Professional Documents
Culture Documents
PDF Comptia Security Guide To Network Security Fundamentals Mark Ciampa Ebook Full Chapter
PDF Comptia Security Guide To Network Security Fundamentals Mark Ciampa Ebook Full Chapter
https://textbookfull.com/product/security-awareness-applying-
practical-security-in-your-world-5th-edition-mark-ciampa/
https://textbookfull.com/product/guide-to-computer-network-
security-joseph-migga-kizza/
https://textbookfull.com/product/guide-to-computer-network-
security-4th-edition-joseph-migga-kizza/
https://textbookfull.com/product/guide-to-computer-network-
security-fourth-edition-joseph-migga-kizza/
Principles of Computer Security: CompTIA Security+ and
Beyond Conklin
https://textbookfull.com/product/principles-of-computer-security-
comptia-security-and-beyond-conklin/
https://textbookfull.com/product/comptia-security-3rd-edition-
anonymous/
https://textbookfull.com/product/comptia-a-core-1-exam-tenth-
edition-author-of-comptia-network-guide-to-networks-jill-west/
https://textbookfull.com/product/mike-meyers-comptia-security-
certification-guide-second-edition-exam-sy0-501-mike-meyers/
https://textbookfull.com/product/comptia-security-all-in-one-
exam-guide-exam-sy0-501-wm-arthur-conklin/
INFORMATION SECURITY
Mark Ciampa
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
CompTIA Security+ SY0-501 Exam Objectives
2.3 G
iven a scenario, troubleshoot common security issues. 15 Analyze
2.4 G
iven a scenario, analyze and interpret output from security technologies. 6 Analyze
7 Analyze
9 Analyze
2.5 G
iven a scenario, deploy mobile devices securely. 8 Apply/Evaluate
10 Analyze/Create
11 Analyze
2.6 G
iven a scenario, implement secure protocols. 4 Apply
5 Analyze
3.0: Architecture and Design
3.1 E
xplain use cases and purpose for frameworks, best practices and secure 1 Analyze
configuration guides. 15 Understand
3.2 Given a scenario, implement secure network architecture concepts. 6 Analyze
7 Apply
8 Apply/Evaluate
13 Apply
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
INFORMATION SECURITY
Sixth Edition
CompTIA ®
SECURITY+ GUIDE TO
NETWORK SECURITY
FUNDAMENTALS
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Security+ Guide to Network © 2018, 2015 Cengage Learning
Security Fundamentals, Sixth Unless otherwise noted, all content is © Cengage.
Edition
ALL RIGHTS RESERVED. No part of this work covered by the copy-
Mark Ciampa
right herein may be reproduced or distributed in any form or by
any means, except as permitted by U.S. copyright law, without the
prior written permission of the copyright owner.
SVP, GM Skills: Jonathan Lau
Product Team Manager: Kristin For product information and technology assistance, contact us at
McNary Cengage Learning Customer & Sales Support, 1-800-354-9706.
Associate Product Manager: Amy For permission to use material from this text or product, submit all
Savino requests online at www.cengage.com/permissions.
Further permissions questions can be e-mailed to
Executive Director of Development:
permissionrequest@cengage.com.
Marah Bellegarde
PART 1
SECURITY AND ITS THREATS��������������������������������������������������������������������������1
CHAPTER 1
Introduction to Security��������������������������������������������������������������������������������3
CHAPTER 2
Malware and Social Engineering Attacks������������������������������������������������� 51
PART 2
CRYPTOGRAPHY������������������������������������������������������������������������������������������ 97
CHAPTER 3
Basic Cryptography������������������������������������������������������������������������������������� 99
CHAPTER 4
Advanced Cryptography and PKI������������������������������������������������������������ 145
PART 3
NETWORK ATTACKS AND DEFENSES������������������������������������������������������� 189
CHAPTER 5
Networking and Server Attacks�������������������������������������������������������������� 191
CHAPTER 6
Network Security Devices, Design, and Technology����������������������������� 233
CHAPTER 7
Administering a Secure Network������������������������������������������������������������ 281
CHAPTER 8
Wireless Network Security����������������������������������������������������������������������� 321
PART 4
DEVICE SECURITY�������������������������������������������������������������������������������������� 371
CHAPTER 9
Client and Application Security��������������������������������������������������������������� 373
iii
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
iv Brief Contents
CHAPTER 10
Mobile and Embedded Device Security���������������������������������������������������421
PART 5
IDENTITY AND ACCESS MANAGEMENT����������������������������������������������������469
CHAPTER 11
Authentication and Account Management��������������������������������������������471
CHAPTER 12
Access Management����������������������������������������������������������������������������������521
PART 6
RISK MANAGEMENT�����������������������������������������������������������������������������������563
CHAPTER 13
Vulnerability Assessment and Data Security�����������������������������������������565
CHAPTER 14
Business Continuity�����������������������������������������������������������������������������������607
CHAPTER 15
Risk Mitigation�������������������������������������������������������������������������������������������651
APPENDIX A
CompTIA SY0-501 Certification Exam Objectives�����������������������������������691
GLOSSARY��������������������������������������������������������������������������������������������������������� 713
INDEX�����������������������������������������������������������������������������������������������������������������741
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Table of Contents
INTRODUCTION...........................................................................................................xv
PART 1
SECURITY AND ITS THREATS�����������������������������������������������������1
CHAPTER 1
Introduction to Security............................................................3
Challenges of Securing Information................................................................... 8
Today’s Security Attacks.....................................................................................8
Reasons for Successful Attacks.........................................................................12
Difficulties in Defending Against Attacks........................................................ 14
What Is Information Security?........................................................................... 17
Understanding Security.....................................................................................18
Defining Information Security..........................................................................18
Information Security Terminology...................................................................21
Understanding the Importance of Information Security................................. 24
Who Are the Threat Actors?............................................................................... 28
Script Kiddies.................................................................................................... 29
Hactivists.......................................................................................................... 29
Nation State Actors...........................................................................................30
Insiders.............................................................................................................30
Other Threat Actors...........................................................................................31
Defending Against Attacks................................................................................ 32
Fundamental Security Principles..................................................................... 32
Frameworks and Reference Architectures....................................................... 35
Chapter Summary............................................................................................... 35
Key Terms ............................................................................................................ 37
Review Questions............................................................................................... 37
Case Projects....................................................................................................... 46
CHAPTER 2
Malware and Social Engineering Attacks..............................51
Attacks Using Malware....................................................................................... 53
Circulation........................................................................................................ 55
Infection............................................................................................................ 61
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
vi Table of Contents
Concealment..................................................................................................... 65
Payload Capabilities..........................................................................................66
Social Engineering Attacks................................................................................. 73
Psychological Approaches................................................................................ 74
Physical Procedures..........................................................................................80
Chapter Summary............................................................................................... 82
Key Terms ............................................................................................................ 84
Review Questions ............................................................................................... 84
Case Projects....................................................................................................... 92
PART 2
CRYPTOGRAPHY����������������������������������������������������������������������97
CHAPTER 3
Basic Cryptography..................................................................99
Defining Cryptography..................................................................................... 101
What Is Cryptography?....................................................................................101
Cryptography and Security............................................................................. 105
Cryptography Constraints................................................................................107
Cryptographic Algorithms................................................................................ 108
Hash Algorithms..............................................................................................110
Symmetric Cryptographic Algorithms............................................................ 113
Asymmetric Cryptographic Algorithms��������������������������������������������������������� 116
Cryptographic Attacks...................................................................................... 123
Algorithm Attacks............................................................................................ 123
Collision Attacks.............................................................................................. 125
Using Cryptography.......................................................................................... 126
Encryption through Software.......................................................................... 127
Hardware Encryption......................................................................................128
Chapter Summary............................................................................................. 130
Key Terms .......................................................................................................... 132
Review Questions............................................................................................. 133
Case Projects..................................................................................................... 142
CHAPTER 4
Advanced Cryptography and PKI.........................................145
Implementing Cryptography........................................................................... 147
Key Strength.....................................................................................................147
Secret Algorithms............................................................................................148
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Table of Contents vii
PART 3
NETWORK ATTACKS AND DEFENSES������������������������������������189
CHAPTER 5
Networking and Server Attacks...........................................191
Networking-Based Attacks.............................................................................. 193
Interception.....................................................................................................194
Poisoning........................................................................................................ 196
Server Attacks................................................................................................... 201
Denial of Service (DoS)....................................................................................201
Web Server Application Attacks..................................................................... 203
Hijacking.........................................................................................................209
Overflow Attacks............................................................................................. 213
Advertising Attacks.......................................................................................... 215
Browser Vulnerabilities...................................................................................218
Chapter Summary............................................................................................. 222
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
viii Table of Contents
CHAPTER 6
Network Security Devices, Design, and Technology..........233
Security Through Network Devices................................................................ 235
Standard Network Devices............................................................................. 236
Network Security Hardware........................................................................... 246
Security Through Network Architecture........................................................ 260
Security Zones................................................................................................260
Network Segregation...................................................................................... 263
Security Through Network Technologies....................................................... 265
Network Access Control (NAC)....................................................................... 265
Data Loss Prevention (DLP)............................................................................ 267
Chapter Summary............................................................................................. 269
Key Terms .......................................................................................................... 271
Review Questions............................................................................................. 271
Case Projects..................................................................................................... 279
CHAPTER 7
Administering a Secure Network.........................................281
Secure Network Protocols............................................................................... 283
Simple Network Management Protocol (SNMP)............................................ 285
Domain Name System (DNS)......................................................................... 286
File Transfer Protocol (FTP)............................................................................ 288
Secure Email Protocols...................................................................................290
Using Secure Network Protocols.....................................................................291
Placement of Security Devices and Technologies......................................... 292
Analyzing Security Data................................................................................... 295
Data from Security Devices............................................................................ 296
Data from Security Software.......................................................................... 297
Data from Security Tools................................................................................ 298
Issues in Analyzing Security Data.................................................................. 298
Managing and Securing Network Platforms................................................. 300
Virtualization..................................................................................................300
Cloud Computing............................................................................................ 304
Software Defined Network (SDN)...................................................................306
Chapter Summary............................................................................................. 309
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Table of Contents ix
CHAPTER 8
Wireless Network Security...................................................321
Wireless Attacks................................................................................................ 324
Bluetooth Attacks........................................................................................... 324
Near Field Communication (NFC) Attacks......................................................327
Radio Frequency Identification (RFID) Attacks.............................................. 330
Wireless Local Area Network Attacks..............................................................332
Vulnerabilities of IEEE Wireless Security........................................................ 341
Wired Equivalent Privacy............................................................................... 342
Wi-Fi Protected Setup..................................................................................... 343
MAC Address Filtering.................................................................................... 344
SSID Broadcasting........................................................................................... 345
Wireless Security Solutions............................................................................. 346
Wi-Fi Protected Access (WPA)........................................................................ 347
Wi-Fi Protected Access 2 (WPA2).................................................................... 349
Additional Wireless Security Protections........................................................352
Chapter Summary............................................................................................. 356
Key Terms .......................................................................................................... 359
Review Questions............................................................................................. 359
Case Projects..................................................................................................... 368
PART 4
DEVICE SECURITY�������������������������������������������������������������������371
CHAPTER 9
Client and Application Security............................................373
Client Security................................................................................................... 375
Hardware System Security..............................................................................375
Securing the Operating System Software....................................................... 379
Peripheral Device Security.............................................................................. 388
Physical Security............................................................................................... 392
External Perimeter Defenses.......................................................................... 393
Internal Physical Access Security................................................................... 395
Computer Hardware Security........................................................................ 400
Application Security.......................................................................................... 401
Application Development Concepts............................................................... 402
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
x Table of Contents
CHAPTER 10
Mobile and Embedded Device Security...............................421
Mobile Device Types and Deployment........................................................... 423
Types of Mobile Devices................................................................................. 424
Mobile Device Risks.......................................................................................... 432
Mobile Device Vulnerabilities........................................................................ 432
Connection Vulnerabilities............................................................................. 436
Accessing Untrusted Content......................................................................... 436
Deployment Model Risks................................................................................ 438
Securing Mobile Devices.................................................................................. 439
Device Configuration...................................................................................... 439
Mobile Management Tools.............................................................................446
Mobile Device App Security........................................................................... 448
Embedded Systems and the Internet of Things............................................ 449
Embedded Systems........................................................................................449
Internet of Things............................................................................................451
Security Implications...................................................................................... 452
Chapter Summary............................................................................................. 455
Key Terms .......................................................................................................... 457
Review Questions............................................................................................. 457
Case Projects..................................................................................................... 465
PART 5
IDENTITY AND ACCESS MANAGEMENT��������������������������������469
CHAPTER 11
Authentication and Account Management........................471
Authentication Credentials............................................................................. 473
What You Know: Passwords........................................................................... 475
What You Have: Tokens, Cards, and Cell Phones........................................... 489
What You Are: Biometrics.............................................................................. 492
What You Do: Behavioral Biometrics............................................................. 498
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Table of Contents xi
CHAPTER 12
Access Management..............................................................521
What Is Access Control?................................................................................... 523
Access Control Terminology........................................................................... 524
Access Control Models.....................................................................................527
Managing Access Through Account Management....................................... 533
Account Setup..................................................................................................533
Account Auditing............................................................................................ 539
Best Practices for Access Control.................................................................... 540
Separation of Duties....................................................................................... 540
Job Rotation.................................................................................................... 540
Mandatory Vacations......................................................................................541
Clean Desk Policy.............................................................................................541
Implementing Access Control......................................................................... 542
Access Control Lists (ACLs)............................................................................. 542
Group-Based Access Control.......................................................................... 543
Identity and Access Services........................................................................... 544
RADIUS............................................................................................................ 545
Kerberos.......................................................................................................... 547
Terminal Access Control Access Control System+ (TACACS+)....................... 548
Lightweight Directory Access Protocol (LDAP)............................................... 549
Security Assertion Markup Language (SAML)................................................ 550
Authentication Framework Protocols............................................................. 551
Chapter Summary............................................................................................. 552
Key Terms .......................................................................................................... 554
Review Questions............................................................................................. 554
Case Projects..................................................................................................... 561
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
xii Table of Contents
PART 6
RISK MANAGEMENT��������������������������������������������������������������563
CHAPTER 13
Vulnerability Assessment and Data Security.....................565
Assessing the Security Posture....................................................................... 567
What Is Vulnerability Assessment?................................................................ 567
Vulnerability Assessment Tools......................................................................573
Vulnerability Scanning..................................................................................... 584
Penetration Testing.......................................................................................... 586
Practicing Data Privacy and Security.............................................................. 588
What Is Privacy?.............................................................................................. 589
Risks Associated with Private Data................................................................590
Maintaining Data Privacy and Security.......................................................... 592
Chapter Summary............................................................................................. 596
Key Terms .......................................................................................................... 598
Review Questions............................................................................................. 598
Case Projects..................................................................................................... 604
CHAPTER 14
Business Continuity��������������������������������������������������������������607
What Is Business Continuity?.......................................................................... 609
Business Continuity Planning (BCP)..............................................................609
Business Impact Analysis (BIA)....................................................................... 611
Disaster Recovery Plan (DRP)..........................................................................612
Fault Tolerance Through Redundancy........................................................... 615
Servers............................................................................................................ 616
Storage.............................................................................................................617
Networks..........................................................................................................621
Power.............................................................................................................. 622
Recovery Sites................................................................................................. 622
Data................................................................................................................. 623
Environmental Controls................................................................................... 628
Fire Suppression............................................................................................. 628
Electromagnetic Disruption Protection...........................................................631
HVAC................................................................................................................631
Incident Response............................................................................................ 633
What Is Forensics?.......................................................................................... 633
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Table of Contents xiii
CHAPTER 15
Risk Mitigation.......................................................................651
Managing Risk................................................................................................... 653
Threat Assessment......................................................................................... 654
Risk Assessment............................................................................................. 656
Strategies for Reducing Risk............................................................................ 664
Using Control Types....................................................................................... 664
Distributing Allocation...................................................................................666
Implementing Technology.............................................................................666
Practices for Reducing Risk............................................................................. 668
Security Policies..............................................................................................669
Awareness and Training................................................................................. 675
Agreements..................................................................................................... 677
Personnel Management.................................................................................. 679
Troubleshooting Common Security Issues.................................................... 679
Chapter Summary............................................................................................. 680
Key Terms .......................................................................................................... 682
Review Questions............................................................................................. 682
Case Projects..................................................................................................... 688
APPENDIX A
CompTIA SY0-501 Certification Exam Objectives��������������691
GLOSSARY��������������������������������������������������������������������������������������������������������� 713
INDEX����������������������������������������������������������������������������������������������������������������� 741
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
INTRODUCTION
The number one concern of computer professionals today continues to
be information security, and with good reason. Consider the evidence:
over 1.5 billion Yahoo user accounts were compromised in just two
separate attacks.1 A ransom of $1 million dollars was paid to unlock
files that had been encrypted by ransomware.2 A global payment sys-
tem used to transfer money between countries was compromised by
attackers who stole $81 billion from the central bank of Bangladesh.3 It
is estimated that global spending on products and services to prevent
these attacks will exceed $1 trillion cumulatively between 2017 and
2021. But despite the huge sum spent on protection, cybercrime will
still cost businesses over $6 trillion by 2021.4
As attacks continue to escalate, the need for trained security per-
sonnel also increases. It is estimated that there are currently over
1.5 million unfilled security jobs worldwide and this will grow by 20
percent to 1.8 million by the year 2022.5 According to the U.S. Bureau of
Labor Statistics (BLS) “Occupational Outlook Handbook,” the job out-
look for information security analysts through 2024 is expected to grow
by 18 percent, faster than the average growth rate.6
To verify security competency, most organizations use the Comput-
ing Technology Industry Association (CompTIA) Security+ certification,
a vendor-neutral credential. Security+ is one of the most widely recog-
nized security certifications and has become the security foundation
for today’s IT professionals. It is internationally recognized as validat-
ing a foundation level of security skills and knowledge. A successful
Security+ candidate has the knowledge and skills required to identify
threats, attacks and vulnerabilities; use security technologies and tools;
understand security architecture and design; perform identity and access
management; know about risk management; and use cryptography.
Security+ Guide to Network Security Fundamentals, Sixth Edition is
designed to equip learners with the knowledge and skills needed to
be information security professionals. Yet it is more than an “exam
prep” book. While teaching the fundamentals of information security
by using the CompTIA Security+ exam objectives as its framework, it
takes a comprehensive view of security by examining in-depth the
attacks against networks and computer systems and the necessary
defense mechanisms. Security+ Guide to Network Security Fundamen-
tals, Sixth Edition is a valuable tool for those who want to learn about
security and who desire to enter the field of information security. It
also provides the foundation that will help prepare for the CompTIA
Security+ certification exam.
xv
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
xvi Introduction
Intended Audience
This book is designed to meet the needs of students and professionals who want to
master basic information security. A fundamental knowledge of computers and net-
works is all that is required to use this book. Those seeking to pass the CompTIA Secu-
rity+ certification exam will find the text’s approach and content especially helpful; all
Security+ SY0-501 exam objectives are covered in the text (see Appendix A). Security+
Guide to Network Security Fundamentals, Sixth Edition covers all aspects of network and
computer security while satisfying the Security+ objectives.
The book’s pedagogical features are designed to provide a truly interactive learning
experience to help prepare you for the challenges of network and computer security.
In addition to the information presented in the text, each chapter includes Hands-On
Projects that guide you through implementing practical hardware, software, network,
and Internet security configurations step by step. Each chapter also contains case stud-
ies that place you in the role of problem solver, requiring you to apply concepts pre-
sented in the chapter to achieve successful solutions.
Chapter Descriptions
Here is a summary of the topics covered in each chapter of this book:
Chapter 1, “Introduction to Security,” introduces the network security fundamen-
tals that form the basis of the Security+ certification. It begins by examining the cur-
rent challenges in computer security and why security is so difficult to achieve. It then
defines information security in detail and explores why it is important. Finally, the
chapter looks at the fundamental attacks, including who is responsible for them, and
defenses.
Chapter 2, “Malware and Social Engineering Attacks,” examines attacks that use
different types of malware, such as viruses, worms, Trojans, and botnets. It also looks
at the different types of social engineering attacks.
Chapter 3, “Basic Cryptography,” explores how encryption can be used to protect
data. It covers what cryptography is and how it can be used for protection, and then
examines how to protect data using three common types of encryption algorithms:
hashing, symmetric encryption, and asymmetric encryption. It also covers how to use
cryptography on files and disks to keep data secure.
Chapter 4, “Advanced Cryptography and PKI,” examines how to implement cryp-
tography and use digital certificates. It also looks at public key infrastructure and key
management. This chapter covers different transport cryptographic algorithms to see
how cryptography is used on data that is being transported.
Chapter 5, “Networking and Server Attacks,” explores the different attacks that
are directed at enterprises. It includes networking-based attacks as well as server
attacks.
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Introduction xvii
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
xviii Introduction
Features
To aid you in fully understanding computer and network security, this book includes
many features designed to enhance your learning experience.
• Maps to CompTIA Objectives. The material in this text covers all the CompTIA
Security+ SY0-501 exam objectives.
• Chapter Objectives. Each chapter begins with a detailed list of the concepts to be
mastered in that chapter. This list provides you with both a quick reference to the
chapter’s contents and a useful study aid.
• Today’s Attacks and Defenses. Each chapter opens with a vignette of an actual
security attack or defense mechanism that helps to introduce the material covered
in that chapter.
• Illustrations and Tables. Numerous illustrations of security vulnerabilities,
attacks, and defenses help you visualize security elements, theories, and concepts.
In addition, the many tables provide details and comparisons of practical and
theoretical information.
• Chapter Summaries. Each chapter’s text is followed by a summary of the concepts
introduced in that chapter. These summaries provide a helpful way to review the
ideas covered in each chapter.
• Key Terms. All the terms in each chapter that were introduced with bold text are
gathered in a Key Terms list, providing additional review and highlighting key con-
cepts. Key Term definitions are included in the Glossary at the end of the text.
• Review Questions. The end-of-chapter assessment begins with a set of review
questions that reinforce the ideas introduced in each chapter. These questions help
you evaluate and apply the material you have learned. Answering these questions
will ensure that you have mastered the important concepts and provide valuable
practice for taking CompTIA’s Security+ exam.
• Hands-On Projects. Although it is important to understand the theory behind
network security, nothing can improve on real-world experience. To this end,
each chapter provides several Hands-On Projects aimed at providing you with
practical security software and hardware implementation experience. These proj-
ects use the Windows 10 operating system, as well as software downloaded from
the Internet.
• Case Projects. Located at the end of each chapter are several Case Projects. In these
extensive exercises, you implement the skills and knowledge gained in the chapter
through real design and implementation scenarios.
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Introduction xix
Note
The Note icon draws your attention to additional helpful material
related to the subject being described.
The Case Projects icon marks Case Projects, which are scenario-
Case Projects
based assignments. In these extensive case examples, you are
asked to implement independently what you have learned.
Instructor’s Materials
Everything you need for your course in one place. This collection of book-specific
lecture and class tools is available online. Please visit login.cengage.com and log in to
access instructor-specific resources on the Instructor Companion Site, which includes
the Instructor’s Manual, Solutions Manual, test creation tools, PowerPoint Presenta-
tions, Syllabus, and figure files.
• Electronic Instructor’s Manual. The Instructor’s Manual that accompanies this
textbook includes the following items: additional instructional material to assist in
class preparation, including suggestions for lecture topics.
• Solutions Manual. The instructor’s resources include solutions to all end-of-
chapter material, including review questions and case projects.
• Cengage Testing Powered by Cognero. This flexible, online system allows you to
do the following:
• Author, edit, and manage test bank content from multiple Cengage solutions.
• Create multiple test versions in an instant.
• Deliver tests from your LMS, your classroom, or wherever you want.
• PowerPoint Presentations. This book comes with a set of Microsoft PowerPoint
slides for each chapter. These slides are meant to be used as a teaching aid for
classroom presentations, to be made available to students on the network for
chapter review, or to be printed for classroom distribution. Instructors are also at
liberty to add their own slides for other topics introduced.
• Figure Files. All the figures and tables in the book are reproduced. Similar to Power-
Point presentations, these are included as a teaching aid for classroom presentation,
to make available to students for review, or to be printed for classroom distribution.
MindTap
MindTap for Security+ Guide to Network Security Fundamentals, Sixth Edition is a per-
sonalized, fully online digital learning platform of content, assignments, and services
that engages students and encourages them to think critically, while allowing you to
easily set your course through simple customization options.
MindTap is designed to help students master the skills they need in today’s workforce.
Research shows employers need critical thinkers, troubleshooters, and creative problem solv-
ers to stay relevant in our fast paced, technology-driven world. MindTap helps you achieve
this with assignments and activities that provide hands-on practice, real-life relevance, and
certification test prep. Students are guided through assignments that help them master basic
knowledge and understanding before moving on to more challenging problems.
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Introduction xxi
The live virtual machine labs provide real-life application and practice as well
as more advanced learning. Students work in a live environment via the Cloud with
real servers and networks that they can explore. The IQ certification test preparation
engine allows students to quiz themselves on specific exam domains, and the pre- and
post-course assessments measure exactly how much they have learned. Readings, lab
simulations, capstone projects, and videos support the lecture, while “In the News”
assignments encourage students to stay current.
MindTap is designed around learning objectives and provides the analytics and
reporting to easily see where the class stands in terms of progress, engagement, and
completion rates.
Students can access eBook content in the MindTap Reader, which offers
highlighting, note-taking, search and audio, as well as mobile access. Learn more
at www.cengage.com/mindtap/.
Instant Access Code: (ISBN: 9781337289306)
Printed Access Code: (ISBN: 9781337289313)
Lab Manual
Hands-on learning is necessary to master the security skills needed for both Comp-
TIA’s Security+ Exam and for a career in network security. Security+ Guide to Network
Security Fundamentals Lab Manual, 6th Edition contains hands-on exercises that use
fundamental networking security concepts as they are applied in the real world. Each
chapter offers review questions to reinforce your mastery of network security topics
and to sharpen your critical thinking and problem-solving skills. (ISBN: 9781337288798)
Bloom’s Taxonomy
Bloom’s Taxonomy is an industry-standard classification system used to help iden-
tify the level of ability that learners need to demonstrate proficiency. It is often used
to classify educational learning objectives into different levels of complexity. Bloom’s
Taxonomy reflects the “cognitive process dimension.” This represents a continuum of
increasing cognitive complexity, from remember (lowest level) to create (highest level).
There are six categories in Bloom’s Taxonomy as seen in Figure A.
In all instances, the level of coverage the domains in Security+ Guide to Network
Security Fundamentals, Sixth Edition meets or exceeds the Bloom’s Taxonomy level
indicated by CompTIA for that objective. See Appendix A for more detail.
Bloom’s Taxonomy
Domain % of Examination
1.0 Threats, Attacks & Vulnerabilities 21%
2.0 Technologies & Tools 22%
3.0 Architecture & Design 15%
4.0 Identity & Access Management 16%
5.0 Risk Management 14%
6.0 Cryptography & PKI 12%
Total 100%
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Introduction xxiii
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
xxiv Introduction
Acknowledgments
A large team of dedicated professionals all contributed to the creation of this book. I am
honored to be part of such an outstanding group of professionals. First, thanks go to
Product Manager Kristin McNary for giving me the opportunity to work on this project
and for providing her continual support, and to Associate Product Manager Amy Savino
for answering all my questions. Also thanks to Senior Content Developer Michelle Ruelos
Cannistraci who was very supportive, to Senior Content Product Manager Brooke Green-
house who helped keep this fast-moving project on track, and to Dr. Andy Hurd who
performed the technical reviews. To everyone on the team I extend my sincere thanks.
Special recognition again goes to the very best developmental editor, Deb
Kaufmann, who is a true professional in every sense of the word. She made many
helpful suggestions, found all my errors, watched every small detail, and even took on
additional responsibilities so that this project could accelerate to be completed even
before its deadlines. Without question, Deb is simply the very best there is.
And finally, I want to thank my wonderful wife, Susan. Her love, interest, support,
and patience gave me what I needed to complete this project. I could not have written
this book without her.
Dedication
To Braden, Mia, Abby, Gabe, Cora, and Will.
To The User
This book should be read in sequence, from beginning to end. Each chapter builds on
those that precede it to provide a solid understanding of networking security funda-
mentals. The book may also be used to prepare for CompTIA’s Security+ certification
exam. Appendix A pinpoints the chapters and sections in which specific Security+
exam objectives are covered.
Hardware and Software Requirements
Following are the hardware and software requirements needed to perform the end-of-
chapter Hands-On
Copyright Projects.
2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Introduction xxv
• Microsoft Windows 10
• An Internet connection and web browser
• Microsoft Office
Chapter 2:
• Irongeek Thumbscrew
• Refog Keylogger
Chapter 3:
• OpenPuff Steganography
• HashCalc
• Jetico BestCrypt
Chapter 4:
• Comodo Secure Email Certificate
Chapter 5:
• Qualys Browser Check
• GRC Securable
Chapter 6:
• GlassWire
• K9 Web Protection
Chapter 7:
• VMware vCenter Converter
• VMware Workstation Player
Chapter 8:
• Xirrus Wi-Fi Inspector
• Vistumbler
Chapter 9:
• EICAR AntiVirus Test File
Chapter 10:
• Prey Project
• Bluestacks
• Andy Android emulator
• Lookout Security & Antivirus
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
xxvi Introduction
Chapter 11:
• Hashcat
• HashcatGUI
• BioID Facial Recognition Authenticator
• GreyC-Keystroke
• KeePass
Chapter 13:
• Flexera Personal Software Inspector
• Macrium Reflect
• Nmap
Chapter 14:
• Directory Snoop
• Nmap
Chapter 15:
• Browzar
• UNetbootin
• Linux Mint
References
1. Newman, Lilly, “Hack brief: Hackers breach a billion Yahoo accounts,” Wired, Dec. 14, 2016,
retrieved Jul. 3, 2017, https://www.wired.com/2016/12/yahoo-hack-billion-users/.
2. Chang, Ziv, Sison, Gilbert, Jocson, Jeanne, “Erebus resurfaces as Linux ransomware,”
TrendLabs Security Intelligence Blog, Jun. 19, 2017, retrieved Jul. 3, 2017, http://blog.trendmicro
.com/trendlabs-security-intelligence/erebus-resurfaces-as-linux-ransomware/.
3. Corkery, Michael, and Goldstein, Matthew, “North Korea said to be target of inquiry over
$81 million cyberheist,” New York Times, Mar. 22, 2017, retrieved Jul. 3, 2017, https://www.
nytimes.com/2017/03/22/business/dealbook/north-korea-said-to-be-target-of-inquiry
-over-81-million-cyberheist.html.
4. “Cybersecurity market report,” Cybersecurity Ventures, Q2 2017, retrieved Jul. 3, 2017,
http://cybersecurityventures.com/cybersecurity-market-report/.
5. Nash, Kim, “Firms vie in hiring of cyber experts,” Wall Street Journal, May 15, 2017,
retrieved Jul. 10, 2017, https://www.wsj.com/articles/for-many-companies-a-
good-cyber-chief-is-hard-to-find-1494849600.
6. “Information security analysts: Occupational outlook handbook,” Bureau of Labor Statistics,
Dec. 17, 2015, retrieved Jul. 3, 2017, https://www.bls.gov/ooh/computer-and-information
-technology/information-security-analysts.htm.
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
PART I
The security of the data and information contained on computers and digital devices
today is threatened more than ever before, and the attacks are escalating every day.
The chapters in this part introduce security and outline many of these threats. The
chapters in later parts will give you the understanding and tools you need to defend
against these attacks.
1
Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203
Another random document with
no related content on Scribd:
Andes the petroleum is of high grade. Samples of oil from Espejos
Spring, 12 leagues from Santa Cruz, indicate the quality expected
north to the Madre de Dios. This has 78 per cent kerosene, 17
lubricating oil, and 4 per cent coke. From indications it is believed
that gushers would come by boring to proper depth. It is said that
deposits of good quality are indicated at Calacoto on the Arica
Railway, a continuation of the Titicaca fields of Peru. These are
obviously much more accessible but less assured.
Mining properties of various kinds may be acquired and worked to
good advantage, some with a moderate outlay of capital; with larger
returns, naturally, from greater expenditure for the best equipment
and more extensive properties. There is work for centuries.
Industries
Agriculture
Forestry
Investments
History
Government
Population
Education
Rivers
The rivers of the country are numerous except in the north, where
but two reach the ocean. Farther south to 35° they are torrential in
character, but important both for irrigation and as a potential source
of hydro-electric power; their descent from so great a height
indicating large future possibilities. Beyond 35° a number of streams
are navigable for some distance for boats of light draught, 500 miles
in all, the Bio-Bio for 100 miles, the Maule for 75. South of these
rivers are many picturesque and important lakes close to the
Cordillera where they serve as great reservoirs for the excessive
precipitation of rain and snow on the west side of the mountains. The
largest are Lakes Rauco and Llanquihue, with estimated areas
respectively of 200 and 250 square miles. Lake Todos los Santos, 40
square miles, described as of marvelous beauty, is northeast of
Puerto Montt among the Andean foothills, at a height of 500 feet.
The seaboard at the north, with few indentations, has in
consequence poor harbors, where landing in small boats may
occasionally be dangerous or impossible. In the far south are
sheltered harbors, but few cities requiring them.
Climate
Capital
Provinces