Transcription
CompTIASecurity SY0-601Exam Cram Marty M. WeissPearson221 River StreetHoboken, NJ 07030 USA
CompTIA Security SY0-601 Exam CramCopyright 2021 by Pearson Education, Inc.Editor-in-ChiefMark TaubAll rights reserved. This publication is protected by copyright, andpermission must be obtained from the publisher prior to any prohibitedreproduction, storage in a retrieval system, or transmission in any form orby any means, electronic, mechanical, photocopying, recording, or likewise.For information regarding permissions, request forms, and the appropriatecontacts within the Pearson Education Global Rights & PermissionsDepartment, please visit www.pearson.com/permissions.Director,ITP ProductManagementBrett BartowNo patent liability is assumed with respect to the use of the informationcontained herein. Although every precaution has been taken in thepreparation of this book, the publisher and author assume no responsibilityfor errors or omissions. Nor is any liability assumed for damages resultingfrom the use of the information contained herein.DevelopmentEditorEllie C. BruISBN-13: 978-0-13-679867-5ISBN-10: 0-13-679867-5Library of Congress Control Number: 2020914528ScoutAutomatedPrintCodeTrademarksAll terms mentioned in this book that are known to be trademarks or servicemarks have been appropriately capitalized. Pearson IT Certification cannotattest to the accuracy of this information. Use of a term in this book shouldnot be regarded as affecting the validity of any trademark or service mark.Warning and DisclaimerEvery effort has been made to make this book as complete and as accurateas possible, but no warranty or fitness is implied. The information providedis on an “as is” basis. The author and the publisher shall have neitherliability nor responsibility to any person or entity with respect to any loss ordamages arising from the information contained in this book.Special SalesFor information about buying this title in bulk quantities, or for special salesopportunities (which may include electronic versions; custom cover designs;and content particular to your business, training goals, marketing focus,or branding interests), please contact our corporate sales department atcorpsales@pearsoned.com or (800) 382-3419.For government sales inquiries, please contactgovernmentsales@ pearsoned.com.For questions about sales outside the U.S., please contactintlcs@pearson.com.Executive EditorNancy DavisManaging EditorSandra SchroederProject EditorMandie FrankCopy EditorKitty WilsonIndexerKen JohnsonProofreaderDonna MulderTechnical EditorChristopherCraytonPublishingCoordinatorCindy TeetersDesignerChuti PrasertsithCompositorcodeMantra
CreditsFigure NumberAttribution/CreditFigure 2-1 Screenshot of an example of what user’s see whenthey were infected with ransomware WannaCryFigure 5-1 Screenshot of an example of an interactive threat map 2018 AO Kaspersky LabFigure 10-4 Screenshot of The AWS Management Console 2020, Amazon Web Services, Inc.Figure 12-1Courtesy of Apple, Inc.Figure 23-1 Screenshot of Windows local security policysettings for the account lockout policy Microsoft2020Figure 23-2 Screenshot of Windows local security policysettings for the password policy Microsoft 2020Figure 24-1 Screenshot of Standard Microsoft Windows filepermissions Microsoft 2020Figure 25-1 Screenshot of details of a digital certificate 2020Apple Inc.Figure 26-1 Screenshot of using a command-line interface toaccess a remote computer by using SSH 2020Apple, Inc.Figure 26-2 Screenshot of using the cURL command to returnthe source code of a web page 2020 Apple, Inc.Figure 26-3 Screenshot of using the ping command-line utility 2020 Apple, Inc.Figure 28-1 Screenshot of an example of a SIEM system security dashboard security information and eventmanagementFigure 28-2 Screenshot of Microsoft Windows Event ViewerSecurity log Microsoft 2020Figure 28-3 Screenshot of Activity Monitor for macOS 2020Apple, Inc.
Contents at a GlanceIntroductionPart I: Attacks, Threats, and Vulnerabilitiesxxvii1CHAPTER 1Social Engineering TechniquesCHAPTER 2Attack Basics15CHAPTER 3Application Attacks35CHAPTER 4Network Attacks53CHAPTER 5Threat Actors, Vectors, and Intelligence Sources73CHAPTER 6Vulnerabilities89CHAPTER 7Security Assessment Techniques99CHAPTER 8Penetration Testing TechniquesPart II: Architecture and Design3111121Enterprise Security Concepts123CHAPTER 10Virtualization and Cloud Computing145CHAPTER 11Secure Application Development, Deployment, andAutomation165CHAPTER 12Authentication and Authorization Design189CHAPTER 13Cybersecurity Resilience205CHAPTER 14Embedded and Specialized Systems225CHAPTER 15Physical Security Controls239CHAPTER 16Cryptographic Concepts261CHAPTER 9Part III: Implementation279CHAPTER 17Secure Protocols281CHAPTER 18Host and Application Security Solutions307CHAPTER 19Secure Network Design339CHAPTER 20Wireless Security Settings371CHAPTER 21Secure Mobile Solutions389CHAPTER 22Cloud Cybersecurity Solutions421CHAPTER 23Identity and Account Management Controls433
vContents at a GlanceCHAPTER 24Authentication and Authorization Solutions449CHAPTER 25Public Key Infrastructure473Part IV: Operations and Incident Response491CHAPTER 26Organizational Security493CHAPTER 27Incident Response509CHAPTER 28Incident Investigation529CHAPTER 29Incident Mitigation541CHAPTER 30Digital Forensics551Part V: Governance, Risk, and Compliance567CHAPTER 31Control Types569CHAPTER 32Regulations, Standards, and Frameworks575CHAPTER 33Organizational Security Policies583CHAPTER 34Risk Management597CHAPTER 35Sensitive Data and Privacy613Glossary of Essential Terms and Components625Index655
Table of ContentsIntroduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxviiPart I: Attacks, Threats, and Vulnerabilities1CHAPTER 1:Social Engineering Techniques. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .The Social Engineer. . . . . . . . . . . . . . . . . . . . . .Tailgating. . . . . . . . . . . . . . . . . . . . . . . . .Dumpster Diving. . . . . . . . . . . . . . . . . . . .Shoulder Surfing. . . . . . . . . . . . . . . . . . . .Phishing and Related Attacks. . . . . . . . . . . . . . . .Watering Hole Attacks. . . . . . . . . . . . . . . .Typo Squatting. . . . . . . . . . . . . . . . . . . . .Hoaxes and Influence Campaigns. . . . . . . . .Principles of Influence (Reasons for Effectiveness).What Next?. . . . . . . . . . . . . . . . . . . . . . . . . . . .3. 4. 5. 5. 6. 6. 9. 9. . . . . . . . . . . . . . . 10. . . . . . . . . . . . . . . 10. . . . . . . . . . . . . . . 14CHAPTER 2:Attack Basics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15Malware. . . . . . . . . . . . . . . . . . . . . . . . . . .Viruses. . . . . . . . . . . . . . . . . . . . . . . .Worms. . . . . . . . . . . . . . . . . . . . . . . .Trojan. . . . . . . . . . . . . . . . . . . . . . . .Rootkits. . . . . . . . . . . . . . . . . . . . . . .Logic Bombs. . . . . . . . . . . . . . . . . . . .Bots. . . . . . . . . . . . . . . . . . . . . . . . . .Crypto-Malware. . . . . . . . . . . . . . . . .Potentially Unwanted Programs (PUPs).Spyware. . . . . . . . . . . . . . . . . . .Adware. . . . . . . . . . . . . . . . . . . .Cryptomining Software. . . . . . . .Physical Attacks. . . . . . . . . . . . . . . . . . . . . .Adversarial Artificial Intelligence (AI). . . . . . .Password Attacks. . . . . . . . . . . . . . . . . . . . .Birthday Attacks. . . . . . . . . . . . . . . . . .Downgrade Attacks. . . . . . . . . . . . . . . . . . .What Next?. . . . . . . . . . . . . . . . . . . . . . . . .161719192022222325252526262728303134
