Acknowledgments xxi About the Authors xxiii Introduction xxv Assessment Test xxxv Answer to Assessment Test xl Chapter 1 Security Concepts 1 Technology-Based Attacks 2 Denial of Service (DoS)/Distributed Denial of Service (DDoS) 3 The Ping of Death 3 Distributed DoS (DDoS) 3 Botnet/Command and Control 3 Traffic Spike 4 Coordinated Attack 4 Friendly/Unintentional DoS 4 Physical Attack 5 Permanent DoS 5 Smurf 5 Acknowledgments xxi About the Authors xxiii Introduction xxv Assessment Test xxxv Answer to Assessment Test xl Chapter 1 Security Concepts 1 Technology-Based Attacks 2 Denial of Service (DoS)/Distributed Denial of Service (DDoS) 3 The Ping of Death 3 Distributed DoS (DDoS) 3 Botnet/Command and Control 3 Traffic Spike 4 Coordinated Attack 4 Friendly/Unintentional DoS 4 Physical Attack 5 Permanent DoS 5 Smurf 5 SYN Flood 5 Reflective/Amplified Attacks 7 On-Path Attack (Previously Known as Man-in-the-Middle Attack) 8 DNS Poisoning 8 VLAN Hopping 9 ARP Spoofing 10 Rogue DHCP 10 IoT Vulnerabilities 11 Rogue Access Point (AP) 11 Evil Twin 12 Ransomware 12 Password Attacks 12 Brute-Force 13 Dictionary 13 Advanced Persistent Threat 13 Hardening Techniques 13 Changing Default Credentials 14 Avoiding Common Passwords 14 DHCP Snooping 14 Change Native VLAN 15 Patching and Updates 15 Upgrading Firmware 16 Defense in Depth 16 Social-Based Attacks 17 Social Engineering 17 Insider Threats 17 Phishing 18 Vishing 19 Smishing 20 Spear Phishing 20 Environmental 20 Tailgating 20 Piggybacking 21 Shoulder Surfing 21 Malware 21 Ransomware 21 Summary 22 Exam Essentials 23 Review Questions 24 Chapter 2 Network Security Devices 27 Confidentiality, Integrity, Availability (CIA) 28 Confidentiality 29 Integrity 29 Availability 29 Threats 29 Internal 29 External 30 Network Access Control 30 Posture Assessment 30 Guest Network 30 Persistent vs. Nonpersistent Agents 30 Honeypot 31 Wireless Networks 31 Wireless Personal Area Networks 31 Wireless Local Area Networks 32 Wireless Metro Area Networks 33 Wireless Wide Area Networks 33 Basic Wireless Devices 34 Wireless Access Points 34 Wireless Network Interface Card 36 Wireless Antennas 36 Wireless Principles 37 Independent Basic Service Set (Ad Hoc) 37 Basic Service Set 38 Infrastructure Basic Service Set 39 Service Set ID 40 Extended Service Set 40 Nonoverlapping Wi-Fi channels 42 2.4 GHz Band 42 5 GHz Band (802.11ac) 43 2.4 GHz / 5GHz (802.11n) 43 Wi-Fi 6 (802.11ax) 45 Interference 45 Range and Speed Comparisons 46 Wireless Security 46 Authentication and Encryption 46 WEP 48 WPA and WPA2: An Overview 48 Wi-Fi Protected Access 49 WPA2 Enterprise 49 802.11i 50 WPA3 50 WPA3-Personal 51 WPA3-Enterprise 51 Summary 52 Exam Essentials 53 Review Questions 54 Chapter 3 IP, IPv6, and NAT 57 TCP/IP and the DoD Model 58 The Process/Application Layer Protocols 60 Telnet 61 Secure Shell (SSH) 61 File Transfer Protocol (FTP) 62 Secure File Transfer Protocol 63 Trivial File Transfer Protocol (TFTP) 63 Simple Network Management Protocol (SNMP) 63 Hypertext Transfer Protocol (HTTP) 64 Hypertext Transfer Protocol Secure (HTTPS) 65 Network Time Protocol (NTP) 65 Domain Name Service (DNS) 65 Dynamic Host Configuration Protocol (DHCP)/Bootstrap Protocol (BootP) 66 Automatic Private IP Addressing (APIPA) 69 The Host-to-Host or Transport Layer Protocols 69 Transmission Control Protocol (TCP) 70 User Datagram Protocol (UDP) 72 Key Concepts of Host-to-Host Protocols 74 Port Numbers 74 The Internet Layer Protocols 78 Internet Protocol (IP) 79 Internet Control Message Protocol (ICMP) 82 Address Resolution Protocol (ARP) 85 IP Addressing 86 IP Terminology 86 The Hierarchical IP Addressing Scheme 87 Network Addressing 88 Class A Addresses 90 Class B Addresses 91 Class C Addresses 92 Private IP Addresses (RFC 1918) 92 IPv4 Address Types 93 Layer 2 Broadcasts 94 Layer 3 Broadcasts 94 Unicast Address 94 Multicast Address 95 When Do We Use NAT? 96 Types of Network Address Translation 98 NAT Names 99 How NAT Works 100 Why Do We Need IPv6? 101 IPv6 Addressing and Expressions 102 Shortened Expression 103 Address Types 104 Special Addresses 105 Summary 106 Exam Essentials 107 Review Questions 110 Chapter 4 Network Device Access 115 Local Authentication 116 AAA Model 118 Authentication 119 Multifactor Authentication 119 Multifactor Authentication Methods 121 IPsec Transforms 165 Security Protocols 165 Encryption 167 GRE Tunnels 168 GRE over IPsec 169 Cisco DMVPN (Cisco Proprietary) 169 Cisco IPsec VTI 169 Public Key Infrastructure 170 Certification Authorities 170 Certificate Templates 172 Certificates 173 Summary 174 Exam Essentials 175 Review Questions 176 Chapter 6 OS Basics and Security 179 Operating System Security 180 Windows 180 Windows Defender Firewall 180 Scripting 184 Security Considerations 190 NTFS vs.

Share Permissions 191 Shared Files and Folders 195 User Account Control 198 Windows Update 202 Application Patching 203 Device Drivers 204 macOS/Linux 204 System Updates/App Store 206 Patch Management 206 Firewall 207 Permissions 211 Driver/Firmware Updates 213 Operating Systems Life Cycle 214 System Logs 214 Event Viewer 214 Audit Logs 215 Syslog 216 Syslog Collector 216 Syslog Messages 217 Logging Levels/Severity Levels 218 Identifying Anomalies 218 SIEM 220 Summary 221 Exam Essentials 221 Review Questions 223 Chapter 7 Endpoint Security 225 Endpoint Tools 226 Command-Line Tools 226 netstat 227 nslookup 227 dig 228 ping 229 tracert 229 tcpdump 230 nmap 231 gpresult 232 Software Tools 232 Port.