Book Image

CompTIA Security+: SY0-601 Certification Guide - Second Edition

By : Ian Neil

Book Image

CompTIA Security+: SY0-601 Certification Guide - Second Edition

By: Ian Neil

Overview of this book

The CompTIA Security+ certification validates the fundamental knowledge required to perform core security functions and pursue a career in IT security. Authored by Ian Neil, a world-class CompTIA certification trainer, this book is a best-in-class study guide that fully covers the CompTIA Security+ 601 exam objectives. Complete with chapter review questions, realistic mock exams, and worked solutions, this guide will help you master the core concepts to pass the exam the first time you take it. With the help of relevant examples, you'll learn fundamental security concepts from certificates and encryption to identity and access management (IAM). As you progress, you'll delve into the important domains of the exam, including cloud security, threats, attacks and vulnerabilities, technologies and tools, architecture and design, risk management, cryptography, and public key infrastructure (PKI). You can access extra practice materials, including flashcards, performance-based questions, practical labs, mock exams, key terms glossary, and exam tips on the author's website at securityplus.training. By the end of this Security+ book, you'll have gained the knowledge and understanding to take the CompTIA exam with confidence.

Preface

Who this book is for

What this book covers

To get the most out of this book

Additional online resources

Download the color images

Conventions used

Objectives for the CompTIA Security+ 601 exam

Objectives for the CompTIA Security+ 601 exam

Exam Objectives (Domains)

Free Chapter

Section 1: Security Aims and Objectives

Section 1: Security Aims and Objectives

Chapter 1: Understanding Security Fundamentals

Chapter 1: Understanding Security Fundamentals

Security Fundamentals

Comparing Control Types

Physical Security Controls

Understanding Digital Forensics

Review Questions

Chapter 2: Implementing Public Key Infrastructure

Chapter 2: Implementing Public Key Infrastructure

Asymmetric and Symmetric Encryption

Key Stretching Algorithms

Salting Passwords

Quantum Computing

Blockchain and the Public Ledger

Hashing and Data Integrity

Comparing and Contrasting the Basic Concepts of Cryptography

Basic Cryptographic Terminologies

Common Use Cases for Cryptography

Practical Exercises

Review Questions

Chapter 3: Investigating Identity and Access Management

Chapter 3: Investigating Identity and Access Management

Understanding Identity and Access Management Concepts

Authentication Types

Implementing Authentication and Authorization Solutions

Summarizing Authentication and Authorization Design Concepts

Cloud versus On-Premises Authentication

Common Account Management Policies

Practical Exercise – Password Policy

Review Questions

Chapter 4: Exploring Virtualization and Cloud Concepts

Chapter 4: Exploring Virtualization and Cloud Concepts

Overview of Cloud Computing

Implementing Different Cloud Deployment Models

Understanding Cloud Service Models

Understanding Cloud Computing Concepts

Understanding Cloud Storage Concepts

Selecting Cloud Security Controls

Exploring the Virtual Network Environments

Review Questions

Section 2: Monitoring the Security Infrastructure

Section 2: Monitoring the Security Infrastructure

Chapter 5: Monitoring, Scanning, and Penetration Testing

Chapter 5: Monitoring, Scanning, and Penetration Testing

Penetration Testing Concepts

Passive and Active Reconnaissance

Vulnerability Scanning Concepts

Syslog/Security Information and Event Management

Security Orchestration, Automation, and Response

Review Questions

Chapter 6: Understanding Secure and Insecure Protocols

Chapter 6: Understanding Secure and Insecure Protocols

Introduction to Protocols

Insecure Protocols and Their Use Cases

Secure Protocols and Their Use Cases

Additional Use Cases and Their Protocols

Review Questions

Chapter 7: Delving into Network and Security Concepts

Chapter 7: Delving into Network and Security Concepts

Installing and Configuring Network Components

Remote Access Capabilities

Secure Network Architecture Concepts

Network Reconnaissance and Discovery

Review Questions

Chapter 8: Securing Wireless and Mobile Solutions

Chapter 8: Securing Wireless and Mobile Solutions

Implementing Wireless Security

Wireless Access Point Controllers

Deploying Mobile Devices Securely

Mobile Device Connection Methods

Review Questions

Section 3: Protecting the Security Environment

Section 3: Protecting the Security Environment

Chapter 9: Identifying Threats, Attacks, and Vulnerabilities

Chapter 9: Identifying Threats, Attacks, and Vulnerabilities

Virus and Malware Attacks

Social Engineering Attacks

Advanced Attacks

Review Questions

Chapter 10: Governance, Risk, and Compliance

Chapter 10: Governance, Risk, and Compliance

Risk Management Processes and Concepts

Threat Actors, Vectors, and Intelligence Concepts

The Importance of Policies for Organizational Security

Regulations, Standards, and Legislation

Privacy and Sensitive Data Concepts

Review Questions

Chapter 11: Managing Application Security

Chapter 11: Managing Application Security

Implementing Host or Application Security

Understanding the Security Implications of Embedded and Specialist Systems

Understanding Secure Application Development, Deployment, and Automation

Review Questions

Chapter 12: Dealing with Incident Response Procedures

Chapter 12: Dealing with Incident Response Procedures

Incident Response Procedures

Utilizing Data Sources to Support Investigations

Knowing How to Apply Mitigation Techniques or Controls to Secure an Environment

Implementing Cybersecurity Resilience

Review Questions

Section 4: Mock Tests

Section 4: Mock Tests

Chapter 13: Mock Exam 1

Chapter 13: Mock Exam 1

Mock Exam 1 Solutions

Mock Exam 1 Solutions

Chapter 14: Mock Exam 2

Chapter 14: Mock Exam 2

Mock Exam 2 Solutions

Mock Exam 2 Solutions

Chapter Review Solutions

Chapter 1 – Understanding Security Fundamentals

Chapter 2 – Implementing Public Key Infrastructure

Chapter 3 – Investigating Identity and Access Management

Chapter 4 – Exploring Virtualization and Cloud Concepts

Chapter 5 – Monitoring, Scanning, and Penetration Testing

Chapter 6 – Understanding Secure and Insecure Protocols

Chapter 7 – Delving into Network and Security Concepts

Chapter 8 – Securing Wireless and Mobile Solutions

Chapter 9 – Identifying Threats, Attacks, and Vulnerabilities

Chapter 10 – Governance, Risk, and Compliance

Chapter 11 – Managing Application Security

Chapter 12 – Dealing with Incident Response Procedures

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Coupon Code For 12% Off on CompTIA Security+ Exam Vouchers

Coupon Code For 18% off on CompTIA Security+ Labs

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Mock Exam 1 Solutions

Answer: c
Concept: A self-signed certificate is the cheapest certificate for internally-facing servers.
Wrong Answers:
a. A Wildcard would be the cheapest certificate for public-facing servers.
b. A domain certificate proves who the owner is of a domain name.
d. A SAN certificate is used for multiple domain names rather than multiple servers from the same domain.
Answers: b, c
Concept: The two-hour period is the RPO, after which time your company cannot operate effectively without its systems. The event that must happen before this two-hour period is the RTO, when your systems are back to an operational state.
Wrong Answers:
a. The RTO is the time that a system returns to operational state and not the two-hour period that is known as the RPO
d. The system that must be back up to an operational state is known as the RTO, not the RPO.
Answer: b
Concept: A watering hole attack uses a well-known and trusted website as its attack vector.
Wrong Answers:
a. In...