CompTIA Security+ All-in-One Exam Guide (Exam SY0-501) 5th Edition Wm. Arthur Conklin full chapter instant download

CompTIA Security+ All-in-One Exam
Guide (Exam SY0-501) 5th Edition Wm.

Arthur Conklin
Visit to download the full and correct content document:
https://ebookmass.com/product/comptia-security-all-in-one-exam-guide-exam-sy0-50
1-5th-edition-wm-arthur-conklin/
More products digital (pdf, epub, mobi) instant
download maybe you interests ...
CompTIA Security+ All-in-One Exam Guide (Exam SY0-601))

Wm. Arthur Conklin
https://ebookmass.com/product/comptia-security-all-in-one-exam-
guide-exam-sy0-601-wm-arthur-conklin/
CompTIA Security+ All-in-One Exam Guide, Sixth Edition

(Exam SY0-601)) Wm. Arthur Conklin
guide-sixth-edition-exam-sy0-601-wm-arthur-conklin/
CompTIA Security+ All in One Exam Guide, Fifth Edition

(Exam SY0 501) 5th Edition, (Ebook PDF)
guide-fifth-edition-exam-sy0-501-5th-edition-ebook-pdf/
CSSLP Certified Secure Software Lifecycle Professional

All-in-One Exam Guide, 3rd Edition Wm. Arthur Conklin
https://ebookmass.com/product/csslp-certified-secure-software-
lifecycle-professional-all-in-one-exam-guide-3rd-edition-wm-
arthur-conklin/
Mike Meyers' CompTIA Security+ Certification Guide,
Second Edition (Exam SY0-501) Mike Meyers
https://ebookmass.com/product/mike-meyers-comptia-security-
certification-guide-second-edition-exam-sy0-501-mike-meyers/
CSSLP SECURE SOFTWARE LIFECYCLE PROFESSIONAL ALL-IN-O

EXAM GUIDE, Third Edition, 3rd Edition Wm. Arthur
Conklin & Daniel Paul Shoemaker
https://ebookmass.com/product/csslp-secure-software-lifecycle-
professional-all-in-one-exam-guide-third-edition-3rd-edition-wm-
arthur-conklin-daniel-paul-shoemaker/
CSSLP SECURE SOFTWARE LIFECYCLE PROFESSIONAL ALL-IN-O

EXAM GUIDE, Third Edition, 3rd Edition Wm. Arthur
Conklin & Daniel Paul Shoemaker
https://ebookmass.com/product/csslp-secure-software-lifecycle-
professional-all-in-one-exam-guide-third-edition-3rd-edition-wm-
arthur-conklin-daniel-paul-shoemaker-2/
Mike Meyers’ CompTIA security+ certification passport,

(Exam SY0-501) Dawn Dunkerley
https://ebookmass.com/product/mike-meyers-comptia-security-
certification-passport-exam-sy0-501-dawn-dunkerley/
CompTIA Security+ Get Certified Get Ahead: SY0 501

Study Guide (Ebook PDF)
https://ebookmass.com/product/comptia-security-get-certified-get-
ahead-sy0-501-study-guide-ebook-pdf/
All-In-One / CompTIA Security+® All-in-One Exam Guide, 5e / Conklin / 932-2 / Front Matter
Blind Folio: i
ALL IN ONE
CompTIA
Security+ ®
EXAM GUIDE
Fifth Edition (Exam SY0-501)
Dr. Wm. Arthur Conklin

Dr. Gregory White
Chuck Cothren
Roger L. Davis
Dwayne Williams
New York Chicago San Francisco

Athens London Madrid Mexico City
Milan New Delhi Singapore Sydney Toronto
McGraw-Hill Education is an independent entity from CompTIA®. This publication and CD-ROM may be used in assisting
students to prepare for the CompTIA Security+® exam. Neither CompTIA nor McGraw-Hill Education warrant that use
of this publication and CD-ROM will ensure passing any exam. CompTIA and CompTIA Security+ are trademarks or
registered trademarks of CompTIA in the United States and/or other countries. All other trademarks are trademarks of their
respective owners.
00-FM.indd 1 09/11/17 4:39 PM

Blind Folio: ii
Cataloging-in-Publication Data is on file with the Library of Congress
Names: Conklin, Wm. Arthur (William Arthur), author.

Title: CompTIA security+ all-in-one exam guide, (Exam SY0-501) / Dr. Wm.
Arthur Conklin, Dr. Gregory White, Chuck Cothren, Roger L. Davis, Dwayne
Williams.
Description: Fifth edition. | New York : McGraw-Hill Education, [2018]
Identifiers: LCCN 2017052997| ISBN 9781260019322 (set : alk. paper) | ISBN
9781260019315 (book : alk. paper) | ISBN 9781260019308 (CD) | ISBN
1260019322 (set : alk. paper) | ISBN 1260019314 (book : alk. paper) | ISBN
1260019306 (CD)
Subjects: LCSH: Computer security—Examinations—Study guides. | Computer
networks—Security measures—Examinations—Study guides. | Computer
technicians—Certification—Study guides. | Electronic data processing
personnel—Certification—Study guides.
Classification: LCC QA76.9.A25 .C667565 2018 | DDC 005.8—dc23 LC record available at
https://lccn.loc.gov/2017052997
McGraw-Hill Education books are available at special quantity discounts to use as premiums and sales promotions,
or for use in corporate training programs. To contact a representative, please visit the Contact Us pages at
www.mhprofessional.com.
CompTIA Security+® All-in-One Exam Guide, Fifth Edition (Exam SY0-501)
Copyright © 2018 by McGraw-Hill Education. All rights reserved. Printed in the United States of America.
Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or
distributed in any form or by any means, or stored in a database or retrieval system, without the prior written
permission of publisher, with the exception that the program listings may be entered, stored, and executed in
a computer system, but they may not be reproduced for publication.
All trademarks or copyrights mentioned herein are the possession of their respective owners and McGraw-Hill
Education makes no claim of ownership by the mention of products that contain these marks.
123456789 LCR 21 20 19 18 17
ISBN: Book p/n 978-1-260-01931-5 and CD p/n 978-1-260-01930-8
of set 978-1-260-01932-2
MHID: Book p/n 1-260-01931-4 and CD p/n 1-260-01930-6
of set 1-260-01932-2
Sponsoring Editor Technical Editor Production Supervisor
Amy Stonebraker Chris Crayton James Kussow
Editorial Supervisor Copy Editor Composition
Janet Walden William McManus Cenveo® Publisher Services
Project Editor Proofreader Illustration
Patty Mon Claire Splan Cenveo Publisher Services
Acquisitions Coordinator Indexer Art Director, Cover
Claire Yee Ted Laux Jeff Weeks
Information has been obtained by McGraw-Hill Education from sources believed to be reliable. However, because of the possibility
of human or mechanical error by our sources, McGraw-Hill Education, or others, McGraw-Hill Education does not guarantee the
accuracy, adequacy, or completeness of any information and is not responsible for any errors or omissions or the results obtained from
the use of such information.
00-FM.indd 2 09/11/17 4:39 PM

Blind Folio: iii
This book is dedicated to the many information security professionals who

quietly work to ensure the safety of our nation’s critical infrastructures.
We want to recognize the thousands of dedicated individuals who strive to
protect our national assets but who seldom receive praise and often are only
noticed when an incident occurs. To you, we say thank you for a job well done!
ABOUT THE AUTHORS

Dr. Wm. Arthur Conklin, CompTIA Security+, CISSP, CSSLP, GISCP, GCFA, GRID,
CRISC, CASP, is an Associate Professor and Director of the Center for Information
Security Research and Education in the College of Technology at the University of
Houston. He holds two terminal degrees, a Ph.D. in business administration (specializ-
ing in information security), from The University of Texas at San Antonio (UTSA), and
the degree Electrical Engineer (specializing in space systems engineering) from the Naval
Postgraduate School in Monterey, CA. He is a fellow of ISSA and a senior member of
ASQ, IEEE, and ACM. His research interests include the use of systems theory to explore
information security, specifically in cyber-physical systems. He has a strong interest in
cybersecurity education, and is involved with the NSA/DHS Centers of Academic Excel-
lence in Cyber Defense (CAE CD) and the NIST National Initiative for Cybersecurity
Education (NICE) Cybersecurity Workforce Framework (NICE Framework). He has
coauthored six security books and numerous academic articles associated with informa-
tion security. He is active in the DHS-sponsored Industrial Control Systems Joint Work-
ing Group (ICSJWG) efforts associated with workforce development and cybersecurity
aspects of industrial control systems. He has an extensive background in secure coding
and has been co-chair of the DHS/DoD Software Assurance Forum Working Group for
workforce education, training, and development.
Dr. Gregory White has been involved in computer and network security since 1986.
He spent 19 years on active duty with the United States Air Force and 11 years in the Air
Force Reserves in a variety of computer and security positions. He obtained his Ph.D. in
computer science from Texas A&M University in 1995. His dissertation topic was in the
area of computer network intrusion detection, and he continues to conduct research in
this area today. He is currently the Director for the Center for Infrastructure Assurance
and Security (CIAS) and is a professor of computer science at the University of Texas
at San Antonio (UTSA). Dr. White has written and presented numerous articles and
conference papers on security. He is also the coauthor of five textbooks on computer
and network security and has written chapters for two other security books. Dr. White
continues to be active in security research. His current research initiatives include efforts
in community incident response, intrusion detection, and secure information sharing.
00-FM.indd 3 09/11/17 4:39 PM

Blind Folio: iv
Chuck Cothren, CISSP, Security+, is a Field Engineer at Ionic Security applying over
20 years of information security experience in consulting, research, and enterprise envi-
ronments. He has assisted clients in a variety of industries including healthcare, banking,
information technology, retail, and manufacturing. He advises clients on topics such
as security architecture, penetration testing, training, consultant management, data loss
prevention, and encryption. He is coauthor of the books Voice and Data Security and
Principles of Computer Security.
Roger L. Davis, CISSP, CISM, CISA, is a Technical Account Manager for Microsoft
supporting enterprise-level companies. He has served as president of the Utah chapter
of the Information Systems Security Association (ISSA) and various board positions for
the Utah chapter of the Information Systems Audit and Control Association (ISACA).
He is a retired Air Force lieutenant colonel with 30 years of military and information
systems/security experience. Mr. Davis served on the faculty of Brigham Young University
and the Air Force Institute of Technology. He coauthored McGraw-Hill Education’s
Principles of Computer Security and Voice and Data Security. He holds a master’s degree in
computer science from George Washington University, a bachelor’s degree in computer
science from Brigham Young University, and performed post-graduate studies in electri-
cal engineering and computer science at the University of Colorado.
Dwayne Williams, CISSP, CASP, is Associate Director, Technology and Research,
for the Center for Infrastructure Assurance and Security at the University of Texas at
San Antonio and is the Director of the National Collegiate Cyber Defense Competi-
tion. Mr. Williams has over 24 years of experience in information systems and network
security. Mr. Williams’s experience includes six years of commissioned military service
as a Communications-Computer Information Systems Officer in the United States Air
Force, specializing in network security, corporate information protection, intrusion de-
tection systems, incident response, and VPN technology. Prior to joining the CIAS,
he served as Director of Consulting for SecureLogix Corporation, where he directed
and provided security assessment and integration services to Fortune 100, government,
public utility, oil and gas, financial, and technology clients. Mr. Williams graduated in
1993 from Baylor University with a bachelor of arts in computer science. Mr. Williams
is a coauthor of Voice and Data Security, Principles of Computer Security, and CompTIA
Security + All-in-One Exam Guide.
About the Technical Editor

Chris Crayton (MCSE) is an author, technical consultant, and trainer. He has worked
as a computer technology and networking instructor, information security director,
network administrator, network engineer, and PC specialist. Chris has authored several
print and online books on PC repair, CompTIA A+, CompTIA Security+, and Microsoft
Windows. He has also served as technical editor and content contributor on numer-
ous technical titles for several leading publishing companies. He holds numerous indus-
try certifications, has been recognized with many professional teaching awards, and has
served as a state-level SkillsUSA competition judge.
00-FM.indd 4 09/11/17 4:39 PM

Blind Folio: v
Becoming a CompTIA Certified

IT Professional Is Easy
It’s also the best way to reach greater professional opportunities and rewards.
Why Get CompTIA Certified?

Growing Demand
Labor estimates predict some technology fields will experience growth of more than 20%
by the year 2020. (Source: CompTIA 9th Annual Information Security Trends study:
500 U.S. IT and Business Executives Responsible for Security.) CompTIA certification
qualifies the skills required to join this workforce.
Higher Salaries
IT professionals with certifications on their resume command better jobs, earn higher
salaries, and have more doors open to new multi-industry opportunities.
Verified Strengths
91% of hiring managers indicate CompTIA certifications are valuable in validating
IT expertise, making certification the best way to demonstrate your competency and
knowledge to employers. (Source: CompTIA Employer Perceptions of IT Training and
Certification.)
Universal Skills
CompTIA certifications are vendor neutral—which means that certified professionals
can proficiently work with an extensive variety of hardware and software found in most
organizations.
00-FM.indd 5 09/11/17 4:39 PM

Blind Folio: vi
Learn more about what Purchase a voucher at a Congratulations on your

the exam covers by Pearson VUE testing center CompTIA certification!
reviewing the following: or at CompTIAstore.com. • Make sure to add your
• Exam objectives for • Register for your exam at a certification to your resume.
key study points. Pearson VUE testing center.
• Check out the CompTIA
• Sample questions for a general • Visit pearsonvue.com/CompTIA to Certification Roadmap to plan
overview of what to expect find the closest testing center to you. your next career move.
on the exam and examples
of question format. • Schedule the exam online. You will
be required to enter your voucher
• Visit online forums, like LinkedIn, to number or provide payment
see what other IT professionals say information at registration.
about CompTIA exams.
• Take your certification exam.
Learn More: Certification.CompTIA.org/securityplus
CompTIA Disclaimer
© 2016 CompTIA Properties, LLC, used under license by CompTIA Certifications,
LLC. All rights reserved. All certification programs and education related to such pro-
grams are operated exclusively by CompTIA Certifications, LLC. CompTIA is a regis-
tered trademark of CompTIA Properties, LLC in the U.S. and internationally. Other
brands and company names mentioned herein may be trademarks or service marks of
CompTIA Properties, LLC or of their respective owners. Reproduction or dissemination
of this courseware sheet is prohibited without written consent of CompTIA Properties,
LLC. Printed in the U.S. 02544-Mar2016.
The logo of the CompTIA Approved Quality Curriculum Program and the status of
this or other training material as “Approved” under the CompTIA Approved Curriculum
Program signifies that, in CompTIA’s opinion, such training material covers the content
of CompTIA’s related certification exam. CompTIA has not reviewed or approved the
accuracy of the contents of this training material and specifically disclaims any warran-
ties of merchantability or fitness for a particular purpose. CompTIA makes no guarantee
concerning the success of persons using any such “Approved” or other training material
in order to prepare for any CompTIA certification exam.
00-FM.indd 6 09/11/17 4:39 PM

CONTENTS AT A GLANCE
Part I Threats, Attacks, and Vulnerabilities

Chapter 1 Malware and Indicators of Compromise. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Chapter 2 Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Chapter 3 Threat Actors.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Chapter 4 Vulnerability Scanning and Penetration Testing.. . . . . . . . . . . . . . . . . . . . . . . . 71
Chapter 5 Vulnerabilities and Impacts.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Part II Technologies and Tools

Chapter 6 Network Components. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
Chapter 7 Security Tools and Technologies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
Chapter 8 Troubleshooting Common Security Issues.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
Chapter 9 Mobile Devices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
Chapter 10 Implementing Secure Protocols. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
Part III Architecture and Design

Chapter 11 Architecture Frameworks and Secure Network Architectures.. . . . . . . 215
Chapter 12 Secure Systems Design and Deployment. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
Chapter 13 Embedded Systems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261
Chapter 14 Application Development and Deployment.. . . . . . . . . . . . . . . . . . . . . . . . . . 275
Chapter 15 Cloud and Virtualization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295
Chapter 16 Resiliency and Automation Strategies.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307
Chapter 17 Physical Security Controls. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321
Part IV Identity and Access Management

Chapter 18 Identity, Access, and Accounts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343
Chapter 19 Identity and Access Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363
Chapter 20 Identity and Access Management Controls. . . . . . . . . . . . . . . . . . . . . . . . . . . . 379
vii
00-FM.indd 7 09/11/17 4:39 PM

CompTIA Security+ All-in-One Exam Guide

viii
Part V Risk Management
Chapter 21 Policies, Plans, and Procedures. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403
Chapter 22 Risk Management and Business Impact Analysis.. . . . . . . . . . . . . . . . . . . . . 419
Chapter 23 Incident Response, Disaster Recovery,
and Continuity of Operations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441
Chapter 24 Digital Forensics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461
Chapter 25 Data Security and Privacy Practices.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 477
Part VI Cryptography and Public Key Infrastructure

Chapter 26 Cryptographic Concepts.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491
Chapter 27 Cryptographic Algorithms.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 513
Chapter 28 Wireless Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 529
Chapter 29 Public Key Infrastructure.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 543
Part VII Appendixes and Glossary

Appendix A OSI Model and Internet Protocols.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 573
Appendix B About the CD-ROM.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 583
Glossary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 585
Index.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 619
00-FM.indd 8 09/11/17 4:39 PM

CONTENTS
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxii
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxiii
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxiv
Objective Map: Exam SY0-501 . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxix
Part I Threats, Attacks, and Vulnerabilities

Chapter 1 Malware and Indicators of Compromise . . . . . . . . . . . . . . . . . . . . . . . 3
Malware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Polymorphic Malware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Viruses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Crypto-malware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Ransomware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Worm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Trojan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Rootkit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Keylogger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Adware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Spyware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Bots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
RAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Logic Bomb . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Backdoor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Indicators of Compromise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Chapter 2 Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Social Engineering Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Phishing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Spear Phishing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Whaling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Vishing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Tailgating . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Impersonation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Dumpster Diving . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Shoulder Surfing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
ix
00-FM.indd 9 09/11/17 4:39 PM


x
Hoax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Watering Hole Attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Social Engineering Principles . . . . . . . . . . . . . . . . . . . . . . . . . 23
Application/Service Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
DoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
DDoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Man-in-the-Middle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Buffer Overflow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Injection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Cross-Site Scripting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Cross-Site Request Forgery . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Privilege Escalation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
ARP Poisoning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Amplification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
DNS Poisoning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Domain Hijacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Man-in-the-Browser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Zero Day . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Replay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Pass the Hash . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Hijacking and Related Attacks . . . . . . . . . . . . . . . . . . . . . . . . 37
Driver Manipulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Spoofing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
MAC Spoofing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
IP Address Spoofing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Wireless Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Replay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
IV . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Evil Twin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Rogue AP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Jamming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
WPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Bluejacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Bluesnarfing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
RFID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
NFC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Disassociation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Cryptographic Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Birthday . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Known Plaintext/Ciphertext . . . . . . . . . . . . . . . . . . . . . . . . . 47
Password Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Rainbow Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Dictionary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Brute Force . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Hybrid Attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
00-FM.indd 10 09/11/17 4:39 PM

Contents
xi
Collision . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Downgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Replay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Weak Implementations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Chapter 3 Threat Actors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Types of Actors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Script Kiddies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Hacktivists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Organized Crime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Nation States/APT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Insiders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Competitors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Attributes of Actors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Internal/External . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Level of Sophistication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Resources/Funding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Intent/Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Use of Open Source Intelligence . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Chapter 4 Vulnerability Scanning and Penetration Testing . . . . . . . . . . . . . . . . 71
Penetration Testing Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Active Reconnaissance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Passive Reconnaissance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Pivot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Initial Exploitation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Persistence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Escalation of Privilege . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Black Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
White Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Gray Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Pen Testing vs. Vulnerability Scanning . . . . . . . . . . . . . . . . . . 76
Vulnerability Scanning Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Passively Test Security Controls . . . . . . . . . . . . . . . . . . . . . . . 76
Identify Vulnerability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Identify Lack of Security Controls . . . . . . . . . . . . . . . . . . . . . 77
Identify Common Misconfigurations . . . . . . . . . . . . . . . . . . . 77
Intrusive vs. Non-intrusive . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Credentialed vs. Non-credentialed . . . . . . . . . . . . . . . . . . . . . 77
False Positive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
00-FM.indd 11 09/11/17 4:39 PM


xii
Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Chapter 5 Vulnerabilities and Impacts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Race Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
System Vulnerabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
End-of-Life Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Embedded Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Lack of Vendor Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Improper Input Handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Improper Error Handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
Misconfiguration/Weak Configuration . . . . . . . . . . . . . . . . . . . . . . 87
Default Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Resource Exhaustion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Untrained Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Improperly Configured Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . 89
Vulnerable Business Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
Weak Cipher Suites and Implementations . . . . . . . . . . . . . . . . . . . . 89
Memory/Buffer Vulnerability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
Memory Leak . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
Integer Overflow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Buffer Overflow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Pointer Dereference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
DLL Injection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
System Sprawl/Undocumented Assets . . . . . . . . . . . . . . . . . . . . . . . 92
Architecture/Design Weaknesses . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
New Threats/Zero Day . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
Improper Certificate and Key Management . . . . . . . . . . . . . . . . . . 94
Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Part II Technologies and Tools

Chapter 6 Network Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
How Do Firewalls Work? . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
Firewall Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
Application-Based vs. Network-Based . . . . . . . . . . . . . . . . . . 106
Stateful vs. Stateless . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Implicit Deny . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Secure Network Administration Principles . . . . . . . . . . . . . . 108
Rule-Based Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
00-FM.indd 12 09/11/17 4:39 PM

Contents
xiii
VPN Concentrator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
Remote Access vs. Site-to-Site . . . . . . . . . . . . . . . . . . . . . . . . 108
IPSec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Split Tunnel vs. Full Tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . 115
TLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Always-on VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
NIPS/NIDS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
Signature-Based . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
Heuristic/Behavioral . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
Anomaly . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
Inline vs. Passive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
In-Band vs. Out-of-Band . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
Analytics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
Antispoofing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
Layer 2 vs. Layer 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
Loop Prevention . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
Flood Guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
Proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
Forward and Reverse Proxy . . . . . . . . . . . . . . . . . . . . . . . . . . 124
Transparent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
Application/Multipurpose . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
Load Balancer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
Scheduling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
Active-Passive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
Active-Active . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
Virtual IPs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
Access Point . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
SSID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
MAC Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
Signal Strength . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
Band Selection/Width . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
Antenna Types and Placement . . . . . . . . . . . . . . . . . . . . . . . . 129
Fat vs. Thin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
Controller-Based vs. Standalone . . . . . . . . . . . . . . . . . . . . . . 130
SIEM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
Aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Correlation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Automated Alerting and Triggers . . . . . . . . . . . . . . . . . . . . . . 131
Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Event Deduplication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
Logs/WORM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
00-FM.indd 13 09/11/17 4:39 PM


xiv
DLP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
USB Blocking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
Cloud-Based . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
E-mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
NAC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
Dissolvable vs. Permanent . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
Host Health Checks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
Agent vs. Agentless . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Mail Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Spam Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
DLP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
Bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
SSL/TLS Accelerators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
SSL Decryptors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
Media Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
Hardware Security Module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
Chapter 7 Security Tools and Technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
Protocol Analyzer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
Switched Port Analyzer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
Network Scanners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
Rogue System Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
Network Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
Wireless Scanners/Cracker . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
Password Cracker . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
Vulnerability Scanner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
Configuration Compliance Scanner . . . . . . . . . . . . . . . . . . . . . . . . 153
Exploitation Frameworks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
Data Sanitization Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
Steganography Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
Honeypot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
Backup Utilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
Banner Grabbing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
Passive vs. Active . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
Command-Line Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
netstat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
tracert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
nslookup/dig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
ipconfig/ip/ifconfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
00-FM.indd 14 09/11/17 4:39 PM

Contents
xv
tcpdump . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
nmap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
netcat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
Security Technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
HIDS/HIPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
Antivirus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
File Integrity Check . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
Host-Based Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
Application Whitelisting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
Removable Media Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
Advanced Malware Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
Patch Management Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
UTM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
DLP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
Data Execution Prevention . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
Web Application Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164
Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164
Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
Chapter 8 Troubleshooting Common Security Issues . . . . . . . . . . . . . . . . . . . . . 169
Unencrypted Credentials/Clear Text . . . . . . . . . . . . . . . . . . . . . . . . 169
Logs and Events Anomalies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170
Permission Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170
Access Violations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170
Certificate Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
Data Exfiltration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
Misconfigured Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172
Content Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172
Access Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172
Weak Security Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Personnel Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Policy Violation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Insider Threat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
Social Engineering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
Social Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
Personal E-mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
Unauthorized Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
Baseline Deviation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176
License Compliance Violation (Availability/Integrity) . . . . . . . . . . . 176
Asset Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Authentication Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
00-FM.indd 15 09/11/17 4:39 PM


xvi
Chapter 9 Mobile Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
Connection Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
Cellular . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184
Wi-Fi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184
SATCOM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184
Bluetooth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184
NFC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
ANT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
Infrared . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186
USB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186
Mobile Device Management Concepts . . . . . . . . . . . . . . . . . . . . . . 187
Application Management . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
Content Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
Remote Wipe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
Geofencing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
Geolocation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Screen Locks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Push Notification Services . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Passwords and Pins . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190
Biometrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191
Context-Aware Authentication . . . . . . . . . . . . . . . . . . . . . . . 191
Containerization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191
Storage Segmentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191
Full Device Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191
Enforcement and Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
Third-Party App Stores . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
Rooting/Jailbreaking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
Sideloading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
Custom Firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
Carrier Unlocking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
Firmware OTA Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
Camera Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
SMS/MMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
External Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
USB OTG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
Recording Microphone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195
GPS Tagging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195
Wi-Fi Direct/Ad Hoc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195
Tethering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
Payment Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
Deployment Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
BYOD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197
CYOD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197
COPE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197
00-FM.indd 16 09/11/17 4:39 PM

Contents
xvii
Corporate-Owned . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197
VDI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197
Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198
Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198
Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
Chapter 10 Implementing Secure Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
Secure Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
DNSSEC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
SSH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
S/MIME . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
SRTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
LDAPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
FTPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
SFTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
SNMPv3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
SSL/TLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206
HTTPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206
Secure POP/IMAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206
Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206
Voice and Video . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
E-mail and Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
File Transfer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Directory Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Remote Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208
Domain Name Resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . 208
Routing and Switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208
Network Address Allocation . . . . . . . . . . . . . . . . . . . . . . . . . 208
Subscription Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212
Part III Architecture and Design

