Comptia Security+ Deluxe Study Guide With Online Labs - Exam Sy0-601

En savoir plus

Learn the key objectives and most crucial concepts covered by the Security+ Exam SY0-601 with this comprehensive and practical Deluxe Study Guide
 
Covers 100% of exam objectives including threats, attacks, and vulnerabilities; technologies and tools; architecture and design; identity and access management; risk management; cryptography and PKI, and much more... Includes interactive online learning environment and study tools with:
* 4 custom practice exams
* 100 Electronic Flashcards
* Searchable key term glossary
* Plus 33 Online Security+ Practice Lab Modules
 
Expert Security+ SY0-601 exam preparation--Now with 33 Online Lab Modules
 
The Fifth edition of CompTIA Security+ Deluxe Study Guide offers invaluable preparation for Exam SY0-601. Written by expert authors, Mike Chapple and David Seidl, the book covers 100% of the exam objectives with clear and concise explanations. Discover how to handle threats, attacks, and vulnerabilities using industry-standard tools and technologies, while gaining and understanding the role of architecture and design. Spanning topics from everyday tasks like identity and access management to complex subjects such as risk management and cryptography, this study guide helps you consolidate your knowledge base in preparation for the Security+ exam. Illustrative examples show how these processes play out in real-world scenarios, allowing you to immediately translate essential concepts to on-the-job application.
 
Coverage of 100% of all exam objectives in this Study Guide means you'll be ready for:
* Attacks, Threats, and Vulnerabilities
* Architecture and Design
* Implementation
* Operations and Incident Response
* Governance, Risk, and Compliance
 
Interactive learning environment
 
Take your exam prep to the next level with Sybex's superior interactive online study tools. To access our learning environment, simply visit www.wiley.com/go/sybextestprep, register your book to receive your unique PIN, and instantly gain one year of FREE access after activation to:
* Interactive test bank with 4 bonus exams. Practice questions help you identify areas where further review is needed.
* 100 Electronic Flashcards to reinforce learning and last-minute prep before the exam.
* Comprehensive glossary in PDF format gives you instant access to the key terms so you are fully prepared.
 
ABOUT THE PRACTICE LABS SECURITY+ LABS So you can practice with hands-on learning in a real environment, Sybex has bundled Practice Labs virtual labs that run from your browser. The registration code is included with the book and gives you 6 months unlimited access to Practice Labs CompTIA Security+ Exam SY0-601 Labs with 33 unique lab modules to practice your skills.
 
If you are unable to register your lab PIN code, please contact Wiley customer support for a replacement PIN code.

Table des matières

Introduction xxv
 
Assessment Test xxxvi
 
Chapter 1 Today's Security Professional 1
 
Cybersecurity Objectives 2
 
Data Breach Risks 3
 
The DAD Triad 3
 
Breach Impact 5
 
Implementing Security Controls 7
 
Security Control Categories 7
 
Security Control Types 8
 
Data Protection 9
 
Summary 12
 
Exam Essentials 12
 
Review Questions 14
 
Chapter 2 Cybersecurity Threat Landscape 19
 
Exploring Cybersecurity Threats 20
 
Classifying Cybersecurity Threats 20
 
Threat Actors 22
 
Threat Vectors 28
 
Threat Data and Intelligence 30
 
Open Source Intelligence 31
 
Proprietary and Closed-Source Intelligence 33
 
Assessing Threat Intelligence 35
 
Threat Indicator Management and Exchange 36
 
Public and Private Information Sharing Centers 37
 
Conducting Your Own Research 38
 
Summary 38
 
Exam Essentials 39
 
Review Questions 40
 
Chapter 3 Malicious Code 45
 
Malware 46
 
Ransomware 47
 
Trojans 47
 
Worms 48
 
Rootkits 48
 
Backdoors 49
 
Bots 50
 
Keyloggers 52
 
Logic Bombs 53
 
Viruses 53
 
Fileless Viruses 53
 
Spyware 54
 
Potentially Unwanted Programs (PUPs) 55
 
Malicious Code 55
 
Adversarial Artificial Intelligence 57
 
Summary 58
 
Exam Essentials 59
 
Review Questions 61
 
Chapter 4 Social Engineering, Physical, and Password Attacks 65
 
Social Engineering 66
 
Social Engineering Techniques 67
 
Influence Campaigns 72
 
Password Attacks 72
 
Physical Attacks 74
 
Summary 76
 
Exam Essentials 76
 
Review Questions 78
 
Chapter 5 Security Assessment and Testing 83
 
Vulnerability Management 84
 
Identifying Scan Targets 84
 
Determining Scan Frequency 86
 
Configuring Vulnerability Scans 87
 
Scanner Maintenance 92
 
Vulnerability Scanning Tools 95
 
Reviewing and Interpreting Scan Reports 96
 
Validating Scan Results 106
 
Security Vulnerabilities 107
 
Patch Management 107
 
Legacy Platforms 108
 
Weak Configurations 109
 
Error Messages 110
 
Insecure Protocols 111
 
Weak Encryption 112
 
Penetration Testing 113
 
Adopting the Hacker Mindset 114
 
Reasons for Penetration Testing 115
 
Benefits of Penetration Testing 115
 
Penetration Test Types 116
 
Rules of Engagement 118
 
Reconnaissance 119
 
Running the Test 120
 
Cleaning Up 120
 
Training and Exercises 120
 
Summary 122
 
Exam Essentials 122
 
Review Questions 124
 
Chapter 6 Secure Coding 129
 
Software Assurance Best Practices 130
 
The Software Development Life Cycle 130
 
Software Development Phases 131
 
Software Development Models 133
 
DevSecOps and DevOps 136
 
Designing and Coding for Security 138
 
Secure Coding Practices 138
 
API Security 139
 
Code Review Models 139
 
Software Security Testing 143
 
Analyzing and Testing Code 143
 
Injection Vulnerabilities 144
 
SQL Injection Attacks 145
 
Code Injection Attacks 148
 
Command Injection Attacks 149
 
Exploiting Authentication Vulnerabilities 150
 
Password Authentication 150
 <

A propos de l'auteur

ABOUT THE AUTHORS Mike Chappie, PhD, Security+, CySA+, CISSP, is Teaching Professor of IT, Analytics, and Operations at the University of Notre Dame. He's a cybersecurity professional and educator with over 20 years of experience. Mike provides cybersecurity certification resources at his website, CertMike.com. David Seidl, Security+, CySA+, CISSP, PenTest+, is Vice President for Information Technology and CIO at Miami University. David co-led Notre Dame's move to the cloud, and has written multiple cybersecurity certification books. Wiley has partnered up with Practice Labs, the IT Competency Hub, to give IT learners discounted access to their live, virtual Practice Labs. Connect to real devices using actual hardware and software straight from a web browser. Practice labs allow you to cement your theoretical studies with practical, hands-on experience. Master your IT skills and gain virtual world experience to increase your employability. Each purchase provides 6 months' unlimited access. Ready to practice your IT skills?

Résumé

Learn the key objectives and most crucial concepts covered by the Security+ Exam SY0-601 with this comprehensive and practical Deluxe Study Guide

Covers 100% of exam objectives including threats, attacks, and vulnerabilities; technologies and tools; architecture and design; identity and access management; risk management; cryptography and PKI, and much more... Includes interactive online learning environment and study tools with:
* 4 custom practice exams
* 100 Electronic Flashcards
* Searchable key term glossary
* Plus 33 Online Security+ Practice Lab Modules

Expert Security+ SY0-601 exam preparation--Now with 33 Online Lab Modules

The Fifth edition of CompTIA Security+ Deluxe Study Guide offers invaluable preparation for Exam SY0-601. Written by expert authors, Mike Chapple and David Seidl, the book covers 100% of the exam objectives with clear and concise explanations. Discover how to handle threats, attacks, and vulnerabilities using industry-standard tools and technologies, while gaining and understanding the role of architecture and design. Spanning topics from everyday tasks like identity and access management to complex subjects such as risk management and cryptography, this study guide helps you consolidate your knowledge base in preparation for the Security+ exam. Illustrative examples show how these processes play out in real-world scenarios, allowing you to immediately translate essential concepts to on-the-job application.

Coverage of 100% of all exam objectives in this Study Guide means you'll be ready for:
* Attacks, Threats, and Vulnerabilities
* Architecture and Design
* Implementation
* Operations and Incident Response
* Governance, Risk, and Compliance

Interactive learning environment

Take your exam prep to the next level with Sybex's superior interactive online study tools. To access our learning environment, simply visit www.wiley.com/go/sybextestprep, register your book to receive your unique PIN, and instantly gain one year of FREE access after activation to:
* Interactive test bank with 4 bonus exams. Practice questions help you identify areas where further review is needed.
* 100 Electronic Flashcards to reinforce learning and last-minute prep before the exam.
* Comprehensive glossary in PDF format gives you instant access to the key terms so you are fully prepared.

ABOUT THE PRACTICE LABS SECURITY+ LABS So you can practice with hands-on learning in a real environment, Sybex has bundled Practice Labs virtual labs that run from your browser. The registration code is included with the book and gives you 6 months unlimited access to Practice Labs CompTIA Security+ Exam SY0-601 Labs with 33 unique lab modules to practice your skills.

If you are unable to register your lab PIN code, please contact Wiley customer support for a replacement PIN code.