Home Page Icon
Home Page
Table of Contents for
Title Page
Close
Title Page
by Ric Messier
GSEC GIAC Security Essentials Certification All-in-One Exam Guide, Second Edition, 2nd Edition
Cover
About the Author
Title Page
Copyright Page
Dedication
Contents at a Glance
Contents
Acknowledgments
Introduction
Exam Objective Map: GSEC Exam
Chapter 1 Information Security and the GIAC Security Essentials Certification
The Evolution and Importance of Security
Types of Security Threats
Social Engineering
Malware
Identity Theft
Mobile Device Threats
Denial of Service
Insider Threats
About SANS
About the GSEC Certification
Accreditations
Who the Exam Is For
About the Exam
The Purpose of This Book
Test Tips
Chapter 2 Networking Fundamentals
History of TCP/IP
Networking Stacks
The OSI Model
TCP/IP Architecture
Protocols
Internet Protocol
IP Version 4 Headers
Addressing
Fragmentation
Internet Protocol Version 6
Internet Control Message Protocol (ICMP)
Transmission Control Protocol (TCP)
Reliable Delivery
The Mitnick–Shimomura Attack
User Datagram Protocol (UDP)
Domain Name System (DNS)
Chapter Review
Questions
Answers
Exercise Answers
Chapter 3 Network Design
Cable Types
Coaxial Cable
Twisted Pair
Fiber Optics
Network Topologies
Bus Topology
Star Topology
Mesh Topology
Full Mesh Topology
Ring Topology
Switching
Ethernet
Asynchronous Transfer Mode (ATM)
Hubs, Bridges, and Switches
Routing
Distance Vector Routing
Link-State Routing
Network Security Technologies
Routers
Firewalls
Intrusion Detection Systems
Chapter Review
Questions
Answers
Exercise 3-1 Answer
Chapter 4 Authentication and Access Control
Authentication
Credentials
Token-Based Authentication
Biometrics
RADIUS
TACACS/TACACS+
Web-Based Authentication
Multifactor Authentication
Authorization
Principle of Least Privilege
Accounting
Access Control
Discretionary Access Control
Mandatory Access Control
Role-Based Access Control
Attribute-Based Access Control
Single Sign-On
Chapter Review
Questions
Answers
Exercise 4-1 Answer
Chapter 5 Cloud Computing
Cloud Computing Services
Storage as a Service
Software as a Service (SaaS)
Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Security Considerations
Application Design
Secure Software Development Lifecycle (S-SDLC)
Agile Methodology
Deployment Considerations
Private Clouds
Chapter Review
Questions
Answers
Chapter 6 Unix/Linux
Unix History
GNU
The Kernel
Filesystem Layout
Using Linux
General Utilities
File Management
Process Management
Networking
Software Management
Debian
Red Hat Enterprise Linux/CentOS
Slackware
Boot Process
Process Management
Processes and Threads
Process Tools
Signals
System Management
Backups
Patch Management
Job Scheduling
User Management
Configuration
Logging and Log Management
Monitoring
Auditing
Security Tools
SELinux
Tripwire
iptables
firewalld
AppArmor
Hardening Linux
Limiting the Number of Packages
Removing Unnecessary Services
Ensuring Permissions Are Set Appropriately
Chapter Review
Questions
Answers
Exercise Answers
Chapter 7 Windows
Windows History
Windows 3.x and Windows NT 3.x
Windows 9x, NT 4.0, and Windows 2000
Windows XP Through Windows 10
Windows 10 and Windows Server
Windows Networking
Basic Configuration
Networking Utilities
Securing Windows Networking
Resource Management
Windows Workgroups vs. Windows Domains
Active Directory
Users and Groups
Resource Sharing
Policies and Policy Management
Windows Management
Automation
Configuration
Auditing
User Rights
Permissions
Registry
PowerShell
Windows Security
EFS and BitLocker
Updates and Hotfixes
Service Packs
