Principles of Computer Security: CompTIA Security+ and Beyond, Sixth Edition (Exam SY0-601), 6th Edition

Principles of Computer Security: CompTIA Security+ and Beyond, Sixth Edition (Exam SY0-601), 6th Edition

by Wm. Arthur Conklin, Greg White, Chuck Cothren, Roger L. Davis, Dwayne Williams
Released July 2021
Publisher(s): McGraw-Hill
ISBN: 9781260474329

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Fully updated computer security essentials—mapped to the CompTIA Security+ SY0-601 exam

Save 10% on any CompTIA exam voucher! Coupon code inside.

Learn IT security fundamentals while getting complete coverage of the objectives for the latest release of CompTIA Security+ certification exam SY0-601. This thoroughly revised, full-color textbook covers how to secure hardware, systems, and software. It addresses new threats and cloud environments, and provides additional coverage of governance, risk, compliance, and much more. Written by a team of highly respected security educators, Principles of Computer Security: CompTIA Security+™ and Beyond, Sixth Edition (Exam SY0-601) will help you become a CompTIA-certified computer security expert while also preparing you for a successful career.

Find out how to:

  • Ensure operational, organizational, and physical security
  • Use cryptography and public key infrastructures (PKIs)
  • Secure remote access, wireless networks, and virtual private networks (VPNs)
  • Authenticate users and lock down mobile devices
  • Harden network devices, operating systems, and applications
  • Prevent network attacks, such as denial of service, spoofing, hijacking, and password guessing
  • Combat viruses, worms, Trojan horses, and rootkits
  • Manage e-mail, instant messaging, and web security
  • Explore secure software development requirements
  • Implement disaster recovery and business continuity measures
  • Handle computer forensics and incident response
  • Understand legal, ethical, and privacy issues
Online content features:
  • Test engine that provides full-length practice exams and customized quizzes by chapter or exam objective
Each chapter includes:
  • Learning objectives
  • Real-world examples
  • Try This! and Cross Check exercises
  • Tech Tips, Notes, and Warnings
  • Exam Tips
  • End-of-chapter quizzes and lab projects

Table of contents

  1. Cover
  2. About the Authors
  3. Title Page
  4. Copyright Page
  5. Acknowledgments
  6. About this Book
  7. Contents at a Glance
  8. Contents
  9. Foreword
  10. Preface
  11. Introduction
  12. Instructor Website
  13. Chapter 1 Introduction and Security Trends
    1. The Computer Security Problem
      1. Definition of Computer Security
      2. Historical Security Incidents
      3. The Current Threat Environment
      4. Infrastructure Attacks
      5. Ransomware
    2. Threats to Security
      1. Viruses and Worms
      2. Intruders
      3. Insiders
      4. Criminal Organizations
      5. Nation-States, Terrorists, and Information Warfare
      6. Brand-Name Attacks
    3. Attributes of Actors
      1. Internal/External
      2. Level of Sophistication
      3. Resources/Funding
      4. Intent/Motivation
    4. Security Trends
    5. Targets and Attacks
      1. Specific Target
      2. Opportunistic Target
      3. Minimizing Possible Avenues of Attack
    6. Approaches to Computer Security
      1. Cybersecurity Kill Chain
      2. Threat Intelligence
      3. Open Source Intelligence
    7. Ethics
    8. Additional References
    9. Chapter 1 Review
  14. Chapter 2 General Security Concepts
    1. Basic Security Terminology
      1. Security Basics
      2. Security Tenets
      3. Security Approaches
      4. Security Principles
    2. Formal Security Models
      1. Confidentiality Models
      2. Integrity Models
    3. Additional References
    4. Chapter 2 Review
  15. Chapter 3 Operational and Organizational Security
    1. Policies, Procedures, Standards, and Guidelines
    2. Organizational Policies
      1. Change Management Policy
      2. Change Control
      3. Asset Management
    3. Security Policies
      1. Data Policies
      2. Credential Policies
      3. Password and Account Policies
    4. Human Resources Policies
      1. Code of Ethics
      2. Job Rotation
      3. Separation of Duties
      4. Employee Hiring (Onboarding) and Promotions
      5. Retirement, Separation, or Termination (Offboarding)
      6. Exit Interviews
      7. Onboarding/Offboarding Business Partners
      8. Adverse Actions
      9. Mandatory Vacations
      10. Acceptable Use Policy
      11. Internet Usage Policy
      12. E-mail Usage Policy
      13. Social Media Analysis
      14. Clean Desk Policy
      15. Bring-Your-Own-Device (BYOD) Policy
      16. Privacy Policy
      17. Due Care and Due Diligence
      18. Due Process
      19. Incident Response Policies and Procedures
    5. Security Awareness and Training
      1. Diversity of Training Techniques
      2. Security Policy Training and Procedures
      3. User Training
      4. Role-Based Training
      5. Continuing Education
      6. Compliance with Laws, Best Practices, and Standards
      7. User Habits
      8. Training Metrics and Compliance
    6. Standard Operating Procedures
    7. Third-Party Risk Management
      1. Vendors
      2. Supply Chain
      3. Business Partners
    8. Interoperability Agreements
      1. Service Level Agreement (SLA)
      2. Memorandum of Understanding (MOU)
      3. Measurement Systems Analysis (MSA)
      4. Business Partnership Agreement (BPA)
      5. Interconnection Security Agreement (ISA)
      6. NDA
      7. End of Service Life (EOSL)
      8. End of Life (EOL)
    9. Chapter 3 Review
  16. Chapter 4 The Role of People in Security
    1. People—A Security Problem
      1. Social Engineering
    2. Tools
      1. Principles (Reasons for Effectiveness)
      2. Defenses
    3. Attacks
      1. Impersonation
      2. Phishing
      3. Smishing
      4. Vishing
      5. Spam
      6. Spam over Internet Messaging (SPIM)
      7. Spear Phishing
      8. Whaling
      9. Pharming
      10. Dumpster Diving
      11. Shoulder Surfing
      12. Tailgating/Piggybacking
      13. Eliciting Information
      14. Prepending
      15. Identity Fraud
      16. Invoice Scams
      17. Credential Harvesting
      18. Reverse Social Engineering
      19. Reconnaissance
      20. Hoax
      21. Watering Hole Attack
      22. Typo Squatting
      23. Influence Campaigns
    4. Poor Security Practices
      1. Password Selection
      2. Shoulder Surfing
      3. Piggybacking
      4. Dumpster Diving
      5. Installing Unauthorized Hardware and Software
      6. Data Handling
      7. Physical Access by Non-Employees
      8. Clean Desk Policies
    5. People as a Security Tool
      1. Security Awareness
      2. Security Policy Training and Procedures
    6. Chapter 4 Review
  17. Chapter 5 Cryptography
    1. Cryptography in Practice
      1. Fundamental Methods
      2. Comparative Strengths and Performance of Algorithms
      3. Key Length
    2. Cryptographic Objectives
      1. Diffusion
      2. Confusion
      3. Obfuscation
      4. Perfect Forward Secrecy
      5. Security Through Obscurity
    3. Historical Perspectives
      1. Algorithms
      2. Substitution Ciphers
      3. One-Time Pads
      4. Key Management
      5. Random Numbers
      6. Salting
    4. Hashing Functions
      1. Message Digest
      2. SHA
      3. RIPEMD
      4. Hashing Summary
    5. Symmetric Encryption
      1. DES
      2. 3DES
      3. AES
      4. CAST
      5. RC
      6. Blowfish
      7. Twofish
      8. IDEA
      9. ChaCha20
      10. Cipher Modes
      11. Authenticated Encryption with Associated Data (AEAD)
      12. Block vs. Stream
      13. Symmetric Encryption Summary
    6. Asymmetric Encryption
      1. Diffie-Hellman
      2. RSA Algorithm
      3. ElGamal
      4. ECC
      5. Asymmetric Encryption Summary
      6. Symmetric vs. Asymmetric
    7. Quantum Cryptography
    8. Post-Quantum
    9. Lightweight Cryptography
    10. Homomorphic Encryption
    11. For More Information
    12. Chapter 5 Review
  18. Chapter 6 Applied Cryptography
    1. Cryptography Use
      1. Confidentiality
      2. Integrity
      3. Authentication
      4. Nonrepudiation
      5. Digital Signatures
      6. Digital Rights Management
      7. Cryptographic Applications
      8. Use of Proven Technologies
    2. Cipher Suites
      1. Secret Algorithms
      2. Key Exchange
      3. Key Escrow
      4. Session Keys
      5. Ephemeral Keys
      6. Key Stretching
      7. Transport Encryption
      8. TLS v1.3
      9. Data in Transit/Motion
      10. Data at Rest
      11. Data in Use/Processing
      12. Implementation vs. Algorithm Selection
      13. Common Use Cases
      14. HMAC
    3. S/MIME
      1. IETF S/MIME History
      2. IETF S/MIME v3 Specifications
    4. PGP
      1. How PGP Works
    5. Steganography
    6. Secure Protocols
      1. DNSSEC
      2. SSH
      3. S/MIME
      4. SRTP
      5. LDAPS
      6. FTPS
      7. SFTP
      8. SNMPv3
      9. TLS
      10. HTTPS
      11. Secure POP/IMAP
      12. IPSec
    7. Secure Protocol Use Cases
      1. Voice and Video
      2. Time Synchronization
      3. E-mail and Web
      4. File Transfer
      5. Directory Services
      6. Remote Access
      7. Domain Name Resolution
      8. Routing and Switching
      9. Network Address Allocation
      10. Subscription Services
    8. Cryptographic Attacks
      1. Birthday
      2. Known Plaintext/Ciphertext
      3. Chosen Cipher Text Attack
      4. Weak Implementations
      5. Meet-in-the-Middle Attacks
      6. Replay
      7. Downgrade
      8. Collision
      9. Password Attacks
    9. Other Standards
      1. FIPS
      2. Common Criteria
      3. ISO/IEC 27002 (Formerly ISO 17799)
    10. Chapter 6 Review
  19. Chapter 7 Public Key Infrastructure
    1. The Basics of Public Key Infrastructures
    2. Certificate Authorities
      1. Registration Authorities
      2. Local Registration Authorities
      3. Public Certificate Authorities
      4. In-house Certificate Authorities
      5. Choosing Between a Public CA and an In-house CA
      6. Outsourced Certificate Authorities
      7. Online vs. Offline CA
      8. Stapling
      9. Pinning
    3. Trust Models
      1. Certificate Chaining
      2. Hierarchical Trust Model
      3. Peer-to-Peer Model
      4. Hybrid Trust Model
      5. Walking the Certificate Path
    4. Digital Certificates
