+1 (208) 254-6996 [email protected]
  

Vulnerability Assessment and Data Security …………………………………..565

CHAPTER 14

Don't use plagiarized sources. Get Your Custom Essay on
Vulnerability Assessment and Data Security …………………………………..565
Just from $13/Page
Order Essay

Business Continuity ………………………………………………………………………..607

CHAPTER 15

Risk Mitigation ……………………………………………………………………………….651

APPENDIX A

CompTIA SY0-501 Certification Exam Objectives ……………………………..691

GLOSSARY …………………………………………………………………………………………… 713

INDEX …………………………………………………………………………………………………..741

iv

88781_fm_hr_i-xxvi.indd 4 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

 

 

Table of Contents INTRODUCTION……………………………………………………………………………………………..xv

PART 1

SECURITY AND ITS THREATS …………………………………………….. 1

CHAPTER 1

Introduction to Security ………………………………………………….. 3 Challenges of Securing Information ………………………………………………………… 8

Today’s Security Attacks …………………………………………………………………………8 Reasons for Successful Attacks ………………………………………………………………12 Difficulties in Defending Against Attacks ………………………………………………. 14

What Is Information Security? ……………………………………………………………….. 17 Understanding Security …………………………………………………………………………18 Defining Information Security ……………………………………………………………….18 Information Security Terminology …………………………………………………………21 Understanding the Importance of Information Security ………………………….. 24

Who Are the Threat Actors? …………………………………………………………………… 28 Script Kiddies ……………………………………………………………………………………… 29 Hactivists …………………………………………………………………………………………… 29 Nation State Actors ………………………………………………………………………………30 Insiders ………………………………………………………………………………………………30 Other Threat Actors ………………………………………………………………………………31

Defending Against Attacks ……………………………………………………………………. 32 Fundamental Security Principles ………………………………………………………….. 32 Frameworks and Reference Architectures ……………………………………………… 35

Chapter Summary …………………………………………………………………………………. 35

Key Terms …………………………………………………………………………………………….. 37

Review Questions………………………………………………………………………………….. 37

Case Projects ………………………………………………………………………………………… 46

CHAPTER 2

Malware and Social Engineering Attacks ……………………….. 51 Attacks Using Malware ………………………………………………………………………….. 53

Circulation………………………………………………………………………………………….. 55 Infection …………………………………………………………………………………………….. 61

v

88781_fm_hr_i-xxvi.indd 5 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

 

 

Table of Contentsvi

Concealment ………………………………………………………………………………………. 65 Payload Capabilities ……………………………………………………………………………..66

Social Engineering Attacks …………………………………………………………………….. 73 Psychological Approaches ……………………………………………………………………. 74 Physical Procedures ……………………………………………………………………………..80

Chapter Summary …………………………………………………………………………………. 82

Key Terms …………………………………………………………………………………………….. 84

Review Questions …………………………………………………………………………………. 84

Case Projects ………………………………………………………………………………………… 92

PART 2

CRYPTOGRAPHY ……………………………………………………………. 97

CHAPTER 3

Basic Cryptography ……………………………………………………….. 99 Defining Cryptography ………………………………………………………………………… 101

What Is Cryptography? ……………………………………………………………………….. 101 Cryptography and Security …………………………………………………………………. 105 Cryptography Constraints …………………………………………………………………….107

Cryptographic Algorithms ……………………………………………………………………. 108 Hash Algorithms …………………………………………………………………………………110 Symmetric Cryptographic Algorithms ………………………………………………….. 113 Asymmetric Cryptographic Algorithms ………………………………………………… 116

Cryptographic Attacks …………………………………………………………………………. 123 Algorithm Attacks ………………………………………………………………………………. 123 Collision Attacks ………………………………………………………………………………… 125

Using Cryptography …………………………………………………………………………….. 126 Encryption through Software ………………………………………………………………. 127 Hardware Encryption ………………………………………………………………………….128

Chapter Summary ……………………………………………………………………………….. 130

Key Terms …………………………………………………………………………………………… 132

Review Questions………………………………………………………………………………… 133

Case Projects ………………………………………………………………………………………. 142

CHAPTER 4

Advanced Cryptography and PKI …………………………………. 145 Implementing Cryptography ……………………………………………………………….. 147

Key Strength ……………………………………………………………………………………….147 Secret Algorithms ……………………………………………………………………………….148

88781_fm_hr_i-xxvi.indd 6 8/16/17 7:01 PM

Copyright 2018 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. WCN 02-200-203

 

 

Table of Contents vii

Block Cipher Modes of Operation ……………………………………………………….. 149 Crypto Service Providers…………………………………………………………………….. 150 Algorithm Input Values ………………………………………………………………………. 151

Digital Certificates ………………………………………………………………………………. 152 Defining Digital Certificates …………………………………………………………………. 152 Managing Digital Certificates ……………………………………………………………….154 Types of Digital Certificates ………………………………………………………………….158

Public Key Infrastructure (PKI) …………………………………………………………….. 165 What Is Public Key Infrastructure (PKI)? ………………………………………………. 166 Trust Models …………………………………………………………………………………….. 166 Managing PKI ……………………………………………………………………………………..168 Key Management ……………………………………………………………………………….. 171

Cryptographic Transport Protocols ……………………………………………………… 174 Secure Sockets Layer (SSL) …………………………………………………………………… 174 Transport Layer Security (TLS) …………………………………………………………….. 175 Secure Shell (SSH) ……………………………………………………………………………….176 Hypertext Transport Protocol Secure (HTTPS) ………………………………………..176 Secure/Multipurpose Internet Mail Extensions (S/MIME) ………………………. 177 Secure Real-time Transport Protocol (SRTP) ………………………………………….. 177 IP Security (IPsec) ………………………………………………………………………………. 177

Chapter Summary ……………………………………………………………………………….. 179

Key Terms ………………………………………………………………………………..

Order your essay today and save 10% with the discount code ESSAYHELP