SlideShare a Scribd company logo

CompTIA Security+ Guide to Network Security Fundamentals

Download as DOCX, PDF
M
MikeEly930

The document is a chapter excerpt from the textbook "Security+ Guide to Network Security Fundamentals, Sixth Edition" by Mark Ciampa. It discusses CompTIA Security+ exam objectives and outlines which chapter in the textbook covers each objective. The objectives cover topics like threats, attacks, vulnerabilities, technologies/tools, network/server attacks, security devices/design, and more. Each objective is mapped to one or more chapter(s) that provide coverage of that topic at a level defined by Bloom's taxonomy.

Education
1 of 66
SE/CIAMPA, CompTIA Security+ Guide to Network Security Fundamentals, 6th Edition ISBN-978-1-337-28878-1 ©20XX Designer: XXX Text & Cover printer: Quad Graphics Binding: PB Trim: 7.375 x 9.125" CMYK Security+ Guide to Network Security Fundam entals To register or access your online learning solution or purchase materials for your course, visit www.cengagebrain.com. Security+ Guide to Network Security Fundamentals INFORMATION SECURITY Sixth Edition Mark Ciampa Sixth Edition CIAMPA Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
CompTIA Security+ SY0-501 Exam Objectives Security+ Exam Domain/Objectives Chapter Bloom’s Taxonomy 1.0: Threats, Attacks, and Vulnerabilities 1.1 Given a scenario, analyze indicators of compromise and determine the type of malware. 2 Analyze 1.2 Compare and contrast types of attacks. 2 3 5 8 11 15 Understand Analyze Understand Apply/Understand Create Apply 1.3 Explain threat actor types and attributes. 1 Analyze/Apply 1.4 Explain penetration testing concepts. 13 Apply 1.5 Explain vulnerability scanning concepts. 13 Apply 1.6 Explain the impact associated with types of vulnerabilities. 1 3 4
5 9 10 Understand Understand Understand Understand Understand Understand 2.0: Technologies and Tools 2.1 Install and configure network components, both hardware- and software-based, to support organizational security. 4 6 7 8 Apply Analyze Apply Analyze/Evaluate 2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization. 8 13 14 Evaluate
Analyze/Evaluate Evaluate 2.3 Given a scenario, troubleshoot common security issues. 15 Analyze 2.4 Given a scenario, analyze and interpret output from security technologies. 6 7 9 Analyze Analyze Analyze 2.5 Given a scenario, deploy mobile devices securely. 8 10 11 Apply/Evaluate Analyze/Create Analyze 2.6 Given a scenario, implement secure protocols. 4 5 Apply Analyze 3.0: Architecture and Design 3.1 Explain use cases and purpose for frameworks, best practices and secure configuration guides. 1
15 Analyze Understand 3.2 Given a scenario, implement secure network architecture concepts. 6 7 8 13 Analyze Apply Apply/Evaluate Apply 88781_ifc_hr.indd 2 8/9/17 3:41 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Australia • Brazil • Mexico • Singapore • United Kingdom • United States INFORMATION SECURITY Mark Ciampa, Ph.D. Sixth Edition SECURITY+ GUIDE TO NETWORK SECURITY
CompTIA ® FUNDAMENTALS 88781_fm_hr_i-xxvi.indd 1 8/16/17 7:00 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 © 2018, 2015 Cengage Learning Unless otherwise noted, all content is © Cengage. Security+ Guide to Network Security Fundamentals, Sixth Edition Mark Ciampa SVP, GM Skills: Jonathan Lau Product Team Manager: Kristin McNary Associate Product Manager: Amy Savino Executive Director of Development: Marah Bellegarde Senior Product Development Manager: Leigh Hefferon Senior Content Developer: Michelle
Ruelos Cannistraci Product Assistant: Jake Toth Marketing Director: Michelle McTighe Production Director: Patty Stephan Senior Content Project Manager: Brooke Greenhouse Art Director: Diana Graham Cover image(s): iStockPhoto.com/ supernitram Printed in the United States of America Print Number: 01 Print Year: 2017 ALL RIGHTS RESERVED. No part of this work covered by the copy- right herein may be reproduced or distributed in any form or by any means, except as permitted by U.S. copyright law, without the prior written permission of the copyright owner. Library of Congress Control Number: 2017950178 ISBN: 978-1-337-28878-1 LLF ISBN: 978-1-337-68585-6 Notice to the Reader Publisher does not warrant or guarantee any of the products described herein or perform any independent analysis in connection with any of the product information contained herein. Publisher does not assume, and expressly disclaims, any
obligation to obtain and include information other than that provided to it by the manufacturer. The reader is expressly warned to consider and adopt all safety precautions that might be indicated by the activities described herein and to avoid all potential hazards. By following the instructions contained herein, the reader willingly assumes all risks in connection with such instructions. The publisher makes no representations or warranties of any kind, including but not limited to, the warranties of fitness for particular purpose or merchantability, nor are any such representations implied with respect to the material set forth herein, and the publisher takes no responsibility with respect to such material. The publisher shall not be liable for any special, consequential, or exemplary damages resulting, in whole or part, from the readers’ use of, or reliance upon, this material. Cengage 20 Channel Center Street Boston, MA 02210 USA Cengage is a leading provider of customized learning solutions with employees residing in nearly 40 different countries and sales in more than 125 countries around the world. Find your local representative at www.cengage.com. Cengage products are represented in Canada by Nelson Education, Ltd. To learn more about Cengage platforms and services, visit www.cengage.com Purchase any of our products at your local college store or at
our preferred online store www.cengagebrain.com For product information and technology assistance, contact us at Cengage Learning Customer & Sales Support, 1-800-354-9706. For permission to use material from this text or product, submit all requests online at www.cengage.com/permissions. Further permissions questions can be e-mailed to [email protected] Some of the product names and company names used in this book have been used for identification purposes only and may be trademarks or registered trademarks of their respective manufacturers and sellers. Windows® is a registered trademark of Microsoft Corporation. Microsoft.is registered trademark of Microsoft Corporation in the United States and/or other countries. Cengage is an independent entity from Microsoft Corporation and not affiliated with Microsoft in any manner. 88781_fm_hr_i-xxvi.indd 2 8/16/17 7:00 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Brief Contents INTRODUCTION.................................................................... .........................xv PART 1
SECURITY AND ITS THREATS ..........................................................................1 CHAPTER 1 Introduction to Security ................................................................................3 CHAPTER 2 Malware and Social Engineering Attacks ................................................. 51 PART 2 CRYPTOGRAPHY .......................................................................................... 97 CHAPTER 3 Basic Cryptography ..................................................................................... 99 CHAPTER 4 Advanced Cryptography and PKI ............................................................ 145 PART 3 NETWORK ATTACKS AND DEFENSES ....................................................... 189 CHAPTER 5 Networking and Server Attacks
.............................................................. 191 CHAPTER 6 Network Security Devices, Design, and Technology ............................. 233 CHAPTER 7 Administering a Secure Network ............................................................ 281 CHAPTER 8 Wireless Network Security ....................................................................... 321 PART 4 DEVICE SECURITY............................................................................. .......... 371 CHAPTER 9 Client and Application Security ............................................................... 373 iii 88781_fm_hr_i-xxvi.indd 3 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Brief Contents CHAPTER 10 Mobile and Embedded Device Security ...................................................421 PART 5 IDENTITY AND ACCESS MANAGEMENT ....................................................469 CHAPTER 11 Authentication and Account Management ............................................471 CHAPTER 12 Access Management ..................................................................................521 PART 6 RISK MANAGEMENT ...................................................................................563 CHAPTER 13 Vulnerability Assessment and Data Security .........................................565 CHAPTER 14
Business Continuity ...................................................................................607 CHAPTER 15 Risk Mitigation ...........................................................................................65 1 APPENDIX A CompTIA SY0-501 Certification Exam Objectives ...................................691 GLOSSARY ............................................................................................... .......... 713 INDEX ............................................................................................... ..................741 iv 88781_fm_hr_i-xxvi.indd 4 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Table of Contents INTRODUCTION.................................................................... .......................................xv
PART 1 SECURITY AND ITS THREATS ..................................................... 1 CHAPTER 1 Introduction to Security ........................................................... 3 Challenges of Securing Information .................................................................. 8 Today’s Security Attacks ....................................................................................8 Reasons for Successful Attacks ........................................................................12 Difficulties in Defending Against Attacks ....................................................... 14 What Is Information Security? .......................................................................... 17 Understanding Security ....................................................................................18 Defining Information Security .........................................................................18 Information Security Terminology ..................................................................21 Understanding the Importance of Information Security ................................ 24 Who Are the Threat Actors? .............................................................................. 28 Script Kiddies ............................................................................................... .... 29 Hactivists
............................................................................................... .......... 29 Nation State Actors ..........................................................................................30 Insiders ............................................................................................... .............30 Other Threat Actors ................................................................................. .........31 Defending Against Attacks ............................................................................... 32 Fundamental Security Principles .................................................................... 32 Frameworks and Reference Architectures ...................................................... 35 Chapter Summary .............................................................................................. 35 Key Terms ............................................................................................... ............ 37 Review Questions................................................................................ ............... 37 Case Projects ............................................................................................... ....... 46 CHAPTER 2 Malware and Social Engineering Attacks ............................. 51
Attacks Using Malware ...................................................................................... 53 Circulation.............................................................................. .......................... 55 Infection ............................................................................................... ............ 61 v 88781_fm_hr_i-xxvi.indd 5 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Table of Contentsvi Concealment ............................................................................................... ..... 65 Payload Capabilities .........................................................................................66 Social Engineering Attacks ................................................................................ 73 Psychological Approaches ............................................................................... 74 Physical Procedures .........................................................................................80 Chapter Summary ..............................................................................................
82 Key Terms ............................................................................................... ............ 84 Review Questions .............................................................................................. 84 Case Projects ............................................................................................... ....... 92 PART 2 CRYPTOGRAPHY ...................................................................... 97 CHAPTER 3 Basic Cryptography ................................................................. 99 Defining Cryptography .................................................................................... 101 What Is Cryptography? ................................................................................... 101 Cryptography and Security ............................................................................ 105 Cryptography Constraints ...............................................................................107 Cryptographic Algorithms ............................................................................... 108 Hash Algorithms
.............................................................................................1 10 Symmetric Cryptographic Algorithms ........................................................... 113 Asymmetric Cryptographic Algorithms ......................................................... 116 Cryptographic Attacks ..................................................................................... 123 Algorithm Attacks ........................................................................................... 123 Collision Attacks ............................................................................................. 125 Using Cryptography ......................................................................................... 126 Encryption through Software ......................................................................... 127 Hardware Encryption .....................................................................................128 Chapter Summary ............................................................................................ 130 Key Terms ............................................................................................... .......... 132 Review Questions................................................................................ ............. 133
Case Projects ............................................................................................... ..... 142 CHAPTER 4 Advanced Cryptography and PKI ........................................ 145 Implementing Cryptography .......................................................................... 147 Key Strength ............................................................................................... .....147 Secret Algorithms ...........................................................................................14 8 88781_fm_hr_i-xxvi.indd 6 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Table of Contents vii Block Cipher Modes of Operation ................................................................. 149 Crypto Service Providers................................................................................ 150 Algorithm Input Values .................................................................................. 151
Digital Certificates ........................................................................................... 152 Defining Digital Certificates ............................................................................ 152 Managing Digital Certificates .........................................................................154 Types of Digital Certificates ............................................................................158 Public Key Infrastructure (PKI) ....................................................................... 165 What Is Public Key Infrastructure (PKI)? ....................................................... 166 Trust Models ............................................................................................... ... 166 Managing PKI ............................................................................................... ...168 Key Management ............................................................................................ 171 Cryptographic Transport Protocols ............................................................... 174 Secure Sockets Layer (SSL) .............................................................................. 174 Transport Layer Security (TLS) ....................................................................... 175 Secure Shell (SSH) ...........................................................................................17 6 Hypertext Transport Protocol Secure (HTTPS) ...............................................176 Secure/Multipurpose Internet Mail Extensions (S/MIME)
............................ 177 Secure Real-time Transport Protocol (SRTP) .................................................. 177 IP Security (IPsec) ........................................................................................... 177 Chapter Summary ............................................................................................ 179 Key Terms ............................................................................................... .......... 181 Review Questions................................................................................ ............. 181 Case Projects ............................................................................................... ..... 187 PART 3 NETWORK ATTACKS AND DEFENSES .................................... 189 CHAPTER 5 Networking and Server Attacks .......................................... 191 Networking-Based Attacks ............................................................................. 193 Interception
............................................................................................... .....194 Poisoning ............................................................................................... ........ 196 Server Attacks ............................................................................................... ... 201 Denial of Service (DoS) ...................................................................................201 Web Server Application Attacks .................................................................... 203 Hijacking ............................................................................................... ......... 209 Overflow Attacks ............................................................................................ 213 Advertising Attacks ......................................................................................... 215 Browser Vulnerabilities .................................................................................. 218 Chapter Summary ............................................................................................ 222 88781_fm_hr_i-xxvi.indd 7 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Table of Contentsviii Key Terms ............................................................................................... .......... 223 Review Questions................................................................................ ............. 223 Case Projects ............................................................................................... ..... 229 CHAPTER 6 Network Security Devices, Design, and Technology ......... 233 Security Through Network Devices ............................................................... 235 Standard Network Devices ............................................................................ 236 Network Security Hardware .......................................................................... 246 Security Through Network Architecture ....................................................... 260 Security Zones .................................................................................... ........... 260 Network Segregation ..................................................................................... 263 Security Through Network Technologies ...................................................... 265
Network Access Control (NAC) ...................................................................... 265 Data Loss Prevention (DLP)............................................................................ 267 Chapter Summary ............................................................................................ 269 Key Terms ............................................................................................... .......... 271 Review Questions................................................................................ ............. 271 Case Projects ............................................................................................... ..... 279 CHAPTER 7 Administering a Secure Network ........................................ 281 Secure Network Protocols .............................................................................. 283 Simple Network Management Protocol (SNMP) ........................................... 285 Domain Name System (DNS) ........................................................................ 286 File Transfer Protocol (FTP)............................................................................ 288 Secure Email Protocols .................................................................................. 290
Using Secure Network Protocols ....................................................................291 Placement of Security Devices and Technologies ........................................ 292 Analyzing Security Data .................................................................................. 295 Data from Security Devices ........................................................................... 296 Data from Security Software ......................................................................... 297 Data from Security Tools ............................................................................... 298 Issues in Analyzing Security Data ................................................................. 298 Managing and Securing Network Platforms ................................................ 300 Virtualization ............................................................................................... ..300 Cloud Computing ........................................................................................... 304 Software Defined Network (SDN) .................................................................. 306 Chapter Summary ............................................................................................ 309 88781_fm_hr_i-xxvi.indd 8 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
WCN 02-200-203 Table of Contents ix Key Terms ............................................................................................... .......... 310 Review Questions................................................................................ ............. 311 Case Projects .................................................................................... ........... ..... 318 CHAPTER 8 Wireless Network Security .................................................. 321 Wireless Attacks ............................................................................................... 324 Bluetooth Attacks................................................................................... ........ 324 Near Field Communication (NFC) Attacks .....................................................327 Radio Frequency Identification (RFID) Attacks ............................................. 330 Wireless Local Area Network Attacks .............................................................332
Vulnerabilities of IEEE Wireless Security ....................................................... 341 Wired Equivalent Privacy .............................................................................. 342 Wi-Fi Protected Setup .................................................................................... 343 MAC Address Filtering ................................................................................... 344 SSID Broadcasting .......................................................................................... 345 Wireless Security Solution s ............................................................................ 346 Wi-Fi Protected Access (WPA) ....................................................................... 347 Wi-Fi Protected Access 2 (WPA2) ................................................................... 349 Additional Wireless Security Protections .......................................................352 Chapter Summary ............................................................................................ 356
Key Terms ............................................................................................... .......... 359 Review Questions................................................................................ ............. 359 Case Projects ............................................................................................... ..... 368 PART 4 DEVICE SECURITY ................................................................... 371 CHAPTER 9 Client and Application Security ........................................... 373 Client Security ............................................................................................... ... 375
Hardware System Security .............................................................................375 Securing the Operating System Software ...................................................... 379 Peripheral Device Security ............................................................................. 388 Physical Security .............................................................................................. 392 External Perimeter Defenses ......................................................................... 393 Internal Physical Access Security .................................................................. 395 Computer Hardware Security ....................................................................... 400 Application Security ......................................................................................... 401 Application Development Concepts .............................................................. 402 88781_fm_hr_i-xxvi.indd 9 8/16/17 7:01 PM
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Table of Contentsx Secure Coding Techniques .............................................................................404 Code Testing ............................................................................................... .... 405 Chapter Summary ............................................................................................ 406 Key Terms ............................................................................................... .......... 409 Review Questions................................................................................ ............. 410
Case Projects ............................................................................................... ..... 417 CHAPTER 10 Mobile and Embedded Device Security .............................. 421 Mobile Device Types and Deployment .......................................................... 423 Types of Mobile Devices ................................................................................ 424 Mobile Device Risks ......................................................................................... 432 Mobile Device Vulnerabilities........................................................................ 432 Connection Vulnerabilities ............................................................................ 436 Accessing Untrusted Content ........................................................................ 436 Deployment Model Risks
............................................................................... 438 Securing Mobile Devices ................................................................................. 439 Device Configuration ..................................................................................... 439 Mobile Management Tools ............................................................................ 446 Mobile Device App Security .......................................................................... 448 Embedded Systems and the Internet of Things ........................................... 449 Embedded Systems................................................................................... ..... 449 Internet of Things ...........................................................................................45 1 Security Implications ..................................................................................... 452 Chapter Summary ............................................................................................ 455
Key Terms ............................................................................................... .......... 457 Review Questions................................................................................ ............. 457 Case Projects ............................................................................................... ..... 465 PART 5 IDENTITY AND ACCESS MANAGEMENT ................................ 469 CHAPTER 11 Authentication and Account Management ....................... 471 Authentication Credentials ............................................................................ 473 What You Know: Passwords
.......................................................................... 475 What You Have: Tokens, Cards, and Cell Phones .......................................... 489 What You Are: Biometrics ............................................................................. 492 What You Do: Behavioral Biometrics ............................................................ 498 88781_fm_hr_i-xxvi.indd 10 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Table of Contents xi Where You Are: Geolocation ......................................................................... 499 Single Sign-on ............................................................................................... .... 500
Account Management ..................................................................................... 502 Chapter Summary ............................................................................................ 505 Key Terms ............................................................................................... ........... 506 Review Questions............................................................ .................... ............. 507 Case Projects ............................................................................................... ..... 517 CHAPTER 12 Access Management ............................................................. 521 What Is Access Control? .................................................................................. 523
Access Control Terminology .......................................................................... 524 Access Control Models ....................................................................................527 Managing Access Through Account Management....................................... 533 Account Setup .................................................................................... ........... ..533 Account Auditing ........................................................................................... 539 Best Practices for Access Control ................................................................... 540 Separation of Duties ...................................................................................... 540 Job Rotation ............................................................................................... .... 540 Mandatory Vacations................................................................................ ......541
Clean Desk Policy ............................................................................................5 41 Implementing Access Control ........................................................................ 542 Access Control Lists (ACLs) ............................................................................ 542 Group-Based Access Control ......................................................................... 543 Identity and Access Services .......................................................................... 544 RADIUS ............................................................................................... ............ 545 Kerberos ............................................................................................... .......... 547 Terminal Access Control Access Control System+ (TACACS+) ...................... 548 Lightweight Directory Access Protocol (LDAP) .............................................. 549 Security Assertion Markup Language (SAML) ............................................... 550
Authentication Framework Protocols ............................................................ 551 Chapter Summary ............................................................................................ 552 Key Terms ............................................................................................... .......... 554 Review Questions................................................................................ ............. 554 Case Projects ............................................................................................... ..... 561 88781_fm_hr_i-xxvi.indd 11 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Table of Contentsxii PART 6 RISK MANAGEMENT .............................................................. 563 CHAPTER 13 Vulnerability Assessment and Data Security .................... 565 Assessing the Security Posture ...................................................................... 567 What Is Vulnerability Assessment? ............................................................... 567 Vulnerability Assessment Tools .....................................................................573 Vulnerability Scanning .................................................................................... 584 Penetration Testing .........................................................................................
586 Practicing Data Privacy and Security ............................................................. 588 What Is Privacy? ............................................................................................. 589 Risks Associated with Private Data ............................................................... 590 Maintaining Data Privacy and Security ......................................................... 592 Chapter Summary ............................................................................................ 596 Key Terms ............................................................................................... .......... 598 Review Questions................................................................................ ............. 598 Case Projects
............................................................................................... ..... 604 CHAPTER 14 Business Continuity .............................................................. 607 What Is Business Continuity? ......................................................................... 609 Business Continuity Planning (BCP) .............................................................609 Business Impact Analysis (BIA) ...................................................................... 611 Disaster Recovery Plan (DRP) .........................................................................612 Fault Tolerance Through Redundancy .......................................................... 615 Servers ............................................................................................... ............ 616 Storage ............................................................................................... .............617
Networks ............................................................................................... ..........621 Power ............................................................................................... .............. 622 Recovery Sites ............................................................................................... . 622 Data ............................................................................................... ................. 623 Environmental Controls .................................................................................. 628 Fire Suppression ............................................................................................ 628 Electromagnetic Disruption Protection ..........................................................631 HVAC ............................................................................................... ................631 Incident Response
........................................................................................... 633 What Is Forensics? ......................................................................................... 633 88781_fm_hr_i-xxvi.indd 12 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Table of Contents xiii Incident Response Plan ................................................................................. 633 Forensics Procedures ..................................................................................... 634 Chapter Summary ............................................................................................ 640
Key Terms ............................................................................................... .......... 642 Review Questions................................................................................ ............. 643 Case Projects ............................................................................................. .. ..... 649 CHAPTER 15 Risk Mitigation ...................................................................... 651 Managing Risk ............................................................................................... ... 653 Threat Assessment ........................................................................................ 654 Risk Assessment ............................................................................................ 656
Strategies for Reducing Risk ........................................................................... 664 Using Control Types...................................................................................... . 664 Distributing Allocation ..................................................................................666 Implementing Technology ............................................................................666 Practices for Reducing Risk............................................................................. 668 Security Policies ............................................................................................. 669 Awareness and Training ................................................................................ 675 Agreements ............................................................................................... ..... 677 Personnel Management ................................................................................. 679 Troubleshooting Common Security Issues
................................................... 679 Chapter Summary ............................................................................................ 680 Key Terms ............................................................................................... .......... 682 Review Questions................................................................................ ............. 682 Case Projects ............................................................................................... ..... 688 APPENDIX A CompTIA SY0-501 Certification Exam Objectives .............. 691 GLOSSARY ...............................................................................................
.......... 713 INDEX ............................................................................................... .................. 741 88781_fm_hr_i-xxvi.indd 13 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 88781_fm_hr_i-xxvi.indd 14 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 The number one concern of computer professionals today continues to be information security, and with good reason. Consider the
evidence: over 1.5 billion Yahoo user accounts were compromised in just two separate attacks.1 A ransom of $1 million dollars was paid to unlock files that had been encrypted by ransomware.2 A global payment sys- tem used to transfer money between countries was compromised by attackers who stole $81 billion from the central bank of Bangladesh.3 It is estimated that global spending on products and services to prevent these attacks will exceed $1 trillion cumulatively between 2017 and 2021. But despite the huge sum spent on protection, cybercrime will still cost businesses over $6 trillion by 2021.4 As attacks continue to escalate, the need for trained security per- sonnel also increases. It is estimated that there are currentl y over 1.5 million unfilled security jobs worldwide and this will grow by 20
percent to 1.8 million by the year 2022.5 According to the U.S. Bureau of Labor Statistics (BLS) “Occupational Outlook Handbook,” the job out- look for information security analysts through 2024 is expected to grow by 18 percent, faster than the average growth rate.6 To verify security competency, most organizations use the Comput- ing Technology Industry Association (CompTIA) Security+ certification, a vendor-neutral credential. Security+ is one of the most widely recog- nized security certifications and has become the security foundation for today’s IT professionals. It is internationally recognized as validat- ing a foundation level of security skills and knowledge. A successful Security+ candidate has the knowledge and skills required to identify threats, attacks and vulnerabilities; use security technologies and tools; understand security architecture and design; perform identity
and access management; know about risk management; and use cryptography. Security+ Guide to Network Security Fundamentals, Sixth Edition is designed to equip learners with the knowledge and skills needed to be information security professionals. Yet it is more than an “exam prep” book. While teaching the fundamentals of information security by using the CompTIA Security+ exam objectives as its framework, it takes a comprehensive view of security by examining in-depth the attacks against networks and computer systems and the necessary defense mechanisms. Security+ Guide to Network Security Fundamen- tals, Sixth Edition is a valuable tool for those who want to learn about security and who desire to enter the field of information security. It also provides the foundation that will help prepare for the
CompTIA Security+ certification exam. xv INTRODUCTION 88781_fm_hr_i-xxvi.indd 15 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Introductionxvi Intended Audience This book is designed to meet the needs of students and professionals who want to master basic information security. A fundamental knowledge of computers and net- works is all that is required to use this book. Those seeking to pass the CompTIA Secu- rity+ certification exam will find the text’s approach and
content especially helpful; all Security+ SY0-501 exam objectives are covered in the text (see Appendix A). Security+ Guide to Network Security Fundamentals, Sixth Edition covers all aspects of network and computer security while satisfying the Security+ objectives. The book’s pedagogical features are designed to provide a truly interactive learning experience to help prepare you for the challenges of network and computer security. In addition to the information presented in the text, each chapter includes Hands-On Projects that guide you through implementing practical hardware, software, network, and Internet security configurations step by step. Each chapter also contains case stud- ies that place you in the role of problem solver, requiring you to apply concepts pre- sented in the chapter to achieve successful solutions. Chapter Descriptions Here is a summary of the topics covered in each chapter of this book:
Chapter 1, “Introduction to Security,” introduces the network security fundamen- tals that form the basis of the Security+ certification. It begins by examining the cur- rent challenges in computer security and why security is so difficult to achieve. It then defines information security in detail and explores why it is important. Finally, the chapter looks at the fundamental attacks, including who is responsible for them, and defenses. Chapter 2, “Malware and Social Engineering Attacks,” examines attacks that use different types of malware, such as viruses, worms, Trojans, and botnets. It also looks at the different types of social engineering attacks. Chapter 3, “Basic Cryptography,” explores how encryption can be used to protect data. It covers what cryptography is and how it can be used for protection, and then examines how to protect data using three common types of encryption algorithms: hashing, symmetric encryption, and asymmetric encryption. It
also covers how to use cryptography on files and disks to keep data secure. Chapter 4, “Advanced Cryptography and PKI,” examines how to implement cryp- tography and use digital certificates. It also looks at public key infrastructure and key management. This chapter covers different transport cryptographic algorithms to see how cryptography is used on data that is being transported. Chapter 5, “Networking and Server Attacks,” explores the different attacks that are directed at enterprises. It includes networking-based attacks as well as server attacks. 88781_fm_hr_i-xxvi.indd 16 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Introduction xvii Chapter 6, “Network Security Devices, Design, and Technology,” examines how to protect networks through standard network devices and network security hard- ware. It also covers implementing security through network architectures and network technologies. Chapter 7, “Administering a Secure Network,” looks at the techniques for admin- istering a network. This includes understanding common network protocols and the proper placement of security devices and technologies. It also looks at analyzing secu- rity data and securing network platforms such as virtualization, cloud computing, and software defined networks. Chapter 8, “Wireless Network Security,” investigates the attacks on wireless devices that are common today and explores different wireless security mechanisms that have proven to be vulnerable. It also covers several secure
wireless protections. Chapter 9, “Client and Application Security,” examines securing the client through hardware and peripherals through hardware and the operating system. It also looks at physical security to create external perimeter defenses and internal physical access security. This chapter also covers application security vulnerabilities and the development of secure apps. Chapter 10, “Mobile and Embedded Device Security,” looks at the different types of mobile devices and the risks associated with these devices. It also explores how to secure these devices and the applications running on them. Finally, it examines how embedded systems and the Internet of Things devices can be secured. Chapter 11, “Authentication and Account Management,” looks at authentication and the secure management of user accounts to enforce authentication. It covers the
different types of authentication credentials that can be used to verify a user’s identity and how a single sign-on might be used. It also examines the techniques and technol- ogy used to manage user accounts in a secure fashion. Chapter 12, “Access Management,” introduces the principles and practices of access control by examining access control terminolo gy, the standard control mod- els, and managing access through account management. It also covers best practices, implementing access control, and identity and access services. Chapter 13, “Vulnerability Assessment and Data Security,” explains what vulner- ability assessment is and examines the tools and techniques associated with it. It also explores the differences between vulnerability scanning and penetration testing. The chapter concludes with an examination of data privacy. Chapter 14, “Business Continuity,” covers the importance of keeping business processes and communications operating normally in the face of
threats and disrup- tions. It explores business continuity, fault tolerance, environmental controls, and inci- dent response. Chapter 15, “Risk Mitigation,” looks at how organizations can establish and main- tain security in the face of risk. It defines risk and the strategies to control it. This chap- ter also covers practices for reducing risk and troubleshooting common security issues. 88781_fm_hr_i-xxvi.indd 17 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Introductionxviii Appendix A, “CompTIA SY0-501 Certification Examination Objectives,” provides a complete listing of the latest CompTIA Security+ certification
exam objectives and shows the chapters and headings in the book that cover material associated with each objective, as well as the Bloom’s Taxonomy level of that coverage. Features To aid you in fully understanding computer and network security, this book includes many features designed to enhance your learning experience. • Maps to CompTIA Objectives. The material in this text covers all the CompTIA Security+ SY0-501 exam objectives. • Chapter Objectives. Each chapter begins with a detailed list of the concepts to be mastered in that chapter. This list provides you with both a quick reference to the chapter’s contents and a useful study aid. • Today’s Attacks and Defenses. Each chapter opens with a vignette of an actual security attack or defense mechanism that helps to introduce the material covered
in that chapter. • Illustrations and Tables. Numerous illustrations of security vulnerabilities, attacks, and defenses help you visualize security elements, theories, and concepts. In addition, the many tables provide details and comparisons of practical and theoretical information. • Chapter Summaries. Each chapter’s text is followed by a summary of the concepts introduced in that chapter. These summaries provide a helpful way to review the ideas covered in each chapter. • Key Terms. All the terms in each chapter that were introduced with bold text are gathered in a Key Terms list, providing additional review and highlighting key con- cepts. Key Term definitions are included in the Glossary at the end of the text. • Review Questions. The end-of-chapter assessment begins with a set of review
questions that reinforce the ideas introduced in each chapter. These questions help you evaluate and apply the material you have learned. Answering these questions will ensure that you have mastered the important concepts and provide valuable practice for taking CompTIA’s Security+ exam. • Hands-On Projects. Although it is important to understand the theory behind network security, nothing can improve on real-world experience. To this end, each chapter provides several Hands-On Projects aimed at providing you with practical security software and hardware implementation experience. These proj- ects use the Windows 10 operating system, as well as software downloaded from the Internet. • Case Projects. Located at the end of each chapter are several Case Projects. In these extensive exercises, you implement the skills and knowledge gained in the chapter through real design and implementation scenarios.
88781_fm_hr_i-xxvi.indd 18 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Introduction xix New to This Edition • Maps fully to the latest CompTIA Security+ exam SY0-501 • Completely revised and updated with expanded coverage on attacks and defenses • New chapter units: Security and Its Threats, Cryptography, Network Attacks and Defenses, Device Security, Identity and Access Management, and Risk Management • Earlier coverage of cryptography and advanced cryptography • All new “Today’s Attacks and Defenses” opener in each chapter • New and updated Hands-On Projects in each chapter covering some of the latest
security software • More Case Projects in each chapter • Expanded Information Security Community Site activity in each chapter allows learners to interact with other learners and security professionals from around the world • All SY0-501 exam topics fully defined • Linking of each exam sub-domain to Bloom’s Taxonomy (see Appendix A) Text and Graphic Conventions Wherever appropriate, additional information and exercises have been added to this book to help you better understand the topic at hand. Icons throughout the text alert you to additional materials. The following icons are0 used in this textbook: The Note icon draws your attention to additional helpful material related to the subject being described.
Tips based on the author’s experience provide extra informa- tion about how to attack a problem or what to do in real -world situations. The Caution icons warn you about potential mistakes or prob- lems, and explain how to avoid them. Hands-On Projects help you understand the theory behind network security with activities using the latest security software and hardware. The Case Projects icon marks Case Projects, which are scenario- based assignments. In these extensive case examples, you are asked to implement independently what you have learned. Certification icons indicate CompTIA Security+ objectives covered under major chapter headings. Hands-On Projects Case Projects
Certification Note Tip Caution 88781_fm_hr_i-xxvi.indd 19 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Introductionxx Instructor’s Materials Everything you need for your course in one place. This collection of book-specific lecture and class tools is available online. Please visit login.cengage.com and log in to access instructor-specific resources on the Instructor
Companion Site, which includes the Instructor’s Manual,