      1. Certificate Classes
      2. Certificate Extensions
      3. Certificate Attributes
      4. Certificate Formats
    5. Certificate Lifecycles
      1. Registration and Generation
      2. CSR
      3. Renewal
      4. Suspension
      5. Certificate Revocation
      6. Key Destruction
    6. Certificate Repositories
      1. Sharing Key Stores
      2. Trust and Certificate Verification
    7. Centralized and Decentralized Infrastructures
      1. Hardware Security Modules
      2. Private Key Protection
      3. Key Recovery
      4. Key Escrow
    8. Certificate-Based Threats
      1. Stolen Certificates
    9. PKIX and PKCS
      1. PKIX Standards
      2. PKCS
      3. Why You Need to Know the PKIX and PKCS Standards
    10. ISAKMP
    11. CMP
    12. XKMS
    13. CEP
    14. Chapter 7 Review
  20. Chapter 8 Physical Security
    1. The Security Problem
    2. Physical Security Safeguards
      1. Walls and Guards
      2. Lights and Signage
      3. Physical Access Controls and Monitoring
      4. Electronic Access Control Systems
      5. Policies and Procedures
    3. Environmental Controls
      1. Hot and Cold Aisles
    4. Fire Suppression
      1. Water-Based Fire Suppression Systems
      2. Halon-Based Fire Suppression Systems
      3. Clean-Agent Fire Suppression Systems
      4. Handheld Fire Extinguishers
      5. Fire Detection Devices
    5. Electromagnetic Environment
    6. Power Protection
      1. UPS
      2. Backup Power and Cable Shielding
      3. Generator
      4. Dual Supply
      5. Managed Power Distribution Units (PDUs)
    7. Drones/UAVs
    8. Chapter 8 Review
  21. Chapter 9 Network Fundamentals
    1. Network Architectures
    2. Network Topology
      1. Wireless
      2. Ad Hoc
    3. Segregation/Segmentation/Isolation
      1. Physical Separation
      2. Enclaves
      3. Logical (VLAN)
      4. Virtualization
      5. Airgaps
      6. Zones and Conduits
      7. Zero Trust
    4. Security Zones
      1. DMZ
      2. Internet
      3. East-West Traffic
      4. Intranet
      5. Extranet
      6. Wireless
      7. Guest
      8. Honeynets
      9. Flat Networks
    5. Network Protocols
      1. Protocols
      2. Packets
    6. Internet Protocol
      1. IP Packets
      2. TCP vs. UDP
      3. ICMP
    7. IPv4 vs. IPv6
      1. Expanded Address Space
      2. Neighbor Discovery
      3. Benefits of IPv6
    8. Packet Delivery
      1. Ethernet
      2. Local Packet Delivery
      3. ARP Attacks
      4. Remote Packet Delivery
      5. IP Addresses and Subnetting
      6. Network Address Translation
    9. Inter-Networking
    10. MPLS
    11. Software-Defined Networking (SDN)
      1. Software-Defined Visibility (SDV)
    12. Quality of Service (QoS)
    13. Traffic Engineering
    14. Route Security
    15. For More Information
    16. Chapter 9 Review
  22. Chapter 10 Infrastructure Security
    1. Devices
      1. Workstations
      2. Servers
      3. Mobile Devices
      4. Device Security, Common Concerns
      5. Network-Attached Storage
      6. Removable Storage
    2. Virtualization
      1. Hypervisor
      2. Application Cells/Containers
      3. VM Sprawl Avoidance
      4. VM Escape Protection
      5. Snapshots
      6. Patch Compatibility
      7. Host Availability/Elasticity
      8. Security Control Testing
      9. Sandboxing
    3. Networking
      1. Network Interface Cards
      2. Hubs
      3. Bridges
      4. Switches
      5. Port Security
      6. Routers
    4. Security Devices
      1. Firewalls
      2. VPN Concentrator
      3. Wireless Devices
      4. Modems
      5. Telephony
      6. Intrusion Detection Systems
      7. Network Access Control
      8. Network Monitoring/Diagnostic
      9. Load Balancers
      10. Proxies
      11. Web Security Gateways
      12. Internet Content Filters
      13. Data Loss Prevention
      14. Unified Threat Management
    5. Security Device/Technology Placement
      1. Sensors
      2. Collectors
      3. TAPs and Port Mirror
      4. Correlation Engines
      5. Filters
      6. SSL Accelerators
      7. DDoS Mitigator
      8. Aggregation Switches
    6. Tunneling/VPN
      1. Site-to-Site
      2. Remote Access
    7. Storage Area Networks
      1. iSCSI
      2. Fibre Channel
      3. FCoE
    8. Media
      1. Coaxial Cable
      2. UTP/STP
      3. Fiber
      4. Unguided Media
    9. Removable Media
      1. Magnetic Media
      2. Optical Media
      3. Electronic Media
    10. Security Concerns for Transmission Media
    11. Physical Security Concerns
    12. Chapter 10 Review
  23. Chapter 11 Authentication and Remote Access
    1. User, Group, and Role Management
      1. User
      2. Shared and Generic Accounts/Credentials
      3. Guest Accounts
      4. Service Accounts
      5. Privileged Accounts
      6. Group
      7. Role
    2. Account Policies
      1. Account Policy Enforcement
      2. Domain Passwords
      3. Single Sign-On
      4. Credential Management
      5. Group Policy
      6. Standard Naming Convention
      7. Account Maintenance
      8. Usage Auditing and Review
      9. Account Audits
      10. Time-of-Day Restrictions
      11. Impossible Travel Time/Risky Login
      12. Account Expiration
      13. Privileged Access Management
