Syngress knows what passing the exam means to you and to your career. And we know that you are often financing your own training and certifi- cation; therefore, you need a system that is com- prehensive, affordable, and effective. Boasting a one-of-a-kind integration of text, DVD- quality instructor-led training, and Web-based exam simulation

and remediation, Syngress Study Guide & DVD Training Systems give you 100%

coverage of exam objectives plus test preparation software.

  What you will find between the covers of this book (and in your free access to our Web site!), is $2,000 worth of training wrapped in a $60 book/DVD/Web- enhanced training system, including:

  ■ Study Guide with 100% coverage of exam objectives By reading this study guide and following the corresponding objective list, you can be sure that you have studied 100% of CompTIA’s Security+ exam objectives.

  ■ Instructor-led DVD This DVD provides almost two hours of virtual classroom instruction.

  ■ Web-based practice exams Just visit us at www.syngress.com/ certification to access a complete exam simulation.

  The book you’re now holding is your key to this amazing site. Just go to

www.syngress.com/certification, and keep this book handy when you register to

verify your purchase. Thank you for giving us the opportunity to serve your certification needs. And be sure to let us know if there’s anything else we can do to help you get the maximum value from your investment. We’re listening. www.syngress.com/certification

  Michael Cross Norris L. Johnson, Jr. Tony Piltzecker Technical Editor

  Robert J. Shimonski Technical Editor

  Debra Littlejohn Shinder

  Syngress Publishing, Inc., the author(s), and any person or firm involved in the writing, editing, or

production (collectively “Makers”) of this book (“the Work”) do not guarantee or warrant the results

to be obtained from the Work.

There is no guarantee of any kind, expressed or implied, regarding the Work or its contents.The Work

is sold AS IS and WITHOUT WARRANTY. You may have other legal rights, which vary from state

to state. In no event will Makers be liable to you for damages, including any loss of profits, lost savings, or other incidental or consequential damages arising out from the Work or its contents. Because some

states do not allow the exclusion or limitation of liability for consequential or incidental damages, the

above limitation may not apply to you.

  You should always use reasonable care, including backup and other appropriate precautions, when working with computers, networks, data, and files. Syngress Media®, Syngress®,“Career Advancement Through Skill Enhancement®,” and “Ask the

Author UPDATE®,” are registered trademarks of Syngress Publishing, Inc. “Mission Critical™,”“Hack

Proofing®,” and “The Only Way to Stop a Hacker is to Think Like One™” are trademarks of Syngress

Publishing, Inc. Brands and product names mentioned in this book are trademarks or service marks of their respective companies.

KEY SERIAL NUMBER

  001 JE5RFB8YHQ 002 ZQ9PLG45FC 003

  6YPMN43ED2 004

  VT56YHB23S 005

  3U3S8M5PTR 006 ESB7NX6C46 007 G2A8DQ4EPK 008

  9UKMBRD7J6 009 SHWP7V64KF 010 Z5VF7BM39U PUBLISHED BY Syngress Publishing, Inc.

  800 Hingham Street Rockland, MA 02370 Security+ Study Guide and DVD Training System Copyright © 2002 by Syngress Publishing, Inc. All rights reserved. Printed in the United States of America. Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher, with the exception that the program listings may be entered, stored, and executed in a computer system, but they may not be reproduced for publication. Printed in the United States of America 1 2 3 4 5 6 7 8 9 0

  ISBN: 1-931836-72-8 Technical Editors: Robert J. Shimonski and Cover Designer: Michael Kavish Debra Littlejohn Shinder Page Layout and Art by: Shannon Tozier Technical Reviewer: Diana Huggins Copy Editor: Judy Eby

  Acquisitions Editor: Catherine B. Nolan Indexer: Nara Wood DVD Production: Michael Donovan Distributed by Publishers Group West in the United States and Jaguar Book Group in Canada.

  Acknowledgments

  We would like to acknowledge the following people for their kindness and support in making this book possible. Karen Cross, Lance Tilford, Meaghan Cunningham, Kim Wylie, Harry Kirchner, Kevin Votel, Kent Anderson, Frida Yara, Jon Mayes, John Mesjak, Peg O’Donnell, Sandra Patterson, Betty Redmond, Roy Remer, Ron Shapiro, Patricia Kelly, Andrea Tetrick, Jennifer Pascal, Doug Reil, David Dahl, Janis Carpenter, and Susan Fryer of Publishers Group West for sharing their incredible marketing experience and expertise. Duncan Enright, AnnHelen Lindeholm, David Burton, Febea Marinetti, and Rosie Moss of Elsevier Science for making certain that our vision remains worldwide in scope. David Buckland,Wendi Wong, Daniel Loh, Marie Chieng, Lucy Chong, Leslie Lim, Audrey Gan, and Joseph Chan of Transquest Publishers for the enthusiasm with which they receive our books. Kwon Sung June at Acorn Publishing for his support. Jackie Gross, Gayle Voycey, Alexia Penny, Anik Robitaille, Craig Siddall, Darlene Morrow, Iolanda Miller, Jane Mackay, and Marie Skelly at Jackie Gross & Associates for all their help and enthusiasm representing our product in Canada. Lois Fraser, Connie McMenemy, Shannon Russell, and the rest of the great folks at Jaguar Book Group for their help with distribution of Syngress books in Canada. David Scott, Annette Scott, Geoff Ebbs, Hedley Partis, Bec Lowe, and Tricia Herbert of Woodslane for distributing our books throughout Australia, New Zealand, Papua New Guinea, Fiji Tonga, Solomon Islands, and the Cook Islands. Winston Lim of Global Publishing for his help and support with distribution of Syngress books in the Philippines.

  v v

  Contributors Norris L. Johnson, Jr. (MCSA, MCSE, MCT, CTT+, A+, Network+,

  CCNA) is a technology trainer and owner of a consulting company in the Seattle-Tacoma area. His consultancies have included deployments and security planning for local firms and public agencies, as well as providing services to other local computer firms in need of problem solving and solutions for their clients. He specializes in Windows NT 4.0,Windows 2000, and Windows XP issues, providing planning, implementation, and integration services. In addition to consulting work, Norris provides technical training for clients and teaches for area community and tech- nical colleges in the classroom. He has co-authored Configuring and

  

Troubleshooting Windows XP Professional (Syngress Publishing, ISBN:

  1-928994-80-6) and Hack Proofing Your Network, Second Edition (Syngress,

  ISBN: 1-928994-70-9), and performed technical edits and reviews on

  Hack Proofing Windows 2000 Server (Syngress, ISBN: 1-931836-49-3)

  and Windows 2000 Active Directory, Second Edition (Syngress, ISBN: 1-928994-60-1). Norris holds a bachelor’s degree from Washington State University. He is deeply appreciative of the support of his wife, Cindy, and three sons in helping to maintain his focus and efforts toward computer training and education.

F. William Lynch (SCSA, CCNA, LPI-I, MCSE, MCP, Linux+, A+) is

  co-author for Hack Proofing Sun Solaris 8 (Syngress Publishing, ISBN: 1-928994-44-X), Hack Proofing XML (Syngress, ISBN: 1-931836-50-7), and Hack Proofing Your Network, Second Edition (Syngress, ISBN: 1-928994-70-9). He is an independent security and systems administra- tion consultant and specializes in firewalls, virtual private networks, secu- rity auditing, documentation, and systems performance analysis.William has served as a consultant to multinational corporations and the Federal government including the Centers for Disease Control and Prevention headquarters in Atlanta, GA as well as various airbases of the United States Air Force. He is also the founder and director of the MRTG-PME project, which uses the MRTG engine to track systems performance of

  vii various UNIX-like operating systems.William holds a bachelor’s degree in Chemical Engineering from the University of Dayton in Dayton, OH and a master’s of Business Administration from Regis University in Denver, CO.

  

Jeremy Faircloth (CCNA, MCSE, MCP+I, A+) is a Senior IT Engineer

  for Gateway, Inc., where he develops and maintains enterprise-wide client/server and Web-based technologies. He also acts as a technical resource for other IT professionals, using his expertise to help others expand their knowledge. As an analyst with over 10 years of real world IT experience, he has become an expert in many areas including Web devel- opment, database administration, enterprise security, network design, and project management. Jeremy currently resides in Dakota City, NE and wishes to thank Christina Williams and Austin Faircloth for their support in his various technical endeavors.

  Tony Piltzecker (CISSP, MCSE, CCNA, Check Point CCSA, Citrix

  CCA), author of the CCSA Exam Cram, is a Network Architect with Planning Systems Inc., providing network design and support for federal and state agencies.Tony’s specialties include network security design, implementation, and testing.Tony’s background includes positions as a Senior Networking Consultant with Integrated Information Systems and a Senior Engineer with Private Networks, Inc.Tony holds a bachelor’s degree in Business Administration, and is a member of ISSA.Tony cur- rently resides in Leominster, MA with his wife, Melanie, and his daughter, Kaitlyn.

  Tony Bautts is an independent security consultant currently providing security advice and architecture for clients in the San Francisco Bay Area.

  His specialties include wireless security and deployment, intrusion detec- tion systems, post-intrusion forensics and firewall and secure infrastructure design. His security experience has led him to work with Fortune 500 companies in the United States and Japan. He is also co-author of Hack

  

Proofing Your Wireless Network (Syngress Publishing, ISBN: 1-928994-59-8)

  and Nokia Network Security Solutions Handbook (Syngress, ISBN: 1-931836-

  viii

  70-1), and the technical reviewer of Configuring IPv6 for Cisco IOS (Syngress, ISBN: 1-928994-84-9).

  Michael Cross (MCSE, MCP+I, CNA, Network+) is an Internet

  Specialist and Programmer with the Niagara Regional Police Service, and has also served as their Network Administrator. He performs computer forensic examinations on computers involved in criminal investigations, and has consulted and assisted in cases dealing with computer-related/ Internet crimes. He is responsible for designing and maintaining their Web site at www.nrps.com, as well as their Intranet. He programs applica- tions used by various units of the Police Service, has been responsible for network security and administration, and continues to assist in this regard. Michael is part of an Information Technology team that provides support to a user base of over 800 civilian and uniform users. His theory is that when the users carry guns, you tend to be more motivated in solving their problems.

  Michael also owns KnightWare, a company that provides Web page design and various other services. In addition to this company, he has been a freelance writer for several years, and published over three dozen times in numerous books and anthologies. He is a contributing author to

  

Scene of the Cybercrime: Computer Forensics Handbook (Syngress Publishing,

  ISBN: 1-931836-65-5). He currently resides in St. Catharines, Ontario, Canada with his lovely wife, Jennifer, and his darling daughter, Sara.

  

Will Schmied (BSET, MCSE, CWNA, MCSA, Network+, A+), consul-

  tant and author, is the Principal Partner of Area 51 Partners.Will holds a bachelor’s degree in Mechanical Engineering Technology from Old Dominion University.Will is the technical reviewer of Configuring and

  Troubleshooting Windows XP Professional (Syngress Publishing, ISBN:

  1-928994-80-6) and the author of the forthcoming MCSE Implementing

  & Administering Security in a Windows 2000 Network (Syngress, ISBN:

  1-931836-84-1).Will currently resides in Newport News,VA with his wife, Allison, and their children, Christopher, Austin, Andrea, and Hannah. When he is not busy designing, configuring, training, or writing on wire- less and wired networking technologies, you can usually find him in the back yard with his dogs or in the forest with his Cub Scout pack.

  ix

  

Ido Dubrawsky (CCNA, SCSA) has been working as a UNIX/

  Network Administrator for over 10 years. He has experience with a variety of UNIX operating systems including Solaris, Linux, BSD, HP- UX, AIX, and Ultrix. He was previously a member of Cisco’s Secure Consulting Service providing security posture assessments to Cisco cus- tomers and is currently a member of the SAFE architecture team. Ido has written articles and papers on topics in network security such as IDS, configuring Solaris virtual private networks, and wireless security. Ido is a contributing author for Hack Proofing Sun Solaris 8 (Syngress Publishing,

  ISBN: 1-928994-44-X) and Hack Proofing Your Network, Second Edition (Syngress, ISBN: 1-928994-70-9) When not working on network security issues or traveling to conferences, Ido spends his free time with his wife and their children.

  

Technical Editors and Contributors

Robert J. Shimonski (Sniffer SCP, Cisco CCDP, CCNP, Nortel

  NNCSS, MCSE, MCP+I, Master CNE, CIP, CIBS, CWP, CIW, GSEC, GCIH, Server+, Network+, i-Net+, A+, e-Biz+,TICSA, SPS) is the Lead Network Engineer and Security Analyst for a leading manufacturer and provider of linear motion products and engineering. One of Robert’s pri- mary responsibilities is to use multiple network analysis tools on a daily basis to monitor, baseline, and troubleshoot an enterprise network com- prised of a plethora of protocols and media technologies. In Robert’s many years of performing high and low level network design and analysis, he has been able to utilize a methodology of troubleshooting and analysis for not only large enterprises, but also for small to medium sized compa- nies looking to optimize their WANs, LANs, and security infrastructure.

  Robert currently hosts an online forum for TechTarget.com and is referred to as the “Network Management Answer Man,” where he offers solutions on a daily basis to seekers of network analysis and management advice. Robert’s other specialties include network infrastructure design

  x with the Cisco and Nortel product line for enterprise networks. Robert also provides network and security analysis using Sniffer Pro, Etherpeek, the CiscoSecure Platform (including PIX Firewalls), and Norton’s AntiVirus Enterprise Software.

  Robert has contributed to many articles, study guides and certifica- tion preparation software,Web sites, and organizations worldwide, including MCP Magazine,TechTarget.com, BrainBuzz.com, and SANS.org. Robert’s background includes positions as a Network Architect at Avis Rent A Car and Cendant Information Technology. Robert holds a bachelor’s degree from SUNY, NY and is a part time Licensed Technical Instructor for Computer Career Center in Garden City, NY teaching Windows-based and Networking Technologies. Robert is also a contributing author for Configuring and Troubleshooting Windows

  

XP Professional (Syngress Publishing, ISBN: 1-928994-80-6) BizTalk Server

2000 Developer’s Guide for .NET (Syngress, ISBN: 1-928994-40-7), and Sniffer Pro Network Optimization & Troubleshooting Handbook (Syngress, ISBN: 1-931836-57-4).

  

Debra Littlejohn Shinder (MCSE) is author of Scene of the Cybercrime:

Computer Forensics Handbook (Syngress Publishing, ISBN: 1-931836-65-5),

  co-author of Configuring ISA Server 2000: Building Firewalls for Windows

  

2000 (Syngress, ISBN: 1-928994-29-6) and Troubleshooting Windows 2000

TCP/IP (Syngress, ISBN: 1-928994-11-3), as well as contributor to

  numerous other technical books. Deb contributed significant portions from Scene of the Cybercrime to Security+ Study Guide and DVD Training

  System. Along with her husband, Dr.Thomas W. Shinder, Deb does net-

  work consulting in the Dallas-Ft.Worth area, designs Web sites for busi- nesses, municipalities and non-profit organizations, and teaches in the Dallas County Community College District’s technical training programs. As a former police officer and Police Academy instructor, she specializes in computer/network security and forensics.

  Deb has written hundreds of articles for Web and print publications such as TechRepublic, CNET, Swynk.com, BrainBuzz.com, and WinXP

  

News. She has also written numerous online courses for DigitalThink, Inc.

  and prepared curricula for classroom instruction. She has contributed to Microsoft’s TechNet, and speaks at conferences such as the BlackHat

  xi Security Briefings and Certification Expo. She edits the A+ weekly newsletter for CramSession and writes a weekly feature for the Net

  Admin News.

  Deb has been writing since she finished her first (still unpublished) novel in ninth grade. She edited her high school and college newspapers and wrote and edited newsletters for city employees and police associa- tions. Prior to entering the tech field, she had articles published in law enforcement and self-help psychology publications. She is a member of the IEEE’s IPv6 Working Group and has written and tech edited ques- tions for various certification practice exams.

  Technical Reviewer Diana Huggins (MCSE, MCT, A+, I-NET+, Server+) currently works

  as an independent consultant providing technical services ranging from implementation and design to troubleshooting and optimization to var- ious clients in Winnipeg, Manitoba, Canada. Prior to this, Diana has held positions as s Senior Systems Consultant, Network Administrator, and Technical Trainer. She also provides authoring services for different pub- lishers throughout the United States and has co-authored several publica- tions including a Server+ study guide. Diana holds a bachelor’s of Education degree from the University of Manitoba and has spent several years working in the field of adult education.

  xii xiii About the Security+ Study Guide and DVD Training System

  In this book, you’ll find lots of interesting sidebars designed to highlight the most important concepts being presented in the main text.These include the following:

  ■ Exam Warnings focus on specific elements on which the reader needs to

  focus in order to pass the exam (for example, “Be sure you know the differ- ence between symmetric and asymmetric encryption.”).

  ■ Test Day Tips are short tips that will help you in organizing and remem-

  bering information for the exam (for example, “When preparing for the exam on test day, it may be helpful to have a sheet with definitions of abbreviations and acronyms handy for a quick last-minute review.”).

  ■ Notes from the Underground contain background information that goes

  beyond what you need to know from the exam, providing a deep founda- tion for understanding the security concepts discussed in the text.

  ■ Damage and Defense relate real-world experiences to security exploits while outlining defensive strategies.

  ■ Head of the Class discussions are based on the author’s interactions with

  students in live classrooms and the topics covered here are the ones students have the most problems with. Each chapter also includes hands-on exercises in planning and configuring the security measures discussed. It is important that you work through these exercises in order to be confident you know how to apply the concepts you have just read about.

  You will find a number of helpful elements at the end of each chapter. For example, each chapter contains a Summary of Exam Objectives that ties the topics dis- cussed in that chapter to the specific objectives published by CompTIA. Each chapter also contains an Exam Objectives Fast Track, which boils all exam objectives down to manageable summaries that are perfect for last minute review.The Exam

  Objectives Frequently Asked Questions answers those questions that most often arise

  from readers and students regarding the topics covered in the chapter. Finally, in the

  

Self Test section, you will find a set of practice questions written in a multiple-choice

  form similar to those you will encounter on the exam.You can use the Self Test

  Quick Answer Key that follows the Self Test questions to quickly determine what information you need to review again.The Self Test Appendix at the end of the book provides all of the questions along with detailed explanations of both the correct and incorrect answers.

  Additional Resources

  There are two other important exam preparation tools included with this Study Guide. One is the DVD included in the back of this book.The other is the practice exam available from our Web site.

  ■ Instructor-led training DVD provides you with almost two hours of virtual classroom instruction. Sit back and watch as author Rob

  Shimonski reviews all the key exam concepts from the perspective of someone taking the exam for the first time. Rob cuts through all of the noise to prepare you for exactly what to expect when you take the exam for the first time.You will want to watch this DVD just before you head out to the testing center!

  ■ Web-based practice exams. Visit us at www.syngress.com/certification

  to access a complete Security+ Exam Simulation.These exams are written to test you on all of CompTIA’s published certification objectives.The exam simulator runs in both “live” and “practice” mode. Use “live” mode first to get an accurate gauge of your knowledge and skills, and then use practice mode to launch an extensive review of the questions that gave you trouble.

  xiv

  Table of Contents and Security+ Exam Objectives All of CompTIA’s published objectives for the Security+ exam are covered in this book. To help you easily find the sections that directly support particular objectives, we’ve referenced the domain and objective number next to the corresponding text in the following Table of Contents. In some chap- ters, we’ve made the judgment that it is probably easier for the student to cover objectives in a slightly different sequence than the order of the published CompTIA objectives. By reading this study guide and following the corresponding exam objective list, you can be sure that you have studied 100% of CompTIA’s Security+ exam objectives. xv

  ™ Domain 1.0 General Security Concepts …………………………1

Chapter 1 Access Control, Authentication, and Auditing ……3 Introduction…………………………………………………………4 Introduction to AAA ………………………………………………4 What is AAA? …………………………………………………5 Access Control ………………………………………………6 Authentication ………………………………………………6 Auditing ……………………………………………………7

1.1 Access Control………………………………………………………7

1.1.1 MAC/DAC/RBAC ……………………………………………8

  MAC…………………………………………………………8 DAC …………………………………………………………9 RBAC………………………………………………………10

1.2 Authentication ……………………………………………………12

  1.2.1 Kerberos ………………………………………………………17

  1.2.2 CHAP …………………………………………………………20

  1.2.3 Certificates ……………………………………………………21

  1.2.4 Username/Password……………………………………………22

  1.2.5 Tokens …………………………………………………………23

  1.2.6 Multi-Factor …………………………………………………24

  xvi Contents

  

1.2.7 Mutual Authentication…………………………………………25

  

1.2.8 Biometrics ……………………………………………………26

  Auditing ……………………………………………………………27 Auditing Systems ………………………………………………27 Logging ………………………………………………………32 System Scanning ………………………………………………32

1.3 Disabling Non-Essential Services, Protocols, Systems

  and Processes ……………………………………………………34 Non-Essential Services…………………………………………34 Non-Essential Protocols ………………………………………35 Disabling Non-Essential Systems ………………………………36 Disabling Non-Essential Processes ……………………………36 Disabling Non-Essential Programs ……………………………36

  Summary of Exam Objectives ……………………………………40 Exam Objectives Fast Track ………………………………………41 Exam Objectives Frequently Asked Questions ……………………43 Self Test ……………………………………………………………44 Self Test Quick Answer Key ………………………………………52

Chapter 2 Attacks …………………………………………………53

1.4 Attacks ……………………………………………………………54

  Active Attacks ……………………………………………………55

  

1.4.1 DoS/DDoS ……………………………………………………56

  Resource Consumption Attacks ……………………………57

  

1.4.1 DDoS Attacks ………………………………………………58

  

1.4.12 Software Exploitation and Buffer Overflows …………………63

  SYN Attacks …………………………………………………64

  

1.4.3 Spoofing ………………………………………………………65

  

1.4.4 Man in the Middle Attacks ……………………………………69

  

1.4.5 Replay Attacks …………………………………………………70

  

1.4.6 TCP/IP Hijacking ……………………………………………71

  Wardialing ……………………………………………………71 Dumpster Diving ………………………………………………72

  

1.6 Social Engineering ……………………………………………72

  Passive Attacks ……………………………………………………73

  

1.7 Vulnerability Scanning …………………………………………74

  Sniffing and Eavesdropping ……………………………………75

1.4.11 Password Attacks …………………………………………………76

  Contents xvii

  1.4.11.1 Brute Force Attacks ……………………………………………76

  1.4.11.2 Dictionary-Based Attacks………………………………………77

1.5 Malicous Code Attacks ……………………………………………77

  Malware ………………………………………………………77

  1.5.1 Viruses ……………………………………………………78

  1.5.2 Trojan Horses ………………………………………………80

  1.5.3 Logic Bombs ………………………………………………83

  1.5.4 Worms ……………………………………………………83

  1.4.2 Back Door ……………………………………………………84

  Summary of Exam Objectives ……………………………………86 Exam Objectives Fast Track ………………………………………87 Exam Objectives Frequently Asked Questions ……………………89 Self Test ……………………………………………………………90 Self Test Quick Answer Key ………………………………………94

  ™ Domain 2.0 Communication Security …………………………95

Chapter 3 Remote Access and E-mail …………………………97 Introduction ………………………………………………………98 The Need for Communication Security …………………………98 Communications-Based Security………………………………99

  1.1.2 VPN …………………………………………………………105

  Site-to-Site VPN …………………………………………105 Remote Access VPN………………………………………107

  1.1.3 RADIUS ……………………………………………………108

  Authentication Process ……………………………………109 Vulnerabilities ……………………………………………109

  1.1.4 TACACS/+ …………………………………………………110

  TACACS …………………………………………………110

  XTACACS ………………………………………………110 TACACS+ ………………………………………………111 Vulnerabilities ……………………………………………112

  1.1.5 PPTP/L2TP …………………………………………………113

  PPTP ……………………………………………………113

  1.1 Remote Access Security …………………………………………100 1.1.1 802.1x ………………………………………………………100

  EAP ………………………………………………………102 Vulnerabilities ……………………………………………103

  xviii Contents

  L2TP………………………………………………………116

  

1.1.6 SSH …………………………………………………………118

  How SSH Works …………………………………………118

  1.1.7 IPSec …………………………………………………………118

  IPSec Authentication ……………………………………121

  ISAKMP …………………………………………………121

  

1.1.8 Vulnerabilities…………………………………………………122

  Eavesdropping ……………………………………………122 Data Modification…………………………………………122 Identity Spoofing …………………………………………123 User Vulnerabilities and Errors ……………………………123 Administrator Vulnerabilities and Errors …………………123

1.2 E-mail Security …………………………………………………124

  

1.2.1 MIME ………………………………………………………127

  

1.2.1 S/MIME ……………………………………………………127

  

1.2.2 PGP …………………………………………………………128

  How PGP Works …………………………………………129 PGP Interface Integration…………………………………129

  

1.2.3 Vulnerabilities…………………………………………………135

  SMTP Relay ………………………………………………136 E-mail and Viruses ………………………………………139

  

1.2.3.1 Spam ………………………………………………………141

  

1.2.3.2 Hoaxes ……………………………………………………142

  Summary of Exam Objectives ……………………………………144 Exam Objectives Fast Track ………………………………………147 Exam Objectives Frequently Asked Questions …………………149 Self Test …………………………………………………………151 Self Test Quick Answer Key………………………………………158

Chapter 4 Wireless ………………………………………………159 Introduction ………………………………………………………160

1.6 Wireless Concepts ………………………………………………160

  Understanding Wireless Networks……………………………160 Overview of Wireless Communication in a

  Wireless Network …………………………………………161 Radio Frequency Communications ………………………161 Spread Spectrum Technology ……………………………163

  Contents xix

  WAP Vulnerabilities …………………………………………192 WEP Vulnerabilities …………………………………………193

  Additional Security Measures for Wireless Networks ………219 Using a Separate Subnet for Wireless Networks …………220 Using VPNs for Wireless Access to Wired Network ………220

  IEEE 802.1x Vulnerabilities …………………………………218

  Denial of Service and Flooding Attacks………………………215 Protecting Against DoS and Flooding Attacks ……………218