Book description
Fully updated computer security essentials—quality approved by CompTIA
Learn IT security fundamentals while getting complete coverage of the objectives for the latest release of CompTIA Security+ certification exam SY0-501. This thoroughly revised, full-color textbook discusses communication, infrastructure, operational security, attack prevention, disaster recovery, computer forensics, and much more. Written by a pair of highly respected security educators, Principles of Computer Security: CompTIA Security+® and Beyond, Fifth Edition (Exam SY0-501) will help you pass the exam and become a CompTIA certified computer security expert.
Find out how to:
•Ensure operational, organizational, and physical security
•Use cryptography and public key infrastructures (PKIs)
•Secure remote access, wireless networks, and virtual private networks (VPNs)
•Authenticate users and lock down mobile devices
•Harden network devices, operating systems, and applications
•Prevent network attacks, such as denial of service, spoofing, hijacking, and password guessing
•Combat viruses, worms, Trojan horses, and rootkits
•Manage e-mail, instant messaging, and web security
•Explore secure software development requirements
•Implement disaster recovery and business continuity measures
•Handle computer forensics and incident response
•Understand legal, ethical, and privacy issues
Online content includes:
•Test engine that provides full-length practice exams and customized quizzes by chapter or exam objective
•200 practice exam questions
Each chapter includes:
•Learning objectives
•Real-world examples
•Try This! and Cross Check exercises
•Tech Tips, Notes, and Warnings
•Exam Tips
•End-of-chapter quizzes and lab projects
Table of contents
- Cover
- Title Page
- Copyright Page
- About the Authors
- Dedication
- Acknowledgments
- About this Book
- CompTIA Approved Quality Curriculum
- Contents at a Glance
- Contents
- Foreword
- Preface
- Introduction
- Instructor Web Site
- Chapter 1 Introduction and Security Trends
- Chapter 2 General Security Concepts
- Chapter 3 Operational and Organizational Security
- Chapter 4 The Role of People in Security
- Chapter 5 Cryptography
- Chapter 6 Applied Cryptography
- Chapter 7 Public Key Infrastructure
- Chapter 8 Physical Security
- Chapter 9 Network Fundamentals
- Chapter 10 Infrastructure Security
- Chapter 11 Authentication and Remote Access
-
Chapter 12 Wireless Security and Mobile Devices
- Introduction to Wireless Networking
- Mobile Phones
- Bluetooth
- Near Field Communication
- Other Forms of Connection
- IEEE 802.11 Series
- Wireless Systems Configuration
- Wireless Attacks
-
Mobile Device Management Concepts
- Application Management
- Full Device Encryption (FDE)
- Content Management
- Remote Wipe
- Geofencing
- Geolocation
- Geo-Tagging
- Screen Locks
- Push Notification Services
- Passwords and Pins
- Biometrics
- Context-Aware Authentication
- Containerization
- Storage Segmentation
- Asset Control
- Device Access Control
- Removable Storage
- Disabling Unused Features
- Mobile Application Security
- Policies for Enforcement and Monitoring
- Deployment Models
- Chapter 12 Review
- Chapter 13 Intrusion Detection Systems and Network Security
-
Chapter 14 System Hardening and Baselines
- Overview of Baselines
- Hardware/Firmware Security
- Operating System and Network Operating System Hardening
- Secure Baseline
- Network Hardening
- Application Hardening
- Data-Based Security Controls
- Environment
- Automation/Scripting
- Alternative Environments
- Industry-Standard Frameworks and Reference Architectures
- Benchmarks/Secure Configuration Guides
- For More Information
- Chapter 14 Review
-
Chapter 15 Types of Attacks and Malicious Software
- Avenues of Attack
- Malicious Code
-
Attacking Computer Systems and Networks
- Denial-of-Service Attacks
- Social Engineering
- Null Sessions
- Sniffing
- Spoofing
- MAC Spoofing
- TCP/IP Hijacking
- Man-in-the-Middle Attacks
- Man-in-the-Browser
- Replay Attacks
- Transitive Access
- Spam
- Spim
- Phishing
- Spear Phishing
- Vishing
- Pharming
- Scanning Attacks
- Attacks on Encryption
- Address System Attacks
- Cache Poisoning
- Amplification
- Domain Hijacking
- Password Guessing
- Pass-the-Hash Attacks
- Software Exploitation
- Client-Side Attacks
- Driver Manipulation
- Advanced Persistent Threat
- Tools
- Auditing
- Chapter 15 Review
- Chapter 16 E-mail and Instant Messaging
- Chapter 17 Web Components
- Chapter 18 Secure Software Development
-
Chapter 19 Business Continuity, Disaster Recovery, and Organizational Policies
- Disaster Recovery
- Backups
-
Business Continuity
- Business Continuity Plans
- Business Impact Analysis
- Identification of Critical Systems and Components
- Removing Single Points of Failure
- Risk Assessment
- Succession Planning
- Continuity of Operations
- Exercises/Tabletop
- After-Action Reports
- Failover
- Alternative Sites
- Order of Restoration
- Utilities
- Secure Recovery
- Cloud Computing
- Redundancy
- Chapter 19 Review
- Chapter 20 Risk Management
- Chapter 21 Change Management
- Chapter 22 Incident Response
- Chapter 23 Computer Forensics
- Chapter 24 Legal Issues and Ethics
-
Chapter 25 Privacy
- Anonymity and Pseudonymity
- Data Sensitivity Labeling and Handling
- Data Roles
- Data Destruction and Media Sanitization
- Personally Identifiable Information (PII)
- Fair Information Practice Principles (FIPPs)
-
U.S. Privacy Laws
- Privacy Act of 1974
- Freedom of Information Act (FOIA)
- Family Education Records and Privacy Act (FERPA)
- U.S. Computer Fraud and Abuse Act (CFAA)
- U.S. Children’s Online Privacy Protection Act (COPPA)
- Video Privacy Protection Act (VPPA)
- Health Insurance Portability and Accountability Act (HIPAA)
- Gramm-Leach-Bliley Act (GLBA)
- California Senate Bill (SB)
- U.S. Banking Rules and Regulations
- Payment Card Industry Data Security Standard (PCI DSS)
- Fair Credit Reporting Act (FCRA)
- Fair and Accurate Credit Transactions Act (FACTA)
- International Privacy Laws
- Privacy-Enhancing Technologies
- Privacy Policies
- Web Privacy Issues
- Privacy in Practice
- For More Information
- Chapter 25 Review
- Appendix A CompTIA Security+ Exam Objectives: SY0-501
- Appendix B Command Line Tools
- Appendix C About the Online Content
- Glossary
- Index
Product information
- Title: Principles of Computer Security: CompTIA Security+ and Beyond, Fifth Edition, 5th Edition
- Author(s):
- Release date: June 2018
- Publisher(s): McGraw-Hill
- ISBN: 9781260026009
You might also like
book
Principles of Computer Security: CompTIA Security+ and Beyond, Sixth Edition (Exam SY0-601), 6th Edition
Fully updated computer security essentials—mapped to the CompTIA Security+ SY0-601 exam Save 10% on any CompTIA …
book
Principles of Computer Security: CompTIA Security+ and Beyond Lab Manual (Exam SY0-601)
Practice the Skills Essential for a Successful Career in Cybersecurity! This hands-on guide contains more than …
book
Security in Computing, 6th Edition
The New State of the Art in Information Security: From Cloud to Crypto, AI-Driven Security to …
book
Computer Security Fundamentals, 5th Edition
ONE-VOLUME INTRODUCTION TO COMPUTER SECURITY Clearly explains core concepts, terminology, challenges, technologies, and skills Covers today's …