CompTIA CSA+ Study Guide

Оглавление

Mike Chapple. CompTIA CSA+ Study Guide

Acknowledgments

About the Authors

Introduction

What Does This Book Cover?

Setting Up a Kali and Metasploitable Learning Environment

Setting Up Your Environment

Objectives Map for CompTIA Cybersecurity Analyst (CSA+) Exam CS0-001

Objectives Map

Assessment Test

Chapter 1. Defending Against Cybersecurity Threats

Cybersecurity Objectives

Evaluating Security Risks

Building a Secure Network

Secure Endpoint Management

Penetration Testing

Reverse Engineering

Summary

Exam Essentials

Lab Exercises

Review Questions

Chapter 2. Reconnaissance and Intelligence Gathering

Footprinting

Passive Footprinting

Gathering Organizational Intelligence

Detecting, Preventing, and Responding to Reconnaissance

Summary

Exam Essentials

Lab Exercises

Review Questions

Chapter 3. Designing a Vulnerability Management Program

Identifying Vulnerability Management Requirements

Configuring and Executing Vulnerability Scans

Developing a Remediation Workflow

Overcoming Barriers to Vulnerability Scanning

Summary

Exam Essentials

Lab Exercises

Review Questions

Chapter 4. Analyzing Vulnerability Scans

Reviewing and Interpreting Scan Reports

Validating Scan Results

Common Vulnerabilities

Summary

Exam Essentials

Lab Exercises

Review Questions

Chapter 5. Building an Incident Response Program

Security Incidents

Phases of Incident Response

Building the Foundation for Incident Response

Creating an Incident Response Team

Coordination and Information Sharing

Classifying Incidents

Summary

Exam Essentials

Lab Exercises

Review Questions

Chapter 6. Analyzing Symptoms for Incident Response

Analyzing Network Events

Handling Network Probes and Attacks

Investigating Host Issues

Investigating Service and Application Issues

Summary

Exam Essentials

Lab Exercises

Review Questions

Chapter 7. Performing Forensic Analysis

Building a Forensics Capability

Understanding Forensic Software

Conducting a Forensic Investigation

Forensic Investigation: An Example

Summary

Exam Essentials

Lab Exercises

Review Questions

Chapter 8. Recovery and Post-Incident Response

Containing the Damage

Incident Eradication and Recovery

Wrapping Up the Response

Summary

Exam Essentials

Lab Exercises

Review Questions

Chapter 9. Policy and Compliance

Understanding Policy Documents

Complying with Laws and Regulations

Adopting a Standard Framework

Implementing Policy-Based Controls

Security Control Verification and Quality Control

Summary

Exam Essentials

Lab Exercises

Review Questions

Chapter 10. Defense-in-Depth Security Architectures

Understanding Defense in Depth

Implementing Defense in Depth

Analyzing Security Architecture

Summary

Exam Essentials

Lab Exercises

Review Questions

Chapter 11. Identity and Access Management Security

Understanding Identity

Threats to Identity and Access

Identity as a Security Layer

Understanding Federated Identity and Single Sign-On

Summary

Exam Essentials

Lab Exercises

Review Questions

Chapter 12. Software Development Security

Understanding the Software Development Life Cycle

Designing and Coding for Security

Software Security Testing

Summary

Exam Essentials

Lab Exercises

Review Questions

Chapter 13. Cybersecurity Toolkit

Host Security Tools

Monitoring and Analysis Tools

Scanning and Testing Tools

Network Security Tools

Web Application Security Tools

Forensics Tools

Summary

Appendix. Answers to the Lab Exercises

Chapter 1: Defending Against Cybersecurity Threats

Chapter 2: Reconnaissance and Intelligence Gathering

Chapter 4: Analyzing Vulnerability Scans

Chapter 5: Building an Incident Response Program

Chapter 6: Analyzing Symptoms for Incident Response

Chapter 7: Performing Forensic Analysis

Chapter 8: Recovery and Post-Incident Response

Chapter 9: Policy and Compliance

Chapter 10: Defense-in-Depth Security Architectures

Chapter 11: Identity and Access Management Security

Chapter 12: Software Development Security

Index

Отрывок из книги

Books like this involve work from many people, and as authors, we truly appreciate the hard work and dedication that the team at Wiley shows. We would especially like to thank senior acquisitions editor Kenyon Brown. We have worked with Ken on multiple projects and consistently enjoy our work with him.

We also greatly appreciated the editing and production team for the book, including David Clark, our developmental editor, who brought years of experience and great talent to the project, Robin Abernathy, our technical editor, who provided insightful advice and gave wonderful feedback throughout the book, and Becca Anderson, our production editor, who guided us through layouts, formatting, and final cleanup to produce a great book. We would also like to thank the many behind-the-scenes contributors, including the graphics, production, and technical teams who make the book and companion materials into a finished product.

.....

If you are more familiar with another virtualization tool such as VMware or HyperV, you can also use those tools; however, you may have to adapt or modify these instructions to handle differences in how your preferred virtualization environment works.

Multiple versions of Kali Linux are available at https://www.kali.org/downloads/, and pre‐built Kali Linux virtual machines can be downloaded at https://www.offensive‐security.com/kali‐linux‐vmware‐virtualbox‐image‐download/. We suggest downloading the most recent version of the Kali Linux 64‐bit VBox virtual machine.

.....