Atnaujinkite slapukų nuostatas

CompTIA Securityplus All-in-One Exam Guide, Fifth Edition (Exam SY0-501) 5th edition [Kietas viršelis]

4.08/5 (138 ratings by Goodreads)
, , , ,
  • Formatas: Hardback, weight: 1232 g, Illustrations
  • Išleidimo metai: 20-Jan-2018
  • Leidėjas: McGraw-Hill Education
  • ISBN-10: 1260019322
  • ISBN-13: 9781260019322
Kitos knygos pagal šią temą:
CompTIA Securityplus All-in-One Exam Guide, Fifth Edition (Exam SY0-501) 5th editionDidesnis paveikslėlis
  • Formatas: Hardback, weight: 1232 g, Illustrations
  • Išleidimo metai: 20-Jan-2018
  • Leidėjas: McGraw-Hill Education
  • ISBN-10: 1260019322
  • ISBN-13: 9781260019322
Kitos knygos pagal šią temą:
Pastovi nuoroda: https://www.kriso.lt/db/9781260019322.html
Raktažodžiai:

This fully updated study guide covers every topic on the current version of the CompTIA Security+ exam

Take the latest version of the CompTIA Security+ exam with complete confidence using the detailed information contained in this highly effective self-study system. Written by a team of leading information security experts, this authoritative guide addresses the skills required for securing a network and managing risk and enables you to become CompTIA Security+ certified.

CompTIA Security+ All-in-One Exam Guide, Fifth Edition (Exam SY0-501) covers all exam domains and features 200 accurate practice questions. To aid in study, the book features learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. All questions mirror those on the live test in style, format, and difficulty. Beyond fully preparing you for the challenging SY0-501 exam, the book also serves as a valuable on-the-job reference for IT professionals.

• Provides 100% coverage of every objective on exam SY0-501
• Electronic content includes 200 practice questions and a secured book PDF
• Written by a team of experienced IT security academics

Preface xxxii
Acknowledgments xxxiii
Introduction xxxiv
Objective Map: Exam SYO-501 xxxix
Part I Threats, Attacks, and Vulnerabilities
Chapter 1 Malware and Indicators of Compromise
3(14)
Malware
3(7)
Polymorphic Malware
4(1)
Viruses
4(1)
Crypto-malware
4(1)
Ransomware
5(1)
Worm
5(1)
Trojan
6(1)
Rootkit
6(1)
Keylogger
7(1)
Adware
7(1)
Spyware
8(1)
Bots
8(1)
RAT
8(1)
Logic Bomb
9(1)
Backdoor
9(1)
Indicators of Compromise
10(1)
Chapter Review
11(6)
Questions
12(3)
Answers
15(2)
Chapter 2 Attacks
17(40)
Social Engineering Methods
18(7)
Phishing
19(1)
Spear Phishing
19(1)
Whaling
19(1)
Vishing
20(1)
Tailgating
20(1)
Impersonation
21(1)
Dumpster Diving
22(1)
Shoulder Surfing
22(1)
Hoax
23(1)
Watering Hole Attack
23(1)
Social Engineering Principles
23(2)
Application/Service Attacks
25(17)
DoS
26(1)
DDoS
27(2)
Man-in-the-Middle
29(1)
Buffer Overflow
29(1)
Injection
30(1)
Cross-Site Scripting
31(1)
Cross-Site Request Forgery
32(1)
Privilege Escalation
32(1)
ARP Poisoning
32(1)
Amplification
33(1)
DNS Poisoning
33(2)
Domain Hijacking
35(1)
Man-in-the-Browser
36(1)
Zero Day
36(1)
Replay
36(1)
Pass the Hash
37(1)
Hijacking and Related Attacks
37(1)
Driver Manipulation
38(1)
Spoofing
39(1)
MAC Spoofing
39(1)
IP Address Spoofing
39(3)
Wireless Attacks
42(5)
Replay
42(1)
IV
43(1)
Evil Twin
43(1)
Rogue AP
43(1)
Jamming
43(1)
WPS
44(1)
Bluejacking
44(1)
Bluesnarfing
45(1)
RFID
45(1)
NFC
46(1)
Disassociation
46(1)
Cryptographic Attacks
47(3)
Birthday
47(1)
Known Plaintext/Ciphertext
47(1)
Password Attacks
47(1)
Rainbow Tables
48(1)
Dictionary
48(1)
Brute Force
49(1)
Hybrid Attack
49(1)
Collision
49(1)
Downgrade
50(1)
Replay
50(1)
Weak Implementations
50(1)
Chapter Review
50(7)
Questions
51(3)
Answers
54(3)
Chapter 3 Threat Actors
57(14)
Types of Actors
57(5)
Script Kiddies
58(1)
Hacktivists
58(1)
Organized Crime
59(1)
Nation States/APT
59(1)
Insiders
60(1)
Competitors
61(1)
Attributes of Actors
62(1)
Internal/External
62(1)
Level of Sophistication
62(1)
Resources/Funding
62(1)
Intent/Motivation
62(1)
Use of Open Source Intelligence
63(1)
Chapter Review
64(7)
Questions
64(3)
Answers
67(4)
Chapter 4 Vulnerability Scanning and Penetration Testing
71(12)
Penetration Testing Concepts
71(5)
Active Reconnaissance
72(1)
Passive Reconnaissance
72(2)
Pivot
74(1)
Initial Exploitation
74(1)
Persistence
74(1)
Escalation of Privilege
74(1)
Black Box
75(1)
White Box
75(1)
Gray Box
75(1)
Pen Testing vs. Vulnerability Scanning
76(1)
Vulnerability Scanning Concepts
76(2)
Passively Test Security Controls
76(1)
Identify Vulnerability
76(1)
Identify Lack of Security Controls
77(1)
Identify Common Misconfigurations
77(1)
Intrusive vs. Non-intrusive
77(1)
Credentialed vs. Non-credentialed
77(1)
False Positive
77(1)
Chapter Review
78(5)
Questions
78(3)
Answers
81(2)
Chapter 5 Vulnerabilities and Impacts
83(20)
Race Conditions
83(1)
System Vulnerabilities
84(1)
End-of-Life Systems
84(1)
Embedded Systems
85(1)
Lack of Vendor Support
85(1)
Improper Input Handling
85(1)
Improper Error Handling
86(1)
Misconfiguration/Weak Configuration
87(1)
Default Configuration
87(1)
Resource Exhaustion
88(1)
Untrained Users
88(1)
Improperly Configured Accounts
89(1)
Vulnerable Business Processes
89(1)
Weak Cipher Suites and Implementations
89(1)
Memory/Buffer Vulnerability
90(2)
Memory Leak
90(1)
Integer Overflow
91(1)
Buffer Overflow
91(1)
Pointer Dereference
91(1)
DLL Injection
92(1)
System Sprawl/Undocumented Assets
92(1)
Architecture/Design Weaknesses
93(1)
New Threats/Zero Day
93(1)
Improper Certificate and Key Management
94(1)
Chapter Review
94(9)
Questions
94(4)
Answers
98(5)
Part II Technologies and Tools
Chapter 6 Network Components
103(42)
Firewall
103(5)
How Do Firewalls Work?
105(1)
Firewall Rules
106(1)
ACL
106(1)
Application-Based vs. Network-Based
106(1)
Stateful vs. Stateless
107(1)
Implicit Deny
107(1)
Secure Network Administration Principles
108(1)
Rule-Based Management
108(1)
VPN Concentrator
108(8)
Remote Access vs. Site-to-Site
108(1)
IPSec
109(6)
Split Tunnel vs. Full Tunnel
115(1)
TLS
115(1)
Always-on VPN
116(1)
NIPS/NIDS
116(4)
Signature-Based
117(1)
Heuristic/Behavioral
117(1)
Anomaly
118(1)
Inline vs. Passive
118(1)
In-Band vs. Out-of-Band
118(1)
Rules
118(1)
Analytics
119(1)
Router
120(1)
ACLs
121(1)
Antispoofing
121(1)
Switch
121(3)
Port Security
122(1)
Layer 2 vs. Layer 3
123(1)
Loop Prevention
123(1)
Flood Guard
123(1)
Proxy
124(1)
Forward and Reverse Proxy
124(1)
Transparent
124(1)
Application/Multipurpose
124(1)
Load Balancer
125(2)
Scheduling
126(1)
Active-Passive
126(1)
Active-Active
126(1)
Virtual IPs
126(1)
Access Point
127(3)
SSID
127(1)
MAC Filtering
128(1)
Signal Strength
128(1)
Band Selection/Width
128(1)
Antenna Types and Placement
129(1)
Fat vs. Thin
130(1)
Controller-Based vs. Standalone
130(1)
SIEM
130(2)
Aggregation
131(1)
Correlation
