ebook img

CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide PDF

572 Pages·2014·4.51 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide

CompTIA Security+: Get Certified Get Ahead SY0-401 Study Guide Darril Gibson Dedication To my wife, who even after 22 years of marriage continues to remind me how wonderful life can be if you’re in a loving relationship. Thanks for sharing your life with me. Acknowledgments Books of this size and depth can’t be done by a single person, and I’m grateful for the many people who helped me put this book together. First, thanks to my wife. She has provided me immeasurable support throughout this project. The technical editor, Steve Johnson, provided some good feedback throughout the project. If you have the paperback copy of the book in your hand, you’re enjoying some excellent composite editing work done by Susan Veach. I’m extremely grateful for all the effort Karen Annett put into this project. She’s an awesome copy editor and proofer and the book is tremendously better due to all the work she’s put into it. While I certainly appreciate all the feedback everyone gave me, I want to stress that any technical errors that may have snuck into this book are entirely my fault and no reflection on anyone who helped. I always strive to identify and remove every error, but they still seem to sneak in. About the Author Darril Gibson is the CEO of YCDA, LLC (short for You Can Do Anything). He has contributed to more than 35 books as the sole author, a coauthor, or a technical editor. Darril regularly writes, consults, and teaches on a wide variety of technical and security topics and holds several certifications, including CompTIA A+, Network+, Security+, and CASP; (ISC)2 SSCP and CISSP; Microsoft MCSE and MCITP, and ITIL Foundations. In response to repeated requests, Darril created the http://gcgapremium.com/ site where he provides study materials for several certification exams, including the Security+ exam. Darril regularly posts blog articles at http://blogs.getcertifiedgetahead.com/, and uses this site to help people stay abreast of changes in certification exams. You can contact him through either of these sites. Darril lives in Virginia Beach with his wife and two dogs. Whenever possible, they escape to a small cabin in the country on over twenty acres of land that continue to provide them with peace, tranquility, and balance. Table of Contents Dedication Acknowledgments About the Author Introduction Who This Book Is For About This Book How to Use This Book Remember This Vendor Neutral Web Resources Assumptions Set a Goal About the Exam Number of Questions and Duration Passing Score Exam Prerequisites Exam Format Beta Questions Question Types Multiple Choice Performance-Based Questions Exam Test Provider Voucher Code for 10 Percent Off Exam Domains Objective to Chapter Map Recertification Requirements CompTIA Security+ Assessment Exam Assessment Exam Answers Chapter 1 Mastering Security Basics Understanding Core Security Goals Confidentiality Encryption Access Controls Steganography Integrity Hashing Digital Signatures, Certificates, and Non-Repudiation Availability Redundancy and Fault Tolerance Patching Safety Layered Security/Defense in Depth Introducing Basic Risk Concepts Exploring Authentication Concepts Comparing Identification, Authentication, and Authorization Verifying Identities with Identity Proofing Identity Proofing for Verification Self-Service Password Reset Systems Comparing Authentication Factors Something You Know Something You Have Something You Are Somewhere You Are Something You Do Dual-Factor and Multifactor Authentication Summarizing Identification Methods Comparing Authentication Services Kerberos LDAP and Secure LDAP Single Sign-On SSO and Transitive Trusts SSO and a Federation SSO and SAML SAML and Authorization Authenticating RAS Clients PAP CHAP MS-CHAP and MS-CHAPv2 RADIUS Diameter XTACACS TACACS+ AAA Protocols Chapter 1 Exam Topic Review Chapter 1 Practice Questions Chapter 1 Practice Question Answers Chapter 2 Exploring Control Types and Methods Understanding Control Types Control Implementation Methods Technical Controls Management Controls Operational Controls Control Goals Preventive Controls Detective Controls Comparing Detection and Prevention Controls Corrective Controls Deterrent Controls Compensating Controls Combining Control Types and Goals Comparing Physical Security Controls Comparing Door Access Systems Securing Door Access with Cipher Locks Securing Door Access with Proximity Cards Securing Door Access with Biometrics Identifying Users with ID Badges Tailgating Preventing Tailgating with Mantraps Increasing Physical Security with Guards Controlling Access with Access Lists and Logs Monitoring Areas with Video Surveillance Combining Fencing and Motion Detection Combining Proper Lighting and Motion Detection Combining Alarms and Motion Detection Securing Access with Barricades Using Signs Using Hardware Locks Securing Mobile Computers with Cable Locks Securing Servers with Locking Cabinets Securing Small Devices with a Safe Implementing Logical Access Controls Least Privilege Need to Know Group Policy Using a Password Policy Domain Password Policy Application Passwords Managing Accounts Disabling and Deleting Accounts Recovering Accounts Prohibiting Generic Accounts Restricting Access Based on Time-of-Day Expiring Accounts Reviewing Account Access Credential Management Comparing Access Control Models Role-Based Access Control Using Roles Based on Jobs and Functions Documenting Roles with a Matrix Establishing Access with Group-Based Privileges Rule-Based Access Control Discretionary Access Control SIDs and DACLs The Owner Establishes Access Beware of Trojans Mandatory Access Control Labels and Lattice Establishing Access Chapter 2 Exam Topic Review Chapter 2 Practice Questions Chapter 2 Practice Question Answers Chapter 3 Understanding Basic Network Security Reviewing Basic Networking Concepts Protocols Common TCP/IP Protocols IPv4 IPv6 Understanding DNS Understanding and Identifying Ports Combining the IP Address and the Port IP Address Used to Locate Hosts Server Ports Client Ports Putting It All Together The Importance of Ports in Security Memorize These Ports Understanding Basic Network Devices Hub Switch Security Benefit of a Switch Physical Security of a Switch Loop Protection VLAN Port Security 802.1x Port Security Router Routers and ACLs Implicit Deny Firewall Host-Based Firewalls Network-Based Firewalls Firewall Rules Web Application Firewall Advanced Firewalls Firewall Logs and Log Analysis Network Separation Protecting the Network Perimeter DMZ Understanding NAT and PAT Proxies Caching Content for Performance Using URL Filters to Restrict Access Unified Threat Management Web Security Gateway UTM Security Appliances Web Security Gateway Versus UTM Security Appliance Identifying OSI Relevance Understanding the Layers Layer 1: Physical Layer 2: Data Link Layer 3: Network Layer 4: Transport Layer 5: Session Layer 6: Presentation Layer 7: Application Firewall Rules Solution Chapter 3 Exam Topic Review Chapter 3 Practice Questions Chapter 3 Practice Question Answers Chapter 4 Securing Your Network Understanding IDSs and IPSs Packet Sniffing HIDS NIDS Detection Methods Signature-Based Detection Anomaly-Based Detection Data Sources and Trends Reporting False Positives Versus False Negatives IDS Responses Honeypots Honeynets Counterattacks IDS Versus IPS Securing Wireless Networks Reviewing Wireless Basics WAPs and Wireless Routers 802.11 Antennas Site Surveys and Antenna Placement Security Protocols WEP WPA WPA2 TKIP Versus CCMP IEEE 802.1x Personal Versus Enterprise Modes EAP, PEAP, and LEAP WTLS and ECC Captive Portals Hot Spots and Isolation Mode

Description:
The CompTIA Security+ Get Certified Get Ahead SY0-401 Study Guide is an update to the top-selling SY0-201 and SY0-301 study guides, which have helped thousands of readers pass the exam the first time they took it. After a comprehensive review by ProCert Labs, the SY0-401 version has been certified a
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.