Mike Meyers' CompTIA Security+ SY0-601 Exam Certification Guide, 3rd Edition (2021)

Preview (31 of 1258 Pages)

100%

Purchase to unlock

Loading page image...

ABOUT THE AUTHORSMike Meyers, CompTIA A+, CompTIA Network+, CompTIA Security+, isthe industry’s leading authority on CompTIA certifications and the best-selling author of ten editions ofCompTIA A+ Certification All-in-One ExamGuide(McGraw Hill). He is the president and founder of Total Seminars,LLC, a major provider of PC and network repair seminars for thousands oforganizations throughout the world, and a member of CompTIA.Scott Jernigan, CompTIA ITF+, CompTIA A+, CompTIA Network+,CompTIA Security+, MCP, is the author or co-author (with Mike Meyers) ofover two dozen IT certification books, includingCompTIA IT Fundamentals(ITF+) Certification All-in-One Exam Guide(McGraw Hill). He has taughtseminars on building, fixing, and securing computers and networks all overthe United States, including stints at the FBI Academy in Quantico, Virginia,and the UN Headquarters in New York City, New York.About the Technical EditorMatt Walkeris currently a member of the Cyber Security Infrastructureteam at Kennedy Space Center with DB Consulting. An IT security andeducation professional for more than 20 years, he has served in multiplepositions ranging from director of the Network Training Center and acurriculum lead/senior instructor for Cisco Networking Academy onRamstein AB, Germany, to instructor supervisor and senior instructor atDynetics, Inc., in Huntsville, Alabama, providing onsite certification-awarding classes for (ISC)2, Cisco, and CompTIA. Matt has written andcontributed to numerous technical training books for NASA, Air Educationand Training Command, and the US Air Force, as well as commercially(CEH Certified Ethical Hacker All-in-One Exam Guide, now in its fourth

Loading page image...

edition), and continues to train and write certification and college-level ITand IA security courses.

Loading page image...

Copyright © 2021 by McGraw Hill. All rights reserved. Except as permittedunder the United States Copyright Act of 1976, no part of this publicationmay be reproduced or distributed in any form or by any means, or stored in adatabase or retrieval system, without the prior written permission of thepublisher, with the exception that the program listings may be entered, stored,and executed in a computer system, but they may not be reproduced forpublication.ISBN: 978-1-26-047370-4MHID:1-26-047370-8The material in this eBook also appears in the print version of this title:ISBN: 978-1-26-047369-8, MHID: 1-26-047369-4.eBook conversion by codeMantraVersion 1.0All trademarks are trademarks of their respective owners. Rather than put atrademark symbol after every occurrence of a trademarked name, we usenames in an editorial fashion only, and to the benefit of the trademark owner,with no intention of infringement of the trademark. Where such designationsappear in this book, they have been printed with initial caps.McGraw-Hill Education eBooks are available at special quantity discounts touse as premiums and sales promotions or for use in corporate trainingprograms. To contact a representative, please visit the Contact Us page atwww.mhprofessional.com.Information has been obtained by McGraw Hill from sources believed to bereliable. However, because of the possibility of human or mechanical error byour sources, McGraw Hill, or others, McGraw Hill does not guarantee theaccuracy, adequacy, or completeness of any information and is notresponsible for any errors or omissions or the results obtained from the use ofsuch information.TERMS OF USE

Loading page image...

