Search icon Close icon
Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Checkout

Change country

Modal Close icon
Country selected Country selected
country flag United States
Country selected
country flag Great Britain
Country selected
country flag India
Country selected
country flag Germany
Country selected
country flag France
Country selected
country flag Canada
Country selected
country flag Russia
Country selected
country flag Spain
Country selected
country flag Brazil
Country selected
country flag Australia
Country selected
country flag South Africa
Country selected
country flag Thailand
Country selected
country flag Ukraine
Country selected
country flag Switzerland
Country selected
country flag Slovakia
Country selected
country flag Luxembourg
Country selected
country flag Hungary
Country selected
country flag Romania
Country selected
country flag Denmark
Country selected
country flag Ireland
Country selected
country flag Estonia
Country selected
country flag Belgium
Country selected
country flag Italy
Country selected
country flag Finland
Country selected
country flag Cyprus
Country selected
country flag Lithuania
Country selected
country flag Latvia
Country selected
country flag Malta
Country selected
country flag Netherlands
Country selected
country flag Portugal
Country selected
country flag Slovenia
Country selected
country flag Sweden
Country selected
country flag Argentina
Country selected
country flag Colombia
Country selected
country flag Ecuador
Country selected
country flag Indonesia
Country selected
country flag Mexico
Country selected
country flag New Zealand
Country selected
country flag Norway
Country selected
country flag South Korea
Country selected
country flag Taiwan
Country selected
country flag Turkey
Country selected
country flag Czechia
Country selected
country flag Austria
Country selected
country flag Greece
Country selected
country flag Isle of Man
Country selected
country flag Bulgaria
Country selected
country flag Japan
Country selected
country flag Philippines
Country selected
country flag Poland
Country selected
country flag Singapore
Country selected
country flag Egypt
Country selected
country flag Chile
Country selected
country flag Malaysia
Country selected
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
CompTIA Security+ Certification Guide

You're reading from   CompTIA Security+ Certification Guide Master IT security essentials and exam topics for CompTIA Security+ SY0-501 certification

Arrow left icon
Product type Paperback
Published in Sep 2018
Publisher Packt
ISBN-13 9781789348019
Length 532 pages
Edition 1st Edition
Concepts
Arrow right icon
Author (1):
Arrow left icon
Ian Neil Ian Neil
Author Profile Icon Ian Neil
Ian Neil
LinkedIn
Ian Neil is one of the world's top trainers of Security+. He is able to break down information into manageable chunks so that people with no background knowledge can gain the skills required to become certified. He has recently worked for the US Army in Europe and designed a Security+ course that catered to people from all backgrounds (not just IT professionals), with an extremely successful pass rate. He is an MCT, MCSE, A+, Network+, Security+, CASP, and RESILIA practitioner that has worked with high-end training providers over the past 23 years and was one of the first technical trainers to train Microsoft internal staff when they opened their Bucharest Office in 2006.
Read more
See other products by Ian Neil
Arrow right icon
View More author details
Toc

Table of Contents (22) Chapters Close

Title Page
Packt Upsell
Contributor
Preface
1. Understanding Security Fundamentals FREE CHAPTER 2. Conducting Risk Analysis 3. Implementing Security Policies and Procedures 4. Delving into Identity and Access Management 5. Understanding Network Components 6. Understanding Cloud Models and Virtualization 7. Managing Hosts and Application Deployment 8. Protecting Against Attacks and Vulnerabilities 9. Implementing the Public Key Infrastructure 10. Responding to Security Incidents 11. Managing Business Continuity 12. Mock Exam 1
13. Mock Exam 2
1. Preparing for the CompTIA Security+ 501 Exam 2. Acronyms
3. Assessment 4. Other Books You May Enjoy Index

Index

A

  • AAA servers
    • about / Authentication, authorization, and accounting (AAA) servers
    • authentication / Authentication
  • Acceptable Use Policy (AUP) / Policies and user guides
  • Access Control List (ACL)
    • for network devices / Access control list– network devices
  • access controls
    • identification / Access controls
    • authentication / Access controls
    • authorization / Access controls
    • discretionary access control / Discretionary access control
    • least privilege / Least privilege
    • Mandatory Access Control (MAC) / Mandatory access control
    • Linux permissions / Linux permissions (not SELinux)
    • role-based access control / Role-based access control
    • rule-based access control / Rule-based access control
    • attribute-based access control (ABAC) / Attribute-based access control
    • group-based access / Group-based access
  • account maintenance / Account maintenance
  • account monitoring / Account monitoring
  • account recertification / Account recertification
  • accounts
    • creating / Account creation
  • accounts disabling
    • employee leaving / Disabling an account
    • extended absence period / Disabling an account
    • guest account / Disabling an account
  • account types
    • user account / Account types
    • guest account / Account types
    • sponsored guest account / Account types
    • privilege account / Account types
    • administrative account / Account types
    • service account / Account types
    • shared account / Account types
    • generic accounts / Account types
  • Active Directory / Active Directory
  • ad-hoc network / Implementing wireless security
  • Address Resolution Protocol (ARP) / Application/service attacks
  • administrative controls
    • about / Administrative controls
    • annual security awareness training / Administrative controls
    • annual risk assessment / Administrative controls
    • penetration testing/vulnerability scanning / Administrative controls
    • change management / Administrative controls
  • Advanced Encryption Standard (AES) / Symmetric algorithms
  • advanced persistent threat / Threat actors
  • adware / Virus and malware attacks
  • aggregation switch / Aggregation switches
  • agreement types
    • Business Partnership Agreement (BPA) / Agreement types
  • Air gaps / Segregation/segmentation/isolation
  • alternative control / Compensating controls
  • amplification attack / Application/service attacks
  • Annual Loss Expectancy (ALE) / Calculating loss
  • Annual Rate of Occurrence (ARO) / Calculating loss
  • application/service attacks
    • Denial of Service Attack (DoS) / Application/service attacks
    • Distributed Denial of Service Attacks (DDoS) / Application/service attacks
    • amplification attack / Application/service attacks
    • Man-in-the Middle (MIM) attack / Application/service attacks
    • Man-in-the Browser (MITB) attack / Application/service attacks
    • Padding Oracle on Downgraded Legacy Encryption (POODLE) / Application/service attacks
    • replay attack / Application/service attacks
    • zero day attack / Application/service attacks
    • pass the hash attack / Application/service attacks
    • domain hijacking / Application/service attacks
    • DNS poisoning / Application/service attacks
    • DNSSEC / Application/service attacks
    • ARP poisoning / Application/service attacks
    • MAC spoofing attack / Application/service attacks
    • IP spoofing / Application/service attacks
    • privilege escalation / Application/service attacks
  • ARP poisoning / Application/service attacks
  • asset / Risk procedures and concepts
  • asymmetric algorithms
    • Diffie Hellman / Asymmetric algorithms
    • Rivest, Shamir, and Adelman (RSA) / Asymmetric algorithms
    • Digital Signature Algorithm (DSA) / Asymmetric algorithms
    • Elliptic Curve Cryptography (ECC) / Asymmetric algorithms
    • ephemeral keys / Asymmetric algorithms
    • Pretty Good Privacy (PGP) / Asymmetric algorithms
    • GnuPG / Asymmetric algorithms
  • asymmetric encryption
    • about / Encryption explained
    • versus symmetric encryption / Symmetric versus asymmetric analogy
  • asymmetric keys / Asymmetric – PKI
  • attacks
    • about / Common attacks
    • application/service attacks / Application/service attacks
    • programming attacks / Programming attacks
    • cryptographic attacks / Cryptographic attacks
  • Attribute-Based Access Control (ABAC) / Attribute-based access control
  • auditing / Policies and user guides
  • Authenticated Header (AH) / Remote access
  • authentication factors
    • multifactor authentication / Authentication factors
    • something you know / Authentication factors
    • something you have / Authentication factors
    • something you are / Authentication factors
    • something you do / Authentication factors
    • somewhere you are / Authentication factors
  • authentication methods
    • about / Authentication
    • Remote Access Services (RAS) / Authentication
    • authenticated for VPN/RAS / Authentication
    • Password Authentication Protocol (PAP) / Authentication
    • Challenge Handshake and Response (CHAP) / Authentication
    • MS CHAP/MSCHAP version 2 / Authentication
  • authentication protocol
    • reference / Nonce
  • authority / Social engineering attacks
  • Automated Private IP Address (APIPA) / IP version 4 lease process – troubleshooting

B

  • backdoor / Virus and malware attacks
  • backup
    • full backup / Backup types
    • types / Backup types
    • incremental / Backup types
    • differential backup / Backup types
  • backup utilities / Backup utilities
  • banner grabbing / Backup types
  • baseline
    • creating / Practical – creating a baseline
  • BCRYPT / Key stretching algorithms
  • binary digit
    • reference / Cipher modes
  • biometrics
    • fingerprint scanner / Biometrics
    • retina scanner / Biometrics
    • iris scanner / Biometrics
    • voice recognition / Biometrics
    • facial recognition / Biometrics
  • birthday paradox / Cryptographic attacks
  • black box testing / Penetration testing
  • block cipher
    • about / Cipher modes
    • versus stream cipher / Stream versus block cipher analogy
  • Blowfish / Symmetric algorithms
  • bluejacking / Hijacking related attacks
  • bluesnarfing / Hijacking related attacks
  • botnet / Virus and malware attacks
  • Bring Your Own Device (BYOD)
    • about / Personnel management—policies and procedures, Policies and user guides, Bring your own device
    • Acceptable Use Policy (AUP) / Bring your own device
    • onboarding policy / Bring your own device
    • offboarding policy / Bring your own device
  • Brute force attack / Password attacks
  • buffer overflow / Example 2—Javascript—setting the day of the month
  • business impact analysis (BIA)
    • about / Business impact analysis concepts
    • financial loss factors / Business impact analysis concepts
    • impact factors / Business impact analysis concepts
    • concepts / Business impact analysis concepts
    • loss, calculating / Calculating loss
    • example / Example
  • Business Impact Analysis (BIA) / Disaster recovery and continuity of operations concepts
  • Business Partnership Agreement (BPA) / Agreement types

C

  • caching
    • purpose / Proxy server
    • active caching / Proxy server
    • about / Proxy server
    • transparent cache / Proxy server
    • non-transparent cache / Proxy server
    • application proxy / Proxy server
  • certificate-based authentication
    • smart card / Certification-based authentication
    • Common Access Card (CAC) / Certification-based authentication
    • Personal Identity Verification (PIV) / Certification-based authentication
  • certificate architect / Certificate hierarchy
  • Certificate Authority (CA)
    • about / Certificate hierarchy
    • online CA / Certificate hierarchy
    • offline CA / Certificate hierarchy
    • public CA / Certificate hierarchy
    • private CA / Certificate hierarchy
  • certificate chaining / Certificate hierarchy
  • certificate management concepts
    • about / Certificate management concepts
    • key escrow / Certificate management concepts
    • Hardware Security Module (HSM) / Certificate management concepts
    • Data Recovery Agent (DRA) / Certificate management concepts
  • certificate pinning / Certificate hierarchy
  • Certificate Revocation List (CRL) / Certificate hierarchy, Certificate validity
  • certificates
    • about / Certificate management concepts
    • formats / Certificate management concepts
    • self-signed certificate / Certificate types
    • wildcard certificates / Certificate types
    • domain-validated certificate (DV) / Certificate types
    • Subject Alternative Name (SAN) / Certificate types
    • computer/machine / Certificate types
    • extended validation / Certificate types
  • Certificate Signing Request (CSR) / Certificate management concepts
  • certificate stapling / Certificate validity
  • certificate trust
    • about / Certificate trust
    • trust anchor / Certificate trust
    • trust model / Certificate trust
    • hierarchical trust model / Certificate trust
    • bridge trust model / Certificate trust
    • certificate chaining / Certificate trust
  • certificate validity / Certificate validity
  • Challenge Handshake and Response (CHAP) / Authentication
  • Change Advisory Board (CAB) / Administrative controls
  • change management / Policies and user guides
  • Change Management Board (CMB) / Policies and user guides
  • Choose Your Own Device (CYOD) / Choose your own device
  • Christmas tree attack / Programming attacks
  • CIA triad
    • about / CIA triad concept
    • confidentiality / CIA triad concept
    • integrity / CIA triad concept
    • availability / CIA triad concept
  • Cipher Block Chaining (CBC) / Stream versus block cipher analogy
  • cipher modes
    • stream cipher / Cipher modes
    • block cipher / Cipher modes
  • ciphertext
    • reference / Cipher modes
  • clickjacking / Hijacking related attacks
  • cloud-based e-mail / Cloud-based email
  • cloud access security broker (CASB) / Implementing different cloud deployment models
  • cloud computing
    • about / Cloud computing
    • features / Cloud computing
  • cloud computing reference architecture (CCRA) / Industry standard frameworks and reference architecture
  • cloud deployment models
    • about / Implementing different cloud deployment models
    • public cloud / Implementing different cloud deployment models
    • private cloud / Implementing different cloud deployment models
    • community cloud / Implementing different cloud deployment models
    • hybrid cloud / Implementing different cloud deployment models
  • cloud service models
    • about / Cloud service models
    • Infrastructure as a service (IaaS) / Cloud service models
    • distributive allocation / Cloud service models
    • Software as a service (SaaS) / Cloud service models
    • Goldmine / Cloud service models
    • Salesforce / Cloud service models
    • Office 365 / Cloud service models
    • Platform as a service (PaaS) / Cloud service models
    • Security as a service (SECaaS) / Cloud service models
  • cloud service provider (CSP) / Cloud computing
  • cloud storage / Understanding cloud storage concepts
  • clustering / Clustering
  • collector / Sensor/collector
  • collision / Collision
  • command-line tools
    • about / Command-line tools
    • Internet Control Message Protocol (ICMP) / Command-line tools
    • ping / Command-line tools
    • continuous ping / Command-line tools
    • Netstat / Command-line tools
    • Tracert / Command-line tools
    • nslookup / Command-line tools
    • Dig / Command-line tools
    • Address Resolution Protocol (ARP) / Command-line tools
    • Nmap / Command-line tools
    • Netcat / Command-line tools
  • Common Access Card (CAC) / Certification-based authentication
  • common practices, account management
    • account types / Account types
    • account creation / Account creation
    • employees moving departments / Employees moving departments
    • accounts, disabling / Disabling an account
    • account recertification / Account recertification
    • account maintenance / Account maintenance
    • account monitoring / Account monitoring
    • Security Information and Event Management (SIEM) / Security Information and Event Management
    • group based access control / Group based access control
    • credential management / Credential management
  • community cloud / Implementing different cloud deployment models
  • compensating controls / Compensating controls
  • competitor / Threat actors
  • computer virus
    • reference / Social engineering attacks
  • configuration compliance scanner / Software tools to assess the security posture of an organization
  • connection methods, mobile devices
    • cellular / Mobile device connection methods
    • Wi-Fi / Mobile device connection methods
    • Bluetooth / Mobile device connection methods
    • Near Field Communication (NFC) / Mobile device connection methods
    • infrared / Mobile device connection methods
    • USB / Mobile device connection methods
    • Secure Satellite Communications (SATCOM) / Mobile device connection methods
    • ANT / Mobile device connection methods
  • continuity of operations / Disaster recovery and continuity of operations concepts
  • Corporate-Owned Personally-Enabled (COPE) / Corporate-owned personally-enabled
  • corrective controls / Corrective controls
  • Counter Mode (CTR) / Stream versus block cipher analogy
  • credentialed scans
    • versus non-credentialed scans / Credentialed versus non-credentialed scans
  • credential management
    • about / Credential management
    • user account reviews / User account reviews
    • password policy / Practical exercise – password policy
  • Cross-site request forgery (XSRF)
    • about / Programming attacks
    • reference / Programming attacks
  • Cross-site scripting (XSS) / Programming attacks
  • Crossover Error Rate / Biometrics
  • crypto-malware / Virus and malware attacks
  • cryptographic attacks
    • about / Cryptographic attacks
    • birthday / Cryptographic attacks
    • rainbow tables / Cryptographic attacks
    • collision attack / Cryptographic attacks
    • salting passwords / Cryptographic attacks
    • key stretching / Cryptographic attacks
  • cryptography
    • use cases / Common use cases for cryptography, Supporting confidentiality, Supporting integrity, Supporting obfuscation, High resiliency, Resource versus security constraints
  • cryptography algorithms
    • characteristics / Cryptography algorithms and their characteristics
  • Crypto module / Crypto module
  • crypto service provider / Crypto service provider
  • customer relationship management (CRM) / Cloud service models

