CompTIA Security+ Get Certified Get Ahead
SY0-701 Study Guide
1st Edition
Published on 7. November 2023
672 pages
979-8-9889848-1-8 (ISBN)
Description
Your complete resource for passing the Security+ exam on the first try.
The CompTIA Security+ Get Certified Get Ahead SY0-701 Study Guide has helped thousands of readers pass the exam on their first attempt.
This book covers all of the SY0-701 objectives and includes the same elements readers raved about in the previous versions. Each of the eleven chapters presents topics in an easy-to-understand manner and includes real-world examples of security principles in action. The authors use many of the same analogies and explanations that they honed in the classroom that have helped thousands of students master the Security+ content.
With this book, you'll understand the important and relevant security topics for the Security+ exam without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive Exam Topic Review section to help you focus on what's important.
Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The study guide includes a 50-question pre-test, practice test questions at the end of every chapter, as well as a full 90-question practice exam. Each question includes a detailed explanation, helping you understand why the correct answers are correct and why the incorrect answers are wrong. Using these resources, you'll be ready to take and pass the exam the first time you take it.
If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you'll be a step ahead for other exams. This SY0-701 study guide is for any IT or security professional interested in advancing in their field and a must-read for anyone striving to master the basics of IT systems security.
More details
Persons
Joe Shelley, M.A., Security+, CIPP/US, CIPM, is a Chief Information Officer working in higher education. He oversees information security and privacy programs, IT infrastructure, IT risk management, business intelligence and analytics, data governance, and IT services.
Content
- Intro
- Introduction
- Who This Book Is For
- Appendices
- How to Use This Book
- Remember This
- Vendor Neutral
- Additional Online Resources
- Additional Web Resources
- Assumptions
- Set a Goal
- About the Exam
- Passing Score
- Exam Prerequisites
- Beta Questions
- Exam Format
- Question Types
- Multiple Choice
- Performance-Based Questions
- Question Complexity
- Practice Test Questions Strategy
- Exam Test Provider
- Voucher Code for 10 Percent Off
- Exam Domains
- Exam Objectives to Chapter Map
- 1.0 General Security Concepts
- 2.0 Threats, Vulnerabilities, and Mitigations
- 3.0 Security Architecture
- 4.0 Security Operations
- 5.0 Security Program Management and Oversight
- Recertification Requirements
- 701 Pre-Assessment Questions
- Pre-Assessment Answers
- Chapter 1: Mastering Security Basics
- Understanding Core Security Goals
- Security Scenarios
- Ensure Confidentiality
- Provide Integrity
- Increase Availability
- Resource Availability Versus Security Constraints
- Introducing Basic Risk Concepts
- Selecting Effective Security Controls
- Control Categories
- Technical Controls
- Managerial Controls
- Operational Controls
- Physical Controls
- Control Types
- Preventive Controls
- Deterrent Controls
- Detective Controls
- Corrective Controls
- Compensating Controls
- Directive Controls
- Combining Control Categories and Types
- Logging and Monitoring
- Operating System/Endpoint Logs
- Windows Logs
- Linux Logs
- Network Logs
- Firewall Logs
- IDS/IPS Logs
- Packet Captures
- Application Logs
- Metadata
- Centralized Logging and Monitoring
- SIEM Systems
- Syslog
