GSEC GIAC Security. Essentials Certification ONE ALL IN EXAM GUIDE. Ric Messier. Singapore Sydney Toronto



Similar documents
CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker

CompTIA Security+ Certification Study Guide. (Exam SYO-301) Glen E. Clarke. Gravu Hill

BUY ONLINE FROM:

Network System Design Lesson Objectives

Computer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON

Eleventh Hour Security+

Networking. Sixth Edition. A Beginner's Guide BRUCE HALLBERG

Network Security: A Practical Approach. Jan L. Harrington

Networking: EC Council Network Security Administrator NSA

Core Syllabus. Version 2.6 C OPERATE KNOWLEDGE AREA: OPERATION AND SUPPORT OF INFORMATION SYSTEMS. June 2006

Fundamentals of Network Security - Theory and Practice-

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

Build Your Own Security Lab

Network Security Essentials:

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

Cisco. A Beginner's Guide Fifth Edition ANTHONY T. VELTE TOBY J. VELTE. City Milan New Delhi Singapore Sydney Toronto. Mc Graw Hill Education

Security + Certification (ITSY 1076) Syllabus

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

CompTIA Security+ (Exam SY0-410)

Joseph Migga Kizza. A Guide to Computer Network Security. 4) Springer

Weighted Total Mark. Weighted Exam Mark

JOB READY ASSESSMENT BLUEPRINT COMPUTER NETWORKING FUNDAMENTALS - PILOT. Test Code: 4514 Version: 01

IT Networking and Security

"Charting the Course to Your Success!" MOC D Windows 7 Enterprise Desktop Support Technician Course Summary

Networking. Systems Design and. Development. CRC Press. Taylor & Francis Croup. Boca Raton London New York. CRC Press is an imprint of the

Understanding the Pros and Cons of Combination Networks 7. Acknowledgments Introduction. Establishing the Numbers of Clients and Servers 4

RHCSA 7RHCE Red Haf Linux Certification Practice

Linux Operating System Security

CompTIA Network+ (Exam N10-005)

Network Security Foundations

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Description: Objective: Attending students will learn:

Study Guide. Professional vsphere 4. VCP VMware Certified. (ExamVCP4IO) Robert Schmidt. IVIC GratAf Hill

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

Introduction to Cyber Security / Information Security

SCP - Strategic Infrastructure Security

CRYPTOGRAPHY AND NETWORK SECURITY

Network Security Administrator

Section 12 MUST BE COMPLETED BY: 4/22

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

CCNA Security v1.0 Scope and Sequence

FBLA Cyber Security aligned with Common Core FBLA: Cyber Security RST RST RST RST WHST WHST

Local Area Networks (LANs) Blueprint (May 2012 Release)

IT Data Communication and Networks (Optional)

CDS and Clearing Limited Thapathali, Kathmandu 7 th Level (Technical) Syllabus

CISA TIMETABLE (4 DAYS)

Building VPNs. Nam-Kee Tan. With IPSec and MPLS. McGraw-Hill CCIE #4307 S&

form approved June/2006 revised Page 1 of 7

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

ICTTEN8195B Evaluate and apply network security

IT4405 Computer Networks (Compulsory)

Network Security Bible Dr. Eric Cole, Dr. Ronald Krutz, and James W. Conley WILEY

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

Network Security Fundamentals

Advanced Higher Computing. Computer Networks. Homework Sheets

INFORMATION SECURITY TRAINING CATALOG (2015)

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

INCIDENT RESPONSE CHECKLIST

Principles of Information Assurance Syllabus

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

How To Pass A Credit Course At Florida State College At Jacksonville

Certified Telecommunications & Network Professional (CTNP) Syllabus. Version 1.0

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Designing and Coding Secure Systems

Networking Technology Online Course Outline

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

IT Networking and Security

Linux Network Security

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

COMPUTER NETWORK TECHNOLOGY (300)

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY

Network Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶

Voice over IP Security

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

COMP-530 Cryptographic Systems Security *Requires Programming Background. University of Nicosia, Cyprus

CHAINED EXPLOITS Advanced Hacking Attacks from Start to Finish

Draft ITU-T Recommendation X.805 (Formerly X.css), Security architecture for systems providing end-to-end communications

Chapter 9 Firewalls and Intrusion Prevention Systems

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

information security and its Describe what drives the need for information security.

MCSE Windows 98 Study Guide

CESG Certification of Cyber Security Training Courses

Network Defense Tools

CMSC 421, Operating Systems. Fall Security. URL: Dr. Kalpakis

Chapter 15: Computer and Network Security

Course Description and Outline. IT Essential II: Network Operating Systems V2.0

Information Technology Career Cluster Advanced Cybersecurity Course Number:

Transcription:

ALL IN ONE GSEC GIAC Security Essentials Certification EXAM GUIDE Ric Messier New York Chicago San Francisco Athens London Madrid Mexico City Milan New Delhi Singapore Sydney Toronto "4 McGraw-Hill Education is an independent entity from Global Information Assurance Certification (GIAC) and is not affiliated with GIAC in any manner. This study/training guide and/or material is not sponsored by, endorsed by, or affiliated with GIAC in any manner. This publication and CD-ROM may be used in assisting students to prepare for the GIAC Security Essentials (GSEC) exam. Neither GIAC nor McGraw-Hill Education warrant that use of this publication and CD-ROM will ensure passing any exam. GIAC is a registered trademark of Global Information Assurance Certification in the United States and certain other countries. All other trademarks are trademarks of their respective owners.

CONTENTS Acknowledgments Introduction xvi xvii Chapter I Information Security and the GIAC Security Essentials Certification I The Evolution and Importance of Security 1 Types of Security Threats 2 Malware 2 Identity Theft 4 Mobile Devices 6 Denial of Service 6 Insider Threats 7 About SANS 7 About the GSEC Certification 8 Who the Exam Is For 9 About the Exam 9 The Purpose of This Book 10 Chapter 2 Networking Fundamentals II History oftcp/ip Networking Stacks 13 The OSI Model 14 TCP/IP Architecture 18 Protocols 19 Internet Protocol 20 IP Version 4 Headers 20 23 Addressing Fragmentation Internet Protocol Version 6 27 Internet Control Message Protocol (ICMP) 29 Transmission Control Protocol (TCP) 31 Reliable Delivery 33 The Mitnick-Shimomura Attack 37 User Datagram Protocol (UDP) 38 Domain Name System (DNS) 40 Chapter Review 42 Questions 42 Answers 44 Exercise Answers 45 H 26 vii

GSEC GIAC Security Essentials Certification All-in-One Exam Guide viii Chapter 3 Network Design 47 Cable Types 47 Coaxial Cable 47 Twisted Pair 48 Fiber Optics 49 Topologies 51 Bus Topology 52 Star Topology 54 Mesh Topology 56 Full Mesh Topology 58 Ring Topology 60 Switching 62 Ethernet 63 Asynchronous Transfer Mode (ATM) 65 Hubs, Bridges, and Switches 66 Routing 68 Distance Vector Routing 71 Link-State Routing 72 Security Mechanisms 73 Routers 74 Firewalls 76 Intrusion Detection Systems 82 Chapter Review 85 Questions 86 Answers 87 Exercise 3-1 Answer 88 Chapter 4 Authentication and Access Control 89 Authentication 90 Credentials 91 Token-Based Authentication 97 Biometrics 99 RADIUS 103 TACACS/TACACS+ 104 Web-Based Authentication 105 Basic Authentication 105 Multifactor Authentication 110 Authorization Ill Principle of Least Privilege 112 Accounting 112 Access Control 114 Discretionary Access Control 114 Mandatory Access Control 115 Role-Based Access Control 116 Attribute-Based Access Control 117 Single Sign-On 118

" Contents IX Chapter Review 120 Questions 120 Answers 122 Exercise 4-1 Answer 123 Chapter 5 Network Security 125 Common Attacks 126 Protocol Attacks 127 Maiware 130 Network Attacks 131 Web-Based Attacks 134 Phishing and Drive-by Downloading 136 Defense in Depth 137 Security Through Obscurity 138 Firewalls 139 Network-Based Firewalls 141 Host-Based Firewalls 141 Intrusion Defense 144 Intrusion Detection 145 Intrusion Prevention 147 Anti-Virus Software 148 Vulnerability Management 149 Honeypots 153 Chapter Review 154 Questions 155 Answers 156 Exercise 5-2 Answer 157 Chapter 6 Linux '59 UNIX History 160 GNU I61 The Kernel 162 Filesystem Layout 165 Using Linux 168 General Utilities 168 File Management 169 Process Management 170 Networking 170 Software Management 170 Debian 171 RedHat/CentOS 172 Slackware Boot Process 174 Process Management *76 Processes and Threads I77 Process Tools 178 Signals 180

GSEC GIAC Security Essentials Certification All-in-One Exam Guide X System Management 182 Backups 182 Patch Management 183 Job Scheduling 184 User Management 185 Configuration 188 Logging and Log Management 190 Security Tools 192 SELinux 194 TripWire 194 iptables 196 AppArmor 198 Chapter Review 198 Questions 199 Answers 200 Exercise Answers 201 Chapter 7 Windows 203 Windows History 204 Windows 3.x and Windows NT 3.x 204 Windows 9x, NT 4.0, and Windows 2000 205 Windows XP and Beyond 208 Windows Networking 210 Basic Configuration 210 Networking Utilities 212 Securing Windows Networking 214 Resource Management 220 Windows Workgroups vs. Windows Domains 220 Active Directory 222 Users and Groups 224 Resource Sharing 225 Policies and Policy Management 226 Windows Management 229 Automation 231 Configuration 233 Auditing 234 User Rights 236 Permissions 240 Registry 241 Windows Security 242 EFS and BitLocker 243 Updates and Hotfixes 244 Service Packs 245 Backups 246 Security Templates 247 Securing Windows Services 248

Contents ^ Securing Windows Services 250 US 250 SQL Server 251 Terminal Services 252 Chapter Review 253 Questions 254 Answers 256 Answers to Exercises 257 Chapter 8 Encryption 259 Important Dates in Cryptography History 260 Foundations 260 Diffie-Hellman 262 RSA 264 Digest Algorithms 264 Cryptographic Attacks 265 X.509 Certificates 266 Public Key Infrastructure (PKI) 269 S/MIME 274 Pretty Good Privacy (PGP) 275 Symmetric Encryption 278 DES and Triple DES 279 AES 2S0 Asymmetric Encryption 281 SSLandTLS 282 Virtual Private Networks (VPNs) 284 IPSec 287 Steganography 289 Kerberos 291 Chapter Review 291 Questions 292 Answers 29 4 Exercise Answers 295 Chapter 9 Risk Management 297 Regulatory 297 Risk Management 300 Cost-Benefit Analysis 303 Quantitative Risk Assessment 305 Qualitative Risk Assessment 306 Risk Management Strategics 307 Security Policies 308 Data at Rest 310 Contingency Plans 311 Disaster Recovery 312

GSEC GIAC Security Essentials Certification All-in-One Exam Guide xii Incident Handling 313 The Legal Impact of Incidents 317 Information Warfare 318 OPSEC 319 Chapter Review 321 Questions 322 Answers 323 Exercise 9-1 Answer 324 Chapter 10 Virtual Machines 325 Virtual Machine History 325 Emulation and the PC Era 327 Application Virtualization 328 Virtual Memory 328 Paging Algorithms 332 Security Implications 333 Reasons for Virtualizing 334 Hypervisors 336 Virtual Resources 339 Other Virtual Machines 341 Chapter Review 343 Questions 344 Answers 346 Exercise 10-1 Answer 347 Chapter 11 Vulnerability Control 349 Network Mapping/Scanning 350 Different Types of Mapping 350 Nmap 357 Application Mapping AMAP 361 Vulnerability Scanning 362 Vulnerability Management 366 Vulnerability Exploitation 370 Web Application Security 372 Common Web Vulnerabilities 372 SSL/TLS 373 Cookies 374 CGI 376 AJAX 376 Web Vulnerability Scanning 377 Web Application Firewalls 378 Chapter Review 379 Questions 379 Answers 381 Exercise 11-1 Answer 382

XIII Chapter 12 Malware 385 Types of Malware 385 Virus 386 Worm 387 Trojan Horse 388 Rootkit 389 Botnet Client 391 Spyware/Adware 392 Anti-Virus 393 Anti-Virus Evasion 395 Packing 395 Encryption 396 Code Modifications 396 Malware Vectors 397 "Sneaker Net" 397 E-mail 398 Network 399 Drive-by Attacks 400 Boot Sector/MBR 401 Infection Vectors 401 Malware Analysis 402 Static Analysis 403 Dynamic Analysis 407 Malware Policy 409 Chapter Review 410 Questions 411 Answers 413 Exercise 12-1 Answer 414 Chapter 13 Physical Security 415 Deterrent Controls 416 Prevention Controls 417 Fences and Gates 417 Locks 422 Construction 424 Access Control 428 Exterior Lighting 429 Barriers and Impediments 430 Electrical Power 433 Detection Controls 434 Video Monitoring 434 Fire Detection 436 Motion Sensors 438 Water Sensors 438

GSEC GIAC Security Essentials Certification All-in-One Exam Guide xiv Corrective Controls 439 Fire Suppression 439 Policies and Procedures 442 Toxic Cleanup 443 Chapter Review 444 Questions 445 Answers 44<^ Exercise 13-1 Answer 447 Chapter 14 Wireless Technologies 449 Radio Transmission 450 Frequency and Spectrum 451 Modulation and Carrier Waves 452 Antennas and Transmissions 452 Receiver 454 Frequency Hopping 454 802.11 455 WiMAX Bluetooth RFID Encryption 459 Cracking and Analysis Utilities 461 MiFi 463 Encryption 469 Bluetooth Attacks Near Field Communication 472 ZigBee 472 Chapter Review 473 Questions 473 Answers Exercise 14-1 Answer 463 464 470 470 475 476 Chapter 15 VoIP 477 A (Very Brief) History of Telephony 477 In-Band vs. Out-of-Band Signaling 482 Signaling System 7 483 H.323 484 Security Considerations 487 Real-Time Transport Protocol (RTP) 487 The Session Initiation Protocol (SIP) 488 Messaging 489 User Agents 492 NAT Traversal Attacks on SIP 493 495

Contents XV The Skinny Call Control Protocol (SCCP) 497 Skype 497 The Benefits ofvoip 498 Chapter Review 499 Questions 500 Answers 502 Exercise 15-1 Answer 502 Appendix About the CD-ROM 503 System Requirements 503 Installing and Running MasterExam 503 MasterExam 503 Help 503 Removing Installation(s) 504 Author Video 504 Electronic Book 504 Technical Support 504 LearnKey Technical Support 504 McGraw-Hill Content Support 504 Permissions 505 Index 507

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information