Home > Store

CompTIA Network+ Certification Study Guide, Seventh Edition (Exam N10-007) Glen Clarke on Amazon.com.FREE. shipping on qualifying offers. Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality. The CompTIA Network+ certification is an internationally recognized validation of the technical knowledge required of foundation-level IT network practitioners. Test Purpose: This exam will certify the successful candidate has the knowledge and skills required to troubleshoot, configure, and manage common network devices; establish basic network.

Register your product to gain access to bonus material or receive a coupon.

• By Diane Barrett, Martin M. Weiss
• Published Dec 26, 2017 by Pearson IT Certification. Part of the Exam Cram series.

Best Value Purchase

Book + eBook Bundle

• Your Price: $51.74
• List Price: $89.98

The Premium Edition eBook and Practice Test is a digital-only certification preparation product combining an eBook with enhanced Pearson IT Certification Practice Tests. Click on the 'Premium Edition' tab (on the left side of this page) to learn more about this product.

Your purchase will deliver:

• Link to download the enhanced Pearson IT Certification Practice Test exam engine
• Access code for question database
• eBook in the following formats, accessible from your Account page after purchase:

EPUBThe open industry format known for its reflowable content and usability on supported mobile devices.

MOBIThe eBook format compatible with the Amazon Kindle and Amazon Kindle applications.

PDFThe popular standard, used most often with the free Adobe® Reader® software.

The eBooks require no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

More Purchase Options

Book

• Your Price: $35.99
• List Price: $44.99
• Usually ships in 24 hours.

Premium Edition eBook

• Your Price: $35.99
• List Price: $44.99

The Premium Edition eBook and Practice Test is a digital-only certification preparation product combining an eBook with enhanced Pearson IT Certification Practice Tests. Click on the 'Premium Edition' tab (on the left side of this page) to learn more about this product.

Your purchase will deliver:

• Link to download the enhanced Pearson IT Certification Practice Test exam engine
• Access code for question database
• eBook in the following formats, accessible from your Account page after purchase:

EPUBThe open industry format known for its reflowable content and usability on supported mobile devices.

MOBIThe eBook format compatible with the Amazon Kindle and Amazon Kindle applications.

PDFThe popular standard, used most often with the free Adobe® Reader® software.

The eBooks require no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

About

Features

• Fully reflects major changes in the new 2017 Security+ exam - including more how-to help, and more coverage of security scenerios
• Designed to help candidates rapidly assess where they stand - and quickly master what they need to learn
• Includes test-taking strategies, time-saving tips, Exam Notes, and two practice exams



Description

• Copyright 2018
• Dimensions: 6' x 9'
• Pages: 720
• Edition: 5th

• Book
• ISBN-10: 0-7897-5900-4
• ISBN-13: 978-0-7897-5900-9

CompTIA Security+ SY0-501 Exam Cram, Fifth Edition, is the perfect study guide to help you pass CompTIA’s newly updated version of the Security+ exam. It provides coverage and practice questions for every exam topic. The book contains a set of 150 questions. The powerful Pearson Test Prep practice test software provides real-time practice and feedback with all the questions so you can simulate the exam.

Covers the critical information you need to know to score higher on your Security+ exam!

· Analyze indicators of compromise and determine types of attacks, threats, and risks to systems

· Minimize the impact associated with types of attacks and vulnerabilities

· Secure devices, communications, and network infrastructure

· Effectively manage risks associated with a global business environment

· Differentiate between control methods used to secure the physical domain

· Identify solutions for the implementation of secure network architecture

· Compare techniques for secure application development and deployment

· Determine relevant identity and access management procedures

· Implement security policies, plans, and procedures related to organizational security

· Apply principles of cryptography and effectively deploy related solutions



Premium Edition

CompTIA's Security+ is the #1 international vendor-neutral baseline security certification. In 2017, CompTIA is releasing a thoroughly revised certification exam. CompTIA Security+ Exam Cram, Fifth Edition has been thoroughly updated to prepare candidates for the new exam, using the proven Exam Cram method of study.

As with all Exam Cram books, it includes:

• Chapters that map directly to the exam objectives
• Comprehensive foundational learning on all topics covered on the exam
• An extensive collection of practice questions
• Access to the Pearson Test Prep practice test software that provides real-time practice and feedback, online or offline
• The Cram Sheet tear-out card including tips, acronyms, and memory joggers not available anywhere else - perfect for last-minute study

Topics covered in this book range from identifying threats, attacks, and vulnerabilities to implementing the correct tools and technologies to defend against these vectors; cryptography concepts and deployment techniques to identity and access management; security architecture and design principles to risk management. This book brings together all the knowledge professionals need to walk into the exam room with confidence - and pass their Security+ exams with flying colors.

