Read an Excerpt
Welcome to CompTIA Security+ Exam Cram, Second Edition. Whether this book is your first or your fifteenth Exam Cram series book, you’ll find information here that will help ensure your success as you pursue knowledge, experience, and certification. This book aims to help you get ready to take and pass the CompTIA Security+ exam, number SY0-201.
This introduction explains CompTIA’s certification programs in general and talks about how the Exam Cram series can help you prepare for CompTIA’s latest certification exams. Chapters 1 through 12 are designed to remind you of everything you need to know to pass the SY0-201 certification exam. The two practice exams at the end of this book should give you a reasonably accurate assessment of your knowledge; and, yes, we’ve provided the answers and their explanations for these practice exams. Read this book, understand the material, and you’ll stand a very good chance of passing the real test.
Exam Cram books help you understand and appreciate the subjects and materials you need to know to pass CompTIA certification exams. Exam Cram books are aimed strictly at test preparation and review. They do not teach you everything you need to know about a subject. Instead, the authors streamline and highlight the pertinent information by presenting and dissecting the questions and problems they’ve discovered that you’re likely to encounter on a CompTIA test.
Nevertheless, to completely prepare yourself for any CompTIA test, we recommend that you begin by taking the “Self-Assessment” that immediately follows this introduction. Theself-assessment tool will help you evaluate your knowledge base against the requirements for the CompTIA Security+ exam under both ideal and real circumstances. This can also be the first step in earning more advanced security certifications.
Based on what you learn from the self-assessment, you might decide to begin your studies with classroom training or some background reading. On the other hand, you might decide to pick up and read one of the many study guides available from Que or a third-party vendor.
We also strongly recommend that you spend some time installing, configuring, and working with both Windows and UNIX or Linux operating systems to patch and maintain them for the best and most current security possible because the Security+ exam focuses on such activities and the knowledge and skills they can provide for you. Nothing beats hands-on experience and familiarity when it comes to understanding the questions you’re likely to encounter on a certification test. Book learning is essential, but without doubt, hands-on experience is the best teacher of all!The CompTIA Certification Program
The Computing Technology Industry Association (http://www.comptia.org) offers numerous IT certifications, primarily aimed at entry- and intermediate-level IT professionals. Here is a list of some other relevant CompTIA certifications, briefly annotated to document their possible relevance to Security+:
- A+: An exam that tests basic PC hardware and software installation, configuration, diagnosing, preventive maintenance, and basic networking. This two-part exam also covers security, safety, environmental issues, communication, and professionalism. This exam is an excellent prequalifier for those interested in Security+ who might have little or no PC or computing skills or knowledge. For more information about this exam, see http://certification.comptia.org/a/default.aspx.
- Network+: An exam that tests basic and intermediate networking skills and knowledge, including hardware, drivers, protocols, and troubleshooting topics. This exam is an excellent prequalifier for those interested in Security+ who have little or no networking skills or knowledge. For more information about this exam, go to http://certification.comptia.org/network/default.aspx.
- Server+: An exam that tests server knowledge and capabilities, including RAID, SCSI, multiple CPUs, and disaster recovery. This exam is an excellent prequalifier for those interested in Security+ who have little or no server environment skills or knowledge. For more information about this exam, go to http://certification.comptia.org/server/default.aspx.
- Linux+: An exam that tests knowledge and management of Linux systems via command line, user administration, file permissions, software configurations, Linux-based clients, server systems, and security. For more information about this exam, go to http://certification.comptia.org/linux/default.aspx.
The CompTIA exams are all vendor- and platform-neutral, which means they primarily test general skills and knowledge, instead of focusing on vendor or product specifics. Therefore, they offer certification candidates a chance to demonstrate necessary general abilities relevant in most workplaces. (This explains why employers generally look at CompTIA certifications favorably.)
Because CompTIA changes their website often, the URLs listed above might not work in the future. You should use the Search tool on CompTIA’s site to find more information about a particular certification. Taking a Certification Exam
After you prepare for your exam, you need to register with a testing center. At the time of this writing, the cost to take the Security+ exam is $258 for individuals. CompTIA Corporate Members receive discounts on nonmember pricing. For more information about these discounts, a local CompTIA sales representative can provide answers to any questions you might have. If you don’t pass, you can take the exam again for the same cost as the first attempt, for each attempt until you pass. In the United States and Canada, tests are administered by Prometric or VUE. Here’s how you can contact them:
- Prometric—You can sign up for a test through the company’s website, http://securereg3.prometric.com/. Within the United States and Canada, you can register by phone at 800-755-3926. If you live outside this region, check the Prometric website for the appropriate phone number.
- Pearson VUE—You can contact Virtual University Enterprises (VUE) to locate a nearby testing center that administers the test and to make an appointment. You can find the sign-up web page for the exam itself at http://www.vue.com/comptia/. You can also use this web page (click the Contact button, click the View Telephone Directory by Sponsor link, and then click CompTIA) to obtain a telephone number for the company (in case you can’t or don’t want to sign up for the exam on the web page).
To sign up for a test, you must possess a valid credit card or contact either Prometric or Vue for mailing instructions to send a check (in the United States). Only after payment has been verified, or a check has cleared, can you actually register for a test.
To schedule an exam, you need to call the appropriate phone number or visit the Prometric or Vue website at least one day in advance. To cancel or reschedule an exam in the United States or Canada, you must call before 3 p.m. Eastern time the day before the scheduled test time (or you might be charged, even if you don’t show up to take the test). When you want to schedule a test, you should have the following information ready:
- Your name, organization, and mailing address.
- Your CompTIA test ID. (In the United States, this means your Social Security number; citizens of other countries should call ahead to find out what type of identification number is required to register for a test.)
- The name and number of the exam you want to take.
- A payment method. (As mentioned previously, a credit card is the most convenient method; alternative means can be arranged in advance, if necessary.)
After you sign up for a test, you are told when and where the test is scheduled. You should arrive at least 15 minutes early. To be admitted into the testing room, you must supply two forms of identification, one of which must be a photo ID.Tracking Certification Status
After you pass the exam, you are certified. Official certification is normally granted after six to eight weeks, so you shouldn’t expect to get your credentials overnight. The package for official certification that arrives includes a Welcome Kit that contains a number of elements. (See CompTIA’s website for other benefits of specific certifications.)
- A certificate suitable for framing, along with a wallet card.
- A license to use the related certification logo, which means you can use the logo in advertisements, promotions, and documents, and on letterhead, business cards, and so on. Along with the license comes a logo sheet, which includes camera-ready artwork. (Note that before you use any of the artwork, you must sign and return a licensing agreement that indicates you’ll abide by its terms and conditions.)
Many people believe that the benefits of certification go well beyond the perks that CompTIA provides to new members of this elite group. We’re starting to see more job listings that request or require applicants to have CompTIA and other related certifications, and many individuals who complete CompTIA certification programs can qualify for increases in pay and responsibility. As an official recognition of hard work and broad knowledge, a certification credential is a badge of honor in many IT organizations.About This Book
We’ve structured the topics in this book to build on one another. Therefore, some topics in later chapters make the most sense after you’ve read earlier chapters. That’s why we suggest that you read this book from front to back for your initial test preparation. If you need to brush up on a topic or if you have to bone up for a second try, you can use the index or table of contents to go straight to the topics and questions that you need to study. Beyond helping you prepare for the test, we think you’ll find this book useful as a tightly focused reference to some of the most important aspects of the Security+ certification.Chapter Format and Conventions
Each topical Exam Cram chapter follows a regular structure and contains graphical cues about important or useful information. Here’s the structure of a typical chapter:
- Opening hotlists—Each chapter begins with a list of the terms, tools, and techniques that you must learn and understand before you can be fully conversant with that chapter’s subject matter. The hotlists are followed with one or two introductory paragraphs to set the stage for the rest of the chapter.
- Topical coverage—After the opening hotlists and introductory text, each chapter covers a series of topics related to the chapter’s subject. Throughout that section, we highlight topics or concepts that are likely to appear on a test, using a special element called an Exam Alert:
Warning - This is what an alert looks like. Normally, an alert stresses concepts, terms, software, or activities that are likely to relate to one or more certification test questions. For that reason, we think any information in an alert is worthy of extra attentiveness on your part.
Pay close attention to material flagged in Exam Alerts; although all the information in this book pertains to what you need to know to pass the exam, Exam Alerts contain information that is really important. Of course, you need to understand the “meat” of each chapter, too, when preparing for the test. Because this book’s material is condensed, we recommend that you use this book along with other resources to achieve the maximum benefit.
In addition to the alerts, we provide tips and notes to help you build a better foundation for security knowledge. Although the tip information might not be on the exam, it is certainly related and will help you become a better-informed test taker.
Tip - This is how tips are formatted. Keep your eyes open for these, and you’ll become a Security+ guru in no time!
Note - This is how notes are formatted. Notes direct your attention to important pieces of information that relate to the CompTIA Security+ certification.
- Exam prep questions—Although we talk about test questions and topics throughout this book, the section at the end of each chapter presents a series of mock test questions and explanations of both correct and incorrect answers.
- Details and resources—Every chapter ends with a section that provides direct pointers to CompTIA and third-party resources that offer more information about the chapter’s subject. That section also tries to rank or at least rate the quality and thoroughness of the topic’s coverage by each resource. If you find a resource you like in that collection, you should use it; don’t feel compelled to use all the resources. On the other hand, we recommend only resources that we use on a regular basis, so none of our recommendations will be a waste of your time or money. (However, purchasing them all at once probably represents an expense that many network administrators and CompTIA certification candidates might find hard to justify.)
Although the bulk of this book follows this chapter structure just described, we want to point out a few other elements:
- “Practice Exam 1” and “Practice Exam 2” and the answer explanations provide good reviews of the material presented throughout the book to ensure that you’re ready for the exam.
- The Glossary defines important terms used in this book.
- The tear-out Cram Sheet attached next to the inside front cover of this book represents a condensed collection of facts and tips that we think are essential for you to memorize before taking the test. Because you can dump this information out of your head onto a sheet of paper just before taking the exam, you can master this information by brute force; you need to remember it only long enough to write it down when you walk into the testing room. You might even want to look at it in the car or in the lobby of the testing center just before you walk in to take the exam.
- The MeasureUp Practice Tests CD-ROM that comes with each Exam Cram and Exam Prep book features a powerful, state-of-the-art test engine that prepares you for the actual exam. MeasureUp Practice Tests are developed by certified IT professionals and are trusted by certification students around the world. For more information, visit http://www.measureup.com.
Table I-1 lists the skills measured by the SY0-201 exam and the chapter in which the topic is discussed. Some topics are covered in other chapters, too.Table I-1 CompTIA SY0-201 Exam Topics
Domain 1.0: Systems Security
Differentiate among various systems security threats.
Explain the security risks pertaining to system hardware and peripherals.
Implement OS hardening practices and procedures to achieve workstation and server security.
Carry out the appropriate procedures to establish application security.
Implement security applications.
Explain the purpose and application of virtualization technology.
Domain 2.0: Network Infrastructure
Differentiate between the different ports and protocols and their respective threats and mitigation techniques.
Distinguish between network design elements and components.
Determine the appropriate use of network security tools to facilitate network security.
Apply the appropriate network tools to facilitate network security.
Evaluate user systems and recommend appropriate settings to optimize performance.
Explain the vulnerabilities and mitigations associated with network devices.
Explain the vulnerabilities and mitigations associated with various transmission media.
Explain the vulnerabilities and implement mitigations associated with wireless networking.
Domain 3.0: Access Control
Identify and apply industry best practices for access control methods.
Explain common access control models and the differences between each.
Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges.
Apply appropriate security controls to file and print resources.
Compare and implement logical access control methods.
Summarize the various authentication models and identify the components of each.
Deploy various authentication models and identify the components of each.
Explain the difference between identification and authentication (identity proofing).
Explain and apply physical access security methods.
Domain 4.0: Assessments and Audits
Conduct risk assessments and implement risk mitigation.
Carry out vulnerability assessments using common tools.
Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning.
Domain 4.0: Assessments and Audits
Use monitoring tools on systems and networks and detect security-related anomalies.
Compare and contrast various types of monitoring methodologies.
Execute proper logging procedures and evaluate the results.
Conduct periodic audits of system security settings.
Domain 5.0: Cryptography
Explain general cryptography concepts.
Explain basic hashing concepts and map various algorithms to appropriate applications.
Explain basic encryption concepts and map various algorithms to appropriate applications.
Explain and implement protocols.
Explain core concepts of public key cryptography.
Implement PKI and certificate management.
Domain 6.0: Organizational Security
Explain redundancy planning and its components.
Implement disaster recovery procedures.
Differentiate between and execute appropriate incident response procedures.
Identify and explain applicable legislation and organizational policies.
Explain the importance of environmental controls.
Explain the concept of and how to reduce the risks of social engineering.
Given all the book’s elements and its specialized focus, we’ve tried to create a tool that will help you prepare for and pass CompTIA Security+ Exam SY0-201. Please share with us your feedback on this book, especially if you have ideas about how we can improve it for future test takers. Send your questions or comments about this book via email to firstname.lastname@example.org. We’ll consider everything you say carefully, and we’ll respond to all suggestions. For more information about this book and other Exam Cram titles, visit our website at http://www.informit.com/examcram.
Thanks for making this Exam Cram book a pivotal part of your certification study plan. Best of luck on becoming certified!
© Copyright Pearson Education. All rights reserved.