Chapter 11 Architecture Frameworks and Secure Network Architectures . . . 215
Industry-Standard Frameworks and Reference Architectures . . . . . . 216
Regulatory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
Non-regulatory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
National vs. International . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
Industry-Specific Frameworks . . . . . . . . . . . . . . . . . . . . . . . . 217
Benchmarks/Secure Configuration Guides . . . . . . . . . . . . . . . . . . . 217
Platform/Vendor-Specific Guides . . . . . . . . . . . . . . . . . . . . . 218
General Purpose Guides . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219
00-FM.indd 17 09/11/17 4:39 PM


xviii
Defense-in-Depth/Layered Security . . . . . . . . . . . . . . . . . . . . . . . . 220
Vendor Diversity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220
Control Diversity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220
User Training . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221
Zones/Topologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221
DMZ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
Extranet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223
Intranet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
Wireless . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
Guest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
Honeynets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
NAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
Ad Hoc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227
Segregation/Segmentation/Isolation . . . . . . . . . . . . . . . . . . . . . . . . 228
Physical . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229
Logical (VLAN) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229
Virtualization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231
Air Gaps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231
Tunneling/VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
Site-to-Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
Remote Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
Security Device/Technology Placement . . . . . . . . . . . . . . . . . . . . . . 232
Sensors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
Collectors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
Correlation Engines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
Proxies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234
Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234
VPN Concentrators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234
SSL Accelerators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234
Load Balancers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234
DDoS Mitigator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235
Aggregation Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235
Taps and Port Mirror . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235
SDN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236
Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236
Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236
Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239
Chapter 12 Secure Systems Design and Deployment . . . . . . . . . . . . . . . . . . . . . . 241
Hardware/Firmware Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
FDE/SED . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242
TPM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242
HSM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242
UEFI/BIOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
Secure Boot and Attestation . . . . . . . . . . . . . . . . . . . . . . . . . 243
00-FM.indd 18 09/11/17 4:39 PM

Contents
xix
Supply Chain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
Hardware Root of Trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244
EMI/EMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244
Operating Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244
Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245
Patch Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
Disabling Unnecessary Ports and Services . . . . . . . . . . . . . . . 247
Least Functionality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248
Secure Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248
Trusted Operating System . . . . . . . . . . . . . . . . . . . . . . . . . . . 249
Application Whitelisting/Blacklisting . . . . . . . . . . . . . . . . . . 249
Disable Default Accounts/Passwords . . . . . . . . . . . . . . . . . . . 250
Peripherals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250
Wireless Keyboards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250
Wireless Mice . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251
Displays . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251
Wi-Fi-Enabled MicroSD Cards . . . . . . . . . . . . . . . . . . . . . . . 251
Printers/MFDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251
External Storage Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252
Digital Cameras . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252
Sandboxing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252
Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
Development . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
Test . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
Staging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
Production . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
Secure Baseline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
Integrity Measurement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258
Chapter 13 Embedded Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261
SCADA/ICS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262
Smart Devices/IoT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262
Wearable Technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263
Home Automation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263
HVAC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264
SoC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264
RTOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264
Printers/MFDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265
Camera Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265
Special Purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
Medical Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
Vehicles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267
Aircraft/UAV . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267
00-FM.indd 19 09/11/17 4:39 PM


xx
Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268
Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269
Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272
Chapter 14 Application Development and Deployment . . . . . . . . . . . . . . . . . . . 275
Development Lifecycle Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
Waterfall vs. Agile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
Secure DevOps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277
Security Automation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Continuous Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Baselining . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Immutable Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
Infrastructure as Code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
Version Control and Change Management . . . . . . . . . . . . . . . . . . . 279
Provisioning and Deprovisioning . . . . . . . . . . . . . . . . . . . . . . . . . . 280
Secure Coding Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280
Proper Error Handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281
Proper Input Validation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281
Normalization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282
Stored Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282
Code Signing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
Obfuscation/Camouflage . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
Code Reuse/Dead Code . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
Server-Side vs. Client-Side Execution and Validation . . . . . . . 284
Memory Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285
Use of Third-Party Libraries and SDKs . . . . . . . . . . . . . . . . . 285
Data Exposure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285
Code Quality and Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285
Static Code Analyzers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286
Dynamic Analysis (e.g., Fuzzing) . . . . . . . . . . . . . . . . . . . . . . 286
Stress Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287
Sandboxing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288
Model Verification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288
Compiled vs. Runtime Code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288
Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289
Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289
Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292
Chapter 15 Cloud and Virtualization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295
Hypervisor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295
Type I . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296
Type II . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296
Application Cells/Containers . . . . . . . . . . . . . . . . . . . . . . . . . 296
VM Sprawl Avoidance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297
VM Escape Protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297
00-FM.indd 20 09/11/17 4:39 PM

Another random document with
no related content on Scribd:
Fig. 356.—Keegan Method.
Verneuil Method.—Contrariwise to the methods just given,

Verneuil, after cutting out the frontal flap, cuts the flap from the
remaining sides of the old nose somewhat involving the skin of the
cheeks, as in Fig. 357. This done, the frontal flap is simply turned
down, raw surface out, and the cheek flaps are slid over it, bringing
the raw surfaces together. The inner borders of the flaps were
sutured in the median line, as shown in Fig. 358. The base of the
nose is made from the frontal flap by any of the methods already
given.
Fig. 357. Fig. 358.
Verneuil Method.
Thiersch Method.—The frontal flap is cut from the skin of the

forehead in the shape shown in Fig. 359. Then two quadrilateral
flaps are raised from the cheeks, as also illustrated. These are made
wide enough that, when they were brought together, their inner
borders could be made to face each other. In this position they were
sutured along the median line, so as to give a double-gun-barrel
form to the nose, with a septal wall between.
From the lower border the nostrils were formed, giving to the new
nose a normal appearance, the continuous septum curving
downward to form the subseptum, the whole being sutured to the
remains of the old nose.
The frontal flap was now brought down over it, the raw surfaces
facing each other, and sutured in place, as shown in Fig. 360. Later,
Thiersch replanted the sides of the nose, to give it better contour,
and attained a very satisfactory result. The frontal wound was
covered with skin grafts, but the cheek wounds were allowed to heal
by granulation. The cicatrization of the latter was not sufficient to
effect the lower eyelids nor the angles of the mouth.
Fig. 359. Fig. 360.

Thiersch Method.
Helferich Method.—His is an ingenious application of the French

method. Both flaps are cut from the cheeks; the lining flap was made
from the left and the covering one from the right cheek. The shape of
the flaps is shown in Fig. 361.
The lining flap is stitched along the freshened margin of the right
side of the nose. The flap should be wide enough to give convexity
to the nose, as shown in Fig. 362.
The covering or right flap, cut much larger, is now slid over this. It
should be cut amply large to cover the flap just sutured in place. It is
sutured on both sides of the nose to hold it in place, also at the
inferior margin. The nose is lightly packed with iodoform gauze.
The pedicle of the right flap was cut after two and a half weeks
and brought into place across the root of the nose, and sutured in
place to give better contour to the part after freshening the skin
about the left side of the nose at this point. He does not make a
subseptum, but thinks the inferior base of the nose of sufficient size
to hide the absence thereof.
The subseptum could, however, be readily made from the upper
lip, as will be shown later.
Fig. 361. Fig. 362.

Helferich Method.
Sedillot Method.—This operation is particularly efficacious in

giving a splendid subseptum and support of the point of the nose,
but does not overcome the falling-in of the whole anterior line, so
common with all Indian-flap methods. A flap one centimeter wide and
extending downward almost to the vermilion border is cut from the
thickness of the upper lip, not including the mucous membrane,
however. It is turned upward, as shown in Fig. 363.
The frontal flap is fashioned as shown, care being taken to cut a
subseptal rectangle of greater length than usual, since it is intended
to overlie the raw surface of the flap taken from the lip. It is rotated
downward and sutured into place at both sides, and also to the lip
flap, to assure of accurate union.
A lateral view of the nose as formed in this manner is shown in
Fig. 364.
The free end of the septal flap is fixed into the superior lobial
wound with a harelip pin. The lobial wound is sutured as in ordinary
harelip operations. This method is particularly valuable in total
rhinoplasties involving the columna and alæ in conjunction with flaps
obtained by the Italian method.
Fig. 363.—Anterior view. Fig. 364.—Side view.

Sedillot Method.
Küster-Israel Method.—A flap was taken from the arm by the

Italian method, which was sutured to the remains of the old nose so
that its raw surface looked upward, not downward, as in the ordinary
case.
The flap was made sufficiently large to permit of building the wings
and subseptum. After it had healed into place the pedicle was cut,
and a frontal flap was cut from the forehead to cover it.
An unusually large flap was required to do this, since it had to
overcome the greater curvature already given and added to by the
arm flap, necessitating an extensive secondary wound.
The reverse order of procedure would be the more advisable for
this reason, and is resorted to by the following:
Berger Method.—This surgeon makes the lining flap from the
forehead. The secondary wound is at once closed. A flap is then
made from the arm by the Italian method, and brought into place
before the one just made. It should be of sufficient size to allow of
building the base of the nose, which is done not later than three
weeks after the pedicle of the arm flap is severed, which may be
done at any time between the eighth and the twelfth day.
All the precautions are used as already given in the description of
the Italian method. The arm is held in the position shown in Fig. 365.
Berger sutures the arm wound before bringing the flap into place
upon the face to overcome the discomfort of suppuration to the
patient.
The apparatus is fixed definitely after the patient has recovered
from the anesthetic. Great care is exercised to prevent coryza from
exposure. Dressings are made twice daily.
The pedicle is cut under local cocain anesthesia.
To make the subseptum and wings of the nose, the base of the
flap is cut into three sections. The posterior surface is freshened and
the parts are folded upon themselves and sutured into position.
Instead of employing rubber tubes, he resorts to a specially
devised apparatus to retain two metal tubes in the nares, and at the
same time make gentle pressure to the sides of the nose to mitigate
the columna contraction. The latter is planted into a V-shaped
incision made into the tissue of the upper lip at the proper place of
attachment. The subseptum may be lined with a flap of mucosa
dissected up from the floor of the inner nose.
For the wings of the nose, such tissue as may be of service to give
them stability and structure is taken from the remains of the old
nose.
Fig. 365.—Berger Method.
The apparatus just mentioned and shown in Fig. 366 is used from
the very first day until total cicatrization has taken place, and even
for a longer period to aid in shaping the entire nose and the tendency
to collapse has been overcome.
Fig. 366.—Berger Retention Apparatus.
Szymanowski Method.—A frontal flap, divided along the median

line and shaped as outlined in Fig. 367, is made from the forehead.
Two triangular flaps are then raised from either side, and including
the angle of the nose as shown. The divided frontal flap is now
brought down in such manner that their raw surfaces meet, thus
forming a vertical septum. The margins are united by suture, and the
lower ends are fixed into a wound made for the purpose at the base
of the nose, as shown in Fig. 368, to form the new subseptum.
The lateral triangular flaps are dissected up so that they can be
readily slid forward toward the median line. Their inner freshened
margins are sutured to the raw edge of the septum just made, and to
themselves. The objection here is that there is a liability of
considerable contraction of these lateral flaps, with a tendency to fall
in and drag with them the new septum; and again, in total
restorations, the upper third of the nose is only partially covered, and
necessitates later upbuilding. The author finds difficulty in making the
four margins thus brought together unite evenly throughout, and that
a vertical contraction is caused by the cicatrization of the median
marginal wound.
Fig. 367.—First Step.

Fig. 368.—Disposition of frontal flaps.
Szymanowski Method.
Goris Method.—The operation is performed as follows, having

given very good results, according to the author:
I. The frontal flap is divided lengthwise so that its raw surfaces
face each other. The resulting fold, representing the bridge of the
nose, is held in place by catgut suture.
II. The skin to make the wings of the nose is folded in, as in the
Langenbeck method.
III. A flap, half the thickness of the upper lip is brought up to form
the new subseptum.
IV. Dissection and turning down the triangular flap of skin which
surmounts the orifices of the old nose, and making it serve to line the
lower part of the frontal flap.
V. Suturing the frontal flap thus modeled into two grooves made
into the margins of the old nose along both sides to its base.
Organic Support of Nasal Flaps
It soon became evident to the rhinoplastic surgeon that without