D

  • data
    • destroying / Destroying data and sanitizing media 
    • roles / Data roles
    • protecting / Protecting data
  • Data-Loss Prevention (DLP) / Policies and user guides, Data-loss prevention, Mobile device connection methods, Protecting data, Implementation versus algorithm
  • data-retention policy / Policies and user guides
  • Data Encryption Standard (DES) / Symmetric algorithms
  • data retention / Data retention – legal and compliance
  • data sanitization tools / Software tools to assess the security posture of an organization
  • data security
    • implementing / Implementing data security and privacy practices
  • data sensitivity
    • labeling / Data sensitivity labeling and handling
    • handling / Data sensitivity labeling and handling
  • DDoS mitigator / DDoS mitigator
  • defense in depth / Defense in depth model
  • Demilitarized Zone (DMZ) / Secure network architecture concepts
  • Denial of Service Attack (DoS) / Virus and malware attacks, Application/service attacks
  • deployment models
    • Bring Your Own Device (BYOD) / Bring your own device
    • Choose Your Own Device (CYOD) / Choose your own device
    • Corporate-Owned Personally-Enabled (COPE) / Corporate-owned personally-enabled
    • Virtual Desktop Infrastructure (VDI) / Virtual desktop infrastructure
  • detection modes, IDS
    • signature-based / Modes of detection
    • anomaly-based / Modes of detection
    • heuristic/behavioral-based / Modes of detection
  • detective controls
    • CCTV / Detective controls
    • log files / Detective controls
  • deterrent controls / Deterrent controls
  • device management / Device management
  • Diameter / Authentication, authorization, and accounting (AAA) servers
  • dictionary attack / Password attacks
  • Diffie-Hellman (DH) groups / Encryption explained
  • Diffie Hellman / Encryption explained, Symmetric algorithms, Asymmetric algorithms
  • digital signature / Hashing and data integrity, Digital signature explained
  • Digital Signature Algorithm (DSA) / Asymmetric algorithms
  • Directory Services use case
    • DC / Directory services – use case
    • OU / Directory services – use case
    • about / Directory services – use case
    • CN / Directory services – use case
  • disaster recovery
    • about / Disaster recovery and continuity of operations concepts
    • aspects / Disaster recovery and continuity of operations concepts
    • Business Impact Analysis (BIA) / Disaster recovery and continuity of operations concepts
    • recovery sites / Disaster recovery and continuity of operations concepts
    • order of restoration / Disaster recovery and continuity of operations concepts
    • geographic considerations / Disaster recovery and continuity of operations concepts
    • data sovereignty / Disaster recovery and continuity of operations concepts
    • legal implications / Disaster recovery and continuity of operations concepts
    • continuity of operations, planning / Disaster recovery and continuity of operations concepts
    • exercises / Disaster recovery and continuity of operations concepts
    • after-action reports / Disaster recovery and continuity of operations concepts
    • failover / Disaster recovery and continuity of operations concepts
    • alternate processing sites / Disaster recovery and continuity of operations concepts
    • alternate business practices / Disaster recovery and continuity of operations concepts
  • disaster recovery, exercises
    • tabletop exercise / Disaster recovery and continuity of operations concepts
    • structured walkthrough / Disaster recovery and continuity of operations concepts
  • discretionary access control / Discretionary access control
  • disk resiliency / Disk resiliency and redundancy
  • Distributed Denial of Service (DDOS) / DDoS mitigator, Application/service attacks
  • distributive allocation / Cloud service models
  • DMZ device placement / DMZ device placement
  • DNS poisoning / Application/service attacks
  • DNSSEC / Application/service attacks
  • domain-validated certificate (DV) / Certificate types
  • domain hijacking / Application/service attacks
  • domain name
    • reference / Certificate types
  • driver manipulation
    • about / Driver manipulation
    • shimming / Driver manipulation
    • refactoring / Driver manipulation
  • dumpster diving / Social engineering attacks
  • Dynamic Link Library (DLL) injection / Programming attacks

E

  • e-mail spam
    • reference / Social engineering attacks
  • EAP-TTLS / Wireless authentication protocols
  • Electronic Code Book (ECB) / Stream versus block cipher analogy
  • Elliptic Curve Cryptography (ECC) / Asymmetric algorithms
  • Elliptic Curve Diffie Hellman Ephemeral (ECDHE) / Asymmetric – ephemeral keys
  • email use case
    • about / Email – use case
    • Simple Mail Transport Protocol (SMTP) / Email – use case
    • Simple Mail Transfer Protocol Secure (SMTPS) / Email – use case
    • Post Office Protocol 3 (POP3) / Email – use case
    • Internet Message Access Protocol version 4 (IMAP4) / Email – use case
    • Web Mail (HTTPS) / Email – use case
    • Secure/Multipurpose Internet Mail Extensions(S/MIME) / Email – use case
  • Encapsulated Payload (ESP) / Remote access
  • encryption / Encryption explained
  • encryption methods
    • hardware root of trust / Hardware/firmware security
    • Full Disk Encryption (FDE) / Hardware/firmware security
    • Trusted Platform Module (TPM) / Hardware/firmware security
    • Hardware Security Module (HSM) / Hardware/firmware security
    • supply chain / Hardware/firmware security
    • Electromagnetic Interference (EMI) / Hardware/firmware security
    • Electromagnetic Pulse (EMP) / Hardware/firmware security
  • environmental threat / Threat assessment
  • Ephemeral (DHE) / Asymmetric – ephemeral keys
  • ephemeral keys / Asymmetric algorithms, Asymmetric – ephemeral keys
  • evil twin / Wireless attacks
  • exploitation frameworks / Software tools to assess the security posture of an organization
  • extended validation certificate / Certificate types
  • external threat / Threat assessment

F

  • facial recognition / Biometrics
  • factor examples
    • single factor / Number of factor examples
    • two factor / Number of factor examples
    • multifactor / Number of factor examples
  • False Acceptance Rate (FAR) / Biometrics
  • False Rejection Rate (FRR) / Biometrics
  • FAT controller / Wireless access points – controllers
  • federation services
    • about / Federation services
    • authentication / Federation services
    • exchange of extended attributes / Federation services
  • File Checksum Integrity Verifier (FCIV) / Importance of secure staging deployment concepts
  • File Transfer Protocol (FTP) / File transfer – use case
  • File Transfer Protocol Secure (FTPS) / File transfer – use case
  • file transfer use case / File transfer – use case
  • fingerprint scanner / Biometrics
  • fire-suppression systems / Corrective controls
  • firewall
    • about / Firewall
    • host-based firewall / Firewall
    • network-based firewall / Firewall
    • stateful firewall / Firewall
    • stateless firewall / Firewall
    • Web Application Firewall (WAF) / Firewall
    • Unified Threat Management Firewall (UTM) / Firewall
  • forensics
    • basic concepts / Understanding the basic concepts of forensics
    • example / Five minute practical
  • Full Device Encryption (FDE) / Protecting data
  • Fully Qualified Domain Name (FQDN) / Hostname, Certificate types

G

  • Galois/Counter Mode (GCM) / Stream versus block cipher analogy
  • General Data Protection Regulation (GDPR) / Types of frameworks
  • general security policies
    • about / General security policies
    • social media networks/applications / General security policies
    • personal email / General security policies
  • Ghost RAT / Virus and malware attacks
  • Global Positioning System (GPS) / Device protection
  • GnuPG / Asymmetric algorithms
  • Goldmine / Cloud service models
  • gray box testing / Penetration testing
  • group-based access / Group-based access
  • guest wireless network / Implementing wireless security

H

  • hacktivist / Threat actors
  • hardware/firmware security
    • about / Hardware/firmware security
    • operating systems / Operating systems
    • IT systems, securing / Securing IT systems
    • peripherals / Peripherals
  • Hardware Security Module (HSM) / Hardware security module, Certificate management concepts
  • hashing
    • about / Hashing and data integrity, Hashing and data integrity
    • example / Hash exercise, Hashing and data integrity
  • hashing algorithm / Hashing algorithms
  • Health Authority (HAuth) / Network access control (NAC)
  • Health Insurance Portability and Accountability Act of 1996 (HIPAA) / Types of frameworks
  • Heating, ventilation and Air-Conditioning (HVAC) / Physical controls, Heating, ventilation, and air-conditioning
  • hijacking related attacks
    • bluejacking / Hijacking related attacks
    • bluesnarfing / Hijacking related attacks
    • session hijacking / Hijacking related attacks
    • URL hijacking / Hijacking related attacks
    • typosquatting / Hijacking related attacks
    • clickjacking / Hijacking related attacks
  • HMAC-based One-Time Password (HOTP) / Security tokens and devices
  • HMAC authentication / Hashing and data integrity
  • hoax / Social engineering attacks
  • honeypot / Honeypot, Software tools to assess the security posture of an organization
  • host-based firewall / Firewall
  • host bus adapters (HBAs)
    • reference / Storage area network
  • hostname resolution
    • about / Hostname
    • DNS cache / Hostname
    • hosts file / Hostname
    • DNS server / Hostname
    • root/.com server / Hostname
  • hybrid attack / Password attacks
  • hybrid cloud / Implementing different cloud deployment models
  • Hypertext Transfer Protocol (HTTP) / Web – use case
  • Hypertext Transfer Protocol Secure (HTTPS) / Web – use case
  • hypervisors
    • type 1 hypervisor / Exploring virtual networks
    • type 2 hypervisor / Exploring virtual networks

I

  • identity and access management (IAM) / Cloud service models
  • identity and access management concepts
    • about / Understanding identity and access management concepts
    • passwords / Passwords
    • default/administrator's password / Default/administrator password
    • password group policy / Passwords—group policy
    • password recovery / Password recovery
    • authentication factors / Authentication factors
    • factor examples / Number of factor examples
    • transitive trust / Transitive trust
    • federation services / Federation services
    • Shibboleth / Shibboleth
    • single sign-on / Single sign-on
  • identity and access management controls
    • about / Learning about Identity and access management controls
    • biometrics / Biometrics
    • security tokens / Security tokens and devices
    • certification-based authentication / Certification-based authentication
    • port-based authentication / Port-based authentication
  • identity and access services
    • installing / Installing and configuring identity and access services
    • configuring / Installing and configuring identity and access services
    • LDAP / LDAP
    • Kerberos / Kerberos
    • AAA servers / Authentication, authorization, and accounting (AAA) servers
  • impersonation / Social engineering attacks
  • incident response
    • procedures / Incident response procedures
    • procedure / Incident response procedures
    • process / Incident response process
  • industry standard frameworks / Industry standard frameworks and reference architecture
  • Information technology (IT) / Administrative controls
  • Information Technology Infrastructure Library (ITIL) / Types of frameworks
  • Infrastructure as a service (IaaS) / Cloud service models
  • infrastructure wireless network / Implementing wireless security
  • Initialization Vector (IV) / Stream versus block cipher analogy
  • input validation / Example 2—Javascript—setting the day of the month
  • insider threat / Threat actors
  • integer overflow / Example 2—Javascript—setting the day of the month
  • Interconnection Security Agreement (ISA / Agreement types
  • intermediary authority / Certificate hierarchy
  • internal threat / Threat assessment
  • International Financial Reporting Standards Foundation (IFRS) / Types of frameworks
  • International Standard Organization (ISO) / Industry standard frameworks and reference architecture
  • International Telecommunications Union (ITU) X500 objects format / Directory services – use case
  • International Telecommunication Union (ITU) / LDAP
  • internet-based open source authentication
    • about / Internet-based open source authentication
    • OAuth 2.0 / Internet-based open source authentication
    • Open ID Connect / Internet-based open source authentication
  • Internet Control Message Protocol (ICMP) / OSI – reference model
  • Internet Information Server / Security configuration guides – web servers
  • Internet Key Exchange (IKE) / IPSec – handshake, Asymmetric algorithms
  • Internet Message Access Protocol version 4 (IMAP4) / Email – use case
  • Internet Protocol (IP) / OSI – reference model
  • Internet Standards Organization (ISO) / OSI – reference model
  • Intrusion-Detection System (IDS)
    • about / Intrusion-detection system
    • detection modes / Modes of detection
    • operation modes / Modes of operation
  • Intrusion-Prevention Systems (IPS) / Intrusion-prevention system
  • IPSec
    • about / IPSec
    • handshake / IPSec – handshake
    • tunnel mode / IPSec – handshake
    • transport mode / IPSec – handshake
  • IP spoofing / Application/service attacks
  • iris scanner / Biometrics
  • IT systems, securing
    • default accounts/passwords, disabling / Securing IT systems
    • unnecessary ports, disabling / Securing IT systems
    • services/least functionality, disabling / Securing IT systems
    • configurations, securing / Securing IT systems
    • application, whitelisting/blacklisting / Securing IT systems
    • patch management / Securing IT systems

J

  • jamming / Wireless attacks

K

  • Kerberos
    • about / Kerberos, Active Directory
    • Stratum Time Servers / Kerberos
    • single sign-on/mutual authentication / Kerberos
    • NT Lan Manager (NTLM) / Kerberos
    • internet-based open source authentication / Internet-based open source authentication
  • keyloggers / Virus and malware attacks
  • key stretching algorithms
    • BCRYPT / Key stretching algorithms
    • PBKDF2 / Key stretching algorithms

L

  • LAN device placement / LAN device placement
  • layer 3 switch / Layer 3 switch
  • least privilege / Least privilege
  • least privilege policy / Policies and user guides
  • Lightweight Directory Access Protocol (LDAP) / LDAP, Active Directory
  • Lightweight Directory Access Protocol Secure (LDAPS) / Active Directory
  • Linux permissions / Linux permissions (not SELinux)
  • load-balancer
    • about / Load balancer
    • least utilized host / Load balancer
    • affinity / Load balancer
    • DNS round robin / Load balancer
  • Local Area Network (LAN) / Secure network architecture concepts
  • logical separation / Segregation/segmentation/isolation
  • logical unit number (LUN) / Storage area network
  • logic bomb / Virus and malware attacks

M

  • machine certificate / Certificate types
  • MAC spoofing attack / Application/service attacks
  • Mail Gateway / Mail gateway
  • malware attacks / Virus and malware attacks
  • Man-in-the Browser (MITB) attack / Application/service attacks
  • Man-in-the Middle (MIM) attack / Application/service attacks
  • man-made threat / Threat assessment
  • Mandatory Access Control (MAC)
    • about / Mandatory access control
    • examples / Mandatory access control
  • Mean Time Between Failures (MTBF) / Business impact analysis concepts
  • Mean Time to Failure (MTTF) / Business impact analysis concepts
  • Mean Time to Repair (MTTR) / Business impact analysis concepts
  • media
    • sanitizing / Destroying data and sanitizing media 
  • Media Gateway / Media gateway, Voice and video – use case
  • Memorandum of Agreement (MOA) / Agreement types
  • Memorandum of Understanding (MOU) / Agreement types
  • Message Authentication Code (MAC) / Hashing and data integrity
  • Message Digest version 5 (MD5) / CIA triad concept, Hashing and data integrity
  • Microsoft Baseline Security Analyzer (MBSA)
    • about / Practical – creating a baseline
    • download link / Practical – creating a baseline
  • misconfigured devices
    • firewall / Misconfigured devices
    • troubleshooting / Misconfigured devices
    • content filter / Misconfigured devices
    • access points / Misconfigured devices
    • weak security configurations / Misconfigured devices
  • Mobile Device Management (MDM) / Destroying data and sanitizing media , Deploying mobile devices securely
  • mobile devices
    • deploying, securely / Deploying mobile devices securely
    • connection methods / Mobile device connection methods

N

  • name resolution use case
    • about / Name resolution – use case
    • hostname / Hostname
    • DNSSEC / DNSSEC
    • NETBIOS / NETBIOS
  • National Security Agency (NSA) / Mandatory access control
  • nation state / Threat actors
  • Near Field Communication (NFC) / Wireless attacks
  • network-based firewall
    • about / Firewall
  • Network Access Control
    • about / Network access control (NAC)
    • components / Network access control (NAC)
  • network address allocation use case
    • about / Network address allocation – use case
    • IP version 4 / IP version 4
    • IP version 4 lease process / IP version 4 – lease process
    • IP version 4 lease process, troubleshooting / IP version 4 lease process – troubleshooting
    • IP version 6 addressing / IP version 6 addressing
  • Network Address Translation / Network address translation
  • network components
    • installing / Installing and configuring network components
    • configuring / Installing and configuring network components
    • firewall / Firewall
    • router / Router
    • switch / Switch
    • proxy server / Proxy server
    • reverse proxy / Reverse proxy
    • remote access / Remote access
    • virtual private network, using L2TP/IPSec / Virtual private network using L2TP/IPSec
    • IPSec / IPSec
    • VPN concentrator / VPN concentrator
    • site-to-site VPN / Site-to-site VPN
    • VPN always on, versus VPN on demand / VPN always on versus on-demand
    • SSL VPN / SSL VPN
    • split tunnelling / Split tunnelling
    • load-balancer / Load balancer
    • clustering / Clustering
    • Data-Loss Prevention (DLP) / Data-loss prevention
  • network environments
    • on-premises / On-premises
    • hosted services / Hosted services
    • cloud-hosting services / Cloud-hosting services
  • network infrastructure device user guides
    • about / Network infrastructure device user guides
    • general purpose guides / General purpose guides
  • network load-balancer / Load balancer
  • network mapping / Software tools to assess the security posture of an organization
  • network scanner / Software tools to assess the security posture of an organization
  • New Technology File System (NTFS) file permissions / Discretionary access control
  • non-credentialed scans
    • versus credentialed scans / Credentialed versus non-credentialed scans
  • Non-Disclosure Agreement (NDA) / Agreement types
  • nonce / Nonce
  • NT Lan Manager (NTLM) / Kerberos, Application/service attacks

O

  • obfuscation / Obfuscation
  • Object Identified (OID) / Certificate hierarchy
  • OCSP stapling / Certificate validity
  • off-boarding policy / Policies and user guides
  • Office 365 / Cloud service models
  • offline CA / Certificate hierarchy
  • on-boarding policy / Policies and user guides
  • online CA / Certificate hierarchy
  • Online Certificate Status Protocol (OCSP) / Certificate validity
  • Open Systems Interconnection (OSI) reference model
    • about / OSI – reference model
    • application layer / OSI – reference model
    • presentation layer / OSI – reference model
    • session layer / OSI – reference model
    • transport layer / OSI – reference model
    • network layer / OSI – reference model
    • data-link layer / OSI – reference model
    • physical layer / OSI – reference model
  • Open Systems Interconnection model (OSI model) / OSI reference model
  • operating systems
    • network / Operating systems
    • server / Operating systems
    • workstation / Operating systems
    • appliance / Operating systems
    • Kiosk / Operating systems
    • trusted operating system / Operating systems
    • mobile OS / Operating systems
  • operation modes, IDS
    • inline / Modes of operation
    • passive / Modes of operation
  • organized crime / Threat actors

P

  • Padding Oracle on Downgraded Legacy Encryption (POODLE) / Application/service attacks
  • password attacks
    • about / Password attacks
    • dictionary attack / Password attacks
    • Brute force attack / Password attacks
    • hybrid attack / Password attacks
    • account lockout / Password attacks
    • minimum number of characters / Password attacks
    • login errors / Password attacks
    • weak implementations / Password attacks
  • Password Authentication Protocol (PAP) / Authentication
  • password crackers / Software tools to assess the security posture of an organization
  • password group policy
    • enforce password history / Passwords—group policy
    • password reuse / Passwords—group policy
    • minimum password age / Passwords—group policy
    • password must meet complexity requirements / Passwords—group policy
    • account lockout duration / Passwords—group policy
  • PBKDF2 / Key stretching algorithms
  • penetration testing
    • about / Penetration testing
    • versus vulnerability scanning / Penetration testing versus vulnerability scanning
  • penetration testing techniques
    • initial exploitation / Penetration testing techniques
    • active reconnaissance / Penetration testing techniques
    • passive reconnaissance / Penetration testing techniques
    • pivot / Penetration testing techniques
    • advanced persistent / Penetration testing techniques
    • escalation of privilege / Penetration testing techniques
  • perfect forward secrecy / Perfect forward secrecy
  • peripherals
    • vulnerabilities / Peripherals
    • wireless keyboards/wireless mice / Peripherals
    • displays / Peripherals
    • Wi-Fi enabled MicroSD cards / Peripherals
    • printers/MFDs / Peripherals
    • external storage device / Peripherals
    • digital cameras / Peripherals
  • Personal Identity Verification (PIV) / Certification-based authentication
  • Personally Identifiable Information (PII) / Privacy threshold assessment/privacy impact assessment, Social engineering attacks
  • Personally Identified Information (PII) / Policies and user guides
  • personnel management / Personnel management—policies and procedures
  • personnel security issues
    • policy violation / Personnel issues
    • insider threat / Personnel issues
    • social engineering / Personnel issues
    • social media / Personnel issues
    • personal e-mail / Personnel issues
  • phishing attacks / Social engineering attacks
  • physical controls
    • cable locks / Physical controls
    • laptop safe / Physical controls
    • biometric locks / Physical controls
    • fences/gates / Physical controls
    • burglar alarms / Physical controls
    • fire alarms/smoke detectors / Physical controls
    • lighting / Physical controls
    • security guards / Physical controls
    • mantraps / Physical controls
    • perimeter protection / Physical controls
    • internal protection / Physical controls
    • Faraday cage / Physical controls
    • key management / Physical controls
    • proximity card / Physical controls
    • tokens / Physical controls
    • environmental controls / Physical controls
    • AirGap / Physical controls
    • motion detection/cameras / Physical controls
    • Barricades / Physical controls
    • Bollards / Physical controls
  • physical segmentation/separation / Segregation/segmentation/isolation
  • Platform as a service (PaaS) / Cloud service models
  • policies
    • job rotation / Personnel management—policies and procedures
    • mandatory vacations / Personnel management—policies and procedures
    • separation of duties / Personnel management—policies and procedures
    • clean desk policy / Personnel management—policies and procedures
    • background checks / Personnel management—policies and procedures
    • exit interview / Personnel management—policies and procedures
    • acceptable user policy (AUP) / Personnel management—policies and procedures
    • rules of behavior / Personnel management—policies and procedures
    • adverse action / Personnel management—policies and procedures
    • about / Policies and user guides
  • policy violation / Policies and user guides
  • policy violations / Personnel management—policies and procedures
  • port-based authentication
    • about / Port-based authentication
    • 1EEE 802.1x / Port-based authentication
  • Port Address Translation / Port address translation
  • port mirror / Tap/port mirror
  • port server
    • URL filter / Proxy server
  • Post Office Protocol 3 (POP3) / Email – use case
  • Pretty Good Privacy (PGP) / Asymmetric algorithms
  • preventative controls / Preventative controls
  • Privacy Impact Assessment (PIA) / Privacy threshold assessment/privacy impact assessment
  • Privacy Threshold Assessment / Privacy threshold assessment/privacy impact assessment
  • private CA / Certificate hierarchy
  • private cloud / Implementing different cloud deployment models
  • privilege escalation / Application/service attacks
  • programming attacks
    • about / Programming attacks
    • Christmas tree attack / Programming attacks
    • Dynamic Link Library (DLL) injection / Programming attacks
    • Cross-site request forgery (XSRF) / Programming attacks
    • Cross-site scripting (XSS) / Programming attacks
    • buffer overflow / Example 2—Javascript—setting the day of the month
    • integer overflow / Example 2—Javascript—setting the day of the month
    • SQL injection attack / Example 2—Javascript—setting the day of the month
  • Protected Health Information (PHI) / Data sensitivity labeling and handling
  • protocol / Implementing secure protocols
  • protocol analyzer / Software tools to assess the security posture of an organization
  • protocols, for file transfers
    • File Transfer Protocol (FTP) / File transfer – use case
    • Secure FTP (SFTP) / File transfer – use case
    • Trivial File Transfer Protocol (TFTP) / File transfer – use case
    • File Transfer Protocol Secure (FTPS) / File transfer – use case
  • protocols, switching use case
    • 801. Ix / Switching – use case
    • port security / Switching – use case
    • flood guard / Switching – use case
    • VLAN / Switching – use case
    • Spanning Tree Protocol (STP) / Switching – use case
  • proxy server
    • about / Proxy server
    • content filter / Proxy server
    • webpage caching / Proxy server
  • pseudo-random
    • reference / Nonce
  • Pseudo Random Number Generator (PRNG) / Pseudo random number generator
  • public CA / Certificate hierarchy
  • public cloud / Implementing different cloud deployment models
  • Public Health Information (PHI) / Privacy threshold assessment/privacy impact assessment
  • public key infrastructure
    • about / Public key infrastructure concepts
    • certificate hierarchy / Certificate hierarchy
    • certificate trust / Certificate trust
    • certificate validity / Certificate validity
  • Public Key Infrastructure (PKI) / Email – use case

Q

  • qualitative risk analysis / Qualitative/quantitative risk analysis
  • quantitative risk analysis / Qualitative/quantitative risk analysis

R

  • RACE Integrity Primitives Evaluation Message Digest (RIPEMD)
    • reference / Hashing and data integrity
  • RADIUS clients / Authentication, authorization, and accounting (AAA) servers
  • RADIUS server / Authentication, authorization, and accounting (AAA) servers
  • RAID 0 / Redundant array of independent disks
  • RAID 1 / Redundant array of independent disks
  • RAID 5 / Redundant array of independent disks
  • RAID 6 / Redundant array of independent disks
  • RAID 10 / Redundant array of independent disks
  • rainbow tables / Cryptographic attacks
  • ransomware / Virus and malware attacks
  • Real Time Protocol (RTP) / Voice and video – use case
  • Recovery Point Object (RPO) / Business impact analysis concepts
  • recovery sites
    • hot site / Disaster recovery and continuity of operations concepts
    • warm site / Disaster recovery and continuity of operations concepts
    • cold site / Disaster recovery and continuity of operations concepts
  • Recovery Time Object (RTO) / Business impact analysis concepts
  • redundancy / Disk resiliency and redundancy
  • Redundant Array of Independent Disks (RAID) / Redundant array of independent disks
  • reference architecture / Industry standard frameworks and reference architecture
  • remote access
    • about / Remote access
    • Remote Access Server (RAS) / Remote access
    • Virtual Private Network (VPN) / Remote access
  • remote access policy / Policies and user guides
  • Remote Access Server (RAS) / Remote access, Remote access – use case
  • Remote Access Services (RAS) / Authentication
  • Remote Access Trojan (RAT) / Virus and malware attacks
  • remote access use case
    • about / Remote access – use case
    • Telnet / Remote access – use case
    • Secure Shell (SSH) / Remote access – use case
    • Remote Desktop Protocol (RDP) / Remote access – use case
    • Remote Access Server (RAS) / Remote access – use case
    • Virtual Private (VPN) / Remote access – use case
  • Remote Desktop Protocol (RDP) / Remote access – use case
  • replay attacks
    • about / Application/service attacks
    • reference / Nonce
  • retina scanner / Biometrics
  • reverse proxy / Reverse proxy
  • RFID / Wireless attacks
  • risk / Risk procedures and concepts
  • risk acceptance / Risk treatment
  • risk avoidance / Risk treatment
  • risk management / Risk management
  • risk mitigation / Risk treatment
  • risk register / Risk register
  • risk transference / Risk treatment
  • risk treatment / Risk treatment
  • Rivest, Shamir, and Adelman (RSA) / Asymmetric algorithms
  • Rivest Cipher 4 (RC4) / Symmetric algorithms
  • rogue access point / Wireless attacks
  • rogue system detection / Software tools to assess the security posture of an organization
  • role-based access control / Role-based access control
  • role-based awareness training / Role—based awareness training
  • rootkit / Virus and malware attacks
  • ROT 13 / Encryption explained
  • router
    • about / Router
    • Access Control List (ACL) / Router
    • anti-spoofing / Router
    • Intrusion-Prevention Systems (IPS) / Intrusion-prevention system
    • Intrusion-Detection System (IDS) / Intrusion-detection system
    • data monitoring / Monitoring data
  • routing
    • use case / Routing – use case
  • Rule-Based Access Control (RBAC) / Rule-based access control

