Eleventh Hour Security+ Exam SYO-201 Study Guide I do Dubrawsky Technical Editor Michael Cross AMSTERDAM BOSTON HEIDELBERG LONDON NEWYORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO SYNGRESS. Syngress is an imprint of Elsevier
Contents About the Authors xiii CHAPTER 1 Systems Security Systems security threats 1 Privilege escalation 1 Viruses and worms 2 Trojan 4 Spyware and adware 4 Rootkits and botnets 5 Logic bombs 6 Host intrusion detection system 6 Behavior-based vs. signature-based IDS characteristics 7 Anti-SPAM 9 Pop-up blockers 9 Hardware and peripheral security risks 9 BIOS 10 USB devices 10 Cell phones Removable storage H devices 12 Network attached storage 13 Summary of exam objectives 13 Top five toughest questions 14 Answers 15 CHAPTER 2 OS Hardening General OS hardening 17 Services 18 File system IS Removing unnecessary programs 18 Hotfixes/patches 19 Service packs/maintenance updates 19 Patch management 19
Windows group policies 21 Security templates 21 Configuration baselines 22 Server OS hardening 23 Enabling and disabling services and protocols 23 FTP servers 23 DNS servers 24 NNTP servers 24 File and print servers 25 DHCP servers 25 Data repositories 25 Workstation OS 27 User rights and groups 27 Summary of exam objectives 28 Top five toughest questions 28 Answers 29 CHAPTER 3 Application Security Threats are moving "up the stack" 31 Rationale 32 Threat modeling 32 Application security threats 33 Browser 33 Buffer overflows 41 Packet sniffers and instant messaging 42 Instant messaging 42 Peer-to-peer 43 SMTP open relays 43 Summary of exam objectives 44 Top five toughest questions 44 Answers 46 CHAPTER 4 Visualization Technologies The purpose of virtualization 49 Benefits of virtualization 49 Types of virtualization 50 Designings virtual environment 51 System virtualization 54 Management of virtual servers 55
Application virtualization 55 Application streaming 56 Summary of exam objectives 56 Top five toughest questions 56 Answers 58 CHAPTER 5 Network Security General network security 61 Network services and risks associated with them 61 Network design elements 61 Network security tools 62 Network ports, services, and threats 62 Network ports and protocols 62 Network threats 62 Network design elements and components 66 Firewalls 66 What is a DMZ? 69 VLANs 70 Network address translation 71 Network access control/network access protection 71 Telephony 72 Network security tools 72 Intrusion detection and preventions systems 72 Honeypots 73 Content filters 74 Protocol analyzers 74 Summary of exam objectives 74 Top five toughest questions 75 Answers 76 CHAPTER 6 Wireless Networks Wireless network design 77 Wireless communications 77 Spread spectrum technology 78 Wireless network architecture 79 CSMA/CD and CSMA/CA 79 Service set ID broadcast 80 Wireless security standards 81 The failure ofwep 81 WPA andwpa2 82
WAP 82 WTLS 82 Authentication 83 Rogue access points 84 Data emanation 84 Bluetooth 85 Summary of exam objectives 86 Top five toughest questions 86 Answers 87 References 88 CHAPTER 7 Network Access General network access 89 /Access control 89 Access control models 90 Authentication models and components 91 Identity 92 Access control methods and models 92 Separation of duties 92 Least privilege 93 Job rotation 93 Mandatory access control 93 Discretionary access control 94 Role- and rule-based access control 95 Access control organization 97 Security groups 97 Security controls 98 Logical access control methods 98.Access control lists 98 Group policies 99 Domain policies 99 Time of day restrictions 100 Account expiration 100 Logical tokens 100 Physical access security methods 101 Access lists and logs 102 Hardware locks 103 ID badges 103 Door access systems 104
Man-trap 105 Video surveillance 105 Summary of exam objectives 105 Top five toughest questions 105 Answers 107 CHAPTER 8 Network Authentication Authentication methods 109 Aceess control 110 Authentication 110 Auditing Authentication methods One-factor Ill Ill Ill Two-factor 112 Three-factor. 112 Single sign-on 112 Authentication systems 113 Remote access policies and authentication 113 Biometrics 113 Summary of exam objectives 122 Top five toughest questions 123 Answers 124 CHAPTER 9 Risk Assessment and Risk Mitigation Conduct risk assessments and implement risk mitigation 127 Vulnerability assessment tools 127 Password crackers 128 Network mapping tools 129 Use monitoring tools on systems and networks 129 Workstations 129 Intrusion detection systems 130 Logging and auditing 130 Auditing systems 131 System Logs 131 Performance Logs 132 Access Logs 132 Audits 132 Summary of exam objectives 132 Top five toughest questions 132 Answers 133
CHAPTER 10 General Cryptographic Concepts General cryptography 135 Symmetric key cryptography 135 Asymmetric key cryptography 136 Hashes and applications 136 Digital signatures 138 Certificates 139 CIA For all your security needs 140 Non-repudiation 140 Key management 140 Encryption algorithms 141 DES 141 3DES 141 RSA 141 AES 142 Elliptic curve cryptography 142 One-time pads 142 Transmission encryption 142 WEP 143 TKIP 143 Protocols 143 SSL/TLS 143 HUP vs. HTTPS vs. SHTTP 144 Other protocols with TLS 144 S/MIME 144 SSH 145 /PSec 145 PPTP 146 L2TP 147 Cryptography in operating systems 147 File and folder encryption 147 E-mail 148 Whole disk encryption 148 Trusted platform module 148 Summary of exam objectives 149 Top five toughest questions 149 Answers 150 CHAPTER 11 Public Key Infrastructure PKI overview 153 PKI encryption 154
PKI Standards 154 PKI solutions 155 Components of PKI 155 Digital certificates 156 Certification authority 156 Certificate revocation list 156 Recovery agents 156 Certificate authority 158 Certificate revocation list 159 Key escrow 160 Registration 160 Recovery agents 161 Implementation 162 Certificate management 162 Summary of exam objectives 163 Top five toughest questions 163 Answers 164 CHAPTER 12 Redundancy Planning Alternate sites 167 Hot site 168 Warm site 168 Cold site 168 Redundant systems 169 Servers 169 Connections 170 ISP 170 RAID 171 Spare parts 172 Backup generator 172 UPS 173 Summary of exam objectives 173 Top five toughest questions 174 Answers 175 CHAPTER 13 Controls and Procedures Environmental controls 177 Fire suppress/on 177 HVAC 178 179 Shielding
Implementing disaster recovery and incident response procedures 180 Disaster recovery 180 Incident response 183 Defending against social engineering 187 Summary of exam objectives 189 Top five toughest questions 189 Answers...191 CHAPTER 14 Legislation and Organizational Policies Secure disposal of systems 193 Retention/storage 194 Destruction 194 Acceptable use policies 195 Password complexity 195 Strong passwords 196 Password changes and restrictions 196 Administrator accounts 196 Change management 196 Information classification 197 Vacations 197 Separation of duties 198 Personally identifiable information 198 Privacy 199 Due care 200 Due process 200 Due diligence 200 SLAs 201 User education and awareness training 201 Communication 201 User awareness 202 Education 202 Online resources 202 Security-related HR policies 203 Code of Ethics 203 Summary of exam objectives 204 Top five toughest questions 204 Answers 205 Index 207