CompTIA Security+ All-in-One Exam Guide, Sixth Edition (Exam SY0-601)), 6th Edition

CompTIA Security+ All-in-One Exam Guide, Sixth Edition (Exam SY0-601)), 6th Edition

by Wm. Arthur Conklin, Greg White, Dwayne Williams, Roger L. Davis, Chuck Cothren
Released April 2021
Publisher(s): McGraw-Hill
ISBN: 9781260464016

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.

This fully updated study guide covers every topic on the current version of the CompTIA Security+ exam

Take the latest version of the CompTIA Security+ exam with complete confidence using the detailed information contained in this highly effective self-study system. Written by two leading information security experts, this authoritative guide addresses the skills required for securing a network and managing risk and enables you to become CompTIA certified.

CompTIA Security+ All-in-One Exam Guide, Sixth Edition (Exam SY0-601) covers all exam domains and features 200 accurate practice questions. To aid in study, the book features learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. All questions mirror those on the live exam in tone, format, and content. Beyond fully preparing you for the challenging exam, the book also serves as a valuable on-the-job reference for IT professionals.

  • Provides 100% coverage of every objective on exam SY0-601
  • Online content includes performance-based question simulations and 200 multiple-choice practice questions
  • Written by a team of experienced IT security educators

Table of contents

  1. Cover
  2. Title Page
  3. Copyright Page
  4. Dedication
  5. About the Authors
  6. Contents
  7. Preface
  8. Acknowledgments
  9. Introduction
  10. Objective Map: Exam SY0-601
  11. Part I Threats, Attacks, and Vulnerabilities
    1. Chapter 1 Social Engineering Techniques
      1. Social Engineering Methods
        1. Tools
      2. Phishing
      3. Smishing
      4. Vishing
      5. Spam
      6. Spam over Instant Messaging (SPIM)
      7. Spear Phishing
      8. Dumpster Diving
      9. Shoulder Surfing
      10. Pharming
      11. Tailgating
      12. Eliciting Information
      13. Whaling
      14. Prepending
      15. Identity Fraud
      16. Invoice Scams
      17. Credential Harvesting
      18. Reconnaissance
      19. Hoax
      20. Impersonation
        1. Third-Party Authorization
        2. Contractors/Outside Parties
        3. Online Attacks
        4. Defenses
      21. Watering Hole Attack
      22. Typosquatting
      23. Pretexting
      24. Influence Campaigns
      25. Principles (Reasons for Effectiveness)
        1. Authority
        2. Intimidation
        3. Consensus
        4. Scarcity
        5. Familiarity
        6. Trust
        7. Urgency
      26. Defenses
      27. Chapter Review
        1. Questions
        2. Answers
    2. Chapter 2 Type of Attack Indicators
      1. Malware
        1. Ransomware
        2. Trojans
        3. Worms
        4. Potentially Unwanted Programs
        5. Fileless Viruses
        6. Command and Control
        7. Bots
        8. Crypto-malware
        9. Logic Bombs
        10. Spyware
        11. Keyloggers
        12. Remote-Access Trojans (RATs)
        13. Rootkit
        14. Backdoors
      2. Password Attacks
        1. Spraying
        2. Dictionary
        3. Brute Force
        4. Rainbow Tables
        5. Plaintext/Unencrypted
      3. Physical Attacks
        1. Malicious Universal Serial Bus (USB) Cable
        2. Malicious Flash Drives
        3. Card Cloning
        4. Skimming
      4. Adversarial Artificial Intelligence (AI)
        1. Tainted Training Data for Machine Learning (ML)
        2. Security of Machine Learning Algorithms
      5. Supply-Chain Attacks
      6. Cloud-Based vs. On-Premises Attacks
      7. Cryptographic Attacks
        1. Birthday
        2. Collision
        3. Downgrade
      8. Chapter Review
        1. Questions
        2. Answers
    3. Chapter 3 Application Attack Indicators
      1. Privilege Escalation
      2. Cross-Site Scripting
      3. Injection Attacks
        1. Structured Query Language (SQL)
        2. Dynamic-Link Library (DLL)
        3. Lightweight Directory Access Protocol (LDAP)
        4. Extensible Markup Language (XML)
      4. Pointer/Object Dereference
      5. Directory Traversal
      6. Buffer Overflow
      7. Race Condition
        1. Time of Check/Time of Use
      8. Improper Error Handling
      9. Improper Input Handling
      10. Replay Attacks
        1. Session Replay
      11. Integer Overflow
      12. Request Forgery
        1. Server-Side Request Forgery
        2. Cross-Site Request Forgery
      13. Application Programming Interface (API) Attacks
      14. Resource Exhaustion
      15. Memory Leak
      16. Secure Sockets Layer (SSL) Stripping
      17. Driver Manipulation
        1. Shimming
        2. Refactoring
      18. Pass the Hash
