CompTIA Security+ SY0-701 Cert Guide

Dekorationsartikel gehören nicht zum Leistungsumfang.

Sprache: Englisch

53,95 €

inkl. MwSt.

Versandkostenfrei per Post / DHL

auf Lager, Lieferzeit 1-2 Werktage

Kategorien:

Beschreibung

Learn, prepare, and practice for CompTIA Security+ SY0-701 exam success with this Cert Guide from Pearson IT Certification, a leader in IT Certification learning. CompTIA Security+ SY0-701 Cert Guide from Pearson IT Certification helps you prepare to succeed on the CompTIA Security+ SY0-701 exam by directly addressing the exams objectives as stated by CompTIA. Leading instructor and cybersecurity professional Lewis Heuermann shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. This complete study package includes Complete coverage of the exam objectives and a test-preparation routine designed to help you pass the exams Do I Know This Already? quizzes, which allow you to decide how much time you need to spend on each section Chapter-ending Key Topic tables, which help you drill on key concepts you must know thoroughly The powerful Pearson Test Prep Practice Test software, complete with hundreds of well-reviewed, exam-realistic questions, customization options, and detailed performance reports An online, interactive Flash Cards application to help you drill on Key Terms by chapter A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies Study plan suggestions and templates to help you organize and optimize your study time Well regarded for its level of detail, study plans, assessment features, and challenging review questions and exercises, this study guide helps you master the concepts and techniques that ensure your exam success. This study guide helps you master all the topics on the CompTIA Security+ SY0-701 exam, deepening your knowledge of General Security Concepts: Security controls, security concepts, change management process, cryptographic solutions Threats, Vulnerabilities, and Mitigations: Threat actors and motivations, attack surfaces, types of vulnerabilities, indicators of malicious activity, mitigation techniques Security Architecture: Security implications of architecture models, secure enterprise infrastructure, protect data, resilience and recovery in security architecture Security Operations: Security techniques to computing resources, security implications, vulnerability management, monitoring concepts, enterprise capabilities to enhance security, access management, automation related to secure operations, incident response activities Security Program Management and Oversight: Security governance, risk management, third-party risk assessment and management, security compliance, audits and assessments, security awareness practices

Über den Autor

Lewis Heuermann, CISSP, PMP, is a Navy submarine veteran and seasoned cybersecurity consultant who combines his extensive practical experience with deep academic insight to make cybersecurity accessible to all learners. His diverse background includes roles in systems and network engineering, network defense analysis, and cyber risk management. As a professor, he has developed and taught courses in cybersecurity and data analytics, utilizing tools like Python, SQL, Power BI, and Tableau. Lewis also holds several key IT certifications.

Inhaltsverzeichnis

Introduction xxxix
Part I: General Security Concepts
Chapter 1 Comparing and Contrasting the Various Types of Controls 3
Do I Know This Already? Quiz 3
Foundation Topics 6
Control Categories 6
Technical Controls 6
Managerial Controls 6
Operational Controls 6
Physical Controls 7
Summary of Control Categories 7
Control Types 8
Preventive Controls 8
Deterrent Controls 8
Detective Controls 9
Corrective Controls 9
Compensating Controls 9
Directive Controls 10
Summary of Control Types 10
Chapter Review Activities 11
Chapter 2 Summarizing Fundamental Security Concepts 15
Do I Know This Already? Quiz 15
Foundation Topics 19
Confidentiality, Integrity, and Availability (CIA) 19
Non-repudiation 20
Authentication, Authorization, and Accounting (AAA) 21
Gap Analysis 22
Zero Trust 22
Physical Security 24
Bollards/Barricades 24
Access Control Vestibules 26
Fencing 27
Video Surveillance 28
Security Guards 28
Access Badges 29
Lighting 30
Sensors 30
Deception and Disruption Technology 31
Chapter Review Activities 32
Chapter 3 Understanding Change Managements Security Impact 37
Do I Know This Already? Quiz 37
Foundation Topics 41
Business Processes Impacting Security Operations 41
Approval Process 41
Ownership 41
Stakeholders 42
Impact Analysis 42
Test Results 42
Backout Plan 42
Maintenance Window 43
Standard Operating Procedure 43
Technical Implications 43
Allow Lists 44
Block Lists/Deny Lists 44
Restricted Activities 44
Downtime 45
Service Restart 45
Application Restart 46
Legacy Applications 46
Dependencies 46
Documentation 47
Updating Diagrams 47
Updating Policies/Procedures 48
Version Control 48
Chapter Review Activities 49
Chapter 4 Understanding the Importance of Using Appropriate Cryptographic Solutions 53
Do I Know This Already? Quiz 53
Foundation Topics 58
Public Key Infrastructure (PKI) 58
Public Key 58
Private and Public Key 58
Encryption 59
Level 59
Full Disk 59
Partition 60
File 60
Volume 60
Database 60
Record 61
Transport/Communication 61
Encryption at Rest, in Transit/Motion, and in Processing 61
Symmetric Versus Asymmetric Encryption 62
Key Exchange 64
Algorithms 65
Key Length 66
Tools 67
Trusted Platform Module 67
Hardware Security Module 68
Key Management System 68
Secure Enclave 69
Obfuscation 70
Steganography 70
Audio Steganography 71
Video Steganography 71
Image Steganography 72
Tokenization 72
Data Masking 74
Hashing 75
Salting 76
Digital Signatures 76
Key Stretching 77
Blockchain 78
Open Public Ledger 78
Certificates 79
Certificate Authorities 79
Certificate Revocation Lists 81
Online Certificate Status Protocol (OCSP) 82
Self-Signed 83
Certificate-Signing Request 90
Wildcard 90
Chapter Review Activities 90
Part II: Threats, Vulnerabilities, and Mitigations
Chapter 5 Comparing and Contrasting Common Threat Actors and Motivations 95
Do I Know This Already? Quiz 95
Foundation Topics 98
Threat Actors 98
Attributes of Actors 99
Motivations 100
War 101
Chapter Review Activities 102
Chapter 6 Understanding Common Threat Vectors and Attack Surfaces 105
Do I Know This Already? Quiz 105
Foundation Topics 109
Message-Based 109
Email 109
Short Message Service (SMS) 109
Instant Messaging (IM) 110
Spam and Spam over Internet Messaging (SPIM) 110
Image-Based 111
File-Based 111
Voice Call 111
Removable Device 111
Vulnerable Software 112
Unsupported Systems and Applications 112
Unsecure Networks 113
Open Service Ports 114
Default Credentials 115
Supply Chain 116
Human Vectors/Social Engineering 116
Phishing 117
Vishing 120
Smishing 121
Misinformation/Disinformation 121
Impersonation 121
Business Email Compromise (BEC) 122
Pretexting 122
Watering Hole Attack 122
Brand Impersonation 123
Typosquatting 123
Chapter Review Activities 123
Chapter 7 Understanding Various Types of Vulnerabilities 127
Do I Know This Already? Quiz 127
Foundation Topics 130
Application 130
Memory Injection 130
Buffer Overflow 131
Race Conditions 132
Malicious Update 132
Operating System (OS)Based 133
Web-Based 133
Structured Query Language Injection (SQLi) Vulnerabilities 133
Cross-Site Scripting (XSS) Vulnerabilities 134
Hardware 134
Firmware 134
End-of-Life (EOL) 134
Legacy 135
Virtualization 135
Virtual Machine (VM) Escape 135
Resource Reuse 135
Cloud Specific 136
Other Cloud-Based Concerns 140
Supply Chain 141
Service Provider 141
Hardware Provider 141
Software Provider 142
Cryptographic 142
Misconfiguration 142
Mobile Device 142
Side Loading 143
Jailbreaking 143
Zero-Day Vulnerabilities 143
Chapter Review Activities 145
Chapter 8 Understanding Indicators of Malicious Activity 149
Do I Know This Already? Quiz 149
Foundation Topics 152
Malware Attacks 152
Ransomware 152
Trojans 153
Worms 154
Spyware 154
Bloatware 155
Virus 155
Keylogger 155
You Cant Save Every Computer from Malware! 156
Logic Bomb 157
Rootkit 157
Physical Attacks 158
Brute-Force Attacks 159
Radio Frequency Identification (RFID) Cloning 159
Environmental 159
Network Attacks 160
Distributed Denial-of-Service (DDoS) Attacks 160
Domain Name System (DNS) Attacks 160
Wireless Attacks 160
On-Path Attacks 161
Credential Replay 161
Malicious Code 161
Application Attacks 162
Injection 162
Buffer Overflow 162
Replay 162
Privilege Escalation 162
Forgery 163
Directory Traversal 163
Cryptographic Attacks 163
Downgrade 163
Collision 163
Birthday 164
Password Attacks 164
Password Spraying 165
Brute-Force Attacks 165
Indicators 165
Account Lockout 166
Concurrent Session Usage 166
Blocked Content 166
Impossible Travel 166
Resource Consumption 166
Resource Inaccessibility 166
Out-of-Cycle Logging 167
Published/Documented Indicators 167
Missing Logs 167
Chapter Review Activities 167
Chapter 9 Understanding the Purpose of Mitigation Techniques Used to Secure the Enterprise 171
Do I Know This Already? Quiz 171
Foundation Topics 175
Segmentation 175
Access Control 175
Access Control Lists (ACLs) 175
Permissions 176
Application Allow List 178
Isolation 179
Patching 180
Encryption 181
Monitoring 182
Least Privilege 182
Configuration Enforcement 182
Decommissioning 183
Hardening Techniques 183
Encryption 183
Installation of Endpoint Protection 184
Host-Based Firewall 184
Host-Based Intrusion Prevention System (HIPS) 184
Disabling Ports/Protocols 184
Default Password Changes 185
Removal of Unnecessary Software 185
Chapter Review Activities 185
Part III: Security Architecture
Chapter 10 Comparing and Contrasting Security Implications of Different Architecture Models 189
Do I Know This Already? Quiz 189
Foundation Topics 193
Architecture and Infrastructure Concepts 193
Cloud 193
Infrastructure as Code (IaC) 195
Serverless 196
Microservices 197
Network Infrastructure 197
On-premises 201
Centralized Versus Decentralized 201
Containerization 202
Virtualization 206
IoT 208
Industrial Control Systems (ICS)/Supervisory Control and Data Acquisition (SCADA) 210
Real-Time Operating System (RTOS) 213
Embedded Systems 214
High Availability 214
Considerations 215
Availability 215
Resilience 215
Cost 216
Responsiveness 216
Scalability 216
Ease of Deployment 216
Risk Transference 217
Ease of Recovery 217
Patch Availability 217
Inability to Patch 218
Power 218
Compute 218
Chapter Review Activities 219
Chapter 11 Applying Security Principles to Secure Enterprise Infrastructure 223
Do I Know This Already? Quiz 223
Foundation Topics 226
Infrastructure Considerations 226
Device Placement 226
Security Zones 226
Attack Surface 227
Connectivity 228
Failure Modes 228
Device Attribute 229
Network Appliances 230
Port Security 235
Firewall Types 239
Secure Communication/Access 249
Virtual Private Network (VPN) 249
Remote Access 251
Tunneling 254
Software-Defined Wide Area Network (SD-WAN) 265
Secure Access Service Edge (SASE) 265
Selection of Effective Controls 266
Chapter Review Activities 266
Chapter 12 Comparing and Contrasting Concepts and Strategies to Protect Data 271
Do I Know This Already? Quiz 271
Foundation Topics 274
Data Types 274
Data Classifications 275
General Data Considerations 276
Data States 276
Data Sovereignty 278
Geolocation 278
Methods to Secure Data 279
Geographic Restrictions 279
Encryption 279
Hashing 279
Masking 281
Tokenization 281
Obfuscation 281
Segmentation 281
Permission Restrictions 282
Chapter Review Activities 283
Chapter 13 Understanding the Importance of Resilience and Recovery in Security Architecture 287
Do I Know This Already? Quiz 287
Foundation Topics 291
High Availability 291
Key Components 291
Cloud Environments 291
Site Considerations 292
Platform...

Details

Erscheinungsjahr:	2026
Genre:	Importe , Informatik
Rubrik:	Naturwissenschaften & Technik
Medium:	Taschenbuch
ISBN-13:	9780138293086
ISBN-10:	0138293082
Sprache:	Englisch
Einband:	Kartoniert / Broschiert
Autor:	Heuermann, Lewis
Auflage:	1. Auflage
Hersteller:	Pearson IT Certification Pearson Education Limited FT Publishing International
Verantwortliche Person für die EU:	Pearson Education, St.-Martin-Str. 82, D-81541 München, info@pearson.de
Maße:	235 x 195 x 41 mm
Von/Mit:	Lewis Heuermann
Erscheinungsdatum:	11.05.2026
Gewicht:	1,436 kg