CompTIA Security+ All-in-One Exam Guide, Third Edition (Exam SY0-301)

CompTIA Security+ All-in-One Exam Guide, Third Edition (Exam SY0-301)

3.82 (34 ratings by Goodreads)
By (author)  , By (author)  , By (author)  , By (author)  , By (author) 

List price: US$60.00

Currently unavailable

Add to wishlist

AbeBooks may have this title (opens in new window).

Try AbeBooks

Description

Official CompTIA Content! Prepare for CompTIA Security+ Exam SY0-301 with McGraw-Hill-a Gold-Level CompTIA Authorized Partner offering Official CompTIA Approved Quality Content to give you the competitive edge on exam day.

Get complete coverage of all the objectives included on CompTIA Security+ exam inside this completely updated, comprehensive volume. Written by leading network security experts, this definitive guide covers exam SY0-301 in full detail. You'll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the exam with ease, this practical resource also serves as an essential on-the-job reference.

Covers all exam topics, including:

General security conceptsOperational organizational securityLegal issues, privacy, and ethicsCryptographyPublic key infrastructureStandards and protocolsPhysical securityInfrastructure securityRemote access and authenticationIntrusion detection systemsSecurity baselinesTypes of attacks and malicious softwareE-mail and instant messagingWeb componentsDisaster recovery and business continuityRisk, change, and privilege managementComputer forensics


CD-ROM features:

Two full practice examsPDF copy of the book


From the AuthorsPreparing Yourself for the CompTIA Security+ Exam
CompTIA Security+ Certification All-in-One Exam Guide is designed to help prepare you to take the CompTIA Security+ certification exam SY0-301. When you pass it, you will demonstrate that you have that basic understanding of security that employers are looking for. Passing this certification exam will not be an easy task, for you will need to learn many things to acquire that basic understanding of computer and network security.How This Book Is Organized
The book is divided into sections and chapters to correspond with the objectives of the exam itself. Some of the chapters are more technical than others-reflecting the nature of the security environment, where you will be forced to deal with not only technical details but also other issues, such as security policies and procedures as well as training and education. Although many individuals involved in computer and network security have advanced degrees in math, computer science, information systems, or computer or electrical engineering, you do not need this technical background to address security effectively in your organization. You do not need to develop your own cryptographic algorithm; for example, you simply need to be able to understand how cryptography is used along with its strengths and weaknesses. As you progress in your studies, you will learn that many security problems are caused by the human element. The best technology in the world still ends up being placed in an environment where humans have the opportunity to foul things up-and all too often do.Part I: Security Concepts: The book begins with an introduction to some of thebasic elements of security.Part II: Cryptography and Applications: Cryptography is an important part of security, and this part covers this topic in detail. The purpose is not to make cryptographers out of readers but to instead provide a basic understanding of how cryptography works and what goes into a basic cryptographic scheme. An important subject in cryptography, and one that is essential for the reader to understand, is the creation of public key infrastructures, and this topic is covered as well.Part III: Security in the Infrastructure: The next part concerns infrastructure issues. In this case, we are not referring to the critical infrastructures identified by the White House several years ago (identifying sectors such as telecommunications, banking and finance, oil and gas, and so forth) but instead the various components that form the backbone of an organization's security structure.Part IV: Security in Transmissions: This part discusses communications security. This is an important aspect of security because, for years now, we have connected our computers together into a vast array of networks. Various protocols in use today that the security practitioner needs to be aware of are discussed in this part.Part V: Operational Security: This part addresses operational and organizational issues. This is where we depart from a discussion of technology again and will instead discuss how security is accomplished in an organization. Because we know that we will not be absolutely successful in our security efforts-attackers are always finding new holes and ways around our security defenses-one of the most important topics we will address is the subject of security incident response and recovery. Also included is a discussion of change management (addressing the subject we alluded to earlier when addressing the problems with patch management), security awareness and training, incident response, and forensics.Part VI: Appendixes: There are two appendixes in CompTIA Security+ All-in-One Exam Guide. Appendix A provides an additional in-depth explanation of the OSI model and Internet protocols, should this information be new to you, and Appendix B explains how best to use the CD-ROM included with this book.Glossary: Located just before the index, you will find a useful glossary of security terminology, including many related acronyms and their meanings. We hope that you use the glossary frequently and find it to be a useful study aid as you work your way through the various topics in this exam guide.
show more

Product details

  • Book | 699 pages
  • 193 x 241 x 40mm | 1,344g
  • MCGRAW-HILL Professional
  • New York, NY, United States
  • English
  • 3rd edition
  • 0071771476
  • 9780071771474
  • 698,669

Table of contents

Part I Security Concepts
Chapter 1 General Security Concepts
Chapter 2 Operational Organizational Security
Chapter 3 Legal Issues, Privacy, and Ethics
Part II Cryptography and Applications
Chapter 4 Cryptography
Chapter 5 Public Key Infrastructure
Chapter 6 Standards and Protocols
Part III Security in the Infrastructure
Chapter 7 Physical Security
Chapter 8 Infrastructure Security
Chapter 9 Authentication and Remote Access
Chapter 10 Wireless Security
Part IV Security in Transmissions
Chapter 11 Intrusion Detection Systems
Chapter 12 Security Baselines
Chapter 13 Types of Attacks and Malicious Software
Chapter 14 E-Mail and Instant Messaging
Chapter 15 Web Components
Part V Operational Security
Chapter 16 Disaster Recovery and Business Continuity
Chapter 17 Risk Management
Chapter 18 Change Management
Chapter 19 Privilege Management
Chapter 20 Computer Forensics
Appendices
Appendix A OSI Model and Internet Protocols
Appendix B About the CD
GlossaryIndex
show more

About Gregory B. White

Wm. Arthur Conklin (Houston, TX), Security+, CISSP, is an Assistant Professor in the Information and Logistics Technology department at the University of Houston. In addition to his PhD, Mr. Conklin has a MBA from UTSA, and two graduate degrees in Electrical Engineering from the Naval Postgraduate School in Monterey, California. Dr. Conklins interests are information security, systems theory, and secure software design.



Greg White (San Antonio, TX), Security+, CISSP, is an Associate Professor in the Department of Computer Science at the University of Texas at San Antonio. Dr. White is the Director of the Center for Infrastructure Assurance and Security at UTSA, and was the author of the first edition of the Security+ All-in-One Exam Guide from McGraw-Hill.



Roger L. Davis is a Senior Internal Audit Manager at NuSkin Enterprises and is responsible for evaluating global business operations in over 35 countries. He is a retired Air Force Colonel with over 20 years of military and information security experience. Mr. Davis is a Certified Information Systems Security Professional (CISSP) and holds a Masters Degree in Computer Science from George Washington University.



Chuck Cothren is a Research Scientist at University of Texas at San Antonio (UTSA) Center for Infrastructure Assurance and Security (CIAS) and currently serves on the Information Security Associations Alamo Chapter Board of Directors. Mr. Cothren has a wide array of security experience including performing controlled penetration testing, network security policies, computer intrusion forensics, and computer training. He is a Certified Information Systems Security Professional (CISSP) and has co-authored other McGraw-Hill/Osborne titles. Mr. Cothren holds a B.S. in Industrial Distribution from Texas A&M University.
show more

Rating details

34 ratings
3.82 out of 5 stars
5 18% (6)
4 50% (17)
3 29% (10)
2 3% (1)
1 0% (0)
Book ratings by Goodreads
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book. Close X