Security+ Guide to Network Security Fundamentals

ISBN-10: 1428340661

ISBN-13: 9781428340664

Authors: Mark Ciampa, Mark D. Ciampa

List price: $204.95

Used: $8.11

FREE return shipping at the end of the semester -

Description:

Now in its third edition, the best-selling Security+ Guide to Network Security Fundamentals provides the most up-to-date industry information, reflecting the changes in security that have occurred since the most recent CompTIA Security+ objectives were created. The book covers all of the new CompTIA Security+ 2008 exam objectives and maps to the new Security+ 2008 exam. This updated edition features many all-new topics, including topics new to the CompTIA exams like cross site scripting, SQL injection, rootkits, and virtualization, as well as topics of increasing importance in the industry as a whole, like the latest breeds of attackers, Wi-Fi Protected Access 2, and Microsoft Windows Vista…

Author bio:

Mark Ciampa is an Assistant Professor of Computer Information Systems at Western Kentucky University in Bowling Green, Kentucky and is a PhD student at Indiana State University in Digital Communications. Prior to this he was an Associate Professor and the Director of Academic Computing at Volunteer State Community College in Gallatin, Tennessee. Mark has worked in the IT industry as a computer consultant for the U.S. Postal Service, the Tennessee Municipal Technical Advisory Service, and the University of Tennessee, and has taught in higher education for over 25 years. He is the author of several Course Technology books, including Security Awareness: Applying Practical Security In Your…

Customers also bought

Product details

Binding: Paperback Publisher: Course Technology Number of pages: 592 Dimensions: 7.50" wide x 9.25" long x 1.00" tall Weight: 2.508 lbs. Language: English




Introduction to Security



Challenges of Securing Information



Today+s security attacks



Difficulties in defending against attacks



What Is Information Security?



Defining information security



Information security terminology



Understanding the importance of information security



Preventing data theft



Thwarting Identity Theft



Avoiding legal consequences



Maintaining Productivity



Foiling Cyberterrorism



Who Are the Attackers?



Hackers



Script Kiddies



Spies



Employees



Cybercriminals



Cyberterrorists



Attacks and Defenses



Steps of an attack



Defenses against attacks



Layering



Limiting



Diversity



Obscurity



Simplicity



Surveying Information Security Careers and the CompTIA Security+ Certification









System Threats and Risks



Software-Based Attacks {1.1)



Infecting Malware



Viruses (1.1)



Worms (1.1)



Concealing Malware



Trojan Horses (1.1)



Rootkits (1.1)



Logic Bombs (1.1)



Privilege escalation (1.1)



Profiting Malware



Spam (1.1)



Spyware (1.1)



Adware (1.1)



Keyloggers



Botnets (1.1)



Hardware Attacks {1.2}



BIOS (1.2)



USB devices (1.2)



Removable storage (1.2)



Network attached storage (1.2)



Cell phones (1.2)



Attacks on Virtualized Systems (1.6)



What is virtualization?



Attacks on virtual systems



Protecting Systems



Hardening the Operating System {1.3}



Managing operating system updates



Hot fixes (1.3)



Service packs (1.3)



Patches (1.3)



Patch management techniques (1.3)



Protecting the operating system through procedures



Group policies (1.3)



Security templates (1.3)



Configuration baselines (1.3)



Managing Application Security



Protecting the web browser (1.4)



ActiveX (1.4)



Java (1.4)



Scripting (1.4)



Cookies (1.4)



Input validation (1.4)



Cross-site scripting (1.4)



Protecting communication applications



Buffer overflows (1.4)



SMTP open relays (1.4)



Instant messaging (1.4)



P2P (1.4)



Applying System Security Applications



Host Intrusion Detection Systems (HIDS) (1.5)



Personal software firewalls (1.5)



Antivirus (1.5) iv. Anti-Spam (1.5) v. Popup blockers (1.5) NETWORK SECURITY



Network Vulnerabilities and Attacks



Liabilities in Networks



Media Liabilities



Vampire taps (2.6)



Cable placement



Wireless Network Liabilities



Data emanation (2.7)



SSID broadcast (2.7)



Weak encryption (2.7)



Attacks on Networks



Protocol-based attacks {2.1}



Antiquated protocols (2.1)



DNS poisoning (2.1)



ARP Poisoning (2.1)



Impersonation attacks



TCP/IP hijacking (2.1)



Spoofing (2.1)



Man in the middle (2.1)



Replay (2.1)



Wireless attacks



War driving (2.7)



Blue jacking (2.7)



Blue snarfing (2.7)



Rogue access points (2.7) iv. Other attacks {2.1}



Null sessions (2.1)



DOS (2.1)



DDOS (2.1)



Kiting (2.1)



Network Defenses



Creating a Secure Network



Security through network technologies



Network Address Translation (NAT) (2.2)



Network Access Control (NAC) (2.2)



Security through network design



Demilitarized zones (DMZ) (2.2)



Virtual LAN (VLAN) (2.2)



Virtual private network



Subnetting (2.2)



Network interconnections (2.2)



Convergence [? CompTIA has +Telephony+] (2.2)



Network Device Vulnerabilities {2.5}



Privilege escalation (2.5)



Weak passwords (2.5)



Back doors (2.5)



Def

Security+ Guide to Network Security Fundamentals

Description:

Author bio:

Customers also bought

Product details

Table of contents