CompTIA Security+<sup><small>TM</small></sup> Study Guide: Exam SY0-101, 3rd Edition,9780470036686

CompTIA Security+TM Study Guide: Exam SY0-101, 3rd Edition

by ;
Edition: 3rd
ISBN13: 9780470036686
ISBN10: 0470036680
Format: Paperback
Pub. Date: 2006-05-01
Publisher(s): Sybex
List Price: $49.99

Rent Book

Select for Price
Add to Cart
There was a problem. Please try again later.

New Book

We're Sorry
Sold Out

Used Book

We're Sorry
Sold Out

eBook

We're Sorry
Not Available

Buy from our Marketplace starting at $10.77

How Marketplace Works:

  • This item is offered by an independent seller and not shipped from our warehouse
  • Item details like edition and cover design may differ from our description; see seller's comments before ordering.
  • Sellers much confirm and ship within two business days; otherwise, the order will be cancelled and refunded.
  • Marketplace purchases cannot be returned to eCampus.com. Contact the seller directly for inquiries; if no response within two days, contact customer service.
  • Additional shipping costs apply to Marketplace purchases. Review shipping costs at checkout.

Summary

Take charge of your career with certification that can increase your marketability. This new edition of the top-sellingGuide is what you need to prepare for CompTIA's Security+ SY0-101 exam.Developed to meet the exacting requirements of today's certification candidates and aspiring IT security professionals, this fully updated, comprehensive book features: Clear and concise information on crucial security topics. Practical examples and hands-on labs to prepare you for actual on-the-job situations. Authoritative coverage of all key exam topics including general security concepts; communication, infrastructure, operational, and organizational security; and cryptography basics. TheGuide covers all exam objectives, demonstrates implementation of important instructional design principles, and provides instructional reviews to help you assess your readiness for the exam. Additionally, theGuide includes a CD-ROM with advanced testing software, all chapter review questions, and bonus exams as well as electronic flashcards that run on your PC, Pocket PC, or Palm handheld.Join the more than 20,000 security professionals who have earned this certification with the CompTIA authorizedStudy Guide.

Author Biography

Mike Pastore has worked in IT for over twenty-five years. He is currently a consultant in systems implementation for the Shepherd Group in Bellevue, Washington. </p> <p>Emmett Dulaney has written several certification books on Windows, Security, IT project management, and UNIX. He is the certification columnist for Redmond Magazine and CramSession.com.

Table of Contents

Introduction xv
Assessment Test xxix
General Security Concepts
1(50)
Understanding Information Security
4(9)
Securing the Physical Environment
5(2)
Examining Operational Security
7(2)
Working with Management and Policies
9(4)
Understanding the Goals of Information Security
13(1)
Comprehending the Security Process
14(10)
Appreciating Antivirus Software
14(1)
Implementing Access Control
14(2)
Understanding Authentication
16(6)
Understanding Networking Services and Protocols
22(2)
Distinguishing Between Security Topologies
24(15)
Setting Design Goals
25(2)
Creating Security Zones
27(4)
Working with Newer Technologies
31(3)
Business Concerns to Be Aware Of
34(5)
Summary
39(1)
Exam Essentials
40(3)
Hands-On Labs
43(1)
Lab 1.1: Update a Linux System
43(1)
Lab 1.2: Update a Windows-Based System
43(1)
Review Questions
44(4)
Answers to Review Questions
48(3)
Identifying Potential Risks
51(52)
Calculating Attack Strategies
52(5)
Types of Access Attacks
53(2)
Recognizing Modification and Repudiation Attacks
55(1)
Identifying Denial-of-Service (DoS) and Distributed DoS (DDoS) Attacks
55(2)
Recognizing Common Attacks
57(4)
Back Door Attacks
57(1)
Spoofing Attacks
58(1)
Man-in-the-Middle Attacks
59(1)
Replay Attacks
60(1)
Password-Guessing Attacks
61(1)
Identifying TCP/IP Security Concerns
61(15)
Working with the TCP/IP Protocol Suite
63(3)
Encapsulation
66(1)
Working with Protocols and Services
67(3)
Recognizing TCP/IP Attacks
70(6)
Understanding Software Exploitation
76(2)
Surviving Malicious Code
78(10)
Viruses
78(7)
Trojan Horses
85(1)
Logic Bombs
85(1)
Worms
86(1)
Antivirus Software
87(1)
Understanding Social Engineering
88(2)
An Introduction to Auditing Processes and Files
90(1)
Summary
91(1)
Exam Essentials
92(3)
Hands-On Labs
95(2)
Lab 2.1: Identify Running Processes on a Windows-Based Machine
95(1)
Lab 2.2: Identify Running Processes on a Linux-Based Machine
95(2)
Review Questions
97(4)
Answers to Review Questions
101(2)
Infrastructure and Connectivity
103(62)
Understanding Infrastructure Security
105(4)
Working with Hardware Components
106(2)
Working with Software Components
108(1)
Understanding the Different Network Infrastructure Devices
109(14)
Firewalls
109(5)
Hubs
114(1)
Routers
114(2)
Switches
116(1)
Wireless Access Points
117(2)
Modems
119(1)
Remote Access Services
119(1)
Telecom/PBX Systems
120(2)
Virtual Private Networks
122(1)
Monitoring and Diagnosing Networks
123(2)
Network Monitors
123(2)
Securing Workstations and Servers
125(2)
Understanding Mobile Devices
127(1)
Understanding Remote Access
128(4)
Using the Point-to-Point Protocol
128(1)
Tunneling Protocols
129(1)
802.1x Wireless Protocols
130(1)
RADIUS
130(1)
TACACS/+
131(1)
Securing Internet Connections
132(9)
Working with Ports and Sockets
132(1)
Working with E-mail
133(1)
Working with the Web
134(5)
Working with the File Transfer Protocol
139(2)
Understanding SNMP and Other TCP/IP Protocols
141(1)
The Basics of Cabling, Wires, and Communications
142(9)
Coax
142(4)
Unshielded Twisted Pair and Shielded Twisted Pair
146(1)
Fiber Optic
147(1)
Infrared
148(1)
Radio Frequencies
148(1)
Microwave Systems
149(2)
Employing Removable Media
151(3)
Tape
151(1)
CD-R
152(1)
Hard Drives
153(1)
Diskettes
153(1)
Flash Cards
153(1)
Smart Cards
154(1)
Summary
154(2)
Exam Essentials
156(1)
Hands-On Labs
157(1)
Lab 3.1: Examine the Windows Routing Table
157(1)
Lab 3.2: Examine the Linux Routing Table
157(1)
Review Questions
158(4)
Answers to Review Questions
162(3)
Monitoring Activity and Intrusion Detection
165(46)
Monitoring the Network
167(7)
Recognizing the Different Types of Network Traffic
168(5)
Monitoring Network Systems
173(1)
Understanding Intrusion Detection Systems
174(17)
Working with a Network-Based IDS
178(5)
Working with a Host-Based IDS
183(1)
Utilizing Honey Pots
184(2)
