My Account
Log in Registration
All
Cart
Highlights
Fiction Books
Non-Fiction Books
Children's Books
Rare Books
Music
DVD & Blu-Ray
Video Games
Category
Wishlists
Cart
All
Free Shipping in the UK
Trustpilot
Proud to be B-Corp

CompTIA Security+ SYO-401 Exam Cram Diane Barrett

CompTIA Security+ SYO-401 Exam Cram By Diane Barrett

CompTIA Security+ SYO-401 Exam Cram by Diane Barrett

Reviews:
Condition - Good
Out of stock
Good
SeriesExam Cram

CompTIA Security+ SYO-401 Exam Cram Summary

CompTIA Security+ SYO-401 Exam Cram by Diane Barrett

CompTIA (R) Security+ Exam Cram, Fourth Edition, is the perfect study guide to help you pass CompTIA's newly updated version of the Security+ exam. It provides coverage and practice questions for every exam topic. The book contains a set of 200 questions in two full practice exams. The CD-ROM contains the powerful Pearson IT Certification Practice Test engine that provides real-time practice and feedback with all the questions so you can simulate the exam. Covers the critical information you need to know to score higher on your Security+ exam! --Categorize types of attacks, threats, and risks to your systems --Secure devices, communications, and network infrastructure -- Troubleshoot issues related to networking components -- Effectively manage risks associated with a global business environment -- Differentiate between control methods used to secure the physical domain -- Identify solutions to secure hosts, data, and applications -- Compare techniques to mitigate risks in static environments -- Determine relevant access control, authorization, and authentication procedures -- Select appropriate mitigation techniques in response to attacks and vulnerabilities -- Apply principles of cryptography and effectively deploy related solutions --Implement security practices from both a technical and an organizational standpoint

About Diane Barrett

Diane Barrett is the president of NextGard Technology and a professor for Bloomsburg University. She has done contract forensic and security assessment work for several years and has authored several other security and forensic books. She is a program director for ADFSL's Conference on Digital Forensics, Security, and Law; the DFCP certification chair for the Digital Forensic Certification Board; and a volunteer for the NIST Cloud Computing Forensic Science Challenges working group. She holds many industry certifications, including CISSP, ISSMP, DFCP, and PCME, along with several from CompTIA, including Security+. Diane's education includes a Ph.D. in business administration with a specialization in information security and a master of science degree in information technology with a specialization in information security. Kalani Kirk Hausman is an author, GRC professional, enterprise and security architect, ISO, and consultant with experience that includes mediumto large-scale globally deployed networks in governmental, higher education, healthcare, and corporate settings. Kalani's professional certifications include the CISSP, CGEIT, CRISC, CISA, CISM, GIAC-GHSC, PMP, ITIL, and CCP. He is active within the InfraGard; Information Systems Audit and Control Association (ISACA); ISSA; and High Technology Crime Investigation Association (HTCIA). Kalani is currently employed at Texas A&M University and as an adjunct professor of InfoSec at UMUC and APU/AMU. Kalani can be reached at [email protected] or followed on Twitter at @kkhausman. Martin M. Weiss has years of experience in information security, risk management, and compliance. Marty holds a bachelor of science degree in computer studies from the University of Maryland University College and an MBA from the Isenberg School of Management at the University of Massachusetts Amherst. He holds several certifications, including CISSP, CISA, and Security+. Marty has authored and co-authored more than a half dozen books on information technology. Occasionally, he molds minds as an adjunct professor with the University of Maryland University College. A Florida native, he now lives in New England somewhere between Boston and New York City.

Table of Contents

Introduction Part I: Network Security Chapter 1 Secure Network Design Implement Security Configuration Parameters on Network Devices and Other Technologies Firewalls Routers Switches Load Balancers Proxies Web Security Gateways VPN Concentrators NIDS and NIPS Protocol Analyzers Spam Filter UTM Security Appliances Web Application Firewall Versus Network Firewall Application-Aware Devices Cram Quiz Cram Quiz Answers Given a Scenario, Use Secure Network Administration Principles Rule-Based Management Firewall Rules VLAN Management Secure Router Configuration Access Control Lists Port Security 802.1X Flood Guards Loop Protection Implicit Deny Network Separation Log Analysis Unified Threat Management Cram Quiz Cram Quiz Answers Explain Network Design Elements and Components DMZ Subnetting VLAN NAT Remote Access Telephony NAC Virtualization Cloud Computing Layered Security/Defense in Depth Cram Quiz Cram Quiz Answers What Next? Chapter 2 Network Implementation Given a Scenario, Implement Common Protocols and Services Protocols Ports OSI Relevance Cram Quiz Cram Quiz Answers Given a Scenario, Troubleshoot Security Issues Related to Wireless Networking WPA WPA2 WEP EAP PEAP LEAP MAC Filter Disable SSID Broadcast TKIP CCMP Antenna Placement Power-Level Controls Captive Portals Antenna Types Site Surveys VPN (Over Open Wireless) Cram Quiz Cram Quiz Answers What Next? Part II: Compliance and Operational Security Chapter 3 Risk Management Explain the Importance of Risk-Related Concepts Control Types False Positives False Negatives Importance of Policies in Reducing Risk Risk Calculation Qualitative Versus Quantitative Measures Vulnerabilities Threat Vectors Probability/Threat Likelihood Risk-Avoidance, Transference, Acceptance, Mitigation, Deterrence Risks Associated with Cloud Computing and Virtualization Recovery Time Objective and Recovery Point Objective Cram Quiz Cram Quiz Answers Summarize the Security Implications of Integrating Systems and Data with Third Parties On-Boarding/Off-Boarding Business Partners Social Media Networks and/or Applications Interoperability Agreements Privacy Considerations Risk Awareness Unauthorized Data Sharing Data Ownership Data Backups Follow Security Policy and Procedures Review Agreement Requirements to Verify Compliance and Performance Standards Cram Quiz Cram Quiz Answers Given a Scenario, Implement Appropriate Risk Mitigation Strategies Change Management Incident Management User Rights and Permissions Reviews Perform Routine Audits Enforce Policies and Procedures to Prevent Data Loss or Theft Enforce Technology Controls Cram Quiz Cram Quiz Answers Given a Scenario, Implement Basic Forensic Procedures Order of Volatility Capture System Image Network Traffic and Logs Capture Video Record Time Offset Take Hashes Screenshots Witnesses Track Man-Hours and Expense Chain of Custody Big Data Analysis Cram Quiz Cram Quiz Answers Summarize Common Incident Response Procedures Preparation Incident Identification Escalation and Notification Mitigation Steps Lessons Learned Reporting Recovery/Reconstitution Procedures First Responder Incident Isolation Data Breach Damage and Loss Control Cram Quiz Cram Quiz Answers What Next? Chapter 4 Response and Recovery Explain the Importance of Security-Related Awareness and Training Security Policy Training and Procedures Role-Based Training Personally Identifiable Information Information Classification Public Data Labeling, Handling, and Disposal Compliance with Laws, Best Practices, and Standards User Habits New Threats and New Security Trends/Alerts Use of Social Networking and Peer-to-Peer Services Follow Up and Gather Training Metrics to Validate Compliance and Security Posture Cram Quiz Cram Quiz Answers Compare and Contrast Physical and Environmental Controls Environmental Controls Physical Security Control Types Cram Quiz Cram Quiz Answers Summarize Risk Management Best Practices Business Continuity Concepts Fault Tolerance Disaster Recovery Concepts. Cram Quiz Cram Quiz Answers Given a Scenario, Select the Appropriate Control to Meet the Goals of Security Confidentiality Integrity Availability Safety Cram Quiz Cram Quiz Answers What Next? Part III: Threats and Vulnerabilities Chapter 5 Attacks Explain Types of Malware Adware Viruses Worms Spyware Trojan Horses Rootkits Backdoors Logic Bombs Botnets Ransomware Polymorphic Malware Armored Virus Cram Quiz Cram Quiz Answers Summarize Various Types of Attacks Man-in-the-Middle Denial of Service Distributed DoS Replay DNS Poisoning ARP Poisoning Spoofing Spam Phishing and Related Attacks Privilege Escalation Malicious Insider Threat Transitive Access and Client-Side Attacks Password Attacks Typo Squatting/URL Hijacking Watering Hole Attack Cram Quiz Cram Quiz Answers Summarize Social Engineering Attacks and the Associated Effectiveness with Each Attack Social Engineering Shoulder Surfing Dumpster Diving Tailgating Impersonation Hoaxes Principles (Reasons for Effectiveness) Cram Quiz Cram Quiz Answers Explain Types of Wireless Attacks Jamming/Interference Rogue Access