CompTIA Security+ Study Guide with over 500 Practice Test Questions

Discover key exam objectives and crucial cybersecurity concepts for the CompTIA Security+ SY0-701 exam, along with an online test bank with hundreds of practice questions and flashcardsIn the newly revised ninth edition of CompTIA Security+ Study Guide: Exam SY0-701, veteran cybersecurity professionals and educators Mike Chapple and David Seidl deliver easy-to-follow coverage of the security fundamentals tested by the challenging CompTIA SY0-701 exam. You'll explore general security concepts, threats, vulnerabilities, mitigations, security architecture and operations, as well as security program management and oversight.You'll get access to the information you need to start a new career--or advance an existing one--in cybersecurity, with efficient and accurate content. You'll also find:* Practice exams that get you ready to succeed on your first try at the real thing and help you conquer test anxiety* Hundreds of review questions that gauge your readiness for the certification exam and help you retain and remember key concepts* Complimentary access to the online Sybex learning environment, complete with hundreds of additional practice questions and flashcards, and a glossary of key termsPerfect for everyone planning to take the CompTIA SY0-701 exam, as well as those aiming to secure a higher-level certification like the CASP+, CISSP, or CISA, this study guide will also earn a place on the bookshelves of anyone who's ever wondered if IT security is right for them. It's a must-read reference!

Introduction xxxiChapter 1 Today's Security Professional 1Cybersecurity Objectives 2Data Breach Risks 3The DAD Triad 4Breach Impact 5Implementing Security Controls 7Gap Analysis 7Security Control Categories 8Security Control Types 9Data Protection 10Data Encryption 11Data Loss Prevention 11Data Minimization 12Access Restrictions 13Segmentation and Isolation 13Summary 13Exam Essentials 14Review Questions 16Chapter 2 Cybersecurity Threat Landscape 21Exploring Cybersecurity Threats 23Classifying Cybersecurity Threats 23Threat Actors 25Attacker Motivations 31Threat Vectors and Attack Surfaces 32Threat Data and Intelligence 35Open Source Intelligence 35Proprietary and Closed- Source Intelligence 38Assessing Threat Intelligence 39Threat Indicator Management and Exchange 40Information Sharing Organizations 41Conducting Your Own Research 42Summary 42Exam Essentials 43Review Questions 45Chapter 3 Malicious Code 49Malware 50Ransomware 51Trojans 52Worms 54Spyware 55Bloatware 56Viruses 57Keyloggers 59Logic Bombs 60Rootkits 60Summary 62Exam Essentials 62Review Questions 64Chapter 4 Social Engineering and Password Attacks 69Social Engineering and Human Vectors 70Social Engineering Techniques 71Password Attacks 76Summary 78Exam Essentials 78Review Questions 80Chapter 5 Security Assessment and Testing 85Vulnerability Management 87Identifying Scan Targets 87Determining Scan Frequency 89Configuring Vulnerability Scans 91Scanner Maintenance 95Vulnerability Scanning Tools 98Reviewing and Interpreting Scan Reports 101Confirmation of Scan Results 111Vulnerability Classification 112Patch Management 112Legacy Platforms 113Weak Configurations 115Error Messages 115Insecure Protocols 116Weak Encryption 117Penetration Testing 118Adopting the Hacker Mindset 119Reasons for Penetration Testing 120Benefits of Penetration Testing 120Penetration Test Types 121Rules of Engagement 123Reconnaissance 125Running the Test 125Cleaning Up 126Audits and Assessments 126Security Tests 127Security Assessments 128Security Audits 129Vulnerability Life Cycle 131Vulnerability Identification 131Vulnerability Analysis 132Vulnerability Response and Remediation 132Validation of Remediation 132Reporting 133Summary 133Exam Essentials 134Review Questions 136Chapter 6 Application Security 141Software Assurance Best Practices 143The Software Development Life Cycle 143Software Development Phases 144DevSecOps and DevOps 146Designing and Coding for Security 147Secure Coding Practices 148API Security 149Software Security Testing 149Analyzing and Testing Code 150Injection Vulnerabilities 151SQL Injection Attacks 151Code Injection Attacks 155Command Injection Attacks 155Exploiting Authentication Vulnerabilities 156Password Authentication 156Session Attacks 157Exploiting Authorization Vulnerabilities 160Insecure Direct Object References 161Directory Traversal 