eBook - ePub
CompTIA Security+ Review Guide
Exam SY0-601
James Michael Stewart
This is a test
Partager le livre
- English
- ePUB (adapté aux mobiles)
- Disponible sur iOS et Android
eBook - ePub
CompTIA Security+ Review Guide
Exam SY0-601
James Michael Stewart
DĂ©tails du livre
Aperçu du livre
Table des matiĂšres
Citations
Ă propos de ce livre
Learn the ins and outs of the IT security field and efficiently prepare for the CompTIA Security+ Exam SY0-601 with one easy-to-follow resource
CompTIA Security+ Review Guide: Exam SY0-601, Fifth Edition helps you to efficiently review for the leading IT security certificationâCompTIA Security+ SY0-601. Accomplished author and security expert James Michael Stewart covers each domain in a straightforward and practical way, ensuring that you grasp and understand the objectives as quickly as possible.
Whether you're refreshing your knowledge or doing a last-minute review right before taking the exam, this guide includes access to a companion online test bank that offers hundreds of practice questions, flashcards, and glossary terms.
Covering all five domains tested by Exam SY0-601, this guide reviews:
- Attacks, Threats, and Vulnerabilities
- Architecture and Design
- Implementation
- Operations and Incident Response
- Governance, Risk, and Compliance
This newly updated Fifth Edition of CompTIA Security+ Review Guide: Exam SY0-601 is not just perfect for anyone hoping to take the SY0-601 Exam, but it is also an excellent resource for those wondering about entering the IT security field.
Foire aux questions
Comment puis-je résilier mon abonnement ?
Il vous suffit de vous rendre dans la section compte dans paramĂštres et de cliquer sur « RĂ©silier lâabonnement ». Câest aussi simple que cela ! Une fois que vous aurez rĂ©siliĂ© votre abonnement, il restera actif pour le reste de la pĂ©riode pour laquelle vous avez payĂ©. DĂ©couvrez-en plus ici.
Puis-je / comment puis-je télécharger des livres ?
Pour le moment, tous nos livres en format ePub adaptĂ©s aux mobiles peuvent ĂȘtre tĂ©lĂ©chargĂ©s via lâapplication. La plupart de nos PDF sont Ă©galement disponibles en tĂ©lĂ©chargement et les autres seront tĂ©lĂ©chargeables trĂšs prochainement. DĂ©couvrez-en plus ici.
Quelle est la différence entre les formules tarifaires ?
Les deux abonnements vous donnent un accĂšs complet Ă la bibliothĂšque et Ă toutes les fonctionnalitĂ©s de Perlego. Les seules diffĂ©rences sont les tarifs ainsi que la pĂ©riode dâabonnement : avec lâabonnement annuel, vous Ă©conomiserez environ 30 % par rapport Ă 12 mois dâabonnement mensuel.
Quâest-ce que Perlego ?
Nous sommes un service dâabonnement Ă des ouvrages universitaires en ligne, oĂč vous pouvez accĂ©der Ă toute une bibliothĂšque pour un prix infĂ©rieur Ă celui dâun seul livre par mois. Avec plus dâun million de livres sur plus de 1 000 sujets, nous avons ce quâil vous faut ! DĂ©couvrez-en plus ici.
Prenez-vous en charge la synthÚse vocale ?
Recherchez le symbole Ăcouter sur votre prochain livre pour voir si vous pouvez lâĂ©couter. Lâoutil Ăcouter lit le texte Ă haute voix pour vous, en surlignant le passage qui est en cours de lecture. Vous pouvez le mettre sur pause, lâaccĂ©lĂ©rer ou le ralentir. DĂ©couvrez-en plus ici.
Est-ce que CompTIA Security+ Review Guide est un PDF/ePUB en ligne ?
Oui, vous pouvez accĂ©der Ă CompTIA Security+ Review Guide par James Michael Stewart en format PDF et/ou ePUB ainsi quâĂ dâautres livres populaires dans Informatik et ZertifizierungsleitfĂ€den in der Informatik. Nous disposons de plus dâun million dâouvrages Ă dĂ©couvrir dans notre catalogue.
Informations
Chapter 1
Threats, Attacks, and Vulnerabilities
COMPTIA SECURITY+ EXAM OBJECTIVES COVERED IN THIS CHAPTER INCLUDE THE FOLLOWING:
- 1.1 Compare and contrast different types of social engineering techniques.
- Phishing
- Smishing
- Vishing
- Spam
- Spam over instant messaging (SPIM)
- Spear phishing
- Dumpster diving
- Shoulder surfing
- Pharming
- Tailgating
- Eliciting information
- Whaling
- Prepending
- Identity fraud
- Invoice scams
- Credential harvesting
- Reconnaissance
- Hoax
- Impersonation
- Watering hole attack
- Typosquatting
- Pretexting
- Influence campaigns
- Principles (reasons for effectiveness)
- 1.2 Given a scenario, analyze potential indicators to determine the type of attack.
- Malware
- Password attacks
- Physical attacks
- Adversarial artificial intelligence (AI)
- Supply-chain attacks
- Cloud-based vs. on-premises attacks
- Cryptographic attacks
- 1.3 Given a scenario, analyze potential indicators associated with application attacks.
- Privilege escalation
- Cross-site scripting
- Injections
- Pointer/object dereference
- Directory traversal
- Buffer overflows
- Race conditions
- Error handling
- Improper input handling
- Replay attack
- Integer overflow
- Request forgeries
- Application programming interface (API) attacks
- Resource exhaustion
- Memory leak
- Secure Sockets Layer (SSL) stripping
- Driver manipulation
- Pass the hash
- 1.4 Given a scenario, analyze potential indicators associated with network attacks.
- Wireless
- On-path attack (previously known as man-in-the-middle attack/man-in-the-browser attack)
- Layer 2 attacks
- Domain name system (DNS)
- Distributed denial-of-service (DDoS)
- Malicious code or script execution
- 1.5 Explain different threat actors, vectors, and intelligence sources.
- Actors and threats
- Attributes of actors
- Vectors
- Threat intelligence sources
- Research sources
- 1.6 Explain the security concerns associated with various types of vulnerabilities.
- Cloud-based vs. on-premises vulnerabilities
- Zero-day
- Weak configurations
- Third-party risks
- Improper or weak patch management
- Legacy platforms
- Impacts
- 1.7 Summarize the techniques used in security assessments.
- Threat hunting
- Vulnerability scans
- Syslog/Security information and event management (SIEM)
- Security orchestration, automation, and response (SOAR)
- 1.8 Explain the techniques used in penetration testing.
- Penetration testing
- Passive and active reconnaissance
- Exercise types
The Security+ exam will test your knowledge of IT attacks and compromises. To pass the test and be effective in preventing compromise and reducing harm, you need to understand the threats, attacks, vulnerabilities, concepts, and terminology detailed in this chapter.
1.1 Compare and contrast different types of social engineering techniques.
Social engineering is a form of attack that exploits human nature and human behavior. The result of a successful social engineering attack is information leakage or the attacker being granted logical or physical access to a secure environment.
Here are some example scenarios of common social engineering attacks:
- A worker receives an email warning about a dangerous new virus spreading across the Internet. The message directs the worker to look for a specific file on the hard drive and delete it, because it indicates the presence of the virus. Often, however, the identified file is really an essential file needed by the system and the dangerous virus was a false scare tactic used as motivation. This form of attack is known as a hoax.
- A website claims to offer free temporary access to its products and services, but it requires web browser and/or firewall alterations to download the access software. These alterations may reduce the security protections or encourage the victim to install browser helper objects (BHOs) (a.k.a. plug-ins, extensions, add-ons) that are malicious.
- If a worker receives a communication from someone asking to talk with a co-worker by name, and when there is no such person currently or previously working for the organization, this could be a ruse to either reveal the names of actual employees or convince you to âprovide assistanceâ because the caller has incorrect information.
- When a contact on a discussion forum asks personal questions, such as your education, history, interests, etc., these could be focused on learning the answers to password reset questions.
Some of these events may also be legitimate and benign occurrences, but you can see how they could mask the motives and purposes of an attacker. Social engineers attempt to craft their attack to seem as normal and typical as possible.
Methods to protect against social engineering include the following:
- Requiring authentication when performing activities for personnel over the phone
- Defining restricted information that is never communicated over the phone or through plaintext communications, such as standard email
- Always verifying the credentials of a repair person and verifying that a real service call was placed by authorized personnel
- Never following the instructions of an email without verifying the information with at least two independent and trusted sources
- If several workers report to the help desk of the same odd event, such as a call or email, an investigation should look into what was the contact about, who initiated it, and what was the intention or purpose
- Always erring on the side of caution when dealing with anyone you don't know or recognize, whether in person, over the phone, or over the Internet/network
The only direct defense against social engineering attacks is user education and awareness training. A healthy dose of paranoia and suspicion will help users detect or notice more social engineering attack attempts.
Phishing
Phishing is a form of social engineering attack based on the concept of fishing for information. Phishing is employed by attackers to obtain sensitive, confidential, or private information. Phishing can be waged using any communication means, including face-to-face interactions and over the phone.
To defend against phishing attacks, end users should be trained to avoid clicking any link received via email, IM, or social network message. Organizations should consider the consequences and increased risk that granting workers access to personal email and social networks though company systems poses.
Smishing
SMS phishing or smishing i...