      19. Chapter Review
        1. Questions
        2. Answers
    4. Chapter 4 Network Attack Indicators
      1. Wireless
        1. Evil Twin
        2. Rogue Access Point
        3. Bluesnarfing
        4. Bluejacking
        5. Disassociation
        6. Jamming
        7. Radio Frequency Identification (RFID)
        8. Near Field Communication (NFC)
        9. Initialization Vector (IV)
      2. On-path Attack
      3. Layer 2 Attacks
        1. Address Resolution Protocol (ARP) Poisoning
        2. Media Access Control (MAC) Flooding
        3. MAC Cloning
      4. Domain Name System (DNS)
        1. Domain Hijacking
        2. DNS Poisoning
        3. Universal Resource Locator (URL) Redirection
        4. Domain Reputation
      5. Distributed Denial-of-Service (DDoS)
        1. Network
        2. Application
        3. Operational Technology (OT)
      6. Malicious Code and Script Execution
        1. PowerShell
        2. Python
        3. Bash
        4. Macros
        5. Visual Basic for Applications (VBA)
      7. Chapter Review
        1. Questions
        2. Answers
    5. Chapter 5 Threat Actors, Vectors, and Intelligence Sources
      1. Actors and Threats
        1. Advanced Persistent Threats (APTs)
        2. Insider Threats
        3. State Actors
        4. Hacktivists
        5. Script Kiddies
        6. Criminal Syndicates
        7. Hackers
        8. Shadow IT
        9. Competitors
      2. Attributes of Actors
        1. Internal/External
        2. Level of Sophistication/Capability
        3. Resources/Funding
        4. Intent/Motivation
      3. Vectors
        1. Direct Access
        2. Wireless
        3. E-mail
        4. Supply Chain
        5. Social Media
        6. Removable Media
        7. Cloud
      4. Threat Intelligence Sources
        1. Open Source Intelligence (OSINT)
        2. Closed/Proprietary
        3. Vulnerability Databases
        4. Public/Private Information Sharing Centers
        5. Dark Web
        6. Indicators of Compromise
        7. Automated Indicator Sharing (AIS)
        8. Structured Threat Information Expression (STIX) / Trusted Automated Exchange of Intelligence Information (TAXII)
        9. Predictive Analysis
        10. Threat Maps
        11. File/Code Repositories
      5. Research Sources
        1. Vendor Websites
        2. Vulnerability Feeds
        3. Conferences
        4. Academic Journals
        5. Requests for Comment (RFCs)
        6. Local Industry Groups
        7. Social Media
        8. Threat Feeds
        9. Adversary Tactics, Techniques, and Procedures (TTPs)
      6. Chapter Review
        1. Questions
        2. Answers
    6. Chapter 6 Vulnerabilities
      1. Cloud-based vs. On-premises Vulnerabilities
      2. Zero Day
      3. Weak Configurations
        1. Open Permissions
        2. Unsecure Root Accounts
        3. Errors
        4. Weak Encryption
        5. Unsecure Protocols
        6. Default Settings
        7. Open Ports and Services
      4. Third-Party Risks
        1. Vendor Management
        2. Supply Chain
        3. Outsourced Code Development
        4. Data Storage
      5. Improper or Weak Patch Management
        1. Firmware
        2. Operating System (OS)
        3. Applications
      6. Legacy Platforms
      7. Impacts
        1. Data Loss
        2. Data Breaches
        3. Data Exfiltration
        4. Identity Theft
        5. Financial
        6. Reputation
        7. Availability Loss
      8. Chapter Review
        1. Questions
        2. Answers
    7. Chapter 7 Security Assessments
      1. Threat Hunting
        1. Intelligence Fusion
        2. Threat Feeds
        3. Advisories and Bulletins
        4. Maneuver
      2. Vulnerability Scans
        1. False Positives
        2. False Negatives
        3. Log Reviews
        4. Credentialed vs. Non-Credentialed
        5. Intrusive vs. Non-Intrusive
        6. Application
        7. Web Application
        8. Network
        9. Common Vulnerabilities and Exposures (CVE)/Common Vulnerability Scoring System (CVSS)
        10. Configuration Review
      3. Syslog/Security Information and Event Management (SIEM)
        1. Review Reports
        2. Packet Capture
        3. Data Inputs
        4. User Behavior Analysis
        5. Sentiment Analysis
        6. Security Monitoring
        7. Log Aggregation
        8. Log Collectors
      4. Security Orchestration, Automation, and Response (SOAR)
      5. Chapter Review
        1. Questions
        2. Answers
    8. Chapter 8 Penetration Testing
      1. Penetration Testing
        1. Known Environment
        2. Unknown Environment
        3. Partially Known Environment
        4. Rules of Engagement
        5. Lateral Movement
        6. Privilege Escalation
        7. Persistence
        8. Cleanup
        9. Bug Bounty
        10. Pivoting
      2. Passive and Active Reconnaissance
        1. Drones
        2. War Flying
        3. War Driving
        4. Footprinting
        5. OSINT
      3. Exercise Types
        1. Red Team
        2. Blue Team
        3. White Team
        4. Purple Team
      4. Chapter Review
        1. Questions
        2. Answers
  12. Part II Architecture and Design
    1. Chapter 9 Enterprise Security Architecture
      1. Configuration Management
        1. Diagrams
        2. Baseline Configuration
        3. Standard Naming Conventions
        4. Internet Protocol (IP) Schema
      2. Data Sovereignty
      3. Data Protection
        1. Data Loss Prevention (DLP)
        2. Masking
        3. Encryption
        4. At Rest
        5. In Transit/Motion
        6. In Processing
        7. Tokenization
        8. Rights Management
      4. Geographical Considerations
      5. Response and Recovery Controls
      6. Secure Sockets Layer (SSL)/Transport Layer Security (TLS) Inspection
      7. Hashing
      8. API Considerations
      9. Site Resiliency
        1. Hot Sites
        2. Warm Sites
        3. Cold Sites
      10. Deception and Disruption
        1. Honeypots
        2. Honeyfiles
        3. Honeynets
        4. Fake Telemetry
        5. DNS Sinkhole
      11. Chapter Review
        1. Questions
        2. Answers
    2. Chapter 10 Virtualization and Cloud Security
      1. Cloud Models
        1. Infrastructure as a Service (IaaS)
        2. Platform as a Service (PaaS)
        3. Software as a Service (SaaS)
        4. Anything as a Service (XaaS)
        5. Level of Control in the Hosting Models
        6. Public
        7. Community
        8. Private
        9. Hybrid
      2. Cloud Service Providers
      3. Managed Service Provider (MSP) / Managed Security Service Provider (MSSP)
      4. On-Premises vs. Off-Premises
      5. Fog Computing
      6. Edge Computing
      7. Thin Client
      8. Containers
      9. Microservices/API
      10. Infrastructure as Code
        1. Software-Defined Networking (SDN)
        2. Software-Defined Visibility (SDV)
      11. Serverless Architecture
      12. Services Integration
      13. Resource Policies
      14. Transit Gateway
      15. Virtualization
        1. Type I
        2. Type II
        3. Virtual Machine (VM) Sprawl Avoidance
        4. VM Escape Protection
      16. Chapter Review
        1. Questions
        2. Answers
    3. Chapter 11 Secure Application Development, Deployment, and Automation Concepts
      1. Environment
        1. Development
        2. Test
        3. Staging
        4. Production
        5. Quality Assurance (QA)
      2. Provisioning and Deprovisioning
      3. Integrity Measurement
      4. Secure Coding Techniques
        1. Normalization
        2. Stored Procedures
        3. Obfuscation/Camouflage
        4. Code Reuse and Dead Code
        5. Server-Side vs. Client-Side Execution and Validation
        6. Memory Management
        7. Use of Third-Party Libraries and Software Development Kits (SDKs)
        8. Data Exposure
      5. Open Web Application Security Project (OWASP)
      6. Software Diversity
        1. Compilers
        2. Binaries
      7. Automation/Scripting
        1. Automated Courses of Action
        2. Continuous Monitoring
        3. Continuous Validation
        4. Continuous Integration
        5. Continuous Delivery
        6. Continuous Deployment
      8. Elasticity
      9. Scalability
      10. Version Control
      11. Chapter Review
        1. Questions
        2. Answers
    4. Chapter 12 Authentication and Authorization
      1. Authentication Methods
        1. Directory Services
        2. Federation
        3. Attestation
        4. Technologies
        5. Smart Card Authentication
      2. Biometrics
        1. Fingerprint
        2. Retina
        3. Iris
        4. Facial
        5. Voice
        6. Vein
        7. Gait Analysis
        8. Efficacy Rates
        9. False Acceptance
        10. False Rejection
        11. Crossover Error Rate
      3. Multifactor Authentication (MFA) Factors and Attributes
        1. Factors
        2. Attributes
      4. Authentication, Authorization, and Accounting (AAA)
      5. Cloud vs. On-premises Requirements
      6. Chapter Review
        1. Questions
        2. Answers
    5. Chapter 13 Cybersecurity Resilience
      1. Redundancy
        1. Geographic Dispersal
        2. Disk
        3. Network
        4. Power
      2. Replication
        1. Storage Area Network (SAN)
        2. VM
      3. On-premises vs. Cloud
      4. Backup Types
        1. Full
        2. Incremental
        3. Snapshot
        4. Differential
        5. Tape
        6. Disk
        7. Copy
        8. Network Attached Storage (NAS)
        9. Storage Area Network (SAN)
        10. Cloud
        11. Image
        12. Online vs. Offline
        13. Distance Considerations
      5. Nonpersistence
        1. Revert to Known State
        2. Last Known-Good Configuration
        3. Live Boot Media
      6. High Availability
        1. Scalability
      7. Restoration Order
      8. Diversity
        1. Technologies
        2. Vendors
        3. Crypto
        4. Controls
      9. Chapter Review
        1. Questions
        2. Answers
    6. Chapter 14 Embedded and Specialized Systems
      1. Embedded Systems
        1. Raspberry Pi
        2. Field Programmable Gate Arrays (FPGAs)
        3. Arduino
      2. Supervisory Control and Data Acquisition (SCADA) / Industrial Control System (ICS)
        1. Facilities
        2. Industrial
        3. Manufacturing
        4. Energy
        5. Logistics
      3. Internet of Things (IoT)
        1. Sensors
        2. Smart Devices
        3. Wearables
        4. Facility Automation
        5. Weak Defaults
      4. Specialized Systems
        1. Medical Systems
        2. Vehicle Systems
        3. Aircraft Systems
        4. Smart Meters
      5. Voice over IP (VoIP)
      6. Heating, Ventilation, Air Conditioning (HVAC)
      7. Drones
      8. Multifunction Printers (MFPs)
      9. Real-time Operating Systems (RTOSs)
      10. Surveillance Systems
      11. System on a Chip (SoC)
      12. Communication Considerations
        1. 5G
        2. Narrow-Band Radio
        3. Baseband Radio
        4. Subscriber Identity Module (SIM) Cards
        5. Zigbee
      13. Constraints
        1. Power
        2. Compute
        3. Network
        4. Cryptographic Functions
        5. Inability to Patch
        6. Authentication
        7. Range
        8. Cost
        9. Implied Trust
      14. Chapter Review
        1. Questions
        2. Answers
    7. Chapter 15 Physical Security Controls
      1. Bollards/Barricades
      2. Access Control Vestibules
      3. Badges
      4. Alarms
      5. Signage
      6. Cameras
        1. Motion Recognition
        2. Object Detection
      7. Closed-Circuit Television (CCTV)
      8. Industrial Camouflage
      9. Personnel
        1. Guards
        2. Robot Sentries
        3. Reception
        4. Two-Person Integrity/Control
      10. Locks
        1. Biometrics
        2. Electronic
        3. Physical
        4. Cable Locks
      11. USB Data Blocker
      12. Lighting
      13. Fencing
      14. Fire Suppression
      15. Sensors
        1. Motion Detection
        2. Noise Detection
        3. Proximity Reader
        4. Moisture Detection
        5. Cards
        6. Temperature
      16. Drones
      17. Visitor Logs
      18. Faraday Cages
      19. Air Gap
      20. Screened Subnet
      21. Protected Cable Distribution
      22. Secure Areas
        1. Air Gap
        2. Vault
        3. Safe
        4. Hot and Cold Aisles
      23. Secure Data Destruction
        1. Burning
        2. Shredding
        3. Pulping
        4. Pulverizing
        5. Degaussing
        6. Purging
        7. Third-Party Solutions
      24. Chapter Review
        1. Questions
        2. Answers
    8. Chapter 16 Cryptographic Concepts
      1. General Cryptographic Concepts
        1. Fundamental Methods
      2. Digital Signatures
      3. Key Length
      4. Key Stretching
      5. Salting
      6. Hashing
      7. Key Exchange
      8. Elliptic Curve Cryptography
      9. Perfect Forward Secrecy
      10. Quantum Cryptography
      11. Post-Quantum Era
      12. Ephemeral Keys
      13. Modes of Operation
        1. Authenticated
      14. Counter
        1. Unauthenticated
      15. Blockchain
      16. Cipher Suites
        1. Block
        2. Stream
      17. Symmetric vs. Asymmetric
      18. Lightweight Cryptography
      19. Steganography
      20. Homomorphic Encryption
      21. Common Use Cases
        1. Low-Power Devices
        2. Low-Latency Operations
        3. High-Resiliency Systems
        4. Support for Confidentiality
        5. Support for Integrity
        6. Support for Obfuscation
        7. Supporting Authentication
        8. Support for Nonrepudiation
      22. Limitations
        1. Speed
        2. Size
        3. Weak Keys
        4. Time
        5. Longevity
        6. Predictability
        7. Reuse
        8. Entropy
        9. Computational Overhead
        10. Resource vs. Security Constraints
        11. Weak/Deprecated Algorithms
      23. Chapter Review
        1. Questions
        2. Answers
  13. Part III Implementation
    1. Chapter 17 Secure Protocols
      1. Protocols
        1. Domain Name System Security Extensions (DNSSEC)
        2. SSH
        3. Secure/Multipurpose Internet Mail Extensions (S/MIME)
        4. Secure Real-time Transport Protocol (SRTP)
        5. Lightweight Directory Access Protocol over SSL (LDAPS)
        6. File Transfer Protocol, Secure (FTPS)
        7. SSH File Transfer Protocol (SFTP)
        8. Simple Network Management Protocol, Version 3 (SNMPv3)
