DocumentControl


ProposalName

: CompTIASecurity+Workbook

DocumentVersion

:

1.0
DocumentReleaseDate

: 01April2018

Reference

: CompTIASecurity+SY0-501

Copyright©2018IPSpecialistLTD.
RegisteredinEnglandandWales
CompanyRegistrationNo:10883539
Registration Office at Office 32, 19-21 Crawford Street, London W1H 1PJ,
UnitedKingdomwww.ipspecialist.net

Allrightsreserved.Nopartofthisbookmaybereproducedortransmittedinany
form or by any means, electronic or mechanical, including photocopying,
recording, or by any information storage and retrieval system, without written
permissionfromIPSpecialistLTD,exceptfortheinclusionofbriefquotationsin
areview.

Feedback:
Ifyouhaveanycommentsregardingthequalityofthisbook,orotherwisealter
ittosuityourneedsbetter,youcancontactusbyemailat


Please make sure to include the book title and ISBN in your message About
IPSpecialist
IPSPECIALIST LTD. IS COMMITTED TO EXCELLENCE AND
DEDICATEDTOYOURSUCCESS.

Our philosophy is to treat our customers like family. We want you to succeed,
andwearewillingtodoanythingpossibletohelpyoumakeithappen.Wehave
theprooftobackupourclaims.Westrivetoacceleratebillionsofcareerswith
great courses, accessibility, and affordability. We believe that continuous
learningandknowledgeevolutionaremostimportantthingstokeepre-skilling
andup-skillingtheworld.
PlanningandcreatingaspecificgoaliswhereIPSpecialisthelps.Wecancreate
a career track that suits your visions as well as develop the competencies you

need to become a professional Network Engineer. We can also assist you with
theexecutionandevaluationofproficiencylevelbasedonthecareertrackyou
choose,astheyarecustomizedtofityourspecificgoals.
We help you STAND OUT from the crowd through our detailed IP training
contentpackages.

CourseFeatures:Self-Pacedlearning
Learnatyourownpaceandinyourowntime
CoversCompleteExamBlueprint
Prep-upfortheexamwithconfidence
CaseStudyBasedLearning
Relatethecontenttoreal-lifescenarios
Subscriptionsthatsuitsyou
GetmorepaylesswithIPSSubscriptions
CareerAdvisoryServices
Letindustryexpertsplanyourcareerjourney
VirtualLabstotestyourskills
WithIPSvRacks,youcantestifyyourexampreparations
PracticeQuestions
PracticeQuestionstomeasureyourpreparationstandards
OnRequestDigitalCertification
OndigitalrequestcertificationfromIPSpecialistLTD.


AbouttheAuthors:
This book has been compiled with the help of multiple professional engineers.
TheseengineersspecializeindifferentfieldslikeNetworking,Security, Cloud,
BigData,IoT,etc.Eachengineerdevelopscontentinitsspecializedfieldthatis
compiledtoformacomprehensivecertificationguide.



AbouttheTechnicalReviewers:

NoumanAhmedKhan
AWS-Architect, CCDE, CCIEX5 (R&S, SP, Security, DC, Wireless), CISSP,
CISA, CISM is a Solution Architect working with a major telecommunication
provider in Qatar. He works with enterprises, mega-projects, and service
providers to help them select the best-fit technology solutions. He also works
closely with a consultant to understand customer business processes and helps
selectanappropriatetechnologystrategytosupportbusinessgoals.Hehasmore
than14yearsofexperienceworkinginPakistan/Middle-East&UK.Heholdsa
Bachelor of Engineering Degree from NED University, Pakistan, and M.Sc. in
ComputerNetworksfromtheUK.

AbubakarSaeed
Abubakar Saeed has more than twenty-five years of experience, Managing,
Consulting, Designing, and implementing large-scale technology projects,
extensive experience heading ISP operations, solutions integration, heading
ProductDevelopment,Presales,andSolutionDesign.Emphasizingonadhering
toProjecttimelinesanddeliveringaspercustomerexpectations,healwaysleads
the project in the right direction with his innovative ideas and excellent
management.

MuhammadYousuf
Muhammad Yousuf is a professional technical content writer. He is Cisco
Certified Network Associate in Routing and Switching, holding bachelor’s
degree in Telecommunication Engineering from Sir Syed University of
Engineering and Technology. He has both technical knowledge and industry
soundinginformation,whichheusesperfectlyinhiscareer.





SyedaMashrabaBatoolRizvi
Syeda Mashraba Batool Rizvi is a Technical Content Developer. She holds a
bachelor's degree in Telecommunication Engineering from Dawood University
ofEngineering&Technology.Shepossessesgreatwritingandresearchingskills
andhasanin-depthtechnicalknowledge.




TableofContents

Chapter01:Threats,Attacks,andVulnerabilitiesAnOverviewofMalware
HowdoesMalwaregetin?
MalwareTypes
TypesofAttacks
SocialEngineeringAttacks
Application/ServiceAttacksWirelessAttacks
CryptographyAttacks

IntroductiontoThreatActors
TypesofThreatActors
VulnerabilityAssessment
Vulnerability Assessment Process: LAB 01-1: Installing and Using
VulnerabilityAssessmentTool.
Threatactorattributes
Internal/external
Levelofsophistication

Resources/Funding
Intent/Motivation
UseofopensourceintelligencePenetrationTesting
Reconnaissance
Pivot
Initialexploitation
Persistence
Escalationofprivilege
TypesofPenetrationTests
PenTestingProcess
DifferencebetweenVulnerabilityAssessmentandPenetrationTestingWhy


IsPenTestingandVulnerabilityAssessmentNecessary?
Vulnerability Scanning concepts Impact associated with types of
vulnerabilitiesRacecondition
Improperinputhandling
Impropererrorhandling
Weakconfiguration
Defaultconfiguration
Resourceexhaustion
Untrainedusers
ImproperlyconfiguredaccountsVulnerablebusinessprocessesWeakcipher
suitesandimplementationsBuffervulnerability
SystemSprawl/UndocumentedAssetsDesignweaknesses
Newthreat/zero-day
Impropercertificateandkeymanagement


Chapter02:TechnologiesandTools

AnOverviewofSecurityComponents
Firewall
LAB2-1:ConfiguringZone-basedPolicyFirewallVPNConcentrator
LAB2-1:IPSECSite-to-SiteVPNconfigurationLAB2-2:VPNconfiguration
NetworkIntrusionDetectionandPreventionRouterandSwitchSecurity
Proxies
LoadBalancer
AccessPoints
SIEM(SecurityInformationandEventManagement)DLP
NAC
MailGateways
Bridges
SSL/TLSaccelerator
SSLdecryption
Mediagateway
Hardwaresecuritymodule
SecuritySoftware
ProtocolAnalyzer
NetworkScanner
Passwordcracker
Vulnerabilityscanner
ConfigurationcompliancescannerExploitationframework
Datasanitizationtools
Steganographytools
Honeypot
Backuputilities
Bannergrabbing
Passivevs.active
WirelessScannerandCrackerCommandLineSecurityTools
CommonSecurityIssues



UnencryptedCredentials
LogsandEventsAnomalies
PermissionIssues
AccessViolations
CertificateIssues
DataExfiltration
MisconfiguredDevices
WeakSecurityConfigurationsPersonnelIssues
Unauthorizedsoftware:
BaselineDeviation:
LicenseComplianceViolationAssetManagement
AuthenticationIssues
AnalysingSecurityOutput
Host-basedIDS/IPS
Anti-Virus:
FileIntegrityCheck:
Host-basedFirewall:
AdvanceMalwareTool:
SecuringMobileDevices
MobileDeviceconnectionmethodsMobileDeviceManagement:
MobileDeviceDeploymentModels:SecureProtocols
SRTP
NTP
S/MIME
SSL/TLS
FTPS
LDAP
SSH

DHCP


Chapter03:ArchitectureandDesign
Frameworksandconfigurationguide
IndustrystandardframeworksandreferencearchitectureBenchmarks/secure
configuration guides Defense in depth/ layered security Secure Network
ArchitectureConceptZone/Topology
SegmentationofaNetwork
VPNTechnologies
SecurityTechnologyPlacement

IntroductiontoSecuritySystemDesign
Hardware / Firmware SecurityOperating System (OS) Security Peripheral
Security
SecureDeployments
Sandboxing
WorkingEnvironment
EmbeddedSystem
SCADA
SmartDevices/IOT(InternetofThings)HVAC
SOC
RTOS:
SpecialPurposeSystems
Secure Application Development and Deployment Development Lifecycle
ModelsSecureDevOps
VersionControlandChangeManagementProvisioningandDe-provisioning
SecureCodingTechnique
CodeQualityandTesting
CompiledVSRuntimeCode

CloudandVirtualization
Hypervisor
VMSprawlAvoidance


VMEscapeProtection
CloudStorage
CloudDeploymentModels
On-premisevs.Hosedvs.CloudVDI/VDE
Cloud Access Security Broker (CASB) Security as a Service (SECaaS)
ResiliencyandAutomationStrategiesAutomation/scripting
Templates
MasterImage
Non-Persistence
Elasticity
Scalability
DistributiveAllocation
Redundancy
FaultTolerance
HighAvailability
RAID
PhysicalSecurityControls
Lighting
Signs
Fence/Cage
SecurityGuard
Alarms
Safes
ProtectedCabling
Airgap

Mantrap
ScreenFilters
Keymanagement
Chapter04:IdentityandAccessManagement

IntroductiontoIdentityandaccessmanagement
AAA (Authentication, Authorization, and Accounting) framework
MultifactorAuthentication


SingleSign-on(SSO)
TransitiveTrust
IdentityandAccessServicesGainingAccess:
IntroductiontoPAP,CHAP,&MS-CHAP
LAB04-1:ConfiguringPPPPAPandCHAPauthenticationandverifyingit.
AnOverviewofFederatedIdentitiesFederation
Identity&AccessControlManagementAccessControlModels
FileSystemSecurity
DatabaseSecurity
AccessControlTechnologies
AccountManagement
AccountTypes
GeneralConcepts
AccountPolicyEnforcement


Chapter05:RiskManagement
Overview of Security Policies, Plans, and Procedures Standard Operating
ProcedureAgreementTypes
PersonnelManagement

GeneralSecurityPolicies
ImpactAnalysis
RTO/RPO
MTBF
MTTR
MissionEssentialFunction
SinglePointofFailure
Impact
PrivacyImpactAssessment
Privacy Threshold Assessment Risk Management Processes and Concept
ThreatAssessment
RiskAssessment
IncidenceResponseProcedureIncidentresponseplan
Incidentresponseprocess
BasicConceptofForensics
Orderofvolatility
Chainofcustody
LegalHold
Dataacquisition
Preservation
Recovery
Strategic intelligence/Counterintelligence gathering Basic Concept of
DisasterRecoveryandContinuityofOperationRecoverysites
Orderofrestoration
Backupconcepts
Geographicconsiderations
ContinuityofoperationplanningTypesofSecurityControl
Deterrent



Preventive
Detective
Corrective
Compensating
Technical
Administrative
Physical
Data Security and Privacy PracticesData destruction and media sanitization
DatasensitivitylabellingandhandlingDataRoles
Dataretention
Legalandcompliance
Chapter06:Cryptography&PKICryptographyConcepts:
CryptographicTerminologies:CryptographicAlgorithm:
SymmetricKeyCryptography:
AsymmetricKeyCryptography:Hashing
CryptographyUses
Confidentiality
Integrity
Obfuscation
Authentication
Non-Repudiation
Wirelesssecurity
CryptographicProtocols
AuthenticationProtocols
Methods
PublicKeyInfrastructurePKIPKIComponents
Keymanagement
DigitalCertificates
WhatdoesaDigitalCertificatecontain?
CertificateExtensions

StandardExtension
CommercialCertificateAuthoritiesPrivateCertificate AuthorityPKI Trust
Relationship


SingleCertificateAuthorityHierarchical
KeyRevocation
Reasons for the certificate revocation Getting revocation details to the
browserPKIConcept
OnlineandOfflineCA
OCSPStapling
Pinning
PKITrustRelationships
TypesofCertificates
Rootcertificate
WebServerSSLCertificate
Domain Validation (DV) Certificate Extended Validation (EV) Certificate
SubjectAlternativeName(SAN)CertificateWildcardDomainCertificate
Self-SignedCertificate
MachineandComputerCertificateUserCertificate
EmailCertificate
CodeSigningCertificate
References



AboutthisWorkbook
This workbook covers all the information you need to pass the CompTIA
Security+ExamthatisSY0-501.Theworkbookisdesignedtotakeapractical
approachtolearningwithreal-lifeexamplesandcasestudies.

Covers complete CompTIA Security+ SY0-501 blueprint Summarized
contentCaseStudybasedapproachReadytopracticelabsonVM
100%passguaranteeMindmaps

CompTIACertifications
CompTIAcertificationhelpstoestablishandbuildyourITcareer.Itbenefitsyou
in various ways either seeking certification to have a job in IT or want to
upgradeyourITcareerwithaleadingcertificationthatisCompTIAcertification.
Forbetterunderstanding,thesecertificatesarecategoriesasfollows:
CoreCertification:
ITFundamentalA+
Network+
Security+

InfrastructurePathway:
Linux+
Server+
Cloud+

CybersecurityPathway:
CySA+

CASP

AdditionalCertificates:
Project+
CloudEssentialsCTT+




Figure1.CompTIACertificationsPathway

AboutSecurity+CertificationThiscertificationgoalistomakeyou
a better IT Security Tech. All the necessary principles for network
securityarecoveredinthisSecurity+certification.
TheskillsortechniquesyouwilllearnwhenyougetSecurity+certificate:
Configuringasecurenetworkforprotectionagainstthreats,malware,
etc.
Identificationofvulnerabilitiesinanetworkandprovisionofproper
mitigationtechniques.
Knowledgeoflatestthreatsthatareharmingyoursystemintelligently.
Implementation of secure protocols and appropriate security checks
andtheestablishmentofend-to-endhostsecurity.
Implementation of access and identity management controls to have
yourdatainlegalhands.
Ability to use encryption, configuring wireless security for
informationsafetypurpose.


