Part I. Systems and Application Security
Chapter 1. Introduction to Security
Foundation Topics: Security 101
Exam Preparation Tasks: Review Key Topics
Chapter 2. Computer Systems Security
Foundation Topics: Computer Systems Security Threats
Ways to Deliver Malicious Software
Via Software, Messaging, and Media
Preventing and Troubleshooting Malware
Preventing and Troubleshooting Viruses
Preventing and Troubleshooting Worms and Trojans
Preventing and Troubleshooting Spyware
Preventing and Troubleshooting Rootkits
Preventing and Troubleshooting Spam
You Can’t Save Every Computer from Malware!
Summary of Malware Prevention Techniques
Implementing Security Applications
Host-Based Intrusion Detection Systems
Securing Computer Hardware and Peripherals
Exam Preparation Tasks: Review Key Topics
Complete Tables and Lists from Memory
Lab 2-1: Using Free Malware Scanning Programs
Lab 2-2: How to Secure the BIOS
Chapter 3. OS Hardening and Virtualization
Foundation Topics: Hardening Operating Systems
Removing Unnecessary Applications and Services
Windows Update, Patches, and Hotfixes
Group Policies, Security Templates, and Configuration Baselines
Hardening File Systems and Hard Drives
Types of Virtualization and Their Purposes
Exam Preparation Tasks: Review Key Topics
Complete Tables and Lists from Memory
Lab 3-1: Discerning and Updating the Service Pack Level
Lab 3-2: Creating a Virtual Machine in Virtual PC 2007
Chapter 4. Application Security
Foundation Topics: Securing the Browser
General Browser Security Procedures
Use a Proxy and Content Filter
Exam Preparation Tasks: Review Key Topics
Complete Tables and Lists from Memory
Lab 4-2: Disabling Applications with a Windows Server 2003 Policy
Part II. Network Infrastructure
Chapter 5. Network Design Elements and Network Threats
Foundation Topics: Network Design
Network Address Translation, and Private Versus Public IP
Network Zones and Interconnections
Virtual Local Area Network (VLAN)
Ports, Protocols, and Malicious Attacks
DNS Poisoning and Other DNS Attacks
Exam Preparation Tasks: Review Key Topics
Complete Tables and Lists from Memory
Chapter 6. Network Perimeter Security
Foundation Topics: Firewalls and Network Security
The Protocol Analyzer’s Role in NIDS and NIPS
Exam Preparation Tasks: Review Key Topics
Complete Tables and Lists from Memory
Lab 6-1: Packet Filtering and NAT Firewalls
Lab 6-2: Configuring an Inbound Filter on a SOHO Router/Firewall
Lab 6-3: Enabling MAC Filtering
Chapter 7. Securing Network Media and Devices
Foundation Topics: Securing Wired Networks and Devices
Network Device Vulnerabilities
Other Network Device Considerations
Tapping into Data and Conversations
Wireless Access Point Vulnerabilities
Secure the Administration Interface
Other Wireless Access Point Security Strategies
Wireless Transmission Vulnerabilities
Exam Preparation Tasks: Review Key Topics
Complete Tables and Lists from Memory
Lab 7-1: Securing a Wireless Device: 8 Steps to a Secure Network
Lab 7-2: Wardriving...and The Cure
Chapter 8. Physical Security and Authentication Models
Foundation Topics: Physical Security
General Building and Server Room Security
Authentication Models and Components
Localized Authentication Technologies
Kerberos and Mutual Authentication
Remote Authentication Technologies
Exam Preparation Tasks: Review Key Topics
Complete Tables and Lists from Memory
Lab 8-1: Enabling 802.1X on a Network Adapter
Lab 8-3: Setting Up a RADIUS Server
Chapter 9. Access Control Methods and Models
Foundation Topics: Access Control Models Defined
Role-Based Access Control (RBAC)
Rights, Permissions, and Policies
Users, Groups, and Permissions
Permission Inheritance and Propagation
Moving and Copying Folders and Files
Exam Preparation Tasks: Review Key Topics
Complete Tables and Lists from Memory
Lab 9-1: Configuring Password Policies and User Account Restrictions
Lab 9-2: Configuring User and Group Permissions
Part IV. Assessments and Audits
Chapter 10. Vulnerability and Risk Assessment
Foundation Topics: Conducting Risk Assessments
Security Analysis Methodologies
Assessing Vulnerability with Security Tools
Exam Preparation Tasks: Review Key Topics
Complete Tables and Lists from Memory
Lab 10-1: Mapping and Scanning the Network
Lab 10-2: Password Cracking and Defense
Chapter 11. Monitoring and Auditing
Foundation Topics: Monitoring Methodologies
Using Tools to Monitor Systems and Networks
Log File Maintenance and Security
Auditing System Security Settings
Exam Preparation Tasks: Review Key Topics
Complete Tables and Lists from Memory
Lab 11-1: Using Protocol Analyzers
Lab 11-2: Auditing Files on a Windows Server
Chapter 12. Encryption and Hashing Concepts
Foundation Topics: Cryptography Concepts
Symmetric Versus Asymmetric Key Algorithms
Summary of Symmetric Algorithms
Exam Preparation Tasks: Review Key Topics
Complete Tables and Lists from Memory
Lab 12-1: Disabling the LM Hash in Windows Server 2003
Chapter 13. PKI and Encryption Protocols
Foundation Topics: Public Key Infrastructure
Single-Sided and Dual-Sided Certificates
Exam Preparation Tasks: Review Key Topics
Lab 13-1: A Basic Example of PKI
Lab 13-2: Configuring an L2TP-Based VPN with Windows Server 2003
Lab 13-3: Making an SSH Connection
Part VI. Organizational Security
Chapter 14. Redundancy and Disaster Recovery
Foundation Topics: Redundancy Planning
Uninterruptible Power Supplies
Disaster Recovery Planning and Procedures
Exam Preparation Tasks: Review Key Topics
Complete Tables and Lists from Memory
Lab 14-1: Backing Up Data on a Windows Server
Lab 14-2: Configuring RAID 1 and 5
Chapter 15. Policies, Procedures, and People
Foundation Topics: Environmental Controls
Special Hazard Protection Systems
Summary of Social Engineering Types
Legislative and Organizational Policies
Data Sensitivity and Classification of Information
Separation of Duties/Job Rotation
User Education and Awareness Training
Summary of Personnel Security Policies
How to Dispose of Computers and Other IT Equipment Securely
Exam Preparation Tasks: Review Key Topics
Complete Tables and Lists from Memory
Part VII. Preparing for the CompTIA Security+ Exam
Chapter 16. Taking the Real Exam
Foundation Topics: Getting Ready and the Exam Preparation Checklist
Beyond the CompTIA Security+ Certification
Practice Exam 1: CompTIA Security+ SY0-201
Practice Exam 2: CompTIA Security+ SY0-201
Elements Available on DVD
Practice Exam 3: CompTIA Security+ SY0-201
Appendix B. Memory Tables Answer Key
Video Solutions to Hands-On Scenarios