CompTIA Security+ Certification Study Guide - 3rd Edition - ISBN: 9781597494267, 9781597495400

CompTIA Security+ Certification Study Guide

3rd Edition

Exam SY0-201 3E

Authors: Ido Dubrawsky
Paperback ISBN: 9781597494267
eBook ISBN: 9781597495400
Imprint: Syngress
Published Date: 31st July 2009
Page Count: 784
Tax/VAT will be calculated at check-out
45.95
36.99
59.95
Unavailable
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


Description

CompTIA Security+ Certification Study Guide: Exam SYO-201, Third Edition, offers a practical guide for those interested in pursuing CompTIA Security+ certification. The book is organized into six parts. Part 1 deals with general security issues including security threats; hardware and peripheral security risks; the fundamentals of operating system (OS) hardening; implementing system security applications; and concepts of virtualization. Part 2 discusses the fundamentals of network security. Part 3 focuses on network access and network authentication. Part 4 explains the importance of risk assessments and risk mitigation, and how to conduct them. Part 5 reviews general cryptographic concepts and addresses the complex issues involved in planning a certificate-based public key infrastructure (PKI). Part 6 on organizational security discusses redundancy planning; environmental controls; implementing disaster recovery and incident response procedures; and the policies, procedures, and documentation upon which organizational computer security is based. Each chapter begins with Exam Objectives and concludes with Self-Test questions along with their corresponding answers.

Key Features

Complete exam-prep package includes full coverage of new Security+ objectives, flash cards, cram sheets, MP3s for exam-day study, PPT presentations, two complete practice exams, and certification e-book library Authored by a leading Microsoft security expert *A good reference for both beginning security professionals and seasoned IT professionals

Readership

Security+ exam candidates both first-time and recertification

Table of Contents


About the Authors

Part 1 Systems Security

Chapter 1 Systems Security Overview

Introduction

Security Threats

Hardware and Peripheral Security Risks

Summary of Exam Objectives

Exam Objectives Fast Track

Exam Objectives Frequently Asked Questions

Self Test

Self Test Quick Answer Key

Chapter 2 OS Hardening

Introduction

General OS Hardening

Server OS Hardening

Workstation OS

Summary of Exam Objectives

Exam Objectives Fast Track

Exam Objectives Frequently Asked Questions

Self Test

Self Test Quick Answer Key

Chapter 3 Application Security

Introduction

Threats Are Moving “Up the Stack”

Application Security Threats

Summary of Exam Objectives

Exam Objectives Fast Track

Exam Objectives Frequently Asked Questions

Self Test

Self Test Quick Answer Key

References

Chapter 4 Implementing System Security Applications

Host Intrusion Detection System

Personal Software Firewall

Antivirus

Antispam

Pop-Up Blockers

Summary of Exam Objectives

Exam Objectives Fast Track

Exam Objectives Frequently Asked Questions

Self Test

Self Test Quick Answer Key

Chapter 5 Virtualization Technologies

Introduction

The Purpose of Virtualization

Benefits of Virtualization

System Virtualization

Application Virtualization

Summary of Exam Objectives

Exam Objectives Fast Track

Exam Objectives Frequently Asked Questions

Self Test

Self Test Quick Answer Key

Part 2 Network Infrastructure

Chapter 6 Network Security

Introduction

General Network Security

Network Security Tools

Network Ports, Services, and Threats

Network Design Elements and Components

Summary of Exam Objectives

Exam Objectives Fast Track

Exam Objectives Frequently Asked Questions

Self Test

Self Test Quick Answer Key

Chapter 7 Wireless Networks

Introduction

Wireless Network Design

Service Set ID Broadcast

Wireless Security Standards

Rogue APs

Data Emanation

Bluetooth

Summary of Exam Objectives

Exam Objectives Fast Track

Exam Objectives Frequently Asked Questions

Self Test

Self Test Quick Answer Key

References

Part 3 Access Control

Chapter 8 Network Access

Introduction

General Network Access

Access Control Methods and Models

Access Control Organization

Logical Access Control Methods

Physical Access Security Methods

Summary of Exam Objectives

Exam Objectives Fast Track

Exam Objectives Frequently Asked Questions

Self Test

Self Test Quick Answer Key

Chapter 9 Network Authentication

Introduction

Authentication Methods

Authentication Systems

Summary of Exam Objectives

Exam Objectives Fast Track

Exam Objectives Frequently Asked Questions

Self Test

Self Test Quick Answer Key

Part 4 Assessments and Audits

Chapter 10 Risk Assessment and Risk Mitigation

Introduction

Conduct Risk Assessments and Implement Risk Mitigation

Use Monitoring Tools on Systems and Networks

Logging and Auditing

Audits

Summary of Exam Objectives

Exam Objectives Fast Track

Exam Objectives Frequently Asked Questions

Self Test

Self Test Quick Answer Key

References

Part 5 Cryptopgraphy

Chapter 11 General Cryptographic Concepts

Introduction

General Cryptography

Encryption Algorithms

Protocols

Cryptography in Operating Systems

Summary of Exam Objectives

Exam Objectives Fast Track

Exam Objectives Frequently Asked Questions

Self Test

Self Test Quick Answer Key

Chapter 12 Public Key Infrastructure

Introduction

PKI Overview

Components of PKI

Registration

Recovery Agents

Implementation

Certificate Management

Summary of Exam Objectives

Exam Objectives Fast Track

Exam Objectives Frequently Asked Questions

Self Test

Self Test Quick Answer Key

Part 6 Organizational Security

Chapter 13 Redundancy Planning

Introduction

Alternate Sites

Redundant Systems

Redundant Arrays of Inexpensive Disks

Spare Parts

Backup Generator

Uninterruptible Power Supply

Summary of Exam Objectives

Exam Objectives Fast Track

Exam Objectives Frequently Asked Questions

Self Test

Self Test Quick Answer Key

Chapter 14 Controls and Procedures

Introduction

Environmental Controls

Implementing Disaster Recovery and Incident Response Procedures

Summary of Exam Objectives

Exam Objectives Fast Track

Exam Objectives Frequently Asked Questions

Self Test

Self Test Quick Answer Key

Chapter 15 Legislation and Organizational Policies

Introduction

Secure Disposal of Systems

Acceptable Use Policies

Password Complexity

Change Management

Information Classification

Vacations

Personally Identifiable Information

Due Care

Due Process

Due Diligence

Service Level Agreements

User Education and Awareness Training

Security-Related HR Policies

Summary of Exam Objectives

Exam Objectives Fast Track

Exam Objectives Frequently Asked Questions

Self Test

Self Test Quick Answer Key

Appendix

Index








Details

No. of pages:
784
Language:
English
Copyright:
© Syngress 2009
Published:
Imprint:
Syngress
eBook ISBN:
9781597495400

About the Author

Ido Dubrawsky

Ido Dubrawsky (CISSP, CCNA, CCDA) is the Chief Security Advisor for Microsoft’s Communication Sector North America, a division of the Mobile and Embedded Devices Group. Prior to working at Microsoft, Ido was the acting Security Consulting Practice Lead at AT&T’s Callisma subsidiary and a Senior Security Consultant. Before joining AT&T, Ido was a Network Security Architect for Cisco Systems, Inc., SAFE Architecture Team. He has worked in the systems and network administration field for almost 20 years in a variety of environments from government to academia to private enterprise. He has a wide range of experience in various networks, from small to large and relatively simple to complex. Ido is the primary author of three major SAFE white papers and has written, and spoken, extensively on security topics. He is a regular contributor to the SecurityFocus website on a variety of topics covering security issues. Previously, he worked in Cisco Systems, Inc. Secure Consulting Group, providing network security posture assessments and consulting services for a wide range of clients. In addition to providing penetration-testing consultation, he also conducted security architecture reviews and policy and process reviews. He holds a B.Sc. and a M.Sc. in Aerospace Engineering from the University of Texas at Austin.

Affiliations and Expertise

Chief Security Advisor, Microsoft’s Communication Sector North America, a division of the Mobile and Embedded Devices Group

Reviews

"The computer and network security field continues to grow as more devices are becoming interconnected. The Security+ certification verifies knowledge of the six major security domains. Ido Dubrawsky and his team provide an excellent guide for passing the exam that serves equally well as a reference after certification." -James Broad, Security Consultant, Security+ and CISSP