ExamInsight For Exam SY0-101 -- About the Authors -- Contributing Authors and Editors -- About the Book -- Other Resources -- Table of Contents -- Frequently Asked Questions -- Preface and Acknowledgments -- How To Read This Book -- Icon Alerts -- Security+ 2002 Exam Specifics -- Introduction -- Chapter 0000: Read.Me -- The biggest challenge in security is people5. -- 0.1You're saved….If -- 0.2Hacker vs. Cracker -- 0.3Security Tao -- 0.4Security Checklist -- 0.5Security -- Technical Oxymoron -- 0.6Resources -- 0.7SpyWare -- 0.8Summary -- Chapter 0001: Domain 1.0: -- General Security Concepts (30%) -- Getting Ready - Questions -- Getting Ready - Answers -- 1.0 General Security Concepts -- 1.1 Access Control -- 1.1.1 MAC/DAC/RBAC -- Mandatory Access Control -- Discretionary Access Control -- Role-Based Access Control -- 1.2 Authentication -- 1.2.1 Kerberos -- How does Kerberos authentication work? -- 1.2.2 CHAP -- 1.2.3 Certificates -- 1.2.4 Username/Password -- 1.2.5 Tokens -- 1.2.6 Multi-Factor -- 1.2.7 Mutual Authentication -- 1.2.8 Biometrics -- 1.3 Non-essential Services and Protocols -- -- Pop Quiz 0000.00 -- 1.4 Attacks -- 1.4.1 DoS/DDoS -- An early DDoS attack -- How and why do these attacks work? -- What can I do? -- 1.4.2 Backdoors -- What's a Rootkit? -- How do backdoors get onto a system? -- How do we stop back doors? -- 1.4.3 Spoofing -- How TCP/IP permits spoofing -- Problem #1 -- Problem #2 - -- Types of spoofing -- How can we protect our network from spoofing? -- 1.4.4 Man in the Middle -- 1.4.5 Replay -- 1.4.6 TCP/IP Hijacking -- 1.4.7 Weak Keys -- 1.4.8 Mathematical -- 1.4.9 Social Engineering -- 1.4.10 Birthday -- 1.4.11 Password Guessing -- 1.4.11.1 Brute Force -- 1.4.11.2 Dictionary -- 1.4.12 Software Exploitation -- Buffer overflows -- Naïve web applications -- 1.5 Malicious Code -- 1.5.1 Viruses -- 1.5.2 Trojan Horses.

1.5.3 Logic Bombs -- 1.5.4 Worms -- 1.6 Social Engineering -- -- Pop Quiz 0001.00 -- 1.7 Auditing -- -- Configuration and Log Analysis -- System/Network Scanning -- 1.8 Summary -- 1.9Success Questions -- Success Answers -- Chapter 0010: Domain 2.0: -- Communication Security (20%) -- Getting Ready - Questions -- Getting Ready - Answers -- 2.0 Communication Security -- 2.1 Remote Access -- 2.1.1 802.1X -- Why is 802.1X needed? -- What is 802.1X? -- 2.1.2 VPN -- 2.1.3 RADIUS -- 2.1.4 TACACS/XTACACS/TACACS+ -- 2.1.5 L2TP/PPTP -- PPTP -- TCP/IP Background Information -- L2TP -- 2.1.6 SSH -- 2.1.7 IPSEC -- IPSec packet types -- Transport and Tunnel Modes of IPSec -- IPSec and Encryption -- IPSec vs. DoS Attacks -- IPSec Interoperability -- 2.1.8 Vulnerabilities -- 2.2 Email -- 2.2.1 S/MIME -- 2.2.2 PGP -- 2.2.3 Vulnerabilities -- Message privacy -- Header privacy -- Message forgery -- Password security -- Client-side issues -- Implementation flaws -- 2.2.3.1 Spam -- 2.2.3.2 Hoaxes -- Pop Quiz 0010.00 -- 2.3 Web -- 2.3.1 SSL/TLS -- SSL -- TLS -- 2.3.2 HTTP/S -- HTTP -- HTTPS -- S-HTTP -- 2.3.3 Instant Messaging -- 2.3.3.1 Vulnerabilities -- Message Privacy -- Malicious Code -- Unauthorized Use of Internet IM -- Lack of User Authentication -- Lack of Logging and Audit Trails -- Software Flaws -- 2.3.3.2 - 8.3 Naming Conventions -- 2.3.3.3 Packet Sniffing -- 2.3.3.4 Privacy -- 2.3.4 Vulnerabilities -- Logging and Privacy -- Dependence on "Security through Obscurity" -- Web Pages that Show Up Everywhere -- Software Flaws -- 2.3.4.1 Java Script -- 2.3.4.2 ActiveX -- 2.3.4.3 Buffer Overflows -- How do they work? -- How are they exploited? -- Why do they occur? -- How to avoid them? -- 2.3.4.4 Cookies -- Cookies and Privacy -- Using cookies for authentication -- 2.3.4.5 Signed Applets -- 2.3.4.6 CGI -- 2.3.4.7 SMTP Relay -- Why are SMTP Relays needed?.

