did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9780789729101

Security+ Certification Exam Cram 2 (Exam Cram SYO-101)

by ; ; ;
  • ISBN13:

    9780789729101

  • ISBN10:

    0789729105

  • Edition: CD
  • Format: Paperback w/CD
  • Copyright: 2003-01-01
  • Publisher: Que
  • View Upgraded Edition

Note: Supplemental materials are not guaranteed with Rental or Used book purchases.

Purchase Benefits

  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $39.99 Save up to $10.00
  • Buy Used
    $29.99
    Add to Cart

    USUALLY SHIPS IN 2-4 BUSINESS DAYS

Supplemental Materials

What is included with this book?

Summary

The Security+ certification is CompTIA's answer to the market's need for a baseline, vendor-neutral security certification. The IT industry recognizes there is a need to better train, staff, and empower those tasked with designing and implementing information security, and Security+ is an effort to meet this demand. Security+ will become the baseline certification for Microsoft's new security certification initiative (to be announced in 2003). This book is not intended to teach new material. Instead it assumes that you have a solid foundation of knowledge but can use a refresher on important concepts as well as a guide to exam topics and objectives. This book focuses exactly on what you need to pass the exam - it features test-taking strategies, time-saving study tips, and a special Cram Sheet that includes tips, acronyms, and memory joggers not available anywhere else. The series is supported online at several Web sites: examcram.com, informit.com, and cramsession.com. The accompanying CD features PrepLogic Practice Tests, Preview Edition. This product includes one complete PrepLogic Practice Test with approximately the same number of questions found on the actual vendor exam. Each question contains full, detailed explanations of the correct and incorrect answers. The engine offers two study modes, Practice Test and Flash Review, full exam customization, and a detailed score report.

