CompTIA Security+ SY0-401 Cert Guide, Academic Edition
Pearson IT Certification
978-0-7897-5363-2 (ISBN)
- Titel erscheint in neuer Auflage
- Artikel merken
Learn, prepare, and practice for CompTIA Security+ SY0-401 exam success with this CompTIA Authorized Cert Guide, Academic Edition from Pearson IT Certification, a leader in IT Certification learning and a CompTIA Authorized Platinum Partner. The DVD features three complete practice exams, complete video solutions to 31 hands-on labs, plus 31 interactive flash-based simulations that include drag-and-drop and matching to reinforce the learning.
Master CompTIA’s Security+ SY0-401 exam topics
Assess your knowledge with chapter-ending quizzes
Reinforce your knowledge of key concepts with chapter review activities
Practice with realistic exam questions on the DVD
Includes complete video solutions to 31 hands-on labs
Plus 31 interactive simulations on key exam topics
Work through 270 Flash Cards in Q&A and glossary term format
Includes free access to the Premium Edition eBook
CompTIA Security+ SY0-401 Authorized Cert Guide, Academic Edition includes video solutions to the hands-on labs, practice tests, and interactive simulations that let the reader learn by doing. Best-selling author and expert instructor David L. Prowse shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.
The book presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter review activities help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your approach to passing the exam.
The companion Academic Edition DVD contains the powerful Pearson IT Certification Practice Test engine, with three complete practice exams and hundreds of exam-realistic questions and free access to the Premium Edition eBook. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. Work through 270 Flash Cards in Q&A and glossary term format to help reinforce your knowledge of key concepts and facts. The Academic Edition DVD also includes complete video solutions to 31 hands-on labs in the book and 31 interactive simulations on key exam topics to reinforce the learning by doing. Learning activities such as test password strength, match the type of Malware with its definition, find the security issues in the network map, and disallow a user access to the network on Saturday and Sunday.
Interactive Simulations:
2-1: Identifying Malware Types
2-2: Securing the BIOS
2-4: Filtering E-mails
3-3: Stopping Services in the Command Prompt
4-1: Securing Web Browsers
5-1: Creating a DMZ
5-3: Defending against the Web Shell
6-1a: Understanding Port Numbers, Part A
6-1b: Understanding Port Numbers, Part B
6-1c: Understanding Port Numbers, Part C
6-2a: Identifying Network Attacks, Part A
6-2b: Identifying Network Attacks, Part B
6-2c: Identifying Network Attacks, Part C
6-2d: Identifying Network Attacks, Part D
7-1: Configuring a Firewall's Ruleset
8-4: Planning Network Security
9-1: Choosing Physical Security Methods
9-2: Selecting the Correct Authentication Technology
9-3: Understanding 802.1X
10-1: Password Strength
10-2: Configuring Logon Hours
10-3: Understanding Access Control Models
11-1a: Risk Assessment, Part A
11-1b: Risk Assessment, Part B
11-1c: Vulnerability Management Process
12-1: Capturing and Analyzing Packets
12-2: Deciphering Log Files
13-1: Understanding Symmetric and Asymmetric Algorithms
15-1: Configuring RAID
16-1a: Identifying Social Engineering Attacks, Part A
16-1b: Identifying Social Engineering Attacks, Part B
Hands-On Labs Video Solutions:
2-1: Using Free Malware Scanning Programs
2-2: Securing the BIOS
2-3: Securing Mobile Devices
3-1: Discerning and Updating Service Pack Level
3-2: Securing a Virtual Machine
3-3: Working with Services in Windows and Linux
4-1: Securing Web Browsers
4-2: Whitelisting and Blacklisting Applications with a Windows Server Policy
5-2: Subnetting a Network
6-1: Scanning Ports
7-2: Configuring Packet Filtering and NAT
7-3: Configuring an Inbound Filter
8-1: Securing a Wireless Device
8-2: Enabling MAC Filtering
8-3: Wardriving and the Cure
9-3: Understanding 802.1X
9-4: Setting Up a Secure VPN
10-1: Configuring Complex Passwords
10-2: Configuring Password Policies and User Accounts Restrictions
10-4: Configuring User and Group Permissions
11-2: Mapping and Scanning the Network
11-3: Defending Against Password Cracking
12-1: Capturing and Analyzing Packets
12-2: Deciphering Log Files
12-3: Auditing Files
13-1: Understanding Symmetric and Asymmetric Algorithms
13-2: Disabling the LM Hash
14-1: Understanding PKI
14-2: Making an SSH Connection
15-1: Configuring RAID
17-1: Analyzing Test Questions
Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this CompTIA authorized study guide helps you master the concepts and techniques that will allow you to succeed on the exam the first time.
