Synopses & Reviews
Security+ Guide to Network Security Fundamentals provides a comprehensive overview of network security. Written to map to CompTIA?s Security+ Certification Exam, the book is broken down into five sections. General Security Concepts covers authentication methods along with common network attacks and how to safeguard against them. Communication Security includes remote access, e-mail, the Web, directory and file transfer, and wireless data. Infrastructure Security explores various network devices and media, and the proper use of perimeter topologies such as DMZs, Extranets, and Intranets to establish network security. Cryptography basics are provided, including the differences between asymmetric and symmetric algorithms, and the different types of PKI certificates and their usage. Operational/Organizational Security is discussed as it relates to Physical security, Disaster Recovery, and Business Continuity, as well as coverage of Computer Forensics and how it relates to further avenues of specialization for the security student.
Review
"The strengths of Chapter 1 are ease of reading and straightforward approach. The terms are well-defined, and the examples are great." - Keith Morneau, Capella University
Review
"The strengths of Chapter 1 are ease of reading and straightforward approach. The terms are well-defined, and the examples are great." - Keith Morneau, Capella University
Review
"End of chapter hands-on projects are terrific. Not only do these activities have students physically making changes to machines, but it forces them to pay attention to choices that they and the users that they will support have to make." - Barbara Belon, Norwalk Community College
Synopsis
Now in its third edition, the best-selling SECURITY+ GUIDE TO NETWORK SECURITY FUNDAMENTALS provides the most up-to-date industry information, reflecting the changes in security that have occurred since the most recent CompTIA Security+ objectives were created. The book covers all of the new CompTIA Security+ 2008 exam objectives and maps to the new Security+ 2008 exam. This updated edition features many all-new topics, including topics new to the CompTIA exams like cross site scripting, SQL injection, rootkits, and virtualization, as well as topics of increasing importance in the industry as a whole, like the latest breeds of attackers, Wi-Fi Protected Access 2, and Microsoft Windows Vista security.
Synopsis
Completely rewritten to include Microsoft Windows Server 2003 coverage and other cutting-edge technologies, this best selling text will ensure your students' success on CompTIA's latest Server+ Exam.
Synopsis
Mark Ciampa addresses real-world business challenges and hands-on exercises to ease students into CompTIA's Security+ latest exam objectives. Designed for an introductory network security course, this text has been completely rewritten to include new topics and additional end-of-chapter material. The accompanying lab manual will provide extensive practice for working with cryptography, common attackers, and business communications in a real-world situation. Free CoursePrep and CertBlaster Security+ exam preparation software will aid in your students' success in and out of the classroom. This edition now includes "On the Job" features to open each chapter and focus on real-world business challenges. Icons are inserted within the running text to highlight topics later applied in the hands-on projects.
About the Author
Mark Ciampa is an Assistant Professor in Management and Computer Information Systems at Western Kentucky University in Bowling Green, Kentucky where he teaches courses in introduction to computers, computer business management information systems, and computer hardware. Prior to that time he was the Director of Academic Computing and Associate Professor of Computer Information Systems at Volunteer State Community College in Gallatin, Tennessee for 20 years. Mark has experience working in the IT industry prior to teaching and has served as a computer consultant for the US Postal Service, the Tennessee Municipal Technical Advisory Service and the University of Tennessee as well as in local governments, area businesses, and non-profit organizations. He is a frequent speaker at regional and national technology conferences.
Table of Contents
1. Introduction to Security a. Challenges of Securing Information i. Today's security attacks ii. Difficulties in defending against attacks b. What Is Information Security? i. Defining information security ii. Information security terminology iii. Understanding the importance of information security 1. Preventing data theft 2. Thwarting Identity Theft 3. Avoiding legal consequences 4. Maintaining Productivity 5. Foiling Cyberterrorism c. Who Are the Attackers? 1. Hackers 2. Script Kiddies 3. Spies 4. Employees 5. Cybercriminals 6. Cyberterrorists d. Attacks and Defenses i. Steps of an attack ii. Defenses against attacks 1. Layering 2. Limiting 3. Diversity 4. Obscurity 5. Simplicity e. Surveying Information Security Careers and the CompTIA Security+ Certification i. Types of information security jobs ii. CompTIA Security+ Certification Exam SYSTEMS SECURITY 2. System Threats and Risks a. Software-Based Attacks {1.1} i. Infecting Malware 1. Viruses (1.1) 2. Worms (1.1) ii. Concealing Malware 1. Trojan Horses (1.1) 2. Rootkits (1.1) 3. Logic Bombs (1.1) 4. Privilege escalation (1.1) iii. Profiting Malware 1. Spam (1.1) 2. Spyware (1.1) a. Adware (1.1) b. Keyloggers 3. Botnets (1.1) b. Hardware Attacks {1.2} 1. BIOS (1.2) 2. USB devices (1.2) 3. Removable storage (1.2) 4. Network attached storage (1.2) 5. Cell phones (1.2) c. Attacks on Virtualized Systems (1.6) i. What is virtualization? ii. Attacks on virtual systems 3. Protecting Systems a. Hardening the Operating System {1.3} i. Managing operating system updates 1. Hot fixes (1.3) 2. Service packs (1.3) 3. Patches (1.3) 4. Patch management techniques (1.3) ii. Protecting the operating system through procedures 1. Group policies (1.3) 2. Security templates (1.3) 3. Configuration baselines (1.3) b. Managing Application Security i. Protecting the web browser (1.4) 1. ActiveX (1.4) 2. Java (1.4) 3. Scripting (1.4) 4. Cookies (1.4) 5. Input validation (1.4) 6. Cross-site scripting (1.4) ii. Protecting communication applications 1. Buffer overflows (1.4) 2. SMTP open relays (1.4) 3. Instant messaging (1.4) 4. P2P (1.4) c. Applying System Security Applications i. Host Intrusion Detection Systems (HIDS) (1.5) ii. Personal software firewalls (1.5) iii. Antivirus (1.5) iv. Anti-Spam (1.5) v. Popup blockers (1.5) NETWORK SECURITY 4. Network Vulnerabilities and Attacks a. Liabilities in Networks i. Media Liabilities 1. Vampire taps (2.6) 2. Cable placement ii. Wireless Network Liabilities 1. Data emanation (2.7) 2. SSID broadcast (2.7) 3. Weak encryption (2.7) b. Attacks on Networks i. Protocol-based attacks {2.1} 1. Antiquated protocols (2.1) 2. DNS poisoning (2.1) 3. ARP Poisoning (2.1) ii. Impersonation attacks 1. TCP/IP hijacking (2.1) 2. Spoofing (2.1) 3. Man in the middle (2.1) 4. Replay (2.1) iii. Wireless attacks 1. War driving (2.7) 2. Blue jacking (2.7) 3. Blue snarfing (2.7) 4. Rogue access points (2.7) iv. Other attacks {2.1} 1. Null sessions (2.1) 2. DOS (2.1) 3. DDOS (2.1) 4. Kiting (2.1) 5. Network Defenses a. Creating a Secure Network i. Security through network technologies 1. Network Address Translation (NAT) (2.2) 2. Network Access Control (NAC) (2.2) ii. Security through network design 1. Demilitarized zones (DMZ) (2.2) 2. Virtual LAN (VLAN) (2.2) 3. Virtual private network 4. Subnetting (2.2) 5. Network interconnections (2.2) 6. Convergence [? CompTIA has "Telephony"] (2.2) iii. Network Device Vulnerabilities {2.5} 1. Privilege escalation (2.5) 2. Weak passwords (2.5) 3. Back doors (2.5) 4. Default accounts (2.5) 5. DOS (2.5) b. Applying Network Security Tools {2.3, 2.4} i. Network Intrusion Detection Systems (NIDS) (2.3, 2.4) ii. Network Intrusion Prevention Systems (NIPS) (2.3) iii. Firewalls (2.3, 2.4) iv. Proxy servers (2.3, 2.4) v. Honey pots (2.3) vi. Internet content filters (2.3, 2.4) vii. Protocol analyzers (2.3, 2.4) 6. Wireless Network Security a. Basic IEEE 802.11 Security Protections i. Access Control ii. Wired Equivalent Privacy (WEP) 1. Cryptography 2. WEP Implementation iii. Authentication b. Vulnerabilities of IEEE 802.11Security i. Authentication 1. Open System Authentication Vulnerabilities 2. Shared Key Authentication Vulnerabilities ii. Address Filtering iii. WEP iv. WEP2 v. Dynamic WEP c. Wireless Security i. IEEE 802.11i ii. Wi-Fi Protected Access (WPA) 1. WPA Personal Security a. PSK Authentication b. TKIP Encryption 2. WPA Enterprise Security a. IEEE 802.1x Authentication b. TKIP Encryption iii. Wi-Fi Protected Access 2 (WPA2) 1. WPA2 Personal Security a. PSK Authentication b. AES-CCMP Encryption 2. WPA2 Enterprise Security a. IEEE 802.1x Authentication b. AES-CCMP Encryption ACCESS CONTROL 7. Access Control Fundamentals a. What is access control? i. Practices for access control 1. Implicit deny (3.1) 2. Least privilege (3.1) 3. Separation of duties (3.1) 4. Job rotation (3.1) ii. Access control models 1. MAC (3.2) 2. DAC (3.2) 3. Role and Rule based (3.2) b. Logical access control methods i. Access Control Lists (ACL) (3.5) ii. Group policies (3.5) iii. Password policy (3.5) iv. Domain password policy (3.5) v. User names and passwords (3.5) vi. Time of day restrictions (3.5) vii. Account expiration (3.5) viii. Logical tokens (3.5) c. Physical access control i. Physical access logs/lists (3.9) ii. Hardware locks (3.9) iii. Physical access control & ID badges (3.9) iv. Door access systems (3.9) v. Man-trap (3.9) vi. Physical tokens (3.9) vii. Video surveillance & camera types and positioning (3.9) d. Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges (3.3) i. Apply appropriate security controls to file and print resources (3.4) 8. Authentication a. Definition of authentication i. Authentication and access control ii. Difference between identification and authentication (identity proofing) (3.8) b. Authentication models i. One factor authentication (3.6) ii. Two factor authentication (3.6) iii. Three factor authentication (3.6) iv. Single sign-on (3.6) c. Types of authentication i. Biometric reader (3.7) ii. RADIUS (3.7) iii. RAS (3.7) iv. LDAP (3.7) v. Remote access policies (3.7) vi. Remote authentication (3.7) vii. VPN (3.7) viii. Kerberos (3.7) ix. CHAP (3.7) x. PAP (3.7) xi. Mutual (3.7) xii. 802.1x (3.7) xiii. TACACS (3.7) ASSESSMENTS AND AUDITS 9. Performing Vulnerability Assessments a. Risk management, assessment, and mitigation (4.1) i. What is risk? ii. Definition of risk management iii. Components of risk management 1. Risk assessment (4.1) 2. Risk mitigation (4.1) b. Identifying Vulnerabilities i. Vulnerability scanning 1. Port scanners (4.2) 2. Vulnerability scanners (4.2) 3. Protocol analyzers (4.2) 4. Open Vulnerability and Assessment Language (OVAL) (4.2) 5. Network mappers ii. Penetration testing 1. Vulnerability scanning vs. penetration testing (4.3) 2. Password crackers (4.2) 10. Conducting Audits a. System Security Auditing i. User access and rights review (4.7) ii. Storage and retention policies (4.7) iii. Group policies (4.7) b. Monitoring methodologies i. Behavior-based (4.5) ii. Signature-based (4.5) iii. Anomaly-based (4.5) c. Monitoring procedures i. Performance monitor (4.4) ii. Systems monitor (4.4) iii. Performance baseline (4.4) iv. Protocol analyzers (4.4) d. Logging procedures and evaluations i. Security application (4.6) ii. DNS (4.6) iii. System (4.6) iv. Performance (4.6) v. Access (4.6) vi. Firewall (4.6) vii. Antivirus (4.6) CRYPTOGRAPHY 11. Basic Cryptography a. Defining Cryptography i. Cryptography Terminology 1. Key Management (5.1) 2. Steganography (5.1) 3. Confidentiality, Integrity and Availability (5.1) 4. Non-repudiation (5.1) 5. Whole Disk Encryption (5.1) 6. Trusted Platform Module (TPM) (5.1) 7. Using Proven Technologies (5.1) 8. One Time Pad (5.3) 9. Transmission Encryption (5.3) ii. How Cryptographic Protects b. Securing with Cryptography Hashing Algorithms i. Defining Hashing ii. Message Digest (MD5) (5.2) iii. Secure Hash Algorithm (SHA) (5.2) iv. LANMAN (5.2) v. NTLM (5.2) vi. Comparing Strengths of Algorithms (5.1) c. Protecting with Symmetric Encryption Algorithms i. Understanding Symmetric Ciphers (5.1) ii. Data Encryption Standard (DES) (5.3) iii. Triple Data Encryption Standard (3DES) (5.3) iv. Advanced Encryption Standard (AES) and AES256 (5.3) v. Rivest Cipher (RC) vi. International Data Encryption Algorithm (IDEA) vii. Blowfish viii. Comparing Strengths of Algorithms (5.1) d. Hardening with Asymmetric Encryption Algorithms (5.1) i. RSA (5.3) ii. Diffie-Hellman iii. Elliptic Curve Cryptography (5.3) e. Explaining How To Use Cryptography i. Digital Signatures (5.1) 1. Single vs. Dual Sided Certificates (5.1) ii. Benefits of Cryptography iii. Implementations of Cryptography 1. Pretty Good Privacy (PGP) (5.3) 2. Windows Encrypting File System (EFS) 3. UNIX Pluggable Authentication Modules (PAM) 4. Linux Cryptographic File System (CFS) 12. Cryptographic Protocols and Public Key Infrastructure a. Understanding Encryption Protocols i. SSL/TLS (5.4) ii. S/MIME (5.4) iii. PPTP (5.4) iv. Hypertext Transport Protocols (HTTP, HTTPS, SHTTP) (5.4) v. L2TP (5.4) vi. IPSEC (5.4) vii. SSH (5.4) b. Cryptography Strengths and Vulnerabilities i. Symmetric Cryptography Strengths and Weaknesses ii. Asymmetric Cryptography Strengths and Vulnerabilities 1. Public and private keys (5.5) 2. Digital Signatures 3. Digital Certificates 4. Certificate Authority (CA) (5.5) a. Certificate Revocation List (CRL) (5.5) b. Certificate Repository (CR) (5.5) c. Registration Authority (RA) (5.5) c. Using Public Key Infrastructure (PKI) i. Description of Public Key Infrastructure (PKI) (5.5) ii. PKI Standards and Protocols 1. Public-Key Cryptography Standards (PKCS) 2. X.509 Digital Certificates iii. Trust Models (5.5) iv. Managing Digital Certificates 1. Certificate Policy (CP) 2. Certificate Practice Statement (CPS) 3. Certificate Life Cycle d. Exploring Key Management i. Centralized and Decentralized Management. ii. Key Storage iii. Key Usage iv. Key Handling Procedures 1. Key escrow (5.5) 2. Recovery agent (5.5) v. Implement PKI and certificate management: Public Key Infrastructure (PKI), Recovery agent, Public key, Private keys, Certificate Authority (CA), Registration, Key escrow, Certificate Revocation List (CRL) (5.6) ORGANIZATIONAL SECURITY 13. Business Continuity Planning and Procedures a. Incident response procedures i. Forensics (6.3) ii. Chain of custody (6.3) iii. First responders (6.3) iv. Damage and loss control (6.3) v. Reporting & disclosure of (6.3) b. Protection of Resources i. Fire suppression (6.5) ii. HVAC (6.5) iii. Shielding (6.5) c. Redundancy Planning i. Site locations 1. Hot site (6.1) 2. Cold site (6.1) 3. Warm site (6.1) ii. Connectivity 1. Redundant ISP (6.1) 2. Redundant connections (6.1) iii. Equipment 1. Backup generator (6.1) 2. Single point of failure (6.1) 3. RAID (6.1) 4. Spare parts (6.1) 5. Redundant servers (6.1) 6. UPS (6.1) d. Disaster Recovery Procedures i. Planning (6.2) ii. Disaster exercises (6.2) iii. Backup techniques and practices & storage (6.2) iv. Schemes (6.2) v. Restoration (6.2) 14. Policies and Legislation a. Organizational policies i. What is a security policy? ii. Balancing trust and control iii. The process of designing a policy b. Elements of a security policy i. Due Care (6.4) ii. Separation of duties iii. Need to Know iv. Change management (6.4) v. Classification of information (6.4) vi. Mandatory vacations (6.4) vii. Personally Identifiable Information (PII) (6.4) viii. Due diligence (6.4) ix. Due process (6.4) c. Types of security policies i. Acceptable Use Policy (AUP) (6.4) ii. Security Human Resource Policy (6.4) iii. Password Complexity Policy (6.4) iv. Privacy Policy v. Disposal and Destruction Policy (6.4) vi. Service Level Agreement (SLA) Policy (6.4) d. Education and Training (6.4) i. Importance of Training - Training of end users, executives and HR ii. User Awareness iii. How Learners Learn iv. Reducing risks of social engineering 1. Phishing (6.6) 2. Hoaxes (6.6) 3. Shoulder surfing (6.6) 4. Dumpster diving (6.6)