Principles of Computer Security CompTIA Security+ and Beyond Lab Manual, Second Edition

Vince Nestler (Pocatello, ID), CompTIA Security+, is an Adjunct Professor of network security at Capitol College. Nestler is an instructional design expert with seven years of experience developing security related labs. He is the coauthor of the first editon of Principles of Computer Security: Security+ and Beyond Lab Manual. Greg White (San Antonio, TX), Security+, CISSP, is an Associate Professor in the Department of Computer Science at the University of Texas at San Antonio. Dr. White is the Director of the Center for Infrastructure Assurance and Security at UTSA, and was the author of the first edition of the Security+ All-in-One Exam Guide from McGraw-Hill. Wm. Arthur Conklin (Houston, TX), Security+, CISSP, is an Assistant Professor in the Information and Logistics Technology department at the University of Houston. In addition to his PhD, Mr. Conklin has a MBA from UTSA, and two graduate degrees in Electrical Engineering from the Naval Postgraduate School in Monterey, California. Dr. Conklins interests are information security, systems theory, and secure software design. Matthew Hirsch, M.S. Network Security, Capitol College; B.A. Physics, State University of New York (SUNY) New Paltz. Mr. Hirsch has worked in the information security operations group for a large financial firm (which prefers to remain unnamed), data distribution for firms including Deutsche Bank and Sanwa Securities, and systems / network administration for Market Arts Software. Formerly an adjunct professor at Capitol College, Katharine Gibbs school, and DeVry, Mr. Hirsch also enjoys a long term association with Dorsai, a New York City non-prot ISP/Hosting firm. Corey D. Schou, Ph.D., is the University Professor of Informatics and the Associate Dean of the College of Business at Idaho State University. He has been involved in establishing computer security and information assurance training and standards for 25 years. His research interests include information assurance, ethics, privacy, and collaborative decision making. He was responsible for compiling and editing computer security standards and training materials for the Committee on National Security Systems (CNSS). Throughout his career, Dr. Schou has remained an active classroom teacher despite his research and service commitments. He is the founding director of the Informatics Research Institute and the National Information Assurance Training and Education Center (NIATEC) that was designated the National Center of Excellence in Information Assurance Education. In 1996, his research center was cited by the Information Systems Security Association (ISSA) for Outstanding Contributions to the Security Profession and he was selected as the Educator of the Year by the Federal Information Systems Security Educators Association (FISSEA). In 1997, the Masie Institute and TechLearn Consortium recognized his contributions to distance education. In 2001, Dr. Schou was honored by the International Information Systems Security Certification Consortium [(ISC)2] with the Tipton award for his work in professionalization of computer security and his development of the generally accepted common body of knowledge (CBK) used in the certification of information assurance professionals. Dr. Schou serves as the chair of the Colloquium for Information Systems Security Education (CISSE). Under his leadership, the Colloquium creates an environment for exchange and dialogue among leaders in government, industry, and academia concerning information security and information assurance education. In addition, he is the editor of Information Systems Security and serves on the board of several professional organizations.

Part I: Networking Basics: How Do Networks Work?
Chapter 1: Workstation Network Configuration and Connectivity
Chapter 2: TCP/UDP Basics
Chapter 3: Network Applications
Part II: Vulnerabilities and Threats - How Can Systems Be Compromised?
Chapter 4: Scanning and Enumerating the Network for Targets
Chapter 5: Attacks—Web Server, E-mail, DOS, and Trojan Attacks
Chapter 6: Escalating Privilege— Sniffing, Keylogging, Password-Cracking Attacks
Part III: Prevention: How Do We Prevent Harm to Systems?
Chapter 7: Hardening the Host Computer
Chapter 8: Securing Network Communications
Part IV: Detection and Response: How Do We Detect and Respond to Attacks?
Chapter 9: Preparing for and Detecting Attacks
Chapter 10: Digital Forensics