CompTIA® Security+™ Rapid Review (Exam SY0-301)

Book description

Assess your readiness for CompTIA Security+ Exam SY0-301—and quickly identify where you need to focus and practice. This practical, streamlined guide walks you through each exam objective, providing "need-to-know" checklists, review questions, tips, and links to further study—all designed to help bolster your preparation.

Reinforce your exam prep with a Rapid Review of these objectives:

  • Network security

  • Compliance and operational security

  • Threats and vulnerabilities

  • Application, data and host security

  • Access control and identity management

  • Cryptography

  • This book is an ideal complement to the in-depth training of the Microsoft Press Training Kit and other exam-prep resources for CompTIA Security+ Exam SY0-301.

    Table of contents

    1. Introduction
      1. CompTIA Professional Certification Program
      2. Acknowledgments
      3. Support & Feedback
      4. Errata
      5. We Want to Hear from You
      6. Stay in Touch
      7. Preparing for the Exam
    2. 1. Network Security
      1. Objective 1.1: Explain the security function and purpose of network devices and technologies
        1. Exam need to know…
        2. Firewalls
        3. Routers
        4. Switches
        5. Load balancers
        6. Proxies
        7. Web security gateways
        8. VPN concentrators
        9. NIDS and NIPS (Behavior based, signature based, anomaly based, heuristic)
        10. Protocol Analyzers
        11. Sniffers
        12. Spam filter, all-in-one security appliances
        13. Web application firewall vs. network firewall
        14. URL filtering, content inspection, malware inspection
        15. Can you answer these questions?
      2. Objective 1.2: Apply and implement secure network administration principles
        1. Exam need to know…
        2. Rule-based management
        3. Firewall rules
        4. VLAN management
        5. Secure router configuration
        6. Access control lists
        7. Port security
        8. 802.1x
        9. Flood guards
        10. Loop protection
        11. Implicit deny
        12. Prevent network bridging by network separation
        13. Log analysis
        14. Can you answer these questions?
      3. Objective 1.3: Distinguish and differentiate network design elements and compounds
        1. Exam need to know…
        2. DMZ
        3. Subnetting
        4. VLAN
        5. NAT
        6. Remote access
        7. Telephony
        8. NAC
        9. Virtualization
        10. Cloud computing
        11. Platform as a Service
        12. Software as a Service
        13. Infrastructure as a Service
        14. Can you answer these questions?
      4. Objective 1.4: Implement and use common protocols
        1. Exam need to know…
        2. IPSec
        3. SNMP
        4. SSH
        5. DNS
        6. TLS
        7. SSL
        8. TCP/IP
        9. FTPS
        10. HTTPS
        11. SFTP
        12. SCP
        13. ICMP
        14. IPv4 vs. IPv6
        15. Can you answer these questions?
      5. Objective 1.5: Identify commonly used default network ports
        1. Exam need to know…
        2. FTP
        3. SFTP
        4. FTPS
        5. TFTP
        6. TELNET
        7. HTTP
        8. HTTPS
        9. SCP
        10. SSH
        11. NetBIOS
        12. Can you answer these questions?
      6. Objective 1.6: Implement wireless networks in a secure manner
        1. Exam need to know…
        2. WPA
        3. WPA2
        4. WEP
        5. EAP
        6. PEAP
        7. LEAP
        8. MAC filtering
        9. SSID broadcast
        10. TKIP
        11. CCMP
        12. Antenna placement
        13. Power level control
        14. Can you answer these questions?
      7. Answers
        1. Objective 1.1: Explain the security function and purpose of network devices and technologies
        2. Objective 1.2: Apply and implement secure network administration principles
        3. Objective 1.3: Distinguish and differentiate network design elements and compounds
        4. Objective 1.4: Implement and use common protocols
        5. Objective 1.5: Identify commonly used default network ports
        6. Objective 1.6: Implement wireless networks in a secure manner
    3. 2. Compliance and Operational Security
      1. Objective 2.1: Explain risk related concepts
        1. Exam need to know…
        2. Control types
        3. Technical
        4. Management
        5. Physical
        6. False positives
        7. Importance of policies in reducing risk
        8. Privacy policy
        9. Acceptable use
        10. Security policy
        11. Mandatory vacations
        12. Job rotation
        13. Separation of duties
        14. Least privilege
        15. Risk calculation
        16. Likelihood
        17. ALE
        18. Impact
        19. Quantitative vs. qualitative
        20. Risk-avoidance, transference, acceptance, mitigation, deterrence
        21. Risks associated with cloud computing and virtualization
        22. Can you answer these questions?
      2. Objective 2.2: Carry out appropriate risk mitigation strategies
        1. Exam need to know…
        2. Implement security controls based on risk
        3. Change management
        4. Incident management
