CompTIA Security+ SY0-701 Certification Guide - Third Edition

CompTIA Security+ SY0-701 Certification Guide - Third Edition

by Ian Neil
Released January 2024
Publisher(s): Packt Publishing
ISBN: 9781835461532

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

100% coverage of the latest CompTIA Security+ SY0-701 exam objectives ensures you study what you need to pass Unlocks access to an interactive online platform featuring over 500 practice test questions, 100 flashcards, and 200 key acronyms to enhance your Security+ exam preparation

Key Features

  • Gain certified security knowledge from Ian Neil, a world-class CompTIA certification trainer
  • Build a strong foundation in cybersecurity and gain hands-on skills for a successful career
  • Assess your CompTIA Security+ exam readiness with 3 mock exams to pass confidently on your first try
  • Benefit from an exclusive 12% Security+ exam discount voucher included with this book

Book Description

Building on the success of its international bestselling predecessor, this third edition of the CompTIA Security+ SY0-701 Certification Guide serves as your one-stop resource for Security+ exam preparation. Written by cybersecurity expert Ian Neil, this comprehensive guide helps you unlock the intricacies of cybersecurity and understand the technology behind the CompTIA Security+ SY0-701 certification, ensuring you approach the exam with confidence and pass on your first attempt.

By exploring security in detail, this book introduces essential principles, controls, and best practices. The chapters are meticulously designed to provide 100% coverage of the CompTIA Security+ SY0-701 exam objectives, ensuring you have the most up-to-date and relevant study material. By mastering cybersecurity fundamentals, you’ll acquire the knowledge and skills to identify and mitigate threats, manage vulnerabilities, and safeguard enterprise infrastructure. Additionally, the book grants lifetime access to web-based exam prep tools, including 3 full-length mock exams, flashcards, acronyms, along with a 12% Security+ exam discount voucher.

Whether you aim to excel the CompTIA Security+ SY0-701 exam, advance your career in cybersecurity, or enhance your existing knowledge, this book will transform you into a cybersecurity expert.

What you will learn

  • Differentiate between various security control types
  • Apply mitigation techniques for enterprise security
  • Evaluate security implications of architecture models
  • Protect data by leveraging strategies and concepts
  • Implement resilience and recovery in security
  • Automate and orchestrate for running secure operations
  • Execute processes for third-party risk assessment and management
  • Conduct various audits and assessments with specific purposes

Who this book is for

Whether you have an IT background or not, if you aspire to pass the CompTIA Security+ SY0-701 exam or pursue a career in certified security, this book will help you achieve your goals. It is also a valuable companion for the US government and US Department of Defense personnel looking to achieve security certification. It serves as an excellent reference material for college students pursuing a degree in cybersecurity.

