Index_S

S

S/FTP (Secure FTP), 138

S-HTTP (Secure Hypertext Transport Protocol), 133, 371

S/MIME (Secure MIME), 368

SAM (Security Accounts Manager), 526

sandbox, 134, 526

SANS Institute, 480

scanning, 200–201, 526

scheduling changes, 471

screened host, 526

Secure Electronic Transaction (SET), 368, 368, 526

Secure FTP (S/FTP), 138

Secure Hash Algorithm (SHA), 319, 526

Secure Hypertext Transport Protocol (S-HTTP), 133, 371, 526

Secure MIME (S/MIME), 368

secure networks. See networks

Secure Shell. See SSH

Secure Socket Layer (SSL), 133, 365, 365, 526

secure web Internet connections, 133

Secure WLAN Protocol (SWP), 526

Security Accounts Manager (SAM), 526

security audit, 526

security baselines, 216–218

security concepts, 2–48. See also authentication; certificates

access control, 11–12, 259–266, 439–440

about, 259

biometrics, 265–266, 503

in cryptographic systems, 330–331

DAC, 12, 440, 506

defined, 11, 500

evaluating security systems, 264–265

MAC, 11, 62, 439–440

overview, 439

partitioning, 263–264, 264

perimeter security, 261–262, 261, 521

physical barriers for, 259, 260, 521

RBAC, 12, 440, 525

security zones, 262–263, 263

antivirus software, 11–12, 85–86, 501

authentication, 12–19

biometric devices, 18

certificates, 14, 15, 504

CHAP, 14, 14, 504

common protocols and services, 20–21

Kerberos, 16, 16, 515

multi-factor systems of, 17, 17, 19, 517

nonessential protocols and services, 21

overview, 12–13

security tokens, 15, 15, 527

setting up, 18–19

smart cards, 17, 18, 154, 383–384

username/password, 13

exam essentials, 38–40

information security, 2–9, 4

defined, 2–4, 513

management and policies, 6–9

operational security, 4, 5–6, 6, 520

physical security, 4–5, 4

prevention, detection, and response goals, 9–10

key terms, 40–41

overview, 36–38

review question answers, 47–48

review questions, 42–46

security topologies, 21–36

business requirements addressed when designing, 31–35, 33

design goals of, 22–34

NAT, 29, 29

security zones, 23–27, 25, 26, 27

tunneling, 29–30, 30

VLANs, 28, 28, 533

vulnerabilities, 35–36

Security Enhanced Linux (SELinux), 226

security logs, 88, 526

security management, 453–497. See also security policies and

procedures

best practices and documentation, 460–467

defined, 460, 503

designating areas of responsibility, 466

enforcing policies, 466–467

organizational security policies, 460–465

preventive security measures, 466

resource allocation, 465–466

change management, 467–474

change documentation, 464–465, 472–473, 504

change notification, 473–474

change staging, 471–472

justifying need for change, 469–470

overview, 467–468

scheduling changes, 471

sponsor, change agent, and target, 468–469

systematic change, 468

computer forensics, 454–460

chain of custody, 457–458

collection of evidence, 458–459, 505

methodology for investigations, 455–457

overview, 454–455

preservation of evidence, 458, 522

exam essentials, 488–489

exam objectives, 453

keeping pace with security standards, 476–482

areas of professional responsibility, 477–478

helpful websites, 479–480

trade publications, 480–481

key terms, 489–490

overview, 454, 486–488

privacy and security regulations, 482–486

Computer Fraud and Abuse Act, 483–484

Computer Security Act of 1987, 484

Cyber Security Enhancement Act, 485

Cyberspace Electronic Security Act, 484–485

FERPA, 484

Gramm Leach Bliley Act of 1999, 483, 510

HIPAA, 482–483, 511

international laws, 485–486

Patriot Act, 485

processes of, 460

review question answers, 496–497

review questions, 491–495

security awareness and education, 474–476

communications and awareness, 474–475

