CompTIA Security+ Guide to Network Security Fundamentals, 7th Edition PDF by Mark Ciampa

By

CompTIA Security+ Guide to Network Security Fundamentals, Seventh Edition

By Mark Ciampa

Comptia Security+ Guide to Network Security Fundamentals

Table of Contents

Introduction IX

Part 1

Security Fundamentals_1

Module 1

Introduction to Security_3

What Is Information Security? 5

Understanding Security 5

Defining Information Security 5

Who Are the Threat Actors? 7

Script Kiddies 8

Hacktivists 9

State Actors 9

Insiders 10

Other Threat Actors 10

Vulnerabilities and Attacks 11

Vulnerabilities 11

Attack Vectors 14

Social Engineering Attacks 15

Impacts of Attacks 21

Summary 22

Key Terms_23

Review Questions_24

Case Projects_30

Module 2

Threat Management and

Cybersecurity Resources_33

Penetration Testing 34

Defining Penetration Testing 34

Why Conduct a Test? 35

Who Should Perform the Test? 35

Rules of Engagement 37

Performing a Penetration Test 39

Vulnerability Scanning 42

What Is a Vulnerability Scan? 42

Conducting a Vulnerability Scan 43

Data Management Tools 47

Threat Hunting 49

Cybersecurity Resources 50

Frameworks 50

Regulations 52

Legislation 53

Standards 53

Benchmarks/Secure Configuration Guides 54

Information Sources 54

Summ ary_55

Key Terms_56

Review Questions_57

Case Projects_61

Part 2

Endpoint Security_63

Module 3

Threats and Attacks

on Endpoints 65

Attacks Using Malware 66

Imprison 67

Launch 69

Snoop 73

Deceive 75

Evade 76

Application Attacks 77

Scripting 78

Injection 78

Request Forgery 80

Replay 80

Attacks on Software 81

Adversarial Artificial Intelligence

Attacks 83

What Are Artificial Intelligence (AI) and

Machine Learning (ML)? 84

Uses in Cybersecurity 84

Risks in Using AI and ML in Cybersecurity 85

Summ ary_86

Key Terms_88

Review Questions_88

Case Projects_93

Module 4

Endpoint and

Application Development

Security_95

Threat Intelligence Sources 96

Categories of Sources 97

Sources of Threat Intelligence 99

Securing Endpoint Computers 101

Confirm Boot Integrity 101

Protect Endpoints 103

Harden Endpoints 107

Creating and Deploying SecDevOps 112

Application Development Concepts 114

Secure Coding Techniques 115

Code Testing 115

Summ ary_118

Key Terms_120

Review Questions_120

Case Projects_125

Module 5

Mobile, Embedded,

and Specialized Device

Security_127

Securing Mobile Devices 129

Introduction to Mobile Devices 129

Mobile Device Risks 134

Protecting Mobile Devices 136

Embedded Systems and Specialized

Devices 140

Types of Devices 140

Security Issues 144

Summ ary_145

Key Terms_147

Review Questions_148

Case Projects_152

Part 3

Cryptography_155

Module 6

Basic Cryptography_157

Defining Cryptography 158

What Is Cryptography? 158

Cryptography Use Cases 160

Limitations of Cryptography 162

Cryptographic Algorithms 164

Hash Algorithms 165

Symmetric Cryptographic Algorithms 166

Asymmetric Cryptographic Algorithms 168

Cryptographic Attacks and Defenses 172

Attacks on Cryptography 173

Quantum Cryptographic Defenses 174

Using Cryptography 175

Encryption through Software 175

Hardware Encryption 177

Blockchain 178

Summ ary_180

Key Terms_181

Review Questions_181

Case Projects_187

Module 7

Public Key Infrastructure

and Cryptographic

Protocols_191

Digital Certificates 192

Defining Digital Certificates 192

Managing Digital Certificates 194

Types of Digital Certificates 197

Public Key Infrastructure (PKI) 202

What Is Public Key Infrastructure (PKI)? 202

Trust Models 202

Managing PKI 204

Key Management 205

Cryptographic Protocols 207

Secure Sockets Layer (SSL) 208

Transport Layer Security (TLS) 208

Secure Shell (SSH) 208

Hypertext Transport Protocol Secure (HTTPS) 209

Secure/Multipurpose Internet Mail

Extensions (S/MIME) 209

Secure Real-time Transport Protocol (SRTP) 209

IP Security (IPsec) 210

Weaknesses of Cryptographic Protocols 210

Implementing Cryptography 211

Key Strength 211

Secret Algorithms 212

Block Cipher Modes of Operation 212

Crypto Service Providers 213

Summ ary_214

Key Terms_215

Review Questions_216

Case Projects_220

Part 4

Network Security_223

Module 8

Networking Threats,

Assessments, and Defenses_225