Figure2.CompTIASecurityCertificationsPathway

About the CompTIA Security+ Exam Exam Number: SY0-501
CompTIASecurity+
Duration:90minutesNumberofQuestions:Maximum90
TypesofQuestions:Multiplechoice&performancebasedPassingMarks:
750
ExamPrice:$330USD

TheCompTIASecurity+Exam(SY0-501)isa90-minutequalifyingexamwith
a maximum of 90 questions for the CompTIA certification. The CompTIA

Security+Examcertifiesthesuccessfulapplicantsthathaveawarenessandskills
needed to configure and install the systems in order to secure the networks,
devices,&applications.ThisExamcertifiesthatthesuccessfulapplicanthasthe
knowledgeandskillsof
Environmentalandpersonalsecurityandcontrols.
Wireless,cloudandmobilesecurity.
Riskmanagement.
Authenticationandauthorization.
Host,LAN,andapplicationsecurity.
Cryptography.

Thefollowingtopicsaregeneralguidelinesforthecontentthatarelikelytobe
includedontheexam:Threats,Attacks,andVulnerabilities21%
TechnologiesandTools22%
ArchitectureandDesign15%
IdentityandAccessManagement16%
RiskManagement14%


CryptographyandPKI12%

AcompletelistoftopicscoveredintheCompTIASecurity+SY0-501examcan
be downloaded from the CompTIA website: How to
becomeSecurity+certified?
Step 1: Choose a certification Explore what is available and choose an IT
certificationthatwillbenefityouinaccomplishingyourcareertarget.
TostudyaboutvariousITcareertracksandto choosethe bestcertificationfor
yourself,youcanusethe“CompTIACareerRoadmap.”
CompTIAhasfourcoreITcertificationsthatis;ITFundamental,A+,Network+,
and Security+ that examine your knowledge from the entrance to the expert

level.
Ifyouhaveskillstosecureanetwork&deterhackersandwanttobecomethe
bestITSecurityTech,thenCompTIASecurity+istherightkindofcertification
foryou.
Step2:Learning&TrainingExampreparationcanbeaccomplishedthrough
self-studywithtextbooks,practiceexams,andon-siteclassroomprograms.This
workbookprovidesyouwithalltheinformationandknowledgetohelpyoupass
theCompTIASecurity+Exam.
IPSpecialistprovidesfullsupporttothecandidatesinorderforthemtopassthe
exam.
Step 3: Familiarization with ExamA great suggestion is to understand what
youaretrainingfor.Forthat,weareprovidingyounotonlytheexamobjectives
butpracticequestionstooinordertolendyouasolidideaabouttheexamwhen
youaregoingtohaveyourcertificationexamStep4:Register&TakeExam
forCertificationAfterallthelearningprocess,thenextstepistotakeyourtest.
Certificationexamsareofferedatlocationsthroughouttheworld.Toregisterfor
an exam, contact the authorized test delivery partner of CompTIA, contact
PearsonVUE.
Thefollowingarethestepsforregistrationandschedulinganexam:
Buy the exam voucher from here “Buy a certification exam
voucher. ”
Findandvisitatestingcenter “testingcenter.”
Create Pearson VUE account & Schedule your exam. Here is a link
for that “Create a Pearson VUE testing account and schedule your
exam.”


Youwillreceiveaconfirmationemailhavingtestinginformationafter
theregistrationprocess.
Youarereadyforthetest.

Step5: After you complete an exam at an authorized testing center, you'll get
immediate,onlinenotificationofyourpassorfailstatus.Ifyouhavepassedthe
exam,acongratulatoryemailwillbeforwardedtoyouwithguidelinestoaccess
yourrecord.
Make sure to keep a record of the email address you used for registration and
scorereportwithexamregistrationnumber.Thisinformationisrequiredtolog
intoyourcertificationaccount.

Congratulations!YouarenowCompTIASecurity+Certified.




Chapter01:Threats,Attacks,andVulnerabilities
AnOverviewofMalware
Theterm“Malware”canbedefinedasanymalicioussoftwareperformingbad
functions on the network. Malicious intentions of that software could degrade
performance,stealinformation,unavailability,anddataloss.Someofthemost
commonformsofmalwareare:
Virus
Botnets
Rootkits
Crypto-Malware
Ransomware
Worms
TrojanHorses
Spyware
Adware
Keylogger
LogicBomb

HowdoesMalwaregetin?
Malware takes advantage of the vulnerabilities in the operating system or the
vulnerabilities introduced by yourself when you accidentally click on the
malicious links. A malware program is running initially before the malware
deploysitselfonthesystem.

HowtoKeepMalwareAway?
MakesuretokeepOperatingSystemsuptodate.
UpdatealltheApplications.
Avoidclickingunnecessaryormaliciouslinks.
UseAnti-Virus/Anti-Malwaresoftware.
MalwareTypes
ThefollowingarethedetailsofvariouskindsofMalware:
Virus
The term "Virus" in Network and Information security describes malicious
software. This malicious softwareisdevelopedtospread,replicatethemselves,


andattachthemselvestootherfiles.Attachingwithotherfileshelpstotransfer
ontoothersystems.Thesevirusesrequireuserinteractiontotriggerandinitiate
maliciousactivitiesontheresidentsystem.
The virus is known for its “self-reproduction.” Viruses replicate by attaching
themselveswithanexecutablefile.Forexample,copyinganinfectedfilecopies
avirus.Sometypesofvirusesdoesnotcauseproblems;theyareinvisible,but
someareobvious(providepop-ups).Thefirstvirusescreatedwereoftwotypes:
1. Bootsectorviruses.
2. Programviruses.
To prevent viruses, anti-virus programs are commonly used. This anti-virus
softwareconstantlyscansthesystem,finds,andstopsthevirusfromgettinginto
the system and ensures that no virus is executing into the system. One must

maintainthesignaturelistthatisontheanti-virussoftwarebecauseanumberof
virusesarebeingdiscoveredeveryday.
Worms
UnlikeViruses,Wormsarecapableofreplicatingthemselves.Thiscapabilityof
worms makes them spread on a resident system very quickly. Worms are
propagatingindifferentformssincethe1980s.Sometypesofemergingworms
are very destructive and responsible for devastating DoS attacks. It can move
without human action or intervention inside the network or computer. They
spreadandtakeoversystemquickly.Awell-knownviruscanbefilteredthrough
next-generationintrusionpreventionsystemorfirewall.






Exampleofworm:
Sobigwormof2003
SQLSlammerwormof2003
2001attacksofCodeRedandNimba
2005Zotobworm
Ransomware:


It takes the user data and encrypts it, and in return, it asks for money.
Ransomware makes the system or computer encrypted. When user attempt to
accessthefiles,amessageisshowntohimtopayaransomtounlockyourfiles.
Incaseofransomware,youneedtotakeyoursystemtoasecurityprofessional
to remove ransomware and decrypt your files and data, or you may need to
followtheprocedurethroughwhichyoucansendmoneyforregainingaccessto

thefilesortohavethedecryptionkeys.Thesystemofpaymentisnottraceable,
and also you can’t decrypt the data files because of the strong encryption
method,i.e.,PublicKeyCryptography.
Exampleofransomware:CryptoLocker
Crypto-Malware:
It encrypts all the data or file either permanently or temporarily. It is more
intendedfordenialofservicebypermanentlyencryptingthefilesortemporarily
untilaransomamountispaid.
Howtopreventthisinfection?
UpdateOperatingsystemandapplications.
Backupalldataoffline.
Installanti-virusandupdatetheanti-virussignature.
Trojans:
Itdamagesthesystembyhidingitsrealfunctionality;thismeansthatitpretends
something other than malware. It is easy for the malware to get inside of the
system.However,oncetheygetinside,theyopendoorsforothermalwaretoo,
and that open door is referred to as a back door. Remote Access Trojan
commonly referred to as Remote Administrative Tools is a category of Trojan
horse malware. It provides administrative access to the system and set up the
backdoor.
Howtopreventthismalware?
Youshouldexaminethesoftwarebeforeinstallingit.Installonlywhat
istrusted.
Youshouldhaveabackupofyourdata.
Youshouldupdatetheantivirussoftwareandoperatingsystem.
Rootkits:
Itcombineswithanothersoftwaretocreatemalwareandismostlyfoundinthe
kernel. Example of Rootkit: Zeus or Zbot. Rootkits are used for gaining
administrativecontroloveramachine.