CompTIA Security+: SY0-601 Certification Guide
eBook - ePub

CompTIA Security+: SY0-601 Certification Guide

Complete coverage of the new CompTIA Security+ (SY0-601) exam to help you pass on the first attempt, 2nd Edition

Ian Neil

Share book
  1. 516 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

CompTIA Security+: SY0-601 Certification Guide

Complete coverage of the new CompTIA Security+ (SY0-601) exam to help you pass on the first attempt, 2nd Edition

Ian Neil

Book details
Book preview
Table of contents
Citations

About This Book

Learn IT security essentials and prepare for the Security+ exam with this CompTIA exam guide, complete with additional online resources—including flashcards, PBQs, and mock exams—at securityplus.training

Key Features

  • Written by Ian Neil, one of the world's top CompTIA Security+ trainers
  • Test your knowledge of cybersecurity jargon and acronyms with realistic exam questions
  • Learn about cryptography, encryption, and security policies to deliver a robust infrastructure

Book Description

The CompTIA Security+ certification validates the fundamental knowledge required to perform core security functions and pursue a career in IT security. Authored by Ian Neil, a world-class CompTIA certification trainer, this book is a best-in-class study guide that fully covers the CompTIA Security+ 601 exam objectives.

Complete with chapter review questions, realistic mock exams, and worked solutions, this guide will help you master the core concepts to pass the exam the first time you take it. With the help of relevant examples, you'll learn fundamental security concepts from certificates and encryption to identity and access management (IAM). As you progress, you'll delve into the important domains of the exam, including cloud security, threats, attacks and vulnerabilities, technologies and tools, architecture and design, risk management, cryptography, and public key infrastructure (PKI).

You can access extra practice materials, including flashcards, performance-based questions, practical labs, mock exams, key terms glossary, and exam tips on the author's website at securityplus.training.

By the end of this Security+ book, you'll have gained the knowledge and understanding to take the CompTIA exam with confidence.

What you will learn

  • Master cybersecurity fundamentals, from the CIA triad through to IAM
  • Explore cloud security and techniques used in penetration testing
  • Use different authentication methods and troubleshoot security issues
  • Secure the devices and applications used by your company
  • Identify and protect against various types of malware and viruses
  • Protect yourself against social engineering and advanced attacks
  • Understand and implement PKI concepts
  • Delve into secure application development, deployment, and automation

Who this book is for

If you want to take and pass the CompTIA Security+ SY0-601 exam, even if you are not from an IT background, this book is for you. You'll also find this guide useful if you want to become a qualified security professional. This CompTIA book is also ideal for US Government and US Department of Defense personnel seeking cybersecurity certification.

Frequently asked questions

How do I cancel my subscription?
Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is CompTIA Security+: SY0-601 Certification Guide an online PDF/ePUB?
Yes, you can access CompTIA Security+: SY0-601 Certification Guide by Ian Neil in PDF and/or ePUB format, as well as other popular books in Computer Science & Certification Guides in Computer Science. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Packt Publishing
Year
2020
ISBN
9781800566347
Edition
2
Topic
Computer Science
Subtopic
Certification Guides in Computer Science
Index
Computer Science

Section 1: Security Aims and Objectives

In this section, you will learn about security fundamentals, from the CIA triad through to identify and access management.
This section comprises the following chapters:
  • Chapter 1, Understanding Security Fundamentals
  • Chapter 2, Implementing Public Key Infrastructure
  • Chapter 3, Investigating Identity and Access Management
  • Chapter 4, Exploring Virtualization and Cloud Concepts

Chapter 1: Understanding Security Fundamentals

In this chapter, we are going to look at some security fundamentals that will help you identify security threats in the system and mitigate them. With cybercrime increasing day by day, as an Information Technology (IT) professional, it is essential to first understand these fundamental concepts.
In this chapter, we will be covering the following topics:
  • Security Fundamentals
  • Comparing Control Types
  • Physical Security Controls
  • Understanding Digital Forensics
Let's start by looking at security fundamentals.

Security Fundamentals

The fundamentals of security are the foundation of protecting our assets, and there must be a strategy or methodology that we adapt for security. This is the CIA triad; let's look at its breakdown.

