CompTIA Security+ All-in-One SY0-601 Exam Guide, 6th Edition (2021)
CompTIA Security+ All-in-One SY0-601 Exam Guide, 6th Edition (2021) simplifies exam prep with well-structured content and practice questions.
Scarlett Anderson
Contributor
4.8
144
7 months ago
Preview (31 of 1093)
Sign in to access the full document!
Loading page 6...
Copyright © 2021 by McGraw Hill. All rights reserved. Except as
permitted under the United States Copyright Act of 1976, no part of this
publication may be reproduced or distributed in any form or by any means, or
stored in a database or retrieval system, without the prior written permission
of the publisher, with the exception that the program listings may be entered,
stored, and executed in a computer system, but they may not be reproduced
for publication.
ISBN: 978-1-26-046401-6
MHID: 1-26-046401-6
The material in this eBook also appears in the print version of this title:
ISBN: 978-1-26-046400-9, MHID: 1-26-046400-8.
eBook conversion by codeMantra
Version 1.0
All trademarks are trademarks of their respective owners. Rather than put a
trademark symbol after every occurrence of a trademarked name, we use
names in an editorial fashion only, and to the benefit of the trademark owner,
with no intention of infringement of the trademark. Where such designations
appear in this book, they have been printed with initial caps.
McGraw-Hill Education eBooks are available at special quantity discounts
to use as premiums and sales promotions or for use in corporate training
programs. To contact a representative, please visit the Contact Us page at
www.mhprofessional.com.
Information has been obtained by McGraw Hill from sources believed to
be reliable. However, because of the possibility of human or mechanical error
by our sources, McGraw Hill, or others, McGraw Hill does not guarantee the
accuracy, adequacy, or completeness of any information and is not
responsible for any errors or omissions or the results obtained from the use of
such information.
TERMS OF USE
permitted under the United States Copyright Act of 1976, no part of this
publication may be reproduced or distributed in any form or by any means, or
stored in a database or retrieval system, without the prior written permission
of the publisher, with the exception that the program listings may be entered,
stored, and executed in a computer system, but they may not be reproduced
for publication.
ISBN: 978-1-26-046401-6
MHID: 1-26-046401-6
The material in this eBook also appears in the print version of this title:
ISBN: 978-1-26-046400-9, MHID: 1-26-046400-8.
eBook conversion by codeMantra
Version 1.0
All trademarks are trademarks of their respective owners. Rather than put a
trademark symbol after every occurrence of a trademarked name, we use
names in an editorial fashion only, and to the benefit of the trademark owner,
with no intention of infringement of the trademark. Where such designations
appear in this book, they have been printed with initial caps.
McGraw-Hill Education eBooks are available at special quantity discounts
to use as premiums and sales promotions or for use in corporate training
programs. To contact a representative, please visit the Contact Us page at
www.mhprofessional.com.
Information has been obtained by McGraw Hill from sources believed to
be reliable. However, because of the possibility of human or mechanical error
by our sources, McGraw Hill, or others, McGraw Hill does not guarantee the
accuracy, adequacy, or completeness of any information and is not
responsible for any errors or omissions or the results obtained from the use of
such information.
TERMS OF USE
Loading page 7...
This is a copyrighted work and McGraw-Hill Education and its licensors
reserve all rights in and to the work. Use of this work is subject to these
terms. Except as permitted under the Copyright Act of 1976 and the right to
store and retrieve one copy of the work, you may not decompile, disassemble,
reverse engineer, reproduce, modify, create derivative works based upon,
transmit, distribute, disseminate, sell, publish or sublicense the work or any
part of it without McGraw-Hill Education’s prior consent. You may use the
work for your own noncommercial and personal use; any other use of the
work is strictly prohibited. Your right to use the work may be terminated if
you fail to comply with these terms.
THE WORK IS PROVIDED “AS IS.” McGRAW-HILL EDUCATION
AND ITS LICENSORS MAKE NO GUARANTEES OR WARRANTIES
AS TO THE ACCURACY, ADEQUACY OR COMPLETENESS OF OR
RESULTS TO BE OBTAINED FROM USING THE WORK, INCLUDING
ANY INFORMATION THAT CAN BE ACCESSED THROUGH THE
WORK VIA HYPERLINK OR OTHERWISE, AND EXPRESSLY
DISCLAIM ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
McGraw-Hill Education and its licensors do not warrant or guarantee that the
functions contained in the work will meet your requirements or that its
operation will be uninterrupted or error free. Neither McGraw-Hill Education
nor its licensors shall be liable to you or anyone else for any inaccuracy, error
or omission, regardless of cause, in the work or for any damages resulting
therefrom. McGraw-Hill Education has no responsibility for the content of
any information accessed through the work. Under no circumstances shall
McGraw-Hill Education and/or its licensors be liable for any indirect,
incidental, special, punitive, consequential or similar damages that result
from the use of or inability to use the work, even if any of them has been
advised of the possibility of such damages. This limitation of liability shall
apply to any claim or cause whatsoever whether such claim or cause arises in
contract, tort or otherwise.
reserve all rights in and to the work. Use of this work is subject to these
terms. Except as permitted under the Copyright Act of 1976 and the right to
store and retrieve one copy of the work, you may not decompile, disassemble,
reverse engineer, reproduce, modify, create derivative works based upon,
transmit, distribute, disseminate, sell, publish or sublicense the work or any
part of it without McGraw-Hill Education’s prior consent. You may use the
work for your own noncommercial and personal use; any other use of the
work is strictly prohibited. Your right to use the work may be terminated if
you fail to comply with these terms.
THE WORK IS PROVIDED “AS IS.” McGRAW-HILL EDUCATION
AND ITS LICENSORS MAKE NO GUARANTEES OR WARRANTIES
AS TO THE ACCURACY, ADEQUACY OR COMPLETENESS OF OR
RESULTS TO BE OBTAINED FROM USING THE WORK, INCLUDING
ANY INFORMATION THAT CAN BE ACCESSED THROUGH THE
WORK VIA HYPERLINK OR OTHERWISE, AND EXPRESSLY
DISCLAIM ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
McGraw-Hill Education and its licensors do not warrant or guarantee that the
functions contained in the work will meet your requirements or that its
operation will be uninterrupted or error free. Neither McGraw-Hill Education
nor its licensors shall be liable to you or anyone else for any inaccuracy, error
or omission, regardless of cause, in the work or for any damages resulting
therefrom. McGraw-Hill Education has no responsibility for the content of
any information accessed through the work. Under no circumstances shall
McGraw-Hill Education and/or its licensors be liable for any indirect,
incidental, special, punitive, consequential or similar damages that result
from the use of or inability to use the work, even if any of them has been
advised of the possibility of such damages. This limitation of liability shall
apply to any claim or cause whatsoever whether such claim or cause arises in
contract, tort or otherwise.
Loading page 8...
This book is dedicated to the many information security professionals who
quietly work to ensure the safety of our nation’s critical infrastructures. We
want to recognize the thousands of dedicated individuals who strive to protect
our national assets but who seldom receive praise and often are only noticed
when an incident occurs. To you, we say thank you for a job well done!
quietly work to ensure the safety of our nation’s critical infrastructures. We
want to recognize the thousands of dedicated individuals who strive to protect
our national assets but who seldom receive praise and often are only noticed
when an incident occurs. To you, we say thank you for a job well done!
Loading page 9...
ABOUT THE AUTHORS
Dr. Wm. Arthur Conklin, CompTIA Security+, CISSP, GICSP, GRID,
GCIP, GCFA, GCIA, GCDA, CSSLP, CRISC, is a professor and director at
the Center for Information Security Research and Education in the College of
Technology at the University of Houston. He holds two terminal degrees—a
PhD in business administration (specializing in information security) from
the University of Texas at San Antonio (UTSA) and an electrical engineer
degree (specializing in space systems engineering) from the Naval
Postgraduate School in Monterey, California. He is a fellow of ISSA and
(CS)2AI as well as a senior member of ASQ, IEEE, and ACM. His research
interests include the use of systems theory to explore information security,
specifically in cyber-physical systems. He has a strong interest in
cybersecurity education and is involved with the NSA/DHS Centers of
Academic Excellence in Cyber Defense (CAE CD) and the NIST National
Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce
Framework (NICE Framework). He has coauthored six security books and
numerous academic articles associated with information security. He is co-
chair of the steering committee for the DHS-sponsored Industrial Control
Systems Joint Working Group (ICSJWG) efforts associated with workforce
development and cybersecurity aspects of industrial control systems. He has
an extensive background in secure coding and has been co-chair of the
DHS/DoD Software Assurance Forum Working Group for workforce
education, training, and development.
Dr. Gregory White has been involved in computer and network security
since 1986. He spent 19 years on active duty with the United States Air Force
and 11 years in the Air Force Reserves in a variety of computer and security
positions. He obtained his PhD in computer science from Texas A&M
University in 1995. His dissertation topic was in the area of computer
network intrusion detection, and he continues to conduct research in this area
today. He is currently the director for the Center for Infrastructure Assurance
Dr. Wm. Arthur Conklin, CompTIA Security+, CISSP, GICSP, GRID,
GCIP, GCFA, GCIA, GCDA, CSSLP, CRISC, is a professor and director at
the Center for Information Security Research and Education in the College of
Technology at the University of Houston. He holds two terminal degrees—a
PhD in business administration (specializing in information security) from
the University of Texas at San Antonio (UTSA) and an electrical engineer
degree (specializing in space systems engineering) from the Naval
Postgraduate School in Monterey, California. He is a fellow of ISSA and
(CS)2AI as well as a senior member of ASQ, IEEE, and ACM. His research
interests include the use of systems theory to explore information security,
specifically in cyber-physical systems. He has a strong interest in
cybersecurity education and is involved with the NSA/DHS Centers of
Academic Excellence in Cyber Defense (CAE CD) and the NIST National
Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce
Framework (NICE Framework). He has coauthored six security books and
numerous academic articles associated with information security. He is co-
chair of the steering committee for the DHS-sponsored Industrial Control
Systems Joint Working Group (ICSJWG) efforts associated with workforce
development and cybersecurity aspects of industrial control systems. He has
an extensive background in secure coding and has been co-chair of the
DHS/DoD Software Assurance Forum Working Group for workforce
education, training, and development.
Dr. Gregory White has been involved in computer and network security
since 1986. He spent 19 years on active duty with the United States Air Force
and 11 years in the Air Force Reserves in a variety of computer and security
positions. He obtained his PhD in computer science from Texas A&M
University in 1995. His dissertation topic was in the area of computer
network intrusion detection, and he continues to conduct research in this area
today. He is currently the director for the Center for Infrastructure Assurance
Loading page 10...
and Security (CIAS) and is a professor of computer science at the University
of Texas at San Antonio (UTSA). Dr. White has written and presented
numerous articles and conference papers on security. He is also the coauthor
of six textbooks on computer and network security and has written chapters
for two other security books. Dr. White continues to be active in security
research. His current research initiatives include efforts in community
incident response, intrusion detection, and secure information sharing.
Chuck Cothren, CISSP, is Manager of Development Operations at Ionic
Security, applying over 20 years of information security experience in
consulting, research, and enterprise environments. He has assisted clients in a
variety of industries, including healthcare, banking, information technology,
retail, and manufacturing. He advises clients on topics such as security
architecture, penetration testing, training, consultant management, data loss
prevention, and encryption. He is coauthor of the books Voice and Data
Security and Principles of Computer Security.
Roger L. Davis, CISSP, CISM, CISA, is a Senior Customer Success
Account Manager for Microsoft supporting enterprise-level companies. He
has served as president of the Utah chapter of the Information Systems
Security Association (ISSA) and various board positions for the Utah chapter
of the Information Systems Audit and Control Association (ISACA). He is a
retired Air Force lieutenant colonel with 40 years of military and information
systems/security experience. Mr. Davis served on the faculty of Brigham
Young University and the Air Force Institute of Technology. He coauthored
McGraw-Hill’s Principles of Computer Security and Voice and Data
Security. He holds a master’s degree in computer science from George
Washington University, a bachelor’s degree in computer science from
Brigham Young University, and performed post-graduate studies in electrical
engineering and computer science at the University of Colorado.
Dwayne Williams, CISSP, CASP, is Associate Director, Technology and
Research, for the Center for Infrastructure Assurance and Security (CIAS) at
the University of Texas at San Antonio and is Director of the National
Collegiate Cyber Defense Competition. Mr. Williams has over 24 years of
experience in information systems and network security. His experience
includes six years of commissioned military service as a Communications-
Computer Information Systems Officer in the United States Air Force,
specializing in network security, corporate information protection, intrusion
detection systems, incident response, and VPN technology. Prior to joining
of Texas at San Antonio (UTSA). Dr. White has written and presented
numerous articles and conference papers on security. He is also the coauthor
of six textbooks on computer and network security and has written chapters
for two other security books. Dr. White continues to be active in security
research. His current research initiatives include efforts in community
incident response, intrusion detection, and secure information sharing.
Chuck Cothren, CISSP, is Manager of Development Operations at Ionic
Security, applying over 20 years of information security experience in
consulting, research, and enterprise environments. He has assisted clients in a
variety of industries, including healthcare, banking, information technology,
retail, and manufacturing. He advises clients on topics such as security
architecture, penetration testing, training, consultant management, data loss
prevention, and encryption. He is coauthor of the books Voice and Data
Security and Principles of Computer Security.
Roger L. Davis, CISSP, CISM, CISA, is a Senior Customer Success
Account Manager for Microsoft supporting enterprise-level companies. He
has served as president of the Utah chapter of the Information Systems
Security Association (ISSA) and various board positions for the Utah chapter
of the Information Systems Audit and Control Association (ISACA). He is a
retired Air Force lieutenant colonel with 40 years of military and information
systems/security experience. Mr. Davis served on the faculty of Brigham
Young University and the Air Force Institute of Technology. He coauthored
McGraw-Hill’s Principles of Computer Security and Voice and Data
Security. He holds a master’s degree in computer science from George
Washington University, a bachelor’s degree in computer science from
Brigham Young University, and performed post-graduate studies in electrical
engineering and computer science at the University of Colorado.
Dwayne Williams, CISSP, CASP, is Associate Director, Technology and
Research, for the Center for Infrastructure Assurance and Security (CIAS) at
the University of Texas at San Antonio and is Director of the National
Collegiate Cyber Defense Competition. Mr. Williams has over 24 years of
experience in information systems and network security. His experience
includes six years of commissioned military service as a Communications-
Computer Information Systems Officer in the United States Air Force,
specializing in network security, corporate information protection, intrusion
detection systems, incident response, and VPN technology. Prior to joining
Loading page 11...
the CIAS, he served as Director of Consulting for SecureLogix Corporation,
where he directed and provided security assessment and integration services
to Fortune 100, government, public utility, oil and gas, financial, and
technology clients. Mr. Williams graduated in 1993 from Baylor University
with a Bachelor of Arts in computer science. Mr. Williams is a coauthor of
Voice and Data Security and Principles of Computer Security.
About the Technical Editor
Chris Crayton, MCSE, is an author, technical consultant, and trainer. He
has worked as a computer technology and networking instructor, information
security director, network administrator, network engineer, and PC specialist.
Chris has authored several print and online books on PC repair, CompTIA
A+, CompTIA Security+, and Microsoft Windows. He has also served as
technical editor and content contributor on numerous technical titles for
several of the leading publishing companies. He holds numerous industry
certifications, has been recognized with many professional teaching awards,
and has served as a state-level SkillsUSA competition judge.
where he directed and provided security assessment and integration services
to Fortune 100, government, public utility, oil and gas, financial, and
technology clients. Mr. Williams graduated in 1993 from Baylor University
with a Bachelor of Arts in computer science. Mr. Williams is a coauthor of
Voice and Data Security and Principles of Computer Security.
About the Technical Editor
Chris Crayton, MCSE, is an author, technical consultant, and trainer. He
has worked as a computer technology and networking instructor, information
security director, network administrator, network engineer, and PC specialist.
Chris has authored several print and online books on PC repair, CompTIA
A+, CompTIA Security+, and Microsoft Windows. He has also served as
technical editor and content contributor on numerous technical titles for
several of the leading publishing companies. He holds numerous industry
certifications, has been recognized with many professional teaching awards,
and has served as a state-level SkillsUSA competition judge.
Loading page 12...
CONTENTS AT A GLANCE
Part I Threats, Attacks, and Vulnerabilities
Chapter 1 Social Engineering Techniques
Chapter 2 Type of Attack Indicators
Chapter 3 Application Attack Indicators
Chapter 4 Network Attack Indicators
Chapter 5 Threat Actors, Vectors, and Intelligence Sources
Chapter 6 Vulnerabilities
Chapter 7 Security Assessments
Chapter 8 Penetration Testing
Part II Architecture and Design
Chapter 9 Enterprise Security Architecture
Chapter 10 Virtualization and Cloud Security
Chapter 11 Secure Application Development, Deployment, and
Automation Concepts
Chapter 12 Authentication and Authorization
Chapter 13 Cybersecurity Resilience
Chapter 14 Embedded and Specialized Systems
Chapter 15 Physical Security Controls
Chapter 16 Cryptographic Concepts
Part III Implementation
Part I Threats, Attacks, and Vulnerabilities
Chapter 1 Social Engineering Techniques
Chapter 2 Type of Attack Indicators
Chapter 3 Application Attack Indicators
Chapter 4 Network Attack Indicators
Chapter 5 Threat Actors, Vectors, and Intelligence Sources
Chapter 6 Vulnerabilities
Chapter 7 Security Assessments
Chapter 8 Penetration Testing
Part II Architecture and Design
Chapter 9 Enterprise Security Architecture
Chapter 10 Virtualization and Cloud Security
Chapter 11 Secure Application Development, Deployment, and
Automation Concepts
Chapter 12 Authentication and Authorization
Chapter 13 Cybersecurity Resilience
Chapter 14 Embedded and Specialized Systems
Chapter 15 Physical Security Controls
Chapter 16 Cryptographic Concepts
Part III Implementation
Loading page 13...
Chapter 17 Secure Protocols
Chapter 18 Host and Application Security
Chapter 19 Secure Network Design
Chapter 20 Wireless Security
Chapter 21 Secure Mobile Solutions
Chapter 22 Implementing Cloud Security
Chapter 23 Identity and Account Management Controls
Chapter 24 Implement Authentication and Authorization
Chapter 25 Public Key Infrastructure
Part IV Operations and Incident Response
Chapter 26 Tools/Assess Organizational Security
Chapter 27 Incident Response Policies, Processes, and Procedures
Chapter 28 Investigations
Chapter 29 Mitigation Techniques and Controls
Chapter 30 Digital Forensics
Part V Governance, Risk, and Compliance
Chapter 31 Security Controls
Chapter 32 Regulations, Standards, and Frameworks
Chapter 33 Organizational Policies
Chapter 34 Risk Management
Chapter 35 Privacy
Part VI Appendixes and Glossary
Appendix A OSI Model and Internet Protocols
Appendix B About the Online Content
Chapter 18 Host and Application Security
Chapter 19 Secure Network Design
Chapter 20 Wireless Security
Chapter 21 Secure Mobile Solutions
Chapter 22 Implementing Cloud Security
Chapter 23 Identity and Account Management Controls
Chapter 24 Implement Authentication and Authorization
Chapter 25 Public Key Infrastructure
Part IV Operations and Incident Response
Chapter 26 Tools/Assess Organizational Security
Chapter 27 Incident Response Policies, Processes, and Procedures
Chapter 28 Investigations
Chapter 29 Mitigation Techniques and Controls
Chapter 30 Digital Forensics
Part V Governance, Risk, and Compliance
Chapter 31 Security Controls
Chapter 32 Regulations, Standards, and Frameworks
Chapter 33 Organizational Policies
Chapter 34 Risk Management
Chapter 35 Privacy
Part VI Appendixes and Glossary
Appendix A OSI Model and Internet Protocols
Appendix B About the Online Content
Loading page 14...
Glossary
Index
Index
Loading page 15...
CONTENTS
Preface
Acknowledgments
Introduction
Objective Map: Exam SY0-601
Part I Threats, Attacks, and Vulnerabilities
Chapter 1 Social Engineering Techniques
Social Engineering Methods
Tools
Phishing
Smishing
Vishing
Spam
Spam over Instant Messaging (SPIM)
Spear Phishing
Dumpster Diving
Shoulder Surfing
Pharming
Tailgating
Eliciting Information
Whaling
Prepending
Identity Fraud
Invoice Scams
Credential Harvesting
Reconnaissance
Hoax
Preface
Acknowledgments
Introduction
Objective Map: Exam SY0-601
Part I Threats, Attacks, and Vulnerabilities
Chapter 1 Social Engineering Techniques
Social Engineering Methods
Tools
Phishing
Smishing
Vishing
Spam
Spam over Instant Messaging (SPIM)
Spear Phishing
Dumpster Diving
Shoulder Surfing
Pharming
Tailgating
Eliciting Information
Whaling
Prepending
Identity Fraud
Invoice Scams
Credential Harvesting
Reconnaissance
Hoax
Loading page 16...
