Security continues to be the number-one concern of computer professionals today, and with good reason. Consider the evidence: as many as 150 million computers worldwide may be remotely controlled by attackers. Over 94 million credit and debit cards were compromised in one data security breach, with losses totaling over $140 million. On average, every 39 seconds your computer is probed by attackers looking for vulnerabilities. One out of every 25 e-mails contains a virus. An organization on average receives 13.6 attacks each day. There are almost 8 million computer viruses on the loose. The median dollar loss for victims of ID theft is over $31,000. The number of U.S. federal agencies that recently received a grade of F on security is now 8. Over 15,000 freshly infected Web pages appear every day, and an
unsuspecting user who only views one of these infected sites through his Web browser and does not even click on a link will find his computer infected. And over 1,500 users still respond to the “Nigerian General” spam each week.

As attacks continue to escalate, the need for trained security personnel also increases. Worldwide, the number of information security professionals will grow from 1.6 million in 2007 to 2.7 million in 2012, experiencing a compound annual growth rate of 10 percent. And, unlike some information technology computer positions, security is not being offshored and is rarely outsourced.

Yet security personnel cannot be part of an on-the-job training program where an individual learns as he goes; the risk is simply too great. Instead, many employers are requiring employees and job applicants to demonstrate their security knowledge and skills by possessing a security certification, such as the CompTIA Security+ certification. The Department of Defense Directive 8570 requires 110,000 information assurance professionals in assigned duty positions to have security certification within 5 years, and it requires certification of all 400,000 full- and part-time military service members, contractors, and local nationals who are performing information assurance functions to be certified in security. IT employers are willing to pay a premium for certified security personnel. Security certifications earn employees 10 percent to 14 percent more pay than their uncertified counterparts.

It is critical that computer users of all types understand how to protect themselves and their organizations from attacks. It is also important that individuals who want a job in the ever-growing field of information security be certified. CompTIA Security+ 2008 In Depth is designed to meet both of these needs. This book takes a comprehensive view of the types of attacks that are launched against networks and computer systems. It examines computer security defense mechanisms and offers practical tools, tips, and techniques to counter attackers.

CompTIA Security+ 2008 In Depth helps you defend against attackers and protect the most precious resource of all computer users and organizations—information. In addition, this book is a valuable tool for those who want to enter the field of information security. It provides you with the knowledge and skills that will help you prepare for the CompTIA Security+ certification exam.