131(1)
Automated Alerting and Triggers
131(1)
Time Synchronization
131(1)
Event Deduplication
132(1)
Logs/WORM
132(1)
DLP
132(1)
USB Blocking
132(1)
Cloud-Based
133(1)
E-mail
133(1)
NAC
133(2)
Dissolvable vs. Permanent
134(1)
Host Health Checks
134(1)
Agent vs. Agentless
135(1)
Mail Gateway
135(3)
Spam Filter
135(2)
DLP
137(1)
Encryption
137(1)
Bridge
138(1)
SSL/TLS Accelerators
138(1)
SSL Decryptors
139(1)
Media Gateway
139(1)
Hardware Security Module
139(1)
Chapter Review
140(5)
Questions
140(3)
Answers
143(2)
Chapter 7 Security Tools and Technologies
145(24)
Protocol Analyzer
145(2)
Switched Port Analyzer
146(1)
Network Scanners
147(2)
Rogue System Detection
149(1)
Network Mapping
149(1)
Wireless Scanners/Cracker
149(1)
Password Cracker
150(1)
Vulnerability Scanner
150(3)
Configuration Compliance Scanner
153(1)
Exploitation Frameworks
154(1)
Data Sanitization Tools
154(1)
Steganography Tools
154(1)
Honeypot
155(1)
Backup Utilities
155(1)
Banner Grabbing
155(1)
Passive vs. Active
156(1)
Command-Line Tools
157(4)
ping
157(1)
netstat
158(1)
tracert
158(1)
nslookup/dig
158(1)
arp
159(1)
ipconfig/ip/ifconfig
160(1)
tcpdump
160(1)
nmap
160(1)
netcat
160(1)
Security Technologies
161(1)
HIDS/HIPS
161(1)
Antivirus
161(1)
File Integrity Check
161(1)
Host-Based Firewall
161(1)
Application Whitelisting
162(1)
Removable Media Control
162(1)
Advanced Malware Tools
162(1)
Patch Management Tools
162(1)
UTM
163(1)
DLP
163(1)
Data Execution Prevention
163(1)
Web Application Firewall
163(1)
Chapter Review
164(5)
Questions
164(2)
Answers
166(3)
Chapter 8 Troubleshooting Common Security Issues
169(14)
Unencrypted Credentials/Clear Text
169(1)
Logs and Events Anomalies
170(1)
Permission Issues
170(1)
Access Violations
170(1)
Certificate Issues
171(1)
Data Exfiltration
171(1)
Misconfigured Devices
171(2)
Firewall
172(1)
Content Filter
172(1)
Access Points
172(1)
Weak Security Configurations
173(1)
Personnel Issues
173(2)
Policy Violation
173(1)
Insider Threat
174(1)
Social Engineering
174(1)
Social Media
175(1)
Personal E-mail
175(1)
Unauthorized Software
175(1)
Baseline Deviation
176(1)
License Compliance Violation (Availability/Integrity)
176(1)
Asset Management
177(1)
Authentication Issues
177(1)
Chapter Review
177(6)
Questions
178(2)
Answers
180(3)
Chapter 9 Mobile Devices
183(20)
Connection Methods
183(4)
Cellular
184(1)
Wi-Fi
184(1)
SATCOM
184(1)
Bluetooth
184(1)
NFC
185(1)
ANT
185(1)
Infrared
186(1)
USB
186(1)
Mobile Device Management Concepts
187(5)
Application Management
187(1)
Content Management
188(1)
Remote Wipe
188(1)
Geofencing
188(1)
Geolocation
189(1)
Screen Locks
189(1)
Push Notification Services
189(1)
Passwords and Pins
190(1)
Biometrics
191(1)
Context-Aware Authentication
191(1)
Containerization
191(1)
Storage Segmentation
191(1)
Full Device Encryption
191(1)
Enforcement and Monitoring
192(4)
Third-Party App Stores
192(1)
Rooting/Jailbreaking
192(1)
Sideloading
193(1)
Custom Firmware
193(1)
Carrier Unlocking
193(1)
Firmware OTA Updates
193(1)
Camera Use
194(1)
SMS/MMS
194(1)
External Media
194(1)
USB OTG
194(1)
Recording Microphone
195(1)
GPS Tagging
195(1)
Wi-Fi Direct/Ad Hoc
195(1)
Tethering
196(1)
Payment Methods
196(1)
Deployment Models
196(2)
BYOD
197(1)
CYOD
197(1)
COPE
197(1)
Corporate-Owned
197(1)
VDI
197(1)
Chapter Review
198(5)
Questions
198(3)
Answers
201(2)
Chapter 10 Implementing Secure Protocols
203(12)
Secure Protocols
203(3)
DNSSEC
204(1)
SSH
204(1)
S/MIME
204(1)
SRTP
205(1)
LDAPS
205(1)
FTPS
205(1)
SFTP
205(1)
SNMPv3
205(1)
SSL/TLS
206(1)
HTTPS
206(1)
Secure POP/IMAP
206(1)
Use Cases
206(3)
Voice and Video
207(1)
Time Synchronization
207(1)
E-mail and Web
207(1)
File Transfer
207(1)
Directory Services
207(1)
Remote Access
208(1)
Domain Name Resolution
208(1)
Routing and Switching
208(1)
Network Address Allocation
208(1)
Subscription Services
209(1)
Chapter Review
209(6)
Questions
209(3)
Answers
212(3)
Part III Architecture and Design
Chapter 11 Architecture Frameworks and Secure Network Architectures
215(26)
Industry-Standard Frameworks and Reference Architectures
216(1)
Regulatory
216(1)
Non-regulatory
216(1)
National vs. International
217(1)
Industry-Specific Frameworks
217(1)
Benchmarks/Secure Configuration Guides
217(3)
Platform/Vendor-Specific Guides
218(1)
General Purpose Guides
219(1)
Defense-in-Depth/Layered Security
220(1)
Vendor Diversity
220(1)
Control Diversity
220(1)
User Training
221(1)
Zones/Topologies
221(7)
DMZ
222(1)
Extranet
223(1)
Intranet
224(1)
Wireless
224(1)
Guest
225(1)
Honeynets
225(1)
NAT
225(2)
Ad Hoc
227(1)
Segregation/Segmentation/Isolation
228(4)
Physical
229(1)
Logical (VLAN)
229(2)
Virtualization
231(1)
Air Gaps
231(1)
Tunneling/VPN
232(1)
Site-to-Site
232(1)
Remote Access
232(1)
Security Device/Technology Placement
232(4)
Sensors
233(1)
Collectors
233(1)
Correlation Engines
233(1)
Filters
233(1)
Proxies
234(1)
Firewalls
234(1)
VPN Concentrators
234(1)
SSL Accelerators
234(1)
Load Balancers
234(1)
DDoS Mitigator
235(1)
Aggregation Switches
235(1)
Taps and Port Mirror
235(1)
SDN
236(1)
Chapter Review
236(5)
Questions
236(3)
Answers
239(2)
Chapter 12 Secure Systems Design and Deployment
241(20)
Hardware/Firmware Security
241(3)
FDE/SED
242(1)
TPM
242(1)
HSM
242(1)
UEFI/BIOS
243(1)
Secure Boot and Attestation
243(1)
Supply Chain
243(1)
Hardware Root of Trust
244(1)
EMI/EMP
244(1)
Operating Systems
244(6)
Types
245(2)
Patch Management
247(1)
Disabling Unnecessary Ports and Services
247(1)
Least Functionality
248(1)
Secure Configurations
248(1)
Trusted Operating System
249(1)
Application Whitelisting/Blacklisting
249(1)
Disable Default Accounts/Passwords
250(1)
Peripherals
250(2)
Wireless Keyboards
250(1)
Wireless Mice
251(1)
Displays
251(1)
Wi-Fi-Enabled MicroSD Cards
251(1)
Printers/MFDs
251(1)
External Storage Devices
252(1)
Digital Cameras
252(1)
Sandboxing
252(1)
Environment
253(1)
Development
253(1)
Test
253(1)
Staging
253(1)
Production
254(1)
Secure Baseline
254(1)
Integrity Measurement
254(1)
Chapter Review
255(6)
Questions
255(3)
Answers
258(3)
Chapter 13 Embedded Systems
261(14)
SCADA/ICS
262(1)
Smart Devices/IoT
262(2)
Wearable Technology
263(1)
Home Automation
263(1)
HVAC
264(1)
SoC
264(1)
RTOS
264(1)
Printers/MFDs
265(1)
Camera Systems
265(1)
Special Purpose
266(2)
Medical Devices
266(1)
Vehicles
267(1)
Aircraft/UAV
267(1)
Chapter Review
268(7)
Questions
269(3)
Answers
272(3)
Chapter 14 Application Development and Deployment
275(20)
Development Lifecycle Models
275(2)
Waterfall vs. Agile
275(2)
Secure DevOps
277(2)
Security Automation
278(1)
Continuous Integration
278(1)
Baselining
278(1)
Immutable Systems
279(1)
Infrastructure as Code
279(1)
Version Control and Change Management
279(1)
Provisioning and Deprovisioning
