You are previewing CompTIA® Security+™ Deluxe Study Guide, Second Edition.
O'Reilly logo
CompTIA® Security+™ Deluxe Study Guide, Second Edition

Book Description

Get a host of extras with this Deluxe version including a Security Administration Simulator!

Prepare for CompTIA's new Security+ exam SY0-301 with this Deluxe Edition of our popular CompTIA Security+ Study Guide, 5th Edition. In addition to the 100% coverage of all exam essentials and study tools you'll find in the regular study guide, the Deluxe Edition gives you over additional hands-on lab exercises and study tools, three additional practice exams, author videos, and the exclusive Security Administration simulator. This book is a CompTIA Recommended product.

  • Provides 100% coverage of all exam objectives for Security+ exam SY0-301 including:

    • Network security

    • Compliance and operational security

    • Threats and vulnerabilities

    • Application, data and host security

    • Access control and identity management

    • Cryptography

  • Features Deluxe-Edition-only additional practice exams, value-added hands-on lab exercises and study tools, and exclusive Security Administrator simulations, so you can practice in a real-world environment

  • Covers key topics such as general security concepts, communication and infrastructure security, the basics of cryptography, operational security, and more

  • Shows you pages of practical examples and offers insights drawn from the real world

Get deluxe preparation, pass the exam, and jump-start your career. It all starts with CompTIA Security+ Deluxe Study Guide, 2nd Edition.

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright
  4. Dear Reader,
  5. Dedication
  6. Acknowledgments
  7. About the Author
  8. Table of Exercises
  9. Foreword
  10. Introduction
    1. Assessment Test
    2. Answers to Assessment Test
  11. Chapter 1: Measuring and Weighing Risk
    1. Risk Assessment
    2. Developing Policies, Standards, and Guidelines
    3. Summary
    4. Exam Essentials
    5. Review Questions
    6. Answers to Review Questions
  12. Chapter 2: Infrastructure and Connectivity
    1. Mastering TCP/IP
    2. Distinguishing between Security Topologies
    3. Understanding Infrastructure Security
    4. Understanding the Different Network Infrastructure Devices
    5. Understanding Remote Access
    6. Summary
    7. Exam Essentials
    8. Review Questions
    9. Answers to Review Questions
  13. Chapter 3: Protecting Networks
    1. Monitoring and Diagnosing Networks
    2. Understanding Intrusion Detection Systems
    3. Understanding Protocol Analyzers
    4. Securing Workstations and Servers
    5. Securing Internet Connections
    6. Understanding Network Protocols
    7. Summary
    8. Exam Essentials
    9. Review Questions
    10. Answers to Review Questions
  14. Chapter 4: Threats and Vulnerabilities
    1. Understanding Software Exploitation
    2. Surviving Malicious Code
    3. Calculating Attack Strategies
    4. Recognizing Common Attacks
    5. Identifying TCP/IP Security Concerns
    6. Summary
    7. Exam Essentials
    8. Review Questions
    9. Answers to Review Questions
  15. Chapter 5: Access Control and Identity Management
    1. Access Control Basics
    2. Understanding Remote Access Connectivity
    3. Understanding Authentication Services
    4. Understanding Access Control
    5. Implementing Access Control Best Practices
    6. Summary
    7. Exam Essentials
    8. Review Questions
    9. Answers to Review Questions
  16. Chapter 6: Educating and Protecting the User
    1. Understanding Security Awareness and Training
    2. Classifying Information
    3. Information Access Controls
    4. Complying with Privacy and Security Regulations
    5. Understanding Social Engineering
    6. Summary
    7. Exam Essentials
    8. Review Questions
    9. Answers to Review Questions
  17. Chapter 7: Operating System and Application Security
    1. Hardening the Operating System
    2. Application Hardening
    3. Working with Data Repositories
    4. Host Security
    5. Mobile Devices
    6. Best Practices for Security
    7. Attack Types to Be Aware Of
    8. Summary
    9. Exam Essentials
    10. Review Questions
    11. Answers to Review Questions
  18. Chapter 8: Cryptography Basics
    1. An Overview of Cryptography
    2. Understanding Cryptographic Algorithms
    3. Using Cryptographic Systems
    4. Understanding Cryptography Standards and Protocols
    5. Summary
    6. Exam Essentials
    7. Review Questions
    8. Answers to Review Questions
  19. Chapter 9: Cryptography Implementation
    1. Using Public Key Infrastructure
    2. Preparing for Cryptographic Attacks
    3. Understanding Key Management and the Key Life Cycle
    4. Summary
    5. Exam Essentials
    6. Review Questions
    7. Answers to Review Questions
  20. Chapter 10: Physical and Hardware-Based Security
    1. Implementing Access Control
    2. Maintaining Environmental and Power Controls
    3. Fire Suppression
    4. Summary
    5. Exam Essentials
    6. Review Questions
    7. Answers to Review Questions
  21. Chapter 11: Security and Vulnerability in the Network
    1. Network Security Threats
    2. Secure Network Administration Principles
    3. Mitigation and Deterrent Techniques
    4. Summary
    5. Exam Essentials
    6. Review Questions
    7. Answers to Review Questions
  22. Chapter 12: Wireless Networking Security
    1. Working with Wireless Systems
    2. Understanding Mobile Devices
    3. Wireless Vulnerabilities to Know
    4. Summary
    5. Exam Essentials
    6. Review Questions
    7. Answers to Review Questions
  23. Chapter 13: Disaster Recovery and Incident Response
    1. Understanding Business Continuity
    2. Reinforcing Vendor Support
    3. Summary
    4. Exam Essentials
    5. Review Questions
    6. Answers to Review Questions
  24. Chapter 14: Security-Related Policies and Procedures
    1. Policies You Must Have
    2. Policies You Should Have
    3. Security Controls for Account Management
    4. Summary
    5. Exam Essentials
    6. Review Questions
    7. Answers to Review Questions
  25. Chapter 15: Security Administration
    1. Security Administrator’s Troubleshooting Guide
    2. Getting Started
    3. Access Control Issues
    4. Accountability Concerns
    5. Auditing
    6. Authentication Schemes
    7. Backup Management
    8. Baselining Security
    9. Certificate Management
    10. Communications Security
    11. Directory Services Protection
    12. Disaster Planning
    13. Documenting Your Environment
    14. Email Issues
    15. File-Sharing Basics
    16. Working with IDSs and Honey Pots
    17. Incident Handling
    18. Internet Common Sense
    19. Key Management Conventions
    20. Preventing Common Malicious Events
    21. Managing Personnel
    22. Keeping Physical Security Meaningful
    23. Securing the Infrastructure
    24. Working with Security Zones
    25. Social Engineering Risks
    26. System Hardening Basics
    27. Securing the Wireless Environment
    28. Summary
  26. Appendix A: About the Companion CD
    1. What You’ll Find on the CD
    2. System Requirements
    3. Using the CD
    4. Troubleshooting
  27. Appendix B: Workbook Exercises
    1. Lab A.1: Create a Baseline for Internet Access
    2. Lab A.2: Turn on the Firewall in Windows 7 or Windows Vista
    3. Lab A.3: Look for Security Events within Windows
    4. Lab A.4: Turn on a Screensaver Password for openSUSE
    5. Lab A.5: Change a Password in Linux
    6. Lab A.6: Find SUID and SGID Files in Linux
    7. Lab A.7: Change ACLs on All Files in aLinux Directory
    8. Lab A.8: Change Permissions on All Files in a Linux Directory
    9. Lab A.9: Change the Default Permissions for All Newly Created Files in Linux
    10. Lab A.10: View All Linux Logins
    11. Lab A.11: Change the Group Associated with Files
    12. Lab A.12: View Failed Login Attempts
    13. Lab A.13: Hide a Linux File
    14. Lab A.14: Hide and Access a Windows Share
    15. Lab A.15: Encrypt a Windows File
    16. Lab A.16: Count the Number of Running Linux Processes
    17. Lab A.17: Add a Legal Notice
    18. Lab A.18: Turn On a Screensaver Password for Windows 7
    19. Lab A.19: Identify User Accounts with Administrator Access in Windows
    20. Lab A.20: Display Hidden Files, Folders, and Drives in Windows
    21. Lab A.21: View Effective Permissions in Windows
    22. Lab A.22: View Internet Explorer Security Settings
    23. Lab A.23: Change Internet Explorer Pop-up Blocker Settings
    24. Lab A.24: Enable openSUSE Firewall
    25. Lab A.25: Configure openSUSE Local Security
    26. Lab A.26: Set the Defaults for New Users
    27. Lab A.27: View Logged Warnings in openSUSE
    28. Lab A.28: Configure openSUSE as aKerberos Client
    29. Lab A.29: Configure openSUSE as an LDAP Client
    30. Lab A.30: Turn Off IPv6 in openSUSE
    31. Lab A.31: Turn On Folder Encryption with cipher
    32. Lab A.32: Clear Private Data in Internet Explorer
    33. Lab A.33: Clear Private Data in Firefox
    34. Lab A.34: Configure SELinux in Fedora
    35. Lab A.35: Limit Cookies to First Party
    36. Lab A.36: Configure the Phishing Filter
    37. Lab A.37: Configure Windows Startup
    38. Lab A.38: Secure the Account Database
    39. Lab A.39: Create a Restore Point
    40. Lab A.40: Return to a Restore Point
    41. Lab A.41: Boot to a Good Configuration
    42. Lab A.42: Hide Your Location in IE 9
    43. Lab A.43: Configure Windows Update
    44. Lab A.44: Turn Off AutoRun in Windows
    45. Lab A.45: Audit an Individual File in Windows 7
    46. Lab A.46: Use the Problem Sets Recorder
    47. Lab A.47: Edit a Credential Manager Account
    48. Lab A.48: Create a System Repair Disk
    49. Lab A.49: Run a System Scan from the Command Line
    50. Lab A.50: Configure Windows 7 to Use an Internet Time Server
  28. Appendix C: Study Tools
    1. Activity C.1: Find the Security Terms
    2. Activity C.2: Unscramble the Hardware Terms
    3. Activity C.3: Security Problem Areas
    4. Activity C.4: All about Risk
    5. Activity C.5: Unscramble the Malware
    6. Activity C.6: Cryptographic Concepts
    7. Answers
  29. Appendix D: Security+ Acronym List
  30. Appendix E: The Basics of Cabling, Wires, and Communication
    1. Coax
    2. Unshielded Twisted Pair and Shielded Twisted Pair
    3. Fiber Optic
    4. Infrared
    5. Radio Frequency
    6. Microwave Systems
  31. Glossary
  32. Index