Welcome to the CompTIA Security+ SY0-501 Cert Guide. The CompTIA Security+ Certification is widely accepted as the first security certification you should attempt to attain in your information technology (IT) career. The CompTIA Security+ Certification is designed to be a vendor-neutral exam that measures your knowledge of industry-standard technologies and methodologies. It acts as a great stepping stone to other vendor-specific certifications and careers. I developed this book to be something you can study from for the exam and keep on your bookshelf for later use as a security resource.
I’d like to note that it’s unfeasible to cover all security concepts in depth in a single book. However, the Security+ exam objectives are looking for a basic level of computer, networking, and organizational security knowledge. Keep this in mind while reading through this text, and remember that the main goal of this text is to help you pass the Security+ exam, not to be the master of all security. Not just yet at least!
Good luck as you prepare to take the CompTIA Security+ exam. As you read through this book, you will be building an impenetrable castle of knowledge, culminating in hands-on familiarity and the know-how to pass the exam.
The first thing you should do before you start reading Chapter 1, “Introduction to Security,” is check my website for errata and updated information, and mark those new items in the book. Go to www.davidlprowse.com and then the Security+ section. On my site you will also find videos, bonus test questions, and other additional content. And, of course, you can contact me directly at my website to ask me questions about the book.
The number one goal of this book is to help you pass the SY0-501 version of the CompTIA Security+ Certification Exam. To that effect, I have filled this book and practice exams with more than 600 questions/answers and explanations in total, including three 80-question practice exams. One of the exams is printed at the end of the book, and all exams are located in Pearson Test Prep practice test software in a custom test environment. These tests are geared to check your knowledge and ready you for the real exam.
The CompTIA Security+ Certification exam involves familiarity with computer security theory and hands-on know-how. To aid you in mastering and understanding the Security+ Certification objectives, this book uses the following methods:
Opening topics list: This defines the topics to be covered in the chapter.
Topical coverage: The heart of the chapter. Explains the topics from a theory-based standpoint, as well as from a hands-on perspective. This includes in-depth descriptions, tables, and figures that are geared to build your knowledge so that you can pass the exam. The chapters are broken down into two to three topics each.
Key Topics: The Key Topic icons indicate important figures, tables, and lists of information that you should know for the exam. They are interspersed throughout the chapter and are listed in table format at the end of the chapter.
Key Terms: Key terms without definitions are listed at the end of each chapter. See whether you can define them, and then check your work against the complete key term definitions in the glossary.
Real-World Scenarios: Included in the supplemental online material are real-world scenarios for each chapter. These offer the reader insightful questions and problems to solve. The questions are often open-ended, and can have several different solutions. The online material gives one or more possible solutions and then points to video-based solutions and simulation exercises online to further reinforce the concepts. Refer to these real-world scenarios at the end of each chapter.
Review Questions: These quizzes, and answers with explanations, are meant to gauge your knowledge of the subjects. If an answer to a question doesn’t come readily to you, be sure to review that portion of the chapter. The review questions are also available online.
Practice Exams: There is one practice exam printed at the end of the book, and additional exams included in the Pearson Test Prep practice test software. These test your knowledge and skills in a realistic testing environment. Take these after you have read through the entire book. Master one, then move on to the next. Take any available bonus exams last.
Another goal of this book is to offer support for you, the reader. Again, if you have questions or suggestions, please contact me through my website: www.davidlprowse.com. I try my best to answer your queries as soon as possible.
This book is for anyone who wants to start or advance a career in computer security. Readers of this book can range from persons taking a Security+ course to individuals already in the field who want to keep their skills sharp, or perhaps retain their job due to a company policy mandating they take the Security+ exam. Some information assurance professionals who work for the Department of Defense or have privileged access to DoD systems are required to become Security+ certified as per DoD directive 8570.1.
This book is also designed for people who plan on taking additional security-related certifications after the CompTIA Security+ exam. The book is designed in such a way to offer an easy transition to future certification studies.
Although not a prerequisite, it is recommended that CompTIA Security+ candidates have at least two years of IT administration experience with an emphasis on security. The CompTIA Network+ certification is also recommended as a prerequisite. Before you begin your Security+ studies, it is expected that you understand computer topics such as how to install operating systems and applications, and networking topics such as how to configure IP, what a VLAN is, and so on. The focus of this book is to show how to secure these technologies and protect against possible exploits and attacks. Generally, for people looking to enter the IT field, the CompTIA Security+ certification is attained after the A+ and Network+ certifications.
If you haven’t downloaded the Security+ certification exam objectives, do it now from CompTIA’s website: https://certification.comptia.org/. Save the PDF file and print it out as well. It’s a big document—review it carefully. Use the exam objectives list and acronyms list to aid in your studies while you use this book.
The following two tables are excerpts from the exam objectives document. Table I-1 lists the CompTIA Security+ domains and each domain’s percentage of the exam.
Table I-1 CompTIA Security+ Exam Domains
|Domain||Exam Topic||% of Exam|
|1.0||Threats, Attacks and Vulnerabilities||21%|
|2.0||Technologies and Tools||22%|
|3.0||Architecture and Design||15%|
|4.0||Identity and Access Management||16%|
|6.0||Cryptography and PKI||12%|
The Security+ domains are then further broken down into individual objectives. To achieve better flow and to present the topics in more of a building-block approach, I rearranged the concepts defined in the objectives. This approach is designed especially for people who are new to the computer security field.
Table I-2 lists the CompTIA Security+ exam objectives and their related chapters in this book. It does not list the bullets and sub-bullets for each objective.
Chapter 19 gives strategies for taking the exam and therefore does not map to any specific objectives.
Table I-2 CompTIA Security+ Exam Objectives
|1.1 Given a scenario, analyze indicators of compromise and determine the type of malware.||2, 13|
|1.2 Compare and contrast types of attacks.||7, 9, 14, 17|
|1.3 Explain threat actor types and attributes.||1, 17|
|1.4 Explain penetration testing concepts.||12|
|1.5 Explain vulnerability scanning concepts.||12|
|1.6 Explain the impact associated with types of vulnerabilities.||5, 12|
|2.1 Install and configure network components, both hardware- and software-based, to support organizational security.||6, 8, 10, 13, 15|
|2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization.||13, 14, 18|
|2.3 Given a scenario, troubleshoot common security issues.||10, 11, 17|
|2.4 Given a scenario, analyze and interpret output from security technologies.||3, 4, 8|
|2.5 Given a scenario, deploy mobile devices securely.||3, 6, 9|
|2.6 Given a scenario, implement secure protocols.||6, 7, 13|
|3.1 Explain use cases and purpose for frameworks, best practices and secure configuration guides.||12, 18|
|3.2 Given a scenario, implement secure network architecture concepts.||6, 7, 9, 10, 13|
|3.3 Given a scenario, implement secure systems design.||3, 4|
|3.4 Explain the importance of secure staging deployment concepts.||5, 12|
|3.5 Explain the security implications of embedded systems.||3, 4, 18|
|3.6 Summarize secure application development and deployment concepts.||5|
|3.7 Summarize cloud and virtualization concepts.||4, 6|
|3.8 Explain how resiliency and automation strategies reduce risk.||12, 16|
|3.9 Explain the importance of physical security controls.||10|
|4.1 Compare and contrast identity and access management concepts.||10|
|4.2 Given a scenario, install and configure identity and access services.||10|
|4.3 Given a scenario, implement identity and access management controls.||10, 11|
|4.4 Given a scenario, differentiate common account management practices.||11|
|5.1 Explain the importance of policies, plans and procedures related to organizational security.||18|
|5.2 Summarize business impact analysis concepts.||16|
|5.3 Explain risk management processes and concepts.||12, 18|
|5.4 Given a scenario, follow incident response procedures.||18|
|5.5 Summarize basic concepts of forensics.||18|
|5.6 Explain disaster recovery and continuity of operation concepts.||16|
|5.7 Compare and contrast various types of controls.||1, 12|
|5.8 Given a scenario, carry out data security and privacy practices.||18|
|6.1 Compare and contrast basic concepts of cryptography.||14|
|6.2 Explain cryptography algorithms and their basic characteristics.||14|
|6.3 Given a scenario, install and configure wireless security settings.||9, 10|
|6.4 Given a scenario, implement public key infrastructure.||15|
Register this book to get access to the Pearson Test Prep practice test software and other study materials plus additional bonus content. Check this site regularly for new and updated postings written by the author that provide further insight into the more troublesome topics on the exam. Be sure to check the box that you would like to hear from us to receive updates and exclusive discounts on future editions of this product or related products.
To access this companion website, follow these steps:
1. Go to www.pearsonitcertification.com/register and log in or create a new account.
2. On your Account page, tap or click the Registered Products tab, and then tap or click the Register Another Product link.
3. Enter this book’s ISBN (9780134846057).
4. Answer the challenge question as proof of book ownership.
5. Tap or click the Access Bonus Content link for this book to go to the page where your downloadable content is available.
Please note that many of our companion content files can be very large, especially image and video files.
If you are unable to locate the files for this title by following the preceding steps, please visit http://www.pearsonitcertification.com/contact and select the “Site Problems/Comments” option. Our customer service representatives will assist you.
To access, you must first redeem your digital product voucher found on the card in the cardboard sleeve. To do so, follow these steps:
1. Log in to your Pearson IT Certification account as referenced above.
2. On your Account page, find the Digital Product Voucher box at the top of the right column.
3. Type in your digital product voucher code found on the card, and click Submit.
Codes are one-time use and may not be shared.
4. The products and download link will now be listed under Digital Purchases on your Account page. Click the “refresh” links to generate your eBook files for download.
Use the access code to unlock and download the Premium Edition practice exams in the Pearson Test Prep practice test software, as described in the following sections.
As noted previously, this book comes complete with the Pearson Test Prep practice test software containing five full exams. These practice tests are available to you either online or as an offline Windows application. To access the practice exams that were developed with this book, please see the instructions in the card inserted in the sleeve in the back of the book. This card includes a unique access code that enables you to activate your exams in the Pearson Test Prep software.
The cardboard sleeve in the back of this book includes a piece of paper. The paper lists the activation code for the practice exams associated with this book. Do not lose the activation code.
The online version of this software can be used on any device with a browser and connectivity to the Internet including desktop machines, tablets, and smartphones. To start using your practice exams online, simply follow these steps:
1. Go to www.PearsonTestPrep.com and select Pearson IT Certification as your product group.
2. Enter your email/password for your account. If you do not have an account on PearsonITCertification.com or CiscoPress.com, you will need to establish one by going to PearsonITCertification.com/join.
3. On the My Products tab, tap or click the Activate New Product button.
4. Enter this book’s activation code and click Activate.
5. The product will now be listed on your My Products tab. Tap or click the Exams button to launch the exam settings screen and start your exam.
If you wish to study offline, you can download and install the Windows version of the Pearson Test Prep software. There is a download link for this software on the book’s companion website, or you can just enter this link in your browser:
To access the book’s companion website and the software, simply follow these steps:
1. Register your book by going to http://www.pearsonitcertification.com/register and entering the ISBN: 9780134846057.
2. Respond to the challenge questions.
3. Go to your account page and select the Registered Products tab.
4. Click the Access Bonus Content link under the product listing.
5. Click the Install Pearson Test Prep Desktop Version link under the Practice Exams section of the page to download the software.
6. Once the software finishes downloading, unzip all the files on your computer.
7. Double-click the application file to start the installation, and follow the onscreen instructions to complete the registration.
8. Once the installation is complete, launch the application and click the Activate Exam button on the My Products tab.
9. Click the Activate a Product button in the Activate Product Wizard.
10. Enter the unique access code found on the card in the sleeve in the back of your book and click the Activate button.
11. Click Next and then the Finish button to download the exam data to your application.
12. You can now start using the practice exams by selecting the product and clicking the Open Exam button to open the exam settings screen.
Note that the offline and online versions will synch together, so saved exams and grade results recorded on one version will be available to you on the other as well.
Once you are in the exam settings screen, you can choose to take exams in one of three modes:
Practice Exam Mode
Flash Card Mode
Study Mode allows you to fully customize your exams and review answers as you are taking the exam. This is typically the mode you would use first to assess your knowledge and identify information gaps. Practice Exam Mode locks certain customization options, as it is presenting a realistic exam experience. Use this mode when you are preparing to test your exam readiness. Flash Card Mode strips out the answers and presents you with only the question stem. This mode is great for late-stage preparation when you really want to challenge yourself to provide answers without the benefit of seeing multiple-choice options. This mode will not provide the detailed score reports that the other two modes will, so it should not be used if you are trying to identify knowledge gaps.
In addition to these three modes, you will be able to select the source of your questions. You can choose to take exams that cover all of the chapters or you can narrow your selection to just a single chapter or the chapters that make up specific parts in the book. All chapters are selected by default. If you want to narrow your focus to individual chapters, simply deselect all the chapters then select only those on which you wish to focus in the Objectives area.
You can also select the exam banks on which to focus. Each exam bank comes complete with a full exam of questions that cover topics in every chapter. The exam printed in the book is available to you as well as two additional exams of unique questions. You can have the test engine serve up exams from all banks or just from one individual bank by selecting the desired banks in the exam bank area.
There are several other customizations you can make to your exam from the exam settings screen, such as the time of the exam, the number of questions served up, whether to randomize questions and answers, whether to show the number of correct answers for multiple-answer questions, or whether to serve up only specific types of questions. You can also create custom test banks by selecting only questions that you have marked or questions on which you have added notes.
If you are using the online version of the Pearson Test Prep software, you should always have access to the latest version of the software as well as the exam data. If you are using the Windows desktop version, every time you launch the software, it will check to see if there are any updates to your exam data and automatically download any changes that were made since the last time you used the software. This requires that you are connected to the Internet at the time you launch the software.
Sometimes, due to many factors, the exam data may not fully download when you activate your exam. If you find that figures or exhibits are missing, you may need to manually update your exams.
To update a particular exam you have already activated and downloaded, simply select the Tools tab and click the Update Products button. Again, this is only an issue with the desktop Windows application.
If you wish to check for updates to the Pearson Test Prep exam engine software, Windows desktop version, simply select the Tools tab and click the Update Application button. This will ensure you are running the latest version of the software engine.