Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying CompTIA Security+ Certification Guide
  • Table Of Contents Toc
  • Feedback & Rating feedback
CompTIA Security+ Certification Guide

CompTIA Security+ Certification Guide

By : Ian Neil
4.6 (90)
Buy this Book
close
close
CompTIA Security+ Certification Guide

CompTIA Security+ Certification Guide

4.6 (90)
By: Ian Neil
Buy this Book

Overview of this book

CompTIA Security+ is a worldwide certification that establishes the fundamental knowledge required to perform core security functions and pursue an IT security career. CompTIA Security+ Certification Guide is a best-in-class exam study guide that covers all of CompTIA Security+ 501 exam objectives. It is authored by Ian Neil, who is a world-class trainer of CompTIA Security+ 501. Packed with self-assessment scenarios and realistic exam questions, this guide will help you master the core concepts to succeed in the exam the first time you take it. Using relevant examples, you will learn all the important security fundamentals from Certificates and Encryption to Identity and Access Management concepts. You will then dive into the important domains of the exam; namely, threats, attacks and vulnerabilities, technologies and tools, architecture and design, risk management, and cryptography and Public Key Infrastructure (PKI). This book comes with over 600 practice questions with detailed explanation that is at the exam level and also includes two mock exams to help you with your study plan. This guide will ensure that encryption and certificates are made easy for you.
Table of Contents (18 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Get in touch
Lock Free Chapter
1
Understanding Security Fundamentals
Icon
Understanding Security Fundamentals
Icon
CIA Triad Concept
Icon
Identifying Security Controls
Icon
Hashing and Data Integrity
Icon
Defense in Depth Model
Icon
Review Questions
Icon
Answers and Explanations
2
Conducting Risk Analysis
Icon
Conducting Risk Analysis
Icon
Risk Management
Icon
Importance of Policy, Plans, and Procedures
Icon
Role-Based Awareness Training
Icon
Business Impact Analysis Concepts
Icon
Privacy Threshold Assessment/Privacy Impact Assessment
Icon
Supply Chain Risk Assessment
Icon
Business Impact Analysis Concepts
Icon
Risk Procedures and Concepts
Icon
Risk Register
Icon
Qualitative/Quantitative Risk Analysis
Icon
Review Questions
Icon
Answers and Explanations
3
Implementing Security Policies and Procedures
Icon
Implementing Security Policies and Procedures
Icon
Industry-Standard Frameworks and Reference Architecture
Icon
Policies and User Guides
Icon
Implementing Data Security and Privacy Practices
Icon
Practical – Creating a Baseline
Icon
Review Questions
4
Delving into Identity and Access Management
Icon
Delving into Identity and Access Management
Icon
Understanding Identity and Access Management Concepts
Icon
Installing and Configuring Identity and Access Services
Icon
Learning About Identity and Access Management Controls
Icon
Common Account Management Practices
Icon
Practical Exercise – Password Policy
Icon
Review Questions
Icon
Answers and Explanations
5
Understanding Network Components
Icon
Understanding Network Components
Icon
OSI Reference Model (OSI)
Icon
Installing and Configuring Network Components
Icon
Security Information and Event Management
Icon
Secure Network Architecture Concepts
Icon
Implementing Secure Protocols Segregation/Segmentation/Isolation
Icon
Implementing Wireless Security
Icon
Wireless Bandwidth/Band Selection
Icon
Wireless Channels
Icon
Wireless Antenna Types - Signal Strength
Icon
Wireless Coverage
Icon
Wireless Encryption
Icon
Review Questions
Icon
Answers and Explanations
6
Understanding Cloud Models and Virtualization
Icon
Understanding Cloud Models and Virtualization
Icon
Cloud Computing
Icon
Implementing Different Cloud Deployment Models
Icon
Cloud Service Models
Icon
Disk Resiliency and Redundancy
Icon
Storage Area Network
Icon
Understanding Cloud Storage Concepts
Icon
Exploring Virtual Networks
Icon
Heating, Ventilation, and Air-Conditioning (HVAC)
Icon
Network Environments
Icon
Practical Exercise – Is the Cloud Cost-Effective?
Icon
Review Questions
Icon
Answers and Explanations
7
Managing Hosts and Application Deployment
Icon
