CompTIA Security+ - Softcover

Diane Barrett is a professor in the Network Security and Computer Forensics programs at the University of Advancing Technology. She has authored several security and forensic books. Diane belongs to the local chapters of several security user groups, including HTCIA and InfraGard. She was also a volunteer for ISSA’s (Information Systems Audit and Control Association) Generally Accepted Information Security Principles (GAISP) in the Ethical Practices Working Group. She holds about 15 industry certifications, including CISSP, ISSMP, and Security+. Diane received her master’s of science degree in computer technology, with a specialization in information security, from Capella University.

Kalani K. Hausman, CISSP, CISA, CISM, GHSC, is an author, teacher, and information technology implementer with more than 20 years’ experience specializing in IT governance, enterprise architecture, regulatory compliance, and enterprise security management. His experience includes medium to large-scale globally deployed networks in governmental, higher-education, health-care, and corporate settings. He is active within the FBI InfraGard, Information Systems Audit and Control Association (ISACA) and ISSA and is currently employed as the Assistant Commandant for IT at Texas A&M University.

Martin Weiss is a manager of information security gurus at RSA, The Security Division of EMC, helping organizations accelerate their business by solving their most complex and sensitive security challenges. He is also on the board of directors for the Connecticut chapter of ISSA and has authored several other books. He holds several certifications, including Security+, CISSP, MCSE: Security, and RSA CSE. Marty received his MBA from the Isenberg School of Management at the University of Massachusetts and currently lives in New England with his wife and three sons. Marty can be reached at marty.weiss@gmail.com.

Introduction

Welcome to CompTIA Security+ Exam Cram, Second Edition. Whether this book is your first or your fifteenth Exam Cram series book, you’ll find information here that will help ensure your success as you pursue knowledge, experience, and certification. This book aims to help you get ready to take and pass the CompTIA Security+ exam, number SY0-201.

This introduction explains CompTIA’s certification programs in general and talks about how the Exam Cram series can help you prepare for CompTIA’s latest certification exams. Chapters 1 through 12 are designed to remind you of everything you need to know to pass the SY0-201 certification exam. The two practice exams at the end of this book should give you a reasonably accurate assessment of your knowledge; and, yes, we’ve provided the answers and their explanations for these practice exams. Read this book, understand the material, and you’ll stand a very good chance of passing the real test.

Exam Cram books help you understand and appreciate the subjects and materials you need to know to pass CompTIA certification exams. Exam Cram books are aimed strictly at test preparation and review. They do not teach you everything you need to know about a subject. Instead, the authors streamline and highlight the pertinent information by presenting and dissecting the questions and problems they’ve discovered that you’re likely to encounter on a CompTIA test.

Nevertheless, to completely prepare yourself for any CompTIA test, we recommend that you begin by taking the “Self-Assessment” that immediately follows this introduction. The self-assessment tool will help you evaluate your knowledge base against the requirements for the CompTIA Security+ exam under both ideal and real circumstances. This can also be the first step in earning more advanced security certifications.

Based on what you learn from the self-assessment, you might decide to begin your studies with classroom training or some background reading. On the other hand, you might decide to pick up and read one of the many study guides available from Que or a third-party vendor.

We also strongly recommend that you spend some time installing, configuring, and working with both Windows and UNIX or Linux operating systems to patch and maintain them for the best and most current security possible because the Security+ exam focuses on such activities and the knowledge and skills they can provide for you. Nothing beats hands-on experience and familiarity when it comes to understanding the questions you’re likely to encounter on a certification test. Book learning is essential, but without doubt, hands-on experience is the best teacher of all!

The CompTIA Certification Program

The Computing Technology Industry Association (http://www.comptia.org) offers numerous IT certifications, primarily aimed at entry- and intermediate-level IT professionals. Here is a list of some other relevant CompTIA certifications, briefly annotated to document their possible relevance to Security+:

• A+: An exam that tests basic PC hardware and software installation, configuration, diagnosing, preventive maintenance, and basic networking. This two-part exam also covers security, safety, environmental issues, communication, and professionalism. This exam is an excellent prequalifier for those interested in Security+ who might have little or no PC or computing skills or knowledge. For more information about this exam, see http://certification.comptia.org/a/default.aspx.
• Network+: An exam that tests basic and intermediate networking skills and knowledge, including hardware, drivers, protocols, and troubleshooting topics. This exam is an excellent prequalifier for those interested in Security+ who have little or no networking skills or knowledge. For more information about this exam, go to http://certification.comptia.org/network/default.aspx.
• Server+: An exam that tests server knowledge and capabilities, including RAID, SCSI, multiple CPUs, and disaster recovery. This exam is an excellent prequalifier for those interested in Security+ who have little or no server environment skills or knowledge. For more information about this exam, go to http://certification.comptia.org/server/default.aspx.
• Linux+: An exam that tests knowledge and management of Linux systems via command line, user administration, file permissions, software configurations, Linux-based clients, server systems, and security. For more information about this exam, go to http://certification.comptia.org/linux/default.aspx.

The CompTIA exams are all vendor- and platform-neutral, which means they primarily test general skills and knowledge, instead of focusing on vendor or product specifics. Therefore, they offer certification candidates a chance to demonstrate necessary general abilities relevant in most workplaces. (This explains why employers generally look at CompTIA certifications favorably.)

Because CompTIA changes their website often, the URLs listed above might not work in the future. You should use the Search tool on CompTIA’s site to find more information about a particular certification.

Taking a Certification Exam

After you prepare for your exam, you need to register with a testing center. At the time of this writing, the cost to take the Security+ exam is $258 for individuals. CompTIA Corporate Members receive discounts on nonmember pricing. For more information about these discounts, a local CompTIA sales representative can provide answers to any questions you might have. If you don’t pass, you can take the exam again for the same cost as the first attempt, for each attempt until you pass. In the United States and Canada, tests are administered by Prometric or VUE. Here’s how you can contact them:

• Prometric—You can sign up for a test through the company’s website, http://securereg3.prometric.com/. Within the United States and Canada, you can register by phone at 800-755-3926. If you live outside this region, check the Prometric website for the appropriate phone number.
• Pearson VUE—You can contact Virtual University Enterprises (VUE) to locate a nearby testing center that administers the test and to make an appointment. You can find the sign-up web page for the exam itself at http://www.vue.com/comptia/. You can also use this web page (click the Contact button, click the View Telephone Directory by Sponsor link, and then click CompTIA) to obtain a telephone number for the company (in case you can’t or don’t want to sign up for the exam on the web page).

To sign up for a test, you must possess a valid credit card or contact either Prometric or Vue for mailing instructions to send a check (in the United States). Only after payment has been verified, or a check has cleared, can you actually register for a test.

To schedule an exam, you need to call the appropriate phone number or visit the Prometric or Vue website at least one day in advance. To cancel or reschedule an exam in the United States or Canada, you must call before 3 p.m. Eastern time the day before the scheduled test time (or you might be charged, even if you don’t show up to take the test). When you want to schedule a test, you should have the following information ready:

• Your name, organization, and mailing address.
• Your CompTIA test ID. (In the United States, this means your Social Security number; citizens of other countries should call ahead to find out what type of identification number is required to register for a test.)
• The name and number of the exam you want to take.
• A payment method. (As mentioned previously, a credit card is the most convenient method; alternative means can be arranged in advance, if necessary.)

After you sign up for a test, you are told when and where the test is scheduled. You should arrive at least 15 minutes early. To be admitted into the testing room, you must supply two forms of identification, one of which must be a photo ID.

Tracking Certification Status

After you pass the exam, you are certified. Official certification is normally granted after six to eight weeks, so you shouldn’t expect to get your credentials overnight. The package for official certification that arrives includes a Welcome Kit that contains a number of elements. (See CompTIA’s website for other benefits of specific certifications.)

• A certificate suitable for framing, along with a wallet card.
• A license to use the related certification logo, which means you can use the logo in advertisements, promotions, and documents, and on letterhead, business cards, and so on. Along with the license comes a logo sheet, which includes camera-ready artwork. (Note that before you use any of the artwork, you must sign and return a licensing agreement that indicates you’ll abide by its terms and conditions.)