The CompTIA authorized study guide helps you master all the topics on the Security+ exam, including
Core computer system security
OS hardening and virtualization
Application security
Network design elements and threats
Perimeter security
Network media and devices security
Physical security and authentication models
Access control
Vulnerability and risk assessment
Monitoring and auditing
Cryptography, including PKI
Redundancy and disaster recovery
Policies and procedures
David L. Prowse is an author, a computer network specialist, and a technical trainer. Over the past several years he has authored several titles for Pearson Education, including the wellreceived CompTIA A+ Exam Cram . As a consultant, he installs and secures the latest in computer and networking technology. Over the past decade he has also taught CompTIA A+, Network+, and Security+ certification courses, both in the classroom and via the Internet. He runs the website www.davidlprowse.com , where he gladly answers questions about his books from students and readers.
Introduction xxi
Chapter 1 Introduction to Security 2
Foundation Topics 3
Security 101 3
The CIA of Computer Security 3
The Basics of Information Security 5
Think Like a Hacker 6
Chapter Review Activities 8
Review Key Topics 8
Define Key Terms 8
Review Questions 8
Chapter 2 Computer Systems Security 12
Foundation Topics 13
Computer Systems Security Threats 13
Malicious Software 13
Viruses 13
Worms 14
Trojan Horses 14
Ransomware 15
Spyware 15
Rootkits 16
Spam 16
Summary of Malware Threats 17
Ways to Deliver Malicious Software 17
Via Software, Messaging, and Media 18
Botnets and Zombies 18
Active Interception 19
Privilege Escalation 19
Backdoors 19
Logic Bombs 19
Preventing and Troubleshooting Malware 20
Preventing and Troubleshooting Viruses 20
Preventing and Troubleshooting Worms and Trojans 23
Preventing and Troubleshooting Spyware 24
Preventing and Troubleshooting Rootkits 25
Preventing and Troubleshooting Spam 26
You Can’t Save Every Computer from Malware! 28
Summary of Malware Prevention Techniques 28
Implementing Security Applications 28
Personal Software Firewalls 29
Host-Based Intrusion Detection Systems 30
Pop-Up Blockers 32
Data Loss Prevention Systems 33
Securing Computer Hardware, Peripherals, and Mobile Devices 33
Securing the BIOS 34
Securing Storage Devices 35
Removable Storage 35
Network Attached Storage 35
Whole Disk Encryption 35
Hardware Security Modules 37
Securing Mobile Devices 37
Malware 38
Botnet Activity 38
SIM Cloning 38
Wireless Attacks 38
Theft 39
Application Security 40
BYOD Concerns 41
Chapter Review Activities 45
Chapter Summary 45
Review Key Topics 45
Define Key Terms 46
Review Questions 46
Case Studies for Chapter 2 53
Case Study 2-1: Using Free Malware Scanning Programs 53
Case Study 2-2: Securing the BIOS 54
Case Study 2-3: Securing Mobile Devices 54
Case Study 2-4: Filtering and Screening E-mail 54
Chapter 3 OS Hardening and Virtualization 56
Foundation Topics 57
Hardening Operating Systems 57
Removing Unnecessary Applications and Services 57
Service Packs 63
Windows Update, Patches, and Hotfixes 65
Patches and Hotfixes 66
Patch Management 67
Group Policies, Security Templates, and Configuration Baselines 68
Hardening File Systems and Hard Drives 71
Virtualization Technology 74
Types of Virtualization and Their Purposes 74
Hypervisor 75
Securing Virtual Machines 76
Chapter Review Activities 78
Chapter Summary 78
Review Key Topics 79
Define Key Terms 79
Review Questions 79
Case Studies for Chapter 3 83
Case Study 3-1: Discerning and Updating the Service Pack Level 83
Case Study 3-2: Securing a Virtual Machine 83
Case Study 3-3: Stopping Services in the Command-Line 84
Chapter 4 Application Security 86
Foundation Topics 87
Securing the Browser 87
General Browser Security Procedures 88
Implement Policies 88
Train Your Users 90
Use a Proxy and Content Filter 91
Secure Against Malicious Code 92
Securing Internet Explorer 92
Securing Firefox 97
Securing Other Browsers 100
Securing Other Applications 102
Secure Programming 105
Systems Development Life Cycle 105
Programming Testing Methods 107
Programming Vulnerabilities and Attacks 108
Backdoors 109
Buffer Overflows 109
Arbitrary Code Execution/Remote Code Execution 110
XSS and XSRF 110
More Code Injection Examples 111
Directory Traversal 112
Zero Day Attack 112
Chapter Review Activities 114
Chapter Summary 114
Review Key Topics 115
Define Key Terms 115
Review Questions 115
Case Studies for Chapter 4 120
Case Study 4-1: Securing Web Browsers 120
Case Study 4-2: Whitelisting and Blacklisting Applications in a Windows Server Policy 120
Chapter 5 Network Design Elements 122
Foundation Topics 123
Network Design 123
The OSI Model 123
Network Devices 124
Hub 124
Switch 125
Router 126
Network Address Translation, and Private Versus Public IP 127
Network Zones and Interconnections 129
LAN Versus WAN 129
Internet 129
Demilitarized Zone (DMZ) 129
Intranets and Extranets 130
Network Access Control (NAC) 131
Subnetting 132
Virtual Local Area Network (VLAN) 133
Telephony Devices 134
Modems 134
PBX Equipment 135
VoIP 135
Cloud Security and Server Defense 136
Cloud Computing 136
Cloud Security 137
Server Defense 139
File Servers 140
Network Controllers 140
E-mail Servers 140
Web Servers 141
FTP Server 142
Chapter Review Activities 144
Chapter Summary 144
Review Key Topics 145
Define Key Terms 145
Review Questions 145
Case Studies for Chapter 5 149
Case Study 5-1: Creating a DMZ 149
Case Study 5-2: Subnetting a Network 149
Case Study 5-3: Defending against the Web Shell 150
Chapter 6 Networking Protocols and Threats 152
Foundation Topics 153
Ports and Protocols 153
Ports Ranges, Inbound Versus Outbound, and Common Ports 153
Protocols That Can Cause Anxiety on the Exam 160
Malicious Attacks 160
DoS 160
DDoS 162
Sinkholes and Blackholes 163
Spoofing 163
Session Hijacking 164
Replay 165
Null Sessions 165
Transitive Access and Client-Side Attacks 166
DNS Poisoning and Other DNS Attacks 167
ARP Poisoning 168
Summary of Network Attacks 168
Chapter Review Activities 172
Chapter Summary 172
Review Key Topics 173
Define Key Terms 173
Review Questions 173
Case Studies for Chapter 6 178
Case Study 6-1: Scanning Ports 178
Case Study 6-2: Identifying Network Attacks 178
Chapter 7 Network Perimeter Security 180
Foundation Topics 181
Firewalls and Network Security 181
Firewalls 181
Proxy Servers 186
Honeypots and Honeynets 188
Data Loss Prevention (DLP) 189
NIDS Versus NIPS 189
NIDS 189
NIPS 190
Summary of NIDS Versus NIPS 192
The Protocol Analyzer’s Role in NIDS and NIPS 192
Unified Threat Management 192
Chapter Review Activities 194
Chapter Summary 194
Review Key Topics 194
Define Key Terms 195
Review Questions 195
Case Studies for Chapter 7 199
Case Study 7-1: Configuring a Firewall’s Rule Set 199
Case Study 7-2: Configuring Packet Filtering and NAT 200
Case Study 7-3: Configuring an Inbound Filter 200
Chapter 8 Securing Network Media and Devices 202
Foundation Topics 203
Securing Wired Networks and Devices 203
Network Device Vulnerabilities 203
Default Accounts 203
Weak Passwords 204
Privilege Escalation 204
Back Doors 205
Network Attacks 205
Other Network Device Considerations 206
Cable Media Vulnerabilities 206
Interference 206
Crosstalk 207
Data Emanation 208
Tapping into Data and Conversations 208
Securing Wireless Networks 209
Wireless Access Point Vulnerabilities 210
The Administration Interface 210
SSID Broadcast 210
Rogue Access Points 210
Evil Twin 211
Weak Encryption 211
Wi-Fi Protected Setup 212
VPN over Open Wireless 213
Wireless Access Point Security Strategies 213
Wireless Transmission Vulnerabilities 215
Bluetooth Vulnerabilities 216
Bluejacking 217
Bluesnarfing 217
Chapter Review Activities 219
Chapter Summary 219
Review Key Topics 220
Define Key Terms 221
