Download to read offline
![This article was downloaded by: [George Mason University]
On: 27 December 2014, At: 22:32
Publisher: Routledge
Informa Ltd Registered in England and Wales Registered Number: 1072954
Registered office: Mortimer House, 37-41 Mortimer Street, London W1T 3JH, UK
Journal of Information Privacy and
Security
Publication details, including instructions for authors and
subscription information:
http://www.tandfonline.com/loi/uips20
Principles of Computer Security:
CompTIA Security+™
Adolfo S. Coronado
a
a
Indiana University – Purdue University Fort Wayne
Published online: 07 Jul 2014.
To cite this article: Adolfo S. Coronado (2013) Principles of Computer Security:
CompTIA Security+™, Journal of Information Privacy and Security, 9:1, 70-72, DOI:
10.1080/15536548.2013.10845674
To link to this article: http://dx.doi.org/10.1080/15536548.2013.10845674
PLEASE SCROLL DOWN FOR ARTICLE
Taylor & Francis makes every effort to ensure the accuracy of all the information (the
“Content”) contained in the publications on our platform. However, Taylor & Francis,
our agents, and our licensors make no representations or warranties whatsoever
as to the accuracy, completeness, or suitability for any purpose of the Content. Any
opinions and views expressed in this publication are the opinions and views of the
authors, and are not the views of or endorsed by Taylor & Francis. The accuracy of the
Content should not be relied upon and should be independently verified with primary
sources of information. Taylor and Francis shall not be liable for any losses, actions,
claims, proceedings, demands, costs, expenses, damages, and other liabilities
whatsoever or howsoever caused arising directly or indirectly in connection with, in
relation to or arising out of the use of the Content.
This article may be used for research, teaching, and private study purposes. Any
substantial or systematic reproduction, redistribution, reselling, loan, sub-licensing,
systematic supply, or distribution in any form to anyone is expressly forbidden. Terms
& Conditions of access and use can be found at http://www.tandfonline.com/page/
terms-and-conditions](https://image.slidesharecdn.com/principlesofcomputersecuritycomptiasecurity-190718132539/75/Principles-of-computer-security-comptia-security-1-2048.jpg)
![Book Review
Book Review
Principles of Computer Security: CompTIA Security+TM and
Beyond
WM. Arthur Conklin and Gregory White
McGraw Hill
ISBN: 978-0-07-178619-5
Reviewed by Adolfo S. Coronado, Indiana University - Purdue University Fort
Wayne
coronado@ipfw.edu
Introduction
Principles of Computer Security is aimed for students preparing for the Comp'TlA
Security-rP' certification (Exam SYO-301). The book is structured to cover the
objectives of the Securityf-P' certification; therefore, the chapters are linked to a
specific topic in the objective map put forward by CompTiA. As such, this book is
aimed to cover a wide variety oftopics, rather than going in depth in any given topic.
The book consists of 25 chapters, two appendices, and an accompanying CD. The
chapters are not following any specific order, other than assuring the topics covered
are comprehensive and sufficient to prepare for the certification exam. Appendix A
puts forward an objective map that links the chapters covered in the book with the
objectives of the Security+ exam. Appendix B explains the contents of the
accompanying CD. The CD includes access to online training, expert-led instruction,
step-by-step training, simulation exercises, test preparation tools for taking the
certification exam, and electronic version ofthe book.
Wm. Arthur Conklin, a co-author of this book, is an assistant professor in the College
of Technology at the University of Houston. Gregory White, also a co-author of this
book, is the Director for the Center for Infrastructure Assurance and Security and is an
associate professor of computer science at The University of Texas at San Antonio.
Organization, Strengths, and Weaknesses
As previously mentioned, the book does not follow a specific order in addressing the
six main topics necessary to understand before taking the certification exam. Rather,
the approach ofthe authors is to outline these topics and subtopics in Appendix A and
then list the chapters that address each of these areas. The six main topics are the
following:
70
Downloadedby[GeorgeMasonUniversity]at22:3227December2014](https://image.slidesharecdn.com/principlesofcomputersecuritycomptiasecurity-190718132539/75/Principles-of-computer-security-comptia-security-2-2048.jpg)
![Book Review
Topic I: Network Security
Topic 2: Compliance and Operational Security. Chapters
Topic 3: Threats and Vulnerabilities
Topic 4: Application, Data and Host Security
Topic 5: Access Control and Identity Management
Topic 6: Cryptography
All of these topics are covered at a basic level of detail; the broad array of topics
prevents any in-depth discussion of any specific topic. As such, this book is not
designed to become an expert in all computer security areas. This is aligned with the
fact that Security+TM is an entry level security certification.
A strength of this book is the broad set of concepts in information security. It is
important to note that the book is not technology dependent, in other words, it is not
based in Windows or MacOS platforms for example. This characteristic is important
because the conceptual understanding of computer security makes it easy for the
reader to apply the acquired knowledge to diverse systems and platforms.
An additional strength of this book is the attention devoted to the different standards,
protocols, technologies, and concepts that are part ofthe daily vocabulary of computer
security experts. In this capacity, each chapter lists key terms and a key terms quiz.
Also, at the end of each chapter you can find multiple-choice questions, essay
questions, and lab projects that reinforce the concepts presented in the chapter.
The electronic resources made available to the reader in the accompanying CD is an
important component of the book. The videos and other multimedia resources offered
in the CD offer a different presentation ofthe material in a different format.
As previously mentioned, a weakness is the lack of any in-depth discussion of any
topic in specific. However, this is expected for a book designed to prepare students to
take a Security+TM exam. Another weakness worth noting is the rather simple and
shallow end-of-chapter lab projects. In this capacity, however, the authors also made
available a lab manual that could be used in conjunction with this book and reinforce
the practical aspect of computer security.
Another shortcoming of the present book is the lack of any logical presentation of the
material, at least the lack of any explicit explanation on which chapters to read first.
This is in part due to the lack of any transition or "flow" from chapter to chapter.
Summary
In general, the book is well suited for individuals preparing to take the Securityf-I'"
exam or those looking to obtain a broad understanding of computer security. The
presentation ofthe material in multiple formats (text and the multimedia CD) provides
options for different learning styles. Also, the optional accompanying lab manual
71
Downloadedby[GeorgeMasonUniversity]at22:3227December2014](https://image.slidesharecdn.com/principlesofcomputersecuritycomptiasecurity-190718132539/75/Principles-of-computer-security-comptia-security-3-2048.jpg)
![Book Review
offers a significant value added to this book. In addition to the aforementioned
strengths, the book also offers valuable tech and exam tips on each chapter, making it
clear to the reader what to expect in the exam and the real world application of
computer security.
Adolfo S. Coronado is an Assistant Professor in the Department of Computer
Science, Indiana University - Purdue University Fort Wayne. His Research interests
include IT Privacy and IT Security.
72
Downloadedby[GeorgeMasonUniversity]at22:3227December2014](https://image.slidesharecdn.com/principlesofcomputersecuritycomptiasecurity-190718132539/75/Principles-of-computer-security-comptia-security-4-2048.jpg)
Principles of computer security comptia security
- 1. This article wasdownloaded by: [George Mason University] On: 27 December 2014, At: 22:32 Publisher: Routledge Informa Ltd Registered in England and Wales Registered Number: 1072954 Registered office: Mortimer House, 37-41 Mortimer Street, London W1T 3JH, UK Journal of Information Privacy and Security Publication details, including instructions for authors and subscription information: http://www.tandfonline.com/loi/uips20 Principles of Computer Security: CompTIA Security+™ Adolfo S. Coronado a a Indiana University – Purdue University Fort Wayne Published online: 07 Jul 2014. To cite this article: Adolfo S. Coronado (2013) Principles of Computer Security: CompTIA Security+™, Journal of Information Privacy and Security, 9:1, 70-72, DOI: 10.1080/15536548.2013.10845674 To link to this article: http://dx.doi.org/10.1080/15536548.2013.10845674 PLEASE SCROLL DOWN FOR ARTICLE Taylor & Francis makes every effort to ensure the accuracy of all the information (the “Content”) contained in the publications on our platform. However, Taylor & Francis, our agents, and our licensors make no representations or warranties whatsoever as to the accuracy, completeness, or suitability for any purpose of the Content. Any opinions and views expressed in this publication are the opinions and views of the authors, and are not the views of or endorsed by Taylor & Francis. The accuracy of the Content should not be relied upon and should be independently verified with primary sources of information. Taylor and Francis shall not be liable for any losses, actions, claims, proceedings, demands, costs, expenses, damages, and other liabilities whatsoever or howsoever caused arising directly or indirectly in connection with, in relation to or arising out of the use of the Content. This article may be used for research, teaching, and private study purposes. Any substantial or systematic reproduction, redistribution, reselling, loan, sub-licensing, systematic supply, or distribution in any form to anyone is expressly forbidden. Terms & Conditions of access and use can be found at http://www.tandfonline.com/page/ terms-and-conditions
- 2. Book Review Book Review Principlesof Computer Security: CompTIA Security+TM and Beyond WM. Arthur Conklin and Gregory White McGraw Hill ISBN: 978-0-07-178619-5 Reviewed by Adolfo S. Coronado, Indiana University - Purdue University Fort Wayne coronado@ipfw.edu Introduction Principles of Computer Security is aimed for students preparing for the Comp'TlA Security-rP' certification (Exam SYO-301). The book is structured to cover the objectives of the Securityf-P' certification; therefore, the chapters are linked to a specific topic in the objective map put forward by CompTiA. As such, this book is aimed to cover a wide variety oftopics, rather than going in depth in any given topic. The book consists of 25 chapters, two appendices, and an accompanying CD. The chapters are not following any specific order, other than assuring the topics covered are comprehensive and sufficient to prepare for the certification exam. Appendix A puts forward an objective map that links the chapters covered in the book with the objectives of the Security+ exam. Appendix B explains the contents of the accompanying CD. The CD includes access to online training, expert-led instruction, step-by-step training, simulation exercises, test preparation tools for taking the certification exam, and electronic version ofthe book. Wm. Arthur Conklin, a co-author of this book, is an assistant professor in the College of Technology at the University of Houston. Gregory White, also a co-author of this book, is the Director for the Center for Infrastructure Assurance and Security and is an associate professor of computer science at The University of Texas at San Antonio. Organization, Strengths, and Weaknesses As previously mentioned, the book does not follow a specific order in addressing the six main topics necessary to understand before taking the certification exam. Rather, the approach ofthe authors is to outline these topics and subtopics in Appendix A and then list the chapters that address each of these areas. The six main topics are the following: 70 Downloadedby[GeorgeMasonUniversity]at22:3227December2014
- 3. Book Review Topic I:Network Security Topic 2: Compliance and Operational Security. Chapters Topic 3: Threats and Vulnerabilities Topic 4: Application, Data and Host Security Topic 5: Access Control and Identity Management Topic 6: Cryptography All of these topics are covered at a basic level of detail; the broad array of topics prevents any in-depth discussion of any specific topic. As such, this book is not designed to become an expert in all computer security areas. This is aligned with the fact that Security+TM is an entry level security certification. A strength of this book is the broad set of concepts in information security. It is important to note that the book is not technology dependent, in other words, it is not based in Windows or MacOS platforms for example. This characteristic is important because the conceptual understanding of computer security makes it easy for the reader to apply the acquired knowledge to diverse systems and platforms. An additional strength of this book is the attention devoted to the different standards, protocols, technologies, and concepts that are part ofthe daily vocabulary of computer security experts. In this capacity, each chapter lists key terms and a key terms quiz. Also, at the end of each chapter you can find multiple-choice questions, essay questions, and lab projects that reinforce the concepts presented in the chapter. The electronic resources made available to the reader in the accompanying CD is an important component of the book. The videos and other multimedia resources offered in the CD offer a different presentation ofthe material in a different format. As previously mentioned, a weakness is the lack of any in-depth discussion of any topic in specific. However, this is expected for a book designed to prepare students to take a Security+TM exam. Another weakness worth noting is the rather simple and shallow end-of-chapter lab projects. In this capacity, however, the authors also made available a lab manual that could be used in conjunction with this book and reinforce the practical aspect of computer security. Another shortcoming of the present book is the lack of any logical presentation of the material, at least the lack of any explicit explanation on which chapters to read first. This is in part due to the lack of any transition or "flow" from chapter to chapter. Summary In general, the book is well suited for individuals preparing to take the Securityf-I'" exam or those looking to obtain a broad understanding of computer security. The presentation ofthe material in multiple formats (text and the multimedia CD) provides options for different learning styles. Also, the optional accompanying lab manual 71 Downloadedby[GeorgeMasonUniversity]at22:3227December2014
- 4. Book Review offers asignificant value added to this book. In addition to the aforementioned strengths, the book also offers valuable tech and exam tips on each chapter, making it clear to the reader what to expect in the exam and the real world application of computer security. Adolfo S. Coronado is an Assistant Professor in the Department of Computer Science, Indiana University - Purdue University Fort Wayne. His Research interests include IT Privacy and IT Security. 72 Downloadedby[GeorgeMasonUniversity]at22:3227December2014