Atjaunināt sīkdatņu piekrišanu

CompTIA CySAplus Cybersecurity Analyst Certification Bundle (Exam CS0-002) 2nd edition [Multiple-component retail product]

4.80/5 (8 ratings by Goodreads)
, , ,
  • Formāts: Multiple-component retail product, height x width x depth: 231x188x36 mm, weight: 1270 g
  • Izdošanas datums: 28-Apr-2021
  • Izdevniecība: McGraw-Hill Education
  • ISBN-10: 1260473813
  • ISBN-13: 9781260473810
Citas grāmatas par šo tēmu:
  • Multiple-component retail product
  • Cena: 87,65 €*
  • * Šī grāmata vairs netiek publicēta. Jums tiks paziņota lietotas grāmatas cena
  • Šī grāmata vairs netiek publicēta. Jums tiks paziņota lietotas grāmatas cena.
  • Daudzums:
  • Ielikt grozā
  • Pievienot vēlmju sarakstam
CompTIA CySAplus Cybersecurity Analyst Certification Bundle (Exam CS0-002) 2nd editionPalielināt
  • Formāts: Multiple-component retail product, height x width x depth: 231x188x36 mm, weight: 1270 g
  • Izdošanas datums: 28-Apr-2021
  • Izdevniecība: McGraw-Hill Education
  • ISBN-10: 1260473813
  • ISBN-13: 9781260473810
Citas grāmatas par šo tēmu:
Permanent link: https://www.kriso.lv/db/9781260473810.html
Keywords:
Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.


Prepare for the challenging CySA+ certification exam with this money-saving, up-to-date study package


Designed as a complete self-study program, this collection offers a variety of proven resources to use in preparation for the latest edition of the CompTIA Cybersecurity Analyst (CySA+) certification exam. Comprised of CompTIA CySA+ Cybersecurity Analyst Certification All-In-One Exam Guide, Second Edition (Exam CS0-002) and CompTIA CySA+ Cybersecurity Analyst Certification Practice Exams (Exam CS0-002), this bundle thoroughly covers every topic on the exam.


CompTIA CySA+ Cybersecurity Analyst Certification Bundle, Second Edition (Exam CS0-002) contains more than 800 practice questions that match those on the live exam in content, difficulty, tone, and format. The collection includes detailed explanations of both multiple choice and performance-based questions. This authoritative, cost-effective bundle serves both as a study tool and a valuable on-the-job reference for computer security professionals. 
 
•This bundle is 25% cheaper than purchasing the books individually and includes a 10% off the exam voucher offer
•Online content includes additional practice questions, a cybersecurity audit checklist, and a quick review guide
•Written by a team of recognized cybersecurity experts 


CompTIA CySA+™ Cybersecurity Analyst Certification EXAM GUIDE (Exam CS0-002)
Acknowledgments xxv
Introduction xxvii
Part I Threat and Vulnerability Management
Chapter 1 The Importance of Threat Data and Intelligence
3(30)
Foundations of Intelligence
4(1)
Intelligence Sources
4(1)
Open Source Intelligence
4(6)
Proprietary/Closed Source Intelligence
10(2)
Characteristics of Intelligence Source Data
12(1)
Confidence Levels
13(1)
Indicator Management
14(1)
Indicator Lifecycle
14(1)
Structured Threat Information Expression
14(4)
Trusted Automated Exchange of Indicator Information
18(1)
OpenlOC
19(1)
Threat Classification
20(1)
Known Threats vs. Unknown Threats
20(1)
Zero Day
20(2)
Advanced Persistent Threat
22(1)
Threat Actors
23(1)
Nation-State Threat Actors
23(1)
Hacktivists
23(1)
Organized Crime
24(1)
Insider Threat Actors
24(1)
Intelligence Cycle
25(1)
Requirements
26(1)
Collection
26(1)
Analysis
26(1)
Dissemination
26(1)
Feedback
27(1)
Commodity Malware
27(1)
