Professional Documents
Culture Documents
CompTIA Security+ Certification Study Guide (Exam SY0-601) Glen E. Clarke full chapter instant download
CompTIA Security+ Certification Study Guide (Exam SY0-601) Glen E. Clarke full chapter instant download
CompTIA Security+ Certification Study Guide (Exam SY0-601) Glen E. Clarke full chapter instant download
https://ebookmass.com/product/comptia-security-certification-
bundle-exam-sy0-601-glen-e-clarke/
https://ebookmass.com/product/comptia-network-certification-
study-guide-seventh-edition-exam-n10-007-glen-e-clarke-clarke/
https://ebookmass.com/product/mike-meyers-comptia-security-
certification-guide-third-edition-exam-sy0-601-mike-meyers/
https://ebookmass.com/product/comptia-security-certification-
practice-exams-fourth-edition-exam-sy0-601-lachance/
Mike Meyers CompTIA Security+ Certification Passport
(Exam SY0-601) Dawn Dunkerley
https://ebookmass.com/product/mike-meyers-comptia-security-
certification-passport-exam-sy0-601-dawn-dunkerley-2/
https://ebookmass.com/product/mike-meyers-comptia-security-
certification-passport-exam-sy0-601-dawn-dunkerley/
https://ebookmass.com/product/comptia-security-all-in-one-exam-
guide-exam-sy0-601-wm-arthur-conklin/
https://ebookmass.com/product/comptia-security-get-certified-get-
ahead-sy0-501-study-guide-ebook-pdf/
https://ebookmass.com/product/comptia-security-all-in-one-exam-
guide-sixth-edition-exam-sy0-601-wm-arthur-conklin/
Copyright © 2022 by McGraw Hill. All rights reserved. Except as
permitted under the United States Copyright Act of 1976, no part of
this publication may be reproduced or distributed in any form or by
any means, or stored in a database or retrieval system, without the
prior written permission of the publisher.
ISBN: 978-1-26-046794-9
MHID: 1-26-046794-5
The material in this eBook also appears in the print version of this
title: ISBN: 978-1-26-046793-2, MHID: 1-26-046793-7.
TERMS OF USE
This is a copyrighted work and McGraw-Hill Education and its
licensors reserve all rights in and to the work. Use of this work is
subject to these terms. Except as permitted under the Copyright Act
of 1976 and the right to store and retrieve one copy of the work,
you may not decompile, disassemble, reverse engineer, reproduce,
modify, create derivative works based upon, transmit, distribute,
disseminate, sell, publish or sublicense the work or any part of it
without McGraw-Hill Education’s prior consent. You may use the
work for your own noncommercial and personal use; any other use
of the work is strictly prohibited. Your right to use the work may be
terminated if you fail to comply with these terms.
4 Types of Attacks
5 Vulnerabilities and Threats
6 Mitigating Security Threats
10 Authentication
11 Authorization and Access Control
12 Introduction to Cryptography
17 Risk Analysis
18 Disaster Recovery and Business Continuity
Index
CONTENTS
Preface
Acknowledgments
Introduction
4 Types of Attacks
Understanding Social Engineering
Social Engineering Overview
Popular Social Engineering Attacks
Physical Attacks
Adversarial Artificial Intelligence
Supply-Chain Attacks
Cloud-Based vs. On-Premises Attacks
Reasons for Effectiveness
Preventing Social Engineering Attacks
Identifying Network Attacks
Popular Network Attacks
Exercise 4-1: DNS Poisoning After Exploit Using Kali
Linux
Exercise 4-2: Performing a Port Scan
Other Network Attacks
Malicious Code or Script Execution
Preventing Network Attacks
Looking at Password Attacks
Types of Password Attacks
Cryptographic Attacks and Concepts
Online vs. Offline Attacks
Other Password Attack Terms
Preventing Password Attacks
Certification Summary
✔ Two-Minute Drill
Q&A Self Test
Self Test Answers
10 Authentication
Identifying Authentication Models
Authentication Terminology
Authentication Methods and Technologies
Multifactor Authentication Factors and Attributes
Exercise 10-1: Configuring MFA in Outlook Web Mail
Authentication Management
Single Sign-On
Cloud vs. On-Premises Requirements
Authentication Protocols
Windows Authentication Protocols
Common Authentication Protocols
Authentication Services
Implementing Authentication
User Accounts
Tokens
Looking at Biometrics
Certificate-Based Authentication
Claims-Based Authentication/Federation Services
Certification Summary
✔ Two-Minute Drill
Q&A Self Test
Self Test Answers
12 Introduction to Cryptography
Introduction to Cryptography Services
Understanding Cryptography
Algorithms and Keys
Exercise 12-1: Encrypting Data with the Caesar
Cipher
Other Cryptography Terms
Symmetric Encryption
Symmetric Encryption Concepts
Symmetric Encryption Algorithms
Exercise 12-2 : Encrypting Data with the AES
Algorithm
Asymmetric Encryption
Asymmetric Encryption Concepts
Asymmetric Encryption Algorithms
Quantum Cryptography
In-Band vs. Out-of-Band Key Exchange
Understanding Hashing
Hashing Concepts
Hashing Algorithms
Exercise 12-3: Generating Hashes to Verify Integrity
Identifying Encryption Uses
Common Use Cases
Understanding Limitations
Encrypting Data
Encrypting Communication
Understanding Steganography
Certification Summary
✔ Two-Minute Drill
Q&A Self Test
Self Test Answers
14 Physical Security
Choosing a Business Location
Facility Concerns
Lighting and Windows
Doors, Windows, and Walls
Safety Concerns
Physical Access Controls
Exercise 14-1: Gaining Access to a System with No
Physical Security
Fencing and Personnel
Hardware Locks/Lock Types
Access Systems
Other Physical Security Controls
Physical Access Lists and Logs
Video Surveillance
Types of Sensors
Implementing Environmental Controls
Understanding HVAC
Shielding
Fire Suppression
Certification Summary
✔ Two-Minute Drill
Q&A Self Test
Self Test Answers
17 Risk Analysis
Introduction to Risk Analysis
Risk Analysis Overview
Risk Analysis Process
Tools to Help Analyze Risk
Risk with Cloud Computing and Third Parties
Risk Assessment Types
Qualitative
Exercise 17-1: Performing a Qualitative Risk Analysis
Quantitative
Exercise 17-2: Performing a Quantitative Risk
Analysis
Risk Mitigation Strategies
Exercise 17-3: Identifying Mitigation Techniques
Certification Summary
✔ Two-Minute Drill
Q&A Self Test
Self Test Answers