Atjaunināt sīkdatņu piekrišanu

CompTIA CySAplus Cybersecurity Analyst Certification Bundle (Exam CS0-001) [Hardback]

4.80/5 (7 ratings by Goodreads)
, ,
  • Formāts: Hardback, weight: 1116 g
  • Izdošanas datums: 05-May-2019
  • Izdevniecība: McGraw-Hill Education
  • ISBN-10: 1260453251
  • ISBN-13: 9781260453256
Citas grāmatas par šo tēmu:
CompTIA CySAplus Cybersecurity Analyst Certification Bundle (Exam CS0-001)Palielināt
  • Formāts: Hardback, weight: 1116 g
  • Izdošanas datums: 05-May-2019
  • Izdevniecība: McGraw-Hill Education
  • ISBN-10: 1260453251
  • ISBN-13: 9781260453256
Citas grāmatas par šo tēmu:
Permanent link: https://www.kriso.lv/db/9781260453256.html
Keywords:
Prepare for the challenging CySA+ certification exam with this money-saving, comprehensive study package

Designed as a complete self-study program, this collection offers a variety of proven resources to use in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam. Comprised of CompTIA CySA+ Cybersecurity Analyst Certification All-In-One Exam Guide (CS0-001) and CompTIA CySA+ Cybersecurity Analyst Certification Practice Exams (Exam CS0-001), this bundle thoroughly covers every topic on the exam.

CompTIA CySA+ Cybersecurity Analyst Certification Bundle contains more than 800 practice questions that match those on the live exam in content, difficulty, tone, and format. The set includes detailed coverage of performance-based questions. You will get exam-focused “Tip,” “Note,” and “Caution” elements as well as end of chapter reviews. This authoritative, cost-effective bundle serves both as a study tool AND a valuable on-the-job reference for computer security professionals. 
 
•This bundle is 25% cheaper than purchasing the books individually and includes a 10% off the exam voucher
•Written by a team of computer security experts
•Electronic content includes 800+ practice exam questions and secured PDF copies of both books  

