Atjaunināt sīkdatņu piekrišanu

CompTIA CySAplus Cybersecurity Analyst Certification All-in-One Exam Guide (Exam CS0-001) [Mīkstie vāki]

4.21/5 (101 ratings by Goodreads)
,
  • Formāts: Paperback / softback, 448 pages, height x width x depth: 231x191x23 mm, weight: 710 g
  • Izdošanas datums: 02-Dec-2017
  • Izdevniecība: McGraw-Hill Education
  • ISBN-10: 126001181X
  • ISBN-13: 9781260011814
Citas grāmatas par šo tēmu:
  • Mīkstie vāki
  • Cena: 75,92 €*
  • * Šī grāmata vairs netiek publicēta. Jums tiks paziņota lietotas grāmatas cena
  • Šī grāmata vairs netiek publicēta. Jums tiks paziņota lietotas grāmatas cena.
  • Daudzums:
  • Ielikt grozā
  • Pievienot vēlmju sarakstam
CompTIA CySAplus Cybersecurity Analyst Certification All-in-One Exam Guide (Exam CS0-001)Palielināt
  • Formāts: Paperback / softback, 448 pages, height x width x depth: 231x191x23 mm, weight: 710 g
  • Izdošanas datums: 02-Dec-2017
  • Izdevniecība: McGraw-Hill Education
  • ISBN-10: 126001181X
  • ISBN-13: 9781260011814
Citas grāmatas par šo tēmu:
Permanent link: https://www.kriso.lv/db/9781260011814.html
This comprehensive self-study guide offers complete coverage of the new CompTIA Cybersecurity Analyst+ certification exam

This highly effective self-study system provides complete coverage of every objective for the challenging CompTIA CSA+ Cybersecurity Analyst exam. You'll find learning objectives at the beginning of each chapter, exam tips, in-depth explanations, and practice exam questions. All questions closely mirror those on the live test in content, format, and tone. Designed to help you pass exam CS0-001 with ease, this definitive guide also serves as an essential on-the-job reference.

Covers every topic on the exam, including:

Threat and vulnerability management

Conducting and analyzing reconnaissance

Responding to network-based threats

Securing a cooperate network

Cyber incident response

Determining the impact of incidents

Preparing the incident response toolkit

Security architectures

Policies, procedures, and controls

Assuring identity and access management

Putting in compensating controls

Secure software development

Electronic content includes:

 175+ practice questions

Secured book PDF
Acknowledgments xxi
Introduction xxiii
Part 1 Threat Management
Chapter 1 Applying Reconnaissance Techniques
3(24)
Open Source Intelligence
4(5)
Google
4(1)
Internet Registries
5(3)
Job Sites
8(1)
Social Media
8(1)
Active Reconnaissance
9(3)
Scanning
9(2)
Capturing Packets
11(1)
Special Considerations
12(6)
Wired Network Considerations
12(2)
Wireless Network Considerations
14(1)
Virtualization Technologies
15(2)
Cloud Computing
17(1)
Defending Against Reconnaissance
18(1)
Tools of the Trade
18(4)
nmap
19(1)
Nikto
19(1)
OWASP Zed Attack Proxy
20(1)
Nessus
20(1)
netstat
21(1)
tcpdump
21(1)
Wireshark/TShark
22(1)
Intrusion Detection and Prevention Systems
22(1)
Chapter Review
22(1)
Questions
23(3)
Answers
26(1)
Chapter 2 Analyzing the Results of Reconnaissance
27(24)
Data Sources
27(5)
Firewall Logs
28(1)
Intrusion Detection/Prevention Systems
28(1)
Packet Captures
29(2)
System Logs
31(1)
nmap Scan Results
31(1)
Point-in-Time Analysis
32(4)
Packet Analysis
32(1)
Protocol Analysis
33(1)
Traffic Analysis
34(1)
NetFlow Analysis
34(2)
Wireless Analysis
36(1)
Correlation Analysis
36(4)
Anomaly Analysis
38(1)
Behavioral Analysis
38(1)
Trend Analysis
38(1)
Availability Analysis
39(1)
Heuristics
40(1)
Tools of the Trade
40(6)
Security Information and Event Management Systems
40(2)
Packet Analyzers
42(1)
Intrusion Detection Systems
43(2)
Resource-Monitoring Tools
45(1)
NetFlow Analyzers
45(1)
Review
46(1)
Questions
46(3)
Answers
49(2)
Chapter 3 Responding to Network-Based Threats
51(18)
Network Segmentation
52(2)
System Isolation
52(1)
Jump Box
53(1)
Honeypots and Honeynets
54(1)
ACLs
54(2)
File System ACLs
55(1)
Network ACLs
55(1)
Black Hole
56(1)
DNS Sinkhole
56(1)
Endpoint Security
56(2)
Detect and Block
57(1)
Sandbox
57(1)
Cloud-Connected Protection
57(1)
Group Policies
58(1)
Device Hardening
58(3)
Discretionary Access Control (DAC)
59(1)
Mandatory Access Control (MAC)
59(1)
Role-Based Access Control (RBAC)
60(1)
Compensating Controls
60(1)
Blocking Unused Ports/Services
60(1)
Patching
61(1)
Network Access Control
61(2)
Time Based
62(1)
Rule Based
62(1)
Role Based
62(1)
Location Based
63(1)
Review
63(1)
Questions
64(3)
Answers
67(2)
Chapter 4 Securing a Corporate Network
69(26)
Penetration Testing
69(4)
Rules of Engagement
70(3)
Reverse Engineering
73(7)
Hardware
73(3)
Software/Malware
76(4)
Isolation/Sandboxing
80(1)
Training and Exercises
80(3)
Types of Exercises
81(1)
Red Team
82(1)
Blue Team
82(1)
White Team
83(1)
Risk Evaluation
83(4)
Impact and Likelihood
84(2)
Technical Control Review
86(1)
Operational Control Review
87(1)
Review
87(1)
Questions
88(3)
Answers
91(4)
Part 2 Vulnerability Management
Chapter 5 Implementing Vulnerability Management Processes
95(24)
Vulnerability Management Requirements
95(4)
Regulatory Environments
95(2)
Corporate Security Policy
97(1)
Data Classification
97(1)
Asset Inventory
98(1)
Common Vulnerabilities
99(7)
Servers
100(1)
Endpoints
100(1)
Network Infrastructure
100(1)
Virtual Infrastructure
101(1)
Mobile Devices
102(1)
Interconnected Networks
103(1)
Virtual Private Networks
103(1)
Industrial Control Systems
104(1)
SCADA Devices
105(1)
Frequency of Vulnerability Scans
106(2)
Risk Appetite
107(1)
Regulatory Requirements
107(1)
Technical Constraints
107(1)
Workflow
108(1)
Tool Configuration
108(5)
Scanning Criteria
108(3)
Tool Updates and Plug-Ins
111(1)
SCAP
112(1)
Permissions and Access
113(1)
Review
113(1)
Questions
114(3)
Answers
117(2)
Chapter 6 Vulnerability Scanning
119(26)
Execute Scanning
120(8)
Nessus
120(5)
OpenVAS
125(1)
Nikto
126(2)
Generate Reports
128(1)
Automated vs. Manual Distribution
128(1)
Remediation
128(4)
Prioritizing
129(1)
Communication/Change Control
130(1)
Sandboxing/Testing
131(1)
Inhibitors to Remediation
131(1)
Ongoing Scanning and Continuous Monitoring
132(1)
Analyze Reports from a Vulnerability Scan
133(1)
Review and Interpret Scan Results
133(1)
Validate Results and Correlate Other Data Points
134(4)
Compare to Best Practices or Compliance
136(1)
Reconcile Results
136(1)
Review Related Logs and/or Other Data Sources
137(1)
Determine Trends
137(1)
Review
138(1)
Questions
138(3)
Answers
141(4)
Part 3 Cyber Incident Response
Chapter 7 The Incident Response Process
145(22)
A Cast of Characters
145(5)
Key Roles
145(4)
Stakeholders
149(1)
Response Techniques
150(11)
Containment
151(5)
Eradication
156(2)
Validation
158(2)
Corrective Actions
160(1)
Communication Processes
161(2)
Internal Communications
162(1)
External Communications
162(1)
Review
163(1)
Questions
163(3)
Answers
166(1)
Chapter 8 Determining the Impact of Incidents
167(16)
Threat Classification
167(3)
Known Threats vs. Unknown Threats
167(1)
Zero Day
168(1)
Advanced Persistent Threat
169(1)
Factors Contributing to Incident Severity and Prioritization
