»
Eleventh Hour Security+
 
 

Eleventh Hour Security+, 1st Edition

Exam SY0-201 Study Guide

 
Eleventh Hour Security+, 1st Edition,Ido Dubrawsky,ISBN9781597494274
 
 
Up to
25%
off
 

  

Syngress

9781597494274

9781597494946

232

235 X 191

Use this book with any Security+ Study Guide to make the most of the last 24 hours before the exam!

Print Book + eBook

USD 29.94
USD 49.90

Buy both together and save 40%

Print Book

Paperback

In Stock

Estimated Delivery Time
USD 18.71
USD 24.95

eBook
eBook Overview

VST format:

DRM Free included formats: EPub, Mobi, PDF

USD 18.71
USD 24.95
Add to Cart
 
 

Key Features

  • The only book keyed to the new SY0-201 objectives that has been crafted for last minute cramming
  • Easy to find, essential material with no fluff – this book does not talk about security in general, just how it applies to the test
  • Includes review of five toughest questions by topic - sure to improve your score

Description

Eleventh Hour Network+: Exam N10-004 Study Guide offers a practical guide for those preparing for the Security+ certification exam. The book's 14 chapters provide in-depth discussions of the following topics: systems security; operating system hardening; application security; virtualization technologies; network security; wireless networks; network access; network authentication; risk assessment and risk mitigation; general cryptographic concepts; public key infrastructure; redundancy planning; environmental controls and implementing disaster recovery and incident response procedures; and legislation and organizational policies. Each chapter includes information on exam objectives, exam warnings, and the top five toughest questions along with their answers.

Readership

The Security+ certification is recommended for Network/Security Administrators and Engineers, Security Analysts/Consultants, and IT Architects.

Ido Dubrawsky

Ido Dubrawsky (CISSP, CCNA, CCDA) is the Chief Security Advisor for Microsoft’s Communication Sector North America, a division of the Mobile and Embedded Devices Group. Prior to working at Microsoft, Ido was the acting Security Consulting Practice Lead at AT&T’s Callisma subsidiary and a Senior Security Consultant. Before joining AT&T, Ido was a Network Security Architect for Cisco Systems, Inc., SAFE Architecture Team. He has worked in the systems and network administration field for almost 20 years in a variety of environments from government to academia to private enterprise. He has a wide range of experience in various networks, from small to large and relatively simple to complex. Ido is the primary author of three major SAFE white papers and has written, and spoken, extensively on security topics. He is a regular contributor to the SecurityFocus website on a variety of topics covering security issues. Previously, he worked in Cisco Systems, Inc. Secure Consulting Group, providing network security posture assessments and consulting services for a wide range of clients. In addition to providing penetration-testing consultation, he also conducted security architecture reviews and policy and process reviews. He holds a B.Sc. and a M.Sc. in Aerospace Engineering from the University of Texas at Austin.

Affiliations and Expertise

Chief Security Advisor, Microsoft’s Communication Sector North America, a division of the Mobile and Embedded Devices Group

View additional works by Ido Dubrawsky

Eleventh Hour Security+, 1st Edition


About the Authors

Chapter 1 Systems Security

Systems security threats

Privilege escalation

Viruses and worms

Trojan

Spyware and adware

Rootkits and botnets

Logic bombs

Host intrusion detection system

Behavior-based vs. signature-based IDS characteristics

Anti-SPAM

Pop-up blockers

Hardware and peripheral security risks

BIOS

USB devices

Cell phones

Removable storage devices

Network attached storage

Summary of exam objectives

Top five toughest questions

Answers

Chapter 2 OS Hardening

General OS hardening

Services

File system

Removing unnecessary programs

Hotfixes/patches

Service packs/maintenance updates

Patch management

Windows group policies

Security templates

Configuration baselines

Server OS hardening

Enabling and disabling services and protocols

FTP servers

DNS servers

NNTP servers

File and print servers

DHCP servers

Data repositories

Workstation OS

User rights and groups

Summary of exam objectives

Top five toughest questions

Answers

Chapter 3 Application Security

Threats are moving “up the stack”

Rationale

Threat modeling

Application security threats

Browser

Buffer overflows

Packet sniffers and instant messaging

Instant messaging

Peer-to-peer

SMTP open relays

Summary of exam objectives

Top five toughest questions

Answers

Chapter 4 Virtualization Technologies

The purpose of virtualization

Benefits of virtualization

Types of virtualization

Designing a virtual environment

System virtualization

Management of virtual servers

Application virtualization

Application streaming

Summary of exam objectives

Top five toughest questions

Answers

Chapter 5 Network Security

General network security

Network services and risks associated with them

Network design elements

Network security tools

Network ports, services, and threats

Network ports and protocols

Network threats

Network design elements and components

Firewalls

What is a DMZ?

VLANs

Network address translation

Network access control/network access protection

Telephony

Network security tools

Intrusion detection and preventions systems

Honeypots

Content filters

Protocol analyzers

Summary of exam objectives

Top five toughest questions

Answers

Chapter 6 Wireless Networks

Wireless network design

Wireless communications

Spread spectrum technology

Wireless network architecture

CSMA/CD and CSMA/CA

Service set ID broadcast

Wireless security standards

The failure of WEP

WPA and WPA2

WAP

WTLS

Authentication

Rogue access points

Data emanation

Bluetooth

Summary of exam objectives

Top five toughest questions

Answers

References

Chapter 7 Network Access

General network access

Access control

Access control models

Authentication models and components

Identity

Access control methods and models

Separation of duties

Least privilege

Job rotation

Mandatory access control

Discretionary access control

Role- and rule-based access control

Access control organization

Security groups

Security controls

Logical access control methods

Access control lists

Group policies

Domain policies

Time of day restrictions

Account expiration

Logical tokens

Physical access security methods

Access lists and logs

Hardware locks

ID badges

Door access systems

Man-trap

Video surveillance

Summary of exam objectives

Top five toughest questions

Answers

Chapter 8 Network Authentication

Authentication methods

Access control

Authentication

Auditing

Authentication methods

One-factor

Two-factor

Three-factor

Single sign-on

Authentication systems

Remote access policies and authentication

Biometrics

Summary of exam objectives

Top five toughest questions

Answers

Chapter 9 Risk Assessment and Risk Mitigation

Conduct risk assessments and implement risk mitigation

Vulnerability assessment tools

Password crackers

Network mapping tools

Use monitoring tools on systems and networks

Workstations

Intrusion detection systems

Logging and auditing

Auditing systems

System Logs

Performance Logs

Access Logs

Audits

Summary of exam objectives

Top five toughest questions

Answers

Chapter 10 General Cryptographic Concepts

General cryptography

Symmetric key cryptography

Asymmetric key cryptography

Hashes and applications

Digital signatures

Certificates

CIA-For all your security needs

Non-repudiation

Key management

Encryption algorithms

DES

3DES

RSA

AES

Elliptic curve cryptography

One-time pads

Transmission encryption

WEP

TKIP

Protocols

SSL/TLS

HTTP vs. HTTPS vs. SHTTP

Other protocols with TLS

S/MIME

SSH

IPSec

PPTP

L2TP

Cryptography in operating systems

File and folder encryption

E-mail

Whole disk encryption

Trusted platform module

Summary of exam objectives

Top five toughest questions

Answers

Chapter 11 Public Key Infrastructure

PKI overview

PKI encryption

PKI Standards

PKI solutions

Components of PKI

Digital certificates

Certification authority

Certificate revocation list

Recovery agents

Certificate authority

Certificate revocation list

Key escrow

Registration

Recovery agents

Implementation

Certificate management

Summary of exam objectives

Top five toughest questions

Answers

Chapter 12 Redundancy Planning

Alternate sites

Hot site

Warm site

Cold site

Redundant systems

Servers

Connections

ISP

RAID

Spare parts

Backup generator

UPS

Summary of exam objectives

Top five toughest questions

Answers

Chapter 13 Controls and Procedures

Environmental controls

Fire suppression

HVAC

Shielding

Implementing disaster recovery and incident response procedures

Disaster recovery

Incident response

Defending against social engineering

Summary of exam objectives

Top five toughest questions

Answers

Chapter 14 Legislation and Organizational Policies

Secure disposal of systems

Retention/storage

Destruction

Acceptable use policies

Password complexity

Strong passwords

Password changes and restrictions

Administrator accounts

Change management

Information classification

Vacations

Separation of duties

Personally identifiable information

Privacy

Due care

Due process

Due diligence

SLAs

User education and awareness training

Communication

User awareness

Education

Online resources

Security-related HR policies

Code of Ethics

Summary of exam objectives

Top five toughest questions

Answers

Index








 
 
Save up to 25% on all Books
Shop with Confidence

Free Shipping around the world
▪ Broad range of products
▪ 30 days return policy
FAQ

Contact Us