- ホーム
- > 洋書
- > 英文書
- > Computer / General
Full Description
Learn, prepare, and practice for CompTIA Security+ SY0-301exam success with this CompTIA Authorized Cert Guide, Deluxe Edition from Pearson IT Certification, a leader in IT Certification learning and a CompTIA Authorized Platinum Partner. The DVD features three complete practice exams, complete video solutions to the 25 hands-on labs, plus 25 interactive flash-based learning activities that include drag-n-drop and matching to reinforce the learning. * Master CompTIA's Security+ SY0-301 exam topics * Assess your knowledge with chapter-ending quizzes * Review key concepts with exam preparation tasks * Practice with realistic exam questions on the DVD * Includes complete video solutions to the 25 hands-on labs * Plus 25 interactive learning activities on key exam topics Limited Time Offer: Buy CompTIA Security+ SY0-301 Authorized Cert Guide, Deluxe Edition and receive a 10% off discount code for the CompTIA Security+ SYO-301 exam. To receive your 10% off discount code: 1. Register your product at pearsonITcertification.com/register 2. Follow the instructions 3.Go to your Account page and click on "Access Bonus Content" CompTIA Security+ SY0-301 Authorized Cert Guide, Deluxe Edition includes video solutions to the hands-on labs, practice tests, and interactive activities that let the reader learn by doing. Best-selling author and expert instructor David Prowse shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics. The book presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your approach to passing the exam. The companion Deluxe Edition DVD contains the powerful Pearson IT Certification Practice Test engine, with three complete practice exams and hundreds of exam-realistic questions.The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. The Deluxe Edition DVD also includes complete video solutions to the 25 hands-on labs in the book and 25 interactive learning activities on key exam topics to reinforce the learning by doing. Learning activities such as test password strength, match the type of Malware with its definition, find the security issues in the network map, and disallow a user access to the network on Saturday and Sunday. Interactive Learning Activities: * 2.1 Filtering Emails * 2.2 Malware Types * 2.3 Securing the BIOS * 3.1 Stopping Services in the Command Prompt * 3.2 Patch Management * 5.1 Port Numbers, Part 1 * 5.2 Port Numbers, Part 2 * 5.3 Port Numbers, Part 3 * 5.4 Network Attacks, Part 1 * 5.5 Network Attacks, Part 2 * 5.6 Network Attacks, Part 3 * 5.7 Network Attacks, Part 4 * 6.1 Network Security * 7.1 Password Strength * 8.1 802.1X Components * 8.2 Authentication Types * 9.1 Access Control Models * 9.2 Configuring Logon Hours * 10.1 Risk Assessment, Part 1 * 10.2 Risk Assessment, Part 2 * 10.3Vulnerability Management Process * 11.1 Packet Analysis * 12.1 Symmetric and Asymmetric Algorithms * 14.1 RAID Levls * 15.1 Social Engineering Types Hands-On Labs: * 2-1 Using Free Malware Scanning Programs * 2-2 How to Secure the BIOS * 3-1 Discerning & Updating Service Pack Level * 3-2 Creating a Virtual Machine * 3-3 Securing a Virtual Machine * 4-1 Securing the Browser * 4-2 Disabling Applications * 5-1 Port Scanning Basics * 6-1 Packet Filtering and NAT Firewalls * 6-2 Configuring Inbound Filter on a Firewall * 6-3 Enabling MAC Filtering * 7-1 Securing a Wireless Device: 8 Steps * 7-2 Wardriving and the Cure * 8-1 Enabling 802.1X on a Network Adapter * 8-2 Setting Up a VPN * 9-1 Password Policies and User Accounts * 9-2 Configuring User and Group Permissions * 10-1 Mapping and Scanning the Network * 10-2 Password Cracking and Defense * 11-1 Using Protocol Analyzers * 12-1 Disabling LM Hash in Windows Server 2003 * 13-1 A Basic Example of PKI * 13-2 Making an SSH Connection * 14-1 Configuring RAID 1 and 5 * 16-1 How to Approach Exam Questions Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this CompTIA authorized study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.The CompTIA authorized study guide helps you master all the topics on the Security+ exam, including * Core computer system security * OS hardening and virtualization * Application security * Network design elements and threats * Perimeter security * Network media and devices security * Physical security and authentication models * Access control * Vulnerability and risk assessment * Monitoring and auditing * Cryptography, including PKI * Redundancy and disaster recovery * Policies and procedures Companion Deluxe Edition DVD The Deluxe Edition DVD contains three free, complete practice exams, video solutions to the 25 hands-on labs plus 25 interactive flash-based learning activities that include drag-n-drop and matching to reinforce the learning. Includes Exclusive Offer for 70% Off Premium Edition eBook and Practice Test. Pearson IT Certification Practice Test minimum system requirements: Windows XP (SP3), Windows Vista (SP2), or Windows 7; Microsoft .NET Framework 4.0 Client; Pentium class 1GHz processor (or equivalent); 512 MB RAM; 650 MB hard disk space plus 50 MB for each downloaded practice exam.
Contents
Introduction xxv Chapter 1 Introduction to Security 3 Foundation Topics 4 Security 101 4 The CIA of Computer Security 4 The Basics of Information Security 6 Think Like a Hacker 9 Exam Preparation Tasks 11 Review Key Topics 11 Define Key Terms 11 Answer Review Questions 11 Answers and Explanations 13 Chapter 2 Computer Systems Security 17 Foundation Topics 18 Computer Systems Security Threats 18 Malicious Software 18 Viruses 18 Worms 19 Trojan Horses 20 Spyware 21 Rootkits 21 Spam 21 Summary of Malware Threats 22 Ways to Deliver Malicious Software 23 Via Software, Messaging, and Media 23 Active Interception 23 Privilege Escalation 24 Backdoors 24 Logic Bombs 24 Botnets and Zombies 25 Preventing and Troubleshooting Malware 26 Preventing and Troubleshooting Viruses 26 Preventing and Troubleshooting Worms and Trojans 30 Preventing and Troubleshooting Spyware 30 Preventing and Troubleshooting Rootkits 32 Preventing and Troubleshooting Spam 33 You Can't Save Every Computer from Malware! 35 Summary of Malware Prevention Techniques 35 Implementing Security Applications 36 Personal Software Firewalls 36 Host-Based Intrusion Detection Systems 38 Pop-Up Blockers 40 Data Loss Prevention Systems 42 Securing Computer Hardware and Peripherals 42 Securing the BIOS 43 Securing Storage Devices 44 Removable Storage 44 Network Attached Storage 45 Whole Disk Encryption 45 Hardware Security Modules 47 Securing Cell Phones and Smartphones 47 Exam Preparation Tasks 49 Review Key Topics 49 Complete Tables and Lists from Memory 49 Define Key Terms 50 Hands-On Labs 50 Equipment Needed 50 Lab 2-1: Using Free Malware Scanning Programs 50 Lab 2-2: How to Secure the BIOS 51 View Recommended Resources 53 Answer Review Questions 54 Answers and Explanations 60 Chapter 3 OS Hardening and Virtualization 67 Foundation Topics 68 Hardening Operating Systems 68 Removing Unnecessary Applications and Services 68 Service Packs 72 Windows Update, Patches, and Hotfixes 75 Patches and Hotfixes 77 Patch Management 79 Group Policies, Security Templates, and Configuration Baselines 80 Hardening File Systems and Hard Drives 82 Virtualization Technology 86 Types of Virtualization and Their Purposes 86 Working with Virtual Machines 88 Microsoft Virtual PC 88 Microsoft Windows XP Mode 90 Microsoft Virtual Server 90 VMware 91 Hypervisor 92 Securing Virtual Machines 92 Exam Preparation Tasks 94 Review Key Topics 94 Complete Tables and Lists from Memory 95 Define Key Terms 95 Hands-On Labs 95 Equipment Needed 95 Lab 3-1: Discerning and Updating the Service Pack Level 96 Lab 3-2: Creating a Virtual Machine in Virtual PC 2007 96 Lab 3-3: Securing a Virtual Machine 98 View Recommended Resources 101 Answer Review Questions 102 Answers and Explanations 105 Chapter 4 Application Security 109 Foundation Topics 110 Securing the Browser 110 General Browser Security Procedures 111 Implement Policies 111 Train Your Users 114 Use a Proxy and Content Filter 114 Secure Against Malicious Code 116 Securing Internet Explorer 116 Securing Firefox 121 Securing Other Applications 124 Secure Programming 127 Systems Development Life Cycle 128 Programming Testing Methods 130 Programming Vulnerabilities and Attacks 132 Backdoors 132 Buffer Overflows 132 XSS and XSRF 133 More Code Injection Examples 133 Directory Traversal 134 Zero Day Attack 135 Exam Preparation Tasks 136 Review Key Topics 136 Complete Tables and Lists from Memory 136 Define Key Terms 137 Hands-On Labs 137 Equipment Needed 137 Lab 4-1: Securing the Browser 137 Lab 4-2: Disabling Applications with a Windows Server 2008 Policy 138 View Recommended Resources 141 Answer Review Questions 141 Answers and Explanations 145 Chapter 5 Network Design Elements and Network Threats 149 Foundation Topics 150 Network Design 150 Network Devices 150 Hub 150 Switch 151 Router 152 Network Address Translation, and Private Versus Public IP 154 Network Zones and Interconnections 156 LAN Versus WAN 157 Internet 157 Demilitarized Zone (DMZ) 157 Intranets and Extranets 159 Cloud Computing 159 Network Access Control (NAC) 162 Subnetting 162 Virtual Local Area Network (VLAN) 164 Telephony Devices 165 Modems 166 PBX Equipment 166 VoIP 167 Ports and Protocols 167 Ports Ranges, Inbound Versus Outbound, and Common Ports 167 Protocols That Can Cause Anxiety on the Exam 174 Malicious Network Attacks 175 DoS 175 DDoS 178 Spoofing 178 Session Hijacking 179 Replay 181 Null Sessions 181 Transitive Access and Client-Side Attacks 182 DNS Poisoning and Other DNS Attacks 183 ARP Poisoning 184 Summary of Network Attacks 185 Exam Preparation Tasks 188 Review Key Topics 188 Complete Tables and Lists from Memory 189 Define Key Terms 189 Hands-On Labs 189 Equipment Needed 190 Lab 5-1: Port Scanning Basics 190 View Recommended Resources 191 Answer Review Questions 192 Answers and Explanations 199 Chapter 6 Network Perimeter Security 205 Foundation Topics 206 Firewalls and Network Security 206 Firewalls 207 Proxy Servers 212 Honeypots and Honeynets 215 Data Loss Prevention (DLP) 216 NIDS Versus NIPS 217 NIDS 217 NIPS 218 Summary of NIDS Versus NIPS 219 The Protocol Analyzer's Role in NIDS and NIPS 220 Exam Preparation Tasks 220 Review Key Topics 220 Complete Tables and Lists from Memory 221 Define Key Terms 221 Hands-On Labs 221 Equipment Needed 222 Lab 6-1: Packet Filtering and NAT Firewalls 222 Lab 6-2: Configuring an Inbound Filter on a SOHO Router/Firewall 223 Lab 6-3: Enabling MAC Filtering 224 View Recommended Resources 225 Answer Review Questions 225 Answers and Explanations 229 Chapter 7 Securing Network Media and Devices 233 Foundation Topics 234 Securing Wired Networks and Devices 234 Network Device Vulnerabilities 234 Default Accounts 234 Weak Passwords 235 Privilege Escalation 236 Back Doors 237 Network Attacks 237 Other Network Device Considerations 238 Cable Media Vulnerabilities 238 Interference 239 Crosstalk 240 Data Emanation 241 Tapping into Data and Conversations 241 Securing Wireless Networks 244 Wireless Access Point Vulnerabilities 244 Secure the Administration Interface 244 SSID Broadcast 245 Rogue Access Points 245 Evil Twin 246 Weak Encryption 246 Other Wireless Access Point Security Strategies 248 Wireless Transmission Vulnerabilities 250 Bluetooth Vulnerabilities 250 Bluejacking 251 Bluesnarfing 251 Exam Preparation Tasks 252 Review Key Topics 252 Complete Tables and Lists from Memory 253 Define Key Terms 253 Hands-On Labs 253 Equipment Needed 254 Lab 7-1: Securing a Wireless Device: 8 Steps to a Secure Network 254 Lab 7-2: Wardriving...and The Cure 256 View Recommended Resources 257 Answer Review Questions 257 Answers and Explanations 261 Chapter 8 Physical Security and Authentication Models 265 Foundation Topics 267 Physical Security 267 General Building and Server Room Security 267 Door Access 268 Biometric Readers 270 Authentication Models and Components 271 Authentication Models 271 Localized Authentication Technologies 273 802.1X and EAP 273 LDAP 276 Kerberos and Mutual Authentication 277 Terminal Services 279 Remote Authentication Technologies 279 Remote Access Service 280 Virtual Private Networks 281 RADIUS Versus TACACS 284 Exam Preparation Tasks 286 Review Key Topics 286 Complete Tables and Lists from Memory 287 Define Key Terms 287 Hands-On Labs 287 Equipment Needed 288 Lab 8-1: Enabling 802.1X on a Network Adapter 288 Lab 8-2: Setting Up a VPN 289 View Recommended Resources 291 Answer Review Questions 292 Answers and Explanations 299 Chapter 9 Access Control Methods and Models 305 Foundation Topics 306 Access Control Models Defined 306 Discretionary Access Control 306 Mandatory Access Control 308 Role-Based Access Control (RBAC) 309 Access Control Wise Practices 310 Rights, Permissions, and Policies 313 Users, Groups, and Permissions 313 Permission Inheritance and Propagation 317 Moving and Copying Folders and Files 318 Usernames and Passwords 318 Policies 322 User Account Control (UAC) 325 Exam Preparation Tasks 326 Review Key Topics 326 Complete Tables and Lists from Memory 327 Define Key Terms 327 Hands-On Labs 327 Equipment Needed 327 Lab 9-1: Configuring Password Policies and User Account Restrictions 328 Lab 9-2: Configuring User and Group Permissions 330 View Recommended Resources 331 Answer Review Questions 332 Answers and Explanations 337 Chapter 10 Vulnerability and Risk Assessment 341 Foundation Topics 342 Conducting Risk Assessments 342 Qualitative Risk Assessment 344 Quantitative Risk Assessment 344 Security Analysis Methodologies 346 Security Controls 347 Vulnerability Management 349 Penetration Testing 350 OVAL 351 Assessing Vulnerability with Security Tools 352 Network Mapping 352 Vulnerability Scanning 355 Network Sniffing 358 Password Analysis 359 Exam Preparation Tasks 363 Review Key Topics 363 Complete Tables and Lists from Memory 363 Define Key Terms 364 Hands-On Labs 364 Equipment Needed 364 Lab 10-1: Mapping and Scanning the Network 365 Lab 10-2: Password Cracking and Defense 366 View Recommended Resources 367 Answer Review Questions 368 Answers and Explanations 374 Chapter 11 Monitoring and Auditing 379 Foundation Topics 380 Monitoring Methodologies 380 Signature-Based Monitoring 380 Anomaly-Based Monitoring 381 Behavior-Based Monitoring 381 Using Tools to Monitor Systems and Networks 382 Performance Baselining 382 Protocol Analyzers 384 Wireshark 385 Network Monitor 386 SNMP 388 Conducting Audits 389 Auditing Files 389 Logging 392 Log File Maintenance and Security 394 Auditing System Security Settings 396 Exam Preparation Tasks 399 Review Key Topics 399 Complete Tables and Lists from Memory 400 Define Key Terms 400 Hands-On Labs 400 Equipment Needed 400 Lab 11-1:Using Protocol Analyzers 401 View Recommended Resources 403 Answer Review Questions 404 Answers and Explanations 409 Chapter 12 Encryption and Hashing Concepts 415 Foundation Topics 416 Cryptography Concepts 416 Symmetric Versus Asymmetric Key Algorithms 419 Symmetric Key Algorithms 420 Asymmetric Key Algorithms 421 Public Key Cryptography 421 Key Management 422 Steganography 423 Encryption Algorithms 423 DES and 3DES 424 AES 424 RC 425 Summary of Symmetric Algorithms 426 RSA 426 Diffie-Hellman 427 Elliptic Curve 428 More Encryption Types 428 One-Time Pad 428 PGP 429 Hashing Basics 430 Cryptographic Hash Functions 431 MD5 432 SHA 432 Happy Birthday! 432 LANMAN, NTLM, and NTLM2 433 LANMAN 433 NTLM and NTLM2 435 Exam Preparation Tasks 436 Review Key Topics 436 Complete Tables and Lists from Memory 436 Define Key Terms 436 Hands-On Lab 437 Equipment Needed 437 Lab 12-1: Disabling the LM Hash in Windows Server 2003 437 View Recommended Resources 438 Answer Review Questions 439 Answers and Explanations 445 Chapter 13 PKI and Encryption Protocols 451 Foundation Topics 452 Public Key Infrastructure 452 Certificates 452 Certificate Authorities 453 Single-Sided and Dual-Sided Certificates 456 Web of Trust 456 Security Protocols 457 S/MIME 457 SSL/TLS 458 SSH 459 PPTP, L2TP, and IPsec 459 PPTP 460 L2TP 460 IPsec 460 Exam Preparation Tasks 461 Review Key Topics 461 Define Key Terms 462 Hands-On Labs 462 Equipment Needed 462 Lab 13-1: A Basic Example of PKI 462 Lab 13-2: Making an SSH Connection 463 View Recommended Resources 465 Answer Review Questions 465 Answers and Explanations 470 Chapter 14 R edundancy and Disaster Recovery 475 Foundation Topics 476 Redundancy Planning 476 Redundant Power 478 Redundant Power Supplies 479 Uninterruptible Power Supplies 480 Backup Generators 481 Redundant Data 483 Redundant Networking 486 Redundant Servers 488 Redundant Sites 489 Disaster Recovery Planning and Procedures 490 Data Backup 490 DR Planning 494 Exam Preparation Tasks 497 Review Key Topics 497 Complete Tables and Lists from Memory 497 Define Key Terms 498 Hands-On Labs 498 Equipment Needed 498 Lab 14-1: Configuring RAID 1 and 5 498 View Recommended Resources 500 Answer Review Questions 500 Answers and Explanations 504 Chapter 15 Policies, Procedures, and People 509 Foundation Topics 510 Environmental Controls 510 Fire Suppression 510 Fire Extinguishers 510 Sprinkler Systems 512 Special Hazard Protection Systems 512 HVAC 513 Shielding 514 Social Engineering 515 Pretexting 516 Diversion Theft 516 Phishing 516 Hoaxes 518 Shoulder Surfing 518 Eavesdropping 518 Dumpster Diving 519 Baiting 519 Piggybacking/Tailgating 519 Summary of Social Engineering Types 519 User Education and Awareness 520 Legislative and Organizational Policies 521 Data Sensitivity and Classification of Information 522 Personnel Security Policies 524 Privacy Policies 525 Acceptable Use 525 Change Management 525 Separation of Duties/Job Rotation 526 Mandatory Vacations 526 Due Diligence 527 Due Care 527 Due Process 527 User Education and Awareness Training 527 Summary of Personnel Security Policies 528 How to Deal with Vendors 529 How to Dispose of Computers and Other IT Equipment Securely 529 Incident Response Procedures 531 Exam Preparation Tasks 534 Review Key Topics 534 Complete Tables and Lists from Memory 535 Define Key Terms 535 View Recommended Resources 535 Answer Review Questions 536 Answers and Explanations 543 Chapter 16 Taking the Real Exam 551 Foundation Topics 552 Getting Ready and the Exam Preparation Checklist 552 Tips for Taking the Real Exam 555 Beyond the CompTIA Security+ Certification 558 Hands-On Lab 559 Practice Exam 1 561 Practice Exam 2 611 Glossary 663 Master List of Key Topics 685 On the DVD: Appendix A: Memory Tables Appendix B: Memory Tables Answer Key 9780789748270 TOC 11/29/2011