        9. Hypertext Transfer Protocol over SSL/TLS (HTTPS)
        10. IPSec
        11. Post Office Protocol (POP) / Internet Message Access Protocol (IMAP)
      2. Use Cases
        1. Voice and Video
        2. Time Synchronization
        3. E-mail and Web
        4. File Transfer
        5. Directory Services
        6. Remote Access
        7. Domain Name Resolution
        8. Routing and Switching
        9. Network Address Allocation
        10. Subscription Services
      3. Chapter Review
        1. Questions
        2. Answers
    2. Chapter 18 Host and Application Security
      1. Endpoint Protection
        1. Antivirus
        2. Anti-Malware
        3. Endpoint Detection and Response (EDR)
        4. DLP
        5. Next-Generation Firewall (NGFW)
        6. Host-based Intrusion Detection System (HIDS)
        7. Host-based Intrusion Prevention System (HIPS)
        8. Host-based Firewall
      2. Boot Integrity
        1. Boot Security/Unified Extensible Firmware Interface (UEFI)
        2. Measured Boot
        3. Boot Attestation
      3. Database
        1. Tokenization
        2. Salting
        3. Hashing
      4. Application Security
        1. Input Validations
        2. Secure Cookies
        3. Hypertext Transfer Protocol (HTTP) Headers
        4. Code Signing
        5. Allow List
        6. Block List/Deny List
        7. Secure Coding Practices
        8. Static Code Analysis
        9. Dynamic Code Analysis
        10. Fuzzing
      5. Hardening
        1. Open Ports and Services
        2. Registry
        3. Disk Encryption
        4. OS
        5. Patch Management
        6. Third-Party Updates
        7. Auto-Update
      6. Self-Encrypting Drive (SED)/Full Disk Encryption (FDE)
        1. Opal
      7. Hardware Root of Trust
      8. Trusted Platform Module (TPM)
      9. Sandboxing
      10. Chapter Review
        1. Questions
        2. Answers
    3. Chapter 19 Secure Network Design
      1. Load Balancing
        1. Active/Active
        2. Active/Passive
        3. Scheduling
        4. Virtual IP
        5. Persistence
      2. Network Segmentation
        1. Virtual Local Area Network (VLAN)
        2. Screened Subnet (Previously Known as Demilitarized Zone)
        3. East-West Traffic
        4. Extranet
        5. Intranet
        6. Zero Trust
      3. Virtual Private Network (VPN)
        1. Always On
        2. Split Tunnel vs. Full Tunnel
        3. Remote Access vs. Site-to-Site
        4. IPSec
        5. SSL/TLS
        6. HTML5
        7. Layer 2 Tunneling Protocol (L2TP)
      4. DNS
      5. Network Access Control (NAC)
        1. Agent and Agentless
      6. Out-of-Band Management
      7. Port Security
        1. Broadcast Storm Prevention
        2. Bridge Protocol Data Unit (BPDU) Guard
        3. Loop Prevention
        4. Dynamic Host Configuration Protocol (DHCP) Snooping
        5. Media Access Control (MAC) Filtering
      8. Network Appliances
        1. Jump Servers
        2. Proxy Servers
        3. Network-based Intrusion Detection System (NIDS)/Network-based Intrusion Prevention System (NIPS)
        4. HSM
        5. Sensors
        6. Collectors
        7. Aggregators
        8. Firewalls
      9. Access Control List (ACL)
      10. Route Security
      11. Quality of Service (QoS)
      12. Implications of IPv6
      13. Port Spanning/Port Mirroring
        1. Port Taps
      14. Monitoring Services
      15. File Integrity Monitors
      16. Chapter Review
        1. Questions
        2. Answers
    4. Chapter 20 Wireless Security
      1. Cryptographic Protocols
        1. Wi-Fi Protected Access 2 (WPA2)
        2. Wi-Fi Protected Access 3 (WPA3)
        3. Counter Mode/CBC-MAC Protocol (CCMP)
        4. Simultaneous Authentication of Equals (SAE)
      2. Authentication Protocols
        1. Extensible Authentication Protocol (EAP)
        2. Protected Extensible Authentication Protocol (PEAP)
        3. EAP-FAST
        4. EAP-TLS
        5. EAP-TTLS
        6. IEEE 802.1X
        7. Remote Authentication Dial-in User Service (RADIUS) Federation
      3. Methods
        1. Pre-shared Key (PSK) vs. Enterprise vs. Open
        2. Wi-Fi Protected Setup (WPS)
        3. Captive Portals
      4. Installation Considerations
        1. Site Surveys
        2. Heat Maps
        3. Wi-Fi Analyzers
        4. Channel Overlays
        5. Wireless Access Point (WAP) Placement
        6. Controller and Access Point Security
      5. Chapter Review
        1. Questions
        2. Answers
    5. Chapter 21 Secure Mobile Solutions
      1. Connection Methods and Receivers
        1. Cellular
        2. Wi-Fi
        3. Bluetooth
        4. NFC
        5. Infrared
        6. USB
        7. Point-to-Point
        8. Point-to-Multipoint
        9. Global Positioning System (GPS)
        10. RFID
      2. Mobile Device Management (MDM)
        1. Application Management
