CompTIA security+ certification study guide (exam SY0-401) /
With hundreds of practice exam questions, including new performance-based questions, this second edition covers what you need to know--and shows you how to prepare--for this challenging exam. It has 100% complete coverage of all official objectives for exam SY0-401; Exam Watch notes call attention t...
Clasificación: | Libro Electrónico |
---|---|
Autor principal: | |
Formato: | Electrónico eBook |
Idioma: | Inglés |
Publicado: |
New York :
McGraw-Hill,
2014.
|
Edición: | Second edition. |
Temas: | |
Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
Tabla de Contenidos:
- Cover
- Title Page
- Copyright Page
- About the Author
- About the Technical Editor
- Contents at a Glance
- Contents
- Acknowledgments
- Preface
- Introduction
- 1. Networking Basics and Terminology
- Understanding Network Devices and Cabling
- Looking at Network Devices
- Understanding Network Cabling
- Exercise 1-1: Reviewing Networking Components
- Understanding TCP/IP
- Reviewing IP Addressing
- Exercise 1-2: Understanding Valid Addresses
- Understanding TCP/IP Protocols
- Exercise 1-3: Viewing Protocol Information with Network Monitor
- Application Layer Protocols A Review of IPv6
- Exercise 1-4: Identifying Protocols in TCP/IP
- Network Security Best Practices
- Device Usage
- Cable and Protocol Usage
- Two-Minute Drill
- Self Test
- Self Test Answers
- 2. Introduction to Security Terminology
- Goals of Information Security
- Confidentiality
- Integrity
- Availability
- Accountability
- Exercise 2-1: CIA Scenarios
- Understanding Authentication and Authorization
- Identification and Authentication
- Authorization
- Understanding Security Principles and Terminology
- Types of Security Least Privilege, Separation of Duties, and Rotation of Duties
- Concept of Need to Know
- Layered Security and Diversity of Defense
- Due Care, Due Diligence
- Vulnerability and Exploit
- Looking at Security Roles
- System and Data Owner
- Custodian
- User
- Security Officer
- Exercise 2-2: Security Terminology
- Two-Minute Drill
- Self Test
- Self Test Answers
- 3. Security Policies and Standards
- Introduction to Security Policies
- Structure of a Policy
- Identifying Types of Policies
- Understanding Regulations and Standards
- Looking at Security Policies Policies Affecting Users
- Policies Affecting Administrators
- Exercise 3-1: Reviewing a Security Policy
- Policies Affecting Management
- Other Popular Policies
- Human Resource Policies
- Hiring Policy
- Termination Policy
- Mandatory Vacations
- Security-Related HR Policies
- Exercise 3-2: Creating a Security Policy
- User Education and Awareness
- General Training and Role-Based Training
- User Habits
- New Threats and Security Trends
- Use of Social Network and P2P
- Training Metrics and Follow Up
- Exercise 3-3: Designing a Training Program
- Two-Minute Drill
- Self Test Self Test Answers
- 4. Types of Attacks
- Understanding Social Engineering
- Social Engineering Overview
- Popular Social Engineering Attacks
- Reasons for Effectiveness
- Preventing Social Engineering Attacks
- Identifying Network Attacks
- Popular Network Attacks
- Exercise 4-1: DNS Poisoning by Modifying the Hosts File
- Exercise 4-2: Performing a Port Scan
- Other Network Attacks
- Preventing Network Attacks
- Looking at Password Attacks
- Types of Password Attacks
- Exercise 4-3: Password Cracking with LC4
- Birthday Attacks and Rainbow Tables
- Preventing Password Attacks.