CompTIA Security+Certification Study Guide,

Second Edition

(Exam SYO-401)

'aw-Hill Education is an independent entity from CompTIA.This publication^D-ROM may be used in assisting students to prepare for the CompTIAity+ exam. Neither CompTIA nor McGraw-Hill Education warrant that use of

ublication and CD-ROM will ensure passing any exam. CompTIA and CompTIAity+ are trademarks or registered trademarks of CompTIA in the United States

>r other countries.AII other trademarks are trademarks of their respective owners.

Glen E. Clarke

McGrawHillEducation

New York Chicago San Framixs. Alliens

London Madrid Mexico City Mil.m

New Mill Smt.iport Sydney Toronto

CONTENTS AT A GLANCE

1 Networking Basics and Terminology 1

2 Introduction to Security Terminology 65

3 Security Policies and Standards 97

4 Types of Attacks 133

5 System Security Threats 181

6 Mitigating Security Threats 219

7 Implementing System Security 271

8 Securing the Network Infrastructure 331

9 Wireless Networking and Security 379

10 Authentication 433

11 Access Control 457

12 Introduction to Cryptography 493

13 Managing a Public Key Infrastructure 533

14 Physical Security 569

15 Risk Analysis 599

16 Disaster Recovery and Business Continuity 625

17 Introduction to Computer Forensics 667

18 Security Assessments and Audits 709

ix

X CompTIA Security+ Certification Study Guide

19 Understanding Monitoring and Auditing 763

A About the CD-ROM 801

Index 805

CONTENTS

Acknowledgments xxiii

Preface xxv

Introduction xxix

1 Networking Basics and Terminology I

Understanding Network Devices and Cabling 2

Looking at Network Devices 2

Understanding Network Cabling 10

Exercise l-l: Reviewing Networking Components 18

Understanding TCP/IP 19

Reviewing IP Addressing 19

Exercise 1-2: Understanding Valid Addresses 24

Understanding TCP/IP Protocols 25

Exercise 1-3: Viewing Protocol Information

with Network Monitor 36

Application Layer Protocols 42

A Review of IPv6 48

Exercise 1-4: Identifying Protocols in TCP/IP 51

Network Security Best Practices 51

Device Usage 52

Cable and Protocol Usage 53

/ Two-Minute Drill 56

Q&A Self Test 58

Self Test Answers 61

2 Introduction to Security Terminology 65

Goals of Information Security 66

Confidentiality 66

Integrity 69

Availability 71

xi

XII CompTIA Security+ Certification Study Guide

Accountability u

Exeixise2^l: CIA Scenarios 73

Understanding Authentication and Authorization 74

Identification and Authentication 74

Authorization 76

Understanding Security Principles and Terminology 77

Types of Security 77

Least Privilege, Separation of Duties,

and Rotation of Duties 79

Concept of Need to Know 80

Layered Security and Diversity of Defense 81

Due Care, Due Diligence 81

Vulnerability and Exploit 82

Looking at Security Roles 82

System and Data Owner 83

Custodian 83

User 83

Security Officer 83

f*erdse_2-2: Security Terminology 84

•/ Two-Minute Drill 86

D^A Self Test 89

Self Test Answers 93

3 Security Policies and Standards 97

Introduction to Security Policies 98

Structure of a Policy 99

Identifying Types of Policies 100

Understanding Regulations and Standards 101

Looking at Security Policies 103

Policies Affecting Users 103Policies Affecting Administrators 105

P^rciseJ-i: Reviewing a Security Policy 106Policies Affecting Management 107Other Popular Policies }09

Human Resource Policies \\q

Hiring Policy iiqTermination Policy mMandatory Vacations

Contents xHl

Security-Related HR Policies 112

Exercise Creating a Security Policy 113

User Education and Awareness 114

General Training and Role-Based Training 114

User Habits 116

New Threats and Security Trends 118

Use of Social Network and P2P 118

Training Metrics and Follow Up 119

Exercise 3-3: Designing a Training Program 119

/ Two-Minute Drill 122

Q&.A Self Test 124

Self Test Answers 128

4 Types of Attacks 133

Understanding Social Engineering 134

Social Engineering Overview 1 34

Popular Social Engineering Attacks 134

Reasons for Effectiveness 139

Preventing Social Engineering Attacks 139

Identifying Network Attacks 140

Popular Network Attacks 140

Exercise 4-\: DNS Poisoning by Modifyingthe Hosts File 148

Exejxjse_4^2: Performing a Port Scan 151

Other Network Attacks 152

Preventing Network Attacks 153

Looking at Password Attacks 154

Types of Password Attacks 154

Excfcise^O: Password Cracking with LC4 156

Birthday Attacks and Rainbow Tables 158

Preventing Password Attacks 158

Understanding Application Attacks 160

Popular Application Attacks 160

Exercise 4-4: SQL Injection Attacks 162

Ixercis^l-IS," Exploiting an US Web Server

with Folder Traversal 165

Other Application Attacks 166

Preventing Application Attacks 168

XIV CompTIA Security+ Certification Study Guide

/ Two-Minute Drill 170

\ Self Test 172

Self Test Answers 176

5 System Security Threats ,81

Identifying Physical Threats 182

Snooping 182

Theft and Loss of Assets 183

Human Error 184

Sabotage 185

Looking at Malicious Software 185

Privilege Escalation 185

Viruses 186

Exercise 5-1: Looking at the NetBus Trojan Virus 188

Other Malicious Software 194

Protecting Against Malicious Software 199

Threats Against Hardware 200

BIOS Settings 200

USB Devices 201

Cell Phones 202

Exercise 5-2: Exploiting a Bluetooth Device 203

Removable Storage 206

Network Attached Storage 206

PBX 208

/ Two-Minute Drill 211

\ Self Test 213

Self Test Answers 216

6 Mitigating Security Threats 219

Understanding Operating System Hardening 220

Uninstall Unnecessary Software 221

Disable Unnecessary Services 224

Exercise 6-1: Disabling the Messenger Service 226Protect Management Interfaces and Applications 227Disable Unnecessary Accounts 228Patch System 229Password Protection 230

Contents XV

System Hardening Procedures 231

Network Security Hardening 231

Exercise 6-2: Hardening a Network Switch 234

Tools for System Hardening 236

Exercise 6-3: Creating a Security Template 240

Security Posture and Reporting 245

Establishing Application Security 247

Secure Coding Concepts 247

Application Hardening 249

Server Hardening Best Practices 252

All Servers 252

HTTP Servers 252

DNS Servers 253

Exercise 6-4: Limiting DNS Zone Transfers 254

DHCP Servers 255

SMTP Servers and FTP Servers 256

Mitigate Risks in Static Environments 256

/ Two-Minute Drill 260

Qi-iA Self Test 262

Self Test Answers 266

7 Implementing System Security 271

Implementing Personal Firewalls and HIDS 272

Personal Firewalls 272

Exercise 7-1: Configuring TCP Wrappers in Linux 282

Host-Based IDS 283

Protecting Against Malware 284

Patch Management 284

Using Antivirus and Anti-spam Software 290

Spyware and Adware 295

Phish Filters and Pop-up Blockers 296

Exercise 7-2: Manually Testing a Web Site for Phishing ...299

Practicing Good Habits 299

Device Security and Data Security 300

Hardware Security 300

Mobile Devices 300

Data Security 303

Exercise 7-3: Configuring Permissions in Windows 8 306

XVi CompTIA Security^ Certification Study Guide

Application Security and BYOD Concerns 314

Host-Based Security 317

Understanding Visualization and Cloud Computing 319

Visualization and Security 319

Cloud Computing Issues 321

/ Two-Minute Drill 324

(J«kA SelfTest 325

SelfTest Answers 328

8 Securing the Network Infrastructure 331

Understanding Firewalls 332

Firewalls 332

Using IPTables as a Firewall 337

Exercise 8-1: Configuring IPTables in Linux 338

Using Firewall Features on a Home Router 340

Proxy Servers 345Other Security Devices and Technologies 346

Using Intrusion Detection Systems 348IDS Overview 348Exercise 8-2: Using Snort—A Network-Based IDS 352

Honeypots and Honeynets 356

Protocol Analyzers 357Network Design and Administration Principles 358

Subnetting and VLANs 358Network Address Translation (NAT) 360Network Access Control (NAC) 362Network Administration Principles 363

Securing Devices365

/ Two-Minute Drill 368Q;kA SelfTest

370Self Test Answers

374

9 Wireless Networking and Security 379

Understanding Wireless Networking 380Standards

3gjChannels

3g3Antenna Types 334Authentication and Encryption 385

Contents XVII

Securing a Wireless Network 387

Security Best Practices 388

Vulnerabilities with Wireless Networks 394

Exerdse9Ji Cracking WEP with BackTrack 398

Perform a Site Survey 405

Configuring a Wireless Network 406

Configuring the Access Point 406

Configuring the Client 415

Infrared and Bluetooth 419

Infrared 419

Bluetooth 420

Near Field Communication 421

/ Two-Minute Drill 422

Q&A SelfTest 424

Self Test Answers 429

10 Authentication 433

Identifying Authentication Models 434

Authentication Terminology 434

Authentication Factors 435

Single Sign-on 437

Authentication Protocols 439

Windows Authentication Protocols 439

Remote Access Authentication 440

Authentication Services 442

Implementing Authentication 445

User Accounts 445

Tokens 446

Looking at Biometrics 447

Smartcard 448

/ Two-Minute Drill 451

QcsA SelfTest 452

Self Test Answers 455

11 Access Control 457

Introducing Access Control 458

Types of Security Controls 458

Implicit Deny 460

Review of Security Principles 461

XVlil CompTIA Security+ Certification Study Guide

Access Control Models462

Discretionary Access Control 462

Mandatory Access Control 464

Role-Based Access Control 466

Exercise I l-h Assigning a User the sysadmin Role 467

Rule-Based Access Control 468

Implementing Access Control 469

Using Security Groups469

Exercise 11-2: Configuring Security Groups

and Assigning Permissions 470

Rights and Privileges 471

Exercise 11 -3: Modifying User Rights

on a Windows System 472

Securing Files and Printers 474

Access Control Lists (ACLs) 475

Group Policies 477

Exercise 11 -4: Configuring Password

Policies via Group Policies 479

Account Restrictions 480

Account Policy Enforcement 483

Monitoring Account Access 484

•/ Two-Minute Drill 486

<.K-A SelfTest 487

Self Test Answers 490

12 Introduction to Cryptography 493

Introduction to Cryptography Services 494

Understanding Cryptography 494

Algorithms and Keys 497

Exercise 12-1: Encrypting Data with the Caesar Cipher ...498

Other Cryptography Terms 503

Symmetric Encryption 505

Symmetric Encryption Concepts 506

Symmetric Encryption Algorithms 507

Exercise 12-2: Encrypting Data with

the AES Algorithm 508

Asymmetric Encryption 509

Asymmetric Encryption Concepts 509

Asymmetric Encryption Algorithms 512

Contents xiX

Quantum Cryptography 513

In-Band vs. Out-of-Band Key Exchange 513

Understanding Hashing 513

Hashing Concepts 514

Hashing Algorithms 514

Exercise 12-3: Generating Hashes to Verify Integrity 516

Identifying Encryption Uses 518

Encrypting Data 518

Encrypting Communication 519

Understanding Steganography 523

/ Two-Minute Drill 525

Q;v \ Self Test 527

Self Test Answers 530

13 Managing a Public Key Infrastructure 533

Introduction to Public Key Infrastructure 534

Understanding PKI Terminology 534

Certificate Authority and Registration Authority 537

Repository 539

Managing a Public Key Infrastructure 539

Certificate Life Cycle 539

Certificate Revocation Lists and OSCP 540

Other PKI Terms 541

Implementing a Public Key Infrastructure 543

How SSL Works 544

How Digital Signatures Work 544

Creating a PKI 545

Exercise 13-1: Installing a Certificate Authority 546

Exercise 13-2: SSL-Enabling a Web Site 551

Managing a PKI 558

/ Two-Minute Drill 562

Q^.'v Self Test 563

Self Test Answers 566

14 Physical Security 569

Choosing a Business Location 571

Facility Concerns 571

Lighting and Windows 571

XX CompTIA Security* Certification Study Guide

Doors, Windows, and Walk 5?2

57?Safety Concerns JlJ

Physical Access Controls 574

ExeroseJ4dj Erasing the Administrator

Password with a Live CD 575

Fencing and Guards 578

Hardware Locks 580

Access Systems •

581

Other Security Controls -583

Physical Access Lists and Logs 58.3

Video Surveillance 584

Implementing Environmental Controls 586

Understanding HVAC >586

Shielding 587

Fire Suppression -587

/ Two-Minute Drill 590

Q^A SelfTest 591

Self Test Answers .595

15 Risk Analysts ,,,»,..«,«,.««.«»«..«••«».«».•«.««..•«».««»•»»•»»» 595

Introduction to Risk Analysis -600

Risk Analysts Overview ,

600

Risk Analysis Process 601

Risk with Qoad Computing and Third Parties 605

Types of Risk Analysts 608

Qualitative 608

E^roseJSM: Performing a Qualitative Risk Analysis 611

Quantitative 611

Exeiwe_t5.-1: Performing a Quantitative Risk Analysis ...613

Risk Mitigation Strategies 614

IxejciseJJ^Jj Identifying Mitigation Techniques 616

y Two-Minute Drill 618

Q6<A Self Test 619

Self Test Answers 622

16 Disaster Recovery and Business Continuity 425

Introduction to Disaster Recovery and Business Continuity 626Introduction to Business Continuity 626

Understanding Disaster Recovery 630

Contents XXI

Backing Up and Restoring Data 634

Security Considerations with Tapes 634

Full, Incremental, and Differential Backups 635

Scheduling Backups 638

Backup Plan Example 638

Exercise 16-1: Backing Up and Restoring

Data on a Windows Server 639

Implementing Fault Tolerance 643

RAID 0 644

RAID 1 647

RAID 5 650

Understanding High Availability 652

Clustering Services 653

Network Load Balancing 654

Redundant Hardware 655

/ Two-Minute Drill 657

Q&.A SelfTest 659

SelfTest Answers 663

17 Introduction to Computer Forensics 667

Working with Evidence 668

Types of Evidence 669

Collecting Evidence 669

Collecting Digital Evidence 673

Understanding the Process 673

Where to Find Evidence 679

Tools Used 680

Exercise 17-1: Using ProDiscover for Forensics Analysis ...

685

Exercise 17-2: Performing Cell Phone Forensics 691

Exercise 17-3: Looking at EXIF Metadata 696

Looking at Incident Response 697

Incident Response Team 697

First Responders 698

Damage and Loss Control 698

•/ Two-Minute Drill 702

Q&A Self Test 703

Self Test Answers 706

XXil CompTIA Security+ Certification Study Guide

18 Security Assessments and Audits 709

Understanding Types ofAssessments710

Assessment Types710

Assessment Techniques721

Performing a Security Assessment723

Performing a Penetration Test 724

ExercjseJJMj Profiling an Organization 726

Exercise 18-2: Using a Port Scanner 737

Performing a Vulnerability Assessment 743

Exercise 18-3: Performing a Vulnerability

Scan with LANguard 747

/ Two-Minute Drill 754

Q&A SelfTest 756

SelfTest Answers 760

19 Understanding Monitoring and Auditing 763

Introduction to Monitoring 764

Monitoring Tools 766

Useful System Commands 766

Performance Monitor 770

Protocol Analyzer and Sniffer 773

Exercise 19-1: Monitoring Network Traffic

with Network Monitor 773

Implementing Logging and Auditing 777

Understanding Auditing 777

Exercise 19-2: Implementing Auditing in Windows 783

Understanding Logging 784

Exercise 19-3: Configuring Logging in US 785

Exercise 19-4: Configuring the Windows Firewall 788

Popular Areas to Audit 790

'/ Two-Minute Drill 794

Q&A SelfTest 795

Self Test Answers 798

A About the CD-ROM 801

'ndex 805