Attacks on Networks 226

Interception Attacks 227

Layer 2 Attacks 228

DNS Attacks 231

Distributed Denial of Service Attack 233

Malicious Coding and Scripting Attacks 234

Tools for Assessment and Defense 236

Network Reconnaissance and Discovery Tools 237

Linux File Manipulation Tools 238

Scripting Tools 238

Packet Capture and Replay Tools 238

Physical Security Controls 240

External Perimeter Defenses 240

Internal Physical Security Controls 243

Computer Hardware Security 245

Summ ary_246

Key Terms_248

Review Questions_248

Case Projects_252

Module 9

Network Security Appliances

and Technologies_255

Security Appliances 256

Firewalls 257

Proxy Servers 261

Deception Instruments 261

Intrusion Detection and Prevention

Systems 263

Network Hardware Security Modules 264

Configuration Management 265

Security Technologies 266

Access Technologies 266

Technologies for Monitoring and

Managing 269

Design Technologies 272

Summ ary_276

Key Terms_278

Review Questions_279

Case Projects_282

Module 10

Cloud and Virtualization

Security_285

Cloud Security 286

Introduction to Cloud Computing 286

Securing Cloud Computing 292

Virtualization Security 298

Defining Virtualization 298

Infrastructure as Code 300

Security Concerns for Virtual

Environments 302

Secure Network Protocols 304

Simple Network Management Protocol (SNMP) 304

Domain Name System Security Extensions

(DNSSEC) 304

File Transfer Protocol (FTP) 305

Secure Email Protocols 306

Lightweight Directory Access Protocol (LDAP) 306

Internet Protocol Version 6 (IPv6) 307

Use Cases 307

Summ ary_308

Key Terms_310

Review Questions_311

Case Projects_315

Module 11

Wireless Network Security_317

Wireless Attacks 319

Bluetooth Attacks 319

Near Field Communication (NFC) Attacks 321

Radio Frequency Identification (RFID)

Attacks 322

Wireless Local Area Network Attacks 323

Vulnerabilities of WLAN Security 331

Wired Equivalent Privacy 331

Wi-Fi Protected Setup 332

MAC Address Filtering 332

Wi-Fi Protected Access (WPA) 333

Wireless Security Solutions 334

Wi-Fi Protected Access 2 (WPA2) 334

Wi-Fi Protected Access 3 (WPA3) 336

Additional Wireless Security

Protections 336

Installation 337

Configuration 338

Specialized Systems Communications 339

Rogue AP System Detection 339

Summ ary_340

Key Terms_342

Review Questions_342

Case Projects_347

Part 5

Enterprise Security_351

Module 12

Authentication_353

Types of Authentication Credentials 354

Something You Know: Passwords 355

Something You Have: Smartphone and

Security Keys 361

Something You Are: Biometrics 364

Something You Do: Behavioral Biometrics 368

Authentication Solutions 369

Password Security 370

Secure Authentication Technologies 373

Summ ary_378

Key Terms_379

Review Questions_380

Case Projects_386

Module 13

Incident Preparation,

Response, and Investigation_389

Incident Preparation 390

Reasons for Cybersecurity Incidents 391

Preparing for an Incident 397

Incident Response 400

Use SOAR Runbooks and Playbooks 401

Perform Containment 401

Make Configuration Changes 402

Incident Investigation 402

Data Sources 402

Digital Forensics 405

Summ ary_413

Key Terms_415

Review Questions_415

Case Projects_420

Module 14

Cybersecurity Resilience_423

Business Continuity 424

Introduction to Business Continuity 424

Resilience Through Redundancy 427

Policies 436

Definition of a Policy 436

Types of Security Policies 437

Summ ary_444

Key Terms_445

Review Questions_446

Case Projects_451

Module 15

Risk Management and Data

Privacy_453

Managing Risk 454

Defining Risk 455

Risk Types 456

Risk Analysis 457

Risk Management 461

Data Privacy 466

User Concerns 467

Data Breach Consequences 468

Data Types 468

Protecting Data 468

Data Destruction 470

Summ ary_470

Key Terms_472

Review Questions_473

Case Projects_476

appendices A

COMPTIA SECURITY+ SY0-601

CERTIFICATION EXAM

OBJECTIVES 479

appendices B

TWO RIGHTS & A WRONG:

ANSWERS 505

GLO SSAR Y 515

index 543

This book is US$10. Order for this book:
(Request for free sample pages click on "Order Now" button)

Book Order
Or, Send email: [email protected]

Share this Book!

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.