Backups
Security Templates
Securing Windows Services
Securing Windows Services
IIS
SQL Server
Terminal Services
Windows as a Service
Chapter Review
Questions
Answers
Exercise Answers
Chapter 8 Encryption
Foundations
Security Principles
Diffie-Hellman
RSA
Digest Algorithms
Cryptographic Attacks
X.509 Certificates
Public Key Infrastructure
S/MIME
Pretty Good Privacy
Symmetric Encryption
DES and Triple DES
AES
Asymmetric Encryption
SSL and TLS
Virtual Private Networks
IPSec
Steganography
Kerberos
Chapter Review
Questions
Answers
Exercise Answers
Chapter 9 Risk Management
Regulatory and Compliance
Risk Management
Cost-Benefit Analysis
Quantitative Risk Assessment
Qualitative Risk Assessment
Risk Management Strategies
Security Policies
Data at Rest
Contingency Plans
Disaster Recovery
Incident Handling
The Legal Impact of Incidents
Information Warfare
OPSEC
Chapter Review
Questions
Answers
Exercise 9-1 Answer
Chapter 10 Virtual Machines
Virtual Machine History
Emulation and the PC Era
Application Virtualization
Virtual Memory
Paging Algorithms
Security Implications
Reasons for Virtualizing
Hypervisors
Virtual Resources
Break Outs
Malware and Virtualized Resources
Containers
Security Implications of Containers
Other Virtual Machines
Chapter Review
Questions
Answers
Exercise 10-1 Answer
Chapter 11 Vulnerability Control
Network Mapping/Scanning
Different Types of Mapping
Nmap
Application Mapping
Vulnerability Scanning
Vulnerability Management
Vulnerability Exploitation
Web Application Security
Common Web Vulnerabilities
SSL/TLS
Cookies
CGI
AJAX
Web Vulnerability Scanning
Web Application Firewalls
Chapter Review
Questions
Answers
Exercise 11-1 Answer
Chapter 12 Malware
Types of Malware
Virus
Worm
Trojan Horse
Ransomware
Rootkit
Botnet Client
Spyware/Adware
Droppers
Anti-Virus
Anti-Virus Evasion
Packing
Encryption
Code Modifications
Domain Generation
Infection Vectors
“Sneaker Net”
E-mail
Network
Drive-by Attacks
Boot Sector/MBR
Virus Infections
Persistence
Malware Analysis
Static Analysis
Dynamic Analysis
Malware Policies
Chapter Review
Questions
Answers
Exercise 12-1 Answer
Chapter 13 Incident Response
Mapping the Attack
Preparation
Intelligence
Policy and Plans
Computer Security Incident Response Team
Managing the Response
Forensic Teams
Collecting Data
Evidence Handling
Communications
Legal Implications
Chapter Review
Questions
Answers
Chapter 14 Wireless Technologies
Radio Transmission
Frequency and Spectrum
Modulation and Carrier Waves
Antennas and Transmissions
Receiver
Frequency Hopping
802.11
Encryption
Wi-Fi Attacks
Cracking and Analysis Utilities
MiFi
WiMAX
Bluetooth
Encryption
Bluetooth Attacks
RFID
Near Field Communication
Zigbee
Chapter Review
Questions
Answers
Exercise 14-1 Answer
Chapter 15 Log Management
Log Types
Syslog
Windows Event Logs
Network Device Logs
Network Infrastructure Logs
Application Logs
Security Information and Event Manager
Chapter Review
Questions
Answers
Chapter 16 Internet of Things (IoT) and Embedded Devices
The Internet of Things
IoT Device Types
Finding the “Things”
Managing the Things
Protocols
Industrial Control Systems
Chapter Review
Questions
Answers
Appendix About the Online Content
System Requirements
Your Total Seminars Training Hub Account
Privacy Notice
Single User License Terms and Conditions
TotalTester Online
Video Training from the Author
Technical Support
Permissions
Index
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
About the Author
Next
Next Chapter
Copyright Page
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset