CompTIA Security+ Exam Cram

( 8 )

Overview

CompTIA® Security+ Exam Cram

Second Edition

Exam SY0-201

Diane ...

See more details below
Available through our Marketplace sellers.
Other sellers (Paperback)
  • All (23) from $1.99   
  • New (1) from $5.00   
  • Used (22) from $1.99   
Close
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any BN.com coupons and promotions
$5.00
Seller since 2014

Feedback rating:

(7)

Condition:

New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

New
2009 Paperback Book is in new condition, may have light bookshelf wear.

Ships from: Florissant, MO

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
Page 1 of 1
Showing All
Close
Sort by
Sending request ...

Overview

CompTIA® Security+ Exam Cram

Second Edition

Exam SY0-201

Diane Barrett

Kirk Hausman

Martin Weiss

The Smart Way to Study™

Covers the critical information you need to know to score higher on your Security+ exam!

  • Master and implement general security best practices
  • Systematically identify threats and risks to your systems
  • Harden systems by eliminating nonessential services
  • Secure your communications, networks, and infrastructure
  • Systematically identify and protect against online vulnerabilities
  • Implement effective access control and authentication
  • Create security baselines and audit your security infrastructure
  • Understand cryptographic principles, and effectively deploy cryptographic solutions
  • Organize security from both a technical and organizational standpoint
  • Manage every facet of security, including education and documentation
  • Understand the laws related to IT security, and the basics of forensic investigations

WRITTEN BY LEADING EXPERTS:

Diane Barrett (MCSE, A+, Security+) is a professor in the Network Security and Computer Forensics programs at the University of Advancing Technology. She belongs to several security user groups, including HTCIA and InfraGard.

Kirk Hausman (MCSE, Security+) has worked for more than 20 years as a consultant, trainer, IT manager, and network and security administrator. He works for Texas A&M University as assistant commandant for IT.

Martin Weiss (CISSP, Security+, MCSE) is a manager of information security gurus at RSA, the security division of EMC.

CD Features Test Engine Powered by MeasureUp!

  • Detailed explanations of correct and incorrect answers
  • Multiple test modes
  • Random questions and order of answers
  • Coverage of each Security+ exam objective

informit.com/examcram

ISBN-13: 978-0-7897-3804-2

ISBN-10: 0-7897-3804-X

Read More Show Less

Product Details

  • ISBN-13: 9780789738042
  • Publisher: Pearson IT Certification
  • Publication date: 12/5/2008
  • Series: Exam Cram Series
  • Edition description: Book and CD
  • Edition number: 2
  • Pages: 526
  • Product dimensions: 5.90 (w) x 8.90 (h) x 1.40 (d)

Meet the Author

Diane Barrett is a professor in the Network Security and Computer Forensics programs at the University of Advancing Technology. She has authored several security and forensic books. Diane belongs to the local chapters of several security user groups, including HTCIA and InfraGard. She was also a volunteer for ISSA’s (Information Systems Audit and Control Association) Generally Accepted Information Security Principles (GAISP) in the Ethical Practices Working Group. She holds about 15 industry certifications, including CISSP, ISSMP, and Security+. Diane received her master’s of science degree in computer technology, with a specialization in information security, from Capella University.

Kalani K. Hausman, CISSP, CISA, CISM, GHSC, is an author, teacher, and information technology implementer with more than 20 years’ experience specializing in IT governance, enterprise architecture, regulatory compliance, and enterprise security management. His experience includes medium to large-scale globally deployed networks in governmental, higher-education, health-care, and corporate settings. He is active within the FBI InfraGard, Information Systems Audit and Control Association (ISACA) and ISSA and is currently employed as the Assistant Commandant for IT at Texas A&M University.

Martin Weiss is a manager of information security gurus at RSA, The Security Division of EMC, helping organizations accelerate their business by solving their most complex and sensitive security challenges. He is also on the board of directors for the Connecticut chapter of ISSA and has authored several other books. He holds several certifications, including Security+, CISSP, MCSE: Security, and RSA CSE. Marty received his MBA from the Isenberg School of Management at the University of Massachusetts and currently lives in New England with his wife and three sons. Marty can be reached at marty.weiss@gmail.com.

Read More Show Less

Read an Excerpt

IntroductionIntroduction

Welcome to CompTIA Security+ Exam Cram, Second Edition. Whether this book is your first or your fifteenth Exam Cram series book, you’ll find information here that will help ensure your success as you pursue knowledge, experience, and certification. This book aims to help you get ready to take and pass the CompTIA Security+ exam, number SY0-201.

This introduction explains CompTIA’s certification programs in general and talks about how the Exam Cram series can help you prepare for CompTIA’s latest certification exams. Chapters 1 through 12 are designed to remind you of everything you need to know to pass the SY0-201 certification exam. The two practice exams at the end of this book should give you a reasonably accurate assessment of your knowledge; and, yes, we’ve provided the answers and their explanations for these practice exams. Read this book, understand the material, and you’ll stand a very good chance of passing the real test.

Exam Cram books help you understand and appreciate the subjects and materials you need to know to pass CompTIA certification exams. Exam Cram books are aimed strictly at test preparation and review. They do not teach you everything you need to know about a subject. Instead, the authors streamline and highlight the pertinent information by presenting and dissecting the questions and problems they’ve discovered that you’re likely to encounter on a CompTIA test.

Nevertheless, to completely prepare yourself for any CompTIA test, we recommend that you begin by taking the “Self-Assessment” that immediately follows this introduction. Theself-assessment tool will help you evaluate your knowledge base against the requirements for the CompTIA Security+ exam under both ideal and real circumstances. This can also be the first step in earning more advanced security certifications.

Based on what you learn from the self-assessment, you might decide to begin your studies with classroom training or some background reading. On the other hand, you might decide to pick up and read one of the many study guides available from Que or a third-party vendor.

We also strongly recommend that you spend some time installing, configuring, and working with both Windows and UNIX or Linux operating systems to patch and maintain them for the best and most current security possible because the Security+ exam focuses on such activities and the knowledge and skills they can provide for you. Nothing beats hands-on experience and familiarity when it comes to understanding the questions you’re likely to encounter on a certification test. Book learning is essential, but without doubt, hands-on experience is the best teacher of all!The CompTIA Certification Program

The Computing Technology Industry Association (http://www.comptia.org) offers numerous IT certifications, primarily aimed at entry- and intermediate-level IT professionals. Here is a list of some other relevant CompTIA certifications, briefly annotated to document their possible relevance to Security+:


  • A+: An exam that tests basic PC hardware and software installation, configuration, diagnosing, preventive maintenance, and basic networking. This two-part exam also covers security, safety, environmental issues, communication, and professionalism. This exam is an excellent prequalifier for those interested in Security+ who might have little or no PC or computing skills or knowledge. For more information about this exam, see http://certification.comptia.org/a/default.aspx.
  • Network+: An exam that tests basic and intermediate networking skills and knowledge, including hardware, drivers, protocols, and troubleshooting topics. This exam is an excellent prequalifier for those interested in Security+ who have little or no networking skills or knowledge. For more information about this exam, go to http://certification.comptia.org/network/default.aspx.
  • Server+: An exam that tests server knowledge and capabilities, including RAID, SCSI, multiple CPUs, and disaster recovery. This exam is an excellent prequalifier for those interested in Security+ who have little or no server environment skills or knowledge. For more information about this exam, go to http://certification.comptia.org/server/default.aspx.
  • Linux+: An exam that tests knowledge and management of Linux systems via command line, user administration, file permissions, software configurations, Linux-based clients, server systems, and security. For more information about this exam, go to http://certification.comptia.org/linux/default.aspx.

The CompTIA exams are all vendor- and platform-neutral, which means they primarily test general skills and knowledge, instead of focusing on vendor or product specifics. Therefore, they offer certification candidates a chance to demonstrate necessary general abilities relevant in most workplaces. (This explains why employers generally look at CompTIA certifications favorably.)

Because CompTIA changes their website often, the URLs listed above might not work in the future. You should use the Search tool on CompTIA’s site to find more information about a particular certification. Taking a Certification Exam

After you prepare for your exam, you need to register with a testing center. At the time of this writing, the cost to take the Security+ exam is $258 for individuals. CompTIA Corporate Members receive discounts on nonmember pricing. For more information about these discounts, a local CompTIA sales representative can provide answers to any questions you might have. If you don’t pass, you can take the exam again for the same cost as the first attempt, for each attempt until you pass. In the United States and Canada, tests are administered by Prometric or VUE. Here’s how you can contact them:


  • Prometric—You can sign up for a test through the company’s website, http://securereg3.prometric.com/. Within the United States and Canada, you can register by phone at 800-755-3926. If you live outside this region, check the Prometric website for the appropriate phone number.
  • Pearson VUE—You can contact Virtual University Enterprises (VUE) to locate a nearby testing center that administers the test and to make an appointment. You can find the sign-up web page for the exam itself at http://www.vue.com/comptia/. You can also use this web page (click the Contact button, click the View Telephone Directory by Sponsor link, and then click CompTIA) to obtain a telephone number for the company (in case you can’t or don’t want to sign up for the exam on the web page).

To sign up for a test, you must possess a valid credit card or contact either Prometric or Vue for mailing instructions to send a check (in the United States). Only after payment has been verified, or a check has cleared, can you actually register for a test.

To schedule an exam, you need to call the appropriate phone number or visit the Prometric or Vue website at least one day in advance. To cancel or reschedule an exam in the United States or Canada, you must call before 3 p.m. Eastern time the day before the scheduled test time (or you might be charged, even if you don’t show up to take the test). When you want to schedule a test, you should have the following information ready:


  • Your name, organization, and mailing address.
  • Your CompTIA test ID. (In the United States, this means your Social Security number; citizens of other countries should call ahead to find out what type of identification number is required to register for a test.)
  • The name and number of the exam you want to take.
  • A payment method. (As mentioned previously, a credit card is the most convenient method; alternative means can be arranged in advance, if necessary.)

After you sign up for a test, you are told when and where the test is scheduled. You should arrive at least 15 minutes early. To be admitted into the testing room, you must supply two forms of identification, one of which must be a photo ID.Tracking Certification Status

After you pass the exam, you are certified. Official certification is normally granted after six to eight weeks, so you shouldn’t expect to get your credentials overnight. The package for official certification that arrives includes a Welcome Kit that contains a number of elements. (See CompTIA’s website for other benefits of specific certifications.)


  • A certificate suitable for framing, along with a wallet card.
  • A license to use the related certification logo, which means you can use the logo in advertisements, promotions, and documents, and on letterhead, business cards, and so on. Along with the license comes a logo sheet, which includes camera-ready artwork. (Note that before you use any of the artwork, you must sign and return a licensing agreement that indicates you’ll abide by its terms and conditions.)

Many people believe that the benefits of certification go well beyond the perks that CompTIA provides to new members of this elite group. We’re starting to see more job listings that request or require applicants to have CompTIA and other related certifications, and many individuals who complete CompTIA certification programs can qualify for increases in pay and responsibility. As an official recognition of hard work and broad knowledge, a certification credential is a badge of honor in many IT organizations.About This Book

We’ve structured the topics in this book to build on one another. Therefore, some topics in later chapters make the most sense after you’ve read earlier chapters. That’s why we suggest that you read this book from front to back for your initial test preparation. If you need to brush up on a topic or if you have to bone up for a second try, you can use the index or table of contents to go straight to the topics and questions that you need to study. Beyond helping you prepare for the test, we think you’ll find this book useful as a tightly focused reference to some of the most important aspects of the Security+ certification.Chapter Format and Conventions

Each topical Exam Cram chapter follows a regular structure and contains graphical cues about important or useful information. Here’s the structure of a typical chapter:


  • Opening hotlists—Each chapter begins with a list of the terms, tools, and techniques that you must learn and understand before you can be fully conversant with that chapter’s subject matter. The hotlists are followed with one or two introductory paragraphs to set the stage for the rest of the chapter.
  • Topical coverage—After the opening hotlists and introductory text, each chapter covers a series of topics related to the chapter’s subject. Throughout that section, we highlight topics or concepts that are likely to appear on a test, using a special element called an Exam Alert:

    Warning - This is what an alert looks like. Normally, an alert stresses concepts, terms, software, or activities that are likely to relate to one or more certification test questions. For that reason, we think any information in an alert is worthy of extra attentiveness on your part.



    Pay close attention to material flagged in Exam Alerts; although all the information in this book pertains to what you need to know to pass the exam, Exam Alerts contain information that is really important. Of course, you need to understand the “meat” of each chapter, too, when preparing for the test. Because this book’s material is condensed, we recommend that you use this book along with other resources to achieve the maximum benefit.


    In addition to the alerts, we provide tips and notes to help you build a better foundation for security knowledge. Although the tip information might not be on the exam, it is certainly related and will help you become a better-informed test taker.

    Tip - This is how tips are formatted. Keep your eyes open for these, and you’ll become a Security+ guru in no time!

    Note - This is how notes are formatted. Notes direct your attention to important pieces of information that relate to the CompTIA Security+ certification.


  • Exam prep questions—Although we talk about test questions and topics throughout this book, the section at the end of each chapter presents a series of mock test questions and explanations of both correct and incorrect answers.
  • Details and resources—Every chapter ends with a section that provides direct pointers to CompTIA and third-party resources that offer more information about the chapter’s subject. That section also tries to rank or at least rate the quality and thoroughness of the topic’s coverage by each resource. If you find a resource you like in that collection, you should use it; don’t feel compelled to use all the resources. On the other hand, we recommend only resources that we use on a regular basis, so none of our recommendations will be a waste of your time or money. (However, purchasing them all at once probably represents an expense that many network administrators and CompTIA certification candidates might find hard to justify.)

Although the bulk of this book follows this chapter structure just described, we want to point out a few other elements:


  • “Practice Exam 1” and “Practice Exam 2” and the answer explanations provide good reviews of the material presented throughout the book to ensure that you’re ready for the exam.
  • The Glossary defines important terms used in this book.
  • The tear-out Cram Sheet attached next to the inside front cover of this book represents a condensed collection of facts and tips that we think are essential for you to memorize before taking the test. Because you can dump this information out of your head onto a sheet of paper just before taking the exam, you can master this information by brute force; you need to remember it only long enough to write it down when you walk into the testing room. You might even want to look at it in the car or in the lobby of the testing center just before you walk in to take the exam.
  • The MeasureUp Practice Tests CD-ROM that comes with each Exam Cram and Exam Prep book features a powerful, state-of-the-art test engine that prepares you for the actual exam. MeasureUp Practice Tests are developed by certified IT professionals and are trusted by certification students around the world. For more information, visit http://www.measureup.com.
Exam Topics

Table I-1 lists the skills measured by the SY0-201 exam and the chapter in which the topic is discussed. Some topics are covered in other chapters, too.Table I-1  CompTIA SY0-201 Exam Topics

Exam Topic

Chapter

Domain 1.0: Systems Security

Differentiate among various systems security threats.

1

Explain the security risks pertaining to system hardware and peripherals.

1

Implement OS hardening practices and procedures to achieve workstation and server security.

7

Carry out the appropriate procedures to establish application security.

2

Implement security applications.

4

Explain the purpose and application of virtualization technology.

4

Domain 2.0: Network Infrastructure

Differentiate between the different ports and protocols and their respective threats and mitigation techniques.

3

Distinguish between network design elements and components.

3

Determine the appropriate use of network security tools to facilitate network security.

3

Apply the appropriate network tools to facilitate network security.

4

Evaluate user systems and recommend appropriate settings to optimize performance.

4

Explain the vulnerabilities and mitigations associated with network devices.

2

Explain the vulnerabilities and mitigations associated with various transmission media.

2

Explain the vulnerabilities and implement mitigations associated with wireless networking.

6

Domain 3.0: Access Control

Identify and apply industry best practices for access control methods.

5

Explain common access control models and the differences between each.

5

Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges.

4

Apply appropriate security controls to file and print resources.

4

Compare and implement logical access control methods.

4

Summarize the various authentication models and identify the components of each.

5

Deploy various authentication models and identify the components of each.

6

Explain the difference between identification and authentication (identity proofing).

5

Explain and apply physical access security methods.

5

Domain 4.0: Assessments and Audits


Conduct risk assessments and implement risk mitigation.

7

Carry out vulnerability assessments using common tools.

7

Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning.

7

Domain 4.0: Assessments and Audits

Use monitoring tools on systems and networks and detect security-related anomalies.

8

Compare and contrast various types of monitoring methodologies.

8

Execute proper logging procedures and evaluate the results.

8

Conduct periodic audits of system security settings.

8

Domain 5.0: Cryptography

Explain general cryptography concepts.

9

Explain basic hashing concepts and map various algorithms to appropriate applications.

9

Explain basic encryption concepts and map various algorithms to appropriate applications.

9

Explain and implement protocols.

10

Explain core concepts of public key cryptography.

10

Implement PKI and certificate management.

10

Domain 6.0: Organizational Security

Explain redundancy planning and its components.

11

Implement disaster recovery procedures.

