02586book.book Page i Wednesday, January 3, 2007 1:43 PM Security Administrator Street Smarts A Real World Guide to CompTIA Security+™ Skills David R. Miller Michael Gregg Wiley Publishing, Inc. 02586book.book Page vi Wednesday, January 3, 2007 1:43 PM 02586book.book Page i Wednesday, January 3, 2007 1:43 PM Security Administrator Street Smarts A Real World Guide to CompTIA Security+™ Skills David R. Miller Michael Gregg Wiley Publishing, Inc. 02586book.book Page ii Wednesday, January 3, 2007 1:43 PM Acquisitions and Development Editor: Jeff Kellum Technical Editor: James Michael Stewart Production Editor: Eric Charbonneau Copy Editor: Liz Welch Production Manager: Tim Tate Vice President and Executive Group Publisher: Richard Swadley Vice President and Executive Publisher: Joseph B. Wikert Vice President and Publisher: Neil Edde Book Designer: Judy Fung, Bill Gibson Compositor: Laurie Stewart, Happenstance Type-O-Rama Proofreader: Nancy Riddiough Indexer: Ted Laux Anniversary Logo Design: Richard Pacifico Cover Designer: Ryan Sneed Copyright © 2007 by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada ISBN: 978-0-4701-0258-9 No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Pub- lisher for permission should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/ go/permissions. Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent pro- fessional person should be sought. Neither the publisher nor the author shall be liable for damages arising here- from. The fact that an organization or Website is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Website may provide or recommendations it may make. Further, readers should be aware that Internet Web- sites listed in this work may have changed or disappeared between when this work was written and when it is read. For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (800) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002. Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books. TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. CompTIA Security+ is a trademark of the Computing Technology Industry Association. All other trademarks are the property of their respective owners. Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book. 10 9 8 7 6 5 4 3 2 1 02586book.book Page iii Wednesday, January 3, 2007 1:43 PM Library of Congress Cataloging-in-Publication Data Miller, David R., 1959 Nov. 5– Security administrator street smarts : a real world guide to CompTIA Security+ skills / David R. Miller, Michael Gregg. p. cm. ISBN-13: 978-0-470-10258-9 (pbk.) ISBN-10: 0-470-10258-6 (pbk.) 1. Electronic data processing personnel—Certification. 2. Computer security—Examinations—Study guides. 3. Computer networks--Security measures—Examinations—Study guides. I. Gregg, Michael (Michael C.) II. Title. QA76.3.M562 2007 005.8—dc22 2006100831 02586book.book Page iv Wednesday, January 3, 2007 1:43 PM I’d like to dedicate this book to my family, especially my children, Veronica and Ross, for keeping a subtle smile of pride and satisfaction warmly tucked away inside of me. It has helped to keep me going. —David R. Miller This book is dedicated to Christine, a loving wife and partner. —Michael Gregg 02586book.book Page v Wednesday, January 3, 2007 1:43 PM Acknowledgments I would like to thank Shon Harris, of CISSP fame, for her support, encouragement and undy- ing friendship. I also give thanks to Michael J. Lester, one of the most certified (or is that cer- tifiable?) guys I’ve ever known, for years of superb professional association, consultation, and loyalty. A better pair of friends could not be had. Thanks also to the co-author, Michael Gregg, and to the excellent team at Sybex who have done a bang-up job to pull this book together. I hope we’re able to help you, the reader, gain confidence and worthy skills to improve your careers and become the security professional you want and need to be. —David R. Miller I would like to thank my wife Christine for all her help and encouragement. I have been blessed that she has always encouraged me and helped in all my endeavors. Thank you for your love and support. I would like to acknowledge Gen Cuellar, David R. Miller, Jeff Kellum, and the excellent team at Sybex. To all those who read the book, keep learning and taking steps to move your career forward. —Michael Gregg 02586book.book Page vi Wednesday, January 3, 2007 1:43 PM 02586book.book Page vii Wednesday, January 3, 2007 1:43 PM About the Authors David R. Miller, President of MicroLink Corporation, is a network engineer and IT secu- rity and project management consultant with more than two decades of experience. David has focused on writing and teaching for the last 10 years. He has written numerous books, curricula, presentations, and training videos for topics such as the entire MCSE track (eight courses), network security, wireless security, penetration testing, CISSP, A+, Net- work+, and Security+. David holds the following certifications: MCT, MCSE NT 4.0, MCSE: Security on Windows 2000 and Server 2003, CISSP, CNE, CCNA, CWNA, CEH, ECSA, LPT, A+, Network+, and Security+. Michael Gregg (CISSP, CISA, MCSE, MCT, CTT+, A+, N+, Security+, CNA, CCNA, CIW Security Analyst, CCE, CEH, CHFI, DCNP, ES Dragon IDS, TICSA) is the founder and Pres- ident of Superior Solutions, Inc., a Houston-based IT security consulting firm. Superior Solu- tions performs security assessments and penetration testing for Fortune 1000 firms. Michael is responsible for working with organizations to develop cost effective and innovative tech- nology solutions to security issues and for evaluating emerging technologies. Michael has more than 20 years experience in the IT field and holds two associate’s degrees, a bachelor’s degree, and a master’s degree. He has written or co-written seven other books including Hack the Stack, Certified Ethical Hacker Exam Prep 2, and Inside Network Security Assessment.
Description: