Title Downloadable Official CompTIA Security+ Student Guide (2).pdf ✅

The Official CompTIA Security+ Student Guide (Exam SY0-701) SY0-701_TTL_ACK_ppi-ii.indd 1 7/31/23 7:45 AM
Course Edition: 2.0 Acknowledgments James Pengelly, Author Gareth Marchant, Author Michael Olsen, Director, Content Development Danielle Andries, Senior Manager, Content Development Notices Disclaimer While CompTIA, Inc. takes care to ensure the accuracy and quality of these materials, we cannot guarantee their accuracy, and all materials are provided without any warranty whatsoever, including, but not limited to, the implied warranties of merchantability or fitness for a particular purpose. The use of screenshots, photographs of another entity’s products, or another entity’s product name or service in this book is for editorial purposes only. No such use should be construed to imply sponsorship or endorsement of the book by nor any affiliation of such entity with CompTIA. This courseware may contain links to sites on the Internet that are owned and operated by third parties (the “External Sites”). CompTIA is not responsible for the availability of, or the content located on or through, any External Site. Please contact CompTIA if you have any concerns regarding such links or External Sites. Trademark Notice CompTIA®, Security+®, and the CompTIA logo are registered trademarks of CompTIA, Inc., in the U.S. and other countries. All other product and service names used may be common law or registered trademarks of their respective proprietors. Copyright Notice Copyright © 2023 CompTIA, Inc. All rights reserved. Screenshots used for illustrative purposes are the property of the software proprietor. Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of CompTIA, 3500 Lacey Road, Suite 100, Downers Grove, IL 60515-5439. This book conveys no rights in the software or other products about which it was written; all use or licensing of such software or other products is the responsibility of the user according to terms and conditions of the owner. If you believe that this book, related materials, or any other CompTIA materials are being reproduced or transmitted without permission, please call 1-866-835-8020 or visit https://help.comptia.org. SY0-701_TTL_ACK_ppi-ii.indd 2 7/31/23 7:45 AM LICENSED FOR USE ONLY BY: AWADHESH SHUKLA · 7179655 · AUG 10 2024
Table of Contents Lesson 1: Summarize Fundamental Security Concepts............................................... 1 Topic 1A: Security Concepts.................................................................................. 2 Topic 1B: Security Controls................................................................................... 8 Lesson 2: Compare Threat Types ................................................................................. 15 Topic 2A: Threat Actors ....................................................................................... 16 Topic 2B: Attack Surfaces ................................................................................... 23 Topic 2C: Social Engineering ............................................................................... 30 Lesson 3: Explain Cryptographic Solutions ................................................................. 37 Topic 3A: Cryptographic Algorithms.................................................................. 38 Topic 3B: Public Key Infrastructure................................................................... 47 Topic 3C: Cryptographic Solutions ..................................................................... 60 Lesson 4: Implement Identity and Access Management .......................................... 69 Topic 4A: Authentication .................................................................................... 70 Topic 4B: Authorization....................................................................................... 81 Topic 4C: Identity Management ......................................................................... 89 Lesson 5: Secure Enterprise Network Architecture................................................... 99 Topic 5A: Enterprise Network Architecture ................................................... 100 Topic 5B: Network Security Appliances .......................................................... 115 Topic 5C: Secure Communications................................................................... 129 Lesson 6: Secure Cloud Network Architecture......................................................... 141 Topic 6A: Cloud Infrastructure......................................................................... 142 Topic 6B: Embedded Systems and Zero Trust Architecture.......................... 158 Table of Contents | iii Table of Contents SY0-701_TOC_ppiii-vi.indd 3 8/28/23 10:12 AM LICENSED FOR USE ONLY BY: AWADHESH SHUKLA · 7179655 · AUG 10 2024
Lesson 7: Explain Resiliency and Site Security Concepts ........................................ 171 Topic 7A: Asset Management ........................................................................... 172 Topic 7B: Redundancy Strategies..................................................................... 182 Topic 7C: Physical Security................................................................................ 198 Lesson 8: Explain Vulnerability Management .......................................................... 209 Topic 8A: Device and OS Vulnerabilities.......................................................... 210 Topic 8B: Application and Cloud Vulnerabilities............................................ 220 Topic 8C: Vulnerability Identification Methods ............................................. 231 Topic 8D: Vulnerability Analysis and Remediation........................................ 242 Lesson 9: Evaluate Network Security Capabilities................................................... 251 Topic 9A: Network Security Baselines............................................................. 252 Topic 9B: Network Security Capability Enhancement................................... 263 Lesson 10: Assess Endpoint Security Capabilities.................................................... 273 Topic 10A: Implement Endpoint Security........................................................ 274 Topic 10B: Mobile Device Hardening ............................................................... 292 Lesson 11: Enhance Application Security Capabilities ............................................ 303 Topic 11A: Application Protocol Security Baselines....................................... 304 Topic 11B: Cloud and Web Application Security Concepts............................ 318 Lesson 12: Explain Incident Response and Monitoring Concepts .......................... 327 Topic 12A: Incident Response........................................................................... 328 Topic 12B: Digital Forensics .............................................................................. 340 Topic 12C: Data Sources .................................................................................... 347 Topic 12D: Alerting and Monitoring Tools....................................................... 358 iv | Table of Contents Table of Contents SY0-701_TOC_ppiii-vi.indd 4 8/28/23 10:12 AM LICENSED FOR USE ONLY BY: AWADHESH SHUKLA · 7179655 · AUG 10 2024