Managing Hosts and Application Deployment
Icon
Deploying Mobile Devices Securely
Icon
Mobile Device Management Concepts
Icon
Device Management
Icon
Device Protection
Icon
Device Data
Icon
Mobile Device Enforcement and Monitoring
Icon
Industrial Control System
Icon
Mobile Devices – Security Implications of Embedded Systems
Icon
Special-Purpose Devices
Icon
Secure Application Development and Deployment Concepts
Icon
Development Life Cycle Models – Waterfall v Agile
Icon
DevOps
Icon
Server-Side v Client-Side Execution and Validation
Icon
Review Questions
Icon
Answers and Explanations
8
Protecting Against Attacks and Vulnerabilities
Icon
Protecting Against Attacks and Vulnerabilities
Icon
Virus and Malware Attacks
Icon
Social Engineering Attacks
Icon
Common Attacks
Icon
Programming Attacks
Icon
Hijacking Related Attacks
Icon
Driver Manipulation
Icon
Cryptographic Attacks
Icon
Password Attacks
Icon
Wireless Attacks
Icon
Penetration Testing
Icon
Vulnerability Scanning Concepts
Icon
Credentialed v Non-Credentialed scans
Icon
Penetration Testing v Vulnerability Scanning
Icon
Practical Exercise - Running a Credentialed Vulnerability Scanner
Icon
Review Questions
Icon
Answers and Explanations
9
Implementing the Public Key Infrastructure
chevron up
Icon
Implementing the Public Key Infrastructure
Icon
PKI Concepts
Icon
Asymmetric and Symmetric Encryption
Icon
Symmetric Algorithms
Icon
Asymmetric Algorithms
Icon
Symmetric v Asymmetric Analogy
Icon
Key Stretching Algorithms
Icon
Cipher Modes
Icon
Hashing and Data Integrity
Icon
Comparing and Contrasting the Basic Concepts of Cryptography
Icon
Basic Cryptographic Terminology
Icon
Common Use Cases for Cryptography
Icon
Practical Exercises
Icon
Review Questions
Icon
Answers and Explanations
10
Responding to Security Incidents
Icon
Responding to Security Incidents
Icon
Incident Response Procedures
Icon
Understanding the Basic Concepts of Forensics
Icon
Software Tools for Assessing the Security Posture of an Organization
Icon
Review Questions
Icon
Answers and Explanations
11
Managing Business Continuity
Icon
Managing Business Continuity
Icon
Implementing Secure Systems Design
Icon
Hardware/Firmware Security
Icon
The Importance of the Secure Staging Deployment Concepts
Icon
Troubleshooting Common Security Issues
Icon
Disaster Recovery and the Continuity of Operations Concepts
Icon
Review Questions
Icon
Answers and Explanations
12
Mock Exam 1
Icon
Mock Exam 1
13
Mock Exam 2
Icon
Mock Exam 2
14
Preparing for the CompTIA Security+ 501 Exam
Icon
Preparing for the CompTIA Security+ 501 Exam
Icon
Tips on Taking the Exam
Icon
Exam Preparation
Icon
Practical 1—Drag and Drop—Attacks
Icon
Practical 2—Drag and Drop—Certificates
Icon
Practical 3—Drag and Drop—Ports/Protocols
Icon
Practical 4—Drag and Drop—Authentication Factors
Icon
Practical 5—Drag and Drop—General
Icon
Drag and Drop—Answers
Icon
Linux Information
15
Acronyms
Icon
Acronyms
16
Assessment
Icon
Assessment
Icon
Mock Exam 1
Icon
Mock Exam 2
17
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Leave a review - let other readers know what you think

Answers and Explanations

  1. A CA has a root certificate, which it uses to sign keys.
  2. I would use a private CA for internal use only; these certificates will not be accepted outside of your organization.
  3. I would use a public CA for B2B activities.
  4. If you were a military, security, or banking organization, you would keep the CA offline when it is not being used to prevent it from being compromised.
  5. An architect would build the CA or intermediary authorities.
  6. The CA would sign the X509 certificates.
  7. Certificate pinning can be used to prevent a CA from being compromised and fraudulent certificates being issued.
  8. If two separate PKI entities want to set up a cross certification, the root CAs would set up a trust model between themselves, known as a bridge trust model.
  9. PGP uses a trust model known as a web of trust.
  10. A Certificate Revocation List (CRL) is used to determine whether a certificate...
Visually different images
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
CompTIA Security+ Certification Guide
End of Chapter 9
Next Chapter
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options
font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon