Atjaunināt sīkdatņu piekrišanu

E-grāmata: CompTIA CySA+ Cybersecurity Analyst Certification Passport (Exam CS0-002)

4.00/5 (1 ratings by Goodreads)
  • Formāts: 448 pages
  • Izdošanas datums: 01-Jan-2021
  • Izdevniecība: McGraw-Hill Education
  • Valoda: eng
  • ISBN-13: 9781260462258
Citas grāmatas par šo tēmu:
  • Formāts - EPUB+DRM
  • Cena: 36,07 €*
  • * ši ir gala cena, t.i., netiek piemērotas nekādas papildus atlaides
  • Ielikt grozā
  • Pievienot vēlmju sarakstam
  • Šī e-grāmata paredzēta tikai personīgai lietošanai. E-grāmatas nav iespējams atgriezt un nauda par iegādātajām e-grāmatām netiek atmaksāta.
CompTIA CySA+ Cybersecurity Analyst Certification Passport (Exam CS0-002)Palielināt
  • Formāts: 448 pages
  • Izdošanas datums: 01-Jan-2021
  • Izdevniecība: McGraw-Hill Education
  • Valoda: eng
  • ISBN-13: 9781260462258
Citas grāmatas par šo tēmu:

DRM restrictions

  • Kopēšana (kopēt/ievietot):

    nav atļauts

  • Drukāšana:

    nav atļauts

  • Lietošana:

    Digitālo tiesību pārvaldība (Digital Rights Management (DRM))
    Izdevējs ir piegādājis šo grāmatu šifrētā veidā, kas nozīmē, ka jums ir jāinstalē bezmaksas programmatūra, lai to atbloķētu un lasītu. Lai lasītu šo e-grāmatu, jums ir jāizveido Adobe ID. Vairāk informācijas šeit. E-grāmatu var lasīt un lejupielādēt līdz 6 ierīcēm (vienam lietotājam ar vienu un to pašu Adobe ID).

    Nepieciešamā programmatūra
    Lai lasītu šo e-grāmatu mobilajā ierīcē (tālrunī vai planšetdatorā), jums būs jāinstalē šī bezmaksas lietotne: PocketBook Reader (iOS / Android)

    Lai lejupielādētu un lasītu šo e-grāmatu datorā vai Mac datorā, jums ir nepieciešamid Adobe Digital Editions (šī ir bezmaksas lietotne, kas īpaši izstrādāta e-grāmatām. Tā nav tas pats, kas Adobe Reader, kas, iespējams, jau ir jūsu datorā.)

    Jūs nevarat lasīt šo e-grāmatu, izmantojot Amazon Kindle.

Focused coverage of every topic on the current version of the CompTIA CySA+ exam

Get on the fast track to becoming CompTIA CySA+ certified with this affordable, portable study tool. Inside, cybersecurity professional Bobby Rogers guides you on your career path, providing expert tips and sound advice along the way. With an intensive focus only on what you need to know to pass CompTIA CySA+ Exam CS0-002, this certification passport is your ticket to success on exam day.

Designed for focus on key topics and exam success:





List of official exam objectives covered by domain Exam Tip element offers expert pointers for success on the test Key Term highlights specific term or acronym definitions key to passing the exam Caution notes common pitfalls and real-world issues as well as warnings about the exam Tables, bulleted lists, and figures throughout focus on quick reference and review Cross-References point to an essential, related concept covered elsewhere in the book Practice questions and content review after each objective section prepare you for exam mastery

Covers all exam topics, including:







Threat and vulnerability management Threat data and intelligence Vulnerability management, assessment tools, and mitigation Software and systems security Solutions for infrastructure management Software and hardware assurance best practices Security operations and monitoring Proactive threat hunting Automation concepts and technologies Incident response process, procedure, and analysis Compliance and assessment Data privacy and protection Support of organizational risk mitigation

Online content includes:







Customizable practice exam test engine for CS0-002 200+ realistic multiple-choice and performance-based practice questions and in-depth explanations
Acknowledgments xxi
Introduction xxiii
1.0 Threat and Vulnerability Management
1(126)
Objective 1.1 Explain the importance of threat data and intelligence
2(25)
Intelligence Sources
4(1)
Open-Source Intelligence
4(2)
Proprietary and Closed-Source Intelligence
6(1)
Timeliness
7(1)
Relevancy
7(1)
Accuracy
8(1)
Confidence Levels
8(1)
Indicator Management
9(1)
Structured Threat Information expression (STIX)
10(1)
Trusted Automated exchange of Indicator Intelligence (TAXII)
11(2)
OpenIOC
13(1)
Threat Classification
13(1)
Known Threats vs. Unknown Threats
14(1)
Zero-Day Threats
15(1)
Advanced Persistent Threats
15(1)
Threat Actors
16(1)
Nation-States
16(1)
Hacktivists
16(1)
Organized Crime
17(1)
Insider Threats
18(1)
Intelligence Cycle
18(1)
Requirements
19(1)
Collection
19(1)
Analysis
20(1)
Dissemination
20(1)
Feedback
20(1)
Commodity Malware
20(1)
Information Sharing and Analysis Communities
21(1)
Healthcare
22(1)
Financial
23(1)
Aviation
23(1)
Government
23(1)
Critical Infrastructure
24(1)
Review
24(1)
1.1 Questions
25(1)
1.1 Answers
26(1)
Objective 1.2 Given a scenario, utilize threat intelligence to support organizational security
27(19)
Attack Frameworks
27(1)
MITRE ATT&CK
27(2)
The Diamond Model of Intrusion Analysis
29(1)
Cyber Kill Chain
30(1)
Threat Research
31(1)
Reputational
31(1)
Behavioral
32(1)
Indicators of Compromise (IOCs)
33(1)
Common Vulnerability Scoring System (CVSS)
33(2)
Threat Modeling Methodologies
35(1)
Common Threat Modeling Methodologies
36(1)
Adversary Capability
36(1)
Total Attack Surface
37(1)
Attack Vector
37(1)
Impact
38(1)
Likelihood
39(1)
Threat Intelligence Sharing with Supported Functions
40(1)
Incident Response
41(1)
Vulnerability Management
41(1)
Risk Management
42(1)
Security Engineering
43(1)
Detection and Monitoring
44(1)
Review
44(1)
1.2 Questions
45(1)
1.2 Answers
46(1)
Objective 1.3 Given a scenario, perform vulnerability management activities
46(23)
Vulnerability Identification
46(2)
Asset Criticality
48(1)
Active vs. Passive Scanning
48(1)
Mapping/Enumeration
49(1)
Validation
50(1)
True Positive
50(1)
False Positive
51(1)
True Negative
51(1)
False Negative
51(1)
Remediation/Mitigation
52(1)
Configuration Baseline
52(1)
Patching
53(1)
Hardening
54(1)
Compensating Controls
55(1)
Risk Acceptance
55(1)
Verification of Mitigation
56(1)
Scanning Parameters and Criteria
56(1)
Risks Associated with Scanning Activities
56(1)
Vulnerability Feed
57(1)
Scope
57(1)
Credentialed vs. Non-Credentialed
58(1)
Server-Based vs. Agent-Based
58(1)
Internal vs. External
59(1)
Special Considerations
60(3)
Inhibitors to Remediation
63(1)
Memorandum of Understanding (MOU)
64(1)
Service Level Agreement (SLA)
64(1)
Organizational Governance
64(1)
Business Process Interruption
64(1)
Degrading Functionality
65(1)
Legacy Systems
65(1)
Proprietary Systems
65(1)
Review
66(1)
1.3 Questions
67(1)
1.3 Answers
68(1)
Objective 1.4 Given a scenario, analyze the output from common vulnerability assessment tools
69(16)
Vulnerability Assessment Tools
69(1)
Application Tools
70(1)
Web Application Scanners
70(2)
Software Assessment Tools and Techniques
72(2)
Infrastructure Tools
74(1)
Network Enumeration
74(3)
Network Vulnerability Scanners
77(2)
Wireless Assessment
79(2)
Cloud Infrastructure Assessment
81(2)
Review
83(1)
1.4 Questions
83(1)
1.4 Answers
84(1)
Objective 1.5 Explain the threats and vulnerabilities associated with specialized technology
85(13)
Mobile Devices
85(1)
Mobile Device Threats and Vulnerabilities
85(1)
Corporate Device Considerations
86(1)
Mobile Device Protections
87(1)
Internet of Things (IoT)
87(1)
Embedded Devices
88(2)
Physical Access Controls
90(1)
Building Automation Systems
91(1)
Vehicles and Drones
92(2)
Industrial Control Systems
94(1)
Workflow and Process Automation Systems
94(1)
Supervisory Control and Data Acquisition (SCADA)
94(1)
Review
95(1)
1.5 Questions
96(1)
1.5 Answers
97(1)
Objective 1.6 Explain the threats and vulnerabilities associated with operating in the cloud
98(11)
Cloud Service Models
98(1)
Software as a Service (SaaS)
99(1)
Platform as a Service (PaaS)
100(1)
Infrastructure as a Service (IaaS)
101(1)
Serverless Architecture and Function as a Service (FaaS)
101(1)
Infrastructure as Code (IaC)
102(1)
Cloud Deployment Models
102(1)
Public
102(1)
Private
103(1)
Community
103(1)
Hybrid
103(1)
Cloud Vulnerabilities
104(1)
Insecure Application Programming Interface (API)
104(1)
Improper Key Management
105(1)
Unprotected Storage
105(1)
Insufficient Logging and Monitoring
106(1)
Inability to Access
106(1)
Review
107(1)
1.6 Questions
107(1)
1.6 Answers
108(1)
Objective 1.7 Given a scenario, implement controls to mitigate attacks and software vulnerabilities
109(18)
Vulnerabilities
109(1)
Improper Error Handling
110(1)
Dereferencing
110(1)
Insecure Object Reference
111(1)
Race Condition
111(1)
Broken Authentication
112(1)
Sensitive Data Exposure
113(1)
Insecure Components
113(1)
Insufficient Logging and Monitoring
113(1)
Weak or Default Configurations
114(1)
Use of Insecure Functions
114(1)
Attack Types
115(1)
Injection Attacks
115(3)
Authentication Attacks
118(3)
Overflow Attacks
121(2)
Review
123(1)
1.7 Questions
124(1)
1.7 Answers
125(2)
2.0 Software and Systems Security
127(64)
Objective 2.1 Given a scenario, apply security solutions for infrastructure management
128(34)
Infrastructure Management
128(1)
Cloud vs. On-Premises
128(1)
Asset Management
129(1)
Segmentation
130(3)
Network Architecture
133(3)
Change Management
136(1)
Virilization
137(2)
Containerization
139(1)
Identity and Access Management
140(1)
Authentication Methods
140(3)
Access Control Models
143(3)
Cloud Access Security Broker (CASB)
146(1)
Honeypot
146(1)
Monitoring and Logging
147(2)
Encryption
149(6)
Certificate Management
155(2)
Active Defense
157(1)
Review
158(2)
2.1 Questions
160(2)
2.1 Answers
162(1)
Objective 2.2 Explain software assurance best practices
162(16)
Platforms
162(1)
Mobile
163(1)
Web Application
163(1)
Client/Server
164(1)
Embedded Platforms
164(1)
Firmware
165(1)
System-on-Chip (SoC)
165(1)
Service-Oriented Architecture
165(1)
Security Assertions Markup Language (SAML)
166(1)
Simple Object Access Protocol (SOAP)
167(1)
Representational State Transfer (REST)
167(1)
Microservices
167(1)
Software Development Lifecycle (SDLC) Integration
168(1)
DevSecOps
168(1)
Secure Coding Best Practices
169(1)
Input Validation
169(1)
Output Encoding
170(1)
Session Management
170(1)
Authentication
170(1)
Data Protection
171(1)
Parameterized Queries
172(1)
Software Assessment Methods
172(1)
User Acceptance Testing
172(1)
Stress Testing
173(1)
Security Regression Testing
173(1)
Code Review
173(1)
Static Analysis Tools
174(1)
Dynamic Analysis Tools
174(1)
Formal Methods for Verification of Critical Software
175(1)
Review
175(1)
2.2 Questions
176(1)
2.2 Answers
177(1)
Objective 2.3 Explain hardware assurance best practices
178(13)
Hardware Root of Trust
178(1)
Trusted Platform Module (TPM)
179(1)
Hardware Security Module (HSM)
179(1)
eFuse
180(1)
Unified Extensible Firmware Interface (UEFI)
180(1)
Trusted Foundry
181(1)
Secure Processing
182(1)
Trusted Execution and Secure Enclave
182(1)
Processor Security Extensions
183(1)
Atomic Execution
183(1)
Bus Encryption
184(1)
Anti-Tamper
184(1)
Self-Encrypting Drive (SED)
185(1)
Trusted Firmware Updates
185(1)
Measured Boot and Attestation
186(1)
Review
186(2)
2.3 Questions
188(1)
2.3 Answers
189(2)
3.0 Security Operations and Monitoring
191(68)
Objective 3.1 Given a scenario, analyze data as part of security monitoring activities
192(23)
Heuristics
192(1)
Trend Analysis
193(1)
Endpoint Data
193(1)
Known-Good vs. Anomalous Behavior Analysis
194(1)
Malware Analysis and Reverse Engineering
195(1)
Memory Analysis
195(1)
File System Analysis
196(1)
System and Application Behavior
196(1)
User and Entity Behavior Analytics (UEBA)
196(1)
Analysis of Endpoint Exploitation Techniques
197(1)
Network
198(1)
Uniform Resource Locator (URL) and Domain Name System (DNS) Analysis
198(1)
Domain Generation Algorithm
199(1)
Flow Analysis
199(1)
Packet and Protocol Analysis
199(1)
Network-Based Malware Analysis
200(1)
Log Review
201(1)
Event Logs
201(1)
Syslog
202(1)
Firewall Logs
202(1)
Web Application Firewall (WAF)
202(1)
Proxy
203(1)
Intrusion Detection System (IDS)/Intrusion Prevention System (IPS)
203(1)
Impact Analysis
203(1)
Organization Impact vs. Localized Impact
204(1)
Immediate vs. Total
204(1)
Security Information and Event Management (SIEM) Review
205(1)
Dashboard
205(1)
Rule and Query Writing
206(1)
String Search
207(1)
Scripting and Piping
207(1)
E-mail Analysis
207(1)
Impersonation
208(1)
Malicious Payload
208(1)
Embedded Links
208(1)
Phishing
209(1)
Forwarding
209(1)
Digital Signatures
209(1)
Header
210(1)
E-mail Signature Block
210(1)
Domain Keys Identified Mail (DKIM)
210(1)
Sender Policy Framework (SPF)
211(1)
Domain-Based Message Authentication, Reporting, and Conformance (DMARC)
211(1)
Review
211(2)
3.1 Questions
213(1)
3.1 Answers
214(1)
Objective 3.2 Given a scenario, implement configuration changes to existing controls to improve security
215(24)
Review of Control Concepts
215(1)
Control Categories and Functions
215(2)
Control Implementation and Risk
217(1)
Permissions
218(1)
Windows Permissions
219(2)
Linux Permissions
221(2)
Access Control Lists
223(1)
Allow Lists
224(1)
Deny Lists
224(2)
Firewalls
226(1)
Packet-Filtering Firewalls
226(1)
Circuit-Level Gateways
227(1)
Stateful Inspection Firewalls
227(1)
Application-Level Gateways
227(1)
Web Application Firewalls (WAFs)
228(1)
Next-Generation Firewalls
228(1)
Cloud-Based Firewalls
228(1)
Intrusion Prevention System (IPS) Rules
229(1)
Data Loss Prevention (DLP)
230(1)
Endpoint Detection and Response (EDR)
230(1)
Network Access Control (NAC)
231(2)
Sinkholing
233(1)
Malware Signatures
233(1)
Development/Rule Writing
234(1)
Sandboxing
234(1)
Port Security
235(1)
Review
235(2)
3.2 Questions
237(1)
3.2 Answers
238(1)
Objective 3.3 Explain the importance of proactive threat hunting
239(9)
Establishing a Hypothesis
239(1)
Profiling Threat Actors and Activities
240(1)
Threat Hunting Tactics
241(1)
Executable Process Analysis
241(1)
Reducing the Attack Surface Area
241(1)
System Level
241(1)
Network Level
242(1)
Organization Level
242(1)
Operating Environment
243(1)
Bundling Critical Assets
244(1)
Attack Vectors
244(1)
Integrated Intelligence
245(1)
Improving Detection Capabilities
245(1)
Review
246(1)
3.3 Questions
246(1)
3.3 Answers
247(1)
Objective 3.4 Compare and contrast automation concepts and technologies
248(11)
Automation Concepts
248(1)
Workflow Orchestration
248(1)
Security Orchestration, Automation, and Response (SOAR)
249(1)
Scripting
250(1)
Application Programming Interface (API) Integration
250(1)
Automated Malware Signature Creation
251(1)
Data Enrichment
251(1)
Threat Feed Combination
252(1)
Machine Learning
252(1)
Use of Automation Protocols and Standards
253(2)
Automating Software Integration, Delivery, and Deployment
255(1)
Review
256(1)
3.4 Questions
257(1)
3.4 Answers
258(1)
4.0 Incident Response
259(68)
Objective 4.1 Explain the importance of the incident response process
260(13)
Critical Incident Response Processes
260(1)
Communications Plan
260(3)
Response Coordination with Relevant Entities
263(4)
Factors Contributing to Data Criticality
267(3)
Review
270(1)
4.1 Questions
271(2)
4.1 Answers
273(1)
Objective 4.2 Given a scenario, apply the appropriate incident response procedure
273(19)
Incident Response Procedures
273(1)
Preparation
274(2)
Detection and Analysis
276(4)
Containment
280(1)
Eradication and Recovery
281(4)
Post-Incident Activities
285(4)
Review
289(1)
4.2 Questions
290(1)
4.2 Answers
291(1)
Objective 4.3 Given an incident, analyze potential indicators of compromise
292(17)
Analyzing Indicators of Compromise
292(1)
Network-Related IOCs
293(4)
Host-Related IOCs
297(7)
Application-Related IOCs
304(3)
Review
307(1)
4.3 Questions
307(1)
4.3 Answers
308(1)
Objective 4.4 Given a scenario, utilize basic digital forensics techniques
309(18)
Forensics Considerations
309(1)
Forensics Foundations
310(3)
Network
313(2)
Endpoint Forensics Considerations
315(2)
Mobile Forensics
317(1)
Cloud Forensics
318(1)
Virilization Forensics
319(1)
Key Forensic Procedures
320(4)
Review
324(1)
4.4 Questions
325(1)
4.4 Answers
326(1)
5.0 Compliance and Assessment
327(52)
Objective 5.1 Understand the importance of data privacy and protection
328(12)
Privacy vs. Security
328(1)
Nontechnical Controls
329(5)
Technical Controls
334(4)
Review
338(1)
5.1 Questions
339(1)
5.1 Answers
340(1)
Objective 5.2 Given a scenario, apply security concepts in support of organizational risk mitigation
340(20)
Organizational Risk Mitigation
340(1)
Business Impact Analysis (BIA)
341(3)
Risk Identification Process
344(1)
Risk Calculation
345(1)
Communication of Risk Factors
346(2)
Risk Prioritization
348(3)
Systems Assessment
351(2)
Documented Compensating Controls
353(1)
Training and Exercises
354(2)
Supply Chain Assessment
356(2)
Review
358(1)
5.2 Questions
359(1)
5.2 Answers
360(1)
Objective 5.3 Explain the importance of frameworks, policies, procedures, and controls
360(19)
Organizational Governance Flow
360(1)
Frameworks
361(1)
Policies and Procedures
362(7)
Control Categories
369(1)
Control Types
370(3)
Audits and Assessments
373(2)
Review
375(1)
5.3 Questions
376(1)
5.3 Answers
377(2)
A About the Online Content
379(4)
System Requirements
379(1)
Your Total Seminars Training Hub Account
379(1)
Privacy Notice
379(1)
Single User License Terms and Conditions
379(2)
TotalTester Online
381(1)
Performance-Based Questions
381(1)
Technical Support
382(1)
Glossary 383(20)
Index 403
Bobby E. Rogers is an Information Security Engineer working for a major hospital in the southeastern United States. His previous experience includes working as a contractor for Department of Defense agencies, helping to secure, certify, and accredit their information systems. His duties include information system security engineering, risk management, and certification and accreditation efforts. He retired after 21 years in the United States Air Force, serving as a network security engineer and instructor, and has secured networks all over the world. Bobby has a Masters degree in Information Assurance (IA), and is pursuing a doctoral degree in IA from Capitol College, Maryland. His many certifications include CompTIAs A+, CompTIA Network+, CompTIA Security+, and CompTIA Mobility+ certifications, as well as the CISSP-ISSEP, CEH, and MCSE: Security.
Biežāk uzdotie jautājumi par e-grāmatām Biežāk uzdotie jautājumi par e-grāmatām
Permanent link: https://www.kriso.lv/db/97812604622586e.html
Keywords: