CompTIA Security+ All-in-One Exam Guide, Second Edition (Hardcover)
Editorial Reviews
Product Description
A CompTIA Security+ Exam Guide and An On-the-Job Reference–All-in-One
Get complete coverage of all the material included on the CompTIA Security+ exam inside this fully up-to-date, comprehensive resource. Written by network security experts, this authoritative exam guide features learning objectives at the beginning of each chapter, exam tips, practice questions, and in-depth explanations. Designed to help you pass the CompTIA Security+ exam with ease, this definitive volume also serves as an essential on-the-job reference. Get full details on all exam topics, including how to:
Combat viruses, Trojan horses, spyware, logic bombs, and worms
Defend against DDoS, spoofing, replay, TCP/IP hijacking, and other attacks
Apply best practices for access control methods
Implement authentication using Kerberos, CHAP, biometrics, and other methods
Use cryptography and PKI
Secure remote access, wireless, and virtual private networks (VPNs)
Harden networks, operating systems, and applications
Manage incident response and follow forensic procedures
The CD-ROM features
One full practice exam
Complete electronic book
About the Author
Greg White is an Associate Professor in the Department of Computer Science at the University of Texas at San Antonio. He is the author of the first edition of this book.
Wm. Arthur Conklin, CompTIA Security+, is an Assistant Professor in the Information and Logistics Technology department at the University of Houston.
.
Product Details
Hardcover: 672 pages
Publisher: McGraw-Hill Osborne Media; 2 edition (December 19, 2008)
A CompTIA Security+ Exam Guide and An On-the-Job Reference–All-in-One
Get complete coverage of all the material included on the CompTIA Security+ exam inside this fully up-to-date, comprehensive resource. Written by network security experts, this authoritative exam guide features learning objectives at the beginning of each chapter, exam tips, practice questions, and in-depth explanations. Designed to help you pass the CompTIA Security+ exam with ease, this definitive volume also serves as an essential on-the-job reference. Get full details on all exam topics, including how to:
Combat viruses, Trojan horses, spyware, logic bombs, and worms
Defend against DDoS, spoofing, replay, TCP/IP hijacking, and other attacks
Apply best practices for access control methods
Implement authentication using Kerberos, CHAP, biometrics, and other methods
Use cryptography and PKI
Secure remote access, wireless, and virtual private networks (VPNs)
Harden networks, operating systems, and applications
Manage incident response and follow forensic procedures
The CD-ROM features
One full practice exam
Complete electronic book
Table of contents
We, the authors of CompTIA Security+ Certification All-in-One Exam Guide, have many
individuals who we need to acknowledge—individuals without whom this effort would
not have been successful.
The list needs to start with those folks at McGraw-Hill who worked tirelessly with
the project’s multiple authors and contributors and led us successfully through the
minefield that is a book schedule and who took our rough chapters and drawings and
turned them into a final, professional product we can be proud of. We thank all the
good people from the Acquisitions team, Tim Green, Jennifer Housh, and Carly Staple-
ton; from the Editorial Services team, Jody McKenzie; and from the Illustration and
Production team, George Anderson, Peter Hancik, and Lyssa Wald. We also thank the
technical editor Glen Clarke; the project editor, LeeAnn Pickrell; the copyeditor, Lisa
Theobald; the proofreader, Susie Elkind; and the indexer, Karin Arrigoni for all their
attention to detail that made this a finer work after they finished with it.
We also need to acknowledge our current employers who, to our great delight, have
seen fit to pay us to work in a career field that we all find exciting and rewarding. There
is never a dull moment in security because it is constantly changing.
We would like to thank Art Conklin for herding the cats on this one.
Finally, we would each like to individually thank those people who—on a personal
basis—have provided the core support for us individually. Without these special people
in our lives, none of us could have put this work together.
I would like to thank my wife, Charlan, for the tremendous support she has always
given me. It doesn’t matter how many times I have sworn that I’ll never get involved
with another book project only to return within months to yet another one; through it
all, she has remained supportive.
I would also like to publicly thank the United States Air Force, which provided me
numerous opportunities since 1986 to learn more about security than I ever knew existed.
To whoever it was who decided to send me as a young captain—fresh from complet-
ing my master’s degree in artificial intelligence—to my first assignment in computer secu-
rity: thank you, it has been a great adventure!
—Gregory B. White, Ph.D.
To Susan, my muse and love, for all the time you suffered as I work on books.
—Art Conklin
Special thanks to Josie for all her support.
—Chuck Cothren
Computer security is becoming increasingly important today as the number of security
incidents steadily climbs. Many corporations now spend significant portions of their
budget on security hardware, software, services, and personnel. They are spending this
money not because it increases sales or enhances the product they provide, but because
of the possible consequences should they not take protective actions.
Why Focus on Security?
Security is not something that we want to have to pay for; it would be nice if we didn’t
have to worry about protecting our data from disclosure, modification, or destruction
from unauthorized individuals, but that is not the environment we find ourselves in
today. Instead, we have seen the cost of recovering from security incidents steadily rise
along with the number of incidents themselves. Since September 11, 2001, this has
taken on an even greater sense of urgency as we now face securing our systems not
just from attack by disgruntled employees, juvenile hackers, organized crime, or com-
petitors; we now also have to consider the possibility of attacks on our systems from
terrorist organizations. If nothing else, the events of September 11, 2001, showed that
anybody is a potential target. You do not have to be part of the government or a govern-
ment contractor; being an American is sufficient reason to make you a target to some,
and with the global nature of the Internet, collateral damage from cyber attacks on one
organization could have a worldwide impact.
A Growing Need for Security Specialists
In order to protect our computer systems and networks, we will need a significant num-
ber of new security professionals trained in the many aspects of computer and network
security. This is not an easy task as the systems connected to the Internet become in-
creasingly complex with software whose lines of codes number in the millions. Under-
standing why this is such a difficult problem to solve is not hard if you consider just
how many errors might be present in a piece of software that is several million lines
long. When you add the additional factor of how fast software is being developed—
from necessity as the market is constantly changing—understanding how errors occur is easy.
Not every “bug” in the software will result in a security hole, but it doesn’t take
many to have a drastic affect on the Internet community. We can’t just blame the ven-
dors for this situation because they are reacting to the demands of government and
industry. Most vendors are fairly adept at developing patches for flaws found in their
software, and patches are constantly being issued to protect systems from bugs that may
introduce security problems. This introduces a whole new problem for managers and
administrators—patch management. How important this has become is easily illus-
trated by how many of the most recent security events have occurred as a result of a
security bug that was discovered months prior to the security incident, and for which a
patch has been available, but for which the community has not correctly installed the
patch, thus making the incident possible. One of the reasons this happens is that many
of the individuals responsible for installing the patches are not trained to understand
the security implications surrounding the hole or the ramifications of not installing the
patch. Many of these individuals simply lack the necessary training.
Because of the need for an increasing number of security professionals who are
trained to some minimum level of understanding, certifications such as the Security+
have been developed. Prospective employers want to know that the individual they are
considering hiring knows what to do in terms of security. The prospective employee, in
turn, wants to have a way to demonstrate his or her level of understanding, which can
enhance the candidate’s chances of being hired. The community as a whole simply
wants more trained security professionals.
Preparing Yourself for the Security+ Exam
CompTIA Security+ Certification All-in-One Exam Guide is designed to help prepare you
to take the CompTIA Security+ certification exam. When you pass it, you will demon-
strate you have that basic understanding of security that employers are looking for.
Passing this certification exam will not be an easy task, for you will need to learn many
things to acquire that basic understanding of computer and network security.
How This Book Is Organized
The book is divided into sections and chapters to correspond with the objectives of the
exam itself. Some of the chapters are more technical than others—reflecting the nature
of the security environment where you will be forced to deal with not only technical
details but also other issues such as security policies and procedures as well as training
and education. Although many individuals involved in computer and network security
have advanced degrees in math, computer science, information systems, or computer or
electrical engineering, you do not need this technical background to address security
effectively in your organization. You do not need to develop your own cryptographic
algorithm; for example, you simply need to be able to understand how cryptography is
used along with its strengths and weaknesses. As you progress in your studies, you will
learn that many security problems are caused by the human element. The best technol-
ogy in the world still ends up being placed in an environment where humans have the
opportunity to foul things up—and all too often do.
xxxi
Part I: Security Concepts The book begins with an introduction of some of the
basic elements of security.
Part II: Cryptography and Applications Cryptography is an important part
of security, and this part covers this topic in detail. The purpose is not to make cryptog-
raphers out of readers but to instead provide a basic understanding of how cryptogra-
phy works and what goes into a basic cryptographic scheme. An important subject in
cryptography, and one that is essential for the reader to understand, is the creation of
public key infrastructures, and this topic is covered as well.
Part III: Security in the Infrastructure The next part concerns infrastructure
issues. In this case, we are not referring to the critical infrastructures identified by the
White House several years ago (identifying sectors such as telecommunications, bank-
ing and finance, oil and gas, and so forth) but instead the various components that
form the backbone of an organization’s security structure.
Part IV: Security in Transmissions This part discusses communications secu-
rity. This is an important aspect of security because, for years now, we have connected
our computers together into a vast array of networks. Various protocols in use today
and that the security practitioner needs to be aware of are discussed in this part.
