CompTIA Security+ SYO-301 Cert Guide, Deluxe Edition with MyITcertificationLab Bundle

CompTIA Security+ SYO-301 Cert Guide, Deluxe Edition with MyITcertificationLab Bundle

  • Mixed media product
By (author) 

List price: US$84.99

Currently unavailable

Add to wishlist

AbeBooks may have this title (opens in new window).

Try AbeBooks

Description

Learn, prepare, and practice for CompTIA Security+ SY0-301exam success with this CompTIA Authorized Cert Guide, Deluxe Edition from Pearson IT Certification, a leader in IT Certification learning and a CompTIA Authorized Platinum Partner. The DVD features three complete practice exams, complete video solutions to the 25 hands-on labs, plus 25 interactive flash-based learning activities that include drag-n-drop and matching to reinforce the learning. Master CompTIA's Security+ SY0-301 exam topics Assess your knowledge with chapter-ending quizzes Review key concepts with exam preparation tasks Practice with realistic exam questions on the DVD Includes complete video solutions to the 25 hands-on labs Plus 25 interactive learning activities on key exam topics CompTIA Security+ SY0-301 Authorized Cert Guide, Deluxe Edition includes video solutions to the hands-on labs, practice tests, and interactive activities that let the reader learn by doing. Best-selling author and expert instructor David Prowse shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics. The book presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your approach to passing the exam. The companion Deluxe Edition DVD contains the powerful Pearson IT Certification Practice Test engine, with three complete practice exams and hundreds of exam-realistic questions. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. The Deluxe Edition DVD also includes complete video solutions to the 25 hands-on labs in the book and 25 interactive learning activities on key exam topics to reinforce the learning by doing. Learning activities such as test password strength, match the type of Malware with its definition, find the security issues in the network map, and disallow a user access to the network on Saturday and Sunday. Interactive Learning Activities: 2.1 Filtering Emails 2.2 Malware Types 2.3 Securing the BIOS 3.1 Stopping Services in the Command Prompt 3.2 Patch Management 5.1 Port Numbers, Part 1 5.2 Port Numbers, Part 2 5.3 Port Numbers, Part 3 5.4 Network Attacks, Part 1 5.5 Network Attacks, Part 2 5.6 Network Attacks, Part 3 5.7 Network Attacks, Part 4 6.1 Network Security 7.1 Password Strength 8.1 802.1X Components 8.2 Authentication Types 9.1 Access Control Models 9.2 Configuring Logon Hours 10.1 Risk Assessment, Part 1 10.2 Risk Assessment, Part 2 10.3 Vulnerability Management Process 11.1 Packet Analysis 12.1 Symmetric and Asymmetric Algorithms 14.1 RAID Levls 15.1 Social Engineering Types Hands-On Labs: 2-1 Using Free Malware Scanning Programs 2-2 How to Secure the BIOS 3-1 Discerning & Updating Service Pack Level 3-2 Creating a Virtual Machine 3-3 Securing a Virtual Machine 4-1 Securing the Browser 4-2 Disabling Applications 5-1 Port Scanning Basics 6-1 Packet Filtering and NAT Firewalls 6-2 Configuring Inbound Filter on a Firewall 6-3 Enabling MAC Filtering 7-1 Securing a Wireless Device: 8 Steps 7-2 Wardriving and the Cure 8-1 Enabling 802.1X on a Network Adapter 8-2 Setting Up a VPN 9-1 Password Policies and User Accounts 9-2 Configuring User and Group Permissions 10-1 Mapping and Scanning the Network 10-2 Password Cracking and Defense 11-1 Using Protocol Analyzers 12-1 Disabling LM Hash in Windows Server 2003 13-1 A Basic Example of PKI 13-2 Making an SSH Connection 14-1 Configuring RAID 1 and 5 16-1 How to Approach Exam Questions Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this CompTIA authorized study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time. The CompTIA authorized study guide helps you master all the topics on the Security+ exam, including Core computer system security OS hardening and virtualization Application security Network design elements and threats Perimeter security Network media and devices security Physical security and authentication models Access control Vulnerability and risk assessment Monitoring and auditing Cryptography, including PKI Redundancy and disaster recovery Policies and procedures MyITCertificationLab MyITCertificationlabs should be used in an instructor led classroom environment and are not intended for individual self-study Pearson's MyITCertificationLabs make studying more efficient and more effective for every student with Dynamic Study Modules. Dynamic Study Modules work by continuously assessing student performance and activity, then using data and analytics to provide personalized content in real-time to reinforce concepts that target each student's particular strengths and weaknesses. For students, Dynamic Study Modules leverage research from the fields of cognitive psychology, neurobiology and game studies to deliver a uniquely-effective learning system. Each Dynamic Study Module is highly optimized to promote fast learning and long-term retention. And because MyITCertificationLabs are built for mobile, students can access this patented learning methodology and highly-personalized, algorithmically-driven learning process from wherever they are. For educators, Dynamic Study Modules offer a robust reporting dashboard that delivers key analytics on learner data, so it's easy to adjust curricula. Because MyITCertificationLabs help students stay on track and achieve a higher level of subject-matter mastery, educators can dedicate more class time to higher-order ideas, understanding and expanding complex concepts, and helping students reinforce what they've learned through collaborative activities. Companion Deluxe Edition DVD The Deluxe Edition DVD contains three free, complete practice exams, video solutions to the 25 hands-on labs plus 25 interactive flash-based learning activities that include drag-n-drop and matching to reinforce the learning. Includes Exclusive Offer for 70% Off Premium Edition eBook and Practice Test. Pearson IT Certification Practice Test minimum system requirements: Windows XP (SP3), Windows Vista (SP2), or Windows 7; Microsoft .NET Framework 4.0 Client; Pentium class 1GHz processor (or equivalent); 512 MB RAM; 650 MB hard disk space plus 50 MB for each downloaded practice exam.
show more

Product details

  • Mixed media product | 752 pages
  • Pearson It Certification
  • Upper Saddle River, United States
  • 2nd edition
  • 0789751100
  • 9780789751102

Table of contents

Introduction xxvChapter 1 Introduction to Security 3Foundation Topics 4Security 101 4The CIA of Computer Security 4The Basics of Information Security 6Think Like a Hacker 9Exam Preparation Tasks 11Review Key Topics 11Define Key Terms 11Answer Review Questions 11Answers and Explanations 13Chapter 2 Computer Systems Security 17Foundation Topics 18Computer Systems Security Threats 18Malicious Software 18 Viruses 18 Worms 19 Trojan Horses 20 Spyware 21 Rootkits 21 Spam 21 Summary of Malware Threats 22Ways to Deliver Malicious Software 23 Via Software, Messaging, and Media 23 Active Interception 23 Privilege Escalation 24 Backdoors 24 Logic Bombs 24 Botnets and Zombies 25Preventing and Troubleshooting Malware 26 Preventing and Troubleshooting Viruses 26 Preventing and Troubleshooting Worms and Trojans 30 Preventing and Troubleshooting Spyware 30 Preventing and Troubleshooting Rootkits 32 Preventing and Troubleshooting Spam 33 You Can't Save Every Computer from Malware! 35 Summary of Malware Prevention Techniques 35Implementing Security Applications 36Personal Software Firewalls 36Host-Based Intrusion Detection Systems 38Pop-Up Blockers 40Data Loss Prevention Systems 42Securing Computer Hardware and Peripherals 42Securing the BIOS 43Securing Storage Devices 44 Removable Storage 44 Network Attached Storage 45 Whole Disk Encryption 45 Hardware Security Modules 47Securing Cell Phones and Smartphones 47Exam Preparation Tasks 49Review Key Topics 49Complete Tables and Lists from Memory 49Define Key Terms 50Hands-On Labs 50Equipment Needed 50Lab 2-1: Using Free Malware Scanning Programs 50Lab 2-2: How to Secure the BIOS 51View Recommended Resources 53Answer Review Questions 54Answers and Explanations 60Chapter 3 OS Hardening and Virtualization 67Foundation Topics 68Hardening Operating Systems 68Removing Unnecessary Applications and Services 68Service Packs 72Windows Update, Patches, and Hotfixes 75 Patches and Hotfixes 77 Patch Management 79Group Policies, Security Templates, and Configuration Baselines 80Hardening File Systems and Hard Drives 82Virtualization Technology 86Types of Virtualization and Their Purposes 86Working with Virtual Machines 88 Microsoft Virtual PC 88 Microsoft Windows XP Mode 90 Microsoft Virtual Server 90 VMware 91 Hypervisor 92Securing Virtual Machines 92Exam Preparation Tasks 94Review Key Topics 94Complete Tables and Lists from Memory 95Define Key Terms 95Hands-On Labs 95Equipment Needed 95Lab 3-1: Discerning and Updating the Service Pack Level 96Lab 3-2: Creating a Virtual Machine in Virtual PC 2007 96Lab 3-3: Securing a Virtual Machine 98View Recommended Resources 101Answer Review Questions 102Answers and Explanations 105Chapter 4 Application Security 109Foundation Topics 110Securing the Browser 110General Browser Security Procedures 111 Implement Policies 111 Train Your Users 114 Use a Proxy and Content Filter 114 Secure Against Malicious Code 116Securing Internet Explorer 116Securing Firefox 121Securing Other Applications 124Secure Programming 127Systems Development Life Cycle 128Programming Testing Methods 130Programming Vulnerabilities and Attacks 132 Backdoors 132 Buffer Overflows 132 XSS and XSRF 133 More Code Injection Examples 133 Directory Traversal 134 Zero Day Attack 135Exam Preparation Tasks 136Review Key Topics 136Complete Tables and Lists from Memory 136Define Key Terms 137Hands-On Labs 137Equipment Needed 137Lab 4-1: Securing the Browser 137Lab 4-2: Disabling Applications with a Windows Server 2008 Policy 138View Recommended Resources 141Answer Review Questions 141Answers and Explanations 145Chapter 5 Network Design Elements and Network Threats 149Foundation Topics 150Network Design 150Network Devices 150 Hub 150 Switch 151 Router 152Network Address Translation, and Private Versus Public IP 154Network Zones and Interconnections 156 LAN Versus WAN 157 Internet 157 Demilitarized Zone (DMZ) 157 Intranets and Extranets 159 Cloud Computing 159Network Access Control (NAC) 162Subnetting 162Virtual Local Area Network (VLAN) 164Telephony Devices 165 Modems 166 PBX Equipment 166 VoIP 167Ports and Protocols 167Ports Ranges, Inbound Versus Outbound, and Common Ports 167Protocols That Can Cause Anxiety on the Exam 174Malicious Network Attacks 175DoS 175DDoS 178Spoofing 178Session Hijacking 179Replay 181Null Sessions 181Transitive Access and Client-Side Attacks 182DNS Poisoning and Other DNS Attacks 183ARP Poisoning 184Summary of Network Attacks 185Exam Preparation Tasks 188Review Key Topics 188Complete Tables and Lists from Memory 189Define Key Terms 189Hands-On Labs 189Equipment Needed 190Lab 5-1: Port Scanning Basics 190View Recommended Resources 191Answer Review Questions 192Answers and Explanations 199Chapter 6 Network Perimeter Security 205Foundation Topics 206Firewalls and Network Security 206Firewalls 207Proxy Servers 212Honeypots and Honeynets 215Data Loss Prevention (DLP) 216NIDS Versus NIPS 217NIDS 217NIPS 218Summary of NIDS Versus NIPS 219The Protocol Analyzer's Role in NIDS and NIPS 220Exam Preparation Tasks 220Review Key Topics 220Complete Tables and Lists from Memory 221Define Key Terms 221Hands-On Labs 221Equipment Needed 222Lab 6-1: Packet Filtering and NAT Firewalls 222Lab 6-2: Configuring an Inbound Filter on a SOHO Router/Firewall 223Lab 6-3: Enabling MAC Filtering 224View Recommended Resources 225Answer Review Questions 225Answers and Explanations 229Chapter 7 Securing Network Media and Devices 233Foundation Topics 234Securing Wired Networks and Devices 234Network Device Vulnerabilities 234 Default Accounts 234 Weak Passwords 235 Privilege Escalation 236 Back Doors 237 Network Attacks 237 Other Network Device Considerations 238Cable Media Vulnerabilities 238 Interference 239 Crosstalk 240 Data Emanation 241 Tapping into Data and Conversations 241Securing Wireless Networks 244Wireless Access Point Vulnerabilities 244 Secure the Administration Interface 244 SSID Broadcast 245 Rogue Access Points 245 Evil Twin 246 Weak Encryption 246 Other Wireless Access Point Security Strategies 248Wireless Transmission Vulnerabilities 250Bluetooth Vulnerabilities 250 Bluejacking 251 Bluesnarfing 251Exam Preparation Tasks 252Review Key Topics 252Complete Tables and Lists from Memory 253Define Key Terms 253Hands-On Labs 253Equipment Needed 254Lab 7-1: Securing a Wireless Device: 8 Steps to a Secure Network 254Lab 7-2: Wardriving...and The Cure 256View Recommended Resources 257Answer Review Questions 257Answers and Explanations 