INTRODUCTION. 1: Introduction to Security. 2: Malware and Social Engineering Attacks. 3: Application and Network Attacks. 4: Vulnerability Assessment and Mitigating Attacks. 5: Host, Application, and Data Security. 6: Network Security. 7: Administering a Secure Network. 8: Wireless Network Security. 9: Access Control Fundamentals. 10: Authentication and Account Management. 11: Basic Cryptography. 12: Advanced Cryptography. 13: Business Continuity. 14: Risk Mitigation. APPENDIX A: CompTIA SY0-301 Certification Exam Objectives. APPENDIX B: Downloads and Tools for Hands-On Projects. APPENDIX C: Security Web Sites. APPENDIX D: Selected TCP/IP Ports and Their Threats. APPENDIX E: Sample Internet and E-Mail Acceptable Use Policies. APPENDIX F: Information Security Community Site. GLOSSARY. INDEX.
Dr. Mark Ciampa is an Associate Professor of Information Systems in the Gordon Ford College of Business at Western Kentucky University in Bowling Green, Kentucky. Prior to this he was an Associate Professor and served as the Director of Academic Computing at Volunteer State Community College in Gallatin, Tennessee for 20 years. Mark has worked in the IT industry as a computer consultant for businesses, government agencies, and educational institutions. He has published over 20 articles in peer-reviewed journals and is also the author of over 25 technology textbooks, including Security+ Guide to Network Security Fundamentals 6e, CWNA Guide to Wireless LANs 3ed, Guide to Wireless Communications, Security Awareness: Applying Practical Security In Your World 5ed, and Networking BASICS. Dr. Ciampa holds a PhD in technology management with a specialization in digital communication systems from Indiana State University and has certifications in Security+ and HIT.
"Clear and Concise coverage of a difficult and dynamic subject.
Engaging for students, using examples and stories."
"Yes, this chapter introduces a wide array of technical terminology, in which the author does a fantastic job of breaking it down so that novice learners can comprehend it. Yes, the examples in this chapter are excellent in that they allow the reader to relate to the technical concepts in a comparative way. The Hands-on Projects for this chapter tie in well with the material presented. I believe that they provide students with several different ways to see how some of the attacks explained in the chapter are executed and how they can be prevented. I am now officially excited about the publication of this text, wish it was available for the Summer 2011 section that I am teaching using the 3rd edition."
"An excellent introduction to different types of Malware. An excellent coverage of Social Engineering techniques. Chapter one gives an overview of Information Security and threats. The fact that author has included one of the most current security threat (Stuxnet) at the beginning of the chapter is excellent. This will get the attention of the learners."