About the Book
Essential Skills for a Successful IT Security CareerLearn the fundamentals of computer and information security while getting complete coverage of all the objectives for the latest release of the CompTIA Security+ certification exam. This up-to-date, full-color guide discusses communication, infrastructure, operational security, attack prevention, disaster recovery, computer forensics, and much more. Written and edited by leaders in the field, Principles of Computer Security: CompTIA Security+ and Beyond, Third Edition will help you pass CompTIA Security+ exam SY0-301 and become an IT security expert. From McGraw-Hill—a Gold-Level CompTIA Authorized Partner, this book offers Official CompTIA Approved Quality Content.
Find out how to:
Ensure operational, organizational, and physical securityUse cryptography and public key infrastructures (PKIs)Secure remote access, wireless, and virtual private networks (VPNs)Harden network devices, operating systems, and applicationsDefend against network attacks, such as denial of service, spoofing, hijacking, and password guessingCombat viruses, worms, Trojan horses, logic bombs, time bombs, and rootkitsManage e-mail, instant messaging, and web securityUnderstand secure software development requirementsEnable disaster recovery and business continuityImplement risk, change, and privilege management measuresHandle computer forensics and incident responseUnderstand legal, ethical, and privacy issues
The CD-ROM features:
Two full practice examsPDF copy of the book
Each chapter includes:
Learning objectivesPhotographs and illustrationsReal-world examplesTry This! and Cross Check exercisesKey terms highlightedTech Tips, Notes, and WarningsExam TipsEnd-of-chapter quizzes and lab projects
Table of Contents:
Chapter 1: Introduction and Security Trends
Chapter 2: General Security Concepts
Chapter 3: Operational/Organizational Security
Chapter 4: The Role of People in Security
Chapter 5: Cryptography
Chapter 6: Public Key Infrastructure
Chapter 7: Standards and Protocols
Chapter 8: Physical Security
Chapter 9: Network Fundamentals
Chapter 10: Infrastructure Security
Chapter 11: Authentication and Remote Access
Chapter 12: Wireless
Chapter 13: Intrusion Detection Systems and Network Security
Chapter 14: Baselines
Chapter 15: Types of Attacks and Malicious Software
Chapter 16: E-mail and Instant Messaging
Chapter 17: Web Components
Chapter 18: Secure Software Development
Chapter 19: Disaster Recovery, Business Continuity, and Organizational Policies
Chapter 20: Risk Management
Chapter 21: Change Management
Chapter 22: Privilege Management
Chapter 23: Computer Forensics
Chapter 24: Legal Issues and Ethics
Chapter 25: Privacy
Appendix A: Objective Map
Appendix B: About the CD
Glossary
Index
About the Author :
Wm. Arthur Conklin (Houston, TX), Security+, CISSP, is an Assistant Professor in the Information and Logistics Technology department at the University of Houston. In addition to his PhD, Mr. Conklin has a MBA from UTSA, and two graduate degrees in Electrical Engineering from the Naval Postgraduate School in Monterey, California. Dr. Conklins interests are information security, systems theory, and secure software design.
Greg White (San Antonio, TX), Security+, CISSP, is an Associate Professor in the Department of Computer Science at the University of Texas at San Antonio. Dr. White is the Director of the Center for Infrastructure Assurance and Security at UTSA, and was the author of the first edition of the Security+ All-in-One Exam Guide from McGraw-Hill.
Roger L. Davis is a Senior Internal Audit Manager at NuSkin Enterprises and is responsible for evaluating global business operations in over 35 countries. He is a retired Air Force Colonel with over 20 years of military and information security experience. Mr. Davis is a Certified Information Systems Security Professional (CISSP) and holds a Masters Degree in Computer Science from George Washington University.
Chuck Cothren is a Research Scientist at University of Texas at San Antonio (UTSA) Center for Infrastructure Assurance and Security (CIAS) and currently serves on the Information Security Associations Alamo Chapter Board of Directors. Mr. Cothren has a wide array of security experience including performing controlled penetration testing, network security policies, computer intrusion forensics, and computer training. He is a Certified Information Systems Security Professional (CISSP) and has co-authored other McGraw-Hill/Osborne titles. Mr. Cothren holds a B.S. in Industrial Distribution from Texas A&M University.
Corey D. Schou, Ph.D., is the University Professor of Informatics and the Associate Dean of the College of Business at Idaho State University. He has been involved in establishing computer security and information assurance training and standards for 25 years. His research interests include information assurance, ethics, privacy, and collaborative decision making. He was responsible for compiling and editing computer security standards and training materials for the Committee on National Security Systems (CNSS). Throughout his career, Dr. Schou has remained an active classroom teacher despite his research and service commitments. He is the founding director of the Informatics Research Institute and the National Information Assurance Training and Education Center (NIATEC) that was designated the National Center of Excellence in Information Assurance Education. In 1996, his research center was cited by the Information Systems Security Association (ISSA) for Outstanding Contributions to the Security Profession and he was selected as the Educator of the Year by the Federal Information Systems Security Educators Association (FISSEA). In 1997, the Masie Institute and TechLearn Consortium recognized his contributions to distance education. In 2001, Dr. Schou was honored by the International Information Systems Security Certification Consortium [(ISC)2] with the Tipton award for his work in professionalization of computer security and his development of the generally accepted common body of knowledge (CBK) used in the certification of information assurance professionals. Dr. Schou serves as the chair of the Colloquium for Information Systems Security Education (CISSE). Under his leadership, the Colloquium creates an environment for exchange and dialogue among leaders in government, industry, and academia concerning information security and information assurance education. In addition, he is the editor of Information Systems Security and serves on the board of several professional organizations.
