CompTIA® Security+ Exam Cram
Second Edition
Exam SY0-201
Diane Barrett
Kirk Hausman
Martin Weiss
The Smart Way to Study™
Covers the critical information you need to know to score higher on your Security+ exam!
WRITTEN BY LEADING EXPERTS:
Diane Barrett (MCSE, A+, Security+) is a professor in the Network Security and Computer Forensics programs at the University of Advancing Technology. She belongs to several security user groups, including HTCIA and InfraGard.
Kirk Hausman (MCSE, Security+) has worked for more than 20 years as a consultant, trainer, IT manager, and network and security administrator. He works for Texas A&M University as assistant commandant for IT.
Martin Weiss (CISSP, Security+, MCSE) is a manager of information security gurus at RSA, the security division of EMC.
CD Features Test Engine Powered by MeasureUp!
informit.com/examcram
ISBN-13: 978-0-7897-3804-2
ISBN-10: 0-7897-3804-X
"synopsis" may belong to another edition of this title.
Diane Barrett is a professor in the Network Security and Computer Forensics programs at the University of Advancing Technology. She has authored several security and forensic books. Diane belongs to the local chapters of several security user groups, including HTCIA and InfraGard. She was also a volunteer for ISSA’s (Information Systems Audit and Control Association) Generally Accepted Information Security Principles (GAISP) in the Ethical Practices Working Group. She holds about 15 industry certifications, including CISSP, ISSMP, and Security+. Diane received her master’s of science degree in computer technology, with a specialization in information security, from Capella University.
Kalani K. Hausman, CISSP, CISA, CISM, GHSC, is an author, teacher, and information technology implementer with more than 20 years’ experience specializing in IT governance, enterprise architecture, regulatory compliance, and enterprise security management. His experience includes medium to large-scale globally deployed networks in governmental, higher-education, health-care, and corporate settings. He is active within the FBI InfraGard, Information Systems Audit and Control Association (ISACA) and ISSA and is currently employed as the Assistant Commandant for IT at Texas A&M University.
Martin Weiss is a manager of information security gurus at RSA, The Security Division of EMC, helping organizations accelerate their business by solving their most complex and sensitive security challenges. He is also on the board of directors for the Connecticut chapter of ISSA and has authored several other books. He holds several certifications, including Security+, CISSP, MCSE: Security, and RSA CSE. Marty received his MBA from the Isenberg School of Management at the University of Massachusetts and currently lives in New England with his wife and three sons. Marty can be reached at marty.weiss@gmail.com.
Introduction
Introduction
Welcome to CompTIA Security+ Exam Cram, Second Edition. Whether this book is your first or your fifteenth Exam Cram series book, you’ll find information here that will help ensure your success as you pursue knowledge, experience, and certification. This book aims to help you get ready to take and pass the CompTIA Security+ exam, number SY0-201.
This introduction explains CompTIA’s certification programs in general and talks about how the Exam Cram series can help you prepare for CompTIA’s latest certification exams. Chapters 1 through 12 are designed to remind you of everything you need to know to pass the SY0-201 certification exam. The two practice exams at the end of this book should give you a reasonably accurate assessment of your knowledge; and, yes, we’ve provided the answers and their explanations for these practice exams. Read this book, understand the material, and you’ll stand a very good chance of passing the real test.
Exam Cram books help you understand and appreciate the subjects and materials you need to know to pass CompTIA certification exams. Exam Cram books are aimed strictly at test preparation and review. They do not teach you everything you need to know about a subject. Instead, the authors streamline and highlight the pertinent information by presenting and dissecting the questions and problems they’ve discovered that you’re likely to encounter on a CompTIA test.
Nevertheless, to completely prepare yourself for any CompTIA test, we recommend that you begin by taking the “Self-Assessment” that immediately follows this introduction. The self-assessment tool will help you evaluate your knowledge base against the requirements for the CompTIA Security+ exam under both ideal and real circumstances. This can also be the first step in earning more advanced security certifications.
