What do you think?
Rate this book
CompTIA Security+ All-In-One Exam Guide
Official CompTIA Content! Prepare for CompTIA Security+ Exam SY0-301 with McGraw-Hill--a Gold-Level CompTIA Authorized Partner offering Official CompTIA Approved Quality Content to give you the competitive edge on exam day.
Get complete coverage of all the objectives included on CompTIA Security+ exam inside this completely updated, comprehensive volume. Written by leading network security experts, this definitive guide covers exam SY0-301 in full detail. You'll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the exam with ease, this practical resource also serves as an essential on-the-job reference.
Covers all exam topics, General security concepts Operational organizational security Legal issues, privacy, and ethics Cryptography Public key infrastructure Standards and protocols Physical security Infrastructure security Remote access and authentication Intrusion detection systems Security baselines Types of attacks and malicious software E-mail and instant messaging Web components Disaster recovery and business continuity Risk, change, and privilege management Computer forensics
CD-ROM Two full practice exams PDF copy of the book From the Authors
Preparing Yourself for the CompTIA Security+ Exam
"CompTIA Security+ Certification All-in-One Exam Guide" is designed to help prepare you to take the CompTIA Security+ certification exam SY0-301. When you pass it, you will demonstrate that you have that basic understanding of security that employers are looking for. Passing this certification exam will not be an easy task, for you will need to learn many things to acquire that basic understanding of computer and network security.
How This Book Is Organized
The book is divided into sections and chapters to correspond with the objectives of the exam itself. Some of the chapters are more technical than others--reflecting the nature of the security environment, where you will be forced to deal with not only technical details but also other issues, such as security policies and procedures as well as training and education. Although many individuals involved in computer and network security have advanced degrees in math, computer science, information systems, or computer or electrical engineering, you do not need this technical background to address security effectively in your organization. You do not need to develop your own cryptographic algorithm; for example, you simply need to be able to understand how cryptography is used along with its strengths and weaknesses. As you progress in your studies, you will learn that many security problems are caused by the human element. The best technology in the world still ends up being placed in an environment where humans have the opportunity to foul things up--and all too often do.
Part Security The book begins with an introduction to some of the basic elements of security.
Part Cryptography and Cryptography is an important part of security, and this part covers this topic in detail. The purpose is not to make cryptographers out of readers but to instead provide a basic understanding of how cryptography works and what goes into a basic cryptographic scheme. An important subject in cryptography, and one that is essential for the reader to understand, is the creation of public key infrastructures, and this topic is covered as well.
Part Security in the The next part concerns infrastructure issues. In this case, we are not referring to the critical infrastructures identified by the White House several years ago (identifying sectors such as telecommunications, banking and finance, oil and gas, and so forth) but instead the various components that form the backbone of an organization's security structure.
Part Security in This part discusses communications security. This is an important aspect of security because, for years now, we have connected our computers together into a vast array of networks. Various protocols in use today that the security practitioner needs to be aware of are discussed in this part.
Part Operational This part addresses operational and organizational issues. This is where we depart from a discussion of technology again and will instead discuss how security is accomplished in an organization. Because we know that we will not be absolutely successful in our security efforts--attackers are always finding new holes and ways around our security defenses--one of the most important topics we will address is the subject of security incident response and recovery. Also included is a discussion of change management (addressing the subject we alluded to earlier when addressing the problems with patch management), security awareness and training, incident response, and forensics.
Part There are two appendix...
Get complete coverage of all the objectives included on CompTIA Security+ exam inside this completely updated, comprehensive volume. Written by leading network security experts, this definitive guide covers exam SY0-301 in full detail. You'll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the exam with ease, this practical resource also serves as an essential on-the-job reference.
Covers all exam topics, General security concepts Operational organizational security Legal issues, privacy, and ethics Cryptography Public key infrastructure Standards and protocols Physical security Infrastructure security Remote access and authentication Intrusion detection systems Security baselines Types of attacks and malicious software E-mail and instant messaging Web components Disaster recovery and business continuity Risk, change, and privilege management Computer forensics
CD-ROM Two full practice exams PDF copy of the book From the Authors
Preparing Yourself for the CompTIA Security+ Exam
"CompTIA Security+ Certification All-in-One Exam Guide" is designed to help prepare you to take the CompTIA Security+ certification exam SY0-301. When you pass it, you will demonstrate that you have that basic understanding of security that employers are looking for. Passing this certification exam will not be an easy task, for you will need to learn many things to acquire that basic understanding of computer and network security.
How This Book Is Organized
The book is divided into sections and chapters to correspond with the objectives of the exam itself. Some of the chapters are more technical than others--reflecting the nature of the security environment, where you will be forced to deal with not only technical details but also other issues, such as security policies and procedures as well as training and education. Although many individuals involved in computer and network security have advanced degrees in math, computer science, information systems, or computer or electrical engineering, you do not need this technical background to address security effectively in your organization. You do not need to develop your own cryptographic algorithm; for example, you simply need to be able to understand how cryptography is used along with its strengths and weaknesses. As you progress in your studies, you will learn that many security problems are caused by the human element. The best technology in the world still ends up being placed in an environment where humans have the opportunity to foul things up--and all too often do.
Part Security The book begins with an introduction to some of the basic elements of security.
Part Cryptography and Cryptography is an important part of security, and this part covers this topic in detail. The purpose is not to make cryptographers out of readers but to instead provide a basic understanding of how cryptography works and what goes into a basic cryptographic scheme. An important subject in cryptography, and one that is essential for the reader to understand, is the creation of public key infrastructures, and this topic is covered as well.
Part Security in the The next part concerns infrastructure issues. In this case, we are not referring to the critical infrastructures identified by the White House several years ago (identifying sectors such as telecommunications, banking and finance, oil and gas, and so forth) but instead the various components that form the backbone of an organization's security structure.
Part Security in This part discusses communications security. This is an important aspect of security because, for years now, we have connected our computers together into a vast array of networks. Various protocols in use today that the security practitioner needs to be aware of are discussed in this part.
Part Operational This part addresses operational and organizational issues. This is where we depart from a discussion of technology again and will instead discuss how security is accomplished in an organization. Because we know that we will not be absolutely successful in our security efforts--attackers are always finding new holes and ways around our security defenses--one of the most important topics we will address is the subject of security incident response and recovery. Also included is a discussion of change management (addressing the subject we alluded to earlier when addressing the problems with patch management), security awareness and training, incident response, and forensics.
Part There are two appendix...
- GenresTechnology
704 pages, Hardcover
First published July 19, 2011
2 people are currently reading
23 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
No one has reviewed this book yet.