This is a copyrighted work and McGraw-Hill Education and its licensorsreserve all rights in and to the work. Use of this work is subject to theseterms. Except as permitted under the Copyright Act of 1976 and the right tostore and retrieve one copy of the work, you may not decompile, disassemble,reverse engineer, reproduce, modify, create derivative works based upon,transmit, distribute, disseminate, sell, publish or sublicense the work or anypart of it without McGraw-Hill Education’s prior consent. You may use thework for your own noncommercial and personal use; any other use of thework is strictly prohibited. Your right to use the work may be terminated ifyou fail to comply with these terms.THE WORK IS PROVIDED “AS IS.” McGRAW-HILL EDUCATIONAND ITS LICENSORS MAKE NO GUARANTEES OR WARRANTIESAS TO THE ACCURACY, ADEQUACY OR COMPLETENESS OF ORRESULTS TO BE OBTAINED FROM USING THE WORK, INCLUDINGANY INFORMATION THAT CAN BE ACCESSED THROUGH THEWORK VIA HYPERLINK OR OTHERWISE, AND EXPRESSLYDISCLAIM ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDINGBUT NOT LIMITED TO IMPLIED WARRANTIES OFMERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.McGraw-Hill Education and its licensors do not warrant or guarantee that thefunctions contained in the work will meet your requirements or that itsoperation will be uninterrupted or error free. Neither McGraw-Hill Educationnor its licensors shall be liable to you or anyone else for any inaccuracy, erroror omission, regardless of cause, in the work or for any damages resultingtherefrom. McGraw-Hill Education has no responsibility for the content ofany information accessed through the work. Under no circumstances shallMcGraw-Hill Education and/or its licensors be liable for any indirect,incidental, special, punitive, consequential or similar damages that resultfrom the use of or inability to use the work, even if any of them has beenadvised of the possibility of such damages. This limitation of liability shallapply to any claim or cause whatsoever whether such claim or cause arises incontract, tort or otherwise.

Loading page image...

For the great friends from around the world who sharedthis crazy lockdown with us: Andre de Gooyert, Tullowit,Alice Pozzi, Zak Morrill, Patricia Grace, Jose Braden,and so many others. Cheers!—Mike and Scott

Loading page image...

CONTENTS AT A GLANCEChapter 1Risk ManagementChapter 2CryptographyChapter 3Identity and Account ManagementChapter 4Tools of the TradeChapter 5Securing Individual SystemsChapter 6The Basic LANChapter 7Securing Wireless LANsChapter 8Securing Public ServersChapter 9Securing Dedicated SystemsChapter 10Physical SecurityChapter 11Protocols and ApplicationsChapter 12Testing InfrastructureChapter 13Dealing with IncidentsAppendix AExam Objective MapAppendix BAbout the Online ContentGlossaryIndex

Loading page image...

CONTENTSAcknowledgmentsIntroductionChapter 1Risk ManagementModule 1-1: Defining RiskAssetLikelihoodThreat ActorVulnerability and ThreatCircling Back to the Risk DefinitionVectorsThreat IntelligenceModule 1-2: Risk Management ConceptsInfrastructureSecurity ControlsRisk Management FrameworksModule 1-3: Security ControlsControl CategoriesControl TypesModule 1-4: Risk AssessmentRisk Assessment Processes and ConceptsQuantitative Risk AssessmentQualitative Risk AssessmentPutting It All Together: Risk AnalysisRisk ResponseModule 1-5: Business Impact AnalysisBIA BasicsTypes of ImpactLocating Critical Resources

Loading page image...

Calculating ImpactCalculating DowntimeModule 1-6: Data Security and Data ProtectionOrganizing DataLegal and ComplianceData DestructionPrivacy BreachesModule 1-7: Personnel Risk and PoliciesHiringOnboardingPersonnel Management PoliciesTrainingPoliciesUser HabitsOffboardingModule 1-8: Third-Party Risk and PoliciesThird-Party Risk ManagementAgreement TypesQuestionsAnswersChapter 2CryptographyModule 2-1: Cryptography BasicsEssential Building BlocksEarly CryptographyCryptography ComponentsModule 2-2: Cryptographic MethodsSymmetric CryptographyAsymmetric CryptographyHashingLimitations in Symmetric vs. Asymmetric CryptographyHybrid CryptographyThe Perfect CryptosystemModule 2-3: Symmetric CryptosystemsDES

Loading page image...

3DESAESBlowfishTwofishRC4Summary of Symmetric Algorithm CharacteristicsModule 2-4: Asymmetric CryptosystemsRSADiffie-HellmanPGP/GPGECCElGamalModule 2-5: Hashing AlgorithmsHashing ProcessMD5SHARIPEMDHMACModule 2-6: Digital Signatures and CertificatesDigital SignaturesDigital CertificatesModule 2-7: Public Key InfrastructureKeys, Algorithms, and StandardsPKI ServicesDigital Certificates and PKI StructureKey SafetyTrust ModelsModule 2-8: Cryptographic AttacksAttack StrategiesAttackable DataAttack ScenariosDefending Password StorageOther Attack OptionsModule 2-9: Other CryptosystemsHomomorphic Encryption

Loading page image...

BlockchainQuantum CryptographyQuestionsAnswersChapter 3Identity and Account ManagementModule 3-1: Understanding AuthenticationIdentification and AAAIdentification and AuthenticationAuthorizationAccountingTrustModule 3-2: Authentication Methods and Access ControlsAuthentication MethodsBiometricsAuthorization and Access Control Schemes/ModelsModule 3-3: Account ManagementUser AccountsAccount PoliciesAccount AdministrationModule 3-4: Point-to-Point AuthenticationPAPCHAP/MS-CHAPRemote Access Connection and Authentication ServicesModule 3-5: Network AuthenticationThe Challenge of LAN Access ManagementMicrosoft NetworkingLDAP and Secure LDAPModule 3-6: Identity Management SystemsTrustShared Authentication SchemesQuestionsAnswersChapter 4Tools of the Trade

Loading page image...

Module 4-1: Operating System UtilitiesNetwork Reconnaissance and DiscoveryFile ManipulationShell and Script EnvironmentsModule 4-2: Network ScannersScanning MethodsScanning TargetsScanner TypesModule 4-3: Protocol AnalyzersWhy Protocol Analyze?WiresharktcpdumpModule 4-4: Monitoring NetworksExploring Log FilesCentralizing Log FilesSecurity Information and Event ManagementLog File ManagementQuestionsAnswersChapter 5Securing Individual SystemsModule 5-1: Types of System AttacksAttacking ApplicationsDriver ManipulationMalicious Code or Script ExecutionModule 5-2: MalwareVirusCryptomalware/RansomwareWormTrojan HorsePotentially Unwanted ProgramsBots/BotnetsLogic BombKeyloggerRAT

Loading page image...

RootkitBackdoorModule 5-3: Cybersecurity ResilienceNon-persistenceRedundancyDiversityModule 5-4: Securing HardwarePhysical AttacksSecuring the SystemsSecuring Boot IntegrityModule 5-5: Securing EndpointsHardening Operating SystemsAnti-malwareData Execution PreventionFile Integrity MonitorsData Loss PreventionModule 5-6: System RecyclingClearPurgeDestroyQuestionsAnswersChapter 6The Basic LANModule 6-1: Layer 2 LAN AttacksARP PoisoningMan-in-the-Middle AttacksMAC FloodingMAC CloningModule 6-2: Organizing LANsConfiguration ManagementNetwork SegmentationLoad BalancingModule 6-3: Implementing Secure Network DesignsSecuring the LAN

Loading page image...

Internet Connection FirewallsSecuring ServersModule 6-4: Virtual Private NetworksHow VPNs WorkEarly VPNsIPsec VPNsTLS VPNsModule 6-5: Network-Based Intrusion Detection/PreventionDetection vs. PreventionDetecting AttacksConfiguring Network-Based IDS/IPSMonitoring NIDS/NIPSEndpoint Detection and ResponseQuestionsAnswersChapter 7Securing Wireless LANsModule 7-1: Networking with 802.11Wireless Cryptographic ProtocolsWireless Authentication ProtocolsModule 7-2: Attacking 802.11Wireless Survey/StumblerPacket CaptureAttack ToolsRogue Access PointJammingPacket SniffingDeauthentication AttackNear-Field CommunicationReplay AttacksWEP/WPA AttacksWPS AttacksWireless PeripheralsModule 7-3: Securing 802.11Installation Considerations

Loading page image...

Wireless ConfigurationSecurity Posture AssessmentQuestionsAnswersChapter 8Securing Public ServersModule 8-1: Attacking and Defending Public ServersDistributed Denial-of-ServiceRoute SecurityQuality of ServiceMonitoring ServicesModule 8-2: Virtualization SecurityVirtualization ArchitectureContainersVirtualization RisksUsing Virtualization for SecurityModule 8-3: Cloud DeploymentLet’s Talk AmazonCloud Deployment ModelsCloud Architecture ModelsCloud Growing PainsModule 8-4: Securing the CloudCloud Security ControlsUnique Cloud Security SolutionsQuestionsAnswersChapter 9Securing Dedicated SystemsModule 9-1: Embedded, Specialized, and Mobile SystemsEmbedded SystemsSCADA/ICSInternet of ThingsSpecialized SystemsMobile SystemsModule 9-2: Connecting to Dedicated Systems

Loading page image...

Common Communication TechnologiesIoT-Specific Communication TechnologiesModule 9-3: Security Constraints for Dedicated SystemsHardwareProgrammingConnectivityModule 9-4: Implementing Secure Mobile SolutionsMobile Device ManagementDeployment ModelsInventory Control and Asset TrackingApplication Management and SecurityEncryption and AuthenticationEnforcement and Monitoring for Device SecurityQuestionsAnswersChapter 10Physical SecurityModule 10-1: Physical Security ControlsPassive Defensive Systems and Perimeter ControlsActive Alert SystemsManned Defensive SystemsModule 10-2: Environmental ControlsEMI and RFI ShieldingFire SuppressionHVACTemperature and Humidity ControlsHot and Cold AislesEnvironmental MonitoringQuestionsAnswersChapter 11Secure Protocols and ApplicationsModule 11-1: Secure Internet ProtocolsDNS SecuritySNMP

Loading page image...

SSHFTPSRTPModule 11-2: Secure Web and E-mailHTTPHTTPSE-mailModule 11-3: Web Application AttacksInjection AttacksHijacking and Related AttacksOther Web Application AttacksModule 11-4: Application SecurityDevelopmentCode Quality and TestingStagingProductionQuality AssuranceGetting OrganizedModule 11-5: Certificates in SecurityCertificate Concepts and ComponentsPKI ConceptsOnline vs. Offline CAPKI TLS ScenarioTypes of CertificatesCertificate FormatsKey EscrowQuestionsAnswersChapter 12Testing InfrastructureModule 12-1: Vulnerability ImpactDevice/Hardware VulnerabilitiesConfiguration VulnerabilitiesManagement/Design VulnerabilitiesModule 12-2: Social Engineering

Loading page image...

Social Engineering GoalsPrinciplesTypes of AttacksModule 12-3: Artificial IntelligenceUnderstanding Artificial IntelligenceMachine Learning EssentialsOSINTAdversarial Artificial IntelligenceModule 12-4: Security AssessmentThreat HuntingVulnerability ScansPenetration TestingModule 12-5: Assessment ToolsProtocol AnalyzerNetwork ScannerVulnerability ScannerConfiguration Compliance ScannerPenetration Testing with MetasploitSpecific Tools Mentioned by CompTIAInterpreting Security Assessment Tool ResultsQuestionsAnswersChapter 13Dealing with IncidentsModule 13-1: Incident ResponseIncident Response ConceptsIncident Response ProceduresScenarios: Mitigation During and After an IncidentModule 13-2: Digital ForensicsDigital Forensics ConceptsData VolatilityCritical Forensics PracticesData AcquisitionAnalyzing EvidenceModule 13-3: Continuity of Operations and Disaster Recovery

Loading page image...

Risk Management Best PracticesContingency Planning and ResilienceFunctional Recovery PlansBackup and Restore Plans and PoliciesQuestionsAnswersAppendix AExam Objective MapExam SY0-601Appendix BAbout the Online ContentSystem RequirementsYour Total Seminars Training Hub AccountPrivacy NoticeSingle User License Terms and ConditionsTotalTester OnlineOther Book ResourcesVideo Training from Mike MeyersTotalSim SimulationsMike’s Cool ToolsTechnical SupportGlossaryIndex

Loading page image...

ACKNOWLEDGMENTSIn general, we’d like to thank our amazing teams at McGraw Hill andKnowledgeWorks Global Ltd. for such excellent support and brilliant workediting, laying out, and publishing this edition. Special shout out to our co-workers at Total Seminars—Michael Smyer, Dave Rush, and Travis Everett—for listening to us rant and providing excellent feedback.We’d like to acknowledge the many people who contributed their talentsto make this book possible:ToTim Green, our acquisitions editor at McGraw Hill: Thank you forthe steady encouragement during this crazy year. You’re the best!ToMatt Walker, technical editor: Excellent working with you! Thanksfor laughing at our geeky jokes and sharing great stories.ToBill McManus, copy editor: What an absolute delight to do thisproject with you! Your efforts made this a much better book.ToEmily Walters, acquisitions coordinator at McGraw Hill: Thanksfor the Friday meetings and slightly menacing cat-on-lap petting. Way tokeep us on track!ToNeelu Sahu, project manager at KnowledgeWorks Global Ltd.:Enjoyed working with you, Neelu. Hope the somewhat chaotic pacing wasn’ttoo stressful!ToLisa McCoy, proofreader: Fabulous job, thanks!ToTed Laux, indexer extraordinaire: Well done!ToKnowledgeWorks Global Ltd. compositors: The layout wasexcellent, thanks!ToJanet Walden, editorial supervisor at McGraw Hill: Great to workwith you on this project! Next time we’ll make a few extra changes in pageproofs just for you!ToTom Somers, production supervisor at McGraw Hill: Thanks forwaving that magic wand of yours and making so much happen as smoothly aspossible.

Loading page image...

INTRODUCTIONMost societies teem with a host of networked devices, from servers tosmartphones, that provide the backbone for much of modern life. People andcompanies use these devices to produce and sell products and services,communicate around the globe, educate at every level, and manage themechanisms of governments everywhere. Networked devices and thecomplex networks that interconnect them offer advances for humanity on parwith, or perhaps beyond, the Agricultural and Industrial Revolutions. That’sthe good news.The bad news is the fact that reliance on these devices creates a securityrisk to the resources placed on them. Networks can lose critical data andconnections, both of which equate to loss of energy, confidence, time, andmoney. To paraphrase a few words from the American statesman, JamesMadison, if humans were angels, there’d be no need for securityprofessionals. But humans are at best negligent and at worst petty, vindictive,and astoundingly creative in pursuit of your money and secrets.Networked devices and the networks that interconnect them need securityprofessionals to stand guard. The need for security professionals ininformation technology (IT) far outstrips demand, and we assume that’s whyyou picked up this book. You see the trend and want to take the first step tobecoming an IT security professional by attaining the acknowledged firstsecurity certification to get CompTIA Security+.This introduction starts with an overview of the goals of security, to put aframework around everything you’re going to learn. Second, we’ll discussthe CompTIA Security+ certification and look at exam details. Finally, thisintroduction details the overall structure of the book, providing a roadmap forstudying for the exam.Goals of SecurityTraditional computer security theory balances among three critical elements:

Loading page image...

functionality, security, and the resources available to ensure both. From afunctionalitystandpoint, systems must function as people need them tofunction to process the data needed. Users and other systems need to interfacewith systems and data seamlessly to get work done. Don’t confusefunctionality with free rein. Allowing users to do whatever they wish withsystems and data may result in loss, theft, or destruction of systems and data.Therefore, functionality must balance with security.From thesecuritystandpoint, however, increasing the levels of protectionfor systems and data usuallyreducesfunctionality. Introducing securitymechanisms and procedures into the mix doesn’t always allow users to see orinteract with data and systems the way they would like. This usually means areduction in functionality to some degree.To add another wrinkle, theresourcesexpended toward functionality andsecurity, and the balance between them, are finite. No one has all the moneyor resources they need or as much functionality or security as they want.Keep in mind, therefore, that the relationship between functionality andsecurity is inversely proportional; that is to say, the more security in place,the less functionality, and vice versa. Also, the fewer resources a person ororganization has, the less of either functionality or security they can afford.Figure 1 illustrates this careful balancing act among the three elements offunctionality, security, and resources.Figure 1Balancing functionality, security, and resourcesSecurity theory follows three goals, widely considered the foundations ofthe IT security trade: confidentiality, integrity, and availability. Securityprofessionals work to achieve these goals in every security program andtechnology. These three goals inform all the data and the systems that processit. The three goals of security are called theCIA triad. Figure 2 illustrates thethree goals of confidentiality, integrity, and availability.

Loading page image...

Figure 2The CIA triadNOTEThe CIA triad is put into practice through various security mechanisms andcontrols. Every security technique, practice, and mechanism put into place toprotect systems and data relates in some fashion to ensuring confidentiality,integrity, and availability.ConfidentialityConfidentialitytries to keep unauthorized people from accessing, seeing,reading, or interacting with systems and data. Confidentiality is acharacteristic met by keeping data secret from people who aren’t allowed tohave it or interact with it in any way, while making sure that only thosepeople who do have the right to access it can do so. Systems achieveconfidentiality through various means, including the use of permissions todata, encryption, and so on.

Loading page image...