161File Inclusion 163Privilege Escalation 163Exploiting Web Application Vulnerabilities 164Cross- Site Scripting (XSS) 164Request Forgery 167Application Security Controls 168Input Validation 168Web Application Firewalls 170Parameterized Queries 170Sandboxing 171Code Security 171Secure Coding Practices 173Source Code Comments 174Error Handling 174Hard- Coded Credentials 175Package Monitoring 175Memory Management 176Race Conditions 177Unprotected APIs 178Automation and Orchestration 178Use Cases of Automation and Scripting 179Benefits of Automation and Scripting 179Other Considerations 180Summary 181Exam Essentials 181Review Questions 183Chapter 7 Cryptography and the PKI 189An Overview of Cryptography 190Historical Cryptography 191Goals of Cryptography 196Confidentiality 197Integrity 199Authentication 200Non-repudiation 200Cryptographic Concepts 200Cryptographic Keys 201Ciphers 202Modern Cryptography 202Cryptographic Secrecy 202Symmetric Key Algorithms 204Asymmetric Key Algorithms 205Hashing Algorithms 208Symmetric Cryptography 208Data Encryption Standard 208Advanced Encryption Standard 209Symmetric Key Management 209Asymmetric Cryptography 211RSA 212Elliptic Curve 213Hash Functions 214Sha 215md 5 216Digital Signatures 216HMAC 217Public Key Infrastructure 218Certificates 218Certificate Authorities 219Certificate Generation and Destruction 220Certificate Formats 223Asymmetric Key Management 224Cryptographic Attacks 225Brute Force 225Frequency Analysis 225Known Plain Text 226Chosen Plain Text 226Related Key Attack 226Birthday Attack 226Downgrade Attack 227Hashing, Salting, and Key Stretching 227Exploiting Weak Keys 228Exploiting Human Error 228Emerging Issues in Cryptography 229Tor and the Dark Web 229Blockchain 229Lightweight Cryptography 230Homomorphic Encryption 230Quantum Computing 230Summary 231Exam Essentials 231Review Questions 233Chapter 8 Identity and Access Management 237Identity 239Authentication and Authorization 240Authentication and Authorization Technologies 241Authentication Methods 246Passwords 247Multifactor Authentication 251One- Time Passwords 252Biometrics 254Accounts 256Account Types 256Provisioning and Deprovisioning Accounts 257Access Control Schemes 259Filesystem Permissions 260Summary 262Exam Essentials 262Review Questions 264Chapter 9 Resilience and Physical Security 269Resilience and Recovery in Security Architectures 271Architectural Considerations and Security 273Storage Resiliency 274Response and Recovery Controls 280Capacity Planning for Resilience and Recovery 283Testing Resilience and Recovery Controls and Designs 284Physical Security Controls 285Site Security 285Detecting Physical Attacks 291Summary 291Exam Essentials 292Review Questions 294Chapter 10 Cloud and Virtualization Security 299Exploring the Cloud 300Benefits of the Cloud 301Cloud Roles 303Cloud Service Models 303Cloud Deployment Models 307Private Cloud 307Shared Responsibility Model 309Cloud Standards and Guidelines 312Virtualization 314Hypervisors 314Cloud Infrastructure Components 316Cloud Compute Resources 316Cloud Storage Resources 319Cloud Networking 322Cloud Security Issues 325Availability 325Data Sovereignty 326Virtualization Security 327Application Security 327Governance and Auditing of Third- Party Vendors 328Hardening Cloud Infrastructure 328Cloud Access Security Brokers 328Resource Policies 329Secrets Management 330Summary 331Exam Essentials 331Review Questions 333Chapter 11 Endpoint Security 337Operating System Vulnerabilities 339Hardware Vulnerabilities 340Protecting Endpoints 341Preserving Boot Integrity 342Endpoint Security Tools 344Hardening Techniques 350Hardening 350Service Hardening 350Network Hardening 352Default Passwords 352Removing Unnecessary Software 353Operating System Hardening 353Configuration, Standards, and Schemas 356Encryption 357Securing Embedded and Specialized Systems 358Embedded Systems 358SCADA and ICS 361Securing the Internet of Things 362Communication Considerations 363Security Constraints of Embedded Systems 364Asset Management 365Summary 368Exam Essentials 369Review Questions 371Chapter 12 Network Security 375Designing Secure Networks 377Infrastructure Considerations 380Network Design Concepts 380Network Segmentation 383Zero Trust 385Network Access Control 387Port Security and Port- Level Protections 388Virtual Private Networks and Remote Access 390Network Appliances and Security Tools 392Deception and Disruption