CompTIA Security+ SY0-601 Exam Cram, 6/e

CompTIA

Security+

SY0-601

Exam Cram

?

Marty M. Weiss

Pearson

221 River Street

Hoboken, NJ 07030 USA

CompTIA? Security+ SY0-601 Exam Cram

Copyright ? 2021 by Pearson Education, Inc.

Editor-in-Chief

Mark Taub

All rights reserved. This publication is protected by copyright, and

permission must be obtained from the publisher prior to any prohibited

reproduction, storage in a retrieval system, or transmission in any form or

by any means, electronic, mechanical, photocopying, recording, or likewise.

For information regarding permissions, request forms, and the appropriate

contacts within the Pearson Education Global Rights & Permissions

Department, please visit permissions.

Director,

ITP Product

Management

Brett Bartow

No patent liability is assumed with respect to the use of the information

contained herein. Although every precaution has been taken in the

preparation of this book, the publisher and author assume no responsibility

for errors or omissions. Nor is any liability assumed for damages resulting

from the use of the information contained herein.

Development

Editor

Ellie C. Bru

ISBN-13: 978-0-13-679867-5

ISBN-10: 0-13-679867-5

Library of Congress Control Number: 2020914528

ScoutAutomatedPrintCode

Trademarks

All terms mentioned in this book that are known to be trademarks or service

marks have been appropriately capitalized. Pearson IT Certification cannot

attest to the accuracy of this information. Use of a term in this book should

not be regarded as affecting the validity of any trademark or service mark.

Warning and Disclaimer

Every effort has been made to make this book as complete and as accurate

as possible, but no warranty or fitness is implied. The information provided

is on an ¡°as is¡± basis. The author and the publisher shall have neither

liability nor responsibility to any person or entity with respect to any loss or

damages arising from the information contained in this book.

Special Sales

For information about buying this title in bulk quantities, or for special sales

opportunities (which may include electronic versions; custom cover designs;

and content particular to your business, training goals, marketing focus,

or branding interests), please contact our corporate sales department at

corpsales@ or (800) 382-3419.

For government sales inquiries, please contact

governmentsales@?.

For questions about sales outside the U.S., please contact

intlcs@.

Executive Editor

Nancy Davis

Managing Editor

Sandra Schroeder

Project Editor

Mandie Frank

Copy Editor

Kitty Wilson

Indexer

Ken Johnson

Proofreader

Donna Mulder

Technical Editor

Christopher

Crayton

Publishing

Coordinator

Cindy Teeters

Designer

Chuti Prasertsith

Compositor

codeMantra

Credits

Figure Number

Attribution/Credit

Figure 2-1 Screenshot of an example of what user¡¯s see when

they were infected with ransomware ? WannaCry

Figure 5-1 Screenshot of an example of an interactive threat map

? 2018 AO Kaspersky Lab

Figure 10-4 Screenshot of The AWS Management Console

? 2020, Amazon Web Services, Inc.

Figure 12-1

Courtesy of Apple, Inc.

Figure 23-1 Screenshot of Windows local security policy

settings for the account lockout policy ? Microsoft

2020

Figure 23-2 Screenshot of Windows local security policy

settings for the password policy ? Microsoft 2020

Figure 24-1 Screenshot of Standard Microsoft Windows file

permissions ? Microsoft 2020

Figure 25-1 Screenshot of details of a digital certificate ? 2020

Apple Inc.

Figure 26-1 Screenshot of using a command-line interface to

access a remote computer by using SSH ? 2020

Apple, Inc.

Figure 26-2 Screenshot of using the cURL command to return

the source code of a web page ? 2020 Apple, Inc.

Figure 26-3 Screenshot of using the ping command-line utility

? 2020 Apple, Inc.

Figure 28-1 Screenshot of an example of a SIEM system security dashboard ? security information and event

management

Figure 28-2 Screenshot of Microsoft Windows Event Viewer

Security log ? Microsoft 2020

Figure 28-3 Screenshot of Activity Monitor for macOS ? 2020

Apple, Inc.

Contents at a Glance

Introduction

Part I: Attacks, Threats, and Vulnerabilities

xxvii

1

CHAPTER 1

Social Engineering Techniques

CHAPTER 2

Attack Basics

15

CHAPTER 3

Application Attacks

35

CHAPTER 4

Network Attacks

53

CHAPTER 5

Threat Actors, Vectors, and Intelligence Sources

73

CHAPTER 6

Vulnerabilities

89

CHAPTER 7

Security Assessment Techniques

99

CHAPTER 8

Penetration Testing Techniques

Part II: Architecture and Design

3

111

121

Enterprise Security Concepts

123

CHAPTER 10

Virtualization and Cloud Computing

145

CHAPTER 11

Secure Application Development, Deployment, and

Automation

165

CHAPTER 12

Authentication and Authorization Design

189

CHAPTER 13

Cybersecurity Resilience

205

CHAPTER 14

Embedded and Specialized Systems

225

CHAPTER 15

Physical Security Controls

239

CHAPTER 16

Cryptographic Concepts

261

CHAPTER 9

Part III: Implementation

279

CHAPTER 17

Secure Protocols

281

CHAPTER 18

Host and Application Security Solutions

307

CHAPTER 19

Secure Network Design

339

CHAPTER 20

Wireless Security Settings

371

CHAPTER 21

Secure Mobile Solutions

389

CHAPTER 22

Cloud Cybersecurity Solutions

421

CHAPTER 23

Identity and Account Management Controls

433

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download