Title:
Security administrator street smarts : a real world guide to CompTIA Security+ skills
Personal Author:
Publication Information:
Indianapolis, IN : Wiley Pub., 2007
ISBN:
9780470102589
General Note:
Accompanied by study guides : CompTIA security + study guide (QA76.3 M543 2006) : Security + Fast Pass (QA76.3 M5433 2004)
Added Author:
Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
|---|---|---|---|---|---|
Searching... | 30000010160694 | QA76.3 M54 2007 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
Develop the skills you need in the real world
Hit the ground running with the street-smart training you'll find in this practical book. Using a "year in the life" approach, it gives you an inside look at the common responsibilities of security administrators, with key information organized around the actual day-to-day tasks, scenarios, and challenges you'll face in the field. This valuable training tool is loaded with hands-on, step-by-step exercises covering all phases of a security administrator's job, including:
Designing a secure network environment Creating and implementing standard security policies and practices Identifying insecure systems in current environment Providing training to on-site and remote usersAn invaluable study tool
This no-nonsense book also covers the common tasks that CompTIA expects all of its Security+ candidates to know how to perform. So whether you're preparing for certification or seeking practical skills to break into the field, you'll find the instruction you need, including:
Performing an initial risk assessment Installing, updating, and running anti-virus Encrypting files and securing e-mail Creating new user accounts Deploying IPSecThe Street Smarts series is designed to help current or aspiring IT professionals put their certification to work for them. Full of practical, real world scenarios, each book features actual tasks from the field and then offers step-by-step exercises that teach the skills necessary to complete those tasks. And because the exercises are based upon exam objectives from leading technology certifications, each Street Smarts book can be used as a lab manual for certification prep.
Author Notes
David R. Miller , Security+, CISSP, and MCSE: Security, is a network engineer and IT security and project management consultant. He has written numerous books, curriculum, and training videos on topics such as network and wireless security, penetration testing, CISSP, and Security+.
Michael Gregg , Security+, CISSP, and CIW Security Analyst, is the president of Superior Solutions, Inc., an IT security consulting firm that performs security assessments and penetration testing for Fortune 1000® firms. He also holds numerous other certifications including MCT, CTT+, A+, Network+, and CEH, among others.
Table of Contents
| Introduction | p. xix |
| Phase 1 The Grunt Work of Security | p. 1 |
| Task 1.1 Performing an Initial Risk Assessment | p. 2 |
| Scenario | p. 3 |
| Scope of Task | p. 3 |
| Procedure | p. 3 |
| Criteria for Completion | p. 8 |
| Task 1.2 Determining Which Security Policy Is Most Important | p. 8 |
| Scenario | p. 8 |
| Scope of Task | p. 9 |
| Procedure | p. 9 |
| Criteria for Completion | p. 12 |
| Task 1.3 Establishing a User Awareness Program | p. 13 |
| Scenario | p. 13 |
| Scope of Task | p. 13 |
| Procedure | p. 14 |
| Criteria for Completion | p. 16 |
| Task 1.4 Reviewing a Physical Security Checklist | p. 16 |
| Scenario | p. 16 |
| Scope of Task | p. 16 |
| Procedure | p. 17 |
| Criteria for Completion | p. 19 |
| Task 1.5 Understanding the Value of Documents | p. 19 |
| Scenario | p. 19 |
| Scope of Task | p. 19 |
| Procedure | p. 20 |
| Criteria for Completion | p. 22 |
| Phase 2 Hardening Systems | p. 23 |
| Task 2.1 Managing Services | p. 24 |
| Scenario | p. 25 |
| Scope of Task | p. 25 |
| Procedure | p. 26 |
| Criteria for Completion | p. 39 |
| Task 2.2 Managing Ports | p. 39 |
| Scenario | p. 39 |
| Scope of Task | p. 40 |
| Procedure | p. 40 |
| Criteria for Completion | p. 50 |
| Task 2.3 Patching the Operating System | p. 51 |
| Scenario | p. 51 |
| Scope of Task | p. 51 |
| Procedure | p. 51 |
| Criteria for Completion | p. 67 |
