Description
Microsoft Press Security+ Certification Training Kit 2003 Edition by - Microsoft Corporation
The CompTIA Security+ certification exam measures industry-standard knowledge and competencies for managing information security. And now you can build the skills tested every day, on the job-as well as on the Security+ exam-with this all-in-one training kit. Work at your own pace, using lessons and hands-on exercises co-developed by two Security+ certified professionals. As you develop the real-world expertise needed to help protect corporate information systems and data, you're also preparing for the Security+ exam-the newest CompTIA credential.BUILD THE SKILLS TO:Identify and help mitigate security risks-essential concepts Know and apply the basic principles of cryptography, keys, and certificates Monitor and help secure vulnerabilities in TCP/IP and network infrastructure Help protect e-mail, RAS, VPNs, wireless services, and other online communications Configure user and group privileges, access control, and authentication Implement security baselines, system updates, and intrusion detection Create an operational security plan-from physical security to business continuity Build an organizational security program-documentation, risk assessment, user education YOUR KIT INCLUDES:Comprehensive self-paced study guide that maps to Security+ exam goals and objectives Learn-by-doing exercises for skills you can apply to the job Lesson summaries and review questions, including a complete Q&A summary Testing tool that generates realistic practice exams with automated scoring and explanations for both correct and incorrect answers Key chapters from the Microsoft Windows Security Resource Kit-for real-world knowledge that goes beyond the exam Supplemental security articles on CD from the National Institute of Standards and Technology, the Internet Engineering Task Force, and the Common Criteria organization Fully searchable eBook version of the study guide For customers who purchase an ebook version of this title, instructions for downloading the CD files can be found in the ebook. Table of contents :- About This Book xv Intended Audience xv Prerequisites xv Reference Materials xvi Features of This Book xvi Chapter and Appendix Overview xix Finding the Best Starting Point for You xx Getting Started xxix The Security+ Certification Program xxxi Technical Support xxxvii CHAPTER 1 General Networking and Security Concepts 1 About This Chapter 1 Before You Begin 2 Lesson 1: The Big Picture 3 What s at Stake 4 Valuing Your Assets 4 Understanding the Goal of Security 5 Managing Risk 6 Putting It All Together 8 Exercise: Creating a Risk Management Plan 9 Lesson Review 10 Lesson Summary 11 Lesson 2: Identifying Threats 13 Sources of Threat 13 Attacks 16 Malicious Code 16 Who Is Attacking? 17 Social Engineering 18 Lesson Review 18 Lesson Summary 19 Lesson 3: Intrusion Points 20 Network Infrastructure 20 Applications Used on the Internet 21 Communications Protocols 21 Lesson Review 22 Lesson Summary 23 Lesson 4: Defending Against Threats 24 Building a Defense 24 Securing the Network Infrastructure 25 User Authentication 26 Enabling Auditing 27 Lesson Review 28 Lesson Summary 29 Lesson 5: Organizational and Operational Security 30 Preserving Data 30 Chain of Custody 30 Human Resource Concerns and Privacy Issues 31 Lesson Review 32 Lesson Summary 32 CHAPTER 2 TCP/IP Basics 33 About This Chapter 33 Before You Begin 33 Lesson 1: Basic TCP/IP Principles 34 What Is TCP/IP? 35 Reviewing the Four-Layer DARPA Model 37 Reviewing the TCP/IP Communications Flow 39 Understanding Network Interface Frames 41 Understanding IP Datagrams 43 Understanding Fragmentation 49 Understanding Transport Layer Communications 50 Exercise 1: Following a Packet from Source to Destination 53 Exercise 2: Identifying Information Captured Using Network Monitor 54 Lesson Review 55 Lesson Summary 57 Lesson 2: TCP/IP Layers and Vulnerabilities 58 Identifying Possible Network Interface Layer Attacks 58 Identifying Possible Internet Layer Attacks 59 Identifying Possible Transport Layer Attacks 59 Identifying Possible Application Layer Attacks 60 Lesson Review 61 Lesson Summary 61 CHAPTER 3 Certificate Basics 63 About This Chapter 63 Before You Begin 63 Lesson 1: Understanding Cryptography 64 Understanding Cryptography and Keys 64 Standards and Protocols 70 Lesson Review 71 Lesson Summary 72 Lesson 2: Using Cryptography 73 Confidentiality 73 Integrity 74 Identification and Authentication 75 Providing Nonrepudiation 76 Lesson Review 76 Lesson Summary 78 Lesson 3: Identifying the Components of a Public Key Infrastructure 79 Components of a PKI 79 Lesson Review 84 Lesson Summary 85 Lesson 4: Understanding CA Trust Models 86 Trust Models 86 Mesh Architecture 86 Hierarchical Architecture 88 Bridge CA Architecture 90 Lesson Review 92 Lesson Summary 93 Lesson 5: Understanding Certificate Life Cycle and Key Management 94 Key Life Cycle 94 Key Management 96 Lesson Review 98 Lesson Summary 98 CHAPTER 4 Network Infrastructure Security 99 About This Chapter 99 Before You Begin 99 Lesson 1: Understanding Network Infrastructure Security 100 Infrastructure Security Overview 100 Securing Physical Equipment 101 Securing Equipment Configuration 102 Lesson Review 103 Lesson Summary 103 Lesson 2: Securing Network Cabling 104 Coaxial Cable 104 Twisted-Pair Cables 105 Fiber Optic Cable 106 Exercise: Identifying Cable Vulnerabilities 107 Lesson Review 107 Lesson Summary 108 Lesson 3: Securing Connectivity Devices 109 Hubs 109 Switches and Bridges 110 Routers 112 Firewalls 114 Remote Access 118 Telecommunications Hacking 121 Modems 123 Wireless 124 Exercise: Identifying Network Infrastructure Exploits 125 Lesson Review 125 Lesson Summary 126 Lesson 4: Exploring Secure Topologies 127 Security Zones 127 Implementing NAT 134 Using VLANs 136 Exercise: Selecting Infrastructure Security Measures 137 Lesson Review 137 Lesson Summary 138 Lesson 5: Securing and Monitoring Network Resources 139 Securing and Monitoring Workstations 139 Protecting Mobile Devices 140 Securing and Monitoring Servers 141 Monitoring Connectivity Devices 141 Implementing Intrusion Detection 142 Using Honeypots and Honeynets 142 Exercise: Identifying Security Devices 144 Lesson Review 144 Lesson Summary 145 CHAPTER 5 Communications Security 147 About This Chapter 147 Before You Begin 147 Lesson 1: Understanding Remote Access Connectivity 148 Remote Connections 148 Remote Connection Mediums 149 Exercise: Configuring a Remote Access Connection 153 Lesson Review 154 Lesson Summary 155 Lesson 2: Providing Secure Remote Access 156 Remote Connection Requirements 156 Centralized Authentication 158 Virtual Private Networks 163 Secure Shell Protocol 169 Exercise: Configuring the Authentication Method for a Dial-Up Connection 170 Lesson Review 171 Lesson Summary 173 Lesson 3: Understanding Wireless Standards and Protocols 174 How Wireless Networking Works 175 Wireless Application Protocol 177 Wired Equivalent Privacy 178 Security in the WLAN 181 Understanding 802.1x 182 Exercise 1: Identifying Maximum Wireless Speeds 184 Exercise 2: Identifying Key Wireless Access Terms 185 Lesson Review 185 Lesson Summary 186 CHAPTER 6 Application Security 187 About This Chapter 187 Before You Begin 187 Lesson 1: E-Mail Security 188 Secure Electronic Messaging 188 E-Mail Vulnerabilities 191 Exercise 1: Downloading and Installing PGP Freeware 196 Exercise 2: Creating PGP Keys 198 Lesson Review 199 Lesson Summary 200 Lesson 2: Web Security 201 SSL/TLS 201 HTTPS 203 Buffer Overflows 204 Active Content 205 Cookies 209 CGI 210 Instant Messaging 212 Exercise 1: Application Security Solutions 214 Lesson Review 214 Lesson Summary 215 Lesson 3: File Transfer 216 FTP Client Security Issues 216 Secure FTP 217 Kerberized FTP 217 File Sharing 218 Lesson Review 220 Lesson Summary 221 CHAPTER 7 User Security 223 About This Chapter 223 Before You Begin 223 Lesson 1: Understanding Authentication 224 User Name and Password Authentication 224 Kerberos Authentication 226 Remote Authentication with CHAP 232 Tokens 232 Biometrics 233 Combining Authentication Methods 235 Exercise 1: Following a Cross-Realm Authentication 237 Exercise 2: Reviewing Kerberos Terminology 237 Lesson Review 238 Lesson Summary 239 Lesson 2: Understanding Access Control Models 240 DAC 241 MAC 242 RBAC 242 Exercise: Identifying Authentication Methods 243 Lesson Review 243 Lesson Summary 244 CHAPTER 8 Security Baselines 245 About This Chapter 245 Before You Begin 245 Lesson 1: Network Device and Operating System Hardening 246 Network Device Updates 247 Operating System and Application Updates 249 Securing Networking Components 250 File System Security 257 Operating System Hardening 258 Exercise: Using MD5 260 Lesson Review 260 Lesson Summary 261 Lesson 2: Server Application Hardening 262 Web Servers 263 FTP Servers 266 E-Mail Servers 267 DNS Servers 268 File and Print Servers 270 DHCP Servers 271 NNTP Servers 272 Data Repositories 273 Exercise: Port Matching 275 Lesson Review 275 Lesson Summary 276 CHAPTER 9 Operational Security 279 About This Chapter 279 Before You Begin 279 Lesson 1: Physical Security 280 Access Control 280 Social Engineering 284 Environment 285 Disaster Recovery 287 Lesson Review 290 Lesson Summary 291 Lesson 2: Privilege Management 292 Understanding User, Group, and Role Management 292 Centralized and Decentralized Management 294 Auditing 295 Lesson Review 296 Lesson Summary 297 Lesson 3: Removable Media 298 Magnetic Tape 298 Writable CD-ROMs 300 Hard Disks 302 Floppy Disks 304 Flashcards 304 Smart Cards 305 Exercise: Identifying Removable Storage Media Types 305 Lesson Review 306 Lesson Summary 307 Lesson 4: Protecting Business Continuity 308 Creating a Business Continuity Plan 309 Implementing Business Continuity Preparations 310 Lesson Review 311 Lesson Summary 312 CHAPTER 10 Organizational Security 313 About This Chapter 313 Before You Begin 313 Lesson 1: Documentation 314 Standards, Guidelines, and the Common Criteria 314 Policies and Procedures 315 Service Level Agreement 320 Human Resources Policy 321 Due Care 322 Separation of Duties 323 Need to Know 323 Systems Architecture Documentation 323 Change and Configuration Management Policy 324 Logs 324 Inventories 324 Classification Policy 324 Exercise: Policy Purposes 327 Lesson Review 327 Lesson Summary 328 Lesson 2: Risk Assessment 329 Calculating Risk 329 Asset Identification and Valuation 330 Threat Assessment 331 Impact Assessment 332 Vulnerability Assessment 333 Exercise 1: Checking Security Statistics 334 Exercise 2: Calculating Risk Discussion 334 Lesson Review 335 Lesson Summary 336 Lesson 3: Security Education 337 Communication 337 User Awareness 338 Training 338 Education 339 Online Resources 339 Exercise: Stages and Delivery Types 340 Lesson Review 341 Lesson Summary 341 CHAPTER 11 Incident Detection and Response 343 About This Chapter 343 Before You Begin 343 Lesson 1: Attacks and Malicious Code 344 Scanning 344 DoS/DDoS 352 Spoofing 352 Source Routing 355 Man-in-the-Middle 356 Back Door 356 Password Guessing 357 Replay Attack 359 Encryption Breaking 360 Hijacking 361 Software Exploitation 361 Social Engineering 361 Malicious Code 363 Exercise: Attacks and Scans 364 Lesson Review 365 Lesson Summary 366 Lesson 2: Intrusion Detection Systems 367 Network-Based IDS 368 Host-Based IDS 370 Detection Methods 373 Response Types 374 Exercise: IDS Staged Deployment Steps 378 Lesson Review 378 Lesson Summary 379 Lesson 3: Incident Response 380 CSIRT 380 Incident Response Basics 381 Forensics 381 Legal Action 384 Exercise: Incident Response Priority 385 Lesson Review 385 Lesson Summary 386 APPENDIX A Questions and Answers 387 APPENDIX B Ports and Protocol IDs 425 GLOSSARY 429 INDEXshow more