Written by leaders in the field of IT security higher education, the new edition of this full-color text is revised to cover the 2011 CompTIA Security+ exam. Principles of Computer Security, Third Edition covers the new 2011 CompTIA Security+ exam objectives and provides context for students and aspiring government workers looking to meet government workforce requirements (DOD 8570). This full-color textbook provides comprehensive coverage of the core principles of information security: system security, network infrastructure, access control, organizational security, and compliance, while also providing 100% coverage of all exam objectives for the CompTIA Security+ certification. Well illustrated with photographs and diagrams, and has an engaging, dynamic presentation. The textbook’s teaching elements include sidebar questions, critical-skill building activities, and end-of-chapter student review and assessment. Principles of Computer Security, Third Edition Features CompTIA Approved Quality Curriculum—CAQC Official content Offers Online Learning Center with: instructor manual, classroom PowerPoint slides, and a test bank solution in EZ Test & Blackboard format Includes two complete practice exams Coverage includes: Introduction and Security Trends; General Security Concepts; Operational/Organizational Security; The Role of People in Security; Cryptography; Public Key Infrastructure; Standards and Protocols; Physical Security; Network Fundamentals; Infrastructure Security; Authentication and Remote Access; Wireless; Intrusion Detection Systems and Network Security; Baselines; Types of Attacks and Malicious Software; E-mail and Instant Messaging; Web Components; Secure Software Development; Disaster Recovery, Business Continuity, and Organizational Policies; Risk Management; Change Management; Privilege Management; Computer Forensics; Legal Issues and Ethics; Privacy

Fully updated computer security essentials—mapped to the CompTIA Security+ SY0-601 exam Save 10% on any CompTIA exam voucher! Coupon code inside. Learn IT security fundamentals while getting complete coverage of the objectives for the latest release of CompTIA Security+ certification exam SY0-601. This thoroughly revised, full-color textbook covers how to secure hardware, systems, and software. It addresses new threats and cloud environments, and provides additional coverage of governance, risk, compliance, and much more. Written by a team of highly respected security educators, Principles of Computer Security: CompTIA Security+TM and Beyond, Sixth Edition (Exam SY0-601) will help you become a CompTIA-certified computer security expert while also preparing you for a successful career. Find out how to: Ensure operational, organizational, and physical security Use cryptography and public key infrastructures (PKIs) Secure remote access, wireless networks, and virtual private networks (VPNs) Authenticate users and lock down mobile devices Harden network devices, operating systems, and applications Prevent network attacks, such as denial of service, spoofing, hijacking, and password guessing Combat viruses, worms, Trojan horses, and rootkits Manage e-mail, instant messaging, and web security Explore secure software development requirements Implement disaster recovery and business continuity measures Handle computer forensics and incident response Understand legal, ethical, and privacy issues Online content features: Test engine that provides full-length practice exams and customized quizzes by chapter or exam objective Each chapter includes: Learning objectives Real-world examples Try This! and Cross Check exercises Tech Tips, Notes, and Warnings Exam Tips End-of-chapter quizzes and lab projects

Official CompTIA Content! Prepare for CompTIA Security+ Exam SY0-301 with McGraw-Hill—a Gold-Level CompTIA Authorized Partner offering Official CompTIA Approved Quality Content to give you the competitive edge on exam day. Get complete coverage of all the objectives included on CompTIA Security+ exam inside this completely updated, comprehensive volume. Written by leading network security experts, this definitive guide covers exam SY0-301 in full detail. You'll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the exam with ease, this practical resource also serves as an essential on-the-job reference. Covers all exam topics, including: General security concepts Operational organizational security Legal issues, privacy, and ethics Cryptography Public key infrastructure Standards and protocols Physical security Infrastructure security Remote access and authentication Intrusion detection systems Security baselines Types of attacks and malicious software E-mail and instant messaging Web components Disaster recovery and business continuity Risk, change, and privilege management Computer forensics CD-ROM features: Two full practice exams PDF copy of the book From the Authors Preparing Yourself for the CompTIA Security+ Exam CompTIA Security+ Certification All-in-One Exam Guide is designed to help prepare you to take the CompTIA Security+ certification exam SY0-301. When you pass it, you will demonstrate that you have that basic understanding of security that employers are looking for. Passing this certification exam will not be an easy task, for you will need to learn many things to acquire that basic understanding of computer and network security. How This Book Is Organized The book is divided into sections and chapters to correspond with the objectives of the exam itself. Some of the chapters are more technical than others—reflecting the nature of the security environment, where you will be forced to deal with not only technical details but also other issues, such as security policies and procedures as well as training and education. Although many individuals involved in computer and network security have advanced degrees in math, computer science, information systems, or computer or electrical engineering, you do not need this technical background to address security effectively in your organization. You do not need to develop your own cryptographic algorithm; for example, you simply need to be able to understand how cryptography is used along with its strengths and weaknesses. As you progress in your studies, you will learn that many security problems are caused by the human element. The best technology in the world still ends up being placed in an environment where humans have the opportunity to foul things up—and all too often do. Part I: Security Concepts: The book begins with an introduction to some of the basic elements of security. Part II: Cryptography and Applications: Cryptography is an important part of security, and this part covers this topic in detail. The purpose is not to make cryptographers out of readers but to instead provide a basic understanding of how cryptography works and what goes into a basic cryptographic scheme. An important subject in cryptography, and one that is essential for the reader to understand, is the creation of public key infrastructures, and this topic is covered as well. Part III: Security in the Infrastructure: The next part concerns infrastructure issues. In this case, we are not referring to the critical infrastructures identified by the White House several years ago (identifying sectors such as telecommunications, banking and finance, oil and gas, and so forth) but instead the various components that form the backbone of an organization’s security structure. Part IV: Security in Transmissions: This part discusses communications security. This is an important aspect of security because, for years now, we have connected our computers together into a vast array of networks. Various protocols in use today that the security practitioner needs to be aware of are discussed in this part. Part V: Operational Security: This part addresses operational and organizational issues. This is where we depart from a discussion of technology again and will instead discuss how security is accomplished in an organization. Because we know that we will not be absolutely successful in our security efforts—attackers are always finding new holes and ways around our security defenses—one of the most important topics we will address is the subject of security incident response and recovery. Also included is a discussion of change management (addressing the subject we alluded to earlier when addressing the problems with patch management), security awareness and training, incident response, and forensics. Part VI: Appendixes: There are two appendixes in CompTIA Security+ All-in-One Exam Guide. Appendix A provides an additional in-depth explanation of the OSI model and Internet protocols, should this information be new to you, and Appendix B explains how best to use the CD-ROM included with this book. Glossary: Located just before the index, you will find a useful glossary of security terminology, including many related acronyms and their meanings. We hope that you use the glossary frequently and find it to be a useful study aid as you work your way through the various topics in this exam guide.

Fully updated computer security essentials—quality approved by CompTIA Learn IT security fundamentals while getting complete coverage of the objectives for the latest release of CompTIA Security+ certification exam SY0-501. This thoroughly revised, full-color textbook discusses communication, infrastructure, operational security, attack prevention, disaster recovery, computer forensics, and much more. Written by a pair of highly respected security educators, Principles of Computer Security: CompTIA Security+® and Beyond, Fifth Edition (Exam SY0-501) will help you pass the exam and become a CompTIA certified computer security expert. Find out how to: •Ensure operational, organizational, and physical security •Use cryptography and public key infrastructures (PKIs) •Secure remote access, wireless networks, and virtual private networks (VPNs) •Authenticate users and lock down mobile devices •Harden network devices, operating systems, and applications •Prevent network attacks, such as denial of service, spoofing, hijacking, and password guessing •Combat viruses, worms, Trojan horses, and rootkits •Manage e-mail, instant messaging, and web security •Explore secure software development requirements •Implement disaster recovery and business continuity measures •Handle computer forensics and incident response •Understand legal, ethical, and privacy issues Online content includes: •Test engine that provides full-length practice exams and customized quizzes by chapter or exam objective •200 practice exam questions Each chapter includes: •Learning objectives •Real-world examples •Try This! and Cross Check exercises •Tech Tips, Notes, and Warnings •Exam Tips •End-of-chapter quizzes and lab projects

Practice the Skills Essential for a Successful Career in Cybersecurity! This hands-on guide contains more than 90 labs that challenge you to solve real-world problems and help you to master key cybersecurity concepts. Clear, measurable lab results map to exam objectives, offering direct correlation to Principles of Computer Security: CompTIA Security+TM and Beyond, Sixth Edition (Exam SY0-601). For each lab, you will get a complete materials list, step-by-step instructions and scenarios that require you to think critically. Each chapter concludes with Lab Analysis questions and a Key Term quiz. Beyond helping you prepare for the challenging exam, this book teaches and reinforces the hands-on, real-world skills that employers are looking for. In this lab manual, you’ll gain knowledge and hands-on experience with Linux systems administration and security Reconnaissance, social engineering, phishing Encryption, hashing OpenPGP, DNSSEC, TLS, SSH Hacking into systems, routers, and switches Routing and switching Port security, ACLs Password cracking Cracking WPA2, deauthentication attacks, intercepting wireless traffic Snort IDS Active Directory, file servers, GPOs Malware reverse engineering Port scanning Packet sniffing, packet crafting, packet spoofing SPF, DKIM, and DMARC Microsoft Azure, AWS SQL injection attacks Fileless malware with PowerShell Hacking with Metasploit and Armitage Computer forensics Shodan Google hacking Policies, ethics, and much more

The preparation you need for the new CompTIA Security+ exam SY0-301 This top-selling study guide helps candidates prepare for exam SY0-301 and certification as a CompTIA Security+ administrator. Inside the new, CompTIA Authorized edition, you'll find complete coverage of all Security+ exam objectives, loads of real-world examples, and a CD packed with cutting-edge exam prep tools. The book covers key exam topics such as general security concepts, infrastructure security, the basics of cryptography, and much more. Provides 100% coverage of all exam objectives for the new CompTIA Security+ exam SY0-301 including: Network security Compliance and operational security Threats and vulnerabilities Application, data and host security Access control and identity management Cryptography Covers key topics such as general security concepts, communication and infrastructure security, the basics of cryptography, operational security, and more Offers practical examples and insights drawn from the real world Includes a CD with two practice exams, all chapter review questions, electronic flashcards, and more Obtain your Security+ certification and jump-start your career. It's possible with the kind of thorough preparation you'll receive from CompTIA Security+ Study Guide, 5th Edition.