www.hellodigi.ir Cybersecurity Analyst (CSA+™) www.hellodigi.ir Study Guide Exam CS0-001 Mike Chapple David Seidl www.hellodigi.ir Senior Acquisitions Editor: Kenyon Brown Development Editor: David Clark Technical Editor: Robin Abernathy Production Editor: Rebecca Anderson Copy Editor: Elizabeth Welch Editorial Manager: Mary Beth Wakefield Production Manager: Kathleen Wisor Executive Editor: Jim Minatel Book Designers: Judy Fung and Bill Gibson Proofreader: Kim Wimpsett Indexer: Ted Laux Project Coordinator, Cover: Brent Savage Cover Designer: Wiley Cover Image: ©Getty Images Inc./Jeremy Woodhouse Copyright © 2017 by John Wiley & Sons, Inc., Indianapolis, Indiana, Published simultaneously in Canada ISBN: 978-1-119-34897-9 ISBN: 978-1-119-34991-4 (ebk.) ISBN: 978-1-119-34988-4 (ebk.) Manufactured in the United States of America No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600 Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose No warranty may be created or extended by sales or promotional materials The advice and strategies contained herein may not be suitable for every situation This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services If professional assistance is required, the services of a competent professional person should be sought Neither the publisher nor the author shall be liable for damages arising herefrom The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read For general information on our other products and services or to obtain technical support, please contact www.hellodigi.ir our Customer Care Department within the U.S at (877) 762-2974, outside the U.S at (317) 572-3993 or fax (317) 572-4002 Wiley publishes in a variety of print and electronic formats and by print-on-demand Some material included with standard print versions of this book may not be included in e-books or in print-on-demand If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com For more information about Wiley products, visit www.wiley.com Library of Congress Control Number: 2017935704 TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc and/or its affiliates, in the United States and other countries, and may not be used without written permission CompTIA and CSA+ are trademarks or registered trademarks of CompTIA Properties, LLC All other trademarks are the property of their respective owners John Wiley & Sons, Inc is not associated with any product or vendor mentioned in this book This eBook was posted by AlenMiler on AvaxHome! Many New eBooks in my Blog: http://avxhome.in/blogs/AlenMiler Mirror: https://avxhome.unblocked.tw/blogs/AlenMiler www.hellodigi.ir www.hellodigi.ir I dedicate this book to my father, who was a role model of the value of hard work, commitment to family, and the importance of doing the right thing Rest in peace, Dad —Mike Chapple This book is dedicated to Ric Williams, my friend, mentor, and partner in crime through my first forays into the commercial IT world Thanks for making my job as a “network janitor” one of the best experiences of my life —David Seidl www.hellodigi.ir www.hellodigi.ir Acknowledgments Books like this involve work from many people, and as authors, we truly appreciate the hard work and dedication that the team at Wiley shows We would especially like to thank senior acquisitions editor Kenyon Brown We have worked with Ken on multiple projects and consistently enjoy our work with him We also greatly appreciated the editing and production team for the book, including David Clark, our developmental editor, who brought years of experience and great talent to the project, Robin Abernathy, our technical editor, who provided insightful advice and gave wonderful feedback throughout the book, and Becca Anderson, our production editor, who guided us through layouts, formatting, and final cleanup to produce a great book We would also like to thank the many behind-the-scenes contributors, including the graphics, production, and technical teams who make the book and companion materials into a finished product Our agent, Carole Jelen of Waterside Productions, continues to provide us with wonderful opportunities, advice, and assistance throughout our writing careers Finally, we would like to thank our families and significant others who support us through the late evenings, busy weekends, and long hours that a book like this requires to write, edit, and get to press www.hellodigi.ir www.hellodigi.ir system logs system monitoring tools system ports systems-based views www.hellodigi.ir T TACACS+ authentication protocol tail command, Linux Tamper Data for Firefox tamper-proof seals TCP (Transfer Control Protocol) common ports monitoring connections netstat command operating system fingerprinting pings stack fingerprinting TCP SYN scans TCP/IP operating system fingerprinting stack fingerprinting tcpdump TCPView technical architecture, TOGAF technical controls endpoint security Technical Guide to Information Security Testing and Assessment technical views Telnet, TCP port temporary directories, forensic application termination, of employees testing and integration phase, SDLC www.hellodigi.ir testing and turnover, RAD TFTP, TCP port TGTs (ticket granting tickets) theHarvester third-party services, attacks against threats accidental adversarial attack vectors availability definition of environmental identifying integrity internal review question answers review questions structural threat analysis-based design ticket granting tickets (TGTs) tiers, NIST Cybersecurity Framework Time Travel Service timeboxing, Agile development timing, of penetration tests TOGAF (the Open Group Architecture Framework) tool-assisted code reviews www.hellodigi.ir toolkits EMET (Enhanced Mitigation Experience Toolkit) forensic SET (Social Engineering Toolkit) SIFT (SANS Investigate Forensic Toolkit) social engineering top command, Linux traceroute tracert command Tradesman's view, SABSA framework training and transition phase, SDLC training programs trend analysis triple-homed firewall trusted foundries TSK (Sleuth Kit) www.hellodigi.ir U UAT (user acceptance testing) UDP (User Datagram Protocol) operating system fingerprinting scans UFED, Cellebrite Ulbricht, Ross unauthorized software uniform protection Universal Security Manager (USM) Unix syslog tools Untidy fuzzer user acceptance testing See UAT user accounts See also identity-based security least privilege principle network device configuration files privilege creep privilege escalation user directories, forensic application user input validation fuzzing as secure coding best practice user stories, Agile development USM (Universal Security Manager) www.hellodigi.ir V V software development model Ved, Sanmay Vega velocity tracking, Agile development Veracode 2016 metrics version control tools virtual LANs See VLANs virtual machines Metasploitable escape vulnerabilities virtualization vulnerabilities VLANs (virtual LANs) Volatility Framework vulnerabilities Dirty COW endpoint vulnerabilities identifying Internet of Things vulnerabilities network vulnerabilities Open Vulnerability and Assessment Language (OVAL) POODLE virtualization vulnerabilities web application vulnerabilities zero-day www.hellodigi.ir vulnerability management programs corporate policy regulatory environment review question answers review questions scan frequency determinations scan target identification vulnerability scans barriers to credentialed scans frequency determinations identifying targets maintaining scanners remediation workflows reports review question answers review questions scan perspectives scanner maintenance scope of sensitivity levels validating results web applications www.hellodigi.ir W w command, Linux WAFs (web application firewalls) wargame exercises Warning, Cisco log level Waterfall software development model web applications cookie management cross-site scripting (XSS) attacks data validation fuzzers injection attacks interception proxies single sign-on systems vulnerability scanning web application firewalls (WAFs) web proxies WebGoat well-known ports What to Do if Compromised, Visa white team, wargames WhiteHat Security whitelisting Whois WinDbg www.hellodigi.ir Windows Firewall creating inbound rules verifying Windows incident response playbook (Univ of Central Florida) Windows Registry forensic application wired rogues wireless roques write blockers www.hellodigi.ir X-Y-Z XCCDF (Extensible Configuration Checklist Description Format) XSS (cross-site scripting) attacks web application scanners Yahoo breaches ZAP (Zed Attack Proxy) Zed Attack Proxy (ZAP) zero-day vulnerabilities ZIP compressed files password protection zone transfers www.hellodigi.ir www.hellodigi.ir Comprehensive Online Learning Environment Register on Sybex.com to gain access to the comprehensive online interactive learning environment and test bank to help you study for your CompTIA Cybersecurity Analyst (CSA+) certification The online test bank includes: Assessment Test to help you focus your study to specific objectives Chapter Tests to reinforce what you learned Practice Exams to test your knowledge of the material Digital Flashcards to reinforce your learning and provide last-minute test prep before the exam Searchable Glossary gives you instant access to the key terms you'll need to know for the exam Go to http://www.wiley.com/go/sybextestprep to register and gain access to this comprehensive study tool package www.hellodigi.ir 30% off On-Demand IT Video Training from ITProTV ITProTV and Sybex have partnered to provide 30% off a premium annual or monthly membership ITProTV provides a unique, custom learning environment for IT professionals and students alike, looking to validate their skills through vendor certifications On-demand courses provide over 1,000 hours of video training with new courses being added every month, while labs and practice exams provide additional hands-on experience For more information on this offer and to start your membership today, visit http://itpro.tv/sybex30/ www.hellodigi.ir www.hellodigi.ir WILEY END USER LICENSE AGREEMENT Go to www.wiley.com/go/eula to access Wiley’s ebook EULA This eBook was posted by AlenMiler on AvaxHome! Many New eBooks in my Blog: http://avxhome.in/blogs/AlenMiler Mirror: https://avxhome.unblocked.tw/blogs/AlenMiler www.hellodigi.ir ... Introduction CompTIA Cybersecurity Analyst (CSA+) Study Guide provides accessible explanations and real-world knowledge about the exam objectives that make up the Cybersecurity Analyst+ certification... Objectives Map for CompTIA Cybersecurity Analyst (CSA+) Exam CS0001 Objectives Map Assessment Test Answer to the Assessment Test Chapter Defending Against Cybersecurity Threats Cybersecurity Objectives.. .Cybersecurity Analyst (CSA+™) www.hellodigi.ir Study Guide Exam CS0-001 Mike Chapple David Seidl www.hellodigi.ir Senior Acquisitions