Table of Contents

Introductionp. xx
Self-Assessmentp. xxviii
CompTIA Certification Examsp. 1
CompTIA Certification Programs Launch Your Careerp. 2
Development of the CompTIA Security+ Certificationp. 2
The Exam Situationp. 3
Exam Layout and Designp. 4
Using CompTIA's Exam Software Effectivelyp. 6
Exam-Taking Techniquesp. 7
Question-Handling Strategiesp. 8
Mastering the Inner Gamep. 9
Weighted Averages of the Skill Setsp. 10
Study Guide Checklistp. 11
General Security Conceptsp. 11
Communication Securityp. 12
Infrastructure Securityp. 14
Basics of Cryptographyp. 17
Operational/Organizational Securityp. 18
Additional Resourcesp. 21
General Security Practicesp. 23
Access Controlp. 24
Mandatory Access Controlp. 25
Discretionary Access Controlp. 25
Rule-Based Access Controlp. 26
Role-Based Access Controlp. 26
Authenticationp. 28
Kerberos Authenticationp. 29
Mutual Authenticationp. 31
Challenge Handshake Authentication Protocol (CHAP)p. 32
Certificatesp. 32
Username and Passwordp. 33
Tokensp. 34
Biometricsp. 34
Multifactorp. 34
Nonessential Services and Protocolsp. 35
Practice Questionsp. 36
Need to Know More?p. 41
Nonessential Services and Attacksp. 43
Understanding and Identifying Common Services and Nonessential Services Posing Possible Security Threatsp. 44
Establishing a Server Rolep. 45
Required and Critical Servicesp. 46
Determining Required Protocolsp. 46
Benefits of Removing Protocols and Servicesp. 47
Attacksp. 48
Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacksp. 48
Back Doorp. 51
Spoofingp. 52
Man in the Middlep. 53
Replayp. 54
TCP/IP Hijackingp. 54
Weak Keysp. 54
Mathematicalp. 55
Password Guessingp. 55
Software Exploitationp. 56
Malicious Codep. 57
Virusesp. 57
Trojan Horsesp. 59
Logic Bombsp. 59
Wormsp. 59
Social Engineeringp. 61
System Scanningp. 62
Auditingp. 63
Practice Questionsp. 65
Need to Know More?p. 70
Communication Securityp. 71
Remote Accessp. 72
802.11x Wireless Networkingp. 73
Virtual Private Network (VPN) Connectionsp. 74
Dial-Up User Accessp. 75
Secure Shell (SSH) Connectionsp. 76
Internet Protocol Security (IPSec)p. 78
Securing Emailp. 79
Secure Multipurpose Internet Mail Extension (S/MIME)p. 80
Pretty Good Privacy (PGP)p. 80
Undesirable Emailp. 81
Instant Messagingp. 82
Web Connectivityp. 83
Secure Sockets Layer (SSL)p. 83
Transport Layer Security (TLS)p. 83
Hypertext Transport Protocol over Secure Sockets Layer (HTTPS)p. 84
Practice Questionsp. 85
Need to Know More?p. 91
Online Vulnerabilitiesp. 93
Web Vulnerabilitiesp. 94
Java and JavaScriptp. 94
ActiveX Controlsp. 96
Buffer Overflowsp. 96
Cookiesp. 97
Signed Appletsp. 98
Common Gateway Interface (CGI) Vulnerabilitiesp. 98
Simple Mail Transport Protocol (SMTP) Relayp. 100
Protocol Vulnerabilitiesp. 101
SSL/TLSp. 101
LDAPp. 101
File Transfer Protocol (FTP) Vulnerabilitiesp. 102
Anonymous Accessp. 102
Unencrypted Authenticationp. 103
Blind Accessp. 104
File Sharingp. 104
Wireless Network Vulnerabilitiesp. 104
Wireless Transport Layer Security (WTLS)p. 105
Wireless Local Area Networks (WLANs) Using 802.11x or Buletooth Standardsp. 105
WAP and i-Modep. 106
Wired Equivalent Privacy (WEP)p. 107
Site Surveysp. 107
Practice Questionsp. 109
Need to Know More?p. 114
Infrastructure Securityp. 115
Understanding the Basic Security Concepts of Communication and Network Devicesp. 116
Firewallsp. 116
Routersp. 118
Switchesp. 119
Wirelessp. 119
Modemsp. 121
RASp. 122
Telecom/PBXp. 122
VPNp. 122
IDSp. 123
Network Monitoring/Diagnosticsp. 124
Workstationsp. 126
Serversp. 127
Mobile Devicesp. 127
Understanding the Basic Security Concepts of Mediap. 127
Coaxp. 127
UTP/STPp. 128
Fiberp. 129
Removable Mediap. 130
Basic Security Concepts, Strengths, and Vulnerabilities of Security Topologiesp. 135
Security Zonesp. 136
VLANsp. 139
NATp. 140
Tunnelingp. 142
Practice Questionsp. 143
Need to Know More?p. 148
Intrusion Detection and Security Baselinesp. 149
Intrusion Detectionp. 150
Methods of Intrusion Detectionp. 150
Intrusion-Detection Sourcesp. 152
Layered Intrusion Detectionp. 155
Honeypots and Honeynetsp. 155
Incident Handlingp. 156
Security Baselinesp. 157
Operating System Hardeningp. 157
Network Hardeningp. 158
Application Hardeningp. 160
Practice Questionsp. 163
Need to Know More?p. 168
Basics of Cryptographyp. 169
Algorithmsp. 170
Hashingp. 171
Symmetric Algorithmsp. 172
Asymmetric Algorithmsp. 175
Concepts of Using Cryptographyp. 178
Confidentialityp. 179
Integrityp. 180
Authenticationp. 182
Nonrepudiationp. 182
Access Controlp. 183
Public Key Infrastructure (PKI)p. 184
Certificatesp. 185
Revocationp. 188
Trust Modelsp. 188
Practice Questionsp. 190
Need to Know More?p. 195
Deploying Cryptographyp. 197
Standards and Protocolsp. 198
X.509-Based Public Key Infrastructurep. 198
Public Key Cryptography Standards (PKCS)p. 198
X.509 Standardsp. 200
Other Standards and Protocolsp. 201
Key Management and the Certificate Lifecyclep. 206
Centralized Versus Decentralizedp. 207
Escrowp. 208
Expirationp. 208
Revocationp. 209
Suspensionp. 210
Recoveryp. 210
Renewalp. 211
Destructionp. 211
Key Usagep. 211
Practice Questionsp. 213
Need to Know More?p. 221
Organizational Securityp. 223
Physical Securityp. 224
Access Controlp. 225
Social Engineeringp. 230
Environmentp. 232
Disaster Recoveryp. 236
Backup and Recovery Planningp. 236
Secure Recoveryp. 239
Disaster Recovery Planp. 241
Business Continuity Planningp. 241
Security Policies and Proceduresp. 242
Practice Questionsp. 245
Need to Know More?p. 250
Privilege Management, Forensics, Risk Identification, Education, and Documentationp. 251
Understanding Privilege Managementp. 252
Single Sign-Onp. 252
Centralized Versus Decentralizedp. 253
Managing Access Controlp. 254
Monitoring Access Usep. 254
Understanding Computer Forensicsp. 255
Chain of Custodyp. 255
Preservation of Evidencep. 256
Collection of Evidencep. 257
Identifying Risksp. 258
Asset Identificationp. 258
Risk Assessmentp. 259
Vulnerabilitiesp. 259
Implementing User Educationp. 261
Understanding Security Documentationp. 262
Security Policiesp. 262
Architecture Documentationp. 263
Change Documentationp. 263
Logs and Inventoriesp. 264
Classificationp. 264
Retention and Disposalp. 266
Practice Questionsp. 267
Need to Know More?p. 272
Sample Test #1p. 273
Answer Key to Sample Test #1p. 311
Sample Test #2p. 343
Answer Key to Sample Test #2p. 377
List of Resourcesp. 409
Chapter 1p. 409
Chapter 2p. 409
Chapter 3p. 409
Chapter 4p. 410
Chapter 5p. 410
Chapter 6p. 410
Chapter 7p. 411
Chapter 8p. 411
Chapter 9p. 412
Chapter 10p. 413
Chapter 11p. 413
Other Resourcesp. 413
List of Products and Vendorsp. 415
Chapter 2p. 415
Chapter 3p. 415
Chapter 4p. 416
Chapter 5p. 417
Chapter 6p. 418
Chapter 7p. 418
Chapter 8p. 419
Chapter 9p. 419
Chapter 10p. 419
What's on the CD-ROMp. 421
PrepLogic Practice Tests, Preview Editionp. 421
Exclusive Electronic Version of Textp. 422
Easy Access to Online Pointers and Referencesp. 422
Using the PrepLogic Practice Tests, Preview Edition Softwarep. 423
Exam Simulationp. 423
Question Qualityp. 424
Interface Designp. 424
Effective Learning Environmentp. 424
Software Requirementsp. 424
Installing PrepLogic Practice Tests, Preview Editionp. 425
Removing PrepLogic Practice Tests, Preview Edition from Your Computerp. 425
Using PrepLogic Practice Tests, Preview Editionp. 425
Starting a Practice Test Mode Sessionp. 426
Starting a Flash Review Mode Sessionp. 427
Standard PrepLogic Practice Tests, Preview Edition Optionsp. 427
Time Remainingp. 428
Your Examination Score Reportp. 428
Review Your Examp. 428
Get More Examsp. 428
Contacting PrepLogicp. 429
Customer Servicep. 429
Product Suggestions and Commentsp. 429
License Agreementp. 429
Glossaryp. 431
Indexp. 453
Table of Contents provided by Rittenhouse. All Rights Reserved.

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program