        2. Content Management
        3. Remote Wipe
        4. Geofencing
        5. Geolocation
        6. Screen Locks
        7. Push Notification Services
        8. Passwords and PINs
        9. Biometrics
        10. Context-Aware Authentication
        11. Containerization
        12. Storage Segmentation
        13. Full Device Encryption
      3. Mobile Devices
        1. MicroSD Hardware Security Module (HSM)
        2. MDM/Unified Endpoint Management (UEM)
        3. Mobile Application Management (MAM)
        4. SEAndroid
      4. Enforcement and Monitoring
        1. Third-Party Application Stores
        2. Rooting/Jailbreaking
        3. Sideloading
        4. Custom Firmware
        5. Carrier Unlocking
        6. Firmware OTA Updates
        7. Camera Use
        8. SMS/Multimedia Message Service (MMS)/Rich Communication Services (RCS)
        9. External Media
        10. USB On-The-Go (USB OTG)
        11. Recording Microphone
        12. GPS Tagging
        13. Wi-Fi Direct/Ad Hoc
        14. Tethering
        15. Hotspot
        16. Payment Methods
      5. Deployment Models
        1. Bring Your Own Device (BYOD)
        2. Corporate-Owned, Personally Enabled (COPE)
        3. Choose Your Own Device (CYOD)
        4. Corporate-Owned
        5. Virtual Desktop Infrastructure (VDI)
      6. Chapter Review
        1. Questions
        2. Answers
    6. Chapter 22 Implementing Cloud Security
      1. Cloud Security Controls
        1. High Availability Across Zones
        2. Resource Policies
        3. Secrets Management
        4. Integration and Auditing
        5. Storage
        6. Network
        7. Compute
      2. Solutions
        1. CASB
        2. Application Security
        3. Next-Generation Secure Web Gateway (SWG)
        4. Firewall Considerations in a Cloud Environment
      3. Cloud-Native Controls vs. Third-Party Solutions
      4. Chapter Review
        1. Questions
        2. Answers
    7. Chapter 23 Identity and Account Management Controls
      1. Identity
        1. Identity Provider (IdP)
        2. Attributes
        3. Certificates
        4. Tokens
        5. SSH Keys
        6. Smart Cards
      2. Account Types
        1. User Account
        2. Shared and Generic Accounts/Credentials
        3. Guest Accounts
        4. Service Accounts
      3. Account Policies
        1. Password Complexity
        2. Password History
        3. Password Reuse
        4. Time of Day
        5. Network Location
        6. Geofencing
        7. Geotagging
        8. Geolocation
        9. Time-based Logins
        10. Access Policies
        11. Account Permissions
        12. Account Audits
        13. Impossible Travel Time/Risky Login
        14. Lockout
        15. Disablement
      4. Chapter Review
        1. Questions
        2. Answers
    8. Chapter 24 Implement Authentication and Authorization
      1. Authentication Management
        1. Password Keys
        2. Password Vaults
        3. TPM
        4. HSM
        5. Knowledge-based Authentication
      2. Authentication
        1. EAP
        2. Challenge-Handshake Authentication Protocol (CHAP)
        3. Password Authentication Protocol (PAP)
        4. 802.1X
        5. RADIUS
        6. Single Sign-On (SSO)
        7. Security Assertion Markup Language (SAML)
        8. Terminal Access Controller Access Control System Plus (TACACS+)
        9. OAuth
        10. OpenID
        11. Kerberos
      3. Access Control Schemes
        1. Attribute-Based Access Control (ABAC)
        2. Role-Based Access Control
        3. Rule-Based Access Control
        4. MAC
        5. Discretionary Access Control (DAC)
        6. Conditional Access
        7. Privileged Access Management
        8. File System Permissions
      4. Chapter Review
        1. Questions
        2. Answers
    9. Chapter 25 Public Key Infrastructure
      1. Public Key Infrastructure (PKI)
        1. Key Management
        2. Certificate Authority (CA)
        3. Intermediate CA
        4. Registration Authority (RA)
        5. Certificate Revocation List (CRL)
        6. Certificate Attributes
        7. Online Certificate Status Protocol (OCSP)
        8. Certificate Signing Request (CSR)
        9. CN
        10. Subject Alternative Name (SAN)
        11. Expiration
      2. Types of Certificates
        1. Wildcard Certificates
        2. Subject Alternative NameSAN
        3. Code-Signing Certificates
        4. Self-Signed Certificates
        5. Machine/Computer
        6. E-mail
        7. User
        8. Root
        9. Domain Validation
        10. Extended Validation
      3. Certificate Formats
        1. KEY
        2. Distinguished Encoding Rules (DER)
        3. Privacy-Enhanced Mail (PEM)
        4. Personal Information Exchange (PFX)
        5. CER
        6. P12
        7. P7B
      4. Concepts
        1. Online vs. Offline CA