Table of contents

  1. CompTIA® Security+® SY0-701 Certification Guide
  2. Third Edition
  3. Contributors
  4. About the Author
  5. About the Reviewers
  6. Preface
    1. Who This Book Is For
    2. What This Book Covers
    3. Domain 1: General Security Concepts
    4. Domain 2: Threats, Vulnerabilities, and Mitigations
    5. Domain 3: Security Architecture
    6. Domain 4: Security Operations
    7. Domain 5: Security Program Management and Oversight
    8. How to Use This Book
    9. End of Chapter Self-Assessment Questions
    10. Additional Online Resources
    11. Download the Color Images
    12. Conventions Used
    13. Get in Touch
    14. Reviews
  7. Domain 1: General Security Concepts
  8. Chapter 1: Compare and contrast various types of security controls
    1. Introduction
    2. Control Categories
      1. Technical Controls
      2. Managerial Controls
      3. Operational Controls
      4. Physical Controls
    3. Control Types
    4. Summary
    5. Exam Objectives 1.1
    6. Chapter Review Questions
  9. Chapter 2: Summarize fundamental security concepts
    1. Introduction
    2. Confidentiality, Integrity, and Availability
      1. Non-Repudiation
    3. Authentication, Authorization, and Accounting
    4. Gap Analysis
    5. Zero Trust
      1. The Data Plane
    6. Physical Security
    7. Deception and Disruption Technology
    8. Summary
    9. Exam Objectives 1.2
    10. Chapter Review Questions
  10. Chapter 3: Explain the importance of change management processes and the impact to security
    1. Introduction
    2. Change Management
    3. Technical Implications
    4. Documentation
    5. Version Control
    6. Summary
    7. Exam Objectives 1.3
    8. Chapter Review Questions
  11. Chapter 4: Explain the importance of using appropriate cryptographic solutions
    1. Introduction
    2. Public Key Infrastructure (PKI)
    3. Encryption
    4. Tools
    5. Obfuscation
    6. Hashing
      1. Salting
      2. Digital Signatures
    7. Key Stretching
    8. Blockchain
      1. Open Public Ledger
    9. Certificates
    10. Summary
    11. Exam Objectives 1.4
    12. Chapter Review Questions
  12. Domain 2: Threats, Vulnerabilities, and Mitigations
  13. Chapter 5: Compare and contrast common threat actors and motivations
    1. Introduction
    2. Threat Actors
    3. Attributes of Actors
    4. Motivations
    5. Summary
    6. Exam Objectives 2.1
    7. Chapter Review Questions
  14. Chapter 6: Explain common threat vectors and attack surfaces
    1. Introduction
    2. Message-Based
    3. Image-Based
    4. File-Based
    5. Voice Call
    6. Removable Device
    7. Vulnerable Software
    8. Unsupported Systems and Applications
    9. Unsecure Networks
      1. Open Service Ports
      2. Default Credentials
    10. Supply Chain
    11. Human Vectors/Social Engineering
    12. Summary
    13. Exam Objectives 2.2
    14. Chapter Review Questions
  15. Chapter 7: Explain various types of vulnerabilities
    1. Introduction
    2. Application Vulnerabilities
    3. Operating System (OS)-Based Vulnerabilities
    4. Web-Based Vulnerabilities
    5. Hardware Vulnerabilities
    6. Virtualization Vulnerabilities
    7. Cloud-Specific Vulnerabilities
    8. Supply Chain Vulnerabilities
    9. Cryptographic Vulnerabilities
    10. Misconfiguration Vulnerabilities
    11. Mobile Device Vulnerabilities
    12. Zero-Day Vulnerabilities
    13. Summary
    14. Exam Objective 2.3
    15. Chapter Review Questions
  16. Chapter 8: Given a scenario, analyze indicators of malicious activity
    1. Introduction
    2. Malware Attacks
      1. Potentially Unwanted Programs (PUPs)
      2. Ransomware
      3. Trojans
      4. Remote Access Trojans
      5. Worms
      6. Spyware
      7. Bloatware
      8. Viruses
      9. Polymorphic Viruses
      10. Keyloggers
      11. Logic Bombs
      12. Rootkits
      13. Malware Inspection
    3. Physical Attacks
      1. Physical Brute Force
      2. Radio Frequency Identification (RFID) Cloning
      3. Environmental
    4. Network Attacks
      1. Pivoting
      2. Distributed Denial-of-Service (DDoS)
      3. ARP Poisoning
      4. Domain Name System (DNS) attacks
        1. DNS Commands
        2. DNS Tools
      5. Wireless Attacks
      6. On-path
        1. Session Replay
        2. Replay Attack
      7. Credential Replay
      8. Malicious Code
    5. Application Attacks
      1. Injection Attack
      2. Buffer Overflow
      3. Privilege Escalation
      4. Forgery Attacks
      5. Directory Traversal
    6. Cryptographic Attacks
      1. Downgrade Attacks
      2. Collision
      3. Birthday
      4. Pass-the-Hash Attack
    7. Password Attacks
    8. Indicators of Attack
    9. Summary
    10. Exam Objectives 2.4
    11. Chapter Review Questions
  17. Chapter 9: Explain the purpose of mitigation techniques used to secure the enterprise
    1. Introduction
    2. Segmentation
    3. Access Control
    4. Application Allow List
    5. Application Block List
    6. Isolation
    7. Patching
    8. Encryption
    9. Monitoring
    10. Least Privilege
    11. Configuration Enforcement
    12. Decommissioning
    13. Hardening Techniques
    14. Summary
    15. Exam Objectives 2.5
    16. Chapter Review Questions
  18. Domain 3: Security Architecture
  19. Chapter 10: Compare and contrast security implications of different architecture models
    1. Introduction
    2. Securing the Network
      1. Securing the Servers
      2. Securing the Hosts
    3. Architecture and Infrastructure Concepts
      1. Cloud Computing
      2. Responsibility Matrix
      3. Hybrid Considerations
    4. Infrastructure as Code (IaC)
    5. Serverless
      1. Microservices
    6. Network Infrastructure
      1. Physical Isolation
      2. Logical Segmentation
      3. Software-Defined Networking (SDN)
      4. On-Premises
      5. Centralized versus Decentralized
      6. Containerization
      7. Virtualization
      8. IoT
      9. Industrial Control Systems (ICS) / Supervisory Control and Data Acquisition (SCADA)
      10. Real-Time Operating System (RTOS)
      11. Embedded Systems
      12. High Availability
    7. Considerations for Your Infrastructure
    8. Summary
    9. Exam Objectives 3.1
    10. Chapter Review Questions
  20. Chapter 11: Given a scenario, apply security principles to secure enterprise infrastructure
    1. Introduction
    2. Infrastructure Considerations
      1. Device Placement
      2. Security Zones
      3. Attack Surface
      4. Connectivity
      5. Failure Modes
      6. Device Attribute
      7. Network Appliances
      8. Port Security
      9. Firewall Types
    3. Secure Communication/Access
      1. Virtual Private Network (VPN)
      2. Remote Access
      3. Tunneling
      4. Software-Defined Wide Area Network
      5. Secure Access Service Edge
    4. Selection of Effective Controls
    5. Summary
    6. Exam Objectives 3.2
    7. Chapter Review Questions
  21. Chapter 12: Compare and contrast concepts and strategies to protect data
    1. Introduction
    2. Data Types
    3. Data Classifications
    4. General Data Considerations
    5. Methods to Secure Data
    6. Summary
    7. Exam Objectives 3.3
    8. Chapter Review Questions
  22. Chapter 13: Explain the importance of resilience and recovery in security architecture
    1. Introduction
    2. High Availability
      1. Load Balancer Configurations
      2. Clustering
    3. Site Considerations
      1. Cloud Data Replication
      2. Data Sovereignty
    4. Platform Diversity
    5. Multi-Cloud Systems
    6. Continuity of Operations
    7. Capacity Planning
    8. Testing
    9. Backups
      1. Important Backup Features
    10. Power
    11. Summary
    12. Exam Objectives 3.4
    13. Chapter Review Questions
  23. Domain 4: Security Operations
  24. Chapter 14: Given a scenario, apply common security techniques to computing resources
    1. Introduction
    2. Secure Baselines
      1. Establish
      2. Deploy
      3. Maintain
      4. Hardening Targets
    3. Wireless Devices
    4. Mobile Solutions
      1. Mobile Device Management
      2. Deployment Models
      3. Connection Methods
      4. Mobile Solutions – Other Factors
    5. Wireless Security Settings
      1. Wi-Fi Protected Access 3
      2. AAA/Remote Authentication Dial-In User Service (RADIUS)
      3. Cryptographic Protocols
      4. Authentication Protocols
    6. Application Security
    7. Sandboxing
    8. Monitoring
    9. Summary
    10. Exam Objectives 4.1
    11. Chapter Review Questions
  25. Chapter 15: Explain the security implications of proper hardware, software, and data asset management
    1. Introduction
    2. Acquisition/Procurement Process
    3. Assignment/Accounting
    4. Monitoring/Asset Tracking
    5. Disposal/Decommissioning
    6. Summary
    7. Exam Objective 4.2
    8. Chapter Review Questions
  26. Chapter 16: Explain various activities associated with vulnerability management
    1. Introduction
    2. Identification Methods
      1. Vulnerability Scans
      2. Security Content Automation Protocol
      3. Application Security
        1. Package Monitoring
      4. Threat Feeds
      5. OSINT
        1. Proprietary/Third-Party
      6. Information-Sharing Organizations
      7. The Dark Web
      8. Penetration Testing
      9. Responsible Disclosure Program
        1. Bug Bounty Program
      10. System/Process Audit
      11. Analysis
      12. Confirmation
      13. Prioritization
        1. CVE
        2. CVSS
        3. Vulnerability classification
        4. Exposure factor
        5. Environmental variable
        6. Industry/organizational impact
        7. Risk tolerance
    3. Vulnerability Response and Remediation
      1. Patching
      2. Insurance
      3. Segmentation
    4. Validation of Remediation
      1. Rescanning
      2. Audit
      3. Verification
    5. Reporting
    6. Summary
    7. Exam Objective 4.3
    8. Chapter Review Questions
  27. Chapter 17: Explain security alerting and monitoring concepts and tools
    1. Introduction
    2. Monitoring Computing Resources
    3. Activities
    4. Alert Response and Remediation/Validation
    5. Tools
      1. Security Content Automation Protocol (SCAP)
      2. Benchmarks
      3. Agents/Agentless
      4. Security Information and Event Management (SIEM)
      5. Antivirus
      6. Data Loss Prevention (DLP)
      7. Simple Network Management Protocol (SNMP) Traps
      8. NetFlow
      9. Vulnerability Scanners
    6. Summary
    7. Exam Objectives 4.4
    8. Chapter Review Questions
  28. Chapter 18:Given a scenario, modify enterprise capabilities to enhance security
    1. Introduction
    2. Firewall
      1. Firewall Types
      2. Rules
      3. Access Control List
        1. Ports/Protocols
        2. TCP
        3. UDP
    3. Zones
    4. IDSs/IPSs
      1. Trends in IDSs/IPSs
      2. IDS/IPS Signatures
    5. Web Filtering
    6. Operating System Security
      1. Group Policy
      2. SELinux
    7. The Implementation of Secure Protocols
      1. Insecure Protocols
        1. Secure Protocols
        2. DNS Filtering
    8. Email Security
    9. File Integrity Monitoring
    10. Data Loss Prevention (DLP)
    11. Network Access Control (NAC)
    12. Endpoint Detection and Response, and Extended Detection and Response
    13. User Behavior Analytics
    14. Summary
    15. Exam Objectives 4.5
    16. Chapter Review Questions
  29. Chapter 19:Given a scenario, implement and maintain identity and access management
    1. Introduction
    2. Provisioning User Accounts
      1. Active Directory (Directory Services)
      2. New User Accounts
      3. Kerberos
      4. Linux
        1. Creating a Linux Account
    3. Deprovisioning User Accounts
    4. Permission Assignments and Implications
    5. Identity Proofing
    6. Federation
    7. Single Sign-On (SSO)
    8. Interoperability
    9. Attestation
    10. Access Controls
      1. Mandatory Access Control (MAC)
      2. Role-Based Access Control (RBAC)
      3. Attribute-Based Access Control (ABAC)
      4. Discretionary-Based Access Control (DAC)
      5. Time-of-Day Restrictions
      6. Least Privilege
    11. Multi-Factor Authentication
      1. Biometric Authentication
      2. Hard Authentication
      3. Soft Authentication
      4. Factors of Authentication
      5. Tokens
    12. Password Concepts
    13. Password Managers
    14. Passwordless
    15. Privileged Access Management (PAM)
    16. PAM Tools
    17. Summary
    18. Exam Objective 4.6
    19. Chapter Review Questions
  30. Chapter 20:Explain the importance of automation and orchestration related to secure operations
    1. Introduction
    2. Security Orchestration, Automation, and Response (SOAR)
    3. Use Cases of Automation and Scripting
    4. Benefits
    5. Other Considerations
    6. Summary
    7. Exam Objectives 4.7
    8. Chapter Review Questions
  31. Chapter 21:Explain appropriate incident response activities
    1. Introduction
    2. Process
    3. Attack Frameworks
      1. MITRE ATT&CK Framework
      2. Cyber Kill Chain
      3. The Diamond Model of Intrusion Analysis
    4. Training
    5. Testing
    6. Root Cause Analysis
    7. Threat Hunting
    8. Digital Forensics
      1. Legal Hold
      2. Chain of Custody
        1. Acquisition
        2. Reporting
        3. Preservation
        4. E-Discovery
        5. Right-to-Audit Clause
    9. Summary
    10. Exam Objectives 4.8
    11. Chapter Review Questions
  32. Chapter 22:Given a scenario, use data sources to support an investigation
    1. Introduction
    2. Log Data
    3. Data Sources
    4. Packet Captures
    5. Summary
    6. Exam Objectives 4.9
    7. Chapter Review Questions
  33. Domain 5: Security Program Management and Oversight
  34. Chapter 23:Summarize elements of effective security governance
    1. Introduction
    2. Guidelines
    3. Policies
    4. Software Development Life Cycle
    5. Standards
      1. Password Standards
      2. Access Control Standards
      3. Physical Security Standards
    6. Procedures
    7. External Considerations
    8. Monitoring and Revision
    9. Types of Governance Structures
    10. Roles and Responsibilities for Systems and Data
    11. Summary
    12. Exam Objectives 5.1
    13. Chapter Review Questions
  35. Chapter 24:Explain elements of the risk management process
    1. Introduction
      1. Risk Identification
      2. Risk Assessment
    2. Risk Analysis