| Task 2.4 Security Templates | p. 67 |
| Scenario | p. 67 |
| Scope of Task | p. 68 |
| Procedure | p. 68 |
| Criteria for Completion | p. 77 |
| Task 2.5 Securing Autoruns | p. 77 |
| Scenario | p. 77 |
| Scope of Task | p. 78 |
| Procedure | p. 78 |
| Criteria for Completion | p. 87 |
| Phase 3 Protecting Against Malware | p. 89 |
| Task 3.1 Installing, Updating, and Running Antivirus Software | p. 90 |
| Scenario | p. 91 |
| Scope of Task | p. 91 |
| Procedure | p. 91 |
| Criteria for Completion | p. 96 |
| Task 3.2 Using a Rootkit Checker | p. 96 |
| Scenario | p. 97 |
| Scope of Task | p. 97 |
| Procedure | p. 97 |
| Criteria for Completion | p. 102 |
| Task 3.3 Using Adware Checker | p. 102 |
| Scenario | p. 102 |
| Scope of Task | p. 103 |
| Procedure | p. 103 |
| Criteria for Completion | p. 106 |
| Task 3.4 Using Spyware Checker | p. 106 |
| Scenario | p. 106 |
| Scope of Task | p. 107 |
| Procedure | p. 107 |
| Criteria for Completion | p. 110 |
| Phase 4 Secure Storage | p. 111 |
| Task 4.1 The Encrypting File System | p. 112 |
| Scenario | p. 112 |
| Scope of Task | p. 113 |
| Procedure | p. 113 |
| Criteria for Completion | p. 127 |
| Task 4.2 EFS Data Recovery | p. 127 |
| Scenario | p. 127 |
| Scope of Task | p. 127 |
| Procedure | p. 128 |
| Criteria for Completion | p. 131 |
| Task 4.3 Implementing Syskey | p. 131 |
| Scenario | p. 132 |
| Scope of Task | p. 132 |
| Procedure | p. 132 |
| Criteria for Completion | p. 134 |
| Task 4.4 Converting FAT to NTFS | p. 134 |
| Scenario | p. 135 |
| Scope of Task | p. 135 |
| Procedure | p. 136 |
| Criteria for Completion | p. 145 |
| Task 4.5 Implementing Disk Fault Tolerance with Raid | p. 145 |
| Scenario | p. 146 |
| Scope of Task | p. 146 |
| Procedure | p. 146 |
| Criteria for Completion | p. 151 |
| Task 4.6 Backing Up Data | p. 151 |
| Scenario | p. 152 |
| Scope of Task | p. 152 |
| Procedure | p. 152 |
| Criteria for Completion | p. 160 |
| Task 4.7 Restoring Data from a Backup | p. 161 |
| Scenario | p. 161 |
| Scope of Task | p. 161 |
| Procedure | p. 162 |
| Criteria for Completion | p. 166 |
| Task 4.8 Securing Shares | p. 167 |
| Scenario | p. 167 |
| Scope of Task | p. 167 |
| Procedure | p. 168 |
| Criteria for Completion | p. 177 |
| Phase 5 Managing User Accounts | p. 179 |
| Task 5.1 Creating User Accounts | p. 180 |
| Scenario | p. 180 |
| Scope of Task | p. 181 |
| Procedure | p. 181 |
| Criteria for Completion | p. 187 |
| Task 5.2 Implementing the Password Policy | p. 187 |
| Scenario | p. 187 |
| Scope of Task | p. 187 |
| Procedure | p. 188 |
| Criteria for Completion | p. 192 |
| Task 5.3 Auditing Logons | p. 192 |
| Scenario | p. 192 |
| Scope of Task | p. 192 |
| Procedure | p. 193 |
| Criteria for Completion | p. 199 |
| Task 5.4 Securing the Default User Accounts | p. 200 |
| Scenario | p. 200 |
| Scope of Task | p. 200 |
| Procedure | p. 201 |
| Criteria for Completion | p. 208 |
| Task 5.5 Implementing a Deny Group | p. 208 |
| Scenario | p. 208 |
| Scope of Task | p. 208 |
| Procedure | p. 209 |
| Criteria for Completion | p. 214 |
| Phase 6 Network Security | p. 215 |
| Task 6.1 Deploying IPSec | p. 217 |
| Scenario | p. 217 |
| Scope of Task | p. 217 |
| Procedure | p. 218 |
| Criteria for Completion | p. 221 |
| Task 6.2 Configuring the VPN Server | p. 221 |
| Scenario | p. 222 |
| Scope of Task | p. 222 |
| Procedure | p. 223 |
| Criteria for Completion | p. 228 |
| Task 6.3 Configuring the VPN Client | p. 228 |
| Scenario | p. 228 |
| Scope of Task | p. 228 |
| Procedure | p. 229 |
| Criteria for Completion | p. 233 |
| Task 6.4 Implementing Secure Remote Administration | p. 233 |
| Scenario | p. 233 |
| Scope of Task | p. 233 |
| Procedure | p. 234 |
| Criteria for Completion | p. 240 |
| Task 6.5 Secure Administration Using Run As | p. 241 |
| Scenario | p. 242 |
| Scope of Task | p. 242 |
| Procedure | p. 242 |
| Criteria for Completion | p. 247 |
| Task 6.6 Configuring a Packet Filter | p. 247 |
| Scenario | p. 247 |
| Scope of Task | p. 248 |
| Procedure | p. 248 |
| Criteria for Completion | p. 252 |
| Task 6.7 Implementing 802.11 Wireless Security | p. 252 |
| Scenario | p. 253 |
| Scope of Task | p. 253 |
| Procedure | p. 253 |
