You are previewing CompTIA Security+ Certification Study Guide, Second Edition (Exam SY0-401), 2nd Edition.
O'Reilly logo
CompTIA Security+ Certification Study Guide, Second Edition (Exam SY0-401), 2nd Edition

Book Description

The best fully integrated study system available for the CompTIA Security+ exam!

Prepare for CompTIA Security+ Exam SY0-401 with McGraw-Hill Professional--a Platinum-Level CompTIA Authorized Partner offering Authorized CompTIA Approved Quality Content to give you the competitive edge on exam day.

With hundreds of practice exam questions, including new performance-based questions, CompTIA Security+ Certification Study Guide, Second Edition covers what you need to know--and shows you how to prepare--for this challenging exam.

  • 100% complete coverage of all official objectives for exam SY0-401
  • Exam Watch notes call attention to information about, and potential pitfalls in, the exam
  • Inside the Exam sections in every chapter highlight key exam topics covered
  • Two-Minute Drills for quick review at the end of every chapter
  • Simulated exam questions--including performance-based questions--match the format, topics, and difficulty of the real exam

Covers all the exam topics, including:

Networking Basics and Terminology * Security Terminology * Security Policies and Standards * Types of Attacks * System Security Threats * Mitigating Security Threats * Implementing System Security * Securing the Network Infrastructure * Wireless Networking and Security * Authentication * Access Control * Cryptography • Managing a Public Key Infrastructure * Physical Security * Risk Analysis * Disaster Recovery and Business Continuity * Computer Forensics * Security Assessments and Audits * Monitoring and Auditing

Electronic content includes:

  • Test engine that provides customized practice exams by chapter or by exam domain
  • 1+ hour of video training from the author
  • Lab exercise PDF with solutions
  • NEW pre-assessment exam
  • Glossary of key terms
  • PDF copy of the book for studying on the go

Table of Contents

  1. Cover 
  2. Title Page
  3. Copyright Page
  4. About the Author
    1. About the Technical Editor
  5. Contents at a Glance
  6. Contents 
  7. Acknowledgments
  8. Preface
  9. Introduction
  10. 1. Networking Basics and Terminology
    1. Understanding Network Devices and Cabling
      1. Looking at Network Devices
      2. Understanding Network Cabling
      3. Exercise 1-1: Reviewing Networking Components
    2. Understanding TCP/IP
      1. Reviewing IP Addressing
      2. Exercise 1-2: Understanding Valid Addresses
      3. Understanding TCP/IP Protocols
      4. Exercise 1-3: Viewing Protocol Information with Network Monitor
      5. Application Layer Protocols
      6. A Review of IPv6
      7. Exercise 1-4: Identifying Protocols in TCP/IP
    3. Network Security Best Practices
      1. Device Usage
      2. Cable and Protocol Usage
      3. Two-Minute Drill
      4. Self Test
      5. Self Test Answers
  11. 2. Introduction to Security Terminology
    1. Goals of Information Security
      1. Confidentiality
      2. Integrity
      3. Availability
      4. Accountability
      5. Exercise 2-1: CIA Scenarios
    2. Understanding Authentication and Authorization
      1. Identification and Authentication
      2. Authorization
    3. Understanding Security Principles and Terminology
      1. Types of Security
      2. Least Privilege, Separation of Duties, and Rotation of Duties
      3. Concept of Need to Know
      4. Layered Security and Diversity of Defense
      5. Due Care, Due Diligence
      6. Vulnerability and Exploit
    4. Looking at Security Roles
      1. System and Data Owner
      2. Custodian
      3. User
      4. Security Officer
      5. Exercise 2-2: Security Terminology
      6. Two-Minute Drill
      7. Self Test
      8. Self Test Answers
  12. 3. Security Policies and Standards
    1. Introduction to Security Policies
      1. Structure of a Policy
      2. Identifying Types of Policies
      3. Understanding Regulations and Standards
    2. Looking at Security Policies
      1. Policies Affecting Users
      2. Policies Affecting Administrators
      3. Exercise 3-1: Reviewing a Security Policy
      4. Policies Affecting Management
      5. Other Popular Policies
    3. Human Resource Policies
      1. Hiring Policy
      2. Termination Policy
      3. Mandatory Vacations
      4. Security-Related HR Policies
      5. Exercise 3-2: Creating a Security Policy
    4. User Education and Awareness
      1. General Training and Role-Based Training
      2. User Habits
      3. New Threats and Security Trends
      4. Use of Social Network and P2P
      5. Training Metrics and Follow Up
      6. Exercise 3-3: Designing a Training Program
      7. Two-Minute Drill
      8. Self Test
      9. Self Test Answers
  13. 4. Types of Attacks
    1. Understanding Social Engineering
      1. Social Engineering Overview
      2. Popular Social Engineering Attacks
      3. Reasons for Effectiveness
      4. Preventing Social Engineering Attacks
    2. Identifying Network Attacks
      1. Popular Network Attacks
      2. Exercise 4-1: DNS Poisoning by Modifying the Hosts File
      3. Exercise 4-2: Performing a Port Scan
      4. Other Network Attacks
      5. Preventing Network Attacks
    3. Looking at Password Attacks
      1. Types of Password Attacks
      2. Exercise 4-3: Password Cracking with LC4
      3. Birthday Attacks and Rainbow Tables
      4. Preventing Password Attacks
    4. Understanding Application Attacks
      1. Popular Application Attacks
      2. Exercise 4-4: SQL Injection Attacks
      3. Exercise 4-5: Exploiting an IIS Web Server with Folder Traversal
      4. Other Application Attacks
      5. Preventing Application Attacks
      6. Two-Minute Drill
      7. Self Test
      8. Self Test Answers
  14. 5. System Security Threats
    1. Identifying Physical Threats
      1. Snooping
      2. Theft and Loss of Assets
      3. Human Error
      4. Sabotage
    2. Looking at Malicious Software
      1. Privilege Escalation
      2. Viruses
      3. Exercise 5-1: Looking at the NetBus Trojan Virus
      4. Other Malicious Software
      5. Protecting Against Malicious Software
    3. Threats Against Hardware
      1. BIOS Settings
      2. USB Devices
      3. Cell Phones
      4. Exercise 5-2: Exploiting a Bluetooth Device
      5. Removable Storage
      6. Network Attached Storage
      7. PBX
      8. Two-Minute Drill
      9. Self Test
      10. Self Test Answers
  15. 6. Mitigating Security Threats
    1. Understanding Operating System Hardening
      1. Uninstall Unnecessary Software
      2. Disable Unnecessary Services
      3. Exercise 6-1: Disabling the Messenger Service
      4. Protect Management Interfaces and Applications
      5. Disable Unnecessary Accounts
      6. Patch System
      7. Password Protection
    2. System Hardening Procedures
      1. Network Security Hardening
      2. Exercise 6-2: Hardening a Network Switch
      3. Tools for System Hardening
      4. Exercise 6-3: Creating a Security Template
      5. Security Posture and Reporting
    3. Establishing Application Security
      1. Secure Coding Concepts
      2. Application Hardening
    4. Server Hardening Best Practices
      1. All Servers
      2. HTTP Servers
      3. DNS Servers
      4. Exercise 6-4: Limiting DNS Zone Transfers
      5. DHCP Servers
      6. SMTP Servers and FTP Servers
      7. Mitigate Risks in Static Environments
      8. Two-Minute Drill
      9. Self Test
      10. Self Test Answers
  16. 7. Implementing System Security
    1. Implementing Personal Firewalls and HIDS
      1. Personal Firewalls
      2. Exercise 7-1: Configuring TCP Wrappers in Linux
      3. Host-Based IDS
    2. Protecting Against Malware
      1. Patch Management
      2. Using Antivirus and Anti-spam Software
      3. Spyware and Adware
      4. Phish Filters and Pop-up Blockers
      5. Exercise 7-2: Manually Testing a Web Site for Phishing
      6. Practicing Good Habits
    3. Device Security and Data Security
      1. Hardware Security
      2. Mobile Devices
      3. Data Security
      4. Exercise 7-3: Configuring Permissions in Windows 8
      5. Application Security and BYOD Concerns
      6. Host-Based Security
    4. Understanding Virtualization and Cloud Computing
      1. Virtualization and Security
      2. Cloud Computing Issues
      3. Two-Minute Drill
      4. Self Test
      5. Self Test Answers
  17. 8. Securing the Network Infrastructure
    1. Understanding Firewalls
      1. Firewalls
      2. Using IPTables as a Firewall
      3. Exercise 8-1: Configuring IPTables in Linux
      4. Using Firewall Features on a Home Router
      5. Proxy Servers
      6. Other Security Devices and Technologies
    2. Using Intrusion Detection Systems
      1. IDS Overview
      2. Exercise 8-2: Using Snort—A Network-Based IDS
      3. Honeypots and Honeynets
      4. Protocol Analyzers
    3. Network Design and Administration Principles
      1. Subnetting and VLANs
      2. Network Address Translation (NAT)
      3. Network Access Control (NAC)
      4. Network Administration Principles
    4. Securing Devices
      1. Two-Minute Drill
      2. Self Test
      3. Self Test Answers
  18. 9. Wireless Networking and Security
    1. Understanding Wireless Networking
      1. Standards
      2. Channels
      3. Antenna Types
      4. Authentication and Encryption
    2. Securing a Wireless Network
      1. Security Best Practices
      2. Vulnerabilities with Wireless Networks
      3. Exercise 9-1: Cracking WEP with BackTrack
      4. Perform a Site Survey
    3. Configuring a Wireless Network
      1. Configuring the Access Point
      2. Configuring the Client
    4. Infrared and Bluetooth
      1. Infrared
      2. Bluetooth
      3. Near Field Communication
      4. Two-Minute Drill
      5. Self Test
      6. Self Test Answers
  19. 10. Authentication
    1. Identifying Authentication Models
      1. Authentication Terminology
      2. Authentication Factors
      3. Single Sign-on
    2. Authentication Protocols
      1. Windows Authentication Protocols
      2. Remote Access Authentication
      3. Authentication Services
    3. Implementing Authentication
      1. User Accounts
      2. Tokens
      3. Looking at Biometrics
      4. Smartcard
      5. Two-Minute Drill
      6. Self Test
      7. Self Test Answers
  20. 11. Access Control
    1. Introducing Access Control
      1. Types of Security Controls
      2. Implicit Deny
      3. Review of Security Principles
    2. Access Control Models
      1. Discretionary Access Control
      2. Mandatory Access Control
      3. Role-Based Access Control
      4. Exercise 11-1: Assigning a User the sysadmin Role
      5. Rule-Based Access Control
    3. Implementing Access Control
      1. Using Security Groups
      2. Exercise 11-2: Configuring Security Groups and Assigning Permissions
      3. Rights and Privileges
      4. Exercise 11-3: Modifying User Rights on a Windows System
      5. Securing Files and Printers
      6. Access Control Lists (ACLs)
      7. Group Policies
      8. Exercise 11-4: Configuring Password Policies via Group Policies
      9. Account Restrictions
      10. Account Policy Enforcement
      11. Monitoring Account Access
      12. Two-Minute Drill
      13. Self Test
      14. Self Test Answers
  21. 12. Introduction to Cryptography
    1. Introduction to Cryptography Services
      1. Understanding Cryptography
      2. Algorithms and Keys
      3. Exercise 12-1: Encrypting Data with the Caesar Cipher
      4. Other Cryptography Terms
    2. Symmetric Encryption
      1. Symmetric Encryption Concepts
      2. Symmetric Encryption Algorithms
      3. Exercise 12-2: Encrypting Data with the AES Algorithm
    3. Asymmetric Encryption
      1. Asymmetric Encryption Concepts
      2. Asymmetric Encryption Algorithms
      3. Quantum Cryptography
      4. In-Band vs. Out-of-Band Key Exchange
    4. Understanding Hashing
      1. Hashing Concepts
      2. Hashing Algorithms
      3. Exercise 12-3: Generating Hashes to Verify Integrity
    5. Identifying Encryption Uses
      1. Encrypting Data
      2. Encrypting Communication
      3. Understanding Steganography
      4. Two-Minute Drill
      5. Self Test
      6. Self Test Answers
  22. 13. Managing a Public Key Infrastructure
    1. Introduction to Public Key Infrastructure
      1. Understanding PKI Terminology
      2. Certificate Authority and Registration Authority
      3. Repository
    2. Managing a Public Key Infrastructure
      1. Certificate Life Cycle
      2. Certificate Revocation Lists and OSCP
      3. Other PKI Terms
    3. Implementing a Public Key Infrastructure
      1. How SSL Works
      2. How Digital Signatures Work
      3. Creating a PKI
      4. Exercise 13-1: Installing a Certificate Authority
      5. Exercise 13-2: SSL-Enabling a Web Site
      6. Managing a PKI
      7. Two-Minute Drill
      8. Self Test
      9. Self Test Answers
  23. 14. Physical Security
    1. Choosing a Business Location
      1. Facility Concerns
      2. Lighting and Windows
      3. Doors, Windows, and Walls
      4. Safety Concerns
    2. Physical Access Controls
      1. Exercise 14-1: Erasing the Administrator Password with a Live CD
      2. Fencing and Guards
      3. Hardware Locks
      4. Access Systems
      5. Other Security Controls
      6. Physical Access Lists and Logs
      7. Video Surveillance
    3. Implementing Environmental Controls
      1. Understanding HVAC
      2. Shielding
      3. Fire Suppression
      4. Two-Minute Drill
      5. Self Test
      6. Self Test Answers
  24. 15. Risk Analysis
    1. Introduction to Risk Analysis
      1. Risk Analysis Overview
      2. Risk Analysis Process
      3. Risk with Cloud Computing and Third Parties
    2. Types of Risk Analysis
      1. Qualitative
      2. Exercise 15-1: Performing a Qualitative Risk Analysis
      3. Quantitative
      4. Exercise 15-2: Performing a Quantitative Risk Analysis
    3. Risk Mitigation Strategies
      1. Exercise 15-3: Identifying Mitigation Techniques
      2. Two-Minute Drill
      3. Self Test
      4. Self Test Answers
  25. 16. Disaster Recovery and Business Continuity
    1. Introduction to Disaster Recovery and Business Continuity
      1. Introduction to Business Continuity
      2. Understanding Disaster Recovery
    2. Backing Up and Restoring Data
      1. Security Considerations with Tapes
      2. Full, Incremental, and Differential Backups
      3. Scheduling Backups
      4. Backup Plan Example
      5. Exercise 16-1: Backing Up and Restoring Data on a Windows Server
    3. Implementing Fault Tolerance
      1. RAID 0
      2. RAID 1
      3. RAID 5
    4. Understanding High Availability
      1. Clustering Services
      2. Network Load Balancing
      3. Redundant Hardware
      4. Two-Minute Drill
      5. Self Test
      6. Self Test Answers
  26. 17. Introduction to Computer Forensics
    1. Working with Evidence
      1. Types of Evidence
      2. Collecting Evidence
    2. Collecting Digital Evidence
      1. Understanding the Process
      2. Where to Find Evidence
      3. Tools Used
      4. Exercise 17-1: Using ProDiscover for Forensics Analysis
      5. Exercise 17-2: Performing Cell Phone Forensics
      6. Exercise 17-3: Looking at EXIF Metadata
    3. Looking at Incident Response
      1. Incident Response Team
      2. First Responders
      3. Damage and Loss Control
      4. Two-Minute Drill
      5. Self Test
      6. Self Test Answers
  27. 18. Security Assessments and Audits
    1. Understanding Types of Assessments
      1. Assessment Types
      2. Assessment Techniques
    2. Performing a Security Assessment
      1. Performing a Penetration Test
      2. Exercise 18-1: Profiling an Organization
      3. Exercise 18-2: Using a Port Scanner
      4. Performing a Vulnerability Assessment
      5. Exercise 18-3: Performing a Vulnerability Scan with LANguard
      6. Two-Minute Drill
      7. Self Test
      8. Self Test Answers
  28. 19. Understanding Monitoring and Auditing
    1. Introduction to Monitoring
    2. Monitoring Tools
      1. Useful System Commands
      2. Performance Monitor
      3. Protocol Analyzer and Sniffer
      4. Exercise 19-1: Monitoring Network Traffic with Network Monitor
    3. Implementing Logging and Auditing
      1. Understanding Auditing
      2. Exercise 19-2: Implementing Auditing in Windows
      3. Understanding Logging
      4. Exercise 19-3: Configuring Logging in IIS
      5. Exercise 19-4: Configuring the Windows Firewall
      6. Popular Areas to Audit
      7. Two-Minute Drill
      8. Self Test
      9. Self Test Answers
  29. Appendix A: About the Download
    1. System Requirements
    2. Downloading Total Tester Premium Practice Exam Software
    3. Total Tester Premium Practice Exam Software
      1. Installing and Running Total Tester
    4. Downloading from McGraw-Hill Professional’s Media Center
    5. Video Training from the Author
    6. Glossary
    7. Lab Book, Lab Solutions, and Lab Files
    8. Technical Support
  30. Appendix B: Pre-Assessment Test
    1. Instructions
    2. Questions
    3. Quick Answer Key
    4. In-Depth Answers
    5. Review Your Score and Analyze Your Results
  31. Index