Many people believe that the benefits of certification go well beyond the perks that CompTIA provides to new members of this elite group. We’re starting to see more job listings that request or require applicants to have CompTIA and other related certifications, and many individuals who complete CompTIA certification programs can qualify for increases in pay and responsibility. As an official recognition of hard work and broad knowledge, a certification credential is a badge of honor in many IT organizations.

About This Book

We’ve structured the topics in this book to build on one another. Therefore, some topics in later chapters make the most sense after you’ve read earlier chapters. That’s why we suggest that you read this book from front to back for your initial test preparation. If you need to brush up on a topic or if you have to bone up for a second try, you can use the index or table of contents to go straight to the topics and questions that you need to study. Beyond helping you prepare for the test, we think you’ll find this book useful as a tightly focused reference to some of the most important aspects of the Security+ certification.

Chapter Format and Conventions

Each topical Exam Cram chapter follows a regular structure and contains graphical cues about important or useful information. Here’s the structure of a typical chapter:

• Opening hotlists—Each chapter begins with a list of the terms, tools, and techniques that you must learn and understand before you can be fully conversant with that chapter’s subject matter. The hotlists are followed with one or two introductory paragraphs to set the stage for the rest of the chapter.
• Topical coverage—After the opening hotlists and introductory text, each chapter covers a series of topics related to the chapter’s subject. Throughout that section, we highlight topics or concepts that are likely to appear on a test, using a special element called an Exam Alert:

Warning - This is what an alert looks like. Normally, an alert stresses concepts, terms, software, or activities that are likely to relate to one or more certification test questions. For that reason, we think any information in an alert is worthy of extra attentiveness on your part.

Pay close attention to material flagged in Exam Alerts; although all the information in this book pertains to what you need to know to pass the exam, Exam Alerts contain information that is really important. Of course, you need to understand the “meat” of each chapter, too, when preparing for the test. Because this book’s material is condensed, we recommend that you use this book along with other resources to achieve the maximum benefit.

In addition to the alerts, we provide tips and notes to help you build a better foundation for security knowledge. Although the tip information might not be on the exam, it is certainly related and will help you become a better-informed test taker.

Tip - This is how tips are formatted. Keep your eyes open for these, and you’ll become a Security+ guru in no time!

Note - This is how notes are formatted. Notes direct your attention to important pieces of information that relate to the CompTIA Security+ certification.

• Exam prep questions—Although we talk about test questions and topics throughout this book, the section at the end of each chapter presents a series of mock test questions and explanations of both correct and incorrect answers.
• Details and resources—Every chapter ends with a section that provides direct pointers to CompTIA and third-party resources that offer more information about the chapter’s subject. That section also tries to rank or at least rate the quality and thoroughness of the topic’s coverage by each resource. If you find a resource you like in that collection, you should use it; don’t feel compelled to use all the resources. On the other hand, we recommend only resources that we use on a regular basis, so none of our recommendations will be a waste of your time or money. (However, purchasing them all at once probably represents an expense that many network administrators and CompTIA certification candidates might find hard to justify.)

Although the bulk of this book follows this chapter structure just described, we want to point out a few other elements:

• “Practice Exam 1” and “Practice Exam 2” and the answer explanations provide good reviews of the material presented throughout the book to ensure that you’re ready for the exam.
• The Glossary defines important terms used in this book.
• The tear-out Cram Sheet attached next to the inside front cover of this book represents a condensed collection of facts and tips that we think are essential for you to memorize before taking the test. Because you can dump this information out of your head onto a sheet of paper just before taking the exam, you can master this information by brute force; you need to remember it only long enough to write it down when you walk into the testing room. You might even want to look at it in the car or in the lobby of the testing center just before you walk in to take the exam.
• The MeasureUp Practice Tests CD-ROM that comes with each Exam Cram and Exam Prep book features a powerful, state-of-the-art test engine that prepares you for the actual exam. MeasureUp Practice Tests are developed by certified IT professionals and are trusted by certification students around the world. For more information, visit http://www.measureup.com.

Exam Topics

Table I-1 lists the skills measured by the SY0-201 exam and the chapter in which the topic is discussed. Some topics are covered in other chapters, too.

Table I-1  CompTIA SY0-201 Exam Topics