CompTIA Security+ SYO-201 Cert Guide

( 10 )

Overview

The ultimate core self-study guide for the latest CompTIA Security+ exam: the most comprehensive print and video reference available!

  • Case studies and video solutions to the hands-on labs in each chapter, to help students practice what they've learned
  • Three full practice tests based on the real Security + exam
  • Exclusive memory tables, study strategies, tips, cautions, key ...
See more details below
Available through our Marketplace sellers.
Other sellers (Hardcover)
  • All (10) from $1.99   
  • New (1) from $14.00   
  • Used (9) from $1.99   
Close
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any BN.com coupons and promotions
$14.00
Seller since 2009

Feedback rating:

(6)

Condition:

New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

New
Indianapolis, IN 2010 Hard cover New. No dust jacket. Fast shipping ASAP via usps standard with tracking Cert Guides. Audience: General/trade. Fast shipping ASAP via usps ... standard with tracking Read more Show Less

Ships from: Columbia, SC

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
Page 1 of 1
Showing All
Close
Sort by
Sending request ...

Overview

The ultimate core self-study guide for the latest CompTIA Security+ exam: the most comprehensive print and video reference available!

  • Case studies and video solutions to the hands-on labs in each chapter, to help students practice what they've learned
  • Three full practice tests based on the real Security + exam
  • Exclusive memory tables, study strategies, tips, cautions, key terms, troubleshooting scenarios, and more

This is the most comprehensive core self-study tool for CompTIA's latest Security+ exam. Perfect for every candidate preparing for this challenging exam, its comprehensive coverage offers all the information and insight you need to succeed. From start to finish, the book has been organized and edited to improve retention and help network and security professionals focus on areas where they need the most assistance. Its features include: clear explanations, review questions, two practice exams, memory tables, key topics, key terms, hands-on labs, and a complete glossary. It also contains an additional full practice exam on the DVD. The DVD also has video solutions to the hands-on labs. Security training expert David L. Prowse covers every Security+ exam objective, including computer system security concepts; OS hardening and virtualization; application security; network design elements and threats; perimeter security; securing media and devices; physical security; authentication; access control; vulnerability and risk assessment; monitoring and auditing; cryptography; redundancy and disaster recovery; policies, procedures, and people; and more.

Read More Show Less

Product Details

  • ISBN-13: 9780789747136
  • Publisher: Pearson IT Certification
  • Publication date: 11/29/2010
  • Series: Cert Guide Series
  • Pages: 598
  • Product dimensions: 7.40 (w) x 9.20 (h) x 1.50 (d)

Meet the Author

David L. Prowse is a computer network specialist, author, and technical trainer. As a consultant, he installs and secures the latest in computer and networking technology. Over the past several years, he has authored several titles for Pearson Education, including the well-received CompTIA A+ Exam Cram. In addition, over the past decade he has taught CompTIA A+, Network+, and Security+ certification courses, both in the classroom and via the Internet. He runs the website www.davidlprowse.com, where he gladly answers questions from students and readers.

Read More Show Less

Table of Contents

Introduction xvii

Part I Systems and Application Security

Chapter 1 Introduction to Security 3

Security 101 4

The CIA of Computer Security 4

The Basics of Data Security 6

Think Like a Hacker 7

Review Key Topics 9

Define Key Terms 10

Answer Review Questions 10

Answers and Explanations 11

Chapter 2 Computer Systems Security 15

Computer Systems Security Threats 16

Malicious Software 16

Viruses 16

Worms 17

Trojan Horses 17

Spyware 18

Rootkits 19

Spam 19

Summary of Malware Threats 20

Ways to Deliver Malicious Software 20

Via Software, Messaging, and Media 21

Active Interception 21

Privilege Escalation 21

Backdoors 21

Logic Bombs 22

Botnets and Zombies 23

Preventing and Troubleshooting Malware 23

Preventing and Troubleshooting Viruses 23

Preventing and Troubleshooting Worms and Trojans 27

Preventing and Troubleshooting Spyware 27

Preventing and Troubleshooting Rootkits 29

Preventing and Troubleshooting Spam 30

You Can’t Save Every Computer from Malware! 31

Summary of Malware Prevention Techniques 32

Implementing Security Applications 33

Personal Software Firewalls 33

Host-Based Intrusion Detection Systems 34

Pop-Up Blockers 36

Securing Computer Hardware and Peripherals 37

Securing the BIOS 38

Securing Storage Devices 39

Removable Storage 39

Network Attached Storage 40

Whole Disk Encryption 40

Securing Cell Phones and PDAs 41

Review Key Topics 43

Complete Tables and Lists from Memory 43

Define Key Terms 43

Hands-On Labs 43

Equipment Needed 44

Lab 2-1: Using Free Malware Scanning Programs 44

Lab 2-2: How to Secure the BIOS 44

View Recommended Resources 46

Answer Review Questions 47

Answers and Explanations 51

Chapter 3 OS Hardening and Virtualization 57

Hardening Operating Systems 58

Removing Unnecessary Applications and Services 58

Service Packs 62

Windows Update, Patches, and Hotfixes 65

Patches and Hotfixes 67

Patch Management 68

Group Policies, Security Templates, and Configuration Baselines 69

Hardening File Systems and Hard Drives 71

Virtualization Technology 74

Types of Virtualization and Their Purposes 74

Working with Virtual Machines 76

Microsoft Virtual PC 76

Microsoft Windows XP Mode 78

Microsoft Virtual Server 78

VMware 78

Review Key Topics 79

Complete Tables and Lists from Memory 79

Define Key Terms 80

Hands-On Labs 80

Equipment Needed 80

Lab 3-1: Discerning and Updating the Service Pack Level 80

Lab 3-2: Creating a Virtual Machine in Virtual PC 2007 81

View Recommended Resources 82

Answer Review Questions 83

Answers and Explanations 86

Chapter 4 Application Security 89

Securing the Browser 90

General Browser Security Procedures 91

Implement Policies 91

Train Your Users 93

Use a Proxy and Content Filter 94

Secure Against Malicious Code 95

Securing Internet Explorer 96

Securing Firefox 100

Securing Other Applications 103

Review Key Topics 108

Complete Tables and Lists from Memory 108

Define Key Terms 108

Hands-On Labs 109

Equipment Needed 109

Lab 4-1: Securing the Browser 109

Lab 4-2: Disabling Applications with a Windows Server 2003 Policy 110

View Recommended Resources 112

Answer Review Questions 112

Answers and Explanations 114

Part II Network Infrastructure

Chapter 5 Network Design Elements and Network Threats 117

Network Design 118

Network Devices 118

Hub 118

Switch 119

Router 120

Network Address Translation, and Private Versus Public IP 121

Network Zones and Interconnections 123

LAN Versus WAN 123

Internet 123

Demilitarized Zone (DMZ) 124

Intranets and Extranets 124

Network Access Control (NAC) 125

Subnetting 126

Virtual Local Area Network (VLAN) 128

Telephony Devices 129

Modems 130

PBX Equipment 130

VoIP 131

Ports, Protocols, and Malicious Attacks 131

Ports and Protocols 131

Malicious Network Attacks 137

DoS 137

DDoS 140

Spoofing 140

Session Hijacking 141

Replay 142

Null Sessions 143

DNS Poisoning and Other DNS Attacks 143

ARP Poisoning 144

Summary of Network Attacks 145

Review Key Topics 149

Complete Tables and Lists from Memory 149

Define Key Terms 149

Hands-On Labs 150

Equipment Needed 150

Lab 5-1: Port Scanning Basics 150

View Recommended Resources 151

Answer Review Questions 152

Answers and Explanations 157

Chapter 6 Network Perimeter Security 161

Firewalls and Network Security 162

Firewalls 162

Proxy Servers 167

Honeypots and Honeynets 169

NIDS Versus NIPS 170

NIDS 170

NIPS 171

