Muutke küpsiste eelistusi

Principles of Computer Security: CompTIA Securityplus and Beyond, Fifth Edition 5th edition [Pehme köide]

, , , ,
  • Formaat: Paperback / softback, 848 pages, kõrgus x laius x paksus: 274x213x36 mm, kaal: 1910 g
  • Ilmumisaeg: 07-Jul-2018
  • Kirjastus: McGraw-Hill Education
  • ISBN-10: 1260026019
  • ISBN-13: 9781260026016
Teised raamatud teemal:
  • Pehme köide
  • Hind: 129,90 €*
  • * saadame teile pakkumise kasutatud raamatule, mille hind võib erineda kodulehel olevast hinnast
  • See raamat on trükist otsas, kuid me saadame teile pakkumise kasutatud raamatule.
  • Kogus:
  • Lisa ostukorvi
  • Tasuta tarne
  • Lisa soovinimekirja
Principles of Computer Security: CompTIA Securityplus and Beyond, Fifth Edition 5th editionSuurem pilt
  • Formaat: Paperback / softback, 848 pages, kõrgus x laius x paksus: 274x213x36 mm, kaal: 1910 g
  • Ilmumisaeg: 07-Jul-2018
  • Kirjastus: McGraw-Hill Education
  • ISBN-10: 1260026019
  • ISBN-13: 9781260026016
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781260026016.html
Märksõnad:

This thoroughly updated IT security textbook covers every topic on CompTIA Security+ exam SY0-501

Learn IT security fundamentals while getting complete coverage of the latest CompTIA Security+ certification exam objectives. Written by a team of leading security academics, this full-color textbook teaches essential computer and network security skills, including communication, infrastructure, operational security, attack prevention, disaster recovery, computer forensics, and much more.

Principles of Computer Security: CompTIA Security+ and Beyond, Fifth Edition (Exam SY0-501) is presented in an engaging style and features full-color illustrations. Each chapter includes Learning Objectives, Real-world examples, "Try This!" and "Cross Check" exercises, Tech Tips, Notes, Warnings, Exam Tips, and end-of-chapter quizzes and lab projects. The book also comes with a complete electronic practice exam that mirrors the actual CompTIA Security+ certification exam.

• CompTIA Approved Quality Content (CAQC)
• Supplemented by Principles of Computer Security Lab Manual, Fifth Edition, available separately
• Instructor resource materials for adopting instructors include: Instructor Manual, PowerPoint slides featuring artwork from the book, and a test bank of questions for use as quizzes or exams
• Answers to the end of chapter sections are not included in the book and are only available to adopting instructors
• Electronic content includes test engine with full-length practice exam and a secured book PDF
• Written by a team of IT security experts and edited by (ISC)2 vice chairperson Corey D. Schou

Foreword xxiv
Preface xxvi
Introduction xxviii
Instructor Web Site xxxi
Chapter 1 Introduction and Security Trends 1(21)
The Computer Security Problem
1(7)
Definition of Computer Security
1(1)
Historical Security Incidents
1(3)
The Current Threat Environment
4(3)
Ukraine Electric Grid
7(1)
Ransomware
7(1)
Threats to Security
8(5)
Viruses and Worms
8(1)
Intruders
9(1)
Insiders
10(1)
Criminal Organizations
11(1)
Nation-States, Terrorists, and Information Warfare
11(1)
Brand-Name Attacks
12(1)
Attributes of Actors
13(1)
Internal/External
13(1)
Level of Sophistication
13(1)
Resources/Funding
14(1)
Intent/Motivation
14(1)
Security Trends
14(1)
Targets and Attacks
15(1)
Specific Target
15(1)
Opportunistic Target
15(1)
Minimizing Possible Avenues of Attack
15(1)
Approaches to Computer Security
16(2)
Cyberattack Kill Chain
16(1)
Threat Intelligence
17(1)
Open Source Intelligence
17(1)
Ethics
18(1)
Additional References
18(1)
Review
19(3)
Chapter 2 General Security Concepts 22(24)
Basic Security Terminology
23(14)
Security Basics
23(4)
Security Tenets
27(1)
Security Approaches
28(1)
Security Principles
29(8)
Security Models
37(4)
Confidentiality Models
38(1)
Integrity Models
39(2)
Additional References
41(1)
Review
42(4)
Chapter 3 Operational and Organizational Security 46(26)
Policies, Procedures, Standards, and Guidelines
47(14)
Security Policies
48(1)
Change Management Policy
48(1)
Data Policies
49(2)
Password and Account Policies
51(2)
Human Resources Policies
53(7)
Due Care and Due Diligence
60(1)
Due Process
61(1)
Incident Response Policies and Procedures
61(1)
Security Awareness and Training
61(5)
Security Policy Training and Procedures
62(1)
Role-Based Training
62(2)
Continuing Education
64(1)
Compliance with Laws, Best Practices, and Standards
64(1)
User Habits
64(1)
Training Metrics and Compliance
65(1)
Standard Operating Procedure
66(1)
Interoperability Agreements
66(1)
Service Level Agreements
66(1)
Business Partnership Agreement
67(1)
Memorandum of Understanding
67(1)
Interconnection Security Agreement
67(1)
NDA
67(1)
The Security Perimeter
67(2)
Review
69(3)
Chapter 4 The Role of People in Security 72(20)
People-A Security Problem
73(12)
Social Engineering
73(1)
Tools
74(6)
Poor Security Practices
80(5)
People as a Security Tool
85(3)
Security Awareness
85(2)
Security Policy Training and Procedures
87(1)
Review
88(4)
Chapter 5 Cryptography 92(30)
Cryptography in Practice
93(2)
Fundamental Methods
94(1)
Comparative Strengths and Performance of Algorithms
95(1)
Cryptographic Objectives
95(2)
Diffusion
96(1)
Confusion
96(1)
Obfuscation
96(1)
Perfect Forward Secrecy
96(1)
Security Through Obscurity
96(1)
Historical Perspectives
97(5)
Algorithms
97(1)
Substitution Ciphers
98(3)
One-Time Pads
101(1)
Key Management
101(1)
Random Numbers
101(1)
Hashing Functions
102(4)
Message Digest
103(1)
SHA
104(1)
RIPEMD
105(1)
Hashing Summary
106(1)
Symmetric Encryption
106(6)
DES
107(1)
3DES
108(1)
AES
108(1)
CAST
109(1)
RC
109(1)
Blowfish
110(1)
Twofish
110(1)
IDEA
111(1)
Cipher Modes
111(1)
Block vs. Stream
112(1)
Symmetric Encryption Summary
112(1)
Asymmetric Encryption
112(6)
Diffie-Hellman
114(1)
RSA Algorithm
115(1)
ElGamal
115(1)
ECC
116(1)
Asymmetric Encryption Summary
117(1)
Symmetric vs. Asymmetric
117(1)
Quantum Cryptography
118(1)
For More Information
118(1)
Review
119(3)
Chapter 6 Applied Cryptography 122(34)
Cryptography Use
123(4)
Confidentiality
123(1)
Integrity
123(1)
Authentication
124(1)
Nonrepudiation
124(1)
Digital Signatures
124(1)
Digital Rights Management
125(1)
Cryptographic Applications
126(1)
Use of Proven Technologies
127(1)
Cipher Suites
127(8)
Secret Algorithms
128(1)
Key Exchange
129(1)
Key Escrow
129(1)
Session Keys
130(1)
Ephemeral Keys
130(1)
Key Stretching
130(1)
Transport Encryption
131(1)
Data in Transit
132(1)
Data at Rest
133(1)
Data in Use
133(1)
Implementation vs. Algorithm Selection
133(1)
Common Use Cases
133(2)
HMAC
135(1)
S/MIME
135(2)
IETF S/MIME History
136(1)
IETF S/MIME v3 Specifications
136(1)
PGP
137(3)
How PGP Works
138(2)
HTTPS
140(1)
IPsec
140(1)
Steganography
140(2)
Secure Protocols
142(3)
DNSSEC
142(1)
SSH
143(1)
S/MIME
143(1)
SRTP
143(1)
LDAPS
143(1)
FTPS
143(1)
SFTP
144(1)
SNMPv3
144(1)
SSL/TLS
144(1)
HTTPS
144(1)
Secure POP/IMAP
144(1)
Secure Protocol Use Cases
145(2)
Voice and Video
145(1)
Time Synchronization
145(1)
E-mail and Web
145(1)
File Transfer
145(1)
Directory Services
146(1)
Remote Access
146(1)
Domain Name Resolution
146(1)
Routing and Switching
146(1)
Network Address Allocation
146(1)
Subscription Services
146(1)
Cryptographic Attacks
147(4)
Birthday
147(1)
Known Plaintext/Ciphertext
147(1)
Meet-in-the-Middle Attacks
148(1)
Password Attacks
148(2)
Collision
150(1)
Downgrade
150(1)
Replay
150(1)
Weak Implementations
150(1)
Other Standards
151(2)
FIPS
151(1)
Common Criteria
151(1)
ISO/IEC 27002 (Formerly ISO 17799)
151(2)
Review
153(3)
Chapter 7 Public Key Infrastructure 156(48)
The Basics of Public Key Infrastructures
157(1)
Certificate Authorities
158(5)
Registration Authorities
159(1)
Local Registration Authorities
160(1)
Public Certificate Authorities
160(1)
In-house Certificate Authorities
161(1)
Choosing Between a Public CA and an In-house CA
161(1)
Outsourced Certificate Authorities
161(2)
Online vs. Offline CA
163(1)
Stapling
163(1)
Pinning
163(1)
Trust Models
163(6)
Certificate Chaining
165(1)
Hierarchical Trust Model
165(1)
Peer-to-Peer Model
166(1)
Hybrid Trust Model
167(1)
Walking the Certificate Path
168(1)
Digital Certificates
169(8)
Certificate Classes
170(2)
Certificate Extensions
172(1)
Certificate Attributes
173(3)
Certificate Formats
176(1)
Certificate Lifecycles
177(5)
Registration and Generation
177(1)
CSR
178(1)
Renewal
178(1)
Suspension
178(1)
Revocation
179(3)
Key Destruction
182(1)
Certificate Repositories
182(3)
Sharing Key Stores
183(1)
Trust and Certificate Verification
183(2)
Centralized and Decentralized Infrastructures
185(5)
Hardware Security Modules
187(1)
Private Key Protection
187(1)
Key Recovery
188(1)
Key Escrow
189(1)
Certificate-Based Threats
190(1)
Stolen Certificates
191(1)
PKIX and PKCS
191(4)
PKIX Standards
192(1)
PKCS
193(2)
Why You Need to Know the PKIX and PKCS Standards
195(1)
ISAKMP
195(1)
CMP
196(1)
XKMS
197(1)
CEP
198(1)
Review
199(5)
Chapter 8 Physical Security 204(30)
The Security Problem
205(3)
Physical Security Safeguards
208(15)
Walls and Guards
208(3)
Physical Access Controls and Monitoring
211(6)
Electronic Access Control Systems
217(1)
Policies and Procedures
218(5)
Environmental Controls
223(1)
Fire Suppression
224(3)
Water-Based Fire Suppression Systems
224(1)
Halon-Based Fire Suppression Systems
224(1)
Clean-Agent Fire Suppression Systems
225(1)
Handheld Fire Extinguishers
225(1)
Fire Detection Devices
226(1)
Electromagnetic Environment
227(1)
Power Protection
228(2)
UPS
228(1)
Backup Power and Cable Shielding
229(1)
Review
230(4)
Chapter 9 Network Fundamentals 234(42)
Network Architectures
235(1)
Network Topology
236(2)
Wireless
237(1)
Ad Hoc
238(1)
Network Protocols
238(3)
Protocols
238(2)
Packets
240(1)
Internet Protocol
241(6)
IP Packets
241(2)
TCP vs. UDP
243(2)
ICMP
245(2)
IPv4 vs. IPv6
247(3)
Expanded Address Space
248(1)
Neighbor Discovery
248(1)
Benefits of IPv6
249(1)
Packet Delivery
250(9)
Ethernet
250(1)
Local Packet Delivery
251(1)
ARP Attacks
251(1)
Remote Packet Delivery
252(3)
IP Addresses and Subnetting
255(2)
Network Address Translation
257(2)
SDN
259(1)
Security Zones
259(4)
DMZ
259(2)
Internet
261(1)
Intranet
261(1)
Extranet
262(1)
Wireless
262(1)
Guest
263(1)
Honeynets
263(1)
Flat Networks
263(1)
Segregation/Segmentation/Isolation
263(4)
Physical
264(1)
Enclaves
264(1)
Logical (VLAN)
265(1)
Virtualization
266(1)
Airgaps
266(1)
Zones and Conduits
267(1)
Tunneling/ VPN
267(1)
Site-to-Site
268(1)
Remote Access
268(1)
Security Device/Technology Placement
268(3)
Sensors
269(1)
Collectors
269(1)
Correlation Engines
269(1)
Filters
269(1)
Proxies
270(1)
Firewalls
270(1)
VPN Concentrators
270(1)
SSL Accelerators
270(1)
Load Balancers
270(1)
DDoS Mitigator
271(1)
Aggregation Switches
271(1)
TAPS and Port Mirror
271(1)
Storage Area Networks
271(1)
iSCSI
272(1)
Fibre Channel
272(1)
FCoE
272(1)
For More Information
272(1)
Review
273(3)
Chapter 10 Infrastructure Security 276(42)
Devices
277(2)
Workstations
277(1)
Servers
277(1)
Mobile Devices
278(1)
Device Security, Common Concerns
278(1)
Network-Attached Storage
278(1)
Removable Storage
278(1)
Virtualization
279(3)
Hypervisor
279(1)
Application Cells/Containers
280(1)
VM Sprawl Avoidance
281(1)
VM Escape Protection
281(1)
Snapshots
281(1)
Patch Compatibility
282(1)
Host Availability/Elasticity
282(1)
Security Control Testing
282(1)
Sandboxing
282(1)
Networking
282(12)
Network Interface Cards
283(1)
Hubs
283(1)
Bridges
283(1)
Switches
284(1)
Routers
285(1)
Firewalls
286(2)
How Do Firewalls Work?
288(2)
Next-Generation Firewalls
290(1)
Web Application Firewalls vs. Network Firewalls
291(1)
Concentrators
291(1)
Wireless Devices
291(1)
Modems
292(1)
Telephony
293(1)
VPN Concentrator
293(1)
Security Devices
294(7)
Intrusion Detection Systems
294(1)
Network Access Control
294(1)
Network Monitoring/Diagnostic
295(1)
Load Balancers
296(1)
Proxies
297(1)
Web Security Gateways
298(1)
Internet Content Filters
299(1)
Data Loss Prevention
299(1)
Unified Threat Management
299(2)
Media
301(4)
Coaxial Cable
301(1)
UTP/STP
301(2)
Fiber
303(1)
Unguided Media
304(1)
Removable Media
305(5)
Magnetic Media
305(2)
Optical Media
307(1)
Electronic Media
308(2)
Security Concerns for Transmission Media
310(1)
Physical Security Concerns
310(1)
Cloud Computing
311(2)
Cloud Types
311(1)
Cloud Computing Service Models
312(1)
VDI/VDE
313(1)
On-premises vs. Hosted vs. Cloud
313(1)
Security as a Service
314(1)
Cloud Access Security Broker
314(1)
Review
315(3)
Chapter 11 Authentication and Remote Access 318(56)
User, Group, and Role Management
319(4)
User
319(2)
Shared and Generic Accounts/Credentials
321(1)
Guest Accounts
321(1)
Service Accounts
321(1)
Privileged Accounts
321(1)
Group
321(1)
Role
322(1)
Domain Passwords
323(1)
Single Sign-On
324(1)
Security Controls and Permissions
325(7)
Access Control Lists
327(2)
Mandatory Access Control (MAC)
329(1)
Discretionary Access Control (DAC)
329(2)
Role-Based Access Control (RBAC)
331(1)
Rule-Based Access Control
331(1)
Attribute-Based Access Control (ABAC)
332(1)
Account Policies
332(3)
Account Policy Enforcement
332(1)
Credential Management
332(1)
Group Policy
332(1)
Standard Naming Convention
333(1)
Account Maintenance
333(1)
Usage Auditing and Review
334(1)
Time-of-Day Restrictions
334(1)
Account Expiration
335(1)
Preventing Data Loss or Theft
335(1)
The Remote Access Process
335(14)
Identification
336(1)
Authentication
337(5)
Multifactor Authentication
342(1)
Transitive Trust
343(1)
Biometric Factors
344(4)
Authorization
348(1)
Remote Access Methods
349(16)
IEEE 802.1X
349(1)
LDAP
350(1)
RADIUS
351(2)
TACACS+
353(3)
Authentication Protocols
356(7)
FTP/FTPS/SFTP
363(1)
VPNs
363(1)
Vulnerabilities of Remote Access Methods
364(1)
File System Security
365(1)
Database Security
365(1)
Connection Summary
366(1)
For More Information
367(1)
Review
368(6)
Chapter 12 Wireless Security and Mobile Devices 374(50)
Introduction to Wireless Networking
375(1)
Mobile Phones
376(5)
Wireless Application Protocol
377(2)
3G Mobile Networks
379(1)
4G Mobile Networks
380(1)
SATCOM
381(1)
Bluetooth
381(1)
Bluetooth Attacks
382(1)
Near Field Communication
382(1)
Other Forms of Connection
382(2)
ANT
383(1)
Infrared
383(1)
USB
383(1)
IEEE 802.11 Series
384(10)
802.11: Individual Standards
385(1)
Attacking 802.11
386(1)
WEP
387(1)
Current Security Methods
388(3)
Authentication Protocols
391(3)
Wireless Systems Configuration
394(4)
Access Point
394(1)
Fat vs. Thin
394(1)
Controller Based vs. Standalone
394(1)
SSID
395(1)
Signal Strength
395(1)
Band Selection/Width
396(1)
Antenna Types and Placement
396(1)
Power Level Controls
397(1)
Site Surveys
397(1)
MAC Filtering
398(1)
Captive Portals
398(1)
Securing Public Wi-Fi
398(1)
Wireless Attacks
398(4)
Replay
399(1)
IV
399(1)
Evil Twin
399(1)
Rogue AP
400(1)
Jamming
400(1)
Bluejacking
400(1)
Bluesnarfing
400(1)
Bluebugging
401(1)
RFID
401(1)
Disassociation
402(1)
Mobile Device Management Concepts
402(6)
Application Management
403(1)
Full Device Encryption (FDE)
403(1)
Content Management
404(1)
Remote Wipe
404(1)
Geofencing
404(1)
Geolocation
404(1)
Geo-Tagging
405(1)
Screen Locks
405(1)
Push Notification Services
406(1)
Passwords and Pins
406(1)
Biometrics
406(1)
Context-Aware Authentication
406(1)
Containerization
406(1)
Storage Segmentation
407(1)
Asset Control
407(1)
Device Access Control
407(1)
Removable Storage
407(1)
Disabling Unused Features
408(1)
Mobile Application Security
408(2)
Application Control
408(1)
Key and Credential Management
408(1)
Authentication
409(1)
Application Whitelisting
409(1)
Encryption
409(1)
Transitive Trust/Authentication
409(1)
Policies for Enforcement and Monitoring
410(4)
Third-Party App Stores
410(1)
Rooting/Jailbreaking
410(1)
Sideloading
411(1)
Custom Firmware
411(1)
Carrier Unlocking
411(1)
Firmware OTA Updates
411(1)
Camera Use
412(1)
SMS/MMS
412(1)
External Media
412(1)
USB OTG
412(1)
Recording Microphone
413(1)
GPS Tagging
413(1)
Wi-Fi Direct/Ad Hoc
413(1)
Tethering
413(1)
Payment Methods
414(1)
Deployment Models
414(5)
CYOD
414(1)
COPE
414(1)
Corporate Owned
414(1)
BY OD
415(3)
VDI
418(1)
Review
419(5)
Chapter 13 Intrusion Detection Systems and Network Security 424(36)
History of Intrusion Detection Systems
425(1)
IDS Overview
426(4)
IDS Models
427(2)
Signatures
429(1)
False Positives and False Negatives
430(1)
Network-Based IDSs
430(6)
Advantages of an NIDS
434(1)
Disadvantages of an NIDS
434(1)
Active vs. Passive NIDSs
434(1)
NIDS Tools
435(1)
Host-Based IDSs
436(5)
Advantages of HIDSs
439(1)
Disadvantages of HIDSs
440(1)
Active vs. Passive HIDSs
440(1)
Resurgence and Advancement of HIDSs
441(1)
Intrusion Prevention Systems
441(2)
Network Security Monitoring
443(1)
Honeypots and Honeynets
444(2)
Analytics
445(1)
SIEM
446(1)
Aggregation
446(1)
Correlation
446(1)
Automated Alerting and Triggers
446(1)
Time Synchronization
446(1)
Event Deduplication
447(1)
Logs/WORM
447(1)
DLP
447(1)
USB Blocking
448(1)
Cloud-Based DLP
448(1)
E-mail
448(6)
Tools
448(1)
Protocol Analyzer
448(1)
Network Placement
449(1)
In-Band vs. Out-of-Band NIDS/NIPS
450(1)
Switched Port Analyzer
451(1)
Port Scanner
451(2)
Passive vs. Active Tools
453(1)
Banner Grabbing
454(1)
Indicators of Compromise
454(2)
Advanced Malware Tools
456(1)
For More Information
456(1)
Review
457(3)
Chapter 14 System Hardening and Baselines 460(66)
Overview of Baselines
461(1)
Hardware/Firmware Security
461(3)
FDE/SED
461(1)
TPM
461(1)
Hardware Root of Trust
462(1)
HSM
462(1)
UEFI/BIOS
462(1)
Secure Boot and Attestation
462(1)
Integrity Measurement
463(1)
Firmware Version Control
463(1)
EMI/EMP
463(1)
Supply Chain
464(1)
Operating System and Network Operating System Hardening
464(6)
Protection Rings
464(1)
OS Security
465(1)
OS Types
465(1)
Trusted Operating System
466(1)
Patch Management
467(1)
Disabling Unnecessary Ports and Services
468(1)
Secure Configurations
468(1)
Disable Default Accounts/Passwords
469(1)
Application Whitelisting/Blacklisting
469(1)
Sandboxing
470(1)
Secure Baseline
470(21)
Machine Hardening
471(1)
Hardening Microsoft Operating Systems
472(5)
Hardening UNIX- or Linux-Based Operating Systems
477(3)
Antimalware
480(7)
Whitelisting vs. Blacklisting Applications
487(1)
AppLocker
488(1)
Host-Based Firewalls
488(3)
Hardware Security
491(1)
Network Hardening
491(3)
Software Updates
492(1)
Device Configuration
492(1)
Securing Management Interfaces
493(1)
VLAN Management
493(1)
Network Segmentation
494(1)
IPv4 vs. IPv6
494(1)
Application Hardening
494(6)
Application Configuration Baseline
494(1)
Application Patches
495(1)
Patch Management
495(3)
Host Software Baselining
498(1)
Vulnerability Scanner
498(2)
Data-Based Security Controls
500(3)
Data Security
500(1)
Data Encryption
501(1)
Handling Big Data
502(1)
Cloud Storage
502(1)
Storage Area Network
502(1)
Permissions/ACL
503(1)
Environment
503(1)
Development
503(1)
Test
503(1)
Staging
503(1)
Production
504(1)
Automation/Scripting
504(4)
Automated Courses of Action
504(1)
Continuous Monitoring
504(1)
Configuration Validation
505(1)
Templates
505(1)
Master Image
506(1)
Non persistence
506(1)
Wrappers
507(1)
Elasticity
507(1)
Scalability
508(1)
Distributive Allocation
508(1)
Alternative Environments
508(9)
Alternative Environment Methods
508(1)
Peripherals
508(2)
Phones and Mobile Devices
510(1)
Embedded Systems
511(1)
Camera Systems
512(1)
Game Consoles
512(1)
Mainframes
512(1)
SCADA/ICS
513(1)
HVAC
513(1)
Smart Devices/IoT
514(1)
Special-Purpose Systems
515(2)
Industry-Standard Frameworks and Reference Architectures
517(2)
Regulatory
518(1)
Non-regulatory
518(1)
National vs. International
518(1)
Industry-Specific Frameworks
519(1)
Benchmarks/Secure Configuration Guides
519(2)
Platform/Vendor-Specific Guides
519(2)
General-Purpose guides
521(1)
For More Information
521(1)
Review
522(4)
Chapter 15 Types of Attacks and Malicious Software 526(44)
Avenues of Attack
527(1)
Minimizing Possible Avenues of Attack
527(1)
Malicious Code
528(10)
Viruses
528(3)
Worms
531(1)
Polymorphic Malware
531(1)
Trojan Horses
532(1)
RAT
532(1)
Rootkits
533(1)
Logic Bombs
534(1)
Spyware
534(1)
Adware
534(1)
Botnets
535(1)
Backdoors and Trapdoors
535(1)
Crypto-Malware
536(1)
Ransomware
536(1)
Malware Defenses
537(1)
Application-Level Attacks
537(1)
Attacking Computer Systems and Networks
538(24)
Denial-of-Service Attacks
538(4)
Social Engineering
542(1)
Null Sessions
542(1)
Sniffing
542(1)
Spoofing
543(4)
MAC Spoofing
547(1)
TCP/IP Hijacking
547(1)
Man-in-the-Middle Attacks
547(1)
Man-in-the-Browser
548(1)
Replay Attacks
549(1)
Transitive Access
549(1)
Spam
549(1)
Spim
549(1)
Phishing
549(1)
Spear Phishing
550(1)
Vishing
550(1)
Pharming
550(1)
Scanning Attacks
551(1)
Attacks on Encryption
551(1)
Address System Attacks
552(1)
Cache Poisoning
553(2)
Amplification
555(1)
Domain Hijacking
555(1)
Password Guessing
556(2)
Pass-the-Hash Attacks
558(1)
Software Exploitation
558(2)
Client-Side Attacks
560(2)
Driver Manipulation
562(1)
Advanced Persistent Threat
562(1)
Tools
563(1)
Metasploit
563(1)
BackTrack/Kali
563(1)
Social-Engineering Toolkit
563(1)
Cobalt Strike
564(1)
Core Impact
564(1)
Burp Suite
564(1)
Auditing
564(3)
Performing Routine Audits
565(2)
Review
567(3)
Chapter 16 E-mail and Instant Messaging 570(24)
How E-mail Works
571(3)
E-mail Structure
572(2)
MIME
574(1)
Security of E-mail
574(5)
Spam
575(1)
Malicious Code
576(2)
Hoax E-mails
578(1)
Mail Gateway
579(6)
Spam Filter
579(3)
Mail Relaying
582(1)
Greylisting
583(1)
Spam URI Real-time Block Lists
583(1)
Sender Policy Framework (SPF)
584(1)
Sender ID Framework
584(1)
DomainKeys Identified Mail
584(1)
DLP
584(1)
Mail Encryption
585(4)
S/MIME
585(2)
PGP
587(2)
Instant Messaging
589(2)
Modern Instant Messaging Systems
589(2)
Review
591(3)
Chapter 17 Web Components 594(30)
Current Web Components and Concerns
595(1)
Web Protocols
595(11)
Encryption (SSL and TLS)
596(1)
How SSL/TLS Works
596(5)
The Web (HTTP and HTTPS)
601(1)
HTTPS Everywhere
602(1)
HTTP Strict Transport Security
602(1)
Directory Services (DAP and LDAP)
603(1)
File Transfer (FTP and SFTP)
604(1)
Vulnerabilities
605(1)
Code-Based Vulnerabilities
606(11)
Buffer Overflows
606(1)
Java
607(1)
JavaScript
608(1)
ActiveX
609(1)
Securing the Browser
610(1)
CGI
610(1)
Server-Side Scripts
611(1)
Cookies
611(3)
Browser Plug-Ins
614(1)
Malicious Add-Ons
615(1)
Signed Applets
616(1)
Application-Based Weaknesses
617(3)
Session Hijacking
618(1)
Client-Side Attacks
618(1)
Web 2.0 and Security
619(1)
Review
620(4)
Chapter 18 Secure Software Development 624(32)
The Software Engineering Process
625(8)
Process Models
625(1)
Secure Development Lifecycle
626(7)
Secure Coding Concepts
633(4)
Error and Exception Handling
633(1)
Input and Output Validation
633(1)
Normalization
634(2)
Bug Tracking
636(1)
Application Attacks
637(6)
Cross-Site Scripting
637(1)
Injections
638(2)
Directory Traversal/Command Injection
640(1)
Buffer Overflow
640(1)
Integer Overflow
641(1)
Cross-Site Request Forgery
641(1)
Zero Day
642(1)
Attachments
642(1)
Locally Shared Objects
642(1)
Client-Side Attacks
642(1)
Arbitrary/Remote Code Execution
643(1)
Open Vulnerability and Assessment Language
643(1)
Application Hardening
643(4)
Application Configuration Baseline
644(1)
Application Patch Management
644(1)
NoSQL Databases vs. SQL Databases
644(1)
Server-Side vs. Client-Side Validation
644(1)
Code Signing
645(1)
Encryption
645(1)
Obfuscation/Camouflage
645(1)
Code Reuse/Dead Code
646(1)
Memory Management
646(1)
Use of Third-Party Libraries and SDKs
646(1)
Data Exposure
647(1)
Code Quality and Testing
647(3)
Static Code Analyzers
647(1)
Dynamic Analysis (Fuzzing)
648(1)
Stress Testing
649(1)
Sandboxing
649(1)
Model Verification
649(1)
Compiled vs. Runtime Code
650(1)
Secure DevOps
650(2)
Security Automation
650(1)
Continuous Integration
651(1)
Baselining
651(1)
Immutable Systems
651(1)
Infrastructure as Code
651(1)
Version Control and Change Management
652(1)
Provisioning and Deprovisioning
652(1)
For More Information
652(1)
Review
653(3)
Chapter 19 Business Continuity, Disaster Recovery, and Organizational Policies 656(28)
Disaster Recovery
657(4)
Disaster Recovery Plans/Process
657(1)
Categories of Business Functions
658(1)
IT Contingency Planning
659(1)
Test, Exercise, and Rehearse
659(1)
Recovery Time Objective and Recovery Point Objective
660(1)
Backups
661(7)
What Needs to Be Backed Up
661(1)
Strategies for Backups
662(1)
Full
662(1)
Differential
663(1)
Delta
663(1)
Snapshots
663(1)
Backup Frequency and Retention
664(2)
Storage of Backups
666(1)
Geographic Considerations
666(2)
Business Continuity
668(5)
Business Continuity Plans
668(1)
Business Impact Analysis
669(1)
Identification of Critical Systems and Components
669(1)
Removing Single Points of Failure
669(1)
Risk Assessment
669(1)
Succession Planning
669(1)
Continuity of Operations
670(1)
Exercises/Tabletop
670(1)
After-Action Reports
670(1)
Failover
670(1)
Alternative Sites
671(1)
Order of Restoration
672(1)
Utilities
672(1)
Secure Recovery
673(1)
Cloud Computing
673(1)
Redundancy
674(5)
Fault Tolerance
674(1)
High Availability
674(1)
Clustering
675(1)
Load Balancing
675(1)
Single Point of Failure
675(1)
Failure and Recovery Timing
676(1)
Backout Planning
677(1)
RAID
677(1)
Spare Parts and Redundancy
678(1)
Review
679(5)
Chapter 20 Risk Management 684(36)
An Overview of Risk Management
685(2)
Example of Risk Management at the International Banking Level
685(1)
Risk Management Vocabulary
686(1)
What Is Risk Management?
687(4)
Risk Management Culture
688(1)
Risk Response Techniques
688(2)
Security Controls
690(1)
Business Risks
691(3)
Examples of Business Risks
691(1)
Examples of Technology Risks
692(1)
Business Impact Analysis
692(1)
Mission-Essential Functions
692(1)
Identification of Critical Systems
693(1)
Single Point of Failure
693(1)
Impact
693(1)
Risk Mitigation Strategies
694(1)
Change Management
694(1)
Incident Management
695(1)
User Rights and Permissions Reviews
695(1)
Data Loss or Theft
695(1)
Risk Management Models
695(4)
General Risk Management Model
696(2)
Software Engineering Institute Model
698(1)
NIST Risk Models
698(1)
Model Application
699(1)
Qualitatively Assessing Risk
699(2)
Quantitatively Assessing Risk
701(4)
Adding Objectivity to a Qualitative Assessment
701(2)
Risk Calculation
703(2)
Qualitative vs. Quantitative Risk Assessment
705(1)
Testing
705(6)
Penetration Testing Authorization
706(1)
Vulnerability Testing Authorization
706(1)
Vulnerability Scanning Concepts
706(2)
System Testing
708(1)
Penetration Testing
709(2)
Tools
711(2)
Cost-Effectiveness Modeling
712(1)
Risk Management Best Practices
713(3)
System Vulnerabilities
713(1)
Threat Vectors
713(1)
Probability/Threat Likelihood
714(1)
Risks Associated with Cloud Computing and Virtualization
714(2)
Review
716(4)
Chapter 21 Change Management 720(18)
Why Change Management?
721(2)
The Key Concept: Separation of Duties
723(1)
Elements of Change Management
724(2)
Implementing Change Management
726(1)
Backout Plan
727(1)
The Purpose of a Change Control Board
727(2)
Code Integrity
729(1)
The Capability Maturity Model Integration
729(2)
Environment
731(1)
Development
731(1)
Test
731(1)
Staging
731(1)
Production
732(1)
Secure Baseline
732(1)
Sandboxing
732(1)
Integrity Measurement
733(1)
Review
734(4)
Chapter 22 Incident Response 738(28)
Foundations of Incident Response
739(4)
Incident Management
739(1)
Goals of Incident Response
740(1)
Anatomy of an Attack
740(3)
Incident Response Process
743(13)
Preparation
744(2)
Incident Response Plan
746(2)
Incident Identification/Detection
748(1)
Identification
749(1)
Initial Response
749(1)
Containment/Incident Isolation
750(2)
Strategy Formulation
752(1)
Investigation
753(1)
Eradication
754(1)
Recovery
754(1)
Reporting
755(1)
Lessons Learned
756(1)
Standards and Best Practices
756(5)
State of Compromise
757(1)
NIST
757(1)
Department of Justice
757(1)
Indicators of Compromise
757(2)
Security Measure Implementation
759(1)
Making Security Measurable
760(1)
For More Information
761(1)
Review
762(4)
Chapter 23 Computer Forensics 766(26)
Evidence
767(3)
Types of Evidence
768(1)
Standards for Evidence
768(1)
Three Rules Regarding Evidence
769(1)
Forensic Process
770(8)
Acquiring Evidence
771(4)
Identifying Evidence
775(1)
Protecting Evidence
776(1)
Transporting Evidence
776(1)
Storing Evidence
777(1)
Conducting the Investigation
777(1)
Analysis
778(2)
Recovery
779(1)
Strategic Intelligence/Counterintelligence Gathering
779(1)
Active Logging
780(1)
Track Man-Hours
780(1)
Chain of Custody
780(1)
Message Digest and Hash
781(1)
Host Forensics
781(3)
File Systems
781(2)
Windows Metadata
783(1)
Linux Metadata
784(1)
Device Forensics
784(1)
Network Forensics
785(1)
Legal Hold
785(1)
E-discovery
786(2)
Reference Model
786(1)
Big Data
787(1)
Cloud
787(1)
Review
788(4)
Chapter 24 Legal Issues and Ethics 792(20)
Cybercrime
793(13)
Common Internet Crime Schemes
794(1)
Sources of Laws
794(1)
Computer Trespass
795(1)
Convention on Cybercrime
796(1)
Significant U.S. Laws
796(4)
Payment Card Industry Data Security Standard (PCI DSS)
800(1)
Import/Export Encryption Restrictions
801(2)
Digital Signature Laws
803(2)
Digital Rights Management
805(1)
Ethics
806(3)
Review
809(3)
Chapter 25 Privacy 812(28)
Anonymity and Pseudonymity
813(1)
Data Sensitivity Labeling and Handling
813(2)
Confidential
814(1)
Private
814(1)
Public
814(1)
Proprietary
814(1)
Data Roles
815(1)
Owner
815(1)
Steward/Custodian
815(1)
Privacy Officer
815(1)
Data Destruction and Media Sanitization
815(2)
Burning
816(1)
Shredding
816(1)
Pulping
816(1)
Pulverizing
816(1)
Degaussing
816(1)
Purging
817(1)
Wiping
817(1)
Personally Identifiable Information (PII)
817(2)
Sensitive PII
818(1)
Notice, Choice, and Consent
818(1)
Fair Information Practice Principles (FIPPs)
819(1)
U.S. Privacy Laws
820(7)
Privacy Act of 1974
821(1)
Freedom of Information Act (FOIA)
821(1)
Family Education Records and Privacy Act (FERPA)
822(1)
U.S. Computer Fraud and Abuse Act (CFAA)
822(1)
U.S. Children's Online Privacy Protection Act (COPPA)
822(1)
Video Privacy Protection Act (VPPA)
823(1)
Health Insurance Portability and Accountability Act (HIPAA)
823(1)
Gramm-Leach-Bliley Act (GLBA)
824(1)
California Senate Bill 1386 (SB 1386)
825(1)
U.S. Banking Rules and Regulations
825(1)
Payment Card Industry Data Security Standard (PCI DSS)
825(1)
Fair Credit Reporting Act (FCRA)
826(1)
Fair and Accurate Credit Transactions Act (FACTA)
826(1)
International Privacy Laws
827(4)
OECD Fair Information Practices
827(1)
European Laws
827(3)
Canadian Law
830(1)
Asian Laws
830(1)
Privacy-Enhancing Technologies
831(1)
Privacy Policies
832(1)
Privacy Impact Assessment
832(1)
Web Privacy Issues
833(1)
Cookies
833(1)
Privacy in Practice
834(1)
User Actions
834(1)
Data Breaches
835(1)
For More Information
835(1)
Review
836(4)
Appendix A CompTIA Security+ Exam Objectives: SYO-501 840(2)
Appendix B Command Line Tools 842(4)
nmap
842(1)
ping
842(1)
netstat
843(1)
tracert
843(1)
nslookup/dig
843(1)
ipconfig/ip/ifconfig
844(1)
tcpdump
844(1)
netcat
845(1)
Appendix C About the CD-ROM 846(4)
System Requirements
846(1)
About the Total Tester
846(1)
Installing and Running Total Tester for Desktop
846(1)
Total Tester Online
847(1)
Single User License Terms and Conditions
847(1)
Secured Book PDF
848(1)
Technical Support
849(1)
Glossary 850(27)
Index 877
Wm. Arthur Conklin (Houston, TX), Security+, CISSP, is an Assistant Professor in the Information and Logistics Technology department at the University of Houston. In addition to his PhD, Mr. Conklin has a MBA from UTSA, and two graduate degrees in Electrical Engineering from the Naval Postgraduate School in Monterey, California. Dr. Conklins interests are information security, systems theory, and secure software design.





Greg White (San Antonio, TX), CompTIA Security+, CISSP, is an Associate Professor in the Department of Computer Science at the University of Texas at San Antonio. Dr. White is the Director of the Center for Infrastructure Assurance and Security at UTSA.





Chuck Cothren is a Research Scientist at University of Texas at San Antonio (UTSA) Center for Infrastructure Assurance and Security (CIAS) and currently serves on the Information Security Associations Alamo Chapter Board of Directors. Mr. Cothren has a wide array of security experience including performing controlled penetration testing, network security policies, computer intrusion forensics, and computer training. He is a Certified Information Systems Security Professional (CISSP) and has co-authored other McGraw-Hill/Osborne titles. Mr. Cothren holds a B.S. in Industrial Distribution from Texas A&M University.





Roger L. Davis is a Senior Internal Audit Manager at NuSkin Enterprises and is responsible for evaluating global business operations in over 35 countries. He is a retired Air Force Colonel with over 20 years of military and information security experience. Mr. Davis is a Certified Information Systems Security Professional (CISSP) and holds a Masters Degree in Computer Science from George Washington University.