- Chapter 1 Exam Topic Review
- Chapter 1 Practice Questions
- Practice Question Answers
- Chapter 2: Understanding Identity and Access Management
- Exploring Authentication Management
- Comparing Identification and AAA
- Comparing Authentication Factors
- Something You Know
- Something You Have
- Something You Are
- Two-Factor and Multifactor Authentication
- Passwordless Authentication
- Authentication Log Files
- Managing Accounts
- Credential Policies and Account Types
- Privileged Access Management
- Requiring Administrators to Use Two Accounts
- Prohibiting Shared and Generic Accounts
- Deprovisioning
- Time-Based Logins
- Account Audits
- Comparing Authentication Services
- Single Sign-On
- LDAP
- SSO and a Federation
- SAML
- SAML and Authorization
- OAuth
- Authorization Models
- Role-Based Access Control
- Using Roles Based on Jobs and Functions
- Documenting Roles with a Matrix
- Establishing Access with Group-Based Privileges
- Rule-Based Access Control
- Discretionary Access Control
- Filesystem Permissions
- SIDs and DACLs
- Mandatory Access Control
- Labels and Lattice
- Establishing Access
- Attribute-Based Access Control
- Analyzing Authentication Indicators
- Chapter 2 Exam Topic Review
- Chapter 2 Practice Questions
- Practice Question Answers
- Chapter 3: Exploring Network Technologies and Tools
- Reviewing Basic Networking Concepts
- OSI Model
- Basic Networking Protocols
- Implementing Protocols for Use Cases
- Data in Transit Use Cases
- Email and Web Use Cases
- Directory Use Cases
- Voice and Video Use Cases
- Remote Access Use Case
- Time Synchronization Use Case
- Network Address Allocation Use Case
- Domain Name Resolution Use Case
- Understanding Basic Network Infrastructure
- Switches
- Hardening Switches
- Routers
- Hardening Routers
- Simple Network Management Protocol
- Firewalls
- Host-Based Firewalls
- Network-Based Firewalls
- Failure Modes
- Implementing Network Designs
- Security Zones
- Screened Subnet
- Network Address Translation Gateway
- Physical Isolation and Air Gaps
- Logical Separation and Segmentation
- Network Appliances
- Proxy Servers
- Caching Content for Performance
- Content Filtering
- Reverse Proxy
- Unified Threat Management
- Jump Server
- Zero Trust
- Control Plane vs. Data Plane
- Secure Access Service Edge
- Chapter 3 Exam Topic Review
- Chapter 3 Practice Questions
- Practice Question Answers
- Chapter 4: Securing Your Network
- Exploring Advanced Security Devices
- Understanding IDSs and IPSs
- HIDS
- NIDS
- Sensor and Collector Placement
- Detection Methods
- Data Sources and Trends
- Reporting Based on Rules
- Alert Response and Validation
- IPS Versus IDS-In-line Versus Passive
- Honeypots
- Honeynets
- Honeyfile
- Honeytokens
- Securing Wireless Networks
- Reviewing Wireless Basics
- Band Selection and Channel Overlaps
- MAC Filtering
- Site Surveys and Heat Maps
- Access Point Installation Considerations
- Wireless Cryptographic Protocols
- WPA2 and CCMP
- Open, PSK, and Enterprise Modes
- WPA3 and Simultaneous Authentication of Equals
- Authentication Protocols
- IEEE 802.1X Security
- Controller and Access Point Security
- Captive Portals
- Understanding Wireless Attacks
- Disassociation Attacks
- Wi-Fi Protected Setup
- Rogue Access Point
- Evil Twin
- Jamming Attacks
- IV Attacks
- Near Field Communication Attacks
- RFID Attacks
- Bluetooth Attacks
- Wireless Replay Attacks
- War Driving and War Flying
- Using VPNs for Remote Access
- VPNs and VPN Concentrators
- Remote Access VPN
- IPsec as a Tunneling Protocol
- SSL/TLS as a Tunneling Protocol
- Split Tunnel Versus Full Tunnel
- Site-to-Site VPNs
- Always-On VPN