Recommended

comptia-security-certification-bundle-exam-sy0-401 EMERSON EDUARDO RODRIGUES
comptia-security-certification-bundle-exam-sy0-401 EMERSON EDUARDO RODRIGUEScomptia-security-certification-bundle-exam-sy0-401 EMERSON EDUARDO RODRIGUES
comptia-security-certification-bundle-exam-sy0-401 EMERSON EDUARDO RODRIGUESEMERSON EDUARDO RODRIGUES
 
ITQ-Sample-2013
ITQ-Sample-2013ITQ-Sample-2013
ITQ-Sample-2013Paul Buggs
 
ITQ-Sample-2016
ITQ-Sample-2016ITQ-Sample-2016
ITQ-Sample-2016Paul Buggs
 
Kali linux cookbook
Kali linux cookbookKali linux cookbook
Kali linux cookbookJules Krdenas
 
WhatsApp Image 2020-02-19 at 11.05.16 PM.jpegWhatsApp Image .docx
WhatsApp Image 2020-02-19 at 11.05.16 PM.jpegWhatsApp Image .docxWhatsApp Image 2020-02-19 at 11.05.16 PM.jpegWhatsApp Image .docx
WhatsApp Image 2020-02-19 at 11.05.16 PM.jpegWhatsApp Image .docxhelzerpatrina
 
Sace client guide
Sace client guideSace client guide
Sace client guideArslan Saleem
 
200 SNYPR Fundamentals Training Guide.pdf
200 SNYPR Fundamentals Training Guide.pdf200 SNYPR Fundamentals Training Guide.pdf
200 SNYPR Fundamentals Training Guide.pdfPowJr
 
