CompTIA Security+ Deluxe Study Guide: SY0-201 (Hardcover)
CompTIA Security+ Deluxe Study Guide: SY0-201 (Hardcover) by Emmett Dulaney (Author)
Product Description
CompTIA Security+ Deluxe Study Guide gives you complete coverage of the Security+ exam objectives with clear and concise information on crucial security topics. Learn from practical examples and insights drawn from real-world experience and review your newly acquired knowledge with cutting-edge exam preparation software, including a test engine and electronic flashcards. Find authoritative coverage of key topics like general security concepts, communication security, infrastructure security, the basics of cryptography and operational and organizational security. The Deluxe edition contains a bonus exam, special Security Administrators’ Troubleshooting Guide appendix, and 100 pages of additional hands-on exercises.
From the Back Cover
Deluxe Edition of our top-selling CompTIA Security+ Study Guide
Security is unlike any other topic in computing. To begin with,
the word is so encompassing that it is impossible to know what
you mean just by using it. When you talk about security, do
you mean physical security of servers and workstations and protecting them from those who
might try to steal them or from damage that might occur if the side of the building collapses?
Or do you mean the security of data and protecting it from viruses and worms or from hack-
ers and miscreants who have suddenly targeted you and have no other purpose in life than
to keep you up at night? Or maybe security to you is the comfort that comes in knowing that
you can restore iles if a user accidentally deletes them.
The irst problem with security is that it is next to impossible for everyone to agree on what
it means because it can include all of these items. The next problem with security is that we
don’t really mean that we want things to be completely secured. If you wanted the customer
list ile to truly be secure, you would never put it on the server and make it available. It is
on the server because you need to access it and so do 30 other people. In this sense, security
means that only 30 people can get to it and not anyone outside of the select 30.
The next problem is that while everyone wants security, no one wants to be inconve-
nienced by it. To use an analogy, few are the travelers who do not feel safer by watching
airport personnel frisk and pat down all who head to the terminal—they just don’t want
it to happen to them. This is true in computing as well; we all want to make sure data is
accessed only by those who truly should be working with it, but we don’t want to have to
enter 12-digit passwords and submit to retinal scans.
As a computer security professional, you have to understand all of these concerns.
You have to know that a great deal is expected of you but few users want to be hassled or
inconvenienced by the measures you must put in place. You have a primary responsibility
to protect and safeguard the information your organization uses. Many times that means
educating your users and making certain they understand the “why” behind what is being
implemented.
Security is a high-growth area in the computer industry, and it has been for several
years now. The need for qualiied people is increasing rapidly, as a search of job boards
will quickly illustrate. Your pursuit of the Security+ certiicate is a good irst step in this
process. Security+ is not the only security certiication on the market, and it is not even
the only entry-level certiication available to you. It is, however, the only one to truly focus
on the topics that most think of when security comes to mind. To pass it, you must have a
broad knowledge of all the different types of security mentioned in the irst paragraph.
In this chapter, I’ll discuss the various aspects of computer security as they relate to your
job. I will introduce the basics of computer security and provide several models you can use
to understand the risks your organization faces. Not stopping there, I will also present steps
you must take in order to minimize those risks.
Understanding Information Security
Information security narrows down the deinition of security. The term information security
covers a wide array of activities in an organization. It includes not only the products, but also
the processes used to prevent unauthorized access to, modiication of, and deletion of infor-
mation. This area also involves protecting resources by preventing them from being disrupted
by situations or attacks that may be largely beyond the control of the person responsible for
information security.
From the perspective of a computer professional, you’re dealing with issues that are
much bigger than protecting computer systems from viruses. You’re also protecting an
organization’s most valuable assets from people who are highly motivated to misuse those
assets. Fortunately, most of them are outsiders who are trying to break in, but some of
these people may already be inside your organization and discontented in their present
situation. Not only do you have to keep outsiders out, but you have to be prepared for the
accountant who has legitimate access to iles and wants to strike out because he did not get
as good a performance review as he thought he should.
Needless to say, this job isn’t getting any easier. Weaknesses and vulnerabilities in most
commercial systems are well known and documented, and more become known each day.
Your adversaries can use search engines to ind vulnerabilities on virtually any product or
operating system. To learn how to exploit the most likely weaknesses that exist in a system,
they can buy books on computer hacking, join newsgroups on the Internet, and access web-
sites that offer explicit details. Some are doing it for proit or pleasure, but many are doing
it just for the sheer thrill of it. There have been many glamorized characters on television
and in movies who break into computer systems and do things they should not. When was
the last time you saw a glamorized security administrator on such a show? If you make
things look fun and exciting, there is some part of the audience that will attempt it.
Compounding matters, in many situations you’ll ind yourself constantly dealing with
inherent weaknesses in the products you use and depend on. You can’t count on the security
within an application to be lawless from the moment it is released until the next version comes
out three years later. The following sections discuss in detail the aspects you must consider in
order to have a reasonable chance of securing your information, networks, and computers.
Make sure you understand that I’m always talking about reasonable.
One of the irst things you must develop as a security administrator is a bit of paranoia.
It’s important to remember that you’re dealing with both system vulnerabilities and human
vulnerabilities—although they aren’t the same, they both affect the organization signiicantly.
You must assume that you’re under attack right now, even as you read this book.
Information security includes a number of topics of primary focus, each addressing differ-
ent parts of computer security. An effective computer security plan and process must evaluate
the risks and create strategies and methods to address them. The following sections focus on
three such areas:
Physical security Û N
Operational security Û N
Management and policies Û N
Prepare for CompTIA’s new Security+ exam (SY0-201) with this Deluxe Edition of Sybex’s popular CompTIA Security+ Study Guide. In addition to comprehensive coverage of exam essentials, the Deluxe Edition includes over one hundred additional pages of hands-on exercises, four practice exams, a list of useful acronyms any security professional should be familiar with, and a valuable Security Administrator’s Troubleshooting Guide. Start your Security+ preparation today with:
Full coverage of all exam objectives in a systematic approach, so you can be confident you’re getting the instruction you need for the exam
More than one hundred extra pages of practical, hands-on exercises to reinforce critical skills
A valuable Security Administrator’s Troubleshooting Guide you can use in the field
Real-world scenarios that put what you’ve learned in the context of actual job roles
Four complete practice exams as well as challenging review questions to prepare you for exam day
Exam Essentials, a key feature in each chapter that identifies critical areas you must become proficient in before taking the exam
A handy tear card that maps every official exam objective to the corresponding chapter in the book, so you can track your exam prep objective by objective
Look inside for complete coverage of all exam objectives.
About the Author
Emmett Dulaney is an assistant professor at Anderson University. He has written several certification books on Windows, Security, IT project management, and UNIX, and is coauthor of two of Sybex’s leading certification titles: CompTIA A+ Complete Study Guide and CompTIA Security+ Study Guide, Third Edition. He is also a well-known certification columnist for Redmond magazine and CertCities.com
download the sy0-201 book rapidshare links
Assessment Test
http://rapidshare.de/files/46394015/www.sy0-201.net_CompTIA_Security__Deluxe_Study_Guide_SY0-201.rar.html
http://rapidshare.com/files/214549322/www.sy0-201.net_CompTIA_Security__Deluxe_Study_Guide_SY0-201.rar.html
http://www.4shared.com/file/95446350/28c647ef/wwwsy0-201net_CompTIA_Security_Deluxe_Study_Guide_SY0-201.html
http://uploading.com/files/5UFQW30M/www.sy0-201.net_CompTIA Security+ Deluxe Study Guide SY0-201.rar.html
http://rapidshare.de/files/46394015/www.sy0-201.net_CompTIA_Security__Deluxe_Study_Guide_SY0-201.rar.html
[...] sy0-201 books [...]