did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9780789732910

Security+ Exam Cram 2 Lab Manual

by
  • ISBN13:

    9780789732910

  • ISBN10:

    0789732912

  • Edition: 1st
  • Format: Paperback
  • Copyright: 2005-01-01
  • Publisher: Que

Note: Supplemental materials are not guaranteed with Rental or Used book purchases.

Purchase Benefits

  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $29.99 Save up to $7.50
  • Buy Used
    $22.49
    Add to Cart

    USUALLY SHIPS IN 2-4 BUSINESS DAYS

Supplemental Materials

What is included with this book?

Summary

Put your Security+ knowledge to the test. TheSecurity+ Certification Exam Cram 2 Lab Manual gives you optimal time with hands-on exercises designed to complement and reinfocrce material you have read in the corresponding Exam Cram 2 book or learned in a classroom setting. You will perform tasks you have learned about in other references and that directly related to the exam objectives. Through each lab's Key Objective, Step-by-Step Procedures and "What Did I Just Learn?" report section, you will have a better understanding of the key exam concepts.

Table of Contents

Introduction xix
Chapter 1 General Security Concepts 1(60)
1.1: Recognizing and Differentiating Access Control Models
3(13)
Exercise 1.1.1: Observing MAC
3(1)
Exercise 1.1.2: Configuring DAC
4(6)
Exercise 1.1.3: Configuring Rule-Based Access Control
10(3)
Exercise 1.1.4: Configuring Role-Based Access Control
13(2)
What Did I Just Learn?
15(1)
1.2: Recognizing and Differentiating Authentication
16(9)
Exercise 1.2.1: Observing Kerberos Ticket Properties (Optional)
17(1)
Exercise 1.2.2: Using Authentication Protocols, Including CHAP
18(2)
Exercise 1.2.3: Configuring a Local Account Policy
20(3)
Exercise 1.2.4: Exploring Other Important Authentication Methods
23(2)
What Did I Just Learn?
25(1)
1.3: Identifying Nonessential Services and Protocols
25(5)
Exercise 1.3.1: Identifying and Disabling Services in Windows 2000 Professional
25(3)
Exercise 1.3.2: Creating a Policy to Disable Services
28(2)
What Did I Just Learn?
30(1)
1.4. Recognizing and Mitigating Attacks
30(11)
Exercise 1.4.1: Preventing DoS Attacks
30(3)
Exercise 1.4.2: Back Door Programs
33(4)
Exercise 1.4.3: Password Guessing
37(1)
Exercise 1.4.4: Other Attack Methods
38(2)
What Did I Just Learn?
40(1)
1.5: Recognizing and Mitigating Malicious Code
41(4)
Exercise 1.5.1: Malicious Code Awareness
42(1)
Exercise 1.5.2: Malicious Code Mitigation
43(1)
What Did I Just Learn?
44(1)
1.6: Understanding Social Engineering
45(2)
Exercise 1.6.1: Understanding Social Engineering
45(1)
What Did I Just Learn?
46(1)
1.7: Understanding Auditing, Logging, and System Scanning
47(10)
Exercise 1.7.1: Configuring Auditing in Windows 2000 Professional
47(4)
Exercise 1.7.2: Configuring Auditing on a Domain
51(1)
Exercise 1.7.3: Configuring Logging
52(2)
Exercise 1.7.4: System Scanning
54(2)
What Did I Just Learn?
56(1)
Need to Know More?
57(4)
Chapter 2 Communication Security 61(62)
2.1: Administering Remote Access Security
63(13)
Exercise 2.1.1: 802.1x and Its Vulnerabilities
63(2)
Exercise 2.1.2: Configuring a VPN in Windows 2000 Server
65(2)
Exercise 2.1.3: Configuring Remote Access Authentication
67(2)
Exercise 2.1.4: Configuring Client Connections
69(2)
Exercise 2.1.5: Configuring IPSec
71(2)
Exercise 2.1.6: Terminal Access Controller Access Control System (TACACS) and Secure Shell (SSH)
73(1)
Exercise 2.1.7: Remote Access Vulnerabilities
74(1)
What Did I Just Learn?
75(1)
2.2: Administering Email Security
76(6)
Exercise 2.2.1: Secure Multipurpose Internet Mail Extensions (S/MIME) and Pretty Good Privacy (PGP)
76(1)
Exercise 2.2.2: PGP in Windows 2000
77(3)
Exercise 2.2.3: Email Vulnerabilities
80(1)
What Did I Just Learn?
81(1)
2.3: Administering Internet Security
82(11)
Exercise 2.3.1: Configuring IIS for SSL and HTTP/S
82(4)
Exercise 2.3.2: TLS
86(1)
Exercise 2.3.3: Instant Messaging Vulnerabilities
87(1)
