Packt+ | Advance your knowledge in tech

You're reading from CompTIA Security+ Certification Guide Master IT security essentials and exam topics for CompTIA Security+ SY0-501 certification

Product type Paperback

Published in Sep 2018

Publisher Packt

ISBN-13 9781789348019

Length 532 pages

Edition 1st Edition

Concepts

Network Security

Author (1):

Ian Neil

View More author details

Table of Contents (22) Chapters

Title Page

Packt Upsell

Contributor

Preface

1. Understanding Security Fundamentals FREE CHAPTER

2. Conducting Risk Analysis

3. Implementing Security Policies and Procedures

4. Delving into Identity and Access Management

5. Understanding Network Components

6. Understanding Cloud Models and Virtualization

7. Managing Hosts and Application Deployment

8. Protecting Against Attacks and Vulnerabilities

9. Implementing the Public Key Infrastructure

10. Responding to Security Incidents

11. Managing Business Continuity

12. Mock Exam 1

13. Mock Exam 2

1. Preparing for the CompTIA Security+ 501 Exam

2. Acronyms

3. Assessment

4. Other Books You May Enjoy

Leave a review - let other readers know what you think

Index

Chapter 2. Conducting Risk Analysis

As a security professional, you will need to understand that identifying and managing risks can help to keep your company environment safe from various types of attacks. In this chapter we will look at types of threats and vulnerabilities and the role that different threat actors play.

We will cover the following exam objectives in this chapter:

Explain threat actor types and attributes: Types of actors—script kiddies—hacktivist—organized crime—nation states/APT—insiders—competitors. Attributes of actors—internal/external—level of sophistication—resources/funding—intent/motivation. Use of open—source intelligence
Explain the importance of policies, plans and procedures related to organizational security: Standard operating procedure—agreement types—BPA—SLA—ISA—MOU/MOA. Personnel management—mandatory vacations—job rotation—separation of duties—clean desk—background checks—exit interviews—role—based awareness training—continuing education—acceptable use policy...