Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

Comptia security+ guide to network security fundamentals free pdf

02/12/2021 Client: muhammad11 Deadline: 2 Day

SE/CIAMPA, CompTIA Security+ Guide to Network Security Fundamentals, 6th Edition ISBN-978-1-337-28878-1 ©20XX Designer: XXX Text & Cover printer: Quad Graphics Binding: PB Trim: 7.375 x 9.125" CMYK

Security+ Guide to Network Security Fundamentals

To register or access your online learning solution or purchase materials for your course, visit www.cengagebrain.com.

Security+ Guide to Network Security Fundamentals

INFORMATION SECURITY

Sixth Edition

Mark Ciampa

Sixth Edition

CIAMPA

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

CompTIA Security+ SY0-501 Exam Objectives

Security+ Exam Domain/Objectives Chapter Bloom’s Taxonomy 1.0: Threats, Attacks, and Vulnerabilities 1.1 Given a scenario, analyze indicators of compromise and determine the type of

malware. 2 Analyze

1.2 Compare and contrast types of attacks. 2 3 5 8

11 15

Understand Analyze Understand Apply/Understand Create Apply

1.3 Explain threat actor types and attributes. 1 Analyze/Apply 1.4 Explain penetration testing concepts. 13 Apply 1.5 Explain vulnerability scanning concepts. 13 Apply 1.6 Explain the impact associated with types of vulnerabilities. 1

3 4 5 9

10

Understand Understand Understand Understand Understand Understand

2.0: Technologies and Tools 2.1 Install and configure network components, both hardware- and software-based,

to support organizational security. 4 6 7 8

Apply Analyze Apply Analyze/Evaluate

2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization.

8 13 14

Evaluate Analyze/Evaluate Evaluate

2.3 Given a scenario, troubleshoot common security issues. 15 Analyze 2.4 Given a scenario, analyze and interpret output from security technologies. 6

7 9

Analyze Analyze Analyze

2.5 Given a scenario, deploy mobile devices securely. 8 10 11

Apply/Evaluate Analyze/Create Analyze

2.6 Given a scenario, implement secure protocols. 4 5

Apply Analyze

3.0: Architecture and Design 3.1 Explain use cases and purpose for frameworks, best practices and secure

configuration guides. 1

15 Analyze Understand

3.2 Given a scenario, implement secure network architecture concepts. 6 7 8

13

Analyze Apply Apply/Evaluate Apply

88781_ifc_hr.indd 2 8/9/17 3:41 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Australia • Brazil • Mexico • Singapore • United Kingdom • United States

INFORMATION SECURITY

Mark Ciampa, Ph.D.

Sixth Edition

SECURITY+ GUIDE TO NETWORK SECURITY

CompTIA ®

FUNDAMENTALS

88781_fm_hr_i-xxvi.indd 1 8/16/17 7:00 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

© 2018, 2015 Cengage Learning Unless otherwise noted, all content is © Cengage.

Security+ Guide to Network Security Fundamentals, Sixth Edition

Mark Ciampa

SVP, GM Skills: Jonathan Lau

Product Team Manager: Kristin McNary

Associate Product Manager: Amy Savino

Executive Director of Development: Marah Bellegarde

Senior Product Development Manager: Leigh Hefferon

Senior Content Developer: Michelle Ruelos Cannistraci

Product Assistant: Jake Toth

Marketing Director: Michelle McTighe

Production Director: Patty Stephan

Senior Content Project Manager: Brooke Greenhouse

Art Director: Diana Graham

Cover image(s): iStockPhoto.com/ supernitram

Printed in the United States of America Print Number: 01 Print Year: 2017

ALL RIGHTS RESERVED. No part of this work covered by the copy- right herein may be reproduced or distributed in any form or by any means, except as permitted by U.S. copyright law, without the prior written permission of the copyright owner.

Library of Congress Control Number: 2017950178

ISBN: 978-1-337-28878-1 LLF ISBN: 978-1-337-68585-6

Notice to the Reader Publisher does not warrant or guarantee any of the products described herein or perform any independent analysis in connection with any of the product information contained herein. Publisher does not assume, and expressly disclaims, any obligation to obtain and include information other than that provided to it by the manufacturer. The reader is expressly warned to consider and adopt all safety precautions that might be indicated by the activities described herein and to avoid all potential hazards. By following the instructions contained herein, the reader willingly assumes all risks in connection with such instructions. The publisher makes no representations or warranties of any kind, including but not limited to, the warranties of fitness for particular purpose or merchantability, nor are any such representations implied with respect to the material set forth herein, and the publisher takes no responsibility with respect to such material. The publisher shall not be liable for any special, consequential, or exemplary damages resulting, in whole or part, from the readers’ use of, or reliance upon, this material.

Cengage 20 Channel Center Street Boston, MA 02210 USA

Cengage is a leading provider of customized learning solutions with employees residing in nearly 40 different countries and sales in more than 125 countries around the world. Find your local representative at www.cengage.com.

Cengage products are represented in Canada by Nelson Education, Ltd.

To learn more about Cengage platforms and services, visit www.cengage.com

Purchase any of our products at your local college store or at our preferred online store www.cengagebrain.com

For product information and technology assistance, contact us at Cengage Learning Customer & Sales Support, 1-800-354-9706.

For permission to use material from this text or product, submit all requests online at www.cengage.com/permissions.

Further permissions questions can be e-mailed to permissionrequest@cengage.com.

Some of the product names and company names used in this book have been used for identification purposes only and may be trademarks or registered trademarks of their respective manufacturers and sellers. Windows® is a registered trademark of Microsoft Corporation. Microsoft.is registered trademark of Microsoft Corporation in the United States and/or other countries. Cengage is an independent entity from Microsoft Corporation and not affiliated with Microsoft in any manner.

88781_fm_hr_i-xxvi.indd 2 8/16/17 7:00 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Brief Contents INTRODUCTION.............................................................................................xv

PART 1

SECURITY AND ITS THREATS ..........................................................................1

CHAPTER 1

Introduction to Security ................................................................................3

CHAPTER 2

Malware and Social Engineering Attacks ................................................. 51

PART 2

CRYPTOGRAPHY .......................................................................................... 97

CHAPTER 3

Basic Cryptography ..................................................................................... 99

CHAPTER 4

Advanced Cryptography and PKI ............................................................ 145

PART 3

NETWORK ATTACKS AND DEFENSES ....................................................... 189

CHAPTER 5

Networking and Server Attacks .............................................................. 191

CHAPTER 6

Network Security Devices, Design, and Technology ............................. 233

CHAPTER 7

Administering a Secure Network ............................................................ 281

CHAPTER 8

Wireless Network Security ....................................................................... 321

PART 4

DEVICE SECURITY....................................................................................... 371

CHAPTER 9

Client and Application Security ............................................................... 373

iii

88781_fm_hr_i-xxvi.indd 3 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Brief Contents

CHAPTER 10

Mobile and Embedded Device Security ...................................................421

PART 5

IDENTITY AND ACCESS MANAGEMENT ....................................................469

CHAPTER 11

Authentication and Account Management ............................................471

CHAPTER 12

Access Management ..................................................................................521

PART 6

RISK MANAGEMENT ...................................................................................563

CHAPTER 13

Vulnerability Assessment and Data Security .........................................565

CHAPTER 14

Business Continuity ...................................................................................607

CHAPTER 15

Risk Mitigation ...........................................................................................651

APPENDIX A

CompTIA SY0-501 Certification Exam Objectives ...................................691

GLOSSARY ......................................................................................................... 713

INDEX .................................................................................................................741

iv

88781_fm_hr_i-xxvi.indd 4 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Table of Contents INTRODUCTION...........................................................................................................xv

PART 1

SECURITY AND ITS THREATS .....................................................1

CHAPTER 1

Introduction to Security ...........................................................3 Challenges of Securing Information .................................................................. 8

Today’s Security Attacks ....................................................................................8 Reasons for Successful Attacks ........................................................................12 Difficulties in Defending Against Attacks ....................................................... 14

What Is Information Security? .......................................................................... 17 Understanding Security ....................................................................................18 Defining Information Security .........................................................................18 Information Security Terminology ..................................................................21 Understanding the Importance of Information Security ................................ 24

Who Are the Threat Actors? .............................................................................. 28 Script Kiddies ................................................................................................... 29 Hactivists ......................................................................................................... 29 Nation State Actors ..........................................................................................30 Insiders ............................................................................................................30 Other Threat Actors ..........................................................................................31

Defending Against Attacks ............................................................................... 32 Fundamental Security Principles .................................................................... 32 Frameworks and Reference Architectures ...................................................... 35

Chapter Summary .............................................................................................. 35

Key Terms ........................................................................................................... 37

Review Questions............................................................................................... 37

Case Projects ...................................................................................................... 46

CHAPTER 2

Malware and Social Engineering Attacks .............................51 Attacks Using Malware ...................................................................................... 53

Circulation........................................................................................................ 55 Infection ........................................................................................................... 61

v

88781_fm_hr_i-xxvi.indd 5 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Table of Contentsvi

Concealment .................................................................................................... 65 Payload Capabilities .........................................................................................66

Social Engineering Attacks ................................................................................ 73 Psychological Approaches ............................................................................... 74 Physical Procedures .........................................................................................80

Chapter Summary .............................................................................................. 82

Key Terms ........................................................................................................... 84

Review Questions .............................................................................................. 84

Case Projects ...................................................................................................... 92

PART 2

CRYPTOGRAPHY ......................................................................97

CHAPTER 3

Basic Cryptography .................................................................99 Defining Cryptography .................................................................................... 101

What Is Cryptography? ................................................................................... 101 Cryptography and Security ............................................................................ 105 Cryptography Constraints ...............................................................................107

Cryptographic Algorithms ............................................................................... 108 Hash Algorithms .............................................................................................110 Symmetric Cryptographic Algorithms ........................................................... 113 Asymmetric Cryptographic Algorithms ......................................................... 116

Cryptographic Attacks ..................................................................................... 123 Algorithm Attacks ........................................................................................... 123 Collision Attacks ............................................................................................. 125

Using Cryptography ......................................................................................... 126 Encryption through Software ......................................................................... 127 Hardware Encryption .....................................................................................128

Chapter Summary ............................................................................................ 130

Key Terms ......................................................................................................... 132

Review Questions............................................................................................. 133

Case Projects .................................................................................................... 142

CHAPTER 4

Advanced Cryptography and PKI ........................................145 Implementing Cryptography .......................................................................... 147

Key Strength ....................................................................................................147 Secret Algorithms ...........................................................................................148

88781_fm_hr_i-xxvi.indd 6 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Table of Contents vii

Block Cipher Modes of Operation ................................................................. 149 Crypto Service Providers................................................................................ 150 Algorithm Input Values .................................................................................. 151

Digital Certificates ........................................................................................... 152 Defining Digital Certificates ............................................................................ 152 Managing Digital Certificates .........................................................................154 Types of Digital Certificates ............................................................................158

Public Key Infrastructure (PKI) ....................................................................... 165 What Is Public Key Infrastructure (PKI)? ....................................................... 166 Trust Models .................................................................................................. 166 Managing PKI ..................................................................................................168 Key Management ............................................................................................ 171

Cryptographic Transport Protocols ............................................................... 174 Secure Sockets Layer (SSL) .............................................................................. 174 Transport Layer Security (TLS) ....................................................................... 175 Secure Shell (SSH) ...........................................................................................176 Hypertext Transport Protocol Secure (HTTPS) ...............................................176 Secure/Multipurpose Internet Mail Extensions (S/MIME) ............................ 177 Secure Real-time Transport Protocol (SRTP) .................................................. 177 IP Security (IPsec) ........................................................................................... 177

Chapter Summary ............................................................................................ 179

Key Terms ......................................................................................................... 181

Review Questions............................................................................................. 181

Case Projects .................................................................................................... 187

PART 3

NETWORK ATTACKS AND DEFENSES ....................................189

CHAPTER 5

Networking and Server Attacks ..........................................191 Networking-Based Attacks ............................................................................. 193

Interception ....................................................................................................194 Poisoning ....................................................................................................... 196

Server Attacks .................................................................................................. 201 Denial of Service (DoS) ...................................................................................201 Web Server Application Attacks .................................................................... 203 Hijacking ........................................................................................................209 Overflow Attacks ............................................................................................ 213 Advertising Attacks ......................................................................................... 215 Browser Vulnerabilities ..................................................................................218

Chapter Summary ............................................................................................ 222

88781_fm_hr_i-xxvi.indd 7 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Table of Contentsviii

Key Terms ......................................................................................................... 223

Review Questions............................................................................................. 223

Case Projects .................................................................................................... 229

CHAPTER 6

Network Security Devices, Design, and Technology .........233 Security Through Network Devices ............................................................... 235

Standard Network Devices ............................................................................ 236 Network Security Hardware .......................................................................... 246

Security Through Network Architecture ....................................................... 260 Security Zones ...............................................................................................260 Network Segregation ..................................................................................... 263

Security Through Network Technologies ...................................................... 265 Network Access Control (NAC) ...................................................................... 265 Data Loss Prevention (DLP)............................................................................ 267

Chapter Summary ............................................................................................ 269

Key Terms ......................................................................................................... 271

Review Questions............................................................................................. 271

Case Projects .................................................................................................... 279

CHAPTER 7

Administering a Secure Network ........................................281 Secure Network Protocols .............................................................................. 283

Simple Network Management Protocol (SNMP) ........................................... 285 Domain Name System (DNS) ........................................................................ 286 File Transfer Protocol (FTP)............................................................................ 288 Secure Email Protocols ..................................................................................290 Using Secure Network Protocols ....................................................................291

Placement of Security Devices and Technologies ........................................ 292

Analyzing Security Data .................................................................................. 295 Data from Security Devices ........................................................................... 296 Data from Security Software ......................................................................... 297 Data from Security Tools ............................................................................... 298 Issues in Analyzing Security Data ................................................................. 298

Managing and Securing Network Platforms ................................................ 300 Virtualization .................................................................................................300 Cloud Computing ...........................................................................................304 Software Defined Network (SDN) ..................................................................306

Chapter Summary ............................................................................................ 309

88781_fm_hr_i-xxvi.indd 8 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Table of Contents ix

Key Terms ......................................................................................................... 310

Review Questions............................................................................................. 311

Case Projects .................................................................................................... 318

CHAPTER 8

Wireless Network Security ..................................................321 Wireless Attacks ............................................................................................... 324

Bluetooth Attacks........................................................................................... 324 Near Field Communication (NFC) Attacks .....................................................327 Radio Frequency Identification (RFID) Attacks ............................................. 330 Wireless Local Area Network Attacks .............................................................332

Vulnerabilities of IEEE Wireless Security ....................................................... 341 Wired Equivalent Privacy .............................................................................. 342 Wi-Fi Protected Setup .................................................................................... 343 MAC Address Filtering ................................................................................... 344 SSID Broadcasting .......................................................................................... 345

Wireless Security Solutions ............................................................................ 346 Wi-Fi Protected Access (WPA) ....................................................................... 347 Wi-Fi Protected Access 2 (WPA2) ................................................................... 349 Additional Wireless Security Protections .......................................................352

Chapter Summary ............................................................................................ 356

Key Terms ......................................................................................................... 359

Review Questions............................................................................................. 359

Case Projects .................................................................................................... 368

PART 4

DEVICE SECURITY ...................................................................371

CHAPTER 9

Client and Application Security ...........................................373 Client Security .................................................................................................. 375

Hardware System Security .............................................................................375 Securing the Operating System Software ...................................................... 379 Peripheral Device Security ............................................................................. 388

Physical Security .............................................................................................. 392 External Perimeter Defenses ......................................................................... 393 Internal Physical Access Security .................................................................. 395 Computer Hardware Security ....................................................................... 400

Application Security ......................................................................................... 401 Application Development Concepts ..............................................................402

88781_fm_hr_i-xxvi.indd 9 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Table of Contentsx

Secure Coding Techniques .............................................................................404 Code Testing ...................................................................................................405

Chapter Summary ............................................................................................ 406

Key Terms ......................................................................................................... 409

Review Questions............................................................................................. 410

Case Projects .................................................................................................... 417

CHAPTER 10

Mobile and Embedded Device Security ..............................421 Mobile Device Types and Deployment .......................................................... 423

Types of Mobile Devices ................................................................................ 424

Mobile Device Risks ......................................................................................... 432 Mobile Device Vulnerabilities........................................................................ 432 Connection Vulnerabilities ............................................................................ 436 Accessing Untrusted Content ........................................................................ 436 Deployment Model Risks ............................................................................... 438

Securing Mobile Devices ................................................................................. 439 Device Configuration ..................................................................................... 439 Mobile Management Tools ............................................................................446 Mobile Device App Security ..........................................................................448

Embedded Systems and the Internet of Things ........................................... 449 Embedded Systems........................................................................................449 Internet of Things ...........................................................................................451 Security Implications ..................................................................................... 452

Chapter Summary ............................................................................................ 455

Key Terms ......................................................................................................... 457

Review Questions............................................................................................. 457

Case Projects .................................................................................................... 465

PART 5

IDENTITY AND ACCESS MANAGEMENT ................................469

CHAPTER 11

Authentication and Account Management .......................471 Authentication Credentials ............................................................................ 473

What You Know: Passwords .......................................................................... 475 What You Have: Tokens, Cards, and Cell Phones .......................................... 489 What You Are: Biometrics ............................................................................. 492 What You Do: Behavioral Biometrics ............................................................ 498

88781_fm_hr_i-xxvi.indd 10 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Table of Contents xi

Where You Are: Geolocation .........................................................................499

Single Sign-on ................................................................................................... 500

Account Management ..................................................................................... 502

Chapter Summary ............................................................................................ 505

Key Terms .......................................................................................................... 506

Review Questions............................................................................................. 507

Case Projects .................................................................................................... 517

CHAPTER 12

Access Management .............................................................521 What Is Access Control? .................................................................................. 523

Access Control Terminology .......................................................................... 524 Access Control Models ....................................................................................527

Managing Access Through Account Management....................................... 533 Account Setup .................................................................................................533 Account Auditing ........................................................................................... 539

Best Practices for Access Control ................................................................... 540 Separation of Duties ......................................................................................540 Job Rotation ...................................................................................................540 Mandatory Vacations......................................................................................541 Clean Desk Policy ............................................................................................541

Implementing Access Control ........................................................................ 542 Access Control Lists (ACLs) ............................................................................ 542 Group-Based Access Control ......................................................................... 543

Identity and Access Services .......................................................................... 544 RADIUS ........................................................................................................... 545 Kerberos ......................................................................................................... 547 Terminal Access Control Access Control System+ (TACACS+) ...................... 548 Lightweight Directory Access Protocol (LDAP) .............................................. 549 Security Assertion Markup Language (SAML) ............................................... 550 Authentication Framework Protocols ............................................................ 551

Chapter Summary ............................................................................................ 552

Key Terms ......................................................................................................... 554

Review Questions............................................................................................. 554

Case Projects .................................................................................................... 561

88781_fm_hr_i-xxvi.indd 11 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Table of Contentsxii

PART 6

RISK MANAGEMENT ..............................................................563

CHAPTER 13

Vulnerability Assessment and Data Security ....................565 Assessing the Security Posture ...................................................................... 567

What Is Vulnerability Assessment? ............................................................... 567 Vulnerability Assessment Tools .....................................................................573

Vulnerability Scanning .................................................................................... 584

Penetration Testing ......................................................................................... 586

Practicing Data Privacy and Security ............................................................. 588 What Is Privacy? ............................................................................................. 589 Risks Associated with Private Data ...............................................................590 Maintaining Data Privacy and Security ......................................................... 592

Chapter Summary ............................................................................................ 596

Key Terms ......................................................................................................... 598

Review Questions............................................................................................. 598

Case Projects .................................................................................................... 604

CHAPTER 14

Business Continuity ..............................................................607 What Is Business Continuity? ......................................................................... 609

Business Continuity Planning (BCP) .............................................................609 Business Impact Analysis (BIA) ...................................................................... 611 Disaster Recovery Plan (DRP) .........................................................................612

Fault Tolerance Through Redundancy .......................................................... 615 Servers ........................................................................................................... 616 Storage ............................................................................................................617 Networks .........................................................................................................621 Power ............................................................................................................. 622 Recovery Sites ................................................................................................ 622 Data ................................................................................................................ 623

Environmental Controls .................................................................................. 628 Fire Suppression ............................................................................................ 628 Electromagnetic Disruption Protection ..........................................................631 HVAC ...............................................................................................................631

Incident Response ........................................................................................... 633 What Is Forensics? ......................................................................................... 633

88781_fm_hr_i-xxvi.indd 12 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Table of Contents xiii

Incident Response Plan ................................................................................. 633 Forensics Procedures ..................................................................................... 634

Chapter Summary ............................................................................................ 640

Key Terms ......................................................................................................... 642

Review Questions............................................................................................. 643

Case Projects .................................................................................................... 649

CHAPTER 15

Risk Mitigation ......................................................................651 Managing Risk .................................................................................................. 653

Threat Assessment ........................................................................................ 654 Risk Assessment ............................................................................................ 656

Strategies for Reducing Risk ........................................................................... 664 Using Control Types.......................................................................................664 Distributing Allocation ..................................................................................666 Implementing Technology ............................................................................666

Practices for Reducing Risk............................................................................. 668 Security Policies .............................................................................................669 Awareness and Training ................................................................................ 675 Agreements .................................................................................................... 677 Personnel Management ................................................................................. 679

Troubleshooting Common Security Issues ................................................... 679

Chapter Summary ............................................................................................ 680

Key Terms ......................................................................................................... 682

Review Questions............................................................................................. 682

Case Projects .................................................................................................... 688

APPENDIX A

CompTIA SY0-501 Certification Exam Objectives ..............691

GLOSSARY ......................................................................................................... 713

INDEX ................................................................................................................. 741

88781_fm_hr_i-xxvi.indd 13 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

88781_fm_hr_i-xxvi.indd 14 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

The number one concern of computer professionals today continues to be information security, and with good reason. Consider the evidence: over 1.5 billion Yahoo user accounts were compromised in just two separate attacks.1 A ransom of $1 million dollars was paid to unlock files that had been encrypted by ransomware.2 A global payment sys- tem used to transfer money between countries was compromised by attackers who stole $81 billion from the central bank of Bangladesh.3 It is estimated that global spending on products and services to prevent these attacks will exceed $1 trillion cumulatively between 2017 and 2021. But despite the huge sum spent on protection, cybercrime will still cost businesses over $6 trillion by 2021.4

As attacks continue to escalate, the need for trained security per- sonnel also increases. It is estimated that there are currently over 1.5 million unfilled security jobs worldwide and this will grow by 20 percent to 1.8 million by the year 2022.5 According to the U.S. Bureau of Labor Statistics (BLS) “Occupational Outlook Handbook,” the job out- look for information security analysts through 2024 is expected to grow by 18 percent, faster than the average growth rate.6

To verify security competency, most organizations use the Comput- ing Technology Industry Association (CompTIA) Security+ certification, a vendor-neutral credential. Security+ is one of the most widely recog- nized security certifications and has become the security foundation for today’s IT professionals. It is internationally recognized as validat- ing a foundation level of security skills and knowledge. A successful Security+ candidate has the knowledge and skills required to identify threats, attacks and vulnerabilities; use security technologies and tools; understand security architecture and design; perform identity and access management; know about risk management; and use cryptography.

Security+ Guide to Network Security Fundamentals, Sixth Edition is designed to equip learners with the knowledge and skills needed to be information security professionals. Yet it is more than an “exam prep” book. While teaching the fundamentals of information security by using the CompTIA Security+ exam objectives as its framework, it takes a comprehensive view of security by examining in-depth the attacks against networks and computer systems and the necessary defense mechanisms. Security+ Guide to Network Security Fundamen- tals, Sixth Edition is a valuable tool for those who want to learn about security and who desire to enter the field of information security. It also provides the foundation that will help prepare for the CompTIA Security+ certification exam.

xv

INTRODUCTION

88781_fm_hr_i-xxvi.indd 15 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Introductionxvi

Intended Audience This book is designed to meet the needs of students and professionals who want to master basic information security. A fundamental knowledge of computers and net- works is all that is required to use this book. Those seeking to pass the CompTIA Secu- rity+ certification exam will find the text’s approach and content especially helpful; all Security+ SY0-501 exam objectives are covered in the text (see Appendix A). Security+ Guide to Network Security Fundamentals, Sixth Edition covers all aspects of network and computer security while satisfying the Security+ objectives.

The book’s pedagogical features are designed to provide a truly interactive learning experience to help prepare you for the challenges of network and computer security. In addition to the information presented in the text, each chapter includes Hands-On Projects that guide you through implementing practical hardware, software, network, and Internet security configurations step by step. Each chapter also contains case stud- ies that place you in the role of problem solver, requiring you to apply concepts pre- sented in the chapter to achieve successful solutions.

Chapter Descriptions Here is a summary of the topics covered in each chapter of this book:

Chapter 1, “Introduction to Security,” introduces the network security fundamen- tals that form the basis of the Security+ certification. It begins by examining the cur- rent challenges in computer security and why security is so difficult to achieve. It then defines information security in detail and explores why it is important. Finally, the chapter looks at the fundamental attacks, including who is responsible for them, and defenses.

Chapter 2, “Malware and Social Engineering Attacks,” examines attacks that use different types of malware, such as viruses, worms, Trojans, and botnets. It also looks at the different types of social engineering attacks.

Chapter 3, “Basic Cryptography,” explores how encryption can be used to protect data. It covers what cryptography is and how it can be used for protection, and then examines how to protect data using three common types of encryption algorithms: hashing, symmetric encryption, and asymmetric encryption. It also covers how to use cryptography on files and disks to keep data secure.

Chapter 4, “Advanced Cryptography and PKI,” examines how to implement cryp- tography and use digital certificates. It also looks at public key infrastructure and key management. This chapter covers different transport cryptographic algorithms to see how cryptography is used on data that is being transported.

Chapter 5, “Networking and Server Attacks,” explores the different attacks that are directed at enterprises. It includes networking-based attacks as well as server attacks.

88781_fm_hr_i-xxvi.indd 16 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Introduction xvii

Chapter 6, “Network Security Devices, Design, and Technology,” examines how to protect networks through standard network devices and network security hard- ware. It also covers implementing security through network architectures and network technologies.

Chapter 7, “Administering a Secure Network,” looks at the techniques for admin- istering a network. This includes understanding common network protocols and the proper placement of security devices and technologies. It also looks at analyzing secu- rity data and securing network platforms such as virtualization, cloud computing, and software defined networks.

Chapter 8, “Wireless Network Security,” investigates the attacks on wireless devices that are common today and explores different wireless security mechanisms that have proven to be vulnerable. It also covers several secure wireless protections.

Chapter 9, “Client and Application Security,” examines securing the client through hardware and peripherals through hardware and the operating system. It also looks at physical security to create external perimeter defenses and internal physical access security. This chapter also covers application security vulnerabilities and the development of secure apps.

Chapter 10, “Mobile and Embedded Device Security,” looks at the different types of mobile devices and the risks associated with these devices. It also explores how to secure these devices and the applications running on them. Finally, it examines how embedded systems and the Internet of Things devices can be secured.

Chapter 11, “Authentication and Account Management,” looks at authentication and the secure management of user accounts to enforce authentication. It covers the different types of authentication credentials that can be used to verify a user’s identity and how a single sign-on might be used. It also examines the techniques and technol- ogy used to manage user accounts in a secure fashion.

Chapter 12, “Access Management,” introduces the principles and practices of access control by examining access control terminology, the standard control mod- els, and managing access through account management. It also covers best practices, implementing access control, and identity and access services.

Chapter 13, “Vulnerability Assessment and Data Security,” explains what vulner- ability assessment is and examines the tools and techniques associated with it. It also explores the differences between vulnerability scanning and penetration testing. The chapter concludes with an examination of data privacy.

Chapter 14, “Business Continuity,” covers the importance of keeping business processes and communications operating normally in the face of threats and disrup- tions. It explores business continuity, fault tolerance, environmental controls, and inci- dent response.

Chapter 15, “Risk Mitigation,” looks at how organizations can establish and main- tain security in the face of risk. It defines risk and the strategies to control it. This chap- ter also covers practices for reducing risk and troubleshooting common security issues.

88781_fm_hr_i-xxvi.indd 17 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Introductionxviii

Appendix A, “CompTIA SY0-501 Certification Examination Objectives,” provides a complete listing of the latest CompTIA Security+ certification exam objectives and shows the chapters and headings in the book that cover material associated with each objective, as well as the Bloom’s Taxonomy level of that coverage.

Features To aid you in fully understanding computer and network security, this book includes many features designed to enhance your learning experience.

• Maps to CompTIA Objectives. The material in this text covers all the CompTIA Security+ SY0-501 exam objectives.

• Chapter Objectives. Each chapter begins with a detailed list of the concepts to be mastered in that chapter. This list provides you with both a quick reference to the chapter’s contents and a useful study aid.

• Today’s Attacks and Defenses. Each chapter opens with a vignette of an actual security attack or defense mechanism that helps to introduce the material covered in that chapter.

• Illustrations and Tables. Numerous illustrations of security vulnerabilities, attacks, and defenses help you visualize security elements, theories, and concepts. In addition, the many tables provide details and comparisons of practical and theoretical information.

• Chapter Summaries. Each chapter’s text is followed by a summary of the concepts introduced in that chapter. These summaries provide a helpful way to review the ideas covered in each chapter.

• Key Terms. All the terms in each chapter that were introduced with bold text are gathered in a Key Terms list, providing additional review and highlighting key con- cepts. Key Term definitions are included in the Glossary at the end of the text.

• Review Questions. The end-of-chapter assessment begins with a set of review questions that reinforce the ideas introduced in each chapter. These questions help you evaluate and apply the material you have learned. Answering these questions will ensure that you have mastered the important concepts and provide valuable practice for taking CompTIA’s Security+ exam.

• Hands-On Projects. Although it is important to understand the theory behind network security, nothing can improve on real-world experience. To this end, each chapter provides several Hands-On Projects aimed at providing you with practical security software and hardware implementation experience. These proj- ects use the Windows 10 operating system, as well as software downloaded from the Internet.

• Case Projects. Located at the end of each chapter are several Case Projects. In these extensive exercises, you implement the skills and knowledge gained in the chapter through real design and implementation scenarios.

88781_fm_hr_i-xxvi.indd 18 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Introduction xix

New to This Edition • Maps fully to the latest CompTIA Security+ exam SY0-501 • Completely revised and updated with expanded coverage on attacks and defenses • New chapter units: Security and Its Threats, Cryptography, Network Attacks and

Defenses, Device Security, Identity and Access Management, and Risk Management • Earlier coverage of cryptography and advanced cryptography • All new “Today’s Attacks and Defenses” opener in each chapter • New and updated Hands-On Projects in each chapter covering some of the latest

security software • More Case Projects in each chapter • Expanded Information Security Community Site activity in each chapter allows

learners to interact with other learners and security professionals from around the world

• All SY0-501 exam topics fully defined • Linking of each exam sub-domain to Bloom’s Taxonomy (see Appendix A)

Text and Graphic Conventions Wherever appropriate, additional information and exercises have been added to this book to help you better understand the topic at hand. Icons throughout the text alert you to additional materials. The following icons are0 used in this textbook:

The Note icon draws your attention to additional helpful material related to the subject being described.

Tips based on the author’s experience provide extra informa- tion about how to attack a problem or what to do in real-world situations.

The Caution icons warn you about potential mistakes or prob- lems, and explain how to avoid them.

Hands-On Projects help you understand the theory behind network security with activities using the latest security software and hardware.

The Case Projects icon marks Case Projects, which are scenario- based assignments. In these extensive case examples, you are asked to implement independently what you have learned.

Certification icons indicate CompTIA Security+ objectives covered under major chapter headings.

Hands-On Projects

Case Projects

Certification

Note

Tip

Caution

88781_fm_hr_i-xxvi.indd 19 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Introductionxx

Instructor’s Materials Everything you need for your course in one place. This collection of book-specific lecture and class tools is available online. Please visit login.cengage.com and log in to access instructor-specific resources on the Instructor Companion Site, which includes the Instructor’s Manual, Solutions Manual, test creation tools, PowerPoint Presenta- tions, Syllabus, and figure files.

• Electronic Instructor’s Manual. The Instructor’s Manual that accompanies this textbook includes the following items: additional instructional material to assist in class preparation, including suggestions for lecture topics.

• Solutions Manual. The instructor’s resources include solutions to all end-of- chapter material, including review questions and case projects.

• Cengage Testing Powered by Cognero. This flexible, online system allows you to do the following: • Author, edit, and manage test bank content from multiple Cengage solutions. • Create multiple test versions in an instant. • Deliver tests from your LMS, your classroom, or wherever you want.

• PowerPoint Presentations. This book comes with a set of Microsoft PowerPoint slides for each chapter. These slides are meant to be used as a teaching aid for classroom presentations, to be made available to students on the network for chapter review, or to be printed for classroom distribution. Instructors are also at liberty to add their own slides for other topics introduced.

• Figure Files. All the figures and tables in the book are reproduced. Similar to Power- Point presentations, these are included as a teaching aid for classroom presentation, to make available to students for review, or to be printed for classroom distribution.

Total Solutions For Security To access additional course materials, please visit www.cengagebrain.com. At the cengagebrain.com home page, search for the ISBN of your title (from the back cover of your book) using the search box at the top of the page. This will take you to the product page where these resources can be found.

MindTap MindTap for Security+ Guide to Network Security Fundamentals, Sixth Edition is a per- sonalized, fully online digital learning platform of content, assignments, and services that engages students and encourages them to think critically, while allowing you to easily set your course through simple customization options.

MindTap is designed to help students master the skills they need in today’s workforce. Research shows employers need critical thinkers, troubleshooters, and creative problem solv- ers to stay relevant in our fast paced, technology-driven world. MindTap helps you achieve this with assignments and activities that provide hands-on practice, real-life relevance, and certification test prep. Students are guided through assignments that help them master basic knowledge and understanding before moving on to more challenging problems.

88781_fm_hr_i-xxvi.indd 20 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Introduction xxi

The live virtual machine labs provide real-life application and practice as well as more advanced learning. Students work in a live environment via the Cloud with real servers and networks that they can explore. The IQ certification test preparation engine allows students to quiz themselves on specific exam domains, and the pre- and post-course assessments measure exactly how much they have learned. Readings, lab simulations, capstone projects, and videos support the lecture, while “In the News” assignments encourage students to stay current.

MindTap is designed around learning objectives and provides the analytics and reporting to easily see where the class stands in terms of progress, engagement, and completion rates.

Students can access eBook content in the MindTap Reader, which offers highlighting, note-taking, search and audio, as well as mobile access. Learn more at www.cengage.com/mindtap/.

Instant Access Code: (ISBN: 9781337289306) Printed Access Code: (ISBN: 9781337289313)

Lab Manual Hands-on learning is necessary to master the security skills needed for both Comp- TIA’s Security+ Exam and for a career in network security. Security+ Guide to Network Security Fundamentals Lab Manual, 6th Edition contains hands-on exercises that use fundamental networking security concepts as they are applied in the real world. Each chapter offers review questions to reinforce your mastery of network security topics and to sharpen your critical thinking and problem-solving skills. (ISBN: 9781337288798)

Bloom’s Taxonomy Bloom’s Taxonomy is an industry-standard classification system used to help iden- tify the level of ability that learners need to demonstrate proficiency. It is often used to classify educational learning objectives into different levels of complexity. Bloom’s Taxonomy reflects the “cognitive process dimension.” This represents a continuum of increasing cognitive complexity, from remember (lowest level) to create (highest level). There are six categories in Bloom’s Taxonomy as seen in Figure A.

In all instances, the level of coverage the domains in Security+ Guide to Network Security Fundamentals, Sixth Edition meets or exceeds the Bloom’s Taxonomy level indicated by CompTIA for that objective. See Appendix A for more detail.

Information Security Community Site Stay secure with the Information Security Community Site. Connect with students, profes- sors, and professionals from around the world, and stay on top of this ever-changing field.

Visit http://community.cengage.com/Infosec2/ to: • Download resources such as instructional videos and labs. • Ask authors, professors, and students the questions that are on your mind in the

Discussion Forums. • See up-to-date news, videos, and articles.

88781_fm_hr_i-xxvi.indd 21 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Introductionxxii

Domain % of Examination 1.0 Threats, Attacks & Vulnerabilities 21%

2.0 Technologies & Tools 22%

3.0 Architecture & Design 15%

4.0 Identity & Access Management 16%

5.0 Risk Management 14%

6.0 Cryptography & PKI 12%

Total 100%

• Read regular blogs from author Mark Ciampa. • Listen to podcasts on the latest Information Security topics. • Review textbook updates and errata.

Each chapter’s Case Projects include information on a current security topic and ask the learner to post reactions and comments to the Information Security Com- munity Site. This allows users from around the world to interact and learn from other users as well as security professionals and researchers.

What’s New With Comptia Security+ Certification The CompTIA Security+ SY0-501 exam was updated in October 2017. Several significant changes have been made to the exam objectives. The exam objectives have been sig- nificantly expanded to more accurately reflect current security issues and knowledge requirements. These exam objectives place importance on knowing “how to” rather than just knowing or recognizing security concepts.

Here are the domains covered on the new Security+ exam:

Produce new or original work Design, assemble, construct, conjecture, develop, formulate, author, investigatecreate

Bloom’s Taxonomy

evaluate

analyze

apply

understand

remember

Justify a stand or decision appraise, argue, defend, judge, select, support, value, critique, weigh

Draw connections among ideas differentiate, organize, relate, compare, contrast, distinguish, examine, experiment, question, test

Use information in new situations execute, implement, solve, use, demonstrate, interpret, operate, schedule, sketch

Explain ideas or concepts classify, describe, discuss, explain, identify, locate, recognize, report, select, translate

Recall facts and basic concepts define, duplicate, list, memorize, repeat, state

Figure A Bloom’s taxonomy

88781_fm_hr_i-xxvi.indd 22 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Introduction xxiii

88781_fm_hr_i-xxvi.indd 23 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Introductionxxiv

About The Author Dr. Mark Ciampa is an Associate Professor of Information Systems in the Gordon Ford Col- lege of Business at Western Kentucky University in Bowling Green, Kentucky. Prior to this, he was an Associate Professor and served as the Director of Academic Computing at Vol- unteer State Community College in Gallatin, Tennessee for 20 years. Mark has worked in the IT industry as a computer consultant for businesses, government agencies, and educa- tional institutions. He has published over 20 articles in peer-reviewed journals and is also the author of 25 technology textbooks, including Security+ Guide to Network Security Fun- damentals 6e, CWNA Guide to Wireless LANs 3e, Guide to Wireless Communications, Security Awareness: Applying Practical Security in Your World 5e, and Networking BASICS. Dr. Ciampa holds a PhD in technology management with a specialization in digital communication systems from Indiana State University and has certifications in Security+ and HIT.

Acknowledgments A large team of dedicated professionals all contributed to the creation of this book. I am honored to be part of such an outstanding group of professionals. First, thanks go to Product Manager Kristin McNary for giving me the opportunity to work on this project and for providing her continual support, and to Associate Product Manager Amy Savino for answering all my questions. Also thanks to Senior Content Developer Michelle Ruelos Cannistraci who was very supportive, to Senior Content Product Manager Brooke Green- house who helped keep this fast-moving project on track, and to Dr. Andy Hurd who performed the technical reviews. To everyone on the team I extend my sincere thanks.

Special recognition again goes to the very best developmental editor, Deb Kaufmann, who is a true professional in every sense of the word. She made many helpful suggestions, found all my errors, watched every small detail, and even took on additional responsibilities so that this project could accelerate to be completed even before its deadlines. Without question, Deb is simply the very best there is.

And finally, I want to thank my wonderful wife, Susan. Her love, interest, support, and patience gave me what I needed to complete this project. I could not have written this book without her.

Dedication To Braden, Mia, Abby, Gabe, Cora, and Will.

To The User This book should be read in sequence, from beginning to end. Each chapter builds on those that precede it to provide a solid understanding of networking security funda- mentals. The book may also be used to prepare for CompTIA’s Security+ certification exam. Appendix A pinpoints the chapters and sections in which specific Security+ exam objectives are covered.

Hardware and Software Requirements Following are the hardware and software requirements needed to perform the end-of- chapter Hands-On Projects.

88781_fm_hr_i-xxvi.indd 24 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Introduction

• Microsoft Windows 10 • An Internet connection and web browser • Microsoft Office

Free Downloadable Software Requirements Free, downloadable software is required for the Hands-On Projects in the following chapters.

Chapter 1: • Microsoft Safety Scanner • Oracle VirtualBox

Chapter 2: • Irongeek Thumbscrew • Refog Keylogger

Chapter 3: • OpenPuff Steganography • HashCalc • Jetico BestCrypt

Chapter 4: • Comodo Secure Email Certificate

Chapter 5: • Qualys Browser Check • GRC Securable

Chapter 6: • GlassWire • K9 Web Protection

Chapter 7: • VMware vCenter Converter • VMware Workstation Player

Chapter 8: • Xirrus Wi-Fi Inspector • Vistumbler

Chapter 9: • EICAR AntiVirus Test File

Chapter 10: • Prey Project • Bluestacks • Andy Android emulator • Lookout Security & Antivirus

xxv

88781_fm_hr_i-xxvi.indd 25 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

Introduction

Chapter 11: • Hashcat • HashcatGUI • BioID Facial Recognition Authenticator • GreyC-Keystroke • KeePass

Chapter 13: • Flexera Personal Software Inspector • Macrium Reflect • Nmap

Chapter 14: • Directory Snoop • Nmap

Chapter 15: • Browzar • UNetbootin • Linux Mint

References 1. Newman, Lilly, “Hack brief: Hackers breach a billion Yahoo accounts,” Wired, Dec. 14, 2016,

retrieved Jul. 3, 2017, https://www.wired.com/2016/12/yahoo-hack-billion-users/. 2. Chang, Ziv, Sison, Gilbert, Jocson, Jeanne, “Erebus resurfaces as Linux ransomware,”

TrendLabs Security Intelligence Blog, Jun. 19, 2017, retrieved Jul. 3, 2017, http://blog.trendmicro .com/trendlabs-security-intelligence/erebus-resurfaces-as-linux-ransomware/.

3. Corkery, Michael, and Goldstein, Matthew, “North Korea said to be target of inquiry over $81 million cyberheist,” New York Times, Mar. 22, 2017, retrieved Jul. 3, 2017, https://www. nytimes.com/2017/03/22/business/dealbook/north-korea-said-to-be-target-of-inquiry -over-81-million-cyberheist.html.

4. “Cybersecurity market report,” Cybersecurity Ventures, Q2 2017, retrieved Jul. 3, 2017, http://cybersecurityventures.com/cybersecurity-market-report/.

5. Nash, Kim, “Firms vie in hiring of cyber experts,” Wall Street Journal, May 15, 2017, retrieved Jul. 10, 2017, https://www.wsj.com/articles/for-many-companies-a- good-cyber-chief-is-hard-to-find-1494849600.

6. “Information security analysts: Occupational outlook handbook,” Bureau of Labor Statistics, Dec. 17, 2015, retrieved Jul. 3, 2017, https://www.bls.gov/ooh/computer-and-information -technology/information-security-analysts.htm.

xxvi

88781_fm_hr_i-xxvi.indd 26 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

SECURITY AND ITS THREATS Chapter 1 Introduction to Security Chapter 2 Malware and Social Engineering Attacks

The security of the data and information contained on computers and digital devices today is threatened more than ever before, and the attacks are escalating every day. The chapters in this part introduce security and outline many of these threats. The chapters in later parts will give you the understanding and tools you need to defend against these attacks.

1

P A R T I

88781_ch01_hr_001-050.indd 1 8/10/17 4:10 AM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

88781_ch01_hr_001-050.indd 2 8/10/17 4:10 AM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

INTRODUCTION TO SECURITY

After completing this chapter you should be able to do the following:

Explain the challenges of securing information

Define information security and explain why it is important

Identify the types of threat actors that are common today

Describe how to defend against attacks

CHAPTER 1

Today’s Attacks and Defenses

Almost everyone would assume that the director of the Central Intelligence Agency (CIA) would be well-versed in security procedures and would practice these to the letter of the law. This is because of the extreme danger that would result from a compromise or theft of highly classified information about active CIA agents or sensitive activities that are underway. The exposure of this information could result in a serious international incident or even the capture and torture of secret agents. However, a former CIA director who failed to follow basic security procedures put sensitive CIA information at risk.

Former CIA Director John Brennan had recently completed a sensitive 47-page SF-86 application to update his own top-secret government security clearance. These applications are used by the federal government for conducting a background check on individuals

3

88781_ch01_hr_001-050.indd 3 8/10/17 4:10 AM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

CHAPTER 1  Introduction to Security4

requesting such a security clearance. The forms contain a wealth of sensitive data about the person—criminal history, psychological records, any past drug use, information about the applicant’s interactions with foreign nationals—as well as information on their spouses, family members, and even friends. In the wrong hands this information could easily be used as blackmail material. Despite government restrictions Brennan routinely forwarded classified emails from his CIA email account to his less-secure personal AOL email account. One of the emails contained his own SF-86 application as an attachment, a serious breach of CIA security protocol.

An attacker who claimed to be under the age of 20 along with two friends decided to see if they could uncover classified CIA documents. The attacker first did a reverse lookup of Brennan’s public phone number to reveal that the phone was served by the carrier Verizon Wireless. The attacker called Verizon’s customer service number and pretended to be a Verizon technician. He said he had a customer lined up on a scheduled callback but was unable to access Verizon’s customer database on his own because “our tools were down.” So, could Verizon customer service give him the email address that was linked to Brennan’s phone number? The friendly and helpful Verizon customer service representative said, “Sure, no problem.” The pretender then asked if the Verizon representative would also give him the last four digits of the customer’s bank card that was on file. Once again, the representative was glad to help. By the time the call was over the pretender had Brennan’s Verizon account number, his four-digit personal identification number, the backup private mobile cellphone number on the account, his AOL email address, and the last four digits on his bank card.

The attacker now had the information that he needed. Knowing that Brennan had an AOL email account he next called AOL and said he was locked out of that account. The AOL representative asked him to verify his identity by answering two questions: the name and phone number associated with the account and the last four digits of the bank card on file— all of which had been provided by Verizon. The AOL representative then reset the password on the email account to a new password for the attacker.

The attacker then logged into Brennan’s AOL email account, where he read several dozen emails, some of which the director had forwarded from his government work email and that contained attachments. Among the attachments was Brennan’s own SF-86 application and a spreadsheet containing names and Social Security numbers of several U.S. intelligence officials. It is speculated that the spreadsheet might have been a list of guests who were visiting the White House when Brennan was the President’s counter- terrorism adviser. Another attachment was a letter from the U.S. Senate asking the CIA to halt its controversial use of torture tactics as interrogation techniques. The hacker posted screenshots of some of the documents on a Twitter account along with portions of the director’s AOL email contact list.

88781_ch01_hr_001-050.indd 4 8/10/17 4:10 AM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

CHAPTER 1  Introduction to Security 5

Today our world is one in which citizens from all nations are compelled to continually protect themselves and their property from attacks by adversaries. Random shootings, suicide bombings, assassinations, and other types of physical violence occur almost daily around the world with no end in sight. To counteract this violence, new types of security defenses have been implemented. Passengers using public transportation are routinely searched. Borders are closely watched. Telephone calls are secretly monitored. These attacks and security defenses have significantly impacted how all of us work, play, and live.

These attacks are not just physical. One area that has also been an especially frequent target of attacks is information technology (IT). A seemingly endless array of attacks is directed at individuals, schools, businesses, and governments through desktop computers, laptops, and smartphones. Internet web servers must resist thousands of attacks every day. Identity theft using stolen electronic data has skyrocketed. An unprotected computer connected to the Internet may be infected in fewer than 60 seconds. Viruses, phishing, worms, and botnets—virtually unheard of just a few years ago—are now part of our everyday technology vocabulary.

The need to defend against these attacks directed toward our technology devices has created an element of IT that is now at the very core of the industry. Known as information security, it is focused on protecting the electronic information of enterprises and users.

Two broad categories of information security personnel are responsible for providing protection for an enterprise like a business or nonprofit organization. Information security managerial personnel administer and manage plans, policies, and people, while information security technical personnel are concerned with designing, configuring, installing, and maintaining technical security equipment. Within these two broad categories are four generally recognized security positions:

• Chief Information Security Officer (CISO). This person reports directly to the CIO (large enterprises may have more layers of management between this person and the CIO). This person is responsible for assessing, managing, and implementing security.

When Brennan realized that this information came from his AOL email account and that it had been compromised, he reset his AOL password. However, he failed to change the cell phone number and bank card number on file that was used to reset the password. Once the attacker discovered the password had been changed, he simply reset the password again, locking out Brennan. This back-and-forth of password resets was repeated three times between the attacker and the CIA director until he finally deleted the email account.

In one last act, the attacker called Brennan’s private mobile phone number that he had received from Verizon and told the former director of the CIA that he had been hacked. According to the attacker, the conversation was brief.1

88781_ch01_hr_001-050.indd 5 8/10/17 4:10 AM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

CHAPTER 1  Introduction to Security6

• Security manager. The security manager reports to the CISO and supervises technicians, administrators, and security staff. Typically, a security manager works on tasks identified by the CISO and resolves issues identified by technicians. This position requires an understanding of configuration and operation but not necessarily technical mastery.

• Security administrator. The security administrator has both technical knowledge and managerial skills. A security administrator manages daily operations of security technology, and may analyze and design security solutions within a specific entity as well as identifying users’ needs.

• Security technician. This position is generally an entry-level position for a person who has the necessary technical skills. Technicians provide technical support to configure security hardware, implement security software, and diagnose and troubleshoot problems.

Note

Individuals in these positions provide protection but are not the only employees responsible for security. It is the job of every employee—both IT and non-IT—to know and practice basic security defenses.

Note

The job outlook for security professionals is exceptionally strong. According to the U.S. Bureau of Labor Statistics (BLS) “Occupational Outlook Handbook,” the job outlook for information security analysts through 2024 is expected to grow by 18 percent, much faster than the average growth rate.2 One report states that by the end of the decade demand for security professionals worldwide will rise to 6 million, with a projected shortfall of 1.5 million unfilled positions.3

As attacks continue to escalate, the need for trained security personnel also increases. Unlike some IT positions, security is rarely offshored or outsourced: because security is such a critical element, security positions generally remain within the enterprise. In addition, security jobs typically do not involve “on-the-job training” where employees can learn as they go; the risk is simply too great.

Employment trends indicate that security personnel who also have a certification in security are in high demand. IT employers want and pay a premium for certified security personnel. An overwhelming majority of enterprises use the Computing

88781_ch01_hr_001-050.indd 6 8/10/17 4:10 AM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

CHAPTER 1  Introduction to Security 7

Technology Industry Association (CompTIA) Security+ certification to verify security competency. Of the hundreds of security certifications currently available, Security+ is one of the most widely acclaimed. Because it is internationally recognized as validating a foundation level of security skills and knowledge, the Security+ certification has become the security baseline for today’s IT professionals.

Note

The value for an IT professional who holds a security certification is significant. The extra pay awarded to IT professions who hold an IT certification is 3.5 percent over someone who does not hold that certification. However, those who hold a security certification earn 8.7 percent more than their counterparts who do not have a security certification.4

The CompTIA Security+ certification is a vendor-neutral credential that requires passing the current certification exam SY0-501. A successful candidate has the knowledge and skills required to identify risks and participate in risk mitigation activities; provide infrastructure, application, operational and information security; apply security controls to maintain confidentiality, integrity, and availability; identify appropriate technologies and products; troubleshoot security events and incidents; and operate with an awareness of applicable policies, laws, and regulations. The CompTIA Security+ certification is aimed at an IT security professional who has a recommended background of a minimum of two years’ experience in IT administration with a focus on security.

Note

CompTIA Security+ meets the ISO 17024 standard and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. It is also compliant with government regulations under the Federal Information Security Management Act (FISMA).

This chapter introduces the security fundamentals that form the basis of the Security+ certification. It begins by examining the current challenges in computer security. It then defines information security in detail and explores why it is important. Finally, the chapter looks at who is responsible for these attacks and the fundamental defenses against such attacks.

88781_ch01_hr_001-050.indd 7 8/10/17 4:10 AM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

CHAPTER 1  Introduction to Security8

Challenges of Securing Information Certification

1.6 Explain the impact associated with types of vulnerabilities.

A silver bullet refers to an action that provides an immediate solution to a problem by cutting through the complexity that surrounds it. Why shouldn’t there be such a silver bullet for securing computers? Why can’t users just install an improved hardware device or use a more secure version of software to stop attacks? Unfortunately, no single and simple solution exists for securing devices. This can be illustrated by looking at the different types of attacks that users face today as well as the reasons why these attacks are successful and the difficulties in defending against attacks.

Today’s Security Attacks Even though information security continues to rank as the number one concern of IT managers and tens of billions of dollars are spent annually on computer security, the number of successful attacks continues to increase. Consider the following examples of recent attacks:

• In order to demonstrate how easy it is to remotely control a car, a reporter drove a Jeep Cherokee outside St. Louis while two security researchers 10 miles away remotely connected to it and started manipulating its controls. The air conditioning on the Jeep suddenly switched to its maximum setting. Next, the car’s radio changed stations and the volume increased, even though the driver repeatedly tried to turn the volume down and change the station to no avail. Then the windshield wipers suddenly turned on and wiper fluid squirted out. While on an Interstate highway the driver pressed the accelerator but the Jeep instead started slowing down so that is was almost rammed from behind by a large truck. The researchers even remotely disabled the brakes so that the Jeep finally ended up in a ditch. The security researchers had taken advantage of the car’s Internet-connection feature that controls its entertainment and navigation systems, enables phone calls, and can be used to create a Wi-Fi hot spot. Due to a vulnerability, anyone could gain access remotely to the car’s control systems from virtually anywhere. This demonstration immediately caused the National Highway Traffic Safety Administration (NHTSA) to recall 1.4 million vehicles to patch this vulnerability. This was the first time a car was recalled because of a security vulnerability.5

• A security researcher boarded a United Airlines flight from Denver to Syracuse with a stop in Chicago. On the second leg of the trip the researcher tweeted that he was probing the aircraft systems of his flight. The United Airlines’

88781_ch01_hr_001-050.indd 8 8/10/17 4:10 AM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

CHAPTER 1  Introduction to Security 9

Cyber Security Intelligence Department, which monitors social media, saw the tweet, and alerted the FBI. According to the FBI, a special agent later examined the first-class cabin seat where the researcher was seated and found that he had tampered with the Seat Electronic Box (SEB), which is located under some passenger seats. This allowed him to connect his laptop to the in-flight entertainment (IFE) system via the SEB. Once he accessed the IFE he could then access other systems on the plane. The researcher claimed that he could have caused the airplane to change altitude after manipulating its software. United Airlines has permanently banned him from any future flights.6

• Yahoo announced that a then-record half a billion Yahoo accounts were compromised by attackers who gained unauthorized access to its web servers. Information stolen included names, email addresses, phone numbers, birth dates, answers to security questions, and passwords. Yahoo believed the breach occurred two years prior but had only recently discovered it. Two months later Yahoo announced that after an investigation into data provided by law enforcement officials and outside experts they determined that yet another previously undetected data breach compromised over 1 billion Yahoo user accounts three years earlier. It was not known how law enforcement officials came across this evidence, but security researchers speculate that it was discovered by someone who was watching for data on underground “dark web” markets that attackers use to buy and sell stolen data. If that was the case, then this data had been for sale for several years, and likely had been used by attackers in targeted attacks to gain access to other web accounts. Yahoo’s response to the attacks was, “We continuously enhance our safeguards and systems that detect and prevent unauthorized access to user accounts.”7

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

Phd Writer
Math Specialist
Assignment Solver
Quality Assignments
High Quality Assignments
Top Quality Assignments
Writer Writer Name Offer Chat
Phd Writer

ONLINE

Phd Writer

This project is my strength and I can fulfill your requirements properly within your given deadline. I always give plagiarism-free work to my clients at very competitive prices.

$48 Chat With Writer
Math Specialist

ONLINE

Math Specialist

As an experienced writer, I have extensive experience in business writing, report writing, business profile writing, writing business reports and business plans for my clients.

$38 Chat With Writer
Assignment Solver

ONLINE

Assignment Solver

I have written research reports, assignments, thesis, research proposals, and dissertations for different level students and on different subjects.

$23 Chat With Writer
Quality Assignments

ONLINE

Quality Assignments

I am a professional and experienced writer and I have written research reports, proposals, essays, thesis and dissertations on a variety of topics.

$48 Chat With Writer
High Quality Assignments

ONLINE

High Quality Assignments

I have assisted scholars, business persons, startups, entrepreneurs, marketers, managers etc in their, pitches, presentations, market research, business plans etc.

$42 Chat With Writer
Top Quality Assignments

ONLINE

Top Quality Assignments

I am an elite class writer with more than 6 years of experience as an academic writer. I will provide you the 100 percent original and plagiarism-free content.

$18 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

WEEK 3 DISCUSSION - Economics - St george asset finance - Rate of reaction hydrochloric acid and magnesium - Food label assignment - British heart rhythm society - Situational leadership theory pros and cons - The rush to crack the internet spy network worksheet answers - What is a hemisphere - Linebacker run fit drills - Reed supermarkets a new wave of competitors case analysis - SMGT 502 - Marketing Plan: Promotion Objectives - Give me liberty by eric foner summary - Alka seltzer tablet in water chemical reaction - The principal beliefs of judaism - Worldly wise crossword clue - Australian standards shower base fall - Policies and Risk - What is genetic mutation jiskha - Concrete mixing lab report - Interview questions for forensic auditor - Marketing Research Essay - Latin word for earth - Olympic park vaccination centre map - C1 june 2008 mark scheme - Strategic importance of cloud computing in business organizations research paper - What is bas excluded - Power electronics question bank - Assignment. - Expert teachers have which of the following characteristics - Richard iii burial catholic - ETCM DISCUSSION-4 - The process of managing the baseline settings of a system device is called ________. - Why study the past - Is hacking that does no direct damage a victimless crime - Limitation of an experiment - Twinkle twinkle little star circumference equals two pi r - Biology ia ideas human physiology - Determining ksp of calcium hydroxide lab - Maintain currency of safe work practices - Finite state machine testing example - 11 theses on feuerbach - Example of a character sketch bible study - Unlike peru's coast ecuador's coastland consists of - 6-3-2 project 2: research plan and introduction submission - Designing effective hrd programs ppt - Covenant counseling and family resource center - A Lyrical Expression Of Women's Work Experience - Developmental dysplasia of the hip rch - A straight fin fabricated from aluminum alloy - Origins of nursery rhymes - Contract warehousing advantages and disadvantages - Conceptual artists reacted to the expanding art market by - Roufos v brewster case summary - Mcdonald group investments loganlea - Paper - Professional Writing - Qnt 561 signature assignment consumer food - Unit 6 Essay - Paper revision - Hospitality management exam questions and answers - Discussion - Fairfax group practice doctors - Actron air compressor noise - Word - 700 words: Chapter 11 – Review the employment challenge in the digital era (as well as the entire chapter). - 100 clubland x treme continuous mix 2 - Grow management consultants - Discussion - Finance Case Study - Glencoe punnett square virtual lab - My virtual child answers 18 years - Discussion responses - Assignment 3 - Billion scale commodity embedding for e commerce recommendation in alibaba - Club mahindra resort in austria - Great man theory of leadership pdf - How deforestation disrupts the carbon cycle - T3 DQ1 DQ2. BY9/6 - Casee - Instconffailed cannot delete the profile - Aquifer case study - What number i am - Coefficient of restitution formula for a bouncing ball - Week 9 - Community Awareness - What is the difference between a soliloquy and a monologue - VARK ASSESSMENT - Insulin onset peak duration table - Out of hours altnagelvin - St george's student union - PAD 520: Policy Analysis and Program Evaluation: The Executive Summary The Executive Summary - What is the bond's yield to maturity (expressed as an apr with semiannual compounding)? - What is authoring system - What do the letters of the cia triad stand for - Anybody's guide to total fitness 11th edition ebook - Difference between plant and animal cells chart - Calculus 2 problem - During may joliet fabrics corporation manufactured - SUPPLY AND DEMAND - Old road west surgery - Organizational culture and ethical decision making