Comptia Security+ Exam Cram by Diane Barrett

Description: About this productProduct InformationCompTIA's Security+ is the #1 international vendor-neutral baseline security certification. In 2017, CompTIA is releasing a thoroughly revised certification exam. CompTIA Security+ Exam Cram, Fifth Edition has been thoroughly updated to prepare candidates for the new exam, using the proven Exam Cram method of study. As with all Exam Cram books, it includes: Chapters that map directly to the exam objectives Comprehensive foundational learning on all topics covered on the exam An extensive collection of practice questions Access to the Pearson Test Prep practice test software that provides real-time practice and feedback, online or offline The Cram Sheet tear-out card including tips, acronyms, and memory joggers not available anywhere else - perfect for last-minute study Topics covered in this book range from identifying threats, attacks, and vulnerabilities to implementing the correct tools and technologies to defend against these vectors; cryptography concepts and deployment techniques to identity and access management; security architecture and design principles to risk management. This book brings together all the knowledge professionals need to walk into the exam room with confidence - and pass their Security+ exams with flying colors.Product IdentifiersPublisherCisco PressISBN-100789759004ISBN-139780789759009eBay Product ID (ePID)237683486Product Key FeaturesAuthorDiane Barrett, Martin WeissPublication NameComptia Security+ Sy0-501 Exam CramFormatTrade Paperback / Mixed LotLanguageEnglishSeriesExam Cram Ser.Publication Year2017TypeTextbookNumber of Pages720 PagesDimensionsItem Length9.1in.Item Height1.6in.Item Width6.1in.Item Weight35.8 OzAdditional Product FeaturesLc Classification NumberQa76.9.A25Edition Number5Table of ContentIntroduction Part I: Threats, Attacks, and Vulnerabilities Chapter 1: Indicators of Compromise and Malware Types Viruses Worms Ransomware Trojan Horses Rootkits Logic Bombs Bots Spyware What Next? Chapter 2: Attack Types Social Engineering Phishing and Related Attacks Tailgating Impersonation Dumpster Diving Shoulder Surfing Hoaxes Watering Hole Attacks Principles (Reasons for Effectiveness) Application/Service Attacks Spoofing Buffer and Integer Overflows Zero-Day Attack Code Injections Hijacking and Related Attacks Man-in-the-Middle Denial of Service Cryptographic Attacks Brute Force Weak Implementations Wireless Wi-Fi Short Range Wireless Communications What Next? Chapter 3: Threat Actor Types and Attributes Threat Actor Attributes Threat Actor Types Script Kiddies Insiders Hacktivists Organized Crime Competitors Nation States Open Source Intelligence What Next? Chapter 4: Penetration Testing Testing Methodology Planning Discovery Attack Reporting What Next? Chapter 5: Vulnerability Scanning Types of Vulnerability Scans Intrusive vs. Non-intrusive Credentialed vs. Non-credentialed What Next? Chapter 6: Impacts Associated with Vulnerability Types People and Process Race Conditions Resource Exhaustion Architecture and Design Configuration Cryptographic Management Embedded Systems Lack of Vendor Support Improper Software Handling Leaks, Overflows, and Code Injection What Next? Part I Cram Quiz Part II: Technology and Tools Chapter 7: Network Components Perimeter Security Firewalls VPN Concentrators NIDS and NIPS Internal Security Routers Switches Protections Bridges Boundary Devices Proxies Load Balancers Access Points Enforcement Tools SIEM DLP NAC Gateways Cryptographic Devices SSL/TLS Accelerators and Decryptors HSM What Next? Chapter 8: Software Tools Vulnerability Assessment Tools Analyzers and Scanners Detection and Protection Tools Honeypots Exploitation Frameworks Password Crackers Steganography Backup Utilities Data Sanitizing Tools Command-line Tools What Next? Chapter 9: Security Issues Authentication, Authorization, and Access Unencrypted Credentials and Clear Text Permission Issues Access Violations Authentication Issues Certificate Issues Misconfigurations and Deviations Firewall Content Filter Access Points Baseline Deviation Weak Security Configurations and Data Exfiltration Personnel Policy Violation Insider Threat Social Engineering Social Media Personal Email Logs and Event Anomalies Assets and Licensing Asset Management License Compliance Violation Unauthorized Software What Next? Chapter 10: Security Technologies Security Technologies Host Technologies Enterprise Technologies What Next? Chapter 11: Mobile Devices Communication Methods Mobile Device Management Concepts Device, Application, and Content Management Protections Enforcement and Monitoring Deployment Models BYOD, CYOD, COPE and Corporate-owned Devices VDI Deployment Strategies What Next? Chapter 12: Secure Protocols Secure Protocols Securing Web Protocols Securing File Transfer Protocols Securing Email Protocols Securing Internal Protocols Use Cases Secure Web Communication Secure File Transfer Communication Secure Email Communication Secured Internal Communication What Next? Part II Cram Quiz Part III: Architecture and Design Chapter 13: Use Cases, Frameworks, and Best Practices Industry-standard Frameworks and Reference Architectures Regulatory and Non-regulatory National vs. International Industry-specific Frameworks Benchmarks and Secure Configuration Guides PlatfCopyright Date2018Target AudienceScholarly & ProfessionalTopicSecurity / General, Certification Guides / GeneralLccn2017-957913Dewey Decimal005.8Dewey Edition23IllustratedYesGenreComputers

Price: 6.9 USD

Location: Multiple Locations

End Time: 2024-12-19T21:40:37.000Z

Shipping Cost: 3.97 USD