CompTIA Security+Certification Study Guide,
Second Edition
(Exam SYO-401)
'aw-Hill Education is an independent entity from CompTIA.This publication^D-ROM may be used in assisting students to prepare for the CompTIAity+ exam. Neither CompTIA nor McGraw-Hill Education warrant that use of
ublication and CD-ROM will ensure passing any exam. CompTIA and CompTIAity+ are trademarks or registered trademarks of CompTIA in the United States
>r other countries.AII other trademarks are trademarks of their respective owners.
Glen E. Clarke
McGrawHillEducation
New York Chicago San Framixs. Alliens
London Madrid Mexico City Mil.m
New Mill Smt.iport Sydney Toronto
CONTENTS AT A GLANCE
1 Networking Basics and Terminology 1
2 Introduction to Security Terminology 65
3 Security Policies and Standards 97
4 Types of Attacks 133
5 System Security Threats 181
6 Mitigating Security Threats 219
7 Implementing System Security 271
8 Securing the Network Infrastructure 331
9 Wireless Networking and Security 379
10 Authentication 433
11 Access Control 457
12 Introduction to Cryptography 493
13 Managing a Public Key Infrastructure 533
14 Physical Security 569
15 Risk Analysis 599
16 Disaster Recovery and Business Continuity 625
17 Introduction to Computer Forensics 667
18 Security Assessments and Audits 709
ix
X CompTIA Security+ Certification Study Guide
19 Understanding Monitoring and Auditing 763
A About the CD-ROM 801
Index 805
CONTENTS
Acknowledgments xxiii
Preface xxv
Introduction xxix
1 Networking Basics and Terminology I
Understanding Network Devices and Cabling 2
Looking at Network Devices 2
Understanding Network Cabling 10
Exercise l-l: Reviewing Networking Components 18
Understanding TCP/IP 19
Reviewing IP Addressing 19
Exercise 1-2: Understanding Valid Addresses 24
Understanding TCP/IP Protocols 25
Exercise 1-3: Viewing Protocol Information
with Network Monitor 36
Application Layer Protocols 42
A Review of IPv6 48
Exercise 1-4: Identifying Protocols in TCP/IP 51
Network Security Best Practices 51
Device Usage 52
Cable and Protocol Usage 53
/ Two-Minute Drill 56
Q&A Self Test 58
Self Test Answers 61
2 Introduction to Security Terminology 65
Goals of Information Security 66
Confidentiality 66
Integrity 69
Availability 71
xi
XII CompTIA Security+ Certification Study Guide
Accountability u
Exeixise2^l: CIA Scenarios 73
Understanding Authentication and Authorization 74
Identification and Authentication 74
Authorization 76
Understanding Security Principles and Terminology 77
Types of Security 77
Least Privilege, Separation of Duties,
and Rotation of Duties 79
Concept of Need to Know 80
Layered Security and Diversity of Defense 81
Due Care, Due Diligence 81
Vulnerability and Exploit 82
Looking at Security Roles 82
System and Data Owner 83
Custodian 83
User 83
Security Officer 83
f*erdse_2-2: Security Terminology 84
•/ Two-Minute Drill 86
D^A Self Test 89
Self Test Answers 93
3 Security Policies and Standards 97
Introduction to Security Policies 98
Structure of a Policy 99
Identifying Types of Policies 100
Understanding Regulations and Standards 101
Looking at Security Policies 103
Policies Affecting Users 103Policies Affecting Administrators 105
P^rciseJ-i: Reviewing a Security Policy 106Policies Affecting Management 107Other Popular Policies }09
Human Resource Policies \\q
Hiring Policy iiqTermination Policy mMandatory Vacations
Contents xHl
Security-Related HR Policies 112
Exercise Creating a Security Policy 113
User Education and Awareness 114
General Training and Role-Based Training 114
User Habits 116
New Threats and Security Trends 118
Use of Social Network and P2P 118
Training Metrics and Follow Up 119
Exercise 3-3: Designing a Training Program 119
/ Two-Minute Drill 122
Q&.A Self Test 124
Self Test Answers 128
4 Types of Attacks 133
Understanding Social Engineering 134
Social Engineering Overview 1 34
Popular Social Engineering Attacks 134
Reasons for Effectiveness 139
Preventing Social Engineering Attacks 139
Identifying Network Attacks 140
Popular Network Attacks 140
Exercise 4-\: DNS Poisoning by Modifyingthe Hosts File 148
Exejxjse_4^2: Performing a Port Scan 151
Other Network Attacks 152
Preventing Network Attacks 153
Looking at Password Attacks 154
Types of Password Attacks 154
Excfcise^O: Password Cracking with LC4 156
Birthday Attacks and Rainbow Tables 158
Preventing Password Attacks 158
Understanding Application Attacks 160
Popular Application Attacks 160
Exercise 4-4: SQL Injection Attacks 162
Ixercis^l-IS," Exploiting an US Web Server
with Folder Traversal 165
Other Application Attacks 166
Preventing Application Attacks 168
XIV CompTIA Security+ Certification Study Guide
/ Two-Minute Drill 170
\ Self Test 172
Self Test Answers 176
5 System Security Threats ,81
Identifying Physical Threats 182
Snooping 182
Theft and Loss of Assets 183
Human Error 184
Sabotage 185
Looking at Malicious Software 185
Privilege Escalation 185
Viruses 186
Exercise 5-1: Looking at the NetBus Trojan Virus 188
Other Malicious Software 194
Protecting Against Malicious Software 199
Threats Against Hardware 200
BIOS Settings 200
USB Devices 201
Cell Phones 202
Exercise 5-2: Exploiting a Bluetooth Device 203
Removable Storage 206
Network Attached Storage 206
PBX 208
/ Two-Minute Drill 211
\ Self Test 213
Self Test Answers 216
6 Mitigating Security Threats 219
Understanding Operating System Hardening 220
Uninstall Unnecessary Software 221
Disable Unnecessary Services 224
Exercise 6-1: Disabling the Messenger Service 226Protect Management Interfaces and Applications 227Disable Unnecessary Accounts 228Patch System 229Password Protection 230
Contents XV
System Hardening Procedures 231
Network Security Hardening 231
Exercise 6-2: Hardening a Network Switch 234
Tools for System Hardening 236
Exercise 6-3: Creating a Security Template 240
Security Posture and Reporting 245
Establishing Application Security 247
Secure Coding Concepts 247
Application Hardening 249
Server Hardening Best Practices 252
All Servers 252
HTTP Servers 252
DNS Servers 253
Exercise 6-4: Limiting DNS Zone Transfers 254
DHCP Servers 255
SMTP Servers and FTP Servers 256
Mitigate Risks in Static Environments 256
/ Two-Minute Drill 260
Qi-iA Self Test 262
Self Test Answers 266
7 Implementing System Security 271
Implementing Personal Firewalls and HIDS 272
Personal Firewalls 272
Exercise 7-1: Configuring TCP Wrappers in Linux 282
Host-Based IDS 283
Protecting Against Malware 284
Patch Management 284
Using Antivirus and Anti-spam Software 290
Spyware and Adware 295
Phish Filters and Pop-up Blockers 296
Exercise 7-2: Manually Testing a Web Site for Phishing ...299
Practicing Good Habits 299
Device Security and Data Security 300
Hardware Security 300
Mobile Devices 300
Data Security 303
Exercise 7-3: Configuring Permissions in Windows 8 306
XVi CompTIA Security^ Certification Study Guide
Application Security and BYOD Concerns 314
Host-Based Security 317
Understanding Visualization and Cloud Computing 319
Visualization and Security 319
Cloud Computing Issues 321
/ Two-Minute Drill 324
(J«kA SelfTest 325
SelfTest Answers 328
8 Securing the Network Infrastructure 331
Understanding Firewalls 332
Firewalls 332
Using IPTables as a Firewall 337
Exercise 8-1: Configuring IPTables in Linux 338
Using Firewall Features on a Home Router 340
Proxy Servers 345Other Security Devices and Technologies 346
Using Intrusion Detection Systems 348IDS Overview 348Exercise 8-2: Using Snort—A Network-Based IDS 352
Honeypots and Honeynets 356
Protocol Analyzers 357Network Design and Administration Principles 358
Subnetting and VLANs 358Network Address Translation (NAT) 360Network Access Control (NAC) 362Network Administration Principles 363
Securing Devices365
/ Two-Minute Drill 368Q;kA SelfTest
370Self Test Answers
374
9 Wireless Networking and Security 379
Understanding Wireless Networking 380Standards
3gjChannels
3g3Antenna Types 334Authentication and Encryption 385
Contents XVII
Securing a Wireless Network 387
Security Best Practices 388
Vulnerabilities with Wireless Networks 394
Exerdse9Ji Cracking WEP with BackTrack 398
Perform a Site Survey 405
Configuring a Wireless Network 406
Configuring the Access Point 406
Configuring the Client 415
Infrared and Bluetooth 419
Infrared 419
Bluetooth 420
Near Field Communication 421
/ Two-Minute Drill 422
Q&A SelfTest 424
Self Test Answers 429
10 Authentication 433
Identifying Authentication Models 434
Authentication Terminology 434
Authentication Factors 435
Single Sign-on 437
Authentication Protocols 439
Windows Authentication Protocols 439
Remote Access Authentication 440
Authentication Services 442
Implementing Authentication 445
User Accounts 445
Tokens 446
Looking at Biometrics 447
Smartcard 448
/ Two-Minute Drill 451
QcsA SelfTest 452
Self Test Answers 455
11 Access Control 457
Introducing Access Control 458
Types of Security Controls 458
Implicit Deny 460
Review of Security Principles 461
XVlil CompTIA Security+ Certification Study Guide
Access Control Models462
Discretionary Access Control 462
Mandatory Access Control 464
Role-Based Access Control 466
Exercise I l-h Assigning a User the sysadmin Role 467
Rule-Based Access Control 468
Implementing Access Control 469
Using Security Groups469
Exercise 11-2: Configuring Security Groups
and Assigning Permissions 470
Rights and Privileges 471
Exercise 11 -3: Modifying User Rights
on a Windows System 472
Securing Files and Printers 474
Access Control Lists (ACLs) 475
Group Policies 477
Exercise 11 -4: Configuring Password
Policies via Group Policies 479
Account Restrictions 480
Account Policy Enforcement 483
Monitoring Account Access 484
•/ Two-Minute Drill 486
<.K-A SelfTest 487
Self Test Answers 490
12 Introduction to Cryptography 493
Introduction to Cryptography Services 494
Understanding Cryptography 494
Algorithms and Keys 497
Exercise 12-1: Encrypting Data with the Caesar Cipher ...498
Other Cryptography Terms 503
Symmetric Encryption 505
Symmetric Encryption Concepts 506
Symmetric Encryption Algorithms 507
Exercise 12-2: Encrypting Data with
the AES Algorithm 508
Asymmetric Encryption 509
Asymmetric Encryption Concepts 509
Asymmetric Encryption Algorithms 512
Contents xiX
Quantum Cryptography 513
In-Band vs. Out-of-Band Key Exchange 513
Understanding Hashing 513
Hashing Concepts 514
Hashing Algorithms 514
Exercise 12-3: Generating Hashes to Verify Integrity 516
Identifying Encryption Uses 518
Encrypting Data 518
Encrypting Communication 519
Understanding Steganography 523
/ Two-Minute Drill 525
Q;v \ Self Test 527
Self Test Answers 530
13 Managing a Public Key Infrastructure 533
Introduction to Public Key Infrastructure 534
Understanding PKI Terminology 534
Certificate Authority and Registration Authority 537
Repository 539
Managing a Public Key Infrastructure 539
Certificate Life Cycle 539
Certificate Revocation Lists and OSCP 540
Other PKI Terms 541
Implementing a Public Key Infrastructure 543
How SSL Works 544
How Digital Signatures Work 544
Creating a PKI 545
Exercise 13-1: Installing a Certificate Authority 546
Exercise 13-2: SSL-Enabling a Web Site 551
Managing a PKI 558
/ Two-Minute Drill 562
Q^.'v Self Test 563
Self Test Answers 566
14 Physical Security 569
Choosing a Business Location 571
Facility Concerns 571
Lighting and Windows 571
XX CompTIA Security* Certification Study Guide
Doors, Windows, and Walk 5?2
57?Safety Concerns JlJ
Physical Access Controls 574
ExeroseJ4dj Erasing the Administrator
Password with a Live CD 575
Fencing and Guards 578
Hardware Locks 580
Access Systems •
581
Other Security Controls -583
Physical Access Lists and Logs 58.3
Video Surveillance 584
Implementing Environmental Controls 586
Understanding HVAC >586
Shielding 587
Fire Suppression -587
/ Two-Minute Drill 590
Q^A SelfTest 591
Self Test Answers .595
15 Risk Analysts ,,,»,..«,«,.««.«»«..«••«».«».•«.««..•«».««»•»»•»»» 595
Introduction to Risk Analysis -600
Risk Analysts Overview ,
600
Risk Analysis Process 601
Risk with Qoad Computing and Third Parties 605
Types of Risk Analysts 608
Qualitative 608
E^roseJSM: Performing a Qualitative Risk Analysis 611
Quantitative 611
Exeiwe_t5.-1: Performing a Quantitative Risk Analysis ...613
Risk Mitigation Strategies 614
IxejciseJJ^Jj Identifying Mitigation Techniques 616
y Two-Minute Drill 618
Q6<A Self Test 619
Self Test Answers 622
16 Disaster Recovery and Business Continuity 425
Introduction to Disaster Recovery and Business Continuity 626Introduction to Business Continuity 626
Understanding Disaster Recovery 630
Contents XXI
Backing Up and Restoring Data 634
Security Considerations with Tapes 634
Full, Incremental, and Differential Backups 635
Scheduling Backups 638
Backup Plan Example 638
Exercise 16-1: Backing Up and Restoring
Data on a Windows Server 639
Implementing Fault Tolerance 643
RAID 0 644
RAID 1 647
RAID 5 650
Understanding High Availability 652
Clustering Services 653
Network Load Balancing 654
Redundant Hardware 655
/ Two-Minute Drill 657
Q&.A SelfTest 659
SelfTest Answers 663
17 Introduction to Computer Forensics 667
Working with Evidence 668
Types of Evidence 669
Collecting Evidence 669
Collecting Digital Evidence 673
Understanding the Process 673
Where to Find Evidence 679
Tools Used 680
Exercise 17-1: Using ProDiscover for Forensics Analysis ...
685
Exercise 17-2: Performing Cell Phone Forensics 691
Exercise 17-3: Looking at EXIF Metadata 696
Looking at Incident Response 697
Incident Response Team 697
First Responders 698
Damage and Loss Control 698
•/ Two-Minute Drill 702
Q&A Self Test 703
Self Test Answers 706
XXil CompTIA Security+ Certification Study Guide
18 Security Assessments and Audits 709
Understanding Types ofAssessments710
Assessment Types710
Assessment Techniques721
Performing a Security Assessment723
Performing a Penetration Test 724
ExercjseJJMj Profiling an Organization 726
Exercise 18-2: Using a Port Scanner 737
Performing a Vulnerability Assessment 743
Exercise 18-3: Performing a Vulnerability
Scan with LANguard 747
/ Two-Minute Drill 754
Q&A SelfTest 756
SelfTest Answers 760
19 Understanding Monitoring and Auditing 763
Introduction to Monitoring 764
Monitoring Tools 766
Useful System Commands 766
Performance Monitor 770
Protocol Analyzer and Sniffer 773
Exercise 19-1: Monitoring Network Traffic
with Network Monitor 773
Implementing Logging and Auditing 777
Understanding Auditing 777
Exercise 19-2: Implementing Auditing in Windows 783
Understanding Logging 784
Exercise 19-3: Configuring Logging in US 785
Exercise 19-4: Configuring the Windows Firewall 788
Popular Areas to Audit 790
'/ Two-Minute Drill 794
Q&A SelfTest 795
Self Test Answers 798
A About the CD-ROM 801
'ndex 805
Top Related