Overview

Full Product Details

Author:   Diane Barrett
Publisher:   Pearson Education (US)
Imprint:   Pearson IT Certification
Edition:   3rd edition
Dimensions:   Width: 15.40cm , Height: 2.30cm , Length: 22.40cm
Weight:   0.534kg
ISBN:  

9780789748287

ISBN 10:   0789748282
Pages:   400
Publication Date:   30 December 2011
Audience:   Professional and scholarly ,  Professional & Vocational
Format:   Mixed media product
Publisher's Status:   Out of Print
Availability:   Awaiting stock  

Table of Contents

Introduction . 5 Who This Book Is For 5 What You Will Find in This Book 5 Hints for Using This Book 6 Need Further Study? . 7 Chapter One Domain 1.0: Network Security 9 Practice Questions 10 Objective 1.1: Explain the security function and purpose of network devices and technologies 10 Objective 1.2: Apply and implement secure network administration principles . 16 Objective 1.3: Distinguish and differentiate network design elements and compounds . 23 Objective 1.4: Implement and use common protocols 32 Objective 1.5: Identify commonly used ports . 36 Objective 1.6: Implement wireless network in a secure manner 40 Quick-Check Answer Key 44 Objective 1.1: Explain the security function and purpose of network devices and technologies 44 Objective 1.2: Apply and implement secure network administration principles . 44 Objective 1.3: Distinguish and differentiate network design elements and compounds . 45 Objective 1.4: Implement and use common protocols 45 Objective 1.5: Identify commonly used ports . 46 Objective 1.6: Implement wireless network in a secure manner 46 Answers and Explanations 47 Objective 1.1: Explain the security function and purpose of network devices and technologies 47 Objective 1.2: Apply and implement secure network administration principles . 52 Objective 1.3: Distinguish and differentiate network design elements and compounds 58 Objective 1.4: Implement and use common protocols 65 Objective 1.5: Identify commonly used ports . 70 Objective 1.6: Implement wireless network in a secure manner 71 Chapter Two Domain 2.0: Compliance and Operational Security . 75 Practice Questions 76 Objective 2.1: Explain risk related concepts. 76 Objective 2.2: Carry out appropriate risk mitigation strategies . 83 Objective 2.3: Execute appropriate incident response procedures . 85 Objective 2.4: Explain the importance of security related awareness and training . 87 Objective 2.5: Compare and contrast aspects of business continuity 92 Objective 2.6: Explain the impact and proper use of environmental controls . 94 Objective 2.7: Execute disaster recovery plans and procedures . 98 Objective 2.8: Exemplify the concepts of confidentiality, integrity, and availability. 105 Quick-Check Answer Key . 108 Objective 2.1: Explain risk related concepts . 108 Objective 2.2: Carry out appropriate risk mitigation strategies 108 Objective 2.3: Execute appropriate incident response procedures 108 Objective 2.4: Explain the importance of security related awareness and training 109 Objective 2.5: Compare and contrast aspects of business continuity . 109 Objective 2.6: Explain the impact and proper use of environmental controls. . 109 Objective 2.7: Execute disaster recovery plans and procedures 110 Objective 2.8: Exemplify the concepts of confidentiality, integrity, and availability. 110 Answers and Explanations . 111 Objective 2.1: Explain risk related concepts . 111 Objective 2.2: Carry out appropriate risk mitigation strategies 117 Objective 2.3: Execute appropriate incident response procedures 118 Objective 2.4: Explain the importance of security related awareness and training 120 Objective 2.5: Compare and contrast aspects of business continuity . 123 Objective 2.6: Explain the impact and proper use of environmental controls. . 125 Objective 2.7: Execute disaster recovery plans and procedures 128 Objective 2.8: Exemplify the concepts of confidentiality, integrity, and availability. 133 Chapter Three Domain 3.0: Threats and Vulnerabilities . 135 Practice Questions . 136 Objective 3.1: Analyze and differentiate among types of malware. 136 Objective 3.2: Analyze and differentiate among types of attacks 144 Objective 3.3: Analyze and differentiate among types of social engineering attacks 154 Objective 3.4: Analyze and differentiate among types of wireless attacks. 156 Objective 3.5: Analyze and differentiate among types of application attacks 160 CompTIA Security+ SY0-301 Practice Questions Exam Cram Objective 3.6: Analyze and differentiate among types of mitigation and deterrent techniques. 165 Objective 3.7: Implement assessment tools and techniques to discover security threats and vulnerabilities 174 Objective 3.8: Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning . 177 Quick-Check Answer Key . 180 Objective 3.1: Analyze and differentiate among types of malware. 180 Objective 3.2: Analyze and differentiate among types of attacks. . 180 Objective 3.3: Analyze and differentiate among types of social engineering attacks 181 Objective 3.4: Analyze and differentiate among types of wireless attacks. 181 Objective 3.5: Analyze and differentiate among types of application attacks 181 Objective 3.6: Analyze and differentiate among types of mitigation and deterrent techniques. 182 Objective 3.7: Implement assessment tools and techniques to discover security threats and vulnerabilities 182 Objective 3.8: Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning. 183 Answers and Explanations . 184 Objective 3.1: Analyze and differentiate among types of malware 184 Objective 3.2: Analyze and differentiate among types of attacks. . 191 Objective 3.3: Analyze and differentiate among types of social engineering attacks . 200 Objective 3.4: Analyze and differentiate among types of wireless attacks 202 Objective 3.5: Analyze and differentiate among types of application attacks. . 206 Objective 3.6: Analyze and differentiate among types of mitigation and deterrent techniques 210 Objective 3.7: Implement assessment tools and techniques to discover security threats and vulnerabilities 216 Objective 3.8: Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning. 219 Chapter Four Domain 4.0: Application, Data, and Host Security . 223 Practice Questions . 224 Objective 4.1: Explain the importance of application security . 224 Objective 4.2: Carry out appropriate procedures to establish host security. 232 Objective 4.3: Explain the importance of data security 239 Quick-Check Answer Key . 248 Objective 4.1: Explain the importance of application security . 248 Objective 4.2: Carry out appropriate procedures to establish host security. 248 Objective 4.3: Explain the importance of data security 249 Answers and Explanations . 250 Objective 4.1: Explain the importance of application security . 250 Objective 4.2: Carry out appropriate procedures to establish host security . 257 Objective 4.3: Explain the importance of data security 262 Chapter Five Domain 5.0: Access Control and Identity Management . 269 Practice Questions . 270 Objective 5.1: Explain the function and purpose of authentication services 270 Objective 5.2: Explain the fundamental concepts and best practices related to authorization and access control . 275 Objective 5.3: Implement appropriate security controls when performing account management 285 Quick-Check Answer Key . 293 Objective 5.1: Explain the function and purpose of authentication services 293 Objective 5.2: Explain the fundamental concepts and best practices related to authorization and access control . 293 Objective 5.3: Implement appropriate security controls when performing account management . 294 Answers and Explanations . 295 Objective 5.1: Explain the function and purpose of authentication services 295 Objective 5.2: Explain the fundamental concepts and best practices related to authorization and access control . 299 Objective 5.3: Implement appropriate security controls when performing account management 309 Chapter Six Domain 6.0: Cryptography . 317 Practice Questions . 318 Objective 6.1: Summarize general cryptography concepts . 318 Objective 6.2: Use and apply appropriate cryptographic tools and products 323 Objective 6.3: Explain core concepts of public key infrastructure 329 Objective 6.4: Implement PKI, certificate management, and associated components 333 Quick-Check Answer Key . 338 Objective 6.1: Summarize general cryptography concepts . 338 Objective 6.2: Use and apply appropriate cryptographic tools and products 338 Objective 6.3: Explain core concepts of public key infrastructure 339 Objective 6.4: Implement PKI, certificate management, and associated components 339 Answers and Explanations . 340 Objective 6.1: Summarize general cryptography concepts . 340 Objective 6.2: Use and apply appropriate cryptographic tools and products 343 Objective 6.3: Explain core concepts of public key infrastructure 348 Objective 6.4: Implement PKI, certificate management, and associated components 351 9780789748287, TOC, 11/09/2011

Reviews

Author Information

Diane Barrett is the director of training for Paraben Corporation and an adjunct professor for American Military University. She has done contract forensic and security assessment work for several years and has authored other security and forensic books. She is a regular committee member for ADFSL's Conference on Digital Forensics, Security and Law, as well as an academy director for Edvancement Solutions. She holds many industry certifications, including CISSP, ISSMP, DFCP, PCME, along with many CompTIA certifications, including the Security+ (2011 objectives). Diane's education includes a MS in Information Technology with a specialization in Information Security. She expects to complete a PhD in business administration with a specialization in Information Security shortly.

Tab Content 6

Author Website:  

Customer Reviews

Recent Reviews

No review item found!

Add your own review!

Countries Available

All regions