CompTIA Security+ Study Guide : (Exam# SY0-301)
The preparation you need for the new CompTIA Security+ exam SY0-301 This top-selling study guide helps candidates prepare for exam SY0-301 and certification as a CompTIA Security+ administrator. Inside the new, CompTIA Authorized edition, you'll find complete coverage of all Security+ exam objectives, loads of real-world examples, and a CD packed with cutting-edge exam prep tools. The book covers key exam topics such as general security concepts, infrastructure security, the basics of cryptography, and much more. Provides 100% coverage of all exam objectives for the new CompTIA Security+ exam SY0-301 including: Network security Compliance and operational security Threats and vulnerabilities Application, data and host security Access control and identity management Cryptography Covers key topics such as general security concepts, communication and infrastructure security, the basics of cryptography, operational security, and more Offers practical examples and insights drawn from the real world Includes a CD with two practice exams, all chapter review questions, electronic flashcards, and more Obtain your Security+ certification and jump-start your career.
It's possible with the kind of thorough preparation you'll receive from CompTIA Security+ Study Guide, 5th Edition .
It's possible with the kind of thorough preparation you'll receive from CompTIA Security+ Study Guide, 5th Edition .
- CD-ROM | 696 pages
- 186 x 233 x 38mm | 1,066g
- 05 Sep 2011
- John Wiley & Sons Inc
- New York, United States
- 5th Revised edition
Back cover copy
All the Preparation You Need for Exam SY0-301 Validate your professional computer security expertise with this certification that helps you stand out in the marketplace. This CompTIA Authorized study guide is your key to preparing for CompTIA's new Security+ Exam SY0-301. Acquire hands-on skills and validate your in-depth knowledge of computer security, then use this valuable training as a springboard to more advanced security certifications. Inside, you'll find: Full coverage of all exam objectives in a systematic approach, so you can be confident you're getting the instruction you need for the examPractical hands-on exercises to reinforce critical skillsReal-world scenarios that put what you've learned in the context of actual job rolesOver 300 challenging review questions to prepare you for exam dayExam Essentials, a key feature in each chapter that identifies critical areas you must become proficient in before taking the examA handy tear card that maps every official exam objective to the corresponding chapter in the book, so you can track your exam prep objective by objectiveLook inside for complete coverage of all exam objectives.SYBEX TEST ENGINETest your knowledge with advanced testing software. Includes all chapter review questions and bonus exams.ELECTRONIC FLASHCARDSReinforce your understanding with electronic flashcards.Also on CD, you'll find a complete Glossary of Terms in searchable and printable PDF.Covers All Objectives for the SY0-301 Exam!Includes Real-World Scenarios, Hands-On Exercises, and Leading-Edge Exam Prep Software Featuring: Custom Test EngineOver 300 Sample QuestionsElectronic Flashcards
Table of contents
Foreword xxv Introduction xxix Assessment Test l Chapter 1 Measuring and Weighing Risk 1 Risk Assessment 2 Computing Risk Assessment 3 Acting on Your Risk Assessment 5 Risks Associated with Cloud Computing 7 Risks Associated with Virtualization 8 Developing Policies, Standards, and Guidelines 9 Implementing Policies 9 Incorporating Standards 10 Following Guidelines 11 Business Policies 12 Understanding Control Types, False Positives, and Change and Incident Management 16 Summary 18 Exam Essentials 19 Review Questions 20 Answers to Review Questions 24 Chapter 2 Infrastructure and Connectivity 27 Mastering TCP/IP 29 Working with the TCP/IP Suite 30 IPv4 vs. IPv6 33 Understanding Encapsulation 34 Working with Protocols and Services 35 Distinguishing between Security Topologies 41 Setting Design Goals 41 Creating Security Zones 43 Working with Newer Technologies 48 Working with Business Requirements 53 Understanding Infrastructure Security 53 Working with Hardware Components 53 Working with Software Components 55 Understanding the Different Network Infrastructure Devices 56 Firewalls 56 Hubs 61 Modems 62 Remote Access Services 62 Routers 63 Switches 65 Load Balancers 66 Telecom/PBX Systems 66 Virtual Private Networks 68 Web Security Gateway 69 Spam Filters 69 Understanding Remote Access 70 Using Point-to-Point Protocol 70 Working with Tunneling Protocols 71 Summary 72 Exam Essentials 73 Review Questions 74 Answers to Review Questions 78 Chapter 3 Protecting Networks 81 Monitoring and Diagnosing Networks 83 Network Monitors 83 Intrusion Detection Systems 84 Understanding Intrusion Detection Systems 85 Working with a Network-Based IDS 89 Working with a Host-Based IDS 93 Working with NIPS 95 Utilizing Honeypots 96 Understanding Protocol Analyzers 97 Securing Workstations and Servers 98 Securing Internet Connections 100 Working with Ports and Sockets 101 Working with Email 102 Working with the Web 103 Working with File Transfer Protocol 108 Understanding Network Protocols 110 Summary 112 Exam Essentials 112 Review Questions 114 Answers to Review Questions 118 Chapter 4 Threats and Vulnerabilities 121 Understanding Software Exploitation 123 Surviving Malicious Code 131 Viruses 132 Trojan Horses 139 Logic Bombs 140 Worms 140 Antivirus Software 141 Calculating Attack Strategies 143 Understanding Access Attack Types 144 Recognizing Modification and Repudiation Attacks 146 Identifying Denial-of-Service and Distributed Denial-of-Service Attacks 147 Recognizing Botnets 149 Recognizing Common Attacks 150 Backdoor Attacks 150 Spoofing Attacks 151 Pharming Attacks 152 Phishing and Spear Phishing Attacks 152 Man-in-the-Middle Attacks 153 Replay Attacks 154 Password-Guessing Attacks 154 Privilege Escalation 155 Identifying TCP/IP Security Concerns 160 Recognizing TCP/IP Attacks 160 Summary 166 Exam Essentials 167 Review Questions 169 Answers to Review Questions 173 Chapter 5 Access Control and Identity Management 175 Access Control Basics 177 Identification vs. Authentication 177 Authentication (Single Factor) and Authorization 178 Multifactor Authentication 178 Operational Security 180 Tokens 180 Potential Authentication and Access Problems 181 Authentication Issues to Consider 182 Understanding Remote Access Connectivity 184 Using the Point-to-Point Protocol 184 Working with Tunneling Protocols 185 Working with RADIUS 186 TACACS/TACACS+/XTACACS 187 VLAN Management 187 Understanding Authentication Services 189 LDAP 189 Kerberos 189 Single Sign-On Initiatives 189 Understanding Access Control 191 Mandatory Access Control 192 Discretionary Access Control 192 Role-Based Access Control 193 Rule-Based Access Control 193 Implementing Access Control Best Practices 193 Smart Cards 193 Access Control Lists 195 Trusted OS 196 Secure Router Configuration 197 Summary 198 Exam Essentials 198 Review Questions 200 Answers to Review Questions 204 Chapter 6 Educating and Protecting the User 207 Understanding Security Awareness and Training 209 Communicating with Users to Raise Awareness 210 Providing Education and Training 210 Training Topics 211 Classifying Information 217 Public Information 218 Private Information 219 Information Access Controls 221 Complying with Privacy and Security Regulations 226 The Health Insurance Portability and Accountability Act 226 The Gramm-Leach-Bliley Act 227 The Computer Fraud and Abuse Act 227 The Family Educational Rights and Privacy Act 228 The Computer Security Act of 1987 228 The Cyberspace Electronic Security Act 228 The Cyber Security Enhancement Act 229 The Patriot Act 229 Familiarizing Yourself with International Efforts 229 Understanding Social Engineering 230 Types of Social Engineering Attacks 231 What Motivates an Attack? 233 Social Engineering Attack Examples 233 Summary 237 Exam Essentials 237 Review Questions 239 Answers to Review Questions 243 Chapter 7 Operating System and Application Security 245 Hardening the Operating System 247 The Basics of OS Hardening 247 Hardening Filesystems 253 Updating Your Operating System 255 Application Hardening 256 Fuzzing 256 Cross-Site Request Forgery 257 Application Configuration Baselining 257 Application Patch Management 257 Making Your Network More Secure Through Hardening 258 Working with Data Repositories 264 Directory Services 264 Databases and Technologies 266 Injection Problems 267 SQL Injection 267 LDAP Injection 268 XML Injection 268 Directory Traversal/Command Injection 269 Host Security 269 Antimalware 269 Host Software Baselining 274 Mobile Devices 275 Best Practices for Security 276 URL Filtering 276 Content Inspection 277 Malware Inspection 278 Data Loss Prevention 280 Data Encryption 280 Hardware-Based Encryption Devices 281 Attack Types to Be Aware Of 282 Session Hijacking 282 Header Manipulation 282 Summary 283 Exam Essentials 284 Review Questions 285 Answers to Review Questions 289 Chapter 8 Cryptography Basics 291 An Overview of Cryptography 293 Understanding Non-mathematical Cryptography 293 Understanding Mathematical Cryptography 296 Working with Passwords 298 Understanding Quantum Cryptography 299 Uncovering the Myth of Unbreakable Codes 300 Understanding Cryptographic Algorithms 302 The Science of Hashing 302 Working with Symmetric Algorithms 304 Working with Asymmetric Algorithms 307 Wi-Fi Encryption 309 Using Cryptographic Systems 309 Confidentiality 310 Integrity 310 Digital Signatures 311 Authentication 312 Non-repudiation 314 Access Control 314 Key Features 315 Understanding Cryptography Standards and Protocols 315 The Origins of Encryption Standards 316 Public-Key Infrastructure X.509/Public-Key Cryptography Standards 320 X.509 321 SSL and TLS 321 Certificate Management Protocols 323 Secure Multipurpose Internet Mail Extensions 323 Secure Electronic Transaction 324 Secure Shell 325 Pretty Good Privacy 325 HTTP Secure 327 Secure HTTP 327 IP Security 327 Tunneling Protocols 330 Federal Information Processing Standard 330 Summary 331 Exam Essentials 331 Review Questions 333 Answers to Review Questions 337 Chapter 9 Cryptography Implementation 339 Using Public Key Infrastructure 340 Using a Certificate Authority 341 Working with Registration Authorities and Local Registration Authorities 342 Implementing Certificates 344 Understanding Certificate Revocation 347 Implementing Trust Models 348 Preparing for Cryptographic Attacks 355 Ways to Attack Cryptographic Systems 356 Three Types of Cryptographic Attacks 357 Understanding Key Management and the Key Life Cycle 358 Methods for Key Generation 359 Storing and Distributing Keys 361 Using Key Escrow 363 Identifying Key Expiration 364 Revoking Keys 364 Suspending Keys 364 Recovering and Archiving Keys 365 Renewing Keys 366 Destroying Keys 367 Identifying Key Usage 368 Summary 368 Exam Essentials 369 Review Questions 370 Answers to Review Questions 374 Chapter 10 Physical and Hardware-Based Security 375 Implementing Access Control 376 Physical Barriers 376 Security Zones 382 Partitioning 384 Biometrics 386 Maintaining Environmental and Power Controls 386 Environmental Monitoring 387 Power Systems 388 EMI Shielding 389 Hot and Cold Aisles 391 Fire Suppression 392 Fire Extinguishers 392 Fixed Systems 393 Summary 394 Exam Essentials 394 Review Questions 395 Answers to Review Questions 399 Chapter 11 Security and Vulnerability in the Network 401 Network Security Threats 403 Penetration Testing 404 Vulnerability Scanning 