Information Sharing and Analysis Communities
27(2)
Chapter Review
29(1)
Questions
29(1)
Answers
30(3)
Chapter 2 Threat Intelligence in Support of Organizational Security
33(24)
Levels of Intelligence
34(1)
Attack Frameworks
35(1)
MITRE ATT&CK
35(3)
The Diamond Model of Intrusion Analysis
38(2)
Kill Chain
40(3)
Threat Research
43(1)
Reputational
44(1)
Behavioral
45(1)
Indicator of Compromise
46(1)
Common Vulnerability Scoring System
47(1)
Threat Modeling Methodologies
47(1)
Adversary Capability
48(1)
Total Attack Surface
48(1)
Attack Vector
48(1)
Impact
48(1)
Likelihood
48(1)
STRIDE
49(1)
PASTA
49(1)
Threat Intelligence Sharing with Supported Functions
50(1)
Incident Response
50(1)
Vulnerability Management
51(1)
Risk Management
52(1)
Security Engineering
53(1)
Detection and Monitoring
53(1)
Chapter Review
53(1)
Questions
54(1)
Answers
55(2)
Chapter 3 Vulnerability Management Activities
57(30)
Vulnerability Identification
57(1)
Regulatory Environments
58(2)
Corporate Security Policy
60(1)
Data Classification
60(1)
Asset Inventory
61(2)
Active vs. Passive Scanning
63(1)
Scanning Parameters and Criteria
64(1)
Risks Associated with Scanning Activities
64(1)
Regulatory Requirements
65(1)
Technical Constraints
65(1)
Workflow
65(1)
Sensitivity Levels
66(1)
Vulnerability Feed
66(1)
Scope
67(1)
Noncredentialed vs. Credentialed
67(1)
Server Based vs. Agent Based
68(1)
Internal vs. External
69(1)
Types of Data
69(1)
Tool Updates and Plug-Ins
69(1)
SCAP
69(1)
Special Considerations
70(1)
Intrusion Prevention System, Intrusion Detection System, and Firewall Settings
71(1)
Generating Reports
71(1)
Automated vs. Manual Distribution
71(1)
Validation
72(1)
True Positives
72(3)
False Positives
75(1)
True Negatives
76(1)
False Negatives
76(1)
Remediation
76(1)
Patching
77(1)
Prioritizing
78(1)
Hardening
78(2)
Compensating Controls
80(1)
Risk Acceptance
80(1)
Verification of Mitigation
81(1)
Inhibitors to Remediation
81(1)
Memorandum of Understanding
81(1)
Service Level Agreement
81(1)
Organizational Governance
81(1)
Business Process Interruption
82(1)
Degrading Functionality
82(1)
Legacy and Proprietary Systems
82(1)
Ongoing Scanning and Continuous Monitoring
83(1)
Chapter Review
83(1)
Questions
83(2)
Answers
85(2)
Chapter 4 Vulnerability Assessment Tools
87(34)
Web Application Scanners
88(1)
OWASP Zed Attack Proxy
88(1)
Burp Suite
88(1)
Nikto
89(2)
Arachni
91(1)
Infrastructure Vulnerability Scanners
92(1)
Nessus
92(5)
OpenVAS
97(2)
Qualys
99(1)
Software Assessment Tools and Techniques
100(1)
Static Analysis
101(1)
Dynamic Analysis
102(1)
Reverse Engineering
102(1)
Fuzzing
103(2)
Enumeration Tools and Techniques
105(1)
nmap
106(1)
hping
106(1)
Passive vs. Active Enumeration Techniques
107(1)
responder
108(1)
Wireless Assessment Tools
109(1)
Aircrack-ng
110(1)
Reaver
110(1)
oclHashcat
111(4)
Cloud Infrastructure Assessment Tools
115(1)
Scout Suite
115(1)
Prowler
116(1)
Pacu
117(1)
Chapter Review
118(1)
Questions
118(2)
Answers
120(1)
Chapter 5 Threats and Vulnerabilities Associated with Specialized Technology
121(22)
Access Points
122(1)
Virtual Private Networks
122(1)
Mobile Devices
123(1)
Network Vulnerabilities
124(1)
Device Vulnerabilities
124(1)
Operating System Vulnerabilities
125(2)
App Vulnerabilities
127(2)
Internet of Things
129(1)
The Mirai Botnet
130(1)
Embedded Systems
131(1)
Real-Time Operating Systems
131(1)
System on a Chip
131(1)
Field Programmable Gate Array
132(1)
Physical Access Control
132(1)
Connected Vehicles
133(1)
CAN Bus
133(1)
Drones
134(1)
Hardware Security
135(1)
Communications Channels Security
135(1)
Web Portal Security
136(1)
Industrial Control Systems
136(2)
SCADA Devices
138(1)
Modbus
139(1)
Process Automation Systems
139(1)
Chapter Review
140(1)
Questions
140(2)
Answers
142(1)
Chapter 6 Threats and Vulnerabilities Associated with Operating in the Cloud
143(20)
Cloud Service Models
143(1)
Shared Responsibility Model
144(1)
Software as a Service
144(2)
Platform as a Service
146(2)
Infrastructure as a Service
148(1)
Cloud Deployment Models
149(1)
Public
149(1)
Private
150(1)
Community
150(1)
Hybrid
150(1)
Serverless Architecture
150(1)
Function as a Service
151(1)
Infrastructure as Code
152(2)
Insecure Application Programming Interface
154(1)
Broken Object Level Authorization
154(1)
Broken User Authentication
154(1)
Excessive Data Exposure
154(1)
Lack of Resources and Rate Limiting
155(1)
Broken Function Level Authorization
155(1)
Mass Assignment
155(1)
Security Misconfiguration
155(1)
Injection
155(1)
Improper Asset Management
156(1)
Insufficient Logging and Monitoring
156(1)
Improper Key Management
156(1)
Unprotected Storage
157(1)
Logging and Monitoring
158(1)
Chapter Review
158(1)
Questions
158(2)
Answers
160(3)
Chapter 7 Mitigating Controls for Attacks and Software Vulnerabilities
163(22)
Attack Types
163(1)
Injection Attacks
164(2)
Buffer Overflow Attacks
166(3)
Privilege Escalation
169(1)
Authentication Attacks
169(4)
Rootkits
173(1)
Vulnerabilities
173(1)
Improper Error Handling
173(1)
Dereferencing
174(1)
Insecure Object Reference
174(1)
Race Condition
174(1)
Sensitive Data Exposure
175(1)
Insecure Components
176(1)
Insufficient Logging and Monitoring
176(1)
Weak or Default Configurations
177(1)
Use of Insecure Functions
178(1)
Chapter Review
178(1)
Questions
179(2)
Answers
181(4)
Part II Software and Systems Security
Chapter 8 Security Solutions for Infrastructure Management
185(30)
Cloud vs. On-Premises Solutions
186(1)
Network Architecture
186(1)
Physical Network
187(1)
Software-Defined Network
188(1)
Virtual Private Cloud Network
188(1)
Virtual Private Network
189(1)
Serverless Network
190(1)
Visualization
190(1)
Hypervisors
190(1)
Virtual Desktop Infrastructure
191(1)
Containerization
191(1)
Network Segmentation
192(1)
Virtual Local Area Networks
192(1)
Physical Segmentation
192(1)
Jump Boxes
192(1)
System Isolation
193(1)
Honeypots and Honeynets
194(1)
Asset Management
195(1)
Asset Inventory
195(1)
Asset Tagging
195(1)
Change Management
196(1)
Identity and Access Management
197(1)
Privilege Management
198(1)
Multifactor Authentication
198(1)
Single Sign-On
199(1)
Identity Federation
199(2)
Role-Based Access Control
201(1)
Attribute-Based Access Control
202(1)
Mandatory Access Control
202(1)
Manual Review
203(2)
Cloud Access Security Broker
205(1)
Monitoring and Logging
205(1)
Encryption
206(1)
Symmetric Cryptography
207(1)
Asymmetric Cryptography
208(1)
Symmetric vs. Asymmetric Cryptography
209(1)
Certificate Management
209(1)
Active Defense
210(1)
Chapter Review
211(1)
Questions
211(2)
Answers
213(2)
Chapter 9 Software Assurance Best Practices
215(24)
Platforms and Software Architectures
215(2)
Client/Server
217(1)
Web Application
218(1)
Mobile
219(1)
Embedded
219(1)
System on a Chip
220(1)
Firmware
220(1)
Service-Oriented Architecture
220(1)
Simple Object Access Protocol
221(1)
Representational State Transfer
222(1)
Microservices
222(1)
Security Assertions Markup Language
222(1)
The Software Development Lifecycle
223(1)
Requirements
223(1)
Development
224(1)
Implementation
225(1)
Operation and Maintenance
225(1)
DevOps and DevSecOps
225(1)
Software Assessment Methods
226(1)
User Acceptance Testing
226(1)
Stress Testing
226(1)
Security Regression Testing
227(1)
Code Reviews
227(1)
Static Analysis Tools
228(1)
Dynamic Analysis Tools
228(1)
Formal Methods of Verifying Critical Software
229(1)
Secure Coding Best Practices
229(1)
Input Validation
229(1)
Output Encoding
230(1)
Session Management
231(1)
Authentication
231(1)
Data Protection
232(2)
Parameterized Queries
234(1)
Chapter Review
234(1)
Questions
235(2)
Answers
237(2)
Chapter 10 Hardware Assurance Best Practices
239(18)
Hardware Root of Trust
239(1)
Trusted Platform Module
240(2)
Hardware Security Module
242(1)
eFuse
242(1)
Firmware
243(1)
Unified Extensible Firmware Interface
244(1)
Measured Boot and Attestation
244(1)
Trusted Firmware Updates
245(1)
Self-Encrypting Drive
245(1)
Bus Encryption
246(1)
Secure Processing
247(1)
Trusted Execution Environment
247(2)
Processor Security Extensions
249(1)
Atomic Execution
249(1)
Trusted Foundry
250(1)
Anti-Tamper Techniques
251(1)
Chapter Review
252(1)
Questions
252(1)
Answers
253(4)
Part III Security Operations and Monitoring
Chapter 11 Data Analysis in Security Monitoring Activities
257(44)
Security Data Analytics
257(1)
Data Aggregation and Correlation
258(2)
Data Analysis
260(1)
Trend Analysis
260(1)
Historical Analysis
261(1)
Behavioral Analysis
262(1)
Heuristics
262(1)
Anomaly Analysis
263(1)
Endpoint Security
263(1)
Malware
264(3)
Detect and Block
267(1)
Fileless Malware
267(1)
Sandbox
268(1)
Cloud-Connected Protection
268(1)
User and Entity Behavior Analytics
268(1)
Network
269(1)
Domain Name System Analysis
269(1)
Domain Generation Algorithms
270(1)
Flow Analysis
271(2)
Packet Analysis
273(2)
Malware
275(1)
Log Review
275(1)
Packet Captures
276(3)
System Logs
279(3)
Firewall Logs
282(2)
Intrusion Detection/Prevention Systems
284(2)
Authentication Logs
286(1)
Impact Analysis
286(1)
Availability Analysis
287(1)
Security Information and Event Management Review
288(1)
Query Writing
289(2)
E-mail Analysis
291(1)
Malicious Payload
292(1)
DomainKeys Identified Mail
292(1)
Sender Policy Framework
293(1)
Domain-Based Message Authentication, Reporting, and Conformance
293(1)
Header
294(2)
Phishing
296(1)
Forwarding
296(1)
Digital Signatures and Encryption
296(1)
Embedded Links
297(1)
Impersonation
297(1)
Chapter Review
298(1)
Questions
298(2)
Answers
300(1)
Chapter 12 Implement Configuration Changes to Existing Controls to Improve Security
301(26)
Permissions
301(1)
Users
302(1)
Groups
303(3)
Blacklisting
306(1)
Whitelisting
306(2)
Firewalls
308(3)
Web Proxies
311(1)
Web Application Firewalls
312(1)
Operating System Firewalls
312(2)
Intrusion Prevention System Rules
314(1)
Snort Rule Building
315(1)
Zeek Logs
315(1)
Suricata Rule-Building
316(1)
Host-Based Intrusion Prevention Systems
317(1)
Data Loss Prevention
317(1)
Endpoint Detection and Response
318(1)
Network Access Control
319(1)
Time-Based Solution
320(1)
Rule-Based Solution
320(1)
Role-Based Solution
320(1)
Location-Based Solution
320(1)
Sinkholing
321(1)
Malware Signatures
321(1)
Sandboxing
322(1)
Port Security
323(1)
Chapter Review
323(1)
Questions
323(2)
Answers
325(2)
Chapter 13 The Importance of Proactive Threat Hunting
327(18)
Establishing a Hypothesis
330(1)
Profiling Threat Actors and Activities
331(1)
Threat-Hunting Tactics
332(1)
High-Impact TTPs
333(3)
Delivering Results
336(1)
Documenting the Process
337(1)
Reducing the Attack Surface Area and Bundling Critical Assets
337(2)
Attack Vectors
339(1)
Integrated Intelligence
339(1)
Improving Detection Capabilities
340(1)
Chapter Review
341(1)
Questions
341(2)
Answers
343(2)
Chapter 14 Automation Concepts and Technologies
345(26)
Workflow Orchestration
346(1)
Security Orchestration, Automation, and Response Platforms
346(2)
Orchestration Playbooks
348(3)
Data Enrichment
351(1)
Scripting
351(1)
Python Scripting
352(1)
PowerShell Scripting
353(1)
Application Programming Interface Integration
354(1)
Representational State Transfer
354(2)
Automating API Calls
356(2)
Automated Malware Signature Creation
358(2)
Threat Feed Combination
360(1)
Machine Learning
361(1)
Use of Automation Protocols and Standards
362(1)
Security Content Automation Protocol
362(3)
Software Engineering
365(1)
Continuous Integration
365(1)
Continuous Delivery
366(1)
Continuous Deployment
366(1)
Chapter Review
366(1)
Questions
366(2)
Answers
368(3)
Part IV Incident Response
Chapter 15 The Importance of the Incident Response Process
371(16)
Establishing a Communication Process
371(1)
Internal Communications
372(1)
External Communications
372(1)
Response Coordination with Relevant Entities
373(5)
Factors Contributing to Data Criticality
378(1)
Personally Identifiable Information
378(2)
Personal Health Information
380(1)
High-Value Assets
380(1)
Payment Card Information
380(1)
Intellectual Property
381(2)
Corporate Confidential Information
383(1)
Chapter Review
383(1)
Questions
384(2)
Answers
386(1)
Chapter 16 Appropriate Incident Response Procedures
387(22)
Preparation
388(1)
Training
388(1)
Testing
389(1)
Documentation
390(1)
Detection and Analysis
390(1)
Characteristics of Severity Level Classification
391(4)
Reverse Engineering
395(1)
Containment
396(1)
Segmentation
397(1)
Isolation
397(1)
Removal
398(1)
Eradication and Recovery
399(1)
Vulnerability Mitigation
399(1)
Sanitization
400(1)
Reconstruction
401(1)
Secure Disposal
401(1)
Patching
401(1)
Restoration of Permissions
402(1)
Restoration of Services and Verification of Logging
403(1)
Post-Incident Activities
403(1)
Lessons-Learned Report
403(1)
Change Control Process
404(1)
Updates to Response Plan
404(1)
Summary Report
405(1)
Indicator of Compromise Generation
405(1)
Monitoring
405(1)
Chapter Review
405(1)
Questions
406(1)
Answers
407(2)
Chapter 17 Analyze Potential Indicators of Compromise
409(24)
Network-Related Indicators
409(1)
Bandwidth Utilization
410(1)
Beaconing
410(1)
Irregular Peer-to-Peer Communication
411(1)
Rogue Devices on the Network
412(1)
Scan Sweeps
413(1)
Common Protocol over a Nonstandard Port
414(1)
Host-Related Indicators
414(1)
Capacity Consumption
414(2)
Unauthorized Software
416(1)
Malicious Processes
417(1)
Memory Contents
418(1)
Unauthorized Changes
419(2)
Unauthorized Privileges
421(1)
Data Exfiltration
421(2)
Registry Change or Anomaly
423(1)
Unauthorized Scheduled Task
423(2)
Application-Related Indicators
425(1)
Anomalous Activity
425(1)
Introduction of New Accounts
426(1)
Unexpected Output
426(1)
Unexpected Outbound Communication
427(1)
Service Interruption
427(1)
Memory Overflows
428(1)
Application Logs
428(1)
Chapter Review
428(1)
Questions
429(2)
Answers
431(2)
Chapter 18 Utilize Basic Digital Forensics Techniques
433(28)
Phases of an Investigation
434(1)
Seizure
434(1)
Data Acquisition
435(1)
Analysis
436(1)
Reporting
437(1)
Network
438(1)
Network Tap
438(1)
Hub
439(1)
Switches
439(1)
Wireshark/TShark
439(1)
tcpdump
440(2)
Endpoints
442(1)
Servers
443(1)
OS and Process Analysis
443(2)
Mobile Device Forensics
445(1)
Virtualization and the Cloud
445(1)
Procedures
446(1)
Building Your Forensic Kit
447(2)
Cryptography Tools
449(1)
Acquisition Utilities
449(1)
Forensic Duplicators
450(1)
Password Crackers
450(2)
Hashing Utilities
452(1)
Forensic Suites
453(1)
File Carving
453(1)
Chapter Review
454(1)
Questions
455(2)
Answers
457(4)
Part V Compliance and Assessment
Chapter 19 The Importance of Data Privacy and Protection
461(18)
Privacy vs. Security
461(1)
Types of Data
462(1)
Legal Requirements for Data
462(2)
Nontechnical Controls
464(1)
Data Ownership
464(1)
Data Classification
464(1)
Data Confidentiality
465(1)
Data Sovereignty
466(1)
Data Minimization
466(1)
Data Purpose Limitation
466(1)
Data Retention
467(1)
Technical Controls
468(1)
Access Controls
468(1)
Encryption
469(1)
Sharing Data While Preserving Privacy
469(2)
Digital Rights Management
471(2)
Data Loss Prevention
473(3)
Chapter Review
476(1)
Questions
476(2)
Answers
478(1)
Chapter 20 Security Concepts in Support of Organizational Risk Mitigation
479(22)
Business Impact Analysis
479(2)
Risk Assessment
481(1)
Risk Identification Process
482(1)
Risk Calculation
483(4)
Communication of Risk Factors
487(1)
Risk Prioritization
488(1)
Security Controls
488(2)
Engineering Tradeoffs
490(1)
Documented Compensating Controls
490(1)
Systems Assessment
490(1)
Supply Chain Risk Assessment
491(1)
Vendor Due Diligence
492(1)
Hardware Source Authenticity
493(1)
Training and Exercises
494(1)
Types of Exercises
495(1)
Red Team
496(1)
Blue Team
497(1)
White Team
497(1)
Chapter Review
497(1)
Questions
498(2)
Answers
500(1)
Chapter 21 The Importance of Frameworks, Policies, Procedures, and Controls
501(28)
Security Frameworks
501(1)
NIST
502(6)
ISO/IEC 27000 Series
508(4)
Center for Internet Security Controls
512(1)
Policies and Procedures
513(1)
Ethics and Codes of Conduct
514(1)
Acceptable Use Policy
514(1)
Password Policy
515(1)
Data Ownership
515(1)
Data Retention
516(1)
Work Product Retention
516(1)
Account Management
517(1)
Continuous Monitoring
518(1)
Control Types
519(2)
Audits and Assessments
521(1)
Standards Compliance
521(1)
Regulatory Compliance
522(1)
Chapter Review
523(1)
Questions
523(1)
Answers
524(5)
Part VI Appendixes and Glossary
Appendix A Objective Map
529(18)
Appendix B About the Online Content
547
System Requirements
547(1)
Your Total Seminars Training Hub Account
547(1)
Privacy Notice
547(1)
Single User License Terms and Conditions
547(2)
TotalTester Online
549(1)
Performance-Based Questions
549(1)
Technical Support
549
Glossary 551(10)
Index 561
CompTIA CySA+™ Cybersecurity Analyst Certification PRACTICE EXAMS (Exam CS0-002)
Acknowledgments xiii
Introduction xv
Part I Threat and Vulnerability Management
Chapter 1 The Importance of Threat Data and Intelligence
3(12)
Questions
4(4)
Quick Answer Key
8(1)
Answers
9(6)
Chapter 2 Threat Intelligence in Support of Organizational Security
15(10)
Questions
16(3)
Quick Answer Key
19(1)
Answers
20(5)
Chapter 3 Vulnerability Management Activities
25(12)
Questions
27(3)
Quick Answer Key
30(1)
Answers
31(6)
Chapter 4 Vulnerability Assessment Tools
37(10)
Questions
38(3)
Quick Answer Key
41(1)
Answers
42(5)
Chapter 5 Threats and Vulnerabilities Associated with Specialized Technology
47(10)
Questions
48(3)
Quick Answer Key
51(1)
Answers
52(5)
Chapter 6 Threats and Vulnerabilities Associated with Operating in the Cloud
57(10)
Questions
58(3)
Quick Answer Key
61(1)
Answers
62(5)
Chapter 7 Mitigating Controls for Attacks and Software Vulnerabilities
67(16)
Questions
69(4)
Quick Answer Key
73(1)
Answers
74(9)
Part II Software and Systems Security
Chapter 8 Security Solutions for Infrastructure Management
83(16)
Questions
84(5)
Quick Answer Key
89(1)
Answers
90(9)
Chapter 9 Software Assurance Best Practices
99(16)
Questions
100(5)
Quick Answer Key
105(1)
Answers
106(9)
Chapter 10 Hardware Assurance Best Practices
115(18)
Questions
116(5)
Quick Answer Key
121(1)
Answers
122(11)
Part III Security Operations and Monitoring
Chapter 11 Data Analysis in Security Monitoring Activities
133(16)
Questions
134(4)
Quick Answer Key
138(1)
Answers
139(10)
Chapter 12 Implement Configuration Changes to Existing Controls to Improve Security
149(18)
Questions
150(5)
Quick Answer Key
155(1)
Answers
156(11)
Chapter 13 The Importance of Proactive Threat Hunting
167(14)
Questions
168(4)
Quick Answer Key
172(1)
Answers
173(8)
Chapter 14 Automation Concepts and Technologies
181(20)
Questions
182(5)
Quick Answer Key
187(1)
Answers
188(13)
Part IV Incident Response
Chapter 15 The Importance of the Incident Response Process
201(14)
Questions
202(4)
Quick Answer Key
206(1)
Answers
207(8)
Chapter 16 Appropriate Incident Response Procedures
215(16)
Questions
216(5)
Quick Answer Key
221(1)
Answers
222(9)
Chapter 17 Analyze Potentiallndicators of Compromise
231(14)
Questions
232(4)
Quick Answer Key
236(1)
Answers
237(8)
Chapter 18 Utilize Basic Digital Forensics Techniques
245(20)
Questions
246(6)
Quick Answer Key
252(1)
Answers
253(12)
Part V Compliance and Assessment
Chapter 19 The Importance of Data Privacy and Protection
265(12)
Questions
266(3)
Quick Answer Key
269(1)
Answers
270(7)
Chapter 20 Security Concepts in Support of Organizational Risk Mitigation
277(12)
Questions
278(3)
Quick Answer Key
281(1)
Answers
282(7)
Chapter 21 The Importance of Frameworks, Policies, Procedures, and Controls
289(16)
Questions
290(4)
Quick Answer Key
294(1)
Answers
295(10)
Part VI Appendixes
Appendix A Objective Map
305(6)
Exam CSO-002
305(6)
Appendix B About the Online Content
311
System Requirements
311(1)
Your Total Seminars Training Hub Account
311(1)
Privacy Notice
311(1)
Single User License Terms and Conditions
311(2)
TotalTester Online
313(1)
Performance-Based Questions
313(1)
Technical Support
313
Fernando Maymķ (West Point, NY) , Ph.D., CISSP is a security practitioner with over 25 years experience in the field. He is currently the Deputy Director at the Army Cyber Institute at West Point, where he leads a multidisciplinary team charged with developing disruptive innovations for cyberspace operations as well as impactful public-private partnerships aimed at better securing cyberspace. Dr. Maymķ has served as a consultant for both government and private sector organizations in the US and abroad. He has authored and taught dozens of courses and workshops in cyber security for academic, government, and professional audiences in the United States and Latin America. Dr. Maymķ is the author of over a dozen publications and holds three patents. His awards include the U.S. Department of the Army Research and Development Achievement Award and he was recognized as a HENAAC Luminary. He worked closely with Shon Harris for the last two years of her life, advising her on a multitude of projects, including the previous version of this book. Dr. Maymķ is also a volunteer puppy raiser for Guiding Eyes for the Blind and has raised two guide dogs, Trinket and Virgo.