some support to the flap or flaps used for the construction of the new
nose all of the preceding methods, as far as æsthetic results were
concerned, were useless. Truly, the deformity lost its hideous
appearance to a great extent, but the general results obtained hardly
warranted a patient to undergo restorative operations of the nose. In
fact, many surgeons advised against total rhinoplasty when
practically all of the old nose was lost.
Langenbeck says “that total rhinoplasty, or even operation as to
repair partial loss of the nose by the use of soft flaps, should not be
undertaken. It is better to rely upon some prothesis.”
All that could be expected of utilizing the flap and making it heal
into place had been accomplished up to about the year 1879.
Thereafter many surgeons proceeded to evolve and use some kind
of intranasal prothesis made of various inorganic materials. It may be
stated, however, that Rousset in 1828 wrote: “Perhaps some day
surgeons will give whatever shape they desire to the reconstructed
nose. Then a frame of gold or silver, cleverly shaped and solidly
fixed in the nose, will give the patient, at his own option, a Roman or
Carthaginian nose, and to the ladies a choice of a roguish type, and
to our Sultans a nose a la Roxelane.”
But it was after 1878 that such prothesis came into use, and these
were at first made so that they might be removed at night and be
replaced in the morning.
The intranasal supports were made of all kinds of material, such
as gutta percha, gold plates, leaden devices, amber, silver,
porcelain, celluloid, aluminum, platinum, etc.
With all due respect to the ingenuity of these inventions, especially
that of Martin, which was made of platinum in the form of a St.
Andrew’s cross, having at the four ends sharp pins which were
driven and fixed into the skeleton of the nose, the use of these
protheses resulted in nothing but failure.
The movable devices were a source of irritation and pressure, and
could not overcome the consequent contraction of the flaps whether
placed below a single flap or between two flaps, and the fixed
protheses of whatever form or material caused so much pressure
that gangrene resulted, and they had to be removed sooner or later.
Before the discovery of Gersuny, the author had many occasions
to utilize such movable protheses in the correction of saddle noses.
These were generally made of a silver shell, gutta percha, and later
of decalcified bone, as advised by Senn. The former remained in
place from six months to two and a half years, and then were thrown
off or had to be removed because of irritation. The bone chips soon
became absorbed, leaving the nose as before, or a thin median strip
that became broken with the least violence, and then was absorbed.
In several cases where other surgeons had resorted to such
protheses, the author was called upon at a later period to remove
them.
While the immediate result is very gratifying, the ultimate result is
worse than useless, since in the elimination of the foreign body the
flap of the nose was married by cicatrices that added still further to
the contraction and falling-in of the nose.
Periostitic Supports
Some other method had to be devised, and organic supports

became known. These organic protheses were made of the tissue in
the near vicinity of the flap, and at first formed a part thereof. The
earlier method included only the periosteum; later bone and
periosteum were added to the flap to give it shape and support, and
lastly cartilage was employed for the purpose.
Of the methods employing only the periosteum, it may be said that
what the surgeon expected of this membrane—namely, the springing
up of bone cells—did not take place; at least, not to the extent
desired. The very best to be attained was a thickening of flap in the
membrane, but not sufficient to add necessary support to the nose.
Osteoperiostitic Supports
The inclusion of the periosteum-lined flap was soon abandoned,

and recourse was had to such bone additions to the flaps as could
be obtained from the vicinity of the nose.
The bone was removed with its periosteum, adherent or
nonadherent to the flap, as will be shown by the methods described
hereafter.
Both single and combined flap methods are employed as might be
expected, following the procedures of the Indian, French, or Italian
schools. The greatest credit for the methods herein involved belongs
to the surgeons of Germany.
The earliest operation on these lines was that of König, who
published his first successes in 1886.
König Method.—Extending upward from the root of the old nose,
a flap is outlined in vertical ending at the hair line of the scalp, as
shown in Fig. 369.
This flap was made about one centimeter wide, and is made to
include the skin and periosteum. With the chisel a thin strip of bone
is raised from the frontal bone to nearly the full length and width of
the flap, making it an osteoperiostitic cutaneous section attached by
its pedicle at the root of the nose.
This flap is brought down with bony surface outward, and the distal
or skin end is fixed by suture into the upper lip at the point of the
intersection of the subseptum.
Any of the soft parts of the old nose remaining are now dissected
up toward the median line, and are folded upward and inward and
sutured by their freshened margins to this median flap.
An Indian flap in oblique direction and of the form shown is cut
from the skin of the forehead and rotated down into position before
the bone-lined flap, and sutured into place.
He advises not to include the periosteum in the flap making up the
subseptum, as it is likely to interfere with respiration. In fact, he
deems it best to make the tegumentary flap sufficiently long to build
the bone of the nose, doubling the raw edges upon themselves with
a celluloid tube apparatus that may be removed for cleansing, and
be kept in place long enough to give contour to the nares.
Fig. 369.—König Method.

Von Hacker Method.—The frontal flap was cut in the ordinary
Indian method, and of the shape shown in Fig. 355. The skin at
either side of the median line was dissected up to within four
millimeters, leaving a strip eight millimeters wide from the root of the
nose to the distal or scalp end. The two loose lips of the flap were
brought together at the anterior median line by a few sutures to keep
them in place.
This was done to give freedom to the surgeon while he detached a
strip made of the periosteum and bone chiseled from the frontal
bone. At the root of the nose or below the pedicle the bone was not
included to the extent that it would interfere with torsion of the flap,
and yet sufficient to allow the raw bone surface to fall upon what
remained of the bony bridge of the old nose.
Fig. 370.—Arrangement of frontal flap to allow of chiseling.

Fig. 371.—Making the osteoperiostitic support.
Fig. 372.—Bone-lined flap brought into position.
Von Hacker Method.
He utilizes pins driven into the bone to outline this bony section, as
shown in Fig. 370.
The latter is done in an oblique direction. See Fig. 371. The septal
section is made to include the bone strip.
The bridge of bone holding the flap at its inferior end was now
broken, leaving, however, the periosteum as part of the pedicle
hinge.
The whole flap thus outlined was rotated downward into position
and sutured, as shown in Fig. 372.
The margins at the base intended to form the subseptum were
sutured behind the osseous structure, or, in other words, were
doubled inward and fixed by suture. The bony strip was broken at
the proper point to give prominence to the lobule.
The margins for the nostrils were turned inward and doubled on
themselves, and sutured with silk.
Rubber tubes were left in the nares, for drainage and to keep them
distended.
Rotter Method.—The frontal flap is made in the shape shown in
Fig. 373, containing a section of the frontal bone and its periosteum.
The width of the flap is about three and a half centimeters wide.
This flap is turned downward so that its raw surfaces look outward.
Owing to the loose adherence of the bony section to the skin flap,
he allows the raw bone surface to granulate over for four weeks, to
fix it more solidly to the soft parts.
The bone plate is then sawn into three sections made by two
vertical incisions, made as shown in the illustration.
The median section forms the bridge and dorsal prominence of the
nose.
The adherent skin of the lateral bony plates is dissected up
sufficiently to permit of the proper formation of the sides and wings of
the nose.
This gives a shape to the nose, as shown in Fig. 374.
The lateral margins of the integumentary flap are now sutured to
the freshened margins of the old nose, and the remaining skin, if
any, is made to cover the granulating surface; if this is lacking or
insufficient, skin grafts are utilized to cover it completely.
Fig. 373.—First step.

Fig. 374.—Disposition of frontal flap.
Rotter Method.
Schimmelbusch Method.—The principle herein is to give an

osseous wall to the whole length of the restored nose, covering well
the skin inside and outside, and, if possible, to fix the new nose
solidly at the pyriform opening.
“I cut an osteo-cutaneous flap from the middle of the forehead, of
a size proportional to the size and shape of the nose. Its pedicle
between the eyebrows is two or three centimeters wide; it widens out
superiorly to form seven to nine centimeters. It is triangular, and its
base lies near the hair line. In cutting it out, preferably a little large, it
goes at first to the bone, through skin and periosteum. With a large,
sharp chisel, a thin bone plate throughout the whole extent of the
cutaneous flap is detached. It is not always possible to make this a
plate in one piece; it often breaks or gives off splinters. This is of no
consequence, if care be taken not to lose them and to keep them
adherent to the periosteum. They are attached as well as possible to
the cutaneoperiostitic flap by passing threads crosswise from one
edge of the flap to the other over bony surface, as in Fig. 375. The
whole flap is then enveloped in iodoformed suture.
“The frontal wound I close at the same sitting by sliding large
lateral flaps whose upper border follows the margin of the hair as far
as the ears. These are freed completely, brought down and stitched,
leaving eventually only a linear cicatrix on the forehead. The lateral
loss of substance which results is healed by granulation, and the
scars concealed by the hair.
“At first parts of the bone die; they ought to be expected to fall out;
after four, six, or eight weeks the bone is completely covered with
fleshy granulation, and adheres solidly to the flap. The prominent
granulations are then scratched, or, better, trimmed away with the
knife, and the whole surface is covered with Thiersch grafts.
“When the flap is thus furnished with skin within and without, it is
put into place. I saw the bony plate with a fine-toothed saw from the
grafted side; then I model the flap and place it on the loss of
substance freshened by turning the grafted surface toward the
interior of the nose by twisting its pedicle, as in Fig. 376. The
osseous rim of the pyriform opening is uncovered at the moment of
this freshening, and the bony edges of the flap are placed exactly on
the bony edge of the aperture. The skin of the flap is then stitched at
its lower margins to the skin of the cheeks. To preserve the height of
the nasal profile and avoid displacing the bones of the nose, the
nose is kept in place with a pin thrust through the nose, and
furnished at each end with a rubber button. This aids to form the
wings of the nose. If a subseptum is needed, it is made by taking
from the skin that covers the circumference of the pyriform opening
two small flaps, which are dissected from without toward the median
line as far as the point where the septum is normally found.
“These are stitched at this point, first upon themselves, then to the
end of the nose. Three weeks later the pedicle of the frontal flap is
cut; it is turned, put in splints, and the stitching is finished.”
Fig. 375.—First step.
Fig. 376.—Disposition of frontal and skin-grafted flap.
Schimmelbusch Method.
Helferich Method.—A lining flap is made, according to the French

method, from the one cheek, which is dissected up and turned over
to bridge most of the loss of nasal tissue, and sutured to the opposite
freshened margin, as showed in Fig. 377.
A frontal flap, as outlined in the same illustration, is now cut from
the forehead, leaving a pedicle as shown, and containing a section
of bone at its median line. This is rotated downward and into place,
and sutured along the same margin to which the genian flap is fixed,
as shown in Fig. 378.
When the frontal and genian flaps have become well united, the
latter’s pedicle is cut when the freshened lateral margin of the frontal
flap is sutured into place.
A subseptum is now made or deemed necessary by this surgeon.
At a later period the pedicle of the frontal flap is cut, and fixed by
suture and some cutting, to reduce the resultant prominence thereof.
Fig. 377. Fig. 378.
Helferich Method.
Preidesberger Method.—This author cuts away the skin

surrounding the arch of the old nose, and turns this flap downward to
form the lining to the flap made from the forehead made in the same
manner as Helferich.
The bone section is made in the median line, and is one
centimeter wide and four long.
The frontal flap should be made long enough to permit of building
a subseptum and the nostrils.
Krause Method.—This frontal cutaneo-osteo-periostitic flap is
made according to the method of König.
After turning down the flap it was covered with a nonpedunculated
skin flap taken from the upper part of the arm by transplanting after
its subcutaneous fatty tissue had been removed. (See Fig. 379.)
This method necessitates a long-continued dressing of the
forehead before the pedicle is cut, because of the needed nutrition to
make the two flaps heal upon each other.
After union has been established the sides of the transplanted
flaps are raised by dissection, as shown in Fig. 380, to expose the
bone plate of the frontal flap. A median strip is left intact.
With a fine saw the bony plate is cut into three sections, making
the narrowest the median.
The margins of the old nose are now freshened, and the combined
flap is sutured along the sides, preserving what tissue the surgeon
can use to add support to the nose, which is done by dissection and
turning or folding, as heretofore described.
The lower or forehead flap is sutured to the soft parts of the old
nose, and the transplanted lateral margins to the marginal skin of the
cheeks, giving to the nose the appearance as shown in Fig. 381.
At a later period the pedicle is cut and the wound that cannot, at
this time, be overcome by sliding of the adjacent skin, is covered by

CompTIA Security+ All-in-One Exam Guide (Exam SY0-501) 5th Edition Wm. Arthur Conklin full chapter instant download

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CompTIA Security+ All-in-One Exam Guide (Exam SY0-501) 5th Edition Wm. Arthur Conklin full chapter instant download

Uploaded by

Copyright:

Available Formats

CompTIA Security+ All-in-One Exam

Guide (Exam SY0-501) 5th Edition Wm.

CompTIA Security+ All-in-One Exam Guide (Exam SY0-601))

CompTIA Security+ All-in-One Exam Guide, Sixth Edition

CompTIA Security+ All in One Exam Guide, Fifth Edition

CSSLP Certified Secure Software Lifecycle Professional

CSSLP SECURE SOFTWARE LIFECYCLE PROFESSIONAL ALL-IN-O

CSSLP SECURE SOFTWARE LIFECYCLE PROFESSIONAL ALL-IN-O

Mike Meyers’ CompTIA security+ certification passport,

CompTIA Security+ Get Certified Get Ahead: SY0 501

Dr. Wm. Arthur Conklin

New York Chicago San Francisco

00-FM.indd 1 09/11/17 4:39 PM

Cataloging-in-Publication Data is on file with the Library of Congress

Names: Conklin, Wm. Arthur (William Arthur), author.

00-FM.indd 2 09/11/17 4:39 PM

This book is dedicated to the many information security professionals who

ABOUT THE AUTHORS

00-FM.indd 3 09/11/17 4:39 PM

About the Technical Editor

00-FM.indd 4 09/11/17 4:39 PM

Becoming a CompTIA Certified

Why Get CompTIA Certified?

00-FM.indd 5 09/11/17 4:39 PM

Learn more about what Purchase a voucher at a Congratulations on your

Learn More: Certification.CompTIA.org/securityplus

00-FM.indd 6 09/11/17 4:39 PM

Part I Threats, Attacks, and Vulnerabilities

Part II Technologies and Tools

Part III Architecture and Design

Part IV Identity and Access Management

00-FM.indd 7 09/11/17 4:39 PM