About the Premium Edition Practice Test

This Premium Edition contains an enhanced version of the Pearson IT Certification Practice Test (PCPT) software with more than 300 practice test questions. In addition, it contains all the chapter-opening assessment questions from the book. This integrated learning package
--Enables you to focus on individual topic areas or take complete, timed exams
--Includes direct links from each question to detailed tutorials to help you understand the concepts behind the questions
--Provides unique sets of exam-realistic practice questions
--Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most
Pearson IT Certification Practice Test minimum system requirements:
Windows XP (SP3), Windows Vista (SP2), Windows 7, or Windows 8.1 (desktop UI only); Microsoft .NET Framework 4.0 Client; Pentium class 1GHz processor (or equivalent); 512 MB RAM; 650 MB disc space plus 50 MB for each downloaded practice exam
About the Premium Edition eBook
CompTIA® Security+ Exam Cram, Fifth Edition, Premium Edition, is the perfect study guide to help you pass CompTIA’s newly updated version of the Security+ exam. It provides coverage on all the critical information you need to know to score higher on your Security+ exam!

--Categorize types of attacks, threats, and risks to your systems

--Secure devices, communications, and network infrastructure

-- Troubleshoot issues related to networking components

-- Effectively manage risks associated with a global business environment

-- Differentiate between control methods used to secure the physical domain

-- Identify solutions to secure hosts, data, and applications

-- Compare techniques to mitigate risks in static environments

-- Determine relevant access control, authorization, and authentication procedures

-- Select appropriate mitigation techniques in response to attacks and vulnerabilities

-- Apply principles of cryptography and effectively deploy related solutions

--Implement security practices from both a technical and an organizational standpoint



Sample Content

Online Sample Chapter

Table of Contents

Introduction

Part I: Threats, Attacks, and Vulnerabilities

Chapter 1: Indicators of Compromise and Malware Types

Viruses

Worms

Ransomware

Trojan Horses

Rootkits

Logic Bombs

Bots

Spyware

What Next?

Chapter 2: Attack Types

Social Engineering

Phishing and Related Attacks

Tailgating

Impersonation

Dumpster Diving

Shoulder Surfing

Hoaxes

Watering Hole Attacks

Principles (Reasons for Effectiveness)

Application/Service Attacks

Spoofing

Buffer and Integer Overflows

Zero-Day Attack

Code Injections

Hijacking and Related Attacks

Man-in-the-Middle

Denial of Service

Cryptographic Attacks

Brute Force

Weak Implementations

Wireless

Wi-Fi

Short Range Wireless Communications

What Next?

Chapter 3: Threat Actor Types and Attributes

Threat Actor Attributes

Threat Actor Types

Script Kiddies

Insiders

Hacktivists

Organized Crime

Competitors

Nation States

Open Source Intelligence

What Next?

Chapter 4: Penetration Testing

Testing Methodology

Planning

Discovery

Attack

Reporting

What Next?

Chapter 5: Vulnerability Scanning

Types of Vulnerability Scans

Intrusive vs. Non-intrusive

Credentialed vs. Non-credentialed

What Next?

Chapter 6: Impacts Associated with Vulnerability Types

People and Process

Race Conditions

Resource Exhaustion

Architecture and Design

Configuration

Cryptographic Management

Embedded Systems

Lack of Vendor Support

Improper Software Handling

Leaks, Overflows, and Code Injection

What Next?

Part I Cram Quiz

Part II: Technology and Tools

Chapter 7: Network Components

Perimeter Security

Firewalls

VPN Concentrators

NIDS and NIPS

Internal Security

Routers

Switches

Protections

Bridges

Boundary Devices

Proxies

Load Balancers

Access Points

Enforcement Tools

SIEM

DLP

NAC

Gateways

Cryptographic Devices

SSL/TLS Accelerators and Decryptors

HSM

What Next?

Chapter 8: Software Tools

Vulnerability Assessment Tools

Analyzers and Scanners

Detection and Protection Tools

Honeypots

Exploitation Frameworks

Password Crackers

Steganography

Backup Utilities

Data Sanitizing Tools

Command-line Tools

What Next?

Chapter 9: Security Issues

Authentication, Authorization, and Access

Unencrypted Credentials and Clear Text

Permission Issues

Access Violations

Authentication Issues

Certificate Issues

Misconfigurations and Deviations

Firewall

Content Filter

Access Points

Baseline Deviation

Weak Security Configurations and Data Exfiltration

Personnel

Policy Violation

Insider Threat

Social Engineering

Social Media

Personal Email

Logs and Event Anomalies

Assets and Licensing

Asset Management

License Compliance Violation

Unauthorized Software

What Next?

Chapter 10: Security Technologies

Security Technologies

Host Technologies

Enterprise Technologies

What Next?

Chapter 11: Mobile Devices

Communication Methods

Mobile Device Management Concepts

Device, Application, and Content Management

Protections

Enforcement and Monitoring

Deployment Models

BYOD, CYOD, COPE and Corporate-owned Devices

VDI

Deployment Strategies

What Next?

Chapter 12: Secure Protocols

Secure Protocols

Securing Web Protocols

Securing File Transfer Protocols

Securing Email Protocols

Securing Internal Protocols

Use Cases

Secure Web Communication

Secure File Transfer Communication

Secure Email Communication

Secured Internal Communication

What Next?

Part II Cram Quiz

Part III: Architecture and Design

Chapter 13: Use Cases, Frameworks, and Best Practices

Industry-standard Frameworks and Reference Architectures

Regulatory and Non-regulatory

National vs. International

Industry-specific Frameworks

Benchmarks and Secure Configuration Guides

Platform and Vendor-specific Guides

General Purpose Guides

Defense in Depth and Layered Security

Vendor Diversity

Control Diversity

User Training

What Next?

Chapter 14: Network Architecture

Zones and Topologies

DMZ, Intranet, and Extranet

Wireless, Guest, and Ad Hoc Networks

NAT

Honeynet

Segregation, Segmentation, and Isolation

Physical

Logical (VLAN)

Virtualization

VPN Tunneling

Security Device and Technology Placement

Sensors, Collectors, and Correlation Engines

Firewalls, Proxies, and Filters

Accelerators, Concentrators, and Balancers

Switches, Taps, and Mirroring

SDN

What Next?

Chapter 15: Secure Systems Design

Hardware and Firmware Security

FDE and SED

TPM and HSM

BIOS and UEFI

Secure Boot

Attestation

Supply Chain

Hardware Root of Trust

EMI and EMP

Operating Systems

Patch Management

Disabling Unnecessary Ports and Services

Least Functionality

Secure Configurations

Trusted Operating System

Application Whitelisting/Blacklisting

Disable Default Accounts and Passwords

Peripherals

Wireless Keyboards and Mice

Displays

WiFi-Enabled MicroSD Cards and Digital Cameras

Printers and MFDs

External Storage Devices

What Next? Disfear torrent discography trey songz.

Chapter 16: Secure Staging Deployment

Sandboxing

Environment

Development and Test

Staging and Production

Secure Baseline

Integrity Measurement

What Next?

Chapter 17: Embedded Systems

SCADA and ICS

Smart Devices and IoT

Wearable Technology

Home Automation

SoC and RTOS

HVAC

Printers, MFDs, and Camera Systems

Special-Purpose Devices

Medical Devices

Vehicles

Aircraft and UAV

Protecting Embedded Systems

What Next?

Chapter 18: Secure Application Development and Deployment

Development Life-cycle Models

Waterfall vs. Agile

Secure DevOps

Continuous Integration and Security Automation

Baselining

Immutable Systems

Infrastructure As Code

Change Management and Version Control

Provisioning and Deprovisioning

Secure Coding Techniques

Proper Error Handling

Proper Input Validation

Normalization

Stored Procedures

Code Signing

Encryption, Obfuscation, and Camouflage

Code Reuse and Dead Code

Use of Third-Party Libraries and SDKs

Server-side vs. Client-side Execution and Validation

Memory Management

Data Exposure

Compiled vs. Runtime Code

Code Quality and Testing

Static Code Analyzers

Dynamic Analysis

Stress Testing

Sandboxing

Model Verification

What Next?

Chapter 19: Cloud and Virtualization

Virtualization Concepts

Hypervisors

VDE/VDI

VM Sprawl Avoidance

VM Escape Protection

Cloud Concepts

Cloud Storage

Cloud Deployment Models

On-premises vs. Hosted vs. Cloud

Cloud Access Security Broker

Security as a Service

What Next?

Chapter 20: Reducing Risk

Automation and Scripting

Templates and Master Images

Non-persistence

Snapshots

Revert to Known State and Rollback to Known Configuration

Live Boot Media

Scalability and Elasticity

Distributive Allocation

Fault Tolerance and Redundancy

High Availability

RAID

What Next?

Chapter 21: Physical Security Controls

Perimeter Security

Signs, Fencing, and Gates

Lighting

Barricades and Bollards

Cameras

Security Guards

Internal Security

Alarms

Motion and Infrared Detection

Mantraps

Locks and Lock Types

Cards, Tokens, and Biometrics

Key Management

Logs

Equipment Security

Cable Locks

Cages and Safes

Locking Cabinets and Enclosures

Screen Filters

Air Gap

Environmental Controls

Protected Cabling, Protected Distribution, and Faraday Cages

HVAC

Fire Suppression

Hot and Cold Aisles

What Next?