      1. Calculating Equipment Loss
    3. Risk Register
    4. Risk Tolerance
    5. Risk Appetite
    6. Risk Management Strategies
    7. Risk Reporting
    8. Business Impact Analysis
    9. Summary
    10. Exam Objectives 5.2
    11. Chapter Review Questions
  36. Chapter 25:Explain the processes associated with third-party risk assessment and management
    1. Introduction
    2. Vendor Assessment
    3. Vendor Selection
    4. Agreement Types
    5. Vendor Monitoring
    6. Questionnaires
    7. Rules of Engagement
    8. Summary
    9. Exam Objectives 5.3
    10. Chapter Review Questions
  37. Chapter 26:Summarize elements of effective security compliance
    1. Introduction
    2. Compliance Reporting
      1. Consequences of Non-Compliance
    3. Compliance Monitoring
    4. Privacy – Regulations
    5. Privacy – Data
    6. Summary
    7. Exam Objectives 5.4
    8. Chapter Review Questions
  38. Chapter 27:Explain types and purposes of audits and assessments
    1. Introduction
      1. Attestation
      2. Internal
        1. Compliance
        2. Audit Committee
        3. Self-Assessments
      3. External
        1. Regulatory
        2. Examinations
        3. Assessment
        4. Independent Third-Party Audit
      4. Penetration Testing
      5. Reconnaissance
    2. Summary
    3. Exam Objectives 5.5
    4. Chapter Review Questions
  39. Chapter 28:Given a scenario, implement security awareness practices
    1. Introduction
    2. Phishing
    3. Anomalous Behavior Recognition
    4. User Guidance and Training
    5. Reporting and Monitoring
      1. Effectiveness
      2. Development
      3. Execution
    6. Summary
    7. Exam Objectives 5.6
    8. Chapter Review Questions
  40. Chapter 29:Accessing the online practice resources
    1. Troubleshooting Tips
    2. Practice Resources – A Quick Tour
      1. A Clean, Simple Cert Practice Experience
      2. Practice Questions
      3. Flashcards
      4. Share Feedback
  41. Solutions
    1. Chapter 1: Compare and contrast various types of security controls
    2. Chapter 2: Summarize fundamental security concepts
    3. Chapter 3: Explain the importance of change management processes and the impact to security
    4. Chapter 4: Explain the importance of using appropriate cryptographic solutions
    5. Chapter 5: Compare and contrast common threat actors and motivations
    6. Chapter 6: Explain common threat vectors and attack surfaces
    7. Chapter 7: Explain various types of vulnerabilities
    8. Chapter 8: Given a scenario, analyze indicators of malicious activity
    9. Chapter 9: Explain the purpose of mitigation techniques used to secure the enterprise
    10. Chapter 10: Compare and contrast security implications of different architecture models
    11. Chapter 11: Given a scenario, apply security principles to secure enterprise infrastructure
    12. Chapter 12: Compare and contrast concepts and strategies to protect data
    13. Chapter 13: Explain the importance of resilience and recovery in security architecture
    14. Chapter 14: Given a scenario, apply common security techniques to computing resources
    15. Chapter 15: Explain the security implications of proper hardware, software, and data asset management
    16. Chapter 16: Explain various activities associated with vulnerability management
    17. Chapter 17: Explain security alerting and monitoring concepts and tools
    18. Chapter 18: Given a scenario, modify enterprise capabilities to enhance security
    19. Chapter 19: Given a scenario, implement and maintain identity and access management
    20. Chapter 20: Explain the importance of automation and orchestration related to secure operations
    21. Chapter 21: Explain appropriate incident response activities
    22. Chapter 22: Given a scenario, use data sources to support an investigation
    23. Chapter 23: Summarize elements of effective security governance
    24. Chapter 24: Explain elements of the risk management process
    25. Chapter 25: Explain the processes associated with third-party risk assessment and management
    26. Chapter 26: Summarize elements of effective security compliance
    27. Chapter 27: Explain types and purposes of audits and assessments
    28. Chapter 28: Given a scenario, implement security awareness practices
  42. Appendix
    1. IPsec Security Association (SA)
      1. Phase 1: Establishing the Secure Channel
      2. Phase 2: Establishing the IPsec Tunnel
      3. Example Scenario
    2. Why subscribe?
  43. Other Books You May Enjoy
    1. Share Your Thoughts
  44. Coupon Code for CompTIA Security+ Exam Vouchers

Product information

  • Title: CompTIA Security+ SY0-701 Certification Guide - Third Edition
  • Author(s): Ian Neil
  • Release date: January 2024
  • Publisher(s): Packt Publishing
  • ISBN: 9781835461532