Technology 399Network Security, Services, and Management 400Secure Protocols 406Using Secure Protocols 406Secure Protocols 407Network Attacks 410On- Path Attacks 411Domain Name System Attacks 412Credential Replay Attacks 414Malicious Code 415Distributed Denial- of- Service Attacks 415Summary 418Exam Essentials 419Review Questions 421Chapter 13 Wireless and Mobile Security 425Building Secure Wireless Networks 426Connection Methods 427Wireless Network Models 431Attacks Against Wireless Networks and Devices 432Designing a Network 435Controller and Access Point Security 438Wi- Fi Security Standards 438Wireless Authentication 440Managing Secure Mobile Devices 442Mobile Device Deployment Methods 442Hardening Mobile Devices 444Mobile Device Management 444Summary 448Exam Essentials 449Review Questions 450Chapter 14 Monitoring and Incident Response 455Incident Response 457The Incident Response Process 458Training 462Threat Hunting 463Understanding Attacks and Incidents 464Incident Response Data and Tools 466Monitoring Computing Resources 466Security Information and Event Management Systems 466Alerts and Alarms 469Log Aggregation, Correlation, and Analysis 470Rules 471Benchmarks and Logging 478Reporting and Archiving 478Mitigation and Recovery 479Secure Orchestration, Automation, and Response (SOAR) 479Containment, Mitigation, and Recovery Techniques 479Root Cause Analysis 482Summary 483Exam Essentials 484Review Questions 485Chapter 15 Digital Forensics 489Digital Forensic Concepts 490Legal Holds and e- Discovery 491Conducting Digital Forensics 493Acquiring Forensic Data 493Acquisition Tools 497Validating Forensic Data Integrity 500Data Recovery 502Forensic Suites and a Forensic Case Example 503Reporting 507Digital Forensics and Intelligence 508Summary 508Exam Essentials 509Review Questions 511Chapter 16 Security Governance and Compliance 515Security Governance 518Corporate Governance 518Governance, Risk, and Compliance Programs 520Information Security Governance 520Types of Governance Structures 521Understanding Policy Documents 521Policies 522Standards 524Procedures 526Guidelines 528Exceptions and Compensating Controls 529Monitoring and Revision 530Change Management 531Change Management Processes and Controls 532Version Control 534Documentation 535Personnel Management 535Least Privilege 535Separation of Duties 535Job Rotation and Mandatory Vacations 536Clean Desk Space 536Onboarding and Offboarding 536Nondisclosure Agreements 537Social Media 537Third- Party Risk Management 537Vendor Selection 537Vendor Assessment 538Vendor Agreements 538Vendor Monitoring 539Winding Down Vendor Relationships 540Complying with Laws and Regulations 540Common Compliance Requirements 541Compliance Reporting 541Consequences of Noncompliance 542Compliance Monitoring 543Adopting Standard Frameworks 543NIST Cybersecurity Framework 544NIST Risk Management Framework 546ISO Standards 547Benchmarks and Secure Configuration Guides 549Security Awareness and Training 550User Training 551Ongoing Awareness Efforts 553Summary 554Exam Essentials 555Review Questions 557Chapter 17 Risk Management and Privacy 561Analyzing Risk 563Risk Identification 564Risk Assessment 565Risk Analysis 567Managing Risk 570Risk Mitigation 571Risk Avoidance 572Risk Transference 572Risk Acceptance 573Risk Tracking 574Risk Register 575Risk Reporting 576Disaster Recovery Planning 577Disaster Types 577Business Impact Analysis 578Privacy 578Data Inventory 579Information Classification 580Data Roles and Responsibilities 581Information Life Cycle 583Privacy Enhancing Technologies 584Privacy and Data Breach Notification 585Summary 585Exam Essentials 585Review Questions 587Appendix Answers to Review Questions 591Chapter 1: Today's Security Professional 592Chapter 2: Cybersecurity Threat Landscape 593Chapter 3: Malicious Code 595Chapter 4: Social Engineering and Password Attacks 597Chapter 5: Security Assessment and Testing 600Chapter 6: Application Security 602Chapter 7: Cryptography and the PKI 604Chapter 8: Identity and Access Management 605Chapter 9: Resilience and Physical Security 607Chapter 10: Cloud and Virtualization Security 609Chapter 11: Endpoint Security 611Chapter 12: Network Security 614Chapter 13: Wireless and Mobile Security 616Chapter 14: Monitoring and Incident Response 619Chapter 15: Digital Forensics 621Chapter 16: Security Governance and Compliance 623Chapter 17: Risk Management and Privacy 626Index 629