(Ebook PDF) Principles of Computer Security CompTIA Security and Beyond Lab Manual Exam SY0-601 1st edition by Jonathan Weissman 1260474321 9781260474329 full chapters

Principles of Computer Security: CompTIA Security+ and Beyond Lab Manual (Exam SY0-601) 1st edition by Jonathan S. Weissman – Ebook PDF Instant Download/DeliveryISBN:  1260474321, 9781260474329 

Full download Principles of Computer Security: CompTIA Security+ and Beyond Lab Manual (Exam SY0-601) 1st edition  after payment.

Product details:

ISBN-10 :  1260474321 

ISBN-13 :  9781260474329

Author : Jonathan S. Weissman 

Fully updated computer security essentials—mapped to the CompTIA Security SY0-601 exam Save 10% on any CompTIA exam voucher! Coupon code inside. Learn IT security fundamentals while getting complete coverage of the objectives for the latest release of CompTIA Security certification exam SY0-601. This thoroughly revised, full-color textbook covers how to secure hardware, systems, and software. It addresses new threats and cloud environments, and provides additional coverage of governance, risk, compliance, and much more. Written by a team of highly respected security educators, Principles of Computer Security: CompTIA Security ™ and Beyond, Sixth Edition (Exam SY0-601) will help you become a CompTIA-certified computer security expert while also preparing you for a successful career. Find out how to: Ensure operational, organizational, and physical security Use cryptography and public key infrastructures (PKIs) Secure remote access, wireless networks, and virtual private networks (VPNs) Authenticate users and lock down mobile devices Harden network devices, operating systems, and applications Prevent network attacks, such as denial of service, spoofing, hijacking, and password guessing Combat viruses, worms, Trojan horses, and rootkits Manage e-mail, instant messaging, and web security Explore secure software development requirements Implement disaster recovery and business continuity measures Handle computer forensics and incident response Understand legal, ethical, and privacy issues Online content features: Test engine that provides full-length practice exams and customized quizzes by chapter or exam objective Each chapter includes: Learning objectives Real-world examples Try This! and Cross Check exercises Tech Tips, Notes, and Warnings Exam Tips End-of-chapter quizzes and lab projects

Principles of Computer Security: CompTIA Security+ and Beyond Lab Manual (Exam SY0-601) 1st Table of contents:

