CompTIA Security+ Study Guide Authorized Courseware: Exam SY0-301, 5th EditionISBN: 978-1-118-01473-8
Paperback
696 pages
June 2011
This title is out-of-print and not currently available for purchase from this site.
|
Foreword xxv
Introduction xxix
Assessment Test l
Chapter 1 Measuring and Weighing Risk 1
Risk Assessment 2
Computing Risk Assessment 3
Acting on Your Risk Assessment 5
Risks Associated with Cloud Computing 7
Risks Associated with Virtualization 8
Developing Policies, Standards, and Guidelines 9
Implementing Policies 9
Incorporating Standards 10
Following Guidelines 11
Business Policies 12
Understanding Control Types, False Positives, and Change and Incident Management 16
Summary 18
Exam Essentials 19
Review Questions 20
Answers to Review Questions 24
Chapter 2 Infrastructure and Connectivity 27
Mastering TCP/IP 29
Working with the TCP/IP Suite 30
IPv4 vs. IPv6 33
Understanding Encapsulation 34
Working with Protocols and Services 35
Distinguishing between Security Topologies 41
Setting Design Goals 41
Creating Security Zones 43
Working with Newer Technologies 48
Working with Business Requirements 53
Understanding Infrastructure Security 53
Working with Hardware Components 53
Working with Software Components 55
Understanding the Different Network Infrastructure Devices 56
Firewalls 56
Hubs 61
Modems 62
Remote Access Services 62
Routers 63
Switches 65
Load Balancers 66
Telecom/PBX Systems 66
Virtual Private Networks 68
Web Security Gateway 69
Spam Filters 69
Understanding Remote Access 70
Using Point-to-Point Protocol 70
Working with Tunneling Protocols 71
Summary 72
Exam Essentials 73
Review Questions 74
Answers to Review Questions 78
Chapter 3 Protecting Networks 81
Monitoring and Diagnosing Networks 83
Network Monitors 83
Intrusion Detection Systems 84
Understanding Intrusion Detection Systems 85
Working with a Network-Based IDS 89
Working with a Host-Based IDS 93
Working with NIPS 95
Utilizing Honeypots 96
Understanding Protocol Analyzers 97
Securing Workstations and Servers 98
Securing Internet Connections 100
Working with Ports and Sockets 101
Working with Email 102
Working with the Web 103
Working with File Transfer Protocol 108
Understanding Network Protocols 110
Summary 112
Exam Essentials 112
Review Questions 114
Answers to Review Questions 118
Chapter 4 Threats and Vulnerabilities 121
Understanding Software Exploitation 123
Surviving Malicious Code 131
Viruses 132
Trojan Horses 139
Logic Bombs 140
Worms 140
Antivirus Software 141
Calculating Attack Strategies 143
Understanding Access Attack Types 144
Recognizing Modification and Repudiation Attacks 146
Identifying Denial-of-Service and Distributed Denial-of-Service Attacks 147
Recognizing Botnets 149
Recognizing Common Attacks 150
Backdoor Attacks 150
Spoofing Attacks 151
Pharming Attacks 152
Phishing and Spear Phishing Attacks 152
Man-in-the-Middle Attacks 153
Replay Attacks 154
Password-Guessing Attacks 154
Privilege Escalation 155
Identifying TCP/IP Security Concerns 160
Recognizing TCP/IP Attacks 160
Summary 166
Exam Essentials 167
Review Questions 169
Answers to Review Questions 173
Chapter 5 Access Control and Identity Management 175
Access Control Basics 177
Identification vs. Authentication 177
Authentication (Single Factor) and Authorization 178
Multifactor Authentication 178
Operational Security 180
Tokens 180
Potential Authentication and Access Problems 181
Authentication Issues to Consider 182
Understanding Remote Access Connectivity 184
Using the Point-to-Point Protocol 184
Working with Tunneling Protocols 185
Working with RADIUS 186
TACACS/TACACS+/XTACACS 187
VLAN Management 187
Understanding Authentication Services 189
LDAP 189
Kerberos 189
Single Sign-On Initiatives 189
Understanding Access Control 191
Mandatory Access Control 192
Discretionary Access Control 192
Role-Based Access Control 193
Rule-Based Access Control 193
Implementing Access Control Best Practices 193
Smart Cards 193
Access Control Lists 195
Trusted OS 196
Secure Router Configuration 197
Summary 198