11

Differentiate between and execute appropriate incident response procedures.

12

Identify and explain applicable legislation and organizational policies.

12

Explain the importance of environmental controls.

12

Explain the concept of and how to reduce the risks of social engineering.

12

Given all the book’s elements and its specialized focus, we’ve tried to create a tool that will help you prepare for and pass CompTIA Security+ Exam SY0-201. Please share with us your feedback on this book, especially if you have ideas about how we can improve it for future test takers. Send your questions or comments about this book via email to feedback@quepublishing.com. We’ll consider everything you say carefully, and we’ll respond to all suggestions. For more information about this book and other Exam Cram titles, visit our website at http://www.informit.com/examcram.

Thanks for making this Exam Cram book a pivotal part of your certification study plan. Best of luck on becoming certified!

© Copyright Pearson Education. All rights reserved.

Read More Show Less

Table of Contents

Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

The CompTIA Certification Program . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Taking a Certification Exam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Tracking Certification Status. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

About This Book. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Chapter Format and Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Exam Topics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Self-Assessment. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

CompTIA Certification in the Real World. . . . . . . . . . . . . . . . . . . . . . . . 11

The Ideal CompTIA Certification Candidate . . . . . . . . . . . . . . . . 12

Put Yourself to the Test . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

How to Prepare for an Exam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Studying for the Exam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Testing Your Exam Readiness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Dealing with Test Anxiety . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

Day of the Exam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Part I: System Security

Chapter 1: System Threats and Risks . . . . . . . . . . . . . . . . . . . . . . . 27

Systems Security Threats. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Privilege Escalation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Viruses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Worms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Trojans . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

Spyware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

Spam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Adware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

Rootkits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Botnets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Logic Bombs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Protecting Against Malicious Code . . . . . . . . . . . . . . . . . . . . . . . . . 38

Security Threats to System Hardware and Peripherals. . . . . . . . . . . . . . 38

BIOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

USB Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Handheld Devices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

Removable Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Network-Attached Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Exam Prep Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

Answers to Exam Prep Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

Suggested Reading and Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

Chapter 2: Online Vulnerabilities . . . . . . . . . . . . . . . . . . . . . . 49

Web Vulnerabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Java and JavaScript . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

ActiveX Controls. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

Cookies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

Common Gateway Interface Vulnerabilities . . . . . . . . . . . . . . . . . . 54

Browser Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Peer-to-Peer Networking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

Instant Messaging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

Simple Mail Transport Protocol Relay . . . . . . . . . . . . . . . . . . . . . . 57

Protocol Vulnerabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

SSL/TLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

LDAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58

File Transfer Protocol Vulnerabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

Anonymous Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

Unencrypted Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

Wireless Network Vulnerabilities. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

WAP and i-Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

WLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

Wired Equivalent Privacy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

Wi-Fi Protected Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

802.11i . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

Site Surveys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

Network Device and Transmission Media Vulnerabilities . . . . . . . . . . . 63

Exam Prep Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

Answers to Exam Prep Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

Additional Reading and Resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

Part II: Infrastructure Security

Chapter 3: Infrastructure Basics . . . . . . . . . . . . . .. . . . . . . . . 73

Port and Protocol Threats and Mitigation Techniques. . . . . . . . . . . . . . 74

Antiquated and Older Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

TCP/IP Hijacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

Null Sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78

Spoofing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

Man in the Middle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80

Replay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

Denial of Service. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

Distributed DoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83

DNS Kiting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

DNS Poisoning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

ARP Poisoning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

Network Design Elements and Components . . . . . . . . . . . . . . . . . . . . . 88

Demilitarized Zone. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88

Intranet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

Extranet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

Virtual Local Area Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

Network Address Translation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

Subnetting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92

Network Interconnections. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

Network Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

Telephony. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96

Network Security Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

NIDS and HIDS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

Network Intrusion Prevention System . . . . . . . . . . . . . . . . . . . . . . 99

Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

Proxy Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101

Internet Content Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102

Protocol Analyzers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

Exam Prep Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104

Answers to Exam Prep Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106

Additional Reading and Resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108

Chapter 4: Infrastructure Security and Controls . . . . . . . . . . . . . . 109

Implementing Security Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110

Personal Software Firewalls. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110

Antivirus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111

Antispam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112

Pop-Up Blockers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113

Virtualization Technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114

Applying Network Tools to Facilitate Security . . . . . . . . . . . . . . . . . . . 116

Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116

Proxy Servers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

Internet Content Filters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118

Protocol Analyzers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118

Logical Access Control Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118

Security Groups and Roles with Appropriate Rights and Privileges . . . . . . 119

Security Controls for File and Print Resources . . . . . . . . . . . . . . 121

Access Control Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122

Group Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

Password Policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124

Logical Tokens . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127

Physical Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128

Risk and Return on Investment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128

Identifying Risk. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128

Asset Identification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129

Risk and Threat Assessment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130

Vulnerabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131

Calculating Risk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131

Calculating ROI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132

Exam Prep Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134

Answers to Exam Prep Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136

Additional Reading and Resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

Part III: Access Control

Chapter 5: Access Control and Authentication Basics . .. . . . . . . 141

Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142

Mandatory Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

Discretionary Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

Role-Based Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144

Access Control Best Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144

Authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146

Kerberos Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147

Mutual Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

Challenge-Handshake Authentication Protocol . . . . . . . . . . . . . 150

Terminal Access Controller Access Control System Plus . . . . . 151

Remote Authentication Dial-In User Service . . . . . . . . . . . . . . . 151

IEEE 802.1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

Certificates. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152

Username and Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152

Tokens . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153

Biometrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153

Multifactor Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154

Single Sign-On . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155

Identity Proofing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155

Operating System Hardening . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156

Nonessential Services and Protocols . . . . . . . . . . . . . . . . . . . . . . . 156

Patch Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156

Security Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157

Physical Access Security Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158

Physical Barriers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160

Facilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160

Other Deterrents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161

Exam Prep Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164

Answers to Exam Prep Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166

Additional Reading and Resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168

Chapter 6: Securing Communications. . . . . . . . . . . . . . . . . . . . . . 169

Remote Access. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170

802.1x Wireless Networking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171

VPN Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173

Dial-Up User Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174

Secure Shell Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177

Remote Desktop Protocol (RDP). . . . . . . . . . . . . . . . . . . . . . . . . . 178

Internet Protocol Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178

Electronic Mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181

Secure Multipurpose Internet Mail Extension . . . . . . . . . . . . . . . 181

Pretty Good Privacy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182

Undesirable Email . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182

Instant Messaging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183

Web Connectivity. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184

Hypertext Transport Protocol over Secure Sockets Layer . . . . . 184

Secure Sockets Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

Transport Layer Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

Exam Prep Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186

Answers to Exam Prep Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188

Suggested Reading and Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190

Part IV: Assessments and Audits

Chapter 7: Intrusion Detection and Security Baselines . . . . . . 193

Intrusion Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194

Methods of Intrusion Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . 195

Intrusion-Detection Sources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197

Honeypots and Honeynets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201

Incident Handling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202

Security Baselines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203

Vulnerability Assessment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203

Hardening . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206

Exam Prep Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211

Answers to Exam Prep Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213

Additional Reading and Resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

Chapter 8: Auditing. . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . 217

Using Monitoring Tools to Detect Security-Related Anomalies . . . . . 218

Performance Benchmarking and Baselining . . . . . . . . . . . . . . . . 220

Performance Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221

System Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222

Protocol Analyzers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225

Monitoring Methodologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226

Behavior-Based Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227

Anomaly-Based Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228

Signature-Based Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229

Logging Procedures and Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229

Application Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230

DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231

System Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233

Performance Logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233

Access Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234

Firewall Logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235

Antivirus Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236

Periodic Audits of System Security Settings . . . . . . . . . . . . . . . . . . . . . . 236

User Access and Rights Review . . . . . . . . . . . . . . . . . . . . . . . . . . . 237

Storage and Retention Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . 240

Group Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241

Exam Prep Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243

Answers to Exam Prep Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245

Additional Reading and Resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247

Part V: Cryptography

Chapter 9: Cryptography Basics. . . . . . . . . . . . . . . . . . . . 251

Encryption Algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252

Symmetric Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253

Asymmetric Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254

Key Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256

Steganography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256

CIA Triad. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257

Confidentiality. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257

Integrity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258

Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259

Nonrepudiation and Digital Signatures. . . . . . . . . . . . . . . . . . . . . . . . . . 259

Whole Disk Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261

Trusted Platform Module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262

Hashing Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263

Cryptographic Hash Functions. . . . . . . . . . . . . . . . . . . . . . . . . . . . 264

Windows Authentication Hashing Algorithms. . . . . . . . . . . . . . . 264

Symmetric Encryption Algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265

Asymmetric Encryption Algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268

Wireless . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270

Exam Prep Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271

Answers to Exam Prep Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273

Suggested Readings and Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274

Chapter 10: Cryptography Deployment . . . . . . . . . . . . . . . . . . . . . . . 275

PKI Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277

PKIX. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277

Public Key Cryptography Standards . . . . . . . . . . . . . . . . . . . . . . . 278

X.509 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279

PKI Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281

Certificate Authorities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281

Registration Authorities. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282

Certificates. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282

Certificate Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283

Certificate Practice Statements. . . . . . . . . . . . . . . . . . . . . . . . . . . . 283

Revocation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284

Trust Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284

Key Management and the Certificate Life Cycle. . . . . . . . . . . . . . . . . . 286

Centralized Versus Decentralized. . . . . . . . . . . . . . . . . . . . . . . . . . 287

Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287

Key Escrow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288

Expiration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289

Revocation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289

Status Checking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290

Suspension . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290

Recovery. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290

M of N Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290

Renewal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291

Destruction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291

Key Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291

Multiple Key Pairs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292

Protocols and Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292

SSL and TLS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292

Point-to-Point Tunneling Protocol . . . . . . . . . . . . . . . . . . . . . . . . 293

Layer 2 Tunneling Protocol and IP Security . . . . . . . . . . . . . . . . 294

Secure/Multipurpose Internet Mail Extensions . . . . . . . . . . . . . 294

Pretty Good Privacy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295

Secure Shell . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295

Exam Prep Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297

Answers to Exam Prep Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300

Suggested Readings and Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302

Part VI: Organizational Security

Chapter 11: Organizational Security . . . . . . . . . . . . . . . . . 305

Disaster Recovery and Redundancy Planning . . . . . . . . . . . . . . . . . . . . 306

Redundant Sites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309

Utilities. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311

Redundant Equipment and Connections . . . . . . . . . . . . . . . . . . . 313

Service Level Agreements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 319

Backup Techniques and Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 320

Backup Types. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 320

Schemes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321

System Restoration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322

Exam Prep Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325

Answers to Exam Prep Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327

Suggested Readings and Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329

Chapter 12: Organizational Controls . . . . . . . . . . . . . . . . . . . . . . . . 331

Incident Response Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332

Forensics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332

Chain of Custody . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333

First Responders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334

Damage and Loss Control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335

Reporting and Disclosure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335

Applicable Legislation and Organizational Policies . . . . . . . . . . . . . . . 336

Secure Disposal of Computers and Media . . . . . . . . . . . . . . . . . . 337

Acceptable Use Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338

Password Complexity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339

Change Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340

Classification of Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341

Separation of Duties and Mandatory Vacations . . . . . . . . . . . . . . 342

Personally Identifiable Information . . . . . . . . . . . . . . . . . . . . . . . . 343

Due Care . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344

Due Diligence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344

Due Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345

Service Level Agreements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345

Security-Related Human Resources Policy . . . . . . . . . . . . . . . . . 346

User Education and Awareness Training. . . . . . . . . . . . . . . . . . . . 346

The Importance of Environmental Controls . . . . . . . . . . . . . . . . . . . . . 347

