Eleventh Hour Security+



Similar documents
form approved June/2006 revised Page 1 of 7

CompTIA Security+ Certification Study Guide. (Exam SYO-301) Glen E. Clarke. Gravu Hill

Security + Certification (ITSY 1076) Syllabus

Certification Exam Objectives: SY0-201

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

FBLA Cyber Security aligned with Common Core FBLA: Cyber Security RST RST RST RST WHST WHST

Fundamentals of Network Security - Theory and Practice-

BUY ONLINE FROM:

PRINCE GEORGE'S COMMUNITY COLLEGE OFFICE OF INSTRUCTION MASTER COURSE SYLLABUS

Network Security: A Practical Approach. Jan L. Harrington

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

CompTIA Security+ (Exam SY0-410)

Higher National Unit specification: general information

Networking: EC Council Network Security Administrator NSA

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes

Network Security. Windows 2012 Server. Securing Your Windows. Infrastructure. Network Systems and. Derrick Rountree. Richard Hicks, Technical Editor

IT Networking and Security

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

Section 12 MUST BE COMPLETED BY: 4/22

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

The Information Security Problem

Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np

Information Technology Career Cluster Advanced Cybersecurity Course Number:

SonicWALL PCI 1.1 Implementation Guide

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Computer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON

CIS 250 NETWORK SECURITY JACKSON STATE COMMUNITY COLLEGE COURSE SYLLABUS

Chapter 15: Computer and Network Security

Diploma in Information Security Control, Audit and Management (CISSP Certification)

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

Introduction to Cyber Security / Information Security

Network Security Administrator

Tim Bovles WILEY. Wiley Publishing, Inc.

Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Certified Ethical Hacker Exam Version Comparison. Version Comparison

How To Pass A Credit Course At Florida State College At Jacksonville

Supplier Information Security Addendum for GE Restricted Data

Securing SQL Server. Protecting Your Database from. Second Edition. Attackers. Denny Cherry. Michael Cross. Technical Editor ELSEVIER

Section 1 CREDIT UNION Member Information Security Due Diligence Questionnaire

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

Weighted Total Mark. Weighted Exam Mark

DRAFT Standard Statement Encryption

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs

On-Site Computer Solutions values these technologies as part of an overall security plan:

CISA TIMETABLE (4 DAYS)

Description: Objective: Attending students will learn:

Table of Contents. Introduction. Audience. At Course Completion

Security. TestOut Modules

ICANWK406A Install, configure and test network security

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

CEH Version8 Course Outline

Chapter 4 Application, Data and Host Security

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

Skoot Secure File Transfer

Complying with PCI Data Security

Network Security Essentials:

OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

IT Networking and Security

Course Content Summary ITN 262 Network Communication, Security and Authentication (4 Credits)

Cyber Attacks. Protecting National Infrastructure Student Edition. Edward G. Amoroso

Did you know your security solution can help with PCI compliance too?

Medical Networks and Operating Systems

How To Understand And Understand The Security Of A Key Infrastructure

CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker

Achieving PCI-Compliance through Cyberoam

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

SCP - Strategic Infrastructure Security

Joseph Migga Kizza. A Guide to Computer Network Security. 4) Springer

74% 96 Action Items. Compliance

Course Outline Computing Science Department Faculty of Science. COMP Credits Computer Network Security (3,1,0) Fall 2015

TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES

Network Security Fundamentals

Securing the Cloud. Cloud Computer Security Techniques and Tactics. Vic (J.R.) Winkler. Technical Editor Bill Meine ELSEVIER

GE Measurement & Control. Cyber Security for NEI 08-09

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

Fortinet Solutions for Compliance Requirements

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Security+ Certification Course

GSEC GIAC Security. Essentials Certification ONE ALL IN EXAM GUIDE. Ric Messier. Singapore Sydney Toronto

Introduction p. 2. Introduction to Information Security p. 1. Introduction

Retention & Destruction

CTS2134 Introduction to Networking. Module Network Security

An expert s tips for cracking tough CISSP exam

Altus UC Security Overview

How To Protect Data From Attack On A Network From A Hacker (Cybersecurity)

Build Your Own Security Lab

Networked Systems Security

המרכז ללימודי חוץ המכללה האקדמית ספיר. ד.נ חוף אשקלון טל' פקס בשיתוף עם מכללת הנגב ע"ש ספיר

ICANWK602A Plan, configure and test advanced server based security

Detailed Description about course module wise:

Transcription:

Eleventh Hour Security+ Exam SYO-201 Study Guide I do Dubrawsky Technical Editor Michael Cross AMSTERDAM BOSTON HEIDELBERG LONDON NEWYORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO SYNGRESS. Syngress is an imprint of Elsevier

Contents About the Authors xiii CHAPTER 1 Systems Security Systems security threats 1 Privilege escalation 1 Viruses and worms 2 Trojan 4 Spyware and adware 4 Rootkits and botnets 5 Logic bombs 6 Host intrusion detection system 6 Behavior-based vs. signature-based IDS characteristics 7 Anti-SPAM 9 Pop-up blockers 9 Hardware and peripheral security risks 9 BIOS 10 USB devices 10 Cell phones Removable storage H devices 12 Network attached storage 13 Summary of exam objectives 13 Top five toughest questions 14 Answers 15 CHAPTER 2 OS Hardening General OS hardening 17 Services 18 File system IS Removing unnecessary programs 18 Hotfixes/patches 19 Service packs/maintenance updates 19 Patch management 19

Windows group policies 21 Security templates 21 Configuration baselines 22 Server OS hardening 23 Enabling and disabling services and protocols 23 FTP servers 23 DNS servers 24 NNTP servers 24 File and print servers 25 DHCP servers 25 Data repositories 25 Workstation OS 27 User rights and groups 27 Summary of exam objectives 28 Top five toughest questions 28 Answers 29 CHAPTER 3 Application Security Threats are moving "up the stack" 31 Rationale 32 Threat modeling 32 Application security threats 33 Browser 33 Buffer overflows 41 Packet sniffers and instant messaging 42 Instant messaging 42 Peer-to-peer 43 SMTP open relays 43 Summary of exam objectives 44 Top five toughest questions 44 Answers 46 CHAPTER 4 Visualization Technologies The purpose of virtualization 49 Benefits of virtualization 49 Types of virtualization 50 Designings virtual environment 51 System virtualization 54 Management of virtual servers 55

Application virtualization 55 Application streaming 56 Summary of exam objectives 56 Top five toughest questions 56 Answers 58 CHAPTER 5 Network Security General network security 61 Network services and risks associated with them 61 Network design elements 61 Network security tools 62 Network ports, services, and threats 62 Network ports and protocols 62 Network threats 62 Network design elements and components 66 Firewalls 66 What is a DMZ? 69 VLANs 70 Network address translation 71 Network access control/network access protection 71 Telephony 72 Network security tools 72 Intrusion detection and preventions systems 72 Honeypots 73 Content filters 74 Protocol analyzers 74 Summary of exam objectives 74 Top five toughest questions 75 Answers 76 CHAPTER 6 Wireless Networks Wireless network design 77 Wireless communications 77 Spread spectrum technology 78 Wireless network architecture 79 CSMA/CD and CSMA/CA 79 Service set ID broadcast 80 Wireless security standards 81 The failure ofwep 81 WPA andwpa2 82

WAP 82 WTLS 82 Authentication 83 Rogue access points 84 Data emanation 84 Bluetooth 85 Summary of exam objectives 86 Top five toughest questions 86 Answers 87 References 88 CHAPTER 7 Network Access General network access 89 /Access control 89 Access control models 90 Authentication models and components 91 Identity 92 Access control methods and models 92 Separation of duties 92 Least privilege 93 Job rotation 93 Mandatory access control 93 Discretionary access control 94 Role- and rule-based access control 95 Access control organization 97 Security groups 97 Security controls 98 Logical access control methods 98.Access control lists 98 Group policies 99 Domain policies 99 Time of day restrictions 100 Account expiration 100 Logical tokens 100 Physical access security methods 101 Access lists and logs 102 Hardware locks 103 ID badges 103 Door access systems 104

Man-trap 105 Video surveillance 105 Summary of exam objectives 105 Top five toughest questions 105 Answers 107 CHAPTER 8 Network Authentication Authentication methods 109 Aceess control 110 Authentication 110 Auditing Authentication methods One-factor Ill Ill Ill Two-factor 112 Three-factor. 112 Single sign-on 112 Authentication systems 113 Remote access policies and authentication 113 Biometrics 113 Summary of exam objectives 122 Top five toughest questions 123 Answers 124 CHAPTER 9 Risk Assessment and Risk Mitigation Conduct risk assessments and implement risk mitigation 127 Vulnerability assessment tools 127 Password crackers 128 Network mapping tools 129 Use monitoring tools on systems and networks 129 Workstations 129 Intrusion detection systems 130 Logging and auditing 130 Auditing systems 131 System Logs 131 Performance Logs 132 Access Logs 132 Audits 132 Summary of exam objectives 132 Top five toughest questions 132 Answers 133

CHAPTER 10 General Cryptographic Concepts General cryptography 135 Symmetric key cryptography 135 Asymmetric key cryptography 136 Hashes and applications 136 Digital signatures 138 Certificates 139 CIA For all your security needs 140 Non-repudiation 140 Key management 140 Encryption algorithms 141 DES 141 3DES 141 RSA 141 AES 142 Elliptic curve cryptography 142 One-time pads 142 Transmission encryption 142 WEP 143 TKIP 143 Protocols 143 SSL/TLS 143 HUP vs. HTTPS vs. SHTTP 144 Other protocols with TLS 144 S/MIME 144 SSH 145 /PSec 145 PPTP 146 L2TP 147 Cryptography in operating systems 147 File and folder encryption 147 E-mail 148 Whole disk encryption 148 Trusted platform module 148 Summary of exam objectives 149 Top five toughest questions 149 Answers 150 CHAPTER 11 Public Key Infrastructure PKI overview 153 PKI encryption 154

PKI Standards 154 PKI solutions 155 Components of PKI 155 Digital certificates 156 Certification authority 156 Certificate revocation list 156 Recovery agents 156 Certificate authority 158 Certificate revocation list 159 Key escrow 160 Registration 160 Recovery agents 161 Implementation 162 Certificate management 162 Summary of exam objectives 163 Top five toughest questions 163 Answers 164 CHAPTER 12 Redundancy Planning Alternate sites 167 Hot site 168 Warm site 168 Cold site 168 Redundant systems 169 Servers 169 Connections 170 ISP 170 RAID 171 Spare parts 172 Backup generator 172 UPS 173 Summary of exam objectives 173 Top five toughest questions 174 Answers 175 CHAPTER 13 Controls and Procedures Environmental controls 177 Fire suppress/on 177 HVAC 178 179 Shielding

Implementing disaster recovery and incident response procedures 180 Disaster recovery 180 Incident response 183 Defending against social engineering 187 Summary of exam objectives 189 Top five toughest questions 189 Answers...191 CHAPTER 14 Legislation and Organizational Policies Secure disposal of systems 193 Retention/storage 194 Destruction 194 Acceptable use policies 195 Password complexity 195 Strong passwords 196 Password changes and restrictions 196 Administrator accounts 196 Change management 196 Information classification 197 Vacations 197 Separation of duties 198 Personally identifiable information 198 Privacy 199 Due care 200 Due process 200 Due diligence 200 SLAs 201 User education and awareness training 201 Communication 201 User awareness 202 Education 202 Online resources 202 Security-related HR policies 203 Code of Ethics 203 Summary of exam objectives 204 Top five toughest questions 204 Answers 205 Index 207

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information