Summary of NIDS Versus NIPS 173

The Protocol Analyzer’s Role in NIDS and NIPS 173

Review Key Topics 174

Complete Tables and Lists from Memory 174

Define Key Terms 174

Hands-On Labs 174

Equipment Needed 175

Lab 6-1: Packet Filtering and NAT Firewalls 175

Lab 6-2: Configuring an Inbound Filter on a SOHO Router/Firewall 176

Lab 6-3: Enabling MAC Filtering 177

View Recommended Resources 178

Answer Review Questions 178

Answers and Explanations 181

Chapter 7 Securing Network Media and Devices 185

Securing Wired Networks and Devices 186

Network Device Vulnerabilities 186

Default Accounts 186

Weak Passwords 187

Privilege Escalation 188

Back Doors 188

Network Attacks 189

Other Network Device Considerations 189

Cable Media Vulnerabilities 189

Interference 190

Crosstalk 191

Data Emanation 192

Tapping into Data and Conversations 192

Securing Wireless Networks 195

Wireless Access Point Vulnerabilities 195

Secure the Administration Interface 195

SSID Broadcast 196

Rogue Access Points 196

Weak Encryption 196

Other Wireless Access Point Security Strategies 198

Wireless Transmission Vulnerabilities 199

Bluetooth Vulnerabilities 199

Bluejacking 200

Bluesnarfing 200

Review Key Topics 202

Complete Tables and Lists from Memory 202

Define Key Terms 202

Hands-On Labs 203

Equipment Needed 203

Lab 7-1: Securing a Wireless Device: 8 Steps to a Secure Network 203

Lab 7-2: Wardriving...and The Cure 205

View Recommended Resources 206

Answer Review Questions 206

Answers and Explanations 209

Part III Access Control

Chapter 8 Physical Security and Authentication Models 213

Physical Security 215

General Building and Server Room Security 215

Door Access 216

Biometric Readers 217

Authentication Models and Components 219

Authentication Models 219

Localized Authentication Technologies 220

802.1X and EAP 221

LDAP 224

Kerberos and Mutual Authentication 225

Terminal Services 226

Remote Authentication Technologies 226

Remote Access Service 227

Virtual Private Networks 228

RADIUS Versus TACACS 230

Review Key Topics 233

Complete Tables and Lists from Memory 233

Define Key Terms 233

Hands-On Labs 234

Equipment Needed 234

Lab 8-1: Enabling 802.1X on a Network Adapter 234

Lab 8-2: Setting Up a VPN 235

Lab 8-3: Setting Up a RADIUS Server 236

View Recommended Resources 238

Answer Review Questions 240

Answers and Explanations 244

Chapter 9 Access Control Methods and Models 249

Access Control Models Defined 250

Discretionary Access Control 250

Mandatory Access Control 252

Role-Based Access Control (RBAC) 253

Access Control Wise Practices 254

Rights, Permissions, and Policies 256

Users, Groups, and Permissions 256

Permission Inheritance and Propagation 260

Moving and Copying Folders and Files 260

Usernames and Passwords 261

Policies 264

User Account Control (UAC) 267

Review Key Topics 269

Complete Tables and Lists from Memory 269

Define Key Terms 269

Hands-On Labs 270

Equipment Needed 270

Lab 9-1: Configuring Password Policies and

User Account Restrictions 270

Lab 9-2: Configuring User and Group Permissions 272

View Recommended Resources 273

Answer Review Questions 273

Answers and Explanations 278

Part IV Assessments and Audits

Chapter 10 Vulnerability and Risk Assessment 283

Conducting Risk Assessments 284

Qualitative Risk Assessment 285

Quantitative Risk Assessment 286

Security Analysis Methodologies 287

Vulnerability Management 288

Penetration Testing 290

OVAL 290

Assessing Vulnerability with Security Tools 291

Network Mapping 292

Vulnerability Scanning 295

Network Sniffing 297

Password Analysis 298

Review Key Topics 302

Complete Tables and Lists from Memory 302

Define Key Terms 302

Hands-On Labs 303

Equipment Needed 303

Lab 10-1: Mapping and Scanning the Network 303

Lab 10-2: Password Cracking and Defense 304

View Recommended Resources 305

Answer Review Questions 306

Answers and Explanations 310

Chapter 11 Monitoring and Auditing 313

Monitoring Methodologies 314

Signature-Based Monitoring 314

Anomaly-Based Monitoring 315

Behavior-Based Monitoring 315

Using Tools to Monitor Systems and Networks 316

Performance Baselining 316

Protocol Analyzers 318

Wireshark 319

Network Monitor 320

SNMP 321

Conducting Audits 322

Auditing Files 322

Logging 324

Log File Maintenance and Security 327

Auditing System Security Settings 328

Review Key Topics 332

Complete Tables and Lists from Memory 332

Define Key Terms 332

Hands-On Labs 333

Equipment Needed 333

Lab 11-1: Using Protocol Analyzers 333

Lab 11-2: Auditing Files on a Windows Server 335

View Recommended Resources 337

Answer Review Questions 338

Answers and Explanations 343

Part V Cryptography

Chapter 12 Encryption and Hashing Concepts 349

Cryptography Concepts 350

Symmetric Versus Asymmetric Key Algorithms 353

Symmetric Key Algorithms 353

Asymmetric Key Algorithms 354

Public Key Cryptography 354

Key Management 355

Steganography 356

Encryption Algorithms 357

DES and 3DES 357

AES 357

RC 358

Summary of Symmetric Algorithms 359

RSA 359

Diffie-Hellman 360

Elliptic Curve 360

More Encryption Types 361

One-Time Pad 361

PGP 362

Hashing Basics 362

Cryptographic Hash Functions 364

MD5 364

SHA 364

Happy Birthday! 365

LANMAN, NTLM, and NTLM2 365

LANMAN 365

NTLM and NTLM2 367

Review Key Topics 368

Complete Tables and Lists from Memory 368

Define Key Terms 368

Hands-On Lab 369

Equipment Needed 369

Lab 12-1: Disabling the LM Hash in Windows Server 2003 369

View Recommended Resources 370

Answer Review Questions 370

Answers and Explanations 375

Chapter 13 PKI and Encryption Protocols 379

Public Key Infrastructure 380

Certificates 380

Certificate Authorities 381

Single-Sided and Dual-Sided Certificates 384

Web of Trust 384

Security Protocols 384

S/MIME 385

SSL/TLS 386

SSH 386

PPTP, L2TP, and IPsec 387

PPTP 387

L2TP 387

IPsec 388

Review Key Topics 389

Define Key Terms 389

Hands-On Labs 389

Equipment Needed 389

Lab 13-1: A Basic Example of PKI 390

Lab 13-2: Configuring an L2TP-Based VPN with Windows Server 2003 390

Lab 13-3: Making an SSH Connection 394

View Recommended Resources 395

Answer Review Questions 396

Answers and Explanations 399

Part VI Organizational Security

Chapter 14 Redundancy and Disaster Recovery 403

Redundancy Planning 404

Redundant Power 405

Redundant Power Supplies 406

Uninterruptible Power Supplies 407

Backup Generators 408

Redundant Data 410

Redundant Networking 413

Redundant Servers 415

Redundant Sites 415

Disaster Recovery Planning and Procedures 416

Data Backup 416

DR Planning 420

Review Key Topics 423

Complete Tables and Lists from Memory 423

Define Key Terms 423

Hands-On Labs 424

Equipment Needed 424

Lab 14-1: Backing Up Data on a Windows Server 424

Lab 14-2: Configuring RAID 1 and 5 425

View Recommended Resources 427

Answer Review Questions 427

Answers and Explanations 430

Chapter 15 Policies, Procedures, and People 435

Environmental Controls 436

Fire Suppression 436

Fire Extinguishers 436

Sprinkler Systems 438

Special Hazard Protection Systems 438

HVAC 439

Shielding 440

Social Engineering 441

Pretexting 441

Diversion Theft 441

Phishing 442

Hoaxes 442

Shoulder Surfing 443

Eavesdropping 443

Dumpster Diving 443

Baiting 444

Piggybacking 444

Summary of Social Engineering Types 444

User Education and Awareness 445

Legislative and Organizational Policies 445

Data Sensitivity and Classification of Information 447

Personnel Security Policies 448

Acceptable Use 449

Change Management 449

Separation of Duties/Job Rotation 450

Mandatory Vacations 450

Due Diligence 450

Due Care 450

Due Process 450

User Education and Awareness Training 451

Summary of Personnel Security Policies 451

How to Deal with Vendors 452

How to Dispose of Computers and Other IT Equipment Securely 452

Incident Response Procedures 454

Review Key Topics 458

Complete Tables and Lists from Memory 458

Define Key Terms 458

View Recommended Resources 458

Answer Review Questions 459

Answers and Explanations 464

Part VII Preparing for the CompTIA Security+ Exam

Chapter 16 Taking the Real Exam 469

Getting Ready and the Exam Preparation Checklist 469

Tips for Taking the Real Exam 472

Beyond the CompTIA Security+ Certification 475

Hands-On Lab 476

Practice Exam 1: CompTIA Security+ SY0-201 479

Practice Exam 2: CompTIA Security+ SY0-201 515

Glossary 553

Elements Available on the DVD

Practice Exam 3: CompTIA Security+ SY0-201

Appendix A Memory Tables

Appendix B Memory Tables Answer Key

Video Solutions to Hands-On Scenarios

9780789747136 TOC 10/21/2010

Read More Show Less

Customer Reviews

Average Rating 4.5
( 10 )
Rating Distribution

5 Star

(7)

4 Star

(2)

3 Star

(0)

2 Star

(0)

1 Star

(1)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 10 Customer Reviews
  • Anonymous

    Posted April 26, 2013

    Izzy is.....