CIA Triad Concept

Most security books start with the basics of security by featuring the CIA triad—this is a conceptual model designed to help those writing information security policies within an organization. It is a widely used security model and it stands for confidentiality, integrity, and availability, the three key principles that should be used to guarantee you have a secure system:
Figure 1.1 – CIA triad
Figure 1.1 – CIA triad
We'll discuss these principles in more depth here:
  • Confidentiality: Prevents the disclosure of data to unauthorized people so that only authorized people have access to data. This is known as the need-to-know basis. Only those who should know the contents should be given access. An example would be that your medical history is only available to your doctor and nobody else.
    We also tend to encrypt data to keep it confidential. There are two types of encryption, known as symmetric and asymmetric. Symmetric encryption uses one key, known as the secret key. Asymmetric encryption uses two keys, known as the private key and the public key.
  • Integrity: This means that you know that data has not been altered or tampered with. We use a technique called hashing that takes the data and converts it into a numerical value called a hash or message digest. When you suspect changes have taken place, you would check the hash value against the original. If the hash value has changed, then the data has been tampered with. Common hashing algorithms covered in the exam are Secure Hash Algorithm Version 1 (SHA1) 160-bit and Message Digest Version 5 (MD5) 128-bit. SHA1 is more secure than MD5; however, MD5 is faster. The higher the number of bits, the more secure, and the lower the number, the faster it is.
  • Availability: Availability ensures that data is always available; an example would be if you wanted to purchase an airplane ticket and the system came back with an error saying that you could not purchase it. This could be frustrating, and therefore, availability is important. Examples of availability include Redundant Array of Independent Disks (RAID), which allows one or two disks to fail while still keeping the data available. Another example may be a fail-over cluster. In this, two servers can access the same data, and if one fails, the other can still provide the data, a data backup, or Heating Ventilation Air Conditioning (HVAC) that regulates the temperature for critical servers. In a datacentre, if the temperature is too hot then the servers will shut down.

Least Privilege

Least Privilege is where you give someone only the most limited access required so that they can perform their job role; this is known as a need-to-know basis. The company will write a least privilege policy so that the administrators know how to manage it.

Defense in Depth Model

Defense in Depth is the concept of protecting a company's data with a series of protective layers so that if one layer fails, another layer will already be in place to thwart an attack. We start with our data, then we encrypt it to protect it:
  • The data is stored on a server.
  • The data has file permissions.
  • The data is encrypted.
  • The data is in a secure area of the building.
  • There is a security guard at the building entrance checking identification.
  • There is CCTV around the perimeter.
  • There is a high fence around the perimeter.
Let's look at this from the intruder's perspective, trying to jump the fence, and see how many layers they have to circumvent:
Figure 1.2 – Defense in Depth model
Figure 1.2 – Defense in Depth model
Let's now compare the different control types.

Comparing Control Types

There is a wide variety of different security controls that are used to mitigate the risk of being attacked; the three main categories are managerial, operational, and technical. We are going to look at these in more detail; you need to be familiar with each of these controls and when each of them should be applied. Let's start by looking at the three main controls.

Managerial Controls

Managerial Controls are written by managers to create organizational policies and procedures to reduce risk within companies. They incorporate regulatory frameworks so that the companies are legally compliant. The following are examples of management controls:
  • Annual Risk Assessment: A company will have a risk register where the financial director will look at all of the risks associated with money and the IT manager will look at all of the risks posed by the IT infrastructure. As technology changes and hackers get more sophisticated, the risks can become greater. Each department will identify their risks and the risk treatments, and place them in the risk register. These should be reviewed annually.
  • Penetration Testing/Vulnerability Scanning: A vulnerability scan is not intrusive as it merely checks for vulnerabilities, whereas a penetration test is more intrusive, as it goes deeper into a computer and can exploit vulnerabilities. It could cause the system to crash unexpectantly. These will be explained further later in this book.

Operational Controls

Operational controls are executed by company personnel during their day-to-day operations. Examples of these are the following:
  • Annual Security Awareness Training: This is an...

Table of contents