CompTIA Security+ Study Guide: Exam SY0-301

( 6 )


The preparation you need for the new CompTIA Security+ exam SY0-301

This top-selling study guide helps candidates prepare for exam SY0-301 and certification as a CompTIA Security+ administrator. Inside the new, CompTIA Authorized edition, you'll find complete coverage of all Security+ exam objectives, loads of real-world examples, and a CD packed with cutting-edge exam prep tools. The book covers key exam topics such as general security ...

See more details below
Paperback (Study Guid)
$38.91 price
(Save 22%)$49.99 List Price

Pick Up In Store

Reserve and pick up in 60 minutes at your local store

Other sellers (Paperback)
  • All (18) from $1.99   
  • New (4) from $5.99   
  • Used (14) from $1.99   
Sending request ...


The preparation you need for the new CompTIA Security+ exam SY0-301

This top-selling study guide helps candidates prepare for exam SY0-301 and certification as a CompTIA Security+ administrator. Inside the new, CompTIA Authorized edition, you'll find complete coverage of all Security+ exam objectives, loads of real-world examples, and a CD packed with cutting-edge exam prep tools. The book covers key exam topics such as general security concepts, infrastructure security, the basics of cryptography, and much more.

  • Provides 100% coverage of all exam objectives for the new CompTIA Security+ exam SY0-301 including:
    • Network security
    • Compliance and operational security
    • Threats and vulnerabilities
    • Application, data and host security
    • Access control and identity management
    • Cryptography
  • Covers key topics such as general security concepts, communication and infrastructure security, the basics of cryptography, operational security, and more
  • Offers practical examples and insights drawn from the real world
  • Includes a CD with two practice exams, all chapter review questions, electronic flashcards, and more

Obtain your Security+ certification and jump-start your career. It's possible with the kind of thorough preparation you'll receive from CompTIA Security+ Study Guide, 5th Edition.

Read More Show Less

Product Details

  • ISBN-13: 9781118014738
  • Publisher: Wiley
  • Publication date: 6/28/2011
  • Edition description: Study Guid
  • Edition number: 5
  • Pages: 696
  • Sales rank: 521,161
  • Product dimensions: 7.40 (w) x 9.20 (h) x 1.70 (d)

Meet the Author

Emmett Dulaney is an associate professor at Anderson University. He has written several certification books on Windows, Security, IT project management, and UNIX, and is coauthor of two of Sybex's leading certification titles: CompTIA Security+ Study Guide and CompTIA A+ Complete Study Guide. He is also a well-known certification columnist for Redmond magazine and

Read More Show Less

Table of Contents

Foreword xxv

Introduction xxix

Assessment Test l

Chapter 1 Measuring and Weighing Risk 1

Risk Assessment 2

Computing Risk Assessment 3

Acting on Your Risk Assessment 5

Risks Associated with Cloud Computing 7

Risks Associated with Virtualization 8

Developing Policies, Standards, and Guidelines 9

Implementing Policies 9

Incorporating Standards 10

Following Guidelines 11

Business Policies 12

Understanding Control Types, False Positives, and Change andIncident Management 16

Summary 18

Exam Essentials 19

Review Questions 20

Answers to Review Questions 24

Chapter 2 Infrastructure and Connectivity 27

Mastering TCP/IP 29

Working with the TCP/IP Suite 30

IPv4 vs. IPv6 33

Understanding Encapsulation 34

Working with Protocols and Services 35

Distinguishing between Security Topologies 41

Setting Design Goals 41

Creating Security Zones 43

Working with Newer Technologies 48

Working with Business Requirements 53

Understanding Infrastructure Security 53

Working with Hardware Components 53

Working with Software Components 55

Understanding the Different Network Infrastructure Devices56

Firewalls 56

Hubs 61

Modems 62

Remote Access Services 62

Routers 63

Switches 65

Load Balancers 66

Telecom/PBX Systems 66

Virtual Private Networks 68

Web Security Gateway 69

Spam Filters 69

Understanding Remote Access 70

Using Point-to-Point Protocol 70

Working with Tunneling Protocols 71

Summary 72

Exam Essentials 73

Review Questions 74

Answers to Review Questions 78

Chapter 3 Protecting Networks 81

Monitoring and Diagnosing Networks 83

Network Monitors 83

Intrusion Detection Systems 84

Understanding Intrusion Detection Systems 85

Working with a Network-Based IDS 89

Working with a Host-Based IDS 93

Working with NIPS 95

Utilizing Honeypots 96

Understanding Protocol Analyzers 97

Securing Workstations and Servers 98

Securing Internet Connections 100

Working with Ports and Sockets 101

Working with Email 102

Working with the Web 103

Working with File Transfer Protocol 108

Understanding Network Protocols 110

Summary 112

Exam Essentials 112

Review Questions 114

Answers to Review Questions 118

Chapter 4 Threats and Vulnerabilities 121

Understanding Software Exploitation 123

Surviving Malicious Code 131

Viruses 132

Trojan Horses 139

Logic Bombs 140

Worms 140

Antivirus Software 141

Calculating Attack Strategies 143

Understanding Access Attack Types 144

Recognizing Modification and Repudiation Attacks 146

Identifying Denial-of-Service and Distributed Denial-of-ServiceAttacks 147

Recognizing Botnets 149

Recognizing Common Attacks 150

Backdoor Attacks 150

Spoofing Attacks 151

Pharming Attacks 152

Phishing and Spear Phishing Attacks 152

Man-in-the-Middle Attacks 153

Replay Attacks 154

Password-Guessing Attacks 154

Privilege Escalation 155

Identifying TCP/IP Security Concerns 160

Recognizing TCP/IP Attacks 160

Summary 166

Exam Essentials 167

Review Questions 169

Answers to Review Questions 173

Chapter 5 Access Control and Identity Management 175

Access Control Basics 177

Identification vs. Authentication 177

Authentication (Single Factor) and Authorization 178

Multifactor Authentication 178

Operational Security 180

Tokens 180

Potential Authentication and Access Problems 181

Authentication Issues to Consider 182

Understanding Remote Access Connectivity 184

Using the Point-to-Point Protocol 184

Working with Tunneling Protocols 185

Working with RADIUS 186


VLAN Management 187

Understanding Authentication Services 189

LDAP 189

Kerberos 189

Single Sign-On Initiatives 189

Understanding Access Control 191

Mandatory Access Control 192

Discretionary Access Control 192

Role-Based Access Control 193

Rule-Based Access Control 193

Implementing Access Control Best Practices 193

Smart Cards 193

Access Control Lists 195

Trusted OS 196

Secure Router Configuration 197

Summary 198

Exam Essentials 198

Review Questions 200

Answers to Review Questions 204

Chapter 6 Educating and Protecting the User 207

Understanding Security Awareness and Training 209

Communicating with Users to Raise Awareness 210

Providing Education and Training 210

Training Topics 211

Classifying Information 217

Public Information 218

Private Information 219

Information Access Controls 221

Complying with Privacy and Security Regulations 226

The Health Insurance Portability and Accountability Act 226

The Gramm-Leach-Bliley Act 227

The Computer Fraud and Abuse Act 227

The Family Educational Rights and Privacy Act 228

The Computer Security Act of 1987 228

The Cyberspace Electronic Security Act 228

The Cyber Security Enhancement Act 229

The Patriot Act 229

Familiarizing Yourself with International Efforts 229

Understanding Social Engineering 230

Types of Social Engineering Attacks 231

What Motivates an Attack? 233

Social Engineering Attack Examples 233

Summary 237

Exam Essentials 237

Review Questions 239

Answers to Review Questions 243

Chapter 7 Operating System and Application Security245

Hardening the Operating System 247

The Basics of OS Hardening 247

Hardening Filesystems 253

Updating Your Operating System 255

Application Hardening 256

Fuzzing 256

Cross-Site Request Forgery 257

Application Configuration Baselining 257

Application Patch Management 257

Making Your Network More Secure Through Hardening 258

Working with Data Repositories 264

Directory Services 264

Databases and Technologies 266

Injection Problems 267

SQL Injection 267

LDAP Injection 268

XML Injection 268

Directory Traversal/Command Injection 269

Host Security 269

Antimalware 269

Host Software Baselining 274

Mobile Devices 275

Best Practices for Security 276

URL Filtering 276

Content Inspection 277

Malware Inspection 278

Data Loss Prevention 280

Data Encryption 280

Hardware-Based Encryption Devices 281

Attack Types to Be Aware Of 282

Session Hijacking 282

Header Manipulation 282

Summary 283

Exam Essentials 284

Review Questions 285

Answers to Review Questions 289

Chapter 8 Cryptography Basics 291

An Overview of Cryptography 293

Understanding Non-mathematical Cryptography 293

Understanding Mathematical Cryptography 296

Working with Passwords 298

Understanding Quantum Cryptography 299

Uncovering the Myth of Unbreakable Codes 300

Understanding Cryptographic Algorithms 302

The Science of Hashing 302

Working with Symmetric Algorithms 304

Working with Asymmetric Algorithms 307

Wi-Fi Encryption 309

Using Cryptographic Systems 309

Confidentiality 310

Integrity 310

Digital Signatures 311

Authentication 312

Non-repudiation 314

Access Control 314

Key Features 315

Understanding Cryptography Standards and Protocols 315

The Origins of Encryption Standards 316

Public-Key Infrastructure X.509/Public-Key CryptographyStandards 320

X.509 321

SSL and TLS 321

Certificate Management Protocols 323

Secure Multipurpose Internet Mail Extensions 323

Secure Electronic Transaction 324

Secure Shell 325

Pretty Good Privacy 325

HTTP Secure 327

Secure HTTP 327

IP Security 327

Tunneling Protocols 330

Federal Information Processing Standard 330

Summary 331

Exam Essentials 331

Review Questions 333

Answers to Review Questions 337

Chapter 9 Cryptography Implementation 339

Using Public Key Infrastructure 340

Using a Certificate Authority 341

Working with Registration Authorities and Local RegistrationAuthorities 342

Implementing Certificates 344

Understanding Certificate Revocation 347

Implementing Trust Models 348

Preparing for Cryptographic Attacks 355

Ways to Attack Cryptographic Systems 356

Three Types of Cryptographic Attacks 357

Understanding Key Management and the Key Life Cycle 358

Methods for Key Generation 359

Storing and Distributing Keys 361

Using Key Escrow 363

Identifying Key Expiration 364

Revoking Keys 364

Suspending Keys 364

Recovering and Archiving Keys 365

Renewing Keys 366

Destroying Keys 367

Identifying Key Usage 368

Summary 368

Exam Essentials 369

Review Questions 370

Answers to Review Questions 374

Chapter 10 Physical and Hardware-Based Security 375

Implementing Access Control 376

Physical Barriers 376

Security Zones 382

Partitioning 384

Biometrics 386

Maintaining Environmental and Power Controls 386

Environmental Monitoring 387

Power Systems 388

EMI Shielding 389

Hot and Cold Aisles 391

Fire Suppression 392

Fire Extinguishers 392

Fixed Systems 393

Summary 394

Exam Essentials 394

Review Questions 395

Answers to Review Questions 399

Chapter 11 Security and Vulnerability in the Network401

Network Security Threats 403

Penetration Testing 404

Vulnerability Scanning 405

Ethical Hacking 407

Assessment Types and Techniques 408

Secure Network Administration Principles 409

Rule-Based Management 410

Port Security 410

Working with 802.1X 411

Flood Guards and Loop Protection 411

Preventing Network Bridging 411

Log Analysis 412

Mitigation and Deterrent Techniques 412

Manual Bypassing of Electronic Controls 412

Monitoring System Logs 413

Security Posture 419

Reporting 420

Detection/Prevention Controls 420

Summary 421

Exam Essentials 421

Review Questions 422

Answers to Review Questions 426

Chapter 12 Wireless Networking Security 429

Working with Wireless Systems 430

IEEE 802.11x Wireless Protocols 430


Wireless Transport Layer Security 434

Understanding Mobile Devices 435

Wireless Access Points 436

Extensible Authentication Protocol 441

Lightweight Extensible Authentication Protocol 442

Protected Extensible Authentication Protocol 443

Wireless Vulnerabilities to Know 443

Summary 448

Exam Essentials 448

Review Questions 450

Answers to Review Questions 454

Chapter 13 Disaster Recovery and Incident Response455

Understanding Business Continuity 456

Undertaking Business Impact Analysis 457

Utilities 458

High Availability 460

Disaster Recovery 464

Incident Response Policies 479

Understanding Incident Response 480

Succession Planning 487

Reinforcing Vendor Support 487

Service-Level Agreements 487

Code Escrow Agreements 489

Summary 490

Exam Essentials 491

Review Questions 492

Answers to Review Questions 496

Chapter 14 Security-Related Policies and Procedures 499

Policies You Must Have 500

Data Loss/Theft Policies 500

Least Privilege 501

Separation of Duties 502

Time of Day Restrictions 502

Mandatory Vacations and Job Rotation 504

Policies You Should Have 504

Human Resource Policies 504

Certificate Policies 508

Security Controls for Account Management 510

User and Group Role Management 510

Users with Multiple Accounts/Roles 512

Auditing 512

Account Policy Enforcement 519

Summary 521

Exam Essentials 522

Review Questions 523

Answers to Review Questions 527

Chapter 15 Security Administration 529

Security Administrator’s Troubleshooting Guide 530

Getting Started 531

Creating a Home Lab 531

In the Workplace 532

Which OS Should You Use? 533

Creating a Security Solution 533

Access Control Issues 534

Accountability Concerns 534

Auditing 535

Authentication Schemes 536

Authentication Factors 536

Mutual Authentication 537

Authentication Protection 538

Backup Management 538

Baselining Security 539

Certificate Management 540

Communications Security 541

Preauthentication 541

Remote Control/Remote Shell 542

Virtual Private Networks 543

Directory Services Protection 543

Disaster Planning 544

Documenting Your Environment 545

Email Issues 545

File-Sharing Basics 547

Working with IDSs and Honey Pots 548

Incident Handling 548

Internet Common Sense 549

Key Management Conventions 550

Preventing Common Malicious Events 551

Constructing a Line of Defense 552

Types of Attacks 553

Antivirus Protection 554

Making Stronger Passwords 555

Managing Personnel 557

Keeping Physical Security Meaningful 558

Securing the Infrastructure 560

Working with Security Zones 562

Social Engineering Risks 562

System Hardening Basics 563

Securing the Wireless Environment 565

Summary 566

Appendix A About the Companion CD 567

What You’ll Find on the CD 568

Sybex Test Engine 568

Electronic Flashcards 568

PDF of the Glossary 568

System Requirements 569

Using the CD 569

Troubleshooting 570

Customer Care 570

Glossary 571

Index 613

Read More Show Less

Customer Reviews

Average Rating 3.5
( 6 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 6 Customer Reviews
  • Anonymous

    Posted August 9, 2011

    New & improved but NO MORE .PDF copy on CD!!!

    Not a bad guide but structure still needs work. Last version included entire book on CD (great for review and quick searches on PC) and at the same time, allowing you to make notes in hard cop text. New CD has only practice tests and glossary!

    1 out of 1 people found this review helpful.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted July 12, 2011

    No text was provided for this review.

  • Anonymous

    Posted January 25, 2012

    No text was provided for this review.

  • Anonymous

    Posted June 21, 2011

    No text was provided for this review.

  • Anonymous

    Posted April 11, 2014

    No text was provided for this review.

  • Anonymous

    Posted August 1, 2013

    No text was provided for this review.

Sort by: Showing all of 6 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)