HAPPY BOOKSGIVING
Use code BOOKSGIVING during checkout to save 40%-55% on books and eBooks. Shop now.
Register your product to gain access to bonus material or receive a coupon.
Learn, prepare, and practice for CompTIA Security+ SY0-301 exam success with this CompTIA Cert Guide from Pearson IT Certification, a leader in IT Certification learning and a CompTIA Approved Platinum Partner. DVD features two complete practice exams and video tutorial solutions to the 25 hands-on labs.
Limited Time Offer: Buy CompTIA Security+ SY0-301 Cert Guide and receive a 10% off discount code for the CompTIA Security+ SYO-301 exam. To receive your 10% off discount code:
1. Register your product at pearsonITcertification.com/register
2. Follow the instructions
3. Go to your Account page and click on “Access Bonus Content”
CompTIA Security+ SY0-301 Cert Guide is a best-of-breed exam study guide. Best-selling author and expert instructor David Prowse shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.
The book presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your approach to passing the exam.
The companion DVD contains the powerful Pearson IT Certification Practice Test engine, complete with hundreds of exam-realistic questions. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. The DVD also includes complete video solutions to the 25 Hands-On Labs in the book focused on key exam topics.
Hands-On Labs::
Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this CompTIA approved study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.
The CompTIA approved study guide helps you master all the topics on the Security+ exam, including
Companion DVD
The DVD contains two free, complete practice exams and video solutions to the 25 hands-on labs. Includes Exclusive Offer for 70% Off Premium Edition eBook and Practice Test.
Pearson IT Certification Practice Test minimum system requirements:
Windows XP (SP3), Windows Vista (SP2), or Windows 7; Microsoft .NET Framework 4.0 Client; Pentium class 1GHz processor (or equivalent); 512 MB RAM; 650 MB hard disk space plus 50 MB for each downloaded practice exam.
Security Certifications: Required Versus Recommended Experience
The Security+ Certification's Evolution and Remake Over 10 Years
Why Security+ Is Right for You, Especially Since Its Remake
Limited Time Offer: Buy CompTIA Security+ SY0-301 Cert Guide, Premium Edition eBook and Practice Test and receive a 10% off discount code for the CompTIA Security+ SY0-301 exam. To receive your 10% off discount code login to your pearsonITcertification.com Account page, locate the product and click on “Access Bonus Content”.
The exciting new CompTIA Security+ SY0-301 Cert Guide, Premium Edition eBook and Practice Test is a digital-only certification preparation product combining an eBook with enhanced Pearson IT Certification Practice Test with an added bonus of complete video solutions to the 25 hands-on labs. The Premium Edition eBook and Practice Test contains the following items:
About the Premium Edition Practice Test
This Premium Edition contains an enhanced version of the Pearson IT Certification Practice Test (PCPT) software with three full practice exams. In addition, it contains all the chapter-opening assessment questions from the book. This integrated learning package:
Pearson IT Certification Practice Test minimum system requirements:
Windows XP (SP3), Windows Vista (SP2), or Windows 7;
Microsoft .NET Framework 4.0 Client;
Pentium class 1GHz processor (or equivalent);
512 MB RAM;
650 MB disc space plus 50 MB for each downloaded practice exam
About the Premium Edition eBook and Video Solutions
Learn, prepare, and practice for CompTIA Security+ SYO-301 exam success with this CompTIA Approved Cert Guide from Pearson IT Certification, a leader in IT certification learning and a CompTIA Approved Platinum Partner.
CompTIA Security+ SY0-301 Cert Guide is a best-of-breed exam study guide. Best-selling author and expert instructor David Prowse shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.
CompTIA Security+ SY0-301 Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.
The Premium Edition eBook contains access to complete video solutions to the 25 hands-on labs in the book focused on key exam topics. Go to the back pages of your eBook for instructions on how to access the video solutions.
Hands-On Labs:
Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this CompTIA approved study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.
The CompTIA approved study guide helps you master all the topics on the Security+ exam, including:
Download the sample pages (includes Chapter 3 and Index)
Introduction xxv
Chapter 1 Introduction to Security 3
Foundation Topics 4
Security 101 4
The CIA of Computer Security 4
The Basics of Information Security 6
Think Like a Hacker 9
Exam Preparation Tasks 11
Review Key Topics 11
Define Key Terms 11
Answer Review Questions 11
Answers and Explanations 13
Chapter 2 Computer Systems Security 17
Foundation Topics 18
Computer Systems Security Threats 18
Malicious Software 18
Viruses 18
Worms 19
Trojan Horses 20
Spyware 21
Rootkits 21
Spam 21
Summary of Malware Threats 22
Ways to Deliver Malicious Software 23
Via Software, Messaging, and Media 23
Active Interception 23
Privilege Escalation 24
Backdoors 24
Logic Bombs 24
Botnets and Zombies 25
Preventing and Troubleshooting Malware 26
Preventing and Troubleshooting Viruses 26
Preventing and Troubleshooting Worms and Trojans 30
Preventing and Troubleshooting Spyware 30
Preventing and Troubleshooting Rootkits 32
Preventing and Troubleshooting Spam 33
You Can’t Save Every Computer from Malware! 35
Summary of Malware Prevention Techniques 35
Implementing Security Applications 36
Personal Software Firewalls 36
Host-Based Intrusion Detection Systems 38
Pop-Up Blockers 40
Data Loss Prevention Systems 42
Securing Computer Hardware and Peripherals 42
Securing the BIOS 43
Securing Storage Devices 44
Removable Storage 44
Network Attached Storage 45
Whole Disk Encryption 45
Hardware Security Modules 47
Securing Cell Phones and Smartphones 47
Exam Preparation Tasks 49
Review Key Topics 49
Complete Tables and Lists from Memory 49
Define Key Terms 50
Hands-On Labs 50
Equipment Needed 50
Lab 2-1: Using Free Malware Scanning Programs 50
Lab 2-2: How to Secure the BIOS 51
View Recommended Resources 53
Answer Review Questions 54
Answers and Explanations 60
Chapter 3 OS Hardening and Virtualization 67
Foundation Topics 68
Hardening Operating Systems 68
Removing Unnecessary Applications and Services 68
Service Packs 72
Windows Update, Patches, and Hotfixes 75
Patches and Hotfixes 77
Patch Management 79
Group Policies, Security Templates, and Configuration Baselines 80
Hardening File Systems and Hard Drives 82
Virtualization Technology 86
Types of Virtualization and Their Purposes 86
Working with Virtual Machines 88
Microsoft Virtual PC 88
Microsoft Windows XP Mode 90
Microsoft Virtual Server 90
VMware 91
Hypervisor 92
Securing Virtual Machines 92
Exam Preparation Tasks 94
Review Key Topics 94
Complete Tables and Lists from Memory 95
Define Key Terms 95
Hands-On Labs 95
Equipment Needed 95
Lab 3-1: Discerning and Updating the Service Pack Level 96
Lab 3-2: Creating a Virtual Machine in Virtual PC 2007 96
Lab 3-3: Securing a Virtual Machine 98
View Recommended Resources 101
Answer Review Questions 102
Answers and Explanations 105
Chapter 4 Application Security 109
Foundation Topics 110
Securing the Browser 110
General Browser Security Procedures 111
Implement Policies 111
Train Your Users 114
Use a Proxy and Content Filter 114
Secure Against Malicious Code 116
Securing Internet Explorer 116
Securing Firefox 121
Securing Other Applications 124
Secure Programming 127
Systems Development Life Cycle 128
Programming Testing Methods 130
Programming Vulnerabilities and Attacks 132
Backdoors 132
Buffer Overflows 132
XSS and XSRF 133
More Code Injection Examples 133
Directory Traversal 134
Zero Day Attack 135
Exam Preparation Tasks 136
Review Key Topics 136
Complete Tables and Lists from Memory 136
Define Key Terms 137
Hands-On Labs 137
Equipment Needed 137
Lab 4-1: Securing the Browser 137
Lab 4-2: Disabling Applications with a Windows Server 2008 Policy 138
View Recommended Resources 141
Answer Review Questions 141
Answers and Explanations 145
Chapter 5 Network Design Elements and Network Threats 149
Foundation Topics 150
Network Design 150
Network Devices 150
Hub 150
Switch 151
Router 152
Network Address Translation, and Private Versus Public IP 154
Network Zones and Interconnections 156
LAN Versus WAN 157
Internet 157
Demilitarized Zone (DMZ) 157
Intranets and Extranets 159
Cloud Computing 159
Network Access Control (NAC) 162
Subnetting 162
Virtual Local Area Network (VLAN) 164
Telephony Devices 165
Modems 166
PBX Equipment 166
VoIP 167
Ports and Protocols 167
Ports Ranges, Inbound Versus Outbound, and Common Ports 167
Protocols That Can Cause Anxiety on the Exam 174
Malicious Network Attacks 175
DoS 175
DDoS 178
Spoofing 178
Session Hijacking 179
Replay 181
Null Sessions 181
Transitive Access and Client-Side Attacks 182
DNS Poisoning and Other DNS Attacks 183
ARP Poisoning 184
Summary of Network Attacks 185
Exam Preparation Tasks 188
Review Key Topics 188
Complete Tables and Lists from Memory 189
Define Key Terms 189
Hands-On Labs 189
Equipment Needed 190
Lab 5-1: Port Scanning Basics 190
View Recommended Resources 191
Answer Review Questions 192
Answers and Explanations 199
Chapter 6 Network Perimeter Security 205
Foundation Topics 206
Firewalls and Network Security 206
Firewalls 207
Proxy Servers 212
Honeypots and Honeynets 215
Data Loss Prevention (DLP) 216
NIDS Versus NIPS 217
NIDS 217
NIPS 218
Summary of NIDS Versus NIPS 219
The Protocol Analyzer’s Role in NIDS and NIPS 220
Exam Preparation Tasks 220
Review Key Topics 220
Complete Tables and Lists from Memory 221
Define Key Terms 221
Hands-On Labs 221
Equipment Needed 222
Lab 6-1: Packet Filtering and NAT Firewalls 222
Lab 6-2: Configuring an Inbound Filter on a SOHO Router/Firewall 223
Lab 6-3: Enabling MAC Filtering 224
View Recommended Resources 225
Answer Review Questions 225
Answers and Explanations 229
Chapter 7 Securing Network Media and Devices 233
Foundation Topics 234
Securing Wired Networks and Devices 234
Network Device Vulnerabilities 234
Default Accounts 234
Weak Passwords 235
Privilege Escalation 236
Back Doors 237
Network Attacks 237
Other Network Device Considerations 238
Cable Media Vulnerabilities 238
Interference 239
Crosstalk 240
Data Emanation 241
Tapping into Data and Conversations 241
Securing Wireless Networks 244
Wireless Access Point Vulnerabilities 244
Secure the Administration Interface 244
SSID Broadcast 245
Rogue Access Points 245
Evil Twin 246
Weak Encryption 246
Other Wireless Access Point Security Strategies 248
Wireless Transmission Vulnerabilities 250
Bluetooth Vulnerabilities 250
Bluejacking 251
Bluesnarfing 251
Exam Preparation Tasks 252
Review Key Topics 252
Complete Tables and Lists from Memory 253
Define Key Terms 253
Hands-On Labs 253
Equipment Needed 254
Lab 7-1: Securing a Wireless Device: 8 Steps to a Secure Network 254
Lab 7-2: Wardriving...and The Cure 256
View Recommended Resources 257
Answer Review Questions 257
Answers and Explanations 261
Chapter 8 Physical Security and Authentication Models 265
Foundation Topics 267
Physical Security 267
General Building and Server Room Security 267
Door Access 268
Biometric Readers 270
Authentication Models and Components 271
Authentication Models 271
Localized Authentication Technologies 273
802.1X and EAP 273
LDAP 276
Kerberos and Mutual Authentication 277
Terminal Services 279
Remote Authentication Technologies 279
Remote Access Service 280
Virtual Private Networks 281
RADIUS Versus TACACS 284
Exam Preparation Tasks 286
Review Key Topics 286
Complete Tables and Lists from Memory 287
Define Key Terms 287
Hands-On Labs 287
Equipment Needed 288
Lab 8-1: Enabling 802.1X on a Network Adapter 288
Lab 8-2: Setting Up a VPN 289
View Recommended Resources 291
Answer Review Questions 292
Answers and Explanations 299
Chapter 9 Access Control Methods and Models 305
Foundation Topics 306
Access Control Models Defined 306
Discretionary Access Control 306
Mandatory Access Control 308
Role-Based Access Control (RBAC) 309
Access Control Wise Practices 310
Rights, Permissions, and Policies 313
Users, Groups, and Permissions 313
Permission Inheritance and Propagation 317
Moving and Copying Folders and Files 318
Usernames and Passwords 318
Policies 322
User Account Control (UAC) 325
Exam Preparation Tasks 326
Review Key Topics 326
Complete Tables and Lists from Memory 327
Define Key Terms 327
Hands-On Labs 327
Equipment Needed 327
Lab 9-1: Configuring Password Policies and User Account Restrictions 328
Lab 9-2: Configuring User and Group Permissions 330
View Recommended Resources 331
Answer Review Questions 332
Answers and Explanations 337
Chapter 10 Vulnerability and Risk Assessment 341
Foundation Topics 342
Conducting Risk Assessments 342
Qualitative Risk Assessment 344
Quantitative Risk Assessment 344
Security Analysis Methodologies 346
Security Controls 347
Vulnerability Management 349
Penetration Testing 350
OVAL 351
Assessing Vulnerability with Security Tools 352
Network Mapping 352
Vulnerability Scanning 355
Network Sniffing 358
Password Analysis 359
Exam Preparation Tasks 363
Review Key Topics 363
Complete Tables and Lists from Memory 363
Define Key Terms 364
Hands-On Labs 364
Equipment Needed 364
Lab 10-1: Mapping and Scanning the Network 365
Lab 10-2: Password Cracking and Defense 366
View Recommended Resources 367
Answer Review Questions 368
Answers and Explanations 374
Chapter 11 Monitoring and Auditing 379
Foundation Topics 380
Monitoring Methodologies 380
Signature-Based Monitoring 380
Anomaly-Based Monitoring 381
Behavior-Based Monitoring 381
Using Tools to Monitor Systems and Networks 382
Performance Baselining 382
Protocol Analyzers 384
Wireshark 385
Network Monitor 386
SNMP 388
Conducting Audits 389
Auditing Files 389
Logging 392
Log File Maintenance and Security 394
Auditing System Security Settings 396
Exam Preparation Tasks 399
Review Key Topics 399
Complete Tables and Lists from Memory 400
Define Key Terms 400
Hands-On Labs 400
Equipment Needed 400
Lab 11-1: Using Protocol Analyzers 401
View Recommended Resources 403
Answer Review Questions 404
Answers and Explanations 409
Chapter 12 Encryption and Hashing Concepts 415
Foundation Topics 416
Cryptography Concepts 416
Symmetric Versus Asymmetric Key Algorithms 419
Symmetric Key Algorithms 420
Asymmetric Key Algorithms 421
Public Key Cryptography 421
Key Management 422
Steganography 423
Encryption Algorithms 423
DES and 3DES 424
AES 424
RC 425
Summary of Symmetric Algorithms 426
RSA 426
Diffie-Hellman 427
Elliptic Curve 428
More Encryption Types 428
One-Time Pad 428
PGP 429
Hashing Basics 430
Cryptographic Hash Functions 431
MD5 432
SHA 432
Happy Birthday! 432
LANMAN, NTLM, and NTLM2 433
LANMAN 433
NTLM and NTLM2 435
Exam Preparation Tasks 436
Review Key Topics 436
Complete Tables and Lists from Memory 436
Define Key Terms 436
Hands-On Lab 437
Equipment Needed 437
Lab 12-1: Disabling the LM Hash in Windows Server 2003 437
View Recommended Resources 438
Answer Review Questions 439
Answers and Explanations 445
Chapter 13 PKI and Encryption Protocols 451
Foundation Topics 452
Public Key Infrastructure 452
Certificates 452
Certificate Authorities 453
Single-Sided and Dual-Sided Certificates 456
Web of Trust 456
Security Protocols 457
S/MIME 457
SSL/TLS 458
SSH 459
PPTP, L2TP, and IPsec 459
PPTP 460
L2TP 460
IPsec 460
Exam Preparation Tasks 461
Review Key Topics 461
Define Key Terms 462
Hands-On Labs 462
Equipment Needed 462
Lab 13-1: A Basic Example of PKI 462
Lab 13-2: Making an SSH Connection 463
View Recommended Resources 465
Answer Review Questions 465
Answers and Explanations 470
Chapter 14 R edundancy and Disaster Recovery 475
Foundation Topics 476
Redundancy Planning 476
Redundant Power 478
Redundant Power Supplies 479
Uninterruptible Power Supplies 480
Backup Generators 481
Redundant Data 483
Redundant Networking 486
Redundant Servers 488
Redundant Sites 489
Disaster Recovery Planning and Procedures 490
Data Backup 490
DR Planning 494
Exam Preparation Tasks 497
Review Key Topics 497
Complete Tables and Lists from Memory 497
Define Key Terms 498
Hands-On Labs 498
Equipment Needed 498
Lab 14-1: Configuring RAID 1 and 5 498
View Recommended Resources 500
Answer Review Questions 500
Answers and Explanations 504
Chapter 15 Policies, Procedures, and People 509
Foundation Topics 510
Environmental Controls 510
Fire Suppression 510
Fire Extinguishers 510
Sprinkler Systems 512
Special Hazard Protection Systems 512
HVAC 513
Shielding 514
Social Engineering 515
Pretexting 516
Diversion Theft 516
Phishing 516
Hoaxes 518
Shoulder Surfing 518
Eavesdropping 518
Dumpster Diving 519
Baiting 519
Piggybacking/Tailgating 519
Summary of Social Engineering Types 519
User Education and Awareness 520
Legislative and Organizational Policies 521
Data Sensitivity and Classification of Information 522
Personnel Security Policies 524
Privacy Policies 525
Acceptable Use 525
Change Management 525
Separation of Duties/Job Rotation 526
Mandatory Vacations 526
Due Diligence 527
Due Care 527
Due Process 527
User Education and Awareness Training 527
Summary of Personnel Security Policies 528
How to Deal with Vendors 529
How to Dispose of Computers and Other IT Equipment Securely 529
Incident Response Procedures 531
Exam Preparation Tasks 534
Review Key Topics 534
Complete Tables and Lists from Memory 535
Define Key Terms 535
View Recommended Resources 535
Answer Review Questions 536
Answers and Explanations 543
Chapter 16 Taking the Real Exam 551
Foundation Topics 552
Getting Ready and the Exam Preparation Checklist 552
Tips for Taking the Real Exam 555
Beyond the CompTIA Security+ Certification 558
Hands-On Lab 559
Practice Exam 1 561
Practice Exam 2 611
Glossary 663
Master List of Key Topics 685
On the DVD:
Appendix A: Memory Tables
Appendix B: Memory Tables Answer Key
9780789749215 TOC 11/29/2011