Review Questions 221
Case Studies for Chapter 8 224
Case Study 8-1: Securing a Wireless Device 224
Case Study 8-2: Enabling MAC Filtering 225
Case Study 8-3: War-driving...and the Cure 225
Case Study 8-4: Planning Network Security 225
Chapter 9 Physical Security and Authentication Models 228
Foundation Topics 229
Physical Security 229
General Building and Server Room Security 229
Door Access 230
Biometric Readers 232
Authentication Models and Components 233
Authentication Models 233
Localized Authentication Technologies 234
802.1X and EAP 235
LDAP 237
Kerberos and Mutual Authentication 238
Remote Desktop Services 239
Remote Authentication Technologies 240
Remote Access Service 240
Virtual Private Networks 241
RADIUS Versus TACACS 244
Chapter Review Activities 246
Chapter Summary 246
Review Key Topics 246
Define Key Terms 247
Review Questions 247
Case Studies for Chapter 9 253
Case Study 9-1: Choosing Physical Security Methods 253
Case Study 9-2: Selecting the Correct Authentication Technology 254
Case Study 9-3: Understanding 802.1X 255
Case Study 9-4: Setting Up a Secure VPN 255
Chapter 10 Access Control Methods and Models 256
Foundation Topics 257
Access Control Models Defined 257
Discretionary Access Control 257
Mandatory Access Control 258
Role-Based Access Control (RBAC) 259
Access Control Wise Practices 260
Rights, Permissions, and Policies 262
Users, Groups, and Permissions 262
Permission Inheritance and Propagation 266
Moving and Copying Folders and Files 266
Usernames and Passwords 267
Policies 269
User Account Control (UAC) 272
Chapter Review Activities 273
Chapter Summary 273
Review Key Topics 273
Define Key Terms 274
Review Questions 274
Case Studies for Chapter 10 279
Case Study 10-1: Configuring Complex Passwords 279
Case Study 10-2: Configuring Password Policies and User Account Restrictions 280
Case Study 10-3: Understanding Access Control Models 280
Case Study 10-4: Configuring User and Group Permissions 280
Chapter 11 Vulnerability and Risk Assessment 282
Foundation Topics 283
Conducting Risk Assessments 283
Qualitative Risk Assessment 284
Quantitative Risk Assessment 284
Security Analysis Methodologies 286
Security Controls 287
Vulnerability Management 288
Penetration Testing 289
OVAL 290
Assessing Vulnerability with Security Tools 291
Network Mapping 291
Vulnerability Scanning 293
Network Sniffing 296
Password Analysis 297
Chapter Review Activities 300
Chapter Summary 300
Review Key Topics 301
Define Key Terms 301
Review Questions 301
Case Studies for Chapter 11 307
Case Study 11-1: Understanding Risk and Vulnerability 307
Case Study 11-2: Mapping and Scanning the Network 307
Case Study 11-3: Defending Against Password Cracking 307
Chapter 12 Monitoring and Auditing 308
Foundation Topics 309
Monitoring Methodologies 309
Signature-Based Monitoring 309
Anomaly-Based Monitoring 309
Behavior-Based Monitoring 310
Using Tools to Monitor Systems and Networks 310
Performance Baselining 310
Protocol Analyzers 312
Wireshark 313
Network Monitor 314
SNMP 315
Analytical Tools 316
Conducting Audits 318
Auditing Files 319
Logging 320
Log File Maintenance and Security 323
Auditing System Security Settings 325
Chapter Review Activities 328
Chapter Summary 328
Review Key Topics 329
Define Key Terms 329
Review Questions 329
Case Studies for Chapter 12 334
Case Study 12-1: Capturing and Analyzing Packets 334
Case Study 12-2: Deciphering Log Files 335
Case Study 12-3: Auditing Files 335
Chapter 13 Encryption and Hashing Concepts 336
Foundation Topics 337
Cryptography Concepts 337
Symmetric Versus Asymmetric Key Algorithms 340
Symmetric Key Algorithms 340
Asymmetric Key Algorithms 341
Public Key Cryptography 341
Key Management 342
Steganography 342
Encryption Algorithms 343
DES and 3DES 343
AES 343
RC 344
Blowfish and Twofish 344
Summary of Symmetric Algorithms 345
RSA 345
Diffie-Hellman 346
Elliptic Curve 347
More Encryption Types 348
One-Time Pad 348
PGP 348
Hashing Basics 350
Cryptographic Hash Functions 351
MD5 351
SHA 351
RIPEMD and HMAC 351
Happy Birthday! 352
LANMAN, NTLM, and NTLMv2 352
LANMAN 352
NTLM and NTLMv2 353
Additional Password Hashing Concepts 354
Chapter Review Activities 356
Chapter Summary 356
Review Key Topics 357
Define Key Terms 357
Review Questions 357
Case Studies for Chapter 13 363
Case Study 13-1: Understanding Symmetric and Asymmetric Algorithms 363
Case Study 13-2: Disabling the LM Hash 364
Chapter 14 PKI and Encryption Protocols 366
Foundation Topics 367
Public Key Infrastructure 367
Certificates 367
Certificate Authorities 368
Single-Sided and Dual-Sided Certificates 370
Web of Trust 371
Security Protocols 371
S/MIME 371
SSL/TLS 372
SSH 373
PPTP, L2TP, and IPsec 373
PPTP 373
L2TP 373
IPsec 374
Chapter Review Activities 375
Chapter Summary 375
Review Key Topics 375
Define Key Terms 376
Review Questions 376
Case Studies for Chapter 14 380
Case Study 14-1: Understanding PKI 380
Case Study 14-2: Making an SSH Connection 380
Chapter 15 Redundancy and Disaster Recovery 382
Foundation Topics 383
Redundancy Planning 383
Redundant Power 384
Redundant Power Supplies 385
Uninterruptible Power Supplies 385
Backup Generators 386
Redundant Data 388
Redundant Networking 390
Redundant Servers 391
Redundant Sites 392
Redundant People 393
Disaster Recovery Planning and Procedures 393
Data Backup 393
DR Planning 396
Chapter Review Activities 399
Chapter Summary 399
Review Key Topics 399
Define Key Terms 400
Review Questions 400
Case Study for Chapter 15 403
Case Study 15-1: Configuring RAID 403
Chapter 16 Policies, Procedures, and People 404
Foundation Topics 405
Environmental Controls 405
Fire Suppression 405
Fire Extinguishers 405
Sprinkler Systems 406
Special Hazard Protection Systems 406
HVAC 407
Shielding 408
Social Engineering 409
Pretexting 409
Malicious Insider 409
Diversion Theft 410
Phishing 410
Hoaxes 411
Shoulder Surfing 412
Eavesdropping 412
Dumpster Diving 412
Baiting 412
Piggybacking/Tailgating 412
Summary of Social Engineering Types 413
User Education and Awareness 413
Legislative and Organizational Policies 414
Data Sensitivity and Classification of Information 415
Personnel Security Policies 417
Privacy Policies 417
Acceptable Use 418
Change Management 418
Separation of Duties/Job Rotation 419
Mandatory Vacations 419
Onboarding and Offboarding 419
Due Diligence 419
Due Care 419
Due Process 420
User Education and Awareness Training 420
Summary of Personnel Security Policies 420
How to Deal with Vendors 421
How to Dispose of Computers and Other IT Equipment Securely 422
Incident Response Procedures 423
Chapter Review Activities 428
Chapter Summary 428
Review Key Topics 429
Define Key Terms 429
Review Questions 429
Case Studies for Chapter 16 436
Case Study 16-1: Identifying Social Engineering Attacks 436
Case Study 16-2: Imaging a Hard Drive and Live Data for Forensic Purposes 436
Chapter 17 Taking the Real Exam 438
Getting Ready and the Exam Preparation Checklist 439
Tips for Taking the Real Exam 442
Beyond the CompTIA Security+ Certification 444
Case Study for Chapter 17 445
Case Study 17-1: Analyzing Test Questions 445
Practice Exam 1: SY0-401 446
Glossary 462
On the DVD:
APPENDIX A View Recommended Resources
APPENDIX B Master List of Key Topics
Acronyms
Answers to Review Questions
Answers to Case Studies
Answers to Practice Exam 1
Case Studies
Case Study Solutions (Video and Simulations)
Flash Cards
Table 6-2
TOC: 9780789753632, 8/8/2014
Erscheint lt. Verlag | 25.9.2014 |
---|---|
Verlagsort | Upper Saddle River |
Sprache | englisch |
Maße | 208 x 261 mm |
Gewicht | 1093 g |
Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
Informatik ► Weitere Themen ► Zertifizierung | |
ISBN-10 | 0-7897-5363-4 / 0789753634 |
ISBN-13 | 978-0-7897-5363-2 / 9780789753632 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich