EXAM CRAM
CompTIA® Security+
SY0-201 Practice Questions Exam Cram, Second Edition
CompTIA® Security+ SY0-201 Practice Questions Exam Cram, Second Edition
Copyright ® 2010 by Pearson Education, Inc.
All rights reserved. No part of this book shall be reproduced, stored in a retrieval system, or transmitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without written permission from the publisher. No patent liability is assumed with respect to the use of the information contained herein. Although every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions. Nor is any liability assumed for damages resulting from the use of the information contained herein.
ISBN-13: 978-0-7897-4258-2
ISBN-10: 0-7897-4258-6
Publisher
Paul Boger
Associate Publisher
David Dusthimer
Acquisitions Editor
Betsy Brown
Senior Development Editor
Christopher Cleveland
Managing Editor
Patrick Kanouse
Technical Editor
Pawan Bhardwaj
Project Editor
Seth Kerney
Copy Editor
Keith Cline
Proofreader
Water Crest Publishing, Inc.
Publishing Coordinator
Vanessa Evans
Multimedia Developer
Dan Scherf
Cover Designer
Gary Adair
Page Layout
Bronkella Publishing LLC
Library of Congress Cataloging-in-Publication data is on file.
Printed in the United States of America
First Printing: October 2009
10 09 08 07 06 4 3 2 1
Trademarks
All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. Pearson cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark.
Warning and Disclaimer
Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied. The information provided is on an “as is” basis. The author and the publisher shall have neither liability nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book or from the use of the CD or programs accompanying it.
Bulk Sales
Que Publishing offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales. For more information, please contact
U.S. Corporate and Government Sales
1-800-382-3419
For sales outside the U.S., please contact
International Sales
Table of Contents
What You Will Find in This Book
Chapter 1: Domain 1.0: Systems Security
Objective 1.1: Differentiate among various systems security threats.
Objective 1.2: Explain the security risks pertaining to system hardware and peripherals.
Objective 1.4: Carry out the appropriate procedures to establish application security.
Objective 1.5: Implement security applications.
Objective 1.6: Explain the purpose and application of virtualization technology.
Objective 1.1: Differentiate among various systems security threats.
Objective 1.2: Explain the security risks pertaining to system hardware and peripherals.
Objective 1.4: Carry out the appropriate procedures to establish application security.
Objective 1.5: Implement security applications.
Objective 1.6: Explain the purpose and application of virtualization technology.
Objective 1.1: Differentiate among various systems security threats.
Objective 1.2: Explain the security risks pertaining to system hardware and peripherals.
Objective 1.4: Carry out the appropriate procedures to establish application security.
Objective 1.5: Implement security applications.
Objective 1.6: Explain the purpose and application of virtualization technology.
Chapter 2: Domain 2.0: Network Infrastructure
Objective 2.2: Distinguish between network design elements and components.
Objective 2.4: Apply the appropriate network tools to facilitate network security.
Objective 2.5: Explain the vulnerabilities and mitigations associated with network devices.
Objective 2.2: Distinguish between network design elements and components.
Objective 2.4: Apply the appropriate network tools to facilitate network security.
Objective 2.5: Explain the vulnerabilities and mitigations associated with network devices.
Objective 2.2: Distinguish between network design elements and components.
Objective 2.4: Apply the appropriate network tools to facilitate network security.
Objective 2.5: Explain the vulnerabilities and mitigations associated with network devices.
Chapter 3: Domain 3.0: Access Control
Objective 3.1: Identify and apply industry best practices for access control methods.
Objective 3.2: Explain common access control models and the differences between each.
Objective 3.4: Apply appropriate security controls to file and print resources.
Objective 3.5: Compare and implement logical access control methods.
Objective 3.6: Summarize the various authentication models and identify the components of each.
Objective 3.7: Deploy various authentication models and identify the components of each.
Objective 3.8: Explain the difference between identification and authentication (identity proofing).
Objective 3.9: Explain and apply physical access security methods.
Objective 3.1: Identify and apply industry best practices for access control methods.
Objective 3.2: Explain common access control models and the differences between each.
Objective 3.3: Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges.
Objective 3.4: Apply appropriate security controls to file and print resources.
Objective 3.5: Compare and implement logical access control methods.
Objective 3.6: Summarize the various authentication models and identify the components of each.
Objective 3.7: Deploy various authentication models and identify the components of each.
Objective 3.8: Explain the difference between identification and authentication (identity proofing).
Objective 3.9: Explain and apply physical access security methods.
Objective 3.1: Identify and apply industry best practices for access control methods.
Objective 3.2: Explain common access control models and the differences between each.
Objective 3.4: Apply appropriate security controls to file and print resources.
Objective 3.5: Compare and implement logical access control methods.
Objective 3.6: Summarize the various authentication models and identify the components of each.
Objective 3.7: Deploy various authentication models and identify the components of each.
Objective 3.8: Explain the difference between identification and authentication (identity proofing).
Objective 3.9: Explain and apply physical access security methods.
Chapter 4: Domain 4.0: Assessments & Audits
Objective 4.1: Conduct risk assessments and implement risk mitigation.
Objective 4.2: Carry out vulnerability assessments using common tools.
Objective 4.4: Use monitoring tools on systems and networks and detect security-related anomalies.
Objective 4.5: Compare and contrast various types of monitoring methodologies.
Objective 4.6: Execute proper logging procedures and evaluate the results.
Objective 4.7: Conduct periodic audits of system security settings.
Objective 4.1: Conduct risk assessments and implement risk mitigation.
Objective 4.2: Carry out vulnerability assessments using common tools.
Objective 4.4: Use monitoring tools on systems and networks and detect security-related anomalies.
Objective 4.5: Compare and contrast various types of monitoring methodologies.
Objective 4.6: Execute proper logging procedures and evaluate the results.
Objective 4.7: Conduct periodic audits of system security settings.
Objective 4.1 Conduct risk assessments and implement risk mitigation.
Objective 4.2: Carry out vulnerability assessments using common tools.
Objective 4.4: Use monitoring tools on systems and networks and detect security-related anomalies.
Objective 4.5: Compare and contrast various types of monitoring methodologies.
Objective 4.6: Execute proper logging procedures and evaluate the results.
Objective 4.7: Conduct periodic audits of system security settings.
Chapter 5: Domain 5.0: Cryptography
Objective 5.1: Explain general cryptography concepts.
Objective 5.4: Explain and implement protocols.
Objective 5.5: Explain core concepts of public key cryptography.
Objective 5.6: Implement PKI and certificate management.
Objective 5.1: Explain general cryptography concepts.
Objective 5.4: Explain and implement protocols.
Objective 5.5: Explain core concepts of public key cryptography.
Objective 5.6: Implement PKI and certificate management.
Objective 5.1: Explain general cryptography concepts.
Objective 5.4: Explain and implement protocols.
Objective 5.5: Explain core concepts of public key cryptography.
Objective 5.6: Implement PKI and certificate management.
Chapter 6: Domain 6.0: Organizational Security
Objective 6.1: Explain redundancy planning and its components.
Objective 6.2: Implement disaster recovery procedures.
Objective 6.3: Differentiate between and execute appropriate incident response procedures.
Objective 6.4: Identify and explain applicable legislation and organizational policies.
Objective 6.5: Explain the importance of environmental controls.
Objective 6.6: Explain the concept of and how to reduce the risks of social engineering.
Objective 6.1: Explain redundancy planning and its components.
Objective 6.2: Implement disaster recovery procedures.
Objective 6.3: Differentiate between and execute appropriate incident response procedures.
Objective 6.4: Identify and explain applicable legislation and organizational policies.
Objective 6.5: Explain the importance of environmental controls.
Objective 6.6: Explain the concept of and how to reduce the risks of social engineering.
Objective 6.1: Explain redundancy planning and its components.
Objective 6.2: Implement disaster recovery procedures.
Objective 6.3: Differentiate between and execute appropriate incident response procedures.
Objective 6.4: Identify and explain applicable legislation and organizational policies.
Objective 6.5: Explain the importance of environmental controls.
Objective 6.6: Explain the concept of and how to reduce the risks of social engineering.
About the Author
Diane Barrett has been involved in the IT industry for about 20 years. She spent 7 years in software development before becoming involved in education, security, and forensics. Currently she is the Faculty Council Chair for the Systems Development Group at the University of Advancing Technology and both develops curriculum and teaches in the Computer Forensics and Network Security programs. In addition, she does contract forensic and security work. Diane belongs to the local chapters of several security user groups, including HTCIA, ISSA, and InfraGard. She holds about 15 industry certifications, including CISSP, ISSMP, and Security+. She has also authored several other security and forensic books. Diane received her master of science degree in computer technology with a specialization in information security from Capella University and is currently working on a Ph.D. in business administration with a specialization in information security.
Acknowledgments
Publishing a book takes the collaboration and teamwork of many individuals. Thanks to everyone involved in this process at Pearson Education, especially Betsy and Chris. To the editorial and technical reviewers, thank you for making sure that my work was sound and on target. Special thanks to my husband for all his support and patience while I worked on this project.
We Want to Hear from You!
As the reader of this book, you are our most important critic and commentator. We value your opinion and want to know what we’re doing right, what we could do better, what areas you’d like to see us publish in, and any other words of wisdom you’re willing to pass our way.
As an Associate Publisher for Pearson, I welcome your comments. You can email or write me directly to let me know what you did or didn’t like about this book—as well as what we can do to make our books better.
Please note that I cannot help you with technical problems related to the topic of this book. We do have a User Services group, however, where I will forward specific technical questions related to the book.
When you write, please be sure to include this book’s title and author as well as your name, email address, and phone number. I will carefully review your comments and share them with the author and editors who worked on the book.
Email: [email protected]
Mail: David Dusthimer
Associate Publisher
Pearson
800 East 96th Street
Indianapolis, IN 46240 USA
Reader Services
Visit our website and register this book at www.examcram.com/register for convenient access to any updates, downloads, or errata that might be available for this book.