Synopses & Reviews
Reflecting the latest developments from the information security field, best-selling Security+ Guide to Network Security Fundamentals, 4e provides the most current coverage available while thoroughly preparing readers for the CompTIA Security+ SY0-301 certification exam. Its comprehensive introduction to practical network and computer security covers all of the the new CompTIA Security+ exam objectives. Cutting-edge coverage of the new edition includes virtualization, mobile devices, and other trends, as well as new topics such as psychological approaches to social engineering attacks, Web application attacks, penetration testing, data loss prevention, cloud computing security, and application programming development security.
Review
"Yes, this chapter introduces a wide array of technical terminology, in which the author does a fantastic job of breaking it down so that novice learners can comprehend it. Yes, the examples in this chapter are excellent in that they allow the reader to relate to the technical concepts in a comparative way. The Hands-on Projects for this chapter tie in well with the material presented. I believe that they provide students with several different ways to see how some of the attacks explained in the chapter are executed and how they can be prevented. I am now officially excited about the publication of this text, wish it was available for the Summer 2011 section that I am teaching using the 3rd edition."
Review
"Clear and Concise coverage of a difficult and dynamic subject. Engaging for students, using examples and stories."
Review
"An excellent introduction to different types of Malware. An excellent coverage of Social Engineering techniques. Chapter one gives an overview of Information Security and threats. The fact that author has included one of the most current security threat (Stuxnet) at the beginning of the chapter is excellent. This will get the attention of the learners."
Synopsis
Now in its third edition, the best-selling SECURITY+ GUIDE TO NETWORK SECURITY FUNDAMENTALS provides the most up-to-date industry information, reflecting the changes in security that have occurred since the most recent CompTIA Security+ objectives were created. The book covers all of the new CompTIA Security+ 2008 exam objectives and maps to the new Security+ 2008 exam. This updated edition features many all-new topics, including topics new to the CompTIA exams like cross site scripting, SQL injection, rootkits, and virtualization, as well as topics of increasing importance in the industry as a whole, like the latest breeds of attackers, Wi-Fi Protected Access 2, and Microsoft Windows Vista security.
About the Author
Mark Ciampa is Assistant Professor of Computer Information Systems at Western Kentucky University in Bowling Green, Kentucky. Previously, he served as Associate Professor and Director of Academic Computing for 20 years at Volunteer State Community College in Gallatin, Tennessee. Dr. Ciampa has worked in the IT industry as a computer consultant for the U.S. Postal Service, the Tennessee Municipal Technical Advisory Service, and the University of Tennessee. He is also the author of many Cengage/Course Technology books, including Security+ Guide to Network Security Fundamentals; CWNA Guide to Wireless LANs, 3e; CWSP Guide to Wireless Security; Guide to Wireless Communications; and Networking BASICS. He holds a PhD in digital communication systems from Indiana State University.
Table of Contents
INTRODUCTION. 1: Introduction to Security. 2: Malware and Social Engineering Attacks. 3: Application and Network Attacks. 4: Vulnerability Assessment and Mitigating Attacks. 5: Host, Application, and Data Security. 6: Network Security. 7: Administering a Secure Network. 8: Wireless Network Security. 9: Access Control Fundamentals. 10: Authentication and Account Management. 11: Basic Cryptography. 12: Advanced Cryptography. 13: Business Continuity. 14: Risk Mitigation. APPENDIX A: CompTIA SY0-301 Certification Exam Objectives. APPENDIX B: Downloads and Tools for Hands-On Projects. APPENDIX C: Security Web Sites. APPENDIX D: Selected TCP/IP Ports and Their Threats. APPENDIX E: Sample Internet and E-Mail Acceptable Use Policies. APPENDIX F: Information Security Community Site. GLOSSARY. INDEX.