CompTIA Security+: SY0-601 Certification Guide
Complete coverage of the new CompTIA Security+ (SY0-601) exam to help you pass on the first attempt, 2nd Edition
Ian Neil
- 516 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
CompTIA Security+: SY0-601 Certification Guide
Complete coverage of the new CompTIA Security+ (SY0-601) exam to help you pass on the first attempt, 2nd Edition
Ian Neil
About This Book
Learn IT security essentials and prepare for the Security+ exam with this CompTIA exam guide, complete with additional online resources—including flashcards, PBQs, and mock exams—at securityplus.training
Key Features
- Written by Ian Neil, one of the world's top CompTIA Security+ trainers
- Test your knowledge of cybersecurity jargon and acronyms with realistic exam questions
- Learn about cryptography, encryption, and security policies to deliver a robust infrastructure
Book Description
The CompTIA Security+ certification validates the fundamental knowledge required to perform core security functions and pursue a career in IT security. Authored by Ian Neil, a world-class CompTIA certification trainer, this book is a best-in-class study guide that fully covers the CompTIA Security+ 601 exam objectives.
Complete with chapter review questions, realistic mock exams, and worked solutions, this guide will help you master the core concepts to pass the exam the first time you take it. With the help of relevant examples, you'll learn fundamental security concepts from certificates and encryption to identity and access management (IAM). As you progress, you'll delve into the important domains of the exam, including cloud security, threats, attacks and vulnerabilities, technologies and tools, architecture and design, risk management, cryptography, and public key infrastructure (PKI).
You can access extra practice materials, including flashcards, performance-based questions, practical labs, mock exams, key terms glossary, and exam tips on the author's website at securityplus.training.
By the end of this Security+ book, you'll have gained the knowledge and understanding to take the CompTIA exam with confidence.
What you will learn
- Master cybersecurity fundamentals, from the CIA triad through to IAM
- Explore cloud security and techniques used in penetration testing
- Use different authentication methods and troubleshoot security issues
- Secure the devices and applications used by your company
- Identify and protect against various types of malware and viruses
- Protect yourself against social engineering and advanced attacks
- Understand and implement PKI concepts
- Delve into secure application development, deployment, and automation
Who this book is for
If you want to take and pass the CompTIA Security+ SY0-601 exam, even if you are not from an IT background, this book is for you. You'll also find this guide useful if you want to become a qualified security professional. This CompTIA book is also ideal for US Government and US Department of Defense personnel seeking cybersecurity certification.
Frequently asked questions
Information
Section 1: Security Aims and Objectives
- Chapter 1, Understanding Security Fundamentals
- Chapter 2, Implementing Public Key Infrastructure
- Chapter 3, Investigating Identity and Access Management
- Chapter 4, Exploring Virtualization and Cloud Concepts
Chapter 1: Understanding Security Fundamentals
- Security Fundamentals
- Comparing Control Types
- Physical Security Controls
- Understanding Digital Forensics
Security Fundamentals
CIA Triad Concept
- Confidentiality: Prevents the disclosure of data to unauthorized people so that only authorized people have access to data. This is known as the need-to-know basis. Only those who should know the contents should be given access. An example would be that your medical history is only available to your doctor and nobody else.We also tend to encrypt data to keep it confidential. There are two types of encryption, known as symmetric and asymmetric. Symmetric encryption uses one key, known as the secret key. Asymmetric encryption uses two keys, known as the private key and the public key.
- Integrity: This means that you know that data has not been altered or tampered with. We use a technique called hashing that takes the data and converts it into a numerical value called a hash or message digest. When you suspect changes have taken place, you would check the hash value against the original. If the hash value has changed, then the data has been tampered with. Common hashing algorithms covered in the exam are Secure Hash Algorithm Version 1 (SHA1) 160-bit and Message Digest Version 5 (MD5) 128-bit. SHA1 is more secure than MD5; however, MD5 is faster. The higher the number of bits, the more secure, and the lower the number, the faster it is.
- Availability: Availability ensures that data is always available; an example would be if you wanted to purchase an airplane ticket and the system came back with an error saying that you could not purchase it. This could be frustrating, and therefore, availability is important. Examples of availability include Redundant Array of Independent Disks (RAID), which allows one or two disks to fail while still keeping the data available. Another example may be a fail-over cluster. In this, two servers can access the same data, and if one fails, the other can still provide the data, a data backup, or Heating Ventilation Air Conditioning (HVAC) that regulates the temperature for critical servers. In a datacentre, if the temperature is too hot then the servers will shut down.
Least Privilege
Defense in Depth Model
- The data is stored on a server.
- The data has file permissions.
- The data is encrypted.
- The data is in a secure area of the building.
- There is a security guard at the building entrance checking identification.
- There is CCTV around the perimeter.
- There is a high fence around the perimeter.
Comparing Control Types
Managerial Controls
- Annual Risk Assessment: A company will have a risk register where the financial director will look at all of the risks associated with money and the IT manager will look at all of the risks posed by the IT infrastructure. As technology changes and hackers get more sophisticated, the risks can become greater. Each department will identify their risks and the risk treatments, and place them in the risk register. These should be reviewed annually.
- Penetration Testing/Vulnerability Scanning: A vulnerability scan is not intrusive as it merely checks for vulnerabilities, whereas a penetration test is more intrusive, as it goes deeper into a computer and can exploit vulnerabilities. It could cause the system to crash unexpectantly. These will be explained further later in this book.
Operational Controls
- Annual Security Awareness Training: This is an...