    3. Authorization
      1. Access Control
      2. Security Controls and Permissions
      3. Access Control Lists (ACLs)
      4. Mandatory Access Control (MAC)
      5. Discretionary Access Control (DAC)
      6. Role-Based Access Control (RBAC)
      7. Rule-Based Access Control
      8. Attribute-Based Access Control (ABAC)
      9. Conditional Access
    4. Identity
      1. Identity Provider (IdP)
      2. Identity Attributes
      3. Certificates
      4. Identity Tokens
      5. SSH Keys
      6. Smart Cards
    5. Authentication Methods
      1. Authentication
      2. Directory Services
      3. Federation
      4. Attestation
      5. Transitive Trust
      6. Technologies
    6. Biometric Factors
      1. Fingerprint Scanner
      2. Retinal Scanner
      3. Iris Scanner
      4. Voice Recognition
      5. Facial Recognition
      6. Vein
      7. Gait Analysis
    7. Biometric Efficacy Rates
      1. False Positives and False Negatives
      2. False Acceptance Rate
      3. False Rejection Rate
      4. Crossover Error Rate
      5. Biometrics Calculation Example
    8. Multifactor Authentication
      1. Factors
      2. Attributes
    9. Remote Access
      1. IEEE 802.1X
      2. LDAP
      3. RADIUS
      4. TACACS+
      5. Authentication Protocols
      6. FTP/FTPS/SFTP
      7. VPNs
      8. Vulnerabilities of Remote Access Methods
    10. Preventing Data Loss or Theft
    11. Database Security
    12. Cloud vs. On-premises Requirements
    13. Connection Summary
    14. For More Information
    15. Chapter 11 Review
  24. Chapter 12 Wireless Security and Mobile Devices
    1. Connection Methods and Receivers
      1. Cellular
      2. Wi-Fi
      3. Bluetooth
      4. NFC
      5. Infrared
      6. USB
      7. Point-to-Point
      8. Point-to-Multipoint
      9. Global Positioning System (GPS)
      10. RFID
      11. SATCOM
    2. Wireless Protocols
      1. 802.11: Individual Standards
      2. WEP
      3. Current Security Methods
      4. Authentication Protocols
    3. Wireless Systems Configuration
      1. Access Point
      2. SSID
      3. Fat vs. Thin
      4. Controller Based vs. Standalone
      5. Signal Strength
      6. Band Selection/Width
      7. Antenna Types and Placement
      8. Power-Level Controls
      9. Wi-Fi Analyzers
      10. Channel Overlays
      11. Wireless Access Point (WAP) Placement
      12. Site Surveys
      13. Heat Maps
      14. Controller and Access Point Security
      15. MAC Filtering
      16. Captive Portals
      17. Securing Public Wi-Fi
    4. Wireless Attacks
      1. Attacking 802.11
      2. Replay
      3. IV
      4. Evil Twin
      5. Rogue AP
      6. Jamming
      7. Bluetooth Attacks
      8. Bluejacking
      9. Bluesnarfing
      10. Bluebugging
      11. RFID
      12. Disassociation
    5. Mobile Device Management Concepts
      1. Application Management
      2. Full Device Encryption (FDE)
      3. Content Management
      4. Remote Wipe
      5. Geofencing
      6. Geolocation
      7. Geo-Tagging
      8. Screen Locks
      9. Push Notification Services
      10. Passwords and PINs
      11. Biometrics
      12. Context-Aware Authentication
      13. Containerization
      14. Storage Segmentation
      15. Asset Control
      16. Device Access Control
      17. Removable Storage
      18. Disabling Unused Features
    6. Mobile Application Security
      1. Application Control
      2. Key and Credential Management
      3. Authentication
      4. Application Whitelisting
      5. Encryption
      6. Transitive Trust/Authentication
    7. Mobile Devices
      1. MicroSD Hardware Security Module (HSM)
      2. MDM/Unified Endpoint Management (UEM)
      3. Mobile Application Management (MAM)
      4. SEAndroid/SELinux
    8. Policies for Enforcement and Monitoring
      1. Third-party App Stores
      2. Rooting/Jailbreaking
      3. Sideloading
      4. Custom Firmware
      5. Carrier Unlocking
      6. Firmware OTA Updates
      7. Camera Use
      8. SMS/MMS/RCS
      9. External Media
      10. USB On-The-Go (USB OTG)
      11. Recording Microphone
      12. GPS Tagging
      13. Wi-Fi Direct/Ad Hoc
      14. Tethering
      15. Hotspot
      16. Payment Methods
    9. Deployment Models
      1. CYOD
      2. COPE
      3. Corporate-Owned
      4. BYOD
      5. Virtual Desktop Infrastructure (VDI)
    10. Chapter 12 Review
  25. Chapter 13 Intrusion Detection Systems and Network Security
    1. History of Intrusion Detection Systems
    2. IDS Overview
      1. IDS Models
      2. Signatures
      3. False Positives and False Negatives
    3. Network-Based IDSs
      1. Advantages of a NIDS
      2. Disadvantages of a NIDS
      3. Active vs. Passive NIDSs
      4. NIDS Tools
    4. Host-Based IDSs
      1. Advantages of HIDSs
      2. Disadvantages of HIDSs
      3. Active vs. Passive HIDSs
      4. Resurgence and Advancement of HIDSs
    5. Intrusion Prevention Systems
    6. Network Security Monitoring
    7. Deception and Disruption Technologies
      1. Honeypots and Honeynets
      2. Honeyfiles/Honeyrecords
      3. Fake Telemetry
      4. DNS Sinkhole
    8. Analytics
    9. SIEM
      1. SIEM Dashboards
      2. Sensors
      3. Sensitivity
      4. Trends
      5. Alerts
