Muutke küpsiste eelistusi

CompTIA Securityplus Guide to Network Security Fundamentals 7th edition [Pehme köide]

4.08/5 (70 hinnangut Goodreads-ist)
(Western Kentucky University)
  • Formaat: Paperback / softback, 784 pages, kõrgus x laius x paksus: 22x213x274 mm, kaal: 1156 g
  • Ilmumisaeg: 16-Dec-2020
  • Kirjastus: Course Technology Inc
  • ISBN-10: 0357424379
  • ISBN-13: 9780357424377
Teised raamatud teemal:
  • Pehme köide
  • Hind: 86,47 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Tavahind: 108,09 €
  • Säästad 20%
  • Raamatu kohalejõudmiseks kirjastusest kulub orienteeruvalt 2-4 nädalat
  • Kogus:
  • Lisa ostukorvi
  • Tasuta tarne
  • Tellimisaeg 2-4 nädalat
  • Lisa soovinimekirja
CompTIA Securityplus Guide to Network Security Fundamentals 7th editionSuurem pilt
  • Formaat: Paperback / softback, 784 pages, kõrgus x laius x paksus: 22x213x274 mm, kaal: 1156 g
  • Ilmumisaeg: 16-Dec-2020
  • Kirjastus: Course Technology Inc
  • ISBN-10: 0357424379
  • ISBN-13: 9780357424377
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9780357424377.html
Märksõnad:
Reflecting the latest developments and emerging trends from the field, COMPTIA SECURITY+ GUIDE TO NETWORK SECURITY FUNDAMENTALS, Seventh Edition, helps you prepare for professional certification -- and career success. The text fully maps to the new CompTIA Security+ SY0-601 Certification Exam, providing thorough coverage of all domain objectives. In addition to its comprehensive coverage of the fundamental essentials of network and computer security, the seventh edition includes expanded coverage of security evaluations, embedded device and Internet of Things (IoT) security, and cloud and virtualization security. Practical, Hands-On Projects, case activities and online virtual labs help you put what you learn into real-world practice, while the innovative Information Security Community Site connects you to up-to-the-minute news and insights from the information security field.
Introduction ix
Part 1 Security Fundamentals 1(62)
Module 1 Introduction To Security
3(30)
What Is Information Security?
5(2)
Understanding Security
5(1)
Defining Information Security
5(2)
Who Are the Threat Actors?
7(4)
Script Kiddies
8(1)
Hacktivists
9(1)
State Actors
9(1)
Insiders
10(1)
Other Threat Actors
10(1)
Vulnerabilities and Attacks
11(11)
Vulnerabilities
11(3)
Attack Vectors
14(1)
Social Engineering Attacks
15(6)
Impacts of Attacks
21(1)
Summary
22(1)
Key Terms
23(1)
Review Questions
24(6)
Case Projects
30(3)
Module 2 Threat Management And Cybersecurity Resources
33(30)
Penetration Testing
34(8)
Defining Penetration Testing
34(1)
Why Conduct a Test?
35(1)
Who Should Perform the Test?
35(2)
Rules of Engagement
37(2)
Performing a Penetration Test
39(3)
Vulnerability Scanning
42(8)
What Is a Vulnerability Scan?
42(1)
Conducting a Vulnerability Scan
43(4)
Data Management Tools
47(2)
Threat Hunting
49(1)
Cybersecurity Resources
50(5)
Frameworks
50(2)
Regulations
52(1)
Legislation
53(1)
Standards
53(1)
Benchmarks/Secure Configuration Guides
54(1)
Information Sources
54(1)
Summary
55(1)
Key Terms
56(1)
Review Questions
57(4)
Case Projects
61(2)
Part 2 Endpoint Security 63(92)
Module 3 Threats And Attacks On Endpoints
65(30)
Attacks Using Malware
66(11)
Imprison
67(2)
Launch
69(4)
Snoop
73(2)
Deceive
75(1)
Evade
76(1)
Application Attacks
77(6)
Scripting
78(1)
Injection
78(2)
Request Forgery
80(1)
Replay
80(1)
Attacks on Software
81(2)
Adversarial Artificial Intelligence Attacks
83(3)
What Are Artificial Intelligence (Al) and Machine Learning (ML)?
84(1)
Uses in Cybersecurity
84(1)
Risks in Using Al and ML in Cybersecurity
85(1)
Summary
86(2)
Key Terms
88(1)
Review Questions
88(5)
Case Projects
93(2)
Module 4 Endpoint And Application Development Security
95(32)
Threat Intelligence Sources
96(5)
Categories of Sources
97(2)
Sources of Threat Intelligence
99(2)
Securing Endpoint Computers
101(11)
Confirm Boot Integrity
101(2)
Protect Endpoints
103(4)
Harden Endpoints
107(5)
Creating and Deploying SecDevOps
112(6)
Application Development Concepts
114(1)
Secure Coding Techniques
115(1)
Code Testing
115(3)
Summary
118(2)
Key Terms
120(1)
Review Questions
120(5)
Case Projects
125(2)
Module 5 Mobile, Embedded, And Specialized Device Security
127(28)
Securing Mobile Devices
129(11)
Introduction to Mobile Devices
129(5)
Mobile Device Risks
134(2)
Protecting Mobile Devices
136(4)
Embedded Systems and Specialized Devices
140(5)
Types of Devices
140(4)
Security Issues
144(1)
Summary
145(2)
Key Terms
147(1)
Review Questions
148(4)
Case Projects
152(3)
Part 3 Cryptography 155(68)
Module 6 Basic Cryptography
157(34)
Defining Cryptography
158(2)
What Is Cryptography?
158(2)
Cryptography Use Cases
160(12)
Limitations of Cryptography
162(2)
Cryptographic Algorithms
164(1)
Hash Algorithms
165(1)
Symmetric Cryptographic Algorithms
166(2)
Asymmetric Cryptographic Algorithms
168(4)
Cryptographic Attacks and Defenses
172(3)
Attacks on Cryptography
173(1)
Quantum Cryptographic Defenses
174(1)
Using Cryptography
175(5)
Encryption through Software
175(2)
Hardware Encryption
177(1)
Blockchain
178(2)
Summary
180(1)
Key Terms
181(1)
Review Questions
181(6)
Case Projects
187(4)
Module 7 Public Key Infrastructure And Cryptographic Protocols
191(32)
Digital Certificates
192(10)
Defining Digital Certificates
192(2)
Managing Digital Certificates
194(3)
Types of Digital Certificates
197(5)
Public Key Infrastructure (PKI)
202(5)
What Is Public Key Infrastructure (PKI)?
202(1)
Trust Models
202(2)
Managing PKI
204(1)
Key Management
205(2)
Cryptographic Protocols
207(4)
Secure Sockets Layer (SSL)
208(1)
Transport Layer Security (TLS)
208(1)
Secure Shell (SSH)
208(1)
Hypertext Transport Protocol Secure (HTTPS)
209(1)
Secure/Multipurpose Internet Mail Extensions (S/MIME)
209(1)
Secure Real-time Transport Protocol (SRTP)
209(1)
IP Security (IPsec)
210(1)
Weaknesses of Cryptographic Protocols
210(1)
Implementing Cryptography
211(3)
Key Strength
211(1)
Secret Algorithms
212(1)
Block Cipher Modes of Operation
212(1)
Crypto Service Providers
213(1)
Summary
214(1)
Key Terms
215(1)
Review Questions
216(4)
Case Projects
220(3)
Part 4 Network Security 223(128)
Module 8 Networking Threats, Assessments, And Defenses
225(30)
Attacks on Networks
226(10)
Interception Attacks
227(1)
Layer 2 Attacks
228(3)
DNS Attacks
231(2)
Distributed Denial of Service Attack
233(1)
Malicious Coding and Scripting Attacks
234(2)
Tools for Assessment and Defense
236(4)
Network Reconnaissance and Discovery Tools
237(1)
Linux File Manipulation Tools
238(1)
Scripting Tools
238(1)
Packet Capture and Replay Tools
238(2)
Physical Security Controls
240(1)
External Perimeter Defenses
240(8)
Internal Physical Security Controls
243(2)
Computer Hardware Security
245(1)
SUM MARY
246(2)
Key Terms
248(1)
Review Questions
248(4)
Case Projects
252(3)
Module 9 Network Security Appliances And Technologies
255(30)
Security Appliances
256(10)
Firewalls
257(4)
Proxy Servers
261(1)
Deception Instruments
261(2)
Intrusion Detection and Prevention Systems
263(1)
Network Hardware Security Modules
264(1)
Configuration Management
265(1)
Security Technologies
266(10)
Access Technologies
266(3)
Technologies for Monitoring and Managing
269(3)
Design Technologies
272(4)
Summary
276(2)
Key Terms
278(1)
Review Questions
279(3)
Case Projects
282(3)
Module 10 Cloud And Virtualization Security
285(32)
Cloud Security
286(12)
Introduction to Cloud Computing
286(6)
Securing Cloud Computing
292(6)
Virtualization Security
298(6)
Defining Virtualization
298(2)
Infrastructure as Code
300(2)
Security Concerns for Virtual Environments
302(2)
Secure Network Protocols
304(4)
Simple Network Management Protocol (SNMP)
304(1)
Domain Name System Security Extensions (DNSSEC)
304(1)
File Transfer Protocol (FTP)
305(1)
Secure Email Protocols
306(1)
Lightweight Directory Access Protocol (LDAP)
306(1)
Internet Protocol Version 6 (IPv6)
307(1)
Use Cases
307(1)
Summary
308(2)
Key Terms
310(1)
Review Questions
311(4)
Case Projects
315(2)
Module 11 Wireless Network Security
317(34)
Wireless Attacks
319(12)
Bluetooth Attacks
319(2)
Near Field Communication (NEC) Attacks
321(1)
Radio Frequency Identification (RFID) Attacks
322(1)
Wireless Local Area Network Attacks
323(8)
Vulnerabilities of WLAN Security
331(3)
Wired Equivalent Privacy
331(1)
Wi-Fi Protected Setup
332(1)
MAC Address Filtering
332(1)
Wi-Fi Protected Access (WPA)
333(1)
Wireless Security Solutions
334(2)
Wi-Fi Protected Access 2 (WPA2)
334(2)
Wi-Fi Protected Access 3 (WPA3)
336(1)
Additional Wireless Security Protections
336(4)
Installation
337(1)
Configuration
338(1)
Specialized Systems Communications
339(1)
Rogue AP System Detection
339(1)
Summary
340(2)
Key Terms
342(1)
Review Questions
342(5)
Case Projects
347(4)
Part 5 Enterprise Security 351(128)
Module 12 Authentication
353(36)
Types of Authentication Credentials
354(15)
Something You Know: Passwords
355(6)
Something You Have: Smartphone and Security Keys
361(3)
Something You Are: Biometrics
364(4)
Something You Do: Behavioral Biometrics
368(1)
Authentication Solutions
369(9)
Password Security
370(3)
Secure Authentication Technologies
373(5)
Summary
378(1)
Key Terms
379(1)
Review Questions
380(6)
Case Projects
386(3)
Module 13 Incident Preparation, Response, And Investigation
389(34)
Incident Preparation
390(10)
Reasons for Cybersecurity Incidents
391(6)
Preparing for an Incident
397(3)
Incident Response
400(2)
Use SOAR Runbooks and Playbooks
401(1)
Perform Containment
401(1)
Make Configuration Changes
402(1)
Incident Investigation
402(11)
Data Sources
402(3)
Digital Forensics
405(8)
Summary
413(2)
Key Terms
415(1)
Review Questions
415(5)
Case Projects
420(3)
Module 14 Cybersecurity Resilience
423(30)
Business Continuity
424(12)
Introduction to Business Continuity
424(3)
Resilience Through Redundancy
427(9)
Policies
436(8)
Definition of a Policy
436(1)
Types of Security Policies
437(7)
Summary
444(1)
Key Terms
445(1)
Review Questions
446(5)
Case Projects
451(2)
Module 15 Risk Management And Data Privacy
453(26)
Managing Risk
454(12)
Defining Risk
455(1)
Risk Types
456(1)
Risk Analysis
457(4)
Risk Management
461(5)
Data Privacy
466(4)
User Concerns
467(1)
Data Breach Consequences
468(1)
Data Types
468(1)
Protecting Data
468(2)
Data Destruction
470(1)
Summary
470(2)
Key Terms
472(1)
Review Questions
473(3)
Case Projects
476(3)
Appendices A CompTIA Security+ SYO-601 Certification Exam Objectives 479(26)
Appendices B Two Rights & A Wrong: Answers 505(10)
Glossary 515(28)
Index 543
Dr. Mark Ciampa is a professor of analytics and information systems and the program director of the graduate Cybersecurity Data Analytics program in the Gordon Ford College of Business at Western Kentucky University in Bowling Green, Kentucky. Prior to this, he was an associate professor and served as Director of Academic Computing at Volunteer State Community College in Gallatin, Tennessee for 20 years. Mark has worked in the IT industry as a computer consultant for businesses, government agencies and educational institutions. He has published over 25 articles in peer-reviewed journals and books. He is also the author of over 30 technology textbooks from Cengage, including "Security+ Guide to Network Security Fundamentals," 8e, "CompTIA CySA+ Guide to Cybersecurity Analyst," 3e, "CWNA Guide to Wireless LANs," 3e, "Guide to Wireless Communications," "Security Awareness: Applying Practical Cybersecurity In Your World," 6e and "Networking BASICS." Dr. Ciampa holds a PhD in technology management with a specialization in digital communication systems from Indiana State University and has certifications in security and healthcare.