Acknowledgments ix
Introduction x
Objective Map: Exam CSO-001 xiii
Part I Threat Management
Chapter I Applying Reconnaissance Techniques
3(16)
Questions
4(5)
Quick Answer Key
9(1)
In-Depth Answers
10(9)
Chapter 2 Analyzing the Results of Reconnaissance
19(20)
Questions
20(7)
Quick Answer Key
27(1)
In-Depth Answers
28(11)
Chapter 3 Responding to Network-Based Threats
39(16)
Questions
40(5)
Quick Answer Key
45(1)
In-Depth Answers
46(9)
Chapter 4 Securing a Corporate Network
55(18)
Questions
56(5)
Quick Answer Key
61(1)
In-Depth Answers
62(11)
Part II Vulnerability Management
Chapter 5 Implementing Vulnerability Management Processes
73(28)
Questions
74(9)
Quick Answer Key
83(1)
In-Depth Answers
84(17)
Chapter 6 Vulnerability Scanning
101(28)
Questions
102(9)
Quick Answer Key
111(1)
In-Depth Answers
112(17)
Part III Cyber Incident Response
Chapter 7 The Incident Response Process
129(14)
Questions
130(4)
Quick Answer Key
134(1)
In-Depth Answers
135(8)
Chapter 8 Determining the Impact of Incidents
143(14)
Questions
144(4)
Quick Answer Key
148(1)
In-Depth Answers
149(8)
Chapter 9 Preparing the Incident Response Toolkit
157(14)
Questions
158(4)
Quick Answer Key
162(1)
In-Depth Answers
163(8)
Chapter 10 Selecting the Best Course of Action
171(18)
Questions
172(5)
Quick Answer Key
177(1)
In-Depth Answers
178(11)
Part IV Security Architecture and Tool Sets
Chapter 11 Frameworks, Policies, Controls, and Procedures
189(12)
Questions
190(3)
Quick Answer Key
193(1)
In-Depth Answers
194(7)
Chapter 12 Identity and Access Management
201(12)
Questions
202(4)
Quick Answer Key
206(1)
In-Depth Answers
207(6)
Chapter 13 Putting in Compensating Controls
213(14)
Questions
214(4)
Quick Answer Key
218(1)
In-Depth Answers
219(8)
Chapter 14 Secure Software Development
227(10)
Questions
228(3)
Quick Answer Key
231(1)
In-Depth Answers
232(5)
Chapter 15 Tool Sets
237(16)
Questions
238(5)
Quick Answer Key
243(1)
In-Depth Answers
244(9)
Appendix About the Digital Content
253(1)
CD-ROM
253(1)
Your Total Seminars Training Hub Account
253(1)
Single User License Terms and Conditions
254(1)
Using the TotalTester Online Content
255(1)
Pre-Assessment Test
255(1)
Performance-Based Questions
255(1)
Technical Support
256
Acknowledgments xxi
Introduction xxiii
Part I Threat Management
Chapter 1 Applying Reconnaissance Techniques
3(24)
Open Source Intelligence
4(5)
Google
4(1)
Internet Registries
5(3)
Job Sites
8(1)
Social Media
8(1)
Active Reconnaissance
9(3)
Scanning
9(2)
Capturing Packets
11(1)
Special Considerations
12(6)
Wired Network Considerations
12(2)
Wireless Network Considerations
14(1)
Virtualization Technologies
15(2)
Cloud Computing
17(1)
Defending Against Reconnaissance
18(1)
Tools of the Trade
18(4)
nmap
19(1)
Nikto
19(1)
OWASP Zed Attack Proxy
20(1)
Nessus
20(1)
netstat
21(1)
tcpdump
21(1)
Wireshark/TShark
22(1)
Intrusion Detection and Prevention Systems
22(1)
Chapter Review
22(5)
Questions
23(3)
Answers
26(1)
Chapter 2 Analyzing the Results of Reconnaissance
27(24)
Data Sources
27(5)
Firewall Logs
28(1)
Intrusion Detection/Prevention Systems
28(1)
Packet Captures
29(2)
System Logs
31(1)
Nmap Scan Results
31(1)
Point-in-Time Analysis
32(4)
Packet Analysis
32(1)
Protocol Analysis
33(1)
Traffic Analysis
34(1)
NetFlow Analysis
34(2)
Wireless Analysis
36(1)
Correlation Analysis
36(4)
Anomaly Analysis
38(1)
Behavioral Analysis
38(1)
Trend Analysis
38(1)
Availability Analysis
39(1)
Heuristics
40(1)
Tools of the Trade
40(6)
Security Information and Event Management Systems
40(2)
Packet Analyzers
42(1)
Intrusion Detection Systems
43(2)
Resource-Monitoring Tools
45(1)
NetFlow Analyzers
45(1)
Chapter Review
46(5)
Questions
46(3)
Answers
49(2)
Chapter 3 Responding to Network-Based Threats
51(18)
Network Segmentation
52(2)
System Isolation
52(1)
Jump Box
53(1)
Honeypots and Honeynets
54(1)
ACLs
54(2)
File System ACLs
55(1)
Network ACLs
55(1)
Black Hole
56(1)
DNS Sinkhole
56(1)
Endpoint Security
56(2)
Detect and Block
57(1)
Sandbox
57(1)
Cloud-Connected Protection
57(1)
Group Policies
58(1)
Device Hardening
58(3)
Discretionary Access Control (DAC)
59(1)
Mandatory Access Control (MAC)
59(1)
Role-Based Access Control (RBAC)
60(1)
Compensating Controls
60(1)
Blocking Unused Ports/Services
60(1)
Patching
61(1)
Network Access Control
61(2)
Time Based
62(1)
Rule Based
62(1)
Role Based
62(1)
Location Based
63(1)
Chapter Review
63(6)
Questions
64(3)
Answers
67(2)
Chapter 4 Securing a Corporate Network
69(26)
Penetration Testing
69(4)
Rules of Engagement
70(3)
Reverse Engineering
73(7)
Hardware
73(3)
Software/Malware
76(4)
Isolation/Sandboxing
80(1)
Training and Exercises
80(3)
Types of Exercises
81(1)
Red Team
82(1)
Blue Team
82(1)
White Team
83(1)
Risk Evaluation
83(4)
Impact and Likelihood
84(2)
Technical Control Review
86(1)
Operational Control Review
87(1)
Chapter Review
87(8)
Questions
88(3)
Answers
91(4)
Part II Vulnerability Management
Chapter 5 Implementing Vulnerability Management Processes
95(24)
Vulnerability Management Requirements
95(4)
Regulatory Environments
95(2)
Corporate Security Policy
97(1)
Data Classification
97(1)
Asset Inventory
98(1)
Common Vulnerabilities
99(7)
Servers
100(1)
Endpoints
100(1)
Network Infrastructure
100(1)
Virtual Infrastructure
101(1)
Mobile Devices
102(1)
Interconnected Networks
103(1)
Virtual Private Networks
103(1)
Industrial Control Systems
104(1)
SCADA Devices
105(1)
Frequency of Vulnerability Scans
106(2)
Risk Appetite
107(1)
Regulatory Requirements
107(1)
Technical Constraints
107(1)
Workflow
108(1)
Tool Configuration
108(5)
Scanning Criteria
108(3)
Tool Updates and Plug-Ins
111(1)
SCAP
112(1)
Permissions and Access
113(1)
Chapter Review
113(6)
Questions
114(3)
Answers
117(2)
Chapter 6 Vulnerability Scanning
119(26)
Execute Scanning
120(8)
Nessus
120(5)
OpenVAS
125(1)
Nikto
126(2)
Generate Reports
128(1)
Automated vs. Manual Distribution
128(1)
Remediation
128(4)
Prioritizing
129(1)
Communication/Change Control
130(1)
Sandboxing/Testing
131(1)
Inhibitors to Remediation
131(1)
Ongoing Scanning and Continuous Monitoring
132(1)
Analyze Reports from a Vulnerability Scan
133(1)
Review and Interpret Scan Results
133(1)
Validate Results and Correlate Other Data Points
134(4)
Compare to Best Practices or Compliance
136(1)
Reconcile Results
136(1)
Review Related Logs and/or Other Data Sources
137(1)
Determine Trends
137(1)
Chapter Review
138(7)
Questions
138(3)
Answers
141(4)
Part III Cyber Incident Response
Chapter 7 The Incident Response Process
145(22)
A Cast of Characters
145(5)
Key Roles
145(4)
Stakeholders
149(1)
Response Techniques
150(11)
Containment
151(5)
Eradication
156(2)
Validation
158(2)
Corrective Actions
160(1)
Communication Processes
161(2)
Internal Communications
162(1)
External Communications
162(1)
Chapter Review
163(4)
Questions
163(3)
Answers
166(1)
Chapter 8 Determining the Impact of Incidents
167(16)
Threat Classification
167(3)
Known Threats vs. Unknown Threats
167(1)
Zero Day
168(1)
Advanced Persistent Threat
169(1)
Factors Contributing to Incident Severity and Prioritization
170(9)
Scope of Impact
170(4)
Types of Data
174(5)
Chapter Review
179(4)
Questions
179(2)
Answers
181(2)
Chapter 9 Preparing the Incident Response Toolkit
183(20)
Digital Forensics
183(6)
Phases of an Investigation
184(5)
Forensic Investigation Suite
189(6)
Acquisition Utilities
189(2)
Analysis Utilities
191(1)
OS and Process Analysis
192(2)
Mobile Device Forensics
194(1)
Log Viewers
195(1)
Building Your Forensic Kit
195(2)
Jump Bag
195(2)
Chapter Review
197(6)
Questions
198(3)
Answers
201(2)
Chapter 10 Selecting the Best Course of Action
203(20)
Introduction to Diagnosis
203(1)
Network-Related Symptoms
203(5)
Bandwidth Utilization
204(1)
Beaconing
204(1)
Irregular Peer-to-Peer Communication
205(1)
Rogue Devices on the Network
206(1)
Scan Sweeps
207(1)
Host-Related Symptoms
208(6)
Running Processes
208(1)
Memory Contents
209(1)
File System
210(2)
Capacity Consumption
212(1)
Unauthorized Privileges
213(1)
Application-Related Symptoms
214(3)
Anomalous Activity
214(1)
Introduction of New Accounts
215(1)
Unexpected Output
215(1)
Unexpected Outbound Communication
215(1)
Service Interruption
216(1)
Memory Overflows
216(1)
Chapter Review
217(6)
Questions
217(2)
Answers
219(4)
Part IV Security Architectures
Chapter 11 Frameworks, Policies, Controls, and Procedures
223(26)
Security Frameworks
223(7)
NIST
223(2)
ISO
225(1)
COBIT
226(2)
SABSA
228(1)
TOGAF
229(1)
ITIL
230(1)
Policies and Procedures
230(9)
Security Policies
232(4)
Procedures
236(3)
Controls
239(2)
Physical Controls
239(1)
Logical Controls
239(1)
Administrative Controls
240(1)
Control Selection
240(1)
Regulatory Compliance
241(1)
Verification and Quality Control
242(3)
Audits
242(1)
Assessments
242(1)
Certification
243(1)
Maturity Models
243(2)
Chapter Review
245(4)
Questions
245(2)
Answers
247(2)
Chapter 12 Identity and Access Management
249(20)
Security Issues Associated with Context-Based Authentication
250(3)
Time
250(1)
Location
251(1)
Frequency
252(1)
Behavioral
253(1)
Security Issues Associated with Identities
253(5)
Personnel
254(1)
Endpoints
254(1)
Servers
254(2)
Services
256(1)
Roles
257(1)
Applications
258(1)
Security Issues Associated with Identity Repositories
258(3)
Directory Services
258(1)
TACACS+
259(1)
RADIUS
260(1)
Security Issues Associated with Federation and Single Sign-On
261(2)
Manual vs. Automatic Provisioning/Deprovisioning
262(1)
Self-Service Password Reset
262(1)
Exploits
263(2)
Impersonation
263(1)
Man in the Middle
263(1)
Session Hijack
263(1)
Cross-Site Scripting
264(1)
Privilege Escalation
264(1)
Rootkits
264(1)
Chapter Review
265(4)
Questions
265(3)
Answers
268(1)
Chapter 13 Putting in Compensating Controls
269(26)
Security Data Analytics
269(4)
Data Aggregation and Correlation
269(3)
Trend Analysis
272(1)
Historical Analysis
272(1)
Manual Review
273(7)
Firewall Log
276(1)
Syslog
277(1)
Authentication Logs
278(1)
Event Logs
279(1)
Defense in Depth
280(10)
Personnel
282(3)
Processes
285(5)
Other Security Concepts
290(1)
Chapter Review
290(5)
Questions
290(4)
Answers
294(1)
Chapter 14 Secure Software Development
295(20)
The Software Development Lifecycle
295(3)
Requirements
296(1)
Development
297(1)
Implementation
297(1)
Operation and Maintenance
298(1)
Secure Software Development
298(8)
Secure Coding
299(3)
Security Testing
302(4)
Best Practices
306(3)
Software Engineering Institute
306(1)
OWASP
307(1)
SANS
308(1)
Center for Internet Security
309(1)
Chapter Review
310(5)
Questions
310(3)
Answers
313(2)
Chapter 15 Tool Sets
315(54)
Preventative Tools
315(10)
Firewalls
316(2)
IDS and IPS
318(2)
Host-Based Intrusion Prevention Systems
320(1)
Antimalware
320(1)
Enhanced Mitigation Experience Toolkit
321(1)
Web Proxies
321(2)
Web Application Firewalls
323(2)
Collective Tools
325(11)
Security Information and Event Management
325(4)
Network Scanning
329(1)
Packet Capture
330(3)
Command-line Utilities
333(3)
Analytical Tools
336(15)
Vulnerability Scanning
336(8)
Monitoring Tools
344(4)
Interception Proxy
348(3)
Exploitative Tools
351(5)
Exploitation Frameworks
351(4)
Fuzzers
355(1)
Forensic Tools
356(7)
Forensic Suites
357(2)
Hashing
359(1)
Password Cracking
360(3)
Imaging
363(1)
Chapter Review
363(6)
Questions
363(3)
Answers
366(3)
Part V Appendixes and Glossary
Appendix A Objectives Map
369(18)
Appendix B About the CD-ROM
387(4)
System Requirements
387(1)
Installing and Running Total Tester Premium Practice Exam Software
387(1)
Total Tester Premium Practice Exam Software
387(1)
Pre-assessment Test
388(1)
Performance-Based Questions
388(1)
Secured Book PDF
388(1)
Technical Support
389(2)
Glossary 391(8)
Index 399
Fernando J. Maymķ, Ph.D., CISSP, is a security practitioner with over 25 years of experience. He is the author of over a dozen publications and co-author of CISSP All-in-One Exam Guide, Seventh Edition. 



Brent Chapman, CompTIA CySA+, GCIH, GCFA, CISSP, is a recognized cyber security expert who has served as an instructor and researcher at the United States Military Academy at West Point. 



Jeff Parker, CompTIA CySA+, CISSP, is a certified trainer, consultant, and author who specializes in information security awareness.