IntegrityMeeting the goal ofintegrityrequires maintaining data and systems in apristine, unaltered state when they are stored, transmitted, processed, andreceived, unless the alteration is intended due to normal processing. In otherwords, there should be no unauthorized modification, alteration, creation, ordeletion of data. Any changes to data must be done only as part of authorizedtransformations in normal use and processing. Integrity can be maintained bythe use of a variety of checks and other mechanisms, including datachecksums and comparison with known or computed data values.AvailabilityMaintainingavailabilitymeans ensuring that systems and data are availablefor authorized users to perform authorized tasks, whenever they need them.Availability bridges security and functionality, because it ensures that usershave a secure, functional system at their immediate disposal. An extremelysecure system that’s not functional is not available in practice. Availability isensured in various ways, including system redundancy, data backups,business continuity, and other means.During the course of your study, keep in mind the overall goals in ITsecurity. First, balance three critical elements: functionality, security, and theresources available to ensure both. Second, focus on the goals of the CIAtriad—confidentiality, integrity, and availability—when implementing,reviewing, managing, or troubleshooting network and system security. Thebook returns to these themes many times, tying new pieces of knowledge tothis framework.CompTIA Security+ CertificationThe CompTIA Security+ certification has earned the reputation as the firststep for anyone pursuing a career in the highly complex, highly convoluted,and still very much evolving world of IT security. Let’s start with adescription of CompTIA, then look at the specifics of the certification.

Loading page image...

CompTIATheComputing Technology Industry Association (CompTIA)is a nonprofit,industry-wide organization of just about everyone in the IT industry. Thedifferent aspects of CompTIA’s mission include certification, education, andpublic policy.As of this writing, CompTIA offers 13 vendor-neutral certificationscovering a wide range of information technology areas. Examples of some ofthese areas and certifications include CompTIA Linux+ (focusing on theLinux operating system), CompTIA A+ (which focuses on computertechnology support fundamentals), CompTIA Network+ (covering differentnetwork technologies), and, of course, CompTIA Security+.CompTIA certifications are considered thede factostandard in theindustry in some areas. Because they are vendor neutral, almost all CompTIAcertifications cover basic knowledge of fundamental concepts of a particularaspect of IT. CompTIA works hard to develop exams that accurately validateknowledge that professionals must have in that area. This enables employersand others to be confident that the individual’s knowledge meets a minimumlevel of skill, standardized across the industry.The CompTIA Security+ ExamLet’s state up front that CompTIA does not have any requirements forindividuals who want to take the CompTIA Security+ exam. There are noprerequisites for certification or definitive requirements for years ofexperience. CompTIA does have several recommendations, on the otherhand, including knowledge that might be validated by other CompTIAcertifications such as the CompTIA Network+ certification. In other words,the level of networking knowledge you are expected to have before you takethe CompTIA Security+ exam is the level that you would have aftersuccessfully completing the CompTIA Network+ certification. Here areCompTIA’s recommendations:• Network+ certification• Two years of experience in IT systems administration, with a focus onsecurity

Loading page image...

You should have experience in several areas, such as networkingknowledge, basic information security concepts, hardware, software (bothoperating systems and applications), cryptography, physical security, and soon. The next few sections cover specific exam objectives that you need toknow.The following table shows the six domains in the CompTIA Security+Certification Exam Objectives document for exam SY0-601. Each of thesedomains has very detailed exam objectives.Threats, Attacks, and VulnerabilitiesDomain 1.0 is all about the attacks, from malware to application attacks. It’scritical you know your keyloggers from your RATs and your bufferoverflows from your cross-site scripting. In addition, you should recognizethe threat actors, from script kiddies to evil governments to incompetentusers. Along with the threats and attacks, you should understand differenttypes of vulnerabilities that enable these attacks to thrive and the two maintools you use to minimize those vulnerabilities, security assessments, andpenetration testing.Architecture and DesignDomain 2.0 explores a lot of topics under its benign-sounding title. You’reexpected to explain important security concepts, such as data protection,hashing, and site resiliency. The domain covers cloud models, such asinfrastructure as a service (IaaS); you’ll need to summarize containers,infrastructure as code, and virtualization. In addition, this domain covers thedesign of secure applications and security for embedded systems.Domain 2.0 requires you to know how to use security devices, protocols,and tools. This domain covers the frameworks that enable secure IT, the

Loading page image...

design concepts such as defense-in-depth, and benchmarks used to measuresecurity. This domain covers technologies to defend networks, such asVLANs, screened subnets, and wireless designs. In addition, this domaincovers the design of secure applications and security for embedded systems.Domain 2.0 also covers physical security controls, such as fencing and fireprevention.Finally, domain 2.0 expects knowledge of cryptographic concepts. You’llget questions on symmetric versus asymmetric cryptography, for example.The objectives explore public key encryption, keys, salting, hashing, andmore.ImplementationThe key with domain 3.0 is in the name, “Implementation.” Conceptsdiscussed in other domains get scenario-level in this domain. Domain 3.0goes into great detail about authentication, authorization, and accounting. Itexpects you to know and implement authentication and the many identity andaccess services such as LDAP and Kerberos. The domain addressesauthorization via user groups and accounts and the tools and methods used tocontrol them. You’ll need to know how to implement secure wireless andmobile solutions, plus apply cybersecurity solutions to cloud computing.Finally, the domain expects you to understand how to implement public keyinfrastructure.Operations and Incident ResponseDomain 4.0 explores organizational security, such as incident responsepolicies and procedures. You’ll need to know mitigation techniques andcontrols, plus practical forensic practices, such as how to acquire and handleevidence.Governance, Risk, and ComplianceDomain 5.0 defines critical concepts in risk management, such as events,exposures, incidents, and vulnerability. You’re expected to know risk-relatedtools, such as business impact analysis, assessments, incident response, anddisaster recovery/business continuity. You’ll need to understand theregulations, standards, and frameworks that impact operational security and

Loading page image...

explain policies that organizations use to implement security. Finally, thedomain expects you to know how privacy and sensitive data use impactssecurity.Getting CertifiedThis book covers everything you’ll need to know for CompTIA’s Security+certification exam. The book is written in a modular fashion, with short,concise modules within each chapter devoted to specific topics and areasyou’ll need to master for the exam. Each module covers specific objectivesand details for the exam, as defined by CompTIA. We’ve arranged theseobjectives in a manner that makes fairly logical sense from a learningperspective, and we think you’ll find that arrangement will help you inlearning the material.NOTEThroughout the book, you’ll see helpful Notes and Exam Tips. Theseelements offer insight on how the concepts you’ll study apply in the realworld. Often, they may give you a bit more information on a topic than whatis covered in the text or expected on the exam. And they may also be helpfulin pointing out an area you need to focus on or important topics that you maysee on the test.End of Chapter QuestionsAt the end of each chapter you’ll find questions that will test your knowledgeand understanding of the concepts discussed in the modules. The questionsalso include an answer key, with explanations of the correct answers.Using the Exam Objective MapThe Exam Objective map included in Appendix A has been constructed to

Loading page image...

help you cross-reference the official exam objectives from CompTIA with therelevant coverage in the book. References have been provided for the examobjectives exactly as CompTIA has presented them—the module that coversthat objective, the chapter, and a page reference are included.Online ResourcesThe online resources that accompany this book feature the TotalTester examsoftware that enables you to generate a complete practice exam or quizzes bychapter or by exam domain. See Appendix B for more information.Study Well and Live BetterWe enjoyed writing this book and hope you will enjoy reading it as well.Good luck in your studies and good luck on the CompTIA Security+ exam. Ifyou have comments, questions, or suggestions, tag us:Mike: desweds@protonmail.comScott: jernigan.scott@gmail.com

Preview Mode

This document has 1258 pages. Sign in to access the full document!

Report

Study Now!

Document Details

Related Documents

CompTIA CySA+ Study Guide, 3rd Edition (2023)

CompTIA CySA+ Cybersecurity Analyst Certification All-in-One Exam Guide (Exam CS0-003) (2024)

CompTIA DataX Study Guide: Exam DY0-001 (2024)

CompTIA CySA+ Practice Tests: Exam CS0-003 (2023)

CompTIA Tech+ CertMike Exam FC0-U71 (2024)

CompTIA Security+ Practice Tests: Exam SY0-701 (2024)

CompTIA Network+ Study Guide: Exam N10-009 (2024)

CompTIA Network+ Practice Tests: Exam N10-009 (2024)

CompTIA DataSys+ Study Guide : Exam DS0-001 (2023)

CompTIA Security+ Study Guide with over 500 Practice Test Questions : Exam SY0-701 (2023)

Company

Explore

Study Tools