Understanding Incident Response
186(5)
Working with Wireless Systems
191(3)
Wireless Transport Layer Security
191(1)
IEEE 802.11x Wireless Protocols
192(1)
WEP/WAP
192(1)
Wireless Vulnerabilities to Know
193(1)
Understanding Instant Messaging's Features
194(1)
IM Vulnerabilities
195(1)
Controlling Privacy
195(1)
Working with 8.3 File Naming
195(1)
Understanding Packet Sniffing
196(1)
Understanding Signal Analysis and Intelligence
197(1)
Footprinting
197(1)
Scanning
198(1)
Summary
198(1)
Exam Essentials
199(2)
Hands-On Labs
201(3)
Lab 4.1: View the Active TCP and UDP Ports
201(1)
Lab 4.2: Run Windows Network Monitor
201(1)
Lab 4.3: Install snort in Linux
202(1)
Lab 4.4: Make File Extensions Visible in Windows XP
202(1)
Lab 4.5: Monitor Network Traffic in Linux
202(2)
Review Questions
204(4)
Answers to Review Questions
208(3)
Implementing and Maintaining a Secure Network
211(42)
Overview of Network Security Threats
213(2)
Defining Security Baselines
215(2)
Hardening the OS and NOS
217(12)
Configuring Network Protocols
218(2)
Hardening Microsoft Windows 2000
220(2)
Hardening Microsoft Windows XP
222(1)
Hardening Windows Server 2003
222(1)
Hardening Unix/Linux
223(1)
Hardening Novell NetWare
224(1)
Hardening Apple Macintosh
225(1)
Hardening Filesystems
225(3)
Updating Your Operating System
228(1)
Hardening Network Devices
229(2)
Updating Network Devices
230(1)
Configuring Routers and Firewalls
230(1)
Hardening Applications
231(10)
Hardening Web Servers
232(1)
Hardening E-Mail Servers
233(1)
Hardening FTP Servers
234(1)
Hardening DNS Servers
234(1)
Hardening NNTP Servers
235(1)
Hardening File and Print Servers and Services
236(1)
Hardening DHCP Services
237(1)
Working with Data Repositories
238(3)
Summary
241(2)
Exam Essentials
243(1)
Hands-On Labs
244(2)
Lab 5.1: Install OpenLDAP on a SuSE Server
244(1)
Lab 5.2: Work with Performance Monitor and Windows
244(1)
Lab 5.3: Work with Unix/Linux Networking
245(1)
Lab 5.4: Install and Configure the E-mail Service on a SuSE Server
245(1)
Review Questions
246(4)
Answers to Review Questions
250(3)
Securing the Network and Environment
253(48)
Understanding Physical and Network Security
254(17)
Implementing Access Control
254(7)
Understanding Social Engineering
261(3)
Scanning the Environment
264(7)
Understanding Business Continuity Planning
271(4)
Undertaking Business Impact Analysis
272(1)
Assessing Risk
273(2)
Developing Policies, Standards, and Guidelines
275(4)
Implementing Policies
276(1)
Incorporating Standards
277(1)
Following Guidelines
278(1)
Working with Security Standards and ISO 17799
279(1)
Classifying Information
280(9)
Public Information
281(1)
Private Information
282(2)
Roles in the Security Process
284(1)
Information Access Controls
285(4)
Summary
289(2)
Exam Essentials
291(2)
Hands-On Lab
293(1)
Lab 6.1: Test Social Engineering
293(1)
Review Questions
294(4)
Answers to Review Questions
298(3)
Cryptography Basics, Methods, and Standards
301(68)
An Overview of Cryptography
303(7)
Understanding Physical Cryptography
304(2)
Understanding Mathematical Cryptography
306(2)
Understanding Quantum Cryptography
308(1)
Uncovering the Myth of Unbreakable Codes
309(1)
Understanding Cryptographic Algorithms
310(5)
The Science of Hashing
310(2)
Working with Symmetric Algorithms
312(1)
Working with Asymmetric Algorithms
313(2)
Using Cryptographic Systems
315(5)
Confidentiality
315(1)
Integrity
315(3)
Authentication
318(1)
Nonrepudiation
319(1)
Access Control
319(1)
Using Public Key Infrastructure
320(10)
Using a Certificate Authority
321(1)
Working with Registration Authorities and Local Registration Authorities
322(2)
Implementing Certificates
324(1)
Understanding Certificate Revocation
325(1)
Implementing Trust Models
326(4)
Preparing for Cryptographic Attacks
330(2)
Understanding Cryptography Standards and Protocols