Fire Suppression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348

HVAC. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350

Shielding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350

The Risks of Social Engineering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353

Phishing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354

Hoaxes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355

Shoulder Surfing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355

Dumpster Diving . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355

User Education and Awareness Training. . . . . . . . . . . . . . . . . . . . 356

Exam Prep Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358

Answers to Exam Prep Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360

Recommended Reading and Resources. . . . . . . . . . . . . . . . . . . . . . . . . . 361

Part VII: Practice Exams and Answers

Practice Exam 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365

Practice Exam 1 Answer Key . . . . . . . . . . . . . . . . . . . . . . . . . 389

Answers at a Glance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389

Answers with Explanations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390

Practice Exam 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411

Practice Exam 2 Answer Key . . . . . . . . . . . . . . . . . . . . . . . . . 439

Answers at a Glance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 439

Answers with Explanations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 440

Appendix: What’s on the CD-ROM . . . . . . . . . . . . . . . . . . . . 467

Multiple Test Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467

Study Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467

Certification Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467

Custom Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468

Attention to Exam Objectives. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468

Installing the CD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468

Creating a Shortcut to the MeasureUp Practice Tests . . . . . . . . . . . . . 469

Technical Support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470

Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . 471

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 493

Read More Show Less

Preface

Introduction

Welcome to CompTIA Security+ Exam Cram, Second Edition. Whether this book is your first or your fifteenth Exam Cram series book, you’ll find information here that will help ensure your success as you pursue knowledge, experience, and certification. This book aims to help you get ready to take and pass the CompTIA Security+ exam, number SY0-201.

This introduction explains CompTIA’s certification programs in general and talks about how the Exam Cram series can help you prepare for CompTIA’s latest certification exams. Chapters 1 through 12 are designed to remind you of everything you need to know to pass the SY0-201 certification exam. The two practice exams at the end of this book should give you a reasonably accurate assessment of your knowledge; and, yes, we’ve provided the answers and their explanations for these practice exams. Read this book, understand the material, and you’ll stand a very good chance of passing the real test.

Exam Cram books help you understand and appreciate the subjects and materials you need to know to pass CompTIA certification exams. Exam Cram books are aimed strictly at test preparation and review. They do not teach you everything you need to know about a subject. Instead, the authors streamline and highlight the pertinent information by presenting and dissecting the questions and problems they’ve discovered that you’re likely to encounter on a CompTIA test.

Nevertheless, to completely prepare yourself for any CompTIA test, we recommend that you begin by taking the “Self-Assessment” that immediately follows this introduction. The self-assessment tool will help you evaluate your knowledge base against the requirements for the CompTIA Security+ exam under both ideal and real circumstances. This can also be the first step in earning more advanced security certifications.

Based on what you learn from the self-assessment, you might decide to begin your studies with classroom training or some background reading. On the other hand, you might decide to pick up and read one of the many study guides available from Que or a third-party vendor.

We also strongly recommend that you spend some time installing, configuring, and working with both Windows and UNIX or Linux operating systems to patch and maintain them for the best and most current security possible because the Security+ exam focuses on such activities and the knowledge and skills they can provide for you. Nothing beats hands-on experience and familiarity when it comes to understanding the questions you’re likely to encounter on a certification test. Book learning is essential, but without doubt, hands-on experience is the best teacher of all!

The CompTIA Certification Program

The Computing Technology Industry Association (http://www.comptia.org) offers numerous IT certifications, primarily aimed at entry- and intermediate-level IT professionals. Here is a list of some other relevant CompTIA certifications, briefly annotated to document their possible relevance to Security+:

  • A+: An exam that tests basic PC hardware and software installation, configuration, diagnosing, preventive maintenance, and basic networking. This two-part exam also covers security, safety, environmental issues, communication, and professionalism. This exam is an excellent prequalifier for those interested in Security+ who might have little or no PC or computing skills or knowledge. For more information about this exam, see http://certification.comptia.org/a/default.aspx.
  • Network+: An exam that tests basic and intermediate networking skills and knowledge, including hardware, drivers, protocols, and troubleshooting topics. This exam is an excellent prequalifier for those interested in Security+ who have little or no networking skills or knowledge. For more information about this exam, go to http://certification.comptia.org/network/default.aspx.
  • Server+: An exam that tests server knowledge and capabilities, including RAID, SCSI, multiple CPUs, and disaster recovery. This exam is an excellent prequalifier for those interested in Security+ who have little or no server environment skills or knowledge. For more information about this exam, go to http://certification.comptia.org/server/default.aspx.
  • Linux+: An exam that tests knowledge and management of Linux systems via command line, user administration, file permissions, software configurations, Linux-based clients, server systems, and security. For more information about this exam, go to http://certification.comptia.org/linux/default.aspx.

The CompTIA exams are all vendor- and platform-neutral, which means they primarily test general skills and knowledge, instead of focusing on vendor or product specifics. Therefore, they offer certification candidates a chance to demonstrate necessary general abilities relevant in most workplaces. (This explains why employers generally look at CompTIA certifications favorably.)

Because CompTIA changes their website often, the URLs listed above might not work in the future. You should use the Search tool on CompTIA’s site to find more information about a particular certification.

Taking a Certification Exam

After you prepare for your exam, you need to register with a testing center. At the time of this writing, the cost to take the Security+ exam is $258 for individuals. CompTIA Corporate Members receive discounts on nonmember pricing. For more information about these discounts, a local CompTIA sales representative can provide answers to any questions you might have. If you don’t pass, you can take the exam again for the same cost as the first attempt, for each attempt until you pass. In the United States and Canada, tests are administered by Prometric or VUE. Here’s how you can contact them:

  • Prometric—You can sign up for a test through the company’s website, http://securereg3.prometric.com/. Within the United States and Canada, you can register by phone at 800-755-3926. If you live outside this region, check the Prometric website for the appropriate phone number.
  • Pearson VUE—You can contact Virtual University Enterprises (VUE) to locate a nearby testing center that administers the test and to make an appointment. You can find the sign-up web page for the exam itself at http://www.vue.com/comptia/. You can also use this web page (click the Contact button, click the View Telephone Directory by Sponsor link, and then click CompTIA) to obtain a telephone number for the company (in case you can’t or don’t want to sign up for the exam on the web page).

To sign up for a test, you must possess a valid credit card or contact either Prometric or Vue for mailing instructions to send a check (in the United States). Only after payment has been verified, or a check has cleared, can you actually register for a test.

To schedule an exam, you need to call the appropriate phone number or visit the Prometric or Vue website at least one day in advance. To cancel or reschedule an exam in the United States or Canada, you must call before 3 p.m. Eastern time the day before the scheduled test time (or you might be charged, even if you don’t show up to take the test). When you want to schedule a test, you should have the following information ready:

  • Your name, organization, and mailing address.
  • Your CompTIA test ID. (In the United States, this means your Social Security number; citizens of other countries should call ahead to find out what type of identification number is required to register for a test.)
  • The name and number of the exam you want to take.
  • A payment method. (As mentioned previously, a credit card is the most convenient method; alternative means can be arranged in advance, if necessary.)

After you sign up for a test, you are told when and where the test is scheduled. You should arrive at least 15 minutes early. To be admitted into the testing room, you must supply two forms of identification, one of which must be a photo ID.

Tracking Certification Status

After you pass the exam, you are certified. Official certification is normally granted after six to eight weeks, so you shouldn’t expect to get your credentials overnight. The package for official certification that arrives includes a Welcome Kit that contains a number of elements. (See CompTIA’s website for other benefits of specific certifications.)

  • A certificate suitable for framing, along with a wallet card.
  • A license to use the related certification logo, which means you can use the logo in advertisements, promotions, and documents, and on letterhead, business cards, and so on. Along with the license comes a logo sheet, which includes camera-ready artwork. (Note that before you use any of the artwork, you must sign and return a licensing agreement that indicates you’ll abide by its terms and conditions.)

Many people believe that the benefits of certification go well beyond the perks that CompTIA provides to new members of this elite group. We’re starting to see more job listings that request or require applicants to have CompTIA and other related certifications, and many individuals who complete CompTIA certification programs can qualify for increases in pay and responsibility. As an official recognition of hard work and broad knowledge, a certification credential is a badge of honor in many IT organizations.

About This Book

We’ve structured the topics in this book to build on one another. Therefore, some topics in later chapters make the most sense after you’ve read earlier chapters. That’s why we suggest that you read this book from front to back for your initial test preparation. If you need to brush up on a topic or if you have to bone up for a second try, you can use the index or table of contents to go straight to the topics and questions that you need to study. Beyond helping you prepare for the test, we think you’ll find this book useful as a tightly focused reference to some of the most important aspects of the Security+ certification.

Chapter Format and Conventions

Each topical Exam Cram chapter follows a regular structure and contains graphical cues about important or useful information. Here’s the structure of a typical chapter:

  • Opening hotlists—Each chapter begins with a list of the terms, tools, and techniques that you must learn and understand before you can be fully conversant with that chapter’s subject matter. The hotlists are followed with one or two introductory paragraphs to set the stage for the rest of the chapter.
  • Topical coverage—After the opening hotlists and introductory text, each chapter covers a series of topics related to the chapter’s subject. Throughout that section, we highlight topics or concepts that are likely to appear on a test, using a special element called an Exam Alert:

  • Warning - This is what an alert looks like. Normally, an alert stresses concepts, terms, software, or activities that are likely to relate to one or more certification test questions. For that reason, we think any information in an alert is worthy of extra attentiveness on your part.


    Pay close attention to material flagged in Exam Alerts; although all the information in this book pertains to what you need to know to pass the exam, Exam Alerts contain information that is really important. Of course, you need to understand the “meat” of each chapter, too, when preparing for the test. Because this book’s material is condensed, we recommend that you use this book along with other resources to achieve the maximum benefit.

    In addition to the alerts, we provide tips and notes to help you build a better foundation for security knowledge. Although the tip information might not be on the exam, it is certainly related and will help you become a better-informed test taker.


    Tip - This is how tips are formatted. Keep your eyes open for these, and you’ll become a Security+ guru in no time!



    Note - This is how notes are formatted. Notes direct your attention to important pieces of information that relate to the CompTIA Security+ certification.


  • Exam prep questions—Although we talk about test questions and topics throughout this book, the section at the end of each chapter presents a series of mock test questions and explanations of both correct and incorrect answers.
  • Details and resources—Every chapter ends with a section that provides direct pointers to CompTIA and third-party resources that offer more information about the chapter’s subject. That section also tries to rank or at least rate the quality and thoroughness of the topic’s coverage by each resource. If you find a resource you like in that collection, you should use it; don’t feel compelled to use all the resources. On the other hand, we recommend only resources that we use on a regular basis, so none of our recommendations will be a waste of your time or money. (However, purchasing them all at once probably represents an expense that many network administrators and CompTIA certification candidates might find hard to justify.)

Although the bulk of this book follows this chapter structure just described, we want to point out a few other elements:

  • “Practice Exam 1” and “Practice Exam 2” and the answer explanations provide good reviews of the material presented throughout the book to ensure that you’re ready for the exam.
  • The Glossary defines important terms used in this book.
  • The tear-out Cram Sheet attached next to the inside front cover of this book represents a condensed collection of facts and tips that we think are essential for you to memorize before taking the test. Because you can dump this information out of your head onto a sheet of paper just before taking the exam, you can master this information by brute force; you need to remember it only long enough to write it down when you walk into the testing room. You might even want to look at it in the car or in the lobby of the testing center just before you walk in to take the exam.
  • The MeasureUp Practice Tests CD-ROM that comes with each Exam Cram and Exam Prep book features a powerful, state-of-the-art test engine that prepares you for the actual exam. MeasureUp Practice Tests are developed by certified IT professionals and are trusted by certification students around the world. For more information, visit http://www.measureup.com.

Exam Topics

Table I-1 lists the skills measured by the SY0-201 exam and the chapter in which the topic is discussed. Some topics are covered in other chapters, too.

Table I-1  CompTIA SY0-201 Exam Topics


Exam Topic

Chapter

Domain 1.0: Systems Security

Differentiate among various systems security threats.

1

Explain the security risks pertaining to system hardware and peripherals.

1

Implement OS hardening practices and procedures to achieve workstation and server security.

7

Carry out the appropriate procedures to establish application security.

2

Implement security applications.

4

Explain the purpose and application of virtualization technology.

4

Domain 2.0: Network Infrastructure

Differentiate between the different ports and protocols and their respective threats and mitigation techniques.

3

Distinguish between network design elements and components.

3

Determine the appropriate use of network security tools to facilitate network security.

3

Apply the appropriate network tools to facilitate network security.

4

Evaluate user systems and recommend appropriate settings to optimize performance.

4

Explain the vulnerabilities and mitigations associated with network devices.

2

Explain the vulnerabilities and mitigations associated with various transmission media.

2

Explain the vulnerabilities and implement mitigations associated with wireless networking.

6

Domain 3.0: Access Control

Identify and apply industry best practices for access control methods.

5

Explain common access control models and the differences between each.

5

Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges.

4

Apply appropriate security controls to file and print resources.

4

Compare and implement logical access control methods.

4

Summarize the various authentication models and identify the components of each.

5

Deploy various authentication models and identify the components of each.

6

Explain the difference between identification and authentication (identity proofing).

5

Explain and apply physical access security methods.

5

Domain 4.0: Assessments and Audits


Conduct risk assessments and implement risk mitigation.

7

Carry out vulnerability assessments using common tools.

7

Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning.

7

Domain 4.0: Assessments and Audits

Use monitoring tools on systems and networks and detect security-related anomalies.

8

Compare and contrast various types of monitoring methodologies.

8

Execute proper logging procedures and evaluate the results.

8

Conduct periodic audits of system security settings.

8

Domain 5.0: Cryptography

Explain general cryptography concepts.

9

Explain basic hashing concepts and map various algorithms to appropriate applications.

9

Explain basic encryption concepts and map various algorithms to appropriate applications.

9

Explain and implement protocols.

10

Explain core concepts of public key cryptography.

10

Implement PKI and certificate management.

10

Domain 6.0: Organizational Security

Explain redundancy planning and its components.

11

Implement disaster recovery procedures.

11

Differentiate between and execute appropriate incident response procedures.

12

Identify and explain applicable legislation and organizational policies.

12

Explain the importance of environmental controls.

12

Explain the concept of and how to reduce the risks of social engineering.

12

Given all the book’s elements and its specialized focus, we’ve tried to create a tool that will help you prepare for and pass CompTIA Security+ Exam SY0-201. Please share with us your feedback on this book, especially if you have ideas about how we can improve it for future test takers. Send your questions or comments about this book via email to feedback@quepublishing.com. We’ll consider everything you say carefully, and we’ll respond to all suggestions. For more information about this book and other Exam Cram titles, visit our website at http://www.informit.com/examcram.

Thanks for making this Exam Cram book a pivotal part of your certification study plan. Best of luck on becoming certified!

© Copyright Pearson Education. All rights reserved.

Read More Show Less

Customer Reviews

Average Rating 3.5
( 8 )
Rating Distribution

5 Star

(2)

4 Star

(3)

3 Star

(0)

2 Star

(2)

1 Star

(1)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 8 Customer Reviews
  • Anonymous

    Posted December 27, 2009

    Exam Cram for Security+:

    I didn't find this book all that useful. I have 29 years of IT experience and only took the Security+ exam because my employer required it. The book is probably very good for someone that is fairly new to the industry.

    Was this review helpful? Yes  No   Report this review
  • Posted November 11, 2009

    more from this reviewer

    Nice as an alternative study guide.

    Whenever obtaining certifications I always have two sources to learn from. One is the main study and the other is for things I may have missed and for the practice questions. This book is filled with many practice questions.

    Was this review helpful? Yes  No   Report this review
  • Posted September 19, 2009

    more from this reviewer

    Glad I purchased CompTia Secrity + and Exam Cram before my training

    I highly recommend this book for those preparing to attend Security + training and for those preparing to take the certification test. The content was extremely useful, well organized, and highly relevant. The thing that I really like was that is was easy to read. This book also provides good reference material for the novice or seasoned IT security professional.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted August 4, 2009

    Do not use this as primary source for study!

    I had this book memorized and was making 87-98% on the practice exams. I went to take the exam and only made 720, thereby not passing it, because there were questions NOT covered by this book. I highly recommend another study manual in addition to this one, that more fully covers the exam. I was very disappointed.

    Was this review helpful? Yes  No   Report this review
  • Posted May 26, 2009

    Security Plus

    Explains a lot about servers, and this is what I want to learn more about, and this book explains that and more. Would highly reccommend this book to anybody wanting to learn about servers.

    0 out of 1 people found this review helpful.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted November 9, 2009

    No text was provided for this review.

  • Anonymous

    Posted January 13, 2010

    No text was provided for this review.

  • Anonymous

    Posted November 4, 2010

    No text was provided for this review.

Sort by: Showing all of 8 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)