      6. Correlation
      7. Aggregation
      8. Automated Alerting and Triggers
      9. Time Synchronization
      10. Event Deduplication
      11. Logs/WORM
    10. DLP
      1. USB Blocking
      2. Cloud-Based DLP
      3. E-mail
    11. Tools
      1. Protocol Analyzer
      2. Network Placement
      3. In-Band vs. Out-of-Band NIDS/NIPS
      4. Switched Port Analyzer
      5. Port Scanner
      6. Passive vs. Active Tools
      7. Banner Grabbing
    12. Indicators of Compromise
      1. Advanced Malware Tools
    13. For More Information
    14. Chapter 13 Review
  26. Chapter 14 System Hardening and Baselines
    1. Overview of Baselines
    2. Hardware/Firmware Security
      1. FDE/SED
      2. TPM
      3. Hardware Root of Trust
      4. HSM
      5. UEFI BIOS
      6. Measured Boot
      7. Secure Boot and Attestation
      8. Integrity Measurement
      9. Firmware Version Control
      10. EMI/EMP
      11. Supply Chain
    3. Operating System and Network Operating System Hardening
      1. Protection Rings
      2. OS Security
      3. OS Types
      4. Trusted Operating System
      5. Patch Management
      6. Disabling Unnecessary Ports and Services
      7. Secure Configurations
      8. Disable Default Accounts/Passwords
      9. Application Whitelisting/Blacklisting
      10. Sandboxing
    4. Secure Baseline
      1. Machine Hardening
      2. Hardening Microsoft Operating Systems
      3. Hardening UNIX- or Linux-Based Operating Systems
    5. Endpoint Protection
      1. Antivirus
      2. Anti-Malware
      3. Endpoint Detection and Response (EDR)
      4. DLP
      5. Next-Generation Firewall (NGFW)
      6. Host-based Intrusion Detection System (HIDS)
      7. Host-based Intrusion Prevention System (HIPS)
      8. Host-based Firewall
      9. Whitelisting vs. Blacklisting Applications
      10. AppLocker
      11. Hardware Security
    6. Network Hardening
      1. Software Updates
      2. Device Configuration
      3. Securing Management Interfaces
      4. VLAN Management
      5. Network Segmentation
      6. IPv4 vs. IPv6
    7. Application Hardening
      1. Application Configuration Baseline
      2. Application Patches
      3. Patch Management
      4. Host Software Baselining
      5. Vulnerability Scanner
    8. Data-Based Security Controls
      1. Data Security
      2. Data Encryption
      3. Handling Big Data
      4. Cloud Storage
      5. Storage Area Network
      6. Permissions/ACL
    9. Environment
      1. Development
      2. Test
      3. Staging
      4. Production
    10. Automation/Scripting
      1. Automated Courses of Action
      2. Continuous Monitoring
      3. Configuration Validation
      4. Templates
      5. Master Image
      6. Nonpersistence
      7. Wrappers
      8. Elasticity
      9. Scalability
      10. Distributive Allocation
    11. Alternative Environments
      1. Alternative Environment Methods
      2. Peripherals
      3. Phones and Mobile Devices
      4. Embedded Systems
      5. Camera Systems
      6. Game Consoles
      7. Mainframes
      8. SCADA/ICS
      9. HVAC
      10. Smart Devices/IoT
      11. Special-Purpose Systems
    12. Industry-Standard Frameworks and Reference Architectures
      1. Regulatory
      2. Nonregulatory
      3. National vs. International
      4. Industry-Specific Frameworks
    13. Benchmarks/Secure Configuration Guides
      1. Platform/Vendor-Specific Guides
      2. General-Purpose Guides
    14. For More Information
    15. Chapter 14 Review
  27. Chapter 15 Types of Attacks and Malicious Software
    1. Avenues of Attack
      1. Minimizing Possible Avenues of Attack
    2. Malicious Code
    3. Malware
      1. Ransomware
      2. Trojans
      3. Worms
      4. Viruses
      5. Polymorphic Malware
      6. Potentially Unwanted Programs
      7. Command and Control
      8. Botnets
      9. Crypto-Malware
      10. Logic Bombs
      11. Spyware
      12. Adware
      13. Keyloggers
      14. Remote-Access Trojans (RATs)
      15. Rootkit
      16. Backdoors and Trapdoors
      17. Application-Level Attacks
      18. Malware Defenses
    4. Attacking Computer Systems and Networks
      1. Denial-of-Service Attacks
      2. Social Engineering
      3. Sniffing
      4. Spoofing
      5. MAC Spoofing
      6. TCP/IP Hijacking
      7. Man-in-the-Middle Attacks
      8. Man-in-the-Browser
      9. Replay Attacks
      10. Transitive Access
      11. Scanning Attacks
      12. Attacks on Encryption
      13. Address System Attacks
      14. Cache Poisoning
      15. Amplification
      16. Domain Hijacking
      17. Pass-the-Hash Attacks
      18. Software Exploitation
      19. Client-Side Attacks
      20. Driver Manipulation
    5. Advanced Persistent Threat
    6. Password Attacks
      1. Password Guessing
      2. Poor Password Choices
      3. Spraying
      4. Dictionary Attack
      5. Brute Force Attack
      6. Rainbow Tables
      7. Plaintext/Unencrypted
    7. Chapter 15 Review
  28. Chapter 16 Security Tools and Techniques
    1. Network Reconnaissance and Discovery Tools
      1. tracert/traceroute
      2. nslookup/dig
      3. ipconfig/ifconfig
      4. nmap
      5. ping/pathping
      6. hping
      7. netstat
      8. netcat (nc)
      9. IP Scanners
      10. arp
      11. route
      12. curl
      13. theHarvester
      14. sn1per
      15. scanless
      16. dnsenum
      17. Nessus
      18. Cuckoo
    2. File Manipulation Tools
      1. head
      2. tail
      3. cat
      4. grep
      5. chmod
      6. logger
    3. Shell and Script Environments
      1. SSH
      2. PowerShell
      3. Python
      4. OpenSSL
    4. Packet Capture and Replay Tools
      1. tcpreplay
      2. tcpdump
      3. Wireshark
    5. Forensic Tools
      1. dd
      2. memdump
      3. WinHex
      4. FTK Imager
      5. Autopsy
    6. Tool Suites
      1. Metasploit
      2. Kali
      3. Parrot OS
      4. Security Onion
      5. Social-Engineering Toolkit
      6. Cobalt Strike
      7. Core Impact
      8. Burp Suite
    7. Penetration Testing
      1. Penetration Testing Authorization
      2. Reconnaissance
      3. Passive vs. Active Tools
      4. Pivoting
      5. Initial Exploitation
      6. Persistence
      7. Escalation of Privilege
    8. Vulnerability Testing
      1. Vulnerability Scanning Concepts
      2. False Positives
      3. False Negatives
      4. Log Reviews
      5. Credentialed vs. Non-Credentialed
      6. Intrusive vs. Non-Intrusive
      7. Applications
      8. Web Applications
      9. Network
      10. Common Vulnerabilities and Exposures (CVE)/Common Vulnerability Scoring System (CVSS)
      11. Configuration Review
      12. System Testing
    9. Auditing
      1. Performing Routine Audits
    10. Vulnerabilities
      1. Cloud-based vs. On-premises Vulnerabilities
      2. Zero Day
      3. Weak Configurations
      4. Open Permissions
      5. Unsecure Root Accounts
      6. Errors
      7. Weak Encryption
      8. Unsecure Protocols
      9. Default Settings
      10. Open Ports and Services
      11. Improper or Weak Patch Management
    11. Chapter 16 Review
  29. Chapter 17 Web Components, E-mail, and Instant Messaging
    1. Current Web Components and Concerns
    2. Web Protocols
      1. Encryption (SSL and TLS)
      2. How TLS Works
      3. The Web (HTTP and HTTPS)
      4. HTTPS Everywhere
      5. HTTP Strict Transport Security
      6. Directory Services (DAP and LDAP)
      7. File Transfer (FTP and SFTP)
      8. Vulnerabilities
    3. Code-Based Vulnerabilities
      1. Java
      2. JavaScript
      3. Securing the Browser
      4. Server-Side Scripts
      5. Cookies
      6. Browser Plug-Ins
      7. Malicious Add-Ons
      8. Code Signing
    4. Application-Based Weaknesses
      1. Session Hijacking
      2. Client-Side Attacks
      3. Web 2.0 and Security
    5. How E-mail Works
      1. E-mail Structure
      2. MIME
    6. Security of E-mail
      1. Spam
      2. Malicious Code
      3. Hoax E-mails
    7. Mail Gateway
      1. Spam Filter
      2. Mail Relaying
      3. Greylisting
      4. Spam URI Real-time Block Lists
      5. Sender Policy Framework (SPF)
      6. Sender ID Framework
      7. DomainKeys Identified Mail
      8. DLP
    8. Mail Encryption
      1. S/MIME
      2. PGP
    9. Instant Messaging
      1. Modern Instant Messaging Systems
    10. Chapter 17 Review
  30. Chapter 18 Cloud Computing
    1. Cloud Computing
      1. Cloud Characteristics
      2. Cloud Computing Service Models
      3. Level of Control in the Hosting Models
      4. Services Integration
    2. Cloud Types
      1. Private
      2. Public
      3. Hybrid
      4. Community
      5. On-premises vs. Hosted vs. Cloud
    3. Cloud Service Providers
      1. Transit Gateway
    4. Cloud Security Controls
      1. High Availability Across Zones
      2. Resource Policies
      3. Secrets Management
      4. Integration and Auditing
      5. Storage
      6. Network
      7. Compute
    5. Security as a Service
      1. Managed Security Service Provider (MSSP)
    6. Cloud Security Solutions
      1. Cloud Access Security Broker (CASB)
      2. Application Security
      3. Firewall Considerations in a Cloud Environment
      4. Cloud-native Controls vs. Third-party Solutions
    7. Virtualization
      1. Type I
      2. Type II
      3. Virtual Machine (VM) Sprawl Avoidance
      4. VM Escape Protection
    8. VDI/VDE
    9. Fog Computing
    10. Edge Computing
    11. Thin Client
    12. Containers
    13. Microservices/API
    14. Serverless Architecture
    15. Chapter 18 Review
  31. Chapter 19 Secure Software Development
    1. The Software Engineering Process
      1. Process Models
      2. Secure Development Lifecycle
      3. Environments
    2. Secure Coding Concepts
      1. Error and Exception Handling
      2. Input and Output Validation
      3. Normalization
      4. Bug Tracking
    3. Application Attacks
      1. Cross-Site Scripting
      2. Injections
      3. Directory Traversal/Command Injection
      4. Buffer Overflow
      5. Integer Overflow
      6. Cross-Site Request Forgery
      7. Zero Day
      8. Attachments
      9. Locally Shared Objects
      10. Client-Side Attacks
      11. Arbitrary/Remote Code Execution
      12. Open Vulnerability and Assessment Language