261Chapter 8 Physical Security and Authentication Models 265Foundation Topics 267Physical Security 267General Building and Server Room Security 267Door Access 268Biometric Readers 270Authentication Models and Components 271Authentication Models 271Localized Authentication Technologies 273 802.1X and EAP 273 LDAP 276 Kerberos and Mutual Authentication 277 Terminal Services 279Remote Authentication Technologies 279 Remote Access Service 280 Virtual Private Networks 281 RADIUS Versus TACACS 284Exam Preparation Tasks 286Review Key Topics 286Complete Tables and Lists from Memory 287Define Key Terms 287Hands-On Labs 287Equipment Needed 288Lab 8-1: Enabling 802.1X on a Network Adapter 288Lab 8-2: Setting Up a VPN 289View Recommended Resources 291Answer Review Questions 292Answers and Explanations 299Chapter 9 Access Control Methods and Models 305Foundation Topics 306Access Control Models Defined 306Discretionary Access Control 306Mandatory Access Control 308Role-Based Access Control (RBAC) 309Access Control Wise Practices 310Rights, Permissions, and Policies 313Users, Groups, and Permissions 313 Permission Inheritance and Propagation 317Moving and Copying Folders and Files 318Usernames and Passwords 318Policies 322User Account Control (UAC) 325Exam Preparation Tasks 326Review Key Topics 326Complete Tables and Lists from Memory 327Define Key Terms 327Hands-On Labs 327Equipment Needed 327Lab 9-1: Configuring Password Policies and User Account Restrictions 328Lab 9-2: Configuring User and Group Permissions 330View Recommended Resources 331Answer Review Questions 332Answers and Explanations 337Chapter 10 Vulnerability and Risk Assessment 341Foundation Topics 342Conducting Risk Assessments 342Qualitative Risk Assessment 344Quantitative Risk Assessment 344Security Analysis Methodologies 346Security Controls 347Vulnerability Management 349 Penetration Testing 350 OVAL 351Assessing Vulnerability with Security Tools 352Network Mapping 352Vulnerability Scanning 355Network Sniffing 358Password Analysis 359Exam Preparation Tasks 363Review Key Topics 363Complete Tables and Lists from Memory 363Define Key Terms 364Hands-On Labs 364Equipment Needed 364Lab 10-1: Mapping and Scanning the Network 365Lab 10-2: Password Cracking and Defense 366View Recommended Resources 367Answer Review Questions 368Answers and Explanations 374Chapter 11 Monitoring and Auditing 379Foundation Topics 380Monitoring Methodologies 380Signature-Based Monitoring 380Anomaly-Based Monitoring 381Behavior-Based Monitoring 381Using Tools to Monitor Systems and Networks 382Performance Baselining 382Protocol Analyzers 384 Wireshark 385 Network Monitor 386 SNMP 388Conducting Audits 389Auditing Files 389Logging 392Log File Maintenance and Security 394Auditing System Security Settings 396Exam Preparation Tasks 399Review Key Topics 399Complete Tables and Lists from Memory 400Define Key Terms 400Hands-On Labs 400Equipment Needed 400Lab 11-1: Using Protocol Analyzers 401View Recommended Resources 403Answer Review Questions 404Answers and Explanations 409Chapter 12 Encryption and Hashing Concepts 415Foundation Topics 416Cryptography Concepts 416Symmetric Versus Asymmetric Key Algorithms 419 Symmetric Key Algorithms 420 Asymmetric Key Algorithms 421 Public Key Cryptography 421Key Management 422Steganography 423Encryption Algorithms 423DES and 3DES 424AES 424RC 425Summary of Symmetric Algorithms 426RSA 426Diffie-Hellman 427Elliptic Curve 428More Encryption Types 428 One-Time Pad 428 PGP 429Hashing Basics 430Cryptographic Hash Functions 431 MD5 432 SHA 432 Happy Birthday! 432LANMAN, NTLM, and NTLM2 433 LANMAN 433 NTLM and NTLM2 435Exam Preparation Tasks 436Review Key Topics 436Complete Tables and Lists from Memory 436Define Key Terms 436Hands-On Lab 437Equipment Needed 437Lab 12-1: Disabling the LM Hash in Windows Server 2003 437View Recommended Resources 438Answer Review Questions 439Answers and Explanations 445Chapter 13 PKI and Encryption Protocols 451Foundation Topics 452Public Key Infrastructure 452Certificates 452Certificate Authorities 453Single-Sided and Dual-Sided Certificates 456Web of Trust 456Security Protocols 457S/MIME 457SSL/TLS 458SSH 459PPTP, L2TP, and IPsec 459 PPTP 460 L2TP 460 IPsec 460Exam Preparation Tasks 461Review Key Topics 461Define Key Terms 462Hands-On Labs 462Equipment Needed 462Lab 13-1: A Basic Example of PKI 462Lab 13-2: Making an SSH Connection 463View Recommended Resources 465Answer Review Questions 465Answers and Explanations 470Chapter 14 R edundancy and Disaster Recovery 475Foundation Topics 476Redundancy Planning 476Redundant Power 478 Redundant Power Supplies 479 Uninterruptible Power Supplies 480 Backup Generators 481Redundant Data 483Redundant Networking 486Redundant Servers 488Redundant Sites 489Disaster Recovery Planning and Procedures 490Data Backup 490DR Planning 494Exam Preparation Tasks 497Review Key Topics 497Complete Tables and Lists from Memory 497Define Key Terms 498Hands-On Labs 498Equipment Needed 498Lab 14-1: Configuring RAID 1 and 5 498View Recommended Resources 500Answer Review Questions 500Answers and Explanations 504Chapter 15 Policies, Procedures, and People 509Foundation Topics 510Environmental Controls 510Fire Suppression 510 Fire Extinguishers 510 Sprinkler Systems 512 Special Hazard Protection Systems 512HVAC 513Shielding 514Social Engineering 515Pretexting 516Diversion Theft 516Phishing 516Hoaxes 518Shoulder Surfing 518Eavesdropping 518Dumpster Diving 519Baiting 519Piggybacking/Tailgating 519Summary of Social Engineering Types 519User Education and Awareness 520Legislative and Organizational Policies 521Data Sensitivity and Classification of Information 522Personnel Security Policies 524 Privacy Policies 525 Acceptable Use 525 Change Management 525 Separation of Duties/Job Rotation 526 Mandatory Vacations 526 Due Diligence 527 Due Care 527 Due Process 527 User Education and Awareness Training 527 Summary of Personnel Security Policies 528How to Deal with Vendors 529How to Dispose of Computers and Other IT Equipment Securely 529Incident Response Procedures 531Exam Preparation Tasks 534Review Key Topics 534Complete Tables and Lists from Memory 535Define Key Terms 535View Recommended Resources 535Answer Review Questions 536Answers and Explanations 543Chapter 16 Taking the Real Exam 551Foundation Topics 552Getting Ready and the Exam Preparation Checklist 552Tips for Taking the Real Exam 555Beyond the CompTIA Security+ Certification 558Hands-On Lab 559Practice Exam 1 561Practice Exam 2 611Glossary 663Master List of Key Topics 685 On the DVD:Appendix A: Memory TablesAppendix B: Memory Tables Answer Key 9780789748270 TOC 11/29/2011
show more