        2. Stapling
        3. Pinning
        4. Trust Model
        5. Key Escrow
        6. Certificate Chaining
      5. Chapter Review
        1. Questions
        2. Answers
  14. Part IV Operations and Incident Response
    1. Chapter 26 Tools/Assess Organizational Security
      1. Network Reconnaissance and Discovery
        1. tracert/traceroute
        2. nslookup/dig
        3. ipconfig/ifconfig
        4. nmap
        5. ping/pathping
        6. hping
        7. netstat
        8. netcat
        9. IP Scanners
        10. arp
        11. route
        12. curl
        13. theHarvester
        14. sn1per
        15. scanless
        16. dnsenum
        17. Nessus
        18. Cuckoo
      2. File Manipulation
        1. head
        2. tail
        3. cat
        4. grep
        5. chmod
        6. logger
      3. Shell and Script Environments
        1. SSH
        2. PowerShell
        3. Python
        4. OpenSSL
      4. Packet Capture and Replay
        1. Tcpreplay
        2. Tcpdump
        3. Wireshark
      5. Forensics
        1. dd
        2. memdump
        3. WinHex
        4. FTK Imager
        5. Autopsy
      6. Exploitation Frameworks
      7. Password Crackers
      8. Data Sanitization
      9. Chapter Review
        1. Questions
        2. Answers
    2. Chapter 27 Incident Response Policies, Processes, and Procedures
      1. Incident Response Plans
      2. Incident Response Process
        1. Preparation
        2. Identification
        3. Containment
        4. Eradication
        5. Recovery
        6. Lessons Learned
      3. Exercises
        1. Tabletop
        2. Walkthroughs
        3. Simulations
      4. Attack Frameworks
        1. MITRE ATT&CK
        2. The Diamond Model of Intrusion Analysis
        3. Cyber Kill Chain
      5. Stakeholder Management
      6. Communication Plan
      7. Disaster Recovery Plan
      8. Business Continuity Plan
      9. Continuity of Operation Planning (COOP)
      10. Incident Response Team
      11. Retention Policies
      12. Chapter Review
        1. Questions
        2. Answers
    3. Chapter 28 Investigations
      1. Vulnerability Scan Output
      2. SIEM Dashboards
        1. Sensor
        2. Sensitivity
        3. Trends
        4. Alerts
        5. Correlation
      3. Log Files
        1. Network
        2. System
        3. Application
        4. Security
        5. Web
        6. DNS
        7. Authentication
        8. Dump Files
        9. VoIP and Call Managers
        10. Session Initiation Protocol (SIP) Traffic
      4. Syslog/Rsyslog/Syslog-ng
      5. Journalctl
      6. NXLog
      7. Bandwidth Monitors
      8. Metadata
        1. E-Mail
        2. Mobile
        3. Web
        4. File
      9. NetFlow/sFlow
        1. IPFIX
      10. Protocol Analyzer Output
      11. Chapter Review
        1. Questions
        2. Answers
    4. Chapter 29 Mitigation Techniques and Controls
      1. Reconfigure Endpoint Security Solutions
        1. Application Approved List
        2. Application Blocklist/Deny List
        3. Quarantine
      2. Configuration Changes
        1. Firewall Rules
        2. MDM
        3. DLP
        4. Content Filter/URL Filter
        5. Update or Revoke Certificates
      3. Isolation
      4. Containment
      5. Segmentation
      6. Secure Orchestration, Automation, and Response (SOAR)
        1. Runbooks
        2. Playbooks
      7. Chapter Review
        1. Questions
        2. Answers
    5. Chapter 30 Digital Forensics
      1. Documentation/Evidence
        1. Legal Hold
        2. Video
        3. Admissibility
        4. Chain of Custody
        5. Timelines of Sequence of Events
        6. Tags
        7. Reports
        8. Event Logs
        9. Interviews
      2. Acquisition
        1. Order of Volatility
        2. Disk
        3. Random-Access Memory (RAM)
        4. Swap/Pagefile
        5. Operating System (OS)
        6. Device
        7. Firmware
        8. Snapshot
        9. Cache
        10. Network
        11. Artifacts
      3. On-premises vs. Cloud
        1. Right to Audit Clauses
        2. Regulatory/Jurisdiction
        3. Data Breach Notification Laws
      4. Integrity
        1. Hashing
        2. Checksums
        3. Provenance
      5. Preservation
      6. E-Discovery
      7. Data Recovery
      8. Nonrepudiation
      9. Strategic Intelligence/Counterintelligence
      10. Chapter Review
        1. Questions
        2. Answers
  15. Part V Governance, Risk, and Compliance
    1. Chapter 31 Security Controls
      1. Security Controls
      2. Categories
        1. Managerial
        2. Operational
        3. Technical
      3. Control Types
        1. Preventative
        2. Detective
        3. Corrective
        4. Deterrent
        5. Compensating
        6. Physical
      4. Chapter Review
        1. Questions
        2. Answers
