Synopses & Reviews
CompTIA's Security+ is the #1 international vendor-neutral baseline security certification. In May 2014, CompTIA is releasing a thoroughly revised certification exam. CompTIA Security+ SY0-401 Exam Cram, Fourth Edition is a thoroughly updated guide to help you prepare for the new exam, using the proven Exam Cram method of study. It has been completely rewritten for the new SY0-401 exam objectives.
As with all Exam Cram books, it includes:
- Chapters that map directly to the exam objectives
- Comprehensive foundational learning on all topics covered on the exam
- An extensive collection of practice questions
- The compantion CD includes a state-of-the-art test engine that provides real-time practice and feedback
- The Cram Sheet tear-out card including tips, acronyms, and memory joggers not available anywhere else - perfect for last-minute study
Topics covered in this book range from identifying vulnerabilities to implementing communications and infrastructure security; cryptography concepts and deployment techniques to security management; forensics to internal security education and documentation. This book brings together all the knowledge professionals need to walk into the exam room with confidence - and pass their Security+ exams with flying colors.
Synopsis
CompTIA(r) Security+ Exam Cram, Fourth Edition, is the perfect study guide to help you pass CompTIA s newly updated version of the Security+ exam. It provides coverage and practice questions for every exam topic. The book contains a set of 200 questions in two full practice exams. The CD-ROM contains the powerful Pearson IT Certification Practice Test engine that provides real-time practice and feedback with all the questions so you can simulate the exam.
Covers the critical information you need to know to score higher on your Security+ exam
--Categorize types of attacks, threats, and risks to your systems
--Secure devices, communications, and network infrastructure
-- Troubleshoot issues related to networking components
-- Effectively manage risks associated with a global business environment
-- Differentiate between control methods used to secure the physical domain
-- Identify solutions to secure hosts, data, and applications
-- Compare techniques to mitigate risks in static environments
-- Determine relevant access control, authorization, and authentication procedures
-- Select appropriate mitigation techniques in response to attacks and vulnerabilities
-- Apply principles of cryptography and effectively deploy related solutions
--Implement security practices from both a technical and an organizational standpoint
Normal 0 false false false EN-US X-NONE X-NONE
"
About the Author
Diane Barrett is the president of NextGard Technology and a professor for Bloomsburg University. She has done contract forensic and security assessment work for several years and has authored several other security and forensic books. She is a program director for ADFSL’s Conference on Digital Forensics, Security, and Law; the DFCP certification chair for the Digital Forensic Certification Board; and a volunteer for the NIST Cloud Computing Forensic Science Challenges working group. She holds many industry certifications, including CISSP, ISSMP, DFCP, and PCME, along with several from CompTIA, including Security+. Diane’s education includes a Ph.D. in business administration with a specialization in information security and a master of science degree in information technology with a specialization in information security.
Kalani Kirk Hausman is an author, GRC professional, enterprise and security architect, ISO, and consultant with experience that includes mediumto large-scale globally deployed networks in governmental, higher education, healthcare, and corporate settings. Kalani’s professional certifications include the CISSP, CGEIT, CRISC, CISA, CISM, GIAC-GHSC, PMP, ITIL, and CCP. He is active within the InfraGard; Information Systems Audit and Control Association (ISACA); ISSA; and High Technology Crime Investigation Association (HTCIA). Kalani is currently employed at Texas A&M University and as an adjunct professor of InfoSec at UMUC and APU/AMU. Kalani can be reached at [email protected] or followed on Twitter at @kkhausman.
Martin M. Weiss has years of experience in information security, risk management, and compliance. Marty holds a bachelor of science degree in computer studies from the University of Maryland University College and an MBA from the Isenberg School of Management at the University of Massachusetts Amherst. He holds several certifications, including CISSP, CISA, and Security+. Marty has authored and co-authored more than a half dozen books on information technology. Occasionally, he molds minds as an adjunct professor with the University of Maryland University College. A Florida native, he now lives in New England somewhere between Boston and New York City.
Table of Contents
Introduction
Part 1 - Network Security
Chapter 1 – Network Design
Chapter 2 – Network Implementation
Part 2 - Compliance and Operational Security
Chapter 3 – Risk Management
Chapter 4 – Response and Recovery
Part 3 - Threats and Vulnerabilities
Chapter 5 – Attacks
Chapter 6 – Defenses
Part 4 - Application, Data and Host Security
Chapter 7 – Application
Chapter 8 – Host Security
Chapter 9 – Data Security
Part 5 - Access Control and Identity Management
Chapter 10 – Authentication, Authorization and Access Control
Chapter 11 – Account Management
Part 6 – Cryptography
Chapter 12 – Cryptography Tools and Techniques
Chapter 13 – Public Key Infrastructure
Glossary