Security+ Guide to Network Security Fundamentals
Now in its third edition, the best-selling SECURITY+ GUIDE TO NETWORK SECURITY FUNDAMENTALS provides the most up-to-date industry information, reflecting the changes in security that have occurred since the most recent CompTIA Security+ objectives were created. The book covers all of the new CompTIA Security+ 2008 exam objectives and maps to the new Security+ 2008 exam. This updated edition features many all-new topics, including topics new to the CompTIA exams like cross site scripting, SQL injection, rootkits, and virtualization, as well as topics of increasing importance in the industry as a whole, like the latest breeds of attackers, Wi-Fi Protected Access 2, and Microsoft Windows Vista security.
Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.
What people are saying - Write a review
Rented from Amazon Kindle and used through the Google Chrome app: Cloud Reader (I don't own a kindle.) $19 for the semester, not a terrible deal. For an introductory book, looking at the prices people are paying for this is pretty bad. While it's up to date, I wish this book included better real world examples. A lot of students in my class walked away without the knowledge I thought should have been provided in a book that supposedly covers fundamentals.
Warning: this book contains huge inaccuracies, and highly obvious ones at that.
I was just Googling for information on a particular aspect of EFS, the file encryption system built into professional editions of Windows, when I happened to hit on this as a Google books result (specifically page 387). I don't have time to list all the issues, but there were plenty of problems, ranging from the silly to the very serious. There was approximately one serious misunderstanding every second paragraph.
Just as a sampler, I will give one that annoyed me the most (though the competition was fierce): the author claimed that "Windows EFS cannot protect against attacks that circumvent the Windows operating system", giving an example of someone using a Linux boot disc to view the contents of a hard drive. What he said applies to Windows security permissions on *unencrypted* files, but encrypted files are unreadable even from another OS -- that's the whole point of EFS! If only the author really understood EFS he could advise the reader how the private key, which encrypts all the EFS files, is itself encrypted: using the user's password. Then the user would know the real lesson is not "EFS is never really secure" but "EFS is only as secure as the user's password".
You may say, how can I write off this book from looking at just one page? Well the author didn't just make a slip here: here clearly had no idea what was going on, not just on EFS but on several issues, and instead of doing the necessary research he was happy to just guess. If someone cares so little about their audience that they're prepared to make stuff up -- stuff that's so simple that just a quick Google will fill in the blanks -- how can you trust anything they say?
Introduction to Security
Systems Threats and Risks
Network Vulnerabilities and Attacks
Wireless Network Security
Access Control Fundamentals
Security Policies and Training
CompTIA Security+ 2008 Examination Objectives
Security Web Sites
Selected TCPIP Ports and Their Threats
Sample Internet and EMail Acceptable Use Policy