CompTIA Security+ SY0-401 Exam Cram

, ,

CompTIA Security+ SY0-401 Exam Cram

, ,

  • Producent: Pearson
  • Rok produkcji: 2015
  • ISBN: 9780789753342
  • Ilość stron: 592
Wysyłka:
Niedostępna
Cena katalogowa 143,00 PLN brutto
Cena dostępna po zalogowaniu
Dodaj do Schowka
Zaloguj się
Przypomnij hasło
×
×
Cena 143,00 PLN
Dodaj do Schowka
Zaloguj się
Przypomnij hasło
×
×

Opis: CompTIA Security+ SY0-401 Exam Cram - Martin Weiss, Kirk Hausman, Diane Barrett

CompTIA(R) Security+ Exam Cram, Fourth Edition, is the perfect study guide to help you pass CompTIA's newly updated version of the Security+ exam. It provides coverage and practice questions for every exam topic. The book contains a set of 200 questions in two full practice exams. The CD-ROM contains the powerful Pearson IT Certification Practice Test engine that provides real-time practice and feedback with all the questions so you can simulate the exam. Covers the critical information you need to know to score higher on your Security+ exam! --Categorize types of attacks, threats, and risks to your systems --Secure devices, communications, and network infrastructure -- Troubleshoot issues related to networking components -- Effectively manage risks associated with a global business environment -- Differentiate between control methods used to secure the physical domain -- Identify solutions to secure hosts, data, and applications -- Compare techniques to mitigate risks in static environments -- Determine relevant access control, authorization, and authentication procedures -- Select appropriate mitigation techniques in response to attacks and vulnerabilities -- Apply principles of cryptography and effectively deploy related solutions --Implement security practices from both a technical and an organizational standpointIntroduction Part I: Network Security Chapter 1 Secure Network Design Implement Security Configuration Parameters on Network Devices and Other Technologies Firewalls Routers Switches Load Balancers Proxies Web Security Gateways VPN Concentrators NIDS and NIPS Protocol Analyzers Spam Filter UTM Security Appliances Web Application Firewall Versus Network Firewall Application-Aware Devices Cram Quiz Cram Quiz Answers Given a Scenario, Use Secure Network Administration Principles Rule-Based Management Firewall Rules VLAN Management Secure Router Configuration Access Control Lists Port Security 802.1X Flood Guards Loop Protection Implicit Deny Network Separation Log Analysis Unified Threat Management Cram Quiz Cram Quiz Answers Explain Network Design Elements and Components DMZ Subnetting VLAN NAT Remote Access Telephony NAC Virtualization Cloud Computing Layered Security/Defense in Depth Cram Quiz Cram Quiz Answers What Next? Chapter 2 Network Implementation Given a Scenario, Implement Common Protocols and Services Protocols Ports OSI Relevance Cram Quiz Cram Quiz Answers Given a Scenario, Troubleshoot Security Issues Related to Wireless Networking WPA WPA2 WEP EAP PEAP LEAP MAC Filter Disable SSID Broadcast TKIP CCMP Antenna Placement Power-Level Controls Captive Portals Antenna Types Site Surveys VPN (Over Open Wireless) Cram Quiz Cram Quiz Answers What Next? Part II: Compliance and Operational Security Chapter 3 Risk Management Explain the Importance of Risk-Related Concepts Control Types False Positives False Negatives Importance of Policies in Reducing Risk Risk Calculation Qualitative Versus Quantitative Measures Vulnerabilities Threat Vectors Probability/Threat Likelihood Risk-Avoidance, Transference, Acceptance, Mitigation, Deterrence Risks Associated with Cloud Computing and Virtualization Recovery Time Objective and Recovery Point Objective Cram Quiz Cram Quiz Answers Summarize the Security Implications of Integrating Systems and Data with Third Parties On-Boarding/Off-Boarding Business Partners Social Media Networks and/or Applications Interoperability Agreements Privacy