Impersonation
Third-Party Authorization
Contractors/Outside Parties
Online Attacks
Defenses
Watering Hole Attack
Typosquatting
Pretexting
Influence Campaigns
Principles (Reasons for Effectiveness)
Authority
Intimidation
Consensus
Scarcity
Familiarity
Trust
Urgency
Defenses
Chapter Review
Questions
Answers
Chapter 2 Type of Attack Indicators
Malware
Ransomware
Trojans
Worms
Potentially Unwanted Programs
Fileless Viruses
Command and Control
Bots
Crypto-malware
Logic Bombs
Spyware
Keyloggers
Remote-Access Trojans (RATs)
Third-Party Authorization
Contractors/Outside Parties
Online Attacks
Defenses
Watering Hole Attack
Typosquatting
Pretexting
Influence Campaigns
Principles (Reasons for Effectiveness)
Authority
Intimidation
Consensus
Scarcity
Familiarity
Trust
Urgency
Defenses
Chapter Review
Questions
Answers
Chapter 2 Type of Attack Indicators
Malware
Ransomware
Trojans
Worms
Potentially Unwanted Programs
Fileless Viruses
Command and Control
Bots
Crypto-malware
Logic Bombs
Spyware
Keyloggers
Remote-Access Trojans (RATs)
Loading page 17...
Rootkit
Backdoors
Password Attacks
Spraying
Dictionary
Brute Force
Rainbow Tables
Plaintext/Unencrypted
Physical Attacks
Malicious Universal Serial Bus (USB) Cable
Malicious Flash Drives
Card Cloning
Skimming
Adversarial Artificial Intelligence (AI)
Tainted Training Data for Machine Learning (ML)
Security of Machine Learning Algorithms
Supply-Chain Attacks
Cloud-Based vs. On-Premises Attacks
Cryptographic Attacks
Birthday
Collision
Downgrade
Chapter Review
Questions
Answers
Chapter 3 Application Attack Indicators
Privilege Escalation
Cross-Site Scripting
Injection Attacks
Structured Query Language (SQL)
Dynamic-Link Library (DLL)
Lightweight Directory Access Protocol (LDAP)
Extensible Markup Language (XML)
Pointer/Object Dereference
Directory Traversal
Backdoors
Password Attacks
Spraying
Dictionary
Brute Force
Rainbow Tables
Plaintext/Unencrypted
Physical Attacks
Malicious Universal Serial Bus (USB) Cable
Malicious Flash Drives
Card Cloning
Skimming
Adversarial Artificial Intelligence (AI)
Tainted Training Data for Machine Learning (ML)
Security of Machine Learning Algorithms
Supply-Chain Attacks
Cloud-Based vs. On-Premises Attacks
Cryptographic Attacks
Birthday
Collision
Downgrade
Chapter Review
Questions
Answers
Chapter 3 Application Attack Indicators
Privilege Escalation
Cross-Site Scripting
Injection Attacks
Structured Query Language (SQL)
Dynamic-Link Library (DLL)
Lightweight Directory Access Protocol (LDAP)
Extensible Markup Language (XML)
Pointer/Object Dereference
Directory Traversal
Loading page 18...
Buffer Overflow
Race Condition
Time of Check/Time of Use
Improper Error Handling
Improper Input Handling
Replay Attacks
Session Replay
Integer Overflow
Request Forgery
Server-Side Request Forgery
Cross-Site Request Forgery
Application Programming Interface (API) Attacks
Resource Exhaustion
Memory Leak
Secure Sockets Layer (SSL) Stripping
Driver Manipulation
Shimming
Refactoring
Pass the Hash
Chapter Review
Questions
Answers
Chapter 4 Network Attack Indicators
Wireless
Evil Twin
Rogue Access Point
Bluesnarfing
Bluejacking
Disassociation
Jamming
Radio Frequency Identification (RFID)
Near Field Communication (NFC)
Initialization Vector (IV)
On-path Attack
Layer 2 Attacks
Race Condition
Time of Check/Time of Use
Improper Error Handling
Improper Input Handling
Replay Attacks
Session Replay
Integer Overflow
Request Forgery
Server-Side Request Forgery
Cross-Site Request Forgery
Application Programming Interface (API) Attacks
Resource Exhaustion
Memory Leak
Secure Sockets Layer (SSL) Stripping
Driver Manipulation
Shimming
Refactoring
Pass the Hash
Chapter Review
Questions
Answers
Chapter 4 Network Attack Indicators
Wireless
Evil Twin
Rogue Access Point
Bluesnarfing
Bluejacking
Disassociation
Jamming
Radio Frequency Identification (RFID)
Near Field Communication (NFC)
Initialization Vector (IV)
On-path Attack
Layer 2 Attacks
Loading page 19...
Address Resolution Protocol (ARP) Poisoning
Media Access Control (MAC) Flooding
MAC Cloning
Domain Name System (DNS)
Domain Hijacking
DNS Poisoning
Universal Resource Locator (URL) Redirection
Domain Reputation
Distributed Denial-of-Service (DDoS)
Network
Application
Operational Technology (OT)
Malicious Code and Script Execution
PowerShell
Python
Bash
Macros
Visual Basic for Applications (VBA)
Chapter Review
Questions
Answers
Chapter 5 Threat Actors, Vectors, and Intelligence Sources
Actors and Threats
Advanced Persistent Threats (APTs)
Insider Threats
State Actors
Hacktivists
Script Kiddies
Criminal Syndicates
Hackers
Shadow IT
Competitors
Attributes of Actors
Internal/External
Level of Sophistication/Capability
Media Access Control (MAC) Flooding
MAC Cloning
Domain Name System (DNS)
Domain Hijacking
DNS Poisoning
Universal Resource Locator (URL) Redirection
Domain Reputation
Distributed Denial-of-Service (DDoS)
Network
Application
Operational Technology (OT)
Malicious Code and Script Execution
PowerShell
Python
Bash
Macros
Visual Basic for Applications (VBA)
Chapter Review
Questions
Answers
Chapter 5 Threat Actors, Vectors, and Intelligence Sources
Actors and Threats
Advanced Persistent Threats (APTs)
Insider Threats
State Actors
Hacktivists
Script Kiddies
Criminal Syndicates
Hackers
Shadow IT
Competitors
Attributes of Actors
Internal/External
Level of Sophistication/Capability
Loading page 20...
Resources/Funding
Intent/Motivation
Vectors
Direct Access
Wireless
E-mail
Supply Chain
Social Media
Removable Media
Cloud
Threat Intelligence Sources
Open Source Intelligence (OSINT)
Closed/Proprietary
Vulnerability Databases
Public/Private Information Sharing Centers
Dark Web
Indicators of Compromise
Automated Indicator Sharing (AIS)
Structured Threat Information Expression (STIX) /
Trusted Automated Exchange of Intelligence Information
(TAXII)
Predictive Analysis
Threat Maps
File/Code Repositories
Research Sources
Vendor Websites
Vulnerability Feeds
Conferences
Academic Journals
Requests for Comment (RFCs)
Local Industry Groups
Social Media
Threat Feeds
Adversary Tactics, Techniques, and Procedures (TTPs)
Chapter Review
Intent/Motivation
Vectors
Direct Access
Wireless
Supply Chain
Social Media
Removable Media
Cloud
Threat Intelligence Sources
Open Source Intelligence (OSINT)
Closed/Proprietary
Vulnerability Databases
Public/Private Information Sharing Centers
Dark Web
Indicators of Compromise
Automated Indicator Sharing (AIS)
Structured Threat Information Expression (STIX) /
Trusted Automated Exchange of Intelligence Information
(TAXII)
Predictive Analysis
Threat Maps
File/Code Repositories
Research Sources
Vendor Websites
Vulnerability Feeds
Conferences
Academic Journals
Requests for Comment (RFCs)
Local Industry Groups
Social Media
Threat Feeds
Adversary Tactics, Techniques, and Procedures (TTPs)
Chapter Review
Loading page 21...
Questions
Answers
Chapter 6 Vulnerabilities
Cloud-based vs. On-premises Vulnerabilities
Zero Day
Weak Configurations
Open Permissions
Unsecure Root Accounts
Errors
Weak Encryption
Unsecure Protocols
Default Settings
Open Ports and Services
Third-Party Risks
Vendor Management
Supply Chain
Outsourced Code Development
Data Storage
Improper or Weak Patch Management
Firmware
Operating System (OS)
Applications
Legacy Platforms
Impacts
Data Loss
Data Breaches
Data Exfiltration
Identity Theft
Financial
Reputation
Availability Loss
Chapter Review
Questions
Answers
Answers
Chapter 6 Vulnerabilities
Cloud-based vs. On-premises Vulnerabilities
Zero Day
Weak Configurations
Open Permissions
Unsecure Root Accounts
Errors
Weak Encryption
Unsecure Protocols
Default Settings
Open Ports and Services
Third-Party Risks
Vendor Management
Supply Chain
Outsourced Code Development
Data Storage
Improper or Weak Patch Management
Firmware
Operating System (OS)
Applications
Legacy Platforms
Impacts
Data Loss
Data Breaches
Data Exfiltration
Identity Theft
Financial
Reputation
Availability Loss
Chapter Review
Questions
Answers
Loading page 22...
Chapter 7 Security Assessments
Threat Hunting
Intelligence Fusion
Threat Feeds
Advisories and Bulletins
Maneuver
Vulnerability Scans
False Positives
False Negatives
Log Reviews
Credentialed vs. Non-Credentialed
Intrusive vs. Non-Intrusive
Application
Web Application
Network
Common Vulnerabilities and Exposures (CVE)/Common
Vulnerability Scoring System (CVSS)
Configuration Review
Syslog/Security Information and Event Management (SIEM)
Review Reports
Packet Capture
Data Inputs
User Behavior Analysis
Sentiment Analysis
Security Monitoring
Log Aggregation
Log Collectors
Security Orchestration, Automation, and Response (SOAR)
Chapter Review
Questions
Answers
Chapter 8 Penetration Testing
Penetration Testing
Known Environment
Unknown Environment
Threat Hunting
Intelligence Fusion
Threat Feeds
Advisories and Bulletins
Maneuver
Vulnerability Scans
False Positives
False Negatives
Log Reviews
Credentialed vs. Non-Credentialed
Intrusive vs. Non-Intrusive
Application
Web Application
Network
Common Vulnerabilities and Exposures (CVE)/Common
Vulnerability Scoring System (CVSS)
Configuration Review
Syslog/Security Information and Event Management (SIEM)
Review Reports
Packet Capture
Data Inputs
User Behavior Analysis
Sentiment Analysis
Security Monitoring
Log Aggregation
Log Collectors
Security Orchestration, Automation, and Response (SOAR)
Chapter Review
Questions
Answers
Chapter 8 Penetration Testing
Penetration Testing
Known Environment
Unknown Environment
Loading page 23...
Partially Known Environment
Rules of Engagement
Lateral Movement
Privilege Escalation
Persistence
Cleanup
Bug Bounty
Pivoting
Passive and Active Reconnaissance
Drones
War Flying
War Driving
Footprinting
OSINT
Exercise Types
Red Team
Blue Team
White Team
Purple Team
Chapter Review
Questions
Answers
Part II Architecture and Design
Chapter 9 Enterprise Security Architecture
Configuration Management
Diagrams
Baseline Configuration
Standard Naming Conventions
Internet Protocol (IP) Schema
Data Sovereignty
Data Protection
Data Loss Prevention (DLP)
Masking
Encryption
Rules of Engagement
Lateral Movement
Privilege Escalation
Persistence
Cleanup
Bug Bounty
Pivoting
Passive and Active Reconnaissance
Drones
War Flying
War Driving
Footprinting
OSINT
Exercise Types
Red Team
Blue Team
White Team
Purple Team
Chapter Review
Questions
Answers
Part II Architecture and Design
Chapter 9 Enterprise Security Architecture
Configuration Management
Diagrams
Baseline Configuration
Standard Naming Conventions
Internet Protocol (IP) Schema
Data Sovereignty
Data Protection
Data Loss Prevention (DLP)
Masking
Encryption
Loading page 24...
At Rest
In Transit/Motion
In Processing
Tokenization
Rights Management
Geographical Considerations
Response and Recovery Controls
Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
Inspection
Hashing
API Considerations
Site Resiliency
Hot Sites
Warm Sites
Cold Sites
Deception and Disruption
Honeypots
Honeyfiles
Honeynets
Fake Telemetry
DNS Sinkhole
Chapter Review
Questions
Answers
Chapter 10 Virtualization and Cloud Security
Cloud Models
Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Software as a Service (SaaS)
Anything as a Service (XaaS)
Level of Control in the Hosting Models
Public
Community
Private
Hybrid
In Transit/Motion
In Processing
Tokenization
Rights Management
Geographical Considerations
Response and Recovery Controls
Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
Inspection
Hashing
API Considerations
Site Resiliency
Hot Sites
Warm Sites
Cold Sites
Deception and Disruption
Honeypots
Honeyfiles
Honeynets
Fake Telemetry
DNS Sinkhole
Chapter Review
Questions
Answers
Chapter 10 Virtualization and Cloud Security
Cloud Models
Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Software as a Service (SaaS)
Anything as a Service (XaaS)
Level of Control in the Hosting Models
Public
Community
Private
Hybrid
Loading page 25...
Cloud Service Providers
Managed Service Provider (MSP) / Managed Security Service
Provider (MSSP)
On-Premises vs. Off-Premises
Fog Computing
Edge Computing
Thin Client
Containers
Microservices/API
Infrastructure as Code
Software-Defined Networking (SDN)
Software-Defined Visibility (SDV)
Serverless Architecture
Services Integration
Resource Policies
Transit Gateway
Virtualization
Type I
Type II
Virtual Machine (VM) Sprawl Avoidance
VM Escape Protection
Chapter Review
Questions
Answers
Chapter 11 Secure Application Development, Deployment, and
Automation Concepts
Environment
Development
Test
Staging
Production
Quality Assurance (QA)
Provisioning and Deprovisioning
Integrity Measurement
Secure Coding Techniques
Managed Service Provider (MSP) / Managed Security Service
Provider (MSSP)
On-Premises vs. Off-Premises
Fog Computing
Edge Computing
Thin Client
Containers
Microservices/API
Infrastructure as Code
Software-Defined Networking (SDN)
Software-Defined Visibility (SDV)
Serverless Architecture
Services Integration
Resource Policies
Transit Gateway
Virtualization
Type I
Type II
Virtual Machine (VM) Sprawl Avoidance
VM Escape Protection
Chapter Review
Questions
Answers
Chapter 11 Secure Application Development, Deployment, and
Automation Concepts
Environment
Development
Test
Staging
Production
Quality Assurance (QA)
Provisioning and Deprovisioning
Integrity Measurement
Secure Coding Techniques
Loading page 26...
Normalization
Stored Procedures
Obfuscation/Camouflage
Code Reuse and Dead Code
Server-Side vs. Client-Side Execution and Validation
Memory Management
Use of Third-Party Libraries and Software Development
Kits (SDKs)
Data Exposure
Open Web Application Security Project (OWASP)
Software Diversity
Compilers
Binaries
Automation/Scripting
Automated Courses of Action
Continuous Monitoring
Continuous Validation
Continuous Integration
Continuous Delivery
Continuous Deployment
Elasticity
Scalability
Version Control
Chapter Review
Questions
Answers
Chapter 12 Authentication and Authorization
Authentication Methods
Directory Services
Federation
Attestation
Technologies
Smart Card Authentication
Biometrics
Fingerprint
Stored Procedures
Obfuscation/Camouflage
Code Reuse and Dead Code
Server-Side vs. Client-Side Execution and Validation
Memory Management
Use of Third-Party Libraries and Software Development
Kits (SDKs)
Data Exposure
Open Web Application Security Project (OWASP)
Software Diversity
Compilers
Binaries
Automation/Scripting
Automated Courses of Action
Continuous Monitoring
Continuous Validation
Continuous Integration
Continuous Delivery
Continuous Deployment
Elasticity
Scalability
Version Control
Chapter Review
Questions
Answers
Chapter 12 Authentication and Authorization
Authentication Methods
Directory Services
Federation
Attestation
Technologies
Smart Card Authentication
Biometrics
Fingerprint
Loading page 27...
