Introduction
Welcome to the CompTIA Security+ SY0-201 Cert Guide. The CompTIA Security+ Certification is widely accepted as the first security certification you should attempt to attain in your information technology (IT) career. The CompTIA Security+ Certification is designed to be a vendor-neutral exam that measures your knowledge of industry-standard technologies and methodologies. It acts as a great stepping stone to other vendor-specific certifications and careers. I developed this book to be something you can study from for the exam and keep on your bookshelf for later use as a security resource.
I’d like to note that it’s unfeasible to cover all security concepts in depth in a single book. However, the Security+ exam objectives are looking for a basic level of computer, networking, and organizational security knowledge. Keep this in mind while reading through this text, and remember that the main goal of this text is to help you pass the Security+ exam, not to be the master of all security. Not just yet at least!
Because this is a security book, it is a bit more serious than some of my other texts. This may come as a surprise to some, but levity should be used carefully when dealing with security concepts because too much humor can easily confuse the issue and be taken the wrong way. It is my belief that in this fast-paced world of ever-changing technology, an author needs to get right to the point. I understand that you don’t have unlimited time for study, so you will notice me being blunt in the way I get to the core of concepts. Don’t take offense! This is done by design to aid you in absorbing content quickly.
Good luck as you prepare to take the CompTIA Security+ exam. As you read through this book, you will be building an impenetrable castle of knowledge, culminating in hands-on familiarity and the know-how to pass the exam. If you have any questions while reading through this book, please feel free to ask them at my website: www.davidlprowse.com.
A Note to Instructors
I developed this book not only for the individual reader, but also to work well in the classroom setting. To complement this book, I also designed an instructor guide that can be accessed for free from the following link:
www.pearsonhighered.com/educator
The supplemental instructor guide includes a breakdown of each chapter, a sample lesson plan, and plenty of teaching tips and tricks. You can also find PowerPoint presentations and a test bank of questions available for download. And of course, if you have questions about the guide, please let me know at my website. Good luck in your teaching endeavors!
Goals and Methods
The number one goal of this book is to help you pass the 2008 version of the CompTIA Security+ Certification Exam (number SY0-201). To that effect, I have added three 100-question practice exams with explanations. Two are in the text at the end of the book. A third is located on the accompanying DVD (print version of this book only). These tests are geared to check your knowledge and ready you for the real exam. If you would like to purchase more electronic practice questions, go to www.pearsonitcertification.com/0132303381.
The CompTIA Security+ Certification exam involves familiarity with computer security theory and hands-on know-how. To aid you in mastering and understanding the Security+ Certification objectives, this book uses the following methods:
• Opening topics list—This defines the topics to be covered in the chapter; it also lists the corresponding CompTIA Security+ objective numbers.
• Topical coverage—The heart of the chapter. Explains the topics from a theory-based standpoint, as well as from a hands-on perspective. This includes in-depth descriptions, tables, and figures that are geared to build your knowledge so that you can pass the exam. The chapters are broken down into two to three topics each.
• Key Topics—The Key Topics indicate important figures, tables, and lists of information that you should know for the exam. They are interspersed throughout the chapter and are listed in table format at the end of the chapter.
• Memory Tables and Lists—These can be found on the DVD as Appendix A, “Memory Tables,” and Appendix B, “Memory Tables Answer Key.” Use them to help memorize important information.
• Key Terms—Key terms without definitions are listed at the end of each chapter. See whether you can define them, and then check your work against the complete key term definitions in the glossary.
• Hands-On Labs—There are labs for each chapter (except Chapter 1, “Introduction to Security”). The step-by-step procedures appear at the end of the chapters and corresponding video solutions can be found on the DVD.
• Review Questions—At the end of each chapter is a quiz. The quizzes, and answers with explanations, are meant to gauge your knowledge of the subjects. If an answer to a question doesn’t come readily to you, be sure to review that portion of the chapter.
Another goal of this book is to offer support for you—the reader. I have posted additional practice questions, videos, and errata on my website at the following link: www.davidlprowse.com/secplus. And if you have any questions to ask, you can post them in the “Ask Dave” section. Anyone can view the content on the website, but you must register to post questions. Registration is free; all that is needed is a valid e-mail address that is kept strictly confidential. I try my best to answer questions as soon as possible. On the site you can find some free extras as well. Visit often!
Who Should Read This Book?
This book is for anyone who wants to start or advance a career in IT security. Readers of this book can range from persons taking a Security+ course, to individuals already in the field who want to keep their skills sharp, or perhaps retain their job due to a company policy mandating they take the Security+ exam.
This book is also designed for people who plan on taking additional security-related certifications after the CompTIA Security+ exam. The book is designed in such a way to offer an easy transition to future certification studies.
Although not a prerequisite, it is recommended that CompTIA Security+ candidates have at least two years of technical networking experience with an emphasis on security. The CompTIA Network+ certification is also recommended as a prerequisite. It is expected that you understand computer topics such as how to install operating systems and applications, and networking topics such as how to configure IP, what a VLAN is, and so on. The focus of this book is to show how to secure these technologies and protect against possible exploits and attacks. Generally, for people looking to enter the IT field, the CompTIA Security+ certification is attained after the A+ and Network+ certifications.
Important! If you do not feel that you have the required experience, have never attempted to secure a computer or network, or are new to the IT field, I recommend considering an IT course that covers the CompTIA Security+ objectives. You can choose from plenty of technical training schools, community colleges, and online courses. Use this book with the course and any other course materials you obtain.
CompTIA Security+ Exam Topics
Table I-1 lists the exam topics for the CompTIA Security+ exam. This table lists the chapter in which each exam topic is covered. Chapter 1 is an introductory chapter and as such does not map to any specific exam objectives. Chapter 16 gives strategies for taking the exam and does not map to any specific objectives either.
Table I-1. CompTIA Security+ Exam Topics