405 Ethical Hacking 407 Assessment Types and Techniques 408 Secure Network Administration Principles 409 Rule-Based Management 410 Port Security 410 Working with 802.1X 411 Flood Guards and Loop Protection 411 Preventing Network Bridging 411 Log Analysis 412 Mitigation and Deterrent Techniques 412 Manual Bypassing of Electronic Controls 412 Monitoring System Logs 413 Security Posture 419 Reporting 420 Detection/Prevention Controls 420 Summary 421 Exam Essentials 421 Review Questions 422 Answers to Review Questions 426 Chapter 12 Wireless Networking Security 429 Working with Wireless Systems 430 IEEE 802.11x Wireless Protocols 430 WEP/WAP/WPA/WPA2 432 Wireless Transport Layer Security 434 Understanding Mobile Devices 435 Wireless Access Points 436 Extensible Authentication Protocol 441 Lightweight Extensible Authentication Protocol 442 Protected Extensible Authentication Protocol 443 Wireless Vulnerabilities to Know 443 Summary 448 Exam Essentials 448 Review Questions 450 Answers to Review Questions 454 Chapter 13 Disaster Recovery and Incident Response 455 Understanding Business Continuity 456 Undertaking Business Impact Analysis 457 Utilities 458 High Availability 460 Disaster Recovery 464 Incident Response Policies 479 Understanding Incident Response 480 Succession Planning 487 Reinforcing Vendor Support 487 Service-Level Agreements 487 Code Escrow Agreements 489 Summary 490 Exam Essentials 491 Review Questions 492 Answers to Review Questions 496 Chapter 14 Security-Related Policies and Procedures 499 Policies You Must Have 500 Data Loss/Theft Policies 500 Least Privilege 501 Separation of Duties 502 Time of Day Restrictions 502 Mandatory Vacations and Job Rotation 504 Policies You Should Have 504 Human Resource Policies 504 Certificate Policies 508 Security Controls for Account Management 510 User and Group Role Management 510 Users with Multiple Accounts/Roles 512 Auditing 512 Account Policy Enforcement 519 Summary 521 Exam Essentials 522 Review Questions 523 Answers to Review Questions 527 Chapter 15 Security Administration 529 Security Administrator's Troubleshooting Guide 530 Getting Started 531 Creating a Home Lab 531 In the Workplace 532 Which OS Should You Use? 533 Creating a Security Solution 533 Access Control Issues 534 Accountability Concerns 534 Auditing 535 Authentication Schemes 536 Authentication Factors 536 Mutual Authentication 537 Authentication Protection 538 Backup Management 538 Baselining Security 539 Certificate Management 540 Communications Security 541 Preauthentication 541 Remote Control/Remote Shell 542 Virtual Private Networks 543 Directory Services Protection 543 Disaster Planning 544 Documenting Your Environment 545 Email Issues 545 File-Sharing Basics 547 Working with IDSs and Honey Pots 548 Incident Handling 548 Internet Common Sense 549 Key Management Conventions 550 Preventing Common Malicious Events 551 Constructing a Line of Defense 552 Types of Attacks 553 Antivirus Protection 554 Making Stronger Passwords 555 Managing Personnel 557 Keeping Physical Security Meaningful 558 Securing the Infrastructure 560 Working with Security Zones 562 Social Engineering Risks 562 System Hardening Basics 563 Securing the Wireless Environment 565 Summary 566 Appendix A About the Companion CD 567 What You'll Find on the CD 568 Sybex Test Engine 568 Electronic Flashcards 568 PDF of the Glossary 568 System Requirements 569 Using the CD 569 Troubleshooting 570 Customer Care 570 Glossary 571 Index 613
About Emmett Dulaney
Emmett Dulaney is an associate professor at Anderson University. He has written several certification books on Windows, Security, IT project management, and UNIX, and is coauthor of two of Sybex's leading certification titles: CompTIA Security+ Study Guide and CompTIA A+ Complete Study Guide. He is also a well-known certification columnist for Redmond magazine and CertCities.com.