CHF43.00
Download steht sofort bereit
Some copies of CompTIA Security+ Study Guide: Exam SY0-501 (9781119416876) were printed without discount exam vouchers in the front of the books. If you did not receive a discount exam voucher with your book, please visit http://media.wiley.com/product_ancillary/5X/11194168/DOWNLOAD/CompTIA_Coupon.pdf to download one.
Expert preparation covering 100% of Security+ exam SY0-501 objectives
CompTIA Security+ Study Guide, Seventh Edition offers invaluable preparation for Exam SY0-501. Written by an expert author team, this book covers 100% of the exam objectives with clear, concise explanation. You'll learn how to handle threats, attacks, and vulnerabilities using industry-standard tools and technologies, while understanding the role of architecture and design. From everyday tasks like identity and access management to complex topics like risk management and cryptography, this study guide helps you consolidate your knowledge base in preparation for the Security+ exam. Practical examples illustrate how these processes play out in real-world scenarios, allowing you to immediately translate essential concepts to on-the-job application. You also gain access to the Sybex online learning environment, which features a robust toolkit for more thorough prep: flashcards, glossary of key terms, practice questions, and a pre-assessment exam equip you with everything you need to enter the exam confident in your skill set.
This study guide is approved and endorsed by CompTIA, and has been fully updated to align with the latest version of the exam.
Master essential security technologies, tools, and tasks
Understand how Security+ concepts are applied in the real world
Study on the go with electronic flashcards and more
Test your knowledge along the way with hundreds of practice questions
To an employer, the CompTIA Security+ certification proves that you have the knowledge base and skill set to secure applications, devices, and networks; analyze and respond to threats; participate in risk mitigation, and so much more. As data threats loom larger every day, the demand for qualified security professionals will only continue to grow. If you're ready to take the first step toward a rewarding career, CompTIA Security+ Study Guide, Seventh Edition is the ideal companion for thorough exam preparation.
Autorentext
Emmett Dulaney is a Professor at a small university in Indiana. He has written several certification books on Windows, Security, IT project management, and UNIX, and was co-author of two of Sybex's leading certification titles: CompTIA Security+ Study Guide and CompTIA A+ Complete Study Guide. Chuck Easttom is CEO and Chief Trainer for CEC-Security, which specializes in IT security training and CISP and Security+ exam preparation. He has over 18 years in the IT industry, 10 years teaching and training, and has authored 15 published books.
Inhalt
Introduction xxiv
Assessment Test xli
Chapter 1 Managing Risk 1
Risk Terminology 3
Threat Assessment 6
Risk Assessment 6
Computing Risk Assessment 7
Assessing Privacy 12
Acting on Your Risk Assessment 12
Risks Associated with Cloud Computing 15
Risks Associated with Virtualization 16
Developing Policies, Standards, and Guidelines 17
Implementing Policies 17
Understanding Control Types and False Positives/Negatives 26
Risk Management Best Practices 28
Change Management 38
Summary 38
Exam Essentials 38
Review Questions 40
Chapter 2 Monitoring and Diagnosing Networks 45
Monitoring and Diagnosing Networks Terminology 47
Frameworks, Best Practices, and Configuration Guides 48
Industry-Standard Frameworks and Reference Architectures 48
National Institute of Standards and Technology (NIST) 51
Benchmarks/Secure Configuration Guides 54
Secure Network Architecture Concepts 57
Zones 57
Tunneling/VPN 63
Placing Security Devices 64
SDN 67
IDS vs. IPS 67
Secure Systems Design 68
Hardware and Firmware Security 68
Operating Systems 69
Peripherals 73
Secure Staging Deployment Concepts 73
Summary 74
Exam Essentials 74
Review Questions 76
Chapter 3 Understanding Devices and Infrastructure 79
Infrastructure Terminology 81
Designing with Security in Mind 84
Firewalls 84
VPNs and VPN Concentrators 89
Intrusion Detection Systems 91
Router 104
Switch 106
Proxy 107
Load Balancer 108
Access Point 108
SIEM 111
DLP 111
Network Access Control (NAC) 112
Mail Gateway 112
Bridge 113
SSL/TLS Accelerators 113
SSL Decryptors 113
Media Gateway 114
Hardware Security Module 114
Summary 115
Exam Essentials 115
Review Questions 116
Chapter 4 Identity and Access Management 121
Using Tools to Assess Your Network 125
Protocol Analyzer 125
Network Scanners 127
Password Cracker 130
Vulnerability Scanners 131
Command-Line Tools 135
Additional Tools 142
Troubleshooting Common Security Issues 143
Access Issues 144
Configuration Issues 145
Security Technologies 147
Intrusion Detection Systems 147
Antimalware 148
Firewalls and Related Devices 149
Other Systems 150
Identity and Access Management Concepts 151
Identification vs. Authentication 151
Authentication (Single Factor) and Authorization 152
Multifactor Authentication 153
Biometrics 153
Federations 154
Potential Authentication and Access Problems 154
LDAP 155
PAP, SPAP, and CHAP 155
Kerberos 156
Working with RADIUS 157
TACACS, TACACS+, XTACACS 158
OATH 158
One-Time Passwords 158
SAML 159
Install and Configure Identity and Access Services 159
Mandatory Access Control 159
Discretionary Access Control 160
Role-Based Access Control 160
Rule-Based Access Control 160
ABAC 161
Smartcards 161
Tokens 162
File and Database Security 163
Summary 163
Exam Essentials 164
Review Questions 165
Chapter 5 Wireless Network Threats 169
Wireless Threat Terminology 170
Wireless Vulnerabilities to Know 171 ...