CompTIA Security+ Get Certified Get Ahead: SY0-601 Study Guide
- Length: 593 pages
- Edition: 1
- Language: English
- Publisher: Independently published
- Publication Date: 2021-06-01
- ISBN-10: B096D1LGSK
- ISBN-13: 9798748708180
- Sales Rank: #8620 (See Top 100 Books)
Pass the First Time.
The CompTIA Security+ Get Certified Get Ahead SY0-601 Study Guide is an update to the top-selling SY0-201, SY0-301, SY0-401, and SY0-501 study guides, which have helped thousands of readers pass the exam the first time they took it.
Free Online Resources
Buyers have access to free online resources, including:
- Additional free practice test questions using an online testing engine via your browser
- Free online labs, including a lab to create a bootable USB to boot into Linux
- Downloadable free extras such as a Glossary, Acronyms list, Command Line basics, Log basics and more
Access the free content by entering the URL found in the following sections:
- Chapter 1 Exam Topic Review Online References
- Chapter 2 Exam Topic Review Online References
- And elsewhere throughout the book.
The introduction includes a table listing all the SY0-601 objectives along with the specific chapter or chapters where the objectives are covered. As an example, if you’re looking for information on request forgery objectives, the table includes the following:
1.3 Given a scenario, analyze potential indicators associated with application attacks.
…
- Request forgeries Chapter 7
- Server-side Chapter 7
- Cross-site Chapter7
You can use the Table of Contents to locate the exact page for topics of interest, such as cross-site request forgery (page 265). The paperback copy includes a comprehensive index that helps you find relevant Security+ concepts. Following the request forgery example, if you’re looking for CSRF (cross-site request forgery), the index entry also tells you exactly what page to find it on:
- CSRF (Cross-site request forgery) 265
The Kindle edition includes a search function allowing you to find any word in the book.
This book includes the same elements readers raved about in the previous versions. Each of the eleven chapters presents topics in an easy-to-understand manner and includes real-world examples of security principles in action. The author uses many of the same analogies and explanations that he honed in the classroom that have helped hundreds of students master the Security+ content.
As an example, test-takers sometimes have trouble understanding captive portals, which is a highly testable topic. Darril explains captive portals and then provides real-world examples showing how organizations use them to provide users with free Internet access, and sometimes for paid internet access.
With this study guide, you’ll understand the important and relevant security topics for the Security+ exam without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive Exam Topic Review section to help you focus on what’s important.
Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The study guide includes a 75-question pre-test, a 75-question post-test, and practice test questions at the end of every chapter. Each practice test question includes a detailed explanation helping you understand why the correct answers are correct and why the incorrect answers are incorrect. You’ll also have access to free online resources including labs and additional practice test questions. Using these resources, you’ll be ready to take and pass the exam the first time you take it.
If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-601 study guide is for any IT or security professional interested in advancing in their field and a must-read for anyone striving to master the basics of IT systems security.
Dedication Acknowledgments About the Author Table of Contents Introduction Who This Book Is For About This Book Appendixes How to Use This Book Conventions Remember This Vendor Neutral Free Online Resources Additional Web Resources Assumptions Set a Goal About the Exam Passing Score Exam Prerequisites Beta Questions Exam Format Question Types Multiple Choice Performance-Based Questions Question Complexity Practice Test Questions Strategy Exam Test Provider Voucher Code for 10 Percent Off Exam Domains Objective to Chapter Map 1.0 Threats, Attacks and Vulnerabilities 2.0 Architecture and Design 3.0 Implementation 4.0 Operations and Incident Response 5.0 Governance, Risk, and Compliance Recertification Requirements 601 Pre-Assessment Exam Pre-Assessment Exam Answers Chapter 1 Mastering Security Basics Understanding Core Security Goals What Is a Use Case? Ensure Confidentiality Encryption Access Controls Provide Integrity Increase Availability Redundancy and Fault Tolerance Scalability and Elasticity Patching Understanding Resiliency Resource Versus Security Constraints Introducing Basic Risk Concepts Understanding Security Controls Managerial Controls Operational Controls Technical Controls Control Types Preventive Controls Detective Controls Corrective and Recovery Controls Physical Controls Deterrent Controls Compensating Controls Response Controls Combining Control Categories and Types Using Command-Line Tools Network Reconnaissance and Discovery Ping Using Ping to Check Name Resolution Beware of Firewalls Using Ping to Assess Organizational Security hping Ipconfig and ifconfig Netstat Tracert and traceroute Pathping Arp Linux and LAMP cat Command grep Command head Command tail Command logger Command journalctl Command chmod Command Understanding Logs Windows Logs Network Logs Centralized Logging Methods SIEM Systems Syslog Linux Logs Chapter 1 Exam Topic Review Chapter 1 Practice Questions Chapter 1 Practice Question Answers Chapter 2 Understanding Identity and Access Management Exploring Authentication Management Comparing Identification and AAA Comparing Authentication Factors Something You Know Something You Have Something You Are Two-Factor and Multifactor Authentication Authentication Attributes Authentication Log Files Managing Accounts Credential Policies and Account Types Privileged Access Management Require Administrators to Use Two Accounts Prohibiting Shared and Generic Accounts Disablement Policies Time-Based Logins Account Audits Comparing Authentication Services Single Sign-On Kerberos SSO and a Federation SAML SAML and Authorization OAuth OpenID and OpenID Connection Comparing Access Control Schemes Role-Based Access Control Using Roles Based on Jobs and Functions Documenting Roles with a Matrix Establishing Access with Group-Based Privileges Rule-Based Access Control Discretionary Access Control Filesystem Permissions SIDs and DACLs The Owner Establishes Access Mandatory Access Control Labels and Lattice Establishing Access Attribute-Based Access Control Conditional Access Chapter 2 Exam Topic Review Chapter 2 Practice Questions Chapter 2 Practice Question Answers Chapter 3 Exploring Network Technologies and Tools Reviewing Basic Networking Concepts Basic Networking Protocols Implementing Protocols for Use Cases Voice and Video Use Case File Transfer Use Case Email and Web Use Cases Directory Services and LDAPS Remote Access Use Case OpenSSH Time Synchronization Use Case Network Address Allocation Use Case Domain Name Resolution Use Case Subscription Services Use Case Quality of Service Understanding Basic Network Devices Switches Security Benefit of a Switch Port Security Broadcast Storm and Loop Prevention Bridge Protocol Data Unit Guard Routers Routers and ACLs Deny Implicit Deny The Route Command and Route Security Firewalls Host-Based Firewalls Software Versus Hardware Firewalls Stateless Firewall Rules Stateful Versus Stateless Web Application Firewall Next-Generation Firewall Implementing Network Designs Intranet Versus Extranet Screened Subnet Network Address Translation Gateway Physical Isolation and Air Gaps Logical Separation and Segmentation Isolating Traffic with a VLAN East-West Traffic Zero Trust Network Appliances Proxy Servers Caching Content for Performance Transparent Proxy Versus Non-transparent Proxy Reverse Proxy Unified Threat Management Jump Server Security Implications of IPv6 Summarizing Routing and Switching Use Cases Chapter 3 Exam Topic Review Chapter 3 Practice Questions Chapter 3 Practice Question Answers Chapter 4 Securing Your Network Exploring Advanced Security Devices Understanding IDSs and IPSs HIDS NIDS Sensor and Collector Placement Detection Methods Data Sources and Trends Reporting Based on Rules False Positives Versus False Negatives IPS Versus IDS—Inline Versus Passive Honeypots Honeynets Honeyfile Fake Telemetry Securing Wireless Networks Reviewing Wireless Basics Band Selection and Channel Overlaps Access Point SSID Enable MAC Filtering Site Surveys and Footprinting Wireless Access Point Placement Wireless Cryptographic Protocols WPA2 and CCMP Open, PSK, and Enterprise Modes WPA3 and Simultaneous Authentication of Equals Authentication Protocols IEEE 802.1X Security Controller and Access Point Security Captive Portals Understanding Wireless Attacks Disassociation Attacks Wi-Fi Protected Setup Rogue Access Point Evil Twin Jamming Attacks IV Attacks Near Field Communication Attacks RFID Attacks Bluetooth Attacks Wireless Replay Attacks War Driving and War Flying Using VPNs for Remote Access VPNs and VPN Appliances Remote Access VPN IPsec as a Tunneling Protocol SSL/TLS as a Tunneling Protocol Split Tunnel Versus Full Tunnel Site-to-Site VPNs Always-On VPN L2TP as a Tunneling Protocol HTML5 VPN Portal Network Access Control Host Health Checks Agent Versus Agentless NAC Authentication and Authorization Methods PAP CHAP RADIUS TACACS+ AAA Protocols Chapter 4 Exam Topic Review Chapter 4 Practice Questions Chapter 4 Practice Question Answers Chapter 5 Securing Hosts and Data Summarize Virtualization Concepts Thin Clients and Virtual Desktop Infrastructure Containers VM Escape Protection VM Sprawl Avoidance Replication Snapshots Non-Persistence Implementing Secure Systems Endpoint Security Hardening Systems Configuration Management Secure Baseline and Integrity Measurements Using Master Images for Baseline Configurations Patch Management Change Management Policy Application Approved Lists and Block Lists Application Programming Interfaces Microservices and APIs FDE and SED Boot Integrity Boot Security and UEFI Trusted Platform Module Hardware Security Module Protecting Data Data Loss Prevention Rights Management Removable Media Data Exfiltration Protecting Confidentiality with Encryption Database Security Summarizing Cloud Concepts Software as a Service Platform as a Service Infrastructure as a Service Anything as a Service Cloud Deployment Models Managed Security Service Provider Cloud Service Provider Responsibilities Cloud Security Controls On-Premises Versus Off-Premises On-Premises Off-Premises Cloud Access Security Broker Cloud-Based DLP Next-Generation Secure Web Gateway Firewall Considerations Infrastructure as Code Edge and Fog Computing Cloud Security Alliance Deploying Mobile Devices Securely Deployment Models Connection Methods and Receivers Mobile Device Management Mobile Device Enforcement and Monitoring Unauthorized Software Messaging Services Hardware Control Unauthorized Connections SEAndroid Exploring Embedded Systems Understanding Internet of Things ICS and SCADA Systems IoT and Embedded Systems Security Implications of Embedded Systems Embedded System Constraints Communication Considerations Chapter 5 Exam Topic Review Chapter 5 Practice Questions Chapter 5 Practice Question Answers Chapter 6 Comparing Threats, Vulnerabilities, and Common Attacks Understanding Threat Actors Attack Vectors Shadow IT Determining Malware Types Viruses Worms Logic Bombs Backdoors Trojans Remote Access Trojan Keyloggers Spyware Rootkit Bots and Botnets Command and Control Ransomware and Cryptomalware Potentially Unwanted Programs Fileless Virus Potential Indicators of a Malware Attack Recognizing Common Attacks Social Engineering Impersonation Shoulder Surfing Tricking Users with Hoaxes Tailgating and Access Control Vestibules Dumpster Diving Zero-Day Vulnerabilities Watering Hole Attacks Typo Squatting Eliciting Information Pretexting and Prepending Identity Theft and Identity Fraud Invoice Scams Credential Harvesting Reconnaissance Influence Campaigns Attacks via Email and Phone Spam Spam over Internet Messaging Phishing Spear Phishing Whaling Vishing Smishing One Click Lets Them In Blocking Malware and Other Attacks Spam Filters Antivirus and Anti-Malware Software Signature-Based Detection Heuristic-Based Detection File Integrity Monitors Cuckoo Sandbox Why Social Engineering Works Authority Intimidation Consensus Scarcity Urgency Familiarity Trust Threat Intelligence Sources Research Sources Chapter 6 Exam Topic Review Chapter 6 Practice Questions Chapter 6 Practice Question Answers Chapter 7 Protecting Against Advanced Attacks Understanding Attack Frameworks Cyber Kill Chain Diamond Model of Intrusion Analysis MITRE ATT&CK Identifying Network Attacks DoS Versus DDoS SYN Flood Attacks Spoofing On-Path Attacks Secure Sockets Layer Stripping Layer 2 Attacks ARP Poisoning Attacks MAC Flooding MAC Cloning DNS Attacks DNS Poisoning Attacks Pharming Attack URL Redirection Domain Hijacking Domain Reputation DNS Sinkhole DNS Log Files Replay Attacks and Session Replays Summarizing Secure Coding Concepts OWASP Code Reuse and Dead Code Third-Party Libraries and SDKs Input Validation Client-Side and Server-Side Input Validation Other Input Validation Techniques Avoiding Race Conditions Proper Error Handling Code Obfuscation and Camouflage Software Diversity Outsourced Code Development Data Exposure HTTP Headers Secure Cookie Code Signing Analyzing and Reviewing Code Software Version Control Secure Development Environment Database Concepts Normalization SQL Queries Provisioning and Deprovisioning Integrity Measurement Web Server Logs Using Scripting for Automation Identifying Malicious Code and Scripts PowerShell Bash Python Macros Visual Basic for Applications (VBA) OpenSSL SSH Identifying Application Attacks Zero-Day Attacks Memory Vulnerabilities Memory Leak Buffer Overflows and Buffer Overflow Attacks Integer Overflow Pointer/Object Dereference Other Injection Attacks Dynamic Link Library Injection Lightweight Directory Access Protocol Injection Extensible Markup Language Injection Directory Traversal Cross-Site Scripting Cross-Site Request Forgery Server-Side Request Forgeries Client-Side Request Forgeries Driver Manipulation Artificial Intelligence and Machine Learning AI and ML in Cybersecurity Adversarial Artificial Intelligence Tainted Data for Machine Learning Security of Machine Learning Algorithms Chapter 7 Exam Topic Review Chapter 7 Practice Questions Chapter 7 Practice Question Answers Chapter 8 Using Risk Management Tools Understanding Risk Management Threats Risk Types Vulnerabilities Risk Management Strategies Risk Assessment Types Risk Analysis Supply Chain Risks Threat Hunting Comparing Scanning and Testing Tools Checking for Vulnerabilities Password Crackers Network Scanners Vulnerability Scanning Credentialed Versus Non-Credentialed Configuration Review Penetration Testing Rules of Engagement Reconnaissance Footprinting Versus Fingerprinting Initial Exploitation Persistence Lateral Movement Privilege Escalation Pivoting Known, Unknown, and Partially Known Testing Environments Cleanup Bug Bounty Programs Intrusive Versus Non-Intrusive Testing Exercise Types Capturing Network Traffic Packet Capture and Replay Tcpreplay and Tcpdump NetFlow, sFlow, and IPFIX Understanding Frameworks and Standards Key Frameworks Risk Management Framework Reference Architecture Exploitation Frameworks Benchmarks and Configuration Guides Chapter 8 Exam Topic Review Chapter 8 Practice Questions Chapter 8 Practice Question Answers Chapter 9 Implementing Controls to Protect Assets Comparing Physical Security Controls Securing Door Access with Cards Comparing Locks Physical Locks Physical Cipher Locks Biometric Locks Cable Locks Increasing Security with Personnel Monitoring Areas with Cameras Sensors Fencing, Lighting, and Alarms Securing Access with Barricades Using Signage Drones Asset Management Implementing Diversity Creating Secure Areas Air Gap Vaults Faraday Cage Safes Hot and Cold Aisles Physical Attacks Malicious Universal Serial Bus (USB) Cable Malicious Flash Drive Card Skimming and Card Cloning Fire Suppression Protected Cable Distribution Adding Redundancy and Fault Tolerance Single Point of Failure Disk Redundancies RAID-0 RAID-1 RAID-5 and RAID-6 RAID-10 Disk Multipath Server Redundancy and High Availability Active/Active Load Balancers Active/Passive Load Balancers NIC Teaming Power Redundancies Protecting Data with Backups Backup Media Online Versus Offline Backups Comparing Backup Types Full Backups Restoring a Full Backup Differential Backups Order of Restoration for a Full/Differential Backup Set Incremental Backups Order of Restoration for a Full/Incremental Backup Set Choosing Full/Incremental or Full/Differential Snapshot and Image Backups Copy Backup Testing Backups Backups and Geographic Considerations Comparing Business Continuity Elements Business Impact Analysis Concepts Site Risk Assessment Impact Recovery Time Objective Recovery Point Objective Comparing MTBF and MTTR Continuity of Operations Planning Site Resiliency Restoration Order Disaster Recovery Testing Plans with Exercises Chapter 9 Exam Topic Review Chapter 9 Practice Questions Chapter 9 Practice Question Answers Chapter 10 Understanding Cryptography and PKI Introducing Cryptography Concepts Providing Integrity with Hashing Hash Versus Checksum MD5 Secure Hash Algorithms HMAC Hashing Files Hashing Messages Using HMAC Hashing Passwords Understanding Hash Collisions Understanding Password Attacks Dictionary Attacks Brute Force Attacks Spraying Attacks Pass the Hash Attacks Birthday Attacks Rainbow Table Attacks Salting Passwords Key Stretching Providing Confidentiality with Encryption Symmetric Encryption Block Versus Stream Ciphers Common Symmetric Algorithms AES 3DES Blowfish and Twofish Asymmetric Encryption Key Exchange The Rayburn Box Certificates Ephemeral Keys Elliptic Curve Cryptography Quantum Computing Quantum Cryptography Post-Quantum Cryptography Lightweight Cryptography Homomorphic Encryption Key Length Modes of Operation Steganography Audio Steganography Image Steganography Video Steganography Using Cryptographic Protocols Protecting Email Signing Email with Digital Signatures Encrypting Email S/MIME HTTPS Transport Encryption TLS Versus SSL Encrypting HTTPS Traffic with TLS Downgrade Attacks on Weak Implementations Blockchain Crypto Diversity Identifying Limitations Resource Versus Security Constraints Speed and Time Size and Computational Overhead Entropy Predictability Weak Keys Longevity Reuse Plaintext Attack Common Use Cases Exploring PKI Components Certificate Authority Certificate Trust Models Registration Authority and CSRs Online Versus Offline CAs Updating and Revoking Certificates Certificate Revocation List Validating a Certificate Public Key Pinning Key Escrow Key Management Comparing Certificate Types Comparing Certificate Formats Chapter 10 Exam Topic Review Chapter 10 Practice Questions Chapter 10 Practice Question Answers Chapter 11 Implementing Policies to Mitigate Risks Exploring Security Policies Personnel Policies Acceptable Use Policy Mandatory Vacations Separation of Duties Least Privilege Job Rotation Clean Desk Space Background Check Onboarding Offboarding Non-Disclosure Agreement Social Media Analysis Third-Party Risk Management Terms of Agreement Measurement Systems Analysis Incident Response Policies Incident Response Plan Communication Plan Data Breach Responses Stakeholder Management Incident Response Process Understanding SOAR Playbooks Runbooks Understanding Digital Forensics Key Aspects of Digital Forensics Admissibility of Documentation and Evidence On-Premises Versus Cloud Concerns Acquisition and Preservation Order of Volatility Data Acquisition Forensic Tools Electronic Discovery Data Recovery Strategic Intelligence and Counterintelligence Protecting Data Classifying Data Types PII and Health Information Impact Assessment Data Governance Privacy Enhancing Technologies Data Masking Anonymization Pseudo-Anonymization Tokenization Data Retention Policies Data Sanitization Training Users Computer-Based Training Phishing Campaigns Phishing Simulations Gamification Capture the Flag Role-Based Awareness Training Chapter 11 Exam Topic Review Chapter 11 Practice Questions Chapter 11 Practice Question Answers Post-Assessment Questions Post-Assessment Answers
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.