»
Eleventh Hour Security+
 
 

Eleventh Hour Security+, 1st Edition

Exam SY0-201 Study Guide

 
Eleventh Hour Security+, 1st Edition,Ido Dubrawsky,ISBN9781597494274
 
 
 

  

Syngress

9781597494274

9781597494946

232

235 X 191

Use this book with any Security+ Study Guide to make the most of the last 24 hours before the exam!

Print Book + eBook

USD 29.94
USD 49.90

Buy both together and save 40%

Print Book

Paperback

In Stock

Estimated Delivery Time
USD 24.95

eBook
eBook Overview

VST format:

DRM Free included formats: EPub, Mobi, PDF

USD 24.95
Add to Cart
 
 

Key Features

  • The only book keyed to the new SY0-201 objectives that has been crafted for last minute cramming
  • Easy to find, essential material with no fluff – this book does not talk about security in general, just how it applies to the test
  • Includes review of five toughest questions by topic - sure to improve your score

Description

Eleventh Hour Network+: Exam N10-004 Study Guide offers a practical guide for those preparing for the Security+ certification exam. The book's 14 chapters provide in-depth discussions of the following topics: systems security; operating system hardening; application security; virtualization technologies; network security; wireless networks; network access; network authentication; risk assessment and risk mitigation; general cryptographic concepts; public key infrastructure; redundancy planning; environmental controls and implementing disaster recovery and incident response procedures; and legislation and organizational policies. Each chapter includes information on exam objectives, exam warnings, and the top five toughest questions along with their answers.

Readership

The Security+ certification is recommended for Network/Security Administrators and Engineers, Security Analysts/Consultants, and IT Architects.

Ido Dubrawsky

Ido Dubrawsky (CISSP, CCNA, CCDA) is the Chief Security Advisor for Microsoft’s Communication Sector North America, a division of the Mobile and Embedded Devices Group. Prior to working at Microsoft, Ido was the acting Security Consulting Practice Lead at AT&T’s Callisma subsidiary and a Senior Security Consultant. Before joining AT&T, Ido was a Network Security Architect for Cisco Systems, Inc., SAFE Architecture Team. He has worked in the systems and network administration field for almost 20 years in a variety of environments from government to academia to private enterprise. He has a wide range of experience in various networks, from small to large and relatively simple to complex. Ido is the primary author of three major SAFE white papers and has written, and spoken, extensively on security topics. He is a regular contributor to the SecurityFocus website on a variety of topics covering security issues. Previously, he worked in Cisco Systems, Inc. Secure Consulting Group, providing network security posture assessments and consulting services for a wide range of clients. In addition to providing penetration-testing consultation, he also conducted security architecture reviews and policy and process reviews. He holds a B.Sc. and a M.Sc. in Aerospace Engineering from the University of Texas at Austin.

Affiliations and Expertise

Chief Security Advisor, Microsoft’s Communication Sector North America, a division of the Mobile and Embedded Devices Group

View additional works by Ido Dubrawsky

Eleventh Hour Security+, 1st Edition

About the Authors Chapter 1 Systems Security Systems security threats Privilege escalation Viruses and worms Trojan Spyware and adware Rootkits and botnets Logic bombs Host intrusion detection system Behavior-based vs. signature-based IDS characteristics Anti-SPAM Pop-up blockers Hardware and peripheral security risks BIOS USB devices Cell phones Removable storage devices Network attached storage Summary of exam objectives Top five toughest questions Answers Chapter 2 OS Hardening General OS hardening Services File system Removing unnecessary programs Hotfixes/patches Service packs/maintenance updates Patch management Windows group policies Security templates Configuration baselines Server OS hardening Enabling and disabling services and protocols FTP servers DNS servers NNTP servers File and print servers DHCP servers Data repositories Workstation OS User rights and groups Summary of exam objectives Top five toughest questions Answers Chapter 3 Application Security Threats are moving “up the stack” Rationale Threat modeling Application security threats Browser Buffer overflows Packet sniffers and instant messaging Instant messaging Peer-to-peer SMTP open relays Summary of exam objectives Top five toughest questions Answers Chapter 4 Virtualization Technologies The purpose of virtualization Benefits of virtualization Types of virtualization Designing a virtual environment System virtualization Management of virtual servers Application virtualization Application streaming Summary of exam objectives Top five toughest questions Answers Chapter 5 Network Security General network security Network services and risks associated with them Network design elements Network security tools Network ports, services, and threats Network ports and protocols Network threats Network design elements and components Firewalls What is a DMZ? VLANs Network address translation Network access control/network access protection Telephony Network security tools Intrusion detection and preventions systems Honeypots Content filters Protocol analyzers Summary of exam objectives Top five toughest questions Answers Chapter 6 Wireless Networks Wireless network design Wireless communications Spread spectrum technology Wireless network architecture CSMA/CD and CSMA/CA Service set ID broadcast Wireless security standards The failure of WEP WPA and WPA2 WAP WTLS Authentication Rogue access points Data emanation Bluetooth Summary of exam objectives Top five toughest questions Answers References Chapter 7 Network Access General network access Access control Access control models Authentication models and components Identity Access control methods and models Separation of duties Least privilege Job rotation Mandatory access control Discretionary access control Role- and rule-based access control Access control organization Security groups Security controls Logical access control methods Access control lists Group policies Domain policies Time of day restrictions Account expiration Logical tokens Physical access security methods Access lists and logs Hardware locks ID badges Door access systems Man-trap Video surveillance Summary of exam objectives Top five toughest questions Answers Chapter 8 Network Authentication Authentication methods Access control Authentication Auditing Authentication methods One-factor Two-factor Three-factor Single sign-on Authentication systems Remote access policies and authentication Biometrics Summary of exam objectives Top five toughest questions Answers Chapter 9 Risk Assessment and Risk Mitigation Conduct risk assessments and implement risk mitigation Vulnerability assessment tools Password crackers Network mapping tools Use monitoring tools on systems and networks Workstations Intrusion detection systems Logging and auditing Auditing systems System Logs Performance Logs Access Logs Audits Summary of exam objectives Top five toughest questions Answers Chapter 10 General Cryptographic Concepts General cryptography Symmetric key cryptography Asymmetric key cryptography Hashes and applications Digital signatures Certificates CIA-For all your security needs Non-repudiation Key management Encryption algorithms DES 3DES RSA AES Elliptic curve cryptography One-time pads Transmission encryption WEP TKIP Protocols SSL/TLS HTTP vs. HTTPS vs. SHTTP Other protocols with TLS S/MIME SSH IPSec PPTP L2TP Cryptography in operating systems File and folder encryption E-mail Whole disk encryption Trusted platform module Summary of exam objectives Top five toughest questions Answers Chapter 11 Public Key Infrastructure PKI overview PKI encryption PKI Standards PKI solutions Components of PKI Digital certificates Certification authority Certificate revocation list Recovery agents Certificate authority Certificate revocation list Key escrow Registration Recovery agents Implementation Certificate management Summary of exam objectives Top five toughest questions Answers Chapter 12 Redundancy Planning Alternate sites Hot site Warm site Cold site Redundant systems Servers Connections ISP RAID Spare parts Backup generator UPS Summary of exam objectives Top five toughest questions Answers Chapter 13 Controls and Procedures Environmental controls Fire suppression HVAC Shielding Implementing disaster recovery and incident response procedures Disaster recovery Incident response Defending against social engineering Summary of exam objectives Top five toughest questions Answers Chapter 14 Legislation and Organizational Policies Secure disposal of systems Retention/storage Destruction Acceptable use policies Password complexity Strong passwords Password changes and restrictions Administrator accounts Change management Information classification Vacations Separation of duties Personally identifiable information Privacy Due care Due process Due diligence SLAs User education and awareness training Communication User awareness Education Online resources Security-related HR policies Code of Ethics Summary of exam objectives Top five toughest questions Answers Index
 
 
Cyber Monday SALE Upto 50 Percent OFF | Use Code CYBER14
Shop with Confidence

Free Shipping around the world
▪ Broad range of products
▪ 30 days return policy
FAQ

Contact Us