Buying options

Authorized Marketplace Sellers:
3 new & used from $3.71

Security+ in Depth

Campbell, Paul; Calvert, Ben; Boswell, Steven
ISBN-10: 1592000649
ISBN-13: 9781592000647

In our Marketplace:
3 new & used from $3.71

Description

"Security+ In Depth' gives you the coverage you need to fully understand the current risks and threats to your organization?s data. If you are just entering the IT field, you will appreciate the comprehensive coverage of the tools and techniques necessary to safeguard electronic data. This book also serves as a valuable tool for those seeking to pass the CompTIA Security+ certification exam. "Security+ In Depth" provides hands on, practical techniques for working in the field of security in the twenty-first century.Ben Calvert is an information security consultant with an Arizona-based networking firm. He holds an MBA from Thunderbird - the American Graduate School of International Management, and has earned CNP and CCSE certifications.Steven Boswll is an internetworking consultant based in Phoenix, Arizona. He has earned the CCNP certification and holds an MBA in International Management from Thunderbird - The American Graduate School of International Management. He has worked extensively with a wide variety of clients throughout the world, from Fortune 50 financial services firms to national and regional governments.Paul Campbell has over seven years of computer and data networking experience Ben Calvert is an information security consultant with an Arizona-based networking firm Steven Boswell is an internetworking consultant based in Phoenix, Arizona

Preface	p. xiv
Security Overview	p. 1
Understanding Network Security	p. 2
Security Threats	p. 3
Integrity	p. 4
Confidentiality	p. 4
Availability	p. 4
Security Ramifications: Costs of Intrusion	p. 5
Technology Weaknesses	p. 5
Configuration Weaknesses	p. 6
Policy Weaknesses	p. 6
Human Error	p. 7
Goals of Network Security	p. 8
Eliminating Theft	p. 8
Determining Authentication	p. 8
Identifying Assumptions	p. 8
Controlling Secrets	p. 8
Creating a Secure Network Strategy	p. 9
Human Factors	p. 9
Knowing Your Weaknesses	p. 9
Limiting Access	p. 9
Achieving Security through Persistence	p. 10
Remembering Physical Security	p. 10
Perimeter Security	p. 10
Firewalls	p. 10
Web and File Servers	p. 10
Access Control	p. 11
Change Management	p. 11
Encryption	p. 11
Intrusion Detection Systems	p. 12
Chapter Summary	p. 12
Key Terms	p. 12
Review Questions	p. 13
Authentication	p. 17
Usernames and Passwords	p. 18
Strong Password Creation Techniques	p. 19
Techniques to Use Multiple Passwords	p. 20
Storing Passwords	p. 20
Kerberos	p. 20
Kerberos Assumptions	p. 21
Kerberos Authentication Process	p. 21
Using Kerberos in Very Large Network Systems	p. 24
Security Weaknesses of Kerberos	p. 25
Challenge Handshake Authentication Protocol	p. 25
The CHAP Challenge-and-Response Sequence	p. 25
CHAP Security Issues	p. 26
Mutual Authentication	p. 27
Digital Certificates	p. 27
Electronic Encryption and Decryption Concepts	p. 27
How Much Trust Should One Place in a CA?	p. 29
Security Tokens	p. 30
Passive Tokens	p. 30
Active Tokens	p. 31
One-time Passwords	p. 31
Biometrics	p. 32
How a Biometric Authentication System Works	p. 32
False Positives and False Negatives	p. 33
Different Kinds of Biometrics	p. 34
General Trends in Biometrics	p. 38
Multi-Factor Authentication	p. 39
Chapter Summary	p. 39
Key Terms	p. 40
Review Questions	p. 42
Attacks and Malicious Code	p. 47
Denial-of-Service Attacks	p. 48
SYN Flood	p. 49
Smurf	p. 52
IP Fragmentation Attacks: Ping of Death	p. 53
Distributed Denial-of-Service Attacks	p. 55
Setting Up DDoS Attacks	p. 55
Conducting DDoS Attacks	p. 56
DDoS Countermeasures	p. 57
Spoofing	p. 60
IP Address Spoofing	p. 60
ARP Poisoning	p. 62
Web Spoofing	p. 62
DNS Spoofing	p. 64
Man in the Middle	p. 64
Replays	p. 66
TCP Session Hijacking	p. 67
Social Engineering	p. 69
Dumpster Diving	p. 70
Online Attacks	p. 70
Social Engineering Countermeasures	p. 70
Attacks against Encrypted Data	p. 71
Weak Keys	p. 71
Mathematical Attacks	p. 71
Birthday Attack	p. 72
Password Guessing	p. 72
Brute Force	p. 73
Dictionary	p. 74
Software Exploitation	p. 74
Malicious Software	p. 75
Backdoor	p. 79
Logic Bombs	p. 83
Worms	p. 83
Chapter Summary	p. 84
Key Terms	p. 85
Review Questions	p. 87
Remote Access	p. 91
IEEE 802.1x	p. 92
Telnet	p. 93
Virtual Private Networks	p. 94
VPN Options	p. 95
VPN Drawbacks	p. 96
Remote Authentication Dial-In User Service	p. 96
Authenticating with a RADIUS Server	p. 97
Terminal Access Controller Access Control System	p. 99
Point-to-Point Tunneling Protocol	p. 101
Layer 2. Tunneling Protocol	p. 102
Secure Shell	p. 102
IP Security Protocol	p. 103
ESP and Encryption Models	p. 105
Telecommuting Vulnerabilities	p. 106
Remote Solutions	p. 110
Chapter Summary	p. 110
Key Terms	p. 111
Review Questions	p. 112
E-mail	p. 117
Secure E-mail and Encryption	p. 118
Encryption	p. 119
Hash Functions	p. 120
Digital Signatures	p. 120
Digital Certificates	p. 121
Combining Encryption Methods	p. 122
How Secure E-mail Works	p. 123
Background on PGP	p. 126
PGP Certificates	p. 126
S/MIME	p. 127
Background on S/MIME	p. 127
S/MIME Encryption Algorithms	p. 127
X.509 Certificates	p. 128
S/MIME Trust Model: Certificate Authorities	p. 129
Differences between PGP and S/MIME	p. 129
E-mail Vulnerabilities	p. 131
Spam	p. 132
E-mail Spam	p. 132
Hoaxes and Chain Letters	p. 133
Countermeasures for Hoaxes	p. 135
Chapter Summary	p. 136
Key Terms	p. 136
Review Questions	p. 138
Web Security	p. 143
SSL and TLS	p. 144
HTTPS	p. 146
Instant Messaging	p. 147
IM Security Issues	p. 147
Vulnerabilities of Web Tools	p. 149
JavaScript	p. 149
ActiveX	p. 150
Buffer Overflows	p. 151
Cookies	p. 152
Signed Applets	p. 153
CGI	p. 154
SMTP Relay	p. 156
Chapter Summary	p. 158
Key Terms	p. 159
Review Questions	p. 160
Directory and File Transfer Services	p. 165
Directory Services	p. 166
LDAP	p. 166
LDAP Operations	p. 168
LDAP Framework	p. 169
LDAP Security Benefits	p. 170
LDAP Security Vulnerabilities	p. 171
File Transfer Services	p. 172
FTP	p. 172
FTP Security Issues	p. 175
Secure File Transfers	p. 178
File Sharing	p. 179
Protecting Your File Shares	p. 181
Chapter Summary	p. 181
Key Terms	p. 182
Review Questions	p. 183
Wireless and Instant Messaging	p. 187
The Alphabet Soup of 802.11	p. 188
802.11a	p. 188
802.11b	p. 189
802.11c	p. 189
802.11d	p. 189
802.11e	p. 190
802.11f	p. 190
802.11g	p. 190
802.11h	p. 190
802.11i	p. 190
802.11j	p. 191
WAP 1.x and WAP 2.0	p. 192
How WAP 1.x Works	p. 193
The WAP 2.0 Stack	p. 196
The Wireless Transport Layer Security Protocol	p. 198
Wired Equivalent Privacy	p. 200
How WEP Works	p. 201
WEP's Weaknesses	p. 201
Conducting a Wireless Site Survey	p. 203
Conducting a Needs Assessment of the Network Users	p. 203
Obtaining a Copy of the Site's Blueprints	p. 204
Doing a Walk-Through of the Site	p. 204
Identifying Possible Access Point Locations	p. 204
Verifying Access Point Locations	p. 205
Documenting Your Findings	p. 205
Instant Messaging	p. 206
A Definition of IM	p. 206
Lack of Default Encryption Enables Packet Sniffing	p. 206
Social Engineering Overcomes Even Encryption	p. 207
Technical Issues Surrounding IM	p. 207
Legal Issues Surrounding IM	p. 207
Blocking IM	p. 208
Cellular Phone SMS	p. 208
Chapter Summary	p. 208
Key Terms	p. 208
Review Questions	p. 211
Devices	p. 215
Firewalls	p. 216
Drafting a Security Policy	p. 216
Designing the Firewall to Implement the Policy	p. 218
What do Firewalls Protect Against?	p. 218
How Do Firewalls Work?	p. 218
Routers	p. 221
How a Router Moves Information	p. 221
Beyond the Firewall	p. 222
The OSI Stack	p. 225
Limitations of Packet-Filtering Routers	p. 226
Switches	p. 226
Switch Security	p. 227
Wireless	p. 229
Modems	p. 229
DSL Versus Cable Modem Security	p. 230
Dynamic Versus Static IP Addressing	p. 230
Remote Access Services	p. 231
Security Problems with RAS	p. 231
Telecom/Private Branch Exchange	p. 231
Virtual Private Networks	p. 232
Intrusion Detection Systems	p. 234
Computer-based IDS	p. 234
Network-based IDS	p. 234
Anomaly-based Detection	p. 235
Signature-based Detection	p. 236
Network Monitoring and Diagnostics	p. 236
Workstations and Servers	p. 236
Personal Firewall Software Packages	p. 237
Antivirus Software Packages	p. 237
Mobile Devices	p. 238
Chapter Summary	p. 238
Key Terms	p. 239
Review Questions	p. 241
Media and Medium	p. 245
Transmission Media	p. 246
Coaxial Cable	p. 246
Twisted Pair Copper Cable	p. 247
Fiber-Optic Cable	p. 248
Unguided Transmission	p. 249
Securing Transmission Media	p. 250
Storage Media	p. 252
Magnetic Storage Media	p. 252
Optical Storage Media	p. 254
Solid-State Storage Media	p. 255
Catastrophic Loss	p. 257
Encryption	p. 257
Storing and Destruction of Media	p. 257
Chapter Summary	p. 258
Key Terms	p. 258
Review Questions	p. 259
Network Security Topologies	p. 263
Perimeter Security Topologies	p. 264
Three-tiered Architecture	p. 264
Creating and Developing Your Security Design	p. 267
DMZ	p. 269
Intranet	p. 271
Extranet	p. 272
Network Address Translation	p. 273
Tunneling	p. 275
Virtual Local Area Networks	p. 276
Security Features of VLANs	p. 279
Vulnerabilities of VLAN Trunks	p. 280
Chapter Summary	p. 281
Key Terms	p. 282
Review Questions	p. 282
Intrusion Detection	p. 287
The Value of Intrusion Detection	p. 288
Negatives and Positives	p. 288
Network-based and Host-based IDS	p. 290
Network-based IDS	p. 291
Host-based IDS	p. 296
Active Detection and Passive Detection	p. 300
Anomaly-based and Signature-based IDS	p. 302
Intrusion Detection Products	p. 304
Honeypots	p. 305
Honeypot Deployment Options	p. 307
Honeypot Design	p. 307
Honeypots, Ethics, and the Law	p. 308
Incident Response	p. 308
IDS Monitoring	p. 308
Information Security Incident Response Team	p. 309
Chapter Summary	p. 310
Key Terms	p. 310
Review Questions	p. 312
Security Baselines	p. 315
OS/NOS Hardening	p. 316
File System	p. 317
Creating Needed User Groups	p. 319
Configuring Access Controls	p. 319
Installing and Configuring File Encryption Capabilities	p. 320
Updates	p. 320
Network Hardening	p. 321
Firmware Updates	p. 322
Configuration	p. 322
Access Control Lists	p. 324
Enabling and Disabling of Services and Protocols	p. 326
Application Hardening	p. 328
Web Servers	p. 328
E-mail Servers	p. 330
FTP Servers	p. 332
DNS Servers	p. 334
NNTP Servers	p. 337
File and Print Servers	p. 338
DHCP Servers	p. 339
Data Repositories	p. 341
Directory Services	p. 341
Chapter Summary	p. 345
Key Terms	p. 346
Review Questions	p. 349
Cryptography	p. 353
Algorithms	p. 354
Hashing	p. 354
Symmetric versus Asymmetric Algorithms	p. 354
Symmetric Algorithms	p. 355
Asymmetric Algorithms	p. 356
Common Encryption Algorithms	p. 356
Concepts of Using Cryptography	p. 358
Digital Signatures	p. 359
Certificates	p. 360
PKI Certificates	p. 360
Trust Models	p. 362
Key and Certificate Life Cycle Management	p. 363
Setup and Initialization	p. 364
Certificate Expiration	p. 366
Certificate Revocation and Suspension	p. 367
Key History	p. 367
Key Archive	p. 367
Chapter Summary	p. 368
Key Terms	p. 369
Review Questions	p. 370
Physical Security	p. 373
Physical Controls	p. 374
Location and Environment	p. 374
Construction	p. 374
Physical Barriers	p. 375
Physical Surveillance	p. 378
Technical Controls	p. 379
Personnel Access Controls	p. 379
Technical Surveillance	p. 382
Ventilation	p. 382
Power Supply	p. 382
Fire Detection and Suppression	p. 383
Shielding	p. xxx
Natural Disasters	p. 385
Chapter Summary	p. 385
Key Terms	p. 385
Review Questions	p. 386
Disaster Recovery and Business Continuity	p. 391
Business Continuity	p. 392
Disaster Recovery Planning Process	p. 392
Data Backups	p. 393
Disaster Recovery Plan	p. 395
Policies and Procedures	p. 397
Security Policy	p. 397
Human Resources Policy	p. 400
Incident Response Policy	p. 402
Privilege Management	p. 404
Chapter Summary	p. 406
Key Terms	p. 406
Review Questions	p. 406
Computer Forensics and Advanced Topics	p. 411
Computer Forensics	p. 412
Digital Evidence	p. 412
Principles of Digital Evidence	p. 412
The Forensic Process	p. 413
Risk Management	p. 417
Asset Identification	p. 417
Risk Assessment	p. 417
Threat Identification	p. 418
Vulnerabilities	p. 418
Education and Training	p. 418
Communication	p. 418
User Awareness	p. 419
Auditing	p. 419
Documentation	p. 421
Standards and Guidelines	p. 421
Systems Architecture	p. 421
Change Documentation	p. 421
Logs and Inventories	p. 422
Classification and Notification	p. 422
Retention and Storage	p. 422
Destruction	p. 423
Chapter Summary	p. 423
Key Terms	p. 423
Review Questions	p. 424
Answers to Chapter Review Questions	p. 391
Glossary	p. 441
Index	p. 459
Table of Contents provided by Ingram. All Rights Reserved.

Edition:	2003
Publisher:	Course Technology
Binding:	Trade Paper
Pages:	496
Size:	7.25" wide x 8.75" long x 1.00" tall
Weight:	1.85 lbs.
Language:	English

100% Money Back Guarantee: Wrong item? No problem! Our hassle-free returns policy has you covered. We'll also process your order within 24 hours. Learn more about our shipping policy.

Buying options

Security+ in Depth

Campbell, Paul; Calvert, Ben; Boswell, Steven
ISBN-10: 1592000649
ISBN-13: 9781592000647

New & Used Books

Customer Service

Booksellers

TextbooksRus Info

About TextbooksRus.com

Buying options

Security+ in Depth

Campbell, Paul; Calvert, Ben; Boswell, Steven ISBN-10: 1592000649 ISBN-13: 9781592000647

New & Used Books

Customer Service

Booksellers

TextbooksRus Info

About TextbooksRus.com

Campbell, Paul; Calvert, Ben; Boswell, Steven
ISBN-10: 1592000649
ISBN-13: 9781592000647