Skip to main content

CompTIA Security+ Certification Kit: Exam SY0-401, 4th Edition

Description

The most complete, up-to-date Security+ prep kit, with 100% exam coverage

CompTIA Security+ Certification Kit, 4th Edition is the ideal study tool for the price-savvy Security+ candidate. By combining the CompTIA Deluxe Security+ Study Guide, 3rd Edition and the CompTIA Security+ Review Guide, 3rd Edition into a single bundle, this kit provides everything you need to go into the exam fully prepared. This new edition has been updated to align with the latest version of the Security+ exam (SY0-401), and covers 100% of the exam objectives including communications, infrastructure, operational and organizational security, and much more. Practical examples drawn from real-world topics demonstrate how these concepts are applied on the job, and authoritative coverage and clear, concise explanations help deepen your understanding of these crucial security topics. The DVD includes instructional videos, electronic flashcards, software, and a test bank that allows you to test your knowledge and correct weak areas in advance, so you can approach the exam with confidence.

  • Study 100% of the Security+ exam objectives
  • See key topics demonstrated in over an hour of instructional videos
  • Understand real-world applications through practical examples
  • Try out Kali Linux, designed for security auditing, digital forensics, and penetration testing, and Security Onion for intrusion detection, network security monitoring, and log management
  • Test your knowledge with leading-edge exam prep software

With complete exam coverage and practical insight, CompTIA Security+ Certification Kit, 4th Edition gives you the confidence you need on exam day.

CompTIA Security+ Deluxe Study Guide: SY0-401

Foreword xxvii

Introduction xxix

Chapter 1 Measuring and Weighing Risk 1

Risk Assessment 3

Computing Risk Assessment 4

Acting on Your Risk Assessment 9

Risks Associated with Cloud Computing 17

Risks Associated with Virtualization 19

Developing Policies, Standards, and Guidelines 19

Implementing Policies 20

Understanding Control Types and

False Positives/Negatives 26

Risk Management Best Practices 28

Disaster Recovery 36

Tabletop Exercise 39

Summary 39

Exam Essentials 39

Review Questions 41

Chapter 2 Monitoring and Diagnosing Networks 45

Monitoring Networks 46

Network Monitors 46

Understanding Hardening 52

Working with Services 52

Patches 56

User Account Control 57

Filesystems 58

Securing the Network 60

Security Posture 61

Continuous Security Monitoring 61

Setting a Remediation Policy 62

Reporting Security Issues 63

Alarms 63

Alerts 63

Trends 63

Differentiating between Detection Controls and

Prevention Controls 64

Summary 65

Exam Essentials 66

Review Questions 67

Chapter 3 Understanding Devices and Infrastructure 71

Mastering TCP/IP 73

OSI Relevance 74

Working with the TCP/IP Suite 74

IPv4 and IPv6 78

Understanding Encapsulation 79

Working with Protocols and Services 80

Designing a Secure Network 87

Demilitarized Zones 87

Subnetting 89

Virtual Local Area Networks 89

Remote Access 92

Network Address Translation 93

Telephony 94

Network Access Control 95

Understanding the Various Network Infrastructure Devices 95

Firewalls 96

Routers 100

Switches 102

Load Balancers 103

Proxies 103

Web Security Gateway 103

VPNs and VPN Concentrators 103

Intrusion Detection Systems 105

Understanding Intrusion Detection Systems 106

IDS vs. IPS 110

Working with a Network-Based IDS 111

Working with a Host-Based IDS 116

Working with NIPSs 117

Protocol Analyzers 118

Spam Filters 118

UTM Security Appliances 119

Summary 122

Exam Essentials 123

Review Questions 124

Chapter 4 Access Control, Authentication, and Authorization 129

Understanding Access Control Basics 131

Identification vs. Authentication 131

Authentication (Single Factor) and Authorization 132

Multifactor Authentication 133

Layered Security and Defense in Depth 133

Network Access Control 134

Tokens 135

Federations 135

Potential Authentication and Access Problems 136

Authentication Issues to Consider 137

Authentication Protocols 139

Account Policy Enforcement 139

Users with Multiple Accounts/Roles 141

Generic Account Prohibition 142

Group-based and User-assigned Privileges 142

Understanding Remote Access Connectivity 142

Using the Point-to-Point Protocol 143

Working with Tunneling Protocols 144

Working with RADIUS 145

TACACS/TACACS+/XTACACS 146

VLAN Management 146

SAML 147

Understanding Authentication Services 147

LDAP 147

Kerberos 148

Single Sign-On Initiatives 149

Understanding Access Control 150

Mandatory Access Control 151

Discretionary Access Control 151

Role-Based Access Control 152

Rule-Based Access Control 152

Implementing Access Controlling Best Practices 152

Least Privileges 153

Separation of Duties 153

Time of Day Restrictions 153

User Access Review 154

Smart Cards 154

Access Control Lists 156

Port Security 157

Working with 802.1X 158

Flood Guards and Loop Protection 158

Preventing Network Bridging 158

Log Analysis 159

Trusted OS 159

Secure Router Configuration 160

Summary 161

Exam Essentials 161

Review Questions 163

Chapter 5 Protecting Wireless Networks 167

Working with Wireless Systems 169

IEEE 802.11x Wireless Protocols 169

WEP/WAP/WPA/WPA2 171

Wireless Transport Layer Security 173

Understanding Wireless Devices 174

Wireless Access Points 175

Extensible Authentication Protocol 181

Lightweight Extensible Authentication Protocol 182

Protected Extensible Authentication Protocol 182

Wireless Vulnerabilities to Know 183

Wireless Attack Analogy 187

Summary 188

Exam Essentials 189

Review Questions 190

Chapter 6 Securing the Cloud 195

Working with Cloud Computing 196

Software as a Service (SaaS) 197

Platform as a Service (PaaS) 198

Infrastructure as a Service (IaaS) 199

Private Cloud 200

Public Cloud 200

Community Cloud 200

Hybrid Cloud 201

Working with Virtualization 201

Snapshots 203

Patch Compatibility 203

Host Availability/Elasticity 204

Security Control Testing 204

Sandboxing 204

Security and the Cloud 205

Cloud Storage 206

Summary 207

Exam Essentials 207

Review Questions 208

Chapter 7 Host, Data, and Application Security 213

Application Hardening 215

Databases and Technologies 215

Fuzzing 218

Secure Coding 218

Application Configuration Baselining 219

Operating System Patch Management 220

Application Patch Management 220

Host Security 220

Permissions 220

Access Control Lists 221

Antimalware 221

Host Software Baselining 226

Hardening Web Servers 227

Hardening Email Servers 228

Hardening FTP Servers 229

Hardening DNS Servers 230

Hardening DHCP Services 231

Protecting Data Through Fault Tolerance 233

Backups 233

RAID 234

Clustering and Load Balancing 235

Application Security 235

Best Practices for Security 236

Data Loss Prevention 236

Hardware-Based Encryption Devices 237

Summary 238

Exam Essentials 238

Review Questions 239

Chapter 8 Cryptography 243

An Overview of Cryptography 245

Historical Cryptography 245

Modern Cryptography 249

Working with Symmetric Algorithms 249

Working with Asymmetric Algorithms 251

What Cryptography Should You Use? 254

Hashing Algorithms 255

Rainbow Tables and Salt 256

Key Stretching 256

Understanding Quantum Cryptography 257

Cryptanalysis Methods 257

Wi-Fi Encryption 258

Using Cryptographic Systems 258

Confidentiality and Strength 259

Integrity 259

Digital Signatures 261

Authentication 261

Nonrepudiation 262

Key Features 262

Understanding Cryptography Standards and Protocols 263

The Origins of Encryption Standards 263

Public-Key Infrastructure X.509

/Public-Key Cryptography Standards 266

X.509 267

SSL and TLS 268

Certificate Management Protocols 270

Secure Multipurpose Internet Mail Extensions 270

Secure Electronic Transaction 270

Secure Shell 271

Pretty Good Privacy 272

HTTP Secure 274

Secure HTTP 274

IP Security 274

Tunneling Protocols 277

Federal Information Processing Standard 278

Using Public-Key Infrastructure 278

Using a Certificate Authority 279

Working with Registration Authorities and

Local Registration Authorities 280

Implementing Certificates 281

Understanding Certificate Revocation 285

Implementing Trust Models 285

Hardware-Based Encryption Devices 290

Data Encryption 290

Summary 291

Exam Essentials 291

Review Questions 293

Chapter 9 Malware, Vulnerabilities, and Threats 297

Understanding Malware 300

Surviving Viruses 310

Symptoms of a Virus Infection 311

How Viruses Work 311

Types of Viruses 312

Managing Spam to Avoid Viruses 316

Antivirus Software 317

Understanding Various Types of Attacks 318

Identifying Denial-of-Service and

Distributed Denial-of-Service Attacks 319

Spoofing Attacks 321

Pharming Attacks 322

Phishing, Spear Phishing, and Vishing 323

Xmas Attack 324

Man-in-the-Middle Attacks 324

Replay Attacks 325

Smurf Attacks 326

Password Attacks 326

Privilege Escalation 328

Malicious Insider Threats 332

Transitive Access 332

Client-Side Attacks 333

Typo Squatting and URL Hijacking 333

Watering Hole Attack 334

Identifying Types of Application Attacks 334

Cross-Site Scripting and Forgery 334

SQL Injection 335

LDAP Injection 336

XML Injection 337

Directory Traversal/Command Injection 337

Buffer Overflow 338

Integer Overflow 338

Zero-Day Exploits 338

Cookies and Attachments 338

Locally Shared Objects and Flash Cookies 339

Malicious Add-Ons 339

Session Hijacking 340

Header Manipulation 340

Arbitrary Code and Remote Code Execution 341

Tools for Finding Threats 341

Interpreting Assessment Results 341

Tools to Know 342

Risk Calculations and Assessment Types 344

Summary 346

Exam Essentials 346

Review Questions 348

Chapter 10 Social Engineering and Other Foes 353

Understanding Social Engineering 355

Types of Social Engineering Attacks 356

What Motivates an Attack? 361

The Principles Behind Social Engineering 362

Social Engineering Attack Examples 363

Understanding Physical Security 366

Hardware Locks and Security 369

Mantraps 371

Video Surveillance 371

Fencing 372

Access List 373

Proper Lighting 374

Signs 374

Guards 374

Barricades 375

Biometrics 375

Protected Distribution 376

Alarms 376

Motion Detection 376

Environmental Controls 377

HVAC 378

Fire Suppression 378

EMI Shielding 380

Hot and Cold Aisles 382

Environmental Monitoring 383

Temperature and Humidity Controls 383

Control Types 384

A Control Type Analogy 385

Data Policies 385

Destroying a Flash Drive 386

Some Considerations 387

Optical Discs 388

Summary 389

Exam Essentials 389

Review Questions 391

Chapter 11 Security Administration 395

Third-Party Integration 397

Transitioning 397

Ongoing Operations 398

Understanding Security Awareness and Training 399

Communicating with Users to Raise Awareness 399

Providing Education and Training 399

Safety Topics 401

Training Topics 402

Classifying Information 409

Public Information 410

Private Information 411

Information Access Controls 413

Security Concepts 413

Complying with Privacy and Security Regulations 414

The Health Insurance Portability and

Accountability Act 415

The Gramm-Leach-Bliley Act 415

Contents xxi

The Computer Fraud and Abuse Act 416

The Family Educational Rights and Privacy Act 416

The Computer Security Act of 1987 416

The Cyberspace Electronic Security Act 417

The Cyber Security Enhancement Act 417

The Patriot Act 417

Familiarizing Yourself with International Efforts 418

Mobile Devices 418

BYOD Issues 419

Alternative Methods to Mitigate Security Risks 420

Summary 422

Exam Essentials 422

Review Questions 424

Chapter 12 Disaster Recovery and Incident Response 429

Issues Associated with Business Continuity 431

Types of Storage Mechanisms 432

Crafting a Disaster-Recovery Plan 433

Incident Response Policies 445

Understanding Incident Response 446

Succession Planning 454

Tabletop Exercises 454

Reinforcing Vendor Support 455

Service-Level Agreements 455

Code Escrow Agreements 457

Penetration Testing 458

What Should You Test? 458

Vulnerability Scanning 459

Summary 460

Exam Essentials 461

Review Questions 462

Appendix A Answers to Review Questions 467

Chapter 1: Measuring and Weighing Risk 468

Chapter 2: Monitoring and Diagnosing Networks 469

Chapter 3: Understanding Devices and Infrastructure 470

Chapter 4: Access Control, Authentication, and

Authorization 471

Chapter 5: Protecting Wireless Networks 473

Chapter 6: Securing the Cloud 474

Chapter 7: Host, Data, and Application Security 475

Chapter 8: Cryptography 476

Chapter 9: Malware, Vulnerabilities, and Threats 477

Chapter 10: Social Engineering and Other Foes 478

Chapter 11: Security Administration 480

Chapter 12: Disaster Recovery and Incident Response 481

Appendix B Labs, Questions, and Exam Preparation Miscellany 483

The Challenges 485

See Hidden Shares 485

Choose Problem Reporting Defaults 485

Open the Add/Remove Programs Applet 485

Delete Cookies 485

Remove All Currently Allowed Pop-ups 485

Synchronize Files 486

Configure the Crash File 486

Limit Computer Time 486

Hide Extensions 486

Allow Remote Desktop Connections 487

Display Statistics 488

MISC: Fire Extinguisher Types 488

Restore Connections 488

Open the Security Center Applet 489

Identify the Issue #1 489

Display All Information 489

MISC: Compute CIDR #1 490

Turn On the Archive Bit 490

Repair Damaged Files 490

MISC: Identify the Tool #1 490

Generate a System Health Report 491

Change Permissions for a File 491

Create a Legal Notice 492

Open the System Configuration Utility 492

Turn On the SmartScreen Filter 492

Prevent Sites from Knowing Your Location 493

Register with Websites 493

Create a Restore Point 494

Add Encrypted Files 494

Renew a DHCP Address 494

MISC: Algorithm Types 495

Enable Encryption 495

Identify the Issue #2 496

View Configuration for a Service 496

View Current Audit Policy 497

Display Network Path 497

MISC: Identify the Tool #2 497

Change Ownership on a File 498

Enable Drive Compression 498

Configure Program Compatibility 498

Configure Immediate Deletion 499

Change the Registered Organization for Windows 499

Display Disk Quota 499

Allow Pop-Ups from a Site 499

Turn On DEP 499

Enable Protection 500

Require Wake-Up Password 500

Open a Port in Windows Firewall 501

Open the User Accounts 501

Identify the Issue #3 501

Open the System Properties 502

View Group Policy Settings 502

MISC: Attack Types 502

Secure the Database 502

Call Up the Security Policy Manager 503

MISC: Identify the Tool #3 503

View Effective Permissions for a File 503

Create a Quota on Disk Space 504

Optimize a Folder 504

Choose Firewall Notifications 504

MISC: Identify the Tool #4 504

Turn Off Windows Firewall 505

Disable Toolbars 505

Reinstall Windows 505

Change UAC Settings 506

Synchronize Time 506

View All Processes Currently Running 507

Configure a Firewall 507

Display ARP Table 507

Display Windows Version 507

MISC: Compute CIDR #2 508

Summon the Event Viewer 508

Identify the Issue #4 508

Enable ReadyBoost 508

Encrypt Folder Contents 509

Clear Index Scores 509

Turn On BitLocker 509

Turn Off All AutoPlay 509

Choose Default Programs 510

Enable Shutdown Without Login 510

Open System Configuration Editor 510

Override Cookie Handling 511

Software Updates 511

Prohibit Remote Desktop 511

Uninstall 512

Change Notification Settings 512

Display Network Name 512

Flush the Cache 512

Backup and Recover Passwords 513

MISC: Identify the Tool #5 513

MISC: Identify the Tool #6 514

Restart Windows 515

Identify the Issue #5 515

Reduce the Number of Recently Used Programs 515

File Properties 516

Audit Views of a File 516

Configure Sharing of a Folder 516

Don’t Display Last User 516

The Answers 517

See Hidden Shares: Answer 517

Choose Problem Reporting Defaults: Answer 517

Open the Add/Remove Programs Applet: Answer 518

Delete Cookies: Answer 518

Remove All Currently Allowed Pop-ups: Answer 518

Synchronize Files: Answer 519

Configure the Crash File: Answer 519

Limit Computer Time: Answer 520

Hide Extensions: Answer 520

Allow Remote Desktop Connections: Answer 521

Display Statistics: Answer 522

MISC: Fire Extinguisher Types: Answer 522

Restore Connections: Answer 523

Open the Security Center Applet: Answer 523

Identify the Issue #1: Answer 523

Display All Information: Answer 524

MISC: Compute CIDR #1: Answer 524

Turn On the Archive Bit: Answer 525

Repair Damaged Files: Answer 525

MISC: Identify the Tool #1: Answer 525

Generate a System Health Report: Answer 526

Change Permissions for a File: Answer 527

Create a Legal Notice: Answer 528

Open the System Configuration Utility: Answer 529

Turn On the SmartScreen Filter: Answer 529

Prevent Sites from Knowing Your Location: Answer 530

Register with Websites: Answer 530

Create a Restore Point: Answer 531

Add Encrypted Files: Answer 531

Renew a DHCP Address: Answer 532

MISC: Algorithm Types: Answer 532

Enable Encryption: Answer 533

Identify the Issue #2: Answer 534

View Configuration for a Service: Answer 535

View Current Audit Policy: Answer 535

Display Network Path: Answer 535

MISC: Identify the Tool #2: Answer 536

Change Ownership on a File: Answer 536

Enable Drive Compression: Answer 537

Configure Program Compatibility: Answer 537

Configure Immediate Deletion: Answer 538

Change the Registered Organization for Windows: Answer 538

Display Disk Quota: Answer 539

Allow Pop-Ups from a Site: Answer 539

Turn On DEP: Answer 540

Enable Protection: Answer 540

Require Wake-Up Password: Answer 541

Open a Port in Windows Firewall: Answer 542

Open the User Accounts: Answer 543

Identify the Issue #3: Answer 543

Open the System Properties: Answer 543

View Group Policy Settings: Answer 543

MISC: Attack Types: Answer 544

Secure the Database: Answer 544

Call Up the Security Policy Manager: Answer 545

MISC: Identify the Tool #3: Answer 545

View Effective Permissions for a File: Answer 546

Create a Quota on Disk Space: Answer 546

Optimize a Folder: Answer 547

Choose Firewall Notifications: Answer 547

MISC: Identify the Tool #4: Answer 548

Turn Off Windows Firewall: Answer 549

Disable Toolbars: Answer 549

Reinstall Windows: Answer 550

Change UAC Settings: Answer 550

Synchronize Time: Answer 551

View All Processes Currently Running: Answer 551

Configure a Firewall: Answer 552

Display ARP Table: Answer 552

Display Windows Version: Answer 552

MISC: Compute CIDR #2: Answer 553

Summon the Event Viewer: Answer 553

Identify the Issue #4: Answer 553

Enable ReadyBoost: Answer 554

Encrypt Folder Contents: Answer 555

Clear Index Scores: Answer 555

Turn On BitLocker: Answer 556

Turn Off All AutoPlay: Answer 556

Choose Default Programs: Answer 556

Enable Shutdown Without Login: Answer 557

Open System Configuration Editor: Answer 557