Retina
Iris
Facial
Voice
Vein
Gait Analysis
Efficacy Rates
False Acceptance
False Rejection
Crossover Error Rate
Multifactor Authentication (MFA) Factors and Attributes
Factors
Attributes
Authentication, Authorization, and Accounting (AAA)
Cloud vs. On-premises Requirements
Chapter Review
Questions
Answers
Chapter 13 Cybersecurity Resilience
Redundancy
Geographic Dispersal
Disk
Network
Power
Replication
Storage Area Network (SAN)
VM
On-premises vs. Cloud
Backup Types
Full
Incremental
Snapshot
Differential
Tape
Disk
Iris
Facial
Voice
Vein
Gait Analysis
Efficacy Rates
False Acceptance
False Rejection
Crossover Error Rate
Multifactor Authentication (MFA) Factors and Attributes
Factors
Attributes
Authentication, Authorization, and Accounting (AAA)
Cloud vs. On-premises Requirements
Chapter Review
Questions
Answers
Chapter 13 Cybersecurity Resilience
Redundancy
Geographic Dispersal
Disk
Network
Power
Replication
Storage Area Network (SAN)
VM
On-premises vs. Cloud
Backup Types
Full
Incremental
Snapshot
Differential
Tape
Disk
Loading page 28...
Copy
Network Attached Storage (NAS)
Storage Area Network (SAN)
Cloud
Image
Online vs. Offline
Distance Considerations
Nonpersistence
Revert to Known State
Last Known-Good Configuration
Live Boot Media
High Availability
Scalability
Restoration Order
Diversity
Technologies
Vendors
Crypto
Controls
Chapter Review
Questions
Answers
Chapter 14 Embedded and Specialized Systems
Embedded Systems
Raspberry Pi
Field Programmable Gate Arrays (FPGAs)
Arduino
Supervisory Control and Data Acquisition (SCADA) /
Industrial Control System (ICS)
Facilities
Industrial
Manufacturing
Energy
Logistics
Internet of Things (IoT)
Network Attached Storage (NAS)
Storage Area Network (SAN)
Cloud
Image
Online vs. Offline
Distance Considerations
Nonpersistence
Revert to Known State
Last Known-Good Configuration
Live Boot Media
High Availability
Scalability
Restoration Order
Diversity
Technologies
Vendors
Crypto
Controls
Chapter Review
Questions
Answers
Chapter 14 Embedded and Specialized Systems
Embedded Systems
Raspberry Pi
Field Programmable Gate Arrays (FPGAs)
Arduino
Supervisory Control and Data Acquisition (SCADA) /
Industrial Control System (ICS)
Facilities
Industrial
Manufacturing
Energy
Logistics
Internet of Things (IoT)
Loading page 29...
Sensors
Smart Devices
Wearables
Facility Automation
Weak Defaults
Specialized Systems
Medical Systems
Vehicle Systems
Aircraft Systems
Smart Meters
Voice over IP (VoIP)
Heating, Ventilation, Air Conditioning (HVAC)
Drones
Multifunction Printers (MFPs)
Real-time Operating Systems (RTOSs)
Surveillance Systems
System on a Chip (SoC)
Communication Considerations
5G
Narrow-Band Radio
Baseband Radio
Subscriber Identity Module (SIM) Cards
Zigbee
Constraints
Power
Compute
Network
Cryptographic Functions
Inability to Patch
Authentication
Range
Cost
Implied Trust
Chapter Review
Questions
Smart Devices
Wearables
Facility Automation
Weak Defaults
Specialized Systems
Medical Systems
Vehicle Systems
Aircraft Systems
Smart Meters
Voice over IP (VoIP)
Heating, Ventilation, Air Conditioning (HVAC)
Drones
Multifunction Printers (MFPs)
Real-time Operating Systems (RTOSs)
Surveillance Systems
System on a Chip (SoC)
Communication Considerations
5G
Narrow-Band Radio
Baseband Radio
Subscriber Identity Module (SIM) Cards
Zigbee
Constraints
Power
Compute
Network
Cryptographic Functions
Inability to Patch
Authentication
Range
Cost
Implied Trust
Chapter Review
Questions
Loading page 30...
Answers
Chapter 15 Physical Security Controls
Bollards/Barricades
Access Control Vestibules
Badges
Alarms
Signage
Cameras
Motion Recognition
Object Detection
Closed-Circuit Television (CCTV)
Industrial Camouflage
Personnel
Guards
Robot Sentries
Reception
Two-Person Integrity/Control
Locks
Biometrics
Electronic
Physical
Cable Locks
USB Data Blocker
Lighting
Fencing
Fire Suppression
Sensors
Motion Detection
Noise Detection
Proximity Reader
Moisture Detection
Cards
Temperature
Drones
Visitor Logs
Chapter 15 Physical Security Controls
Bollards/Barricades
Access Control Vestibules
Badges
Alarms
Signage
Cameras
Motion Recognition
Object Detection
Closed-Circuit Television (CCTV)
Industrial Camouflage
Personnel
Guards
Robot Sentries
Reception
Two-Person Integrity/Control
Locks
Biometrics
Electronic
Physical
Cable Locks
USB Data Blocker
Lighting
Fencing
Fire Suppression
Sensors
Motion Detection
Noise Detection
Proximity Reader
Moisture Detection
Cards
Temperature
Drones
Visitor Logs
Loading page 31...
28 more pages available. Scroll down to load them.
Preview Mode
Sign in to access the full document!
100%
Study Now!
XY-Copilot AI
Unlimited Access
Secure Payment
Instant Access
24/7 Support
Document Chat
Document Details
Subject
CompTIA Certifications