Based on what you learn from the self-assessment, you might decide to begin your studies with classroom training or some background reading. On the other hand, you might decide to pick up and read one of the many study guides available from Que or a third-party vendor.
We also strongly recommend that you spend some time installing, configuring, and working with both Windows and UNIX or Linux operating systems to patch and maintain them for the best and most current security possible because the Security+ exam focuses on such activities and the knowledge and skills they can provide for you. Nothing beats hands-on experience and familiarity when it comes to understanding the questions you’re likely to encounter on a certification test. Book learning is essential, but without doubt, hands-on experience is the best teacher of all!
The CompTIA Certification Program
The Computing Technology Industry Association (http://www.comptia.org) offers numerous IT certifications, primarily aimed at entry- and intermediate-level IT professionals. Here is a list of some other relevant CompTIA certifications, briefly annotated to document their possible relevance to Security+:
The CompTIA exams are all vendor- and platform-neutral, which means they primarily test general skills and knowledge, instead of focusing on vendor or product specifics. Therefore, they offer certification candidates a chance to demonstrate necessary general abilities relevant in most workplaces. (This explains why employers generally look at CompTIA certifications favorably.)
Because CompTIA changes their website often, the URLs listed above might not work in the future. You should use the Search tool on CompTIA’s site to find more information about a particular certification.
Taking a Certification Exam
After you prepare for your exam, you need to register with a testing center. At the time of this writing, the cost to take the Security+ exam is $258 for individuals. CompTIA Corporate Members receive discounts on nonmember pricing. For more information about these discounts, a local CompTIA sales representative can provide answers to any questions you might have. If you don’t pass, you can take the exam again for the same cost as the first attempt, for each attempt until you pass. In the United States and Canada, tests are administered by Prometric or VUE. Here’s how you can contact them:
To sign up for a test, you must possess a valid credit card or contact either Prometric or Vue for mailing instructions to send a check (in the United States). Only after payment has been verified, or a check has cleared, can you actually register for a test.
To schedule an exam, you need to call the appropriate phone number or visit the Prometric or Vue website at least one day in advance. To cancel or reschedule an exam in the United States or Canada, you must call before 3 p.m. Eastern time the day before the scheduled test time (or you might be charged, even if you don’t show up to take the test). When you want to schedule a test, you should have the following information ready:
After you sign up for a test, you are told when and where the test is scheduled. You should arrive at least 15 minutes early. To be admitted into the testing room, you must supply two forms of identification, one of which must be a photo ID.
Tracking Certification Status
After you pass the exam, you are certified. Official certification is normally granted after six to eight weeks, so you shouldn’t expect to get your credentials overnight. The package for official certification that arrives includes a Welcome Kit that contains a number of elements. (See CompTIA’s website for other benefits of specific certifications.)
Many people believe that the benefits of certification go well beyond the perks that CompTIA provides to new members of this elite group. We’re starting to see more job listings that request or require applicants to have CompTIA and other related certifications, and many individuals who complete CompTIA certification programs can qualify for increases in pay and responsibility. As an official recognition of hard work and broad knowledge, a certification credential is a badge of honor in many IT organizations.
About This Book
We’ve structured the topics in this book to build on one another. Therefore, some topics in later chapters make the most sense after you’ve read earlier chapters. That’s why we suggest that you read this book from front to back for your initial test preparation. If you need to brush up on a topic or if you have to bone up for a second try, you can use the index or table of contents to go straight to the topics and questions that you need to study. Beyond helping you prepare for the test, we think you’ll find this book useful as a tightly focused reference to some of the most important aspects of the Security+ certification.
Chapter Format and Conventions
Each topical Exam Cram chapter follows a regular structure and contains graphical cues about important or useful information. Here’s the structure of a typical chapter:
Warning - This is what an alert looks like. Normally, an alert stresses concepts, terms, software, or activities that are likely to relate to one or more certification test questions. For that reason, we think any information in an alert is worthy of extra attentiveness on your part.