S

  • Salesforce / Cloud service models
  • SAN certificate / Certificate types
  • sandboxing / Exploring virtual networks
  • script kiddie / Threat actors
  • Secure/Multipurpose Internet Mail Extensions(S/MIME) / Email – use case
  • Secure FTP (SFTP) / File transfer – use case
  • Secure Hash Algorithm version 1 (SHA1) / CIA triad concept, Hashing and data integrity
  • secure network architecture concepts
    • about / Secure network architecture concepts
    • Local Area Network (LAN) / Secure network architecture concepts
    • Demilitarized Zone (DMZ) / Secure network architecture concepts
    • Wide Area Network (WAN) / Secure network architecture concepts
    • Network Address Translation / Network address translation
    • Port Address Translation / Port address translation
    • Network Access Control / Network access control (NAC)
    • honeypot / Honeypot
    • Secure Socket Layer accelerators / Secure Socket Layer accelerators
    • SSL/TLS decryptor / SSL/TLS decryptor
    • sensor/collector / Sensor/collector
    • tap/port mirror / Tap/port mirror
    • DDoS mitigator / DDoS mitigator
    • segregation / Segregation/segmentation/isolation
    • isolation / Segregation/segmentation/isolation
    • segmentation / Segregation/segmentation/isolation
    • security device placement / Security device/technology placement
    • aggregation switches / Aggregation switches
  • secure protocols implementation
    • about / Implementing secure protocols
    • use case / Use case
  • Secure Real Time Protocol (SRTP) / Voice and video – use case
  • Secure Shell (SSH) / Remote access – use case
  • Secure Socket Layer (SSL) / Secure Socket Layer accelerators
  • secure staging deployment
    • importance / Importance of secure staging deployment concepts
    • sandboxing / Importance of secure staging deployment concepts
    • environment / Importance of secure staging deployment concepts
    • development / Importance of secure staging deployment concepts
    • test / Importance of secure staging deployment concepts
    • staging / Importance of secure staging deployment concepts
    • production / Importance of secure staging deployment concepts
    • secure baseline/integrity / Importance of secure staging deployment concepts
  • secure systems design
    • implementing / Implementing secure systems design
    • Basic Input Output System (BIOS) / Implementing secure systems design
    • Unified Extensible Firmware Interface (UEFI) / Implementing secure systems design
    • secure boot and attestation / Implementing secure systems design
  • security
    • through obscurity / Security through obscurity
  • Security + exam
    • frameworks / Types of frameworks
  • Security as a service (SECaaS) / Cloud service models
  • Security Assertion Mark-up Language (SAML) / Federation services
  • security configuration guides / Security configuration guides – web servers
  • security controls
    • identifying / Identifying security controls
    • administrative controls / Administrative controls
    • technical controls / Technical controls
    • physical controls / Physical controls
    • preventative controls / Preventative controls
    • deterrent controls / Deterrent controls
    • detective controls / Detective controls
    • corrective controls / Corrective controls
    • compensating controls / Compensating controls
    • access controls / Access controls
  • security device placement
    • about / Security device/technology placement
    • DMZ device placement / DMZ device placement
    • LAN device placement / LAN device placement
  • Security Identifier (SID) / Account types
  • Security Information and Event Management (SIEM)
    • about / Security Information and Event Management, Security information and event management
    • account management / Security Information and Event Management
    • account expiry / Security Information and Event Management
    • time and day restriction / Security Information and Event Management
    • account lockout / Security Information and Event Management
    • aggregation / Security information and event management
    • event correlation / Security information and event management
    • automated alerting and triggers / Security information and event management
    • time synchronization / Security information and event management
    • Mail Gateway / Mail gateway
    • cloud-based e-mail / Cloud-based email
    • Media Gateway / Media gateway
    • Hardware Security Module (HSM) / Hardware security module
    • Software-Defined Network (SDN) / Software-defined network
  • security issues
    • troubleshooting / Troubleshooting common security issues
    • unencrypted credentials/clear text / Troubleshooting common security issues
    • logs and events anomalies / Troubleshooting common security issues
    • permission issues / Troubleshooting common security issues
    • access violations / Troubleshooting common security issues
    • certificate issues / Troubleshooting common security issues
    • data exfiltration / Troubleshooting common security issues
    • asset management / Troubleshooting common security issues
    • authentication issues / Troubleshooting common security issues
  • security tokens
    • about / Security tokens and devices
    • Time-Based One-Time Password (TOTP) / Security tokens and devices
    • HMAC-based One-Time Password (HOTP) / Security tokens and devices
  • self-signed certificate / Certificate types
  • SELinux / Mandatory access control
  • Sensitive Personal Information (SPI) / Privacy threshold assessment/privacy impact assessment
  • sensor / Sensor/collector
  • Service-Level Agreement (SLA) / Agreement types
  • session hijacking / Hijacking related attacks
  • Session Initiated Protocol (SIP) / Voice and video – use case
  • Shibboleth / Shibboleth
  • shoulder surfing / Social engineering attacks
  • Simple Mail Transfer Protocol Secure (SMTPS) / Email – use case
  • Simple Mail Transport Protocol (SMTP) / Email – use case
  • Simple Network Management Protocol (SNMP) / Simple network management protocol – use case
  • Simple Network Management Protocol Version 3 (SNMP v 3) / Simple network management protocol – use case
  • Single Loss Expectancy (SLE) / Calculating loss
  • single sign-on / Single sign-on
  • site-to-site VPN / Site-to-site VPN
  • smart card / Compensating controls, Certification-based authentication
  • social engineering attacks
    • about / Social engineering attacks
    • phishing attacks / Social engineering attacks
    • spear phishing / Social engineering attacks
    • whaling / Social engineering attacks
    • vishing / Social engineering attacks
    • tailgating / Social engineering attacks
    • impersonation / Social engineering attacks
    • dumpster diving / Social engineering attacks
    • shoulder surfing / Social engineering attacks
    • hoax / Social engineering attacks
    • watering hole attack / Social engineering attacks
  • social proof / Social engineering attacks
  • Software-Defined Network (SDN) / Software-defined network
  • Software as a service (SaaS) / Cloud service models
  • software issues
    • unauthorized software / Software issues
    • baseline deviation / Software issues
    • license compliance violation / Software issues
  • software tools, for security posture of organization
    • protocol analyzer / Software tools to assess the security posture of an organization
    • network scanners / Software tools to assess the security posture of an organization
    • rogue system detection / Software tools to assess the security posture of an organization
    • network mapping / Software tools to assess the security posture of an organization
    • wireless scanners / Software tools to assess the security posture of an organization
    • wireless crackers / Software tools to assess the security posture of an organization
    • password cracker / Software tools to assess the security posture of an organization
    • vulnerability scanner / Software tools to assess the security posture of an organization
    • configuration compliance scanner / Software tools to assess the security posture of an organization
    • exploitation frameworks / Software tools to assess the security posture of an organization
    • data sanitization tools / Software tools to assess the security posture of an organization
    • steganography tools / Software tools to assess the security posture of an organization
    • honeypot / Software tools to assess the security posture of an organization
  • South-East-Distinguished-Visitor (SEDC) / Encryption explained
  • spear phishing / Social engineering attacks
  • Split Tunneling / Split tunnelling
  • spyware / Virus and malware attacks
  • SQL injection attack / Example 2—Javascript—setting the day of the month
  • SSL/TLS decryptor / SSL/TLS decryptor
  • SSL VPN / SSL VPN
  • Standard Operating Procedures (SOP) / Standard operating procedures
  • stateful firewall / Firewall
  • stateless firewall / Firewall
  • steganography / Steganography
  • steganography tools / Software tools to assess the security posture of an organization
  • storage area network (SAN) / Storage area network
  • Stored Procedure / Example 2—Javascript—setting the day of the month
  • stream cipher
    • about / Cipher modes
    • versus block cipher / Stream versus block cipher analogy
  • subscription services
    • use case / Subscription services – use case
  • substitution cipher / Encryption explained
  • supply chain risk assessment
    • about / Supply chain risk assessment
    • example / Example
  • switch
    • about / Switch
    • port security / Switch
    • 802.1x port security / Switch
    • flood guard / Switch
    • loop protection / Switch
    • layer 3 switch / Layer 3 switch
  • switches
    • reference / Storage area network
  • symmetric algorithms
    • about / Symmetric algorithms
    • Advanced Encryption Standard (AES) / Symmetric algorithms
    • Data Encryption Standard (DES) / Symmetric algorithms
    • Triple DES (3DES) / Symmetric algorithms
    • Rivest Cipher 4 (RC4 / Symmetric algorithms
    • Blowfish/Twofish / Symmetric algorithms
    • Diffie Hellman / Symmetric algorithms
    • modes of operation / Symmetric algorithm – modes of operation
  • symmetric encryption
    • about / Encryption explained
    • stream, versus block cipher / Symmetric encryption – stream versus block cipher
    • confusion / Symmetric encryption – confusion
    • secret algorithm / Symmetric encryption – secret algorithm
    • session keys / Symmetric – session keys
  • System File Checker (SFC) / Importance of secure staging deployment concepts

T

  • TACACS+ / Authentication, authorization, and accounting (AAA) servers
  • tailgating / Social engineering attacks
  • tap mirror / Tap/port mirror
  • TCP/IP model / TCP/IP model
  • technical controls
    • about / Technical controls
    • firewall rules / Technical controls
    • antivirus/antimalware / Technical controls
    • screen savers / Technical controls
    • screen filters / Technical controls
    • Intrusion Prevention Systems (IPS)/Intrusion Detection Systems (IDS) / Technical controls
  • Telnet / Remote access – use case
  • thin controller / Wireless access points – controllers
  • threat
    • about / Risk procedures and concepts
    • environmental threat / Threat assessment
    • man-made threat / Threat assessment
    • internal threat / Threat assessment
  • threat actors
    • about / Threat actors
    • hackavist / Threat actors
    • competitor / Threat actors
    • script kiddie / Threat actors
    • nation state / Threat actors
    • advanced persistent threat / Threat actors
    • organized crime / Threat actors
    • insider threat / Threat actors
  • threat assessment / Threat assessment
  • Time-Based One-Time Password (TOTP) / Security tokens and devices
  • time synchronization
    • use case / Time synchronization – use case
  • transitive trust / Transitive trust
  • Transmission Control Protocol (TCP) / Implementing secure protocols
  • Transport Layer Security (TLS)
    • about / SSL VPN, Web – use case
    • reference / Certificate types
  • Triple DES (3DES) / Symmetric algorithms
  • Trivial File Transfer Protocol (TFTP) / File transfer – use case
  • Trojans / Virus and malware attacks
  • troubleshooting, security issues
    • about / Troubleshooting common security issues
    • misconfigured devices / Misconfigured devices
    • personnel issues / Personnel issues
    • software issues / Software issues
  • Twofish / Symmetric algorithms
  • typosquatting / Hijacking related attacks

U

  • Unified Threat Management Firewall (UTM) / Firewall
  • URL hijacking / Hijacking related attacks
  • use cases, secure protocols implementation
    • file transfer / Use case
    • remote access / Remote access – use case
    • email / Email – use case
    • name resolution / Name resolution – use case
    • web / Web – use case
    • voice and video / Voice and video – use case
    • network address allocation / Network address allocation – use case
    • subscription services / Subscription services – use case
    • routing / Routing – use case
    • time synchronization / Time synchronization – use case
    • Directory Services / Directory services – use case
    • switching / Switching – use case
    • simple network management protocol / Simple network management protocol – use case
  • user-extended attributes / Federation services
  • user certificate / Certificate types
  • User Datagram Protocol (UDP) / Implementing secure protocols

V

  • VDE / VDE
  • virtual desktop infrastructure (VDI) / Virtual desktop infrastructure
  • Virtual Desktop Infrastructure (VDI) / Virtual desktop infrastructure
  • Virtual IP Address (VIP) / Load balancer
  • virtualization
    • about / Segregation/segmentation/isolation
    • components / Exploring virtual networks
  • Virtual Local Area Network (VLAN) / OSI – reference model
  • virtual networks
    • exploring / Exploring virtual networks
  • Virtual Private Network (VPN)
    • about / Authentication, Remote access, Remote access – use case
    • L2TP/IPSec / Remote access
    • Secure Socket Layer (SSL) VPN / Remote access
  • virtual private network, using L2TP/IPSec
    • asymmetric encryption / Virtual private network using L2TP/IPSec
    • symmetric encryption / Virtual private network using L2TP/IPSec
    • key length / Virtual private network using L2TP/IPSec
  • virus / Virus and malware attacks
  • vishing attack / Social engineering attacks
  • VLAN / Voice and video – use case
  • voice and video use casea
    • about / Voice and video – use case
  • voice recognition / Biometrics
  • VPN concentrator / VPN concentrator
  • vulnerability / Risk procedures and concepts
  • vulnerability scanner / Vulnerability scanning concepts
    • running / Practical exercise—running a vulnerability scanner
    • credentialed / Software tools to assess the security posture of an organization
    • non-credentialed / Software tools to assess the security posture of an organization
  • vulnerability scanning / Vulnerability scanning concepts
    • versus penetration testing / Penetration testing versus vulnerability scanning

W

  • watering hole attack / Social engineering attacks
  • Web Application Firewall (WAF) / OSI – reference model, Firewall
  • Web Mail (HTTPS) / Email – use case
  • web of trust / Certificate trust
  • Web use case
    • Hypertext Transfer Protocol (HTTP) / Web – use case
    • Hypertext Transfer Protocol Secure (HTTPS) / Web – use case
    • Transport Layer Security (TLS) / Web – use case
  • WEP IV attack / Wireless attacks
  • whaling attack / Social engineering attacks
  • white box testing / Penetration testing
  • Wi-Fi Protected Access (WPA) / Wireless encryption
  • Wi-Fi Protected Access version 2 (WPA2) / Wireless encryption
  • Wide Area Network (WAN) / Secure network architecture concepts
  • wildcard certificate / Certificate types
  • Wired Equivalent Privacy (WEP) / Wireless encryption
  • wireless access point
    • access, securing / Securing access to your wireless access point
  • Wireless Access point (WAP) / Implementing wireless security
  • wireless access points
    • controllers / Wireless access points – controllers
    • FAT controller / Wireless access points – controllers
    • thin controller / Wireless access points – controllers
  • wireless antenna types
    • about / Wireless antenna types and signal strength
    • omnidirectional antennas / Wireless antenna types and signal strength
    • directional antennas / Wireless antenna types and signal strength
    • Yagi / Wireless antenna types and signal strength
  • wireless attacks
    • evil twin / Wireless attacks, Wireless attacks
    • rogue access point / Wireless attacks, Wireless attacks
    • about / Wireless attacks
    • jamming / Wireless attacks
    • WPS attack / Wireless attacks
    • WEP IV attack / Wireless attacks
    • disassociation / Wireless attacks
    • RFID / Wireless attacks
    • Near Field Communication (NFC) / Wireless attacks
  • wireless authentication protocols
    • about / Wireless authentication protocols
    • IEEE 802.1x / Wireless authentication protocols
    • RADIUS federation / Wireless authentication protocols
    • EAP / Wireless authentication protocols
    • PEAP / Wireless authentication protocols
    • EAP-FAST / Wireless authentication protocols
    • EAP-TLS / Wireless authentication protocols
    • EAP-TTLS / Wireless authentication protocols
  • wireless bandwidth/band selection / Wireless bandwidth/band selection
  • wireless channels / Wireless channels
  • wireless coverage
    • about / Wireless coverage
    • site survey / Wireless coverage
    • low-power directional antennas / Wireless coverage
    • wireless speed slow / Wireless coverage
  • wireless crackers / Software tools to assess the security posture of an organization
  • wireless disassociation attack / Wireless attacks
  • wireless encryption
    • about / Wireless encryption
    • open system authentication / Wireless – open system authentication
    • WPS / Wireless – WPS
    • captive portal / Wireless – captive portal
    • wireless attacks / Wireless attacks
  • wireless networks
    • WLAN / Implementing wireless security
    • guest / Implementing wireless security
    • infrastructure / Implementing wireless security
    • ad-hoc / Implementing wireless security
  • wireless scanner / Software tools to assess the security posture of an organization
  • wireless security
    • implementing / Implementing wireless security
    • wireless access points / Wireless access points – controllers
    • wireless bandwidth/band selection / Wireless bandwidth/band selection
  • WLAN / Implementing wireless security
  • worm / Virus and malware attacks
  • WPA2-CCMP / Wireless encryption
  • WPA2-enterprise / Wireless encryption
  • WPA2-Pre-shared Key (WPA2–PSK) / Wireless encryption
  • WPA2-TKIP / Wireless encryption
  • WPS attack / Wireless attacks