Chapter 1 Introduction and Security Trends
The Computer Security Problem
Definition of Computer Security
Historical Security Incidents
The Current Threat Environment
Infrastructure Attacks
Ransomware
Threats to Security
Viruses and Worms
Intruders
Insiders
Criminal Organizations
Nation-States, Terrorists, and Information Warfare
Brand-Name Attacks
Attributes of Actors
Internal/External
Level of Sophistication
Resources/Funding
Intent/Motivation
Security Trends
Targets and Attacks
Specific Target
Opportunistic Target
Minimizing Possible Avenues of Attack
Approaches to Computer Security
Cybersecurity Kill Chain
Threat Intelligence
Open Source Intelligence
Ethics
Additional References
Chapter 1 Review
Chapter 2 General Security Concepts
Basic Security Terminology
Security Basics
Security Tenets
Security Approaches
Security Principles
Formal Security Models
Confidentiality Models
Integrity Models
Additional References
Chapter 2 Review
Chapter 3 Operational and Organizational Security
Policies, Procedures, Standards, and Guidelines
Organizational Policies
Change Management Policy
Change Control
Asset Management
Security Policies
Data Policies
Credential Policies
Password and Account Policies
Human Resources Policies
Code of Ethics
Job Rotation
Separation of Duties
Employee Hiring (Onboarding) and Promotions
Retirement, Separation, or Termination (Offboarding)
Exit Interviews
Onboarding/Offboarding Business Partners
Adverse Actions
Mandatory Vacations
Acceptable Use Policy
Internet Usage Policy
E-mail Usage Policy
Social Media Analysis
Clean Desk Policy
Bring-Your-Own-Device (BYOD) Policy
Privacy Policy
Due Care and Due Diligence
Due Process
Incident Response Policies and Procedures
Security Awareness and Training
Diversity of Training Techniques
Security Policy Training and Procedures
User Training
Role-Based Training
Continuing Education
Compliance with Laws, Best Practices, and Standards
User Habits
Training Metrics and Compliance
Standard Operating Procedures
Third-Party Risk Management
Vendors
Supply Chain
Business Partners
Interoperability Agreements
Service Level Agreement (SLA)
Memorandum of Understanding (MOU)
Measurement Systems Analysis (MSA)
Business Partnership Agreement (BPA)
Interconnection Security Agreement (ISA)
NDA
End of Service Life (EOSL)
End of Life (EOL)
Chapter 3 Review
Chapter 4 The Role of People in Security
People—A Security Problem
Social Engineering
Tools
Principles (Reasons for Effectiveness)
Defenses
Attacks
Impersonation
Phishing
Smishing
Vishing
Spam
Spam over Internet Messaging (SPIM)
Spear Phishing
Whaling
Pharming
Dumpster Diving
Shoulder Surfing
Tailgating/Piggybacking
Eliciting Information
Prepending
Identity Fraud
Invoice Scams
Credential Harvesting
Reverse Social Engineering
Reconnaissance
Hoax
Watering Hole Attack
Typo Squatting
Influence Campaigns
Poor Security Practices
Password Selection
Shoulder Surfing
Piggybacking
Dumpster Diving
Installing Unauthorized Hardware and Software
Data Handling
Physical Access by Non-Employees
Clean Desk Policies
People as a Security Tool
Security Awareness
Security Policy Training and Procedures
Chapter 4 Review
Chapter 5 Cryptography
Cryptography in Practice
Fundamental Methods
Comparative Strengths and Performance of Algorithms
Key Length
Cryptographic Objectives
Diffusion
Confusion
Obfuscation
Perfect Forward Secrecy
Security Through Obscurity
Historical Perspectives
Algorithms
Substitution Ciphers
One-Time Pads
Key Management
Random Numbers
Salting
Hashing Functions
Message Digest
SHA
RIPEMD
Hashing Summary
Symmetric Encryption
DES
3DES
AES
CAST
RC
Blowfish
Twofish
IDEA
ChaCha20
Cipher Modes
Authenticated Encryption with Associated Data (AEAD)
Block vs. Stream
Symmetric Encryption Summary
Asymmetric Encryption
Diffie-Hellman
RSA Algorithm
ElGamal
ECC
Asymmetric Encryption Summary
Symmetric vs. Asymmetric
Quantum Cryptography
Post-Quantum
Lightweight Cryptography
Homomorphic Encryption
For More Information
Chapter 5 Review
Chapter 6 Applied Cryptography
Cryptography Use
Confidentiality
Integrity
Authentication
Nonrepudiation
Digital Signatures
Digital Rights Management
Cryptographic Applications
Use of Proven Technologies
Cipher Suites
Secret Algorithms
Key Exchange
Key Escrow
Session Keys
Ephemeral Keys
Key Stretching
Transport Encryption
TLS v1.3
Data in Transit/Motion
Data at Rest
Data in Use/Processing
Implementation vs. Algorithm Selection
Common Use Cases
HMAC
S/MIME
IETF S/MIME History
IETF S/MIME v3 Specifications
PGP
How PGP Works
Steganography
Secure Protocols
DNSSEC
SSH
S/MIME
SRTP
LDAPS
FTPS
SFTP
SNMPv3
TLS
HTTPS
Secure POP/IMAP
IPSec
Secure Protocol Use Cases
Voice and Video
Time Synchronization
E-mail and Web
File Transfer
Directory Services
Remote Access
Domain Name Resolution
Routing and Switching
Network Address Allocation
Subscription Services
Cryptographic Attacks
Birthday
Known Plaintext/Ciphertext
Chosen Cipher Text Attack
Weak Implementations
Meet-in-the-Middle Attacks
Replay
Downgrade
Collision
Password Attacks
Other Standards
FIPS
Common Criteria
ISO/IEC 27002 (Formerly ISO 17799)
Chapter 6 Review
Chapter 7 Public Key Infrastructure
The Basics of Public Key Infrastructures
Certificate Authorities
Registration Authorities
Local Registration Authorities
Public Certificate Authorities
In-house Certificate Authorities
Choosing Between a Public CA and an In-house CA
Outsourced Certificate Authorities
Online vs. Offline CA
Stapling
Pinning
Trust Models
Certificate Chaining
Hierarchical Trust Model
Peer-to-Peer Model
Hybrid Trust Model
Walking the Certificate Path
Digital Certificates
Certificate Classes
Certificate Extensions
Certificate Attributes
Certificate Formats
Certificate Lifecycles
Registration and Generation
CSR
Renewal
Suspension
Certificate Revocation
Key Destruction
Certificate Repositories
Sharing Key Stores
Trust and Certificate Verification
Centralized and Decentralized Infrastructures
Hardware Security Modules
Private Key Protection
Key Recovery
Key Escrow
Certificate-Based Threats
Stolen Certificates
PKIX and PKCS
PKIX Standards
PKCS
Why You Need to Know the PKIX and PKCS Standards
ISAKMP
CMP
XKMS
CEP
Chapter 7 Review
Chapter 8 Physical Security
The Security Problem
Physical Security Safeguards
Walls and Guards
Lights and Signage
Physical Access Controls and Monitoring
Electronic Access Control Systems
Policies and Procedures
Environmental Controls
Hot and Cold Aisles
Fire Suppression
Water-Based Fire Suppression Systems
Halon-Based Fire Suppression Systems
Clean-Agent Fire Suppression Systems
Handheld Fire Extinguishers
Fire Detection Devices
Electromagnetic Environment
Power Protection
UPS
Backup Power and Cable Shielding
Generator
Dual Supply
Managed Power Distribution Units (PDUs)
Drones/UAVs
Chapter 8 Review
Chapter 9 Network Fundamentals
Network Architectures
Network Topology
Wireless
Ad Hoc
Segregation/Segmentation/Isolation
Physical Separation
Enclaves
Logical (VLAN)
Virtualization
Airgaps
Zones and Conduits
Zero Trust
Security Zones
DMZ
Internet
East-West Traffic
Intranet
Extranet
Wireless
Guest
Honeynets
Flat Networks
Network Protocols
Protocols
Packets
Internet Protocol
IP Packets
TCP vs. UDP
ICMP
IPv4 vs. IPv6
Expanded Address Space
Neighbor Discovery
Benefits of IPv6
Packet Delivery
Ethernet
Local Packet Delivery
ARP Attacks
Remote Packet Delivery
IP Addresses and Subnetting
Network Address Translation
Inter-Networking
MPLS
Software-Defined Networking (SDN)
Software-Defined Visibility (SDV)
Quality of Service (QoS)
Traffic Engineering
Route Security
For More Information
Chapter 9 Review
Chapter 10 Infrastructure Security
Devices
Workstations
Servers
Mobile Devices
Device Security, Common Concerns
Network-Attached Storage
Removable Storage
Virtualization
Hypervisor
Application Cells/Containers
VM Sprawl Avoidance
VM Escape Protection
Snapshots
Patch Compatibility
Host Availability/Elasticity
Security Control Testing
Sandboxing
Networking
Network Interface Cards
Hubs
Bridges
Switches
Port Security
Routers
Security Devices
Firewalls
VPN Concentrator
Wireless Devices
Modems
Telephony
Intrusion Detection Systems
Network Access Control
Network Monitoring/Diagnostic
Load Balancers
Proxies
Web Security Gateways
Internet Content Filters
Data Loss Prevention
Unified Threat Management
Security Device/Technology Placement
Sensors
Collectors
TAPs and Port Mirror
Correlation Engines
Filters
SSL Accelerators
DDoS Mitigator
Aggregation Switches
Tunneling/VPN
Site-to-Site
Remote Access
Storage Area Networks
iSCSI
Fibre Channel
FCoE
Media
Coaxial Cable
UTP/STP
Fiber
Unguided Media
Removable Media
Magnetic Media
Optical Media
Electronic Media
Security Concerns for Transmission Media
Physical Security Concerns
Chapter 10 Review
Chapter 11 Authentication and Remote Access
User, Group, and Role Management
User
Shared and Generic Accounts/Credentials
Guest Accounts
Service Accounts
Privileged Accounts
Group
Role
Account Policies
Account Policy Enforcement
Domain Passwords
Single Sign-On
Credential Management
Group Policy
Standard Naming Convention
Account Maintenance
Usage Auditing and Review
Account Audits
Time-of-Day Restrictions
Impossible Travel Time/Risky Login
Account Expiration
Privileged Access Management
Authorization
Access Control
Security Controls and Permissions
Access Control Lists (ACLs)
Mandatory Access Control (MAC)
Discretionary Access Control (DAC)
Role-Based Access Control (RBAC)
Rule-Based Access Control
Attribute-Based Access Control (ABAC)
Conditional Access
Identity
Identity Provider (IdP)
Identity Attributes
Certificates
Identity Tokens
SSH Keys
Smart Cards
Authentication Methods
Authentication
Directory Services
Federation
Attestation
Transitive Trust
Technologies
Biometric Factors
Fingerprint Scanner
Retinal Scanner
Iris Scanner
Voice Recognition
Facial Recognition
Vein
Gait Analysis
Biometric Efficacy Rates
False Positives and False Negatives
False Acceptance Rate
False Rejection Rate
Crossover Error Rate
Biometrics Calculation Example
Multifactor Authentication
Factors
Attributes
Remote Access
IEEE 802.1X
LDAP
RADIUS
TACACS+
Authentication Protocols
FTP/FTPS/SFTP
VPNs
Vulnerabilities of Remote Access Methods
Preventing Data Loss or Theft
Database Security
Cloud vs. On-premises Requirements
Connection Summary
For More Information
Chapter 11 Review
Chapter 12 Wireless Security and Mobile Devices
Connection Methods and Receivers
Cellular
Wi-Fi
Bluetooth
NFC
Infrared
USB
Point-to-Point
Point-to-Multipoint
Global Positioning System (GPS)
RFID
SATCOM
Wireless Protocols
802.11: Individual Standards
WEP
Current Security Methods
Authentication Protocols
Wireless Systems Configuration
Access Point
SSID
Fat vs. Thin
Controller Based vs. Standalone
Signal Strength
Band Selection/Width
Antenna Types and Placement
Power-Level Controls
Wi-Fi Analyzers
Channel Overlays
Wireless Access Point (WAP) Placement
Site Surveys
Heat Maps
Controller and Access Point Security
MAC Filtering
Captive Portals
Securing Public Wi-Fi
Wireless Attacks
Attacking 802.11
Replay
IV
Evil Twin
Rogue AP
Jamming
Bluetooth Attacks
Bluejacking
Bluesnarfing
Bluebugging
RFID
Disassociation
Mobile Device Management Concepts
Application Management
Full Device Encryption (FDE)
Content Management
Remote Wipe
Geofencing
Geolocation
Geo-Tagging
Screen Locks
Push Notification Services
Passwords and PINs
Biometrics
Context-Aware Authentication
Containerization
Storage Segmentation
Asset Control
Device Access Control
Removable Storage
Disabling Unused Features
Mobile Application Security
Application Control
Key and Credential Management
Authentication
Application Whitelisting
Encryption
Transitive Trust/Authentication
Mobile Devices
MicroSD Hardware Security Module (HSM)
MDM/Unified Endpoint Management (UEM)
Mobile Application Management (MAM)
SEAndroid/SELinux
Policies for Enforcement and Monitoring
Third-party App Stores
Rooting/Jailbreaking
Sideloading
Custom Firmware
Carrier Unlocking
Firmware OTA Updates
Camera Use
SMS/MMS/RCS
External Media
USB On-The-Go (USB OTG)
Recording Microphone
GPS Tagging
Wi-Fi Direct/Ad Hoc
Tethering
Hotspot
Payment Methods
Deployment Models
CYOD
COPE
Corporate-Owned
BYOD
Virtual Desktop Infrastructure (VDI)

People also search for Principles of Computer Security: CompTIA Security+ and Beyond Lab Manual (Exam SY0-601) 1st:

basic principles of computer security
    
core principles of computer security
    
fundamental principles of computer security
    
principles of computer security comptia security+ and beyond
    
key principles of computer security

Tags:

Principles,Computer Security,CompTIA Security,Lab Manual,Jonathan Weissman