280(1)
Secure Coding Techniques
280(5)
Proper Error Handling
281(1)
Proper Input Validation
281(1)
Normalization
282(1)
Stored Procedures
282(1)
Code Signing
283(1)
Encryption
283(1)
Obfuscation/Camouflage
283(1)
Code Reuse/Dead Code
283(1)
Server-Side vs. Client-Side Execution and Validation
284(1)
Memory Management
285(1)
Use of Third-Party Libraries and SDKs
285(1)
Data Exposure
285(1)
Code Quality and Testing
285(3)
Static Code Analyzers
286(1)
Dynamic Analysis (e.g., Fuzzing)
286(1)
Stress Testing
287(1)
Sandboxing
288(1)
Model Verification
288(1)
Compiled vs. Runtime Code
288(1)
Chapter Review
289(6)
Questions
289(3)
Answers
292(3)
Chapter 15 Cloud and Virtualization
295(12)
Hypervisor
295(2)
Type I
296(1)
Type II
296(1)
Application Cells/Containers
296(1)
VM Sprawl Avoidance
297(1)
VM Escape Protection
297(1)
Cloud Storage
297(1)
Cloud Deployment Models
298(2)
SaaS
298(1)
PaaS
298(1)
IaaS
298(1)
Private
299(1)
Public
299(1)
Hybrid
299(1)
Community
299(1)
On-Premise vs. Hosted vs. Cloud
300(1)
VDI/VDE
300(1)
Cloud Access Security Broker
300(1)
Security as a Service
301(1)
Chapter Review
301(6)
Questions
302(3)
Answers
305(2)
Chapter 16 Resiliency and Automation Strategies
307(14)
Automation/Scripting
307(2)
Automated Courses of Action
308(1)
Continuous Monitoring
308(1)
Configuration Validation
308(1)
Templates
309(1)
Master Image
310(1)
Non-persistence
310(2)
Snapshots
310(1)
Revert to Known State
311(1)
Rollback to Known Configuration
311(1)
Live Boot Media
311(1)
Elasticity
312(1)
Scalability
312(1)
Distributive Allocation
312(1)
Redundancy
312(1)
Fault Tolerance
313(1)
High Availability
313(1)
RAID
314(1)
Chapter Review
315(6)
Questions
315(3)
Answers
318(3)
Chapter 17 Physical Security Controls
321(22)
Lighting
321(1)
Signs
322(1)
Fencing/Gate/Cage
322(1)
Security Guards
322(1)
Alarms
323(1)
Safe
323(1)
Secure Cabinets/Enclosures
323(1)
Protected Distribution/Protected Cabling
324(1)
Airgap
324(1)
Mantrap
324(1)
Faraday Cages
324(1)
Lock Types
325(2)
Biometrics
327(1)
Barricades/Bollards
328(1)
Tokens/Cards
329(1)
Environmental Controls
329(5)
HVAC
329(1)
Hot and Cold Aisles
330(1)
Fire Suppression
330(4)
Cable Locks
334(1)
Screen Filters
334(1)
Cameras
334(1)
Motion Detection
335(1)
Logs
336(1)
Infrared Detection
336(1)
Key Management
336(1)
Chapter Review
336(7)
Questions
337(2)
Answers
339(4)
Part IV Identity and Access Management
Chapter 18 Identity, Access, and Accounts
343(20)
Identification, Authentication, Authorization, and Accounting (AAA)
343(1)
Multifactor Authentication
344(2)
Something You Are
345(1)
Something You Have
345(1)
Something You Know
345(1)
Something You Do
346(1)
Somewhere You Are
346(1)
Federation
346(1)
Single Sign-on
347(1)
Transitive Trust
347(1)
Account Types
347(3)
User Account
347(1)
Stated and Generic Accounts/Credentials
348(1)
Guest Accounts
349(1)
Service Accounts
349(1)
Privileged Accounts
349(1)
General Concepts
350(4)
Least Privilege
350(1)
Onboarding/Offboarding
350(1)
Permission Auditing and Review
350(1)
Usage Auditing and Review
350(1)
Time-of-Day Restrictions
351(1)
Recertification
351(1)
Standard Naming Convention
351(1)
Account Maintenance
352(1)
Group-Based Access Control
352(2)
Location-Based Policies
354(1)
Account Policy Enforcement
354(4)
Credential Management
354(1)
Group Policy
355(1)
Password Complexity
355(1)
Expiration
355(1)
Recovery
356(1)
Disablement
356(1)
Lockout
356(1)
Password History
357(1)
Password Reuse
357(1)
Password Length
357(1)
Chapter Review
358(5)
Questions
358(3)
Answers
361(2)
Chapter 19 Identity and Access Services
363(16)
LDAP
363(1)
Kerberos
364(1)
TACACS+
365(3)
TACACS+ Authentication
366(1)
TACACS+ Authorization
366(2)
TACACS+ Accounting
368(1)
CHAP
368(1)
PAP
369(1)
MSCHAP
369(1)
RADIUS
369(3)
SAML
372(1)
OpenID Connect
372(1)
OAUTH
372(1)
Shibboleth
373(1)
Secure Token
373(1)
NTLM
373(1)
Chapter Review
374(5)
Questions
374(3)
Answers
377(2)
Chapter 20 Identity and Access Management Controls
379(24)
Access Control Models
379(4)
MAC
381(1)
DAC
381(1)
ABAC
382(1)
Role-Based Access Control
382(1)
Rule-Based Access Control
382(1)
Physical Access Control
383(1)
Proximity Cards
383(1)
Smart Cards
384(1)
Biometric Factors
384(5)
Fingerprint Scanner
385(1)
Retinal Scanner
385(1)
Iris Scanner
385(1)
Voice Recognition
386(1)
Facial Recognition
386(1)
False Positives and False Negatives
386(1)
False Acceptance Rate
387(1)
False Rejection Rate
388(1)
Crossover Error Rate
388(1)
Biometrics Calculation Example
389(1)
Tokens
389(3)
Hardware
391(1)
Software
391(1)
HOTP/TOTP
392(1)
Certificate-Based Authentication
392(1)
PIV/CAC/Smart Card
392(1)
IEEE 802.1x
392(1)
File System Security
393(1)
Database Security
393(1)
Chapter Review
394(9)
Questions
394(3)
Answers
397(6)
Part V Risk Management
Chapter 21 Policies, Plans, and Procedures
403(16)
Standard Operating Procedure
404(1)
Agreement Types
404(1)
BPA
404(1)
SLA
404(1)
ISA
405(1)
MOU/MOA
405(1)
Personnel Management
405(6)
Mandatory Vacations
405(1)
Job Rotation
406(1)
Separation of Duties
406(1)
Clean Desk
407(1)
Background Checks
407(1)
Exit Interviews
407(1)
Role-Based Awareness Training
407(2)
NDA
409(1)
Onboarding
409(1)
Continuing Education
410(1)
Acceptable Use Policy/Rules of Behavior
410(1)
Adverse Actions
411(1)
General Security Policies
411(2)
Social Media Networks/Applications
412(1)
Personal E-mail
412(1)
Chapter Review
413(6)
Questions
413(3)
Answers
416(3)
Chapter 22 Risk Management and Business Impact Analysis
419(22)
Business Impact Analysis Concepts
419(5)
RTO/RPO
420(1)
MTBF
420(1)
MTTR
420(1)
Mission-Essential Functions
421(1)
Identification of Critical Systems
421(1)
Single Point of Failure
421(1)
Impact
422(1)
Privacy Impact Assessment
423(1)
Privacy Threshold Assessment
423(1)
Risk Management Concepts
424(9)
Threat Assessment
424(1)
Risk Assessment
425(7)
Change Management
432(1)
Security Controls
433(2)
Deterrent
433(1)
Preventive
433(1)
Detective
434(1)
Corrective
434(1)
Compensating
434(1)
Technical
434(1)
Administrative
434(1)
Physical
434(1)
Chapter Review
435(6)
Questions
435(3)
Answers
438(3)
Chapter 23 Incident Response, Disaster Recovery, and Continuity of Operations
441(20)
Incident Response Plan
442(2)
Documented Incident Types/Category Definitions
442(1)
Roles and Responsibilities
442(1)
Reporting Requirements/Escalation
443(1)
Cyber-Incident Response Teams
443(1)
Exercise
444(1)
Incident Response Process
444(2)
Preparation
444(1)
Identification
444(1)
Containment
445(1)
Eradication
445(1)
Recovery
446(1)
Lessons Learned
446(1)
Disaster Recovery
446(1)
Recovery Sites
447(1)
Hot Sites
447(1)
Warm Sites
447(1)
Cold Sites
447(1)
Order of Restoration
448(1)
Backup Concepts
448(2)
Differential
449(1)
Incremental
449(1)
Snapshots
450(1)
Full
450(1)
Geographic Considerations
450(2)
Off-Site Backups
451(1)
Distance
451(1)
Location Selection
451(1)
Legal Implications
451(1)
Data Sovereignty
452(1)
Continuity of Operation Planning
452(2)
Exercises/Tabletop
452(1)
After-Action Reports
453(1)
Failover
453(1)
Alternate Processing Sites
453(1)
Alternate Business Practices
454(1)
Chapter Review
454(7)
Questions
455(2)
Answers
457(4)
Chapter 24 Digital Forensics
461(16)
Order of Volatility
461(1)
Chain of Custody
462(1)
Legal Hold
463(1)
Data Acquisition
464(5)
Standards for Evidence
465(1)
Types of Evidence
465(1)
Three Rules Regarding Evidence
465(1)
Capture System Image
466(1)
Network Traffic and Logs
467(1)
Capture Video
467(1)
Record Time Offset
467(1)
Take Hashes
468(1)
Screenshots
468(1)
Witness Interviews
469(1)
Preservation
469(1)
Recovery
470(1)
Strategic Intelligence/Counterintelligence Gathering
470(1)
Active Logging
471(1)
Track Man-Hours
471(1)
Chapter Review
471(6)
Questions
472(3)
Answers
475(2)
Chapter 25 Data Security and Privacy Practices
477(14)
Data Destruction and Media Sanitization
477(2)
Burning
478(1)
Shredding
478(1)
Pulping
478(1)
Pulverizing
478(1)
Degaussing
479(1)
Purging
479(1)
Wiping
479(1)
Data Sensitivity Labeling and Handling
479(3)
Confidential
480(1)
Private
480(1)
Public
480(1)
Proprietary
481(1)
PII
481(1)
PHI
481(1)
Data Roles
482(1)
Owner
482(1)
Steward/Custodian
482(1)
Privacy Officer
482(1)
Data Retention
482(1)
Legal and Compliance
483(2)
Chapter Review
485(6)
Questions
485(3)
Answers
488(3)
Part VI Cryptography and Public Key Infrastructure
Chapter 26 Cryptographic Concepts
491(22)
General Cryptographic Concepts
491(7)
Fundamental Methods
492(1)
Symmetric Algorithms
492(1)
Modes of Operation
493(1)
Asymmetric Algorithms
494(1)
Symmetric vs. Asymmetric
495(1)
Hashing
495(1)
Salt, IV, Nonce
496(1)
Elliptic Curve
497(1)
Weak/Deprecated Algorithms
498(1)
Key Exchange
498(1)
Cryptographic Objectives
498(9)
Digital Signatures
499(1)
Diffusion
500(1)
Confusion
500(1)
Collision
500(1)
Steganography
500(1)
Obfuscation
501(1)
Stream vs. Block
501(1)
Key Strength
502(1)
Session Keys
502(1)
Ephemeral Key
502(1)
Secret Algorithm
503(1)
Data-in-Transit
503(1)
Data-at-Rest
503(1)
Data-in-Use
503(1)
Random/Pseudo-Random Number Generation
504(1)
Key Stretching
504(1)
Implementation vs. Algorithm Selection
504(1)
Perfect Forward Secrecy
505(1)
Security Through Obscurity
505(1)
Common Use Cases
505(2)
Chapter Review
507(6)
Questions
507(3)
Answers
510(3)
Chapter 27 Cryptographic Algorithms
513(16)
Symmetric Algorithms
513(3)
DES
513(1)
3DES
514(1)
AES
514(1)
RC4
515(1)
Blowfish/Twofish
515(1)
Cipher Modes
516(1)
CBC
516(1)
GCM
516(1)
ECB
516(1)
CTM/CTR
516(1)
Stream vs. Block
517(1)
Asymmetric Algorithms
517(3)
RSA
518(1)
DSA
518(1)
Diffie-Hellman
518(1)
Elliptic Curve
519(1)
PGP/GPG
520(1)
Hashing Algorithms
520(2)
MD5
520(1)
SHA
520(1)
HMAC
521(1)
RIPEMD
522(1)
Key Stretching Algorithms
522(1)
BCRYPT
522(1)
PBKDF2
522(1)
Obfuscation
523(1)
XOR
523(1)
ROT13
523(1)
Substitution Ciphers
523(1)
Chapter Review
524(5)
Questions
524(2)
Answers
526(3)
Chapter 28 Wireless Security
529(14)
Cryprographic Protocols
530(2)
WEP
530(1)
WPA
531(1)
WPA2
531(1)
CCMP
531(1)
TKIP
531(1)
Authentication Protocols
532(2)
EAP
532(1)
PEAP
532(1)
EAP-FAST
532(1)
EAP-TLS
533(1)
EAP-TTLS
533(1)
IEEE
802. IX
533(1)
RADIUS Federation
533(1)
Methods
534(3)
PSK vs. Enterprise vs. Open
534(1)
WPS
535(1)
Setting Up WPA2
535(1)
Captive Portals
535(2)
Chapter Review
537(6)
Questions
538(2)
Answers
540(3)
Chapter 29 Public Key Infrastructure
543(30)
PKI Components
543(9)
Certificate Authority
546(1)
Intermediate CA
546(1)
Revocation
547(2)
Suspension
549(1)
CSR
550(1)
Certificate
550(2)
Public Key
552(1)
Private Key
552(1)
Object Identifiers
552(1)
PKI Concepts
552(8)
Online vs. Offline CA
552(1)
Stapling
553(1)
Pinning
553(1)
Trust Model
553(6)
Key Escrow
559(1)
Certificate Chaining
559(1)
Types of Certificates
560(4)
Wildcard
561(1)
SAN
562(1)
Code Signing
562(1)
Self-Signed
563(1)
Machine/Computer
563(1)
E-mail
563(1)
User
563(1)
Root
563(1)
Domain Validation
564(1)
Extended Validation
564(1)
Certificate Formats
564(2)
DER
565(1)
PEM
565(1)
CER
565(1)
KEY
565(1)
PFX
566(1)
P12
566(1)
P7B
566(1)
Chapter Review
566(7)
Questions
566(3)
Answers
569(4)
Part VII Appendixes and Glossary
Appendix A OSI Model and Internet Protocols
573(10)
Networking Frameworks and Protocols
573(1)
OSI Model
574(4)
Application Layer
576(1)
Presentation Layer
577(1)
Session Layer
577(1)
Transport Layer
577(1)
Network Layer
577(1)
Data Link Layer
578(1)
Physical Layer
578(1)
Internet Protocols
578(3)
TCP
578(1)
UDP
579(1)
IP
579(1)
Message Encapsulation
580(1)
Review
581(2)
Appendix B About the CD-ROM
583(2)
System Requirements
583(1)
Installing and Running Total Tester Premium Practice Exam Software
583(1)
Total Tester Premium Practice Exam Software
583(1)
Secured Book PDF
584(1)
Technical Support
584(1)
Glossary 585(34)
Index 619
Wm. Arthur Conklin (Houston, TX), Security+, CISSP, is an Assistant Professor in the Information and Logistics Technology department at the University of Houston. In addition to his PhD, Mr. Conklin has a MBA from UTSA, and two graduate degrees in Electrical Engineering from the Naval Postgraduate School in Monterey, California. Dr. Conklins interests are information security, systems theory, and secure software design.





Greg White (San Antonio, TX), CompTIA Security+, CISSP, is an Associate Professor in the Department of Computer Science at the University of Texas at San Antonio. Dr. White is the Director of the Center for Infrastructure Assurance and Security at UTSA.





Chuck Cothren is a Research Scientist at University of Texas at San Antonio (UTSA) Center for Infrastructure Assurance and Security (CIAS) and currently serves on the Information Security Associations Alamo Chapter Board of Directors. Mr. Cothren has a wide array of security experience including performing controlled penetration testing, network security policies, computer intrusion forensics, and computer training. He is a Certified Information Systems Security Professional (CISSP) and has co-authored other McGraw-Hill/Osborne titles. Mr. Cothren holds a B.S. in Industrial Distribution from Texas A&M University.





Roger L. Davis is a Senior Internal Audit Manager at NuSkin Enterprises and is responsible for evaluating global business operations in over 35 countries. He is a retired Air Force Colonel with over 20 years of military and information security experience. Mr. Davis is a Certified Information Systems Security Professional (CISSP) and holds a Masters Degree in Computer Science from George Washington University.