Part V: Operational Security This part addresses operational and organiza-
tional issues. This is where we depart from a discussion of technology again and will
instead discuss how security is accomplished in an organization. Because we know that
we will not be absolutely successful in our security efforts—attackers are always finding
new holes and ways around our security defenses—one of the most important topics
we will address is the subject of security incident response and recovery. Also included
is a discussion of change management (addressing the subject we alluded to earlier
when addressing the problems with patch management), security awareness and train-
ing, incident response, and forensics.
Part VI: Appendixes There are two appendixes in CompTIA Security+ Certification
All-in-One Exam Guide. Appendix A explains how best to use the CD-ROM included
with this book, and Appendix B provides an additional in-depth explanation of the OSI
model and Internet protocols, should this information be new to you.
Glossary Located just before the Index, you will find a useful glossary of security
terminology, including many related acronyms and their meaning. We hope that you
use the Glossary frequently and find it to be a useful study aid as you work your way
through the various topics in this exam guide.
xxxii
Special Features of the
All-in-One Certification Series
To make our exam guides more useful and a pleasure to read, we have designed the All-
in-One Certification series to include several conventions.
Icons
To alert you to an important bit of advice, a shortcut, or a pitfall, you’ll occasionally see
Notes, Tips, Cautions, and Exam Tips peppered throughout the text.
NOTE NOTE Notes offer nuggets of especially helpful stuff, background
explanations, and information, and terms are defined occasionally.
TIP TIP Tips provide suggestions and nuances to help you learn to finesse your
job. Take a tip from us and read the Tips carefully.
CAUTION CAUTION When you see a Caution, pay special attention. Cautions appear
when you have to make a crucial choice or when you are about to undertake
something that may have ramifications you might not immediately anticipate.
Read them now so you don’t have regrets later.
EXAM TIP EXAM TIP Exam Tips give you special advice or may provide information
specifically related to preparing for the exam itself.
End-of-Chapter Reviews and Chapter Tests
An important part of this book comes at the end of each chapter where you will find a
brief review of the high points along with a series of questions followed by the answers
to those questions. Each question is in multiple-choice format. The answers provided
also include a small discussion explaining why the correct answer actually is the correct
answer.
The questions are provided as a study aid to you, the reader and prospective Secu-
rity+ exam taker. We obviously can’t guarantee that if you answer all of our questions
correctly you will absolutely pass the certification exam. Instead, what we can guarantee
is that the questions will provide you with an idea about how ready you are for the exam.
xxxiii
The CD-ROM
CompTIA Security+ Certification All-in-One Exam Guide also provides you with a CD-
ROM of even more test questions and their answers to help you prepare for the certifi-
cation exam. Read more about the companion CD-ROM in Appendix A.
Onward and Upward
At this point, we hope that you are now excited about the topic of security, even if you
weren’t in the first place. We wish you luck in your endeavors and welcome you to the
exciting field of computer and network security.
Part I: Security Concepts
Chapter 1. General Security Concepts
Chapter 2. Operational Organizational Security
Chapter 3. Legal Issues, Privacy, and Ethics
Part II: Cryptography and Applications
Chapter 4. Cryptography
Chapter 5. Public Key Infrastructure
Chapter 6. Standards and Protocols
Part III: Security in the Infrastructure
Chapter 7. Physical Security
Chapter 8. Infrastructure Security
Chapter 9. Authentication and Remote Access
Chapter 10. Wireless Security
Part IV: Security in Transmissions
Chapter 11. Intrusion Detection Systems
Chapter 12. Security Baselines
Chapter 13. Types of Attacks and Malicious Software
Chapter 14. E-Mail and Instant Messaging
Chapter 15. Web Components
Part V: Operational Security
Chapter 16. Disaster Recovery and Business Continuity
Chapter 17. Risk Management
Chapter 18. Change Management
Chapter 19. Privilege Management
Chapter 20. Computer Forensics
Part VI: Appendixes
Appendix A. About the CD
Appendix B. OSI Model and Internet Protocols
Glossary
Index
Biographical note
Greg White is an Associate Professor in the Department of Computer Science at the University of Texas at San Antonio. He is the author of the first edition of this book.Wm. Arthur Conklin, CompTIA Security+, is an Assistant Professor in the Information and Logistics Technology department at the University of Houston.
CompTIA Security+ All-in-One Exam Guide, Second Edition
672 pages | McGraw-Hill Osborne Media; 2 edition (December 19, 2008) | 0071601279 | PDF | 7 Mb
A CompTIA Security+ Exam Guide and An On-the-Job Reference–All-in-One
| http://rapidshare.de/files/46396037/www.comptia.name_CompTIA_Security__All-in-One_Exam_Guide__Second_Edition.rar.html
password:www.comptia.name http://rapidshare.com/files/214592701/www.comptia.name_CompTIA_Security__All-in-One_Exam_Guide__Second_Edition.rar.html http://uploading.com/files/BO548MSH/www.comptia.name_CompTIA Security+ All-in-One Exam Guide, Second Edition.rar.html |
