The new 4th edition of "Security+ Guide to Network Security Fundamentals" from Course Technology/Cengage Learning (978-1-111-64012-5) is now available. This book fully maps to the new CompTIA SY0-301 Security+ exam that went live in May 2011. Reflecting the latest trends and developments from the information security field, it provides a complete introduction to practical network and computer security while covering all of the Security+ exam objectives. The text covers the fundamentals of network security, including compliance and operational security, threats and vulnerabilities, application, data, and host security, access control and identity management, and cryptography. This updated edition includes new topics such as the psychological approaches to social engineering attacks, Web application attacks, penetration testing, data loss prevention, cloud computing security, and application programming development security. New hands-on activities are found in each chapter, along with new tips, notes, review questions, and case projects. This edition features activities that link to the Information Security Community Site, which offers video lectures, podcasts, discussion boards, additional hands-on activities, and more to provide a wealth of resources and up-to-the minute information. And it even includes free online CertBlaster test preparation software to help practice for exam day.
Sometimes the question is asked, "Is this an exam prep book?" The short answer is "Yes, and more". Here's the long answer. Learning security and equipping yourself to pass the Security+ certification exam is not about memorizing the answers to test questions. Why? It's because the test questions that CompTIA uses are a closely guarded secret, and no person outside of CompTIA has access to these questions. Although some Web sites and exam prep books may claim to have the "actual" SY0-301 questions, they do not (and as an aside, CompTIA rigoriously monitors these sites and will even revoke your Security+ certification if there is evidence that you used them!). And because nobody has the actual test questions, they don't know precisely how a specific topic question will be asked. Here's an example: one of the SY0-301 exam objectives is "initialization vector (IV)". You could memorize a definition of IV (a value that is used in Wireless Equivalent Privacy or WEP), but what if the test question you are asked is not about the definition of IV? What if it's how IV is used? Or why it is vulnerable? Or even why a 128-bit and 64-bit WEP number has actually the same IV length? Without learning the context of IV--and security as a whole--you cannot be adequately prepared to pass the exam (and memorizing a definition of IV won't help much when it comes to that job interview!).
The Security+ Guide to Network Security Fundamentals textbooks helps you learn security in a context to prepare you for passing the SY0-301 exam and set a foundation for becoming a secure IT professional. I regularly have both individuals as well as instructors tell me how the book has prepared them to take and pass the Security+ exam. Recently one instructor said that in his course almost 90% of his students, using this textbook, not only passed the Security+ exam (he makes it a requirement to pass the course) but they all had scores of over 850 (the maximum is 900)!
If you're interested in teaching a security class, or learning about security, or taking the SY0-301 exam, check out the new edition.
08-08-2011 7:41 AM