viiTable of ContentsCHAPTER 3:Application Attacks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35Race Conditions. . . . . . . . . . . . . . . . . . . . . . . . .Improper Software Handling. . . . . . . . . . . . . . . .Resource Exhaustion. . . . . . . . . . . . . . . . . . . . .Overflows. . . . . . . . . . . . . . . . . . . . . . . . . . . . .Code Injections. . . . . . . . . . . . . . . . . . . . . . . . .Driver Manipulation. . . . . . . . . . . . . . . . . . . . . .Request Forgeries. . . . . . . . . . . . . . . . . . . . . . . .Directory Traversal. . . . . . . . . . . . . . . . . . . . . . .Replay Attack. . . . . . . . . . . . . . . . . . . . . . . . . . .Secure Sockets Layer (SSL) Stripping. . . . . . . . . .Application Programming Interface (API) Attacks. .Pass-the-Hash Attack. . . . . . . . . . . . . . . . . . . . .What Next?. . . . . . . . . . . . . . . . . . . . . . . . . . . .36373738394041444545474952CHAPTER 4:Network Attacks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53Wireless. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Short-Range Wireless Communications. . . . . . .Bluetooth. . . . . . . . . . . . . . . . . . . . . . . .Near-Field Communication. . . . . . . . . . .RFID. . . . . . . . . . . . . . . . . . . . . . . . . . .On-Path Attack. . . . . . . . . . . . . . . . . . . . . . . . . . . .Layer 2 Attacks. . . . . . . . . . . . . . . . . . . . . . . . . . . .MAC Spoofing. . . . . . . . . . . . . . . . . . . . . . . .ARP Poisoning. . . . . . . . . . . . . . . . . . . . . . . .MAC Flooding. . . . . . . . . . . . . . . . . . . . . . . .Port Stealing. . . . . . . . . . . . . . . . . . . . . . . . . .Domain Name System (DNS) Attacks. . . . . . . . . . . . .Domain Hijacking. . . . . . . . . . . . . . . . . . . . . .Universal Resource Locator (URL) Redirection. .DNS Poisoning. . . . . . . . . . . . . . . . . . . . . . . .Denial of Service. . . . . . . . . . . . . . . . . . . . . . . . . . .Distributed DoS. . . . . . . . . . . . . . . . . . . . . . .Malicious Code and Script Execution. . . . . . . . . . . . .What Next?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54565657575859606061616262626364666871
viiiCompTIA Security SY0-601 Exam CramCHAPTER 5:Threat Actors, Vectors, and Intelligence Sources. . . . . . . . . . . . . . . . . . . 73Threat Actor Attributes. . . . . . . . . . . . . .Threat Actor Types. . . . . . . . . . . . . . . . .Script Kiddies. . . . . . . . . . . . . . . .Insiders. . . . . . . . . . . . . . . . . . . . .Hacktivists. . . . . . . . . . . . . . . . . .Criminal Syndicates. . . . . . . . . . . .Competitors. . . . . . . . . . . . . . . . .State Actors. . . . . . . . . . . . . . . . . .Vectors. . . . . . . . . . . . . . . . . . . . . . . . .Threat Intelligence and Research Sources.Sharing Centers. . . . . . . . . . . . . . .Open-Source Intelligence. . . . . . . .What Next?. . . . . . . . . . . . . . . . . . . . . .74757677787878798081818287CHAPTER 6:Vulnerabilities. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89Cloud-Based vs. On-Premises. . . . . . . . . . .Zero-Day. . . . . . . . . . . . . . . . . . . . . . . . .Weak Configurations. . . . . . . . . . . . . . . . .Improper or Weak Patch Management.Third-Party Risks. . . . . . . . . . . . . . . . . . . .Impacts. . . . . . . . . . . . . . . . . . . . . . . . . . .What Next?. . . . . . . . . . . . . . . . . . . . . . . .90909194959698CHAPTER 7:Security Assessment Techniques. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99Vulnerability Scans. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Intrusive vs. Non-Intrusive. . . . . . . . . . . . . . . . . . . . . . . .Credentialed vs. Non-Credentialed. . . . . . . . . . . . . . . . . .Threat Assessment. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Security Information and Event Management (SIEM). . . . .Threat Hunting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Security Orchestration, Automation, and Response (SOAR). .What Next?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100102103103104107108110
ixTable of ContentsCHAPTER 8:Penetration Testing Techniques. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111Testing Methodology.Planning. . . . . .Discovery. . . . .Attack. . . . . . . .Reporting. . . . .Team Exercises. . . . .What Next?. . . . . . . .Part II: Architecture and Design112115115117118118120121CHAPTER 9:Enterprise Security Concepts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123Configuration Management. . . . . . . . . . . . . . .Data Confidentiality. . . . . . . . . . . . . . . . . . . .Data Loss Prevention. . . . . . . . . . . . . . .Cloud Access Security Brokers. . . . .Encryption and Data Obfuscation. . . . . .Rights Management. . . . . . . . . . . .Hardware Security Module (HSM).Encrypted Traffic Management. . . .Data Integrity. . . . . . . . . . . . . . . . . . . .Data Availability. . . . . . . . . . . . . . . . . .Site Resiliency. . . . . . . . . . . . . . . .Geographic Considerations. . . . . . .Deception and Disruption. . . . . . . . . . . . . . . .What Next?. . . . . . . . . . . . . . . . . . . . . . . . . .124126127128129132133134135136137138139143CHAPTER 10:Virtualization and Cloud Computing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145Virtualization. . . . . . . . . . . . . . . . . . . . . . . . .Hypervisors. . . . . . . . . . . . . . . . . . . . . .Type I Hypervisors. . . . . . . . . . . .Type II Hypervisors. . . . . . . . . . . .Type I vs. Type II Hypervisors. . . . .Containers and Microservices. . . . . . . . .Virtual Desktop Infrastructure (VDI). . . .Virtual Machine (VM) Sprawl Avoidance. .VM Escape Protection. . . . . . . . . . . . . .145146146147147148150151151
xCompTIA Security SY0-601 Exam CramSoftware-Defined Networking (SDN).Infrastructure as Code (IaC). . . . . . . .On-Premises vs. Off-Premises. . . . . . . . . . .Cloud Models. . . . . . . . . . . . . . . . . . . . . .Service Models. . . . . . . . . . . . . . . . .IaaS. . . . . . . . . . . . . . . . . . . . .PaaS. . . . . . . . . . . . . . . . . . . .SaaS. . . . . . . . . . . . . . . . . . . . .Deployment Models. . . . . . . . . . . . . .Private. . . . . . . . . . . . . . . . . . .Public. . . . . . . . . . . . . . . . . . .Hybrid. . . . . . . . . . . . . . . . . . .Community. . . . . . . . . . . . . . .What Next?. . . . . . . . . . . . . . . . . . . . . . . .152153154155156158159159161161161162162164CHAPTER 11:Secure Application Development, Deployment, and Automation. . . . . . . . 165Application Environment. . . . . . . . . . . . . . . . . . . . . . . .Development and Testing. . . . . . . . . . . . . . . . . . . .Staging and Production. . . . . . . . . . . . . . . . . . . . .Provisioning and Deprovisioning. . . . . . . . . . . . . . .Integrity Measurement. . . . . . . . . . . . . . . . . . . . . . . . . .Change Management and Version Control. . . . . . . . . . . .Secure Coding Techniques. . . . . . . . . . . . . . . . . . . . . . .Normalization. . . . . . . . . . . . . . . . . . . . . . . . . . . .Stored Procedures. . . . . . . . . . . . . . . . . . . . . . . . .Encryption, Obfuscation, and Camouflage. . . . . . . . .Code Reuse and Dead Code. . . . . . . . . . . . . . . . . .Use of Third-Party Libraries and SDKs. . . . . . . . . .Server-Side vs. Client-Side Execution and Validation.Data Exposure. . . . . . . . . . . . . . . . . . . . . . . . . . . .Proper Error Handling. . . . . . . . . . . . . . . . . .Proper Input Validation. . . . . . . . . . . . . . . . .Code Signing. . . . . . . . . . . . . . . . . . . . . . . .Memory Management. . . . . . . . . . . . . . . . . .Automation and Scripting. . . . . . . . . . . . . . . . . . . . . . . .Secure DevOps. . . . . . . . . . . . . . . . . . . . . . . . . . .Scalability and Elasticity. . . . . . . . . . . . . . . . . . . . . . . . .What Next?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78179180181184187
xiTable of ContentsCHAPTER 12:Authentication and Authorization Design. . . . . . . . . . . . . . . . . . . . . . . . . 189Identification and Authentication, Authorization, andAccounting (AAA). . . . . . . . . . . . . . . . . . . . . . . .Multifactor Authentication. . . . . . . . . . . . . . . . . . .Single Sign-on. . . . . . . . . . . . . . . . . . . . . . . . . . . .Federation. . . . . . . . . . . . . . . . . . . . . . . . . .Transitive Trust. . . . . . . . . . . . . . . . . . . . . . .Authentication Technologies. . . . . . . . . . . . . . . . . .Tokens. . . . . . . . . . . . . . . . . . . . . . . . . . . . .Biometrics. . . . . . . . . . . . . . . . . . . . . . . . . . .Card Authentication. . . . . . . . . . . . . . . . . . . .Certificate-Based Authentication. . . . . . . . . . .What Next?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .189190192193194195195198200201204CHAPTER 13:Cybersecurity Resilience. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205Redundancy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .High Availability. . . . . . . . . . . . . . . . . . . . . . . . . .Load Balancers. . . . . . . . . . . . . . . . . . . . . . . . . . .NIC Teaming. . . . . . . . . . . . . . . . . . . . . . . .RAID. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Backups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Full Backups. . . . . . . . . . . . . . . . . . . . . . . . . . . . .Differential Backups. . . . . . . . . . . . . . . . . . . . . . . .Incremental Backups. . . . . . . . . . . . . . . . . . . . . . .Copies and Snapshots. . . . . . . . . . . . . . . . . . . . . . .Non-persistence. . . . . . . . . . . . . . . . . . . . . . . . . .Revert to Known State or Good Configuration.Live Boot Media. . . . . . . . . . . . . . . . . . . . . .Defense in Depth. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .What Next?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . TER 14:Embedded and Specialized Systems. . . . . . . . . . . . . . . . . . . . . . . . . . . . 225Embedded Systems. . . . . . . . . . . . . . . . . . . . . . . . . .SoC and RTOS. . . . . . . . . . . . . . . . . . . . . . . .SCADA and ICS. . . . . . . . . . . . . . . . . . . . . . . . . . .Smart Devices and IoT. . . . . . . . . . . . . . . . . . . . . . .Heating, Ventilation, Air Conditioning (HVAC). .225226227229231
xiiCompTIA Security SY0-601 Exam CramMultifunction Devices. .Surveillance Systems. . .Special-Purpose Devices.Medical Devices. .Vehicles. . . . . . . .Aircraft and UAV. .Resource Constraints. . .What Next?. . . . . . . . . . . . . .232233233233234235236238CHAPTER 15:Physical Security Controls. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239Perimeter Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Signs, Fencing, and Gates. . . . . . . . . . . . . . . . . . . . . . . . . . .Lighting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Barricades and Bollards. . . . . . . . . . . . . . . . . . . . . . . . . . . . .Cameras. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Security Guards. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Internal Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Alarms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Motion and Infrared Detection. . . . . . . . . . . . . . . . . . . . . . .Access Control Vestibules. . . . . . . . . . . . . . . . . . . . . . . . . . .Locks and Lock Types. . . . . . . . . . . . . . . . . . . . . . . . . . . . .Equipment Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Cable Locks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Cages and Safes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Locking Cabinets and Enclosures. . . . . . . . . . . . . . . . . . . . . .Screen Filters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Air Gaps. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Environmental Controls. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Protected Cabling, Protected Distribution, and Faraday Cages.HVAC. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Fire Suppression. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Hot and Cold Aisles. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Secure Data Destruction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .What Next?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48249249251252254255259CHAPTER 16:Cryptographic Concepts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261Cryptosystems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262
xiiiTable of ContentsKeys. . . . . . . . . . . . . . . . . . . . . . . . . . . . .Key Exchange. . . . . . . . . . . . . . . . . .Symmetric Algorithms. . . . . . . . . . . . . . . .Asymmetric Algorithms. . . . . . . . . . . . . . .Elliptic Curve and Emerging Cryptography.Session Keys. . . . . . . . . . . . . . . . . . . . . . .Nonrepudiation and Digital Signatures. . . . .Hashing. . . . . . . . . . . . . . . . . . . . . . . . . .Use of Proven Technologies and Implementation. .Steganography. . . . . . . . . . . . . . . . . . . . . . . . . .Cryptography Use Cases. . . . . . . . . . . . . . . . . . .Cryptography Constraints. . . . . . . . . . . . . . . . . .What Next?. . . . . . . . . . . . . . . . . . . . . . . . . . . .Part III: 277279CHAPTER 17:Secure Protocols. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281Secure Web Protocols. . . . . . . . . . . . . . . . . . . . . . . . . . . .Internet Protocol Security (IPsec). . . . . . . . . . . . . . .Secure File Transfer Protocols. . . . . . . . . . . . . . . . . . . . . .Secure Email Protocols. . . . . . . . . . . . . . . . . . . . . . . . . . .Secure Internet Protocols. . . . . . . . . . . . . . . . . . . . . . . . .Lightweight Directory Access Protocol (LDAP). . . . . .Secure Real-Time Transport Protocol (SRTP). . . . . . .Simple Network Management Protocol (SNMP). . . . .Secure Protocol Use Cases. . . . . . . . . . . . . . . . . . . . . . . .Secure Web Communication. . . . . . . . . . . . . . . . . . .Using HTTPS for Web Communications. . . . . .Using SSL/TLS for Remote Access. . . . . . . . . .Using DNSSEC for Domain Name Resolution. .Secure File Transfer Communication. . . . . . . . . . . . .Using FTPS and SFTP for File Transfer. . . . . .Secure Email Communications. . . . . . . . . . . . . . . . .Using S/MIME, POP3S, and IMAPS for Email. .Securing Internal Communications. . . . . . . . . . . . . .Using SRTP for Voice and Video. . . . . . . . . . . .Using LDAPS for Directory Services. . . . . . . . .Using SNMPv3 with Routing and Switching. . . 96297297298298
xivCompTIA Security SY0-601 Exam CramUsing Network Address Allocation. .Using Time Synchronization. . . . . .Using Subscription Services. . . . . .What Next?. . . . . . . . . . . . . . . . . . . . . . . . . .299302303305CHAPTER 18:Host and Application Security Solutions. . . . . . . . . . . . . . . . . . . . . . . . . . 307Endpoint Protection. . . . . . . . . . . . . . . . . . . . . . . . .Firewalls and HIPS/HIDS Solutions. . . . . . . . .Anti-Malware and Other Host Protections. . . . .Endpoint Detection and Response (EDR). .Data Execution Prevention (DEP). . . . . . .Data Loss Prevention (DLP). . . . . . . . . . .Removable Media Control. . . . . . . . . . . .Application Allow/Block Lists. . . . . . . . . . . . . .Web Application Firewall. . . . . . . . . . . . . . . . .Application Security. . . . . . . . . . . . . . . . . . . . . . . . .Code Analyzers. . . . . . . . . . . . . . . . . . . . . . . .Static Code Analyzers. . . . . . . . . . . . . . . .Dynamic Analysis. . . . . . . . . . . . . . . . . .Stress Testing. . . . . . . . . . . . . . . . . . . . . . . . .Application Sandboxing. . . . . . . . . . . . . . . . . .Hardware and Firmware Security. . . . . . . . . . . . . . . .FDE and SED. . . . . . . . . . . . . . . . . . . . . . . . .TPM and HSM. . . . . . . . . . . . . . . . . . . . . . . .Boot Integrity. . . . . . . . . . . . . . . . . . . . . . . . .Boot Attestation. . . . . . . . . . . . . . . . . . . . . . . .Hardware Root of Trust. . . . . . . . . . . . . . . . . .Operating System Security. . . . . . . . . . . . . . . . . . . .Patch Management. . . . . . . . . . . . . . . . . . . . .Disabling Unnecessary Ports and Services. . . . . .Least Functionality. . . . . . . . . . . . . . . . . . . . .Secure Configurations. . . . . . . . . . . . . . . . . . .Trusted Operating System. . . . . . . . . . . . . . . . .What Next?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22324326328329330331332335335336338CHAPTER 19:Secure Network Design. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339Network Devices and Segmentation. . . . . . . . . . . . . . . . . . . . . . . . . . 340
xvTable of ContentsRouters. . . . . . . . . . . . . . . . . . . . . . . . . .Network Address Translation (NAT).Switches. . . . . . . . . . . . . . . . . . . . . . . . .Port Security. . . . . . . . . . . . . . . . . .Virtual Local Area Network (VLAN). . . . .Bridges. . . . . . . . . . . . . . . . . . . . . . . . . .Security Devices and Boundaries. . . . . . . . . . . .Screened Subnet. . . . . . . . . . . . . . . . . . .Web Application Firewalls. . . . . . . . . . . . .Proxies. . . . . . . . . . . . . . . . . . . . . . . . . .Unified Threat Management (UTM). . . . .VPN Concentrators. . . . . . . . . . . . . . . . .NIDS and NIPS. . . . . . . . . . . . . . . . . . .Detection Methods. . . . . . . . . . . . .Analytics. . . . . . . . . . . . . . . . . . . . .Netwo
CompTIA Security SY0-601 Exam Cram Mart
