defined Wide Area Network (SD-WAN) 265

Secure Access Service Edge (SASE) 265

Selection of Effective Controls 266

Chapter Review Activities 266

Chapter 12 Comparing and Contrasting Concepts and Strategies to Protect Data 271

Do I Know This Already? Quiz 271

Foundation Topics 274

Data Types 274

Data Classifications 275

General Data Considerations 276

Data States 276

Data Sovereignty 278

Geolocation 278

Methods to Secure Data 279

Geographic Restrictions 279

Encryption 279

Hashing 279

Masking 281

Tokenization 281

Obfuscation 281

Segmentation 281

Permission Restrictions 282

Chapter Review Activities 283

Chapter 13 Understanding the Importance of Resilience and Recovery in Security Architecture 287

Do I Know This Already? Quiz 287

Foundation Topics 291

High Availability 291

Key Components 291

Cloud Environments 291

Site Considerations 292

Platform Diversity 294

Multi-Cloud System 294

Continuity of Operations 294

Capacity Planning 295

Testing 296

Tabletop Exercises 296

Failover 297

Simulations 298

Parallel Processing 299

Backups 299

Power 301

Uninterruptible Power Supply (UPS) 301

Generators 301

Chapter Review Activities 302

Part IV: Security Operations

Chapter 14 Applying Common Security Techniques to Computing Resources 305

Do I Know This Already? Quiz 305

Foundation Topics 309

Secure Baselines 309

Inventory Assessment 309

Vulnerability Scanning 309

Minimum Configuration Standards 310

Documentation 310

Deployment 310

Ongoing Maintenance 311

Hardening Targets 311

Wireless Devices 315

Mobile Solutions 318

Mobile Device Management 318

MDM Security Feature Concerns: Application and Content Management 320

MDM Security Feature Concerns: Remote Wipe, Geofencing, Geolocation, Screen Locks, Passwords and PINs, and Full Device Encryption 322

Deployment Models 325

Secure Implementation of BYOD, CYOD, and COPE 326

Connection Methods 328

Secure Implementation Best Practices 330

Wireless Security Settings 331

Wi-Fi Protected Access 3 (WPA3) 332

Remote Authentication Dial-In User Service (RADIUS) Federation 332

Cryptographic Protocols 334

Authentication Protocols 335

Application Security 336

Input Validations 337

Secure Cookies 337

Static Code Analysis 338

Code Signing 339

Sandboxing 340

Monitoring 340

Chapter Review Activities 341

Chapter 15 Understanding the Security Implications of Hardware, Software, and Data Asset Management 345

Do I Know This Already? Quiz 345

Foundation Topics 348

Acquisition/Procurement Process 348

Assignment/Accounting 350

Monitoring/Asset Tracking 350

Inventory 351

Enumeration 351

Disposal/Decommissioning 351

Sanitization 352

Destruction 352

Certification 353

Data Retention 353

Chapter Review Activities 354

Chapter 16 Understanding Various Activities Associated with Vulnerability Management 357

Do I Know This Already? Quiz 357

Foundation Topics 360

Identification Methods 360

Vulnerability Scan 360

Application Security 362

Threat Feed 364

Penetration Testing 366

Responsible Disclosure Program 366

System/Process Audit 367

Analysis 367

Confirmation 368

Prioritize 368

Common Vulnerability Scoring System (CVSS) 368

Common Vulnerability Enumeration (CVE) 370

Vulnerability Classification 370

Exposure Factor 371

Environmental Variables 372

Industry/Organizational Impact 372

Risk Tolerance 372

Vulnerability Response and Remediation 374

Patching 374

Insurance 374

Segmentation 374

Compensating Controls 375

Exceptions and Exemptions 375

Validation of Remediation 376

Rescanning 376

Audit 376

Verification 376

Reporting 377

Chapter Review Activities 378

Chapter 17 Understanding Security Alerting and Monitoring Concepts and Tools 381

Do I Know This Already? Quiz 381

Foundation Topics 383

Monitoring and Computing Resources 383

Activities 386

Log Aggregation 386

Alerting 388

Scanning 389

Reporting 390

Archiving 391

Alert Response and Remediation/Validation 392

Tools 392

Security Content Automation Protocol (SCAP) 393

Benchmarks 395

Agents/Agentless 397

Security Information and Event Management (SIEM) 397

NetFlow 399

Antivirus Software 400

Data Loss Prevention (DLP) 401

Simple Network Management Protocol (SNMP) Traps 401

Vulnerability Scanners 403

Chapter Review Activities 405

Chapter 18 Modifying Enterprise Capabilities to Enhance Security 409

Do I Know This Already? Quiz 409

Foundation Topics 413

Firewall 413

Rules 414

Access Lists 415

Ports/Protocols 416

Screened Subnet 417

IDS/IPS 418

Trends 419

Signatures 419

Web Filter 421

Operating System Security 423

Implementation of Secure Protocols 424

DNS Filtering 427

Email Security 427

File Integrity Monitoring 429

DLP 429

Network Access Control (NAC) 430

Endpoint Detection and Response (EDR)/Extended Detection and Response (XDR) 430

User Behavior Analytics 431

Chapter Review Activities 432

Chapter 19 Implementing and Maintaining Identity and Access Management 435

Do I Know This Already? Quiz 435

Foundation Topics 439

Provisioning/De-provisioning User Accounts 439

Permission Assignments and Implications 439

Identity Proofing 441

Federation 441

Single Sign-On (SSO) 443

Lightweight Directory Access Protocol (LDAP) 443

OAuth 444

Security Assertion Markup Language 446

Interoperability 448

Attestation 449

Access Controls 450

Role-Based Access Control 450

Rule-Based Access Control 451

Mandatory Access Control 451

Discretionary Access Control 452

Attribute-Based Access Control (ABAC) 454

Time-of-Day Restrictions 455

Least Privilege 456

Multifactor Authentication (MFA) 456

Implementations 457

Factors 459

Password Concepts 461

Password Best Practices 461

Password Managers 464

Passwordless 465

Privileged Access Management Tools 465

Just-in-Time Permissions 466

Password Vaulting 466

Ephemeral Credentials 466

Chapter Review Activities 467

Chapter 20 Understanding the Importance of Automation and Orchestration Related to Secure Operations 471

Do I Know This Already? Quiz 471

Foundation Topics 474

Use Cases of Automation and Scripting 474

User Provisioning 474

Resource Provisioning 477

Guard Rails 477

Security Groups 477

Ticket Creation and Escalation 477

Continuous Integration and Testing 478

Integrations and Application Programming Interfaces (APIs) 479

Benefits 480

Efficiency/Time Saving 480

Enforcing Baselines 480

Standard Infrastructure Configurations 481

Scaling in a Secure Manner 481

Employee Retention 481

Reaction Time 482

Workforce Multiplier 482

Other Considerations 482

Complexity 482

Cost 483

Single Point of Failure 483

Technical Debt 483

Ongoing Supportability 484

Chapter Review Activities 485

Chapter 21 Understanding Appropriate Incident Response Activities 489

Do I Know This Already? Quiz 489

Foundation Topics 493

Process 493

Preparation 494

Detection 495

Analysis 496

Containment 496

Eradication 496

Recovery 497

Lessons Learned 497

Training 497

Testing 498

The Anatomy of a Tabletop Exercise 499

The Intricacies of Simulation Exercises 499

Mock Example of a Tabletop Exercise 500

Root Cause Analysis 501

Threat Hunting 502

Digital Forensics 502

Legal Hold 503

Chain of Custody 503

Acquisition 503

Reporting 505

Preservation 505

E-Discovery 506

Chapter Review Activities 506

Chapter 22 Using Data Sources to Support an Investigation 509

Do I Know This Already? Quiz 509

Foundation Topics 512

Log Data 512

Firewall Logs 513

Application Logs 513

Endpoint Logs 515

OS-Specific Security Logs 515

IPS/IDS Logs 517

Network Logs 518

Metadata 518

Data Sources 521

Vulnerability Scans 522

Automated Reports 522

Dashboards 523

Packet Captures 525

Chapter Review Activities 525

Part V: Security Program Management and Oversight

Chapter 23 Summarizing Elements of Effective Security Governance 529

Do I Know This Already? Quiz 529

Foundation Topics 532

Guidelines 532

Policies 532

Acceptable Use 533

Information Security Policies 533

Business Continuity 535

Disaster Recovery 535

Incident Response 535

Software Development Lifecycle (SDLC) 536

Change Management 536

Standards 536

Password Standards 537

Access Control Standards 538

Physical Security Standards 539

Encryption Standards 539

Procedures 541

Change Management 541

Onboarding and Offboarding 542

Playbooks 542

External Considerations 543

Regulatory 543

Legal 544

Industry 544

Local/Regional 544

National 545

Global 545

Monitoring and Revision 545

Types of Governance Structures 546

Boards 546

Committees 547

Government Entities 547

Centralized/Decentralized 548

Roles and Responsibilities for Systems and Data 549

Owners 549

Controllers 550

Processors 551

Custodians/Stewards 552

Chapter Review Activities 553

Chapter 24 Understanding Elements of the Risk Management Process 557

Do I Know This Already? Quiz 557

Foundation Topics 561

Risk Identification 561

Risk Assessment 562

Ad Hoc 562

Recurring 562

One-time 562

Continuous 562

Risk Analysis 563

Qualitative Risk Assessment 565

Quantitative Risk Assessment 565

Probability 567

Likelihood 569

Exposure Factor 570

Impact 571

Risk Register 572

Key Risk Indicators (KRIs) 572

Risk Owners 572

Risk Threshold 572

Risk Tolerance 574

Risk Appetite 574

Expansionary 574

Conservative 575

Neutral 575

Risk Management Strategies 575

Risk Transfer 576

Risk Acceptance 576

Risk Avoidance 576

Risk Mitigation 576

Risk Reporting 577

Business Impact Analysis 578

Recovery Time Objective (RTO) 579

Recovery Point Objective (RPO) 579

Mean Time to Repair (MTTR) 579

Mean Time Between Failures (MTBF) 580

Chapter Review Activities 582

Chapter 25 Understanding the Processes Associated with Third-Party Risk Assessment and Management 585

Do I Know This Already? Quiz 585

Foundation Topics 588

Vendor Assessment 588

Penetration Testing 589

Right-to-Audit Clause 589

Evidence of Internal Audits 590

Independent Assessments 590

Supply Chain Analysis 591

Vendor Selection 591

Due Diligence 592

Conflict of Interest 592

Agreement Types 593

Vendor Monitoring 594

Questionnaires 594

Rules of Engagement 595

Chapter Review Activities 595

Chapter 26 Summarizing Elements of Effective Security Compliance 599

Do I Know This Already? Quiz 599

Foundation Topics 602

Compliance Reporting 602

Internal Reporting 603

External Reporting 603

Consequences of Non-compliance 603

Fines 603

Sanctions 604

Reputational Damage 604

Loss of License 604

Contractual Impacts 605

Compliance Monitoring 605

Due Diligence/Care 605

Attestation and Acknowledgment 607

Internal and External 608

Automation 608

Privacy 609

Legal Implications 609

Data Subject 611

Controller vs. Processor 611

Ownership 612

Data Inventory and Retention 612

Right to Be Forgotten 613

Chapter Review Activities 613

Chapter 27 Understanding Types and Purposes of Audits and Assessments 617

Do I Know This Already? Quiz 617

Foundation Topics 620

Attestation 620

Internal 621

External 622

Penetration Testing 623

Chapter Review Activities 628

Chapter 28 Implementing Security Awareness Practices 631

Do I Know This Already? Quiz 631

Foundation Topics 634

Phishing 634

Anomalous Behavior Recognition 635

User Guidance and Training 638

Reporting and Monitoring 641

Development 642

Execution 642

Chapter Review Activities 643

Part VI: Final Preparation

Chapter 29 Final Preparation 647

Hands-on Activities 647

Suggested Plan for Final Review and Study 648

Summary 648

Appendix A Answers to the Do I Know This Already? Quizzes and Review Questions 649

Online Elements

Appendix B Study Planner

Glossary of Key Terms

9780138293086 TOC 3/4/2024

Artikel entfernen

Du wurdest von bol.de auf bücher.de umgeleitet!

CompTIA Security+ SY0-701 Cert Guide

Beschreibung

Produktdetails

Einband

Erscheinungsdatum

Verlag

Seitenzahl

Maße (L/B/H)

Gewicht

Auflage

Sprache

ISBN

Beschreibung

Produktdetails

Einband

Erscheinungsdatum

Verlag

Seitenzahl

Maße (L/B/H)

Gewicht

Auflage

Sprache

ISBN

Herstelleradresse

Kundinnen und Kunden meinen

Kurze Frage zu unserer Seite

Vielen Dank für dein Feedback