| Criteria for Completion | p. 264 |
| Phase 7 Securing Internet Activity | p. 265 |
| Task 7.1 Configuring Internet Access | p. 266 |
| Scenario | p. 267 |
| Scope of Task | p. 267 |
| Procedure | p. 267 |
| Criteria for Completion | p. 270 |
| Task 7.2 Using Internet Explorer Security Zones | p. 270 |
| Scenario | p. 270 |
| Scope of Task | p. 270 |
| Procedure | p. 271 |
| Criteria for Completion | p. 274 |
| Task 7.3 Configuring IE for Secure Use of Cookies | p. 274 |
| Scenario | p. 274 |
| Scope of Task | p. 274 |
| Procedure | p. 275 |
| Criteria for Completion | p. 276 |
| Task 7.4 Using Internet Connection Sharing | p. 276 |
| Scenario | p. 276 |
| Scope of Task | p. 276 |
| Procedure | p. 277 |
| Criteria for Completion | p. 280 |
| Task 7.5 Securing E-mail | p. 281 |
| Scenario | p. 281 |
| Scope of Task | p. 281 |
| Procedure | p. 282 |
| Criteria for Completion | p. 285 |
| Task 7.6 Spam Management | p. 286 |
| Scenario | p. 286 |
| Scope of Task | p. 286 |
| Procedure | p. 286 |
| Criteria for Completion | p. 290 |
| Task 7.7 Installing and Using a Digital Certificate | p. 290 |
| Scenario | p. 290 |
| Scope of Task | p. 291 |
| Procedure | p. 291 |
| Criteria for Completion | p. 294 |
| Task 7.8 Certificate Backup and Management | p. 294 |
| Scenario | p. 294 |
| Scope of Task | p. 294 |
| Procedure | p. 295 |
| Criteria for Completion | p. 298 |
| Task 7.9 Performing Secure File Exchange | p. 298 |
| Scenario | p. 298 |
| Scope of Task | p. 299 |
| Procedure | p. 299 |
| Criteria for Completion | p. 303 |
| Task 7.10 Validating Downloads and Checking the Hash | p. 303 |
| Scenario | p. 303 |
| Scope of Task | p. 304 |
| Procedure | p. 304 |
| Criteria for Completion | p. 306 |
| Phase 8 Security Testing | p. 307 |
| Task 8.1 Penetration Testing with Nessus | p. 308 |
| Scenario | p. 308 |
| Scope of Task | p. 309 |
| Procedure | p. 309 |
| Criteria for Completion | p. 313 |
| Task 8.2 Penetration Testing with Retina | p. 314 |
| Scenario | p. 314 |
| Scope of Task | p. 314 |
| Procedure | p. 314 |
| Criteria for Completion | p. 319 |
| Task 8.3 Performing Assessments with Microsoft Baseline Security Analyzer | p. 320 |
| Scenario | p. 320 |
| Scope of Task | p. 320 |
| Procedure | p. 320 |
| Criteria for Completion | p. 323 |
| Task 8.4 Performing Security Assessments with HFNetChk | p. 323 |
| Scenario | p. 324 |
| Scope of Task | p. 324 |
| Procedure | p. 324 |
| Criteria for Completion | p. 326 |
| Task 8.5 Performing Internet Vulnerability Profiling | p. 326 |
| Scenario | p. 327 |
| Scope of Task | p. 327 |
| Procedure | p. 327 |
| Criteria for Completion | p. 331 |
| Phase 9 Investigating Incidents | p. 333 |
| Task 9.1 Configuring an Audit Policy for Object Access | p. 335 |
| Scenario | p. 335 |
| Scope of Task | p. 335 |
| Procedure | p. 336 |
| Criteria for Completion | p. 345 |
| Task 9.2 Reviewing the Audit Logs | p. 345 |
| Scenario | p. 345 |
| Scope of Task | p. 345 |
| Procedure | p. 346 |
| Criteria for Completion | p. 354 |
| Task 9.3 Forcing a Memory Dump | p. 354 |
| Scenario | p. 354 |
| Scope of Task | p. 354 |
| Procedure | p. 355 |
| Criteria for Completion | p. 362 |
| Task 9.4 Capturing Packets with the Packet Analyzer: Ethereal | p. 362 |
| Scenario | p. 363 |
| Scope of Task | p. 364 |
| Procedure | p. 364 |
| Criteria for Completion | p. 372 |
| Task 9.5 Recovering Previous Versions of Files | p. 372 |
| Scenario | p. 373 |
| Scope of Task | p. 373 |
| Procedure | p. 373 |
| Criteria for Completion | p. 387 |
| Phase 10 Security Troubleshooting | p. 389 |
| Task 10.1 Booting into Safe Mode | p. 391 |
| Scenario | p. 391 |
| Scope of Task | p. 391 |
| Procedure | p. 392 |
| Criteria for Completion | p. 395 |
| Task 10.2 Implementing Last Known Good Configuration | p. 395 |
| Scenario | p. 395 |
| Scope of Task | p. 395 |
| Procedure | p. 396 |
| Criteria for Completion | p. 398 |
| Task 10.3 Using System Restore | p. 398 |
| Scenario | p. 399 |
| Scope of Task | p. 399 |
| Procedure | p. 399 |
| Criteria for Completion | p. 405 |
| Task 10.4 Sanitizing Media | p. 406 |
| Scenario | p. 406 |
| Scope of Task | p. 406 |
| Procedure | p. 407 |
| Criteria for Completion | p. 410 |
| Index | p. 411 |