Considerations Risk Awareness Unauthorized Data Sharing Data Ownership Data Backups Follow Security Policy and Procedures Review Agreement Requirements to Verify Compliance and Performance Standards Cram Quiz Cram Quiz Answers Given a Scenario, Implement Appropriate Risk Mitigation Strategies Change Management Incident Management User Rights and Permissions Reviews Perform Routine Audits Enforce Policies and Procedures to Prevent Data Loss or Theft Enforce Technology Controls Cram Quiz Cram Quiz Answers Given a Scenario, Implement Basic Forensic Procedures Order of Volatility Capture System Image Network Traffic and Logs Capture Video Record Time Offset Take Hashes Screenshots Witnesses Track Man-Hours and Expense Chain of Custody Big Data Analysis Cram Quiz Cram Quiz Answers Summarize Common Incident Response Procedures Preparation Incident Identification Escalation and Notification Mitigation Steps Lessons Learned Reporting Recovery/Reconstitution Procedures First Responder Incident Isolation Data Breach Damage and Loss Control Cram Quiz Cram Quiz Answers What Next? Chapter 4 Response and Recovery Explain the Importance of Security-Related Awareness and Training Security Policy Training and Procedures Role-Based Training Personally Identifiable Information Information Classification Public Data Labeling, Handling, and Disposal Compliance with Laws, Best Practices, and Standards User Habits New Threats and New Security Trends/Alerts Use of Social Networking and Peer-to-Peer Services Follow Up and Gather Training Metrics to Validate Compliance and Security Posture Cram Quiz Cram Quiz Answers Compare and Contrast Physical and Environmental Controls Environmental Controls Physical Security Control Types Cram Quiz Cram Quiz Answers Summarize Risk Management Best Practices Business Continuity Concepts Fault Tolerance Disaster Recovery Concepts. Cram Quiz Cram Quiz Answers Given a Scenario, Select the Appropriate Control to Meet the Goals of Security Confidentiality Integrity Availability Safety Cram Quiz Cram Quiz Answers What Next? Part III: Threats and Vulnerabilities Chapter 5 Attacks Explain Types of Malware Adware Viruses Worms Spyware Trojan Horses Rootkits Backdoors Logic Bombs Botnets Ransomware Polymorphic Malware Armored Virus Cram Quiz Cram Quiz Answers Summarize Various Types of Attacks Man-in-the-Middle Denial of Service Distributed DoS Replay DNS Poisoning ARP Poisoning Spoofing Spam Phishing and Related Attacks Privilege Escalation Malicious Insider Threat Transitive Access and Client-Side Attacks Password Attacks Typo Squatting/URL Hijacking Watering Hole Attack Cram Quiz Cram Quiz Answers Summarize Social Engineering Attacks and the Associated Effectiveness with Each Attack Social Engineering Shoulder Surfing Dumpster Diving Tailgating Impersonation Hoaxes Principles (Reasons for Effectiveness) Cram Quiz Cram Quiz Answers Explain Types of Wireless Attacks Jamming/Interference Rogue Access Points War Driving Bluejacking/Bluesnarfing Packet Sniffing WEP/WPA Attacks WPS Attacks Near-Field Communication Cram Quiz Cram Quiz Answers Explain Types of Application Attacks Browser Threats. Code Injections Directory Traversal Header Manipulation Zero-Day Buffer Overflows Integer Overflows. Cookies Arbitrary/Remote Code Execution Cram Quiz Cram Quiz Answers What Next? Chapter 6 Deterrents Analyze a Scenario and Select the Appropriate Type of Mitigation and Deterrent Techniques Monitoring System Logs Hardening Network Security Security Posture Reporting Detection Controls Versus Prevention Controls Cram Quiz Cram Quiz Answers Given a Scenario, Use Appropriate Tools and Techniques to Discover Security Threats and Vulnerabilities Interpret Results of Security Assessment Tools Tools Risk Calculation Assessment Technique Cram Quiz Cram Quiz Answers Explain the Proper Use of Penetration Testing Versus Vulnerability Scanning Penetration Testing Vulnerability Scanning Testing Cram Quiz Cram Quiz Answers What Next? Part IV: Application, Data, and Host Security Chapter 7 Application Security Explain the Importance of Application Security Controls and Techniques Fuzzing Secure Coding Concepts Cross-Site Scripting Prevention Cross-Site Request Forgery Prevention Application Configuration Baseline (Proper Settings) Application Hardening Application Patch Management NoSQL Databases Versus SQL Databases Server-Side Versus Client-Side Validation Cram Quiz Cram Quiz Answers What Next? Chapter 8 Host Security Summarize Mobile Security Concepts and Technologies Device Security Application Security BYOD Concerns Cram Quiz Cram Quiz Answers Given a Scenario, Select the Appropriate Solution to Establish Host Security Operating System Security and Settings OS Hardening Anti-malware Patch Management White Listing Versus Black Listing Applications Trusted OS Host-Based Firewalls Host-Based Intrusion Detection Hardware Security Host Software Baselining Virtualization Cram Quiz Cram Quiz Answers What Next? Chapter 9 Data Security Implement the Appropriate Controls to Ensure Data Security Cloud Storage SAN Handling Big Data Data Encryption Hardware-Based Encryption Devices Data In-Transit, Data At-Rest, Data In-Use Permissions/ACL Data Policies Cram Quiz Cram Quiz Answer Compare and Contrast Alternative Methods to Mitigate Security Risks in Static Environments Environments Methods Cram Quiz Cram Quiz Answer What Next? Part V: Access Control and Identity Management Chapter 10 Authentication, Authorization, and Access Control Compare and Contrast the Function and Purpose of Authentication Services RADIUS TACACS+ Kerberos LDAP XTACACS SAML Secure LDAP Cram Quiz Cram Quiz Answers Given a Scenario, Select the Appropriate Authentication, Authorization, or Access Control Identification Versus Authentication Versus Authorization Authorization Authentication Authentication Factors Identification Federation Transitive Trust/Authentication Cram Quiz Cram Quiz Answers What Next? Chapter 11 Account Management Install and Configure Security Controls When Performing Account Management, Based on Best Practices Mitigate Issues Associated with Users with Multiple Account/Roles and/or Shared Accounts Account Policy Enforcement Group-Based Privileges User-Assigned Privileges User Access Reviews Continuous Monitoring Cram Quiz Cram Quiz Answers What Next? Part VI: Cryptography Chapter 12 Cryptography Tools and Techniques Given a Scenario, Utilize General Cryptography Concepts Symmetric Versus Asymmetric Elliptic Curve and Quantum Cryptography In-Band Versus Out-of-Band Key Exchange Session Keys Transport Encryption Nonrepudiation and Digital Signatures Hashing Key Escrow Steganography Use of Proven Technologies Cram Quiz Cram Quiz Answers Given a Scenario, Use Appropriate Cryptographic Methods Wireless Encryption Functions Cryptographic Hash Functions HMAC Symmetric Encryption Algorithms Asymmetric Encryption Algorithms One-Time Pads PGP Use of Algorithms with Transport Encryption Cipher Suites Key Stretching Cram Quiz Cram Quiz Answers What Next? Chapter 13 Public Key Infrastructure Given a Scenario, Use Appropriate PKI, Certificate Management, and Associated Components Public Key Infrastructure Standards PKI Certificate Policies Public and Private Key Usage Revocation Trust Models Cram Quiz Cram Quiz Answers What Next? Practice Exam 1 Exam Questions Answers at a Glance Answers with Explanations On the CD: Practice Exam 2 Glossary 9780789753342 TOC 1/29/2015


Szczegóły: CompTIA Security+ SY0-401 Exam Cram - Martin Weiss, Kirk Hausman, Diane Barrett

Tytuł: CompTIA Security+ SY0-401 Exam Cram
Autor: Martin Weiss, Kirk Hausman, Diane Barrett
Producent: Pearson
ISBN: 9780789753342
Rok produkcji: 2015
Ilość stron: 592
Waga: 0.81 kg


Recenzje: CompTIA Security+ SY0-401 Exam Cram - Martin Weiss, Kirk Hausman, Diane Barrett

Zaloguj się
Przypomnij hasło
×
×