education, 475–476

security policies and procedures, 399–451

access control, 11–12, 259–266, 439–440

DAC, 12, 440, 506

MAC, 11, 62, 439–440

overview, 439

RBAC, 12, 440, 525

administrative, 7, 501

for business continuity, 401–420

disaster recovery, 405–420

emergency planning for utilities, 401–402

high availability, 402–405

business policies, 427–429

document disposal and destruction policies, 429

due care policies, 428

overview, 427

Physical Access Control policies, 428–429, 521

separation of duties, 428, 527

certificate policies, 429–431, 430

defined, 526

design requirements for security, 7

disaster recovery plans, 8, 8, 409–410

exam essentials, 441–443

exam objectives, 399–400

function of management and, 6–7

incident response policies, 431–432

information, 8

key terms, 443–444

overview, 279–280, 401, 440–441

personnel policies, 423–427

Acceptable Use policies, 425–426, 462–463, 500

background investigations, 427

ethics, 424–425

for hiring, 423–424

Need to Know policies, 426–427, 518

overview, 434

privacy and compartmentalized information policies, 426

termination policies, 424

privilege management, 432–439

auditing, 436–437, 437, 522

escalation audits, 438

privilege decision making, 435–436

reports to management, 439

single sign-on, 434–435, 435

usage auditing, 437–438

user and group role management, 432–433, 434

review question answers, 450–451

review questions, 445–449

security, 8

security policies, 8, 462

types of, 280–281

usage, 8

user management, 9

vendor support, 420–423

code escrow, 422–423, 505

overview, 421

service level agreements, 421–422

security professionals, 291–292, 526

security systems, evaluating, 264–265

security tokens, 15, 15, 527

security topologies, 21–36

business requirements addressed when designing, 31–35, 33

design goals of, 22–34

NAT, 29, 29

security zones, 23–27, 25, 26, 27

software and system vulnerabilities, 35–36

tunneling, 29–30, 30

VLANs, 28, 28, 533

security zones, 23–27, 25, 26, 27

access control with, 262–263, 263

defined, 23–24, 527

designing, 27

DMZ, 26, 27

extranets, 26, 26

Internet, 24–25, 25

intranet, 25, 25, 514

Security+ certification

about, xxii

advantages of, xxii–xxiii

Security+ exam, xxi–xlix

about the exam, xxiv

advantages of Security+ certification, xxii–xxiii

assessment test, xxxviii–xlv

assessment test answers, xlvi–xlix

how to prepare, xxi

testing providers for, xxiv

tips for taking, xxxvii

using CD and book, xxv–xxvi

weighting of exam objectives, xxvi–xxvii

segments, 527

SELinux (Security Enhanced Linux), 226

sensor, 176, 527

separation of duties, 428, 527

sequence number, 71–72, 71, 527

Sequenced Packet Exchange (SPX), 170, 527

Serial Line Internet Protocol (SLIP), 123, 527

server and client configuration, 527

server authentication, 122, 527

servers

backing up, 416–417, 416

change management

change documentation, 464–465, 472–473, 504

change notification, 473–474

change staging, 471–472

scheduling changes, 471

clustering in networked environment, 403, 403, 505

defined, 527

duplicate, 508

e-mail virus scanner on e-mail, 237

fail-over, 509

FTP function as, 137

hardening file and print, 240

illicit, 512

implementing secure, 217–218

preventing hijacking of SMTP relay, 136–137

proxy, 523

scheduling updates to, 473–474

securing connectivity of, 121

system recovery, 417–418

service accounts, 527

service level agreements (SLA), 421–422, 527

service packs, 232, 527

services

common, 20–21

defined, 527

nonessential, 21

session keys, 527

Session layer, 527–528

SET (Secure Electronic Transaction), 368, 368, 526

