Eleventh Hour Security+ book cover

Eleventh Hour Security+

Exam SY0-201 Study Guide

Eleventh Hour Network+: Exam N10-004 Study Guide offers a practical guide for those preparing for the Security+ certification exam. The book's 14 chapters provide in-depth discussions of the following topics: systems security; operating system hardening; application security; virtualization technologies; network security; wireless networks; network access; network authentication; risk assessment and risk mitigation; general cryptographic concepts; public key infrastructure; redundancy planning; environmental controls and implementing disaster recovery and incident response procedures; and legislation and organizational policies. Each chapter includes information on exam objectives, exam warnings, and the top five toughest questions along with their answers.

Audience
The Security+ certification is recommended for Network/Security Administrators and Engineers, Security Analysts/Consultants, and IT Architects.

Paperback, 232 Pages

Published: October 2009

Imprint: Syngress

ISBN: 978-1-59749-427-4

Contents


  • About the Authors

    Chapter 1 Systems Security

    Systems security threats

    Privilege escalation

    Viruses and worms

    Trojan

    Spyware and adware

    Rootkits and botnets

    Logic bombs

    Host intrusion detection system

    Behavior-based vs. signature-based IDS characteristics

    Anti-SPAM

    Pop-up blockers

    Hardware and peripheral security risks

    BIOS

    USB devices

    Cell phones

    Removable storage devices

    Network attached storage

    Summary of exam objectives

    Top five toughest questions

    Answers

    Chapter 2 OS Hardening

    General OS hardening

    Services

    File system

    Removing unnecessary programs

    Hotfixes/patches

    Service packs/maintenance updates

    Patch management

    Windows group policies

    Security templates

    Configuration baselines

    Server OS hardening

    Enabling and disabling services and protocols

    FTP servers

    DNS servers

    NNTP servers

    File and print servers

    DHCP servers

    Data repositories

    Workstation OS

    User rights and groups

    Summary of exam objectives

    Top five toughest questions

    Answers

    Chapter 3 Application Security

    Threats are moving “up the stack”

    Rationale

    Threat modeling

    Application security threats

    Browser

    Buffer overflows

    Packet sniffers and instant messaging

    Instant messaging

    Peer-to-peer

    SMTP open relays

    Summary of exam objectives

    Top five toughest questions

    Answers

    Chapter 4 Virtualization Technologies

    The purpose of virtualization

    Benefits of virtualization

    Types of virtualization

    Designing a virtual environment

    System virtualization

    Management of virtual servers

    Application virtualization

    Application streaming

    Summary of exam objectives

    Top five toughest questions

    Answers

    Chapter 5 Network Security

    General network security

    Network services and risks associated with them

    Network design elements

    Network security tools

    Network ports, services, and threats

    Network ports and protocols

    Network threats

    Network design elements and components

    Firewalls

    What is a DMZ?

    VLANs

    Network address translation

    Network access control/network access protection

    Telephony

    Network security tools

    Intrusion detection and preventions systems

    Honeypots

    Content filters

    Protocol analyzers

    Summary of exam objectives

    Top five toughest questions

    Answers

    Chapter 6 Wireless Networks

    Wireless network design

    Wireless communications

    Spread spectrum technology

    Wireless network architecture

    CSMA/CD and CSMA/CA

    Service set ID broadcast

    Wireless security standards

    The failure of WEP

    WPA and WPA2

    WAP

    WTLS

    Authentication

    Rogue access points

    Data emanation

    Bluetooth

    Summary of exam objectives

    Top five toughest questions

    Answers

    References

    Chapter 7 Network Access

    General network access

    Access control

    Access control models

    Authentication models and components

    Identity

    Access control methods and models

    Separation of duties

    Least privilege

    Job rotation

    Mandatory access control

    Discretionary access control

    Role- and rule-based access control

    Access control organization

    Security groups

    Security controls

    Logical access control methods

    Access control lists

    Group policies

    Domain policies

    Time of day restrictions

    Account expiration

    Logical tokens

    Physical access security methods

    Access lists and logs

    Hardware locks

    ID badges

    Door access systems

    Man-trap

    Video surveillance

    Summary of exam objectives

    Top five toughest questions

    Answers

    Chapter 8 Network Authentication

    Authentication methods

    Access control

    Authentication

    Auditing

    Authentication methods

    One-factor

    Two-factor

    Three-factor

    Single sign-on

    Authentication systems

    Remote access policies and authentication

    Biometrics

    Summary of exam objectives

    Top five toughest questions

    Answers

    Chapter 9 Risk Assessment and Risk Mitigation

    Conduct risk assessments and implement risk mitigation

    Vulnerability assessment tools

    Password crackers

    Network mapping tools

    Use monitoring tools on systems and networks

    Workstations

    Intrusion detection systems

    Logging and auditing

    Auditing systems

    System Logs

    Performance Logs

    Access Logs

    Audits

    Summary of exam objectives

    Top five toughest questions

    Answers

    Chapter 10 General Cryptographic Concepts

    General cryptography

    Symmetric key cryptography

    Asymmetric key cryptography

    Hashes and applications

    Digital signatures

    Certificates

    CIA-For all your security needs

    Non-repudiation

    Key management

    Encryption algorithms

    DES

    3DES

    RSA

    AES

    Elliptic curve cryptography

    One-time pads

    Transmission encryption

    WEP

    TKIP

    Protocols

    SSL/TLS

    HTTP vs. HTTPS vs. SHTTP

    Other protocols with TLS

    S/MIME

    SSH

    IPSec

    PPTP

    L2TP

    Cryptography in operating systems

    File and folder encryption

    E-mail

    Whole disk encryption

    Trusted platform module

    Summary of exam objectives

    Top five toughest questions

    Answers

    Chapter 11 Public Key Infrastructure

    PKI overview

    PKI encryption

    PKI Standards

    PKI solutions

    Components of PKI

    Digital certificates

    Certification authority

    Certificate revocation list

    Recovery agents

    Certificate authority

    Certificate revocation list

    Key escrow

    Registration

    Recovery agents

    Implementation

    Certificate management

    Summary of exam objectives

    Top five toughest questions

    Answers

    Chapter 12 Redundancy Planning

    Alternate sites

    Hot site

    Warm site

    Cold site

    Redundant systems

    Servers

    Connections

    ISP

    RAID

    Spare parts

    Backup generator

    UPS

    Summary of exam objectives

    Top five toughest questions

    Answers

    Chapter 13 Controls and Procedures

    Environmental controls

    Fire suppression

    HVAC

    Shielding

    Implementing disaster recovery and incident response procedures

    Disaster recovery

    Incident response

    Defending against social engineering

    Summary of exam objectives

    Top five toughest questions

    Answers

    Chapter 14 Legislation and Organizational Policies

    Secure disposal of systems

    Retention/storage

    Destruction

    Acceptable use policies

    Password complexity

    Strong passwords

    Password changes and restrictions

    Administrator accounts

    Change management

    Information classification

    Vacations

    Separation of duties

    Personally identifiable information

    Privacy

    Due care

    Due process

    Due diligence

    SLAs

    User education and awareness training

    Communication

    User awareness

    Education

    Online resources

    Security-related HR policies

    Code of Ethics

    Summary of exam objectives

    Top five toughest questions

    Answers

    Index








Advertisement

advert image