X

  • XOR encryption / XOR encryption

Z

  • zero day attack / Application/service attacks
lock icon The rest of the chapter is locked
arrow left Previous Section
Section 1 of 1
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Authors (1)

Profile icon Ian Neil
Ian Neil
LinkedIn icon
Ian Neil is one of the world's top trainers of Security+. He is able to break down information into manageable chunks so that people with no background knowledge can gain the skills required to become certified. He has recently worked for the US Army in Europe and designed a Security+ course that catered to people from all backgrounds (not just IT professionals), with an extremely successful pass rate. He is an MCT, MCSE, A+, Network+, Security+, CASP, and RESILIA practitioner that has worked with high-end training providers over the past 23 years and was one of the first technical trainers to train Microsoft internal staff when they opened their Bucharest Office in 2006.
Read more
See other products by Ian Neil

Other recommended products

Related to this chapter
Left arrow icon
CompTIA Security+: SY0-601 Certification Guide
CompTIA Security+: SY0-601 Certification Guide
Read more
The CompTIA Security+: SY0-601 Certification Guide makes the most complex Security+ concepts easy to understand even for those who have no prior knowledge. Complete with exam tips, practical exercises, mock exams, and exam objective mappings, this is the perfect study guide to help you obtain Security+ certification.
Read more
Dec 2020 18h 20m
CompTIA Security+ Practice Tests SY0-501
CompTIA Security+ Practice Tests SY0-501
Read more
The CompTIA Security+ exam is a valuable qualification for those seeking a career in Cybersecurity. This book is a great resource to test whether your knowledge base and skills align with the exam objectives.
Read more
Jan 2020 8h 24m
Security+® Practice Tests
Security+® Practice Tests
Read more
Get ready to pass your CompTIA Security+ certification exam with the elaborate and complete practice that Security+? Practice Tests will provide you. From detailed explanations of the six domains to full-length practice tests, you'll gain complete knowledge of what this test contains and how to ace it.
Read more
Oct 2019 13h 0m
Kali Linux Wireless Penetration Testing Beginner's Guide
Kali Linux Wireless Penetration Testing Beginner's Guide
Read more
Kali Linux Wireless Penetration Testing Beginner's Guide, Third Edition has been updated to Kali Linux 2017.3 with the latest methodologies, including full coverage of the KRACK attack and how to defend against it. The book presents wireless pentesting from the ground up, introducing all elements of penetration testing and providing detailed coverage of modern hacking methods and attacks.
Read more
Dec 2017 7h 0m
Modern Cryptography for Cybersecurity Professionals
Modern Cryptography for Cybersecurity Professionals
Read more
Every minute of the day, there are petabytes of data exchanged between our homes, cars, businesses, and IoT devices. But just what exactly is involved when using cryptographic techniques? Modern Cryptography for Cybersecurity Professionals will help you to understand common cryptographic techniques and terms used today to secure our data.
Read more
Jun 2021 9h 32m
CISSP (ISC)² Certification Practice Exams and Tests
CISSP (ISC)² Certification Practice Exams and Tests
Read more
With over 1000 practice questions, explanations of all 8 domains, and 2 full exams, this book is a fantastic exam prep solution. Take the CISSP exam (version May 2021) confidently with the help of mock questions and detailed solutions and validate your skills with the CISSP (ISC)2 certification.
Read more
Sep 2021 13h 12m
CCNA Security 210-260 Certification Guide
CCNA Security 210-260 Certification Guide
Read more
With a CCNA Security certification, you can demonstrate the skills required to develop a security infrastructure, recognize threats to networks, and mitigate security threats. Geared towards Cisco Security, the practical aspects of this book will help you clear the CCNA Security Exam (210-260) by increasing your knowledge of Network Security.
Read more
Jun 2018 17h 16m
CompTIA Network+ Certification Guide
CompTIA Network+ Certification Guide
Read more
CompTIA Network+ Certification Guide makes the most complex Network+ concepts easy to understand despite having no prior knowledge. It offers exam tips in every chapter along with access to practical exercises and exam checklist that map to the exam objectives and it is the perfect study guide to help you pass CompTIA Network+ exam.
Read more
Dec 2018 14h 4m
CISA – Certified Information Systems Auditor Study Guide
CISA – Certified Information Systems Auditor Study Guide
Read more
CISA - Certified Information Systems Auditor Study Guide offers complete, up-to-date coverage of the CISA exam so you can take them with confidence, fully equipped to pass first time. Written in a clear, succinct way with self-assessment questions, exam tips and mock exams with detailed answer explanations, this book covers all 5 domains of CISA certification.
Read more
Aug 2020 19h 40m
Cisco Certified CyberOps Associate 200-201 Certification Guide
Cisco Certified CyberOps Associate 200-201 Certification Guide
Read more
The Cisco Certified CyberOps Associate 200-201 certification exam helps you gain the skills and knowledge needed to prevent, detect, analyze, and respond to cybersecurity incidents. This book offers complete up-to-date coverage of the 200-201 exam so you can confidently pass first time while getting hands-on cybersecurity experience.
Read more
Jun 2021 22h 0m
Learn Penetration Testing
Learn Penetration Testing
Read more
A penetration test, also known as a pen test, is a simulated cyberattack against your computer system to check for exploitable vulnerabilities. In the context of web application security, penetration testing is commonly used to augment a web application firewall (WAF). This book teaches you various penetration testing techniques in order to become a proficient Penetration tester.
Read more
May 2019 14h 8m
Networking Fundamentals
Networking Fundamentals
Read more
Networks are a collection of computers, servers, mobile devices or other computing devices connected with a view to sharing data. This book will help you get well-versed with the basic concepts of networking and will help you to pass Microsoft's MTA Networking Fundamentals Exam 98-366
Read more
Dec 2019 17h 0m
Right arrow icon
Visually different images

Personalised recommendations for you

Based on your interests and search pattern
Left arrow icon
Mastering Palo Alto Networks
Mastering Palo Alto Networks
Read more
Mastering Palo Alto Networks is a hands-on guide that helps you progress from a beginner to an expert in configuring Palo Alto firewalls. It covers setup, management, and optimization with real-world examples for both on-prem and cloud environments.
Read more
May 2025 21h 32m
Cloud Native Anti-Patterns
Cloud Native Anti-Patterns
Read more
Uncover and fix cloud native anti-patterns across strategy, culture, security, and operations. This book guides you through the practical steps to avoid common traps and shift your organization toward cloud-native best practices that drive lasting success.
Read more
Mar 2025 14h 44m
AWS for System Administrators
AWS for System Administrators
Read more
Master the art of designing, deploying, and managing AWS infrastructure with industry best practices. You'll learn to automate workflows, optimize costs, and implement robust disaster recovery strategies for scalable cloud success.
Read more
May 2025 14h 12m
Kubernetes for Generative AI Solutions
Kubernetes for Generative AI Solutions
Read more
Learn step by step how to design, optimize, and deploy Generative AI projects on Kubernetes. Covering networking, observability, security, scaling, and cost optimization strategies, this guide takes you from first deployment to production excellence.
Read more
Jun 2025 11h 8m
Azure Cloud Projects
Azure Cloud Projects
Read more
Azure Cloud Projects offers a hands-on introduction to Microsoft Azure, designed to help you build real-world cloud solutions, develop job-ready skills, and apply best practices that are widely used across the cloud computing industry.
Read more
May 2025 8h 28m
Sustainable Cloud Development
Sustainable Cloud Development
Read more
This book introduces best practices for developing and deploying high-performing, eco-friendly cloud applications, helping you meet sustainability goals while delivering efficient cloud solutions.
Read more
Mar 2025 9h 12m
SLIs and SLOs Demystified
SLIs and SLOs Demystified
Read more
This comprehensive guide to reliability engineering dives deep into SLIs, SLOs, observability, and incident management. It shows you how to optimize system reliability and make data-driven decisions to balance performance and business goals.
Read more
Apr 2025 10h 0m
Right arrow icon