Exercise 2.3.4: Securing the Web Browser
88(4)
What Did I Just Learn?
92(1)
2.4: Administering Directory Security
93(2)
Exercise 2.4.1: Vulnerabilities in SSL, TLS, X.500, and LDAP
93(1)
What Did I Just Learn?
94(1)
2.5: Administering File Transfer Security
95(6)
Exercise 2.5.1: FTP and Its Vulnerabilities
95(1)
Exercise 2.5.2: Securing an FTP Server
96(2)
Exercise 2.5.3: Capturing FTP Traffic with a Sniffer
98(3)
What Did I Just Learn?
101(1)
2.6: Administering Wireless Security
101(7)
Exercise 2.6.1: Understanding Wireless Protocols
101(2)
Exercise 2.6.2: Wireless Vulnerabilities
103(1)
Exercise 2.6.3: Configuring 802.1x Authentication in Windows 2000 Professional
104(2)
What Did I Just Learn?
106(2)
Exam Prep Questions
108(8)
Objective 2.1: Remote Access
108(1)
Objective 2.2: Email
109(1)
Objective 2.3: Web
110(2)
Objective 2.4: Directory-Recognition, Not Administration
112(1)
Objective 2.5: File Transfer
113(1)
Objective 2.6: Wireless
114(2)
Exam Prep Answers
116(3)
Objective 2.1: Remote Access
116(1)
Objective 2.2: Email
116(1)
Objective 2.3: Web
117(1)
Objective 2.4: Directory-Recognition, Not Administration
117(1)
Objective 2.5: File Transfer
117(1)
Objective 2.6: Wireless
118(1)
Need to Know More?
119(4)
Chapter 3 Infrastructure Security 123(58)
3.1: Understanding Device Security
126(12)
Exercise 3.1.1: Configuring a Firewall in Windows 2000
126(3)
Exercise 3.1.2: Understanding Vulnerabilities in Routers, Switches, Modems, RAS, Telecom, and VPN
129(3)
Exercise 3.1.3: Windows Network Monitor
132(3)
Exercise 3.1.4: Diagnostics and Utilities Used for Monitoring Networks, Workstations, Servers, and Mobile Devices
135(3)
What Did I Just Learn?
138(1)
3.2: Understanding Media Security
138(5)
Exercise 3.2.1: Understanding Media Security Concepts
139(1)
Exercise 3.2.2: Securing Removable Media
140(1)
Exercise 3.2.3: Using the Encrypting File System to Encrypt Data in Windows 2000 Server
141(2)
What Did I Just Learn?
143(1)
3.3: Security Topologies
143(6)
Exercise 3.3.1: Understanding Security Zones
143(2)
Exercise 3.3.2: The Use of VLANs
145(2)
Exercise 3.3.3: Configuring Internet Connection Sharing in Windows 2000
147(1)
What Did I Just Learn?
148(1)
3.4: Implementing and Configuring IDSs
149(6)
Exercise 3.4.1: Understanding IDSs
149(2)
Exercise 3.4.2: Configuring an IDS
151(3)
Exercise 3.4.3: Understanding Incident Response Systems
154(1)
What Did I Just Learn?
155(1)
3.5: Establishing Security Baselines
155(14)
Exercise 3.5.1: Hardening Windows and Unix Operating Systems
156(7)
Exercise 3.5.2: Hardening a Network
163(1)
Exercise 3.5.3: Securing and Hardening Application Servers
164(2)
Exercise 3.5.4: Securing Data Repositories and Databases
166(2)
What Did I Just Learn?
168(1)
Exam Prep Questions
169(6)
Objective 3.1: Devices
169(1)
Objective 3.2: Media
170(1)
Objective 3.3: Security Topologies
171(1)
Objective 3.4: Intrusion Detection
172(1)
Objective 3.5: Security Baselines
173(2)
Exam Prep Answers
175(3)
Objective 3.1: Devices
175(1)
Objective 3.2: Media
175(1)
Objective 3.3: Security Topologies
176(1)
Objective 3.4: Intrusion Detection
176(1)
Objective 3.5: Security Baselines
176(2)
Need to Know More?
178(3)
Chapter 4 Basics of Cryptography 181(38)
4.1: Identifying Cryptography Algorithms
183(2)
Exercise 4.1.1: Understanding Cryptography Algorithms
183(1)
What Did I Just Learn?
184(1)
4.2: Cryptography and Security Concepts
185(7)
Exercise 4.2.1: Understanding the Major Security Concepts
185(2)
Exercise 4.2.2: Using Digital Signatures
187(5)
What Did I Just Learn?
192(1)
4.3: Understanding PM
192(7)
Exercise 4.3.1: Installing a CA in Windows 2000 Server
192(2)
Exercise 4.3.2: Issuing and Examining a Certificate
194(3)
Exercise 4.3.3: Certificate Revocation in Windows 2000 Server
197(1)
Exercise 4.3.4: CA Hierarchies and Trusts (Optional)
197(1)
What Did I Just Learn?
198(1)
4.4: Identifying and Differentiating Cryptographic Standards and Protocols
199(2)
Exercise 4.4.1: Understanding Cryptographic Standards and Protocols
199(2)
What Did I Just Learn?
201(1)
4.5: Understanding Key Management and Certificate Lifecycles
201(8)
Exercise 4.5.1: Certificate Management in Windows 2000 Server
202(3)
Exercise 4.5.2: Key Storage, Escrow, and Recovery
205(2)
Exercise 4.5.3: Renewing and Destroying Digital Certificates
207(1)
What Did I Just Learn?
208(1)
Exam Prep Questions
209(5)
Objective 4.1: Algorithms
209(1)
Objective 4.2: Concepts of Using Cryptography
210(1)
Objective 4.3: PM
211(1)
Objective 4.4: Standards and Protocols
211(1)
Objective 4.5: Key Management and Certificate Lifecycle
212(2)
Exam Prep Answers
214(2)
Objective 4.1: Algorithms
214(1)
Objective 4.2: Concepts of Using Cryptography
214(1)
Objective 4.3: PM
214(1)
Objective 4.4: Standards and Protocols
215(1)
Objective 4.5: Key Management and Certificate Lifecycle
215(1)
Need to Know More?
216(3)
Chapter 5 Operational and Organizational Security 219
5.1: Applying Principles of Physical Security
222(3)
Exercise 5.1.1: Understanding Physical Security
222(2)
Exercise 5.1.2: Exploring Environmental Factors in Physical Security
224(1)
What Did I Just Learn?
225(1)
5.2: Preparing for Disaster Recovery
225(7)
Exercise 5.2.1: Backing Up and Restoring Data in Windows 2000
226(3)
Exercise 5.2.2: Preparing a Disaster Recovery Plan
229(2)
What Did I Just Learn?
231(1)
5.3: Business Continuity Planning
232(2)
Exercise 5.3.1: Fault Tolerance in Windows 2000 Server
232(2)
What Did I Just Learn?
234(1)
5.4: Creating and Enforcing Security Policies and Procedures
234(5)
Exercise 5.4.1: Understanding Security Policies
235(1)
Exercise 5.4.2: Defining an HR Policy
236(2)
Exercise 5.4.3: Creating an Incident Response Policy
238(1)
What Did I Just Learn?
239(1)
5.5: Understanding Privilege Management
239(4)
Exercise 5.5.1: Using Groups in Windows 2000 Server
240(3)
What Did I Just Learn?
243(1)
5.6: Using Chain of Custody, Preserving Evidence, and Collecting Evidence
243(10)
Exercise 5.6.1: Understanding the Principles of Collecting and Preserving Evidence
243(3)
Exercise 5.6.2: Securing a Computer to Protect Evidence
246(6)
What Did I Just Learn?
252(1)
5.7: Understanding Risk Identification
253(4)
Exercise 5.7.1: Identifying and Quantifying Risks
253(3)
Exercise 5.7.2: Understanding Threats and Vulnerabilities
256(1)
What Did I Just Learn?
257(1)
5.8: Training End Users, Executives, and Human Resources
257(3)
Exercise 5.8.1: Understanding the Need for Proper Education of Individuals
258(1)
What Did I Just Learn?
259(1)
5.9: Understanding Documentation Concepts
260(9)
Exercise 5.9.1: Documenting a Windows Computer
260(2)
Exercise 5.9.2: Documenting an Active Directory Domain
262(2)
Exercise 5.9.3: Understanding the Need for Logs and Inventories
264(1)
Exercise 5.9.4: Understanding Classification Schemes
265(1)
Exercise 5.9.5: Understanding Security Practices in Data Retention, Storage, and Destruction
266(1)
What Did I Just Learn?
267(2)
Exam Prep Questions
269(11)
Objective 5.1: Physical Security
269(1)
Objective 5.2: Disaster Recovery
270(1)
Objective 5.3: Business Continuity
271(1)
Objective 5.4: Policy and Procedures
272(2)
Objective 5.5: Privilege Management
274(1)
Objective 5.6: Forensics (Awareness, Conceptual Knowledge, and Understanding-Knowing What Your Role Is)
275(1)
Objective 5.7: Risk Identification
276(1)
Objective 5.8: Education-Training of End Users, Executives, and HR
277(1)
Objective 5.9: Documentation
278(2)
Exam Prep Answers
280(5)
Objective 5.1: Physical Security
280(1)
Objective 5.2: Disaster Recovery
280(1)
Objective 5.3: Business Continuity
281(1)
Objective 5.4: Policy and Procedures
281(1)
Objective 5.5: Privilege Management
282(1)
Objective 5.6: Forensics (Awareness, Conceptual Knowledge, and Understanding-Knowing What Your Role Is)
282(1)
Objective 5.7: Risk Identification
283(1)
Objective 5.8: Education-Training of End Users, Executives, and HR
283(1)
Objective 5.9: Documentation
284(1)
Need to Know More?
285

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Excerpts

= 0) {slash = '\\';} else {slash = '/';}openLoc = figLoc.substring(0, figLoc.lastIndexOf(slash) + 1);while (pPage.substring(0,3) == '../') {openLoc = openLoc.substring(0, openLoc.lastIndexOf(slash, openLoc.length - 2)+ 1);pPage = pPage.substring(3, pPage.length + 1);}popUpWin =window.open('','popWin','resizable=1,scrollbars=1,location=0,toolbar=0,width=525,height=394');figDoc = popUpWin.document;zhtm= ' ' + pPage + ' ';zhtm += ' ';zhtm += ' ';zhtm += ' ';zhtm += '' + pPage.substring(pPage.lastIndexOf('/') + 1, pPage.length) + '';zhtm += ' ';figDoc.write(zhtm);figDoc.close();}// modified 3.1.99 RWE v4.1 --> Introduction to Your Lab Manual Introduction to Your Lab ManualWelcome to theSecurity+ Exam Cram 2 Lab Manual! This book is designed to be a perfect complement to theSecurity+ Exam Cram 2and theSecurity+ Practice Questions Exam Cram 2books. TheSecurity+ Exam Cram 2 Lab Manualincludes more than 30 labs with nearly 100 exercises that mimic tasks and present real-world scenarios which a network security administrator might face on the job. The exercises were developed based on the Security+ exam objectives.Written by security instructors, theSecurity+ Exam Cram 2 Lab Manualprovides clear step-by-step directions to help the reader through complex exercises and offers ample guidance to prevent potential pitfalls. For topics that don't lend themselves to hands-on exercises, this book includes research-based exercises, such as researching a topic on the Internet and in print media and answering a set of questions based on that research or creating a report or other such document based on that research.The authors include references to specific chapters and topics in the correspondingSecurity+ Exam Cram 2andSecurity+ Training Guidebooks; however, this lab manual is a standalone product that you can use effectively both individually and in a class setting. If you feel that you could benefit both from buying this bookandtaking a class, check out the many third-party vendors who offer Security+ training in addition to training offered by CompTIA.Undoubtedly, experience with the technologies you are going to be tested on is critical. To truly be prepared for your certification exam, we recommend that you read and study, complete a lot of practice questions, and gain solid experience with the technologies you will be tested on. The last point is our intent with this book. We want to offer you plenty of opportunity to jump into the technologies the Security+ exam tests on, complete with ample guidance and feedback to assist you throughout your exercises. So after you finish this lab manual, it is our hope that you will feel more confident and competent with security fun

Rewards Program