    Hangingout ;)

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted April 23, 2013

    Ally

    Ho Hey and Count On Me

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted April 21, 2013

    Death to Gagnam style

    Imposter! I do not like that! Maybe REMEMBER THE NAME

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted April 21, 2013

    Mimi

    A thousand years

    Was this review helpful? Yes  No   Report this review
  • Posted August 3, 2011

    The definitive study material for the Sec+ Exam.

    When choosing a book of this kind to purchase, I find that there are some things to consider other than just the accuracy of the information presented. As I prepared to write this review, I found myself making a list of things I liked about this book, and things I did not like. First and most importantly, is the fact that I found all the material presented to be of exceptional quality and accuracy. So with that out of the way, why this book instead of another?

    The book has several features that I find common place in this type of guide; the importance of certification, who should read this book, hands-on-labs, chapter quizzes & practice tests & practice exams, as well as how to prepare to take the real exam. Of these common-place features, I feel the author provided an amazingly clear and detailed explanation for who should read this book and attempt the Security+ Certification test. I also liked the detailed answer key for the end of chapter quizzes & practice tests, which explains both why the right answer is right, and why the wrong answer is wrong. One of the best test-prep features is the third practice exam, located on the included DVD, which can offer the exam with random questions and random answers.

    Unlike most books of this type, I found many other features that I really liked. Throughout the book the author provides real-world examples of the topics. When a topic with no clear-defined answer is presented, such as which internet browser is best to use, the author gives us his advice followed by as many facts as are available to him to use. This gives us a very solid basis to use in our real lives, not just the exam world. Occasionally, the author refers to industry terms not covered by the current test that might be on the next version. Since there is a good deal of overlap of information, the author does a good job to stay on topic while referring to the other sections of the book where otherwise repeated information is already discussed in detail. The author also offers his assistance for readers who have questions about the material presented in this book.

    There are only two problems that I had with this book, and they could be considered matters of opinion. First, with the change to the Security+ Certification now expiring after 3 years, I would have liked to see that mentioned in the book. Second, doing the labs requires obtaining a copy of Virtual PC, as opposed to interactive flash-based simulations that other books have used. The reason why I'd prefer the interactive flash-based simulations instead of Virtual PC, is because Virtual PC cannot be run on a home computer unless it is running one of these: Windows 7T Professional; Windows 7T Enterprise; Windows 7T Ultimate; Windows VistaT Business; Windows VistaT Enterprise; Windows VistaT Ultimate; Windows Server 2003, Standard Edition; Windows Server 2003, Standard x64 Edition; Windows XP Professional; Windows XP Professional x64 Edition; or Windows XP Tablet PC Edition. This requirement is not mentioned in the book. The good news is that even if you cannot install Virtual PC on your PC, the included DVD contains videos of the author doing the hands-on-labs while talking the viewer through them, which is very thorough and very useful.

    All things considered I was very impressed by this Cert Guide. The next time I'm looking for an IT text book, Cert Guide, I will look for one by David L. Prowse & Pearson first.

    Was this review helpful? Yes  No   Report this review
  • Posted May 24, 2011

    Very accurate and detailed, but dvd didn't work

    David Prowse did a great job of covering all exam objectives thoroughly. He was more thorough than my other book (Darril Gibson's Get Certified Get Ahead), but I highly recommend both of these to prepare for the test. The two practice tests in the book were very accurate and indicative of the real exam (I just took and passed with a score of 852 today). My only complaint is that the dvd didn't work, preventing me from accessing the third practice test. Coming from someone that just took the test, study this book and Darril Gibson's, take their practice exams, and you should do great on the real test. Thanks for the great study material David. I will definitely look for his material in the future.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted December 6, 2010

    No text was provided for this review.

  • Anonymous

    Posted June 8, 2011

    No text was provided for this review.

  • Anonymous

    Posted January 28, 2011

    No text was provided for this review.

  • Anonymous

    Posted May 21, 2011

    No text was provided for this review.

Sort by: Showing all of 10 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)