Programming.pdf
Programming.pdfProgramming.pdf
Programming.pdfMd. Ashraf Uddin
 

Recommended

comptia-security-certification-bundle-exam-sy0-401 EMERSON EDUARDO RODRIGUES
comptia-security-certification-bundle-exam-sy0-401 EMERSON EDUARDO RODRIGUEScomptia-security-certification-bundle-exam-sy0-401 EMERSON EDUARDO RODRIGUES
comptia-security-certification-bundle-exam-sy0-401 EMERSON EDUARDO RODRIGUESEMERSON EDUARDO RODRIGUES
 
ITQ-Sample-2013
ITQ-Sample-2013ITQ-Sample-2013
ITQ-Sample-2013Paul Buggs
 
ITQ-Sample-2016
ITQ-Sample-2016ITQ-Sample-2016
ITQ-Sample-2016Paul Buggs
 
Kali linux cookbook
Kali linux cookbookKali linux cookbook
Kali linux cookbookJules Krdenas
 
WhatsApp Image 2020-02-19 at 11.05.16 PM.jpegWhatsApp Image .docx
WhatsApp Image 2020-02-19 at 11.05.16 PM.jpegWhatsApp Image .docxWhatsApp Image 2020-02-19 at 11.05.16 PM.jpegWhatsApp Image .docx
WhatsApp Image 2020-02-19 at 11.05.16 PM.jpegWhatsApp Image .docxhelzerpatrina
 
Sace client guide
Sace client guideSace client guide
Sace client guideArslan Saleem
 
200 SNYPR Fundamentals Training Guide.pdf
200 SNYPR Fundamentals Training Guide.pdf200 SNYPR Fundamentals Training Guide.pdf
200 SNYPR Fundamentals Training Guide.pdfPowJr
 
Programming.pdf
Programming.pdfProgramming.pdf
Programming.pdfMd. Ashraf Uddin
 
Access 2007
Access 2007Access 2007
Access 2007ngyuc
 
So you wanna be a pentester - free webinar to show you how
So you wanna be a pentester - free webinar to show you howSo you wanna be a pentester - free webinar to show you how
So you wanna be a pentester - free webinar to show you howJoe McCray
 
Ngh 15 user_guide
Ngh 15 user_guideNgh 15 user_guide
Ngh 15 user_guideGianLorenzoMolinari
 
02 compliance assessment_guide_-_2018-05-15
02 compliance assessment_guide_-_2018-05-1502 compliance assessment_guide_-_2018-05-15
02 compliance assessment_guide_-_2018-05-15Patria Purna Nugraha
 
2020 vrm expert reference guide
2020 vrm expert reference guide2020 vrm expert reference guide
2020 vrm expert reference guideAnkitKumar250429
 
Micrso Strategy Advanced Guide
Micrso Strategy Advanced GuideMicrso Strategy Advanced Guide
Micrso Strategy Advanced Guidedivjeev
 
Nsc42 - is the cloud secure - is easy if you do it smart ECC Conference
Nsc42 - is the cloud secure - is easy if you do it smart ECC ConferenceNsc42 - is the cloud secure - is easy if you do it smart ECC Conference
Nsc42 - is the cloud secure - is easy if you do it smart ECC ConferenceNSC42 Ltd
 
Return of the security champions ep1 (1)
Return of the security champions ep1 (1)Return of the security champions ep1 (1)
Return of the security champions ep1 (1)Marcos Valle
 
Secure webdev 3.0
Secure webdev 3.0Secure webdev 3.0
Secure webdev 3.0toots marcelo
 
testingexperience19_09_12
testingexperience19_09_12testingexperience19_09_12
testingexperience19_09_12Damian Buonamico
 
Use our Threat Modeling Playbook to Improve your Product Security
Use our Threat Modeling Playbook to Improve your Product Security Use our Threat Modeling Playbook to Improve your Product Security
Use our Threat Modeling Playbook to Improve your Product Security Sebastien Deleersnyder
 
Metasploit 5.0 for beginners 2nd edition
Metasploit 5.0 for beginners 2nd editionMetasploit 5.0 for beginners 2nd edition
Metasploit 5.0 for beginners 2nd editionPaulo R
 
MBC
MBCMBC
MBCA Rx
 
Penetration Testing Procedures & Methodologies.pdf
Penetration Testing Procedures & Methodologies.pdfPenetration Testing Procedures & Methodologies.pdf
Penetration Testing Procedures & Methodologies.pdfHimalaya raj Sinha
 
Developer’s guide to microsoft enterprise library preview
Developer’s guide to microsoft enterprise library previewDeveloper’s guide to microsoft enterprise library preview
Developer’s guide to microsoft enterprise library previewSteve Xu
 
Network security tutorial
Network security tutorialNetwork security tutorial
Network security tutorialiuvmtech
 
MCGlobalTech Cyber Capability Statement_Final
MCGlobalTech Cyber Capability Statement_FinalMCGlobalTech Cyber Capability Statement_Final
MCGlobalTech Cyber Capability Statement_FinalWilliam McBorrough
 
Live Coding with Salesforce Developers: Decoupling your org with Triggers
Live Coding with Salesforce Developers: Decoupling your org with TriggersLive Coding with Salesforce Developers: Decoupling your org with Triggers
Live Coding with Salesforce Developers: Decoupling your org with TriggersDeveloper Force
 
CMGT 411 Entire Course NEW
CMGT 411 Entire Course NEWCMGT 411 Entire Course NEW
CMGT 411 Entire Course NEWshyamuopfive
 
b-ciodigest_apr13.en-us
b-ciodigest_apr13.en-usb-ciodigest_apr13.en-us
b-ciodigest_apr13.en-usPatrick Spencer
 
Building on the Report Analysis you completed in Week 4, create a 10.docx
Building on the Report Analysis you completed in Week 4, create a 10.docxBuilding on the Report Analysis you completed in Week 4, create a 10.docx
Building on the Report Analysis you completed in Week 4, create a 10.docxMikeEly930
 
Bullet In the BrainHow to date a brown girl (black girl, white.docx
Bullet In the BrainHow to date a brown girl (black girl, white.docxBullet In the BrainHow to date a brown girl (black girl, white.docx
Bullet In the BrainHow to date a brown girl (black girl, white.docxMikeEly930
 

More Related Content

Similar to CompTIA Security+ Guide to Network Security Fundamentals

Access 2007
Access 2007Access 2007
Access 2007ngyuc
 
So you wanna be a pentester - free webinar to show you how
So you wanna be a pentester - free webinar to show you howSo you wanna be a pentester - free webinar to show you how
So you wanna be a pentester - free webinar to show you howJoe McCray
 
02 compliance assessment_guide_-_2018-05-15
02 compliance assessment_guide_-_2018-05-1502 compliance assessment_guide_-_2018-05-15
02 compliance assessment_guide_-_2018-05-15Patria Purna Nugraha
 
2020 vrm expert reference guide
2020 vrm expert reference guide2020 vrm expert reference guide
2020 vrm expert reference guideAnkitKumar250429
 
Micrso Strategy Advanced Guide
Micrso Strategy Advanced GuideMicrso Strategy Advanced Guide
Micrso Strategy Advanced Guidedivjeev
 
Nsc42 - is the cloud secure - is easy if you do it smart ECC Conference
Nsc42 - is the cloud secure - is easy if you do it smart ECC ConferenceNsc42 - is the cloud secure - is easy if you do it smart ECC Conference
Nsc42 - is the cloud secure - is easy if you do it smart ECC ConferenceNSC42 Ltd
 
Return of the security champions ep1 (1)
Return of the security champions ep1 (1)Return of the security champions ep1 (1)
Return of the security champions ep1 (1)Marcos Valle
 
Use our Threat Modeling Playbook to Improve your Product Security
Use our Threat Modeling Playbook to Improve your Product Security Use our Threat Modeling Playbook to Improve your Product Security
Use our Threat Modeling Playbook to Improve your Product Security Sebastien Deleersnyder
 
Metasploit 5.0 for beginners 2nd edition
Metasploit 5.0 for beginners 2nd editionMetasploit 5.0 for beginners 2nd edition
Metasploit 5.0 for beginners 2nd editionPaulo R
 
MBC
MBCMBC
MBCA Rx
 
Penetration Testing Procedures & Methodologies.pdf
Penetration Testing Procedures & Methodologies.pdfPenetration Testing Procedures & Methodologies.pdf
Penetration Testing Procedures & Methodologies.pdfHimalaya raj Sinha
 
Developer’s guide to microsoft enterprise library preview
Developer’s guide to microsoft enterprise library previewDeveloper’s guide to microsoft enterprise library preview
Developer’s guide to microsoft enterprise library previewSteve Xu
 
Network security tutorial
Network security tutorialNetwork security tutorial
Network security tutorialiuvmtech
 
MCGlobalTech Cyber Capability Statement_Final
MCGlobalTech Cyber Capability Statement_FinalMCGlobalTech Cyber Capability Statement_Final
MCGlobalTech Cyber Capability Statement_FinalWilliam McBorrough
 
Live Coding with Salesforce Developers: Decoupling your org with Triggers
Live Coding with Salesforce Developers: Decoupling your org with TriggersLive Coding with Salesforce Developers: Decoupling your org with Triggers
Live Coding with Salesforce Developers: Decoupling your org with TriggersDeveloper Force
 
CMGT 411 Entire Course NEW
CMGT 411 Entire Course NEWCMGT 411 Entire Course NEW
CMGT 411 Entire Course NEWshyamuopfive
 

Similar to CompTIA Security+ Guide to Network Security Fundamentals (20)

Access 2007
Access 2007Access 2007
Access 2007
 
So you wanna be a pentester - free webinar to show you how
So you wanna be a pentester - free webinar to show you howSo you wanna be a pentester - free webinar to show you how
So you wanna be a pentester - free webinar to show you how
 
Ngh 15 user_guide
Ngh 15 user_guideNgh 15 user_guide
Ngh 15 user_guide
 
02 compliance assessment_guide_-_2018-05-15
02 compliance assessment_guide_-_2018-05-1502 compliance assessment_guide_-_2018-05-15
02 compliance assessment_guide_-_2018-05-15
 
2020 vrm expert reference guide
2020 vrm expert reference guide2020 vrm expert reference guide
2020 vrm expert reference guide
 
Micrso Strategy Advanced Guide
Micrso Strategy Advanced GuideMicrso Strategy Advanced Guide
Micrso Strategy Advanced Guide
 
Nsc42 - is the cloud secure - is easy if you do it smart ECC Conference
Nsc42 - is the cloud secure - is easy if you do it smart ECC ConferenceNsc42 - is the cloud secure - is easy if you do it smart ECC Conference
Nsc42 - is the cloud secure - is easy if you do it smart ECC Conference
 
Return of the security champions ep1 (1)
Return of the security champions ep1 (1)Return of the security champions ep1 (1)
Return of the security champions ep1 (1)
 
Secure webdev 3.0
Secure webdev 3.0Secure webdev 3.0
Secure webdev 3.0
 
testingexperience19_09_12
testingexperience19_09_12testingexperience19_09_12
testingexperience19_09_12
 
Use our Threat Modeling Playbook to Improve your Product Security
Use our Threat Modeling Playbook to Improve your Product Security Use our Threat Modeling Playbook to Improve your Product Security
Use our Threat Modeling Playbook to Improve your Product Security
 
Metasploit 5.0 for beginners 2nd edition
Metasploit 5.0 for beginners 2nd editionMetasploit 5.0 for beginners 2nd edition
Metasploit 5.0 for beginners 2nd edition
 
MBC
MBCMBC
MBC
 
Penetration Testing Procedures & Methodologies.pdf
Penetration Testing Procedures & Methodologies.pdfPenetration Testing Procedures & Methodologies.pdf
Penetration Testing Procedures & Methodologies.pdf
 
Developer’s guide to microsoft enterprise library preview
Developer’s guide to microsoft enterprise library previewDeveloper’s guide to microsoft enterprise library preview
Developer’s guide to microsoft enterprise library preview
 
Network security tutorial
Network security tutorialNetwork security tutorial
Network security tutorial
 
MCGlobalTech Cyber Capability Statement_Final
MCGlobalTech Cyber Capability Statement_FinalMCGlobalTech Cyber Capability Statement_Final
MCGlobalTech Cyber Capability Statement_Final
 
Live Coding with Salesforce Developers: Decoupling your org with Triggers
Live Coding with Salesforce Developers: Decoupling your org with TriggersLive Coding with Salesforce Developers: Decoupling your org with Triggers
Live Coding with Salesforce Developers: Decoupling your org with Triggers
 
CMGT 411 Entire Course NEW
CMGT 411 Entire Course NEWCMGT 411 Entire Course NEW
CMGT 411 Entire Course NEW
 
b-ciodigest_apr13.en-us
b-ciodigest_apr13.en-usb-ciodigest_apr13.en-us
b-ciodigest_apr13.en-us
 

More from MikeEly930

Building on the Report Analysis you completed in Week 4, create a 10.docx
Building on the Report Analysis you completed in Week 4, create a 10.docxBuilding on the Report Analysis you completed in Week 4, create a 10.docx
Building on the Report Analysis you completed in Week 4, create a 10.docxMikeEly930
 
Bullet In the BrainHow to date a brown girl (black girl, white.docx
Bullet In the BrainHow to date a brown girl (black girl, white.docxBullet In the BrainHow to date a brown girl (black girl, white.docx
Bullet In the BrainHow to date a brown girl (black girl, white.docxMikeEly930
 
Budgeting and Financial ManagementPart 1There is a mounting publ.docx
Budgeting and Financial ManagementPart 1There is a mounting publ.docxBudgeting and Financial ManagementPart 1There is a mounting publ.docx
Budgeting and Financial ManagementPart 1There is a mounting publ.docxMikeEly930
 
Building aswimmingpoolTaskWorkerCategoryPerson.docx
Building aswimmingpoolTaskWorkerCategoryPerson.docxBuilding aswimmingpoolTaskWorkerCategoryPerson.docx
Building aswimmingpoolTaskWorkerCategoryPerson.docxMikeEly930
 
Bringing about Change in the Public Sector Please respond to the.docx
Bringing about Change in the Public Sector Please respond to the.docxBringing about Change in the Public Sector Please respond to the.docx
Bringing about Change in the Public Sector Please respond to the.docxMikeEly930
 
Briefly share with the class the  issue analysis paper written in .docx
Briefly share with the class the  issue analysis paper written in .docxBriefly share with the class the  issue analysis paper written in .docx
Briefly share with the class the  issue analysis paper written in .docxMikeEly930
 
Bronsen acquired a biblical manuscript in 1955.In 1962, he told .docx
Bronsen acquired a biblical manuscript in 1955.In 1962, he told .docxBronsen acquired a biblical manuscript in 1955.In 1962, he told .docx
Bronsen acquired a biblical manuscript in 1955.In 1962, he told .docxMikeEly930
 
BrochureInclude the following in your resource (Hyperten.docx
BrochureInclude the following in your resource (Hyperten.docxBrochureInclude the following in your resource (Hyperten.docx
BrochureInclude the following in your resource (Hyperten.docxMikeEly930
 
BSBMKG607B Manage market researchAssessment Task 1Procedure Fr.docx
BSBMKG607B Manage market researchAssessment Task 1Procedure Fr.docxBSBMKG607B Manage market researchAssessment Task 1Procedure Fr.docx
BSBMKG607B Manage market researchAssessment Task 1Procedure Fr.docxMikeEly930
 
Briefly provide an overview of Sir Robert Peel’s contributions to po.docx
Briefly provide an overview of Sir Robert Peel’s contributions to po.docxBriefly provide an overview of Sir Robert Peel’s contributions to po.docx
Briefly provide an overview of Sir Robert Peel’s contributions to po.docxMikeEly930
 
Brain-Based Innovative Teaching and Learning Strategies Chapter .docx
Brain-Based Innovative Teaching and Learning Strategies Chapter .docxBrain-Based Innovative Teaching and Learning Strategies Chapter .docx
Brain-Based Innovative Teaching and Learning Strategies Chapter .docxMikeEly930
 
Brief Exercise 4-2Brisky Corporation had net sales of $2,400,000 a.docx
Brief Exercise 4-2Brisky Corporation had net sales of $2,400,000 a.docxBrief Exercise 4-2Brisky Corporation had net sales of $2,400,000 a.docx
Brief Exercise 4-2Brisky Corporation had net sales of $2,400,000 a.docxMikeEly930
 
Both Germany and Finland, among a large number of other nation state.docx
Both Germany and Finland, among a large number of other nation state.docxBoth Germany and Finland, among a large number of other nation state.docx
Both Germany and Finland, among a large number of other nation state.docxMikeEly930
 
Brief Exercise 5-2Koch Corporation’s adjusted trial balance contai.docx
Brief Exercise 5-2Koch Corporation’s adjusted trial balance contai.docxBrief Exercise 5-2Koch Corporation’s adjusted trial balance contai.docx
Brief Exercise 5-2Koch Corporation’s adjusted trial balance contai.docxMikeEly930
 
Brief Exercise 4-2Brisky Corporation had net sales of $2,400,000.docx
Brief Exercise 4-2Brisky Corporation had net sales of $2,400,000.docxBrief Exercise 4-2Brisky Corporation had net sales of $2,400,000.docx
Brief Exercise 4-2Brisky Corporation had net sales of $2,400,000.docxMikeEly930
 
Briefly describe how the following tools can be Applied to a psychol.docx
Briefly describe how the following tools can be Applied to a psychol.docxBriefly describe how the following tools can be Applied to a psychol.docx
Briefly describe how the following tools can be Applied to a psychol.docxMikeEly930
 
Branding ConceptsBranding is one of the marketing-orig.docx
Branding ConceptsBranding is one of the marketing-orig.docxBranding ConceptsBranding is one of the marketing-orig.docx
Branding ConceptsBranding is one of the marketing-orig.docxMikeEly930
 
Briefly discuss the key phases of the SDLC methodology.Discuss the.docx
Briefly discuss the key phases of the SDLC methodology.Discuss the.docxBriefly discuss the key phases of the SDLC methodology.Discuss the.docx
Briefly discuss the key phases of the SDLC methodology.Discuss the.docxMikeEly930
 
Briefly describe a time when you received a job description and fe.docx
Briefly describe a time when you received a job description and fe.docxBriefly describe a time when you received a job description and fe.docx
Briefly describe a time when you received a job description and fe.docxMikeEly930
 
Briefly discuss the meaning of the so-called social contract. In.docx
Briefly discuss the meaning of the so-called social contract. In.docxBriefly discuss the meaning of the so-called social contract. In.docx
Briefly discuss the meaning of the so-called social contract. In.docxMikeEly930
 

More from MikeEly930 (20)

Building on the Report Analysis you completed in Week 4, create a 10.docx
Building on the Report Analysis you completed in Week 4, create a 10.docxBuilding on the Report Analysis you completed in Week 4, create a 10.docx
Building on the Report Analysis you completed in Week 4, create a 10.docx
 
Bullet In the BrainHow to date a brown girl (black girl, white.docx
Bullet In the BrainHow to date a brown girl (black girl, white.docxBullet In the BrainHow to date a brown girl (black girl, white.docx
Bullet In the BrainHow to date a brown girl (black girl, white.docx
 
Budgeting and Financial ManagementPart 1There is a mounting publ.docx
Budgeting and Financial ManagementPart 1There is a mounting publ.docxBudgeting and Financial ManagementPart 1There is a mounting publ.docx
Budgeting and Financial ManagementPart 1There is a mounting publ.docx
 
Building aswimmingpoolTaskWorkerCategoryPerson.docx
Building aswimmingpoolTaskWorkerCategoryPerson.docxBuilding aswimmingpoolTaskWorkerCategoryPerson.docx
Building aswimmingpoolTaskWorkerCategoryPerson.docx
 
Bringing about Change in the Public Sector Please respond to the.docx
Bringing about Change in the Public Sector Please respond to the.docxBringing about Change in the Public Sector Please respond to the.docx
Bringing about Change in the Public Sector Please respond to the.docx
 
Briefly share with the class the  issue analysis paper written in .docx
Briefly share with the class the  issue analysis paper written in .docxBriefly share with the class the  issue analysis paper written in .docx
Briefly share with the class the  issue analysis paper written in .docx
 
Bronsen acquired a biblical manuscript in 1955.In 1962, he told .docx
Bronsen acquired a biblical manuscript in 1955.In 1962, he told .docxBronsen acquired a biblical manuscript in 1955.In 1962, he told .docx
Bronsen acquired a biblical manuscript in 1955.In 1962, he told .docx
 
BrochureInclude the following in your resource (Hyperten.docx
BrochureInclude the following in your resource (Hyperten.docxBrochureInclude the following in your resource (Hyperten.docx
BrochureInclude the following in your resource (Hyperten.docx
 
BSBMKG607B Manage market researchAssessment Task 1Procedure Fr.docx
BSBMKG607B Manage market researchAssessment Task 1Procedure Fr.docxBSBMKG607B Manage market researchAssessment Task 1Procedure Fr.docx
BSBMKG607B Manage market researchAssessment Task 1Procedure Fr.docx
 
Briefly provide an overview of Sir Robert Peel’s contributions to po.docx
Briefly provide an overview of Sir Robert Peel’s contributions to po.docxBriefly provide an overview of Sir Robert Peel’s contributions to po.docx
Briefly provide an overview of Sir Robert Peel’s contributions to po.docx
 
Brain-Based Innovative Teaching and Learning Strategies Chapter .docx
Brain-Based Innovative Teaching and Learning Strategies Chapter .docxBrain-Based Innovative Teaching and Learning Strategies Chapter .docx
Brain-Based Innovative Teaching and Learning Strategies Chapter .docx
 
Brief Exercise 4-2Brisky Corporation had net sales of $2,400,000 a.docx
Brief Exercise 4-2Brisky Corporation had net sales of $2,400,000 a.docxBrief Exercise 4-2Brisky Corporation had net sales of $2,400,000 a.docx
Brief Exercise 4-2Brisky Corporation had net sales of $2,400,000 a.docx
 
Both Germany and Finland, among a large number of other nation state.docx
Both Germany and Finland, among a large number of other nation state.docxBoth Germany and Finland, among a large number of other nation state.docx
Both Germany and Finland, among a large number of other nation state.docx
 
Brief Exercise 5-2Koch Corporation’s adjusted trial balance contai.docx
Brief Exercise 5-2Koch Corporation’s adjusted trial balance contai.docxBrief Exercise 5-2Koch Corporation’s adjusted trial balance contai.docx
Brief Exercise 5-2Koch Corporation’s adjusted trial balance contai.docx
 
Brief Exercise 4-2Brisky Corporation had net sales of $2,400,000.docx
Brief Exercise 4-2Brisky Corporation had net sales of $2,400,000.docxBrief Exercise 4-2Brisky Corporation had net sales of $2,400,000.docx
Brief Exercise 4-2Brisky Corporation had net sales of $2,400,000.docx
 
Briefly describe how the following tools can be Applied to a psychol.docx
Briefly describe how the following tools can be Applied to a psychol.docxBriefly describe how the following tools can be Applied to a psychol.docx
Briefly describe how the following tools can be Applied to a psychol.docx
 
