WARNING: This site is intended for online use only; mass-downloading of pages degrades the server and is prohibited.
If you attempt to use tools to mass-download the site, you may be blocked permanently by automated software.
If you want to read this CertiGuide offline, please use one of the links on the left to purchase a convenient PDF copy. Thank you.

Like this CertiGuide? Get it in PDF format!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Google
Web CertiGuide






Table Of Contents  CertiGuide to Security+

Previous Topic/Section
2.9  Success Answers
Previous Page
Pages in Current Topic/Section
1
Next Page
 Getting Ready for Chapter 3 - Questions
Next Topic/Section

Chapter 3:  Infrastructure Security (Domain 3.0; 20%)

“Things alter for the worse spontaneously, if they be not altered for the better designedly."
-- Francis Bacon

Chapter Objectives

The objective of this chapter is to provide the reader with an understanding of the following:

Domain 3.0: Infrastructure Security - 20%

3.1 Understand security concerns and concepts of the following types of devices:

  • Firewalls; Routers; Switches; Wireless; Modems

  • RAS (Remote Access Server); Telecom / PBX (Private Branch Exchange)

  • VPN (Virtual Private Network); IDS (Intrusion Detection System)

  • Network Monitoring / Diagnostics; Workstations; Servers; Mobile Devices

3.2 Understand the security concerns for the following types of media:

    • Coaxial Cable; UTP / STP; Fiber Optic Cable

    • Removable Media (Tape; CD-R; Hard Drive; Diskette; Flashcard; Smartcard)

3.3 Understand the concepts behind the following kinds of Security Topologies:

    • Security Zones (DMZ; Intranet; Extranet); VLANs (Virtual Local Area Network)

    • NAT (Network Address Translation); Tunneling

3.4 Differentiate the following types of intrusion detection, be able to explain the concepts of each type, and understand the implementation and configuration of each kind of intrusion detection system:

    • Network Based (Active Detection; Passive Detection)

    • Host Based (Active Detection; Passive Detection)

    • Honey Pots; Incident Response

3.5 Understand the following concepts of Security Baselines, be able to explain what a Security Baseline is, and understand the implementation and configuration of each :

    • OS / NOS Hardening (File System; Updates: Hotfixes, Service Packs, Patches)

    • Network Hardening (Firmware Updates; Configuration: Enabling and Disabling Services and Protocols, Access Control Lists)

    • Application Hardening (Updates; Web Servers; E-mail Servers; FTP Servers; DNS Servers; NNTP Servers; File / Print Servers; DHCP Servers; Data Repositories: Directory Services, Databases)

Quick navigation to subsections and regular topics in this section



Previous Topic/Section
2.9  Success Answers
Previous Page
Pages in Current Topic/Section
1
Next Page
 Getting Ready for Chapter 3 - Questions
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $


Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.