CompTIA CSA+ Study Guide. Mike Chapple
Чтение книги онлайн.
Читать онлайн книгу CompTIA CSA+ Study Guide - Mike Chapple страница 4
Название: CompTIA CSA+ Study Guide
Автор: Mike Chapple
Издательство: John Wiley & Sons Limited
Жанр: Зарубежная образовательная литература
isbn: 9781119349884
isbn:
Chapter 13: Cybersecurity Toolkit This chapter provides a survey-style view of the many tools that you may encounter while performing threat and vulnerability management as well as incident response. We review tools, what they do, and where to get them.
Practice Exam Once you have completed your studies, the practice exam will provide you with a chance to test your knowledge. Use this exam to find places where you may need to study more or to verify that you are ready to tackle the exam. We’ll be rooting for you!
Appendix A: Answers to Review Questions The appendix has answers to the review questions you will find at the end of each chapter.
The following listing shows how the four Cybersecurity Analyst Exam objectives map to the chapters in this book. If you want to study a specific domain, this mapping can help you identify where to focus your reading.
Threat Management: Chapters 1, 2
Vulnerability Management: Chapters 3, 4
Cyber Incident Response: Chapters 5, 6, 7, 8
Security Architecture and Tools Sets: Chapters 7, 9, 10, 11, 12, 13
The book is written to build your knowledge as you progress through it, so starting at the beginning is a good idea. Each chapter includes notes on important content and 20 questions to help you test your knowledge. Once you are ready, a complete practice test is provided to assess your knowledge.
This study guide uses a number of common elements to help you prepare. These include the following:
Summaries The summary section of each chapter briefly explains the chapter, allowing you to easily understand what it covers.
Exam Essentials The exam essentials focus on major exam topics and critical knowledge that you should take into the test. The exam essentials focus on the exam objectives provided by CompTIA.
Chapter Review Questions A set of questions at the end of each chapter will help you assess your knowledge and if you are ready to take the exam based on your knowledge of that chapter’s topics.
Written Labs The written labs provide more in-depth practice opportunities to expand your skills and to better prepare for performance-based testing on the Cybersecurity Analyst+ exam.
Real-World Scenarios The real-world scenarios included in each chapter tell stories and provide examples of how topics in the chapter look from the point of view of a security professional. They include current events, personal experience, and approaches to actual problems.
This book comes with a number of additional study tools to help you prepare for the exam. They include the following.
Sybex’s test preparation software lets you prepare with electronic test versions of the review questions from each chapter, the practice exam, and the bonus exam that are included in this book. You can build and take tests on specific domains, by chapter, or cover the entire set of Cybersecurity Analyst+ exam objectives using randomized tests.
Our electronic flashcards are designed to help you prepare for the exam. Over 100 flashcards will ensure that you know critical terms and concepts.
Sybex provides a full glossary of terms in PDF format, allowing quick searches and easy reference to materials in this book.
In addition to the practice questions for each chapter, this book includes both a full 90-question practice exam and a 50-question bonus exam. We recommend that you use them both to test your preparedness for the certification exam.
Setting Up a Kali and Metasploitable Learning Environment
You can practice many of the techniques found in this book using open source and free tools. This section provides a brief “how to” guide for setting up a Kali Linux, a Linux distribution built as a broad security toolkit, and Metasploitable, an intentionally vulnerable Linux virtual machine.
To build a basic virtual security‐lab environment to run scenarios and to learn to use the applications and tools discussed in this book, you will need a virtualization program and virtual machines. There are many excellent security‐oriented distributions and tools beyond those in this example. As you gain experience, you may want to explore tools such as Security Onion, the SANS SIFT forensic distribution, and CAINE.
Running virtual machines can require a reasonably capable PC. We like to recommend an i5 or i7 (or equivalent) CPU, at least 8 GB of RAM, and 20 or more gigabytes of open space on your hard drive. If you have an SSD instead of a hard drive, you’ll be much happier with the performance of your VMs.
VirtualBox is a virtualization software package for x86 computers, and it is available for Windows, MacOS, and Linux. You can download VirtualBox at https://www.virtualbox.org/wiki/VirtualBox.
If you are more familiar with another virtualization tool such as VMware or HyperV, you can also use those tools; however, you may have to adapt or modify these instructions to handle differences in how your preferred virtualization environment works.
Making It Portable
You can also build your lab so you can take it on the road by using a portable version of VirtualBox from www.vbox.me. Just follow the instructions on the site, and put your virtual machines on an external drive of your choice. Note that this is typically a bit slower if you don’t have a fast USB drive.
Multiple versions of Kali Linux are available at https://www.kali.org/downloads/, and pre‐built Kali Linux virtual machines can be downloaded at https://www.offensive‐security.com/kali‐linux‐vmware‐virtualbox‐image‐download/. We suggest downloading the most recent version of the Kali Linux 64‐bit VBox virtual machine.
You can download the Metasploitable virtual machine at
https://sourceforge.net/projects/metasploitable/.
Usernames and Passwords
Kali’s СКАЧАТЬ