Mike Chapple, David Seidl

CompTIA Security+ Study Guide with over 500 Practice Test Questions (eBook, ePUB)

Exam SY0-701

• Format: ePub

Produktbeschreibung

Master key exam objectives and crucial cybersecurity concepts for the CompTIA Security+ SY0-701 exam, along with an online test bank with hundreds of practice questions and flashcards In the newly revised ninth edition of CompTIA Security+ Study Guide: Exam SY0-701, veteran cybersecurity professionals and educators Mike Chapple and David Seidl deliver easy-to-follow coverage of the security fundamentals tested by the challenging CompTIA SY0-701 exam. You'll explore general security concepts, threats, vulnerabilities, mitigations, security architecture and operations, as well as security program management and oversight. You'll get access to the information you need to start a new career--or advance an existing one--in cybersecurity, with efficient and accurate content. You'll also find: * Practice exams that get you ready to succeed on your first try at the real thing and help you conquer test anxiety * Hundreds of review questions that gauge your readiness for the certification exam and help you retain and remember key concepts * Complimentary access to the online Sybex learning environment, complete with hundreds of additional practice questions and flashcards, and a glossary of key terms, all supported by Wiley's support agents who are available 24x7 via email or live chat to assist with access and login questions Perfect for everyone planning to take the CompTIA SY0-701 exam, as well as those aiming to secure a higher-level certification like the CASP+, CISSP, or CISA, this study guide will also earn a place on the bookshelves of anyone who's ever wondered if IT security is right for them. It's a must-read reference!

---

Dieser Download kann aus rechtlichen Gründen nur mit Rechnungsadresse in D ausgeliefert werden.

Produktdetails

• Verlag: John Wiley & Sons
• Seitenzahl: 1126
• Erscheinungstermin: 3. November 2023
• Englisch
• ISBN-13: 9781394211425
• Artikelnr.: 69438186

Autorenporträt

ABOUT THE AUTHORS

MIKE CHAPPLE, PhD, SECURITY+, CYSA+, CISSP, is Teaching Professor of Information Technology, Analytics, and Operations at Notre Dame's Mendoza College of Business. He is a bestselling author of over 25 books and serves as the Academic Director of the University's Master of Science in Business Analytics program. He holds multiple additional certifications, including the CISSP (Certified Information Systems Security Professional), CySA+ (CompTIA Cybersecurity Analyst), CIPP/US (Certified Information Privacy Professional), CompTIA PenTest+, and CompTIA Security+. Mike provides cybersecurity certification resources at his website, CertMike.com.

DAVID SEIDL, CYSA+, CISSP, PENTEST+, is Vice President for Information Technology and CIO at Miami University where he leads an award winning, nationally recognized IT organization. David is a bestselling author who has written over 20 books with a focus on cybersecurity certification and cyberwarfare.

Inhaltsangabe

Introduction xxxi

Chapter 1 Today's Security Professional 1

Cybersecurity Objectives 2

Data Breach Risks 3

The DAD Triad 4

Breach Impact 5

Implementing Security Controls 7

Gap Analysis 7

Security Control Categories 8

Security Control Types 9

Data Protection 10

Data Encryption 11

Data Loss Prevention 11

Data Minimization 12

Access Restrictions 13

Segmentation and Isolation 13

Summary 13

Exam Essentials 14

Review Questions 16

Chapter 2 Cybersecurity Threat Landscape 21

Exploring Cybersecurity Threats 23

Classifying Cybersecurity Threats 23

Threat Actors 25

Attacker Motivations 31

Threat Vectors and Attack Surfaces 32

Threat Data and Intelligence 35

Open Source Intelligence 35

Proprietary and Closed- Source Intelligence 38

Assessing Threat Intelligence 39

Threat Indicator Management and Exchange 40

Information Sharing Organizations 41

Conducting Your Own Research 42

Summary 42

Exam Essentials 43

Review Questions 45

Chapter 3 Malicious Code 49

Malware 50

Ransomware 51

Trojans 52

Worms 54

Spyware 55

Bloatware 56

Viruses 57

Keyloggers 59

Logic Bombs 60

Rootkits 60

Summary 62

Exam Essentials 62

Review Questions 64

Chapter 4 Social Engineering and Password Attacks 69

Social Engineering and Human Vectors 70

Social Engineering Techniques 71

Password Attacks 76

Summary 78

Exam Essentials 78

Review Questions 80

Chapter 5 Security Assessment and Testing 85

Vulnerability Management 87

Identifying Scan Targets 87

Determining Scan Frequency 89

Configuring Vulnerability Scans 91

Scanner Maintenance 95

Vulnerability Scanning Tools 98

Reviewing and Interpreting Scan Reports 101

Confirmation of Scan Results 111

Vulnerability Classification 112

Patch Management 112

Legacy Platforms 113

Weak Configurations 115

Error Messages 115

Insecure Protocols 116

Weak Encryption 117

Penetration Testing 118

Adopting the Hacker Mindset 119

Reasons for Penetration Testing 120

Benefits of Penetration Testing 120

Penetration Test Types 121

Rules of Engagement 123

Reconnaissance 125

Running the Test 125

Cleaning Up 126

Audits and Assessments 126

Security Tests 127

Security Assessments 128

Security Audits 129

Vulnerability Life Cycle 131

Vulnerability Identification 131

Vulnerability Analysis 132

Vulnerability Response and Remediation 132

Validation of Remediation 132

Reporting 133

Summary 133

Exam Essentials 134

Review Questions 136

Chapter 6 Application Security 141

Software Assurance Best Practices 143

The Software Development Life Cycle 143

Software Development Phases 144

DevSecOps and DevOps 146

Designing and Coding for Security 147

Secure Coding Practices 148

API Security 149

Software Security Testing 149

Analyzing and Testing Code 150