Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

Principles of computer security comptia security+ and beyond 3rd edition pdf

22/12/2020 Client: saad24vbs Deadline: 6 Hours

Principles of Computer Security: CompTIA


Security+™ and Beyond (Exam SY0-301)


Third Edition


BaseTech / Principles of Computer Security: CompTIA Security+™ and Beyond / Wm. Arthur Conklin / 619-8 / Front Matter


P:\010Comp\BaseTech\619-8\FM.vp Wednesday, November 09, 2011 5:40:47 PM


Color profile: Disabled Composite Default screen


■ About the Authors Dr. Wm. Arthur Conklin is an assistant professor in the College of Technol- ogy at the University of Houston. Dr. Conklin has terminal degrees from the Naval Postgraduate School in electrical engineering and The University of Texas at San Antonio in business administration. Dr. Conklin’s research in- terests lie in the areas of software assurance and the application of systems theory to security issues associated with critical infrastructures. His disser- tation was on the motivating factors for home users in adopting security on their own PCs. He has coauthored six books on information security and has written and presented numerous conference and academic journal papers. He has over ten years of teaching experience at the college level and has as- sisted in building two information security programs that have been recog- nized by the NSA and DHS as Centers of Academic Excellence in Information Assurance Education. A former U.S. Navy officer, he was also previously the Technical Director at the Center for Infrastructure Assurance and Security at The University of Texas at San Antonio.


Dr. Gregory White has been involved in computer and network security since 1986. He spent 19 years on active duty with the U.S. Air Force and is currently in the Air Force Reserves assigned to the Pentagon. He obtained his Ph.D. in computer science from Texas A&M University in 1995. His dis- sertation topic was in the area of computer network intrusion detection, and he continues to conduct research in this area today. He is currently the Director for the Center for Infrastructure Assurance and Security and is an associate professor of computer science at The University of Texas at San Antonio. Dr. White has written and presented numerous articles and con- ference papers on security. He is also the coauthor for five textbooks on computer and network security and has written chapters for two other secu- rity books. Dr. White continues to be active in security research. His current research initiatives include efforts in high-speed intrusion detection, com- munity infrastructure protection, and visualization of community and orga- nization security postures.


Dwayne Williams is Associate Director, Special Projects for the Center for Infrastructure Assurance and Security (CIAS) at the University of Texas at San Antonio and has over 18 years of experience in information systems and network security. Mr. Williams’s experience includes six years of commis- sioned military service as a Communications-Computer Information Sys- tems Officer in the U.S. Air Force, specializing in network security, corporate information protection, intrusion detection systems, incident re- sponse, and VPN technology. Prior to joining the CIAS, he served as Direc- tor of Consulting for SecureLogix Corporation, where he directed and provided security assessment and integration services to Fortune 100, government, public utility, oil and gas, financial, and technology clients. Mr. Williams graduated in 1993 from Baylor University with a Bachelor of Arts in Computer Science. Mr. Williams is a Certified Information Systems Security Professional (CISSP) and coauthor of McGraw-Hill’s Voice and Data Security and CompTIA Security+ All-in-One Exam Guide.


BaseTech / Principles of Computer Security: CompTIA Security+™ and Beyond / Wm. Arthur Conklin / 619-8 / Front Matter ii


P:\010Comp\BaseTech\619-8\FM.vp Wednesday, November 09, 2011 5:40:48 PM


Color profile: Disabled Composite Default screen


Roger L. Davis, CISSP, CISM, CISA, is Program Manager of ERP systems at the Church of Jesus Christ of Latter-day Saints, managing the Church’s global financial system in over 140 countries. He has served as president of the Utah chapter of the Information Systems Security Association (ISSA) and various board positions for the Utah chapter of the Information Systems Audit and Control Association (ISACA). He is a retired Air Force lieutenant colonel with 30 years of military and information systems/security experi- ence. Mr. Davis served on the faculty of Brigham Young University and the Air Force Institute of Technology. He coauthored McGraw-Hill’s CompTIA Security+ All-in-One Exam Guide and Voice and Data Security. He holds a mas- ter’s degree in computer science from George Washington University, a bachelor’s degree in computer science from Brigham Young University, and performed post-graduate studies in electrical engineering and computer science at the University of Colorado.


Chuck Cothren, CISSP, is the president of Globex Security, Inc., and applies a wide array of network security experience to consulting and training. This includes performing controlled penetration testing, network security poli- cies, network intrusion detection systems, firewall configuration and man- agement, and wireless security assessments. He has analyzed security methodologies for voice over IP (VoIP) systems and supervisory control and data acquisition (SCADA) systems. Mr. Cothren was previously em- ployed at the University of Texas Center for Infrastructure Assurance and Security. He is coauthor of Voice and Data Security and CompTIA Security+ All-in-One Exam Guide. Mr. Cothren holds a B.S. in Industrial Distribution from Texas A&M University.


About the Technical Editor Bobby E. Rogers is a principal information security analyst with Dynetics, Inc., a national technology firm specializing in the certification and accredi- tation process for the U.S. government. He also serves as a penetration test- ing team lead for various government and commercial engagements. Bobby recently retired from the U.S. Air Force after almost 21 years, where he served as a computer networking and security specialist and designed and managed networks all over the world. His IT security experience includes several years working as an information assurance manager and a regular consultant to U.S. Air Force military units on various cybersecurity/com- puter abuse cases. He has held several positions of responsibility for net- work security in both the Department of Defense and private company networks. His duties have included perimeter security, client-side security, security policy development, security training, and computer crime investi- gations. As a trainer, he has taught a wide variety of IT-related subjects in both makeshift classrooms in desert tents and formal training centers. Bobby is also an accomplished author, having written numerous IT articles in various publications and training materials for the U.S. Air Force. He has also authored numerous security training videos.


BaseTech / Principles of Computer Security: CompTIA Security+™ and Beyond / Wm. Arthur Conklin / 619-8 / Front Matter iii


P:\010Comp\BaseTech\619-8\FM.vp Wednesday, November 09, 2011 5:40:48 PM


Color profile: Disabled Composite Default screen


He has a Bachelor of Science degree in computer information systems from Excelsior College and two Associates in Applied Science degrees from the Community College of the Air Force. Bobby’s professional IT certifica- tions include A+, Security+, ACP, CCNA, CCAI, CIW, CIWSA, MCP+I, MCSA (Windows 2000 & 2003), MCSE (Windows NT4, 2000 & 2003), MCSE: Security (Windows 2000 & 2003), CISSP, CIFI, CEH, CHFI, and CPTS, and he is also a certified trainer.


BaseTech / Principles of Computer Security: CompTIA Security+™ and Beyond / Wm. Arthur Conklin / 619-8 / Front Matter iv


P:\010Comp\BaseTech\619-8\FM.vp Wednesday, November 09, 2011 5:40:48 PM


Color profile: Disabled Composite Default screen


Principles of Computer Security: CompTIA


Security+™ and Beyond (Exam SY0-301)


Third Edition


Wm. Arthur Conklin Gregory White


Dwayne Williams Roger Davis


Chuck Cothren


New York Chicago San Francisco Lisbon London Madrid Mexico City Milan


New Delhi San Juan Seoul Singapore Sydney Toronto


BaseTech / Principles of Computer Security: CompTIA Security+™ and Beyond / Wm. Arthur Conklin / 619-8 / Front Matter


P:\010Comp\BaseTech\619-8\FM.vp Wednesday, November 09, 2011 5:40:51 PM


Color profile: Disabled Composite Default screen


BaseTech / Principles of Computer Security: CompTIA Security+™ and Beyond / Wm. Arthur Conklin / 619-8 / Front Matter


Cataloging-in-Publication Data is on file with the Library of Congress


McGraw-Hill books are available at special quantity discounts to use as premiums and sales promotions, or for use in corporate training programs. To contact a representative, please e-mail us at bulksales@mcgraw-hill.com.


Principles of Computer Security: CompTIA Security+™ and Beyond, Third Edition (Exam SY0-301)


Copyright © 2012 by The McGraw-Hill Companies. All rights reserved. Printed in the United States of America. Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of publisher, with the exception that the program listings may be entered, stored, and executed in a computer system, but they may not be reproduced for publication.


All trademarks or copyrights mentioned herein are the possession of their respective owners and McGraw-Hill makes no claim of ownership by the mention of products that contain these marks.


1 2 3 4 5 6 7 8 9 0 QDB QDB 1 0 9 8 7 6 5 4 3 2


ISBN: Book p/n 978-0-07-178616-4 and CD p/n 978-0-07-178617-1 of set 978-0-07-178619-5


MHID: Book p/n 0-07-178616-3 and CD p/n 0-07-178617-1 of set 0-07-178619-8


Information has been obtained by McGraw-Hill from sources believed to be reliable. However, because of the possibility of human or mechanical error by our sources, McGraw-Hill, or others, McGraw-Hill does not guarantee the accuracy, adequacy, or completeness of any information and is not responsible for any errors or omissions or the results obtained from the use of such information.


McGraw-Hill is an independent entity from CompTIA®. This publication and CD may be used in assisting students to prepare for the CompTIA Security+ exam. Neither CompTIA nor McGraw- Hill warrants that use of this publication and CD will ensure passing any exam. CompTIA and CompTIA Security+ are trademarks or registered trademarks of CompTIA in the United States and/or other countries. All other trademarks are trademarks of their respective owners.


SANS Institute IT Code of Ethics reproduced with permission, © SANS Institute.


Sponsoring Editor Timothy Green


Editorial Supervisor Janet Walden


Project Editor LeeAnn Pickrell


Acquisitions Coordinator Stephanie Evans


Technical Editor Bobby E. Rogers


Copy Editor LeeAnn Pickrell


Proofreader Paul Tyler


Indexer Rebecca Plunkett


Production Supervisor Jean Bodeaux


Composition Cenveo Publisher Services


Illustration Cenveo Publisher Services


Art Director, Cover Jeff Weeks


P:\010Comp\BaseTech\619-8\FM.vp Wednesday, November 09, 2011 5:40:51 PM


Color profile: Disabled Composite Default screen


■ This book is dedicated to the many security professionals who daily work to ensure the safety of our nation’s critical infrastructures. We want to recognize the thousands of dedicated individuals who strive to protect our national assets but who seldom receive praise and often are only noticed when an incident occurs. To you, we say thank you for a job well done!


BaseTech / Principles of Computer Security: CompTIA Security+™ and Beyond / Wm. Arthur Conklin / 619-8 / Front Matter vii


P:\010Comp\BaseTech\619-8\FM.vp Wednesday, November 09, 2011 5:40:51 PM


Color profile: Disabled Composite Default screen


■ Acknowledgments We, the authors of Principles of Computer Security: CompTIA Security+™ and Beyond, Third Edition, have many individuals who we need to acknowl- edge—individuals without whom this effort would not have been success- ful. This third edition would not have been possible without Tim Green, who navigated a myriad of problems and made life easier for the author team. He brought together an all-star production team that made this book more than just a new edition, but a complete learning system.


The list needs to start with those folks at McGraw-Hill who worked tire- lessly with the project’s multiple authors and contributors and lead us suc- cessfully through the minefield that is a book schedule and who took our rough chapters and drawings and turned them into a final, professional prod- uct we can be proud of. We thank all the good people from the Acquisitions team, Tim Green and Stephanie Evans; from the Editorial Services team, Janet Walden and LeeAnn Pickrell; from the Illustration and Production teams, Jean Bodeaux and Amarjeet Kumar and the composition team at Cenveo Publisher Services. We also thank the technical editor, Bobby Rogers; the copy editors, Bill McManus and LeeAnn Pickrell; the proofreader, Paul Tyler; and the indexer, Rebecca Plunkett; for all their attention to detail that made this a finer work after they finished with it.


We also need to acknowledge our current employers who, to our great delight, have seen fit to pay us to work in a career field that we all find excit- ing and rewarding. There is never a dull moment in security, because it is constantly changing.


We would like to thank Art Conklin for herding the cats on this one. Finally, we would each like to individually thank those people who—on a


personal basis—have provided the core support for us individually. Without these special people in our lives, none of us could have put this work together.


Successful cat herders have many behind them helping them succeed. I owe thanks to many friends, their friendship and support makes efforts such as this possible. And to Susan, my lovely wife and friend, thank you for your sacrifices that enable me to do the things I do.


—Art Conklin, Ph.D.


I would like to thank my wife, Charlan, for the tremendous support she has always given me. It doesn’t matter how many times I have sworn that I’ll never get involved with another book project only to return within months to yet another one; through it all, she has remained supportive.


I would also like to publicly thank the United States Air Force, which provided me numerous opportunities since 1986 to learn more about secu- rity than I ever knew existed.


To whoever it was who decided to send me as a young captain—fresh from completing my master’s degree in artificial intelligence—to my first assignment in computer security: thank you, it has been a great adventure!


—Gregory B. White, Ph.D.


BaseTech / Principles of Computer Security: CompTIA Security+™ and Beyond / Wm. Arthur Conklin / 619-8 / Front Matter viii


P:\010Comp\BaseTech\619-8\FM.vp Wednesday, November 09, 2011 5:40:51 PM


Color profile: Disabled Composite Default screen


For Macon. —Chuck Cothren


Geena, thanks for being my best friend and my greatest support. Any- thing I am is because of you. Love to my kids and grandkids!


—Roger L. Davis


To my wife and best friend Leah for your love, energy, and support— thank you for always being there. Here’s to many more years together.


—Dwayne Williams


BaseTech / Principles of Computer Security: CompTIA Security+™ and Beyond / Wm. Arthur Conklin / 619-8 / Front Matter ix


P:\010Comp\BaseTech\619-8\FM.vp Wednesday, November 09, 2011 5:40:51 PM


Color profile: Disabled Composite Default screen


BaseTech / Principles of Computer Security: CompTIA Security+™ and Beyond / Wm. Arthur Conklin / 619-8 / Front Matter


ABOUT THIS BOOK


■ Important Technology Skills


Information technology (IT) offers many career paths and information security is one of the fastest- growing tracks for IT professionals. This book provides coverage of the materials you need to begin your exploration of information security.


In addition to covering all of the CompTIA Security+ exam objectives, additional material is included to help you build a solid introductory knowledge of information security.


Makes Leaning Fun!— Rich, colorful text and illustrations bring technical concepts to life.


Engaging and Motivational — Using a conversational style and proven instructional approach, the authors explain technical subjects in a clear, interesting way using real-world examples.


Tech Tip sidebars provide inside information from experienced information security professionals.


Key Terms, identified in red, point out important vocabulary and definitions that you need to know.


Proven Learning Method Keeps You on Track Designed for classroom use and written by instructors for use in their own classes, Principles of Computer Security: CompTIA Security+ and Beyond is structured to give you comprehensive knowledge of information security. The textbook’s active learning methodology guides you beyond mere recall and—through thought-provoking activities, labs, and sidebars—helps you develop critical- thinking, diagnostic, and communication skills.


Cross Check questions develop reasoning skills: ask, compare, contrast, and explain.


P:\010Comp\BaseTech\619-8\FM.vp Wednesday, November 09, 2011 5:41:37 PM


Color profile: Disabled Composite Default screen


BaseTech / Principles of Computer Security: CompTIA Security+™ and Beyond / Wm. Arthur Conklin / 619-8 / Front Matter


Offers Practical Experience— Tutorials and lab assignments develop essential hands-on skills and put concepts in real-world contexts.


Robust Learning Tools— Summaries, key term lists, quizzes, essay questions, and lab projects help you practice skills


Notes, Tips, Warnings, and Exam Tips create a road map for success.


Chapter Review sections provide concept summaries, key terms lists, and lots of questions and projects.


Each chapter includes: ■ Learning Objectives that set measurable goals for


chapter-by-chapter progress


■ Illustrations that give you a clear picture of the concepts and technologies


■ Try This!, Cross Check, and Tech Tip sidebars that encourage you to practice and apply concepts in real- world settings


■ Notes, Tips, and Warnings that guide you, and Exam Tips that give you advice or provide information specifically related to preparing for the exam


■ Chapter Summaries and Key Terms Lists that provide you with an easy way to review important concepts and vocabulary


■ Challenging End-of-Chapter Tests that include vocabulary-building exercises, multiple-choice questions, essay questions, and on-the-job lab projects


■ Effective Learning Tools


This feature-rich textbook is designed to make learning easy and enjoyable and to help you develop the skills and critical thinking abilities that will enable you to adapt to different job situations and to troubleshoot problems. Written by


instructors with decades of combined information security experience, this book conveys even the most complex issues in an accessible, easy-to- understand format.


Try This! exercises apply core skills in a new setting.


Key Terms List presents the important terms identified in the chapter.


P:\010Comp\BaseTech\619-8\FM.vp Wednesday, November 09, 2011 5:43:03 PM


Color profile: Disabled Composite Default screen


CONTENTS AT A GLANCE


Chapter 1 ■ Introduction and Security Trends 1


Chapter 2 ■ General Security Concepts 20


Chapter 3 ■ Operational and Organizational Security 50


Chapter 4 ■ The Role of People in Security 66


Chapter 5 ■ Cryptography 82


Chapter 6 ■ Public Key Infrastructure 116


Chapter 7 ■ Standards and Protocols 154


Chapter 8 ■ Physical Security 180


Chapter 9 ■ Network Fundamentals 208


Chapter 10 ■ Infrastructure Security 232


Chapter 11 ■ Authentication and Remote Access 264


Chapter 12 ■ Wireless Security 298


Chapter 13 ■ Intrusion Detection Systems and Network Security 322


Chapter 14 ■ Baselines 364


xii Contents at a Glance


BaseTech / Principles of Computer Security: CompTIA Security+™ and Beyond / Wm. Arthur Conklin / 619-8 / Front Matter


P:\010Comp\BaseTech\619-8\FM.vp Wednesday, November 09, 2011 5:43:03 PM


Color profile: Disabled Composite Default screen


Chapter 15 ■ Types of Attacks and Malicious Software 396


Chapter 16 ■ E-Mail and Instant Messaging 430


Chapter 17 ■ Web Components 454


Chapter 18 ■ Secure Software Development 484


Chapter 19 ■ Disaster Recovery, Business Continuity, and Organizational Policies 502


Chapter 20 ■ Risk Management 536


Chapter 21 ■ Change Management 556


Chapter 22 ■ Privilege Management 572


Chapter 23 ■ Computer Forensics 594


Chapter 24 ■ Legal Issues and Ethics 610


Chapter 25 ■ Privacy 632


Appendix A ■ Objective Map 654


Appendix B ■ About the CD 666


■ Glossary 668


■ Index 684


Contents at a Glance xiii


BaseTech / Principles of Computer Security: CompTIA Security+™ and Beyond / Wm. Arthur Conklin / 619-8 / Front Matter


P:\010Comp\BaseTech\619-8\FM.vp Wednesday, November 09, 2011 5:43:03 PM


Color profile: Disabled Composite Default screen


CONTENTS


Preface. . . . . . . . . . . . . . . . . . . . . . . . . xxi Introduction . . . . . . . . . . . . . . . . . . . . . xxiii CompTIA Approved Quality Curriculum . . . . xxvi Instructor and Student Web Site . . . . . . . . . . xxxi


Chapter 1 ■ Introduction and Security Trends 1 The Security Problem . . . . . . . . . . . . . . . 1


Security Incidents . . . . . . . . . . . . . . . 1 Threats to Security . . . . . . . . . . . . . . . 7 Security Trends . . . . . . . . . . . . . . . . 10


Avenues of Attack . . . . . . . . . . . . . . . . . 11 The Steps in an Attack . . . . . . . . . . . . . 12 Minimizing Possible Avenues of Attack . . . . 13 Types of Attacks . . . . . . . . . . . . . . . . 14


Chapter 1 Review . . . . . . . . . . . . . . . . . . 15


Chapter 2 ■ General Security Concepts 20 Basic Security Terminology . . . . . . . . . . . . 21


Security Basics . . . . . . . . . . . . . . . . . 21 Access Control . . . . . . . . . . . . . . . . . 31 Authentication . . . . . . . . . . . . . . . . . 31 Authentication and Access Control Policies . . . 32


Social Engineering . . . . . . . . . . . . . . . . . 33 Security Policies . . . . . . . . . . . . . . . . . . . 34


Change Management Policy . . . . . . . . . . 35 Classification of Information . . . . . . . . . . 36 Acceptable Use Policy . . . . . . . . . . . . . 36 Due Care and Due Diligence . . . . . . . . . 38 Due Process . . . . . . . . . . . . . . . . . . 38 Need to Know . . . . . . . . . . . . . . . . . 39 Disposal and Destruction Policy . . . . . . . 39 Service Level Agreements . . . . . . . . . . . 40 Human Resources Policies . . . . . . . . . . . 40


Security Models . . . . . . . . . . . . . . . . . . . 42 Confidentiality Models . . . . . . . . . . . . . 43 Integrity Models . . . . . . . . . . . . . . . . 44


Chapter 2 Review . . . . . . . . . . . . . . . . . . 46


Chapter 3 ■ Operational and Organizational


Security 50 Security Operations


in Your Organization . . . . . . . . . . . . . . 51 Policies, Procedures, Standards,


and Guidelines . . . . . . . . . . . . . . . 51 The Security Perimeter . . . . . . . . . . . . 52


Physical Security . . . . . . . . . . . . . . . . . . 53 Access Controls . . . . . . . . . . . . . . . . 54 Physical Barriers . . . . . . . . . . . . . . . . 56


Environmental Issues . . . . . . . . . . . . . . . 56 Fire Suppression . . . . . . . . . . . . . . . . 57


Wireless . . . . . . . . . . . . . . . . . . . . . . . 58 Electromagnetic Eavesdropping . . . . . . . . . 59 Location . . . . . . . . . . . . . . . . . . . . . . . 60 Chapter 3 Review . . . . . . . . . . . . . . . . . . 62


Chapter 4 ■ The Role of People in Security 66 People—A Security Problem . . . . . . . . . . . 67


Social Engineering . . . . . . . . . . . . . . . 67 Poor Security Practices . . . . . . . . . . . . 72


People as a Security Tool . . . . . . . . . . . . . 76 Security Awareness . . . . . . . . . . . . . . 76 Individual User Responsibilities . . . . . . . . 77


Chapter 4 Review . . . . . . . . . . . . . . . . . . 79


Chapter 5 ■ Cryptography 82 Algorithms . . . . . . . . . . . . . . . . . . . . . 84 Hashing Functions . . . . . . . . . . . . . . . . . 87


SHA . . . . . . . . . . . . . . . . . . . . . . 89 RIPEMD . . . . . . . . . . . . . . . . . . . . 90 Message Digest . . . . . . . . . . . . . . . . 90 Hashing Summary . . . . . . . . . . . . . . . 92


Symmetric Encryption . . . . . . . . . . . . . . . 92 DES . . . . . . . . . . . . . . . . . . . . . . 93 3DES . . . . . . . . . . . . . . . . . . . . . . 94


xiv Contents


BaseTech / Principles of Computer Security: CompTIA Security+™ and Beyond / Wm. Arthur Conklin / 619-8 / Front Matter


P:\010Comp\BaseTech\619-8\FM.vp Wednesday, November 09, 2011 5:43:03 PM


Color profile: Disabled Composite Default screen


AES . . . . . . . . . . . . . . . . . . . . . . 94 CAST . . . . . . . . . . . . . . . . . . . . . . 95 RC . . . . . . . . . . . . . . . . . . . . . . . 96 Blowfish . . . . . . . . . . . . . . . . . . . . 97 Twofish . . . . . . . . . . . . . . . . . . . . . 98 IDEA . . . . . . . . . . . . . . . . . . . . . . 98 Symmetric Encryption Summary . . . . . . . 98


Asymmetric Encryption . . . . . . . . . . . . . . 99 RSA . . . . . . . . . . . . . . . . . . . . . . 99 Diffie-Hellman . . . . . . . . . . . . . . . . . 100 ElGamal . . . . . . . . . . . . . . . . . . . . 101 ECC . . . . . . . . . . . . . . . . . . . . . . 101 Asymmetric Encryption Summary . . . . . . 102


Quantum Cryptography . . . . . . . . . . . . . . 102 Steganography . . . . . . . . . . . . . . . . . . . 103 Cryptography Algorithm Use . . . . . . . . . . . 105


Confidentiality . . . . . . . . . . . . . . . . . 105 Integrity . . . . . . . . . . . . . . . . . . . . 105 Nonrepudiation . . . . . . . . . . . . . . . . 106 Authentication . . . . . . . . . . . . . . . . . 106 Key Escrow . . . . . . . . . . . . . . . . . . . 107 Digital Signatures . . . . . . . . . . . . . . . 108 Digital Rights Management . . . . . . . . . . 108 Transport Encryption . . . . . . . . . . . . . 109 Cryptographic Applications . . . . . . . . . . 110


Chapter 5 Review . . . . . . . . . . . . . . . . . . 112


Chapter 6 ■ Public Key Infrastructure 116 The Basics of Public Key Infrastructures . . . . . 117 Certificate Authorities . . . . . . . . . . . . . . . 119 Registration Authorities . . . . . . . . . . . . . . 120


Local Registration Authorities . . . . . . . . . 122 Certificate Repositories . . . . . . . . . . . . . . 122 Trust and Certificate Verification . . . . . . . . . 123 Digital Certificates . . . . . . . . . . . . . . . . . 126


Certificate Attributes . . . . . . . . . . . . . 127 Certificate Extensions . . . . . . . . . . . . . 128 Certificate Lifecycles . . . . . . . . . . . . . . 129


Centralized and Decentralized Infrastructures . 134 Hardware Storage Devices . . . . . . . . . . . 135 Private Key Protection . . . . . . . . . . . . . 136 Key Recovery . . . . . . . . . . . . . . . . . . 137 Key Escrow . . . . . . . . . . . . . . . . . . . 138


Public Certificate Authorities . . . . . . . . . . . 139 In-House Certificate Authorities . . . . . . . . . 140


Choosing Between a Public CA and an In-House CA . . . . . . . . . . . . 140


Outsourced Certificate Authorities . . . . . . 141


Tying Different PKIs Together . . . . . . . . 142 Trust Models . . . . . . . . . . . . . . . . . . 142


Certificate-Based Threats . . . . . . . . . . . . . 147 Chapter 6 Review . . . . . . . . . . . . . . . . . . 149


Chapter 7 ■ Standards and Protocols 154 PKIX and PKCS . . . . . . . . . . . . . . . . . . . 156


PKIX Standards . . . . . . . . . . . . . . . . 157 PKCS . . . . . . . . . . . . . . . . . . . . . . 158 Why You Need to Know the PKIX


and PKCS Standards . . . . . . . . . . . . 160 X.509 . . . . . . . . . . . . . . . . . . . . . . . . . 162 SSL/TLS . . . . . . . . . . . . . . . . . . . . . . . 163 ISAKMP . . . . . . . . . . . . . . . . . . . . . . . 164 CMP . . . . . . . . . . . . . . . . . . . . . . . . . 165 XKMS . . . . . . . . . . . . . . . . . . . . . . . . 166 S/MIME . . . . . . . . . . . . . . . . . . . . . . . 168


IETF S/MIME History . . . . . . . . . . . . 168 IETF S/MIME v3 Specifications . . . . . . . . 169


PGP . . . . . . . . . . . . . . . . . . . . . . . . . . 170 How PGP Works . . . . . . . . . . . . . . . . 170


HTTPS . . . . . . . . . . . . . . . . . . . . . . . . 171 IPsec . . . . . . . . . . . . . . . . . . . . . . . . . 172 CEP . . . . . . . . . . . . . . . . . . . . . . . . . . 172 FIPS . . . . . . . . . . . . . . . . . . . . . . . . . 172 Common Criteria for Information Technology


Security (Common Criteria or CC) . . . . . . 173 WTLS . . . . . . . . . . . . . . . . . . . . . . . . 173 PPTP . . . . . . . . . . . . . . . . . . . . . . . . . 174 WEP . . . . . . . . . . . . . . . . . . . . . . . . . 174


WEP Security Issues . . . . . . . . . . . . . . 174 ISO/IEC 27002 (Formerly


ISO 17799) . . . . . . . . . . . . . . . . . . . . 175 Chapter 7 Review . . . . . . . . . . . . . . . . . . 176


Chapter 8 ■ Physical Security 180 The Security Problem . . . . . . . . . . . . . . . 181 Physical Security Safeguards . . . . . . . . . . . 185


Walls and Guards . . . . . . . . . . . . . . . 185 Policies and Procedures . . . . . . . . . . . . 187 Access Controls and Monitoring . . . . . . . 191 Environmental Controls . . . . . . . . . . . . 194 Fire Suppression . . . . . . . . . . . . . . . . 195 Electromagnetic Interference . . . . . . . . . . 198 Authentication . . . . . . . . . . . . . . . . . 199


Chapter 8 Review . . . . . . . . . . . . . . . . . . 204


Contents xv


BaseTech / Principles of Computer Security: CompTIA Security+™ and Beyond / Wm. Arthur Conklin / 619-8 / Front Matter


P:\010Comp\BaseTech\619-8\FM.vp Wednesday, November 09, 2011 5:43:04 PM


Color profile: Disabled Composite Default screen


Chapter 9 ■ Network Fundamentals 208 Network Architectures . . . . . . . . . . . . . . . 209 Network Topology . . . . . . . . . . . . . . . . . 210 Network Protocols . . . . . . . . . . . . . . . . . 211


Packets . . . . . . . . . . . . . . . . . . . . . 213 TCP vs. UDP . . . . . . . . . . . . . . . . . 214 ICMP . . . . . . . . . . . . . . . . . . . . . . 215


Packet Delivery . . . . . . . . . . . . . . . . . . . 217 Local Packet Delivery . . . . . . . . . . . . . 217 Remote Packet Delivery . . . . . . . . . . . . 218 IP Addresses and Subnetting . . . . . . . . . 219 Network Address Translation . . . . . . . . . 221 Security Zones . . . . . . . . . . . . . . . . . 222 VLANs . . . . . . . . . . . . . . . . . . . . . 226


Tunneling . . . . . . . . . . . . . . . . . . . . . . 227 Chapter 9 Review . . . . . . . . . . . . . . . . . . 228


Chapter 10 ■ Infrastructure Security 232 Devices . . . . . . . . . . . . . . . . . . . . . . . . 233


Workstations . . . . . . . . . . . . . . . . . . 233 Servers . . . . . . . . . . . . . . . . . . . . . 235 Virtualization . . . . . . . . . . . . . . . . . 236 Network Interface Cards . . . . . . . . . . . . 236 Hubs . . . . . . . . . . . . . . . . . . . . . . 237 Bridges . . . . . . . . . . . . . . . . . . . . . 237 Switches . . . . . . . . . . . . . . . . . . . . 238 Loop Protection . . . . . . . . . . . . . . . . 239 Routers . . . . . . . . . . . . . . . . . . . . . 239 Firewalls . . . . . . . . . . . . . . . . . . . . 240 Wireless . . . . . . . . . . . . . . . . . . . . 242 Modems . . . . . . . . . . . . . . . . . . . . 243 Telecom/PBX . . . . . . . . . . . . . . . . . . 245 VPN . . . . . . . . . . . . . . . . . . . . . . 245 Intrusion Detection Systems . . . . . . . . . . 246 Network Access Control . . . . . . . . . . . . 246 Network Monitoring/Diagnostic . . . . . . . 247 Mobile Devices . . . . . . . . . . . . . . . . . 248 Device Security, Common Concerns . . . . . 249


Media . . . . . . . . . . . . . . . . . . . . . . . . 249 Coaxial Cable . . . . . . . . . . . . . . . . . . 249 UTP/STP . . . . . . . . . . . . . . . . . . . . 250 Fiber . . . . . . . . . . . . . . . . . . . . . . 251 Unguided Media . . . . . . . . . . . . . . . . 252


Security Concerns for Transmission Media . . . 254 Physical Security Concerns . . . . . . . . . . . . 254


Removable Media . . . . . . . . . . . . . . . . . 255 Magnetic Media . . . . . . . . . . . . . . . . 255 Optical Media . . . . . . . . . . . . . . . . . 258 Electronic Media . . . . . . . . . . . . . . . . 259


Cloud Computing . . . . . . . . . . . . . . . . . 259 Software as a Service . . . . . . . . . . . . . . 260 Platform as a Service . . . . . . . . . . . . . . 260 Infrastructure as a Service . . . . . . . . . . . 260 Network Attached Storage . . . . . . . . . . . 260


Chapter 10 Review . . . . . . . . . . . . . . . . . 261


Chapter 11 ■ Authentication and Remote Access 264 The Remote Access Process . . . . . . . . . . . . 265


Identification . . . . . . . . . . . . . . . . . . 266 Authentication . . . . . . . . . . . . . . . . . 266 Authorization . . . . . . . . . . . . . . . . . 271 Access Control . . . . . . . . . . . . . . . . . 272


IEEE 802.1X . . . . . . . . . . . . . . . . . . . . . 274 Wireless Protocols . . . . . . . . . . . . . . . 275


RADIUS . . . . . . . . . . . . . . . . . . . . . . . 275 RADIUS Authentication . . . . . . . . . . . 276 RADIUS Authorization . . . . . . . . . . . . 277 RADIUS Accounting . . . . . . . . . . . . . 277 Diameter . . . . . . . . . . . . . . . . . . . . 278


TACACS+ . . . . . . . . . . . . . . . . . . . . . . 278 TACACS+ Authentication . . . . . . . . . . 279 TACACS+ Authorization . . . . . . . . . . . 280 TACACS+ Accounting . . . . . . . . . . . . 280


Authentication Protocols . . . . . . . . . . . . . 281 L2TP and PPTP . . . . . . . . . . . . . . . . 281 PPP . . . . . . . . . . . . . . . . . . . . . . . 281 PPTP . . . . . . . . . . . . . . . . . . . . . . 282 EAP . . . . . . . . . . . . . . . . . . . . . . 283 CHAP . . . . . . . . . . . . . . . . . . . . . 283 NTLM . . . . . . . . . . . . . . . . . . . . . 284 PAP . . . . . . . . . . . . . . . . . . . . . . 284 L2TP . . . . . . . . . . . . . . . . . . . . . . 284 Telnet . . . . . . . . . . . . . . . . . . . . . . 285 SSH . . . . . . . . . . . . . . . . . . . . . . 285


FTP/FTPS/SFTP . . . . . . . . . . . . . . . . . . 287 VPNs . . . . . . . . . . . . . . . . . . . . . . . . . 287 IPsec . . . . . . . . . . . . . . . . . . . . . . . . . 288

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

Top Essay Tutor
University Coursework Help
Helping Hand
Writer Writer Name Offer Chat
Top Essay Tutor

ONLINE

Top Essay Tutor

I have more than 12 years of experience in managing online classes, exams, and quizzes on different websites like; Connect, McGraw-Hill, and Blackboard. I always provide a guarantee to my clients for their grades.

$85 Chat With Writer
University Coursework Help

ONLINE

University Coursework Help

Hi dear, I am ready to do your homework in a reasonable price.

$82 Chat With Writer
Helping Hand

ONLINE

Helping Hand

I am an Academic writer with 10 years of experience. As an Academic writer, my aim is to generate unique content without Plagiarism as per the client’s requirements.

$80 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

Bge peak rewards thermostat blank - Deloitte tracking and trading exam answers - Joan of arc personality type - Ransomware as a service - SOCW 6361 Week 10 - Post Responses - 2013 little india riot - Phl 320 week 3 knowledge check - Krispy kreme donut fundraiser - Mp husky ladder tray - Dr wai kuen chow - Capstone make up work 1 - The long bitter trail sparknotes - How to install silverlight - Principles of management chapter 4 quizlet - Deutsche allgemeinversicherung case - Apply for extension monash - Point cook coastal park - Example of personal attributes - Essay - Why are decomposers important to an ecosystem - How hotdogs are made the brutal graphic truth - Case study kitchen heaven - Target corporation case study pdf - Topic 6 DQ 1 - 2-3 paragraph summary construction safety - Discussion: Oligopoly and Game Theory - Paper2 - The race chapter questions and answers - Movies about management and leadership - St andrews village tamworth - Goddards silver dip woolworths - Internal conflict in to kill a mockingbird - Wk 2, HCS 341: DR 1 - Accounting - Health Assessment Topic Reflection 3 (Pulmonary, Cardiac, Peripheral Vascular, and Lymphatic Systems) - I need 3-5 slides about King Saud University. - Pseudocode and python - Cirque du soleil las vegas 2014 schedule - Awc ashford edu writing tools thesis generator html - Discussion(NCM) - Coca cola market research case study - Ode to aphrodite original - Human rights based approach to programming - After each transaction the accounting equation must remain in balance - Isn t it ironic - What are the functions and dysfunctions of immigration - Which of the following is a discovery technique for generating ideas? - Primary and secondary audience examples - Central institute of technology - Vision statement for mcdonalds - Assignment: Group Processes and Stages of Formation - The hairy ape scene 1 summary - St joseph and st margaret clitherow church bracknell - The world of art book pleasantville - Torque and rotational equilibrium lab answers - Class 4 Assignments - Read All instructions! - The miller of the dee - Sample query letter for novel - Wet area set down - Paul's case literary criticism - Noni b garden city - Concert report paper - Why is potassium hydrogen phthalate a good primary standard - Real time business intelligence at continental airlines - When preparing a flexible budget the level of activity - Application of hysteresis motor - John maddison tower district court - Written-off vehicle inspection qld - The thief's story by ruskin bond - Shell oil in nigeria case study pdf - Whipps cross hospital wards - 4 day hypertrophy program - Yamaha dirt bike history - Machine guarding ppt presentation - The witching hour roald dahl - Care plan for impaired gas exchange related to pneumonia - Anatomy of a Job Description - Video miscommunication - Riemann sum excel - A 30 mh inductor has a reactance of 2.10 - International Relations: NGOs: Friend, Foe or Foil? - SOCW 6111 - Dr stephanie urell gallatin tn - Read the following sentence. Mariah’s voice shook and her hands fluttered as she floundered helplessly to answer the difficult questions Steven was asking her. Choose the denotation for the word floundered. restored struggled succeeded maintained - Allen court student accommodation sheffield - CBT VS RBT - Inheritance igcse biology notes - Two important situational contingencies in the path goal theory are - Inala probation and parole - Gobble cakes is a bakery that specializes in cupcakes - Arab chiefs territory crossword clue - Cirque du soleil competitive advantage - Which country switched sides in ww1 - Kalahari red tea highlands honey - Urgent - Sophia amoruso nasty gal ebay - Chapter one - Windshield urvey form - Sam powerpoint - Plagiarism spectrum