        5. User rights and permissions reviews
        6. Perform routine audits
        7. Implement policies and procedures to prevent data loss or theft
        8. Can you answer these questions?
      3. Objective 2.3: Execute appropriate incident response procedures
        1. Exam need to know…
        2. Basic forensic procedures
        3. Order of volatility
        4. Capture system image
        5. Network traffic and logs
        6. Capture video
        7. Record time offset
        8. Take hashes
        9. Screenshots
        10. Witnesses
        11. Track man hours and expense
        12. Damage and loss control
        13. Chain of custody
        14. Incident response: first responder
        15. Can you answer these questions?
      4. Objective 2.4: Explain the importance of security related awareness and training
        1. Exam need to know
        2. Security policy training and procedures
        3. Personally identifiable information
        4. Information classification: sensitivity of data (hard or soft)
        5. Data labeling, handling, and disposal
        6. Compliance with laws, best practices, and standards
        7. User habits
        8. Password behaviors
        9. Data handling
        10. Clean desk policies
        11. Prevent tailgating
        12. Personally owned devices
        13. Threat awareness
        14. New viruses
        15. Phishing attacks
        16. Zero day exploits
        17. Use of social networking and P2P
        18. Can you answer these questions?
      5. Objective 2.5: Compare and contrast aspects of business continuity
        1. Exam need to know…
        2. Business impact analysis
        3. Removing single points of failure
        4. Business continuity planning and testing
        5. Continuity of operations
        6. Disaster recovery
        7. IT contingency planning
        8. Succession planning
        9. Can you answer these questions?
      6. Objective 2.6: Explain the impact and proper use of environmental controls
        1. Exam need to know…
        2. HVAC
        3. Fire suppression
        4. EMI shielding
        5. Hot and cold aisles
        6. Environmental monitoring
        7. Temperature and humidity controls
        8. Video monitoring
        9. Can you answer these questions?
      7. Objective 2.7: Execute disaster recovery plans and procedures
        1. Exam need to know…
        2. Backup/backout contingency plans and policies
        3. Backups execution and frequency
        4. Redundancy and fault tolerance
        5. Hardware
        6. RAID
        7. Clustering
        8. Load balancing
        9. Servers
        10. High availability
        11. Cold site, hot site, warm site
        12. Mean time to restore, mean time between failures, recovery time objectives, and recovery point objective
        13. Can you answer these questions?
      8. Objective 2.8: Exemplify the concepts of confidentiality, integrity, and availability (CIA)
        1. Exam need to know…
        2. Confidentiality, integrity, and availability
        3. Can you answer these questions?
      9. Answers
        1. Objective 2.1: Explain risk related concepts
        2. Objective 2.2: Carry out appropriate risk mitigation strategies
        3. Objective 2.3: Execute appropriate incident response procedures
        4. Objective 2.4: Explain the importance of security related awareness and training
        5. Objective 2.5: Compare and contrast aspects of business continuity
        6. Objective 2.6: Explain the impact and proper use of environmental controls
        7. Objective 2.7: Execute disaster recovery plans and procedures
        8. Objective 2.8: Exemplify the concepts of confidentiality, integrity, and availability (CIA)
    4. 3. Threats and Vulnerabilities
      1. Objective 3.1: Analyze and differentiate among types of malware
        1. Exam need to know…
        2. Adware
        3. Virus
        4. Worms
        5. Spyware
        6. Trojan
        7. Rootkits
        8. Backdoors
        9. Logic bomb
        10. Botnets
        11. Can you answer these questions?
      2. Objective 3.2: Analyze and differentiate among types of attacks
        1. Exam need to know
        2. Man-in-the-middle
        3. DDoS
        4. DoS
        5. Replay
        6. Smurf attack
        7. Spoofing
        8. Spam
        9. Phishing
        10. Spim
        11. Vishing
        12. Spear phishing
        13. Xmas attack
        14. Pharming
        15. Privilege escalation
        16. Malicious insider threat
        17. DNS Poisoning and ARP poisoning
        18. Transitive access
        19. Client-side attacks
        20. Can you answer these questions?
      3. Objective 3.3: Analyze and differentiate among types of social engineering attacks
        1. Exam need to know…
        2. Shoulder surfing
        3. Dumpster diving
        4. Tailgating
        5. Impersonation
        6. Hoaxes
        7. Whaling
        8. Vishing
        9. Can you answer these questions?
      4. Objective 3.4: Analyze and differentiate among types of wireless attacks
        1. Exam need to know…
        2. Rogue access points
        3. Interference
        4. Evil twin
        5. Wardriving
        6. Bluejacking
        7. Bluesnarfing
        8. War chalking
        9. IV attack
        10. Packet sniffing
        11. Can you answer these questions?
      5. Objective 3.5: Analyze and differentiate among types of application attacks
      6. Exam need to know
        1. Cross-site scripting
        2. SQL injection
        3. LDAP injection
        4. XML injection
        5. Directory traversal/command injection
        6. Buffer overflow
        7. Zero day
        8. Cookies and attachments
        9. Malicious add-ons
        10. Session hijacking
        11. Header manipulation
        12. Can you answer these questions?
      7. Objective 3.6: Analyze and differentiate among types of mitigation and deterrent techniques
        1. Exam need to know…
        2. Manual bypassing of electronic controls
        3. Failsafe/secure vs. failopen
        4. Monitoring system logs
        5. Event logs
        6. Audit logs
        7. Security logs
        8. Access logs
        9. Physical security
        10. Hardware locks
        11. Mantraps
        12. Video surveillance
        13. Fencing
        14. Proximity readers
        15. Access list
        16. Hardening
        17. Disabling unnecessary services
        18. Protecting management interfaces and applications
        19. Password protection
        20. Disabling unnecessary accounts
        21. Port security
        22. MAC limiting and filtering
        23. 802.1x
        24. Disabling unused ports
        25. Security posture
        26. Initial baseline configuration
        27. Continuous security monitoring
        28. Remediation
        29. Reporting
        30. Alarms
        31. Alerts
        32. Trends
        33. Detection controls vs. prevention controls
        34. IDS vs. IPS
        35. Camera vs. guard
        36. Can you answer these questions?
      8. Objective 3.7: Implement assessment tools and techniques to discover security threats and vulnerabilities
        1. Exam need to know…
        2. Vulnerability scanning and interpret results
        3. Tools
        4. Protocol analyzer
        5. Sniffer
        6. Vulnerability scanner
        7. Honeypots
        8. Honeynets
        9. Port scanner
        10. Risk calculations
        11. Threat vs. likelihood
        12. Assessment types
        13. Risk
        14. Threat
        15. Vulnerability
        16. Assessment technique
        17. Baseline reporting
        18. Code review
        19. Determine attack surface
        20. Architecture
        21. Design reviews
        22. Can you answer these questions?
      9. Objective 3.8: Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning
        1. Exam need to know…
        2. Penetration testing
        3. Verify a threat exists
        4. Bypass security controls
        5. Actively test security controls
        6. Exploiting vulnerabilities
        7. Vulnerability scanning
        8. Passively testing security controls
        9. Identify vulnerability
        10. Identify lack of security controls
        11. Identify common misconfiguration
        12. Black box
        13. White box
        14. Gray box
        15. Can you answer these questions?
      10. Answers
        1. Objective 3.1: Analyze and differentiate among types of malware
        2. Objective 3.2: Analyze and differentiate among types of attacks
        3. Objective 3.3: Analyze and differentiate among types of social engineering attacks
        4. Objective 3.4: Analyze and differentiate among types of wireless attacks
        5. Objective 3.5: Analyze and differentiate among types of application attacks
        6. Objective 3.6: Analyze and differentiate among types of mitigation and deterrent techniques
        7. Objective 3.7: Implement assessment tools and techniques to discover security threats and vulnerabilities
        8. Objective 3.8: Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning
    5. 4. Application, Data, and Host Security
      1. Objective 4.1: Explain the importance of application security
        1. Exam need to know…
        2. Fuzzing
        3. Secure coding concepts
        4. Error and exception handling
        5. Input validation
        6. Cross-site scripting prevention
        7. Cross-site Request Forgery (XSRF) prevention
        8. Application configuration baseline (proper settings)
        9. Application hardening
        10. Application patch management
        11. Can you answer these questions?
      2. Objective 4.2: Carry out appropriate procedures to establish host security
        1. Exam need to know…
        2. Operating system security and settings
        3. Anti-malware
        4. Anti-virus
        5. Anti-spam
        6. Anti-spyware
        7. Pop-up blockers
        8. Host-based firewalls
        9. Patch management
        10. Hardware security
        11. Cable locks
        12. Safe
        13. Locking cabinets
        14. Host software baselining
        15. Mobile devices
        16. Screen lock
        17. Strong password
        18. Device encryption
        19. Remote wipe/sanitation
        20. Voice encryption
        21. GPS tracking
        22. Virtualization
        23. Can you answer these questions?
      3. Objective 4.3: Explain the importance of data security
        1. Exam need to know…
        2. Data Loss Prevention (DLP)
        3. Data encryption
        4. Full disk
        5. Database
        6. Individual files
        7. Removable media
        8. Mobile devices
        9. Hardware based encryption devices
        10. TPM
        11. HSM
        12. USB encryption
        13. Hard drive
        14. Cloud computing
        15. Can you answer these questions?
      4. Answers
        1. Objective 4.1: Explain the importance of application security
        2. Objective 4.2: Carry out appropriate procedures to establish host security
        3. Objective 4.3: Explain the importance of data security
    6. 5. Access Control and Identity Management
      1. Objective 5.1: Explain the function and purpose of authentication services
        1. Exam need to know…
        2. RADIUS
        3. TACACS
        4. TACACS+
        5. Kerberos
        6. LDAP
        7. XTACACS
        8. Can you answer these questions?
      2. Objective 5.2: Explain the fundamental concepts and best practices related to authentication, authorization, and access control
        1. Exam need to know…
        2. Identification vs. authentication
        3. Authentication (single factor) andauthorization
        4. Multifactor authentication
        5. Biometrics
        6. Tokens
        7. Common access card
        8. Personal identification verification card
        9. Smart card
        10. Least privilege
        11. Separation of duties
        12. Single sign-on
        13. ACLs
        14. Access control
        15. Mandatory access control
        16. Discretionary access control
        17. Role/rule–based access control
        18. Implicit deny
        19. Time-of-day restrictions
        20. Trusted OS
        21. Mandatory vacations
        22. Job rotation
        23. Can you answer these questions?
      3. Objective 5.3: Implement appropriate security controls when performing account management
        1. Exam need to know…
        2. Mitigate issues associated with users with multiple account/roles
        3. Account policy enforcement
        4. Password complexity
        5. Expiration
        6. Recovery
        7. Length
        8. Disablement
        9. Lockout
        10. Group-based privileges
        11. User-assigned privileges
        12. Can you answer these questions?
      4. Answers
        1. Objective 5.1: Explain the function and purpose of authentication services
        2. Objective 5.2: Explain the fundamental concepts and best practices related to authentication, authorization, and access control
        3. Objective 5.3: Implement appropriate security controls when performing account management
    7. 6. Cryptography
      1. Objective 6.1: Summarize general cryptography concepts
        1. Exam need to know…
        2. Symmetric vs. asymmetric
        3. Fundamental differences and encryption methods (Block vs. Stream)
        4. Transport encryption
        5. Non-repudiation
        6. Hashing
        7. Key escrow
        8. Steganography
        9. Digital signatures
        10. Use of proven technologies
        11. Elliptic curve and quantum cryptography
        12. Can you answer these questions?
      2. Objective 6.2: Use and apply appropriate cryptographic tools and products
        1. Exam need to know…
        2. WEP vs. WPA/WPA2 and preshared key
        3. MD5
        4. SHA
        5. RIPEMD
        6. AES
        7. DES
        8. 3DES
        9. HMAC
        10. RSA
        11. RC4
        12. One-time pads
        13. CHAP
        14. PAP
        15. NTLM
        16. NTLMv2
        17. Blowfish
        18. PGP/GPG
        19. Whole disk encryption
        20. TwoFish
        21. Comparative strengths of algorithms
        22. Use of algorithms with transport encryption
        23. SSL
        24. TLS
        25. IPsec
        26. SSH
        27. HTTPS
        28. Can you answer these questions?
      3. Objective 6.3: Explain the core concepts of public key infrastructure
        1. Exam need to know
        2. Certificate authorities and digital certificates
        3. CA
        4. CRLs
        5. PKI
        6. Recovery agent
        7. Public key
        8. Private key
        9. Registration
        10. Key escrow
        11. Trust models
        12. Can you answer these questions?
      4. Objective 6.4: Implement PKI, certificate management, and associated components
        1. Exam need to know…
        2. Certificate authorities and digital certificates
        3. CA
        4. CRLs
        5. PKI
        6. Recovery agent
        7. Public key
        8. Private key
        9. Registration
        10. Key escrow
        11. Trust models
        12. Can you answer these questions?
      5. Answers
        1. Objective 6.1: Summarize general cryptography concepts
        2. Objective 6.2: Use and apply appropriate cryptographic tools and products
        3. Objective 6.3: Explain the core concepts of public key infrastructure
        4. Objective 6.4: Implement PKI, certificate management, and associated components
    8. A. Security+ Acronyms
    9. Index
    10. About the Author
    11. Copyright

    Product information

    • Title: CompTIA® Security+™ Rapid Review (Exam SY0-301)
    • Author(s): Michael Gregg
    • Release date: December 2012
    • Publisher(s): Microsoft Press
    • ISBN: 9780735668478