Override Cookie Handling: Answer 558

Software Updates: Answer 559

Prohibit Remote Desktop: Answer 559

Uninstall: Answer 560

Change Notification Settings: Answer 560

Display Network Name: Answer 561

Flush the Cache: Answer 561

Backup and Recover Passwords: Answer 561

MISC: Identify the Tool #5: Answer 562

MISC: Identify the Tool #6: Answer 563

Restart Windows: Answer 564

Identify the Issue #5: Answer 564

Reduce the Number of Recently Used Programs: Answer 565

File Properties: Answer 566

Audit Views of a File: Answer 566

Configure Sharing of a Folder: Answer 567

Don’t Display Last User: Answer 567

Appendix C About the Companion CD 569

What You’ll Find on the CD 570

Test Engine 570

Electronic Flashcards 570

E-book in All Formats 570

Videos 571

PDF of Glossary of Terms 571

Adobe Reader 571

System Requirements 571

Using the Study Tools 572

Troubleshooting 572

Customer Care 572

Index

CompTIA Security+ Review Guide: Exam SY0-401

Introduction xxv

Chapter 1 Network Security 1

1.1 Implement security configuration parameters on network devices and other technologies 5

1.2 Given a scenario, use secure network administration principles 22

1.3 Explain network design elements and components 27

1.4 Given a scenario, implement common protocols and services 40

1.5 Given a scenario, troubleshoot security issues related to wireless networking 56

Chapter 2 Compliance and Operational Security 69

2.1 Explain the importance of risk-related concepts 76

2.2 Summarize the security implications of integrating systems and data with third parties 92

2.3 Given a scenario, implement appropriate riskmitigation strategies 96

2.4 Given a scenario, implement basic forensic procedures 101

2.5 Summarize common incident response procedures 106

2.6 Explain the importance of security-related awareness and training 111

2.7 Compare and contrast physical security and environmental controls 123

2.8 Summarize risk-management best practices 135

2.9 Given a scenario, select the appropriate control to meet the goals of security 148

Chapter 3 Threats and Vulnerabilities 155

3.1 Explain types of malware 161

3.2 Summarize various types of attacks 167

3.3 Summarize social engineering attacks and the associated effectiveness with each attack 184

3.4 Explain types of wireless attacks 188

3.5 Explain types of application attacks 194

3.6 Analyze a scenario and select the appropriate type of mitigation and deterrent techniques 201

3.7 Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities 211

3.8 Explain the proper use of penetration testing versus vulnerability scanning 217

Chapter 4 Application, Data, and Host Security 225

4.1 Explain the importance of application security controls and techniques 229

4.2 Summarize mobile security concepts and technologies 235

4.3 Given a scenario, select the appropriate solution to establish host security 244

4.4 Implement the appropriate controls to ensure data security 251

4.5 Compare and contrast alternative methods to mitigate security risks in static environments 257

Chapter 5 Access Control and Identity Management 267

5.1 Compare and contrast the function and purpose of authentication services 270

5.2 Given a scenario, select the appropriate authentication, authorization, or access control 275

5.3 Install and configure security controls when performing account management, based on best practices 289

Chapter 6 Cryptography 299

6.1 Given a scenario, utilize general cryptography concepts 302

6.2 Given a scenario, use appropriate cryptographic methods 331

6.3 Given a scenario, use appropriate PKI, certificate management, and associated components 344

Appendix A Answers to Review Questions 359

Chapter 1: Network Security 360

Chapter 2: Compliance and Operational Security 360

Chapter 3: Threats and Vulnerabilities 361

Chapter 4: Application, Data, and Host Security 362

Chapter 5: Access Control and Identity Management 363

Chapter 6: Cryptography 364

Appendix B About the Additional Study Tools 367

Additional Study Tools 368

Sybex Test Engine 368

Electronic Flashcards 368

PDF of Glossary of Terms 368

Adobe Reader 368

System Requirements 369

Using the Study Tools 369

Troubleshooting 369

Customer Care 370

Index 371

 

CompTIA Voucher Discount
Download