Pay close attention to material flagged in Exam Alerts; although all the information in this book pertains to what you need to know to pass the exam, Exam Alerts contain information that is really important. Of course, you need to understand the “meat” of each chapter, too, when preparing for the test. Because this book’s material is condensed, we recommend that you use this book along with other resources to achieve the maximum benefit.
In addition to the alerts, we provide tips and notes to help you build a better foundation for security knowledge. Although the tip information might not be on the exam, it is certainly related and will help you become a better-informed test taker.
Tip - This is how tips are formatted. Keep your eyes open for these, and you’ll become a Security+ guru in no time!
Note - This is how notes are formatted. Notes direct your attention to important pieces of information that relate to the CompTIA Security+ certification.
Although the bulk of this book follows this chapter structure just described, we want to point out a few other elements:
Exam Topics
Table I-1 lists the skills measured by the SY0-201 exam and the chapter in which the topic is discussed. Some topics are covered in other chapters, too.
Table I-1 CompTIA SY0-201 Exam Topics
Exam Topi... |
"About this title" may belong to another edition of this title.
Shipping:
FREE
Within U.S.A.
Seller: Wonder Book, Frederick, MD, U.S.A.
Condition: Very Good. Very Good condition. 2nd edition. A copy that may have a few cosmetic defects. May also contain light spine creasing or a few markings such as an owner's name, short gifter's inscription or light stamp. Bundled media such as CDs, DVDs, floppy disks or access codes may not be included. Seller Inventory # V14A-02628
Quantity: 1 available
Seller: Wonder Book, Frederick, MD, U.S.A.
Condition: Good. Good condition. 2nd edition. A copy that has been read but remains intact. May contain markings such as bookplates, stamps, limited notes and highlighting, or a few light stains. Bundled media such as CDs, DVDs, floppy disks or access codes may not be included. Seller Inventory # T11P-00084
Quantity: 1 available
Seller: ThriftBooks-Atlanta, AUSTELL, GA, U.S.A.
Paperback. Condition: Good. No Jacket. Pages can have notes/highlighting. Spine may show signs of wear. ~ ThriftBooks: Read More, Spend Less 0.15. Seller Inventory # G078973804XI3N00
Quantity: 1 available
Seller: ThriftBooks-Dallas, Dallas, TX, U.S.A.
Paperback. Condition: Good. No Jacket. Pages can have notes/highlighting. Spine may show signs of wear. ~ ThriftBooks: Read More, Spend Less 0.15. Seller Inventory # G078973804XI3N00
Quantity: 1 available
Seller: ThriftBooks-Dallas, Dallas, TX, U.S.A.
Paperback. Condition: Fair. No Jacket. Readable copy. Pages may have considerable notes/highlighting. ~ ThriftBooks: Read More, Spend Less 0.15. Seller Inventory # G078973804XI5N00
Quantity: 1 available
Seller: ThriftBooks-Reno, Reno, NV, U.S.A.
Paperback. Condition: Good. No Jacket. Pages can have notes/highlighting. Spine may show signs of wear. ~ ThriftBooks: Read More, Spend Less 0.15. Seller Inventory # G078973804XI3N00
Quantity: 1 available
Seller: ThriftBooks-Atlanta, AUSTELL, GA, U.S.A.
Paperback. Condition: Very Good. No Jacket. May have limited writing in cover pages. Pages are unmarked. ~ ThriftBooks: Read More, Spend Less 0.15. Seller Inventory # G078973804XI4N00
Quantity: 1 available
Seller: SecondSale, Montgomery, IL, U.S.A.
Condition: Very Good. Item in very good condition! Textbooks may not include supplemental items i.e. CDs, access codes etc. Seller Inventory # 00074735581
Quantity: 1 available