- L2TP as a Tunneling Protocol
- HTML5 VPN Portal
- Network Access Control
- Host Health Checks
- Agent Versus Agentless NAC
- Authentication and Authorization Methods
- PAP
- CHAP
- RADIUS
- TACACS+
- AAA Protocols
- Chapter 4 Exam Topic Review
- Chapter 4 Practice Questions
- Practice Question Answers
- Chapter 5: Securing Hosts and Data
- Virtualization
- Thin Clients and Virtual Desktop Infrastructure
- Containerization
- VM Escape Protection
- VM Sprawl Avoidance
- Resource Reuse
- Replication
- Snapshots
- Implementing Secure Systems
- Endpoint Security Software
- Hardening Workstations and Servers
- Configuration Enforcement
- Secure Baseline and Integrity Measurements
- Using Master Images for Baseline Configurations
- Patching and Patch Management
- Change Management
- Application Allow and Block Lists
- Disk Encryption
- Boot Integrity
- Boot Security and UEFI
- Trusted Platform Module
- Hardware Security Module
- Decommissioning and Disposal
- Protecting Data
- Data Loss Prevention
- Removable Media
- Protecting Confidentiality with Encryption
- Database Security
- Protecting Data in Use
- Summarizing Cloud Concepts
- Cloud Delivery Models
- Software as a Service
- Platform as a Service
- Infrastructure as a Service
- Cloud Deployment Models
- Multi-cloud Systems
- Application Programming Interfaces
- Microservices and APIs
- Managed Security Service Provider
- Cloud Service Provider Responsibilities
- Cloud Security Considerations
- On-Premises Versus Off-Premises
- On-Premises
- Off-Premises
- Hardening Cloud Environments
- Cloud Access Security Broker
- Cloud-Based DLP
- Next-Generation Secure Web Gateway
- Cloud Firewall Considerations
- Infrastructure as Code
- Software-Defined Networking
- Edge and Fog Computing
- Deploying Mobile Devices Securely
- Mobile Device Deployment Models
- Connection Methods and Receivers
- Mobile Device Management
- Hardening Mobile Devices
- Unauthorized Software
- Hardware Control
- Unauthorized Connections
- Exploring Embedded Systems
- Understanding Internet of Things
- ICS and SCADA Systems
- Embedded Systems Components
- Hardening Specialized Systems
- Embedded System Constraints
- Chapter 5 Exam Topic Review
- Chapter 5 Practice Questions
- Practice Question Answers
- Chapter 6: Comparing Threats, Vulnerabilities, and Common Attacks
- Understanding Threat Actors
- Threat Actor Types
- Attacker Attributes
- Threat Actor Motivations
- Threat Vectors and Attack Surfaces
- Shadow IT
- Determining Malware Types
- Viruses
- Worms
- Logic Bombs
- Trojans
- Remote Access Trojan
- Keyloggers
- Spyware
- Rootkit
- Ransomware
- Bloatware
- Potential Indicators of a Malware Attack
- Recognizing Common Attacks
- Social Engineering and Human Vectors
- Impersonation
- Shoulder Surfing
- Disinformation
- Tailgating and Access Control Vestibules
- Dumpster Diving
- Watering Hole Attacks
- Business Email Compromise
- Typosquatting
- Brand Impersonation
- Eliciting Information
- Pretexting
- Message-Based Attacks
- Spam
- Spam over Instant Messaging
- Phishing
- Spear Phishing
- Whaling
- Vishing
- Smishing
- One Click Lets Them In
- Blocking Malware and Other Attacks
- Spam Filters
- Antivirus and Anti-Malware Software
- Signature-Based Detection
- Heuristic-Based Detection
- File Integrity Monitors
- Why Social Engineering Works
- Authority
- Intimidation
- Consensus
- Scarcity
- Urgency
- Familiarity
- Trust
- Threat Intelligence Sources
- Research Sources
- Chapter 6 Exam Topic Review
- Chapter 6 Practice Questions
- Practice Question Answers
- Chapter 7: Protecting Against Advanced Attacks
- Identifying Network Attacks
- Denial of Service Attacks
- SYN Flood Attacks
- Forgery
- On-Path Attacks
- Secure Sockets Layer Stripping
- DNS Attacks
- DNS Poisoning Attacks
- Pharming Attack
- URL Redirection
- Domain Hijacking
- DNS Filtering
- DNS Log Files
- Replay Attacks
- Summarizing Secure Coding Concepts
- Input Validation
- Client-Side and Server-Side Input Validation
- Other Input Validation Techniques
- Avoiding Race Conditions
- Proper Error Handling
- Code Obfuscation
- Software Diversity
- Outsourced Code Development
- Data Exposure
- HTTP Headers
- Secure Cookie
- Code Signing
- Analyzing and Reviewing Code
- Software Version Control
- Secure Development Environment
- Database Concepts
- SQL Queries
- Web Server Logs
- Other Application Attacks
- Memory Vulnerabilities
- Memory Leak
- Buffer Overflows and Buffer Overflow Attacks
- Integer Overflow
- Other Injection Attacks
- DLL Injection
- LDAP Injection
- XML Injection
- Directory Traversal
- Cross-Site Scripting
- Automation and Orchestration for Secure Operations
- Automation and Scripting Use Cases
- Benefits of Automation and Scripting
- Other Considerations
- Chapter 7 Exam Topic Review
- Chapter 7 Practice Questions
- Practice Question Answers
- Chapter 8: Using Risk Management Tools
- Understanding Risk Management
- Threats
- Risk Identification
- Risk Types
- Vulnerabilities
- Risk Management Strategies
- Risk Assessment Types
- Risk Analysis
- Supply Chain Risks
- Comparing Scanning and Testing Tools
- Checking for Vulnerabilities
- Network Scanners
- Vulnerability Scanning
- Credentialed vs. Non-Credentialed Scans
- Configuration Review
- Penetration Testing
- Rules of Engagement
- Reconnaissance
- Footprinting Versus Fingerprinting
- Initial Exploitation
- Persistence
- Lateral Movement
- Privilege Escalation
- Pivoting
- Known, Unknown, and Partially Known Testing Environments
- Cleanup
- Responsible Disclosure Programs
- System and Process Audits
- Intrusive Versus Non-Intrusive Testing
- Responding to Vulnerabilities
- Remediating Vulnerabilities
- Validation of Remediation
- Capturing Network Traffic
- Packet Capture and Replay
- Tcpreplay and Tcpdump
- NetFlow
- Understanding Frameworks and Standards
- ISO Standards
- Industry-Specific Frameworks
- NIST Frameworks
- NIST Risk Management Framework
- NIST Cybersecurity Framework
- Reference Architecture
- Benchmarks and Configuration Guides
- Audits and Assessments
- Chapter 8 Exam Topic Review
- Chapter 8 Practice Questions
- Practice Question Answers
- Chapter 9: Implementing Controls to Protect Assets
- Comparing Physical Security Controls
- Access Badges
- Increasing Security with Personnel
- Monitoring Areas with Video Surveillance
- Sensors
- Fencing, Lighting, and Alarms
- Securing Access with Barricades
- Access Control Vestibules
- Asset Management
- Hardware Asset Management
- Software Asset Management
- Data Asset Management
- Platform Diversity
- Physical Attacks
- Card Skimming and Card Cloning
- Brute Force Attacks
- Environmental Attacks
- Adding Redundancy and Fault Tolerance
- Single Point of Failure
- Disk Redundancies
- RAID-0
- RAID-1
- RAID-5 and RAID-6
- RAID-10
- Server Redundancy and High Availability
- Active/Active Load Balancers
- Active/Passive Load Balancers
- NIC Teaming
- Power Redundancies
- Protecting Data with Backups
- Backup Media
- Online Versus Offline Backups
- Full Backups
- Recovering a Full Backup
- Differential Backups
- Order of Recovery for a Full/Differential Backup Set
- Incremental Backups
- Order of Recovery for a Full/Incremental Backup Set
- Choosing Full/Incremental or Full/Differential
- Snapshot and Image Backups
- Replication and Journaling
- Backup Frequency
- Testing Backups
