Published by Pearson IT Certification (October 18, 2017) © 2018
Dave ProwseThis is the eBook version of the print title. Note that the eBook may not provide access to the practice test software that accompanies the print book. Access to the companion files are available through product registration at Pearson IT Certification, or see the instructions in the back pages of your eBook.
Learn, prepare, and practice for CompTIA Security+ SY0-501 exam success with this CompTIA approved Cert Guide from Pearson IT Certification, a leader in IT certification learning and a CompTIA Authorized Platinum Partner.
· Master CompTIA Security+ SY0-501 exam topics
· Assess your knowledge with chapter-ending quizzes
· Review key concepts with exam preparation tasks
· Practice with realistic exam questions
CompTIA Security+ SY0-501 Cert Guide is a best-of-breed exam study guide. Best-selling author and expert instructor David L. Prowse shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.
The book presents you with an organized test-preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending chapter review activities help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.
Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this CompTIA approved study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.
The CompTIA approved study guide helps you master all the topics on the Security+ exam, including
· Core computer system security
· OS hardening and virtualization
· Application security
· Network design elements
· Networking ports, protocols, and threats
· Network perimeter security
· Physical security and authentication models
· Access control
· Vulnerability and risk assessment
· Monitoring and auditing
· Cryptography, including PKI
· Redundancy and disaster recovery
· Social Engineering
· Policies and procedures
Introduction xxiv
Chapter 1 Introduction to Security 3
Foundation Topics 4
Security 101 4
The CIA of Computer Security 4
The Basics of Information Security 6
Think Like a Hacker 9
Threat Actor Types and Attributes 10
Chapter Review Activities 12
Review Key Topics 12
Define Key Terms 12
Review Questions 13
Answers and Explanations 15
Chapter 2 Computer Systems Security Part I 19
Foundation Topics 19
Malicious Software Types 19
Viruses 20
Worms 21
Trojan Horses 22
Ransomware 22
Spyware 23
Rootkits 24
Spam 25
Summary of Malware Threats 25
Delivery of Malware 26
Via Software, Messaging, and Media 26
Botnets and Zombies 28
Active Interception 28
Privilege Escalation 29
Backdoors 29
Logic Bombs 29
Preventing and Troubleshooting Malware 30
Preventing and Troubleshooting Viruses 31
Preventing and Troubleshooting Worms and Trojans 35
Preventing and Troubleshooting Spyware 35
Preventing and Troubleshooting Rootkits 38
Preventing and Troubleshooting Spam 38
You Can’t Save Every Computer from Malware! 40
Summary of Malware Prevention Techniques 40
Chapter Summary 41
Chapter Review Activities 42
Review Key Topics 42
Define Key Terms 42
Complete the Real-World Scenarios 43
Review Questions 43
Answers and Explanations 48
Chapter 3 Computer Systems Security Part II 53
Foundation Topics 53
Implementing Security Applications 53
Personal Software Firewalls 53
Host-Based Intrusion Detection Systems 55
Pop-Up Blockers 57
Data Loss Prevention Systems 59
Securing Computer Hardware and Peripherals 59
Securing the BIOS 60
Securing Storage Devices 62
Removable Storage 62
Network Attached Storage 63
Whole Disk Encryption 64
Hardware Security Modules 65
Securing Wireless Peripherals 66
Securing Mobile Devices 66
Malware 67
Botnet Activity 68
SIM Cloning and Carrier Unlocking 68
Wireless Attacks 69
Theft 70
Application Security 71
BYOD Concerns 74
Chapter Summary 78
Chapter Review Activities 79
Review Key Topics 79
Define Key Terms 79
Complete the Real-World Scenarios 80
Review Questions 80
Answers and Explanations 83
Chapter 4 OS Hardening and Virtualization 89
Foundation Topics 89
Hardening Operating Systems 89
Removing Unnecessary Applications and Services 90
Windows Update, Patches, and Hotfixes 97
Patches and Hotfixes 99
Patch Management 101
Group Policies, Security Templates, and Configuration Baselines 102
Hardening File Systems and Hard Drives 105
Virtualization Technology 109
Types of Virtualization and Their Purposes 110
Hypervisor 111
Securing Virtual Machines 113
Chapter Summary 115
Chapter Review Activities 117
Review Key Topics 117
Define Key Terms 118
Complete the Real-World Scenarios 118
Review Questions 118
Answers and Explanations 122
Chapter 5 Application Security 127
Foundation Topics 127
Securing the Browser 127
General Browser Security Procedures 129
Implement Policies 129
Train Your Users 133
Use a Proxy and Content Filter 133
Secure Against Malicious Code 135
Web Browser Concerns and Security Methods 135
Basic Browser Security 135
Cookies 136
LSOs 137
Add-ons 137
Advanced Browser Security 138
Securing Other Applications 140
Secure Programming 144
Software Development Life Cycle 145
Core SDLC and DevOps Principles 146
Programming Testing Methods 149
White-box and Black-box Testing 149
Compile-Time Errors Versus Runtime Errors 150
Input Validation 150
Static and Dynamic Code Analysis 151
Fuzz Testing 152
Programming Vulnerabilities and Attacks 152
Backdoors 153
Memory/Buffer Vulnerabilities 153
Arbitrary Code Execution/Remote Code Execution 155
XSS and XSRF 155
More Code Injection Examples 156
Directory Traversal 158
Zero Day Attack 158
Chapter Summary 160
Chapter Review Activities 161
Review Key Topics 161
Define Key Terms 162
Complete the Real-World Scenarios 162
Review Questions 162
Answers and Explanations 167
Chapter 6 Network Design Elements 173
Foundation Topics 173
Network Design 173
The OSI Model 173
Network Devices 175
Switch 175
Bridge 178
Router 178
Network Address Translation, and Private Versus Public IP 180
Network Zones and Interconnections 182
LAN Versus WAN 182
Internet 183
Demilitarized Zone (DMZ) 183
Intranets and Extranets 184
Network Access Control (NAC) 185
Subnetting 186
Virtual Local Area Network (VLAN) 188
Telephony 190
Modems 190
PBX Equipment 191
VoIP 191
Cloud Security and Server Defense 192
Cloud Computing 192
Cloud Security 195
Server Defense 198
File Servers 198
Network Controllers 199
E-mail Servers 199
Web Servers 200
FTP Server 202
Chapter Summary 203
Chapter Review Activities 205
Review Key Topics 205
Define Key Terms 205
Complete the Real-World Scenarios 205
Review Questions 206
Answers and Explanations 210
Chapter 7 Networking Protocols and Threats 217
Foundation Topics 217
Ports and Protocols 217
Port Ranges, Inbound Versus Outbound, and Common Ports 217
Protocols That Can Cause Anxiety on the Exam 225
Malicious Attacks 226
DoS 226
DDoS 229
Sinkholes and Blackholes 230
Spoofing 231
Session Hijacking 232
Replay 234
Null Sessions 235
Transitive Access and Client-Side Attacks 236
DNS Poisoning and Other DNS Attacks 236
ARP Poisoning 238
Summary of Network Attacks 238
Chapter Summary 242
Chapter Review Activities 243
Review Key Topics 243
Define Key Terms 243
Complete the Real-World Scenarios 243
Review Questions 244
Answers and Explanations 250
Chapter 8 Network Perimeter Security 255
Foundation Topics 256
Firewalls and Network Security 256
Firewalls 256
Proxy Servers 263
Honeypots and Honeynets 266
Data Loss Prevention (DLP) 267
NIDS Versus NIPS 268
NIDS 268
NIPS 269
Summary of NIDS Versus NIPS 271
The Protocol Analyzer’s Role in NIDS and NIPS 271
Unified Threat Management 272
Chapter Summary 273
Chapter Review Activities 274
Review Key Topics 274
Define Key Terms 274
Complete the Real-World Scenarios 274
Review Questions 275
Answers and Explanations 280
Chapter 9 Securing Network Media and Devices 285
Foundation Topics 285
Securing Wired Networks and Devices 285
Network Device Vulnerabilities 285
Default Accounts 286
Weak Passwords 286
Privilege Escalation 287
Back Doors 288
Network Attacks 289
Other Network Device Considerations 289
Cable Media Vulnerabilities 289
Interference 290
Crosstalk 291
Data Emanation 292
Tapping into Data and Conversations 293
Securing Wireless Networks 295
Wireless Access Point Vulnerabilities 295
The Administration Interface 295
SSID Broadcast 296
Rogue Access Points 296
Evil Twin 297
Weak Encryption 297
Wi-Fi Protected Setup 299
Ad Hoc Networks 299
VPN over Open Wireless 300
Wireless Access Point Security Strategies 300
Wireless Transmission Vulnerabilities 304
Bluetooth and Other Wireless Technology Vulnerabilities 305
Bluejacking 306
Bluesnarfing 306
RFID and NFC 307
More Wireless Technologies 308
Chapter Summary 310
Chapter Review Activities 312
Review Key Topics 312
Define Key Terms 312
Complete the Real-World Scenarios 312
Review Questions 313
Answers and Explanations 317
Chapter 10 Physical Security and Authentication Models 321
Foundation Topics 322
Physical Security 322
General Building and Server Room Security 323
Door Access 324
Biometric Readers 326
Authentication Models and Components 327
Authentication Models 327
Localized Authentication Technologies 329
802.1X and EAP 330
LDAP 333
Kerberos and Mutual Authentication 334
Remote Desktop Services 336
Remote Authentication Technologies 337
Remote Access Service 337
Virtual Private Networks 340
RADIUS Versus TACACS 343
Chapter Summary 345
Chapter Review Activities 346
Review Key Topics 346
Define Key Terms 347
Complete the Real-World Scenarios 347
Review Questions 347
Answers and Explanations 355
Chapter 11 Access Control Methods and Models 361
Foundation Topic 361
Access Control Models Defined 361
Discretionary Access Control 361
Mandatory Access Control 363
Role-Based Access Control (RBAC) 364
Attribute-based Access Control (ABAC) 365
Access Control Wise Practices 366
Rights, Permissions, and Policies 369
Users, Groups, and Permissions 369
Permission Inheritance and Propagation 374
Moving and Copying Folders and Files 376
Usernames and Passwords 376
Policies 379
User Account Control (UAC) 383
Chapter Summary 384
Chapter Review Activities 385
Review Key Topics 385
Define Key Terms 386
Complete the Real-World Scenarios 386
Review Questions 386
Answers and Explanations 392
Chapter 12 Vulnerability and Risk Assessment 397
Foundation Topics 397
Conducting Risk Assessments 397
Qualitative Risk Assessment 399
Quantitative Risk Assessment 400
Security Analysis Methodologies 402
Security Controls 404
Vulnerability Management 405
Penetration Testing 407
OVAL 408
Additional Vulnerabilities 409
Assessing Vulnerability with Security Tools 410
Network Mapping 411
Vulnerability Scanning 412
Network Sniffing 415
Password Analysis 417
Chapter Summary 420
Chapter Review Activities 421
Review Key Topics 421
Define Key Terms 422
Complete the Real-World Scenarios 422
Review Questions 422
Answers and Explanations 428
Chapter 13 Monitoring and Auditing 435
Foundation Topics 435
Monitoring Methodologies 435
Signature-Based Monitoring 435
Anomaly-Based Monitoring 436
Behavior-Based Monitoring 436
Using Tools to Monitor Systems and Networks 437
Performance Baselining 438
Protocol Analyzers 440
Wireshark 441
SNMP 443
Analytical Tools 445
Use Static and Dynamic Tools 447
Conducting Audits 448
Auditing Files 448
Logging 451
Log File Maintenance and Security 455
Auditing System Security Settings 457
SIEM 460
Chapter Summary 461
Chapter Review Activities 462
Review Key Topics 462
Define Key Terms 463
Complete the Real-World Scenarios 463
Review Questions 463
Answers and Explanations 470
Chapter 14 Encryption and Hashing Concepts 477
Foundation Topics 477
Cryptography Concepts 477
Symmetric Versus Asymmetric Key Algorithms 481
Symmetric Key Algorithms 481
Asymmetric Key Algorithms 483
Public Key Cryptography 483
Key Management 484
Steganography 485
Encryption Algorithms 486
DES and 3DES 486
AES 487
RC 488
Blowfish and Twofish 489
Summary of Symmetric Algorithms 489
RSA 490
Diffie-Hellman 491
Elliptic Curve 492
More Encryption Types 493
One-Time Pad 493
PGP 494
Pseudorandom Number Generators 495
Hashing Basics 496
Cryptographic Hash Functions 498
MD5 498
SHA 498
RIPEMD and HMAC 499
LANMAN, NTLM, and NTLMv2 500
LANMAN 500
NTLM and NTLMv2 501
Hashing Attacks 502
Pass the Hash 502
Happy Birthday! 503
Additional Password Hashing Concepts 503
Chapter Summary 505
Chapter Review Activities 507
Review Key Topics 507
Define Key Terms 507
Complete the Real-World Scenarios 508
Review Questions 508
Answers and Explanations 515
Chapter 15 PKI and Encryption Protocols 521
Foundation Topics 521
Public Key Infrastructure 521
Certificates 522
SSL Certificate Types 522
Single-Sided and Dual-Sided Certificates 523
Certificate Chain of Trust 523
Certificate Formats 523
Certificate Authorities 525
Web of Trust 529
Security Protocols 529
S/MIME 530
SSL/TLS 531
SSH 532
PPTP, L2TP, and IPsec 533
PPTP 533
L2TP 534
IPsec 534
Chapter Summary 535
Chapter Review Activities 536
Review Key Topics 536
Define Key Terms 536
Complete the Real-World Scenarios 537
Review Questions 537
Answers and Explanations 542
Chapter 16 Redundancy and Disaster Recovery 547
Foundation Topics 547
Redundancy Planning 547
Redundant Power 549
Redundant Power Supplies 551
Uninterruptible Power Supplies 551
Backup Generators 553
Redundant Data 555
Redundant Networking 558
Redundant Servers 560
Redundant Sites 561
Redundant People 562
Disaster Recovery Planning and Procedures 562
Data Backup 562
DR Planning 567
Chapter Summary 571
Chapter Review Activities 572
Review Key Topics 572
Define Key Terms 572
Complete the Real-World Scenarios 573
Review Questions 573
Answers and Explanations 577
Chapter 17 Social Engineering, User Education, and Facilities Security 583
Foundation Topics 583
Social Engineering 583
Pretexting 584
Malicious Insider 585
Diversion Theft 586
Phishing 586
Hoaxes 587
Shoulder Surfing 588
Eavesdropping 588
Dumpster Diving 588
Baiting 589
Piggybacking/Tailgating 589
Watering Hole Attack 589
Summary of Social Engineering Types 590
User Education 591
Facilities Security 593
Fire Suppression 594
Fire Extinguishers 594
Sprinkler Systems 595
Special Hazard Protection Systems 596
HVAC 597
Shielding 598
Vehicles 600
Chapter Summary 602
Chapter Review Activities 603
Review Key Topics 603
Define Key Terms 603
Complete the Real-World Scenarios 603
Review Questions 604
Answers and Explanations 608
Chapter 18 Policies and Procedures 613
Foundation Topics 614
Legislative and Organizational Policies 614
Data Sensitivity and Classification of Information 615
Personnel Security Policies 617
Privacy Policies 618
Acceptable Use 618
Change Management 619
Separation of Duties/Job Rotation 619
Mandatory Vacations 620
Onboarding and Offboarding 620
Due Diligence 621
Due Care 621
Due Process 621
User Education and Awareness Training 621
Summary of Personnel Security Policies 622
How to Deal with Vendors 623
How to Dispose of Computers and Other IT Equipment Securely 625
Incident Response Procedures 627
IT Security Frameworks 633
Chapter Summary 635
Chapter Review Activities 636
Review Key Topics 636
Define Key Terms 636
Complete the Real-World Scenarios 637
Review Questions 637
Answers and Explanations 641
Chapter 19 Taking the Real Exam 647
Getting Ready and the Exam Preparation Checklist 647
Tips for Taking the Real Exam 651
Beyond the CompTIA Security+ Certification 655
Practice Exam 1: SY0-501 657
Answers to Practice Exam 1 679
Answers with Explanations 680
Glossary 718
Elements Available Online
View Recommended Resources
Real-World Scenarios
9780789758996 TOC 9/19/2017