Security+ Guide To Network Security Fundamentals,9780619215668

Security+ Guide To Network Security Fundamentals

by
Edition: 2nd
ISBN13: 9780619215668
ISBN10: 0619215666
Format: Paperback
Pub. Date: 2004-10-19
Publisher(s): Cengage Learning
Upgraded Edition: Click here!
List Price: $156.16

Rent Textbook

Select for Price
Add to Cart
There was a problem. Please try again later.

New Textbook

We're Sorry
Sold Out

Used Textbook

We're Sorry
Sold Out

eTextbook

We're Sorry
Not Available

Buy from our Marketplace starting at $11.00

How Marketplace Works:

  • This item is offered by an independent seller and not shipped from our warehouse
  • Item details like edition and cover design may differ from our description; see seller's comments before ordering.
  • Sellers much confirm and ship within two business days; otherwise, the order will be cancelled and refunded.
  • Marketplace purchases cannot be returned to eCampus.com. Contact the seller directly for inquiries; if no response within two days, contact customer service.
  • Additional shipping costs apply to Marketplace purchases. Review shipping costs at checkout.

Summary

Completely rewritten to include Microsoft Windows Server 2003 coverage and other cutting-edge technologies, this best selling text will ensure your students' success on CompTIA's latest Server+ Exam.

Table of Contents

Introduction xiii
Information Security Fundamentals
1(28)
Identifying the Challenges for Information Security
2(3)
Defining Information Security
5(1)
Understanding the Importance of Information Security
6(5)
Preventing Data Theft
6(2)
Avoiding Legal Consequences
8(1)
Maintaining Productivity
9(1)
Foiling Cyberterrorism
10(1)
Thwarting Identity Theft
11(1)
Understanding Information Security Terminology
11(2)
Exploring the CompTIA Security+ Certification Exam
13(1)
Surveying Information Security Careers
14(1)
Chapter Summary
15(1)
Key Terms
16(1)
Review Questions
17(1)
Hands-On Projects
18(9)
Case Projects
27(2)
Attackers and Their Attacks
29(40)
Developing Attacker Profiles
30(4)
Hackers
30(1)
Crackers
31(1)
Script Kiddies
32(1)
Spies
32(1)
Employees
33(1)
Cyberterrorists
33(1)
Understanding Basic Attacks
34(8)
Social Engineering
35(1)
Password Guessing
36(4)
Weak Keys
40(1)
Mathematical Attacks
41(1)
Birthday Attacks
41(1)
Examining Identity Attacks
42(4)
Man-in-the-Middle Attacks
42(1)
Replay
43(1)
TCP/IP Hijacking
44(2)
Identifying Denial of Service Attacks
46(2)
Understanding Malicious Code (Malware)
48(4)
Viruses
48(1)
Worms
49(1)
Logic Bombs
50(1)
Trojan Horses
51(1)
Back Doors
52(1)
Chapter Summary
52(2)
Key Terms
54(2)
Review Questions
56(1)
Hands-On Projects
57(10)
Case Projects
67(2)
Security Basics
69(34)
Identifying Who Is Responsible for Information Security
70(2)
Understanding Security Principles
72(6)
Layering
73(1)
Limiting
74(2)
Diversity
76(1)
Obscurity
76(1)
Simplicity
77(1)
Using Effective Authentication Methods
78(7)
Username and Password
79(1)
Tokens
80(1)
Biometrics
80(1)
Certificates
81(1)
Kerberos
82(1)
Challenge Handshake Authentication Protocol
83(1)
Mutual Authentication
83(1)
Multifactor Authentication
84(1)
Controlling Access to Computer Systems
85(4)
Mandatory Access Control
87(1)
Role Based Access Control
87(1)
Discretionary Access Control
88(1)
Auditing Information Security Schemes
89(1)
Chapter Summary
90(1)
Key Terms
91(1)
Review Questions
92(1)
Hands-On Projects
93(8)
Case Projects
101(2)
Security Baselines
103(36)
Disabling Nonessential Systems
104(5)
Hardening Operating Systems
109(5)
Applying Updates
109(3)
Securing the File System
112(2)
Hardening Applications
114(7)
Hardening Servers
115(5)
Hardening Data Repositories
120(1)
Hardening Networks
121(3)
Firmware Updates
121(1)
Network Configuration
122(2)
Chapter Summary
124(1)
Key Terms
125(2)
Review Questions
127(1)
Hands-On Projects
128(8)
Case Projects
136(3)
Securing the Network Infrastructure
139(50)
Working with the Network Cable Plant
140(7)
Coaxial Cables
140(2)
Twisted-Pair Cables
142(2)
Fiber-Optic Cables
144(2)
Securing the Cable Plant
146(1)
Securing Removable Media
147(4)
Magnetic Media
148(1)
Optical Media
148(1)
Electronic Media
149(2)
Keeping Removable Media Secure
151(1)
Hardening Network Devices
151(14)
Hardening Standard Network Devices
152(3)
Hardening Communication Devices
155(4)
Hardening Network Security Devices
159(6)
Designing Network Topologies
165(7)
Security Zones
165(2)
Network Address Translation (NAT)
167(2)
Honeypots
169(1)
Virtual LANs (VLANs)
170(2)
Chapter Summary
172(1)
Key Terms
173(3)
Review Questions
176(2)
Hands-On Projects
178(8)
Case Projects
186(3)
Web Security
189(36)
Protecting E-mail Systems
190(10)
How E-Mail Works
190(3)
E-mail Vulnerabilities
193(4)
E-mail Encryption
197(3)
Examining World Wide Web Vulnerabilities
200(9)
JavaScript
201(2)
Java Applet
203(1)
ActiveX
204(2)
Cookies
206(2)
Common Gateway Interface (CGI)
208(1)
8.3 Naming Conventions
209(1)
Securing Web Communications
209(3)
Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
210(1)
Secure Hypertext Transport Protocol (HTTPS)
211(1)
Securing Instant Messaging
212(1)
Chapter Summary
213(1)
Key Terms
214(2)
Review Questions
216(1)
Hands-On Projects
217(6)
Case Projects
223(2)
Protecting Advanced Communications
225(46)
Hardening File Transfer Protocol (FTP)
226(4)
Securing Remote Access
230(11)
Tunneling Protocols
230(2)
Layer 2 Tunneling Protocol (L2TP)
232(1)
Authentication Technologies
232(3)
Secure Transmission Protocols
235(5)
Virtual Private Networks (VPNs)
240(1)
Protecting Directory Services
241(1)
Securing Digital Cellular Telephony
242(3)
Wireless Application Protocol (WAP)
243(1)
Wireless Transport Layer Security (WTLS)
244(1)
Hardening Wireless Local Area Networks (WLAN)
245(11)
IEEE 802.11 Standards
246(2)
WLAN Components
248(1)
Basic WLAN Security
249(4)
Enterprise WLAN Security
253(3)
Chapter Summary
256(1)
Key Terms
257(3)
Review Questions
260(2)
Hands-On Projects
262(6)
Case Projects
268(3)
Scrambling through Cryptography
271(36)
Defining Cryptography
272(3)
Cryptography Terminology
272(2)
How Cryptography Protects
274(1)
Securing with Cryptography Hashing Algorithms
275(4)
Defining Hashing
275(2)
Message Digest (MD)
277(1)
Secure Hash Algorithm (SHA)
278(1)
Protecting with Symmetric Encryption Algorithms
279(7)
Data Encryption Standard (DES)
282(1)
Triple Data Encryption Standard (3DES)
283(1)
Advanced Encryption Standard (AES)
284(1)
Rivest Cipher (RC)
285(1)
International Data Encryption Algorithm (IDEA)
285(1)
Blowfish
286(1)
Hardening with Asymmetric Encryption Algorithms
286(3)
RSA
288(1)
Diffie-Hellman
288(1)
Elliptic Curve Cryptography
289(1)
Understanding How to Use Cryptography
289(6)
Digital Signatures
289(1)
Benefits of Cryptography
290(1)
Implementations of Cryptography
291(4)
Chapter Summary
295(1)
Key Terms
296(2)
Review Questions
298(1)
Hands-On Projects
299(6)
Case Projects
305(2)
Using and Managing Keys
307(34)
Understanding Cryptography Strengths and Vulnerabilities
308(7)
Symmetric Cryptography Strengths and Weaknesses
309(1)
Asymmetric Cryptography Strengths and Vulnerabilities
310(5)
Understanding Public Key Infrastructure (PKI)
315(7)
The Need for PKI
315(2)
Description of PKI
317(1)
PKI Standards and Protocols
318(3)
Trust Models
321(1)
Managing Digital Certificates
322(5)
Certificate Policy
325(1)
Certificate Practice Statement (CPS)
325(1)
Certificate Life Cycle
326(1)
Exploring Key Management
327(3)
Centralized and Decentralized Management
327(1)
Key Storage
327(1)
Key Usage
328(1)
Key Handling Procedures
328(2)
Chapter Summary
330(1)
Key Terms
331(1)
Review Questions
332(2)
Hands-On Projects
334(4)
Case Projects
338(3)
Operational Security
341(40)
Hardening Physical Security with Access Controls
342(7)
Controlling Access with Physical Barriers
343(5)
Controlling Access with Biometrics
348(1)
Minimizing Social Engineering
349(1)
Securing the Physical Environment
349(8)
Limiting Wireless Signal Range
349(2)
Shielding a Wired Signal
351(2)
Reducing the Risk of Fires
353(4)
Understanding Business Continuity
357(9)
Maintaining Utilities
357(1)
Establishing High Availability through Fault Tolerance
358(5)
Creating and Maintaining Backups
363(3)
Planning for Disaster Recovery
366(3)
Creating a Disaster Recovery Plan
366(2)
Identifying Secure Recovery
368(1)
Protecting Backups
369(1)
Chapter Summary
369(1)
Key Terms
370(2)
Review Questions
372(2)
Hands-On Projects
374(5)
Case Projects
379(2)
Policies and Procedures
381(36)
Understanding the Security Policy Cycle
382(2)
Reviewing Risk Identification
384(8)
Asset Identification
385(2)
Threat Identification
387(2)
Vulnerability Appraisal
389(1)
Risk Assessment
390(2)
Designing the Security Policy
392(6)
Security Policy Development
392(1)
Elements of a Security Policy
392(6)
Types of Security Policies
398(6)
Understanding Compliance Monitoring and Evaluation
404(2)
Incidence Response Policy
404(2)
Ethics Policy
406(1)
Chapter Summary
406(1)
Key Terms
407(1)
Review Questions
408(2)
Hands-On Projects
410(6)
Case Projects
416(1)
Security Management
417(28)
Understanding Identity Management
418(3)
Hardening Systems through Privilege Management
421(5)
Responsibility
421(1)
Assigning Privileges
422(2)
Auditing Privileges
424(2)
Planning for Change Management
426(4)
Change Management Procedures
426(2)
Changes That Should Be Documented
428(2)
Documenting Changes
430(1)
Understanding Digital Rights Management
430(3)
Content Providers
430(2)
Enterprise Document Protection
432(1)
Acquiring Effective Training and Education
433(3)
How Learners Learn
434(1)
Available Resources
435(1)
Chapter Summary
436(1)
Key Terms
436(1)
Review Questions
437(2)
Hands-On Projects
439(4)
Case Projects
443(2)
Advanced Security and Beyond
445(30)
Understanding Computer Forensics
446(4)
Forensics Opportunities and Challenges
447(3)
Responding to a Computer Forensics Incident
450(7)
Securing the Crime Scene
451(1)
Preserving the Data
451(2)
Establishing the Chain of Custody
453(1)
Examining Data for Evidence
453(4)
Hardening Security through New Solutions
457(2)
Exploring Information Security Jobs and Skills
459(3)
Employment
459(1)
Certification
460(1)
Job Skills
460(2)
Chapter Summary
462(1)
Key Terms
463(1)
Review Questions
464(1)
Hands-On Projects
465(9)
Case Projects
474(1)
APPENDIX A CompTIA Security+ Examination Objectives
475(10)
APPENDIX B Linux and Windows Security
485(10)
Linux Security
486(3)
Controlling File Permissions and Attributes
486(1)
Protecting the Kernel
487(1)
Disabling Unnecessary Services
487(1)
Protecting System Logs
488(1)
Controlling User Accounts
488(1)
General Security Tips
489(1)
Windows Security
489(6)
Basic Windows Security
489(3)
Intermediate Windows Security
492(1)
Advanced Windows Security
493(2)
APPENDIX C Common TCP/IP Ports and Their Threats
495(4)
APPENDIX D Sample Acceptable Use Policy
499(6)
Organization ABC Acceptable Use Policy
500(1)
Overview
500(1)
Purpose
500(1)
Scope
500(1)
Policy
500(3)
General Use and Ownership
500(1)
Security and Proprietary Information
501(1)
Unacceptable Use
501(2)
Enforcement
503(1)
Definitions
503(1)
Revision History
503(2)
Glossary 505

An electronic version of this book is available through VitalSource.

This book is viewable on PC, Mac, iPhone, iPad, iPod Touch, and most smartphones.

By purchasing, you will be able to view this book online, as well as download it, for the chosen number of days.

Digital License

You are licensing a digital product for a set duration. Durations are set forth in the product description, with "Lifetime" typically meaning five (5) years of online access and permanent download to a supported device. All licenses are non-transferable.

More details can be found here.

A downloadable version of this book is available through the eCampus Reader or compatible Adobe readers.

Applications are available on iOS, Android, PC, Mac, and Windows Mobile platforms.

Please view the compatibility matrix prior to purchase.