Exam Essentials 198
Review Questions 200
Answers to Review Questions 204
Chapter 6 Educating and Protecting the User 207
Understanding Security Awareness and Training 209
Communicating with Users to Raise Awareness 210
Providing Education and Training 210
Training Topics 211
Classifying Information 217
Public Information 218
Private Information 219
Information Access Controls 221
Complying with Privacy and Security Regulations 226
The Health Insurance Portability and Accountability Act 226
The Gramm-Leach-Bliley Act 227
The Computer Fraud and Abuse Act 227
The Family Educational Rights and Privacy Act 228
The Computer Security Act of 1987 228
The Cyberspace Electronic Security Act 228
The Cyber Security Enhancement Act 229
The Patriot Act 229
Familiarizing Yourself with International Efforts 229
Understanding Social Engineering 230
Types of Social Engineering Attacks 231
What Motivates an Attack? 233
Social Engineering Attack Examples 233
Summary 237
Exam Essentials 237
Review Questions 239
Answers to Review Questions 243
Chapter 7 Operating System and Application Security 245
Hardening the Operating System 247
The Basics of OS Hardening 247
Hardening Filesystems 253
Updating Your Operating System 255
Application Hardening 256
Fuzzing 256
Cross-Site Request Forgery 257
Application Configuration Baselining 257
Application Patch Management 257
Making Your Network More Secure Through Hardening 258
Working with Data Repositories 264
Directory Services 264
Databases and Technologies 266
Injection Problems 267
SQL Injection 267
LDAP Injection 268
XML Injection 268
Directory Traversal/Command Injection 269
Host Security 269
Antimalware 269
Host Software Baselining 274
Mobile Devices 275
Best Practices for Security 276
URL Filtering 276
Content Inspection 277
Malware Inspection 278
Data Loss Prevention 280
Data Encryption 280
Hardware-Based Encryption Devices 281
Attack Types to Be Aware Of 282
Session Hijacking 282
Header Manipulation 282
Summary 283
Exam Essentials 284
Review Questions 285
Answers to Review Questions 289
Chapter 8 Cryptography Basics 291
An Overview of Cryptography 293
Understanding Non-mathematical Cryptography 293
Understanding Mathematical Cryptography 296
Working with Passwords 298
Understanding Quantum Cryptography 299
Uncovering the Myth of Unbreakable Codes 300
Understanding Cryptographic Algorithms 302
The Science of Hashing 302
Working with Symmetric Algorithms 304
Working with Asymmetric Algorithms 307
Wi-Fi Encryption 309
Using Cryptographic Systems 309
Confidentiality 310
Integrity 310
Digital Signatures 311
Authentication 312
Non-repudiation 314
Access Control 314
Key Features 315
Understanding Cryptography Standards and Protocols 315
The Origins of Encryption Standards 316
Public-Key Infrastructure X.509/Public-Key Cryptography Standards 320
X.509 321
SSL and TLS 321
Certificate Management Protocols 323
Secure Multipurpose Internet Mail Extensions 323
Secure Electronic Transaction 324
Secure Shell 325
Pretty Good Privacy 325
HTTP Secure 327
Secure HTTP 327
IP Security 327
Tunneling Protocols 330
Federal Information Processing Standard 330
Summary 331
Exam Essentials 331
Review Questions 333
Answers to Review Questions 337
Chapter 9 Cryptography Implementation 339
Using Public Key Infrastructure 340
Using a Certificate Authority 341
Working with Registration Authorities and Local Registration Authorities 342
Implementing Certificates 344
Understanding Certificate Revocation 347
Implementing Trust Models 348
Preparing for Cryptographic Attacks 355
Ways to Attack Cryptographic Systems 356
Three Types of Cryptographic Attacks 357
Understanding Key Management and the Key Life Cycle 358
Methods for Key Generation 359
Storing and Distributing Keys 361
Using Key Escrow 363
Identifying Key Expiration 364
Revoking Keys 364
Suspending Keys 364
Recovering and Archiving Keys 365
Renewing Keys 366
Destroying Keys 367
Identifying Key Usage 368
Summary 368
Exam Essentials 369
Review Questions 370
Answers to Review Questions 374
Chapter 10 Physical and Hardware-Based Security 375
Implementing Access Control 376
Physical Barriers 376
Security Zones 382
Partitioning 384
Biometrics 386
Maintaining Environmental and Power Controls 386
Environmental Monitoring 387
Power Systems 388
EMI Shielding 389
Hot and Cold Aisles 391
Fire Suppression 392
Fire Extinguishers 392
Fixed Systems 393
Summary 394
Exam Essentials 394
Review Questions 395
Answers to Review Questions 399
Chapter 11 Security and Vulnerability in the Network 401
Network Security Threats 403
Penetration Testing 404
Vulnerability Scanning 405
Ethical Hacking 407
Assessment Types and Techniques 408
Secure Network Administration Principles 409
Rule-Based Management 410
Port Security 410
Working with 802.1X 411
Flood Guards and Loop Protection 411
Preventing Network Bridging 411
Log Analysis 412
Mitigation and Deterrent Techniques 412
Manual Bypassing of Electronic Controls 412
Monitoring System Logs 413
Security Posture 419
Reporting 420
Detection/Prevention Controls 420
Summary 421
Exam Essentials 421
Review Questions 422
Answers to Review Questions 426
Chapter 12 Wireless Networking Security 429
Working with Wireless Systems 430
IEEE 802.11x Wireless Protocols 430
WEP/WAP/WPA/WPA2 432
Wireless Transport Layer Security 434
Understanding Mobile Devices 435
Wireless Access Points 436
Extensible Authentication Protocol 441
Lightweight Extensible Authentication Protocol 442
Protected Extensible Authentication Protocol 443
Wireless Vulnerabilities to Know 443
Summary 448
Exam Essentials 448
Review Questions 450
Answers to Review Questions 454
Chapter 13 Disaster Recovery and Incident Response 455
Understanding Business Continuity 456
Undertaking Business Impact Analysis 457
Utilities 458
High Availability 460
Disaster Recovery 464
Incident Response Policies 479
Understanding Incident Response 480
Succession Planning 487
Reinforcing Vendor Support 487
Service-Level Agreements 487
Code Escrow Agreements 489
Summary 490
Exam Essentials 491
Review Questions 492
Answers to Review Questions 496
Chapter 14 Security-Related Policies and Procedures 499
Policies You Must Have 500
Data Loss/Theft Policies 500
Least Privilege 501
Separation of Duties 502
Time of Day Restrictions 502
Mandatory Vacations and Job Rotation 504
Policies You Should Have 504
Human Resource Policies 504
Certificate Policies 508
Security Controls for Account Management 510
User and Group Role Management 510
Users with Multiple Accounts/Roles 512
Auditing 512
Account Policy Enforcement 519
Summary 521
Exam Essentials 522
Review Questions 523
Answers to Review Questions 527
Chapter 15 Security Administration 529
Security Administrator’s Troubleshooting Guide 530
Getting Started 531
Creating a Home Lab 531
In the Workplace 532
Which OS Should You Use? 533
Creating a Security Solution 533
Access Control Issues 534
Accountability Concerns 534
Auditing 535
Authentication Schemes 536
Authentication Factors 536
Mutual Authentication 537
Authentication Protection 538
Backup Management 538
Baselining Security 539
Certificate Management 540
Communications Security 541
Preauthentication 541
Remote Control/Remote Shell 542
Virtual Private Networks 543
Directory Services Protection 543
Disaster Planning 544
Documenting Your Environment 545
Email Issues 545
File-Sharing Basics 547
Working with IDSs and Honey Pots 548
Incident Handling 548
Internet Common Sense 549
Key Management Conventions 550
Preventing Common Malicious Events 551
Constructing a Line of Defense 552
Types of Attacks 553
Antivirus Protection 554
Making Stronger Passwords 555
Managing Personnel 557
Keeping Physical Security Meaningful 558
Securing the Infrastructure 560
Working with Security Zones 562
Social Engineering Risks 562
System Hardening Basics 563
Securing the Wireless Environment 565
Summary 566
Appendix A About the Companion CD 567
What You’ll Find on the CD 568
Sybex Test Engine 568
Electronic Flashcards 568
PDF of the Glossary 568
System Requirements 569
Using the CD 569
Troubleshooting 570
Customer Care 570
Glossary 571
Index 613