0

All Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

CompTIA Security+: SY0-601 Certification Guide

You're reading from CompTIA Security+: SY0-601 Certification Guide Complete coverage of the new CompTIA Security+ (SY0-601) exam to help you pass on the first attempt

Product type Paperback

Published in Dec 2020

Publisher Packt

ISBN-13 9781800564244

Length 550 pages

Edition 2nd Edition

Languages

Python

Tools

Kali Linux

Concepts

Cybersecurity

Author (1):

Ian Neil

View More author details

Table of Contents (23) Chapters

Preface

1. Section 1: Security Aims and Objectives

2. Chapter 1: Understanding Security Fundamentals FREE CHAPTER

3. Chapter 2: Implementing Public Key Infrastructure

4. Chapter 3: Investigating Identity and Access Management

5. Chapter 4: Exploring Virtualization and Cloud Concepts

6. Section 2: Monitoring the Security Infrastructure

7. Chapter 5: Monitoring, Scanning, and Penetration Testing

8. Chapter 6: Understanding Secure and Insecure Protocols

9. Chapter 7: Delving into Network and Security Concepts

10. Chapter 8: Securing Wireless and Mobile Solutions

11. Section 3: Protecting the Security Environment

12. Chapter 9: Identifying Threats, Attacks, and Vulnerabilities

13. Chapter 10: Governance, Risk, and Compliance

14. Chapter 11: Managing Application Security

15. Chapter 12: Dealing with Incident Response Procedures

16. Section 4: Mock Tests

17. Chapter 13: Mock Exam 1

18. Mock Exam 1 Assessment

19. Chapter 14: Mock Exam 2

20. Mock Exam 2 Assessment

21. Assessment

22. Other Books You May Enjoy

Leave a review - let other readers know what you think

Insecure Protocols and Their Use Cases

In this section, we are going to look in detail at the different insecure protocols and their use cases.

Table_6.1

Let's look at each of them:

FTP: Transferring files is a common function. When we purchase an e-book, it is immediately available to download onto our Kindle. If I wish to upload files to a web server, I would use FTP on port 20, but the more common use is to download files using port 21, which is known as Passive FTP. The downside of using FTP is that the transfer is done using clear text, so a packet sniffer could view the information. It could be replaced by secure protocols such as SFTP or FTPS.
Telnet: This is a protocol that was first used in 1973 to run remote commands on devices such as routers. Unfortunately, the session is in clear text and therefore not secure. If you want to know whether port 25 is open on a mail server called Mail1, you could run telnet Mail1 25. It is no longer used...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at £13.99/month. Cancel anytime

Authors (1)

Ian Neil

Ian Neil

Ian Neil is one of the world's top trainers of Security+. He is able to break down information into manageable chunks so that people with no background knowledge can gain the skills required to become certified. He has recently worked for the US Army in Europe and designed a Security+ course that catered to people from all backgrounds (not just IT professionals), with an extremely successful pass rate. He is an MCT, MCSE, A+, Network+, Security+, CASP, and RESILIA practitioner that has worked with high-end training providers over the past 23 years and was one of the first technical trainers to train Microsoft internal staff when they opened their Bucharest Office in 2006.

See other products by Ian Neil

Other recommended products

Related to this chapter

CompTIA Security+ Practice Tests SY0-501

CompTIA Security+ Practice Tests SY0-501

The CompTIA Security+ exam is a valuable qualification for those seeking a career in Cybersecurity. This book is a great resource to test whether your knowledge base and skills align with the exam objectives.

Jan 2020 8h 24m

Security+® Practice Tests

Security+® Practice Tests

Get ready to pass your CompTIA Security+ certification exam with the elaborate and complete practice that Security+? Practice Tests will provide you. From detailed explanations of the six domains to full-length practice tests, you'll gain complete knowledge of what this test contains and how to ace it.

Oct 2019 13h 0m

Modern Cryptography for Cybersecurity Professionals

Modern Cryptography for Cybersecurity Professionals

Every minute of the day, there are petabytes of data exchanged between our homes, cars, businesses, and IoT devices. But just what exactly is involved when using cryptographic techniques? Modern Cryptography for Cybersecurity Professionals will help you to understand common cryptographic techniques and terms used today to secure our data.

Jun 2021 9h 32m

CISSP (ISC)² Certification Practice Exams and Tests

CISSP (ISC)² Certification Practice Exams and Tests

With over 1000 practice questions, explanations of all 8 domains, and 2 full exams, this book is a fantastic exam prep solution. Take the CISSP exam (version May 2021) confidently with the help of mock questions and detailed solutions and validate your skills with the CISSP (ISC)2 certification.

Sep 2021 13h 12m

CompTIA Network+ Certification Guide

CompTIA Network+ Certification Guide

CompTIA Network+ Certification Guide makes the most complex Network+ concepts easy to understand despite having no prior knowledge. It offers exam tips in every chapter along with access to practical exercises and exam checklist that map to the exam objectives and it is the perfect study guide to help you pass CompTIA Network+ exam.

Dec 2018 14h 4m

Cisco Certified CyberOps Associate 200-201 Certification Guide

Cisco Certified CyberOps Associate 200-201 Certification Guide

The Cisco Certified CyberOps Associate 200-201 certification exam helps you gain the skills and knowledge needed to prevent, detect, analyze, and respond to cybersecurity incidents. This book offers complete up-to-date coverage of the 200-201 exam so you can confidently pass first time while getting hands-on cybersecurity experience.

Jun 2021 22h 0m

CISA – Certified Information Systems Auditor Study Guide

CISA – Certified Information Systems Auditor Study Guide

CISA - Certified Information Systems Auditor Study Guide offers complete, up-to-date coverage of the CISA exam so you can take them with confidence, fully equipped to pass first time. Written in a clear, succinct way with self-assessment questions, exam tips and mock exams with detailed answer explanations, this book covers all 5 domains of CISA certification.

Aug 2020 19h 40m

Learn Penetration Testing

Learn Penetration Testing

A penetration test, also known as a pen test, is a simulated cyberattack against your computer system to check for exploitable vulnerabilities. In the context of web application security, penetration testing is commonly used to augment a web application firewall (WAF). This book teaches you various penetration testing techniques in order to become a proficient Penetration tester.

May 2019 14h 8m

Practical Cyber Intelligence

Practical Cyber Intelligence

Cyber intelligence is the missing link between your cyber defense operation teams, threat intelligence, and IT operations to provide your organization with a full spectrum of defensive capabilities. This book kicks off with the need for cyber intelligence and why it is required in terms of a defensive framework.

Mar 2018 10h 44m

CCNA Security 210-260 Certification Guide

CCNA Security 210-260 Certification Guide

With a CCNA Security certification, you can demonstrate the skills required to develop a security infrastructure, recognize threats to networks, and mitigate security threats. Geared towards Cisco Security, the practical aspects of this book will help you clear the CCNA Security Exam (210-260) by increasing your knowledge of Network Security.

Jun 2018 17h 16m

Hands-On Penetration Testing with Kali NetHunter

Hands-On Penetration Testing with Kali NetHunter

Kali NetHunter is a free-to-use version of Kali that allows for extreme mobility, flexibility and raw power that can be installed and executed on a range of smartphones and tablets. In this book, you will explore Kali NetHunter from different angles in an effort to familiarize and use the distribution to pentest and secure an environment.

Feb 2019 10h 4m

Learn Kali Linux 2019

Learn Kali Linux 2019

The current trend of various hacking and security breaches displays how important it has become to pentest your environment, to ensure end point protection. This book will take you through the latest version of Kali Linux to efficiently deal with various crucial security aspects such as confidentiality, integrity, access control and authentication.

Nov 2019 18h 20m

Personalised recommendations for you

Based on your interests and search pattern

Cloud Security Handbook

Cloud Security Handbook

This book provides complete coverage of every cloud security aspect—from initial design to ongoing maintenance. Packed with best practices, it helps you smoothly transition to the public cloud, while keeping your environments secure and compliant.

Apr 2025 16h 4m

CompTIA CySA+ (CS0-003) Certification Guide

CompTIA CySA+ (CS0-003) Certification Guide

Prepare for CompTIA CySA+ (CS0-003) exam with this study guide—covering security ops, incident response, and vulnerability management in depth to level up your cybersecurity career. Includes exam-style questions, 2 practice tests, and flashcards.

Apr 2025 24h 44m

Cyber Security Kill Chain - Tactics and Strategies

Cyber Security Kill Chain - Tactics and Strategies

Learn how the cyber kill chain, a structured model that outlines the stages of a cyberattack, guides you through understanding threat actor behaviors and bolstering their ability to defend against evolving cyber threats.

May 2025 10h 16m