SE/CIAMPA, CompTIA Security+ Guide to Network Security Fundamentals, 6th Edition ISBN-978-1-337-28878-1 ©20XX Designer: XXX Text & Cover printer: Quad Graphics Binding: PB Trim: 7.375 x 9.125" CMYK
Security+ Guide to Network Security Fundamentals
To register or access your online learning solution or purchase materials for your course, visit www.cengagebrain.com.
Security+ Guide to Network Security Fundamentals
INFORMATION SECURITY
Sixth Edition
Mark Ciampa
Sixth Edition
CIAMPA
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
CompTIA Security+ SY0-501 Exam Objectives
Security+ Exam Domain/Objectives Chapter Bloom’s Taxonomy 1.0: Threats, Attacks, and Vulnerabilities 1.1 Given a scenario, analyze indicators of compromise and determine the type of
malware. 2 Analyze
1.2 Compare and contrast types of attacks. 2 3 5 8
11 15
Understand Analyze Understand Apply/Understand Create Apply
1.3 Explain threat actor types and attributes. 1 Analyze/Apply 1.4 Explain penetration testing concepts. 13 Apply 1.5 Explain vulnerability scanning concepts. 13 Apply 1.6 Explain the impact associated with types of vulnerabilities. 1
3 4 5 9
10
Understand Understand Understand Understand Understand Understand
2.0: Technologies and Tools 2.1 Install and configure network components, both hardware- and software-based,
to support organizational security. 4 6 7 8
Apply Analyze Apply Analyze/Evaluate
2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization.
8 13 14
Evaluate Analyze/Evaluate Evaluate
2.3 Given a scenario, troubleshoot common security issues. 15 Analyze 2.4 Given a scenario, analyze and interpret output from security technologies. 6
7 9
Analyze Analyze Analyze
2.5 Given a scenario, deploy mobile devices securely. 8 10 11
Apply/Evaluate Analyze/Create Analyze
2.6 Given a scenario, implement secure protocols. 4 5
Apply Analyze
3.0: Architecture and Design 3.1 Explain use cases and purpose for frameworks, best practices and secure
configuration guides. 1
15 Analyze Understand
3.2 Given a scenario, implement secure network architecture concepts. 6 7 8
13
Analyze Apply Apply/Evaluate Apply
88781_ifc_hr.indd 2 8/9/17 3:41 PM
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Australia • Brazil • Mexico • Singapore • United Kingdom • United States
INFORMATION SECURITY
Mark Ciampa, Ph.D.
Sixth Edition
SECURITY+ GUIDE TO NETWORK SECURITY
CompTIA ®
FUNDAMENTALS
88781_fm_hr_i-xxvi.indd 1 8/16/17 7:00 PM
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
© 2018, 2015 Cengage Learning Unless otherwise noted, all content is © Cengage.
Security+ Guide to Network Security Fundamentals, Sixth Edition
Mark Ciampa
SVP, GM Skills: Jonathan Lau
Product Team Manager: Kristin McNary
Associate Product Manager: Amy Savino
Executive Director of Development: Marah Bellegarde
Senior Product Development Manager: Leigh Hefferon
Senior Content Developer: Michelle Ruelos Cannistraci
Product Assistant: Jake Toth
Marketing Director: Michelle McTighe
Production Director: Patty Stephan
Senior Content Project Manager: Brooke Greenhouse
Art Director: Diana Graham
Cover image(s): iStockPhoto.com/ supernitram
Printed in the United States of America Print Number: 01 Print Year: 2017
ALL RIGHTS RESERVED. No part of this work covered by the copy- right herein may be reproduced or distributed in any form or by any means, except as permitted by U.S. copyright law, without the prior written permission of the copyright owner.