- Backups and Geographic Considerations
- Comparing Business Continuity Elements
- Business Impact Analysis Concepts
- Site Risk Assessment
- Impact
- Recovery Time Objective
- Recovery Point Objective
- Comparing MTBF and MTTR
- Continuity of Operations Planning
- Site Resiliency
- Restoration Order
- Disaster Recovery
- Testing Plans with Exercises
- Tabletop Exercises
- Simulations
- Parallel Processing
- Fail Over Tests
- Capacity Planning
- Chapter 9 Exam Topic Review
- Chapter 9 Practice Questions
- Practice Question Answers
- Chapter 10: Understanding Cryptography and PKI
- Introducing Cryptography Concepts
- Providing Integrity with Hashing
- Hash Versus Checksum
- MD5
- Secure Hash Algorithms
- HMAC
- Hashing Files
- Hashing Messages
- Using HMAC
- Hashing Passwords
- Understanding Hash Collisions
- Understanding Password Attacks
- Dictionary Attacks
- Brute Force Attacks
- Password Spraying Attacks
- Pass the Hash Attacks
- Birthday Attacks
- Rainbow Table Attacks
- Salting Passwords
- Key Stretching
- Providing Confidentiality with Encryption
- Symmetric Encryption
- Block Versus Stream Ciphers
- Common Symmetric Algorithms
- AES
- 3DES
- Blowfish and Twofish
- Asymmetric Encryption
- Key Exchange
- The Rayburn Box
- Certificates
- Ephemeral Keys
- Elliptic Curve Cryptography
- Key Length
- Obfuscation
- Steganography
- Tokenization
- Masking
- Using Cryptographic Protocols
- Protecting Email
- Signing Email with Digital Signatures
- Encrypting Email
- S/MIME
- HTTPS Transport Encryption
- TLS Versus SSL
- Encrypting HTTPS Traffic with TLS
- Downgrade Attacks on Weak Implementations
- Blockchain
- Identifying Limitations
- Resource Versus Security Constraints
- Speed and Time
- Size and Computational Overhead
- Entropy
- Predictability
- Weak Keys
- Reuse
- Plaintext Attack
- Exploring PKI Components
- Certificate Authority
- Certificate Trust Models
- Registration Authority and CSRs
- Online Versus Offline CAs
- Updating and Revoking Certificates
- Certificate Revocation List
- Validating a Certificate
- Certificate Pinning
- Key Escrow
- Key Management
- Comparing Certificate Types
- Comparing Certificate Formats
- Chapter 10 Exam Topic Review
- Chapter 10 Practice Questions
- Practice Question Answers
- Chapter 11: Implementing Policies to Mitigate Risks
- Change Management
- Business Processes
- Technical Implications
- Documentation and Version Control
- Protecting Data
- Understanding Data Types
- Classifying Data Types
- Securing Data
- Data Retention
- Data Sanitization
- Incident Response
- Incident Response Plan
- Communication Plan
- Incident Response Process
- Incident Response Training and Testing
- Threat Hunting
- Understanding Digital Forensics
- Acquisition and Preservation
- Legal Holds and Electronic Discovery
- Admissibility of Documentation and Evidence
- Reporting
- Understanding SOAR
- Playbooks
- Runbooks
- Security Governance
- Governance Structures
- External Considerations
- Security Policies
- Security Standards
- Security Procedures
- Security Guidelines
- Data Governance
- Data Roles
- Monitoring and Revision
- Third-Party Risk Management
- Supply Chain and Vendors
- Vendor Assessment
- Vendor Selection
- Vendor Agreements
- Security Compliance
- Compliance Monitoring and Reporting
- Privacy
- Data Inventory and Retention
- Security Awareness
- Computer-Based Training
- Phishing Campaigns
- Recognizing Anomalous Behavior
- User Guidance and Training
- Awareness Program Development and Execution
- Chapter 11 Exam Topic Review
- Chapter 11 Practice Questions
- Practice Question Answers
- Post-Assessment Questions
- Post-Assessment Answers
