1.8 Install an appropriate power supply based on a given scenario 1.9 Evaluate and select appropriate components for a custom configuration, to meet customer specifications or needs 1.10 Given a scenario, evaluate types and features of display devices. 2.10 Given a scenario. Networking Tools: Punch Down Tool & Loop Back Plug. Module 2.10: Use Appropriate Network Tools (11/21 43 3!) Punch Down Tool: Take a cable and punch down onto a punch block for a patch panel, or a phone block for phone cables.Also if you have a wall drop for RJ45 cables you want to Punch them down.
456 pages |
Description
NOTE: The exam this book covered, CompTIA Security: Exam SY0-401, was retired by CompTIA in 2017 and is no longer offered. For coverage of the current exam CompTIA Security: Exam SY0-501, please look for the latest edition of this guide: CompTIA Security+ Review Guide: Exam SY0-501 (9781119518907). |
The CompTIA Security+ certification offers tremendous opportunities for IT professionals. For those who want to take their careers to the next level, CompTIA Security+ Review Guide: Exam SY0-401 is here to serve as a great resource for certification preparation. This concise, focused guide is easy to use and is organized by each exam objective for quick review and reinforcement of key topics. You'll find information on network security, compliance and operational security, and threats and vulnerabilities. Additionally, this indispensable resource delves into application, data, and host security, access control and identity management, and cryptography. Whether you're looking to achieve Security+ certification or simply get up to speed on key IT security concepts, this review guide brings together lessons on the most essential topics.
In addition to the content in the book, you'll have access to more than 100 practice exam questions, electronic flashcards, and a searchable glossary of key terms.
- Serves as an essential review guide for Security+ certification exam
- Split into six sections that cover the most essential topics for professionals interested in Security+ certification and other certifications
- Features additional resources featured on companion website, including practice exam questions, electronic flashcards, and a glossary of key terms
More than 250,000 IT professionals have earned their Security+ certification since it was founded. Join the thousands who are excelling in their IT careers and get a head start on reviewing for one of the field's most sought after certifications.
Table of Contents
Introduction xxvChapter 1 Network Security 1
1.1 Implement security configuration parameters on network devices and other technologies 5
1.2 Given a scenario, use secure network administration principles 22
1.3 Explain network design elements and components 27
1.4 Given a scenario, implement common protocols and services 40
1.5 Given a scenario, troubleshoot security issues related to wireless networking 56
Chapter 2 Compliance and Operational Security 69
2.1 Explain the importance of risk-related concepts 76
2.2 Summarize the security implications of integrating systems and data with third parties 92
2.3 Given a scenario, implement appropriate riskmitigation strategies 96
2.4 Given a scenario, implement basic forensic procedures 101
2.5 Summarize common incident response procedures 106
2.6 Explain the importance of security-related awareness and training 111
2.7 Compare and contrast physical security and environmental controls 123
2.8 Summarize risk-management best practices 135
2.9 Given a scenario, select the appropriate control to meet the goals of security 148
Chapter 3 Threats and Vulnerabilities 155
3.1 Explain types of malware 161
3.2 Summarize various types of attacks 167
3.3 Summarize social engineering attacks and the associated effectiveness with each attack 184
3.4 Explain types of wireless attacks 188
3.5 Explain types of application attacks 194
3.6 Analyze a scenario and select the appropriate type of mitigation and deterrent techniques 201
3.7 Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities 211
3.8 Explain the proper use of penetration testing versus vulnerability scanning 217
Chapter 4 Application, Data, and Host Security 225
4.1 Explain the importance of application security controls and techniques 229
4.2 Summarize mobile security concepts and technologies 235
4.3 Given a scenario, select the appropriate solution to establish host security 244
4.4 Implement the appropriate controls to ensure data security 251
4.5 Compare and contrast alternative methods to mitigate security risks in static environments 257
Chapter 5 Access Control and Identity Management 267
5.1 Compare and contrast the function and purpose of authentication services 270
5.2 Given a scenario, select the appropriate authentication, authorization, or access control 275
5.3 Install and configure security controls when performing account management, based on best practices 289
Chapter 6 Cryptography 299
6.1 Given a scenario, utilize general cryptography concepts 302
6.2 Given a scenario, use appropriate cryptographic methods 331
6.3 Given a scenario, use appropriate PKI, certificate management, and associated components 344
Appendix A Answers to Review Questions 359
Chapter 1: Network Security 360
Chapter 2: Compliance and Operational Security 360
Chapter 3: Threats and Vulnerabilities 361
Chapter 4: Application, Data, and Host Security 362
Chapter 5: Access Control and Identity Management 363
Chapter 6: Cryptography 364
Appendix B About the Additional Study Tools 367
Additional Study Tools 368
Sybex Test Engine 368
Electronic Flashcards 368
PDF of Glossary of Terms 368
Adobe Reader 368
System Requirements 369
Using the Study Tools 369
Troubleshooting 369
Customer Care 370
Index 371
Author Information
James Michael Stewart, Security+, CISSP, CEH, CHFI, is asecurity expert, full-time writer, trainer, and researcher forImpact Online, an independent courseware development company. Hehas authored and contributed to over 75 books, including previouseditions of the CompTIA Security+ Review Guide, and theCISSP Study Guide, both by Sybex. Stewart provides ITinstruction across the globe for various public and privateorganizations.
Downloads
Download Title | Size | Download |
---|---|---|
Login/Register for downloads Thank you for your interest in this Sybex product. To access the free downloadable files, please login or register by clicking the following URL. You'll proceed to the login/registration screen. Register or Login Now After you have registered and downloaded your Sybex product's zip file, follow these steps:
| ||
CompTIA Voucher Discount | 68.61 KB | Click to Download |
Errata
Do you think you've discovered an error in this book? Please check the list of errata below to see if we've already addressed the error. If not, please submit the error via our Errata Form. We will attempt to verify your error; if you're right, we will post a correction below.
Chapter | Page | Details | Date | Print Run |
---|---|---|---|---|
5 | 280 | Text correction: Error under 'Authentication' The first sentence in the paragraph following the bullet list, 'The authentication factor of something you are is also known as a Type 1 factor...' should read: 'The authentication factor of something you know is also known as a Type 1 factor...' | 10/24/14 | |
6 | 320 | Text correction: Error regarding M of N control under 'Key Escrow' In the third sentence of the last paragraph, the 'M' and the 'N' in parentheses should be reversed. The sentence should read: 'M of N control indicates that there are multiple key-recovery agents (N) and that a specific minimum number of these key-recovery agents (M) must be present...' | 10/24/14 |