Part III Cram Quiz

Part IV: Identity and Access Management

Chapter 22: Identity and Access Management Concepts

Identification, Authentication, Authorization, and Accounting (AAA)

Multifactor Authentication

Federation, Single Sign-On, and Transitive Trust

Single Sign-On

Federation

Transitive Trust

What Next?

Chapter 23: Identity and Access Services

Authentication Protocols

Directory Services Protocols

AAA Protocols and Services

Federated Services

What Next?

Chapter 24: Identity and Access Controls

Access Control Models

Physical Access Controls

Tokens

Certificate-based Authentication

File System Security

Database Security

What Next?

Chapter 25: Account Management Practices

Account Types

General Concepts

Account Policy Enforcement

What Next?

Part IV Cram Quiz

Part V: Risk Management

Chapter 26: Policies, Plans, and Procedures Related to Organizational Security

Human Resource Management Policies

Background Checks

Onboarding

Mandatory Vacations

Separation of Duties

Job Rotation

Clean Desk Policies

Role-Based Awareness and Training

Continuing Education

Acceptable Use Policy/Rules of Behavior

Internet Usage

Nondisclosure Agreements

Disciplinary and Adverse Actions

Exit Interviews

Interoperability Agreements

What Next?

Chapter 27: Business Impact Analysis

Critical Functions

Identification of Critical Systems

Single Points of Failure

Recovery Objectives

MTTR

MTTF and MTBF

Impact

Privacy

What Next?

Chapter 28: Risk Management Processes and Concepts

Threat Assessment

Risk Assessment

Qualitative Versus Quantitative Measures

Supply Chain Assessment

Change Management

Testing Authorization

Risk Register

Risk Response Techniques

What Next?

Chapter 29: Incident Response Procedures

Incident Response Plan

Documented Incident Type/Category Definitions

Roles and Responsibilities

Reporting Requirements and Escalation

Cyber-incident Response Teams

Training, Tests, and Exercises

Incident Response Process

Preparation

Incident Identification and Analysis

Containment, Eradication, and Recovery

Post-Incident Activities

What Next?

Chapter 30: Forensics

Strategic Intelligence/Counterintelligence Gathering

Track Man-hours

Order of Volatility

Chain of Custody

Legal Hold

Data Acquisition

Capture System Images

Capture Network Traffic and Logs

Capture Video

Record Time Offset

Take Hashes

Capture Screenshots

Collect Witness Interviews

What Next?

Chapter 31: Disaster Recovery and Continuity of Operations

Disaster Recovery

Recovery Sites

Backups

Geographic Considerations

Continuity of Operation Planning

What Next?

Chapter 32: Controls

Nature of Controls

Functional Use of Controls

Deterrent

Preventive

Detective

Corrective

Compensating Controls

What Next?

Chapter 33: Data Security and Privacy Practices

Data Sensitivity Labeling and Handling

Privacy Laws and Regulatory Compliance

Data Roles

Data Retention and Disposal

Retention

Disposal

What Next?

Part V Cram Quiz

Part VI: Cryptography and PKI

Chapter 34: Cryptography

Keys

Key Exchange

Symmetric Algorithms

Asymmetric Algorithms

Elliptic Curve and Quantum Cryptography

Session Keys

Nonrepudiation and Digital Signatures

Hashing

Use of Proven Technologies and Implementation

Obfuscation

Use Cases

Resource Constraints

What Next?

Chapter 35: Cryptography Algorithms

Obfuscation Techniques

Symmetric Algorithms

Cipher Modes

Asymmetric Algorithms

Hashing Algorithms

Key Derivation Function

What Next?

Chapter 36: Wireless Security Settings

Access Methods

Wireless Cryptographic Protocols

Wireless Equivalent Privacy

Wi-Fi Protected Access

Wi-Fi Protected Access Version 2

Authentication Protocols

What Next?

Chapter 37: Public Key Infrastructure

Certificate Authority (CA)

Certification Practice Statement

Trust Models

Key Escrow

Digital Certificate

Public and Private Key Usage

Certificate Signing Request

Certificate Policy

Certificate Types

Certificate Formats

Certificate Revocation

OCSP Stapling

Pinning

What Next?

Part VI Cram Quiz

Elements Available Online

Glossary of Essential Terms and Components

Cram Quizzes

9780789759009 TOC 11/21/2017



More Information



• Request an Instructor or Media review copy.

Other Things You Might Like

• Book $43.99

• Book $136.00

• Book $119.00