Top
Free Shipping On Orders Over $35!
Get Rewarded for Ordering Your Textbooks! Enroll Now
Customer Reviews Read Reviews
Write a Review
David L. Prowse is an author, a computer network specialist, and a technical trainer. Over the past several years he has authored several titles for Pearson Education, including the well-received CompTIA A+ Exam Cram. As a consultant, he installs and secures the latest in computer and networking technology. Over the past decade he has also taught CompTIA A+, Network+, and Security+ certification courses, both in the classroom and via the Internet.
He runs the website www.davidlprowse.com, where he gladly answers questions from students and readers.
Introduction xxv
Chapter 1 Introduction to Security 3
Foundation Topics 4
Security 101 4
The CIA of Computer Security 4
The Basics of Information Security 6
Think Like a Hacker 9
Exam Preparation Tasks 11
Review Key Topics 11
Define Key Terms 11
Answer Review Questions 11
Answers and Explanations 13
Chapter 2 Computer Systems Security 17
Foundation Topics 18
Computer Systems Security Threats 18
Malicious Software 18
Viruses 18
Worms 19
Trojan Horses 20
Spyware 21
Rootkits 21
Spam 21
Summary of Malware Threats 22
Ways to Deliver Malicious Software 23
Via Software, Messaging, and Media 23
Active Interception 23
Privilege Escalation 24
Backdoors 24
Logic Bombs 24
Botnets and Zombies 25
Preventing and Troubleshooting Malware 26
Preventing and Troubleshooting Viruses 26
Preventing and Troubleshooting Worms and Trojans 30
Preventing and Troubleshooting Spyware 30
Preventing and Troubleshooting Rootkits 32
Preventing and Troubleshooting Spam 33
You Can’t Save Every Computer from Malware! 35
Summary of Malware Prevention Techniques 35
Implementing Security Applications 36
Personal Software Firewalls 36
Host-Based Intrusion Detection Systems 38
Pop-Up Blockers 40
Data Loss Prevention Systems 42
Securing Computer Hardware and Peripherals 42
Securing the BIOS 43
Securing Storage Devices 44
Removable Storage 44
Network Attached Storage 45
Whole Disk Encryption 45
Hardware Security Modules 47
Securing Cell Phones and Smartphones 47
Exam Preparation Tasks 49
Review Key Topics 49
Complete Tables and Lists from Memory 49
Define Key Terms 50
Hands-On Labs 50
Equipment Needed 50
Lab 2-1: Using Free Malware Scanning Programs 50
Lab 2-2: How to Secure the BIOS 51
View Recommended Resources 53
Answer Review Questions 54
Answers and Explanations 60
Chapter 3 OS Hardening and Virtualization 67
Foundation Topics 68
Hardening Operating Systems 68
Removing Unnecessary Applications and Services 68
Service Packs 72
Windows Update, Patches, and Hotfixes 75
Patches and Hotfixes 77
Patch Management 79
Group Policies, Security Templates, and Configuration Baselines 80
Hardening File Systems and Hard Drives 82
Virtualization Technology 86
Types of Virtualization and Their Purposes 86
Working with Virtual Machines 88
Microsoft Virtual PC 88
Microsoft Windows XP Mode 90
Microsoft Virtual Server 90
VMware 91
Hypervisor 92
Securing Virtual Machines 92
Exam Preparation Tasks 94
Review Key Topics 94
Complete Tables and Lists from Memory 95
Define Key Terms 95
Hands-On Labs 95
Equipment Needed 95
Lab 3-1: Discerning and Updating the Service Pack Level 96
Lab 3-2: Creating a Virtual Machine in Virtual PC 2007 96
Lab 3-3: Securing a Virtual Machine 98
View Recommended Resources 101
Answer Review Questions 102
Answers and Explanations 105
Chapter 4 Application Security 109
Foundation Topics 110
Securing the Browser 110
General Browser Security Procedures 111
Implement Policies 111
Train Your Users 114
Use a Proxy and Content Filter 114
Secure Against Malicious Code 116
Securing Internet Explorer 116
Securing Firefox 121
Securing Other Applications 124
Secure Programming 127
Systems Development Life Cycle 128
Programming Testing Methods 130
Programming Vulnerabilities and Attacks 132
Backdoors 132
Buffer Overflows 132
XSS and XSRF 133
More Code Injection Examples 133
Directory Traversal 134
Zero Day Attack 135
Exam Preparation Tasks 136
Review Key Topics 136
Complete Tables and Lists from Memory 136
Define Key Terms 137
Hands-On Labs 137
Equipment Needed 137
Lab 4-1: Securing the Browser 137
Lab 4-2: Disabling Applications with a Windows Server 2008 Policy 138
View Recommended Resources 141
Answer Review Questions 141
Answers and Explanations 145
Chapter 5 Network Design Elements and Network Threats 149
Foundation Topics 150
Network Design 150
Network Devices 150
Hub 150
Switch 151
Router 152
Network Address Translation, and Private Versus Public IP 154
Network Zones and Interconnections 156
LAN Versus WAN 157
Internet 157
Demilitarized Zone (DMZ) 157
Intranets and Extranets 159
Cloud Computing 159
Network Access Control (NAC) 162
Subnetting 162
Virtual Local Area Network (VLAN) 164
Telephony Devices 165
Modems 166
PBX Equipment 166
VoIP 167
Ports and Protocols 167
Ports Ranges, Inbound Versus Outbound, and Common Ports 167
Protocols That Can Cause Anxiety on the Exam 174
Malicious Network Attacks 175
DoS 175
DDoS 178
Spoofing 178
Session Hijacking 179
Replay 181
Null Sessions 181
Transitive Access and Client-Side Attacks 182
DNS Poisoning and Other DNS Attacks 183
ARP Poisoning 184
Summary of Network Attacks 185
Exam Preparation Tasks 188
Review Key Topics 188
Complete Tables and Lists from Memory 189
Define Key Terms 189
Hands-On Labs 189
Equipment Needed 190
Lab 5-1: Port Scanning Basics 190
View Recommended Resources 191
Answer Review Questions 192
Answers and Explanations 199
Chapter 6 Network Perimeter Security 205
Foundation Topics 206
Firewalls and Network Security 206
Firewalls 207
Proxy Servers 212
Honeypots and Honeynets 215
Data Loss Prevention (DLP) 216
NIDS Versus NIPS 217
NIDS 217
NIPS 218
Summary of NIDS Versus NIPS 219
The Protocol Analyzer’s Role in NIDS and NIPS 220
Exam Preparation Tasks 220
Review Key Topics 220
Complete Tables and Lists from Memory 221
Define Key Terms 221
Hands-On Labs 221
Equipment Needed 222
Lab 6-1: Packet Filtering and NAT Firewalls 222
Lab 6-2: Configuring an Inbound Filter on a SOHO Router/Firewall 223
Lab 6-3: Enabling MAC Filtering 224
View Recommended Resources 225
Answer Review Questions 225
Answers and Explanations 229
Chapter 7 Securing Network Media and Devices 233
Foundation Topics 234
Securing Wired Networks and Devices 234
Network Device Vulnerabilities 234
Default Accounts 234
Weak Passwords 235
Privilege Escalation 236
Back Doors 237
Network Attacks 237
Other Network Device Considerations 238
Cable Media Vulnerabilities 238
Interference 239
Crosstalk 240
Data Emanation 241
Tapping into Data and Conversations 241
Securing Wireless Networks 244
Wireless Access Point Vulnerabilities 244
Secure the Administration Interface 244
SSID Broadcast 245
Rogue Access Points 245
Evil Twin 246
Weak Encryption 246
Other Wireless Access Point Security Strategies 248
Wireless Transmission Vulnerabilities 250
Bluetooth Vulnerabilities 250
Bluejacking 251
Bluesnarfing 251
Exam Preparation Tasks 252
Review Key Topics 252
Complete Tables and Lists from Memory 253
Define Key Terms 253
Hands-On Labs 253
Equipment Needed 254
Lab 7-1: Securing a Wireless Device: 8 Steps to a Secure Network 254
Lab 7-2: Wardriving...and The Cure 256
View Recommended Resources 257
Answer Review Questions 257
Answers and Explanations 261
Chapter 8 Physical Security and Authentication Models 265
Foundation Topics 267
Physical Security 267
General Building and Server Room Security 267
Door Access 268
Biometric Readers 270
Authentication Models and Components 271
Authentication Models 271
Localized Authentication Technologies 273
802.1X and EAP 273
LDAP 276
Kerberos and Mutual Authentication 277
Terminal Services 279
Remote Authentication Technologies 279
Remote Access Service 280
Virtual Private Networks 281
RADIUS Versus TACACS 284
Exam Preparation Tasks 286
Review Key Topics 286
Complete Tables and Lists from Memory 287
Define Key Terms 287
Hands-On Labs 287
Equipment Needed 288
Lab 8-1: Enabling 802.1X on a Network Adapter 288
Lab 8-2: Setting Up a VPN 289
View Recommended Resources 291
Answer Review Questions 292
Answers and Explanations 299
Chapter 9 Access Control Methods and Models 305
Foundation Topics 306
Access Control Models Defined 306
Discretionary Access Control 306
Mandatory Access Control 308
Role-Based Access Control (RBAC) 309
Access Control Wise Practices 310
Rights, Permissions, and Policies 313
Users, Groups, and Permissions 313
Permission Inheritance and Propagation 317
Moving and Copying Folders and Files 318
Usernames and Passwords 318
Policies 322
User Account Control (UAC) 325
Exam Preparation Tasks 326
Review Key Topics 326
Complete Tables and Lists from Memory 327
Define Key Terms 327
Hands-On Labs 327
Equipment Needed 327
Lab 9-1: Configuring Password Policies and User Account Restrictions 328
Lab 9-2: Configuring User and Group Permissions 330
View Recommended Resources 331
Answer Review Questions 332
Answers and Explanations 337
Chapter 10 Vulnerability and Risk Assessment 341
Foundation Topics 342
Conducting Risk Assessments 342
Qualitative Risk Assessment 344
Quantitative Risk Assessment 344
Security Analysis Methodologies 346
Security Controls 347
Vulnerability Management 349
Penetration Testing 350
OVAL 351
Assessing Vulnerability with Security Tools 352
Network Mapping 352
Vulnerability Scanning 355
Network Sniffing 358
Password Analysis 359
Exam Preparation Tasks 363
Review Key Topics 363
Complete Tables and Lists from Memory 363
Define Key Terms 364
Hands-On Labs 364
Equipment Needed 364
Lab 10-1: Mapping and Scanning the Network 365
Lab 10-2: Password Cracking and Defense 366
View Recommended Resources 367
Answer Review Questions 368
Answers and Explanations 374
Chapter 11 Monitoring and Auditing 379
Foundation Topics 380
Monitoring Methodologies 380
Signature-Based Monitoring 380
Anomaly-Based Monitoring 381
Behavior-Based Monitoring 381
Using Tools to Monitor Systems and Networks 382
Performance Baselining 382
Protocol Analyzers 384
Wireshark 385
Network Monitor 386
SNMP 388
Conducting Audits 389
Auditing Files 389
Logging 392
Log File Maintenance and Security 394
Auditing System Security Settings 396
Exam Preparation Tasks 399
Review Key Topics 399
Complete Tables and Lists from Memory 400
Define Key Terms 400
Hands-On Labs 400
Equipment Needed 400
Lab 11-1: Using Protocol Analyzers 401
View Recommended Resources 403
Answer Review Questions 404
Answers and Explanations 409
Chapter 12 Encryption and Hashing Concepts 415
Foundation Topics 416
Cryptography Concepts 416
Symmetric Versus Asymmetric Key Algorithms 419
Symmetric Key Algorithms 420
Asymmetric Key Algorithms 421
Public Key Cryptography 421
Key Management 422
Steganography 423
Encryption Algorithms 423
DES and 3DES 424
AES 424
RC 425
Summary of Symmetric Algorithms 426
RSA 426
Diffie-Hellman 427
Elliptic Curve 428
More Encryption Types 428
One-Time Pad 428
PGP 429
Hashing Basics 430
Cryptographic Hash Functions 431
MD5 432
SHA 432
Happy Birthday! 432
LANMAN, NTLM, and NTLM2 433
LANMAN 433
NTLM and NTLM2 435
Exam Preparation Tasks 436
Review Key Topics 436
Complete Tables and Lists from Memory 436
Define Key Terms 436
Hands-On Lab 437
Equipment Needed 437
Lab 12-1: Disabling the LM Hash in Windows Server 2003 437
View Recommended Resources 438
Answer Review Questions 439
Answers and Explanations 445
Chapter 13 PKI and Encryption Protocols 451
Foundation Topics 452
Public Key Infrastructure 452
Certificates 452
Certificate Authorities 453
Single-Sided and Dual-Sided Certificates 456
Web of Trust 456
Security Protocols 457
S/MIME 457
SSL/TLS 458
SSH 459
PPTP, L2TP, and IPsec 459
PPTP 460
L2TP 460
IPsec 460
Exam Preparation Tasks 461
Review Key Topics 461
Define Key Terms 462
Hands-On Labs 462
Equipment Needed 462
Lab 13-1: A Basic Example of PKI 462
Lab 13-2: Making an SSH Connection 463
View Recommended Resources 465
Answer Review Questions 465
Answers and Explanations 470
Chapter 14 R edundancy and Disaster Recovery 475
Foundation Topics 476
Redundancy Planning 476
Redundant Power 478
Redundant Power Supplies 479
Uninterruptible Power Supplies 480
Backup Generators 481
Redundant Data 483
Redundant Networking 486
Redundant Servers 488
Redundant Sites 489
Disaster Recovery Planning and Procedures 490
Data Backup 490
DR Planning 494
Exam Preparation Tasks 497
Review Key Topics 497
Complete Tables and Lists from Memory 497
Define Key Terms 498
Hands-On Labs 498
Equipment Needed 498
Lab 14-1: Configuring RAID 1 and 5 498
View Recommended Resources 500
Answer Review Questions 500
Answers and Explanations 504
Chapter 15 Policies, Procedures, and People 509
Foundation Topics 510
Environmental Controls 510
Fire Suppression 510
Fire Extinguishers 510
Sprinkler Systems 512
Special Hazard Protection Systems 512
HVAC 513
Shielding 514
Social Engineering 515
Pretexting 516
Diversion Theft 516
Phishing 516
Hoaxes 518
Shoulder Surfing 518
Eavesdropping 518
Dumpster Diving 519
Baiting 519
Piggybacking/Tailgating 519
Summary of Social Engineering Types 519
User Education and Awareness 520
Legislative and Organizational Policies 521
Data Sensitivity and Classification of Information 522
Personnel Security Policies 524
Privacy Policies 525
Acceptable Use 525
Change Management 525
Separation of Duties/Job Rotation 526
Mandatory Vacations 526
Due Diligence 527
Due Care 527
Due Process 527
User Education and Awareness Training 527
Summary of Personnel Security Policies 528
How to Deal with Vendors 529
How to Dispose of Computers and Other IT Equipment Securely 529
Incident Response Procedures 531
Exam Preparation Tasks 534
Review Key Topics 534
Complete Tables and Lists from Memory 535
Define Key Terms 535
View Recommended Resources 535
Answer Review Questions 536
Answers and Explanations 543
Chapter 16 Taking the Real Exam 551
Foundation Topics 552
Getting Ready and the Exam Preparation Checklist 552
Tips for Taking the Real Exam 555
Beyond the CompTIA Security+ Certification 558
Hands-On Lab 559
Practice Exam 1 561
Practice Exam 2 611
Glossary 663
Master List of Key Topics 685
On the DVD:
Appendix A: Memory Tables
Appendix B: Memory Tables Answer Key
9780789748270 TOC 11/29/2011
The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.
Need Help? Copyright © 1999-2024