Cargando…

CompTIA security+ certification study guide (exam SY0-401) /

With hundreds of practice exam questions, including new performance-based questions, this second edition covers what you need to know--and shows you how to prepare--for this challenging exam. It has 100% complete coverage of all official objectives for exam SY0-401; Exam Watch notes call attention t...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Clarke, Glen E. (Autor)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: New York : McGraw-Hill, 2014.
Edición:Second edition.
Temas:
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)
Tabla de Contenidos:
  • Cover
  • Title Page
  • Copyright Page
  • About the Author
  • About the Technical Editor
  • Contents at a Glance
  • Contents
  • Acknowledgments
  • Preface
  • Introduction
  • 1. Networking Basics and Terminology
  • Understanding Network Devices and Cabling
  • Looking at Network Devices
  • Understanding Network Cabling
  • Exercise 1-1: Reviewing Networking Components
  • Understanding TCP/IP
  • Reviewing IP Addressing
  • Exercise 1-2: Understanding Valid Addresses
  • Understanding TCP/IP Protocols
  • Exercise 1-3: Viewing Protocol Information with Network Monitor
  • Application Layer Protocols A Review of IPv6
  • Exercise 1-4: Identifying Protocols in TCP/IP
  • Network Security Best Practices
  • Device Usage
  • Cable and Protocol Usage
  • Two-Minute Drill
  • Self Test
  • Self Test Answers
  • 2. Introduction to Security Terminology
  • Goals of Information Security
  • Confidentiality
  • Integrity
  • Availability
  • Accountability
  • Exercise 2-1: CIA Scenarios
  • Understanding Authentication and Authorization
  • Identification and Authentication
  • Authorization
  • Understanding Security Principles and Terminology
  • Types of Security Least Privilege, Separation of Duties, and Rotation of Duties
  • Concept of Need to Know
  • Layered Security and Diversity of Defense
  • Due Care, Due Diligence
  • Vulnerability and Exploit
  • Looking at Security Roles
  • System and Data Owner
  • Custodian
  • User
  • Security Officer
  • Exercise 2-2: Security Terminology
  • Two-Minute Drill
  • Self Test
  • Self Test Answers
  • 3. Security Policies and Standards
  • Introduction to Security Policies
  • Structure of a Policy
  • Identifying Types of Policies
  • Understanding Regulations and Standards
  • Looking at Security Policies Policies Affecting Users
  • Policies Affecting Administrators
  • Exercise 3-1: Reviewing a Security Policy
  • Policies Affecting Management
  • Other Popular Policies
  • Human Resource Policies
  • Hiring Policy
  • Termination Policy
  • Mandatory Vacations
  • Security-Related HR Policies
  • Exercise 3-2: Creating a Security Policy
  • User Education and Awareness
  • General Training and Role-Based Training
  • User Habits
  • New Threats and Security Trends
  • Use of Social Network and P2P
  • Training Metrics and Follow Up
  • Exercise 3-3: Designing a Training Program
  • Two-Minute Drill
  • Self Test Self Test Answers
  • 4. Types of Attacks
  • Understanding Social Engineering
  • Social Engineering Overview
  • Popular Social Engineering Attacks
  • Reasons for Effectiveness
  • Preventing Social Engineering Attacks
  • Identifying Network Attacks
  • Popular Network Attacks
  • Exercise 4-1: DNS Poisoning by Modifying the Hosts File
  • Exercise 4-2: Performing a Port Scan
  • Other Network Attacks
  • Preventing Network Attacks
  • Looking at Password Attacks
  • Types of Password Attacks
  • Exercise 4-3: Password Cracking with LC4
  • Birthday Attacks and Rainbow Tables
  • Preventing Password Attacks.