Nicht aus der Schweiz? Besuchen Sie lehmanns.de
Principles of Computer Security: CompTIA Security+ and Beyond, Sixth Edition (Exam SY0-601) - Wm. Arthur Conklin, Greg White, Chuck Cothren, Roger Davis, Dwayne Williams

Principles of Computer Security: CompTIA Security+ and Beyond, Sixth Edition (Exam SY0-601)

Buch | Softcover
1072 Seiten
2021 | 6th edition
McGraw-Hill Education (Verlag)
978-1-260-47431-2 (ISBN)
CHF 132,65 inkl. MwSt
  • Titel ist leider vergriffen;
    keine Neuauflage
  • Artikel merken
This fully revised four color textbook covers every topic on the current version of the CompTIA Security+ exam

Prepare for a career in computer and network security while also studying for professional certification. Take the latest version of the challenging CompTIA Security+ exam with complete confidence using the detailed information contained in this comprehensive classroom-based solution. Written and edited by leaders in the field, the book gets candidates fully prepared for the test and contains the essential fundamentals of computer and network security skills.

Principles of Computer Security: CompTIA Security+ and Beyond, Sixth Edition (Exam SY0-601) is presented in an engaging style and features full-color illustrations. Targeted sidebars throughout encourage readers to apply concepts in real-world settings, while other special elements bring the focus back to study with specific test-related advice and information. The textbook features engaging end of chapter sections that help you review the content covered in each chapter while also drilling you on the essentials and providing unique hands-on lab projects.




Provides 100% coverage of every objective on exam SY0-601Online content includes 200 practice questions in the Total Tester exam engineWritten by a team of the most well-respected upper-level IT security educatorsInstructor Materials are available for adopting schools—contact your McGraw Hill sales representativeAnswers and solutions to the end of chapter sections are only available to adopting instructors

Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.

Wm. Arthur Conklin (Houston, TX), Security+, CISSP, is an Assistant Professor in the Information and Logistics Technology department at the University of Houston. In addition to his PhD, Mr. Conklin has a MBA from UTSA, and two graduate degrees in Electrical Engineering from the Naval Postgraduate School in Monterey, California. Dr. Conklin’s interests are information security, systems theory, and secure software design. Greg White (San Antonio, TX), CompTIA Security+, CISSP, is an Associate Professor in the Department of Computer Science at the University of Texas at San Antonio. Dr. White is the Director of the Center for Infrastructure Assurance and Security at UTSA. Chuck Cothren is a Research Scientist at University of Texas at San Antonio (UTSA) Center for Infrastructure Assurance and Security (CIAS) and currently serves on the Information Security Association’s Alamo Chapter Board of Directors. Mr. Cothren has a wide array of security experience including performing controlled penetration testing, network security policies, computer intrusion forensics, and computer training. He is a Certified Information Systems Security Professional (CISSP) and has co-authored other McGraw-Hill/Osborne titles. Mr. Cothren holds a B.S. in Industrial Distribution from Texas A&M University. Roger L. Davis is a Senior Internal Audit Manager at NuSkin Enterprises and is responsible for evaluating global business operations in over 35 countries. He is a retired Air Force Colonel with over 20 years of military and information security experience. Mr. Davis is a Certified Information Systems Security Professional (CISSP) and holds a Master’s Degree in Computer Science from George Washington University.

Foreword
Preface
Introduction
Instructor Website
Chapter 1 Introduction and Security Trends
   The Computer Security Problem
   Threats to Security
   Attributes of Actors
   Security Trends
   Targets and Attacks
   Approaches to Computer Security
   Ethics
   Additional References
   Chapter 1 Review
Chapter 2 General Security Concepts
   Basic Security Terminology
   Formal Security Models
   Additional References
   Chapter 2 Review
Chapter 3 Operational and Organizational Security
   Policies, Procedures, Standards, and Guidelines
   Organizational Policies
   Security Policies
   Human Resources Policies
   Security Awareness and Training
   Standard Operating Procedures
   Third-Party Risk Management
   Interoperability Agreements
   Chapter 3 Review
Chapter 4 The Role of People in Security
   People—A Security Problem
   Tools
   Attacks
   Poor Security Practices
   People as a Security Tool
   Chapter 4 Review
Chapter 5 Cryptography
   Cryptography in Practice
   Cryptographic Objectives
   Historical Perspectives
   Hashing Functions
   Symmetric Encryption
   Asymmetric Encryption
   Quantum Cryptography
   Post-Quantum
   Lightweight Cryptography
   Homomorphic Encryption
   For More Information
   Chapter 5 Review
Chapter 6 Applied Cryptography
   Cryptography Use
   Cipher Suites
   S/MIME
   PGP
   Steganography
   Secure Protocols
   Secure Protocol Use Cases
   Cryptographic Attacks
   Other Standards
   Chapter 6 Review
Chapter 7 Public Key Infrastructure
   The Basics of Public Key Infrastructures
   Certificate Authorities
   Trust Models
   Digital Certificates
   Certificate Lifecycles
   Certificate Repositories
   Centralized and Decentralized Infrastructures
   Certificate-Based Threats
   PKIX and PKCS
   ISAKMP
   CMP
   XKMS
   CEP
   Chapter 7 Review
Chapter 8 Physical Security
   The Security Problem
   Physical Security Safeguards
   Environmental Controls
   Fire Suppression
   Electromagnetic Environment
   Power Protection
   Drones/UAVs
   Chapter 8 Review
Chapter 9 Network Fundamentals
   Network Architectures
   Network Topology
   Segregation/Segmentation/Isolation
   Security Zones
   Network Protocols
   Internet Protocol
   IPv4 vs. IPv6
   Packet Delivery
   Inter-Networking
   MPLS
   Software-Defined Networking (SDN)
   Quality of Service (QoS)
   Traffic Engineering
   Route Security
   For More Information
   Chapter 9 Review
Chapter 10 Infrastructure Security
   Devices
   Virtualization
   Networking
   Security Devices
   Security Device/Technology Placement
   Tunneling/VPN
   Storage Area Networks
   Media
   Removable Media
   Security Concerns for Transmission Media
   Physical Security Concerns
   Chapter 10 Review
Chapter 11 Authentication and Remote Access
   User, Group, and Role Management
   Account Policies
   Authorization
   Identity
   Authentication Methods
   Biometric Factors
   Biometric Efficacy Rates
   Multifactor Authentication
   Remote Access
   Preventing Data Loss or Theft
   Database Security
   Cloud vs. On-premises Requirements
   Connection Summary
   For More Information
   Chapter 11 Review
Chapter 12 Wireless Security and Mobile Devices
   Connection Methods and Receivers
   Wireless Protocols
   Wireless Systems Configuration
   Wireless Attacks
   Mobile Device Management Concepts
   Mobile Application Security
   Mobile Devices
   Policies for Enforcement and Monitoring
   Deployment Models
   Chapter 12 Review
Chapter 13 Intrusion Detection Systems and Network Security
   History of Intrusion Detection Systems
   IDS Overview
   Network-Based IDSs
   Host-Based IDSs
   Intrusion Prevention Systems
   Network Security Monitoring
   Deception and Disruption Technologies
   Analytics
   SIEM
   DLP
   Tools
   Indicators of Compromise
   For More Information
   Chapter 13 Review
Chapter 14 System Hardening and Baselines
   Overview of Baselines
   Hardware/Firmware Security
   Operating System and Network Operating System Hardening
   Secure Baseline
   Endpoint Protection
   Network Hardening
   Application Hardening
   Data-Based Security Controls
   Environment
   Automation/Scripting
   Alternative Environments
   Industry-Standard Frameworks and Reference Architectures
   Benchmarks/Secure Configuration Guides
   For More Information
   Chapter 14 Review
Chapter 15 Types of Attacks and Malicious Software
   Avenues of Attack
   Malicious Code
   Malware
   Attacking Computer Systems and Networks
   Advanced Persistent Threat
   Password Attacks
   Chapter 15 Review
Chapter 16 Security Tools and Techniques
   Network Reconnaissance and Discovery Tools
   File Manipulation Tools
   Shell and Script Environments
   Packet Capture and Replay Tools
   Forensic Tools
   Tool Suites
   Penetration Testing
   Vulnerability Testing
   Auditing
   Vulnerabilities
   Chapter 16 Review
Chapter 17 Web Components, E-mail, and Instant Messaging
   Current Web Components and Concerns
   Web Protocols
   Code-Based Vulnerabilities
   Application-Based Weaknesses
   How E-mail Works
   Security of E-mail
   Mail Gateway
   Mail Encryption
   Instant Messaging
   Chapter 17 Review
Chapter 18 Cloud Computing
   Cloud Computing
   Cloud Types
   Cloud Service Providers
   Cloud Security Controls
   Security as a Service
   Cloud Security Solutions
   Virtualization
   VDI/VDE
   Fog Computing
   Edge Computing
   Thin Client
   Containers
   Microservices/API
   Serverless Architecture
   Chapter 18 Review
Chapter 19 Secure Software Development
   The Software Engineering Process
   Secure Coding Concepts
   Application Attacks
   Application Hardening
   Code Quality and Testing
   Compiled Code vs. Runtime Code
   Software Diversity
   Secure DevOps
   Elasticity
   Scalability
   Version Control and Change Management
   Provisioning and Deprovisioning
   Integrity Measurement
   For More Information
   Chapter 19 Review
Chapter 20 Risk Management
   An Overview of Risk Management
   Risk Management Vocabulary
   What Is Risk Management?
   Security Controls
   Business Risks
   Third-party Risks
   Risk Mitigation Strategies
   Risk Management Models
   Risk Assessment
   Qualitatively Assessing Risk
   Quantitatively Assessing Risk
   Qualitative vs. Quantitative Risk Assessment
   Tools
   Risk Management Best Practices
   Additional References
   Chapter 20 Review
Chapter 21 Business Continuity, Disaster Recovery, and Change Management
   Business Continuity
   Continuity of Operations Planning (COOP)
   Disaster Recovery
   Why Change Management?
   The Key Concept: Separation of Duties
   Elements of Change Management
   Implementing Change Management
   The Purpose of a Change Control Board
   The Capability Maturity Model Integration
   Environment
   Secure Baseline
   Sandboxing
   Integrity Measurement
   Chapter 21 Review
Chapter 22 Incident Response
   Foundations of Incident Response
   Attack Frameworks
   Threat Intelligence
   Incident Response Process
   Exercises
   Stakeholder Management
   Communication Plan
   Data Sources
   Log Files
   Data Collection Models
   Standards and Best Practices
   For More Information
   Chapter 22 Review
Chapter 23 Computer Forensics
   Evidence
   Chain of Custody
   Forensic Process
   Message Digest and Hash
   Analysis
   Host Forensics
   Device Forensics
   Network Forensics
   Legal Hold
   Chapter 23 Review
Chapter 24 Legal Issues and Ethics
   Cybercrime
   Ethics
   Chapter 24 Review
Chapter 25 Privacy
   Data Handling
   Organizational Consequences of Privacy Breaches
   Data Sensitivity Labeling and Handling
   Data Roles
   Data Destruction and Media Sanitization
   U.S. Privacy Laws
   International Privacy Laws
   Privacy-Enhancing Technologies
   Privacy Policies
   Privacy Impact Assessment
   Web Privacy Issues
   Privacy in Practice
   For More Information
   Chapter 25 Review
Appendix A CompTIA Security+ Exam Objectives: SY0-601
Appendix B About the Online Content
   System Requirements
   Your Total Seminars Training Hub Account
   Single User License Terms and Conditions
   TotalTester Online
   Technical Support
Glossary
Index

Erscheinungsdatum
Zusatzinfo 236 Illustrations
Verlagsort OH
Sprache englisch
Gewicht 2055 g
Themenwelt Mathematik / Informatik Informatik Theorie / Studium
Informatik Weitere Themen Zertifizierung
ISBN-10 1-260-47431-3 / 1260474313
ISBN-13 978-1-260-47431-2 / 9781260474312
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich