You are previewing Security+ Training Guide.
O'Reilly logo
Security+ Training Guide

Book Description

The Security+ certification is CompTIA's response to membership requests to develop a foundation-level certification for security workers. The IT industry is in agreement that there is a need to better train, staff, and empower those tasked with designing and implementing information security, and Security+ is an effort to meet this demand. The exam is under consideration by Microsoft as the baseline security certification for Microsoft's new security certification initiative.

The Security+ Training Guide is a comprehensive resource for those preparing to take this exam, covering everything in a format that maps to the exam objectives. The book has been subjected to a rigorous technical review, ensuring content is superior in both coverage and technical accuracy.

The accompanying CD features PrepLogic™ Practice Tests, Preview Edition. This product includes one complete PrepLogic Practice Test with approximately the same number of questions found on the actual vendor exam. Each question contains full, detailed explanations of the correct and incorrect answers. The engine offers two study modes, Practice Test and Flash Review, full exam customization, and a detailed score report.

Table of Contents

  1. Copyright
  2. CramSession Approved Study Material
  3. Security+ Training Guide Objective Matrix
  4. A Note from Series Editor Ed Tittel
  5. About the Author
  6. Acknowledgments
  7. We Want to Hear from You!
  8. How to Use This Book
  9. Introduction
  10. Study and Exam Prep Tips
    1. Learning Styles
    2. Study Tips
    3. Exam Prep Tips
    4. Final Considerations
  11. Exam Preparation
    1. General Security Concepts
      1. Introduction
      2. A Brief History of Networks and Security
      3. Basic Terminology
      4. Access Control Techniques
      5. Authentication Methods
      6. Identifying Nonessential Services and Protocols
      7. Attacks
      8. Malicious Code
      9. Social Engineering
      10. Auditing
      11. Chapter Summary
      12. Apply Your Knowledge
    2. Communication Security
      1. Introduction
      2. Recognizing and Administering Remote and Wireless Access
      3. Recognizing and Administering Security Controls—Email Communications
      4. Recognizing and Administering Security Controls—Web Presence
      5. Recognizing and Administering Security Controls—Directory
      6. Recognizing and Administering Security Controls—File Transfer
      7. Recognizing and Administering Security Controls—Wireless
      8. Recognizing Vulnerabilities and Taking Action—Instant Messaging
      9. Case Study: Bear, Trap, and Associates
      10. Chapter Summary
      11. Apply Your Knowledge
    3. Devices, Media, and Topology Security
      1. Introduction
      2. Understanding the Basic Security Concepts of Network and System Devices
      3. Understanding the Basic Security Concepts of Media
      4. Understanding the Concepts of Security Topologies
      5. Case Study: Bright Picture Solutions, Inc.
      6. Chapter Summary
      7. Apply Your Knowledge
    4. Intrusion Detection, Baselines, and Hardening
      1. Introduction
      2. Network-Based Intrusion Detection
      3. Host-Based Intrusion Detection
      4. Honeypots
      5. Incident Response
      6. Understanding Security Baselines
      7. Case Study: Pentatonic Sound Systems, LLC
      8. Chapter Summary
      9. Apply Your Knowledge
    5. Cryptography Algorithms
      1. Introduction
      2. Encryption Algorithms
      3. Concepts of Using Encryption
      4. Case Study: Tiny Monsters Creations
      5. Chapter Summary
      6. Apply Your Knowledge
    6. PKI and Key Management
      1. Introduction
      2. Digital Certificates
      3. Revocation
      4. Trust Models
      5. Identifying and Differentiating Standards and Protocols
      6. Understanding and Explaining Key Management/Certificate Lifecycle
      7. Chapter Summary
      8. Apply Your Knowledge
    7. Physical Security, Disaster Recovery, and Business Continuity
      1. Introduction
      2. Physical Security
      3. Disaster Recovery and Disaster Recovery Plans
      4. Business Continuity
      5. Chapter Summary
      6. Apply Your Knowledge
    8. Security Policy and Procedures
      1. Introduction
      2. Security Policy
      3. Case Study: Timber Network, Inc.
      4. Chapter Summary
      5. APPLY YOUR KNOWLEDGE
    9. Security Management
      1. Introduction
      2. Privilege Management
      3. Forensics
      4. Risk Identification
      5. Change Management
      6. Awareness
      7. Documentation
      8. Case Study: Q-Drugs
      9. Chapter Summary
      10. Apply Your Knowledge
  12. Final Review
    1. Fast Facts
      1. Introductory Note: Learn Key Terms!
      2. General Security Concepts
      3. Communications Security
      4. Infrastructure Security
      5. Basics of Cryptography
      6. Operational/Organizational Security
    2. Practice Exam
      1. Exam Questions
  13. Appendixes
    1. Security Resources
    2. Glossary
    3. General Security Resources and Bibliography
      1. 1. General Security Concepts
        1. Online Material
        2. Publications
      2. 2. Communication Security
        1. Online Material
        2. Publications
      3. 3. Devices, Media, and Topology Security
        1. Online Material
        2. Publications
      4. 4. Intrusion Detection, Baselines, and Hardening
        1. Online Material
        2. Publications
      5. 5. Cryptography Algorithms
        1. Online Material
        2. Publications
      6. 6. PKI and Key Management
        1. Online Material
        2. Publications
      7. 7. Physical Security, Disaster Recovery, and Business Continuity
        1. Online Material
        2. Publications
      8. 8. Security Policy and Procedures
        1. Publications
      9. 9. Security Management
        1. Online Material
    4. Overview of the Certification Process
      1. Description of the Path to Certification
      2. About the Security+ Certification Program
    5. What's on the CD-ROM
      1. PrepLogic Practice Tests, Preview Edition
    6. Using the PrepLogic Practice Tests, Preview Edition Software
      1. Exam Simulation
      2. Question Quality
      3. Interface Design
      4. Effective Learning Environment
      5. Software Requirements
      6. Installing PrepLogic Practice Tests, Preview Edition
      7. Removing PrepLogic Practice Tests, Preview Edition from Your Computer
      8. Using PrepLogic Practice Tests, Preview Edition
      9. Customer Service
      10. Product Suggestions and Comments
      11. License Agreement
  14. Index