Points War Driving Bluejacking/Bluesnarfing Packet Sniffing WEP/WPA Attacks WPS Attacks Near-Field Communication Cram Quiz Cram Quiz Answers Explain Types of Application Attacks Browser Threats. Code Injections Directory Traversal Header Manipulation Zero-Day Buffer Overflows Integer Overflows. Cookies Arbitrary/Remote Code Execution Cram Quiz Cram Quiz Answers What Next? Chapter 6 Deterrents Analyze a Scenario and Select the Appropriate Type of Mitigation and Deterrent Techniques Monitoring System Logs Hardening Network Security Security Posture Reporting Detection Controls Versus Prevention Controls Cram Quiz Cram Quiz Answers Given a Scenario, Use Appropriate Tools and Techniques to Discover Security Threats and Vulnerabilities Interpret Results of Security Assessment Tools Tools Risk Calculation Assessment Technique Cram Quiz Cram Quiz Answers Explain the Proper Use of Penetration Testing Versus Vulnerability Scanning Penetration Testing Vulnerability Scanning Testing Cram Quiz Cram Quiz Answers What Next? Part IV: Application, Data, and Host Security Chapter 7 Application Security Explain the Importance of Application Security Controls and Techniques Fuzzing Secure Coding Concepts Cross-Site Scripting Prevention Cross-Site Request Forgery Prevention Application Configuration Baseline (Proper Settings) Application Hardening Application Patch Management NoSQL Databases Versus SQL Databases Server-Side Versus Client-Side Validation Cram Quiz Cram Quiz Answers What Next? Chapter 8 Host Security Summarize Mobile Security Concepts and Technologies Device Security Application Security BYOD Concerns Cram Quiz Cram Quiz Answers Given a Scenario, Select the Appropriate Solution to Establish Host Security Operating System Security and Settings OS Hardening Anti-malware Patch Management White Listing Versus Black Listing Applications Trusted OS Host-Based Firewalls Host-Based Intrusion Detection Hardware Security Host Software Baselining Virtualization Cram Quiz Cram Quiz Answers What Next? Chapter 9 Data Security Implement the Appropriate Controls to Ensure Data Security Cloud Storage SAN Handling Big Data Data Encryption Hardware-Based Encryption Devices Data In-Transit, Data At-Rest, Data In-Use Permissions/ACL Data Policies Cram Quiz Cram Quiz Answer Compare and Contrast Alternative Methods to Mitigate Security Risks in Static Environments Environments Methods Cram Quiz Cram Quiz Answer What Next? Part V: Access Control and Identity Management Chapter 10 Authentication, Authorization, and Access Control Compare and Contrast the Function and Purpose of Authentication Services RADIUS TACACS+ Kerberos LDAP XTACACS SAML Secure LDAP Cram Quiz Cram Quiz Answers Given a Scenario, Select the Appropriate Authentication, Authorization, or Access Control Identification Versus Authentication Versus Authorization Authorization Authentication Authentication Factors Identification Federation Transitive Trust/Authentication Cram Quiz Cram Quiz Answers What Next? Chapter 11 Account Management Install and Configure Security Controls When Performing Account Management, Based on Best Practices Mitigate Issues Associated with Users with Multiple Account/Roles and/or Shared Accounts Account Policy Enforcement Group-Based Privileges User-Assigned Privileges User Access Reviews Continuous Monitoring Cram Quiz Cram Quiz Answers What Next? Part VI: Cryptography Chapter 12 Cryptography Tools and Techniques Given a Scenario, Utilize General Cryptography Concepts Symmetric Versus Asymmetric Elliptic Curve and Quantum Cryptography In-Band Versus Out-of-Band Key Exchange Session Keys Transport Encryption Nonrepudiation and Digital Signatures Hashing Key Escrow Steganography Use of Proven Technologies Cram Quiz Cram Quiz Answers Given a Scenario, Use Appropriate Cryptographic Methods Wireless Encryption Functions Cryptographic Hash Functions HMAC Symmetric Encryption Algorithms Asymmetric Encryption Algorithms One-Time Pads PGP Use of Algorithms with Transport Encryption Cipher Suites Key Stretching Cram Quiz Cram Quiz Answers What Next? Chapter 13 Public Key Infrastructure Given a Scenario, Use Appropriate PKI, Certificate Management, and Associated Components Public Key Infrastructure Standards PKI Certificate Policies Public and Private Key Usage Revocation Trust Models Cram Quiz Cram Quiz Answers What Next? Practice Exam 1 Exam Questions Answers at a Glance Answers with Explanations On the CD: Practice Exam 2 Glossary 9780789753342 TOC 1/29/2015

Additional information

CIN0789753340G
9780789753342
0789753340
CompTIA Security+ SYO-401 Exam Cram by Diane Barrett
Diane Barrett
Exam Cram
Used - Good
Hardback
Pearson Education (US)
2015-03-19
592
N/A
Book picture is for illustrative purposes only, actual binding, cover or edition may vary.
This is a used book - there is no escaping the fact it has been read by someone else and it will show signs of wear and previous use. Overall we expect it to be in good condition, but if you are not entirely satisfied please get in touch with us

Customer Reviews - CompTIA Security+ SYO-401 Exam Cram