Transcription
Suspending KeysRecovering and Archiving KeysRenewing KeysDestroying KeysIdentifying Key Usage364365366367368368Exam Essentials369Review Questions370Answers to Review Questions374Physicaland ometrics386384Maintaining Environmental and Power Controls386Environmental 376ZonesHot and Cold d SystemsSummary394Exam Essentials394Review395QuestionsAnswers to Review11358361Implementing Access ControlPhysical BarriersChapter357Using Key EscrowSummary10355356359Key GenerationStoring and Distributing KeysChapterxixSecurity and VulnerabilityNetwork399Questionsin the NetworkSecurity ThreatsTestingVulnerability ScanningEthical HackingAssessment Types and TechniquesPenetration401403404405407408
xxContentsSecure Network Administration Principles410Port410ManagementSecurityWorking with 802.IXFlood Guards and Loop ProtectionPreventing Network BridgingLog AnalysisMitigation and Deterrent Techniques12411412412Monitoring System LogsSecurity PostureReporting413Detection/Prevention Controls420419420Summary421Exam stionsNetworking Securitywith WirelessSystems426429430IEEE 802.11* Wireless t Layer SecurityUnderstanding Mobile Devices435Wireless Access Points436Extensible Authentication Protocol441Lightweight Extensible Authentication Protocol442Protected Extensible Authentication Protocol443Wireless VulnerabilitiestoKnow443Summary448Exam ingChapter411Manual Bypassing of Electronic nsDisaster Recovery and Incident Impact AnalysisBusiness454455456457Utilities458High Availability460Disaster464IncidentRecoveryResponse PoliciesUnderstanding Incident ResponseSuccession Planning479480487
ContentsReinforcing Vendor SupportService-Level AgreementsCode Escrow Agreements487Summary490Exam to Review492Questions496Security-Related Policiesand ProceduresPolicies You Must Have500Least Privilege501Separation of Duties502Time of Day Restrictions502Mandatory Vacations and Job Rotation504Policies You Should Have504Human Resource Policies504Certificate PoliciesSecurity Controls for508AccountManagement510User and510Users512Group Role Managementwith Multiple Accounts/RolesAuditingAccount512Policy Enforcement519Summary521Exam Essentials522Review QuestionsAnswers15499500Data Loss/Theft PoliciesChapterxxito Review523Questions527Security Administration529Administrator'sSecurityGetting StartedCreating a HomeIn the WorkplaceTroubleshootinga530531LabWhich OS Should You Use?CreatingGuideSecurity Solution531532533533Access Control Issues534Accountability ConcernsAuditing534Authentication Schemes536535Authentication Factors536Mutual Authentication537Authentication Protection538Backup Management538
xxiiContentsBaselining Security539Certificate ation541Remote Control/Remote Shell542Virtual Private Networks543Services Protection543DirectoryDisaster PlanningDocumenting Your544EnvironmentEmail Issues545File-Sharing BasicsWorking with IDSs and HoneyIncident HandlingAppendixA545547Pots548548Internet Common Sense549Key Management ConventionsPreventing Common Malicious EventsConstructing a Line of DefenseTypes of Attacks550551552553Antivirus Protection554Making Stronger Passwords555Managing PersonnelKeeping Physical Security Meaningful557Securing the InfrastructureWorking with Security ZonesSocial Engineering RisksSystem Hardening BasicsSecuring the Wireless EnvironmentSummary560About theCompanion CDWhat You'll FindSybexTestonthe CDEngine558562562563565566567568568Electronic Flashcards568PDF of theGlossarySystem RequirementsUsing the CD568Troubleshooting570Customer Care569569570Glossary571Index613
CompTIA*Security DeluxeStudyGuide Second Edition EmmettDulaney WILEY WileyPublishing/Inc. Contents Foreword xxv Introduction xxix AssessmentTest I . Workingwith a Network-BasedIDS 89 Workingwith aHost-BasedIDS 93 WorkingwithNIPS 95 UtilizingHoneypots 96 UnderstandingProtocolAnalyzers 97
