Dave Prowse
Comptia Security+ Sy0-501 Cert Guide
Dave Prowse
Comptia Security+ Sy0-501 Cert Guide
- Broschiertes Buch
- Merkliste
- Auf die Merkliste
- Bewerten Bewerten
- Teilen
- Produkt teilen
- Produkterinnerung
- Produkterinnerung
This is the most comprehensive core study tool for CompTIA's latest Security+ exam. Perfect for every candidate preparing for this challenging exam, its comprehensive coverage offers all the information and insight readers need to succeed. From start to finish, the book has been organized and edited to improve retention and help network and security professionals focus on areas where they need the most assistance. This is the professional edition. Academic Edition: 0789759128 / 9780789759122 CompTIA Security+ SYO-501 Cert Guide, Academic Edition
Andere Kunden interessierten sich auch für
![Comptia Security+ Sy0-401 Cert Guide, Academic Edition]( "Comptia Security+ Sy0-401 Cert Guide, Academic Edition")
Dave ProwseComptia Security+ Sy0-401 Cert Guide, Academic Edition91,99 €![Comptia Pentest+ Pt0-001 Cert Guide]( "Comptia Pentest+ Pt0-001 Cert Guide")
Omar SantosComptia Pentest+ Pt0-001 Cert Guide46,99 €![Comptia Project+ Cert Guide]( "Comptia Project+ Cert Guide")
Robin AbernathyComptia Project+ Cert Guide42,99 €![Comptia Security+ Certification Bundle, Third Edition (Exam Sy0-501)]( "Comptia Security+ Certification Bundle, Third Edition (Exam Sy0-501)")
Glen E. ClarkeComptia Security+ Certification Bundle, Third Edition (Exam Sy0-501)57,99 €![CCNP Security Virtual Private Networks Svpn 300-730 Official Cert Guide]( "CCNP Security Virtual Private Networks Svpn 300-730 Official Cert Guide")
Joseph MunizCCNP Security Virtual Private Networks Svpn 300-730 Official Cert Guide74,99 €![Linux+ Powered by LPI Exams Lx0-103 and Lx0-004 Ucertify Course and Labs and Comptia Linux+/Lpic-1 Cert Guide Bundle]( "Linux+ Powered by LPI Exams Lx0-103 and Lx0-004 Ucertify Course and Labs and Comptia Linux+/Lpic-1 Cert Guide Bundle")
UcertifyLinux+ Powered by LPI Exams Lx0-103 and Lx0-004 Ucertify Course and Labs and Comptia Linux+/Lpic-1 Cert Guide Bundle205,99 €![CCNP Security Cisco Secure Firewall and Intrusion Prevention System Official Cert Guide]( "CCNP Security Cisco Secure Firewall and Intrusion Prevention System Official Cert Guide")
Nazmul RajibCCNP Security Cisco Secure Firewall and Intrusion Prevention System Official Cert Guide74,99 €-
-
-
This is the most comprehensive core study tool for CompTIA's latest Security+ exam. Perfect for every candidate preparing for this challenging exam, its comprehensive coverage offers all the information and insight readers need to succeed. From start to finish, the book has been organized and edited to improve retention and help network and security professionals focus on areas where they need the most assistance. This is the professional edition. Academic Edition: 0789759128 / 9780789759122 CompTIA Security+ SYO-501 Cert Guide, Academic Edition
Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Produktdetails
- Produktdetails
- Verlag: Pearson Education
- 4th edition
- Seitenzahl: 848
- Erscheinungstermin: 20. Oktober 2017
- Englisch
- Abmessung: 238mm x 195mm x 50mm
- Gewicht: 1573g
- ISBN-13: 9780789758996
- ISBN-10: 0789758997
- Artikelnr.: 48094447
- Verlag: Pearson Education
- 4th edition
- Seitenzahl: 848
- Erscheinungstermin: 20. Oktober 2017
- Englisch
- Abmessung: 238mm x 195mm x 50mm
- Gewicht: 1573g
- ISBN-13: 9780789758996
- ISBN-10: 0789758997
- Artikelnr.: 48094447
David L. Prowse is an author, technologist, and technical trainer. He has penned a dozen books for Pearson Education, including the well-received CompTIA A+ Exam Cram. He also develops video content, including the CompTIA A+ LiveLessons video course. Over the past two decades he has taught CompTIA A+, Network+, and Security+ certification courses, both in the classroom and via the Internet. David has 20 years of experience in the IT field and loves to share that experience with his readers, watchers, and students. He runs the website www.davidlprowse.com in support of his books and videos.
Introduction xxiv
Chapter 1 Introduction to Security 3
Foundation Topics 4
Security 101 4
The CIA of Computer Security 4
The Basics of Information Security 6
Think Like a Hacker 9
Threat Actor Types and Attributes 10
Chapter Review Activities 12
Review Key Topics 12
Define Key Terms 12
Review Questions 13
Answers and Explanations 15
Chapter 2 Computer Systems Security Part I 19
Foundation Topics 19
Malicious Software Types 19
Viruses 20
Worms 21
Trojan Horses 22
Ransomware 22
Spyware 23
Rootkits 24
Spam 25
Summary of Malware Threats 25
Delivery of Malware 26
Via Software, Messaging, and Media 26
Botnets and Zombies 28
Active Interception 28
Privilege Escalation 29
Backdoors 29
Logic Bombs 29
Preventing and Troubleshooting Malware 30
Preventing and Troubleshooting Viruses 31
Preventing and Troubleshooting Worms and Trojans 35
Preventing and Troubleshooting Spyware 35
Preventing and Troubleshooting Rootkits 38
Preventing and Troubleshooting Spam 38
You Can't Save Every Computer from Malware! 40
Summary of Malware Prevention Techniques 40
Chapter Summary 41
Chapter Review Activities 42
Review Key Topics 42
Define Key Terms 42
Complete the Real-World Scenarios 43
Review Questions 43
Answers and Explanations 48
Chapter 3 Computer Systems Security Part II 53
Foundation Topics 53
Implementing Security Applications 53
Personal Software Firewalls 53
Host-Based Intrusion Detection Systems 55
Pop-Up Blockers 57
Data Loss Prevention Systems 59
Securing Computer Hardware and Peripherals 59
Securing the BIOS 60
Securing Storage Devices 62
Removable Storage 62
Network Attached Storage 63
Whole Disk Encryption 64
Hardware Security Modules 65
Securing Wireless Peripherals 66
Securing Mobile Devices 66
Malware 67
Botnet Activity 68
SIM Cloning and Carrier Unlocking 68
Wireless Attacks 69
Theft 70
Application Security 71
BYOD Concerns 74
Chapter Summary 78
Chapter Review Activities 79
Review Key Topics 79
Define Key Terms 79
Complete the Real-World Scenarios 80
Review Questions 80
Answers and Explanations 83
Chapter 4 OS Hardening and Virtualization 89
Foundation Topics 89
Hardening Operating Systems 89
Removing Unnecessary Applications and Services 90
Windows Update, Patches, and Hotfixes 97
Patches and Hotfixes 99
Patch Management 101
Group Policies, Security Templates, and Configuration Baselines 102
Hardening File Systems and Hard Drives 105
Virtualization Technology 109
Types of Virtualization and Their Purposes 110
Hypervisor 111
Securing Virtual Machines 113
Chapter Summary 115
Chapter Review Activities 117
Review Key Topics 117
Define Key Terms 118
Complete the Real-World Scenarios 118
Review Questions 118
Answers and Explanations 122
Chapter 5 Application Security 127
Foundation Topics 127
Securing the Browser 127
General Browser Security Procedures 129
Implement Policies 129
Train Your Users 133
Use a Proxy and Content Filter 133
Secure Against Malicious Code 135
Web Browser Concerns and Security Methods 135
Basic Browser Security 135
Cookies 136
LSOs 137
Add-ons 137
Advanced Browser Security 138
Securing Other Applications 140
Secure Programming 144
Software Development Life Cycle 145
Core SDLC and DevOps Principles 146
Programming Testing Methods 149
White-box and Black-box Testing 149
Compile-Time Errors Versus Runtime Errors 150
Input Validation 150
Static and Dynamic Code Analysis 151
Fuzz Testing 152
Programming Vulnerabilities and Attacks 152
Backdoors 153
Memory/Buffer Vulnerabilities 153
Arbitrary Code Execution/Remote Code Execution 155
XSS and XSRF 155
More Code Injection Examples 156
Directory Traversal 158
Zero Day Attack 158
Chapter Summary 160
Chapter Review Activities 161
Review Key Topics 161
Define Key Terms 162
Complete the Real-World Scenarios 162
Review Questions 162
Answers and Explanations 167
Chapter 6 Network Design Elements 173
Foundation Topics 173
Network Design 173
The OSI Model 173
Network Devices 175
Switch 175
Bridge 178
Router 178
Network Address Translation, and Private Versus Public IP 180
Network Zones and Interconnections 182
LAN Versus WAN 182
Internet 183
Demilitarized Zone (DMZ) 183
Intranets and Extranets 184
Network Access Control (NAC) 185
Subnetting 186
Virtual Local Area Network (VLAN) 188
Telephony 190
Modems 190
PBX Equipment 191
VoIP 191
Cloud Security and Server Defense 192
Cloud Computing 192
Cloud Security 195
Server Defense 198
File Servers 198
Network Controllers 199
E-mail Servers 199
Web Servers 200
FTP Server 202
Chapter Summary 203
Chapter Review Activities 205
Review Key Topics 205
Define Key Terms 205
Complete the Real-World Scenarios 205
Review Questions 206
Answers and Explanations 210
Chapter 7 Networking Protocols and Threats 217
Foundation Topics 217
Ports and Protocols 217
Port Ranges, Inbound Versus Outbound, and Common Ports 217
Protocols That Can Cause Anxiety on the Exam 225
Malicious Attacks 226
DoS 226
DDoS 229
Sinkholes and Blackholes 230
Spoofing 231
Session Hijacking 232
Replay 234
Null Sessions 235
Transitive Access and Client-Side Attacks 236
DNS Poisoning and Other DNS Attacks 236
ARP Poisoning 238
Summary of Network Attacks 238
Chapter Summary 242
Chapter Review Activities 243
Review Key Topics 243
Define Key Terms 243
Complete the Real-World Scenarios 243
Review Questions 244
Answers and Explanations 250
Chapter 8 Network Perimeter Security 255
Foundation Topics 256
Firewalls and Network Security 256
Firewalls 256
Proxy Servers 263
Honeypots and Honeynets 266
Data Loss Prevention (DLP) 267
NIDS Versus NIPS 268
NIDS 268
NIPS 269
Summary of NIDS Versus NIPS 271
The Protocol Analyzer's Role in NIDS and NIPS 271
Unified Threat Management 272
Chapter Summary 273
Chapter Review Activities 274
Review Key Topics 274
Define Key Terms 274
Complete the Real-World Scenarios 274
Review Questions 275
Answers and Explanations 280
Chapter 9 Securing Network Media and Devices 285
Foundation Topics 285
Securing Wired Networks and Devices 285
Network Device Vulnerabilities 285
Default Accounts 286
Weak Passwords 286
Privilege Escalation 287
Back Doors 288
Network Attacks 289
Other Network Device Considerations 289
Cable Media Vulnerabilities 289
Interference 290
Crosstalk 291
Data Emanation 292
Tapping into Data and Conversations 293
Securing Wireless Networks 295
Wireless Access Point Vulnerabilities 295
The Administration Interface 295
SSID Broadcast 296
Rogue Access Points 296
Evil Twin 297
Weak Encryption 297
Wi-Fi Protected Setup 299
Ad Hoc Networks 299
VPN over Open Wireless 300
Wireless Access Point Security Strategies 300
Wireless Transmission Vulnerabilities 304
Bluetooth and Other Wireless Technology Vulnerabilities 305
Bluejacking 306
Bluesnarfing 306
RFID and NFC 307
More Wireless Technologies 308
Chapter Summary 310
Chapter Review Activities 312
Review Key Topics 312
Define Key Terms 312
Complete the Real-World Scenarios 312
Review Questions 313
Answers and Explanations 317
Chapter 10 Physical Security and Authentication Models 321
Foundation Topics 322
Physical Security 322
General Building and Server Room Security 323
Door Access 324
Biometric Readers 326
Authentication Models and Components 327
Authentication Models 327
Localized Authentication Technologies 329
802.1X and EAP 330
LDAP 333
Kerberos and Mutual Authentication 334
Remote Desktop Services 336
Remote Authentication Technologies 337
Remote Access Service 337
Virtual Private Networks 340
RADIUS Versus TACACS 343
Chapter Summary 345
Chapter Review Activities 346
Review Key Topics 346
Define Key Terms 347
Complete the Real-World Scenarios 347
Review Questions 347
Answers and Explanations 355
Chapter 11 Access Control Methods and Models 361
Foundation Topic 361
Access Control Models Defined 361
Discretionary Access Control 361
Mandatory Access Control 363
Role-Based Access Control (RBAC) 364
Attribute-based Access Control (ABAC) 365
Access Control Wise Practices 366
Rights, Permissions, and Policies 369
Users, Groups, and Permissions 369
Permission Inheritance and Propagation 374
Moving and Copying Folders and Files 376
Usernames and Passwords 376
Policies 379
User Account Control (UAC) 383
Chapter Summary 384
Chapter Review Activities 385
Review Key Topics 385
Define Key Terms 386
Complete the Real-World Scenarios 386
Review Questions 386
Answers and Explanations 392
Chapter 12 Vulnerability and Risk Assessment 397
Foundation Topics 397
Conducting Risk Assessments 397
Qualitative Risk Assessment 399
Quantitative Risk Assessment 400
Security Analysis Methodologies 402
Security Controls 404
Vulnerability Management 405
Penetration Testing 407
OVAL 408
Additional Vulnerabilities 409
Assessing Vulnerability with Security Tools 410
Network Mapping 411
Vulnerability Scanning 412
Network Sniffing 415
Password Analysis 417
Chapter Summary 420
Chapter Review Activities 421
Review Key Topics 421
Define Key Terms 422
Complete the Real-World Scenarios 422
Review Questions 422
Answers and Explanations 428
Chapter 13 Monitoring and Auditing 435
Foundation Topics 435
Monitoring Methodologies 435
Signature-Based Monitoring 435
Anomaly-Based Monitoring 436
Behavior-Based Monitoring 436
Using Tools to Monitor Systems and Networks 437
Performance Baselining 438
Protocol Analyzers 440
Wireshark 441
SNMP 443
Analytical Tools 445
Use Static and Dynamic Tools 447
Conducting Audits 448
Auditing Files 448
Logging 451
Log File Maintenance and Security 455
Auditing System Security Settings 457
SIEM 460
Chapter Summary 461
Chapter Review Activities 462
Review Key Topics 462
Define Key Terms 463
Complete the Real-World Scenarios 463
Review Questions 463
Answers and Explanations 470
Chapter 14 Encryption and Hashing Concepts 477
Foundation Topics 477
Cryptography Concepts 477
Symmetric Versus Asymmetric Key Algorithms 481
Symmetric Key Algorithms 481
Asymmetric Key Algorithms 483
Public Key Cryptography 483
Key Management 484
Steganography 485
Encryption Algorithms 486
DES and 3DES 486
AES 487
RC 488
Blowfish and Twofish 489
Summary of Symmetric Algorithms 489
RSA 490
Diffie-Hellman 491
Elliptic Curve 492
More Encryption Types 493
One-Time Pad 493
PGP 494
Pseudorandom Number Generators 495
Hashing Basics 496
Cryptographic Hash Functions 498
MD5 498
SHA 498
RIPEMD and HMAC 499
LANMAN, NTLM, and NTLMv2 500
LANMAN 500
NTLM and NTLMv2 501
Hashing Attacks 502
Pass the Hash 502
Happy Birthday! 503
Additional Password Hashing Concepts 503
Chapter Summary 505
Chapter Review Activities 507
Review Key Topics 507
Define Key Terms 507
Complete the Real-World Scenarios 508
Review Questions 508
Answers and Explanations 515
Chapter 15 PKI and Encryption Protocols 521
Foundation Topics 521
Public Key Infrastructure 521
Certificates 522
SSL Certificate Types 522
Single-Sided and Dual-Sided Certificates 523
Certificate Chain of Trust 523
Certificate Formats 523
Certificate Authorities 525
Web of Trust 529
Security Protocols 529
S/MIME 530
SSL/TLS 531
SSH 532
PPTP, L2TP, and IPsec 533
PPTP 533
L2TP 534
IPsec 534
Chapter Summary 535
Chapter Review Activities 536
Review Key Topics 536
Define Key Terms 536
Complete the Real-World Scenarios 537
Review Questions 537
Answers and Explanations 542
Chapter 16 Redundancy and Disaster Recovery 547
Foundation Topics 547
Redundancy Planning 547
Redundant Power 549
Redundant Power Supplies 551
Uninterruptible Power Supplies 551
Backup Generators 553
Redundant Data 555
Redundant Networking 558
Redundant Servers 560
Redundant Sites 561
Redundant People 562
Disaster Recovery Planning and Procedures 562
Data Backup 562
DR Planning 567
Chapter Summary 571
Chapter Review Activities 572
Review Key Topics 572
Define Key Terms 572
Complete the Real-World Scenarios 573
Review Questions 573
Answers and Explanations 577
Chapter 17 Social Engineering, User Education, and Facilities Security 583
Foundation Topics 583
Social Engineering 583
Pretexting 584
Malicious Insider 585
Diversion Theft 586
Phishing 586
Hoaxes 587
Chapter 1 Introduction to Security 3
Foundation Topics 4
Security 101 4
The CIA of Computer Security 4
The Basics of Information Security 6
Think Like a Hacker 9
Threat Actor Types and Attributes 10
Chapter Review Activities 12
Review Key Topics 12
Define Key Terms 12
Review Questions 13
Answers and Explanations 15
Chapter 2 Computer Systems Security Part I 19
Foundation Topics 19
Malicious Software Types 19
Viruses 20
Worms 21
Trojan Horses 22
Ransomware 22
Spyware 23
Rootkits 24
Spam 25
Summary of Malware Threats 25
Delivery of Malware 26
Via Software, Messaging, and Media 26
Botnets and Zombies 28
Active Interception 28
Privilege Escalation 29
Backdoors 29
Logic Bombs 29
Preventing and Troubleshooting Malware 30
Preventing and Troubleshooting Viruses 31
Preventing and Troubleshooting Worms and Trojans 35
Preventing and Troubleshooting Spyware 35
Preventing and Troubleshooting Rootkits 38
Preventing and Troubleshooting Spam 38
You Can't Save Every Computer from Malware! 40
Summary of Malware Prevention Techniques 40
Chapter Summary 41
Chapter Review Activities 42
Review Key Topics 42
Define Key Terms 42
Complete the Real-World Scenarios 43
Review Questions 43
Answers and Explanations 48
Chapter 3 Computer Systems Security Part II 53
Foundation Topics 53
Implementing Security Applications 53
Personal Software Firewalls 53
Host-Based Intrusion Detection Systems 55
Pop-Up Blockers 57
Data Loss Prevention Systems 59
Securing Computer Hardware and Peripherals 59
Securing the BIOS 60
Securing Storage Devices 62
Removable Storage 62
Network Attached Storage 63
Whole Disk Encryption 64
Hardware Security Modules 65
Securing Wireless Peripherals 66
Securing Mobile Devices 66
Malware 67
Botnet Activity 68
SIM Cloning and Carrier Unlocking 68
Wireless Attacks 69
Theft 70
Application Security 71
BYOD Concerns 74
Chapter Summary 78
Chapter Review Activities 79
Review Key Topics 79
Define Key Terms 79
Complete the Real-World Scenarios 80
Review Questions 80
Answers and Explanations 83
Chapter 4 OS Hardening and Virtualization 89
Foundation Topics 89
Hardening Operating Systems 89
Removing Unnecessary Applications and Services 90
Windows Update, Patches, and Hotfixes 97
Patches and Hotfixes 99
Patch Management 101
Group Policies, Security Templates, and Configuration Baselines 102
Hardening File Systems and Hard Drives 105
Virtualization Technology 109
Types of Virtualization and Their Purposes 110
Hypervisor 111
Securing Virtual Machines 113
Chapter Summary 115
Chapter Review Activities 117
Review Key Topics 117
Define Key Terms 118
Complete the Real-World Scenarios 118
Review Questions 118
Answers and Explanations 122
Chapter 5 Application Security 127
Foundation Topics 127
Securing the Browser 127
General Browser Security Procedures 129
Implement Policies 129
Train Your Users 133
Use a Proxy and Content Filter 133
Secure Against Malicious Code 135
Web Browser Concerns and Security Methods 135
Basic Browser Security 135
Cookies 136
LSOs 137
Add-ons 137
Advanced Browser Security 138
Securing Other Applications 140
Secure Programming 144
Software Development Life Cycle 145
Core SDLC and DevOps Principles 146
Programming Testing Methods 149
White-box and Black-box Testing 149
Compile-Time Errors Versus Runtime Errors 150
Input Validation 150
Static and Dynamic Code Analysis 151
Fuzz Testing 152
Programming Vulnerabilities and Attacks 152
Backdoors 153
Memory/Buffer Vulnerabilities 153
Arbitrary Code Execution/Remote Code Execution 155
XSS and XSRF 155
More Code Injection Examples 156
Directory Traversal 158
Zero Day Attack 158
Chapter Summary 160
Chapter Review Activities 161
Review Key Topics 161
Define Key Terms 162
Complete the Real-World Scenarios 162
Review Questions 162
Answers and Explanations 167
Chapter 6 Network Design Elements 173
Foundation Topics 173
Network Design 173
The OSI Model 173
Network Devices 175
Switch 175
Bridge 178
Router 178
Network Address Translation, and Private Versus Public IP 180
Network Zones and Interconnections 182
LAN Versus WAN 182
Internet 183
Demilitarized Zone (DMZ) 183
Intranets and Extranets 184
Network Access Control (NAC) 185
Subnetting 186
Virtual Local Area Network (VLAN) 188
Telephony 190
Modems 190
PBX Equipment 191
VoIP 191
Cloud Security and Server Defense 192
Cloud Computing 192
Cloud Security 195
Server Defense 198
File Servers 198
Network Controllers 199
E-mail Servers 199
Web Servers 200
FTP Server 202
Chapter Summary 203
Chapter Review Activities 205
Review Key Topics 205
Define Key Terms 205
Complete the Real-World Scenarios 205
Review Questions 206
Answers and Explanations 210
Chapter 7 Networking Protocols and Threats 217
Foundation Topics 217
Ports and Protocols 217
Port Ranges, Inbound Versus Outbound, and Common Ports 217
Protocols That Can Cause Anxiety on the Exam 225
Malicious Attacks 226
DoS 226
DDoS 229
Sinkholes and Blackholes 230
Spoofing 231
Session Hijacking 232
Replay 234
Null Sessions 235
Transitive Access and Client-Side Attacks 236
DNS Poisoning and Other DNS Attacks 236
ARP Poisoning 238
Summary of Network Attacks 238
Chapter Summary 242
Chapter Review Activities 243
Review Key Topics 243
Define Key Terms 243
Complete the Real-World Scenarios 243
Review Questions 244
Answers and Explanations 250
Chapter 8 Network Perimeter Security 255
Foundation Topics 256
Firewalls and Network Security 256
Firewalls 256
Proxy Servers 263
Honeypots and Honeynets 266
Data Loss Prevention (DLP) 267
NIDS Versus NIPS 268
NIDS 268
NIPS 269
Summary of NIDS Versus NIPS 271
The Protocol Analyzer's Role in NIDS and NIPS 271
Unified Threat Management 272
Chapter Summary 273
Chapter Review Activities 274
Review Key Topics 274
Define Key Terms 274
Complete the Real-World Scenarios 274
Review Questions 275
Answers and Explanations 280
Chapter 9 Securing Network Media and Devices 285
Foundation Topics 285
Securing Wired Networks and Devices 285
Network Device Vulnerabilities 285
Default Accounts 286
Weak Passwords 286
Privilege Escalation 287
Back Doors 288
Network Attacks 289
Other Network Device Considerations 289
Cable Media Vulnerabilities 289
Interference 290
Crosstalk 291
Data Emanation 292
Tapping into Data and Conversations 293
Securing Wireless Networks 295
Wireless Access Point Vulnerabilities 295
The Administration Interface 295
SSID Broadcast 296
Rogue Access Points 296
Evil Twin 297
Weak Encryption 297
Wi-Fi Protected Setup 299
Ad Hoc Networks 299
VPN over Open Wireless 300
Wireless Access Point Security Strategies 300
Wireless Transmission Vulnerabilities 304
Bluetooth and Other Wireless Technology Vulnerabilities 305
Bluejacking 306
Bluesnarfing 306
RFID and NFC 307
More Wireless Technologies 308
Chapter Summary 310
Chapter Review Activities 312
Review Key Topics 312
Define Key Terms 312
Complete the Real-World Scenarios 312
Review Questions 313
Answers and Explanations 317
Chapter 10 Physical Security and Authentication Models 321
Foundation Topics 322
Physical Security 322
General Building and Server Room Security 323
Door Access 324
Biometric Readers 326
Authentication Models and Components 327
Authentication Models 327
Localized Authentication Technologies 329
802.1X and EAP 330
LDAP 333
Kerberos and Mutual Authentication 334
Remote Desktop Services 336
Remote Authentication Technologies 337
Remote Access Service 337
Virtual Private Networks 340
RADIUS Versus TACACS 343
Chapter Summary 345
Chapter Review Activities 346
Review Key Topics 346
Define Key Terms 347
Complete the Real-World Scenarios 347
Review Questions 347
Answers and Explanations 355
Chapter 11 Access Control Methods and Models 361
Foundation Topic 361
Access Control Models Defined 361
Discretionary Access Control 361
Mandatory Access Control 363
Role-Based Access Control (RBAC) 364
Attribute-based Access Control (ABAC) 365
Access Control Wise Practices 366
Rights, Permissions, and Policies 369
Users, Groups, and Permissions 369
Permission Inheritance and Propagation 374
Moving and Copying Folders and Files 376
Usernames and Passwords 376
Policies 379
User Account Control (UAC) 383
Chapter Summary 384
Chapter Review Activities 385
Review Key Topics 385
Define Key Terms 386
Complete the Real-World Scenarios 386
Review Questions 386
Answers and Explanations 392
Chapter 12 Vulnerability and Risk Assessment 397
Foundation Topics 397
Conducting Risk Assessments 397
Qualitative Risk Assessment 399
Quantitative Risk Assessment 400
Security Analysis Methodologies 402
Security Controls 404
Vulnerability Management 405
Penetration Testing 407
OVAL 408
Additional Vulnerabilities 409
Assessing Vulnerability with Security Tools 410
Network Mapping 411
Vulnerability Scanning 412
Network Sniffing 415
Password Analysis 417
Chapter Summary 420
Chapter Review Activities 421
Review Key Topics 421
Define Key Terms 422
Complete the Real-World Scenarios 422
Review Questions 422
Answers and Explanations 428
Chapter 13 Monitoring and Auditing 435
Foundation Topics 435
Monitoring Methodologies 435
Signature-Based Monitoring 435
Anomaly-Based Monitoring 436
Behavior-Based Monitoring 436
Using Tools to Monitor Systems and Networks 437
Performance Baselining 438
Protocol Analyzers 440
Wireshark 441
SNMP 443
Analytical Tools 445
Use Static and Dynamic Tools 447
Conducting Audits 448
Auditing Files 448
Logging 451
Log File Maintenance and Security 455
Auditing System Security Settings 457
SIEM 460
Chapter Summary 461
Chapter Review Activities 462
Review Key Topics 462
Define Key Terms 463
Complete the Real-World Scenarios 463
Review Questions 463
Answers and Explanations 470
Chapter 14 Encryption and Hashing Concepts 477
Foundation Topics 477
Cryptography Concepts 477
Symmetric Versus Asymmetric Key Algorithms 481
Symmetric Key Algorithms 481
Asymmetric Key Algorithms 483
Public Key Cryptography 483
Key Management 484
Steganography 485
Encryption Algorithms 486
DES and 3DES 486
AES 487
RC 488
Blowfish and Twofish 489
Summary of Symmetric Algorithms 489
RSA 490
Diffie-Hellman 491
Elliptic Curve 492
More Encryption Types 493
One-Time Pad 493
PGP 494
Pseudorandom Number Generators 495
Hashing Basics 496
Cryptographic Hash Functions 498
MD5 498
SHA 498
RIPEMD and HMAC 499
LANMAN, NTLM, and NTLMv2 500
LANMAN 500
NTLM and NTLMv2 501
Hashing Attacks 502
Pass the Hash 502
Happy Birthday! 503
Additional Password Hashing Concepts 503
Chapter Summary 505
Chapter Review Activities 507
Review Key Topics 507
Define Key Terms 507
Complete the Real-World Scenarios 508
Review Questions 508
Answers and Explanations 515
Chapter 15 PKI and Encryption Protocols 521
Foundation Topics 521
Public Key Infrastructure 521
Certificates 522
SSL Certificate Types 522
Single-Sided and Dual-Sided Certificates 523
Certificate Chain of Trust 523
Certificate Formats 523
Certificate Authorities 525
Web of Trust 529
Security Protocols 529
S/MIME 530
SSL/TLS 531
SSH 532
PPTP, L2TP, and IPsec 533
PPTP 533
L2TP 534
IPsec 534
Chapter Summary 535
Chapter Review Activities 536
Review Key Topics 536
Define Key Terms 536
Complete the Real-World Scenarios 537
Review Questions 537
Answers and Explanations 542
Chapter 16 Redundancy and Disaster Recovery 547
Foundation Topics 547
Redundancy Planning 547
Redundant Power 549
Redundant Power Supplies 551
Uninterruptible Power Supplies 551
Backup Generators 553
Redundant Data 555
Redundant Networking 558
Redundant Servers 560
Redundant Sites 561
Redundant People 562
Disaster Recovery Planning and Procedures 562
Data Backup 562
DR Planning 567
Chapter Summary 571
Chapter Review Activities 572
Review Key Topics 572
Define Key Terms 572
Complete the Real-World Scenarios 573
Review Questions 573
Answers and Explanations 577
Chapter 17 Social Engineering, User Education, and Facilities Security 583
Foundation Topics 583
Social Engineering 583
Pretexting 584
Malicious Insider 585
Diversion Theft 586
Phishing 586
Hoaxes 587
Introduction xxiv
Chapter 1 Introduction to Security 3
Foundation Topics 4
Security 101 4
The CIA of Computer Security 4
The Basics of Information Security 6
Think Like a Hacker 9
Threat Actor Types and Attributes 10
Chapter Review Activities 12
Review Key Topics 12
Define Key Terms 12
Review Questions 13
Answers and Explanations 15
Chapter 2 Computer Systems Security Part I 19
Foundation Topics 19
Malicious Software Types 19
Viruses 20
Worms 21
Trojan Horses 22
Ransomware 22
Spyware 23
Rootkits 24
Spam 25
Summary of Malware Threats 25
Delivery of Malware 26
Via Software, Messaging, and Media 26
Botnets and Zombies 28
Active Interception 28
Privilege Escalation 29
Backdoors 29
Logic Bombs 29
Preventing and Troubleshooting Malware 30
Preventing and Troubleshooting Viruses 31
Preventing and Troubleshooting Worms and Trojans 35
Preventing and Troubleshooting Spyware 35
Preventing and Troubleshooting Rootkits 38
Preventing and Troubleshooting Spam 38
You Can't Save Every Computer from Malware! 40
Summary of Malware Prevention Techniques 40
Chapter Summary 41
Chapter Review Activities 42
Review Key Topics 42
Define Key Terms 42
Complete the Real-World Scenarios 43
Review Questions 43
Answers and Explanations 48
Chapter 3 Computer Systems Security Part II 53
Foundation Topics 53
Implementing Security Applications 53
Personal Software Firewalls 53
Host-Based Intrusion Detection Systems 55
Pop-Up Blockers 57
Data Loss Prevention Systems 59
Securing Computer Hardware and Peripherals 59
Securing the BIOS 60
Securing Storage Devices 62
Removable Storage 62
Network Attached Storage 63
Whole Disk Encryption 64
Hardware Security Modules 65
Securing Wireless Peripherals 66
Securing Mobile Devices 66
Malware 67
Botnet Activity 68
SIM Cloning and Carrier Unlocking 68
Wireless Attacks 69
Theft 70
Application Security 71
BYOD Concerns 74
Chapter Summary 78
Chapter Review Activities 79
Review Key Topics 79
Define Key Terms 79
Complete the Real-World Scenarios 80
Review Questions 80
Answers and Explanations 83
Chapter 4 OS Hardening and Virtualization 89
Foundation Topics 89
Hardening Operating Systems 89
Removing Unnecessary Applications and Services 90
Windows Update, Patches, and Hotfixes 97
Patches and Hotfixes 99
Patch Management 101
Group Policies, Security Templates, and Configuration Baselines 102
Hardening File Systems and Hard Drives 105
Virtualization Technology 109
Types of Virtualization and Their Purposes 110
Hypervisor 111
Securing Virtual Machines 113
Chapter Summary 115
Chapter Review Activities 117
Review Key Topics 117
Define Key Terms 118
Complete the Real-World Scenarios 118
Review Questions 118
Answers and Explanations 122
Chapter 5 Application Security 127
Foundation Topics 127
Securing the Browser 127
General Browser Security Procedures 129
Implement Policies 129
Train Your Users 133
Use a Proxy and Content Filter 133
Secure Against Malicious Code 135
Web Browser Concerns and Security Methods 135
Basic Browser Security 135
Cookies 136
LSOs 137
Add-ons 137
Advanced Browser Security 138
Securing Other Applications 140
Secure Programming 144
Software Development Life Cycle 145
Core SDLC and DevOps Principles 146
Programming Testing Methods 149
White-box and Black-box Testing 149
Compile-Time Errors Versus Runtime Errors 150
Input Validation 150
Static and Dynamic Code Analysis 151
Fuzz Testing 152
Programming Vulnerabilities and Attacks 152
Backdoors 153
Memory/Buffer Vulnerabilities 153
Arbitrary Code Execution/Remote Code Execution 155
XSS and XSRF 155
More Code Injection Examples 156
Directory Traversal 158
Zero Day Attack 158
Chapter Summary 160
Chapter Review Activities 161
Review Key Topics 161
Define Key Terms 162
Complete the Real-World Scenarios 162
Review Questions 162
Answers and Explanations 167
Chapter 6 Network Design Elements 173
Foundation Topics 173
Network Design 173
The OSI Model 173
Network Devices 175
Switch 175
Bridge 178
Router 178
Network Address Translation, and Private Versus Public IP 180
Network Zones and Interconnections 182
LAN Versus WAN 182
Internet 183
Demilitarized Zone (DMZ) 183
Intranets and Extranets 184
Network Access Control (NAC) 185
Subnetting 186
Virtual Local Area Network (VLAN) 188
Telephony 190
Modems 190
PBX Equipment 191
VoIP 191
Cloud Security and Server Defense 192
Cloud Computing 192
Cloud Security 195
Server Defense 198
File Servers 198
Network Controllers 199
E-mail Servers 199
Web Servers 200
FTP Server 202
Chapter Summary 203
Chapter Review Activities 205
Review Key Topics 205
Define Key Terms 205
Complete the Real-World Scenarios 205
Review Questions 206
Answers and Explanations 210
Chapter 7 Networking Protocols and Threats 217
Foundation Topics 217
Ports and Protocols 217
Port Ranges, Inbound Versus Outbound, and Common Ports 217
Protocols That Can Cause Anxiety on the Exam 225
Malicious Attacks 226
DoS 226
DDoS 229
Sinkholes and Blackholes 230
Spoofing 231
Session Hijacking 232
Replay 234
Null Sessions 235
Transitive Access and Client-Side Attacks 236
DNS Poisoning and Other DNS Attacks 236
ARP Poisoning 238
Summary of Network Attacks 238
Chapter Summary 242
Chapter Review Activities 243
Review Key Topics 243
Define Key Terms 243
Complete the Real-World Scenarios 243
Review Questions 244
Answers and Explanations 250
Chapter 8 Network Perimeter Security 255
Foundation Topics 256
Firewalls and Network Security 256
Firewalls 256
Proxy Servers 263
Honeypots and Honeynets 266
Data Loss Prevention (DLP) 267
NIDS Versus NIPS 268
NIDS 268
NIPS 269
Summary of NIDS Versus NIPS 271
The Protocol Analyzer's Role in NIDS and NIPS 271
Unified Threat Management 272
Chapter Summary 273
Chapter Review Activities 274
Review Key Topics 274
Define Key Terms 274
Complete the Real-World Scenarios 274
Review Questions 275
Answers and Explanations 280
Chapter 9 Securing Network Media and Devices 285
Foundation Topics 285
Securing Wired Networks and Devices 285
Network Device Vulnerabilities 285
Default Accounts 286
Weak Passwords 286
Privilege Escalation 287
Back Doors 288
Network Attacks 289
Other Network Device Considerations 289
Cable Media Vulnerabilities 289
Interference 290
Crosstalk 291
Data Emanation 292
Tapping into Data and Conversations 293
Securing Wireless Networks 295
Wireless Access Point Vulnerabilities 295
The Administration Interface 295
SSID Broadcast 296
Rogue Access Points 296
Evil Twin 297
Weak Encryption 297
Wi-Fi Protected Setup 299
Ad Hoc Networks 299
VPN over Open Wireless 300
Wireless Access Point Security Strategies 300
Wireless Transmission Vulnerabilities 304
Bluetooth and Other Wireless Technology Vulnerabilities 305
Bluejacking 306
Bluesnarfing 306
RFID and NFC 307
More Wireless Technologies 308
Chapter Summary 310
Chapter Review Activities 312
Review Key Topics 312
Define Key Terms 312
Complete the Real-World Scenarios 312
Review Questions 313
Answers and Explanations 317
Chapter 10 Physical Security and Authentication Models 321
Foundation Topics 322
Physical Security 322
General Building and Server Room Security 323
Door Access 324
Biometric Readers 326
Authentication Models and Components 327
Authentication Models 327
Localized Authentication Technologies 329
802.1X and EAP 330
LDAP 333
Kerberos and Mutual Authentication 334
Remote Desktop Services 336
Remote Authentication Technologies 337
Remote Access Service 337
Virtual Private Networks 340
RADIUS Versus TACACS 343
Chapter Summary 345
Chapter Review Activities 346
Review Key Topics 346
Define Key Terms 347
Complete the Real-World Scenarios 347
Review Questions 347
Answers and Explanations 355
Chapter 11 Access Control Methods and Models 361
Foundation Topic 361
Access Control Models Defined 361
Discretionary Access Control 361
Mandatory Access Control 363
Role-Based Access Control (RBAC) 364
Attribute-based Access Control (ABAC) 365
Access Control Wise Practices 366
Rights, Permissions, and Policies 369
Users, Groups, and Permissions 369
Permission Inheritance and Propagation 374
Moving and Copying Folders and Files 376
Usernames and Passwords 376
Policies 379
User Account Control (UAC) 383
Chapter Summary 384
Chapter Review Activities 385
Review Key Topics 385
Define Key Terms 386
Complete the Real-World Scenarios 386
Review Questions 386
Answers and Explanations 392
Chapter 12 Vulnerability and Risk Assessment 397
Foundation Topics 397
Conducting Risk Assessments 397
Qualitative Risk Assessment 399
Quantitative Risk Assessment 400
Security Analysis Methodologies 402
Security Controls 404
Vulnerability Management 405
Penetration Testing 407
OVAL 408
Additional Vulnerabilities 409
Assessing Vulnerability with Security Tools 410
Network Mapping 411
Vulnerability Scanning 412
Network Sniffing 415
Password Analysis 417
Chapter Summary 420
Chapter Review Activities 421
Review Key Topics 421
Define Key Terms 422
Complete the Real-World Scenarios 422
Review Questions 422
Answers and Explanations 428
Chapter 13 Monitoring and Auditing 435
Foundation Topics 435
Monitoring Methodologies 435
Signature-Based Monitoring 435
Anomaly-Based Monitoring 436
Behavior-Based Monitoring 436
Using Tools to Monitor Systems and Networks 437
Performance Baselining 438
Protocol Analyzers 440
Wireshark 441
SNMP 443
Analytical Tools 445
Use Static and Dynamic Tools 447
Conducting Audits 448
Auditing Files 448
Logging 451
Log File Maintenance and Security 455
Auditing System Security Settings 457
SIEM 460
Chapter Summary 461
Chapter Review Activities 462
Review Key Topics 462
Define Key Terms 463
Complete the Real-World Scenarios 463
Review Questions 463
Answers and Explanations 470
Chapter 14 Encryption and Hashing Concepts 477
Foundation Topics 477
Cryptography Concepts 477
Symmetric Versus Asymmetric Key Algorithms 481
Symmetric Key Algorithms 481
Asymmetric Key Algorithms 483
Public Key Cryptography 483
Key Management 484
Steganography 485
Encryption Algorithms 486
DES and 3DES 486
AES 487
RC 488
Blowfish and Twofish 489
Summary of Symmetric Algorithms 489
RSA 490
Diffie-Hellman 491
Elliptic Curve 492
More Encryption Types 493
One-Time Pad 493
PGP 494
Pseudorandom Number Generators 495
Hashing Basics 496
Cryptographic Hash Functions 498
MD5 498
SHA 498
RIPEMD and HMAC 499
LANMAN, NTLM, and NTLMv2 500
LANMAN 500
NTLM and NTLMv2 501
Hashing Attacks 502
Pass the Hash 502
Happy Birthday! 503
Additional Password Hashing Concepts 503
Chapter Summary 505
Chapter Review Activities 507
Review Key Topics 507
Define Key Terms 507
Complete the Real-World Scenarios 508
Review Questions 508
Answers and Explanations 515
Chapter 15 PKI and Encryption Protocols 521
Foundation Topics 521
Public Key Infrastructure 521
Certificates 522
SSL Certificate Types 522
Single-Sided and Dual-Sided Certificates 523
Certificate Chain of Trust 523
Certificate Formats 523
Certificate Authorities 525
Web of Trust 529
Security Protocols 529
S/MIME 530
SSL/TLS 531
SSH 532
PPTP, L2TP, and IPsec 533
PPTP 533
L2TP 534
IPsec 534
Chapter Summary 535
Chapter Review Activities 536
Review Key Topics 536
Define Key Terms 536
Complete the Real-World Scenarios 537
Review Questions 537
Answers and Explanations 542
Chapter 16 Redundancy and Disaster Recovery 547
Foundation Topics 547
Redundancy Planning 547
Redundant Power 549
Redundant Power Supplies 551
Uninterruptible Power Supplies 551
Backup Generators 553
Redundant Data 555
Redundant Networking 558
Redundant Servers 560
Redundant Sites 561
Redundant People 562
Disaster Recovery Planning and Procedures 562
Data Backup 562
DR Planning 567
Chapter Summary 571
Chapter Review Activities 572
Review Key Topics 572
Define Key Terms 572
Complete the Real-World Scenarios 573
Review Questions 573
Answers and Explanations 577
Chapter 17 Social Engineering, User Education, and Facilities Security 583
Foundation Topics 583
Social Engineering 583
Pretexting 584
Malicious Insider 585
Diversion Theft 586
Phishing 586
Hoaxes 587
Chapter 1 Introduction to Security 3
Foundation Topics 4
Security 101 4
The CIA of Computer Security 4
The Basics of Information Security 6
Think Like a Hacker 9
Threat Actor Types and Attributes 10
Chapter Review Activities 12
Review Key Topics 12
Define Key Terms 12
Review Questions 13
Answers and Explanations 15
Chapter 2 Computer Systems Security Part I 19
Foundation Topics 19
Malicious Software Types 19
Viruses 20
Worms 21
Trojan Horses 22
Ransomware 22
Spyware 23
Rootkits 24
Spam 25
Summary of Malware Threats 25
Delivery of Malware 26
Via Software, Messaging, and Media 26
Botnets and Zombies 28
Active Interception 28
Privilege Escalation 29
Backdoors 29
Logic Bombs 29
Preventing and Troubleshooting Malware 30
Preventing and Troubleshooting Viruses 31
Preventing and Troubleshooting Worms and Trojans 35
Preventing and Troubleshooting Spyware 35
Preventing and Troubleshooting Rootkits 38
Preventing and Troubleshooting Spam 38
You Can't Save Every Computer from Malware! 40
Summary of Malware Prevention Techniques 40
Chapter Summary 41
Chapter Review Activities 42
Review Key Topics 42
Define Key Terms 42
Complete the Real-World Scenarios 43
Review Questions 43
Answers and Explanations 48
Chapter 3 Computer Systems Security Part II 53
Foundation Topics 53
Implementing Security Applications 53
Personal Software Firewalls 53
Host-Based Intrusion Detection Systems 55
Pop-Up Blockers 57
Data Loss Prevention Systems 59
Securing Computer Hardware and Peripherals 59
Securing the BIOS 60
Securing Storage Devices 62
Removable Storage 62
Network Attached Storage 63
Whole Disk Encryption 64
Hardware Security Modules 65
Securing Wireless Peripherals 66
Securing Mobile Devices 66
Malware 67
Botnet Activity 68
SIM Cloning and Carrier Unlocking 68
Wireless Attacks 69
Theft 70
Application Security 71
BYOD Concerns 74
Chapter Summary 78
Chapter Review Activities 79
Review Key Topics 79
Define Key Terms 79
Complete the Real-World Scenarios 80
Review Questions 80
Answers and Explanations 83
Chapter 4 OS Hardening and Virtualization 89
Foundation Topics 89
Hardening Operating Systems 89
Removing Unnecessary Applications and Services 90
Windows Update, Patches, and Hotfixes 97
Patches and Hotfixes 99
Patch Management 101
Group Policies, Security Templates, and Configuration Baselines 102
Hardening File Systems and Hard Drives 105
Virtualization Technology 109
Types of Virtualization and Their Purposes 110
Hypervisor 111
Securing Virtual Machines 113
Chapter Summary 115
Chapter Review Activities 117
Review Key Topics 117
Define Key Terms 118
Complete the Real-World Scenarios 118
Review Questions 118
Answers and Explanations 122
Chapter 5 Application Security 127
Foundation Topics 127
Securing the Browser 127
General Browser Security Procedures 129
Implement Policies 129
Train Your Users 133
Use a Proxy and Content Filter 133
Secure Against Malicious Code 135
Web Browser Concerns and Security Methods 135
Basic Browser Security 135
Cookies 136
LSOs 137
Add-ons 137
Advanced Browser Security 138
Securing Other Applications 140
Secure Programming 144
Software Development Life Cycle 145
Core SDLC and DevOps Principles 146
Programming Testing Methods 149
White-box and Black-box Testing 149
Compile-Time Errors Versus Runtime Errors 150
Input Validation 150
Static and Dynamic Code Analysis 151
Fuzz Testing 152
Programming Vulnerabilities and Attacks 152
Backdoors 153
Memory/Buffer Vulnerabilities 153
Arbitrary Code Execution/Remote Code Execution 155
XSS and XSRF 155
More Code Injection Examples 156
Directory Traversal 158
Zero Day Attack 158
Chapter Summary 160
Chapter Review Activities 161
Review Key Topics 161
Define Key Terms 162
Complete the Real-World Scenarios 162
Review Questions 162
Answers and Explanations 167
Chapter 6 Network Design Elements 173
Foundation Topics 173
Network Design 173
The OSI Model 173
Network Devices 175
Switch 175
Bridge 178
Router 178
Network Address Translation, and Private Versus Public IP 180
Network Zones and Interconnections 182
LAN Versus WAN 182
Internet 183
Demilitarized Zone (DMZ) 183
Intranets and Extranets 184
Network Access Control (NAC) 185
Subnetting 186
Virtual Local Area Network (VLAN) 188
Telephony 190
Modems 190
PBX Equipment 191
VoIP 191
Cloud Security and Server Defense 192
Cloud Computing 192
Cloud Security 195
Server Defense 198
File Servers 198
Network Controllers 199
E-mail Servers 199
Web Servers 200
FTP Server 202
Chapter Summary 203
Chapter Review Activities 205
Review Key Topics 205
Define Key Terms 205
Complete the Real-World Scenarios 205
Review Questions 206
Answers and Explanations 210
Chapter 7 Networking Protocols and Threats 217
Foundation Topics 217
Ports and Protocols 217
Port Ranges, Inbound Versus Outbound, and Common Ports 217
Protocols That Can Cause Anxiety on the Exam 225
Malicious Attacks 226
DoS 226
DDoS 229
Sinkholes and Blackholes 230
Spoofing 231
Session Hijacking 232
Replay 234
Null Sessions 235
Transitive Access and Client-Side Attacks 236
DNS Poisoning and Other DNS Attacks 236
ARP Poisoning 238
Summary of Network Attacks 238
Chapter Summary 242
Chapter Review Activities 243
Review Key Topics 243
Define Key Terms 243
Complete the Real-World Scenarios 243
Review Questions 244
Answers and Explanations 250
Chapter 8 Network Perimeter Security 255
Foundation Topics 256
Firewalls and Network Security 256
Firewalls 256
Proxy Servers 263
Honeypots and Honeynets 266
Data Loss Prevention (DLP) 267
NIDS Versus NIPS 268
NIDS 268
NIPS 269
Summary of NIDS Versus NIPS 271
The Protocol Analyzer's Role in NIDS and NIPS 271
Unified Threat Management 272
Chapter Summary 273
Chapter Review Activities 274
Review Key Topics 274
Define Key Terms 274
Complete the Real-World Scenarios 274
Review Questions 275
Answers and Explanations 280
Chapter 9 Securing Network Media and Devices 285
Foundation Topics 285
Securing Wired Networks and Devices 285
Network Device Vulnerabilities 285
Default Accounts 286
Weak Passwords 286
Privilege Escalation 287
Back Doors 288
Network Attacks 289
Other Network Device Considerations 289
Cable Media Vulnerabilities 289
Interference 290
Crosstalk 291
Data Emanation 292
Tapping into Data and Conversations 293
Securing Wireless Networks 295
Wireless Access Point Vulnerabilities 295
The Administration Interface 295
SSID Broadcast 296
Rogue Access Points 296
Evil Twin 297
Weak Encryption 297
Wi-Fi Protected Setup 299
Ad Hoc Networks 299
VPN over Open Wireless 300
Wireless Access Point Security Strategies 300
Wireless Transmission Vulnerabilities 304
Bluetooth and Other Wireless Technology Vulnerabilities 305
Bluejacking 306
Bluesnarfing 306
RFID and NFC 307
More Wireless Technologies 308
Chapter Summary 310
Chapter Review Activities 312
Review Key Topics 312
Define Key Terms 312
Complete the Real-World Scenarios 312
Review Questions 313
Answers and Explanations 317
Chapter 10 Physical Security and Authentication Models 321
Foundation Topics 322
Physical Security 322
General Building and Server Room Security 323
Door Access 324
Biometric Readers 326
Authentication Models and Components 327
Authentication Models 327
Localized Authentication Technologies 329
802.1X and EAP 330
LDAP 333
Kerberos and Mutual Authentication 334
Remote Desktop Services 336
Remote Authentication Technologies 337
Remote Access Service 337
Virtual Private Networks 340
RADIUS Versus TACACS 343
Chapter Summary 345
Chapter Review Activities 346
Review Key Topics 346
Define Key Terms 347
Complete the Real-World Scenarios 347
Review Questions 347
Answers and Explanations 355
Chapter 11 Access Control Methods and Models 361
Foundation Topic 361
Access Control Models Defined 361
Discretionary Access Control 361
Mandatory Access Control 363
Role-Based Access Control (RBAC) 364
Attribute-based Access Control (ABAC) 365
Access Control Wise Practices 366
Rights, Permissions, and Policies 369
Users, Groups, and Permissions 369
Permission Inheritance and Propagation 374
Moving and Copying Folders and Files 376
Usernames and Passwords 376
Policies 379
User Account Control (UAC) 383
Chapter Summary 384
Chapter Review Activities 385
Review Key Topics 385
Define Key Terms 386
Complete the Real-World Scenarios 386
Review Questions 386
Answers and Explanations 392
Chapter 12 Vulnerability and Risk Assessment 397
Foundation Topics 397
Conducting Risk Assessments 397
Qualitative Risk Assessment 399
Quantitative Risk Assessment 400
Security Analysis Methodologies 402
Security Controls 404
Vulnerability Management 405
Penetration Testing 407
OVAL 408
Additional Vulnerabilities 409
Assessing Vulnerability with Security Tools 410
Network Mapping 411
Vulnerability Scanning 412
Network Sniffing 415
Password Analysis 417
Chapter Summary 420
Chapter Review Activities 421
Review Key Topics 421
Define Key Terms 422
Complete the Real-World Scenarios 422
Review Questions 422
Answers and Explanations 428
Chapter 13 Monitoring and Auditing 435
Foundation Topics 435
Monitoring Methodologies 435
Signature-Based Monitoring 435
Anomaly-Based Monitoring 436
Behavior-Based Monitoring 436
Using Tools to Monitor Systems and Networks 437
Performance Baselining 438
Protocol Analyzers 440
Wireshark 441
SNMP 443
Analytical Tools 445
Use Static and Dynamic Tools 447
Conducting Audits 448
Auditing Files 448
Logging 451
Log File Maintenance and Security 455
Auditing System Security Settings 457
SIEM 460
Chapter Summary 461
Chapter Review Activities 462
Review Key Topics 462
Define Key Terms 463
Complete the Real-World Scenarios 463
Review Questions 463
Answers and Explanations 470
Chapter 14 Encryption and Hashing Concepts 477
Foundation Topics 477
Cryptography Concepts 477
Symmetric Versus Asymmetric Key Algorithms 481
Symmetric Key Algorithms 481
Asymmetric Key Algorithms 483
Public Key Cryptography 483
Key Management 484
Steganography 485
Encryption Algorithms 486
DES and 3DES 486
AES 487
RC 488
Blowfish and Twofish 489
Summary of Symmetric Algorithms 489
RSA 490
Diffie-Hellman 491
Elliptic Curve 492
More Encryption Types 493
One-Time Pad 493
PGP 494
Pseudorandom Number Generators 495
Hashing Basics 496
Cryptographic Hash Functions 498
MD5 498
SHA 498
RIPEMD and HMAC 499
LANMAN, NTLM, and NTLMv2 500
LANMAN 500
NTLM and NTLMv2 501
Hashing Attacks 502
Pass the Hash 502
Happy Birthday! 503
Additional Password Hashing Concepts 503
Chapter Summary 505
Chapter Review Activities 507
Review Key Topics 507
Define Key Terms 507
Complete the Real-World Scenarios 508
Review Questions 508
Answers and Explanations 515
Chapter 15 PKI and Encryption Protocols 521
Foundation Topics 521
Public Key Infrastructure 521
Certificates 522
SSL Certificate Types 522
Single-Sided and Dual-Sided Certificates 523
Certificate Chain of Trust 523
Certificate Formats 523
Certificate Authorities 525
Web of Trust 529
Security Protocols 529
S/MIME 530
SSL/TLS 531
SSH 532
PPTP, L2TP, and IPsec 533
PPTP 533
L2TP 534
IPsec 534
Chapter Summary 535
Chapter Review Activities 536
Review Key Topics 536
Define Key Terms 536
Complete the Real-World Scenarios 537
Review Questions 537
Answers and Explanations 542
Chapter 16 Redundancy and Disaster Recovery 547
Foundation Topics 547
Redundancy Planning 547
Redundant Power 549
Redundant Power Supplies 551
Uninterruptible Power Supplies 551
Backup Generators 553
Redundant Data 555
Redundant Networking 558
Redundant Servers 560
Redundant Sites 561
Redundant People 562
Disaster Recovery Planning and Procedures 562
Data Backup 562
DR Planning 567
Chapter Summary 571
Chapter Review Activities 572
Review Key Topics 572
Define Key Terms 572
Complete the Real-World Scenarios 573
Review Questions 573
Answers and Explanations 577
Chapter 17 Social Engineering, User Education, and Facilities Security 583
Foundation Topics 583
Social Engineering 583
Pretexting 584
Malicious Insider 585
Diversion Theft 586
Phishing 586
Hoaxes 587