Security+ Guide to Network Security Fundamentals

Front Cover
Cengage Learning, Nov 11, 2008 - Computers - 640 pages
3 Reviews
Now in its third edition, the best-selling SECURITY+ GUIDE TO NETWORK SECURITY FUNDAMENTALS provides the most up-to-date industry information, reflecting the changes in security that have occurred since the most recent CompTIA Security+ objectives were created. The book covers all of the new CompTIA Security+ 2008 exam objectives and maps to the new Security+ 2008 exam. This updated edition features many all-new topics, including topics new to the CompTIA exams like cross site scripting, SQL injection, rootkits, and virtualization, as well as topics of increasing importance in the industry as a whole, like the latest breeds of attackers, Wi-Fi Protected Access 2, and Microsoft Windows Vista security.
Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.
  

What people are saying - Write a review

User Review - Flag as inappropriate

Rented from Amazon Kindle and used through the Google Chrome app: Cloud Reader (I don't own a kindle.) $19 for the semester, not a terrible deal. For an introductory book, looking at the prices people are paying for this is pretty bad. While it's up to date, I wish this book included better real world examples. A lot of students in my class walked away without the knowledge I thought should have been provided in a book that supposedly covers fundamentals. 

User Review - Flag as inappropriate

Warning: this book contains huge inaccuracies, and highly obvious ones at that.
I was just Googling for information on a particular aspect of EFS, the file encryption system built into professional
editions of Windows, when I happened to hit on this as a Google books result (specifically page 387). I don't have time to list all the issues, but there were plenty of problems, ranging from the silly to the very serious. There was approximately one serious misunderstanding every second paragraph.
Just as a sampler, I will give one that annoyed me the most (though the competition was fierce): the author claimed that "Windows EFS cannot protect against attacks that circumvent the Windows operating system", giving an example of someone using a Linux boot disc to view the contents of a hard drive. What he said applies to Windows security permissions on *unencrypted* files, but encrypted files are unreadable even from another OS -- that's the whole point of EFS! If only the author really understood EFS he could advise the reader how the private key, which encrypts all the EFS files, is itself encrypted: using the user's password. Then the user would know the real lesson is not "EFS is never really secure" but "EFS is only as secure as the user's password".
You may say, how can I write off this book from looking at just one page? Well the author didn't just make a slip here: here clearly had no idea what was going on, not just on EFS but on several issues, and instead of doing the necessary research he was happy to just guess. If someone cares so little about their audience that they're prepared to make stuff up -- stuff that's so simple that just a quick Google will fill in the blanks -- how can you trust anything they say?
 

Contents

Introduction to Security
1
Systems Threats and Risks
39
Protecting Systems
79
Network Vulnerabilities and Attacks
119
Network Defenses
153
Wireless Network Security
189
Access Control Fundamentals
225
Authentication
265
Basic Cryptography
365
Applying Cryptography
399
Business Continuity
439
Security Policies and Training
477
CompTIA Security+ 2008 Examination Objectives
509
Security Web Sites
517
Selected TCPIP Ports and Their Threats
523
Sample Internet and EMail Acceptable Use Policy
527

Performing Vulnerability Assessments
301
Conducting Security Audits
331

Common terms and phrases

About the author (2008)

Mark Ciampa, Ph.D., is associate professor of computer information systems at Western Kentucky University in Bowling Green, Kentucky. Previously, he served as associate professor and director of academic computing for 20 years at Volunteer State Community College in Gallatin, Tennessee. Dr. Ciampa has worked in the IT industry as a computer consultant for the U.S. Postal Service, the Tennessee Municipal Technical Advisory Service, and the University of Tennessee. He is also the author of many Cengage/Course Technology textbooks, including SECURITY+ GUIDE TO NETWORK SECURITY FUNDAMENTALS, SECURITY AWARENESS: APPLYING PRACTICAL SECURITY IN YOUR WORLD, CWNA GUIDE TO WIRELESS LANS, CWSP GUIDE TO WIRELESS SECURITY, GUIDE TO WIRELESS COMMUNICATIONS, and NETWORKING BASICS. He holds a Ph.D. in digital communication systems from Indiana State University.

Bibliographic information