Packt+ | Advance your knowledge in tech

You're reading from CompTIA Security+ Certification Guide Master IT security essentials and exam topics for CompTIA Security+ SY0-501 certification

Product type Paperback

Published in Sep 2018

Publisher Packt

ISBN-13 9781789348019

Length 532 pages

Edition 1st Edition

Concepts

Network Security

Author (1):

Ian Neil

Title Page

Packt Upsell

Contributor

Preface

1. Understanding Security Fundamentals FREE CHAPTER

2. Conducting Risk Analysis

3. Implementing Security Policies and Procedures

4. Delving into Identity and Access Management

5. Understanding Network Components

6. Understanding Cloud Models and Virtualization

7. Managing Hosts and Application Deployment

8. Protecting Against Attacks and Vulnerabilities

9. Implementing the Public Key Infrastructure

10. Responding to Security Incidents

11. Managing Business Continuity

12. Mock Exam 1

13. Mock Exam 2

1. Preparing for the CompTIA Security+ 501 Exam

2. Acronyms

3. Assessment

4. Other Books You May Enjoy

Index

In this chapter, we will be looking at incident response, particularly with regard to the collection of volatile evidence for forensic analysis.

We will cover the following exam objectives in this chapter:

Given a scenario, use appropriate software tools to assess the security posture of an organization: Protocol analyzer, network scanners, rogue system detection, network mapping, wireless scanners/cracker, password cracker, vulnerability scanner, configuration compliance scanner, exploitation frameworks, data sanitization tools, steganography tools, honeypot, backup utilities, banner grabbing, command-line tools, ping, netstat, tracert, nslookup/dig, ARP, ipconfig/ip/ifconfig, tcpdump, Nmap, and netcat
Given a scenario, analyze and interpret the output from security technologies: HIDS/HIPS, antivirus, file integrity check, host-based firewall, application whitelisting, removable media control, advanced malware tools, patch management tools, UTM...