O'Reilly logo

A+, Network+, Security+ Exams in a Nutshell by Pawan K. Bhardwaj

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Areas of Study for Security+ Exam

General Security Concepts

  • Recognize and be able to differentiate and explain the following access control models:

    • MAC (Mandatory Access Control)

    • DAC (Discretionary Access Control)

    • RBAC (Role Based Access Control)

  • Recognize and be able to differentiate and explain the following methods of authentication:

    • Kerberos

    • CHAP (Challenge Handshake Authentication Protocol)

    • Certificates

    • Username/Password

    • Token

    • Multifactor

    • Mutual

    • Biometrics

  • Identify non-essential services and protocols, and know what actions to take to reduce the risks of those services and protocols.

  • Recognize the following attacks and specify the appropriate actions to take to mitigate vulnerability and risk:

    • DOS/DDOS (Denial of Service / Distributed Denial of Service)

    • Back door

    • Spoofing

    • Man in the Middle

    • Replay

    • TCP/IP hijacking

    • Weak keys

    • Mathematical

    • Social engineering

    • Birthday

    • Password guessing using brute force and the dictionary

    • Software exploitation

  • Recognize the following types of malicious code and specify appropriate actions to take to mitigate vulnerability and risk:

    • Viruses

    • Trojan horses

    • Logic bombs

    • Worms

  • Understand the concept of and know how to reduce the risks of social engineering.

  • Understand the concept and significance of auditing, logging, and system scanning.

Communication Security

  • Recognize and understand the administration of the following types of remote access technologies:

    • 802.1x

    • VPN (Virtual Private Network)

    • RADIUS (Remote Authentication Dial-In User Service)

    • TACACS (Terminal Access Controller Access Control ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required