Overview

Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product. This fully revised four color textbook covers every topic on the current version of the CompTIA Security+ exam Prepare for a career in computer and network security while also studying for professional certification. Take the latest version of the challenging CompTIA Security+ exam with complete confidence using the detailed information contained in this comprehensive classroom-based solution. Written and edited by leaders in the field, the book gets candidates fully prepared for the test and contains the essential fundamentals of computer and network security skills. Principles of Computer Security: CompTIA Security+ and Beyond, Sixth Edition (Exam SY0-601) is presented in an engaging style and features full-color illustrations. Targeted sidebars throughout encourage readers to apply concepts in real-world settings, while other special elements bring the focus back to study with specific test-related advice and information. The textbook features engaging end of chapter sections that help you review the content covered in each chapter while also drilling you on the essentials and providing unique hands-on lab projects. Provides 100% coverage of every objective on exam SY0-601 Online content includes 200 practice questions in the Total Tester exam engine Written by a team of the most well-respected upper-level IT security educators Instructor Materials are available for adopting schools—contact your McGraw Hill sales representative Answers and solutions to the end of chapter sections are only available to adopting instructors

Full Product Details

Author:   Wm. Arthur Conklin ,  Greg White ,  Chuck Cothren ,  Roger Davis
Publisher:   McGraw-Hill Education
Imprint:   McGraw-Hill Education
Edition:   6th edition
Weight:   2.055kg
ISBN:  

9781260474312

ISBN 10:   1260474313
Pages:   1072
Publication Date:   29 November 2021
Audience:   College/higher education ,  Tertiary & Higher Education
Format:   Paperback
Publisher's Status:   Active
Availability:   In stock  
We have confirmation that this item is in stock with the supplier. It will be ordered in for you and dispatched immediately.

Table of Contents

Foreword Preface Introduction Instructor Website Chapter 1 Introduction and Security Trends    The Computer Security Problem    Threats to Security    Attributes of Actors    Security Trends    Targets and Attacks    Approaches to Computer Security    Ethics    Additional References    Chapter 1 Review Chapter 2 General Security Concepts    Basic Security Terminology    Formal Security Models    Additional References    Chapter 2 Review Chapter 3 Operational and Organizational Security    Policies, Procedures, Standards, and Guidelines    Organizational Policies    Security Policies    Human Resources Policies    Security Awareness and Training    Standard Operating Procedures    Third-Party Risk Management    Interoperability Agreements    Chapter 3 Review Chapter 4 The Role of People in Security    People—A Security Problem    Tools    Attacks    Poor Security Practices    People as a Security Tool    Chapter 4 Review Chapter 5 Cryptography    Cryptography in Practice    Cryptographic Objectives    Historical Perspectives    Hashing Functions    Symmetric Encryption    Asymmetric Encryption    Quantum Cryptography    Post-Quantum    Lightweight Cryptography    Homomorphic Encryption    For More Information    Chapter 5 Review Chapter 6 Applied Cryptography    Cryptography Use    Cipher Suites    S/MIME    PGP    Steganography    Secure Protocols    Secure Protocol Use Cases    Cryptographic Attacks    Other Standards    Chapter 6 Review Chapter 7 Public Key Infrastructure    The Basics of Public Key Infrastructures    Certificate Authorities    Trust Models    Digital Certificates    Certificate Lifecycles    Certificate Repositories    Centralized and Decentralized Infrastructures    Certificate-Based Threats    PKIX and PKCS    ISAKMP    CMP    XKMS    CEP    Chapter 7 Review Chapter 8 Physical Security    The Security Problem    Physical Security Safeguards    Environmental Controls    Fire Suppression    Electromagnetic Environment    Power Protection    Drones/UAVs    Chapter 8 Review Chapter 9 Network Fundamentals    Network Architectures    Network Topology    Segregation/Segmentation/Isolation    Security Zones    Network Protocols    Internet Protocol    IPv4 vs. IPv6    Packet Delivery    Inter-Networking    MPLS    Software-Defined Networking (SDN)    Quality of Service (QoS)    Traffic Engineering    Route Security    For More Information    Chapter 9 Review Chapter 10 Infrastructure Security    Devices    Virtualization    Networking    Security Devices    Security Device/Technology Placement    Tunneling/VPN    Storage Area Networks    Media    Removable Media    Security Concerns for Transmission Media    Physical Security Concerns    Chapter 10 Review Chapter 11 Authentication and Remote Access    User, Group, and Role Management    Account Policies    Authorization    Identity    Authentication Methods    Biometric Factors    Biometric Efficacy Rates    Multifactor Authentication    Remote Access    Preventing Data Loss or Theft    Database Security    Cloud vs. On-premises Requirements    Connection Summary    For More Information    Chapter 11 Review Chapter 12 Wireless Security and Mobile Devices    Connection Methods and Receivers    Wireless Protocols    Wireless Systems Configuration    Wireless Attacks    Mobile Device Management Concepts    Mobile Application Security    Mobile Devices    Policies for Enforcement and Monitoring    Deployment Models    Chapter 12 Review Chapter 13 Intrusion Detection Systems and Network Security    History of Intrusion Detection Systems    IDS Overview    Network-Based IDSs    Host-Based IDSs    Intrusion Prevention Systems    Network Security Monitoring    Deception and Disruption Technologies    Analytics    SIEM    DLP    Tools    Indicators of Compromise    For More Information    Chapter 13 Review Chapter 14 System Hardening and Baselines    Overview of Baselines    Hardware/Firmware Security    Operating System and Network Operating System Hardening    Secure Baseline    Endpoint Protection    Network Hardening    Application Hardening    Data-Based Security Controls    Environment    Automation/Scripting    Alternative Environments    Industry-Standard Frameworks and Reference Architectures    Benchmarks/Secure Configuration Guides    For More Information    Chapter 14 Review Chapter 15 Types of Attacks and Malicious Software    Avenues of Attack    Malicious Code    Malware    Attacking Computer Systems and Networks    Advanced Persistent Threat    Password Attacks    Chapter 15 Review Chapter 16 Security Tools and Techniques    Network Reconnaissance and Discovery Tools    File Manipulation Tools    Shell and Script Environments    Packet Capture and Replay Tools    Forensic Tools    Tool Suites    Penetration Testing    Vulnerability Testing    Auditing    Vulnerabilities    Chapter 16 Review Chapter 17 Web Components, E-mail, and Instant Messaging    Current Web Components and Concerns    Web Protocols    Code-Based Vulnerabilities    Application-Based Weaknesses    How E-mail Works    Security of E-mail    Mail Gateway    Mail Encryption    Instant Messaging    Chapter 17 Review Chapter 18 Cloud Computing    Cloud Computing    Cloud Types    Cloud Service Providers    Cloud Security Controls    Security as a Service    Cloud Security Solutions    Virtualization    VDI/VDE    Fog Computing    Edge Computing    Thin Client    Containers    Microservices/API    Serverless Architecture    Chapter 18 Review Chapter 19 Secure Software Development    The Software Engineering Process    Secure Coding Concepts    Application Attacks    Application Hardening    Code Quality and Testing    Compiled Code vs. Runtime Code    Software Diversity    Secure DevOps    Elasticity    Scalability    Version Control and Change Management    Provisioning and Deprovisioning    Integrity Measurement    For More Information    Chapter 19 Review Chapter 20 Risk Management    An Overview of Risk Management    Risk Management Vocabulary    What Is Risk Management?    Security Controls    Business Risks    Third-party Risks    Risk Mitigation Strategies    Risk Management Models    Risk Assessment    Qualitatively Assessing Risk    Quantitatively Assessing Risk    Qualitative vs. Quantitative Risk Assessment    Tools    Risk Management Best Practices    Additional References    Chapter 20 Review Chapter 21 Business Continuity, Disaster Recovery, and Change Management    Business Continuity    Continuity of Operations Planning (COOP)    Disaster Recovery    Why Change Management?    The Key Concept: Separation of Duties    Elements of Change Management    Implementing Change Management    The Purpose of a Change Control Board    The Capability Maturity Model Integration    Environment    Secure Baseline    Sandboxing    Integrity Measurement    Chapter 21 Review Chapter 22 Incident Response    Foundations of Incident Response    Attack Frameworks    Threat Intelligence    Incident Response Process    Exercises    Stakeholder Management    Communication Plan    Data Sources    Log Files    Data Collection Models    Standards and Best Practices    For More Information    Chapter 22 Review Chapter 23 Computer Forensics    Evidence    Chain of Custody    Forensic Process    Message Digest and Hash    Analysis    Host Forensics    Device Forensics    Network Forensics    Legal Hold    Chapter 23 Review Chapter 24 Legal Issues and Ethics    Cybercrime    Ethics    Chapter 24 Review Chapter 25 Privacy    Data Handling    Organizational Consequences of Privacy Breaches    Data Sensitivity Labeling and Handling    Data Roles    Data Destruction and Media Sanitization    U.S. Privacy Laws    International Privacy Laws    Privacy-Enhancing Technologies    Privacy Policies    Privacy Impact Assessment    Web Privacy Issues    Privacy in Practice    For More Information    Chapter 25 Review Appendix A CompTIA Security+ Exam Objectives: SY0-601 Appendix B About the Online Content    System Requirements    Your Total Seminars Training Hub Account    Single User License Terms and Conditions    TotalTester Online    Technical Support Glossary Index

Reviews

Author Information

Greg White (San Antonio, TX), CompTIA Security+, CISSP, is an Associate Professor in the Department of Computer Science at the University of Texas at San Antonio. Dr. White is the Director of the Center for Infrastructure Assurance and Security at UTSA. Chuck Cothren is a Research Scientist at University of Texas at San Antonio (UTSA) Center for Infrastructure Assurance and Security (CIAS) and currently serves on the Information Security Associations Alamo Chapter Board of Directors. Mr. Cothren has a wide array of security experience including performing controlled penetration testing, network security policies, computer intrusion forensics, and computer training. He is a Certified Information Systems Security Professional (CISSP) and has co-authored other McGraw-Hill/Osborne titles. Mr. Cothren holds a B.S. in Industrial Distribution from Texas A&M University. Roger L. Davis is a Senior Internal Audit Manager at NuSkin Enterprises and is responsible for evaluating global business operations in over 35 countries. He is a retired Air Force Colonel with over 20 years of military and information security experience. Mr. Davis is a Certified Information Systems Security Professional (CISSP) and holds a Masters Degree in Computer Science from George Washington University.

Tab Content 6

Author Website:  

Customer Reviews

Recent Reviews

No review item found!

Add your own review!

Countries Available

All regions