GSEC GIAC Security Essentials Certification All-in-One Exam Guide, Second Edition 2nd edition [Grāmata]

  • Formāts: Book, 608 pages, weight: 973 g, 196 Illustrations, unspecified
  • Izdošanas datums: 02-Aug-2019
  • Izdevniecība: McGraw-Hill Education
  • ISBN-10: 1260453200
  • ISBN-13: 9781260453201
Citas grāmatas par šo tēmu:
  • Grāmata
  • Cena: 65,12 EUR
  • Pievienot vēlmju sarakstam
  • Ielikt grozā
  • Daudzums:
  • Piegādes laiks - 4-6 nedēļas
  • Grāmatu piegādes laiks ir 3-4 nedēļas, ja grāmata ir uz vietas izdevniecības noliktavā. Ja izdevējam nepieciešams publicēt jaunu tirāžu, grāmatas piegāde var aizkavēties.
  • Formāts: Book, 608 pages, weight: 973 g, 196 Illustrations, unspecified
  • Izdošanas datums: 02-Aug-2019
  • Izdevniecība: McGraw-Hill Education
  • ISBN-10: 1260453200
  • ISBN-13: 9781260453201
Citas grāmatas par šo tēmu:
Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.



Fully updated coverage of every topic on the current version of the GSEC exam



Get complete coverage of all the objectives on Global Information Assurance Certification’s Security Essentials (GSEC) exam inside this comprehensive resource. GSEC GIAC Security Essentials Certification All-in-One Exam Guide, Second Edition provides learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the exam with ease, this authoritative resource also serves as an essential on-the-job reference.

Covers all exam topics, including:
•Networking fundamentals
•Network design
•Cloud computing
•Authentication and access control
•Unix/Linux
•Windows
•Encryption
•Risk management
•Virtual machines
•Vulnerability control
•Malware
•Incident response
•Wireless technologies
•Log Management
•IoT and embedded devices

Online content features:
•Two practice exams
•Test engine that provides full-length practice exams and customizable quizzes 
•Author videos