What are the security implications? -- 2.4 Directory -- 2.4.1 SSL/TLS -- 2.4.2 LDAP -- 2.5 File Transfer -- 2.5.1 S/FTP -- 2.5.2 Blind FTP/Anonymous -- Blind FTP -- Anonymous FTP -- 2.5.3 File sharing -- 2.5.4 Vulnerabilities -- 2.5.4.1 Packet Sniffing -- 2.6 Wireless -- 2.6.1 WTLS -- 2.6.2 802.11x -- What info do you need to join an 802.11 LAN? -- 2.6.3 WEP/WAP -- WEP -- WAP -- 2.6.4 Vulnerabilities -- Shielding issues -- Unauthorized access -- More 802.11b Lockdown Tips -- 802.11a -- 2.6.4.1 Site Surveys -- 2.7 Summary -- 2.8Success Questions -- Chapter 0011: Domain 3.0: -- Infrastructure Security (20%) -- Getting Ready - Questions Answers -- Getting Ready - Answers -- 3.0 Infrastructure Security -- 3.1 Devices -- 3.1.1 Firewalls -- Application-level Firewalls -- Network-level Firewalls -- Personal Firewalls -- If we buy it, will it protect us? -- 3.1.2 Routers -- Security issues with routers -- 3.1.3 Switches -- Security issues with switches -- 3.1.4 Wireless -- Security issues with Wireless -- 3.1.5 Modems -- Security issues with modems -- 3.1.6 RAS -- 3.1.7 Telecom/PBX -- Security issues with Telecom/PBX -- 3.1.8 VPN -- Advantages of VPN's -- Security issues with VPN's -- 3.1.9 IDS -- Where on the network should the IDS go? -- How does an IDS work? -- IDS. Which one should I get? -- Security issues with IDS -- 3.1.10 Network Monitoring/Diagnostic -- Security issues with network monitoring tools -- SNMP -- 3.1.11 Workstations -- Security issues with workstations -- 3.1.12 Servers -- Security issues with servers -- 3.1.13 Mobile Devices -- Security issues with mobile devices -- 3.2 Media -- 3.2.1 Coax -- Security issues with coax -- 3.2.2 UTP/STP -- Security issues with UTP/STP -- 3.2.3 Fiber -- 3.2.4 Removable media -- Security issues with removable media -- 3.2.4.1 Tape -- Security issues with tape -- 3.2.4.2 CDR -- Security issues with CDR.

3.2.4.3 Hard drives -- Security issues with hard drives -- 3.2.4.4 Diskettes -- Security issues with diskettes -- 3.2.4.5 Flashcards -- Security issues with flashcards -- 3.2.4.6 Smartcards -- Security issues with smartcards -- 3.3 Security Topologies -- 3.3.1 Security Zones -- 3.3.1.1 DMZ -- What services should be run in the DMZ? -- What services should NOT be in the DMZ? -- Using multiple DMZ's -- Security and DMZ's -- 3.3.1.2 Intranet -- 3.3.1.3 Extranet -- 3.3.2 VLANs -- 3.3.3 NAT -- Types of NAT -- Why use NAT? -- 3.3.4 Tunneling -- Examples of tunneling -- Pop Quiz 0011.00 -- 3.4 Intrusion Detection -- -- IDS standards -- 3.4.1 Network Based -- NIDS architecture -- NIDS considerations, pros and cons -- 3.4.1.1 Active Detection -- 3.4.1.2 Passive Detection -- 3.4.2 Host Based -- HIDS architecture -- HIDS considerations, pros and cons -- 3.4.2.1 Active Detection -- 3.4.2.2 Passive Detection -- 3.4.3 Honey pots -- Legal issues around honey pots -- 3.4.4 Incident Response -- Role of IDS in Incident Response -- Six-step Incident Response process -- Reporting incidents to third parties -- 3.5 Security Baselines -- -- Automatic enforcement of baselines -- Implementing baseline recommendations -- 3.5.1 OS/NOS Hardening -- Some areas to look at when hardening an OS -- User accounts -- Installed options -- Available services -- OS configuration -- 3.5.1.1 File System -- Windows/NTFS -- UNIX/Linux -- 3.5.1.2 Updates -- Where to find updates -- Types of updates -- 3.5.2 Network Hardening -- 3.5.2.1 Updates (Firmware) -- 3.5.2.2 Configuration -- 3.5.2.2.1 Enabling and Disabling Services and Protocols -- 3.5.2.2.2 Access control lists -- 3.5.3 Application Hardening -- Network applications -- 3.5.3.1 Updates -- 3.5.3.2 Web Servers -- Hardening web server software -- Hardening third-party server applications -- Hardening custom applications.

So, you think you've got it locked down? -- 3.5.3.3 Email Servers -- Hardening email servers -- 3.5.3.4 FTP Servers -- Security-related aspects of FTP -- Securing your FTP server -- 3.5.3.5 DNS -- DNS Servers -- DNS security issues -- 3.5.3.6 NNTP Servers -- NNTP Server security issues -- 3.5.3.7 File/Print Servers -- How "share" permissions are applied -- 3.5.3.8 DHCP Servers -- DHCP security issues -- 3.5.3.9 Data Repositories -- 3.5.3.9.1 Directory Services -- Lightweight Directory Access Protocol (LDAP) -- Directory Services security issues -- 3.5.3.9.2 Databases -- Database security issues -- 3.6 Summary -- 3.7Success Questions -- Success Answers -- Chapter 0100: Domain 04: -- Basics of Cryptography (15%) -- Getting Ready - Questions -- Getting Ready - Answers -- 4.0 Basics of Cryptography -- 4.1 Algorithms -- 4.1.1 Hashing -- Message Digest as a message fingerprint -- 4.1.2 Symmetric -- Types of Symmetric algorithms -- Security issues with symmetric cryptography -- 4.1.3 Asymmetric -- Asymmetric cryptography algorithms -- How is asymmetric cryptography used? -- 4.2 Concepts of using cryptography -- 4.2.1 Confidentiality -- 4.2.2 Integrity -- 4.2.2.1 Digital Signatures -- Using Digital Signatures -- Signatures and non-confidential messages -- 4.2.3 Authentication -- 4.2.4 Non-Repudiation -- 4.2.4.1 Digital Signatures -- 4.2.5 Access Control -- 4.3PKI -- 4.3.1 Certificates -- Certificate Authorities \(CA's\) -- 4.3.1.1 Certificate Policies -- 4.3.1.2 Certificate Practice Statements -- 4.3.2 Revocation -- 4.3.3 Trust Models -- Pop Quiz 0100.00 -- 4.4 Standards and Protocols -- -- IEEE -- ANSI -- IETF -- RSA Data Security, Inc. -- FIPS -- 4.5 Key Management/Certificate Lifecycle -- 4.5.1 Centralized vs. Decentralized -- 4.5.2 Storage -- 4.5.2.1 Hardware vs. Software -- 4.5.2.2 Private Key Protection -- 4.5.3 Escrow -- 4.5.4 Expiration.

4.5.5 Revocation.