    4. Application Hardening
      1. Application Configuration Baseline
      2. Application Patch Management
      3. NoSQL Databases vs. SQL Databases
      4. Server-Side vs. Client-Side Validation
      5. Code Signing
      6. Encryption
      7. Obfuscation/Camouflage
      8. Code Reuse/Dead Code
      9. Memory Management
      10. Use of Third-Party Libraries and SDKs
      11. Data Exposure
    5. Code Quality and Testing
      1. Static Code Analyzers
      2. Dynamic Analysis (Fuzzing)
      3. Stress Testing
      4. Sandboxing
      5. Model Verification
    6. Compiled Code vs. Runtime Code
    7. Software Diversity
      1. Compiler
      2. Binary
    8. Secure DevOps
      1. Automation/Scripting
      2. Continuous Monitoring
      3. Continuous Validation
      4. Continuous Integration
      5. Continuous Delivery
      6. Continuous Deployment
      7. Infrastructure as Code
    9. Elasticity
    10. Scalability
    11. Version Control and Change Management
      1. Baselining
      2. Immutable Systems
    12. Provisioning and Deprovisioning
    13. Integrity Measurement
    14. For More Information
    15. Chapter 19 Review
  32. Chapter 20 Risk Management
    1. An Overview of Risk Management
      1. Example of Risk Management at the International Banking Level
    2. Risk Management Vocabulary
    3. What Is Risk Management?
      1. Risk Management Culture
      2. Risk Response Techniques
      3. Risk Management Frameworks
    4. Security Controls
      1. Categories
      2. Control Types
    5. Business Risks
      1. Examples of Business Risks
      2. Examples of Technology Risks
      3. Business Impact Analysis
      4. Mission-Essential Functions
      5. Identification of Critical Systems
      6. Single Point of Failure
      7. Impact
    6. Third-party Risks
      1. Vendor Management
      2. Supply Chain
      3. Outsourced Code Development
      4. Data Storage
    7. Risk Mitigation Strategies
      1. Change Management
      2. Incident Management
      3. User Rights and Permissions Reviews
      4. Data Loss or Theft
    8. Risk Management Models
      1. General Risk Management Model
      2. Software Engineering Institute Model
      3. NIST Risk Models
      4. Model Application
    9. Risk Assessment
    10. Qualitatively Assessing Risk
      1. Risk Matrix/Heat Map
    11. Quantitatively Assessing Risk
      1. Adding Objectivity to a Qualitative Assessment
      2. Risk Calculation
    12. Qualitative vs. Quantitative Risk Assessment
    13. Tools
      1. Cost-Effectiveness Modeling
    14. Risk Management Best Practices
      1. System Vulnerabilities
      2. Threat Vectors
      3. Probability/Threat Likelihood
      4. Risks Associated with Cloud Computing and Virtualization
    15. Additional References
    16. Chapter 20 Review
  33. Chapter 21 Business Continuity, Disaster Recovery, and Change Management
    1. Business Continuity
      1. Business Continuity Plans
      2. Business Impact Analysis
      3. Identification of Critical Systems and Components
      4. Removing Single Points of Failure
      5. Risk Assessment
      6. Succession Planning
      7. After-Action Reports
      8. Failover
      9. Backups
      10. Alternative Sites
      11. Order of Restoration
      12. Utilities
      13. Secure Recovery
    2. Continuity of Operations Planning (COOP)
    3. Disaster Recovery
      1. Disaster Recovery Plans/Process
      2. Categories of Business Functions
      3. IT Contingency Planning
      4. Test, Exercise, and Rehearse
      5. Recovery Time Objective and Recovery Point Objective
    4. Why Change Management?
    5. The Key Concept: Separation of Duties
    6. Elements of Change Management
    7. Implementing Change Management
      1. Backout Plan
    8. The Purpose of a Change Control Board
      1. Code Integrity
    9. The Capability Maturity Model Integration
    10. Environment
      1. Development
      2. Test
      3. Staging
      4. Production
    11. Secure Baseline
    12. Sandboxing
    13. Integrity Measurement
    14. Chapter 21 Review
  34. Chapter 22 Incident Response
    1. Foundations of Incident Response
      1. Incident Management
      2. Goals of Incident Response
    2. Attack Frameworks
      1. Anatomy of an Attack
      2. Cyber Kill Chain
      3. MITRE ATT&CK
      4. The Diamond Model of Intrusion Analysis
    3. Threat Intelligence
      1. Threat Hunting
      2. Security Orchestration, Automation, and Response (SOAR)
    4. Incident Response Process
      1. Preparation
      2. Incident Response Plan
      3. Incident Identification/Detection
      4. Identification
      5. Initial Response
      6. Containment/Incident Isolation
      7. Strategy Formulation
      8. Investigation
      9. Eradication
      10. Recovery
      11. Reporting
      12. Lessons Learned
      13. Incident Response Team
    5. Exercises
      1. Tabletop
      2. Walkthroughs
      3. Simulations
    6. Stakeholder Management
    7. Communication Plan
    8. Data Sources
    9. Log Files
      1. Network
      2. System
      3. Application
      4. Security
      5. Web
      6. DNS
      7. Authentication
      8. Dump Files
      9. VoIP and Call Managers
      10. Session Initiation Protocol (SIP) Traffic
      11. Syslog/Rsyslog/Syslog-ng
      12. Journalctl
      13. NXLog
      14. Bandwidth Monitors
      15. NetFlow/sFlow
      16. Metadata
    10. Data Collection Models
      1. Collection Inventory Matrix
      2. Collection Management Framework
    11. Standards and Best Practices
      1. State of Compromise
      2. NIST
      3. Department of Justice
      4. Indicators of Compromise
      5. Security Measure Implementation
      6. Making Security Measurable
      7. Retention Policies
    12. For More Information
    13. Chapter 22 Review
  35. Chapter 23 Computer Forensics
    1. Evidence
      1. Types of Evidence
      2. Standards for Evidence
      3. Three Rules Regarding Evidence
    2. Chain of Custody
      1. Tags
    3. Forensic Process
      1. Data Recovery
      2. Acquiring Evidence
      3. Identifying Evidence
      4. Protecting Evidence
      5. Transporting Evidence
      6. Storing Evidence
      7. Conducting the Investigation
    4. Message Digest and Hash
    5. Analysis
      1. Timelines of Sequence of Events
      2. Provenance
      3. Recovery
      4. Strategic Intelligence/Counterintelligence Gathering
      5. Active Logging
      6. Track Man-Hours
      7. Reports
    6. Host Forensics
      1. Filesystems
      2. Artifacts
      3. Swap/Pagefile
      4. Firmware
      5. Snapshot
      6. Cache
      7. Windows Metadata
      8. Linux Metadata
      9. Timestamps
    7. Device Forensics
    8. Network Forensics
    9. Legal Hold
      1. E-discovery
      2. Big Data
      3. Cloud
      4. Right to Audit Clauses
      5. Regulatory/Jurisdiction
    10. Chapter 23 Review
  36. Chapter 24 Legal Issues and Ethics
    1. Cybercrime
      1. U.S. Law Enforcement Encryption Debate
      2. Common Internet Crime Schemes
      3. Sources of Laws
      4. Computer Trespass
      5. Convention on Cybercrime
      6. Significant U.S. Laws
      7. Payment Card Industry Data Security Standard (PCI DSS)
      8. Import/Export Encryption Restrictions
      9. Digital Signature Laws
      10. Digital Rights Management
    2. Ethics
    3. Chapter 24 Review
  37. Chapter 25 Privacy
    1. Data Handling
    2. Organizational Consequences of Privacy Breaches
      1. Reputation Damage
      2. Identity Theft
      3. Fines
      4. IP Theft
    3. Data Sensitivity Labeling and Handling
      1. Public
      2. Private
      3. Sensitive
      4. Confidential
      5. Critical
      6. Proprietary
      7. Personally Identifiable Information (PII)
    4. Data Roles
      1. Data Owner
      2. Data Controller
      3. Data Processor
      4. Data Custodian/Steward
      5. Data Privacy Officer
    5. Data Destruction and Media Sanitization
      1. Data/Information Lifecycle
      2. Burning
      3. Shredding
      4. Pulping
      5. Pulverizing
      6. Degaussing
      7. Purging
      8. Wiping
    6. U.S. Privacy Laws
      1. Fair Information Practice Principles (FIPPs)
      2. Privacy Act of 1974
      3. Freedom of Information Act (FOIA)
      4. Family Education Records and Privacy Act (FERPA)
      5. U.S. Computer Fraud and Abuse Act (CFAA)
      6. U.S. Children’s Online Privacy Protection Act (COPPA)
      7. Video Privacy Protection Act (VPPA)
      8. Health Insurance Portability and Accountability Act (HIPAA)
      9. Gramm-Leach-Bliley Act (GLBA)
      10. California Senate Bill 1386 (SB 1386)
      11. U.S. Banking Rules and Regulations
      12. Payment Card Industry Data Security Standard (PCI DSS)
      13. Fair Credit Reporting Act (FCRA)
      14. Fair and Accurate Credit Transactions Act (FACTA)
    7. International Privacy Laws
      1. OECD Fair Information Practices
      2. European Laws
      3. Canadian Law
      4. Asian Laws
    8. Privacy-Enhancing Technologies
      1. Data Minimization
      2. Data Masking
      3. Tokenization
      4. Anonymization
      5. Pseudo-Anonymization
    9. Privacy Policies
      1. Terms of Agreement
      2. Privacy Notice
    10. Privacy Impact Assessment
    11. Web Privacy Issues
      1. Cookies
    12. Privacy in Practice
      1. User Actions
      2. Data Breaches
    13. For More Information
    14. Chapter 25 Review
  38. Appendix A CompTIA Security+ Exam Objectives: SY0-601
  39. Appendix B About the Online Content
    1. System Requirements
    2. Your Total Seminars Training Hub Account
      1. Privacy Notice
    3. Single User License Terms and Conditions
    4. TotalTester Online
    5. Technical Support
  40. Glossary
  41. Index

Product information

  • Title: Principles of Computer Security: CompTIA Security+ and Beyond, Sixth Edition (Exam SY0-601), 6th Edition
  • Author(s): Wm. Arthur Conklin, Greg White, Chuck Cothren, Roger L. Davis, Dwayne Williams
  • Release date: July 2021
  • Publisher(s): McGraw-Hill
  • ISBN: 9781260474329