Acknowledgments xix
Introduction xxi
Exam Objective Map: GSEC Exam xxiv
Chapter 1 Information Security and the GIAC Security Essentials Certification 1(14)
The Evolution and Importance of Security
2(2)
Types of Security Threats
4(6)
Social Engineering
5(1)
Malware
5(1)
Identity Theft
6(2)
Mobile Device Threats
8(1)
Denial of Service
9(1)
Insider Threats
10(1)
About SANS
10(1)
About the GSEC Certification
10(5)
Accreditations
12(1)
Who the Exam Is For
12(1)
About the Exam
12(1)
The Purpose of This Book
13(1)
Test Tips
13(2)
Chapter 2 Networking Fundamentals 15(38)
History of TCP/IP
15(2)
Networking Stacks
17(8)
The OSI Model
18(5)
TCP/IP Architecture
23(2)
Protocols
25(1)
Internet Protocol
26(8)
IP Version
4(22)
Headers
26(3)
Addressing
29(3)
Fragmentation
32(1)
Internet Protocol Version 6
32(2)
Internet Control Message Protocol (ICMP)
34(3)
Transmission Control Protocol (TCP)
37(7)
Reliable Delivery
39(4)
The Mitnick-Shimomura Attack
43(1)
User Datagram Protocol (UDP)
44(1)
Domain Name System (DNS)
45(2)
Chapter Review
47(1)
Questions
48(3)
Answers
51(1)
Exercise Answers
52(1)
Chapter 3 Network Design 53(46)
Cable Types
54(4)
Coaxial Cable
54(1)
Twisted Pair
54(2)
Fiber Optics
56(2)
Network Topologies
58(10)
Bus Topology
58(2)
Star Topology
60(3)
Mesh Topology
63(1)
Full Mesh Topology
64(2)
Ring Topology
66(2)
Switching
68(6)
Ethernet
69(2)
Asynchronous Transfer Mode (ATM)
71(1)
Hubs, Bridges, and Switches
72(2)
Routing
74(5)
Distance Vector Routing
77(1)
Link-State Routing
78(1)
Network Security Technologies
79(14)
Routers
80(2)
Firewalls
82(7)
Intrusion Detection Systems
89(4)
Chapter Review
93(1)
Questions
93(3)
Answers
96(1)
Exercise 3-1 Answer
97(2)
Chapter 4 Authentication and Access Control 99(36)
Authentication
100(20)
Credentials
101(7)
Token-Based Authentication
108(1)
Biometrics
109(4)
RADIUS
113(2)
TACACS/TACACS+
115(1)
Web-Based Authentication
116(4)
Multifactor Authentication
120(1)
Authorization
120(2)
Principle of Least Privilege
121(1)
Accounting
122(1)
Access Control
123(5)
Discretionary Access Control
123(1)
Mandatory Access Control
124(1)
Role-Based Access Control
125(1)
Attribute-Based Access Control
126(1)
Single Sign-On
126(2)
Chapter Review
128(1)
Questions
129(2)
Answers
131(2)
Exercise 4-1 Answer
133(2)
Chapter 5 Cloud Computing 135(28)
Cloud Computing Services
136(13)
Storage as a Service
138(3)
Software as a Service (SaaS)
141(3)
Infrastructure as a Service (IaaS)
144(2)
Platform as a Service (PaaS)
146(2)
Security Considerations
148(1)
Application Design
149(4)
Secure Software Development Lifecycle (S-SDLC)
151(1)
Agile Methodology
152(1)
Deployment Considerations
153(1)
Private Clouds
154(3)
Chapter Review
157(1)
Questions
158(2)
Answers
160(3)
Chapter 6 Unix/Linux 163(50)
Unix History
164(2)
GNU
165(1)
The Kernel
166(3)
Filesystem Layout
169(3)
Using Linux
172(2)
General Utilities
172(1)
File Management
173(1)
Process Management
174(1)
Networking
174(1)
Software Management
174(4)
Debian
175(1)
Red Hat Enterprise Linux/CentOS
176(1)
Slackware
177(1)
Boot Process
178(1)
Process Management
179(6)
Processes and Threads
181(1)
Process Tools
182(2)
Signals
184(1)
System Management
185(3)
Backups
186(1)
Patch Management
187(1)
Job Scheduling
188(1)
User Management
188(3)
Configuration
191(2)
Logging and Log Management
193(5)
Monitoring
196(1)
Auditing
196(2)
Security Tools
198(6)
SELinux
200(1)
Tripwire
201(1)
iptables
202(1)
firewalld
203(1)
AppArmor
204(1)
Hardening Linux
204(3)
Limiting the Number of Packages
205(1)
Removing Unnecessary Services
206(1)
Ensuring Permissions Are Set Appropriately
206(1)
Chapter Review
207(1)
Questions
208(3)
Answers
211(1)
Exercise Answers
212(1)
Chapter 7 Windows 213(66)
Windows History
214(8)
Windows 3.x and Windows NT 3.x
214(1)
Windows 9x, NT 4.0, and Windows 2000
215(3)
Windows XP Through Windows 10
218(2)
Windows 10 and Windows Server
220(2)
Windows Networking
222(12)
Basic Configuration
223(1)
Networking Utilities
224(2)
Securing Windows Networking
226(8)
Resource Management
234(11)
Windows Workgroups vs. Windows Domains
235(1)
Active Directory
236(3)
Users and Groups
239(2)
Resource Sharing
241(1)
Policies and Policy Management
241(4)
Windows Management
245(15)
Automation
247(1)
Configuration
248(1)
Auditing
249(3)
User Rights
252(4)
Permissions
256(1)
Registry
256(3)
PowerShell
259(1)
Windows Security
260(6)
EFS and BitLocker
260(1)
Updates and Hotfixes
261(2)
Service Packs
263(1)
Backups
263(2)
Security Templates
265(1)
Securing Windows Services
266(4)
Securing Windows Services
267(1)
IIS
267(2)
SQL Server
269(1)
Terminal Services
270(1)
Windows as a Service
270(2)
Chapter Review
272(1)
Questions
273(2)
Answers
275(2)
Exercise Answers
277(2)
Chapter 8 Encryption 279(40)
Foundations
281(6)
Security Principles
283(1)
Diffie-Hellman
284(1)
RSA
285(1)
Digest Algorithms
