Principles of Computer Security: CompTIA Security+ and Beyond Lab Manual (Exam SY0-601)
5th Edition
1260470121
·
9781260470123
© 2022 | Published: August 6, 2021
Practice the Skills Essential for a Successful Career in Cybersecurity!This hands-on guide contains more than 90 labs that challenge you to solve real-world problems and help you to master key cybersecurity concepts. Clear, measurable lab results map…
Read More
Request Review Copy
Download file to PC or Mac desktops or laptops
Step 1. Download Adobe Digital Editions Both PC and Mac users will need to download Adobe Digital Editions to access their eBook. You can download Adobe Digital Editions at Adobe's website here.
Step 2. Register an Adobe ID if you do not already have one. (This step is optional, but allows you to open the file on multiple devices) Visit account.Adobe.com to register your Adobe account.
Step 3: Authorize Adobe Digital Editions using your Adobe ID. In Adobe Digital Editions, go to the Help menu. Choose “Authorize Computer.”
Step 4: Open your file with Adobe Digital Editions. Once you’ve linked your Adobe Digital Editions with your Adobe ID, you should be able to access your eBook on any device which supports Adobe Digital Editions and is authorized with your ID. If your eBook does not open in Adobe Digital Editions upon download, please contact customer service
Introduction
Additional Resources for Teachers
Chapter 1 Introduction and Security Trends
Lab Exercise 1.01: Staying Current with Industry
Lab Exercise 1.02: Cyber Threat Maps
Lab Exercise 1.03: Cybersecurity Survey
Lab Exercise 1.04: Building the Virtual Lab
Lab Analysis
Key Term Quiz
Chapter 2 General Security Concepts
Lab Exercise 2.01: Verizon DBIR
Lab Exercise 2.02: Linux File System Management
Lab Exercise 2.03: Linux Systems Administration
Lab Exercise 2.04: Linux System Security
Lab Analysis
Key Term Quiz
Chapter 3 Operational and Organizational Security
Lab Exercise 3.01: Policies
Lab Exercise 3.02: Training Documentation
Lab Exercise 3.03: Interoperability Agreements
Lab Analysis
Key Term Quiz
Chapter 4 The Role of People in Security
Lab Exercise 4.01: The Social-Engineer Toolkit
Lab Exercise 4.02: Phishing Tests
Lab Exercise 4.03: Reconnaissance Through Open-Source Intelligence
Lab Analysis
Key Term Quiz
Chapter 5 Cryptography
Lab Exercise 5.01: Symmetric Key Encryption
Lab Exercise 5.02: Asymmetric Key Encryption
Lab Exercise 5.03: Hashing
Lab Exercise 5.04: Diffie-Hellman Key Exchange
Lab Analysis
Key Term Quiz
Chapter 6 Applied Cryptography
Lab Exercise 6.01: Apple vs. FBI
Lab Exercise 6.02: Australia’s Assistance and Access Bill
Lab Exercise 6.03: To Serve Man
Lab Exercise 6.04: E-mail Cryptography
Lab Analysis
Key Term Quiz
Chapter 7 Public Key Infrastructure
Lab Exercise 7.01: DNSSEC for Security
Lab Exercise 7.02: DNSSEC for Exploiting
Lab Exercise 7.03: TLS in Action
Lab Analysis
Key Term Quiz
Chapter 8 Physical Security
Lab Exercise 8.01: Linux Password Recovery
Lab Exercise 8.02: Cisco Router Password Recovery
Lab Exercise 8.03: Cisco Switch Password Recovery
Lab Analysis
Key Term Quiz
Chapter 9 Network Fundamentals
Lab Exercise 9.01: Switch Configuration
Lab Exercise 9.02: Router Configuration
Lab Exercise 9.03: Passwords and SSH
Lab Analysis
Key Term Quiz
Chapter 10 Infrastructure Security
Lab Exercise 10.01: Port Security on Switches
Lab Exercise 10.02: Standard ACLs on Routers
Lab Exercise 10.03: Extended ACLs on Routers
Lab Analysis
Key Term Quiz
Chapter 11 Authentication and Remote Access
Lab Exercise 11.01: Dictionary Attacks on Linux Passwords with John the Ripper
Lab Exercise 11.02: Brute Force Attacks on Linux Passwords with crunch and John the Ripper
Lab Exercise 11.03: Dictionary Attacks and Brute Force Attacks on Windows Passwords with Mimikatz, crunch, and John the Ripper
Lab Exercise 11.04: Rainbow Table Attacks on Windows Passwords with ophcrack
Lab Analysis
Key Term Quiz
Chapter 12 Wireless Security and Mobile Devices
Lab Exercise 12.01: Wireless Network and Device Detection
Lab Exercise 12.02: Monitor Mode Sniffing
Lab Exercise 12.03: Cracking WPA2 Passwords and Deauthenticating Clients with Wifite
Lab Analysis
Key Term Quiz
Chapter 13 Intrusion Detection Systems and Network Security
Lab Exercise 13.01: Installing Ubuntu and Snort
Lab Exercise 13.02: Snort Sniffer Mode
Lab Exercise 13.03: Snort Packet Logger Mode
Lab Exercise 13.04: Snort Network Intrusion Detection System Mode
Lab Analysis
Key Term Quiz
Chapter 14 System Hardening and Baselines
Lab Exercise 14.01: Active Directory Domain Services and Domain Connectivity
Lab Exercise 14.02: Organizational Units and Groups
Lab Exercise 14.03: Users and Other Active Directory Objects
Lab Exercise 14.04: Permissions and Shares
Lab Exercise 14.05: Group Policy Objects
Lab Analysis
Key Term Quiz
Chapter 15 Types of Attacks and Malicious Software
Lab Exercise 15.01: Strings
Lab Exercise 15.02: UPX
Lab Exercise 15.03: PEview and Resource Hacker
Lab Exercise 15.04: VirusTotal
Lab Exercise 15.05: Regshot
Lab Exercise 15.06: Process Monitor
Lab Exercise 15.07: ApateDNS
Lab Analysis
Key Term Quiz
Chapter 16 Security Tools and Techniques
Lab Exercise 16.01: Port Scanning with Nmap
Lab Exercise 16.02: Sockets with netcat (nc) and ncat
Lab Exercise 16.03: Packet Crafting with hping3
Lab Exercise 16.04: Packet Crafting with Scapy
Lab Analysis
Key Term Quiz
Chapter 17 Web Components, E-mail, and Instant Messaging
Lab Exercise 17.01: E-mail Headers
Lab Exercise 17.02: SPF, DKIM, and DMARC
Lab Analysis
Key Term Quiz
Chapter 18 Cloud Computing
Lab Exercise 18.01: Microsoft Azure Training
Lab Exercise 18.02: Exploring Microsoft Azure
Lab Exercise 18.03: AWS Educate and AWS Training and Certification
Lab Exercise 18.04: Exploring AWS
Lab Analysis
Key Term Quiz
Chapter 19 Secure Software Development
Lab Exercise 19.01: Configuring WampServer and DVWA
Lab Exercise 19.02: SQL Injection
Lab Analysis
Key Term Quiz
Chapter 20 Risk Management
Lab Exercise 20.01: PowerShell Script Settings
Lab Exercise 20.02: PowerShell Exploitation
Lab Analysis
Key Term Quiz
Chapter 21 Business Continuity, Disaster Recovery, and Change Management
Lab Exercise 21.01: Business Continuity
Lab Exercise 21.02: Disaster Recovery
Lab Exercise 21.03: Change Management
Lab Analysis
Key Term Quiz
Chapter 22 Incident Response
Lab Exercise 22.01: Incident Response Companies and Stories
Lab Exercise 22.02: Metasploit Framework
Lab Exercise 22.03: Metasploit’s Meterpreter
Lab Exercise 22.04: Armitage
Lab Analysis
Key Term Quiz
Chapter 23 Computer Forensics
Lab Exercise 23.01: Windows Registry Forensics
Lab Exercise 23.02: Digital Evidence in RAM and on the Hard Drive
Lab Exercise 23.03: Steganography
Lab Exercise 23.04: Imaging, Recovering Deleted Files, File Signatures, and Analyzing Images
Lab Analysis
Key Term Quiz
Chapter 24 Legal Issues and Ethics
Lab Exercise 24.01: ACM Ethics
Lab Exercise 24.02: USENIX Ethics
Lab Exercise 24.03: Ethical Scenarios
Lab Exercise 24.04: Copyright
Lab Exercise 24.05: Creative Commons
Lab Exercise 24.06: FSF and GNU
Lab Analysis
Key Term Quiz
Chapter 25 Privacy
Lab Exercise 25.01: Shodan
Lab Exercise 25.02: Insecam
Lab Exercise 25.03: Google Hacking
Lab Analysis
Key Term Quiz
Index
Additional Resources for Teachers
Chapter 1 Introduction and Security Trends
Lab Exercise 1.01: Staying Current with Industry
Lab Exercise 1.02: Cyber Threat Maps
Lab Exercise 1.03: Cybersecurity Survey
Lab Exercise 1.04: Building the Virtual Lab
Lab Analysis
Key Term Quiz
Chapter 2 General Security Concepts
Lab Exercise 2.01: Verizon DBIR
Lab Exercise 2.02: Linux File System Management
Lab Exercise 2.03: Linux Systems Administration
Lab Exercise 2.04: Linux System Security
Lab Analysis
Key Term Quiz
Chapter 3 Operational and Organizational Security
Lab Exercise 3.01: Policies
Lab Exercise 3.02: Training Documentation
Lab Exercise 3.03: Interoperability Agreements
Lab Analysis
Key Term Quiz
Chapter 4 The Role of People in Security
Lab Exercise 4.01: The Social-Engineer Toolkit
Lab Exercise 4.02: Phishing Tests
Lab Exercise 4.03: Reconnaissance Through Open-Source Intelligence
Lab Analysis
Key Term Quiz
Chapter 5 Cryptography
Lab Exercise 5.01: Symmetric Key Encryption
Lab Exercise 5.02: Asymmetric Key Encryption
Lab Exercise 5.03: Hashing
Lab Exercise 5.04: Diffie-Hellman Key Exchange
Lab Analysis
Key Term Quiz
Chapter 6 Applied Cryptography
Lab Exercise 6.01: Apple vs. FBI
Lab Exercise 6.02: Australia’s Assistance and Access Bill
Lab Exercise 6.03: To Serve Man
Lab Exercise 6.04: E-mail Cryptography
Lab Analysis
Key Term Quiz
Chapter 7 Public Key Infrastructure
Lab Exercise 7.01: DNSSEC for Security
Lab Exercise 7.02: DNSSEC for Exploiting
Lab Exercise 7.03: TLS in Action
Lab Analysis
Key Term Quiz
Chapter 8 Physical Security
Lab Exercise 8.01: Linux Password Recovery
Lab Exercise 8.02: Cisco Router Password Recovery
Lab Exercise 8.03: Cisco Switch Password Recovery
Lab Analysis
Key Term Quiz
Chapter 9 Network Fundamentals
Lab Exercise 9.01: Switch Configuration
Lab Exercise 9.02: Router Configuration
Lab Exercise 9.03: Passwords and SSH
Lab Analysis
Key Term Quiz
Chapter 10 Infrastructure Security
Lab Exercise 10.01: Port Security on Switches
Lab Exercise 10.02: Standard ACLs on Routers
Lab Exercise 10.03: Extended ACLs on Routers
Lab Analysis
Key Term Quiz
Chapter 11 Authentication and Remote Access
Lab Exercise 11.01: Dictionary Attacks on Linux Passwords with John the Ripper
Lab Exercise 11.02: Brute Force Attacks on Linux Passwords with crunch and John the Ripper
Lab Exercise 11.03: Dictionary Attacks and Brute Force Attacks on Windows Passwords with Mimikatz, crunch, and John the Ripper
Lab Exercise 11.04: Rainbow Table Attacks on Windows Passwords with ophcrack
Lab Analysis
Key Term Quiz
Chapter 12 Wireless Security and Mobile Devices
Lab Exercise 12.01: Wireless Network and Device Detection
Lab Exercise 12.02: Monitor Mode Sniffing
Lab Exercise 12.03: Cracking WPA2 Passwords and Deauthenticating Clients with Wifite
Lab Analysis
Key Term Quiz
Chapter 13 Intrusion Detection Systems and Network Security
Lab Exercise 13.01: Installing Ubuntu and Snort
Lab Exercise 13.02: Snort Sniffer Mode
Lab Exercise 13.03: Snort Packet Logger Mode
Lab Exercise 13.04: Snort Network Intrusion Detection System Mode
Lab Analysis
Key Term Quiz
Chapter 14 System Hardening and Baselines
Lab Exercise 14.01: Active Directory Domain Services and Domain Connectivity
Lab Exercise 14.02: Organizational Units and Groups
Lab Exercise 14.03: Users and Other Active Directory Objects
Lab Exercise 14.04: Permissions and Shares
Lab Exercise 14.05: Group Policy Objects
Lab Analysis
Key Term Quiz
Chapter 15 Types of Attacks and Malicious Software
Lab Exercise 15.01: Strings
Lab Exercise 15.02: UPX
Lab Exercise 15.03: PEview and Resource Hacker
Lab Exercise 15.04: VirusTotal
Lab Exercise 15.05: Regshot
Lab Exercise 15.06: Process Monitor
Lab Exercise 15.07: ApateDNS
Lab Analysis
Key Term Quiz
Chapter 16 Security Tools and Techniques
Lab Exercise 16.01: Port Scanning with Nmap
Lab Exercise 16.02: Sockets with netcat (nc) and ncat
Lab Exercise 16.03: Packet Crafting with hping3
Lab Exercise 16.04: Packet Crafting with Scapy
Lab Analysis
Key Term Quiz
Chapter 17 Web Components, E-mail, and Instant Messaging
Lab Exercise 17.01: E-mail Headers
Lab Exercise 17.02: SPF, DKIM, and DMARC
Lab Analysis
Key Term Quiz
Chapter 18 Cloud Computing
Lab Exercise 18.01: Microsoft Azure Training
Lab Exercise 18.02: Exploring Microsoft Azure
Lab Exercise 18.03: AWS Educate and AWS Training and Certification
Lab Exercise 18.04: Exploring AWS
Lab Analysis
Key Term Quiz
Chapter 19 Secure Software Development
Lab Exercise 19.01: Configuring WampServer and DVWA
Lab Exercise 19.02: SQL Injection
Lab Analysis
Key Term Quiz
Chapter 20 Risk Management
Lab Exercise 20.01: PowerShell Script Settings
Lab Exercise 20.02: PowerShell Exploitation
Lab Analysis
Key Term Quiz
Chapter 21 Business Continuity, Disaster Recovery, and Change Management
Lab Exercise 21.01: Business Continuity
Lab Exercise 21.02: Disaster Recovery
Lab Exercise 21.03: Change Management
Lab Analysis
Key Term Quiz
Chapter 22 Incident Response
Lab Exercise 22.01: Incident Response Companies and Stories
Lab Exercise 22.02: Metasploit Framework
Lab Exercise 22.03: Metasploit’s Meterpreter
Lab Exercise 22.04: Armitage
Lab Analysis
Key Term Quiz
Chapter 23 Computer Forensics
Lab Exercise 23.01: Windows Registry Forensics
Lab Exercise 23.02: Digital Evidence in RAM and on the Hard Drive
Lab Exercise 23.03: Steganography
Lab Exercise 23.04: Imaging, Recovering Deleted Files, File Signatures, and Analyzing Images
Lab Analysis
Key Term Quiz
Chapter 24 Legal Issues and Ethics
Lab Exercise 24.01: ACM Ethics
Lab Exercise 24.02: USENIX Ethics
Lab Exercise 24.03: Ethical Scenarios
Lab Exercise 24.04: Copyright
Lab Exercise 24.05: Creative Commons
Lab Exercise 24.06: FSF and GNU
Lab Analysis
Key Term Quiz
Chapter 25 Privacy
Lab Exercise 25.01: Shodan
Lab Exercise 25.02: Insecam
Lab Exercise 25.03: Google Hacking
Lab Analysis
Key Term Quiz
Index
Practice the Skills Essential for a Successful Career in Cybersecurity!
This hands-on guide contains more than 90 labs that challenge you to solve real-world problems and help you to master key cybersecurity concepts. Clear, measurable lab results map to exam objectives, offering direct correlation to Principles of Computer Security: CompTIA Security+™ and Beyond, Sixth Edition (Exam SY0-601). For each lab, you will get a complete materials list, step-by-step instructions and scenarios that require you to think critically. Each chapter concludes with Lab Analysis questions and a Key Term quiz. Beyond helping you prepare for the challenging exam, this book teaches and reinforces the hands-on, real-world skills that employers are looking for.
In this lab manual, you’ll gain knowledge and hands-on experience with
- Linux systems administration and security
- Reconnaissance, social engineering, phishing
- Encryption, hashing
- OpenPGP, DNSSEC, TLS, SSH
- Hacking into systems, routers, and switches
- Routing and switching
- Port security, ACLs
- Password cracking
- Cracking WPA2, deauthentication attacks, intercepting wireless traffic
- Snort IDS
- Active Directory, file servers, GPOs
- Malware reverse engineering
- Port scanning
- Packet sniffing, packet crafting, packet spoofing
- SPF, DKIM, and DMARC
- Microsoft Azure, AWS
- SQL injection attacks
- Fileless malware with PowerShell
- Hacking with Metasploit and Armitage
- Computer forensics
- Shodan
- Google hacking
- Policies, ethics, and much more