Book description
Assess your readiness for CompTIA Security+ Exam SY0-301—and quickly identify where you need to focus and practice. This practical, streamlined guide walks you through each exam objective, providing "need-to-know" checklists, review questions, tips, and links to further study—all designed to help bolster your preparation.
Reinforce your exam prep with a Rapid Review of these objectives:
Network security
Compliance and operational security
Threats and vulnerabilities
Application, data and host security
Access control and identity management
Cryptography
This book is an ideal complement to the in-depth training of the Microsoft Press Training Kit and other exam-prep resources for CompTIA Security+ Exam SY0-301.
Table of contents
- Introduction
-
1. Network Security
-
Objective 1.1: Explain the security function and purpose of network devices and technologies
- Exam need to know…
- Firewalls
- Routers
- Switches
- Load balancers
- Proxies
- Web security gateways
- VPN concentrators
- NIDS and NIPS (Behavior based, signature based, anomaly based, heuristic)
- Protocol Analyzers
- Sniffers
- Spam filter, all-in-one security appliances
- Web application firewall vs. network firewall
- URL filtering, content inspection, malware inspection
- Can you answer these questions?
- Objective 1.2: Apply and implement secure network administration principles
- Objective 1.3: Distinguish and differentiate network design elements and compounds
- Objective 1.4: Implement and use common protocols
- Objective 1.5: Identify commonly used default network ports
- Objective 1.6: Implement wireless networks in a secure manner
-
Answers
- Objective 1.1: Explain the security function and purpose of network devices and technologies
- Objective 1.2: Apply and implement secure network administration principles
- Objective 1.3: Distinguish and differentiate network design elements and compounds
- Objective 1.4: Implement and use common protocols
- Objective 1.5: Identify commonly used default network ports
- Objective 1.6: Implement wireless networks in a secure manner
-
Objective 1.1: Explain the security function and purpose of network devices and technologies
-
2. Compliance and Operational Security
-
Objective 2.1: Explain risk related concepts
- Exam need to know…
- Control types
- Technical
- Management
- Physical
- False positives
- Importance of policies in reducing risk
- Privacy policy
- Acceptable use
- Security policy
- Mandatory vacations
- Job rotation
- Separation of duties
- Least privilege
- Risk calculation
- Likelihood
- ALE
- Impact
- Quantitative vs. qualitative
- Risk-avoidance, transference, acceptance, mitigation, deterrence
- Risks associated with cloud computing and virtualization
- Can you answer these questions?
- Objective 2.2: Carry out appropriate risk mitigation strategies
-
Objective 2.3: Execute appropriate incident response procedures
- Exam need to know…
- Basic forensic procedures
- Order of volatility
- Capture system image
- Network traffic and logs
- Capture video
- Record time offset
- Take hashes
- Screenshots
- Witnesses
- Track man hours and expense
- Damage and loss control
- Chain of custody
- Incident response: first responder
- Can you answer these questions?
-
Objective 2.4: Explain the importance of security related awareness and training
- Exam need to know
- Security policy training and procedures
- Personally identifiable information
- Information classification: sensitivity of data (hard or soft)
- Data labeling, handling, and disposal
- Compliance with laws, best practices, and standards
- User habits
- Password behaviors
- Data handling
- Clean desk policies
- Prevent tailgating
- Personally owned devices
- Threat awareness
- New viruses
- Phishing attacks
- Zero day exploits
- Use of social networking and P2P
- Can you answer these questions?
- Objective 2.5: Compare and contrast aspects of business continuity
- Objective 2.6: Explain the impact and proper use of environmental controls
-
Objective 2.7: Execute disaster recovery plans and procedures
- Exam need to know…
- Backup/backout contingency plans and policies
- Backups execution and frequency
- Redundancy and fault tolerance
- Hardware
- RAID
- Clustering
- Load balancing
- Servers
- High availability
- Cold site, hot site, warm site
- Mean time to restore, mean time between failures, recovery time objectives, and recovery point objective
- Can you answer these questions?
- Objective 2.8: Exemplify the concepts of confidentiality, integrity, and availability (CIA)
-
Answers
- Objective 2.1: Explain risk related concepts
- Objective 2.2: Carry out appropriate risk mitigation strategies
- Objective 2.3: Execute appropriate incident response procedures
- Objective 2.4: Explain the importance of security related awareness and training
- Objective 2.5: Compare and contrast aspects of business continuity
- Objective 2.6: Explain the impact and proper use of environmental controls
- Objective 2.7: Execute disaster recovery plans and procedures
- Objective 2.8: Exemplify the concepts of confidentiality, integrity, and availability (CIA)
-
Objective 2.1: Explain risk related concepts
-
3. Threats and Vulnerabilities
- Objective 3.1: Analyze and differentiate among types of malware
- Objective 3.2: Analyze and differentiate among types of attacks
- Objective 3.3: Analyze and differentiate among types of social engineering attacks
- Objective 3.4: Analyze and differentiate among types of wireless attacks
- Objective 3.5: Analyze and differentiate among types of application attacks
- Exam need to know
-
Objective 3.6: Analyze and differentiate among types of mitigation and deterrent techniques
- Exam need to know…
- Manual bypassing of electronic controls
- Failsafe/secure vs. failopen
- Monitoring system logs
- Event logs
- Audit logs
- Security logs
- Access logs
- Physical security
- Hardware locks
- Mantraps
- Video surveillance
- Fencing
- Proximity readers
- Access list
- Hardening
- Disabling unnecessary services
- Protecting management interfaces and applications
- Password protection
- Disabling unnecessary accounts
- Port security
- MAC limiting and filtering
- 802.1x
- Disabling unused ports
- Security posture
- Initial baseline configuration
- Continuous security monitoring
- Remediation
- Reporting
- Alarms
- Alerts
- Trends
- Detection controls vs. prevention controls
- IDS vs. IPS
- Camera vs. guard
- Can you answer these questions?
-
Objective 3.7: Implement assessment tools and techniques to discover security threats and vulnerabilities
- Exam need to know…
- Vulnerability scanning and interpret results
- Tools
- Protocol analyzer
- Sniffer
- Vulnerability scanner
- Honeypots
- Honeynets
- Port scanner
- Risk calculations
- Threat vs. likelihood
- Assessment types
- Risk
- Threat
- Vulnerability
- Assessment technique
- Baseline reporting
- Code review
- Determine attack surface
- Architecture
- Design reviews
- Can you answer these questions?
-
Objective 3.8: Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning
- Exam need to know…
- Penetration testing
- Verify a threat exists
- Bypass security controls
- Actively test security controls
- Exploiting vulnerabilities
- Vulnerability scanning
- Passively testing security controls
- Identify vulnerability
- Identify lack of security controls
- Identify common misconfiguration
- Black box
- White box
- Gray box
- Can you answer these questions?
-
Answers
- Objective 3.1: Analyze and differentiate among types of malware
- Objective 3.2: Analyze and differentiate among types of attacks
- Objective 3.3: Analyze and differentiate among types of social engineering attacks
- Objective 3.4: Analyze and differentiate among types of wireless attacks
- Objective 3.5: Analyze and differentiate among types of application attacks
- Objective 3.6: Analyze and differentiate among types of mitigation and deterrent techniques
- Objective 3.7: Implement assessment tools and techniques to discover security threats and vulnerabilities
- Objective 3.8: Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning
-
4. Application, Data, and Host Security
-
Objective 4.1: Explain the importance of application security
- Exam need to know…
- Fuzzing
- Secure coding concepts
- Error and exception handling
- Input validation
- Cross-site scripting prevention
- Cross-site Request Forgery (XSRF) prevention
- Application configuration baseline (proper settings)
- Application hardening
- Application patch management
- Can you answer these questions?
-
Objective 4.2: Carry out appropriate procedures to establish host security
- Exam need to know…
- Operating system security and settings
- Anti-malware
- Anti-virus
- Anti-spam
- Anti-spyware
- Pop-up blockers
- Host-based firewalls
- Patch management
- Hardware security
- Cable locks
- Safe
- Locking cabinets
- Host software baselining
- Mobile devices
- Screen lock
- Strong password
- Device encryption
- Remote wipe/sanitation
- Voice encryption
- GPS tracking
- Virtualization
- Can you answer these questions?
- Objective 4.3: Explain the importance of data security
- Answers
-
Objective 4.1: Explain the importance of application security
-
5. Access Control and Identity Management
- Objective 5.1: Explain the function and purpose of authentication services
-
Objective 5.2: Explain the fundamental concepts and best practices related to authentication, authorization, and access control
- Exam need to know…
- Identification vs. authentication
- Authentication (single factor) andauthorization
- Multifactor authentication
- Biometrics
- Tokens
- Common access card
- Personal identification verification card
- Smart card
- Least privilege
- Separation of duties
- Single sign-on
- ACLs
- Access control
- Mandatory access control
- Discretionary access control
- Role/rule–based access control
- Implicit deny
- Time-of-day restrictions
- Trusted OS
- Mandatory vacations
- Job rotation
- Can you answer these questions?
- Objective 5.3: Implement appropriate security controls when performing account management
- Answers
-
6. Cryptography
- Objective 6.1: Summarize general cryptography concepts
-
Objective 6.2: Use and apply appropriate cryptographic tools and products
- Exam need to know…
- WEP vs. WPA/WPA2 and preshared key
- MD5
- SHA
- RIPEMD
- AES
- DES
- 3DES
- HMAC
- RSA
- RC4
- One-time pads
- CHAP
- PAP
- NTLM
- NTLMv2
- Blowfish
- PGP/GPG
- Whole disk encryption
- TwoFish
- Comparative strengths of algorithms
- Use of algorithms with transport encryption
- SSL
- TLS
- IPsec
- SSH
- HTTPS
- Can you answer these questions?
- Objective 6.3: Explain the core concepts of public key infrastructure
- Objective 6.4: Implement PKI, certificate management, and associated components
- Answers
- A. Security+ Acronyms
- Index
- About the Author
- Copyright
Product information
- Title: CompTIA® Security+™ Rapid Review (Exam SY0-301)
- Author(s):
- Release date: December 2012
- Publisher(s): Microsoft Press
- ISBN: 9780735668478
You might also like
book
CompTIA® Security+™ SY0-301 Exam Cram, Third Edition
Prepare for CompTIA Security+ SY0-301 exam success with this CompTIA Authorized Exam Cram from Pearson IT …
book
CompTIA® Security+™ SY0-401 Exam Cram, Fourth Edition
The Publisher regrets that the CD/DVD content for this title cannot be made available Online. CompTIA® …
book
Security+® Practice Tests
Ace the CompTIA Security+ exam with over 700 practice exam questions written using the style and …
book
CompTIA® Network+ N10-006 Cert Guide
This approved study guide helps you master topics on the CompTIA Network+ N10-006 exam, including the …