170(9)
Scope of Impact
170(4)
Types of Data
174(5)
Review
179(1)
Questions
179(2)
Answers
181(2)
Chapter 9 Preparing the Incident Response Toolkit
183(20)
Digital Forensics
183(6)
Phases of an Investigation
184(5)
Forensic Investigation Suite
189(6)
Acquisition Utilities
189(2)
Analysis Utilities
191(1)
OS and Process Analysis
192(2)
Mobile Device Forensics
194(1)
Log Viewers
195(1)
Building Your Forensic Kit
195(2)
Jump Bag
195(2)
Review
197(1)
Questions
198(3)
Answers
201(2)
Chapter 10 Selecting the Best Course of Action
203(20)
Introduction to Diagnosis
203(1)
Network-Related Symptoms
203(5)
Bandwidth Utilization
204(1)
Beaconing
204(1)
Irregular Peer-to-Peer Communication
205(1)
Rogue Devices on the Network
206(1)
Scan Sweeps
207(1)
Host-Related Symptoms
208(6)
Running Processes
208(1)
Memory Contents
209(1)
File System
210(2)
Capacity Consumption
212(1)
Unauthorized Privileges
213(1)
Application-Related Symptoms
214(3)
Anomalous Activity
214(1)
Introduction of New Accounts
215(1)
Unexpected Output
215(1)
Unexpected Outbound Communication
215(1)
Service Interruption
216(1)
Memory Overflows
216(1)
Review
217(1)
Questions
217(2)
Answers
219(4)
Part 4 Security Architectures
Chapter 11 Frameworks, Policies, Controls, and Procedures
223(26)
Security Frameworks
223(7)
NIST
223(2)
ISO
225(1)
COBIT
226(2)
SABSA
228(1)
TOGAF
229(1)
ITIL
230(1)
Policies and Procedures
230(9)
Security Policies
232(4)
Procedures
236(3)
Controls
239(2)
Physical Controls
239(1)
Logical Controls
239(1)
Administrative Controls
240(1)
Control Selection
240(1)
Regulatory Compliance
241(1)
Verification and Quality Control
242(3)
Audits
242(1)
Assessments
242(1)
Certification
243(1)
Maturity Models
243(2)
Review
245(1)
Questions
245(2)
Answers
247(2)
Chapter 12 Identity and Access Management
249(20)
Security Issues Associated with Context-Based Authentication
250(3)
Time
250(1)
Location
251(1)
Frequency
252(1)
Behavioral
253(1)
Security Issues Associated with Identities
253(5)
Personnel
254(1)
Endpoints
254(1)
Servers
254(2)
Services
256(1)
Roles
257(1)
Applications
258(1)
Security Issues Associated with Identity Repositories
258(3)
Directory Services
258(1)
TACACS+
259(1)
RADIUS
260(1)
Security Issues Associated with Federation and Single Sign-On
261(2)
Manual vs. Automatic Provisioning/Deprovisioning
262(1)
Self-Service Password Reset
262(1)
Exploits
263(2)
Impersonation
263(1)
Man in the Middle
263(1)
Session Hijack
263(1)
Cross-Site Scripting
264(1)
Privilege Escalation
264(1)
Rootkits
264(1)
Review
265(1)
Questions
265(3)
Answers
268(1)
Chapter 13 Putting in Compensating Controls
269(26)
Security Data Analytics
269(4)
Data Aggregation and Correlation
269(3)
Trend Analysis
272(1)
Historical Analysis
272(1)
Manual Review
273(7)
Firewall Log
276(1)
Syslog
277(1)
Authentication Logs
278(1)
Event Logs
279(1)
Defense in Depth
280(10)
Personnel
282(3)
Processes
285(5)
Other Security Concepts
290(1)
Review
290(1)
Questions
290(4)
Answers
294(1)
Chapter 14 Secure Software Development
295(20)
The Software Development Lifecycle
295(3)
Requirements
296(1)
Development
297(1)
Implementation
297(1)
Operation and Maintenance
298(1)
Secure Software Development
298(8)
Secure Coding
299(3)
Security Testing
302(4)
Best Practices
306(3)
Software Engineering Institute
306(1)
OWASP
307(1)
SANS
308(1)
Center for Internet Security
309(1)
Review
310(1)
Questions
310(3)
Answers
313(2)
Chapter 15 Tool Sets
315(54)
Preventative Tools
315(10)
Firewalls
316(2)
IDS and IPS
318(2)
Host-Based Intrusion Prevention Systems
320(1)
Antimalware
320(1)
Enhanced Mitigation Experience Toolkit
321(1)
Web Proxies
321(2)
Web Application Firewalls
323(2)
Collective Tools
325(11)
Security Information and Event Management
325(4)
Network Scanning
329(1)
Packet Capture
330(3)
Command-line Utilities
333(3)
Analytical Tools
336(15)
Vulnerability Scanning
336(8)
Monitoring Tools
344(4)
Interception Proxy
348(3)
Exploitative Tools
351(5)
Exploitation Frameworks
351(4)
Fuzzers
355(1)
Forensic Tools
356(7)
Forensic Suites
357(2)
Hashing
359(1)
Password Cracking
360(3)
Imaging
363(1)
Review
363(1)
Questions
363(3)
Answers
366(3)
Appendixes and Glossary
Appendix A Objectives Map
369(18)
Appendix B About the CD-ROM
387(4)
System Requirements
387(1)
Installing and Running Total Tester Premium Practice Exam Software
387(1)
Total Tester Premium Practice Exam Software
387(1)
Pre-assessment Test
388(1)
Performance-Based Questions
388(1)
Secured Book PDF
388(1)
Technical Support
389(2)
Glossary 391(8)
Index 399
Matt Walker, CEH, CPTS, is an IT security architect working for Hewlett-Packard. He has held a variety of networking and IT security positions, including most recently the IT security manager position at Marshall Space Flight Center (SAIC contract) and Kennedy Space Center (Lockheed Martin contract).