Branding ConceptsBranding is one of the marketing-orig.docx
Branding ConceptsBranding is one of the marketing-orig.docxBranding ConceptsBranding is one of the marketing-orig.docx
Branding ConceptsBranding is one of the marketing-orig.docx
 
Briefly discuss the key phases of the SDLC methodology.Discuss the.docx
Briefly discuss the key phases of the SDLC methodology.Discuss the.docxBriefly discuss the key phases of the SDLC methodology.Discuss the.docx
Briefly discuss the key phases of the SDLC methodology.Discuss the.docx
 
Briefly describe a time when you received a job description and fe.docx
Briefly describe a time when you received a job description and fe.docxBriefly describe a time when you received a job description and fe.docx
Briefly describe a time when you received a job description and fe.docx
 
Briefly discuss the meaning of the so-called social contract. In.docx
Briefly discuss the meaning of the so-called social contract. In.docxBriefly discuss the meaning of the so-called social contract. In.docx
Briefly discuss the meaning of the so-called social contract. In.docx
 

Recently uploaded

IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...PsychoTech Services
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 

Recently uploaded (20)

IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 

CompTIA Security+ Guide to Network Security Fundamentals

  • 1. SE/CIAMPA, CompTIA Security+ Guide to Network Security Fundamentals, 6th Edition ISBN-978-1-337-28878-1 ©20XX Designer: XXX Text & Cover printer: Quad Graphics Binding: PB Trim: 7.375 x 9.125" CMYK Security+ Guide to Network Security Fundam entals To register or access your online learning solution or purchase materials for your course, visit www.cengagebrain.com. Security+ Guide to Network Security Fundamentals INFORMATION SECURITY Sixth Edition Mark Ciampa Sixth Edition CIAMPA Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
  • 2. CompTIA Security+ SY0-501 Exam Objectives Security+ Exam Domain/Objectives Chapter Bloom’s Taxonomy 1.0: Threats, Attacks, and Vulnerabilities 1.1 Given a scenario, analyze indicators of compromise and determine the type of malware. 2 Analyze 1.2 Compare and contrast types of attacks. 2 3 5 8 11 15 Understand Analyze Understand Apply/Understand Create Apply 1.3 Explain threat actor types and attributes. 1 Analyze/Apply 1.4 Explain penetration testing concepts. 13 Apply 1.5 Explain vulnerability scanning concepts. 13 Apply 1.6 Explain the impact associated with types of vulnerabilities. 1 3 4
  • 3. 5 9 10 Understand Understand Understand Understand Understand Understand 2.0: Technologies and Tools 2.1 Install and configure network components, both hardware- and software-based, to support organizational security. 4 6 7 8 Apply Analyze Apply Analyze/Evaluate 2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization. 8 13 14 Evaluate
  • 4. Analyze/Evaluate Evaluate 2.3 Given a scenario, troubleshoot common security issues. 15 Analyze 2.4 Given a scenario, analyze and interpret output from security technologies. 6 7 9 Analyze Analyze Analyze 2.5 Given a scenario, deploy mobile devices securely. 8 10 11 Apply/Evaluate Analyze/Create Analyze 2.6 Given a scenario, implement secure protocols. 4 5 Apply Analyze 3.0: Architecture and Design 3.1 Explain use cases and purpose for frameworks, best practices and secure configuration guides. 1
  • 5. 15 Analyze Understand 3.2 Given a scenario, implement secure network architecture concepts. 6 7 8 13 Analyze Apply Apply/Evaluate Apply 88781_ifc_hr.indd 2 8/9/17 3:41 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Australia • Brazil • Mexico • Singapore • United Kingdom • United States INFORMATION SECURITY Mark Ciampa, Ph.D. Sixth Edition SECURITY+ GUIDE TO NETWORK SECURITY
  • 6. CompTIA ® FUNDAMENTALS 88781_fm_hr_i-xxvi.indd 1 8/16/17 7:00 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 © 2018, 2015 Cengage Learning Unless otherwise noted, all content is © Cengage. Security+ Guide to Network Security Fundamentals, Sixth Edition Mark Ciampa SVP, GM Skills: Jonathan Lau Product Team Manager: Kristin McNary Associate Product Manager: Amy Savino Executive Director of Development: Marah Bellegarde Senior Product Development Manager: Leigh Hefferon Senior Content Developer: Michelle
  • 7. Ruelos Cannistraci Product Assistant: Jake Toth Marketing Director: Michelle McTighe Production Director: Patty Stephan Senior Content Project Manager: Brooke Greenhouse Art Director: Diana Graham Cover image(s): iStockPhoto.com/ supernitram Printed in the United States of America Print Number: 01 Print Year: 2017 ALL RIGHTS RESERVED. No part of this work covered by the copy- right herein may be reproduced or distributed in any form or by any means, except as permitted by U.S. copyright law, without the prior written permission of the copyright owner. Library of Congress Control Number: 2017950178 ISBN: 978-1-337-28878-1 LLF ISBN: 978-1-337-68585-6 Notice to the Reader Publisher does not warrant or guarantee any of the products described herein or perform any independent analysis in connection with any of the product information contained herein. Publisher does not assume, and expressly disclaims, any
  • 8. obligation to obtain and include information other than that provided to it by the manufacturer. The reader is expressly warned to consider and adopt all safety precautions that might be indicated by the activities described herein and to avoid all potential hazards. By following the instructions contained herein, the reader willingly assumes all risks in connection with such instructions. The publisher makes no representations or warranties of any kind, including but not limited to, the warranties of fitness for particular purpose or merchantability, nor are any such representations implied with respect to the material set forth herein, and the publisher takes no responsibility with respect to such material. The publisher shall not be liable for any special, consequential, or exemplary damages resulting, in whole or part, from the readers’ use of, or reliance upon, this material. Cengage 20 Channel Center Street Boston, MA 02210 USA Cengage is a leading provider of customized learning solutions with employees residing in nearly 40 different countries and sales in more than 125 countries around the world. Find your local representative at www.cengage.com. Cengage products are represented in Canada by Nelson Education, Ltd. To learn more about Cengage platforms and services, visit www.cengage.com Purchase any of our products at your local college store or at
  • 9. our preferred online store www.cengagebrain.com For product information and technology assistance, contact us at Cengage Learning Customer & Sales Support, 1-800-354-9706. For permission to use material from this text or product, submit all requests online at www.cengage.com/permissions. Further permissions questions can be e-mailed to [email protected] Some of the product names and company names used in this book have been used for identification purposes only and may be trademarks or registered trademarks of their respective manufacturers and sellers. Windows® is a registered trademark of Microsoft Corporation. Microsoft.is registered trademark of Microsoft Corporation in the United States and/or other countries. Cengage is an independent entity from Microsoft Corporation and not affiliated with Microsoft in any manner. 88781_fm_hr_i-xxvi.indd 2 8/16/17 7:00 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Brief Contents INTRODUCTION.................................................................... .........................xv PART 1
  • 10. SECURITY AND ITS THREATS ..........................................................................1 CHAPTER 1 Introduction to Security ................................................................................3 CHAPTER 2 Malware and Social Engineering Attacks ................................................. 51 PART 2 CRYPTOGRAPHY .......................................................................................... 97 CHAPTER 3 Basic Cryptography ..................................................................................... 99 CHAPTER 4 Advanced Cryptography and PKI ............................................................ 145 PART 3 NETWORK ATTACKS AND DEFENSES ....................................................... 189 CHAPTER 5 Networking and Server Attacks
  • 11. .............................................................. 191 CHAPTER 6 Network Security Devices, Design, and Technology ............................. 233 CHAPTER 7 Administering a Secure Network ............................................................ 281 CHAPTER 8 Wireless Network Security ....................................................................... 321 PART 4 DEVICE SECURITY............................................................................. .......... 371 CHAPTER 9 Client and Application Security ............................................................... 373 iii 88781_fm_hr_i-xxvi.indd 3 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
  • 12. Brief Contents CHAPTER 10 Mobile and Embedded Device Security ...................................................421 PART 5 IDENTITY AND ACCESS MANAGEMENT ....................................................469 CHAPTER 11 Authentication and Account Management ............................................471 CHAPTER 12 Access Management ..................................................................................521 PART 6 RISK MANAGEMENT ...................................................................................563 CHAPTER 13 Vulnerability Assessment and Data Security .........................................565 CHAPTER 14
  • 13. Business Continuity ...................................................................................607 CHAPTER 15 Risk Mitigation ...........................................................................................65 1 APPENDIX A CompTIA SY0-501 Certification Exam Objectives ...................................691 GLOSSARY ............................................................................................... .......... 713 INDEX ............................................................................................... ..................741 iv 88781_fm_hr_i-xxvi.indd 4 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Table of Contents INTRODUCTION.................................................................... .......................................xv
  • 14. PART 1 SECURITY AND ITS THREATS ..................................................... 1 CHAPTER 1 Introduction to Security ........................................................... 3 Challenges of Securing Information .................................................................. 8 Today’s Security Attacks ....................................................................................8 Reasons for Successful Attacks ........................................................................12 Difficulties in Defending Against Attacks ....................................................... 14 What Is Information Security? .......................................................................... 17 Understanding Security ....................................................................................18 Defining Information Security .........................................................................18 Information Security Terminology ..................................................................21 Understanding the Importance of Information Security ................................ 24 Who Are the Threat Actors? .............................................................................. 28 Script Kiddies ............................................................................................... .... 29 Hactivists
  • 15. ............................................................................................... .......... 29 Nation State Actors ..........................................................................................30 Insiders ............................................................................................... .............30 Other Threat Actors ................................................................................. .........31 Defending Against Attacks ............................................................................... 32 Fundamental Security Principles .................................................................... 32 Frameworks and Reference Architectures ...................................................... 35 Chapter Summary .............................................................................................. 35 Key Terms ............................................................................................... ............ 37 Review Questions................................................................................ ............... 37 Case Projects ............................................................................................... ....... 46 CHAPTER 2 Malware and Social Engineering Attacks ............................. 51
  • 16. Attacks Using Malware ...................................................................................... 53 Circulation.............................................................................. .......................... 55 Infection ............................................................................................... ............ 61 v 88781_fm_hr_i-xxvi.indd 5 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Table of Contentsvi Concealment ............................................................................................... ..... 65 Payload Capabilities .........................................................................................66 Social Engineering Attacks ................................................................................ 73 Psychological Approaches ............................................................................... 74 Physical Procedures .........................................................................................80 Chapter Summary ..............................................................................................
  • 17. 82 Key Terms ............................................................................................... ............ 84 Review Questions .............................................................................................. 84 Case Projects ............................................................................................... ....... 92 PART 2 CRYPTOGRAPHY ...................................................................... 97 CHAPTER 3 Basic Cryptography ................................................................. 99 Defining Cryptography .................................................................................... 101 What Is Cryptography? ................................................................................... 101 Cryptography and Security ............................................................................ 105 Cryptography Constraints ...............................................................................107 Cryptographic Algorithms ............................................................................... 108 Hash Algorithms
  • 18. .............................................................................................1 10 Symmetric Cryptographic Algorithms ........................................................... 113 Asymmetric Cryptographic Algorithms ......................................................... 116 Cryptographic Attacks ..................................................................................... 123 Algorithm Attacks ........................................................................................... 123 Collision Attacks ............................................................................................. 125 Using Cryptography ......................................................................................... 126 Encryption through Software ......................................................................... 127 Hardware Encryption .....................................................................................128 Chapter Summary ............................................................................................ 130 Key Terms ............................................................................................... .......... 132 Review Questions................................................................................ ............. 133
  • 19. Case Projects ............................................................................................... ..... 142 CHAPTER 4 Advanced Cryptography and PKI ........................................ 145 Implementing Cryptography .......................................................................... 147 Key Strength ............................................................................................... .....147 Secret Algorithms ...........................................................................................14 8 88781_fm_hr_i-xxvi.indd 6 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Table of Contents vii Block Cipher Modes of Operation ................................................................. 149 Crypto Service Providers................................................................................ 150 Algorithm Input Values .................................................................................. 151
  • 20. Digital Certificates ........................................................................................... 152 Defining Digital Certificates ............................................................................ 152 Managing Digital Certificates .........................................................................154 Types of Digital Certificates ............................................................................158 Public Key Infrastructure (PKI) ....................................................................... 165 What Is Public Key Infrastructure (PKI)? ....................................................... 166 Trust Models ............................................................................................... ... 166 Managing PKI ............................................................................................... ...168 Key Management ............................................................................................ 171 Cryptographic Transport Protocols ............................................................... 174 Secure Sockets Layer (SSL) .............................................................................. 174 Transport Layer Security (TLS) ....................................................................... 175 Secure Shell (SSH) ...........................................................................................17 6 Hypertext Transport Protocol Secure (HTTPS) ...............................................176 Secure/Multipurpose Internet Mail Extensions (S/MIME)
  • 21. ............................ 177 Secure Real-time Transport Protocol (SRTP) .................................................. 177 IP Security (IPsec) ........................................................................................... 177 Chapter Summary ............................................................................................ 179 Key Terms ............................................................................................... .......... 181 Review Questions................................................................................ ............. 181 Case Projects ............................................................................................... ..... 187 PART 3 NETWORK ATTACKS AND DEFENSES .................................... 189 CHAPTER 5 Networking and Server Attacks .......................................... 191 Networking-Based Attacks ............................................................................. 193 Interception
  • 22. ............................................................................................... .....194 Poisoning ............................................................................................... ........ 196 Server Attacks ............................................................................................... ... 201 Denial of Service (DoS) ...................................................................................201 Web Server Application Attacks .................................................................... 203 Hijacking ............................................................................................... ......... 209 Overflow Attacks ............................................................................................ 213 Advertising Attacks ......................................................................................... 215 Browser Vulnerabilities .................................................................................. 218 Chapter Summary ............................................................................................ 222 88781_fm_hr_i-xxvi.indd 7 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
  • 23. Table of Contentsviii Key Terms ............................................................................................... .......... 223 Review Questions................................................................................ ............. 223 Case Projects ............................................................................................... ..... 229 CHAPTER 6 Network Security Devices, Design, and Technology ......... 233 Security Through Network Devices ............................................................... 235 Standard Network Devices ............................................................................ 236 Network Security Hardware .......................................................................... 246 Security Through Network Architecture ....................................................... 260 Security Zones .................................................................................... ........... 260 Network Segregation ..................................................................................... 263 Security Through Network Technologies ...................................................... 265
  • 24. Network Access Control (NAC) ...................................................................... 265 Data Loss Prevention (DLP)............................................................................ 267 Chapter Summary ............................................................................................ 269 Key Terms ............................................................................................... .......... 271 Review Questions................................................................................ ............. 271 Case Projects ............................................................................................... ..... 279 CHAPTER 7 Administering a Secure Network ........................................ 281 Secure Network Protocols .............................................................................. 283 Simple Network Management Protocol (SNMP) ........................................... 285 Domain Name System (DNS) ........................................................................ 286 File Transfer Protocol (FTP)............................................................................ 288 Secure Email Protocols .................................................................................. 290
  • 25. Using Secure Network Protocols ....................................................................291 Placement of Security Devices and Technologies ........................................ 292 Analyzing Security Data .................................................................................. 295 Data from Security Devices ........................................................................... 296 Data from Security Software ......................................................................... 297 Data from Security Tools ............................................................................... 298 Issues in Analyzing Security Data ................................................................. 298 Managing and Securing Network Platforms ................................................ 300 Virtualization ............................................................................................... ..300 Cloud Computing ........................................................................................... 304 Software Defined Network (SDN) .................................................................. 306 Chapter Summary ............................................................................................ 309 88781_fm_hr_i-xxvi.indd 8 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
  • 26. WCN 02-200-203 Table of Contents ix Key Terms ............................................................................................... .......... 310 Review Questions................................................................................ ............. 311 Case Projects .................................................................................... ........... ..... 318 CHAPTER 8 Wireless Network Security .................................................. 321 Wireless Attacks ............................................................................................... 324 Bluetooth Attacks................................................................................... ........ 324 Near Field Communication (NFC) Attacks .....................................................327 Radio Frequency Identification (RFID) Attacks ............................................. 330 Wireless Local Area Network Attacks .............................................................332
  • 27. Vulnerabilities of IEEE Wireless Security ....................................................... 341 Wired Equivalent Privacy .............................................................................. 342 Wi-Fi Protected Setup .................................................................................... 343 MAC Address Filtering ................................................................................... 344 SSID Broadcasting .......................................................................................... 345 Wireless Security Solution s ............................................................................ 346 Wi-Fi Protected Access (WPA) ....................................................................... 347 Wi-Fi Protected Access 2 (WPA2) ................................................................... 349 Additional Wireless Security Protections .......................................................352 Chapter Summary ............................................................................................ 356
  • 28. Key Terms ............................................................................................... .......... 359 Review Questions................................................................................ ............. 359 Case Projects ............................................................................................... ..... 368 PART 4 DEVICE SECURITY ................................................................... 371 CHAPTER 9 Client and Application Security ........................................... 373 Client Security ............................................................................................... ... 375
  • 29. Hardware System Security .............................................................................375 Securing the Operating System Software ...................................................... 379 Peripheral Device Security ............................................................................. 388 Physical Security .............................................................................................. 392 External Perimeter Defenses ......................................................................... 393 Internal Physical Access Security .................................................................. 395 Computer Hardware Security ....................................................................... 400 Application Security ......................................................................................... 401 Application Development Concepts .............................................................. 402 88781_fm_hr_i-xxvi.indd 9 8/16/17 7:01 PM
  • 30. Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Table of Contentsx Secure Coding Techniques .............................................................................404 Code Testing ............................................................................................... .... 405 Chapter Summary ............................................................................................ 406 Key Terms ............................................................................................... .......... 409 Review Questions................................................................................ ............. 410
  • 31. Case Projects ............................................................................................... ..... 417 CHAPTER 10 Mobile and Embedded Device Security .............................. 421 Mobile Device Types and Deployment .......................................................... 423 Types of Mobile Devices ................................................................................ 424 Mobile Device Risks ......................................................................................... 432 Mobile Device Vulnerabilities........................................................................ 432 Connection Vulnerabilities ............................................................................ 436 Accessing Untrusted Content ........................................................................ 436 Deployment Model Risks
  • 32. ............................................................................... 438 Securing Mobile Devices ................................................................................. 439 Device Configuration ..................................................................................... 439 Mobile Management Tools ............................................................................ 446 Mobile Device App Security .......................................................................... 448 Embedded Systems and the Internet of Things ........................................... 449 Embedded Systems................................................................................... ..... 449 Internet of Things ...........................................................................................45 1 Security Implications ..................................................................................... 452 Chapter Summary ............................................................................................ 455
  • 33. Key Terms ............................................................................................... .......... 457 Review Questions................................................................................ ............. 457 Case Projects ............................................................................................... ..... 465 PART 5 IDENTITY AND ACCESS MANAGEMENT ................................ 469 CHAPTER 11 Authentication and Account Management ....................... 471 Authentication Credentials ............................................................................ 473 What You Know: Passwords
  • 34. .......................................................................... 475 What You Have: Tokens, Cards, and Cell Phones .......................................... 489 What You Are: Biometrics ............................................................................. 492 What You Do: Behavioral Biometrics ............................................................ 498 88781_fm_hr_i-xxvi.indd 10 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Table of Contents xi Where You Are: Geolocation ......................................................................... 499 Single Sign-on ............................................................................................... .... 500
  • 35. Account Management ..................................................................................... 502 Chapter Summary ............................................................................................ 505 Key Terms ............................................................................................... ........... 506 Review Questions............................................................ .................... ............. 507 Case Projects ............................................................................................... ..... 517 CHAPTER 12 Access Management ............................................................. 521 What Is Access Control? .................................................................................. 523
  • 36. Access Control Terminology .......................................................................... 524 Access Control Models ....................................................................................527 Managing Access Through Account Management....................................... 533 Account Setup .................................................................................... ........... ..533 Account Auditing ........................................................................................... 539 Best Practices for Access Control ................................................................... 540 Separation of Duties ...................................................................................... 540 Job Rotation ............................................................................................... .... 540 Mandatory Vacations................................................................................ ......541
  • 37. Clean Desk Policy ............................................................................................5 41 Implementing Access Control ........................................................................ 542 Access Control Lists (ACLs) ............................................................................ 542 Group-Based Access Control ......................................................................... 543 Identity and Access Services .......................................................................... 544 RADIUS ............................................................................................... ............ 545 Kerberos ............................................................................................... .......... 547 Terminal Access Control Access Control System+ (TACACS+) ...................... 548 Lightweight Directory Access Protocol (LDAP) .............................................. 549 Security Assertion Markup Language (SAML) ............................................... 550
  • 38. Authentication Framework Protocols ............................................................ 551 Chapter Summary ............................................................................................ 552 Key Terms ............................................................................................... .......... 554 Review Questions................................................................................ ............. 554 Case Projects ............................................................................................... ..... 561 88781_fm_hr_i-xxvi.indd 11 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
  • 39. Table of Contentsxii PART 6 RISK MANAGEMENT .............................................................. 563 CHAPTER 13 Vulnerability Assessment and Data Security .................... 565 Assessing the Security Posture ...................................................................... 567 What Is Vulnerability Assessment? ............................................................... 567 Vulnerability Assessment Tools .....................................................................573 Vulnerability Scanning .................................................................................... 584 Penetration Testing .........................................................................................
  • 40. 586 Practicing Data Privacy and Security ............................................................. 588 What Is Privacy? ............................................................................................. 589 Risks Associated with Private Data ............................................................... 590 Maintaining Data Privacy and Security ......................................................... 592 Chapter Summary ............................................................................................ 596 Key Terms ............................................................................................... .......... 598 Review Questions................................................................................ ............. 598 Case Projects
  • 41. ............................................................................................... ..... 604 CHAPTER 14 Business Continuity .............................................................. 607 What Is Business Continuity? ......................................................................... 609 Business Continuity Planning (BCP) .............................................................609 Business Impact Analysis (BIA) ...................................................................... 611 Disaster Recovery Plan (DRP) .........................................................................612 Fault Tolerance Through Redundancy .......................................................... 615 Servers ............................................................................................... ............ 616 Storage ............................................................................................... .............617
  • 42. Networks ............................................................................................... ..........621 Power ............................................................................................... .............. 622 Recovery Sites ............................................................................................... . 622 Data ............................................................................................... ................. 623 Environmental Controls .................................................................................. 628 Fire Suppression ............................................................................................ 628 Electromagnetic Disruption Protection ..........................................................631 HVAC ............................................................................................... ................631 Incident Response
  • 43. ........................................................................................... 633 What Is Forensics? ......................................................................................... 633 88781_fm_hr_i-xxvi.indd 12 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Table of Contents xiii Incident Response Plan ................................................................................. 633 Forensics Procedures ..................................................................................... 634 Chapter Summary ............................................................................................ 640
  • 44. Key Terms ............................................................................................... .......... 642 Review Questions................................................................................ ............. 643 Case Projects ............................................................................................. .. ..... 649 CHAPTER 15 Risk Mitigation ...................................................................... 651 Managing Risk ............................................................................................... ... 653 Threat Assessment ........................................................................................ 654 Risk Assessment ............................................................................................ 656
  • 45. Strategies for Reducing Risk ........................................................................... 664 Using Control Types...................................................................................... . 664 Distributing Allocation ..................................................................................666 Implementing Technology ............................................................................666 Practices for Reducing Risk............................................................................. 668 Security Policies ............................................................................................. 669 Awareness and Training ................................................................................ 675 Agreements ............................................................................................... ..... 677 Personnel Management ................................................................................. 679 Troubleshooting Common Security Issues
  • 46. ................................................... 679 Chapter Summary ............................................................................................ 680 Key Terms ............................................................................................... .......... 682 Review Questions................................................................................ ............. 682 Case Projects ............................................................................................... ..... 688 APPENDIX A CompTIA SY0-501 Certification Exam Objectives .............. 691 GLOSSARY ...............................................................................................
  • 47. .......... 713 INDEX ............................................................................................... .................. 741 88781_fm_hr_i-xxvi.indd 13 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 88781_fm_hr_i-xxvi.indd 14 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 The number one concern of computer professionals today continues to be information security, and with good reason. Consider the
  • 48. evidence: over 1.5 billion Yahoo user accounts were compromised in just two separate attacks.1 A ransom of $1 million dollars was paid to unlock files that had been encrypted by ransomware.2 A global payment sys- tem used to transfer money between countries was compromised by attackers who stole $81 billion from the central bank of Bangladesh.3 It is estimated that global spending on products and services to prevent these attacks will exceed $1 trillion cumulatively between 2017 and 2021. But despite the huge sum spent on protection, cybercrime will still cost businesses over $6 trillion by 2021.4 As attacks continue to escalate, the need for trained security per- sonnel also increases. It is estimated that there are currentl y over 1.5 million unfilled security jobs worldwide and this will grow by 20
  • 49. percent to 1.8 million by the year 2022.5 According to the U.S. Bureau of Labor Statistics (BLS) “Occupational Outlook Handbook,” the job out- look for information security analysts through 2024 is expected to grow by 18 percent, faster than the average growth rate.6 To verify security competency, most organizations use the Comput- ing Technology Industry Association (CompTIA) Security+ certification, a vendor-neutral credential. Security+ is one of the most widely recog- nized security certifications and has become the security foundation for today’s IT professionals. It is internationally recognized as validat- ing a foundation level of security skills and knowledge. A successful Security+ candidate has the knowledge and skills required to identify threats, attacks and vulnerabilities; use security technologies and tools; understand security architecture and design; perform identity
  • 50. and access management; know about risk management; and use cryptography. Security+ Guide to Network Security Fundamentals, Sixth Edition is designed to equip learners with the knowledge and skills needed to be information security professionals. Yet it is more than an “exam prep” book. While teaching the fundamentals of information security by using the CompTIA Security+ exam objectives as its framework, it takes a comprehensive view of security by examining in-depth the attacks against networks and computer systems and the necessary defense mechanisms. Security+ Guide to Network Security Fundamen- tals, Sixth Edition is a valuable tool for those who want to learn about security and who desire to enter the field of information security. It also provides the foundation that will help prepare for the
  • 51. CompTIA Security+ certification exam. xv INTRODUCTION 88781_fm_hr_i-xxvi.indd 15 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Introductionxvi Intended Audience This book is designed to meet the needs of students and professionals who want to master basic information security. A fundamental knowledge of computers and net- works is all that is required to use this book. Those seeking to pass the CompTIA Secu- rity+ certification exam will find the text’s approach and
  • 52. content especially helpful; all Security+ SY0-501 exam objectives are covered in the text (see Appendix A). Security+ Guide to Network Security Fundamentals, Sixth Edition covers all aspects of network and computer security while satisfying the Security+ objectives. The book’s pedagogical features are designed to provide a truly interactive learning experience to help prepare you for the challenges of network and computer security. In addition to the information presented in the text, each chapter includes Hands-On Projects that guide you through implementing practical hardware, software, network, and Internet security configurations step by step. Each chapter also contains case stud- ies that place you in the role of problem solver, requiring you to apply concepts pre- sented in the chapter to achieve successful solutions. Chapter Descriptions Here is a summary of the topics covered in each chapter of this book:
  • 53. Chapter 1, “Introduction to Security,” introduces the network security fundamen- tals that form the basis of the Security+ certification. It begins by examining the cur- rent challenges in computer security and why security is so difficult to achieve. It then defines information security in detail and explores why it is important. Finally, the chapter looks at the fundamental attacks, including who is responsible for them, and defenses. Chapter 2, “Malware and Social Engineering Attacks,” examines attacks that use different types of malware, such as viruses, worms, Trojans, and botnets. It also looks at the different types of social engineering attacks. Chapter 3, “Basic Cryptography,” explores how encryption can be used to protect data. It covers what cryptography is and how it can be used for protection, and then examines how to protect data using three common types of encryption algorithms: hashing, symmetric encryption, and asymmetric encryption. It
  • 54. also covers how to use cryptography on files and disks to keep data secure. Chapter 4, “Advanced Cryptography and PKI,” examines how to implement cryp- tography and use digital certificates. It also looks at public key infrastructure and key management. This chapter covers different transport cryptographic algorithms to see how cryptography is used on data that is being transported. Chapter 5, “Networking and Server Attacks,” explores the different attacks that are directed at enterprises. It includes networking-based attacks as well as server attacks. 88781_fm_hr_i-xxvi.indd 16 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
  • 55. Introduction xvii Chapter 6, “Network Security Devices, Design, and Technology,” examines how to protect networks through standard network devices and network security hard- ware. It also covers implementing security through network architectures and network technologies. Chapter 7, “Administering a Secure Network,” looks at the techniques for admin- istering a network. This includes understanding common network protocols and the proper placement of security devices and technologies. It also looks at analyzing secu- rity data and securing network platforms such as virtualization, cloud computing, and software defined networks. Chapter 8, “Wireless Network Security,” investigates the attacks on wireless devices that are common today and explores different wireless security mechanisms that have proven to be vulnerable. It also covers several secure
  • 56. wireless protections. Chapter 9, “Client and Application Security,” examines securing the client through hardware and peripherals through hardware and the operating system. It also looks at physical security to create external perimeter defenses and internal physical access security. This chapter also covers application security vulnerabilities and the development of secure apps. Chapter 10, “Mobile and Embedded Device Security,” looks at the different types of mobile devices and the risks associated with these devices. It also explores how to secure these devices and the applications running on them. Finally, it examines how embedded systems and the Internet of Things devices can be secured. Chapter 11, “Authentication and Account Management,” looks at authentication and the secure management of user accounts to enforce authentication. It covers the
  • 57. different types of authentication credentials that can be used to verify a user’s identity and how a single sign-on might be used. It also examines the techniques and technol- ogy used to manage user accounts in a secure fashion. Chapter 12, “Access Management,” introduces the principles and practices of access control by examining access control terminolo gy, the standard control mod- els, and managing access through account management. It also covers best practices, implementing access control, and identity and access services. Chapter 13, “Vulnerability Assessment and Data Security,” explains what vulner- ability assessment is and examines the tools and techniques associated with it. It also explores the differences between vulnerability scanning and penetration testing. The chapter concludes with an examination of data privacy. Chapter 14, “Business Continuity,” covers the importance of keeping business processes and communications operating normally in the face of
  • 58. threats and disrup- tions. It explores business continuity, fault tolerance, environmental controls, and inci- dent response. Chapter 15, “Risk Mitigation,” looks at how organizations can establish and main- tain security in the face of risk. It defines risk and the strategies to control it. This chap- ter also covers practices for reducing risk and troubleshooting common security issues. 88781_fm_hr_i-xxvi.indd 17 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Introductionxviii Appendix A, “CompTIA SY0-501 Certification Examination Objectives,” provides a complete listing of the latest CompTIA Security+ certification
  • 59. exam objectives and shows the chapters and headings in the book that cover material associated with each objective, as well as the Bloom’s Taxonomy level of that coverage. Features To aid you in fully understanding computer and network security, this book includes many features designed to enhance your learning experience. • Maps to CompTIA Objectives. The material in this text covers all the CompTIA Security+ SY0-501 exam objectives. • Chapter Objectives. Each chapter begins with a detailed list of the concepts to be mastered in that chapter. This list provides you with both a quick reference to the chapter’s contents and a useful study aid. • Today’s Attacks and Defenses. Each chapter opens with a vignette of an actual security attack or defense mechanism that helps to introduce the material covered
  • 60. in that chapter. • Illustrations and Tables. Numerous illustrations of security vulnerabilities, attacks, and defenses help you visualize security elements, theories, and concepts. In addition, the many tables provide details and comparisons of practical and theoretical information. • Chapter Summaries. Each chapter’s text is followed by a summary of the concepts introduced in that chapter. These summaries provide a helpful way to review the ideas covered in each chapter. • Key Terms. All the terms in each chapter that were introduced with bold text are gathered in a Key Terms list, providing additional review and highlighting key con- cepts. Key Term definitions are included in the Glossary at the end of the text. • Review Questions. The end-of-chapter assessment begins with a set of review
  • 61. questions that reinforce the ideas introduced in each chapter. These questions help you evaluate and apply the material you have learned. Answering these questions will ensure that you have mastered the important concepts and provide valuable practice for taking CompTIA’s Security+ exam. • Hands-On Projects. Although it is important to understand the theory behind network security, nothing can improve on real-world experience. To this end, each chapter provides several Hands-On Projects aimed at providing you with practical security software and hardware implementation experience. These proj- ects use the Windows 10 operating system, as well as software downloaded from the Internet. • Case Projects. Located at the end of each chapter are several Case Projects. In these extensive exercises, you implement the skills and knowledge gained in the chapter through real design and implementation scenarios.
  • 62. 88781_fm_hr_i-xxvi.indd 18 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Introduction xix New to This Edition • Maps fully to the latest CompTIA Security+ exam SY0-501 • Completely revised and updated with expanded coverage on attacks and defenses • New chapter units: Security and Its Threats, Cryptography, Network Attacks and Defenses, Device Security, Identity and Access Management, and Risk Management • Earlier coverage of cryptography and advanced cryptography • All new “Today’s Attacks and Defenses” opener in each chapter • New and updated Hands-On Projects in each chapter covering some of the latest
  • 63. security software • More Case Projects in each chapter • Expanded Information Security Community Site activity in each chapter allows learners to interact with other learners and security professionals from around the world • All SY0-501 exam topics fully defined • Linking of each exam sub-domain to Bloom’s Taxonomy (see Appendix A) Text and Graphic Conventions Wherever appropriate, additional information and exercises have been added to this book to help you better understand the topic at hand. Icons throughout the text alert you to additional materials. The following icons are0 used in this textbook: The Note icon draws your attention to additional helpful material related to the subject being described.
  • 64. Tips based on the author’s experience provide extra informa- tion about how to attack a problem or what to do in real -world situations. The Caution icons warn you about potential mistakes or prob- lems, and explain how to avoid them. Hands-On Projects help you understand the theory behind network security with activities using the latest security software and hardware. The Case Projects icon marks Case Projects, which are scenario- based assignments. In these extensive case examples, you are asked to implement independently what you have learned. Certification icons indicate CompTIA Security+ objectives covered under major chapter headings. Hands-On Projects Case Projects
  • 65. Certification Note Tip Caution 88781_fm_hr_i-xxvi.indd 19 8/16/17 7:01 PM Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203 Introductionxx Instructor’s Materials Everything you need for your course in one place. This collection of book-specific lecture and class tools is available online. Please visit login.cengage.com and log in to access instructor-specific resources on the Instructor
  • 66. Companion Site, which includes the Instructor’s Manual,