SHA (Secure Hash Algorithm), 319, 526

share-level security, 528

shielded twisted pair (STP) cables, 145–146, 145, 146, 528

shunning, 181

signal, 528

signal analysis/signal intelligence, 199–201

defined, 199

enumeration, 201

footprinting, 200, 238, 510

overview, 199–200

scanning, 200–201, 526

signal encoding, 528

signal method, 528

signed applets, 134–135, 528

SIM (Subscriber Identification Module), 269

Simple Mail Transfer Protocol (SMTP), 61, 129–130, 528

Simple Network Management Protocol (SNMP), 61, 139, 528

single loss expectancy (SLE), 470, 528

single sign-on (SSO), 434–435, 435, 528

site surveys, 196, 528

six-cartridge backup, 528

skipjack, 528

SLAs (service level agreements), 421–422, 527

SLE (single loss expectancy), 470, 528

SLIP (Serial Line Internet Protocol), 123, 527

smart cards, 17, 18, 154, 383–384

SMTP (Simple Mail Transfer Protocol), 61, 129–130, 528

SMTP relay, 136–137, 529

smurf attacks, 73–74, 74, 529

snapshot backups, 529

sniffers

10Base-T network with attached, 146, 146

about, 68–69, 118

active sniffing, 72

defined, 518, 529

FTP vulnerability to, 138

instant messaging vulnerability to, 198–199

vulnerability of coax to, 143

sniffing, 529

SNMP (Simple Network Management Protocol), 61, 139, 528

snooping, 51–52, 529

social engineering

defined, 86–87, 266–267, 529

impacts of, 318–319

sockets, 128, 529

software components and security, 105–106

software exploitation, 75–76, 529

software key storage and distribution, 377–378

spam

defined, 131, 529

getting mail addresses from newsgroups, 239

preventing, 235–236

spikes, 529

split-system key generation, 376

sponsors, 468–469

spoofing attacks, 56–57, 56, 529

SPX (Sequenced Packet Exchange), 170, 527

SQL Server, 244

SQL (Structured Query Language), 244

SSH (Secure Shell) protocol

connection process for, 369, 369

defined, 138, 526

as tunneling protocol, 126–127

SSL (Secure Socket Layer), 133, 365, 365, 526

SSO (single sign-on), 434–435, 435, 528

standards

communicating security, 481–482

cryptography protocols and, 358–373

CMP, 367, 367

common criteria, 371, 505

FIPS, 371, 510

HTTPS, 133, 371

IPSec, 371

ISAKMP, 366–367, 367

ISO 17799, 283–285, 372–373, 515

origins of encryption standards, 359–363

overview, 358–359

PGP encryption, 363, 370, 370, 522

PKIX/PKCS, 363–364

S-HTTP, 133, 371, 526

S/MIME, 368

SET, 368, 368, 526

SSH, 126–127, 138, 369, 369, 526

SSL, 133, 365, 365, 526

TLS, 365–366, 366

WEP, 195, 372

WTLS, 192, 192, 372

X.509 standard, 364–365, 430

encryption, 360–363

evaluating standards documents, 282

keeping pace with security, 476–478

overview, 279–280

standards documents, 281–282

working with policies, guidelines, and, 279–283

state table, 529

stateful inspection, 109–110

stateful packet filtering, 109–110, 529

static ARP table entry, 529

static routing, 530

status checking of suspended keys, 380

stealth ports, 530

stealth viruses, 80, 81, 530

steganography, 311, 312, 530

STP (shielded twisted pair) cables, 145–146, 145, 146, 528

strength, 325, 530

Structured Query Language (SQL), 244

Subscriber Identification Module (SIM), 269

subscribers, 430, 530

substitution ciphers, 311–312

surge protectors, 271, 530

switched, 530

switches, 112, 112

SWP (Secure WLAN Protocol), 526

Symantec Corporation, 479

symmetric algorithms, 320–322

symmetrical keys, 385, 385, 530

SYN flood, 530

system architecture, 464, 530

system logs, 463, 516

systematic change, 468



CompTIA Security+ Study Guide. Exam SY0-101
Security+ Study Guide
ISBN: 078214098X
EAN: 2147483647
Year: 2006
Pages: 167

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net