Online Sample Chapter
CompTIA Security+ Cert Guide: OS Hardening and Virtualization
Sample Pages
Download the sample pages (includes Chapter 3 and Index)
Table of Contents
Introduction xvii
Part I Systems and Application Security
Chapter 1 Introduction to Security 3
Security 101 4
The CIA of Computer Security 4
The Basics of Data Security 6
Think Like a Hacker 7
Review Key Topics 9
Define Key Terms 10
Answer Review Questions 10
Answers and Explanations 11
Chapter 2 Computer Systems Security 15
Computer Systems Security Threats 16
Malicious Software 16
Viruses 16
Worms 17
Trojan Horses 17
Spyware 18
Rootkits 19
Spam 19
Summary of Malware Threats 20
Ways to Deliver Malicious Software 20
Via Software, Messaging, and Media 21
Active Interception 21
Privilege Escalation 21
Backdoors 21
Logic Bombs 22
Botnets and Zombies 23
Preventing and Troubleshooting Malware 23
Preventing and Troubleshooting Viruses 23
Preventing and Troubleshooting Worms and Trojans 27
Preventing and Troubleshooting Spyware 27
Preventing and Troubleshooting Rootkits 29
Preventing and Troubleshooting Spam 30
You Can’t Save Every Computer from Malware! 31
Summary of Malware Prevention Techniques 32
Implementing Security Applications 33
Personal Software Firewalls 33
Host-Based Intrusion Detection Systems 34
Pop-Up Blockers 36
Securing Computer Hardware and Peripherals 37
Securing the BIOS 38
Securing Storage Devices 39
Removable Storage 39
Network Attached Storage 40
Whole Disk Encryption 40
Securing Cell Phones and PDAs 41
Review Key Topics 43
Complete Tables and Lists from Memory 43
Define Key Terms 43
Hands-On Labs 43
Equipment Needed 44
Lab 2-1: Using Free Malware Scanning Programs 44
Lab 2-2: How to Secure the BIOS 44
View Recommended Resources 46
Answer Review Questions 47
Answers and Explanations 51
Chapter 3 OS Hardening and Virtualization 57
Hardening Operating Systems 58
Removing Unnecessary Applications and Services 58
Service Packs 62
Windows Update, Patches, and Hotfixes 65
Patches and Hotfixes 67
Patch Management 68
Group Policies, Security Templates, and Configuration Baselines 69
Hardening File Systems and Hard Drives 71
Virtualization Technology 74
Types of Virtualization and Their Purposes 74
Working with Virtual Machines 76
Microsoft Virtual PC 76
Microsoft Windows XP Mode 78
Microsoft Virtual Server 78
VMware 78
Review Key Topics 79
Complete Tables and Lists from Memory 79
Define Key Terms 80
Hands-On Labs 80
Equipment Needed 80
Lab 3-1: Discerning and Updating the Service Pack Level 80
Lab 3-2: Creating a Virtual Machine in Virtual PC 2007 81
View Recommended Resources 82
Answer Review Questions 83
Answers and Explanations 86
Chapter 4 Application Security 89
Securing the Browser 90
General Browser Security Procedures 91
Implement Policies 91
Train Your Users 93
Use a Proxy and Content Filter 94
Secure Against Malicious Code 95
Securing Internet Explorer 96
Securing Firefox 100
Securing Other Applications 103
Review Key Topics 108
Complete Tables and Lists from Memory 108
Define Key Terms 108
Hands-On Labs 109
Equipment Needed 109
Lab 4-1: Securing the Browser 109
Lab 4-2: Disabling Applications with a Windows Server 2003 Policy 110
View Recommended Resources 112
Answer Review Questions 112
Answers and Explanations 114
Part II Network Infrastructure
Chapter 5 Network Design Elements and Network Threats 117
Network Design 118
Network Devices 118
Hub 118
Switch 119
Router 120
Network Address Translation, and Private Versus Public IP 121
Network Zones and Interconnections 123
LAN Versus WAN 123
Internet 123
Demilitarized Zone (DMZ) 124
Intranets and Extranets 124
Network Access Control (NAC) 125
Subnetting 126
Virtual Local Area Network (VLAN) 128
Telephony Devices 129
Modems 130
PBX Equipment 130
VoIP 131
Ports, Protocols, and Malicious Attacks 131
Ports and Protocols 131
Malicious Network Attacks 137
DoS 137
DDoS 140
Spoofing 140
Session Hijacking 141
Replay 142
Null Sessions 143
DNS Poisoning and Other DNS Attacks 143
ARP Poisoning 144
Summary of Network Attacks 145
Review Key Topics 149
Complete Tables and Lists from Memory 149
Define Key Terms 149
Hands-On Labs 150
Equipment Needed 150
Lab 5-1: Port Scanning Basics 150
View Recommended Resources 151
Answer Review Questions 152
Answers and Explanations 157
Chapter 6 Network Perimeter Security 161
Firewalls and Network Security 162
Firewalls 162
Proxy Servers 167
Honeypots and Honeynets 169
NIDS Versus NIPS 170
NIDS 170
NIPS 171
Summary of NIDS Versus NIPS 173
The Protocol Analyzer’s Role in NIDS and NIPS 173
Review Key Topics 174
Complete Tables and Lists from Memory 174
Define Key Terms 174
Hands-On Labs 174
Equipment Needed 175
Lab 6-1: Packet Filtering and NAT Firewalls 175
Lab 6-2: Configuring an Inbound Filter on a SOHO Router/Firewall 176
Lab 6-3: Enabling MAC Filtering 177
View Recommended Resources 178
Answer Review Questions 178
Answers and Explanations 181
Chapter 7 Securing Network Media and Devices 185
Securing Wired Networks and Devices 186
Network Device Vulnerabilities 186
Default Accounts 186
Weak Passwords 187
Privilege Escalation 188
Back Doors 188
Network Attacks 189
Other Network Device Considerations 189
Cable Media Vulnerabilities 189
Interference 190
Crosstalk 191
Data Emanation 192
Tapping into Data and Conversations 192
Securing Wireless Networks 195
Wireless Access Point Vulnerabilities 195
Secure the Administration Interface 195
SSID Broadcast 196
Rogue Access Points 196
Weak Encryption 196
Other Wireless Access Point Security Strategies 198
Wireless Transmission Vulnerabilities 199
Bluetooth Vulnerabilities 199
Bluejacking 200
Bluesnarfing 200
Review Key Topics 202
Complete Tables and Lists from Memory 202
Define Key Terms 202
Hands-On Labs 203
Equipment Needed 203
Lab 7-1: Securing a Wireless Device: 8 Steps to a Secure Network 203
Lab 7-2: Wardriving...and The Cure 205
View Recommended Resources 206
Answer Review Questions 206
Answers and Explanations 209
Part III Access Control
Chapter 8 Physical Security and Authentication Models 213
Physical Security 215
General Building and Server Room Security 215
Door Access 216
Biometric Readers 217
Authentication Models and Components 219
Authentication Models 219
Localized Authentication Technologies 220
802.1X and EAP 221
LDAP 224
Kerberos and Mutual Authentication 225
Terminal Services 226
Remote Authentication Technologies 226
Remote Access Service 227
Virtual Private Networks 228
RADIUS Versus TACACS 230
Review Key Topics 233
Complete Tables and Lists from Memory 233
Define Key Terms 233
Hands-On Labs 234
Equipment Needed 234
Lab 8-1: Enabling 802.1X on a Network Adapter 234
Lab 8-2: Setting Up a VPN 235
Lab 8-3: Setting Up a RADIUS Server 236
View Recommended Resources 238
Answer Review Questions 240
Answers and Explanations 244
Chapter 9 Access Control Methods and Models 249
Access Control Models Defined 250
Discretionary Access Control 250
Mandatory Access Control 252
Role-Based Access Control (RBAC) 253
Access Control Wise Practices 254
Rights, Permissions, and Policies 256
Users, Groups, and Permissions 256
Permission Inheritance and Propagation 260
Moving and Copying Folders and Files 260
Usernames and Passwords 261
Policies 264
User Account Control (UAC) 267
Review Key Topics 269
Complete Tables and Lists from Memory 269
Define Key Terms 269
Hands-On Labs 270
Equipment Needed 270
Lab 9-1: Configuring Password Policies and
User Account Restrictions 270
Lab 9-2: Configuring User and Group Permissions 272
View Recommended Resources 273
Answer Review Questions 273
Answers and Explanations 278
Part IV Assessments and Audits
Chapter 10 Vulnerability and Risk Assessment 283
Conducting Risk Assessments 284
Qualitative Risk Assessment 285
Quantitative Risk Assessment 286
Security Analysis Methodologies 287
Vulnerability Management 288
Penetration Testing 290
OVAL 290
Assessing Vulnerability with Security Tools 291
Network Mapping 292
Vulnerability Scanning 295
Network Sniffing 297
Password Analysis 298
Review Key Topics 302
Complete Tables and Lists from Memory 302
Define Key Terms 302
Hands-On Labs 303
Equipment Needed 303
Lab 10-1: Mapping and Scanning the Network 303
Lab 10-2: Password Cracking and Defense 304
View Recommended Resources 305
Answer Review Questions 306
Answers and Explanations 310
Chapter 11 Monitoring and Auditing 313
Monitoring Methodologies 314
Signature-Based Monitoring 314
Anomaly-Based Monitoring 315
Behavior-Based Monitoring 315
Using Tools to Monitor Systems and Networks 316
Performance Baselining 316
Protocol Analyzers 318
Wireshark 319
