You are previewing Security Administrator Street Smarts: A Real World Guide to CompTIA Security+™ Skills, Third Edition.
O'Reilly logo
Security Administrator Street Smarts: A Real World Guide to CompTIA Security+™ Skills, Third Edition

Book Description

A step-by-step guide to the tasks involved in security administration

If you aspire to a career in security administration, one of your greatest challenges will be gaining hands-on experience. This book takes you through the most common security admin tasks step by step, showing you the way around many of the roadblocks you can expect on the job. It offers a variety of scenarios in each phase of the security administrator's job, giving you the confidence of first-hand experience.

In addition, this is an ideal complement to the brand-new, bestselling CompTIA Security+ Study Guide, 5th Edition or the CompTIA Security+ Deluxe Study Guide, 2nd Edition, the latest offerings from Sybex for CompTIA's Security+ SY0-301 exam.

  • Targets security administrators who confront a wide assortment of challenging tasks and those seeking a career in security administration who are hampered by a lack of actual experience
  • Walks you through a variety of common tasks, demonstrating step by step how to perform them and how to circumvent roadblocks you may encounter
  • Features tasks that are arranged according to four phases of the security administrator's role: designing a secure network, creating and implementing standard security policies, identifying insecure systems in an existing environment, and training both onsite and remote users
  • Ideal hands-on for those preparing for CompTIA's Security+ exam (SY0-301)

This comprehensive workbook provides the next best thing to intensive on-the-job training for security professionals.

Table of Contents

  1. Cover
  2. Contents
  3. Title
  4. Copyright
  5. Dedication
  6. Acknowledgments
  7. About the Authors
  8. Introduction
  9. Phase 1: The Grunt Work of Security
    1. Task 1.1: Performing an Initial Risk Assessment
    2. Task 1.2: Determining Which Security Policy Is Most Important
    3. Task 1.3: Establishing a User-Awareness Program
    4. Task 1.4: Reviewing a Physical-Security Checklist
    5. Task 1.5: Understanding the Value of Documents
  10. Phase 2: Hardening Systems
    1. Task 2.1: Managing Services
    2. Task 2.2: Managing Ports
    3. Task 2.3: Patching the Operating System
    4. Task 2.4: Security Templates
    5. Task 2.5: Securing Autoruns
    6. Task 2.6: Securing Hardware Devices
    7. Task 2.7: Virtualization
    8. Task 2.8: Locking the Computer Using an Idle Time-out
  11. Phase 3: Malicious Software
    1. Task 3.1: Installing, Updating, and Running Antivirus Software
    2. Task 3.2: Using a Rootkit Checker
    3. Task 3.3: Adware
    4. Task 3.4: Using a Spyware Checker
    5. Task 3.5: Malicious Software Removal Tool
    6. Task 3.6: McAfee Site Advisor
    7. Task 3.7: ARP Poisoning with Cain & Abel
    8. Task 3.8: Attacking Authentication with Firesheep
  12. Phase 4: Secure Storage
    1. Task 4.1: The Encrypting File System
    2. Task 4.2: EFS Data Recovery
    3. Task 4.3: Implementing Syskey
    4. Task 4.4: Converting FAT to NTFS
    5. Task 4.5: Implementing Disk Fault Tolerance with RAID
    6. Task 4.6: Backing Up Data
    7. Task 4.7: Restoring Data from a Backup
    8. Task 4.8: Securing Shares
    9. Task 4.9: BitLocker Drive Encryption
    10. Task 4.10: Securing Data to Satisfy FIPS 140-2 Using PGP Desktop
  13. Phase 5: Managing User Accounts
    1. Task 5.1: Creating User Accounts
    2. Task 5.2: Implementing the Password Policy
    3. Task 5.3: Auditing Logons
    4. Task 5.4: Securing the Default User Accounts
    5. Task 5.5: Implementing a Deny Group
  14. Phase 6: Network Security
    1. Task 6.1: Deploying IPSec
    2. Task 6.2: Configuring the VPN Server
    3. Task 6.3: Configuring the VPN Client
    4. Task 6.4: Implementing Secure Remote Administration
    5. Task 6.5: Secure Administration Using Run As
    6. Task 6.6: Configuring a Packet Filter
    7. Task 6.7: Implementing 802.11 Wireless Security
    8. Task 6.8: Implementing an IPSec VPN Using AES
    9. Task 6.9: Implementing a Personal Firewall
  15. Phase 7: Securing Internet Activity
    1. Task 7.1: Configuring Internet Access
    2. Task 7.2: Using Internet Explorer Security Zones
    3. Task 7.3: Configuring IE for Secure Use of Cookies
    4. Task 7.4: Using Internet Connection Sharing
    5. Task 7.5: Securing Email
    6. Task 7.6: Spam Management
    7. Task 7.7: Installing and Using a Digital Certificate
    8. Task 7.8: Certificate Backup and Management
    9. Task 7.9: Performing Secure File Exchange
    10. Task 7.10: Validating Downloads and Checking the Hash
    11. Task 7.11: Logging and Recording Internet Activity
    12. Task 7.12: Using HTTPS to Encrypt Web Traffic
    13. Task 7.13: Using Force-TLS to Add Security to Web Browsing
  16. Phase 8: Security Testing
    1. Task 8.1: Penetration Testing with Nessus
    2. Task 8.2: Penetration Testing with Retina
    3. Task 8.3: Performing Assessments with MBSA
    4. Task 8.4: Performing Security Assessments with IT Shavlik
    5. Task 8.5: Performing Internet Vulnerability Profiling
    6. Task 8.6: Tracking Hostile IPs
    7. Task 8.7: Investigating Netcat
    8. Task 8.8: Exploiting Vulnerabilities with Metasploit
  17. Phase 9: Investigating Incidents
    1. Task 9.1: Configuring an Audit Policy for Object Access
    2. Task 9.2: Reviewing the Audit Logs
    3. Task 9.3: Forcing a Memory Dump
    4. Task 9.4: Capturing Packets with the Packet Analyzer: Wireshark
    5. Task 9.5: Recovering Previous Versions of Files
    6. Task 9.6: Recovering Deleted Content from the File System
  18. Phase 10: Security Troubleshooting
    1. Task 10.1: Booting into Safe Mode
    2. Task 10.2: Implementing Last Known Good Configuration
    3. Task 10.3: Using System Restore
    4. Task 10.4: Sanitizing Media
    5. Task 10.5: Implementing a Host-Based Intrusion Detection System
  19. Index