Home > Store > Certification > CompTIA > Security+
CompTIA Security+ SY0-301 Authorized Practice Questions Exam Cram, 3rd Edition
- By Diane Barrett
- Published Dec 1, 2011 by Pearson IT Certification. Part of the Exam Cram series.
- Copyright 2013
- Dimensions: 6" x 9"
- Pages: 368
- Edition: 3rd
- eBook (Watermarked)
- ISBN-10: 0-13-280137-X
- ISBN-13: 978-0-13-280137-9
Register your product to gain access to bonus material or receive a coupon.
Product Author Bios
Diane M. Barrett is President of NextGard Technology LLC., which provides security education for businesses through training seminars, technical assistance, and consulting. She is co-author of CompTIA Security+ Exam Cram, Second Edition. Barrett belongs to the local chapters of several security user groups, including HTCIA and InfraGard. She was also a volunteer for ISSA's Generally Accepted Information Security Principles (GAISP)'s Ethical Practices Working Group. Barrett's 15 industry certifications include CISSP, ISSMP, and Security+.
CompTIA® Security+ SY0-301 Practice Questions Exam Cram, Third Edition, offers all the exam practice you’ll need to systematically prepare, identify and fix areas of weakness, and pass your exam the first time. This book complements any Security+ study plan with more than 800 practice test questions—all supported with complete explanations of every correct and incorrect answer—covering all Security+ exam objectives, including network security; compliance and operation security; threats and vulnerabilities; application, host and data security; access control and identity management; and cryptography.
This is the eBook version of the print title. Note that the eBook does not provide access to the CD-ROM content that accompanies the print book.
Limited Time Offer: Buy CompTIA Security+ SY0-301 Practice Questions Exam Cram and receive a 10% off discount code for the CompTIA Security+ SYO-301 exam. To receive your 10% off discount code visit your pearsonITcertification.com Account page, locate the product and click on “Access Bonus Content”.
Covers the critical information you’ll need to know to score higher on your Security+ exam!
- Features more than 800 questions that are organized according to the Security+ exam objectives, so you can easily assess your knowledge of each topic.
- Use our innovative Quick-Check Answer System™ to quickly find answers as you work your way through the questions.
- Each question includes detailed explanations!
- Our popular Cram Sheet, which includes tips, acronyms, and memory joggers, helps you review key facts before you enter the testing center.
Diane M. Barrett (MCSE, CISSP, Security+) is the director of training for Paraben Corporation and an adjunct professor for American Military University. She has done contract forensic and security assessment work for several years and has authored other security and forensic books. She is a regular committee member for ADFSL’s Conference on Digital Forensics, Security and Law, as well as an academy director for Advancement Solutions. She holds many industry certifications, including CISSP, ISSMP, DFCP, PCME, and Security+. Diane’s education includes a MS in Information Technology with a specialization in Information Security. She expects to complete a PhD in business administration with a specialization in Information Security shortly.
Table of Contents
Introduction . 5
Who This Book Is For 5
What You Will Find in This Book 5
Hints for Using This Book 6
Need Further Study? . 7
Chapter One Domain 1.0: Network Security 9
Practice Questions 10
Objective 1.1: Explain the security function and purpose of network devices and technologies 10
Objective 1.2: Apply and implement secure network administration principles . 16
Objective 1.3: Distinguish and differentiate network design elements and compounds . 23
Objective 1.4: Implement and use common protocols 32
Objective 1.5: Identify commonly used ports . 36
Objective 1.6: Implement wireless network in a secure manner 40
Quick-Check Answer Key 44
Objective 1.1: Explain the security function and purpose of network devices and technologies 44
Objective 1.2: Apply and implement secure network administration principles . 44
Objective 1.3: Distinguish and differentiate network design elements and compounds . 45
Objective 1.4: Implement and use common protocols 45
Objective 1.5: Identify commonly used ports . 46
Objective 1.6: Implement wireless network in a secure manner 46
Answers and Explanations 47
Objective 1.1: Explain the security function and purpose of network devices and technologies 47
Objective 1.2: Apply and implement secure network administration principles . 52
Objective 1.3: Distinguish and differentiate network design elements and compounds 58
Objective 1.4: Implement and use common protocols 65
Objective 1.5: Identify commonly used ports . 70
Objective 1.6: Implement wireless network in a secure manner 71
Chapter Two Domain 2.0: Compliance and Operational Security . 75
Practice Questions 76
Objective 2.1: Explain risk related concepts. 76
Objective 2.2: Carry out appropriate risk mitigation strategies . 83
Objective 2.3: Execute appropriate incident response procedures . 85
Objective 2.4: Explain the importance of security related awareness and training . 87
Objective 2.5: Compare and contrast aspects of business continuity 92
Objective 2.6: Explain the impact and proper use of environmental controls . 94
Objective 2.7: Execute disaster recovery plans and procedures . 98
Objective 2.8: Exemplify the concepts of confidentiality, integrity, and availability. 105
Quick-Check Answer Key . 108
Objective 2.1: Explain risk related concepts . 108
Objective 2.2: Carry out appropriate risk mitigation strategies 108
Objective 2.3: Execute appropriate incident response procedures 108
Objective 2.4: Explain the importance of security related awareness and training 109
Objective 2.5: Compare and contrast aspects of business continuity . 109
Objective 2.6: Explain the impact and proper use of environmental controls. . 109
Objective 2.7: Execute disaster recovery plans and procedures 110
Objective 2.8: Exemplify the concepts of confidentiality, integrity, and availability. 110
Answers and Explanations . 111
Objective 2.1: Explain risk related concepts . 111
Objective 2.2: Carry out appropriate risk mitigation strategies 117
Objective 2.3: Execute appropriate incident response procedures 118
Objective 2.4: Explain the importance of security related awareness and training 120
Objective 2.5: Compare and contrast aspects of business continuity . 123
Objective 2.6: Explain the impact and proper use of environmental controls. . 125
Objective 2.7: Execute disaster recovery plans and procedures 128
Objective 2.8: Exemplify the concepts of confidentiality, integrity, and availability. 133
Chapter Three Domain 3.0: Threats and Vulnerabilities . 135
Practice Questions . 136
Objective 3.1: Analyze and differentiate among types of malware. 136
Objective 3.2: Analyze and differentiate among types of attacks 144
Objective 3.3: Analyze and differentiate among types of social engineering attacks 154
Objective 3.4: Analyze and differentiate among types of wireless attacks. 156
Objective 3.5: Analyze and differentiate among types of application attacks 160
CompTIA Security+ SY0-301 Practice Questions Exam Cram
Objective 3.6: Analyze and differentiate among types of mitigation and deterrent techniques. 165
Objective 3.7: Implement assessment tools and techniques to discover security threats and vulnerabilities 174
Objective 3.8: Within the realm of vulnerability assessments, explain the proper use of penetration testing versus
vulnerability scanning . 177
Quick-Check Answer Key . 180
Objective 3.1: Analyze and differentiate among types of malware. 180
Objective 3.2: Analyze and differentiate among types of attacks. . 180
Objective 3.3: Analyze and differentiate among types of social engineering attacks 181
Objective 3.4: Analyze and differentiate among types of wireless attacks. 181
Objective 3.5: Analyze and differentiate among types of application attacks 181
Objective 3.6: Analyze and differentiate among types of mitigation and deterrent techniques. 182
Objective 3.7: Implement assessment tools and techniques to discover security threats and vulnerabilities 182
Objective 3.8: Within the realm of vulnerability assessments, explain the proper use of penetration testing versus
vulnerability scanning. 183
Answers and Explanations . 184
Objective 3.1: Analyze and differentiate among types of malware 184
Objective 3.2: Analyze and differentiate among types of attacks. . 191
Objective 3.3: Analyze and differentiate among types of social engineering attacks . 200
Objective 3.4: Analyze and differentiate among types of wireless attacks 202
Objective 3.5: Analyze and differentiate among types of application attacks. . 206
Objective 3.6: Analyze and differentiate among types of mitigation and deterrent techniques 210
Objective 3.7: Implement assessment tools and techniques to discover security threats and vulnerabilities 216
Objective 3.8: Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning. 219
Chapter Four Domain 4.0: Application, Data, and Host Security . 223
Practice Questions . 224
Objective 4.1: Explain the importance of application security . 224
Objective 4.2: Carry out appropriate procedures to establish host security. 232
Objective 4.3: Explain the importance of data security 239
Quick-Check Answer Key . 248
Objective 4.1: Explain the importance of application security . 248
Objective 4.2: Carry out appropriate procedures to establish host security. 248
Objective 4.3: Explain the importance of data security 249
Answers and Explanations . 250
Objective 4.1: Explain the importance of application security . 250
Objective 4.2: Carry out appropriate procedures to establish host security . 257
Objective 4.3: Explain the importance of data security 262
Chapter Five Domain 5.0: Access Control and Identity Management . 269
Practice Questions . 270
Objective 5.1: Explain the function and purpose of authentication services 270
Objective 5.2: Explain the fundamental concepts and best practices related to authorization and access control . 275
Objective 5.3: Implement appropriate security controls when performing account management 285
Quick-Check Answer Key . 293
Objective 5.1: Explain the function and purpose of authentication services 293
Objective 5.2: Explain the fundamental concepts and best practices related to authorization and access control . 293
Objective 5.3: Implement appropriate security controls when performing account management . 294
Answers and Explanations . 295
Objective 5.1: Explain the function and purpose of authentication services 295
Objective 5.2: Explain the fundamental concepts and best practices related to authorization and access control . 299
Objective 5.3: Implement appropriate security controls when performing account management 309
Chapter Six Domain 6.0: Cryptography . 317
Practice Questions . 318
Objective 6.1: Summarize general cryptography concepts . 318
Objective 6.2: Use and apply appropriate cryptographic tools and products 323
Objective 6.3: Explain core concepts of public key infrastructure 329
Objective 6.4: Implement PKI, certificate management, and associated components 333
Quick-Check Answer Key . 338
Objective 6.1: Summarize general cryptography concepts . 338
Objective 6.2: Use and apply appropriate cryptographic tools and products 338
Objective 6.3: Explain core concepts of public key infrastructure 339
Objective 6.4: Implement PKI, certificate management, and associated components 339
Answers and Explanations . 340
Objective 6.1: Summarize general cryptography concepts . 340
Objective 6.2: Use and apply appropriate cryptographic tools and products 343
Objective 6.3: Explain core concepts of public key infrastructure 348
Objective 6.4: Implement PKI, certificate management, and associated components 351
9780789748287, TOC, 11/09/2011
eBook (Watermarked)
$27.99
$22.39
Includes EPUB, MOBI, and PDF
About eBook Formats
This eBook includes the following formats, accessible from your Account page after purchase:
EPUBThe open industry format known for its reflowable content and usability on supported mobile devices.
MOBIThe eBook format compatible with the Amazon Kindle and Amazon Kindle applications.
PDFThe popular standard, used most often with the free Adobe® Reader® software.
This eBook requires no passwords or activation to read. We customize your eBook by discretely watermarking it with your name, making it uniquely yours.
Also available in other formats.
Get access to thousands of books and training videos about technology, professional development and digital media from more than 40 leading publishers, including Addison-Wesley, Prentice Hall, Cisco Press, IBM Press, O'Reilly Media, Wrox, Apress, and many more. If you continue your subscription after your 30-day trial, you can receive 30% off a monthly subscription to the Safari Library for up to 12 months. That's a total savings of $199.