Network Monitor 320
SNMP 321
Conducting Audits 322
Auditing Files 322
Logging 324
Log File Maintenance and Security 327
Auditing System Security Settings 328
Review Key Topics 332
Complete Tables and Lists from Memory 332
Define Key Terms 332
Hands-On Labs 333
Equipment Needed 333
Lab 11-1: Using Protocol Analyzers 333
Lab 11-2: Auditing Files on a Windows Server 335
View Recommended Resources 337
Answer Review Questions 338
Answers and Explanations 343
Part V Cryptography
Chapter 12 Encryption and Hashing Concepts 349
Cryptography Concepts 350
Symmetric Versus Asymmetric Key Algorithms 353
Symmetric Key Algorithms 353
Asymmetric Key Algorithms 354
Public Key Cryptography 354
Key Management 355
Steganography 356
Encryption Algorithms 357
DES and 3DES 357
AES 357
RC 358
Summary of Symmetric Algorithms 359
RSA 359
Diffie-Hellman 360
Elliptic Curve 360
More Encryption Types 361
One-Time Pad 361
PGP 362
Hashing Basics 362
Cryptographic Hash Functions 364
MD5 364
SHA 364
Happy Birthday! 365
LANMAN, NTLM, and NTLM2 365
LANMAN 365
NTLM and NTLM2 367
Review Key Topics 368
Complete Tables and Lists from Memory 368
Define Key Terms 368
Hands-On Lab 369
Equipment Needed 369
Lab 12-1: Disabling the LM Hash in Windows Server 2003 369
View Recommended Resources 370
Answer Review Questions 370
Answers and Explanations 375
Chapter 13 PKI and Encryption Protocols 379
Public Key Infrastructure 380
Certificates 380
Certificate Authorities 381
Single-Sided and Dual-Sided Certificates 384
Web of Trust 384
Security Protocols 384
S/MIME 385
SSL/TLS 386
SSH 386
PPTP, L2TP, and IPsec 387
PPTP 387
L2TP 387
IPsec 388
Review Key Topics 389
Define Key Terms 389
Hands-On Labs 389
Equipment Needed 389
Lab 13-1: A Basic Example of PKI 390
Lab 13-2: Configuring an L2TP-Based VPN with Windows Server 2003 390
Lab 13-3: Making an SSH Connection 394
View Recommended Resources 395
Answer Review Questions 396
Answers and Explanations 399
Part VI Organizational Security
Chapter 14 Redundancy and Disaster Recovery 403
Redundancy Planning 404
Redundant Power 405
Redundant Power Supplies 406
Uninterruptible Power Supplies 407
Backup Generators 408
Redundant Data 410
Redundant Networking 413
Redundant Servers 415
Redundant Sites 415
Disaster Recovery Planning and Procedures 416
Data Backup 416
DR Planning 420
Review Key Topics 423
Complete Tables and Lists from Memory 423
Define Key Terms 423
Hands-On Labs 424
Equipment Needed 424
Lab 14-1: Backing Up Data on a Windows Server 424
Lab 14-2: Configuring RAID 1 and 5 425
View Recommended Resources 427
Answer Review Questions 427
Answers and Explanations 430
Chapter 15 Policies, Procedures, and People 435
Environmental Controls 436
Fire Suppression 436
Fire Extinguishers 436
Sprinkler Systems 438
Special Hazard Protection Systems 438
HVAC 439
Shielding 440
Social Engineering 441
Pretexting 441
Diversion Theft 441
Phishing 442
Hoaxes 442
Shoulder Surfing 443
Eavesdropping 443
Dumpster Diving 443
Baiting 444
Piggybacking 444
Summary of Social Engineering Types 444
User Education and Awareness 445
Legislative and Organizational Policies 445
Data Sensitivity and Classification of Information 447
Personnel Security Policies 448
Acceptable Use 449
Change Management 449
Separation of Duties/Job Rotation 450
Mandatory Vacations 450
Due Diligence 450
Due Care 450
Due Process 450
User Education and Awareness Training 451
Summary of Personnel Security Policies 451
How to Deal with Vendors 452
How to Dispose of Computers and Other IT Equipment Securely 452
Incident Response Procedures 454
Review Key Topics 458
Complete Tables and Lists from Memory 458
Define Key Terms 458
View Recommended Resources 458
Answer Review Questions 459
Answers and Explanations 464
Part VII Preparing for the CompTIA Security+ Exam
Chapter 16 Taking the Real Exam 469
Getting Ready and the Exam Preparation Checklist 469
Tips for Taking the Real Exam 472
Beyond the CompTIA Security+ Certification 475
Hands-On Lab 476
Practice Exam 1: CompTIA Security+ SY0-201 479
Practice Exam 2: CompTIA Security+ SY0-201 515
Glossary 553
Elements Available on the DVD
Practice Exam 3: CompTIA Security+ SY0-201
Appendix A Memory Tables
Appendix B Memory Tables Answer Key
Video Solutions to Hands-On Scenarios
9780789747136 TOC 10/21/2010