285(2)
Cryptographic Attacks
287(1)
X.509 Certificates
287(4)
Public Key Infrastructure
291(5)
S/MIME
295(1)
Pretty Good Privacy
296(4)
Symmetric Encryption
300(2)
DES and Triple DES
300(1)
AES
301(1)
Asymmetric Encryption
302(2)
SSL and TLS
304(1)
Virtual Private Networks
305(5)
IPSec
308(2)
Steganography
310(2)
Kerberos
312(1)
Chapter Review
313(1)
Questions
313(3)
Answers
316(1)
Exercise Answers
317(2)
Chapter 9 Risk Management 319(32)
Regulatory and Compliance
320(2)
Risk Management
322(9)
Cost-Benefit Analysis
327(1)
Quantitative Risk Assessment
328(1)
Qualitative Risk Assessment
329(1)
Risk Management Strategies
330(1)
Security Policies
331(3)
Data at Rest
334(2)
Contingency Plans
336(1)
Disaster Recovery
336(1)
Incident Handling
337(5)
The Legal Impact of Incidents
342(1)
Information Warfare
342(2)
OPSEC
344(2)
Chapter Review
346(1)
Questions
346(3)
Answers
349(1)
Exercise 9-1 Answer
350(1)
Chapter 10 Virtual Machines 351(30)
Virtual Machine History
351(3)
Emulation and the PC Era
353(1)
Application Virtualization
354(1)
Virtual Memory
354(6)
Paging Algorithms
358(1)
Security Implications
359(1)
Reasons for Virtualizing
360(2)
Hypervisors
362(3)
Virtual Resources
365(4)
Break Outs
367(1)
Malware and Virtualized Resources
368(1)
Containers
369(2)
Security Implications of Containers
370(1)
Other Virtual Machines
371(2)
Chapter Review
373(1)
Questions
374(3)
Answers
377(2)
Exercise 10-1 Answer
379(2)
Chapter 11 Vulnerability Control 381(36)
Network Mapping/Scanning
382(12)
Different Types of Mapping
382(7)
Nmap
389(3)
Application Mapping
392(2)
Vulnerability Scanning
394(4)
Vulnerability Management
398(3)
Vulnerability Exploitation
401(2)
Web Application Security
403(7)
Common Web Vulnerabilities
404(1)
SSL/TLS
405(1)
Cookies
406(1)
CGI
406(2)
AJAX
408(1)
Web Vulnerability Scanning
408(2)
Web Application Firewalls
410(1)
Chapter Review
410(1)
Questions
411(2)
Answers
413(2)
Exercise 11-1 Answer
415(2)
Chapter 12 Malware 417(36)
Types of Malware
418(9)
Virus
418(1)
Worm
419(1)
Trojan Horse
420(2)
Ransomware
422(1)
Rootkit
423(2)
Botnet Client
425(1)
Spyware/Adware
426(1)
Droppers
427(1)
Anti-Virus
427(2)
Anti-Virus Evasion
429(3)
Packing
429(1)
Encryption
430(1)
Code Modifications
431(1)
Domain Generation
431(1)
Infection Vectors
432(6)
"Sneaker Net"
432(1)
E-mail
432(2)
Network
434(1)
Drive-by Attacks
435(1)
Boot Sector/MBR
436(1)
Virus Infections
436(1)
Persistence
437(1)
Malware Analysis
438(9)
Static Analysis
438(4)
Dynamic Analysis
442(4)
Malware Policies
446(1)
Chapter Review
447(1)
Questions
447(3)
Answers
450(2)
Exercise 12-1 Answer
452(1)
Chapter 13 Incident Response 453(26)
Mapping the Attack
454(2)
Preparation
456(10)
Intelligence
458(2)
Policy and Plans
460(4)
Computer Security Incident Response Team
464(2)
Managing the Response
466(7)
Forensic Teams
467(1)
Collecting Data
467(5)
Evidence Handling
472(1)
Communications
472(1)
Legal Implications
473(1)
Chapter Review
473(1)
Questions
474(2)
Answers
476(3)
Chapter 14 Wireless Technologies 479(32)
Radio Transmission
480(5)
Frequency and Spectrum
481(1)
Modulation and Carrier Waves
482(1)
Antennas and Transmissions
483(1)
Receiver
484(1)
Frequency Hopping
485(1)
802.11
485(9)
Encryption
489(2)
Wi-Fi Attacks
491(1)
Cracking and Analysis Utilities
492(2)
MiFi
494(1)
WiMAX
494(1)
Bluetooth
495(6)
Encryption
500(1)
Bluetooth Attacks
500(1)
RFID
501(2)
Near Field Communication
503(1)
Zigbee
503(1)
Chapter Review
504(1)
Questions
505(2)
Answers
507(2)
Exercise 14-1 Answer
509(2)
Chapter 15 Log Management 511(22)
Log Types
512(13)
Syslog
512(3)
Windows Event Logs
515(4)
Network Device Logs
519(3)
Network Infrastructure Logs
522(1)
Application Logs
522(3)
Security Information and Event Manager
525(3)
Chapter Review
528(1)
Questions
529(2)
Answers
531(2)
Chapter 16 Internet of Things (loT) and Embedded Devices 533(22)
The Internet of Things
534(15)
IoT Device Types
535(5)
Finding the "Things"
540(5)
Managing the Things
545(4)
Protocols
549(1)
Industrial Control Systems
549(1)
Chapter Review
550(1)
Questions
551(2)
Answers
553(2)
Appendix About the Online Content 555(4)
System Requirements
555(1)
Your Total Seminars Training Hub Account
555(1)
Privacy Notice
555(1)
Single User License Terms and Conditions
555(2)
TotalTester Online
557(1)
Video Training from the Author
557(1)
Technical Support
557(2)
Permissions 559(2)
Index 561
Ric Messier, CEH, CISSP, is an IT security professional with decades of experience working with service provider and enterprise networks. Ric has been a contributor to Hakin9 and PenTest Magazines and has spoken at Interop, New York. Ric currently teaches networking and security courses to graduate students at Brandeis University and to undergraduates at Champlain College. He has also developed two video training titles on ethical hacking and computer forensics.