    2. Chapter 32 Regulations, Standards, and Frameworks
      1. Regulations, Standards, and Legislation
        1. General Data Protection Regulation (GDPR)
        2. National, Territory, or State Laws
        3. Payment Card Industry Data Security Standard (PCI DSS)
      2. Key Frameworks
        1. Center for Internet Security (CIS)
        2. National Institute of Standards and Technology (NIST) Risk Management Framework (RMF)/Cybersecurity Framework (CSF)
        3. International Organization for Standardization (ISO) 27001/27002/27701/31000
        4. SSAE SOC 2 Type I/II
        5. Cloud Security Alliance
      3. Benchmarks and Secure Configuration Guides
        1. Platform/Vendor-Specific Guides
      4. Chapter Review
        1. Questions
        2. Answers
    3. Chapter 33 Organizational Policies
      1. Personnel
        1. Acceptable Use Policy
        2. Job Rotation
        3. Mandatory Vacation
        4. Separation of Duties
        5. Least Privilege
        6. Clean Desk Space
        7. Background Checks
        8. Nondisclosure Agreement (NDA)
        9. Social Media Analysis
        10. Onboarding
        11. Offboarding
        12. User Training
      2. Diversity of Training Techniques
      3. Third-Party Risk Management
        1. Vendors
        2. Supply Chain
        3. Business Partners
        4. Service Level Agreement (SLA)
        5. Memorandum of Understanding (MOU)
        6. Measurement Systems Analysis (MSA)
        7. Business Partnership Agreement (BPA)
        8. End of Life (EOL)
        9. End of Service Life (EOSL)
        10. NDA
      4. Data
        1. Classification
        2. Governance
        3. Retention
      5. Credential Policies
        1. Personnel
        2. Third Party
        3. Devices
        4. Service Accounts
        5. Administrator/Root Accounts
      6. Organizational Policies
        1. Change Management
        2. Change Control
        3. Asset Management
      7. Chapter Review
        1. Questions
        2. Answers
    4. Chapter 34 Risk Management
      1. Risk Types
        1. External
        2. Internal
        3. Legacy Systems
        4. Multiparty
        5. IP Theft
        6. Software Compliance/Licensing
      2. Risk Management Strategies
        1. Acceptance
        2. Avoidance
        3. Transference
        4. Mitigation
      3. Risk Analysis
        1. Risk Register
        2. Risk Matrix/Heat Map
        3. Risk Control Assessment
        4. Risk Control Self-Assessment
        5. Risk Awareness
        6. Inherent Risk
        7. Residual Risk
        8. Control Risk
        9. Risk Appetite
        10. Regulations That Affect Risk Posture
        11. Risk Assessment Types
        12. Likelihood of Occurrence
        13. Impact
        14. Asset Value
        15. Single-Loss Expectancy (SLE)
        16. Annualized Loss Expectancy (ALE)
        17. Annualized Rate of Occurrence (ARO)
      4. Disasters
        1. Environmental
        2. Person-made
        3. Internal vs. External
      5. Business Impact Analysis
        1. Recovery Time Objective (RTO)
        2. Recovery Point Objective (RPO)
        3. Mean Time to Repair (MTTR)
        4. Mean Time Between Failures (MTBF)
        5. Functional Recovery Plans
        6. Single Point of Failure
        7. Disaster Recovery Plan (DRP)
        8. Mission-Essential Functions
        9. Identification of Critical Systems
        10. Site Risk Assessment
      6. Chapter Review
        1. Questions
        2. Answers
    5. Chapter 35 Privacy
      1. Organizational Consequences of Privacy Breaches
        1. Reputation Damage
        2. Identity Theft
        3. Fines
        4. IP Theft
      2. Notifications of Breaches
        1. Escalation
        2. Public Notifications and Disclosures
      3. Data Types
        1. Classifications
        2. Personally Identifiable Information (PII)
      4. Privacy-Enhancing Technologies
        1. Data Minimization
        2. Data Masking
        3. Tokenization
        4. Anonymization
        5. Pseudo-Anonymization
      5. Roles and Responsibilities
        1. Data Owners
        2. Data Controller
        3. Data Processor
        4. Data Custodian/Steward
        5. Data Privacy Officer (DPO)
      6. Information Lifecycle
      7. Impact Assessment
      8. Terms of Agreement
      9. Privacy Notice
      10. Chapter Review
        1. Questions
        2. Answers
  16. Part VI Appendixes and Glossary
    1. Appendix A OSI Model and Internet Protocols
    2. Appendix B About the Online Content
  17. Glossary
  18. Index

Product information

  • Title: CompTIA Security+ All-in-One Exam Guide, Sixth Edition (Exam SY0-601)), 6th Edition
  • Author(s): Wm. Arthur Conklin, Greg White, Dwayne Williams, Roger L. Davis, Chuck Cothren
  • Release date: April 2021
  • Publisher(s): McGraw-Hill
  • ISBN: 9781260464016