332(14)
The Origins of Encryption Standards
332(4)
PKIX/PKCS
336(1)
X.509
337(1)
SSL and TLS
338(1)
CMP
339(1)
S/MIME
340(1)
SET
340(1)
SSH
340(3)
PGP
343(1)
HTTPS
343(1)
S-HTTP
344(1)
IPSec
344(1)
FIPS
344(1)
Common Criteria
345(1)
WTLS
345(1)
WEP
345(1)
ISO 17799
345(1)
Understanding Key Management and the Key Life Cycle
346(10)
Comparing Centralized and Decentralized Key Generation
346(2)
Storing and Distributing Keys
348(2)
Using Key Escrow
350(1)
Key Expiration
351(1)
Revoking Keys
351(1)
Suspending Keys
352(1)
Recovering and Archiving Keys
352(2)
Renewing Keys
354(1)
Destroying Keys
355(1)
Key Usage
355(1)
Summary
356(2)
Exam Essentials
358(3)
Hands-On Labs
361(2)
Lab 7.1: Hash Rules in Windows Server 2003
361(1)
Lab 7.2: SSL Settings in Windows Server 2003
361(1)
Lab 7.3: Encrypting a File System in Linux
362(1)
Lab 7.4: Look for Errors in IPSec Performance Statistics
362(1)
Review Questions
363(4)
Answers to Review Questions
367(2)
Security Policies and Procedures
369(50)
Understanding Business Continuity
371(19)
Utilities
371(1)
High Availability
372(6)
Disaster Recovery
378(12)
Reinforcing Vendor Support
390(3)
Service-Level Agreements (SLAs)
390(2)
Code Escrow
392(1)
Generating Policies and Procedures
393(8)
Human Resource Policies
393(4)
Business Policies
397(1)
Certificate Policies
398(2)
Incident-Response Policies
400(1)
Enforcing Privilege Management
401(7)
User and Group Role Management
401(2)
Privilege Escalation
403(1)
Single Sign-On
403(1)
Privilege Decision Making
404(1)
Auditing
405(2)
Access Control
407(1)
Summary
408(1)
Exam Essentials
409(2)
Hands-On Labs
411(2)
Lab 8.1: Use Automated System Recovery in Windows Server 2003
411(1)
Lab 8.2: Create a Rescue Disk in Linux
411(1)
Lab 8.3: Create a Backup with SuSE Linux
411(2)
Review Questions
413(4)
Answers to Review Questions
417(2)
Security Management
419(36)
Understanding Computer Forensics
420(6)
Methodology of a Forensic Investigation
421(2)
Enforcing the Chain of Custody
423(1)
Preserving Evidence
424(1)
Collecting Evidence
425(1)
Understanding Security Management
426(7)
Drafting Best Practices and Documentation
426(7)
Understanding Security Awareness and Education
433(3)
Using Communication and Awareness
433(1)
Providing Education
433(3)
Staying on Top of Security
436(4)
Websites
437(1)
Trade Publications
438(2)
Regulating Privacy and Security
440(4)
Health Insurance Portability and Accountability Act
440(1)
Gramm-Leach-Bliley Act of 1999
440(1)
Computer Fraud and Abuse Act
441(1)
Family Educational Rights and Privacy Act
441(1)
Computer Security Act of 1987
442(1)
Cyberspace Electronic Security Act
442(1)
Cyber Security Enhancement Act
442(1)
Patriot Act
442(1)
Familiarizing Yourself with International Efforts
443(1)
Summary
444(1)
Exam Essentials
445(2)
Hands-On Labs
447(1)
Lab 9.1: Configure Windows Automatic Updates
447(1)
Lab 9.2: Configure Linux Automatic Updates
447(1)
Review Questions
448(4)
Answers to Review Questions
452(3)
Glossary 455(40)
Index 495

An electronic version of this book is available through VitalSource.

This book is viewable on PC, Mac, iPhone, iPad, iPod Touch, and most smartphones.

By purchasing, you will be able to view this book online, as well as download it, for the chosen number of days.

Digital License

You are licensing a digital product for a set duration. Durations are set forth in the product description, with "Lifetime" typically meaning five (5) years of online access and permanent download to a supported device. All licenses are non-transferable.

More details can be found here.

A downloadable version of this book is available through the eCampus Reader or compatible Adobe readers.

Applications are available on iOS, Android, PC, Mac, and Windows Mobile platforms.

Please view the compatibility matrix prior to purchase.