Best New Free Computer IT Training Tutorial Resources
Free Computer and I.T. Books

May 4, 2009

Security+ Essentials Online Book

Here is an excellent online book at techotopia, Security+ Essentials Online Book, that provides essential computer and networking security information. This computer security book gives you the knowledge needed to pass the CompTIA Security+ certification exam. It provides a clear understanding of both the threats faced by I.T. and with implementing a comprehensive security infrastructure. The 15 sections cover a variety of computer security topics and will assist anyone who needs to understand these when deploying and administering a secure I.T. environment.

Table of Contents  of Security+ Essentials:

About Security+ Essentials

Mandatory, Discretionary, Role and Rule Based Access Control
 - An Overview of Access Control
 - Mandatory Access Control
 - Discretionary Access Control
 - Role Based Access Control
 - Rule Based Access Control

Authentication and Identity Verification
 - What is Authentication?
 - Username and Password
 - Challenge Handshake Authentication Protocol (CHAP)
 - Kerberos Authentication
 - Mutual Authentication
 - Certificates
 - Authentication using Tokens
 - Biometrics

An Overview of IT Security Threats and Attacks
 - TCP and UDP Based Denial of Service (DoS) Attacks
 - Distributed Denial of Service (DDoS) Attacks
 - Back Door Attacks
 - IP and DNS Spoofing Attacks
 - Man in the Middle Attacks
 - Replay Attacks
 - TCP/IP Hijacking
 - Mathematical Attacks
 - Password Guessing
 - Brute Force Password Attacks
 - Dictionary Password Attacks
 - Password Cracking

Software Exploitation, Malicious Code and Social Engineering
 - Software Exploitation
 - Malicious Code
 - Viruses
 - Trojan Horses
 - Logic Bombs
 - Worms
 - Social Engineering

Identifying Common and Nonessential TCP/IP Ports and Services
 - Understanding Ports and Services
 - Securing Ports and Services
 - Port Scanning
 - Primary TCP/IP Ports and Assignments

Understanding Communications Security
 - Remote Access
 - Virtual Private Network (VPN) Communications
 - Point-to-Point-Tunneling Protocol (PPTP)
 - Layer 2 Tunneling Protocol (L2TP)
 - Internet Protocol Security (IPSec)
 - 802.11x Wireless Connections
 - Dial-Up Access
 - Terminal Access Controller Access Control System (TACACS)
 - Remote Authentication Dial-In User Service (RADIUS)
 - Terminal Access Controller Access Control System Plus(TACACS+)
 - Secure Shell (SSH)

The Basics of Email and Web Security
 - Email Security
 - Pretty Good Privacy (PGP)
 - Secure Multipurpose Internet Mail Extension (S/MIME)
 - Dealing with Spam Email
 - Web Based Security (SSL and TLS)

IT Infrastructure Security
 - Understanding Firewalls
 - Packet-Filtering Firewalls
 - Proxy Service Firewalls
 - Stateful Inspection Firewalls
 - Routers
 - Switches
 - Wireless
 - DSL and Cable Modems
 - Remote Access Service (RAS)
 - Telecom/PBX
 - Virtual Private Networks (VPN)
 - Intrusion Detection Systems (IDSs)
 - Network Monitoring and Diagnostics
 - Simple Network Management Protocol (SNMP)

IT Media Security Basics
 - Cable Media
 - Coax Cable
 - Shielded and Unshielded Twisted Pair Cable (UTP/STP)
 - Fiber Optic Cable
 - Removable Storage Media
 - Hard Drives
 - Diskettes
 - Tape Storage
 - Electronic Media

Network Security Topologies
 - DMZ
 - Internet
 - Intranet
 - Extranet
 - Virtual Local Area Network (VLAN)
 - Network Address Translation (NAT)
 - Tunneling

Intrusion Detection Systems
 - An Overview of Intrusion Detection Systems
 - IDS Architecture
 - Host-based Intrusion Detections Systems (HIDS)
 - Strengths of Host-based Intrusion Detection Systems
 - Weaknesses of Host-based Intrusion Detection Systems
 - Network-based Intrusion Detection Systems (NIDS)
 - Strengths of Network-based Intrusion Detection Systems
 - Weaknesses of Network-based Intrusion Detection Systems
 - Responding to Incidents

Security Baselines and Operating System, Network and Application Hardening
 - Security Baselines
 - Operating System Hardening
 - Network Hardening
 - Application Hardening
 - Web Servers
 - Email Servers
 - FTP Servers
 - DNS Servers

Cryptography Basics
 - What is Cryptography?
 - Algorithms
 - Hashing Algorithms
 - Symmetric Encryption Algorithms
 - Data Encryption Standard (DES)
 - Triple DES (3DES)
 - Advanced Encryption Standard (AES)
 - Blowfish
 - International Data Encryption Algorithm (IDEA)
 - Rivest Cipher (RC2, RC3, RC4, RC5, RC6)
 - Asymmetric Algorithms
 - RSA
 - Diffie-Hellman
 - ElGamal
 - Elliptic Curve Cryptography (ECC)
 - Cryptography Usage
 - Confidentiality
 - Integrity
 - Nonrepudiation
 - Authentication
 - Digital Signatures

An Overview of Public Key Infrastructures (PKI)
 - What is a Public Key Infrastructure?
 - Certificate Authorities (CA)
 - Registration Authorities (RA)
 - Certificate Repositories
 - Digital Certificate Structure
 - Certificate Lifecycles and Key Management
 - Centralized and Decentralized Infrastructures

Tags for this post>> |

Powered by WordPress