Library of Congress Control Number: 2017950178
ISBN: 978-1-337-28878-1 LLF ISBN: 978-1-337-68585-6
Notice to the Reader Publisher does not warrant or guarantee any of the products described herein or perform any independent analysis in connection with any of the product information contained herein. Publisher does not assume, and expressly disclaims, any obligation to obtain and include information other than that provided to it by the manufacturer. The reader is expressly warned to consider and adopt all safety precautions that might be indicated by the activities described herein and to avoid all potential hazards. By following the instructions contained herein, the reader willingly assumes all risks in connection with such instructions. The publisher makes no representations or warranties of any kind, including but not limited to, the warranties of fitness for particular purpose or merchantability, nor are any such representations implied with respect to the material set forth herein, and the publisher takes no responsibility with respect to such material. The publisher shall not be liable for any special, consequential, or exemplary damages resulting, in whole or part, from the readers’ use of, or reliance upon, this material.
Cengage 20 Channel Center Street Boston, MA 02210 USA
Cengage is a leading provider of customized learning solutions with employees residing in nearly 40 different countries and sales in more than 125 countries around the world. Find your local representative at www.cengage.com.
Cengage products are represented in Canada by Nelson Education, Ltd.
To learn more about Cengage platforms and services, visit www.cengage.com
Purchase any of our products at your local college store or at our preferred online store www.cengagebrain.com
For product information and technology assistance, contact us at Cengage Learning Customer & Sales Support, 1-800-354-9706.
For permission to use material from this text or product, submit all requests online at www.cengage.com/permissions.
Further permissions questions can be e-mailed to permissionrequest@cengage.com.
Some of the product names and company names used in this book have been used for identification purposes only and may be trademarks or registered trademarks of their respective manufacturers and sellers. Windows® is a registered trademark of Microsoft Corporation. Microsoft.is registered trademark of Microsoft Corporation in the United States and/or other countries. Cengage is an independent entity from Microsoft Corporation and not affiliated with Microsoft in any manner.
88781_fm_hr_i-xxvi.indd 2 8/16/17 7:00 PM
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Brief Contents INTRODUCTION.............................................................................................xv
PART 1
SECURITY AND ITS THREATS ..........................................................................1
CHAPTER 1
Introduction to Security ................................................................................3
CHAPTER 2
Malware and Social Engineering Attacks ................................................. 51
PART 2
CRYPTOGRAPHY .......................................................................................... 97
CHAPTER 3
Basic Cryptography ..................................................................................... 99
CHAPTER 4
Advanced Cryptography and PKI ............................................................ 145
PART 3
NETWORK ATTACKS AND DEFENSES ....................................................... 189
CHAPTER 5
Networking and Server Attacks .............................................................. 191
CHAPTER 6
Network Security Devices, Design, and Technology ............................. 233
CHAPTER 7
Administering a Secure Network ............................................................ 281
CHAPTER 8
Wireless Network Security ....................................................................... 321
PART 4
DEVICE SECURITY....................................................................................... 371
CHAPTER 9
Client and Application Security ............................................................... 373
iii
88781_fm_hr_i-xxvi.indd 3 8/16/17 7:01 PM
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Brief Contents
CHAPTER 10
Mobile and Embedded Device Security ...................................................421
PART 5
IDENTITY AND ACCESS MANAGEMENT ....................................................469
CHAPTER 11
Authentication and Account Management ............................................471
CHAPTER 12
Access Management ..................................................................................521
PART 6
RISK MANAGEMENT ...................................................................................563
CHAPTER 13
Vulnerability Assessment and Data Security .........................................565
CHAPTER 14
Business Continuity ...................................................................................607
CHAPTER 15
Risk Mitigation ...........................................................................................651
APPENDIX A
CompTIA SY0-501 Certification Exam Objectives ...................................691
GLOSSARY ......................................................................................................... 713
INDEX .................................................................................................................741
iv
88781_fm_hr_i-xxvi.indd 4 8/16/17 7:01 PM
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Table of Contents INTRODUCTION...........................................................................................................xv
PART 1
SECURITY AND ITS THREATS .....................................................1
CHAPTER 1
Introduction to Security ...........................................................3 Challenges of Securing Information .................................................................. 8
Today’s Security Attacks ....................................................................................8 Reasons for Successful Attacks ........................................................................12 Difficulties in Defending Against Attacks ....................................................... 14
What Is Information Security? .......................................................................... 17 Understanding Security ....................................................................................18 Defining Information Security .........................................................................18 Information Security Terminology ..................................................................21 Understanding the Importance of Information Security ................................ 24
Who Are the Threat Actors? .............................................................................. 28 Script Kiddies ................................................................................................... 29 Hactivists ......................................................................................................... 29 Nation State Actors ..........................................................................................30 Insiders ............................................................................................................30 Other Threat Actors ..........................................................................................31
Defending Against Attacks ............................................................................... 32 Fundamental Security Principles .................................................................... 32 Frameworks and Reference Architectures ...................................................... 35
Chapter Summary .............................................................................................. 35
Key Terms ........................................................................................................... 37
Review Questions............................................................................................... 37
Case Projects ...................................................................................................... 46
CHAPTER 2
Malware and Social Engineering Attacks .............................51 Attacks Using Malware ...................................................................................... 53
Circulation........................................................................................................ 55 Infection ........................................................................................................... 61
v
88781_fm_hr_i-xxvi.indd 5 8/16/17 7:01 PM
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Table of Contentsvi
Concealment .................................................................................................... 65 Payload Capabilities .........................................................................................66
Social Engineering Attacks ................................................................................ 73 Psychological Approaches ............................................................................... 74 Physical Procedures .........................................................................................80
Chapter Summary .............................................................................................. 82
Key Terms ........................................................................................................... 84
Review Questions .............................................................................................. 84
Case Projects ...................................................................................................... 92
PART 2
CRYPTOGRAPHY ......................................................................97
CHAPTER 3
Basic Cryptography .................................................................99 Defining Cryptography .................................................................................... 101
What Is Cryptography? ................................................................................... 101 Cryptography and Security ............................................................................ 105 Cryptography Constraints ...............................................................................107
Cryptographic Algorithms ............................................................................... 108 Hash Algorithms .............................................................................................110 Symmetric Cryptographic Algorithms ........................................................... 113 Asymmetric Cryptographic Algorithms ......................................................... 116
Cryptographic Attacks ..................................................................................... 123 Algorithm Attacks ........................................................................................... 123 Collision Attacks ............................................................................................. 125
Using Cryptography ......................................................................................... 126 Encryption through Software ......................................................................... 127 Hardware Encryption .....................................................................................128
Chapter Summary ............................................................................................ 130
Key Terms ......................................................................................................... 132
Review Questions............................................................................................. 133
Case Projects .................................................................................................... 142
CHAPTER 4
Advanced Cryptography and PKI ........................................145 Implementing Cryptography .......................................................................... 147
Key Strength ....................................................................................................147 Secret Algorithms ...........................................................................................148
88781_fm_hr_i-xxvi.indd 6 8/16/17 7:01 PM
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Table of Contents vii
Block Cipher Modes of Operation ................................................................. 149 Crypto Service Providers................................................................................ 150 Algorithm Input Values .................................................................................. 151
Digital Certificates ........................................................................................... 152 Defining Digital Certificates ............................................................................ 152 Managing Digital Certificates .........................................................................154 Types of Digital Certificates ............................................................................158
Public Key Infrastructure (PKI) ....................................................................... 165 What Is Public Key Infrastructure (PKI)? ....................................................... 166 Trust Models .................................................................................................. 166 Managing PKI ..................................................................................................168 Key Management ............................................................................................ 171
Cryptographic Transport Protocols ............................................................... 174 Secure Sockets Layer (SSL) .............................................................................. 174 Transport Layer Security (TLS) ....................................................................... 175 Secure Shell (SSH) ...........................................................................................176 Hypertext Transport Protocol Secure (HTTPS) ...............................................176 Secure/Multipurpose Internet Mail Extensions (S/MIME) ............................ 177 Secure Real-time Transport Protocol (SRTP) .................................................. 177 IP Security (IPsec) ........................................................................................... 177
Chapter Summary ............................................................................................ 179
Key Terms ......................................................................................................... 181
Review Questions............................................................................................. 181
Case Projects .................................................................................................... 187
PART 3
NETWORK ATTACKS AND DEFENSES ....................................189
CHAPTER 5
Networking and Server Attacks ..........................................191 Networking-Based Attacks ............................................................................. 193
Interception ....................................................................................................194 Poisoning ....................................................................................................... 196
Server Attacks .................................................................................................. 201 Denial of Service (DoS) ...................................................................................201 Web Server Application Attacks .................................................................... 203 Hijacking ........................................................................................................209 Overflow Attacks ............................................................................................ 213 Advertising Attacks ......................................................................................... 215 Browser Vulnerabilities ..................................................................................218
Chapter Summary ............................................................................................ 222
88781_fm_hr_i-xxvi.indd 7 8/16/17 7:01 PM
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Table of Contentsviii
Key Terms ......................................................................................................... 223
Review Questions............................................................................................. 223
Case Projects .................................................................................................... 229
CHAPTER 6
Network Security Devices, Design, and Technology .........233 Security Through Network Devices ............................................................... 235
Standard Network Devices ............................................................................ 236 Network Security Hardware .......................................................................... 246
Security Through Network Architecture ....................................................... 260 Security Zones ...............................................................................................260 Network Segregation ..................................................................................... 263
Security Through Network Technologies ...................................................... 265 Network Access Control (NAC) ...................................................................... 265 Data Loss Prevention (DLP)............................................................................ 267
Chapter Summary ............................................................................................ 269
Key Terms ......................................................................................................... 271
Review Questions............................................................................................. 271
Case Projects .................................................................................................... 279
CHAPTER 7
Administering a Secure Network ........................................281 Secure Network Protocols .............................................................................. 283
Simple Network Management Protocol (SNMP) ........................................... 285 Domain Name System (DNS) ........................................................................ 286 File Transfer Protocol (FTP)............................................................................ 288 Secure Email Protocols ..................................................................................290 Using Secure Network Protocols ....................................................................291
Placement of Security Devices and Technologies ........................................ 292
Analyzing Security Data .................................................................................. 295 Data from Security Devices ........................................................................... 296 Data from Security Software ......................................................................... 297 Data from Security Tools ............................................................................... 298 Issues in Analyzing Security Data ................................................................. 298
Managing and Securing Network Platforms ................................................ 300 Virtualization .................................................................................................300 Cloud Computing ...........................................................................................304 Software Defined Network (SDN) ..................................................................306
Chapter Summary ............................................................................................ 309
88781_fm_hr_i-xxvi.indd 8 8/16/17 7:01 PM
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Table of Contents ix
Key Terms ......................................................................................................... 310
Review Questions............................................................................................. 311
Case Projects .................................................................................................... 318
CHAPTER 8
Wireless Network Security ..................................................321 Wireless Attacks ............................................................................................... 324
Bluetooth Attacks........................................................................................... 324 Near Field Communication (NFC) Attacks .....................................................327 Radio Frequency Identification (RFID) Attacks ............................................. 330 Wireless Local Area Network Attacks .............................................................332
Vulnerabilities of IEEE Wireless Security ....................................................... 341 Wired Equivalent Privacy .............................................................................. 342 Wi-Fi Protected Setup .................................................................................... 343 MAC Address Filtering ................................................................................... 344 SSID Broadcasting .......................................................................................... 345
Wireless Security Solutions ............................................................................ 346 Wi-Fi Protected Access (WPA) ....................................................................... 347 Wi-Fi Protected Access 2 (WPA2) ................................................................... 349 Additional Wireless Security Protections .......................................................352
Chapter Summary ............................................................................................ 356
Key Terms ......................................................................................................... 359
Review Questions............................................................................................. 359
Case Projects .................................................................................................... 368
PART 4
DEVICE SECURITY ...................................................................371
CHAPTER 9
Client and Application Security ...........................................373 Client Security .................................................................................................. 375
Hardware System Security .............................................................................375 Securing the Operating System Software ...................................................... 379 Peripheral Device Security ............................................................................. 388
Physical Security .............................................................................................. 392 External Perimeter Defenses ......................................................................... 393 Internal Physical Access Security .................................................................. 395 Computer Hardware Security ....................................................................... 400
Application Security ......................................................................................... 401 Application Development Concepts ..............................................................402